An Islamic State (Isis) sympathiser is offering an online "how to hack" tutorial, in efforts to educate and encourage supporters of the terror group to target western intelligence agencies. According to reports, the online course is on Kali Linux, an open-source Linux OS (operating system), which includes numerous pen-test (penetration testing) programs, designed specifically to help spot vulnerabilities.
The tutorial is also aimed at creating an army of IS (Daesh) cyber-soldiers that can "hack American and European security sites". A member of Al-Minbar forum, with the username Ayam Fath Baghdad (which roughly translated means "the days of the conquest of Baghdad") was found promoting the tutorial.
"As-salamu alaykum, my brothers, the members of al-Minbar, and those who are registered for the course on Kali Linux. Please gather in the section tonight at 9 p.m., Mecca time, in order to take a class," he wrote in Arabic.
Around 25 other members of the IS-sympathetic forum interacted in a 20-page thread, conveying interest in becoming hackers for the extremist group. The course itself has been extracted from various non-ISIS affiliated YouTube accounts that have posted tutorials in Arabic.
"Kali Linux is known as the 'go-to' for black [hat] and white [hat] hackers alike," Omri Moyal, VP Research at Israel-based cybersecurity firm Minerva Labs, was quoted as saying by Vocativ. "It is widely promoted and educated in underground forums and anonymous chat rooms, and the combination of its pre-installed, ready-to-use, powerful tools make it extremely dangerous in the wrong hands," he adds. "As we have heard that ISIS are declaring that they will move to operate in the cyber domain, it is very natural that they will go to this tool."
According to Moyal's analysis of the forum thread, the hackers-to-be would have "problems with the very basic commands and also are not looking for the solution themselves, something a good hacker must be able to learn and do."
He added, "I can't say anything about the teacher but the students are complete noobs."
The primary goal of the online tutorial appears to be to create a new ISIS-affiliated hacker group, the likes of the UCC (United Cyber Caliphate) or the CCA (Cyber Caliphate Army). Both hacker groups have claimed to have targeted people. However, neither of the groups is currently considered as a serious threat, in terms of possessing technical know-how.
The CCA for instance, took to releasing "kill lists" targeting various people across the US and other western nations. However, according to Ghost Security Group, a non-profit organisation anti-terrorism analysts, the data included in the kill list is most likely not even real.
It is likely that the ISIS supporters interested in the Kali Linux tutorial, may also turn out to be like their predecessors, with limited knowledge and technical skills to conduct actual cyberattacks.