Global Threat Cyberterrorism
By inner government policy writers, analysts, and the public. The social and global tactics that terrorist cells use, the countries that support terrorist groups, and the policies and
procedures that have been used to counter terrorist actions by the target countries are all becoming unmanageable, billions are being spent in security measures but the whole concept is untraceable and can easily change, it is essential to keep the publics confidence.
The information age or the technological era is magnificently shaping the way in which terrorists operate; new technologies mean newer weapons with more destructive powers, more ways to cause death and damage. Not only the types of weapons and targets the terrorists select, but also the ways in which terrorist cells have cemented their internal structure and the operation of their organisations (Zanini and Edwards, 2001, p. 30). According to Zanini and Edwards, terrorist organizations are using information technologies, such as computers, telecommunication devices, software, and the Internet to organize and coordinate activities (2001, p. 30).
Criminality and Cybercrimes are now continually originating from new technologies, such as the Internet, wireless communications, military sciences this all in all creates many challenges for law enforcement around the world (Sussmann 2000). Responding to Cyberterrorism and investigating computer-related crimes pose challenges for law enforcement, as well as the legal system. There are many loopholes with the justice system that enables those with malicious intent to evade capture.
The internet can be of so much use to terrorists, first of all, the communication that can be done over the internet is endless and alot more harder to trace then conventional ways of communication. Electronic mail has become one of the cheapest, quickest and anonymous as well as effective ways of communication today, to communicate with any part of the world. So overall the terrorists of this world are able to use the internet as a platform to communicate and swap information and messages to further their cause. General information on targets like maps and instructions are widely available, terrorist organisations can make their own WebPages to promote their ideologies, distribute propaganda and recruit sponsors or supporters. As being a platform for propaganda they are able to reach the public directly and make their existence known in international circles.
Terrorists can also obtain funds through the internet, using services such as PayPal and western union; people can deposit monies anonymously so it is perfect for terrorist organisations to operate. In recent times after atrocities such as September 11th and Afghanistan you have often seen terrorists put up film footage on the internet to promote their groups, when terrorist cells kidnap any westerners, they will publicise their crimes by recording beheadings and playing them live on news sites for the world to see.
According to news reporters from NBC who have been abducted previously by Al-Qaeda, claim that within their fortress of caves they have large banks of computer servers, communications devices and mass storage data discs.
Hamas are another group that use advanced technology for their cause; they reportedly use 128 & 256 bit encryption for their files and communications. The more a country is technologically advanced, the more vulnerable it is to attack against its infrastructure, at the last count the number of computers that the USA have installed is just over 180 million, at least 5 times the number that of Japan, seven times as much as in Germany and twice as many as all of Europe combined. US computers account for 42% of the worlds computing power, whilst China represents only a meagre 1% and Russia 8%.
The objective of this paper is to provide a general overview of the research; First of all, we look at the critical concepts of this research. These concepts are terrorism, cybercrime, information warfare, and Cyberterrorism.
Definition of the Concepts
Terrorism
Defining the word terrorism itself constitutes problems. The problems that occur when
Defining terrorism is the difficulty to have an agreed upon definition of terrorism. In other
Words, there is no consensus in the international arena as to what terrorism comprises. No statement has been made to clarify the concepts under which the terrorism heading falls into.
The problem emerges from the fact that terrorism is solely a political issue which means
A terrorist for one country could be a freedom fighter for another. Furthermore, as
Laqueur claimed in 1977
“It can be predicted with confidence that disputes about a comprehensive,
Detailed definition of terrorism will continue for a long time, that they will not result
In consensus and that they will make no noticeable contribution to the understanding of terrorism. “
While the statement seems to be vague in character, the true statement of terrorism is in fact much closer to the truth then imagined.
Of course the Human Rights Act and other international agreements set the scene for the standards in terms of human rights; but the non existence of procedures for the use of responding to terrorism creates confusing, irregularity and severe turmoil. On top of this, any such effort that is taken by a country which is targeted by cyber terrorists may not have a desired effect since other countries may not consider that group as a terrorist organisation. In terms of legal stature, by not having any by laws as to what
Terrorism constitutes, while country 1 may deem a specific act as terrorism, country 2 may judge the action to be a meaningless computer mistake.
Enders and Sandler define terrorism as “the premeditated use or threatened use -of extra-normal violence or force to gain political objectives through intimidation or fear” (1993, p. 829).
The US Department of State defines terrorism as “premeditated, politically motivated violence perpetrated against non-combatant targets by sub-national
Groups or clandestine agents usually intended to influence an audience” (1999).
Classes of Information warfare
Many authors have written substantial articles on the subject of Cyberterrorism and such activities, the subject itself is deemed to a very grey area with mostly myths and hear say, obviously hackers do exist and they can cause serious and malicious damage to an infrastructure but not all are convinced of their overall threat, many authors publish hard hitting texts to drive the point home that our world is at risk from this ruthless wave of technological storming.In his book, Chaos on the Electronic Superhighway: Information Warfare, Winn Schwartua, talks about the concept of information warfare in comparison to everything around us including politics, economy, power, fear, survival and harmony. He has even led claims that information warfare and information age weaponry will replace bombs and bullets, which are not restricted to the governments of superpowers (Schwartua 1996, p. 16).
Schwartua also proposes the classification of information warfare. According to him there are three types of information warfare:
Class 1: Personal Information Warfare.
This includes attacks against an individual’s privacy. Cyber attacks on the personal computer or wireless devices or use of private information about an individual are possible examples of personal information warfare.
Class 2: Corporate Information Warfare.
This classification involves large corporate companies of magnitude and focuses on the issues of competition between companies, industrial espionage, misinformation, sponsors, shareholders etc
Class 3: Global Information Warfare.
This type of warfare is “waged against industries” (p. 195). This level of warfare is waged by the most elite individuals through Internet and other computer network systems according to Schwartau (1996).
According to Monge and Fulk (1999), the use of new age computing advancement and various wireless communication devices has led to the establishment of networks in three ways: Firstly, the new technologies have enabled terrorist cells to reduce the transmission time of their encrypted messages so that members of the organization can communicate faster.
