People would usually think that the latest cyber-attacks are being done by terrorist organizations. Like the Islamic State, which has become infamous for the latest physical attacks. However, while these attacks have been at least attempted by the state, a new report suggests that they aren’t a threat. According to the report Hackers working for the so-called Islamic State are bad at coding and hiding what they do.
So, what do they try to do in order to try to break into the enemy network? They create Malware and encryption programs. However, these attempts are so horribly coded that it isn’t even subtle and easy to deal with. The security researcher Kyle Wilhoit at DerbyCon talked about the cyber-attack methods. In general, he called three attack tools created by one large IS hacker collective “garbage”.
“ISIS is really, really bad at the development of encryption software and malware,” he told tech news outlet The Register, Wilhot then added. “The apps are shit to be honest, they have several vulnerabilities in each system that renders them useless.”
The conclusion Mr. Wilhoit had was reached by analyzing three separate types of tools created by hackers who were part of what is known as the United Cyber Caliphate (UCC). The UCC is a group of hackers that are allies to the Islamic State. So, what are the issues with the cyber-attack attempts?
- The group’s malware was full of Bugs that beginners get rid of easily.
- The email system they developed leaked information about its own users.
- The UCC’s web attack tool failed to take down any significant target.
The only real method of strategizing and planning they have is the encrypted service WhatsApp and Telegram. Which are mainstream apps that provide secure protection for the users. However, their lousy security is getting members killed.
In fact, the researcher talked about a time where he found an open server online containing photographs of active military operations by ISIS in Iraq and Syria, which were to be used for propaganda purposes. But they were easily caught because they left the metadata on their image files.
Overall, the latest cyber-attacks can’t be the work of terrorist organizations. They are literally too stupid to try and do something like that.