cyber warfare: cyber terrorism

Cyber Warfare: Cyber Terrorism

3/27/13

CSEC 620

Individual Assignment 3

2


The Threat

Cyber terrorism is the world’s newest threat against the United States. The FBI defines

cyber terrorism as "The premeditated, politically motivated attack against information, computer

systems, computer programs, and data which result in violence against noncombatant targets by

sub-national groups or clandestine agents" (Elmusharaf, 2004). This definition provided by the

FBI can be broken down into several layers. The first layer is that of the actors, their motives are

political in nature and are thought out and planned. They are targeting computer systems which

would include vital infrastructures that allow the US to function. Their wanted result is that of

causing panic, mayhem, and even death to innocent civilians as well as US forces. The battle

landscape against the United States has changed from the normal battle fields of sand and dirt to

that of the information super highway. This allows for terrorist attacks that no longer target

physical assets, but instead targets our computer systems, cyber infrastructure, and other

computer based systems. These systems can include municipal systems, nuclear power plants,

hospitals, and financial sectors.

The biggest threat from cyber terrorism is to the United States critical infrastructures

(Piggin, 2010). These infrastructures include power grids, nuclear power plants,

communications systems, water, food production, health care, financial and transportation

(Piggin, 2010). Each one of these systems has its own vulnerabilities and own consequences if

they are exploited.

Power grids are an obvious target; they provide power to the US and allow us to function

normally throughout our day. Many people take this luxury for granted however once it fails it

can throw an entire city into chaos. Such as the incident in August of 2003 in New York City

and much of the New England area when the power grid failed leaving millions without power

3


and entire cities gridlocked with traffic unable to move. Power grids as of 2009 were considered

to be extremely vulnerable and needed to be updated with better cyber security (Neil, 2009). The

failure of these grids was said by President Obama to be the same as a nuclear or biological

attack (Piggin, 2010). This is now considered a top fix for the nation’s cyber security industry.

With power grids comes both a physical and cyber asset that can be extremely deadly in both

forms if attacked, nuclear power plants. These plants when working properly create electricity

for millions of Americans. However, these plants pose both a concern for a physical attack as

well as a cyber-attack. With many of these plants being automated the risk for a cyber-terrorist

attack that causes a meltdown would be not only catastrophic but also exactly what a terrorist

organization would want. Nuclear power plants rely heavily on systems that automate the entire

plant. These systems are vulnerable to viruses, malware, and traditional hacking methods (Neil,

2009)(Piggin, 2010).

Communication infrastructures are another valuable asset that is susceptible to cyber

terrorism. This target if attacked could cause major problems for our emergency management as

well as personal communication. Since the systems that run many of the SCADA networks do

not use any security or adequate security to fend off an attack they are open to being targets for

cyber terrorists (Patel, Bhatt, Graham, 2009). SCADA networks consist of a master terminal,

remote terminals or intelligent electronic devices designed to capture data around the network.

The communication between these different terminals is not up to the security standards that they

should be. Their security that is used is easily cracked and thus makes for an easy target (Patel

ET all, 2009). These networks often communicate over the normal network and do not have a

separate independent network to operate on. If cyber terrorists attacked our communication

4


networks it would make it very difficult for 911 centers to dispatch both police and ambulances.

This could mean the loss of life or other chaotic situations.

Our water and food production systems both are valuable targets to cyber terrorists

(Hayes, 2010). Many of these systems Americans do not worry about and never feel as if they

can be targets. This is due in part to the fact that many of these systems were not only designed

and built way before anyone knew what a cyber-terrorist was but also before many of these

systems were ever automated (Hayes, 2010). Just because these systems were built before the

Internet was around does not mean they are not easy targets for cyber terrorists. Causing

disruptions in food production and water purification and distribution could seriously disrupt

Americans lives.

Health care systems would be a huge target for cyber terrorists. This would include the

making, testing, and distribution of drugs. People assume when they open a bottle of medicine it

is both what they bought as well as safe to take. If a cyber-terrorist gained access to a drug

manufacturing system they could not only change drug ingredients but possibly have wrong

labels placed on drugs. This could put millions of people at risk by simply changing a few

manufacturing commands in a drug labeling system.

Financial firms housing the financial data of millions of Americans are an ideal target for

a terrorist to cause significant damage. An attack on a financial institution if done right could

cause significant down time of that institution (Montgomery, 2003). This would make

purchasing even the most basic good near impossible until the banking institution came back

online. This could cause great hard ships to people that do not carry around cash and rely on

their credit or bank cards.

