About Cyber Terrorism
Info: 5643 words (23 pages) Essay
Published: 31st May 2019
CYBER TERRORISM : A NEW DIMENSION OF ASYMMETRIC WARFARE
CHAPTER I
INTRODUCTION
“Information Warfare, in any future conflict will give weaker nations, who do not possess the conventional military strength to win a war, an opportunity to wage an asymmetrical war. The day is not far when hired mercenary hackers will carry out remote attacks using viruses, worms or logic bombs on an adversary nation’s computer systems. Probably, tomorrow’s terrorist would be able to do more harm with a mouse and a modem than with TNT and RDX.”
Alvin Toffler
1. The Internet has become a part of everyday life and is today a network of millions of computers spread out over countries. It enables communication with a wide range of people to a single specific individual or to a select audience. The internet transcends the barriers of nationality, culture, language, religion or creed. It permits nearly total freedom and individual choice. It is today beyond the control of any government or agency, and information flows freely throughout the world.
2. Undoubtedly, information technology has been the greatest change agent of the last century and promises to play this role even more dramatically in this millennium. It is continuously changing every aspect of human life – be it national defence and global security or communications, trade, manufacturing, services culture, entertainment, education, and research. It has also become the main indicator of the progress of nation states, communities and individuals. The developments in information technology (IT) are being increasingly adopted by operational planners in the government and armed forces. Information technology revolution has led the evolution of digital communication networks, cyberspace, microcomputers and associated technologies. If these are the scope and intensity of the applications of IT in our day to day life, the armed forces need to quickly grasp the enormous opportunities it offers to the terrorists to use cyber space as a weapon of future warfare. deals with a wide variety of subjects especially in the realm of technological advancement. Tremendous advances have been made in telecommunications and computers in the recent years. These advances have given the power to use information to a wide section of the population, thereby heightening challenges to information security. New technologies would have far reaching implications to defence forces and it would be prudent on the part of strategic decision makers to prepare for induction of newer innovations and also to meet the risks posed by them.
3. Currently, the world is going through technology and information based era. We have now the capability to transfer and share information at much faster rate. May it be the corporate sector or the communication network or the command and control network or the information and surveillance network, there is total dependency on computer and computer networking. The forms of cooperation, competition, conflict and warfare are changing as information technology is changing the way we observe, understand, decide and communicate. According to Alvin Toffler[1], we are going through the ‘third wave’. This is about the ability to seek and control the flow of information, on a scale, which is unimaginable and is yet not fully explored and exploited. In other words, it is an era of knowledge based information age warfare. The information revolution has engulfed into its folds the entire range of a nation’s basic infrastructures, like banking, military, politics, economy, transportation, etc. There seems to be no end in sight and we cannot remain aloof from its effects and choose to go without it. The information technology has permeated from the standalone PC to the widest possible area networks, all over the world, including the art of waging warfare.
4. Asymmetric warfare as defined by Wikipedia originally referred to war between two or more belligerents whose relative military power differs significantly. Contemporary military thinkers tend to broaden this to include asymmetry of strategy or tactics; today “asymmetric warfare” can describe a conflict in which the resources of two belligerents differ in essence and in the struggle, interact and attempt to exploit each other’s characteristic weaknesses. Such struggles often involve strategies and tactics of unconventional warfare, the “weaker” combatants attempting to use strategy to offset deficiencies in quantity or quality. Such strategies may not necessarily be militarized. This is in contrast to symmetric warfare, where two powers have similar military power and resources and rely on tactics that are similar overall, differing only in details and execution.[2]
5. Terrorism has emerged as one of the most complex and perplexing phenomena the world has faced. In addition to the tactics and ideological complexities, the dynamic nature of terrorism proves itself in the way terrorists adapt new technologies, like computers and other IT tools. Establishing consensus-based, concrete, result-oriented international cooperation in responding to terrorism seems very difficult in practice. However, available mechanisms to facilitate formal or informal cooperation in the area of cybercrime and cyber terrorism may be encouraging.
