ISIL sympathising hackers are targeting news organisations of all sizes as part of their propaganda efforts, according to a new report.
Cyber security firm FireEye’s Threat Intelligence report found that the Iraq and Syria-based organisation had a scattershot approach when it came to hacking activities, reflecting a lack of leadership and organisation.
“ISIL leaders in Iraq and Syria probably do not issue orders that dictate the sympathisers’ cyber targets in the way that we believe more centralised, resourced threat groups operate,” it said.
The firm noted that ISIL social media accounts were slow to react to an April attack on France’s TV5Monde, which saw propaganda and the identities of French soldiers posted on the station’s social media account and website.
The attack, which also allegedly disabled the station’s transmission system for several hours, was later lauded by ISIL social media.
FireEye compared ISIL’s hackers to its fighters on the ground in Iraq and Syria, who often attack with improvised explosive devices.
Their disorganisation made it difficult to predict their next target, the firm said, unlike nation state sponsored actors.
It also warned that news media organisations were enticing targets for terrorist sympathisers and national governments, with more devastating attacks possible from the latter group.
“A hacked station that is taken off the air undermines a key revenue source, as its advertisers may lose faith in the broadcasters’ ability to deliver their messages and viewers may question the quality of the broadcasted information,” FireEye warned.
In April 2013, another Middle Eastern group, the Syrian Electronic Army, hijacked the Twitter account of The Associated Press, posting that an explosion at the White House had injured President Barack Obama.
The incident reportedly triggered a brief $136bn fall in the US stock market.