Secondly, new technologies also reduced communication expenses. Obviously before the internet, as the same with all of mankind, sensitive communication was done by either word of mouth or by coded messages. Not only have new advancements in technology visibly reduced the length of transmission time and considerable expense, but have also significantly increased the scope and complexity of the information due to the combined technologies. Terrorist organisations have now gained their own independence, whereas a time once existed where terrorist and fundamentalist groups were once linked with governments due to lack of financing now have the platform to better finance themselves due to the broader scope of the internet.
Zanini and Edwards compare the Palestine Liberation Organization (PLO), who are considered to be more politically and hierarchical in contrast to the Palestinian Islamic Jihad (PIJ) and al-Qaeda, these are considered to be more recent forming and less hierarchical groups more intent on bloodshed then political uprising.
Dispersed groups find that the advantages of the new technologies eliminate normal problems gained through distance. In particular, using the World Wide Web for communication amongst the cells can not only increase the flexibility of people’s time. In fact, these technologies may enable terrorists to operate from nearly any country in the world (Zanini and Edwards, 2001, p. 38).
We are seeing that terrorists gain momentous advantage from new technologies and that the world cannot prevent much, due to the general era that we are in, everyone has access to anything as long as funds are available. The internet provides the best and most effective communication dial-ups between the terrorist organization and its members.
Weimann identifies eight different ways that terrorists use the Internet:
- Psychological Warfare,
- Publicity and Propaganda,
- Data Mining,
- Fundraising,
- Recruitment and Mobilization,
- Networking,
- Sharing Information,
- Planning and Coordination (2004).
Different terrorist organisations have different causes so the web sites they setup can act with a purpose of a communication channel between the various members of the organisation, the supporters and those anonymous sympathisers of the organization, Through this channel, terrorist groups can broadcast their harsh messages to the world stage and have regular updates to their recent campaigning and recent activities. They often use the Web site to justify their violent sadistic murders and killings.
These Web sites are a platform to the whole world and can lead to recruitment of potential supporters, and target population or government entities (Weimann 2004).
In addition to being a communication method between terrorists and the public, advanced tools, such as;
- Cryptography
- Steganography
These types of advancements are used by terrorists to convey their messages to the world around them. Here we look at these two tools in more detail;
Cryptography
Bruce Schneier describes the act of Cryptography as “the art and
Science of securing messages” (as cited in Taylor et al., 2004, p. 29). The method is a process of “extreme strong encryption” of the data transmitted between sources to a target. Even though this technology can be useful to those in the private and public sectors it can also be an explosive and damaging weapon to hide information from law enforcement agencies. (Slambrouck, 1998).
Denning argues that the threat to law enforcement and government agencies is widespread; she explains four ways that the encrypted data presents danger:
1) It will hinder the intelligence community from getting foreign intelligence critical to national security (Denning, 1997).
2) The intelligence community will have hard time retrieving vital
Information about any given investigation,
3) It may avoid the law enforcement from gathering evidence to convict offenders,
4) The law enforcement community may be unable to avoid attacks or any harm.
(Denning 1997)
Members of the group Al-Qaeda have been using the newly advanced computer technologies to communicate and relay information to sub-coordinates around the globe, it has been heard in social circles that Al-Qaeda love the internet as they are able to keep in real time with all information even though they are based within caves in mountainous regions. According to some research forensics evidence that was collected and compiled after the September 11th attacks shows that terrorist cells often used the internet for their vigorous planning before the attacks. Overall the internet is a source of great value to all those who use it whether it maybe for a student at university or a terrorist with plans to blow up an airliner, information is free and in abundance.
Terrorists especially from the Arab continent frequently upload their propaganda and messages via news channels as it is the quickest way to get publicised. Most commonly used is the Jazeera TV network, an example of the use of news channels by terrorists is the final message sent to Mohammed Atta of Al Jazeera by the two senior members of Al- Qaeda 3 weeks before September 11th, 2001 attacks, what was sent was a simple code that showed the four targets – the Twin Towers, the Pentagon and Capitol Hill – which were referred to as “faculties” in the message. The communication said,
“The semester begins in three more weeks. We’ve obtained nineteen confirmations for studies in the faculty of law, the faculty of urban planning, the faculty of fine arts and the faculty of engineering.”
Many other political and terror organisations within Europe and America use an encryption program known as Pretty Good Privacy (PGP), an easily downloadable program that provides basic and stronger encryption to use within coded emails for intelligence sharing.
Steganography
Steganography is the art of hiding data within objects such as
Documents, pictures etc files (Collin, 1997). It is a wide method used by many organisations as a simple way to hide information from those who do not have the clearance to view but it can also be severely exploited by terrorist organisations. This technology relies on “security-by-obscurity,” basically the person will know that a message is hidden within and once he accesses it he be able to read the hidden information behind the veil.
From the exterior appearance, a picture would be entirely perceived as a normal picture, but an encrypted message can be extracted from that picture if the person knows where to look.
Obviously there are some major drawbacks to technological advancements, computer memory is very hard to completely erase and often leave a trail for law enforcement agencies to use against criminals, For instance, in Turkey, towards the end of 2000, practically a thousand members of the radical group, Hezbollah, were arrested in a serious of raids and taken into custody, and allegedly about 20,000 pages of documents were recovered from computer archives (Aras & Bacik, 2002).
Fund Raising and Promotion
In today’s day and age, terrorists have so much available to them, websites are full of propaganda and due to the advancements in software language barriers are no problem to overcome (Weimann, 2004).
The information that the terrorist Web sites usually give is usually about general history, their activities, their ideology and political statements, current news regarding their activities, as well as information about their targets, often they will also give out rogue information on targets which will get the security services into a twist, but this information is designed to mislead.
