Cyber Terrorism Essay, Research Paper
It’s 8 a.m., morning rush hour in New York. People and cars move slowly and somewhat irritably toward the city. Suddenly, the power goes down and traffic lights cease working. Everything comes to a complete stop. Meanwhile, half way around the country, the water system malfunctions in Detroit. Then, in Dallas, air traffic becomes dangerously chaotic as guidance systems go offline. It seems like a series of unconnected events. But information security experts say it could also be the sign of a terrorist cyber-attack a well coordinated, extremely effective, and so anonymous it leaves its targets not quite sure what happened. While the above situation has never taken place, many industry experts say it could. In fact, they’re somewhat surprised it hasn’t already (Regan).
Cyber terrorism is the convergence of terrorism and cyberspace. It is generally understood to mean unlawful attacks and threats of attack against computers, networks, and the information stored within when done to intimidate a government or its people in furtherance of political or social objectives. Further, to qualify as cyber terrorism, an attack should result in violence against persons or property, or at least cause enough harm to generate fear. Attacks that lead to death or bodily injury, explosions, plane crashes, water contamination, or severe economic loss would be examples. Serious attacks against critical infrastructures could be acts of cyber terrorism, depending on their impact. Attacks that disrupt nonessential services or that are mainly a costly nuisance would not.
There is a lot of misinterpretation in the definition cyber-terrorism, the word consisting of familiar “cyber” and less familiar “terrorism”. While “cyber” is anything related to the computer trade, terrorism by nature is difficult to define. Even the U.S. government cannot agree on one single definition. The old saying, “One man’s terrorist is another man’s freedom fighter” is still alive and well.
Barry Collin, a senior researcher at the Institute for Security and Intelligence in California, who in 1997 was credited for creation of the term “Cyberterrorism”, defined cyber-terrorism as the union of cybernetics and terrorism. In the same year Mark Pollitt, special agent for the FBI, offers a working definition: “Cyberterrorism is the premeditated, politically motivated attack against information, computer systems, computer programs, and data which result in violence against noncombatant targets by sub national groups or clandestine agents” (Pollitt).
No other country or group can approach the US conventional weapon superiority. This is why many terrorists find information terrorism an attractive alternative to traditional forms of terrorism. Cyber terrorism allows terrorists both foreign and domestic to inflict damage with no harm to themselves and little chance of being caught. It is a way for the “weak” to attack the “strong,” particularly to disrupt a stronger force at a key time during an operation (Regan).
If you want to understand terrorism in the Information Age, you need to understand how it has changed since the 1970s, says Harvey Kushner, chairman of the criminal-justice department at Long Island University and an expert on terrorism.
“We have moved away from state-sponsored terrorism,” Dr. Kushner says. “The old model of the hierarchical or ‘organized crime’ group, no longer exists. These days, terrorists move in loose groups, constellations with free-flowing structures. So these days terrorism – both the traditional kind and cyber terrorism is more the act of the freelancer or the individual. This is true both internationally and nationally” (Kushner).
This doesn’t mean states don’t play a role in cyber-terrorism, Kushner says. It’s just different from the one they played in the past.
“States find ways to encourage this behavior. They will use incendiary rhetoric to inflame passions. This will enrage some freelancer, who will then commit an act of cyber terrorism. The Chinese hacker attacks on US targets after the bombing of the Chinese Embassy in Belgrade are a perfect example. And it comes at no cost to the state, which can say it had nothing to do with the attack” (Kushner).
Who are cyber-terrorists? About 90% of all hacking or illegal computer access is done by amateur hackers. Those teenagers you see and read about on the news that get caught for credit card fraud or try to change their school grades. The real threat lies in the remaining 10% who are highly trained and sometimes highly financed cyber-terrorists. Cyber-terrorist threats come from many different directions. Cyber terrorists can attack remotely, or internally such is the case with irritated employee cyber attacks. Cyber-terrorists can also use the Internet to spread the word and recruit for their cause, as in the case of Neo-Nazi groups. Cyber-terrorists can also be industrial espionage experts using computers to gather private information and sell it to a corporation’s rival.
Mr. Adams head of Infrastructure Defense, an organization founded to help governments and businesses deal with cyber-warfare and terrorism says cyber-terrorism is likely to be committed by Russian organized crime, Neo Nazi groups, hate groups and very well organized terrorist groups to name but a few examples (The Next World War).
