William R. Collier Jr

The New Jihadi?

The New Jihadi?

Iraq’s warring factions, and the government, have come to the realization that controlling cyber-space is a necessary war-fighting element, as important as land warfare or aerial domination. Cyberspace, the place where people communicate, get information, and collaborate is the new target.  Those who dominate the landscape can operate freely while preventing their enemy from operating freely.

We have learned how ISIL/ISIS has used cyberspace for sophisticated command and control, giving them quite modern and advanced communications capabilities once only available to first world nations. Simply turning off the space is becoming as difficult as turning off the sky: too many communications and transactions depend on the existence of that space.

In Iran, for instance, during the 2009 uprising the government tried to turn off the space. The problem? Millions of government and financial transactions required the use of that space. So the internet was “turned back on” and the government tried to control the space. Today, the ability of governments to control that space short of turning it off is limited. A simple software solution, such as creating a program that filters out certain sites based on content or location, will not work- insurgents and criminals can get around those blocks or simply burrow deep into “spaces” (websites or social networks) that are not blocked.

Criminals and insurgents in Iraq have taken to employing groups of cyber operators.  Some act as sleuths, some create malware and other programs designed to spy on targeted computers and networks, some operate “clone accounts” to insinuate themselves into groups, some conduct “operations” (like denial of service attacks, physhing schemes that are meant to steal user names and passwords) and still others operate web crawling and spidering tools to obtain data.

In Iraq, cyber warfare observers have noted that full-on cyber war is being waged. In one instance, a Trojan Horse program was inserted through a link to a “friendly” article clicked on by the targets.  The program turned on microphones and video and allowed ISIL to literally see and hear the internal workings of an opposition group operating in Iraq.

Of all the actors, including the government, ISIL has perhaps invested the most resources into these operations, while their operators have also devised clever ways to maintain secure communications for a sophisticated command and control. We have even hear rumors of an ISIL program that allows for a missile hack whereby a “dumb” rocket is guided to a target by Google maps. This is not as precise as US “smart munitions”, but it is far more sophisticated than what has been available.

The now “old” idea of tracking IP addresses is also not enough. These groups create multiple layers of proxy servers and, now, “ip hopping” programs change the IP address of a server every few seconds. The best way to locate the enemy is to actually get an operator into their network who obtains that information, or enough hints to allow for “investigations” to track locations.

It is believed that ISIL operators succeeded in tracking an Iraqi police chief to his home, the location of which had been a closely guarded secret, by infiltrating an online group and inserting a “snooper” program into the police HQ’s computer network which had been accessible to informants. The infamous video of his beheading is proof enough that, for ISIL. cyber warfare is a major component of their warfare.

Near as we can tell, the Iraqi government has not been up to the task of countering this. Cyber space in Iraq is dominated by closely knit groups. The government’s operations are compromised because there are infiltrators involved and they have not worked out a process for vetting potential cyber operators that has worked. Only government cyber units that are coherent by tribe and sect have had any real success in preventing infiltration.

So the cyber landscape for average Iraqis is a dangerous one, although most malware infections have been rather targeted. Generally when “civilians” have had their computers compromised, it is because they are associated with or physically near a target of such operations. We are witnessing the first “collateral damage” due to cyber warfare.

But could this cyber battlefield be extended?

ISIL, for its part, envisions a Caliphate stretching from the Turkish border that includes the Levant and the Arabian Peninsula at least.  Future targets of their cyber warfare will include all those nations and, possibly, even Turkey (this despite reports that Turkey’s Prime Minister has been secretly sending them arms).

All around the world, criminals and potential insurgents are seeing cyber space as the next frontier in lateral warfare or guerrilla warfare and many of the world’s governments are ill prepared for this onslaught.