Cyberterrorism: Difference between revisions

From Citizendium
Jump to navigation Jump to search
imported>Matt Mahlmann
m (added wikilink)
m (Text replacement - "[[" to "")
 
(18 intermediate revisions by 9 users not shown)
Line 1: Line 1:
It is commonly accepted that [[cyberspace]] was coined by William Gibson in his 1984 book entitled Neuromancer. From this work, cyberspace is referred to as a realm of electronic communications that allows community interaction as well as its information storage and retrieval. The use of cyberspace for terrorists means can therefore be considered cyber terrorism, or the convergence of cyberspace and [[terrorism]].
{{PropDel}}<br><br>{{subpages}}
 
{{TOC|right}}
==Formal/Published Definitions==
'''Cyberterrorism''' includes both terrorist attacks on resources in cyberspace, or use of Internet and other cyberspace to support terrorist operations.  
The term cyber terrorism is actually represented in three forms of spelling throughout the known literature: cyber terrorism, cyber-terrorism, and cyberterrorism. While any of these three spellings appears to be correct, each has their own tendency of usage. cyber terrorism is predominantly used extensively in government documents, cyber-terrorism tends to be a generalized usage in articles and reference works, and cyberterrorism appears to have its origins in the early establishment of the term. Along with its multiple spellings, so too are there multiple definitions.  


==Definitions==
The following are published definitions of cyber terrorism:
The following are published definitions of cyber terrorism:


Line 21: Line 21:
The use of cyberspace by terrorist groups tends to fall into four categories. These are:
The use of cyberspace by terrorist groups tends to fall into four categories. These are:


I. The communication and coordination of terrorist activities.
===communication and coordination of terrorist activities===


This usage focuses around the utilization of communication technologies such as e-mail, newsgroups, Voice Over IP (VOIP) to coordinate activities between distributed cells and their respective leadership. It is also the usage of multimedia technologies such as websites and streaming video to disseminate terrorist activities and training materials.
This usage focuses around the utilization of communication technologies such as e-mail, newsgroups, Voice Over IP (VOIP) to coordinate activities between distributed cells and their respective leadership. It is also the usage of multimedia technologies such as websites and streaming video to disseminate terrorist activities and training materials.


II. The gathering of intelligence on potential targets.
===Gathering intelligence on potential targets===


With millions of databases and documents being stored electronically, the potential for tapping into such a wealth of data can not be underestimated. This usage relies on breaching information storage and retrieval systems for assessing potential targets in both the civilian and military domains.  
With millions of databases and documents being stored electronically, the potential for tapping into such a wealth of data can not be underestimated. This usage relies on breaching information storage and retrieval systems for assessing potential targets in both the civilian and military domains.  


III. A force multiplier for physical attacks by disabling emergency response systems.
===Force multiplication bydisabling emergency response systems===


The physical damage done by a terrorist attack can be magnified significantly by disrupting or disabling critical emergency response communication systems. This usage relies on attacking the critical communication infrastructure of ambulances, police and other coordinating organizations that must be mobilized in the event of a catastrophic attack by terrorists.
The physical damage done by a terrorist attack can be magnified significantly by disrupting or disabling critical emergency response communication systems. This usage relies on attacking the critical communication infrastructure of ambulances, police and other coordinating organizations that must be mobilized in the event of a catastrophic attack by terrorists.


IV. Causing physical harm by electronically attacking control systems for dams, electrical systems, medical databases, and a host of other computer dependent infrastructures.
===Damage to physical systems through computerized controls===
Causing physical harm by electronically attacking System Control And Data Acquisition systems for dams, electrical systems, medical databases, and a host of other computer dependent infrastructures.


