Cyberterrorism Today and Tomorrow

Summary of cyber crime

Many people argue that the current threat of cyber terrorism has been highly exaggerated. The U.S defence and intelligence computer system have claimed that there has been no instance of cyber terrorism recorded. However, why would the U.S defence intelligence ever admit attacks and portray vulnerability to enemy terrorists? The vast majority of cyber terrorist attacks actually come from ‘hackers’ with virtually no political goals or desire to cause internal harm such as an extremist terrorist.

So why has this become such a moral panic?

The media seem to fail to explain the difference between an actual cyber terrorist attack and a simply computer ‘hacker’. An example of this occurred within The Sun newsagent on Wednesday, June 22nd, 2011 the headlines wrote ‘Hack the Lad Essex geek, 19, arrested for being global cyber villain (Weimann, G.2004)

Nevertheless, many other experts argue that due to the increasing advancements in information technology in general, we have to accept that cyber terrorism is only going to increase and become even more popular in the future. Cyber terrorism can occur at relatively low costs and the simplicity of attacks can generalise too many criminal organisations, not to mention that the number of highly skilled professionals in the computer field is increasing through the generations.

To finish I would defiantly consider cyber terrorism to be a highly significant problem , considering cyber terrorists are experts within their field while keeping anonymity central to their operations, how can we reduce the problem if we don’t know who the people responsible are? I consider many cyber terrorists are being naively mistaken for hackers. Cyber terrorist are targeting critical infrastructure, such as financial, military and governmental sectors, while using the internet as a propaganda tool to introduce other cyber terrorists to their organisation (Awan, I.2014).

Reference List

Awan, I. (2014). Debating the term cyber terrorism: issues and probelms. Cyber Terrorism. 1 (1), p14.

Weimann, G. (2004). Cyber Terrorism: How real is the threat. Cyber Terrorism. 2 (4), p133.

Standard

Defending against the new terrorism

It is unquestionable that cyber terrorism is gaining widespread attention nowadays due to the increasing amount of coverage being given to the subject by the media and other institutions especially those from the public and private sectors (Bosch, O.2003).

The problem when defending against cyber terrorism attacks is there are no universal safeguards. There are still major disagreements on what cyber terrorism is. Truthfully there are no factual rules that will prevent cyber terrorism from occurring; however there are some steps which can prevent and reduce the risks of potential attacks occurring.

Develop Best Security Practices

Organisations and other government agencies should ensure that they develop the best security procedures and measurements that are best suited to their own operations. Organisations should secure there information by security applications such as firewalls, intrusion detection systems and anti-virus software. Government agencies and other organisations which could come under cyber-attack should deploy both network and host based IDS (inspects all inbound and outbound network activity and identifies suspicious patterns). Along with technological software to reduce the chances of cyber- attacks there should also be personal assignment to monitor, record all suspicious activity (Jalil, S.2003).

Recovery Plans

It is essential that organisations that would be a central target for cyber terrorists to have in place recovery plans for all of the data they have virtually stored. These agenises should include incident response activities which should be rehearsed and tested regularly to safeguard the effectiveness (Jalil, S.2003).

 

Stricter Cyber Laws

An additional deference procedure which interestingly does not involve any technological hardware, however, requires assistance from the government is strengthening of cyber-criminal laws. The government can help in regulating cyber terrorism attacks by implementing and revising new cyber laws that will punish cyber terrorists more heavily if they have involved in terrorist activities (Jalil, S.2003).

Conversely, due to cyber terrorism being a relatively new form of criminal activity it makes the process of defending against cyber-attacks much harder. It is widely accepted in many government organisations that defending against cyber terrorism is not a one step process. Organisations will have to come to an understanding to why cyber-attacks are occurring and the effects it has on organisations and society to ever have a chance of protecting themselves from cyber terrorists.

 

Reference List

 

Bosch, O. (2003). Defending against cyber terrorism:. Cyber Terrorism. 1 (1), p10.

Jalil, S. (2003). Countering Cyber Terrorism Effectively. Cyber Terrorism. 1 (2), p45.

Standard

The Original Logic Bomb

Previous blogs have discussed how cyber terrorism works, who cyber terrorists target and what public opinions of cyber terrorism are. When considering past cases of cyber terrorist attacks arguably the most notorious attacks was during the cold war in 1982, the CIA allegedly found a way to disrupt the operation of a Siberian gas pipeline to Russia without using traditional explosive devices such as missiles or bombs. Instead, they caused the Siberian gas pipeline to explode using a portion of a code in the computer system that controls its operation in what they tagged as “logic bomb.”

When many people think of Siberia, they imagine freezing temperatures and enormous wasteland, however, Siberia contains a huge supply for natural gas. Conversely, getting this natural gas from the far reaches of the Russian northwest into Moscow posed problematic. The Soviet Union had the skills and knowledge to engineer a solution, although a manual operation would stand to strenuous. Furthermore the Soviet Union did not have the computing expertise to automate more of the processes. Consequently, the KGB (Committee for State Security) sent an operative to a Canadian company to steal the software in order to create the pipeline.