6. Cyber terrorism is the employment of computing resources to intimidate or coerce another (government) to achieve some political goals. Cyber attacks involve activities that can disrupt, corrupt, deny, or destroy information stored in computers or computer networks. Cyber terrorism attacks can be: cyber attacks or physical attacks both affecting the informational infrastructure.
METHODOLOGY
Statement of the Problem
7.The aim of this dissertation is to study Cyber Terrorism as another dimension of asymmetric warfare and suggest measures to combat this threat.
Hypothesis
8.Cyber Terrorism as part of cyber warfare is the emerging theatre in which future conflicts are most likely to occur and has emerged as another dimension of asymmetric warfare.
Justification of the Study
9. The Information Age will define the 21st century as information systems permeate all aspects of life. Cyber warfare will take the form of a devastating weapon of the future battlefield and cyber terrorism would be integrated in the war fighting strategies of nations in the years to come.
The Information Revolution and consequent widespread computerisation is the hallmark of the last few decades of the millennium. The explosive growth in use of IT has profound effect an all facets of life at personal and national level. Computer systems globally have become interconnected and as a result, these networks have become much more vulnerable to attack. The premise of cyber terrorism is that nations and critical infrastructure are becoming increasingly dependent on computer networks for their operation. Also as armies around the world are transforming from a platform centric to a network centric force there is increasing reliance on networking technology. With all the advantages of such connectivity come unprecedented challenges to network security. A hostile nation or group could exploit the vulnerabilities in poorly secured network to disrupt or shut down critical functions.
Greater reliance on information systems will also lead to greater vulnerabilities. Threats to information infrastructure would be in the form of destruction, disclosure, modification of data or denial of service. The threats could be from hostile net users, hackers and malicious insiders.The incapacitation or destruction of critical national infrastructure would have a crippling impact on any country. A nation attacked by cyber terrorists can be completely cut off from the rest of the world and ruined by disabling its computers and communications networks carrying information pertaining to sectors such as banking, finance, trade, railways, airlines, shipping etc. There is also a potential danger to a country’s national security. The protection of our information resources – information assurance, will thus be one of the defining challenges of national and military security in the years to come. To take advantage of Information Technology revolution and its application as a force multiplier, the Nation and army in particular needs to focus on Cyber Security to ensure protection / defence of its information and information system assets.
This study tries to analyse Cyber terrorism as another dimension of asymmetric warfare along with the threats and vulnerabilities that a country faces from it and suggest mechanisms and strategies to counter this menace.
Scope
10. This dissertation limits itself to a brief introduction to cyber terrorism and discusses the measures put in place by various countries in responding to cyber terrorist attacks. It would also suggest certain mechanisms and strategies to combat the threats posed by cyber terrorism.
Methods of Data Collection
11. The data has been collected mainly from documentary sources such as books and professional journals available in the DSSC library and articles posted on the Internet and newspapers. Also lectures on the subject by guest speakers have also contributed towards this study. A bibliography of sources is appended at the end of the paper.
Organisation of the Dissertation
12. The dissertation has been organised in the following manner: –
-
- Chapter II gives an overview of cyber terrorism giving out the definition, types and forms of cyber terrorism and the vulnerabilities facing a nation due to this.
-
- Chapter III analyses the threats posed by cyber terrorism.
-
- Chapter IV brings out the initiatives undertaken by various nations to defend against cyber terrorism.
-
- Chapter V suggests certain mechanisms and strategies to be implemented to combat the threat of cyber terrorism.
-
- Chapter VI consists of the conclusion.
-
CHAPTER II
CYBER TERRORISM : AN OVERVIEW
The info revolution has given rise to nws & the power is progressively migrating to non state actors, because of their ability to org into sprawling multinational nws. This in turn implies that future conflicts will incr be waged by nw rather than hierarchical orgs. Info ops in an asymmetric environment are not likely to be a passing fancy & with time this threat is likely to proliferate across the spectrum of civ competition & mil conflicts.
