CRS INSIGHT
Information Warfare: DOD's Response to the Islamic
State Hacking Activities
May 10, 2016 (IN10486)
|
s
Cybersecurity
Terrorism and Counterterrorism Policy
Related Author
Catherine A. Theohary
|
Catherine A. Theohary, Coordinator, Specialist in National Security Policy and Information Operations
(ctheohary@crs.loc.gov, 7-0844)
Kathleen J. McInnis, Analyst in International Security (kmcinnis@crs.loc.gov, 7-1416)
John W. Rollins, Specialist in Terrorism and National Security (jrollins@crs.loc.gov, 7-5529)
The Islamic State (IS) has pursued a strategy of accessing U.S. government computer systems for a variety of purposes.
IS pursues five primary categories of activity
when targeting U.S. computer systems: defacement, distributed denial of
service, data theft, disabling websites, and data breaches. The Department of Defense (DOD) is pursuing a number of
activities aimed at detecting, deterring, and thwarting IS hacking activities.
In May 2015, FBI Director James Comey stated, "ISIS is 'waking up' to the idea of using sophisticated malware to
cyberattack critical infrastructure in the U.S." and "logic tells me it's coming," and the terror group is "looking into"
developing an advanced cyberattack capability. Some government officials have stated that IS has already undertaken
attacks against computers that manage U.S. critical infrastructure processes. In October 2015, Caitlin Durkovich,
Assistant Secretary for Infrastructure Protection at the Department of Homeland Security, stated at a conference
focused on energy sector issues that "ISIL is beginning to perpetrate cyberattacks" on the nation's critical infrastructure.
At the same conference, Special Agent John Riggi, Section Chief of the FBI's Cyber Division, stated that while IS has
"strong intent (to undertake a cyberattack), thankfully, (they have) low capability."
The "Cyber Caliphate," a group of pro-Islamic State hackers also known as the "Islamic Cyber Army" (ICA) or "Islamic
State Hacking Division," has a history of conducting a variety of operations within the information environment. The
Department of Homeland Security and the Federal Bureau of Investigation issued a joint statement in December 2014
warning members of the U.S. military that the Islamic State may be mining social media to create "kill lists" of human
