New ISIS Cyber Campaign Announced as Supporters Share U.S. Flaws

A group operating under ISIS’ hacking division announced in a Friday statement a new campaign “to destroy your websites, your devices and your data,” while an ISIS supporters’ IT help desk highlighted a Senate report revealing cybersecurity failures and vulnerabilities at several government agencies.

At the beginning of the year, the new Caliphate Cyber Shield was announced as “an extension of the United Cyber Caliphate (UCC).” In March, Kim Anh Vo, 20, of Hephzibah, Ga., was arrested on allegations that she joined the UCC in 2016 and disseminated propaganda including “kill lists” with mass quantities of personal identifying information on Americans. In 2018, the UCC threatened to kill gray-hat #OpISIS hackers, including Anonymous hacktivists, who had been waging a lengthy online campaign to take down ISIS social media accounts and websites; the UCC claimed in the threat that “you know very well that your strongest branch has joined us.”

The CCS founding statement pledged allegiance to Abu Bakr al-Baghdadi and declared the launch of “your brothers in the shield of the electronic caliphate (CCS) to start work for the sake of Allah and support his religion.”

Last week’s CCS message distributed in ISIS forums announced “a new phase of our struggle, and of the history of the cyber warfare.”

“We penetrate the accounts of the soldiers and officers of the Rafidha [Shiites], the Crusaders, the Jews and the murtaddin [apostates], and collect their data. We penetrate websites that Allah makes easy for us to penetrate. We monitor and allure infiltrated spies to able to hack their accounts and warn Muslims from them and the files they publish, as well as spreading the security awareness and explain some of the secret methods used by the Crusader coalition to spy on supporters and follow them, whatever you have mobilized against us, the enemies of God,” the statement declared.

“O enemies of Allah, no matter how much you gather against us, no matter how many you killed and captured of us, Almighty Allah will replace them with whom are harder than us on you,” CCS continued. “We are but a small part of the army, which will be prepared by the Islamic State to destroy your websites, your devices and your data, by Allah’s permission. We bring glad tidings of what [is] yet to harm you, for the best outcome is for the pious.”

Separately, the latest cybersecurity bulletin from the Electronic Horizon Foundation led with the story on a 10-year review of cybersecurity compliance flaws at the departments of Homeland Security, State, Transportation, Housing and Urban Development, Agriculture, Health and Human Services, and Education, as well as the Social Security Administration.

The bipartisan report from the Senate Homeland Security and Governmental Affairs Permanent Subcommittee on Investigations found during a 10-month investigation that the agencies failed to comply with basic cybersecurity protocols and seven of the eight left Americans’ personally identifiable information vulnerable. “After a decade of negligence, our federal agencies have failed at implementing basic cybersecurity practices, leaving classified, personal, and sensitive information unsafe and vulnerable to theft,” said Chairman Rob Portman (R-Ohio). “The federal government can, and must, do a better job of shoring up our defenses against the rising cybersecurity threats.”

The EHF weekly tech bulletin also featured stories on Facebook handing over data on hate speech suspects to French courts, an Android spyware campaign in the Middle East that spread through Telegram and WhatsApp (both favored ISIS platforms), and vulnerabilities in iPhone apps and Microsoft Word.

Two weeks ago, the EHF — which launched in January 2016 as an IT help desk of sorts to walk ISIS supporters through how to encrypt their communications and otherwise avoid detection online while coordinating with and recruiting jihadists — highlighted the vulnerability of some million devices to the “BlueKeep” Microsoft flaw dubbed “potentially wormable” by the National Security Agency.

“It is time to face the electronic surveillance, educate the mujahideen about the dangers of the Internet, and support them with the tools, directives and security explanations to protect their electronic security, so that they don’t commit security mistakes that can lead to their bombardment and killing,” the group said in its founding announcement.

The EHF has since released a series of print and video tutorials covering a range of mobile security and dark web how-tos.

Last year, the group began distributing the weekly “Tech News Bulletin” including “the most important cyber security news.”

Source: Hstoday.us

Powered by NewsAPI.org

Keywords:

Islamic State of Iraq and the Levant • Cyber campaign • Software bug • Islamic State of Iraq and the Levant • Hacker culture • Website • Data • Islamic State of Iraq and the Levant • Help desk • Computer security • Vulnerability (computing) • Caliphate • Cyberwarfare • Caliphate • Unified combatant command • Hephzibah, Georgia • United Church of Christ • Propaganda • User-generated content • Grey hat • Security hacker • Anonymous (group) • Hacktivism • Protest • Islamic State of Iraq and the Levant • Social media • User (computing) • Website • User-generated content • ACM Computing Classification System • Abu Bakr al-Baghdadi • Caliphate • Allah • Religion • ACM Computing Classification System • Islamic State of Iraq and the Levant • Cyberwarfare • Rafida • Shia Islam • Crusades • Jews • Apostasy • Allah • Attractiveness • Espionage • Muslim • Crusades • God • Allah • God • Allah • Islamic State of Iraq and the Levant • God in Islam • Computer security • Computer security • United States Department of Homeland Security • United States Department of Housing and Urban Development • United States House Committee on Agriculture • United States Department of Health and Human Services • Education in the United States • Social Security Administration • Bipartisanship • Congressional Research Service reports • United States Senate • United States Senate Committee on Homeland Security and Governmental Affairs • United States Senate Homeland Security Permanent Subcommittee on Investigations • Computer security • Personally identifiable information • Vulnerability (computing) • Computer security • Chairman of the Joint Chiefs of Staff • Rob Portman • Ohio • Federal government of the United States • Computer security • Facebook • Hate speech • French language • Android (operating system) • Spyware • Middle East • Telegraphy • WhatsApp • Islamic State of Iraq and the Levant • Vulnerability (computing) • IPhone • Microsoft Word • Help desk • Islamic State of Iraq and the Levant • Internet • Microsoft • National Security Agency • Surveillance • Mujahideen • Risk • Internet • Military logistics • Security • Security • Security • Mobile security • Dark web • Computer security •