The way in which the Internet is used to raise money by terrorist organisations is a good example as to how information technology can provide new ways to fund their operations. Cost of Cyberterrorism. Between 1993 and 1995, there were 40 threats made directly to banks in the US and Great Britain. It is reported that in January 1999, a investment bank paid roughly ten million pounds after receiving a threat against their computer systems, the hackers reportedly crashed a computer in order to show the seriousness of their intent, the bank gave in and paid them off, knowing that the authorities were helpless to act and if their systems did crash there would be alot more then 10 million pounds worth of losses. It is estimated that in United Kingdom, during the three years between 1993 and 1995, terrorists gained more than 400 million pounds (Statistics on Cyber-terrorism, 2000).
The Security Industry Survey carried out in 1999 largely showed that the number of companies that were successfully penetrated went up from 12% in 1997 to 23% in 1998.
Malicious code is used by hackers which attack systems is devastating as the code mutates and leaves systems vulnerable to attack. The most costly malicious code attacks were Low Bug in 2000 at $ 8.75 billion and Code Red at $ 2.62 billion (Wiederin, Hoefelmeyer, and Phillips, 2002)
The consequences of cyber terrorist attacks are not as devastating as the physical terrorist attacks, at least until now. For example, cyberspace provides opportunities for e-bombs and cracking down a Web site but the ramifications of these acts seem less significant than the effect of a physical bomb killing hundreds of people in a matter of seconds, such as the bomb attack in Nairobi in 1998 and Oklahoma City
in 1995. Regarding the potential attacks outlined by Collin, they would be difficult to execute, because of the human factor in these processes. For example, even if it is possible to hack an air traffic control station, there are pilots who have been trained to
double-check unusual commands.
Cybercrime
Cybercrime can be looked on as computer-related activities which are illegal and or destructive, the sole object points at thievery, dishonest means of obtaining cash or leading others to stray by the attacking of infrastructure. Cybercrime can be conducted through global electronic networks” (Thomas and Loader, 2000, p. 3). Cybercrime can be defined as a crime committed in a cyber environment, including the Internet, computer networks, and wireless communication systems. In other words, cybercrime involves crime committed through use of the personal computer.
Cybeterrorism is the word given to acts of malicious intent with the convergence of Cyberspace and Terrorism, networks, servers and computers alongside data storage are constantly at threat from unlawful attacks, for an attack to qualify under the Cyberterrorism heading it should result in violence against persons or property, at the minimum it shouild cause or generate fear. Acts upon infrastructure, economic loss, plane crashes and explosions are all forms of Cyberterrorism.
Cyberterrorism and Cybercrime makes the job for law enforcement even harder ,law enforcement and policy makers already struggle under immense pressure to meet targets and maintain the peace proving a safe environment for the public. Due to the nature of cyber-criminals rerouting their trail through international countries, a response to such a malicious threat requires international cooperation involving participation of all concerned parties .
However, society today is cased within the technological bubble, everything is controlled by computers and vulnerability emerges from increased reliance on technology, lack of legal measures, and lack of cooperation at the national and international level represents major obstacles toward effective and immediate response to these threats. In all the sheer lack of global peacekeeping in terms of responding to cyberterrorism and cybercrime is the general problem.
Pollitt (1997) defines Cyberterrorism as “the premeditated, politically motivated attack against information, computer systems, computer programs, and data which result in violence against non-combatant targets by sub-national groups or clandestine
agents.”
Terrorists and cyber criminals will spend sometimes months to exploit vulnerabilities in a system, all the time remaining undetected and hitting key sectors including technical, legal,
Political, and cultural, as well as defence. Such a broad range of vulnerabilities can be dealt with by
Comprehensive cooperation which requires efforts both at the national and international
level. Expert opinions suggest that cyberterrorism is split into three general classifications;
Disruptive and destructive information attacks,
- Disruptive and destructive information attacks
- Facilitation of technology to support the ideology, and Communication,
- Fund raising, Recruitment and Propaganda
Terrorist use for the Internet
Terrorists use the internet for mainly communication, essentially covert operations and as a means for a new command and control infrastructure. Access to information via the Internet and the world wide net, as well as maps for target locations and applications that will help with encryptions and monitoring. Technical data is widely accessible on the net for weapons and bomb construction.
Use of the internet as a platform for distributing propaganda on terrorist groups and causes, and related recruitment of individuals,
Examples of Attacks
In 1998, what was once known as the first attack by terrorists against a countries computer systems was when Tamil guerrillas jammed the servers located at all Sri Lankan Embassies with 800 emails a day over a 2 weeks period with messages such as
“We are the Internet Black Tigers and we are doing this to disrupt your communications”
The statement couldnt have been more true, everything stops, whilst security specialists comb the networks using off the shelve virus removers and other software to get rid of the spam.
During the Kosovo conflict in 1999, NATO computer systems were targeted in a huge blitz by several eastern European countries in a protest to object against the bombings. Businesses and public organisations with ties to NATO were targeted and considerable money was lost in the turmoil.
More recently Estonia was hit by a spate of terror acts from Russia in what is deemed a Cyberterrorism act of vengeance for the movement of a Soviet-era war memorial commemorating an unknown Russian who died fighting the Nazis. Government websites that normally received 1000 hit a day were getting 2000 hits per second, causing the servers to crash and be shut down for hours, even days and weeks.
The public just think that a few guys with nothing better to do sit on their pcs and create viruses and mess around, but there is no actual threat to physical life but this is a myth, the business world and people within are often exposed to grave harm.
Another example showing the problems of hackers infiltrating web sites and Web site defacement was between attackers from Pakistan and India. At the time of much unrest between Indian and Pakistani soldiers in Kashmir in 1999, both countries computer geniuses also fought in the cyber world. Pakistan’s experts hacked the Indian Army Web site www.atmyinkashmir.org and left anti-Indian statements about the Kashmir issue. The Indian Government, in retaliation, cut off all network access to the Web site of the prominent Pakistani newspaper, Dawn (Varma, 1999).
Processes of attack
Different forms of attack are available to hackers and those who wish to deface or destroy data, they use malicious code attacks: “Malware.” The term malware represents the combination of “malicious” and “software” (Furnell, 2000, p. 143).
There are different types and processes of malware attacks. The common forms of malware attacks are viruses, worms,
Trojan horses and software bombs. These are examined in detail in the following section.