While this usage is focused around the disruption of supporting infrastructures such as power plants and dams, it also involves other infrastructure technologies that have people rely on for life saving services such as medical patient systems. A sustained power outage can spell death to those who rely on it for medical treatment; a dam opened remotely may flood an area causing severe damage and loss of life; and a blood type changed or an allergy removed prior to surgery could spell instant death if critical support systems are penetrated and attacked.
While this usage is focused around the disruption of supporting infrastructures such as power plants and dams, it also involves other infrastructure technologies that have people rely on for life saving services such as medical patient systems. A sustained power outage can spell death to those who rely on it for medical treatment; a dam opened remotely may flood an area causing severe damage and loss of life; and a blood type changed or an allergy removed prior to surgery could spell instant death if critical support systems are penetrated and attacked.
Line 40: Line 41:
In nearly all cases, the methods employed by cyber terrorists are consistent with technologies employed by hackers, crackers and cyber criminals.
In nearly all cases, the methods employed by cyber terrorists are consistent with technologies employed by hackers, crackers and cyber criminals.


These include the following:
==Estonia attacked, 2007==
 
In May 2007 Estonia asked NATO to develop a unified strategy against "cyber-terrorists" after hackers launched a third wave of attacks on leading government, banking and media websites in one of the world's most wired countries. The three-week cyber-offensive, which has been linked to a furious diplomatic row between Russia and Estonia, is the first time that a single state has come under concerted attack by hackers. The Estonian defense minister, said about one million computers worldwide were used to cripple government and corporate sites; the infected machines flooded Estonian websites with bogus information in what is known as a "Distributed Denial of Service" (DDoS) attack. The minister said his government had "identified in the initial attacks IP numbers [computer addresses] from the Russian governmental offices." <ref> Adrian Blomfield, "Russia accused over Estonian 'cyber-terrorism'" London ''Telegraph'' 19/05/2007 at [http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2007/05/17/westonia117.xml].</ref>  The Council of Europe has a 2001 treaty on cybercrime; the U.S. and Japan have signed it; Russia has not.<ref> "Cyberwarfare: Newly nasty," ''The Economist'' May 24th 2007</ref>
Viruses and Worms; Trojan Horses; Social Engineering; Physical Accesses; Eavesdropping and Interceptions; Session Hijacking; Firewall, Web Server, Router and Gateway Penetrations; Domain Name Server Attacks; and many other electronic attack forms.
 
==Readings & Sources==
Anti-Terrorism Coalition (ATC). Database of Terrorist Websites and eGroups at [http://www.atcoalition.net/]
 
Bosch, O. (2002). Cyber Terrorism and Private Sector Efforts for Information Infrastructure Protection. Creating Trust in Critical Networks Workshop of the ITU Strategy and Policy Unit.  
 
Center for Strategic and International Studies (1998). Cybercrime, Cyberterrorism, Cyberwarfare, Averting an Electronic Waterloo.
CERT Coordination Center (2005). International Coordination for Cyber Crime and Terrorism in the 21st Century [http://www.cert.org/reports/stanford_whitepaper-V6.pdf]
 
Colarik, A. [http://www.AndrewColarik.com](2006). Cyber Terrorism: Political and Economic Implications. Idea Group Publishing.
 
David, M. & Sakurai, K. (2003). Combating Cyber Terrorism: Countering Cyber Terrorist Advantages of Surprise and Anonymity. Proceedings of the 17th International Conference on Advanced Information Networking and Applications.
 
Denning, D. (2001). Activism, Hacktivism, and Cyberterrorism: The Internet as a tool for Influencing Foreign Policy. Internet and International Systems: Information Technology and American Foreign Policy Decisionmaking Workshop.
 
Denning, D. (2000). Cyberterrorism, Testimony before the Special Oversight Panel on Terrorism Committee on Armed Services U.S. House of Representatives.
 
Denning, D. (2001). Chapter Eight, Activism, Hacktivism, and Cyberterrorism: The Internet as a Tool for Influencing Foreign Policy. Networks and Netwars: The Future of Terror, Crime, and Militancy [http://www.rand.org/publications/MR/MR1382/]
 
Denning, D. (2001). Cyberwarriors: Activists and terrorists turn to cyberspace. Harvard International Review. 23(2).
 
Flemming, P. & Stohl, M. (2000). Myths and Realities of Cyberterrorism. International Conference on Countering Terrorism Through Enhanced Cooperation [http://www.comm.ucsb.edu/Research/Myths%20and%20Realities%20of%20Cyberterrorism.pdf]
 
Gibson, W. (1984). Neuromancer. Berkley Publishing Group.
 
