IT'S WAR: Hacktivists throw in their lot with spies and the military

Opportunity knocks

Russian and English-language cyber-crime forums and malware trading platforms may become a point of interest for ISIS hackers, who may in future expand their ambitions towards launching more damaging attacks.

"Considering the growth of the number of members in ISIL cyber divisions, their training and fanaticism, there's a risk of transition from the comparably easy attacks by ISIL hackers to more complicated ones, including critical infrastructure and industrial systems threats," Sachkov warned.

Group-IB's assessment is not shared by the majority of security firms, most of which are inclined to downplay the current capabilities and future threat of ISIS.

Guillaume Lovet, senior threat response manager at Fortinet, commented: "There is no evidence at all that ISIS has started to build or will ever build an operational cyber-terrorism unit with consequent financial and material back-up. The evidence so far only points at isolated, loosely affiliated cells, with little or no back-up."

Dahema Gordon, an intelligence analyst at security intelligence firm Centient, which specialises in monitoring the so-called dark net, argues that Salafist Jihadi hackers don't need to be elite in order to further their objectives.

"It is relatively true to suggest that the cyber capabilities of groups such as ISIS, Boko Haram, Al-Qaeda and al-Shabaab are poor," Gordon comments. "However, it might not be the groups’ intent to take down cyber networks, banking systems etc. They are probably very well aware that they lack the skills to do so. Instead, they are only trying to instil fear in companies/governments and sometimes that is enough to set off panic within the affected industry or country. That in itself might be ‘job done’ for the hackers."

Big Data

Other experts caution that it would be unwise to focus only on ISIS-affiliated and other Salafist jihadis.

Crime analytics firm Wynyard Group said that a new generation of terrorist groups is utilising social networks as a command-and-control platform to propagandise, recruit and radicalise followers from around the world.

"Understanding who poses a risk and who is at risk in the new world of terror is a key real-world challenge facing under-resourced governments, intelligence and law enforcement agencies," a spokeswoman for the firm explained. "To quickly find persons of interest from large volumes of data from numerous sources – including existing evidence and open source data from websites, news feeds, chat rooms, blogs and social media – is not easy."

Cyber-attack statistics put together by website Hackmageddon suggest that hacktivism remains flat, but cyber-crime continues to rise. "The issue is that hacktivism, by its very nature, is loud and visible to all," according to TK Keanini, CTO at security analytics firm Lancope. "The rest of the threat categories are quiet and sometimes silent in their activities, so it may not appear to be a large percentage."

Yuval Ben-Itzhak, CTO at anti-virus firm AVG Technologies, said that conflicts in the wider Middle East have had a cyber dimension for years.

"This form of cyber terrorism – which represents an often ‘hidden’ side to politically motivated conflict – is neither new nor unique," Ben-Itzhak explains. "For years we’ve witnessed a close correlation between tensions in the Middle East and the number of cyber-attacks detected in conflict zones. Political conflicts between Turkey, Syria, Lebanon, Israel, Egypt and Palestine have also regularly triggered waves of cyber-attacks, such as website defacements and Denial of Service attacks (DDoS)."

For example, back in 2011 the Harvard website was hacked by Syrian protesters, while the year before that Turks hacked Israeli Facebook accounts over the Gaza blockade incident.

Ben-Itzhak concludes: "The focus on cyber-terrorism today is less about the threat landscape changing, but more about our increased attention on it. ISIS’s high-profile status means we are acutely aware of their online actions through the media, particularly when targets include household names like TV5Monde."