Internet worms or Viruses
These viruses and worm programs are designed to imbed themselves within the codes of programs and lie dormant till the hacker requires them to destroy or shit down computers; they can hijack the computer and can copy and destroy email lists and address books. Communication devices such as mobiles and PDA are also hot items to target.
Viruses: Brunnstein, Fischer-Hubner, and Swimmer define a virus as “a non-autonomous set of routines that is capable of modifying programs or systems so that they contain executable copies of itself”
Furnell, 2000, p. 144).
Viruses are malicious software that has the ability to replicate themselves, the virus will attach itself to other applications and software and slowly spread as infected files and disks are used by users. With every new host, the malicious virus inserts itself and executes its payload, they are often weird and strange warning messages or look like innocent files when clicked can wipe all the files from the hard drive (Taylor et al., 2004).
A brilliant example of how a virus can be very expensive is the much publicised I LOVE YOU virus. ICSA, a computer security company estimated the cost of the I LOVE YOU virus to be up to 1$ billion
(Miastkowski, 2000).
Worms: Unlike Viruses, worms do not attach themselves to other software programs. They exist entirely as separate programs and they can spread themselves automatically (Stephenson, 2000, p. 37).
Trojan Horse
Trojan horses: Hackers and attackers will often use Trojan horses to gain access to important and highly sensitive data information, often a Trojan is used where access is restricted and the hacker is lucky enough to find a ‘Backdoor’ basically a loop within the code for access, for example, the target’s password is captured by the dormant Trojan, it will replicate it, and forward it to the hacker.
There are differences between viruses and Trojan horses, firstly the Trojan horses will not replicate or infect any other files on the hard disk. Secondly, the Trojan Horse can stand alone without any attachment to other applications and programs. And finally, the target source may not always be entirely aware of the fact that a maliciously intended Trojan horse was sent to him or her. Basically Trojan horses can be sent with under covert means where the intended target perceives it to be harmless, like an email attachment that looks conspicuous enough and looks safe enough. For example, the attacker may send a message that may be interpreted as friendly information for the receiver, such as a link to a competition etc
Phlooding
This is a new wave of attack used by hackers and fraudsters to simultaneously launch geographically distributed attacks that targets a business’s authentication or network log-in structure, with the goal of overloading its central authentication server, these attacks have originated from all across the globe, they bombard a wireless Access points (AP’s) with login requests using multiple password combinations which have the ability to severely slow down logins and critically interfere with broader network operations causing major security breaches. Security specialists reckon businesses with multiple office locations served by a single identity management server could be particularly vulnerable to Phlooding attacks.
Malware
Programmes such as the ‘Trojan Horse’ hides a malicious code within a document that will in turn collect usernames and passwords for email accounts amongst other information, These programs can download programmes without the user knowing and relay attacks against other computers remotely. An infected computer can be controlled by the attacker and directed to carry out functions normally available to the systems owner.
Hacking
Nowadays increasingly the method of attack most favoured is the art of hacking, to use the knowledge of codes and programming to access systems to find secrets. Government computers in Britain have a network intrusion detection system, which monitors traffic and alerts officials to misuse or anomalous behaviour.
Botnets
These are compromised networks that the attacker can exploit. Deliberate programming errors in the software can easily remain undetected, Attackers can exploit the errors to their advantage to take full control of the computer remotely. Botnet can be used to steal information from highly encrypted computers or to collect sensitive information such as credit card numbers by ‘sniffing’ or logging the keystrokes of the victims keyboard.
Software Bombs
This software acts like a bomb connected to a detonator, which may contain an execution of a program. The malicious code may be hidden in a program, and once the program is activated, malicious code becomes activated. For example, a sacked employee who feels dissatisfied with the employer who has access to internal software may upload and hide a software bomb in the company’s payroll program.
In 1992, an employee of the United Kingdom’s Chilworth Communications was convicted of planting a logic bomb before his resignation in September 1990. The bomb was triggered in October 1990 and damaged important files that cost the company more than $50,000.
(Larry Greenemeier, InformationWeek, June 12, 2006)
Keystroke Loggers
This is a device that can be fitted to the keyboard or an application that can be installed on the computer that automatically records every key that is typed on the keyboard, obviously all information such as passwords, email, basically anything that is typed on the keyboard will get logged and then accessed by the third party.
Denial of service Attacks
Overloading a computer system with data so that it can no longer function. This is the method allegedly used by the Russian hackers which targeted the Estonian government computers in May.
Phishing and Spoofing
This is a system of attack designed to trick an organisations computer user to reveal passwords and confidential data such as card details. Those that use this method impersonate a trusted source such as a bank or a well known service to persuade the victim to hand over the details in complete faith.
IP spoofing: After overloading the system, an attacker can pretend to be an authorized system, while blocking the actual system’s service. Since the flooded system cannot respond to the inquiries, the unauthorized system will receive all of the legitimate
Computers’ packets (Stephenson, 2000, p. 46).
Force Multiplier Effects
Different types of Cyberterrorism may also be used to multiply
Cyber-terrorists commit acts of terrorism simply for personal gain or sometimes out of boredom. A less known group known as Chaos Computer Club was discovered in 1997. They had created a simple Active X Control for the Internet that could trick the Quicken accounting program into removing money from a user’s bank account. This could easily be used to steal money and details from users all over the world that have the Quicken software installed on their computer for banking services. . This type of file is only one of thousands of types of viruses that can do everything from simply annoy users, to disable large networks, which can have disastrous, even life and death, results.
Gaining publicity is one of the aims of Cyberterrorism, to show the world that all is not safe and no matter how hard you protect your money and securities, there is always a way to get in. For example, information warfare techniques such as Trojan horse viruses and network crippling worms are more often used to not only critically do damage to computing resources, but also as a way for the designer of the viruses to “show off.”, they will add extra messages to demonstrate flair. This is a serious ethical issue because many people are severely affected by these cases. On one hand, the viruses and malicious software can consume system resources until networks become useless, costing companies millions in lost revenue as business grinds to a halt. It is also time consuming, to comb through the systems with scanners trying to root out the problems and cleanup the systems.
