As the Gate 15 Threat and Risk Analysis Cell (TRAC) assessed the threat environment preparing this week’s Threat Dashboard, our team focused in on two persistent concerns that will be enduring threats
into the new year and that could both lead to challenging situations for organizations during the holiday period. Topically, our team addressed the newly released Europol report on Daesh and the terror groups’ threat to Europe as well as a worldwide cyberattack on routers that infected over 900k users.
In summarizing “Changes in Modus Operandi of Islamic State (IS) – Revisited,” Dave Pounder wrote, “Europol listed 10 new judgments on Daesh’s MO and assessed that an attack on Europe is likely in the near future. Amongst the key findings, the report warned that countries currently supporting ongoing military operations against Daesh will be a key target for the terrorist group. Europol does not expect any significant deviation from the tactics employed to date, and encouraged vigilance amongst the population. Should Daesh suffer a military defeat, as is occurring in Iraq, Syria and Libya, and cease to hold territory, Europol expects an influx of experienced fighters returning to Europe and pose potential security risks.” He elaborates further in the “Threat Focus” section of our weekly Threat Dashboard.
Addressing the router attack, the Threat Focus notes, “Fresh on the heels of the devastating Mirai botnet that has caused a variety of global impacts, a series of concerns have emerged. Deutsche Telekom acknowledged they were part of a worldwide cyberattack on routers that infected over 900k users. Flashpoint has reported that this botnet has spread into Brazil, England, Turkey, Iran, Chile, Ireland, Thailand, Australia, Argentina, and Italy with over five million devices vulnerable to this variant. On the horizon, a new botnet could soon rival the devastating impact of Mirai. The yet unnamed botnet was first identified on 23 November and has focused on targets on the US West Coast.”
Appreciating the persistence and potential impacts of these and related threats we note that “While the end of year can bring a slowdown in certain businesses and industries, the very real security threats contained identified in our daily reporting and this Threat Dashboard remind us to be ever-vigilant and proactive in security operations.” The Torpedo Report expands on that stating, “an often-overlooked aspect of preparedness is ensuring organizations have the proper back-up procedures in place during this particularly vulnerable time of year. This not only applies to vital records, data and sensitive information, but also for key leaders and decision-making processes relating to organizational security and emergency procedures. With many employees taking time off around the holidays, business operations are often left to a thinned down staff. Especially with many leaders using the holidays as a time to vacation, key personnel in charge of emergency actions could be unavailable when an incident occurs. Whether considering the risks associated with cyber or physical security, health c
oncerns or – as this week’s Indonesia earthquake once again reminds us – the ever-present danger of natural hazards, organizations should ensure appropriate and tested personnel redundancy is in place… International terrorist groups are welcoming the winter break with a warning about attacks during the holiday season such as on holiday parades and other soft targets. This has been further expounded upon in the recent release of al-Qaeda’s ‘Inspire’ magazine which outlined several possible attack scenarios for followers, including lone actor and drone attacks and Daesh’s just released ‘Rumiyah’ issue 4, with a ‘how to’ on conducting effective knife attacks. Whether facing a cyberattack against an organization’s critical information, or an inspired jihadist or other radical actor employing low-tech terror, organizations remain vulnerable to wide array of threats that could manifest during the holiday period. Security and risk leaders need to plan and operate on the assumption that there is no stand-down period for adversaries during the holidays. Adversaries will continue to follow relatively known patterns such as the Attack Cycle (our capture of that is in the image above) and the Cyber Kill Chain®; leaders need to ensure their organizations are also following best practices for security, preparedness and operations.”
The complete Torpedo Report includes additional background and analysis as well as some preparedness and operational ideas for leaders to consider. This week’s reports and previous releases can be linked to from the “Reports” tab of this website.
To help leaders maintain active threat situational awareness, we distribute our (free!) daily paper and the above mentioned weekly products. Our team hopes they can help you achieve a sound background as you assess your organizational risks and then apply a threat-informed, risk-based and prioritized approach to preparedness and operations. If you’re not already signed-up, subscribe to our free products and receive them directly! Free reports include our daily paper, the Gate 15 SUN, with additional detail, focus and analysis in the weekly Threat Dashboard and Torpedo Report.
Follow our Gate 15 team on Twitter: @Gate_15_Analyst, subscribe to our free products and find us on LinkedIn (and check out our brand new Gate 15 page on LinkedIn – we’d love to have you “follow” us there!).
