The short answer to this question is another question – does it really matter? What is more important is their ever-growing desire and motivation to obtain and develop offensive capabilities in cyber-space.
There has been debate among security experts on this matter since the Islamic State (IS) started operating in the cyber domain. On the one hand, some argue that IS hackers have already proven their ability to launch successful cyber-attacks and now they are attempting to carry out meaningful attacks against critical infrastructures (with no success thus far).
On the other hand, an emerging theory suggests that attacks previously associated with IS were actually perpetrated by a sophisticated group of Russian hackers. In other words, the alleged attacks against a French TV station in April 2015, the hijacking of the CENTCOM Twitter account in January 2015 and others were the work of a Russian APT group, and not the IS-affiliated “Cyber Caliphate.”
But again – does it really matter? We can say with a high degree of certainty that IS as a terror organization is trying to develop cyber capabilities. We received a strong indication of this trend in late August 2015, when a US drone strike killed a British IS cyber expert.
Even before that, in early 2014, we had heard of so-called cyber operations conducted by the Al-Qaeda Electronic Army (AQEA, or AQECA – the Al-Qaeda Electronic Cyber Army) against US government websites.
We assess that at the moment IS hacking entities (such as “Cyber Caliphate” or the Islamic Cyber Army – ICA) do not have high technical capabilities. That said, we should not underestimate the Islamic State’s attempts to develop an offensive cyber capability. An analysis of IS publications reveals a clear increase in the motivation of IS-inspired hackers to wage attacks against high-profile Western targets.
A concerning development in this aspect would be indications of the purchasing of attack tools and malware from highly sophisticated cyber criminals. Taking into consideration the clear intentions expressed by IS in relation to executing cyber-attacks against the West, such tools could be directed at critical infrastructures, sensitive organizations, government agencies and more.