Global Security and Intelligence Studies Volume 2, Issue 1, Fall 2016 | Page 30

Global Security and Intelligence Studies vulnerability vector for disruption and/or destruction is available via the cyber battle space. More precisely, physical reprisals may provoke additional cyber-triggered responses such as a Stuxnet-derived virus that disables the Supervisory Control and Data Acquisition (SCADA) system supporting these infrastructures (Matrosov et al 2010). Known ISIS Cyber Capabilities Outside of revenue sources, communications are considered by many to be critical infrastructure. The use of social media assists ISIS to spread its message and gain support and recruits (Klausen 2015 and Bakke 2014). Tens of thousands of foreign fighters are thought to have immigrated to ISIS strongholds; many have come to fight directly as a result of enablers like social media, Internet chats, and other online news and propaganda systems. This online recruitment has both reached and appealed to all demographics, irrespective of gender, status, and location (Taylor 2015). It has also delivered a strong and highly compelling message. As a result, many have gone and more will go (Wood 2015). In an effort to counter such foreign fighter flows, a number of Western countries have enacted legislation to make such activity illegal, and engaged in various programs to identify those who intend to travel, as well as those contemplating such, and stop both. The results have not been altogether effective (Sengupta 2014). Additionally, human rights advocates like Deputy Human Rights Watch director Andrea Prasow opine that such surveillance not only denies the very right to travel, but more importantly may promote a situation where citizens of a state might be “prosecuted for their thoughts and their beliefs, but not their actions” (Lynch 2014). The use of cyber space by terrorist or extremist organizations for command and control activities, recruitment, and the dissemination of training materials is of ongoing concern for state actors. This is especially true in that the nature of cyberspace makes efforts to limit and/or eliminate its use by such group exceedingly difficult. With violent non-state actors like ISIS openly using cyberspace to spread its ideology and activities, other non-state actors such as Anonymous have declared their intention to attack those actors anywhere they can be found in cyberspace. But just what are the capabilities for this battle —and can Anonymous really go “mano a mano” with ISIS in this sense? When reviewing the reported hacking incidents by ISIS and its supporters, it appears that their capabilities are primarily in the areas of compromising password security for publically accessible accounts and any associated databases used to support them (Gorman 2015, Keys 2015 and AFP 2015). Other reported hacking consisted of webpage defacement and small-scale denial of service attacks against government websites (Akbar 2015). Finally, and more significantly, there are reports that ISIS has been deploying digital surveillance tools within its geographic domain. The use of keyloggers and IP sniffers at Internet cafes, and the creation of an email malware used in an attempt to reveal IP addresses have been reported (Scott-Railton and Hardy 2014, Stormark 2014). It is understood that the ISIS “religious morals” police force called 24