Study: ISIS May Be Behind Botched Cyberattack Against Rival Group

AP Photo/Bilal Hussein
AP Photo/Bilal Hussein

The Islamic State may have expanded its operations into cyberattacks, according to Citizen Lab, an Internet watchdog group.

Citizen Lab reported that the Islamic State (IS, ISIS, or ISIL) may be behind a botched malware attack intended to hack into the computer systems of rival dissident group in Syria, “Raqqa is being Slaughtered Silently” (RSS).

In the Syrian city of Raqqa, the de facto capital of the jihadist group’s self-declared “Islamic State,” ISIS has imposed strict Islamic law.

Researchers and analysts at the watchdog group warned, “If ISIS is responsible, while this attack targets in-country impediments to ISIS objectives, other targets may include ideological or military adversaries abroad.”

Citizen Lab found that a malware-laden email, falsely claiming to be from Syrian activists in Canada, was sent to members of RSS on November 24, with the ability to identify and locate the target.

The RSS activist who received the email did not open it and instead forwarded the message to Bahaa Nasr of Cyber Arabs, a group that provides online security training.

Eventually, the message ended up in the custody of Citizen Lab, based at the University of Toronto’s Munk School of Global Affairs.

“The custom malware … beacons home with the IP address of the victim’s computer and details about his or her system each time the computer restarts,” researchers and analysts at Citizen Lab found.

RSS “was recently targeted in a customized digital attack designed to unmask their location,” reported Citizen Lab. RSS “focuses its advocacy on documenting human rights abuses by ISIS elements occupying the city of [Raqqa].”

“In response, ISIS forces in the city have reportedly targeted the group with house raids, kidnappings, and an alleged assassination,” the group added. “The group also faces online threats from ISIS and its supporters, including taunts that ISIS is spying on the group.”

Citizen Lab found “strong, but inconclusive circumstantial evidence” that ISIS was linked to the malware attack on RSS.

The Associated Press reports that ISIS has shown interest in electronic surveillance in the past.

“Last week, a post to a pro-Islamic State forum carried a proposal for a project named ‘Eye of the Caliphate’ that would task a team of computer experts with hacking into the Caliphate’s enemies, according to the SITE Intelligence Group,” notes the AP. “British news media reported this year that Islamic State had recruited a British hacker.”

The Associated Press contributed to this report.