1. Unlawful attacks and threats of attack against computers, networks, and the information stored therein are the major weapons used by terrorists with the view to intimidate or force a government or public in furtherance of their objectives are generally covered under cyber terrorism. The term can perhaps be defined to mean the use of computing resources to intimidate or coerce others. Going by this broader definition, many cases of using new information and communication technology by the terrorists would be incorporated within the fold of cyber-terrorism. Technically, to be a case of cyber-terrorism, any incidence of attack should result in violence against persons or property, or at least cause enough harm to generate fear. Attacks that lead to death or bodily injury, explosions, plane crashes, water contamination, or severe economic loss would be examples. Serious attacks against critical infrastructures could be acts of cyber-terrorism, depending on their impact. Attacks that disrupt non-essential services or that are mainly a costly nuisance would not. We need to see the phenomenon of cyber-terrorism in a broader manner. The cases of using the Internet extensively to spread their messages and to communicate and coordinate their activities by the terrorists should also be included within the purview of cyber-terrorism.
2. Cyber terrorism is more than a virus that creates a mild degree of annoyance such as a denial of service. It seeks to cause physical violence or significant financial harm. Targets may include power plants, military installations, the banking industry, air traffic control centers, water systems, and other major centers affecting the lives and well-being of many people and companies. The attacks may be effects-based i.e., the cyber-attacks result in creating fear similar to that of traditional terrorism or they may be intent-based, where the perpetrators seek to press their political, often religious-based, agenda in order to cause a government or its inhabitants to alter their views or actions or to cause serious harm to a nation and/or its peoples.[3] Cyber terrorists may operate anywhere in the world and can conceal their identities far more effectively, often with the cooperation of rogue states or through the lack of capability of local law enforcement agencies to act effectively. The injury caused by cyber terrorists may take place thousands of miles away from the physical location of the attacker, thereby effectively immunizing them from arrest.
3. Cyber-terrorism is a real threat in today’s situation. The term ‘cyber-terrorism’ had been coined by Barry Colin, a senior research fellow at the Institute for Security and Intelligence in California, in the 1980’s to refer to the convergence of cyberspace and terrorism.[4] The various published definitions of cyber terrorism are as follows:-
- A criminal act perpetrated by the use of computers and telecommunications capabilities, resulting in violence, destruction and/or disruption of services, where the intended purpose is to create fear by causing confusion and uncertainty within a given population, with the goal of influencing a government or population to conform to a particular political, social or ideological agenda.[5]
- Cyber terrorism is a premeditated, politically motivated criminal act by sub-national groups or clandestine agents against information and computer systems, computer programs, and data that result in physical violence where the intended purpose is to create fear in non-combatant targets.[6]
- Cyber-terrorism is the premeditated, politically motivated attack against information, computer systems, computer programs, and data which result in violence against non-combatant targets by sub-national groups or clandestine agents. Politically motivated attacks that cause serious harm, such as severe economic hardship or sustained loss of power or water, might also be characterized as cyber-terrorism. [7]
- Cyber terrorism refers to the convergence of cyberspace and terrorism. It covers politically motivated hacking operations intended to cause grave harm such as loss of life or severe economic damage.[8]
- “Unlike a nuisance virus or computer attack that results in denial of service, a cyberterrorist attack would lead to physical violence or extreme financial harm. According to the U.S. Commission of Critical Infrastructure Protection, possible cyberterrorism targets include the banking industry, military installations, power plants, air traffic control centers, and water systems.”
CYBER TERRORISM : MEANS AND FORMS
4. As in other forms of terrorism, cyber terrorism is composed of diverse forms and purposes. In nearly all cases, the methods employed by cyber terrorists are consistent with technologies employed by hackers, crackers and cyber criminals.
Means of Cyber Terrorism
5. Cyber terrorists use a variety of means to disseminate their agenda. Some of these are as follows:-
-
- Virus. This is a piece of a code which is attached to a program and becomes “alive” when the program is activated.
-
- Worm. It is a separate program that replicates itself onto computers without changing any other programs.
-
- Trojan Horse. It is a program fragment that appears to be a worm or a virus that permits the hacker to gain access to a system.
-
- Logic Bomb. This is a type of Trojan horse that may remain dormant until conditions arise for its activation.
-
- Trap Doors. These are means of permitting a programmer to access the user’s software without the user being aware of the access.
-
- Chipping. This is like trap doors but dormant until access is desired.
