Cyberterrorism is the use of the Internet to conduct violent acts that result in or threaten the loss of life or significant bodily harm in order to achieve political gains through intimidation. It is also sometimes considered the act of Internet terrorism in terrorist activities, including acts of deliberate, large-scale disruption of computer networks, especially of personal computers attached to the Internet, by the means of tools such as computer viruses.
Contents
- Broad definition
- Types of cyberterror capability
- Concerns
- History
- US militaryProtections against Cyberterrorism
- Estonia and NATO
- China
- Pakistan
- Examples
- Sabotage
- Website defacement and denial of service
- In fiction
- References
Cyberterrorism is a controversial term. Some authors choose a very narrow definition, relating to deployments, by known terrorist organizations, of disruption attacks against information systems for the primary purpose of creating alarm and panic. Some other authors choose a much too broad definition which tends to falsely include cybercrime when in reality, cyberterrorism and cybercrime are two very different issues and must be defined separately. Terrorism online should be considered cyberterrorism when there has been fear inflicted on a group of people, whereas cybercrime is the act of committing a felony or crime online typically without the use of fear. By these narrow and broad definitions, it is difficult to identify which instances of online terrorism are cyberterrorism or cybercrime.
Cyberterrorism can be also defined as the intentional use of computer, networks, and public internet to cause destruction and harm for personal objectives. Experienced cyberterrorists who are very skilled in terms of hacking can deal massive damage to government systems, hospital records, and national security programs, often which leaves a country in turmoil and in fear of further attacks. The objectives of such terrorists may be political or ideological since this can be seen as a form of terrorism.
There is much concern from government and media sources about potential damages that could be caused by cyberterrorism, and this has prompted efforts by government agencies such as the Federal Bureau of Investigations (FBI) and the Central Intelligence Agency (CIA) to put an end to cyber attacks and cyberterrorism.
There have been several major and minor instances of cyberterrorism. Al-Qaeda utilized the internet to communicate with supporters and even to recruit new members. Estonia, a Baltic country which is constantly evolving in terms of technology, became a battleground for cyberterror in April, 2007 after disputes regarding the removal of a WWII soviet statue located Estonia's capital Tallinn.
There is debate over the basic definition of the scope of cyberterrorism. There is variation in qualification by motivation, targets, methods, and centrality of computer use in the act. Depending on context, cyberterrorism may overlap considerably with cybercrime, cyberwar or ordinary terrorism. Eugene Kaspersky, founder of Kaspersky Lab, now feels that "cyberterrorism" is a more accurate term than "cyberwar." He states that "with today's attacks, you are clueless about who did it or when they will strike again. It's not cyber-war, but cyberterrorism." He also equates large-scale cyber weapons, such as the Flame Virus and NetTraveler Virus which his company discovered, to biological weapons, claiming that in an interconnected world, they have the potential to be equally destructive.
If cyberterrorism is treated similarly to traditional terrorism, then it only includes attacks that threaten property or lives, and can be defined as the leveraging of a target's computers and information, particularly via the Internet, to cause physical, real-world harm or severe disruption of infrastructure.
There are some who say that cyberterrorism does not exist and is really a matter of hacking or information warfare. They disagree with labelling it terrorism because of the unlikelihood of the creation of fear, significant physical harm, or death in a population using electronic means, considering current attack and protective technologies.
If a strict definition is assumed, then there have been no or almost no identifiable incidents of cyberterrorism, although there has been much public concern.
However, there is an old saying that death or loss of property are the side products of terrorism, the main purpose of such incidents is to create terror in peoples mind. If any incident in the cyber world can create terror, it may be called a Cyber-terrorism.
Broad definition
Cyberterrorism is defined by the Technolytics Institute as "The premeditated use of disruptive activities, or the threat thereof, against computers and/or networks, with the intention to cause harm or further social, ideological, religious, political or similar objectives. Or to intimidate any person in furtherance of such objectives." The term appears first in defense literature, surfacing in reports by the U.S. Army War College as early as 1998.
The National Conference of State Legislatures, an organization of legislators created to help policymakers with issues such as economy and homeland security defines cyberterrorism as:
[T]he use of information technology by terrorist groups and individuals to further their agenda. This can include use of information technology to organize and execute attacks against networks, computer systems and telecommunications infrastructures, or for exchanging information or making threats electronically. Examples are hacking into computer systems, introducing viruses to vulnerable networks, web site defacing, Denial-of-service attacks, or terroristic threats made via electronic communication.
For the use of the Internet by terrorist groups for organization, see Internet and terrorism.
Cyberterrorism can also include attacks on Internet business, but when this is done for economic motivations rather than ideological, it is typically regarded as cybercrime.
Cyberterrorism is limited to actions by individuals, independent groups, or organizations. Any form of cyber warfare conducted by governments and states would be regulated and punishable under international law.
As shown above, there are multiple definitions of cyber terrorism and most are overly broad. There is controversy concerning overuse of the term and hyperbole in the media and by security vendors trying to sell "solutions".