Institute for Security Technology Studies at Dartmouth College (2002). Cyber Security of the Electric Power Industry.
Jachowicz, L. (2003). How to prevent and fight international and domestic Cyberterrorism and Cyberhooliganism [http://honey.7thguard.net/essays/cyberterrorism-policy.pdf]
 
Janczewski, L. & Colarik, A. (2005). Managerial Guide for Handling Cyber-Terrorism and Information Warfare. Idea Group Publishing.
 
Janczewski, L. & Colarik, A. (2007). Cyber Warfare and Cyber Terrorism. Information Science Reference.
 
Lawson, S. (2005). Information Warfare: An Analysis of the Threat of Cyber Terrorism Towards the US Critical Infrastructure. SANS GSEC.
 
Lewis, J. (2002). Assessing the Risks of Cyber Terrorism, Cyber War and Other Cyber Threats. Center for Strategic and International Studies.
 
Lourdeau, K. (2005). Testimony of Keith Lourdeau, Deputy Assistant Director, Cyber Division, FBI Before the Senate Judiciary Subcommittee on Terrorism, Technology, and Homeland Security, Cyber Terrorism [http://www.fbi.gov/congress/congress04/lourdeau022404.htm]
 
Nagpal, R. (2002). Cyber Terrorism in the Context of Globalization. Proceedings of the 2nd World Congress on Informatics and Law.  
 
Nisbet, C. (2004). Cybercrime and cyber terrorism. Securing Electronic Business Processes – Highlights of the Information Security Solutions Conference 2003. Vieweg.
 
Pollitt, M. (2005). Cyberterrorism – Fact or Fancy? [http://www.cs.georgetown.edu/~denning/infosec/pollitt.html]
 
Raghavan, T. (2003). In Fear of Cyberterrorism: An Analysis of the Congressional Response. Journal of Law, Technology & Policy. 1.
 
Rogerson, S. (2003, August). Cyber terrorism and the threat to democracy. IMIS Journal. 13(4).
 
Sofaer, A. & Goodman, S. (2000, August). A Proposal for an International Convention on Cyber Crime and Terrorism at [http://www.ciaonet.org/wps/soa02/]
 
Tan, K. (2003). Confronting Cyberterrorism with Cyber Deception. Master’s Thesis. Naval Postgraduate School.
 
Tyrer, H. (2002). Chapter 16: Cyber-terrorism. Science and Technology of Terrorism and Counterterrorism. Marcel Dekker, Inc.
United States House of Representatives Committee on Science (2005). Hearing Charter: Cyber Terrorism – A View From The Gilmore Commission [http://www.house.gov/science/full/oct17/full_charter_101701.htm]
 
United States Department of Energy (2005). 21 Steps to improve Cyber Security of SCADA Networks. President’s Critical Infrastructure Protection Board [http://www.ea.doe.gov/pdfs/21stepsbooklet.pdf]
 
Verton, D. (2003). Black Ice: The Invisible Threat of Cyber-Terrorism. McGraw-Hill.
 
Warren, M. & Furnell, S. (2005). Cyber-Terrorism – Political Evolution of the Computer Hacker [http://www.cyberguard.info/resource_center/WhitePapers/Cyber%20Terror.pdf]
 
Yurcik, W. (1999). Adaptive Multi-Layer Network Survivability: A Unified Framework for Countering Cyber-Terrorism. Proceedings of the Workshop on Countering Cyber-Terrorism.


==References==


[[Category:Computers Workgroup]]
{{Reflist}}
[[Category:CZ Live]]
[[Category:Military Workgroup]]
[[Category:Politics Workgroup]]

Latest revision as of 07:27, 18 March 2024

This article may be deleted soon.
To oppose or discuss a nomination, please go to CZ:Proposed for deletion and follow the instructions.

For the monthly nomination lists, see Category:Articles for deletion.