October 1982, the pipeline exploded ‘a bizarre event out in the middle of Soviet nowhere’ (Reed, T.2004). Reed estimated that ‘one-seventh the magnitude of the atomic bombs dropped on Japan during World War II’.

What caused the explosion?

There have been numerous claims suggesting that the CIA where heavily involved in the “logical bombing: of the Siberian pipeline. A year or so after the explosion a KGB spy called Vladimir Vetrov, charged with stealing the secrets of Western technology. In 1981, Vladimir supposedly passed classified documents to French spy who then shared this information with the CIA. The CIA then detected that the Soviet Union had infiltrated American laboratories and government agencies. This generated one of the most successful counter-intelligence in the U.S cold war history.(Reed, T.2004), explained “the pipeline software that was to run the pumps, turbines, and valves was programmed to go haywire, after a decent interval, to reset pump speeds and valve settings to produce pressures far beyond those acceptable to the pipeline joints and welds.”

However, according to an informed source from one of the three-letter agencies, that explosion had nothing to do with CIA sabotage and everything to do with a Russian engineer who, when discovering a leak in the pipeline, simply kept increasing pressure to maintain the flow of natural gas (Carr, J.2012)

Interestingly, The CIA called in Gus Weiss, to put in a Trojan horse into the software that the KGB was trying to steal and then, let them steal it. Gus died in 2003 which was ruled a suicide. Nevertheless, the Independent claimed that his death was surrounded by “mysterious circumstances” (Lichfield, J.2009).

It is extremely difficult to come to an absolute understanding of what actually caused the Siberian pipeline explosion. There have been numerous claims suggesting that the CIA were involved in the explosion. However, much like any other government classified cases the public have been shadowed. I am completely doubled minded in what to believe is the truth, when considering a technical fault was the cause of the explosion this can be believable as technical faults can always occur. Then again there have been a widespread of rumours targeting the CIA, even considering them to be the developer of the AIDS virus intending it to be a biological weapon. Inevitably, the real cause of the Siberian gas pipeline explosion may never be revealed to the public, only the government agencies involved or the technical engineers involved will ever know.

Reference list

Carr ,J. (2012). The Myth of the CIA and the Trans-Siberian Pipeline Explosion . Available: http://jeffreycarr.blogspot.co.uk/2012/06/myth-of-cia-and-trans-siberian-pipeline.html.

Lichfield, J. (2009). How the Cold War was won… by the French . Available: http://www.independent.co.uk/news/world/politics/how-the-cold-war-was-won-by-the-french-1788720.html.

Reed, T (2004). At the Abyss: An Insider’s History of the Cold War. New York: Ballantine Books. p.102.

Standard

How much of a threat is cyberterrorism? Is the public fully aware of this treat?

Cybercrime is frequently highlighted within the news media for the public to understand how much of a modern threat cyber terrorism is becoming, but how much information does the public really know about cyber terrorism?

Stuart Macdonald and Lella Nouri published an article called ‘The Cyberterrorism Project’, were they partly explored the public’s current knowledge on the issue of cyberterrorism. I decided to conduct a small-scale research questionnaire around the University of Winchester so I could make comparisons between the two research report findings.

Stuart Macdonald and Lella Nouri gathered findings from a survey of 118 researches working across 24 different countries and six continents. The researches asked three questions related to public Knowledge and cybercrime.

  1. In your view, does cyberterrorism constitute a significant threat? If so, against whom or what?

58% of respondents said ‘yes’ cyberterrorism is posing as a significant threat. Respondents also said that cyber-attacks were predominantly against the government or the state of a country.

   2. With reference to your previous responses, do you consider that a cyberterrorism attack has ever taken place?

Out of 110 responses 51% said that an act if cyberterrorism has never occurred before, whereas 49% of respondents declared that a form of cyberterrorism has happened before. Respondents who believed that a form of cyberterrorism had occurred before used examples of attacks on Iran and Pakistan.

  3. What are the most effective countermeasures against cyberterrorism?

Respondents were given four options of effective countermeasures. The results are shown below (Macdonald, S & Nouri, L. (2014).

  • Same strategies, different methods- 18%
  • Greater technical expertise required- 17%
  • Greater role of the Private sector- 5%
  • Greater role for individual citizens- 2%

Although the research I conducted was nowhere near the scale of which Macdonald and Nouri gathered there were some parallels in the quantitative data gathered. Similarly I asked students three questions about their views on cyberterrorism; however I altered the questions to become more basic and straightforward. Twenty students from the University of Winchester were involved in my small research report.

1. Do you think that cyberterrorism is a major danger? If so to who?

6/20 respondents 30% said they did think that cyberterrorism was a major danger. When responding to whom, participant’s majority stated that cyberterrorism is a danger to the general public. Examples where mainly aimed towards acts of fraud. The other 70% of respondents said that cyberterrorism was not a major danger.

2. In relation to the first question do you think that a cyberterrorism attack has ever happened before?

Parallel to the results from question one 30% of respondents said that acts of cyberterrorism has occurred before, and 70% of respondents believed that no acts of cyberterrorism has ever took place.

