Cyber-terrorism

From Wikipedia, the free encyclopedia

Contents

[edit] Cyberterrorism

As the Internet becomes more pervasive in all areas of human endeavor, individuals or groups can use the anonymity afforded by cyberspace to threaten citizens, specific groups (i.e. with membership based on ethnicity or belief), communities and entire countries, without the inherent threat of capture, injury, or death to the attacker that being physically present would bring.

As the Internet continues to expand, and computer systems continue to be assigned more responsibility while becoming more and more complex and interdependent, sabotage or terrorism via cyberspace may become a more serious threat.

is the leveraging of a target's computers and information , particularly via the Internet, to cause physical, real-world harm or severe disruption of infrastructure.

[edit] The basic definition of Cyber-Terrorism

...subsumed over time to encompass such things as simply defacing a web site or server, or attacking non-critical systems, resulting in the term becoming less useful...

There are some that say cyberterrorism does not exist and is really a matter of hacking or information warfare. They disagree with labeling it terrorism because of the unlikelihood of the creation of fear, significant physical harm, or death in a population using electronic means, considering current attack and protective technologies.

The National Conference of State Legislatures (NCSL), a bipartisan organization of legislators and their staff created to help policymakers of all 50 states address vital issues such as those affecting the economy or homeland security by providing them with a forum for exchanging ideas, sharing research and obtaining technical assistance [1] defines Cyberterrorism as follows:

the use of information technology by terrorist groups and individuals to further their agenda. This can include use of information technology to organize and execute attacks against networks, computer systems and telecommunications infrastructures, or for exchanging information or making threats electronically. Examples are hacking into computer systems, introducing viruses to vulnerable networks, web site defacing, denial-of-service attacks, or terroristic threats made via electronic communication.[2]

[edit] Background Information

Public interest in cyber-terrorism began in the late 1980s. As the year 2000 approached, the fear and uncertainty about the millennium bug heightened and interest in potential cyberterrorist attacks also increased. However, although the millennium bug was by no means a terrorist attack or plot against the world or the United States, it did act as a catalyst in sparking the fears of a possibly large-scale devastating cyber-attack. Commentators noted that many of the facts of such incidents seemed to change, often with exaggerated media reports.

The high profile terrorist attacks in the United States on September 11, 2001 lead to further media coverage of the potential threats of cyberterrorism in the years following. Mainstream media coverage often discusses the possibility of a large attack making use of computer networks to sabotage critical infrastructures with the aim of putting human lives in jeopardy or causing disruption on a national scale either directly or by disruption of the national economy.

Authors such as Winn Schwartau and John Arquilla are reported to have had considerable financial success selling books which described what were purported to be plausible scenarios of mayhem caused by cyberterrorism. Many critics claim that these books were unrealistic in their assessments of whether the attacks described (such as nuclear meltdowns and chemical plant explosions) were possible. A common thread throughout what critics perceive as cyber-terror-hype is that of non-falsifiability; that is, when the predicted disasters fail to occur, it only goes to show how lucky we've been so far, rather than impugning the theory.

[edit] Effects of Cyber-Terrorism

Cyberterrorism can have a serious large-scale influence on significant numbers of people. It can weaken countries' economy greatly, thereby stripping it of its resources and making it more vulnerable to military attack.

Cyberterror can also affect internet-based businesses. Like brick and mortar retailers and service providers, most websites that produce income (whether by advertising, monetary exchange for goods or paid services) could stand to lose money in the event of downtime created by cyber criminals.

As internet-businesses have increasing economic importance to countries, what is normally cybercrime becomes more political and therefore "terror" related.

[edit] Examples of Cyber-Terrorism

One example of cyberterrorists at work was when crackers in Romania illegally gained access to the computers controlling the life support systems at an Antarctic research station, endangering the 58 scientists involved (Note: it is also argued that this is actually not a case of cyberterrorism, but rather a case of cybercrime, as cyberterrorism requires a political motive and not a primary focus on monetary gain). However, the culprits were stopped before damage actually occurred. Mostly non-political acts of sabotage have caused financial and other damage, as in a case where a disgruntled employee caused the release of untreated sewage into water in Maroochy Shire, Australia.[3] Computer viruses have degraded or shut down some non-essential systems in nuclear power plants, but this is not believed to have been a deliberate attack.

