Al-Shabaab
Al-Shabaab is a Somalia-based militant Islamist group and al-Qaeda’s strongest affiliate in East Africa. The provided content describes it as a larger and more entrenched local threat in Somalia than Daesh-Somalia. It has claimed responsibility for attacks on civilians in Kenya’s Mandera county, including the November 2014 bus attack and the December 2014 quarry attack. The group is reported to maintain a sophisticated taxation and extortion apparatus and is estimated by the Africa Center for Strategic Studies to raise roughly $100 million annually. According to the content, Al-Shabaab has a robust budget and an innovation cell and is attempting to exploit drones against the Federal Government of Somalia and the Somali National Army. The content also states that Al-Shabaab works with the Houthis, sending trainees to Yemen while weapons materiel moves to Somalia, raising concern about advanced weapons flows from Yemen into Somalia. The United States conducts airstrikes against Al-Shabaab from its base in Djibouti. Known alias in the provided content: al_shabaab.
Know when an actor pivots toward your sector
Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.
Targeting
Who, where, and (when attributed) which flag flies behind the operation. Pulled from open-source reporting and Mallory's analyst review.
Who they target
Sectors the actor has been observed targeting.
- Government & Administration
Where they target
Geographies tied to known operations.
- 🇸🇴 Somalia
Where they're from
Attributed origin per open-source reporting.
- SO
- YE
Tradecraft
1 distinct technique observed across reporting, grouped by tactic. Hover any cell for the evidence excerpt; click through for MITRE's full description.
Recent activity
4 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
Militant group in Somalia discussed as collaborating with the Houthis, exchanging trainees and weapons materiel, and developing drone capabilities against Somali government forces. It is also described as part of the broader VEO threat environment in Africa and as having lost ground recently under partner operations supported by the U.S.
A major East African al-Qaeda affiliate and entrenched threat in Somalia, sustained by a sophisticated taxation and extortion system and engaged in rivalry with Daesh-Somalia.
Jihadist movement in Somalia that is the target of U.S. airstrikes launched from Djibouti.
Militant Islamist group claiming responsibility for attacks on civilians in Kenya, including killings in Mandera county targeting victims on the basis of religion.
The version that knows your environment.
Match sector + geo + tech-stack targeting against your real footprint.
Every observed MITRE ATT&CK technique, grouped by tactic.
Families this actor is known to deploy, with IOCs and behavior.
CVEs this actor has used in known campaigns.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Domains, IPs, and hashes tied to this actor, refreshed continuously.