Also, depending on the type of work done on the affected computers, the damage to the beneficiaries of that work could be lethal. Even if the person never meant to harm someone with their virus, it could have unpredictable effects that could have terrible results. For example, a Trojan horse that cause computers to shit down unexpectedly could be released into the NASA space command system through wireless transfer, can one imagine the catrophopic results if the NASA computers were shutdown when in the middle of a satellites or spaceships re-entry into the earths atmosphere? The computers on earth are systematically linked with others elsewhere to create a bond, if one fails then the other will too.
Who are the Cyberterrorists?
When people think about Cyberterrorism and Cybercrime, an image pops into your head of a geek sitting in front of a bank of computer terminals feverishly typing commands into a keyboard, just doing computer stuff, but the threat is not taken seriously enough, A terrorist does not usually spend his or her entire life working at a computer. However, there are crackers and some other people who are in that business. These particular persons are potential candidates for becoming cyberterrorists. This conversion from cracker to terrorist may be motivated by money, prestige, and/or ideology (Collin 1997).
However, some analysts suggest that as terrorists are becoming more familiar with technology, a new generation terrorists who are more computer-savvy may be growing, and they may focus on using this technology to carry out cyber attacks (Denning 2000).
An example of Cyberterrorism in one of its more unusual forms is the use of computer systems for the aim of assassination. In one case, a mob boss was shot but survived the shooting. That night while he was in the hospital under secure armed guard, the assassins hacked into the hospital main computer central server and tapped into the sector that dealt with the ACIST automated injection protocol and in turn changed his medication so that he would be given a lethal injection. He was dead a few hours later.
They then changed the medication order back to its correct form, after it had been incorrectly administered, to cover their tracks so that the nurse would be blamed for the so called “accident”. There are many ethical issues involved in a case like this. Most obviously, a man was killed by the hackers’ actions. Also, the life of the nurse was probably ruined, along with the reputation of the hospital and all its employees. Thus, there are often more stakeholders in a terrorist situation that the immediate recipient of the terrorism.
In April of this year, a former engineer at one of the largest nuclear power plant in the United States (Palo Verde Nuclear Generation Station outside Phoenix) was criminally charged with taking computer access codes and software and offering to sell for a reported $1 million to Iran, the codes in question were then to be used to download details of plant control rooms and reactors, some of which were highly sensitive and classified. Using these codes could potentially combine the two (electronic/physical) for a massive loss of life and thousands of years of radiation contamination.
Types of Hackers
Not every individual who uses information technology to further their agendas is a cyber terrorist, However, it is always very difficult to determine whether it is a teenager messing about or a coordinated attack by a cyber criminal, usually it is a judgement call on whether it is the two but usually you can tell by the technical knowledge that is used with malicious intent. There are various categories of attackers as listed;
Hackers; can be broken down into categories, are explained below
1: White-hat hackers
Known as friendly hackers that are most commonly using their knowledge for good reasons, usually these types of hackers end up working as high-paid network consultants, programmers, and security consultants. When a software bug is found within an organisation, the white-hat will work hard to solve the problem and then make other companies aware of the problem too.
2: Grey-hat hackers
Are borderline white/black hats. They will sometimes prank unsuspecting users and cause general mayhem. While they think this kind of activity is harmless and non-threatening, they may face long periods of jail time if they ever get found out.
3: Black-hat hackers
Also known as crackers and jackers these are the ones to watch out for, they send and make viruses, destroy data, and deface websites along with other illegal activity and break into people’s machines. This type of hacker have a very bad reputation, and usually end up in jail for a long periods of time after they hack into military installations and cost millions in tax payers money for costly raids to track them down.
The Fight against Cyberterrorism and Cybercrime
The governments around the world are doing as much as they possibly can within their budgets to combat the threat of cybercrime but it is hard to pinpoint locations and get law enforcements agencies to get there to arrest suspects. The American security agency the NSA joined forces with the New Zealand largest intelligence agency, the Government Communications Security Bureau (GCSB) to develop a system to eavesdrop on the worlds communication, known to he world as the ECHELON system it is used to intercept ordinary e-mail, fax, telex, and telephone communications carried over the world’s telecommunications networks. … It potentially affects every person communicating between (and sometimes within) countries anywhere in the world.
All the text messages and any written communications such as email, faxes or telexes intercepted at the various sub-stations are fed into the ECHELON computers. This is an enormous mass of material — literally all the business, government and personal messages that the station intercepts. The main program is the Dictionary program. It reads every word, number and character in every single incoming message, trying to locate patterns and picks out all the ones containing target keywords and numbers. millions of simultaneous messages are read in ‘real time’ as they come into the station, minute after minute, day after day, if keywords are flagged then they are sent onto stations of the NSA and CIA for further investigation.
Even though many say we are all becoming citizens of a nanny state, where we are watched 24 hrs a day, systems such as the ECHELON program are devised to help governments to target terrorists and persons up to no good, but what would happen if terrorists themselves were to gain access to sensitive data such as this program? Or they were able to hack into the ECHELON dictionary program and imbed a worm that could remain dormant for years till it was needed..? The thought of such matters are frightening, that is why more concern is needed by the world in general to address the threats of Cyberterrorism and safeguards need to put in place for future use.
It is ultimately known that The United states of America have the most problems relating to Cybercrime and Cyberterrorism, not enough was being done by the numerous American agencies to combat the situations and day by day, problems were escalating, the American government in October 2002, the Joint Task Force Computer Network Defence was re-designated Joint Task Force Computer Network Operations (JTF-CNO) and was assigned to the US Strategic Command. It includes components from all four American Armed Services and The Defence Information System services. The task force has two main objectives, to defend Department of Defence computer networks and systems from any unauthorised event such as probes, scans, virus incidents or any malicious intrusions. Also the coordination, support and filtration of computer network attack operations in support of regional and national objectives.
Countries such as Pakistan where alot of terror cells do operate from have passed new laws such as The Electronic Crimes Bill 2007 targeted mainly at e-crimes, Minister for Information Technology and Telecommunications, Awais Ahmad Khan Leghari said under the proposed legislation the e-crime law would require the internet service providers to hold their traffic data for at least six months to enable the agencies to investigate cases involving data stored by them.