-
- Denial of Service. The hacker sends almost innumerable requests for information that cause the computer systems to shut down.
6. Forms of Cyber Terrorism. It is very difficult to exhaustively specify the forms of cyber terrorism. In fact, it would not be a fruitful exercise to do the same. Praveen Dalal opines that the nature of cyber terrorism requires it to remain inclusive and open ended in nature, so that new variations and forms of it can be accommodated in the future.[9] However, one of the classifications of the forms of cyber terrorism, applying the definition and the concepts discussed above is as follows:-
-
- Privacy violation.
-
- Secret information appropriation and data theft.
-
- Demolition of e-governance base.
-
- Distributed Denial of Services (DoS) attack.
-
- Network damage and disruptions.
7. Methods of Attack. There are three methods of attack that may be addressed against computer systems:-
-
- Physical Attack. This is against computer facilities and/or transmission lines. This can be accomplished by use of conventional weapons to destroy or seriously injure computers and their terminals.
-
- Electronic Attack. This is accomplished by use of electromagnetic high energy or electromagnetic pulse to overload computer circuitry or microwave radio transmission.
-
- Computer Network Attack. This is accomplished usually by use of a malicious code to take advantage of software’s weakness. It is employed by hackers who enjoy the challenge of attacking computer protection devices or for economic purposes by gaining access to identities of users of the programs or sites.[10]
8. Types of Attacks. The types of attacks that may be conducted against computers and computer networks include the following:-
-
- Posting of graffiti on websites that are essentially harmless but annoying to computer users.
-
- Hackers who demonstrate the vulnerabilities of computers to outside attacks for reasons of pride in their capabilities to disable or affect computers.
-
- Criminal behavior, generally in the form of stealing passwords to gain access to bank accounts, credit cards, and the like in order to commit fraud and theft.
-
- Terrorist attacks to disable computers, gain entry into national security sites and data, cause havoc to a nation’s economic structure, and other motivations.
-
- Radio Frequency (RF) Weapons. A series of smooth radio waves causing the target to generate heat and burn up.
-
- Transient Electromagnetic Device (TED’s). Emission of a large burst of energy that targets a large spectrum of space. It can be the size of a briefcase, van size, or a large satellite dish.
-
- Electromagnetic Bomb/Pulse Weapon. Creation of an electromagnetic pulse viz. an electromagnetic shock wave that creates an enormous current many times that of a lightening strike.
-
- TEMPEST monitoring devices.
-
- Computer viruses, logic bombs, trojan horses.
-
- Denial of Service (Zombie) Attacks. Sending an overload of emails to the target system causing the system to crash.[11]
9.
Advantages of Cyber Terrorism
Information warfare becomes a very attractive terrorist tool owing to some advantages that cyber-terrorism has over physical methods. Some of the advantages of using cyber methods are as follows:-
-
- Low Cost. The cost of purchasing advanced computer systems is extremely low. Almost any person can afford to buy a computer with sophisticated capabilities. If they cannot afford a computer, there are other means of obtaining access, even in the poorest countries. Examples are library and cybercaf� facilities. There is no suspicion attendant to such purchases, unlike the chemical and biological agents that could signal investigative agencies to come into play.
(b) Relative Autonomy. Digital signals are virtually anonymous and can emanate from any part of the globe. A virus planted into a program can instantaneously be disseminated globally and cause severe complications before steps can be taken to mitigate the virus. Terrorists can communicate, download materials, send coded messages, and have cyber meetings of divergent groups and coordinate their activities. Although it is theoretically possible to monitor messages to and from these groups, it would be extraordinarily difficult for a government to know which computer of the tens of millions of computers is being utilized.
(c) Damage Potential. The potential damage that cyber terrorists are able to accomplish include the destruction of computer programs and operating systems; access to confidential economic, research and development information from corporations; invasion of privacy of individuals; access to secret government data; a virtual shutdown of corporate activity and often the attainment of satisfaction of the ability to crash systems to expose vulnerabilities of systems.