Types of cyberterror capability
The following three levels of cyberterror capability is defined by Monterey group
Concerns
As the Internet becomes more pervasive in all areas of human endeavor, individuals or groups can use the anonymity afforded by cyberspace to threaten citizens, specific groups (i.e. with membership based on ethnicity or belief), communities and entire countries, without the inherent threat of capture, injury, or death to the attacker that being physically present would bring. Many groups such as Anonymous, use tools such as denial-of-service attack to attack and censor groups who oppose them, creating many concerns for freedom and respect for differences of thought.
Many believe that cyberterrorism is an extreme threat to countries' economies, and fear an attack could potentially lead to another Great Depression. Several leaders agree that cyberterrorism has the highest percentage of threat over other possible attacks on U.S. territory. Although natural disasters are considered a top threat and have proven to be devastating to people and land, there is ultimately little that can be done to prevent such events from happening. Thus, the expectation is to focus more on preventative measures that will make Internet attacks impossible for execution.
As the Internet continues to expand, and computer systems continue to be assigned increased responsibility while becoming more complex and interdependent, sabotage or terrorism via the Internet may become a more serious threat and is possibly one of the top 10 events to "end the human race." The Internet of Things promises to further merge the virtual and physical worlds, which some experts see as a powerful incentive for states to use terrorist proxies in furtherance of objectives.
Dependence on the internet is rapidly increasing on a worldwide scale, creating a platform for international cyber terror plots to be formulated and executed as a direct threat to national security. For terrorists, cyber-based attacks have distinct advantages over physical attacks. They can be conducted remotely, anonymously, and relatively cheaply, and they do not require significant investment in weapons, explosive and personnel. The effects can be widespread and profound. Incidents of cyberterrorism are likely to increase. They will be conducted through denial of service attacks, malware, and other methods that are difficult to envision today.
In an article about cyber attacks by Iran and North Korea, the New York Times observes, "The appeal of digital weapons is similar to that of nuclear capability: it is a way for an outgunned, outfinanced nation to even the playing field. 'These countries are pursuing cyberweapons the same way they are pursuing nuclear weapons,' said James A. Lewis, a computer security expert at the Center for Strategic and International Studies in Washington. 'It’s primitive; it’s not top of the line, but it’s good enough and they are committed to getting it.'"
History
Public interest in cyberterrorism began in the late 1980s, when the term was coined by Barry C. Collin. As 2000 approached, the fear and uncertainty about the millennium bug heightened, as did the potential for attacks by cyber terrorists. Although the millennium bug was by no means a terrorist attack or plot against the world or the United States, it did act as a catalyst in sparking the fears of a possibly large-scale devastating cyber-attack. Commentators noted that many of the facts of such incidents seemed to change, often with exaggerated media reports.
The high-profile terrorist attacks in the United States on September 11, 2001 and the ensuing War on Terror by the US led to further media coverage of the potential threats of cyberterrorism in the years following. Mainstream media coverage often discusses the possibility of a large attack making use of computer networks to sabotage critical infrastructures with the aim of putting human lives in jeopardy or causing disruption on a national scale either directly or by disruption of the national economy.
Authors such as Winn Schwartau and John Arquilla are reported to have had considerable financial success selling books which described what were purported to be plausible scenarios of mayhem caused by cyberterrorism. Many critics claim that these books were unrealistic in their assessments of whether the attacks described (such as nuclear meltdowns and chemical plant explosions) were possible. A common thread throughout what critics perceive as cyberterror-hype is that of non-falsifiability; that is, when the predicted disasters fail to occur, it only goes to show how lucky we've been so far, rather than impugning the theory.
In 2016, for the first time ever, the Department of Justice charged Ardit Ferizi with cyberterrorisim. He is accused of allegedly hacking into a military website and stealing the names, addresses, and other personal information of government and military personnel and selling it to ISIS
U.S. military/Protections against Cyberterrorism
The US Department of Defense (DoD) charged the United States Strategic Command with the duty of combating cyberterrorism. This is accomplished through the Joint Task Force-Global Network Operations, which is the operational component supporting USSTRATCOM in defense of the DoD's Global Information Grid. This is done by integrating GNO capabilities into the operations of all DoD computers, networks, and systems used by DoD combatant commands, services and agencies.
On November 2, 2006, the Secretary of the Air Force announced the creation of the Air Force's newest MAJCOM, the Air Force Cyber Command, which would be tasked to monitor and defend American interest in cyberspace. The plan was however replaced by the creation of Twenty-Fourth Air Force which became active in August 2009 and would be a component of the planned United States Cyber Command.
On December 22, 2009, the White House named its head of Computer security as Howard Schmidt to coordinate U.S Government, military and intelligence efforts to repel hackers. He left the position in May, 2012. Michael Daniel was appointed to the position of White House Coordinator of Cyber Security the same week and continues in the position during the second term of the Obama administration.
More recently, Obama signed an executive order to enable the US to impose sanctions on either individuals or entities that are suspected to be participating in cyber related acts. These acts can be threats to our national security, financial issues or foreign policy issues.
