Who Are The Islamic Cyber Resistance?

On January 7, 2014, a relatively new hacker group calling itself the Islamic Cyber Resistance (ICR) claimed they had accessed the Local Area Network (LAN) of the Israel Airports Authority (IAA) and leaked sensitive information regarding domestic and international flight maps.

According to the group, they accessed flight management plans and the ATIS/VOLMET system (Automatic Terminal Information Service), where they could have manipulated data communications, such as flight routing and weather conditions.

The ICR has leaked a great amount of data, most of which is not up-to-date. Our analysis additionally revealed that the leaked data does not originate from the IAA local network, but either from its open and public network or from a different server that contains such information.

Nonetheless, it appears that this group may pose a threat to Western entities, as well as non-Shi’a, and I will explain.

ICR executed their first act on February 25, 2013, when the group leaked the personal details of Bahraini intelligence and high-ranking military personnel. This was accompanied by an image demonstrating the group’s support of Hezbollah leader Hassan Nasrallah.

The attached image
The attached image

On August 10, 2013, the ICR and the Syrian Electronic Army (SEA), a pro-Assad hacker group, hacked a Kuwait mobile operator (Zain Group) and leaked information that included passwords.

On October 22, 2013, the ICR leaked the email addresses of the International Atomic Energy Agency (IAEA). It should be noted that information regarding the IAEA was also leaked in 2012 by the Iranian hacker group Parastoo.

On December 16, 2013, the ICR leaked personal details of 2,014 Israelis affiliated with various security bodies as well as secret documents from the Saudi BinLadin Group (SBG) and Saudi Arabian security officials. They stated that this attack was the group’s revenge for the assassination of Hezbollah Commander Hassan al-Lakkis on December 4, 2013.

Image of SBG document that ICR hackers gained access to
Image of SBG document that ICR hackers gained access to

According to the semi-official Iranian Fars News Agency, the group has declared that it is not affiliated with Hezbollah. However, the cyber-attack coined “Remember Hassan Lakkis Operation” and the image of Hassan Nasrallah attached to one of the leaks indicates a connection between the group and Hezbollah, or at least the group’s support for the organization.

Moreover, the name of the group in English is the same as one of the names for Hezbollah (Al-Muqawama al-Islamiyya – “Islamic Resistance”). Additionally, a news report in Persian about the ICR attached an image labeled “HizbullahCyber”, another indication of a possible connection between the ICR and Hezbollah.

Hizbullah_Cyber

The ICR has no Facebook or Twitter accounts. However, it seems that wikileak.ir is the main platform for their leaks. Additionally, the Twitter account @quickleak.org often tweets about the group’s operations and should therefore be considered a good source of information about the group’s activity.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s