5


In the United States we rely heavily on many different modes of transportation. Our vast

networks of roads, rail and air transportation systems move people all over the country. This

type of target for a cyber-terrorist could cause everything from a small traffic jam to mass

casualties from a plane crash. The necessary software and hardware to cause such a disaster is

readily available and also easily obtained (Mann, 2002).

Analysis of Motivation

Cyber terrorism includes several actors, terrorist, defender, and targets. The key actors in

this array are the terrorists themselves. They are the ones targeting both government and non-

government targets. These targets are mentioned prior and are essential to the United States as

well as other major countries running smooth and effective. These actors are new to terrorism,

where they once drove truck bombs into buildings they now unleash viruses into banking

systems (UK 'COULD BE TARGET FOR CYBER-TERRORISTS', 2003). These terrorists

however have the same end goal as their traditional counterpart. They both seek to terrorize and

inflict fear and pain into others for their own political agenda. This is what terrorism is all about

and has been since the beginning of time (Matusiz, 2011). Terrorists whether cyber terrorist or

what are considered more traditional terrorists have similar agendas, they just have different

ways at completing the final result. Cyber terrorists use the power of computers and utilize

tools previously unused by terrorists. Cyber terrorists also do not have to give their own life to

complete a mission unlike some of their traditional counterparts. Their missions are completed

behind a desk under the anonymity of the Internet. Their ultimate goal is to cause disruptions in

or societies to better their cause. The disruption of our critical infrastructures would be an ideal

target to complete these missions. With cyber terrorism they can easily mount several attacks in

a shorter period of time without extensive planning (Hinde, 2001). With airport security

6


reaching a new high it is harder for terrorists to slip bombs onto planes or even hijack them. But

with cyber terrorism they can simply hack the computer system of these planes or air traffic

controllers and possibly cause an even bigger catastrophe.

On the other side of the terrorists are those employed to protect the United States and

other countries from these threats. Both private and public sectors are joining forces to stop

these attacks and prevent a major incident from happening. One of these joint ventures is the

Information Technology Information Sharing and Analysis Center (IT-ISAC) (Stevens, Jusko,

2001). The mission of IT-ISAC is “to report and exchange information among its industry

members concerning electronic incidents, threats, attacks, vulnerabilities, solutions and

countermeasures, best security practices, and other protective measures; to establish a

mechanism for systematic and protected exchange and coordination of such information; and to

take other appropriate action commensurate with these goals (Stevens, Jusko, 2001)”. This is

just one example where public and private partnerships are helping to curb cyber terrorists.

There are also other types of ISAC’s that respond to specific industries such as power

companies, financial firms, and telecommunications companies (Stevens, Jusko, 2001). Many

government agencies as well as private firms have their own cyber security operations that

operate 24 hours a day 7 days a week to combat this threat.

As with all terrorist operations the usual target is that of innocent bystanders. These

innocent targets are used because it strikes fear into people. Imagine how many people feared

getting on a plane or going into a high-rise building after 9/11. This is why many times high

profile and symbolic targets are chosen. The twin towers were not chosen simply because they

were tall but they were symbols of an iconic American skyline and also a financial epicenter. In

any type of war there are expected casualties such as soldiers that you rarely hear about, but

7


when it is innocent people killed it makes the news and horrifies people. A cyber-attack

targeting a large metropolitan area causing sewage being pumped into fresh drinking water could

cause many deaths as well as causing many to fall sick. Innocent bystanders do not exist in the

eyes of the terrorists but are grouped alone side those fighting the physical war as well. So in

cyber terrorism there are three parties, the terrorists, the defenders, and the targets.

Defending the Risk

There are many ways both electronically and physically to defend against cyber

terrorism. The first approach would be to use a strong encryption for both connections as well as

storing of data. Since some terrorists are simply after data storing that data in a secure manor is

ideal. The use of quantum technologies is a big step in keeping our connections and data secure

(Korchenko, Vasiliu, Gnatyuk, 2010). This also includes quantum cryptography, quantum

secure connection, and quantum secret sharing (Korchenko, Vasiliu, Gnatyuk, 2010). Quantum

technologies do not have to be used however but are a very secure method. Since the threat is

constantly changing sometimes a good defense is simply studying and keeping a close eye on

those trying to attack you (Tsuchiya, 2009). Using network analysis terrorists can be tracked

down to a physical location and physically stopped or apprehended (Tsuchiya, 2009). A strong

cyber defense is a must with this new threat in place already. The proper use of security

measures such as firewalls, encryption, digital certificates, and intrusion detection and prevention

systems can almost completely halt an attack. If the networks these infrastructures are operating

on are secure using all the proper technics then cyber terrorists will not stand a chance (Saini,

2007). Protect, detect, respond are the three key elements of protecting our infrastructures of

cyber terrorists (Piggin, 2010). If proper measures are taken ahead of time to protect your

systems then the systems is harder to penetrate and use in a malicious manner. Detecting a

8


potential problem as well as system penetrations is critical in stopping and minimizing damage.

