Hacktivism unveiled: who are the pro-ISIS hackers?

Hacktivists are not professional cybercriminals, unlike those who attack banks and corporations.

Hacktivists are not professional cybercriminals, unlike those who attack banks and corporations.

In cooperation with Interpol, Russia’s anti-fraud provider, Group-IB, identified a number of pro-ISIS hackers in Indonesia, India, Nigeria and other countries.

Pro-ISIS hackers are as young and dumb as many other kids, new research says. They are victims of Islamic propaganda, with a low level of technical skills and limited life experience.  

The research was conducted by Group-IB, a Russia-based company that provides threat intelligence and anti-fraud solutions, in close cooperation with Interpol. The goal was to identify “hacktivists” - social activists turned hackers; in this case, those who support radical Islamic organizations. 

Motivation is key

“The main difference with professional hackers is motivation,” said Dmitry Volkov, сo-founder of Group-IB. “Professionals do it for money, while hacktivists do it for fun, politics or for religious reasons.” 

Group-IB says the hacktivists are not professional cybercriminals, unlike those who attack banks and corporations. For example, Chakra Bernaty, one of the hacktivists identified by the investigation, is apparently a computer science student at the State Islamic University of Sudan Gunung Djati Bandung in Indonesia.    

“Hacktivists do not pose a real risk to companies that take their information security seriously,” said Volkov.

Attention seekers

Members of the United Islamic Cyber Force (UICF) participated in numerous operations around the globe. According to Group IB, they were behind the attacks on Bloc Québécois, a political party in Canada. 

The attack came as a response to criticism by Canadian politicians of a Muslim woman who appeared in a hijab in the House of Commons. The official content of the party’s website was replaced with pro-Islamic radical slogans.

According to Volkov, the majority of the attacks by hacktivists are defacement (substitution or blocking of the website’s main page), or DDoS (denial of service). 

“Defacement of a hacked site is when the official content is replaced with some other banner or slogans,” Volkov explains. “The main goal of these attacks is to attract maximum public attention. During a DDoS attack, a website becomes unavailable due to a huge number of trash requests generated by a botnet,” (a network of private computers infected with malicious software and controlled by the criminals - RBTH).

Cyber kids vs. governments 

How is it possible that young people with limited technical skills can attack websites of government ministries in France, Israel, India and other countries? The truth is that many public and government online services don’t take cybersecurity seriously. 

“You don’t need great technical skills to hack them,” Volkov explains. “Many tools for some types of DDoS-attacks are available at online forums. It’s not a big problem for young people to find and use them.” 

They are young and dumb, and just playing around for now, but it’s a mistake to underestimate them and ignore the threat. Hacktivists can shift their efforts from DdoS, and hacking poorly protected websites, to attacks on critical infrastructure. “This is the worst case scenario,” Volkov said. 

Russia has also been victimized by pro-Islamic groups, such as Anonymous Caucasus. Their main targets are Russia’s biggest banks, government organizations and media. In 2013, they accused Russian authorities of inhumanity in staging the Sochi Olympic Games on the ancestral homeland of the Circassian people, and initiated a cyber operation called Pay Back for Sochi.

If using any of Russia Beyond's content, partly or in full, always provide an active hyperlink to the original material.

Read more

This website uses cookies. Click here to find out more.

Accept cookies