3. What do you think would be the best way to prevent cyberterrorism from happening?

  • Same strategies, different methods- 65%
  • Greater technical expertise required- 30%
  • Greater role of the Private sector- 5%
  • Greater role for individual citizens- 0%

The most surprising results that initiated me into doing my miniature research report was in Macdonald and Nouri’s findings, there was an even 50/50 split on whether the public believed that cyberterrorism has actually has happened before. Although it may be bias coming from a student who is currently undertaking a criminology degree, it’s difficult to come to terms with the percentage that 50% of people who undertook the research project did not consider there ever to be a cyberterrorism attack.

When comparing the findings from both Macdonald and Nouri’s findings and my own, the first question differs in responses. In Macdonald and Nouri’s findings 58% of respondents stated that they did believe cyberterrorism to constitute a significant threat. Whereas, in my findings 30%, 6/20 students believed that cybercrime could be a potential danger. Although there are numerous weaknesses of the research I conducted such as the lack of generalizability, again, similar to Macdonald and Nouri’s findings a huge percentage of the participants involved did not contemplate cyberterrorism to be a threat. Again with questions two and three both sets of findings closely interlink, adding together the presumption that a large number of the public are uniformed of the problems that cyberterrorism poses or are unaware that cyberterrorism even exists.

However although the majority of the findings represented that the respondents were uninformed about cyberterrorism, they may have misunderstood the specificity of cyberterrorism in relation to all general cybercrime. Cyberterrorism has been portrayed within widespread media, social networking sites and Hollywood blockbuster films so the findings gathered are hard to believe that around 50% of the public have no idea about cyberterrorism.

Reference list

Macdonald, S & Nouri, L. (2014). The Cyberterrorism Project. How much of a threat is cyberterrorism?. `1 (2), p5-8.

Standard

Indroducing Cyber Terrorism

President Obama (2009)’It’s about the privacy and the economic security of American families. We rely on the Internet to pay our bills, to bank, to shop, to file our taxes. But we’ve had to learn a whole new vocabulary just to stay ahead of the cyber criminals who would do us harm — spyware and malware and spoofing and phishing and botnets. Millions of Americans have been victimized, their privacy violated, their identities stolen, their lives upended, and their wallets emptied. According to one survey, in the past two years alone cybercrime has cost Americans more than $8 billion’ (The White House Office of the press security, 2009). Cyber warfare is defined as an ‘Internet-based conflict involving politically motivated attacks on information and information systems. Cyber warfare attacks can disable official websites and networks, disrupt or disable essential services, steal or alter classified data, and cripple financial systems among many other possibilities’ (Oxford, 2014).

How does cyber warfare Work

Cyber warfare launches when ‘hackers’ commonly in the military of a nation or supported by the state, attack computer networks that are involved with sensitive resources within a country. The hackers would learn as much as they could about the system they are targeting, focusing on exploiting the flaws in the system in order to gain control or to destroy it (Rid, T. 2013).

Who does it target?

Cyber Warfare will target any ‘sensitive industry in its opponent’s infrastructure’, these would include most military defences and weapon manufactures. Cyber terrorists will also target civilian factories that make weapons and other military equipment. However cyber criminals don’t primarily focus on attacking opposing government agencies they also target ‘the most important strategic asset a country has: its population’ (Brenner, S 2010). Cyber terrorists would focus on crippling the major financial sectors which would cause colossal damage to the country’s economy (Brenner, S & Clarke, L. (2010).

Interest

Cyber warfare is of particular interest to me because when the term ‘terrorist’ becomes mediatized I automatically think of a physical actions of terrorism, such as the September 11 attack or the Boston marathon bombings. Personally I was unaware that cyber terrorism occurred so often virtually via computer technology. I find it interesting that forms of terrorism can evolve, in this present time ‘cyber terrorism is, to be sure, an attractive option for modern terrorists, who value its anonymity, its potential to inflict massive damage, its psychological impact, and its media appeal’ (Weimann, G (2004). ‘So a new world awaits — a world of greater security and greater potential prosperity — if we reach for it, if we lead. So long as I’m President of the United States, we will do just that. And the United States — the nation that invented the Internet, that launched an information revolution, that transformed the world — will do what we did in the 20th century and lead once more in the 21st’ (Obama, B (2009).

Reference list

Brenner,S & Clarke, L. (2010). Homeland Security. Civilians in Cyberwarfare:Conscripts. 1 (2), p15-16.

Oxford Dictionary. (2014). Oxford Dictionary. Available: http://www.oxforddictionaries.com/definition/english/cyberwar. Rid, T. (2013).

Cyberwar and Peace. Hacking Can Reduce Real-World Violence. 1 (7), p58-60.

The White House Office of the press security. (2009). Remarks by the President on Securing Our Nation’s Cyber Infrastructure. Available: http://www.whitehouse.gov/video/President-Obama-on-Cybersecurity#transcript.

Weimann, G. (2004). The United States Institution of Peace. Cyber-terrorism: How real is the threat. 119 (1.3), p6-7.

Standard