The Pakistani government say any Illegal interception in electronic communication like the hijacking of e-mail of another person will get upto five-year imprisonment or a fine of upto £500,000. Whoever an individual or group commits an offence of cyber terrorism and causes the death of any persons will be punished with death or life imprisonment..
Leghari said anyone involved in attempt to obtain confidential information of any other through electronic device like network system or router will get up to two-year imprisonment or a hefty fine.
Data damage crimes like illegally manipulating financial record or other important information of an organisation carries a prison sentence of upto 5 years. Misuse of electronic system or electronic devices in which a person develops software or hardware with trap door for manipulation is classed as a severely punishable act and can carry a life imprisonment term.
Within the UK, the main government agency to deal with Cyberterrorism was The National Hi-Tech Crime Unit, which previously dealt with internet crime in the UK, identity fraud and serious cases of Cybercrime has now been merged with another agency known as Serious Organised Crime Agency (SOCA). SOCA has been formed by combining the National Crime Squad, the National Criminal Intelligence Service, and experts from HM Revenue and Customs and the UK Immigration Service.
Another big issue where computer systems are vulnerable are Nuclear Systems, obviously for matters of national security the clearance level for computer access is of the highest priority. Each system is a complex bank of computers that work together to create a hierarchy of commands that technicians and scientists use for nuclear launches, even though many are automated the need for more secure systems is a necessity. In Oak Ridge the American Nuclear Weapons and Science base, there are several sensor systems that are capable of providing unattended monitoring of the physical and or assigned attributes associated with stored nuclear materials.
The main computer systems that the nuclear service uses are the following;
The Continuous Automated Vault Inventory System – CAVIS
The ReflectoActive Seal System – a system designed to monitor tamper indicating seals continuously for unauthorised opening or closing, the system provides immediate notification of where and when a breach is caused all in real time.
Graphic Facility Information Centre – GraFIC, this is a system where the remote less system can monitor and report all items of nuclear activity from the various sensors and systems to an unlimited number of systems located around the world, launch sequences and all codes are fed into this system.
Imagine the scene where criminals access these information systems, they could change temperatures, change the launch codes and even turn off alerts so no one official would know that any seals would have been breached.
Attacks against a countries infrastructure is both lasting and seriously damaging, In the United States, there have been many such attacks against the main critical
Infrastructure. In March 1997, a young hacker disabled vital services in the Worcester Airport air traffic control tower for six hours (CCIPS, 1998).
The hacking resulted in disabling of telephone services to the tower, airport fire department, security and other departments at the airport (Cilluffo, 2000).
Since the atrocities at Ground Zero on September 11th 2001 the world has been on edge just waiting for the next attack, imagine a scenario where a person with a bomb strapped to their chest detonates within the lobby of a major banks headquaters in an articulated attack obviously will cause major loss of life and immense grief but it is less likely to bring a halt to business to a halt, whereas if a major ccyber attack was unleashed against the same bank, infecting all their computers and servers, business would grind to a halt, ok, loss of life will be zero but infrastructure and business output would have a knock on effect to all the country. If the bank released a statement to say that every UK customers details held on a central database was hacked and copied by persons unknown then overnight the bank would collape because every person would close their account down and move their monies and securities elsewhere.
The starting point for concerns is the simple proposition that nations around the world all now have major reliance on the internet and other computer networks such as Ethernet etc to contribute to their business and activities weather it be public, private, social, economic or military. If persons unknown were to remotely have access to a government installion, for example a branch of the military namely the Nuclear Executive program in the USA, there would be complete and utter mayhem, launch codes would have to reprogrammed and millions would have to spent on redesign.
This paper will look at Cyberterrorism and Hactivism and look at the way in which the world perceives the threat and ways that attacks can be prevented.
Overall the threat to modern society through cyberterrorism is unpredictable, everything is now controlled by computers, weather it is Banking systems, Nuclear and Military Installations,
Motion pictures such as the recent blockbuster Die Hard 4 shows the vulnerability of systems failure and the way the systems can be manipulated to make it easy for terrorist to gain complete control, in the film, the storyline goes like this, a computer programmer who built vital systems for the government banking infrastructure goes rogue and holds the city to ransom, viruses were remotely released into the banking systems prompting bosses to move all funds to a central database which had infact been designed by the rogue programmer. Due to his extensive experience within programming he was able to access nearly every computer system, weather it maybe power grids, cctv, traffic anything and everything that has computer usage, he in turn used the systems against the city and more or less ran away with billions of pounds.
Even though the motion picture was fiction, the harsh reality of the scenario was real, if the common mind looks at the world around us, what can one see where computers are not used, since the introduction of the Internet as mentioned before, more and more reliance has been placed upon theis network for day to day business, everything is now computerised and modernised, justifiably keeping with the times but the vulnerabilities are more open to attack then ever before.
Viruses and internet phishing attacks increase by millions per day, hackers and crooks try every second to gain access to government and banking installation, the Pentagon in Virginia USA is the most hacked computer system in the world. The Pentagon uses more then 5 million computers on 100,000 networks in more then 65 countries. The Pentagon reported more then 79,000 attempted intrusions in 2005 alone, about 1,300 attempts were successful, including the penetration of computers linked to the Armies 101st and 82nd Airborne Division and the 4th division. In August and September 2005 Chinese hackers penetrated the US state department computers in several different countries, hundreds of computers had to replaced because they were corrupted.
Chinese hackers also targeted the US Naval war College network in November 2005 forcing the College to shut down their entire system for several weeks.
Official US figures reveal that the total number of security incidents reported by US departments and agencies rose from about 5100 in 2006 to over 13000 in 2007, certainly the Chinese are well versed in the art of Hactivism and blame always falls on their shoulders, but this is not always the case, the USA is known as hacker heaven, most of the hacker attacks conducted within the USA have been by Americans but routed through remote computers all around the world, making it harder for security experts to trace.
