Cyber Incident Victim: Islam Channel
Date:
Jul 2015
Location:
United Kingdom
Summary
A UK-based broadcaster popular among British Muslims experienced a state-sponsored cyberattack by Russian military intelligence, resulting in prolonged unauthorized access to its computer networks. The attackers gained complete control over the station's systems, enabling surveillance of all activities and causing weeks of email disruption that paralyzed operations. British security services later identified and disclosed the breach to the organization. The incident forced costly infrastructure upgrades, though concerns about persistent vulnerabilities remained. The channel, which reaches audiences across 100 countries and maintains a neutral stance toward Russian interests, characterized the intrusion as motivated by its media influence rather than political opposition.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
In 2015, Russian military intelligence agents executed a cyber-attack against the UK-based Islam Channel, a free-to-air broadcaster headquartered in Ilford, London, with transmissions reaching Europe, Africa, and Asia. The attack granted Kremlin-backed hackers full control over the broadcaster’s computer networks, enabling them to monitor all internal activities undetected until British security services alerted the channel’s management that year. Mohamed Ali Harrath, the channel’s Tunisian Islamist owner, confirmed the intrusion was state-sponsored, ruling out involvement by amateur surveillance groups. The compromise allowed attackers unrestricted access to the network for an unspecified period prior to discovery, during which they observed operations, intercepted communications, and disrupted email systems for weeks. Islam Channel, followed by 60% of British Muslims according to government statistics and reaching approximately 100 countries via eight satellites across five continents, faced severe operational paralysis. Employees experienced helplessness as attackers blocked all email correspondence, crippling internal and external communications. Harrath characterized the breach as motivated by the channel’s media influence, describing it as "a voice for those without a voice" serving 30 million Muslim viewers in Russia alone.
The incident compelled Islam Channel to overhaul its cyberinfrastructure at significant financial cost, though Harrath acknowledged persistent vulnerabilities despite these measures. No evidence suggested the broadcaster had provoked the attack through content targeting Russian interests; it had covered events like Moscow’s 2015 Holy Quran Award without criticizing Kremlin policies. The breach highlighted the channel’s geopolitical visibility as the first English-language Islamic broadcaster operating from Europe, with attackers exploiting its reach to monitor diaspora communities. Operational impacts included prolonged email outages and loss of network control, while reputational risks emerged from the exposure of sensitive internal systems to foreign intelligence. British authorities provided confirmation of the attack’s origin but did not disclose technical specifics of the intrusion methodology or data exfiltration scope. Harrath emphasized the psychological toll on staff, who worked under prolonged surveillance by hostile state actors unable to secure their systems independently. The broadcaster maintained its transmission schedule throughout the incident but faced unresolved security concerns regarding future state-sponsored threats.