Cyberterrorism

From Citizendium
Revision as of 17:05, 24 March 2008 by imported>John Dvorak (moving bibliography)
Jump to navigation Jump to search
This article is developing and not approved.
 Main Article
 Discussion
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
 
https://en.citizendium.org/wiki/index.php?title=Cyberterrorism&printable=yes
This editable Main Article is under development and subject to a disclaimer.

It is commonly accepted that cyberspace was coined by William Gibson in his 1984 book entitled Neuromancer. From this work, cyberspace is referred to as a realm of electronic communications that allows community interaction as well as its information storage and retrieval. The use of cyberspace for terrorists means can therefore be considered cyber terrorism, or the convergence of cyberspace and terrorism.

Definitions

The following are published definitions of cyber terrorism:

“Cyberterrorism means premeditated, politically motivated attacks by sub national groups or clandestine agents, or individuals against information and computer systems, computer programs, and data that result in violence against non-combatant targets”. - Center for Strategic and International Studies (1998)

“Cyberterrorism, refers to the convergence of cyberspace and terrorism. It covers politically motivated hacking operations intended to cause grave harm such as loss of life or severe economic damage”. - Denning (2001)

“A criminal act perpetrated by the use of computers and telecommunications capabilities, resulting in violence, destruction and/or disruption of services, where the intended purpose is to create fear by causing confusion and uncertainty within a given population, with the goal of influencing a government or population to conform to a particular political, social or ideological agenda.” - Lourdeau (2005)

“Cyber terrorism is a premeditated, politically motivated criminal act by sub-national groups or clandestine agents against information and computer systems, computer programs, and data that result in physical violence where the intended purpose is to create fear in non-combatant targets”. - Colarik (2006)

Tactics & Uses

The use of cyberspace by terrorist groups tends to fall into four categories. These are:

I. The communication and coordination of terrorist activities.

This usage focuses around the utilization of communication technologies such as e-mail, newsgroups, Voice Over IP (VOIP) to coordinate activities between distributed cells and their respective leadership. It is also the usage of multimedia technologies such as websites and streaming video to disseminate terrorist activities and training materials.

II. The gathering of intelligence on potential targets.

With millions of databases and documents being stored electronically, the potential for tapping into such a wealth of data can not be underestimated. This usage relies on breaching information storage and retrieval systems for assessing potential targets in both the civilian and military domains.

III. A force multiplier for physical attacks by disabling emergency response systems.

The physical damage done by a terrorist attack can be magnified significantly by disrupting or disabling critical emergency response communication systems. This usage relies on attacking the critical communication infrastructure of ambulances, police and other coordinating organizations that must be mobilized in the event of a catastrophic attack by terrorists.

IV. Causing physical harm by electronically attacking control systems for dams, electrical systems, medical databases, and a host of other computer dependent infrastructures.

While this usage is focused around the disruption of supporting infrastructures such as power plants and dams, it also involves other infrastructure technologies that have people rely on for life saving services such as medical patient systems. A sustained power outage can spell death to those who rely on it for medical treatment; a dam opened remotely may flood an area causing severe damage and loss of life; and a blood type changed or an allergy removed prior to surgery could spell instant death if critical support systems are penetrated and attacked.

Methods

In nearly all cases, the methods employed by cyber terrorists are consistent with technologies employed by hackers, crackers and cyber criminals.

These include the following:

Viruses and Worms; Trojan Horses; Social Engineering; Physical Accesses; Eavesdropping and Interceptions; Session Hijacking; Firewall, Web Server, Router and Gateway Penetrations; Domain Name Server Attacks; and many other electronic attack forms.

Estonia attacked, 2007

In May 2007 Estonia asked NATO to develop a unified strategy against "cyber-terrorists" after hackers launched a third wave of attacks on leading government, banking and media websites in one of the world's most wired countried. The three-week cyber-offensive, which has been linked to a furious diplomatic row between Russia and Estonia, is the first time that a single state has come under concerted attack by hackers. The Estonian defense minister, said about one million computers worldwide were used to cripple government and corporate sites; the infected machines flooded Estonian websites with bogus information in what is known as a "Distributed Denial of Service" (DDoS) attack. The minister said his government had "identified in the initial attacks IP numbers [computer addresses] from the Russian governmental offices." [1] The Council of Europe has a 2001 treaty on cybercrime; the U.S. and Japan have signed it; Russia has not.[2]


References

  1. Adrian Blomfield, "Russia accused over Estonian 'cyber-terrorism'" London Telegraph 19/05/2007 at [1].
  2. "Cyberwarfare: Newly nasty," The Economist May 24th 2007
Retrieved from "https://citizendium.org/wiki/index.php?title=Cyberterrorism&oldid=182279"