The war on terrorism is at a peak, but even though billions are being spent by governments, not enough is being done, still terrorist cells such as Al-Qaeda and Hezbollah amongst others regularly use the Internet, communicate via email, meet in online chat rooms and use PGP encryption and plan to carry out cyber attacks using for example wireless technology, the governments especially the US government try to use software such as the Enchillion software to keep track of chatter on the internet, key words that are on hot lists when used by people in public or private domains are flagged and investigated by numerous agents in the hope that it will lead to a conviction of a terrorist cell etc
The thought of Cyberterrorism conjures up images of vicious hooded terrorists unleashing fatal attacks against computer servers and networks, causing havoc, and disabling nations. This is a scary scenario, but how likely is it to happen? Could Al-Qaeda and other terrorist cells really cripple critical military, banking, finance and government computer systems?
Psychological, political, and economic forces have been combined to escalate the fear of cyberterrorism. From a psychological and mental perspective, two of the biggest fears of the modern times have now combined in the term Cyberterrorism. Even though there have not been any news spotlights on Cyberterrorism, the fear of attack is widespread, people expect things to happen, as the world is now at the stage where attacks and killings are common, it is just a matter of time till the new era terrorist may be able to do more damage with a keyboard than with a bomb.
Even so, the potential threat is without a doubt a reality and fears seems likely to increase, making it all the more important to address the danger without causing severe unrest amongst the public. .
Douglas Thomas, statement to the Subcommittee on Government Efficiency, Financial Management and Intergovernmental Relations
“Our nation is at grave risk of a cyberattack that could devastate the national psyche and economy more broadly than did the 9/11 attacks”.
Cyber-Terrorism is a problematic nuisance for people and companies throughout the world, with the internet growing everyday, it is hard to keep track of all that is going on. As more and more new technology is established, individuals find new ways to hack and corrupt it. Most of the times there is malicious intent behind such actions. These acts can include everything from computer viruses to pirated IP addresses and credit account fraud. If you have top-level virus-scanning software such as Norton, or McAfee your machine will be safe from many of the viruses that you will come across. Although there is a mutation of existing viruses among the hacker community, they are easily identified and defended against by the scanning programs.
The majority of the viruses are meant to be detected; hackers want the Tech security groups to find their rogue programs whilst the more dangerous worms lie undetected. For the most part hackers want their viruses to be caught before they cause major damage otherwise known as a Stealth virus. Such a virus could go undetected for hours, days or months as it worked its way throughout a particular system and then strike at a pre-selected time. For the entire computer operated portions of international society this is a threat, this extends from mass transit to police and bank records and correctional facilities. Massive destruction both physical and theoretic could easily occur from the unleashing of malicious viruses that want to wipe all sectors and quite frankly September 11th 2001 could be seen as the first of many such attacks by terrorists to create widespread destruction and confusion. For high tech systematic attacks on a countries or businesses mainframe would cause the entire economic and banking infrastructure to crash. This would be a case of international espionage and would be a drastic move from the normal programs the tech security groups deal with on a daily basis. This type of attack could slide under existing defense and not be identified until it was too late thus rendering the attempts to defend helpless.
The concept that anyone can become a hacker is actually a myth,
It would take a hacker who is familiar with a number of coding languages and networking intricacies, thus defeating the notion that only America and its allies have such a viable technological background. There needs to be improvements all round to ensure that security remains tight, the world does not need any more catastrophes but the heightened security has led to tighter inspection of mainframes and a new generation of firewalls and encryption are already being rushed to the marketplace and implemented in many government agencies.
Governments are already announcing that stronger measures need to be taken on hackers to prevent them from causing greater damage to infrastructure, last year crude hackers and sophisticated cyberterrorists launched a scathing attack on the Estonian Defence Ministry, using Botnets the hackers took control of remote servers and unleashed a barrage of viruses and malicious code intended to disrupt and damage systems, the blame was widespread mainly being directed at the Russian government who obviously denied any involvement, when security experts tried to track the origin of the attack, they found that the botnet attacks came from computers in 76 different countries, obviously it was routed through these countries in order to cause confusion, the only lead they had to go on was a internet protocol which barely proved anything, it was lucky that experts caught the maliscious activity before it could any real damage, the intended effect was to paralyse websites and cause severe disruptions to key services such as banking, in a country with one of the highest internet usage in the world.
Conclusion
Combating crimes including Cybercrime and Cyberterrorism is an overwhelming task.
Cybercrime is global so the problem is far much problematic then meets the eye, when a computer gets hacked, unless the hacker is a novice sitting at his computer in his living room, the process to track him down is very lumber some and highly costly,
The global nature of Cybercrime and Cyberterrorism requires global responses. More needs to be done by the international committee to act on such crimes, some countries will prosecute you for an act of hacking whereas others will dismiss it as a mistake, harsher sentences need to be handed out to make an example of those who wish to cause widespread fear at the expense of others.
International laws need to be made and acted upon, the world already has enough terrorist threats and problems, we all wish to live in peace and harmony not looking over our shoulder on a daily basis.
As we have embraced this technological era with both hands, making it easier for all, we need to put safeguards in place that stop individuals from taking advantage and holding the world to ransom.
In conclusion, this paper has shown that whether it is Cyberterrorism, Cybercrime, Terrorism or Hacking it does not make a significant difference when it comes to international cooperation. The fact of the matter is that the more powerful countries in the world like USA are the ones that need more help and cooperation from other countries, due to the nature of rerouting ISP’s through countries with diplomatic immunity, foreign countries are less likely to give information which may lead to the arrest of a fellow citizen, which in turn will lead to a frenzy by media and possible boycotting etc
The threat of cybercrime is as severe as threats such as blowing up of an airliner, the international community need to work together to combat the threats of Cybercrime and Cyberterrorism.
Extensive research at The British library UK
British Computer Society
ACM – Association For Computing Machinery
Search Engines
http://www.google.co.uk/
http://www.google.com
http://www.msn.com
http://www.ask.com
Misc
http://www.wikipedia.org/
http://www.encyclopedia.com/
http://www.si.edu/Encyclopedia_SI/
http://www.britannica.com/
Berinato, S. (2002). The truth about cyberterrorism. CIO Magazine.
http://www.cio.com/archive/031502/truth.html
Blume, P. (2000). Data protection of law offenders. In D. Thomas & B. D. Loader (Eds).