More recently, in May 2007 Estonia was subjected to a mass cyber-attack in the wake of the removal of a Russian World War II war memorial from downtown Talinn. The attack was a distributed denial of service attack in which selected sites were bombarded with traffic in order to force them offline; nearly all Estonian government ministry networks as well as two major Estonian bank networks were knocked offline; in addition, the political party website of Estonia's current Prime Minister Andrus Ansip featured a counterfeit letter of apology from Ansip for removing the memorial statue. Despite speculation that the attack had been coordinated by the Russian government, Estonia's defense minister admitted he had no evidence linking cyber attacks to Russian authorities. Russia called accusations of its involvement "unfounded," and neither NATO nor European Commission experts were able to find any proof of official Russian government participation.[1] In January 2008 a man from Estonia was convicted for launching the attacks against the Estonian Reform Party website and fined.[2][3]

In October 2007, the website of Ukrainian president Viktor Yushchenko was attacked by hackers. A radical Russian nationalist youth group, the Eurasian Youth Movement, claimed responsibility. [4]

Since the world of computers is ever-growing and still largely unexplored, countries new to the cyber-world produce young computer scientists usually interested in "having fun". Countries like China, Greece, India, Israel, and South Korea have all been in the spotlight before by the U.S. Media for attacks on information systems related to the CIA and NSA. Though these attacks are usually the result of curious young computer programmers, the United States has more than legitimate concerns about national security when such critical information systems fall under attack. In the past five years, the United States has taken a larger interest in protecting its critical information systems. It has issued contracts for high-leveled research in electronic security to nations such as Greece and Israel, to help protect against more serious and dangerous attacks.

In 1999 hackers attacked NATO computers. The computers flooded them with email and hit them with a denial of service (DoS). The hackers were protesting against the NATO bombings in Kosovo. Businesses, public organizations and academic institutions were bombarded with highly politicized emails containing viruses from other European countries.[5]

No physical harm or injury had been inflicted.[6]

[edit] Countering Cyber-Terrorism

The US Department of Defense charged the United States Strategic Command with the duty of combating cyber-terrorism. This is accomplished through the Joint Task Force-Global Network Operations (JTF-GNO). JTF-GNO is the operational component supporting USSTRATCOM in defense of the DoD's Global Information Grid. This is done by integrating GNO capabilities into the operations of all DoD computers, networks, and systems used by DoD combatant commands, services and agencies.

On November 2, 2006, the Secretary of the Air Force announced the creation of the Air Force's newest MAJCOM, the Air Force Cyber Command, which will be tasked to monitor and defend American interest in cyberspace. The AFCC will draw upon the personnel resources of the 67th Network Warfare Wing as well as other resources of the Eighth Air Force; it will be placed under the command of Lieutenant General Robert J. Elder, Jr. Designated to stand up around Summer 2007.

[edit] Cyber-Terrorism in Fiction

  • The Japanese cyberpunk manga, Ghost in the Shell (as well as its popular movie and TV adaptations) centers around an anti-cyberterrorism and cybercrime unit. In its mid-21st century Japan setting such attacks are made all the more threatening by an even more widespread use of technology including cybernetic enhancements to the human body allowing people themselves to be direct targets of cyberterrorist attacks.
  • Cyberterrorism was featured in Dan Brown's Digital Fortress.
  • Cyberterrorism was featured in Amy Eastlake's Private Lies.
  • In the Bruce Willis movie Live Free or Die Hard, Willis's character John McClane takes on a group of cyberterrorists intent on shutting down the entire computer network of the United States.

[edit] Reading List

  • Alexander, Yonah Swetman, Michael S. (2001). Cyber Terrorism and Information Warfare: Threats and Responses. Transnational Publishers Inc.,U.S.. ISBN 1-57105-225-9. 
  • Colarik, Andrew M. (2006). Cyber Terrorism: Political and Economic Implications. Idea Group,U.S.. ISBN 1-59904-022-0. 
  • Verton, Dan (2003). Black Ice: The Invisible Threat of Cyber-terrorism. Osborne/McGraw-Hill,U.S.. ISBN 0-07-222787-7. 
  • Weimann, Gabriel (2006). Terror on the Internet: The New Arena, the New Challenges. United States Institute of Peace,U.S.. ISBN 1-929223-71-4. 

[edit] See also

[edit] References

  1. ^ Estonia has no evidence of Kremlin involvement in cyber attacks
  2. ^ "Estonia fines man for 'cyber war'", BBC, 2008-01-25. Retrieved on 2008-02-23. 
  3. ^ Leyden, John (2008-01-24), “Estonia fines man for DDoS attacks”, The Register, <http://www.theregister.co.uk/2008/01/24/estonian_ddos_fine>. Retrieved on 22 February 2008 
  4. ^ Russian nationalists claim responsibility for attack on Yushchenko's Web site International Herald Tribune
  5. ^ http://www.cnn.com/TECH/computing/9905/10/hack.attack/
  6. ^ http://news.bbc.co.uk/2/hi/science/nature/308788.stm
  • Poulsen, Kevin (Aug 2004) “South Pole ‘cyberterrorist’ hack wasn’t the first” SecurityFocus News. Retrieved Mar 17, 2005 from the World Wide Web: http://www.securityfocus.com/news/9356.


[edit] External links

[edit] General

[edit] News