This article is developing and not approved.
 Main Article
 Discussion
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
 
https://en.citizendium.org/wiki/index.php?title=Cyberterrorism&printable=yes
This editable Main Article is under development and subject to a disclaimer.

Cyberterrorism includes both terrorist attacks on resources in cyberspace, or use of Internet and other cyberspace to support terrorist operations.

Definitions

The following are published definitions of cyber terrorism:

“Cyberterrorism means premeditated, politically motivated attacks by sub national groups or clandestine agents, or individuals against information and computer systems, computer programs, and data that result in violence against non-combatant targets”. - Center for Strategic and International Studies (1998)

“Cyberterrorism, refers to the convergence of cyberspace and terrorism. It covers politically motivated hacking operations intended to cause grave harm such as loss of life or severe economic damage”. - Denning (2001)

“A criminal act perpetrated by the use of computers and telecommunications capabilities, resulting in violence, destruction and/or disruption of services, where the intended purpose is to create fear by causing confusion and uncertainty within a given population, with the goal of influencing a government or population to conform to a particular political, social or ideological agenda.” - Lourdeau (2005)

“Cyber terrorism is a premeditated, politically motivated criminal act by sub-national groups or clandestine agents against information and computer systems, computer programs, and data that result in physical violence where the intended purpose is to create fear in non-combatant targets”. - Colarik (2006)

Tactics & Uses

The use of cyberspace by terrorist groups tends to fall into four categories. These are:

communication and coordination of terrorist activities

This usage focuses around the utilization of communication technologies such as e-mail, newsgroups, Voice Over IP (VOIP) to coordinate activities between distributed cells and their respective leadership. It is also the usage of multimedia technologies such as websites and streaming video to disseminate terrorist activities and training materials.

Gathering intelligence on potential targets

With millions of databases and documents being stored electronically, the potential for tapping into such a wealth of data can not be underestimated. This usage relies on breaching information storage and retrieval systems for assessing potential targets in both the civilian and military domains.

Force multiplication bydisabling emergency response systems

The physical damage done by a terrorist attack can be magnified significantly by disrupting or disabling critical emergency response communication systems. This usage relies on attacking the critical communication infrastructure of ambulances, police and other coordinating organizations that must be mobilized in the event of a catastrophic attack by terrorists.

Damage to physical systems through computerized controls

Causing physical harm by electronically attacking System Control And Data Acquisition systems for dams, electrical systems, medical databases, and a host of other computer dependent infrastructures.

While this usage is focused around the disruption of supporting infrastructures such as power plants and dams, it also involves other infrastructure technologies that have people rely on for life saving services such as medical patient systems. A sustained power outage can spell death to those who rely on it for medical treatment; a dam opened remotely may flood an area causing severe damage and loss of life; and a blood type changed or an allergy removed prior to surgery could spell instant death if critical support systems are penetrated and attacked.

Methods

In nearly all cases, the methods employed by cyber terrorists are consistent with technologies employed by hackers, crackers and cyber criminals.

Estonia attacked, 2007

In May 2007 Estonia asked NATO to develop a unified strategy against "cyber-terrorists" after hackers launched a third wave of attacks on leading government, banking and media websites in one of the world's most wired countries. The three-week cyber-offensive, which has been linked to a furious diplomatic row between Russia and Estonia, is the first time that a single state has come under concerted attack by hackers. The Estonian defense minister, said about one million computers worldwide were used to cripple government and corporate sites; the infected machines flooded Estonian websites with bogus information in what is known as a "Distributed Denial of Service" (DDoS) attack. The minister said his government had "identified in the initial attacks IP numbers [computer addresses] from the Russian governmental offices." [1] The Council of Europe has a 2001 treaty on cybercrime; the U.S. and Japan have signed it; Russia has not.[2]

References

  1. Adrian Blomfield, "Russia accused over Estonian 'cyber-terrorism'" London Telegraph 19/05/2007 at [1].
  2. "Cyberwarfare: Newly nasty," The Economist May 24th 2007
Retrieved from "https://citizendium.org/wiki/index.php?title=Cyberterrorism&oldid=940708"