IS’s cyber division, Cyber Caliphate, first attracted notoriety last fall when it was reported that the group was recruiting hackers to attack Western institutions. Earlier this year, the group successfully hacked United States Central Command’s Twitter and YouTube accounts.
In its report, Group-IB identifies three additional IS hacker groups, called “Team System Dz,” “FallaGa Team” and “Global Islamic Caliphate.” There are more than 40 people in these groups, according to Group-IB, and they have been participating in attacks on Russian resources since last fall.
“Despite our good protection from very complicated, but predictable threats, I think, Russian Internet security services and Russian companies shouldn't undervalue ISIL capabilities, as their attacks are out of any logic and aimed to the maximum social resonance,” said Group-IB co-founder and CEO Ilya Sachkov, using an alternative acronym for the terror organization.
In addition to the targets listed above, victims of the attacks also include Russian plants, construction companies and scientific centers.
Currently, the terrorist group’s cyber divisions primarily perpetrate mass breaches of sites or targeted attacks of the popular Internet resources for publishing their slogans with immediate shares in social networks Twitter and Facebook, according to Group-IB.
In the CENTCOM hack, Cyber Caliphate posted pro-IS tweets and released the personal information of several retired generals, including home addresses and private e-mails.
Group-IB specialists also believe that Russian and English forums and malware trade platforms could become potential targets for IS hackers, as there are tools and instructions for sale, as well as access to banking and electronic payment systems.
“Considering the growth of the number of members in ISIL cyber divisions, their training and fanaticism, there's a risk of transition from the comparable easy attacks by ISIL hackers to more complicated, including critical infrastructure and industrial systems threats,” Sachkov said.