FBI Warns of Pro-ISIS Hackers, Calls Methods 'Unsophisticated'
FBI document reiterates that pro-Islamic State hackers typically exploit common, easy to patch vulnerabilities.
The Federal Bureau of Investigation has issued a warning about pro-Islamic State hackers carrying out cyberattacks against the US, but has stated that most of these hacktivist groups use relatively unsophisticated methods.
"Over the past 18-24 months, an unknown number of online extremists have conducted 'hacktivist' cyber operations—primarily Web site defacements, denial-of-service attacks, and release of personally identifiable information (PII) in an effort to spread pro-Islamic State of Iraq and the Levant (ISIL) propaganda and to incite violence against the United States and the West," the FBI document obtained by Motherboard reads. Warnings about threats like this are often sent to government agencies and contractors.
The FBI explicitly names several apparent pro-Islamic State groups: "Elite Islamic State Hackers," "Islamic Cyber Army," and "Caliphate Cyber Army."
"In September 2015, group members began posting a series of messages via Twitter stating that they were conducting cyberattacks against the United States in commemoration of the September 11th terrorist attacks using the hashtag #AmericaUnderHacks for their Twitter postings," the document continues.
But these so-called cyberattacks are often nothing more than the republishing of already publicly available data. As Motherboard has previously reported, spreadsheets from an Italian educational institute "dumped" by the "Islamic Cyber Army" under the hashtag #WorldUnderHacks, with details of French government personnel, and a US Department of Defense spreadsheet, were all just a Google search away.
Indeed, "the FBI assesses most pro-ISIL hacktivist groups use relatively unsophisticated methods and tools to scan for and exploit well-known Web site vulnerabilities," the document continues. And when they do actually carry out some hacking, pro-Islamic State groups use common methods of attack, such as Structured Query Language injection (SQLi), Cross Site Scripting (XSS), and social engineering to obtain account credentials, the document notes.
The document also points to a recent media report in the Daily Mail which claims that the Islamic State is recruiting Indian hackers, and offering upwards to $10,000 per operation, but states that "the FBI cannot confirm the validity of the media reports, and beyond this single article on Indian hackers and ISIL, does not have information indicating any such relationship exists to date."
As for what can be done against this rather meager threat, the FBI recommends enabling automated updates, paying particular attention to links in emails, disabling macros in computer programs, only downloading software from trusted sources, and using strong passwords in combination with two-factor authentication. So, basically all the things you should be doing anyway, regardless of any pro-Islamic State hackers.