Executive Summary

Throughout the period under review (April-June 2021), terror activity continued to permeate through the cyber arena. Jihadist terrorist groups continued their efforts spanning from operational to defensive and offensive actions. Terror groups have also been continuing the trend of using various social media platforms to disseminate propaganda and communicate with their audiences worldwide, often in several languages. This period saw an increase in incitement of physical lone wolf attacks through cyberspace. Throughout April – June 2021, jihadi groups launched several campaigns and continued to disseminate material through various publications, newspapers, and magazines. During this period, Irani and Shia cyber groups made efforts to remain connected with their audiences in the cyber arena by opening new channels and websites. They also carried out various hacks, stealing and publishing personal information of their targets.

In May 2021, tensions escalated between Israel and the Palestinians, culminating in Operation Guardian of the Walls. The cyber arms of terrorist groups and terrorist hacking groups joined in the conflict, spurred by the escalation of violence in tandem with OPIsrael, the annual cyber attack campaign against Israel that occurs every April. During this time, Israel saw a wave of cyber attacks from many various terrorist and hacktivist groups. These attacks are analyzed in a case study in this report.

We are observing a period of time in cyberspace where terror groups are exploiting cyberspace to the best of their abilities, such as for fundraising and propaganda, and are also actively working towards raising their cyber capabilities in order to transform their motivations into tangible attacks. This report analyzes these trends over the period of April – June 2021.

In the period reviewed in this document (April – June 2021) terror activity in cyberspace has been identified in three major aspects: 

In the international arena, the global response to cyber threats included activity on the part of governments attempting to quell cyberattacks and remain up to date in their cybersecurity departments by implementing new regulations, policies, sanctions, and roadmaps to improve their cybersecurity. These actions include international cooperation to defend and act against cyber attacks. In May 2021, the United States suffered an attack on a major oil system, Colonial Pipeline. This attack comes following the SolarWinds attack, which acted as a wakeup call to the United States. The Colonial Pipeline attack had tremendous impacts and revamped discourse pertaining to cybersecurity in western countries.