These groups tend to work in the loose manner Kushner describes, and detailed in a 1999 report on cyber-terrorism, “Countering the New Terrorism,” by the Rand Corp. It describes the structure of these new-networked organizations as “SPIN”: segmented, polycentric, ideologically integrated networks. These SPIN groups are not just using the computers to launch attacks, but also to coordinate their activities. The Rand report says that the Saudi religious extremist Osama bin Laden’s organization appears to have widely adapted information technology. Egyptian members of Mr. bin Laden’s network are said to have helped devise a communications network that relies on the Web, e-mail, and electronic bulletin boards so that members can exchange information without running a major risk of being caught by US counter terrorism organizations.
With the availability of desirable targets via cyberspace, terrorists are likely to choose to employ electronic attacks only if the reachable assets are attractive targets, and as infrastructure industries continue to modernize their information systems to take advantage of the benefits of information technology, the potential threat of a cyber attack becomes more immanent.
“Cyber-terrorism a result of the Internet,” says Ed Roche of The Concours Group, an international firm that studies Internet security issues. “Terrorism certainly existed before the Internet, but in order to do it, you had to be there. With the Internet, a group in, say, Madras, India, can bring down Con-Ed” (Rgan). Dr. Roche, who believes there will be a major cyber-terrorist attack on the US in the next two years, says it is corporate, rather than government, information structures that are most at risk. “In cyber-terrorism the main goal will be disruption, rather than destruction,” Prof. Harknett says. “In societies highly reliant on information systems, disruption to those systems can cause short-term inconvenience, but more importantly, long-term loss of confidence in the viability of those systems. Will the US retaliate with military means if ATM banking in New York City is disrupted monthly through repeated attacks? At what point will people begin to question the reliability of digitized banking? How many disruptions will it take?” (Harknett)
A great possibility exists that foreign or even domestic terrorists could in the next few years cause massive disruptions to U.S. information systems and networks, experts warn. Attacks have already shut down Internet service providers across the country several times and there have been hundreds of thousands of attempted intrusions into military systems in recent years. A successful attack could cause massive failure of such crucial elements as banking and the financial markets, transportation systems, the power grid or telecommunications. Experts previously estimated that such a prospect was 10 years away. Now they say such a calamity could be no more than a few years off.
According to Barry C. Collin A Cyber Terrorist could remotely access the processing control systems of a cereal manufacturer, change the levels of iron supplement, and sicken and kill the children of a nation. Also a perspective terrorist could then perform similar remote alterations at a processor factory of infant formula. The point is the Cyber terrorist does not have to be at the factory to execute these acts. A Terrorist will disrupt the banks, the international financial system and the stock exchanges, which would cause complete financial mayhem around the world and loss of billions. Other objectives of a cyber terrorist would be to disrupt air traffic control systems causing air collision, and military installations, In effect, the CyberTerrorist will make certain that the population of a nation will not be able to eat, to drink, to move, or to live. In addition, the people charged with the protection of their nation will not have warning, and will not be able to shut down the terrorist, since that CyberTerrorist is most likely on the other side of the world. (B. Collin)
The tools for cyber-terrorists are software programs. Such software includes computer viruses, Trojan horses, worms, logic bombs, and eavesdropping sniffers. High tech hardware can also be used to disrupt computer systems. Examples of these high tech weapons are high-energy radio frequency weapons, electromagnetic pulse weapons, radio frequency jamming weapons, or radio frequency interception equipment. This kind of high tech hardware can be used to destroy property and data, corrupt the quality of data, interfere with communications and navigational systems, or even block those services altogether.
We are at risk. America depends on computers. They control power delivery, communications, aviation, and financial services. They are used to store vital information, from medical records to business plans, to criminal records. Although we trust them, they are vulnerable — to the effects of poor design and insufficient quality control, to accident, and perhaps most alarmingly, to deliberate attack. The modern thief can steal more with a computer than with a gun. Tomorrow’s terrorist may be able to do more damage with a keyboard than with a bomb” (National Research Council).
Perhaps the most remarkable thing about the words quoted is that they were written almost at the dawn of the Information Age. Until recently, we have given them little though. The United States, and the rest of the world, continues to move at a tremendous pace into the information revolution, information technology is making it s self at home in the very fabric of our society and our economy. In a very real sense, the “Information Superhighway” has become the economic lifeblood of our nation.
While leading the world into the Information Age, at the same time the United States has become uniquely dependent on information technology the computers and the global network that connect them together. This dependency has become a clear and convincing threat to our economic well being, our public safety, and our national security.
