ICT Cyber-Desk Review: Report #9

Download Full Report

This report covers the period of April - June 2014, the report covers two main subjects: cyber-terrorism (offensive, defensive, and the media, and the main topics of jihadist discourse); and cyber-crime, whenever and wherever it is linked to jihad (funding, methods of attack).

The following are among the issues covered in this report:

• In addition to the intense activity on social media and networks, Al-Nusra al-Maqdisiyya lil-Dawla, a Palestinian organization identified as a supporter of the Islamic State launched an application named Fajr al-Bashair, “the first jihadist application, an application that provides news and updates regarding the Islamic State in the Android store – Google Play”.
   
• The Technical Committee of the Markaz al-Fajr jihadist media institution published a computer software titled, “The Mujahid’s Protection” for the Android device. According to the committee, this software is intended to provide secure browsing and an encrypted connection between jihad fighters.
   
• Various hacker groups in the Arab world continue to distribute guidebooks, translated into Arabic, on issues of defense (encryption and security software, creating aliases on social networks, etc.) and attack (instructions for carrying out defacement attacks using XSS, LFI, SQL Injection, etc.).
   
• An overview of groups in the cyber arena, including Anonymous4Palestine, Syrian Revolution Soldiers, SEA, and the European Cyber Army, as well as the activities of the group, Anonymous, against various targets.
   
• An analysis of several incidents in which Trojan Horse malware was sent via email as part of an attack focused on Israeli users. The emails that were sent impersonated topical and recent news items in order to deceive the end user.
   
• A case study regarding OpIsrael 2014, which was launched in the beginning of April 2014, during which various hacker groups attacked civilian and government targets in Israel for various purposes, including disabling sites and services, leaking information or damaging information systems. The review includes a presentation of the attacks that were successful as well as false reports of attacks.