(d) Localised Effects. Most acts are likely to be committed anonymously or by groups who do not fear military retaliation. Consequently, there is no fear of escalation. Transnational terrorist organizations can use the Internet to share information on weapons and recruiting tactics, arrange surreptitious fund transfers across borders, and plan attacks. These new technologies can also dramatically enhance the reach and power of age-old procedures. Information processing technologies have also boosted the power of terrorists by allowing them to hide or encrypt their messages.
(e) Handling of Explosives. The operation does not require the handling of explosives or a suicide mission. Besides, a cyber attack would garner extensive media coverage since journalists and the public alike are fascinated by practically any kind of computer attack.
(f) Access to Critical Information. The world of internet, an ocean of information provides access to critical information. The September 11 terrorists could have found all the details they needed about the floor plans and design characteristics of the World Trade Center and about how demolition experts use progressive collapse techniques to destroy large buildings. The web also makes available sets of instructions needed to combine readily available materials in destructive ways. Practically anything an extremist wants to know about kidnapping, bomb-making, and assassination is now available online. Modern, high-tech societies are filled with supercharged devices packed with energy, combustibles, and poisons, giving terrorists ample opportunities to divert such non-weapon technologies to destructive ends.
- 10. Drawbacks of Cyber TerrorismThere are certain drawbacks too, some of which are enumerated below:-
-
- Low Degree of Control. Due to complex systems, it may be harder to control an attack and achieve a desired level of damage.
-
- Effectiveness. Since these operations do not cause physical injury to people at a broad level, it is less likely to arouse emotional appeal of the society and consequently, would be less effective.
-
- Difficulty in Predicting the Impact. There is little concrete evidence of terrorists preparing to use the internet as a venue for inflicting grave harm. Given that there are no serious instances of cyber �terrorism, it is not possible to assess the impact of acts that have taken place. It is equally difficult to assess the potential impact because it is hard to predict how a major computer network attack, inflicted for the purpose of affecting national or international policy, would unfold. [12]
CHAPTER II
CYBER TERRORISM : AN OVERVIEW
The info revolution has given rise to nws & the power is progressively migrating to non state actors, because of their ability to org into sprawling multinational nws. This in turn implies that future conflicts will incr be waged by nw rather than hierarchical orgs. Info ops in an asymmetric environment are not likely to be a passing fancy & with time this threat is likely to proliferate across the spectrum of civ competition & mil conflicts.
1. Unlawful attacks and threats of attack against computers, networks, and the information stored therein are the major weapons used by terrorists with the view to intimidate or force a government or public in furtherance of their objectives are generally covered under cyber terrorism. The term can perhaps be defined to mean the use of computing resources to intimidate or coerce others. Going by this broader definition, many cases of using new information and communication technology by the terrorists would be incorporated within the fold of cyber-terrorism. Technically, to be a case of cyber-terrorism, any incidence of attack should result in violence against persons or property, or at least cause enough harm to generate fear. Attacks that lead to death or bodily injury, explosions, plane crashes, water contamination, or severe economic loss would be examples. Serious attacks against critical infrastructures could be acts of cyber-terrorism, depending on their impact. Attacks that disrupt non-essential services or that are mainly a costly nuisance would not. We need to see the phenomenon of cyber-terrorism in a broader manner. The cases of using the Internet extensively to spread their messages and to communicate and coordinate their activities by the terrorists should also be included within the purview of cyber-terrorism.
2. Cyber terrorism is more than a virus that creates a mild degree of annoyance such as a denial of service. It seeks to cause physical violence or significant financial harm. Targets may include power plants, military installations, the banking industry, air traffic control centers, water systems, and other major centers affecting the lives and well-being of many people and companies. The attacks may be effects-based i.e., the cyber-attacks result in creating fear similar to that of traditional terrorism or they may be intent-based, where the perpetrators seek to press their political, often religious-based, agenda in order to cause a government or its inhabitants to alter their views or actions or to cause serious harm to a nation and/or its peoples. Cyber terrorists may operate anywhere in the world and can conceal their identities far more effectively, often with the cooperation of rogue states or through the lack of capability of local law enforcement agencies to act effectively. The injury caused by cyber terrorists may take place thousands of miles away from the physical location of the attacker, thereby effectively immunizing them from arrest.
