Download full publication
Cyber Report no. 25 by the International Institute for Counter-Terrorism (ICT) reviewed the prominent uses made of cyberspace by terrorist organizations and their supporters in December 2017. This is not an exhaustive list but rather an identification of the main trends as they arose from the field, and their analysis is divided into five areas.
1. In the operational domain, jihadist organizations continued to use cyberspace for a variety of needs, the most prominent among them being propaganda and financing. The dissemination of propaganda on social networks continued as usual during this period, while the financial aspect showed a drastic trend of the increased use of digital currency.
2. In the defensive domain of terrorists in cyberspace, there was no significant innovation. The trend of distributing content on issues of security and encryption, privacy and anonymity, warnings against phishing, and the safe use of mobile devices continued; most of the publications consisted of recycled content that was observed and documented over the past year, mainly through the Telegram channels of the “Electronic Afaq Horizons” institution.
3. domain offensive the In, the following stood out during the period under review: Caliphate Cyber Ghosts, which is associated with the Islamic State (IS) and hacker groups supported/directed by Iran. In addition, the third issue of the magazine, Kybernetiq, which is distributed by global jihad supporters and dedicated entirely to cyber-terrorism, was published. Terrorist organizations continued their efforts to improve their offensive capabilities, but theyhave not yet been fully developed.
4. In the domain between cyber-crime and cyber-terrorism, there was a trend of hacker groups operating under state direction – the main players being Russia, Iran and North Korea. While the attacks by Russia and Iran were aimed at espionage and intelligence gathering, North Korea launched cyber-attacks for economic gain. At the same time, there was an apparent trend of high-level data security risk stemming from the employment of subcontractors in criticalprojects/areas.
5. Coping with cyber-attacks, both crime-based and terrorism-based, requires global cooperation and out-of-the-box thinking. The countermeasures used are law and order, including regulation and prosecution for oversights/crimes occurring in the area, primarily for economic crime; setting a policy of refusing to negotiate with cyber-criminals; financing R&D projects of 3 technological solutions designed to make it harder for attackers; promoting cooperation between the private sector and the government sector.