Cybercrime: Law enforcement, security, and surveillance in the information age
(pp. 193-218). New York: Routledge
Borland, J. (1998). Analysing the threat of cyberterrorism. TechWeb.
from http://www.techWeb.com/ wire/story/TWB19980923S0016
Brenner, S. W., & Goodman, M. D. (2002). In defense of cyberterrorism: An argument for anticipating cyber-attacks. University of Illinois Journal of Law,
Carter, D. (1995). Computer crime categories. FBI Law Enforcement Bulletin, 64,
Carter, D., & Bannister, A. J. (2000). Computer crime: A forecast of emerging trends.
Paper presented at the Academy of Criminal Justice Sciences Annual Meeting,
CCIPS. (1998). Press release: Juvenile computer hacker cuts off FAA tower.
from http://www.cybercrime.gov/juvenilepld.htm
CERT. (2002). Computer emergency response team. http://www.cert.org/
CERT/CC. (2003). Introduction to the CERT® coordination center.
from http://www.cert.org/faq/cert_faq.html#A1
Cilluffo, F. J. (2000). Cyber-Attack: The national protection plan and its privacy implications.
http://www.homelandsecurity.org/
Cilluffo, F. J., & Pattak, P. B. (2000). Bad guys and good stuff: When and where will the
cyber threats converge? DePaul Business Law Journal, (12), 131- 169.
CNN. (1996). Hacked CIA Web site still down. Retrieved January 15, 2008
http://www.cnn.com
Cohen, W. (2000). The need for Homeland defense. http://www.homelandsecurity.org/showQuotes.asp?AuthorID=14
Collin, B. C. (1997). Cyberterrorism from virtual darkness: New weapons in a timeless battle. Retrieved from http://www.counterterrorism.org
Communication System. (2000). The electronic intrusion threat to national security and emergency preparedness (NS/EP) internet communications an awareness document.
http://www.ncs.gov/library/reports/electronic_intrusion_threat2000_final2.pdf
Computer Fraud and Abuse Act. US CODE: Title 18,1030.
Conway, M. (2002). Reality bytes: Cyberterrorism and terrorist ‘Use’ of the Internet.
http://firstmonday.org/issues/issue7_11/conway/index.html
Convention for the Protection of Human Rights and Fundamental Freedoms. (1950).
http://conventions.coe.int/treaty/en/Treaties/Html/005.htm
Convention on Cybercrime. (2001).
http://conventions.coe.int/Treaty/en/Treaties/Html/185.htm
Cooper, H. H. A. 2001. Terrorism: The problem of definition revisited. American
Behavioral Scientist 44, 881-893.
Crime & Policing. (2000). The Regulation of Investigatory Powers Act (RIPA).
http://www.homeoffice.gov.uk/crimpol/crimreduc/regulation/
Critical Foundations: Protecting America’s Infrastructures (1997). The report of the President’s Commission on Critical Infrastructure
In A. D. Sofaer, & S. E. Goodman (Eds.), The transnational dimension of
cybercrime and terrorism (pp. 91-124). Stanford, CA: Hoover Institution Press Publication.
Cybercrime European Commission. (2004). What steps is the EU taking to combat cyber-crime? http://europa.eu.int/comm/justice_home/fsj/crime/cybercrime/wai/fsj_crime_cyber crime_en.htm
Dallas News. (2003). Secret Service creating team to fight cybercrime.
from http://www.crimeresearch.org/eng/news/2003/06/Mess1706.html
Davis, E. S. (2003). A world wide problem on the World Wide Web. International responses to transnational identity. Washington University Journal of Law & Policy.
Denning, D. E. (1997). Encryption and evolving technologies as tools of organized crime and terrorism. National Strategy and Information Centre
Denning, D. E., & William E. B. (1997). Encryption and evolving technologies as tools of organized crime and terrorism, Washington,
National Strategy Information Center.
Denning, D. E. (2000). Cyberterrorism. Global Dialogue. Retrieved
http://www.cs.georgetown.edu/~denning/infosec/cyberterror-GD.doc
Denning, D. E. & Baugh, W. E. Jr. (2000). Hiding crimes in cyberspace. Cybercrime: Law enforcement, security, and surveillance in the information age. NY: New York, Routedge Taylor & Francis Group.
Drozdova, E. A. (2001). Civil liberties and security in cyberspace. In A. D. Sofaer, & S.
E. Goodman (Eds.), The transnational dimension of cybercrime and terrorism
(pp. 183-220). Stanford, CA: Hoover Institution Press Publication.
Electronic Privacy Information Center – EPIC. (2002). FBI’s CARNIVORE system
http://www.epic.org/privacy/carnivore/5_02_release.html.
Entrust. (2003). Entrust applauds DHS establishment of National cyber security division.
http://www.entrust.com/news/files/06_06_03.htm
EPIC. (1998). Critical infrastructure protection and the endangerment of civil liberties an assessment of the President’s Commission on Critical Infrastructure Protection
http://www.epic.org/security/infowar/epic-cip.html
Evers, J. (2000). The Netherlands adopts cybercrime pact
http://www.theexperiment.org/articles.php?news_id=980
FBI National Computer Crime Squad (1999). Retrieved from http://www.fbi.gov
Fisher-Hubner, S. (2000). Privacy and security at risk in the global information society.
In D. Thomas & B. D. Loader (Eds), Cybercrime: Law enforcement, security, and
surveillance in the information age (173-192). New York: Routledge
Freedom House. (2003). Freedom in the World 2003: Survey methodology.
http://www.freedomhouse.org/research/freeworld/2003/methodology.htm
Furnell, S. (2002). Cybercrime: Vandalizing the information society. Great Britain:
Pearson Education Limited.
Galley, P. (1996) Computer terrorism: What are the risks? Science, Technology and
Society Swiss Federal Institute of Technology. http:
Order Now