Are terrorists really any different from cybercriminals? We stumbled upon terrorist content during our investigations on cybercriminal activity in the underground, and after a thorough analysis of it, we uncovered parallels in the way these two distinct groups operate online.
Terrorists’ usage of the Internet in their operations has been under heavy discussions as of late, with recent events such as the Paris and Belgium attacks bringing the controversial subject to the forefront. When terrorist groups make use of the latest cyber technologies, techniques, and applications spanning across mobile, surface web, as well as deep and dark web, it makes the problem of tracking them even that much harder.
For example: the techniques and technologies used by terrorists include platforms and technologies used not just by cybercriminals, but also many other types of users online. We saw OPSEC (operational security) guidelines for terrorists that are similar to those intended for journalists and activists. We also saw terrorist organizations and their supporters utilizing the same variety of resources in deep web, dark web, and surface web as those used by cybercriminals to remain anonymous and to communicate with their contacts.
On the other hand, we also saw some key differences between the online behavior of the two. We found that while cybercriminals and terrorists employ the same technologies, they do so in distinctly different ways.
We will be releasing more details on our observations related to the terrorist organizations’ activities online in the next couple of days.
Update May 3, 2016, 10:17 PM EDT:
Check the full report here: Dark Motives Online: Analyzing Overlaps between Technologies Used by Cybercriminals and Terrorist Organizations.