The world’s networks, referred to by many as “cyberspace,” know no physical boundaries. Our increasing connectivity to and through cyberspace increases our exposure to traditional adversaries and a growing body of new ones. Terrorists, radical groups, narcotics traffickers, and organized crime will join undesirable nations in making use of a rapidly increasing array of sophisticated information attack tools. Information attacks can supplement or replace traditional military attacks, greatly complicating and expanding the vulnerabilities we must anticipate and counter. The resources at risk include not only information stored on or passing through cyberspace, but all of the components of our national infrastructure that depend upon information technology and the timely availability of accurate data. These include the telecommunications infrastructure itself, our banking and financial systems, the electrical power system, other energy systems, such as oil and gas pipelines, our transportation networks, water distribution systems, medical and health care systems; emergency services, such as police, fire, and rescue, and government operations at all levels.
On May 22, 1998, the president signed Presidential Decision Directive 63 (PDD-63) on Critical Infrastructure Protection. In it he states: “I intend that the United States will take all necessary measures to swiftly eliminate any significant vulnerability to both physical and cyber attacks on our critical infrastructures, including especially our cyber systems (Clinton 1998).
The national goal is that by no later than the year 2000, the United States shall have achieved an initial operating capability and no later 2005 the United States shall have achieved and shall maintain the ability to protect our nation’s critical infrastructures. Achieving this goal will be a considerable undertaking, requiring a cooperative effort between the government and the private sector. The PDD directs the federal government to lead by example in assuring the strength of federal systems, but also makes it clear that the public sector cannot solve the problem independently. Every federal department and agency is highly dependent on the services provided by the private sector power, telecommunications, transportation, etc. Thus, the PDD anticipate a Public-Private Partnership to develop and employ a comprehensive National Infrastructure Assurance Plan, to deal with the threat of cyber terrorism. The challenge is how to get the private sector to engage in an infrastructure undertaking form a national viewpoint. In today’s highly competitive environment, the private sector is driven to achieve market advantage including driving down operating costs to increase profits. Enhanced cyber protection measures will require both expanded investment and collaboration with competitors.
Any strategy to strengthen the physical condition of our critical infrastructures must contain three basic elements, increased protection against cyber attack, the ability to detect when an attack is occurring, and the capability to respond and recover when an attack is detected.
Increased protection against cyber attack is founded upon encryption technology including digital signatures to provide the authentication, integrity, privacy and confidentiality services necessary for information guarantee. Encryption is applied to desktops, file servers, and across networks to assure the privacy of sensitive government, business, and personal information. Given the coming of age of encryption technology, the remaining challenge is to apply the technology in a consistent and successful way to all of our critical infrastructures. Public Key Infrastructure (PKI) services are now emerging in the private sector to meet the demands of global electronic commerce and can be upgraded to support critical infrastructure protection.
Presently the United States has little ability to detect or recognize a cyber attack against either government or the private sector, and even less capability to react. Another setback is that many companies in private sector are reluctant to share information about computer interference, fearing adverse press coverage and public reaction. To build an effective national cyber defense capability, new rules of engagement must be developed to allow open and active collaboration among the private sector, the law enforcement community, and the national security community.
In the Information Age, the National Security Agency’s traditional missions of Signals Intelligence and Information Systems Security are evolving into one of providing information superiority for the United States and its allies. Central to this is an in-depth understanding of the Global Information Infrastructure and the vulnerabilities of networked information systems to cyber attack. On the defensive side of this mission, the NSA has undertaken a series of ventures to provide the technical foundation to protect our critical infrastructures.
As mentioned earlier, encryption technology has become widely available in the commercial marketplace and is the basic foundation for protecting information systems from cyber attack. The bad news is that the many products available do not securely integrate with each other and are of varying strengths, and that there are many and often confusing ways to apply encryption. As an example, there is e-mail encryption, file encryption, web encryption, link encryption, and virtual private network encryption, just to name a few. To remedy this situation, the NSA has formed a partnership with the leading suppliers of security enabling information technology to develop a common outline for encryption services. This framework defines a dependable way to apply encryption technology; and how encryption interacts with and supports other security related technologies and products, e.g. firewalls, servers, routers, operating systems, intrusion detection and public infrastructure services.
Another problem is the varying degrees of durable of many security products in the marketplace. To address this issue, the NSA has formed a partnership with the National Institute for Standards and Technology (NIST). Under this arrangement, the NSA and the NIST will certify commercial laboratories to evaluate commercial security products, either to validate the vendor’s security claims, and test compliance with the requirements of the networks security framework. Testing of the products will be done by the certified laboratories on a fee-for-service basis, with cost and schedule negotiated between the lab and the product vendor.