Estonia and NATO
The Baltic state of Estonia was target to a massive denial-of-service attack that ultimately rendered the country offline and shut out from services dependent on Internet connectivity in April 2007. The infrastructure of Estonia including everything from online banking and mobile phone networks to government services and access to health care information was disabled for a time. The tech-dependent state experienced severe turmoil and there was a great deal of concern over the nature and intent of the attack.
The cyber attack was a result of an Estonian-Russian dispute over the removal of a bronze statue depicting a World War II-era Soviet soldier from the center of the capital, Tallinn. In the midst of the armed conflict with Russia, Georgia likewise was subject to sustanined and coordinated attacks on its electronic infrastructure in August 2008. In both of these cases, circumstantial evidence point to coordinated Russian attacks, but attribution of the attacks is difficult; though both the countries blame Moscow for contributing to the cyber attacks, proof establishing legal culpability is lacking.
Estonia joined NATO in 2004, which prompted NATO to carefully monitor its member state's response to the attack. NATO also feared escalation and the possibility of cascading effects beyond Estonia's border to other NATO members. In 2008, directly as a result of the attacks, NATO opened a new center of excellence on cyberdefense to conduct research and training on cyber warfare in Tallinn.
The chaos resulting from the attacks in Estonia illustrated to the world the dependence countries had on information technology. This dependence then makes countries vulnerable to future cyber attacks and terrorism.
China
The Chinese Defense Ministry confirmed the existence of an online defense unit in May 2011. Composed of about thirty elite internet specialists, the so-called "Cyber Blue Team," or "Blue Army," is officially claimed to be engaged in cyber-defense operations, though there are fears the unit has been used to penetrate secure online systems of foreign governments.
Pakistan
Pakistan Government has also taken steps to curb the menace of cyber terrorism and extremist propaganda. National Counter Terrorism Authority (Nacta) is working on joint programs with different NGOs and other cyber security organizations in Pakistan to combat this problem. Surf Safe Pakistan is one such example. Now people in Pakistan can report extremist and terrorist related content online on Surf Safe Pakistan portal. Tier3 Cyber Security services Pakistan led the development of the Surf Safe Portal. The National Counter Terrorism Authority (NACTA) provides the Federal Government's leadership for the Surf Safe Campaign.
Examples
An operation can be done by anyone anywhere in the world, for it can be performed thousands of miles away from a target. An attack can cause serious damage to a critical infrastructure which may result in casualties. Attacking an infrastructure can be power grids, monetary systems, dams, media, and personal information.
Some attacks are conducted in furtherance of political and social objectives, as the following examples illustrate:
Sabotage
Non-political acts of sabotage have caused financial and other damage. In 2000, disgruntled employee Vitek Boden caused the release of 800,000 litres of untreated sewage into waterways in Maroochy Shire, Australia.
More recently, in May 2007 Estonia was subjected to a mass cyber-attack in the wake of the removal of a Russian World War II war memorial from downtown Tallinn. The attack was a distributed denial-of-service attack in which selected sites were bombarded with traffic to force them offline; nearly all Estonian government ministry networks as well as two major Estonian bank networks were knocked offline; in addition, the political party website of Estonia's current Prime Minister Andrus Ansip featured a counterfeit letter of apology from Ansip for removing the memorial statue. Despite speculation that the attack had been coordinated by the Russian government, Estonia's defense minister admitted he had no conclusive evidence linking cyber attacks to Russian authorities. Russia called accusations of its involvement "unfounded," and neither NATO nor European Commission experts were able to find any conclusive proof of official Russian government participation. In January 2008 a man from Estonia was convicted for launching the attacks against the Estonian Reform Party website and fined.
During the Russia-Georgia War, on 5 August 2008, three days before Georgia launched its invasion of South Ossetia, the websites for OSInform News Agency and OSRadio were hacked. The OSinform website at osinform.ru kept its header and logo, but its content was replaced by a feed to the Alania TV website content. Alania TV, a Georgian government supported television station aimed at audiences in South Ossetia, denied any involvement in the hacking of the websites. Dmitry Medoyev, at the time the South Ossetian envoy to Moscow, claimed that Georgia was attempting to cover up information on events which occurred in the lead up to the war. One such cyber attack caused the Parliament of Georgia and Georgian Ministry of Foreign Affairs websites to be replaced by images comparing Georgian president Mikheil Saakashvili to Adolf Hitler. Other attacks involved denials of service to numerous Georgian and Azerbaijani websites, such as when Russian hackers allegedly disabled the servers of the Azerbaijani Day.Az news agency.
Website defacement and denial of service
Even more recently, in October 2007, the website of Ukrainian president Viktor Yushchenko was attacked by hackers. A radical Russian nationalist youth group, the Eurasian Youth Movement, claimed responsibility.
In 1999 hackers attacked NATO computers. The computers flooded them with email and hit them with a denial of service (DoS). The hackers were protesting against the NATO bombings of the Chinese embassy in Belgrade. Businesses, public organizations and academic institutions were bombarded with highly politicized emails containing viruses from other European countries.