Download Full Report

This report covers the period of April - June 2015 and addresses two main subjects: cyber-terrorism (offensive, defensive, in the media, and the main topics of jihadist discourse) and cyber-crime, whenever and wherever it is linked to jihad (funding, methods of attack).

The following are among the issues covered in this report:

The issue of anonymity and encryption continues to be at the forefront of discussion topics on forums, with the goal of increasing security levels of users, and preventing exposure and identification of the security mechanisms. It is possible to differentiate between guides for secure and correct internet use, and recommendations for using free programs and services incorporating technologies that include high levels of encryption and anonymity. Some of the recommendations relate to information encryption on computers or mobile devices, including cellular phones and tablets.

There has been in increase in groups affiliated with the Islamic state, such as the IS Cyber Caliphate Hacking Division and the ISIS Cyber Army. There are also known hacker groups which have only recently started identifying with IS activities – for example, groups from North Africa, and in particular Morocco. There has been a noticeable increase in Muslim groups that have changed their messages, as they have begun attacks such as websites defacements, while beginning to exhibit characteristics which indicate their support for the Islamic State. In addition, there is an increase of significant threats of cyber attacks on Western targets – specifically the United States - by groups affiliated with the Islamic State. It should be noted that most of the known attacks have been directed towards small websites with minimal security levels, and that no attack caused significant damage. However, there were also several significant attacks, such as the one on the French television channel, TV5 Monde. In addition, attempts to leak classified data by breaking into government sites has been observed. It is estimated that in some of the cases, the documents publicized were already available to the public on the internet.

Incidents of data and information leaks increased in number, and in the scope of information that was stolen and leaked. An increase in theft incidents which were carried out as Cyber crimes has also become discernible, though there still a differentiation between hacking for personal data, financial information (including credit card details), medical information, and commercial information. Among the more significant attacks was the hack into the Office of Personnel Management and the theft of private details of millions of US government employees. In a large number of the attacks, the scope of information stolen relates to millions of users, while part of the information, such as financial or medical data, was sold on the black market and to forums on the Dark Internet. Personal information was sold for use in future attacks, including blackmail and phishing attacks.

Many countries are intensifying their investments and preparations for coping with threats to cyberspace – whether by amending laws or establishing institutions and authorities with the authorization and responsibility for coping with these challenges.

Over the past few months, the United Nations Security Council has stepped up its efforts to engage Member States in a variety of measures to combat terrorism, and in particular to mitigate the increased use of cyberspace by extremist groups in the Middle East.

This report includes a case study of the OpIsrael 2015 campaign, which reached its climax on April 7. Different hacker groups took part in the attack, such as Anonymous Arabe, AnonGhost, and others.