Islamic terrorists are arming themselves with the technical tools and expertise to attack the online systems of Western companies and other infrastructure, warns
a study from the Institute for Critical Infrastructure Technology.
The goal of the report was to bring awareness to "a hyper-evolving threat," James Scott, ICIT co-founder and senior fellow, told
CNBC.
A large-scale attack could be just around the corner. "These guys have the money to go on hacker-for-hire forums and just start hiring hackers," he said.
Much of the chatter on jihadi chat boards comes from Europeans and Americans, often social outcasts living vicariously through the online reputation of their handle — including disenfranchised teens or jailhouse Muslim converts turned radicals, Scott said, CNBC reported.
"They may not have strong coding skills, but they have access to Western institutions and businesses and are looking to leverage that access to serve ISIS," CNBC reported.
"It is obvious that cyber jihadists use dark web forums for everything — from discussing useful exploits and attack vectors, to gaining anonymity tips and learning the basics of hacking from the ISIS cyber help desk," he said. "Setting up properly layered attacks is incredibly easy even if one has a modest budget. All one needs is a target and a reason."
Meanwhile, security experts issued yet another warning to back up the ICIT study's claim:
A major underground marketplace acting like an eBay for criminals is selling access to more than 70,000 compromised servers allowing buyers to carry out widespread cyber-attacks around the world.
Researchers at Kaspersky Lab, a global computer security firm based in Moscow, said the online forum appears to be run by a Russian speaking group. It offers access to hacked computers owned by governments, companies and universities in 173 countries, unbeknownst to the servers' legitimate owners,
Reuters reported.
Access goes for as little as $6 for a compromised server. Each comes pre-equipped with a variety of software to mount denial-of-service attacks on other networks, launch spam campaigns, illicitly manufacture bitcoin currency or compromise online or retail payment systems, the researchers said.
Starting at $7, buyers can gain access to government servers in several countries, including interior and foreign ministries, commerce departments and several town halls, said Costin Raiu, director of Kaspersky's research and analysis team.
He said the market might also be used to exploit hundreds of millions of old, stolen email credentials reported in recent months to be circulating in the criminal underground.
"Stolen credentials are just one aspect of the cybercrime business," Raiu told Reuters in an interview. "In reality, there is a lot more going on in the underground. These things are all interconnected."
The marketplace goes by the name xDedic. Dedic is short for dedicated, a term used in Russian online forums for a computer under remote control of a hacker and available for use by other parties.
XDedic connects sellers of compromised servers with criminal buyers. The market's owners take a 5 percent up-front fee on all money put into trading accounts, Raiu said.
Kaspersky found the machines run remote desktop software widely used by network administrators to provide technical support for Microsoft Windows users. Access to servers with high capacity network connections may cost up to $15.
Low prices, searchable feature lists that advertise attack capabilities, together with services to protect illicit users from becoming detected attract buyers from entry-level cybercriminals to state-sponsored espionage groups.
An unnamed Internet service provider in Europe alerted Kaspersky to the existence of xDedic, Raiu said.
High-profile targets include a U.S. aerospace firm, banks in the United States, Philippines, Kazakhstan, Jordan, Ghana, Cyprus, South Korea and Saudi Arabia, chemical firms in Singapore and Thailand and oil companies in China and the United Arab Emirates, Kaspersky found.
(Newsmax wire services contributed to this report).