3. Cyber-terrorism is a real threat in today’s situation. The term ‘cyber-terrorism’ had been coined by Barry Colin, a senior research fellow at the Institute for Security and Intelligence in California, in the 1980’s to refer to the convergence of cyberspace and terrorism. The various published definitions of cyber terrorism are as follows:-
(a) A criminal act perpetrated by the use of computers and telecommunications capabilities, resulting in violence, destruction and/or disruption of services, where the intended purpose is to create fear by causing confusion and uncertainty within a given population, with the goal of influencing a government or population to conform to a particular political, social or ideological agenda.
(a) Cyber terrorism is a premeditated, politically motivated criminal act by sub-national groups or clandestine agents against information and computer systems, computer programs, and data that result in physical violence where the intended purpose is to create fear in non-combatant targets.
(b) Cyber-terrorism is the premeditated, politically motivated attack against information, computer systems, computer programs, and data which result in violence against non-combatant targets by sub-national groups or clandestine agents. Politically motivated attacks that cause serious harm, such as severe economic hardship or sustained loss of power or water, might also be characterized as cyber-terrorism.
(c) Cyber terrorism refers to the convergence of cyberspace and terrorism. It covers politically motivated hacking operations intended to cause grave harm such as loss of life or severe economic damage.>
(d) “Unlike a nuisance virus or computer attack that results in denial of service, a cyberterrorist attack would lead to physical violence or extreme financial harm. According to the U.S. Commission of Critical Infrastructure Protection, possible cyberterrorism targets include the banking industry, military installations, power plants, air traffic control centers, and water systems.”
CYBER TERRORISM : MEANS AND FORMS
4. As in other forms of terrorism, cyber terrorism is composed of diverse forms and purposes. In nearly all cases, the methods employed by cyber terrorists are consistent with technologies employed by hackers, crackers and cyber criminals.
Means of Cyber Terrorism
5. Cyber terrorists use a variety of means to disseminate their agenda. Some of these are as follows:-
(a) Virus. This is a piece of a code which is attached to a program and becomes “alive” when the program is activated.
(b) Worm. It is a separate program that replicates itself onto computers without changing any other programs.
(c) Trojan Horse. It is a program fragment that appears to be a worm or a virus that permits the hacker to gain access to a system.
(d) Logic Bomb. This is a type of Trojan horse that may remain dormant until conditions arise for its activation.
(e) Trap Doors. These are means of permitting a programmer to access the user’s software without the user being aware of the access.
(f) Chipping. This is like trap doors but dormant until access is desired.
(g) Denial of Service. The hacker sends almost innumerable requests for information that cause the computer systems to shut down.
6. Forms of Cyber Terrorism. It is very difficult to exhaustively specify the forms of cyber terrorism. In fact, it would not be a fruitful exercise to do the same. Praveen Dalal opines that the nature of cyber terrorism requires it to remain inclusive and open ended in nature, so that new variations and forms of it can be accommodated in the future. However, one of the classifications of the forms of cyber terrorism, applying the definition and the concepts discussed above is as follows:-
(a) Privacy violation.
(b) Secret information appropriation and data theft.
(c) Demolition of e-governance base.
(d) Distributed Denial of Services (DoS) attack.
(e) Network damage and disruptions.
7. Methods of Attack. There are three methods of attack that may be addressed against computer systems:-
(a) Physical Attack. This is against computer facilities and/or transmission lines. This can be accomplished by use of conventional weapons to destroy or seriously injure computers and their terminals.
(b) Electronic Attack. This is accomplished by use of electromagnetic high energy or electromagnetic pulse to overload computer circuitry or microwave radio transmission.
(c) Computer Network Attack. This is accomplished usually by use of a malicious code to take advantage of software’s weakness. It is employed by hackers who enjoy the challenge of attacking computer protection devices or for economic purposes by gaining access to identities o
-
-
Cite This Work
To export a reference to this article please select a referencing stye below:
Related Services
View allDMCA / Removal Request
If you are the original writer of this essay and no longer wish to have your work published on LawTeacher.net then please: