Cyber terrorism might mean different things to different people, but one thing is certain- it needs to be taken incredibly seriously. What are we dealing with? How can we defend our nation? How will cyber terrorists of the future look to attack?
One of the key challenges of understanding cyber terrorism is defining exactly what the term means. The term has been used in the past to refer to known terrorists or terrorist organizations using the internet to communicate.So exactly what is cyber terrorism?
This interpretation of cyber terrorism creates a distinction between a cyber terrorist and a malicious hacker, prankster, identity thief, cyber bully, or corporate spy based on the political motivation of the attacker. It also differs from hacking, cracking, phishing, spamming, and other forms of computer-related abuse, though cyber terrorists may use these tactics to accomplish their politically motivated goals. Cyber attacks are becoming more and more likely to occur, given the many technological advancements and vulnerability of internet users ; which have lead to dispersal of sensitive information . Do not think that national organizations or military operations are more susceptible to being an agent. YOU can very well be the enemy.
How Serious is This Problem?
Ask Estonia. The three-week cyber attack on Estonia threatened to black out the country’s digital infrastructure, infiltrating the websites of the nation’s banks and political institutions. What really keeps cyber security professionals up at night is not necessarily the threat of shutting down banking and financial infrastructures, rather the concern for the security of Supervisory Control and Data Acquisition (SCADA) systems related to the nation’s critical infrastructures. What’s SCADA? These are the industrial controls systems that are managed by computer systems. SCADA systems include railroad track switches, draw bridges, sewage treatment and water purification plants, traffic signals in busy cities, the electrical distribution grid, subway control systems, and other critical systems that can easily cause massive injuries and loss of life if exploited maliciously. Read more.
Recent media reports have described a new cyber threat called Stuxnet, which can target critical infrastructure, including nuclear facilities. According to these published reports, Stuxnet is a complex piece of malware (Software that is intended to damage or disable computers and computer systems) designed to interfere with the seamen’s industrial control systems operating the Iranian nuclear facilities. This makes Stuxnet, at least according to published reports, a very dangerous offensive cyber weapon that overtakes critical control system operations. So, if an anonymous enemy or terrorist ever seizes the control systems of, let’s say, dams or chemical or power plants via the cyber world, that terrorist could cause death and destruction in the real world.
What can we do about cyber terrorism?
Cyber weapons are difficult to precisely target given the interdependence of most computer systems, so collateral damage to civilian targets is a major danger, as when a virus aimed at military sites spreads to civilian sites. Because of this, damage assessment is difficult for cyber war attacks, since most damage is hidden inside data. This encourages massive attacks in the hopes of guaranteeing some damage. For these reasons, some cyber war attacks may be prosecutable as war crimes, but in most cases they go unprosecuted (some terrorsits are never caught). In addition, cyber war weapons are expensive and tend to lose effectiveness quickly after use as they lose their element of surprise. So why are they still considered? Today, our critical infrastructure relies extensively on computerized information systems and the internet which cannot be protected as in the traditional way with guns, gates, and guards. This reliance on computers and the internet makes our critical infrastructure operations vulnerable to cyber-attack. This vulnerability was demonstrated a few years ago in a simulated attack on our electric power grid, which was code-named Aurora. More about Aurora.
The good news is that there are many highly trained, internationally certified, experienced security professionals thinking about this problem. They are participating in exercises, examining case studies, war-gaming various scenarios, and implementing solutions. These experts from military, industry, and academia work well together and offer a global perspective. There is also an abundance of policies, practices, tests, hardware, software, literature, training and education designed to protect against cyber attacks, regardless of the source (terrorist or otherwise), to detect it immediately when it happens, and to respond to it quickly and effectively. While we may be somewhat positioned to defend against such acts, we must act now, as a government and as individuals – to fully meet the challenge of cyber terrorism.
The Future of Cyber Terrorism
A critical factor in defending against cyber terrorism is thinking towards the future. It is easy to fall into the trap of projecting what terrorists might do in the future to our current technologies. But, we must think about what terrorists might do in the future to our future technologies. This becomes doubly challenging since predicting the future is always difficult and this challenges us to predict the future in two dimensions. Future terrorists will not attack what we have now.
In his best-selling book, The Big Switch, Nicholas Carr compares current computer trends to those of electricity development. More than 100 years ago, individual factories built their own electrical generators using water wheels by the sides of rivers, to generate their own personal electricity. As the electrical grid developed, it became more economical and efficient to produce electricity in massive central locations and to distribute the electricity to customers as a utility. This freed up corporations to focus on their core missions, without the encumbrance of managing their own electrical generating plant.
With our nation’s cyber landscape destined to change, and cyber terrorism evolving its target of attack, we must channel our thoughts and actions toward the future of both cyber terrorism and technology; we must understand their convergence, and we must address the security requirements of that future.
Regardless of whether cyber terrorism is a misnomer, a serious threat to life, safety, and our critical infrastructures, or just an annoyance, we need to be ever vigilant and forward-thinking to meet future challenges regarding cyber security. In the meantime, be more careful because YOU just might be the enemy.
- “Inside Story – A new frontier in cyber war? – YouTube.” YouTube. N.p., n.d. Web. 22 Mar. 2013. <http://www.youtube.com/watch?v=Cm388ZgQfl4&feature=youtu.be>.
- “The Future of Cyber Warfare – David Sanger – YouTube.” YouTube. N.p., n.d. Web. 25 Mar. 2013. <http://www.youtube.com/watch?v=38Xgpl8X-s0>.
- “Threat of Cyber Terrorism 2-2012.” YouTube. YouTube, 17 Apr. 2012. Web. 12 Apr. 2013. <http://www.youtube.com/watch?v=-g-kCChxsqs>.
- L. & Colarik, A. (2008). “Cyber Warfare and Cyber Terrorism”. Page xiii. Information Science Reference, Hershey – New York
- Lachow, I. (2009). “Chapter 19: Cyber Terrorism: Menace or Myth?”
- SANG-HUN, CHOE, and GERRY MULLANY. “Cyberwarfare – The New York Times.” Times Topics – The New York Times. N.p., n.d. Web. 31 Mar. 2013. <http://topics.nytimes.com/top/reference/ti
- SEOUL, Kim Eun-jung, banks, and South Korea’s defense ministry said Monday it will increase cyber warfare forces. “S. Korean military to prepare with U.S. for cyber warfare scenarios | YONHAP NEWS.” YONHAP NEWS. N.p., n.d. Web. 27 Mar. 2013. <http://english.yonhapnews.co.kr/national/2
- Nuccetilli, Michael. Cyber Terrorism. 2012. Photograph. N.p
- 2009. Photograph. Http://milenio.campus-party.org/2011/science-and-sustainability.html. N.p.: n.p., n.d. N. pag. Web.