2 August 2017

The face of Islamic hacktivism: Group-IB unmasks Pro-ISIS hackers

Group-IB, one of the global leaders in providing high-grade Threat Intelligence and best in class anti-fraud solutions, in close cooperation with Law Enforcement Agencies has conducted research revealing the individuals behind the United Islamic Cyber Force (UICF).

UICF is an active pro-Islamic hacker group responsible for a chain of high-profile cyberattacks in different regions – which have been extensively covered in the media. This investigation unmasked a number of cybercrime community members fronting from 60 hacker groups and exposed their identities.

Hacktivism is a synthesis of social activism and hacking. All hacktivist operations – whether they are DDoS, deface attacks, or data theft – have one goal: to attract maximum public attention. This is one of the main reasons, why state agencies, large state-connected businesses, media or media personalities are their primary targets. Ideological, political, or religious differences and disputes form the basis of hacktivists’ activities.

UICF members have participated in numerous high-profile operations:

  • Attack on French Internet sites, after the terrorist attack on the Parisian editorial offices of Charlie Hebdo.
  • “Hackintifada” directed against Israeli websites and online resources, such as the website of the Ministry of Foreign Affairs and the Ministry of Education.
  • Attack on the state resources of India caused by blocking video hosting and file-sharing resources in the country and a crackdown on piracy.
  • Deface attack on Bloc Québécois, a federal political party in Canada, in response to the criticism by Canadian politicians of a Muslim woman who appeared in a hijab in the House of Commons. Official content was replaced with pro-Islamic radical slogans, partially connected with ISIS.
  • A number of other activities driven not by financial gain, but political and ideological reasons.

Group-IB Threat Intelligence system enabled company experts to track hacktivist attacks conducted in different operations and identify interrelations between the groups and their members, as well as identities behind each alias. One of the main outcomes of the investigation was that hacktivists were not professional cybercriminals, unlike those who attack banks and corporations. In the overwhelming majority of cases, they turned out to be young people with a low level of technical skills, limited life experience, who had fallen victim to propaganda.

So far, hacktivists do not pose a real risk to companies that take their information security seriously. But it would be a mistake to ignore this threat. Hacktivists can shift their efforts from DDoS or hacking poorly protected websites to attacks on critical infrastructure – this is the worst case scenario.

The main aim of 98% hacker attacks is gaining financial benefit – from direct money theft, to stealing data for further monetization. Cyberattacks on industrial facilities are still quite rare, but not due the fact that their systems are well protected, but because they have no potential for financial gain. Cyberterrorists are potentially most interested in these kind of attacks, since they give publicity, while hacktivists driven by ideological motives can easily become their foot soldiers.

Dmitry Volkov

Dmitry Volkov

Co-Founder of Group-IB, Head of Group-IB’s
Investigation Department and Intelligence Service

The research has been carried out in close cooperation with Interpol.

More information about the investigation is available on Group-IB official blog: www.group-ib.com/blog/uicf

Group-IB is one of the leading providers of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigation of high-tech crimes and intellectual property protection, headquartered in Singapore. The company’s threat intelligence and research centers are located in the Middle East (Dubai), the Asia-Pacific (Singapore), Europe (Amsterdam), and Russia (Moscow).

Group-IB’s Threat Intelligence & Attribution system has been named one of the best in class by Gartner, Forrester, and IDC. Group-IB’s Threat Hunting Framework (earlier known as TDS) intended for the proactive search and the protection against complex and previously unknown cyberthreats has been recognized as one of the leaders in Network Detection and Response by the leading European analyst agency KuppingerCole Analysts AG, while Group-IB itself has been recognized as a Product Leader and Innovation Leader. Gartner identified Group-IB as a Representative Vendor in Online Fraud Detection for its Fraud Hunting Platform. In addition, Group-IB was granted Frost & Sullivan’s Innovation Excellence award for its Digital Risk Protection (DRP), an Al-driven platform for identifying and mitigating digital risks and counteracting brand impersonation attacks with the company’s patented technologies at its core.

Group-IB’s technological leadership and R&D capabilities are built on the company’s 18 years of hands-on experience in cybercrime investigations worldwide and 70,000 hours of cybersecurity incident response accumulated in our leading forensic laboratory, high-tech crime investigations department, and round-the-clock CERT-GIB. Group-IB is a partner of Europol.

Group-IB’s experience in threat hunting and cyber intelligence has been fused into an ecosystem of highly sophisticated software and hardware solutions designed to monitor, identify, and prevent cyberattacks. Group-IB’s mission is to fight high-tech crime while protecting our clients in cyberspace and helping them achieve their goals. To do so, we analyze cyber threats, develop our infrastructure to monitor them, respond to incidents, investigate complex high-tech crimes, and design unique technologies, solutions, and services to counteract adversaries.

Report an incident

Get 24/7 incident response assistance from our global team

APAC: +65 3159-3798
Europe: +31 20 226-90-90
EMA: +971 4 508 1605

Thank you for filling out the form! We will get back to you shortly.

We use cookies on the website to make your browser experience more personal, convenient and secure. You may block or manage the use of cookies, however, in some cases they’re essential to make this site work properly. Learn more about cookies in Group-IB Privacy And Cookies Policy.

Report an incident