The last step of responding means bringing the system back online if it does fail as well as

stopping the threat and finding out who was responsible for the attack (Piggin, 2010).

In one incident back in April of 2009 the Virginia State Drug Database was held hostage

for a reported $10M (State Drug Database Held Hostage, 2009). This database held the records

of all the drugs dispensed through all the pharmacies in Virginia. This database was used to

prevent prescription drug abuse, and was used by law enforcement and other government

agencies. The compromised system could have allowed someone to send out false prescriptions

as well as steal patient information (State Drug Database Held Hostage, 2009). Investigators

said they were unaware if they system or its information had actually been compromised.

Conclusion

Within the realm of cyber warfare, cyber terrorism is evolving at a very fast pace. It has

become a concern of not only Americans but almost every other government. This threat has

changed the traditional terrorist way of fighting. No longer do terrorists need to blow up

buildings or bomb ships but can now exert control over them in a different way. The use of

computers to aid in terrorist attacks has reached a new level since they can now sit safely behind

a keyboard and cause havoc. The main threat in the US and abroad is the threat to our critical

infrastructures. These systems are what keep governments running smoothly and effectively.

They are vital to the operations of many governments and if disrupted can cause chaos as well as

a loss of life depending on the system that is attacked. These attacks have the potential to be

more deadly than any traditional terrorist attack. The possibility for cyber terrorists to attack

along with a traditional attack makes it even more deadly. This is the new landscape of warfare,

and it is constantly evolving to become a bigger threat.

9


Cyber terrorism includes several key groups; the terrorists, defenders, and innocent

bystanders or targets. These terrorists target the innocent bystanders to cause chaos, death, and

to get their political ideology out to the masses. The defenders work day and night to not only

defeat these terrorist but also neutralize their efforts and determine who they are. They must

constantly evolve and understand the full scope of their opponent. To be effective they need to

stay one step ahead of their enemy, and be proactive in their search and prevention of their

tactics. The third groups of people are the innocent bystanders that are the final targets of the

terrorists. They are the ones that need to be protected every day from this threat. They do not

possess the means to protect themselves from these attacks. Since these attacks are directed at

critical infrastructures they people are the ones that receive the damages in the end. They cannot

as an individual protect these assets and must rely on the defenders to protect them, whether they

know it or not.

Cyber terrorists are a growing threat and will become an even bigger threat for the US

over the next few years. These actors will need to be hunted down using various methods and

eliminated as a threat. Their potential for harm is huge so we cannot back down or let them get

the upper hand. Using a balanced blend of physical security and cyber security the threat can be

cut down significantly.

10


References:

Elmusharaf, M. (2004). Cyber Terrorism : The new kind of Terrorism. Computer Crime

Research Center - Daily news about computer crime, internet fraud and cyber terrorism.

Retrieved March 21, 2011, from http://www.crime-

research.org/articles/Cyber_Terrorism_new_kind_Terroris

Fulghum, D. A. (2005). Phone for Help. Aviation Week & Space Technology, 163(16), 50-52.

Retrieved from EBSCOhost.

Hayes, J. J. (2010). The terrors and the errors [cyber-terrorist attack]. Engineering & Technology

(17509637), 5(14), 52-53. doi:10.1049/et.2010.1413

Hinde, S. (2001). Incalculable potential for damage by cyber-terrorism. Computers & Security

20.7: 568+. Computer Database

Korchenko, O., Vasiliu, Y., & Gnatyuk, S. (2010). MODERN QUANTUM TECHNOLOGIES

OF INFORMATION SECURITY AGAINST CYBER-TERRORIST ATTACKS. Aviation

(1648-7788), 14(2), 58-69. Retrieved from EBSCOhost.

Mann, P. (2002). Cyber Security 'Missing' From Travel Defenses. Aviation Week & Space

Technology, 157(2), 41. Retrieved from EBSCOhost.

Matusitz, J. (2011). Social Network Theory: A Comparative Analysis of the Jewish Revolt in

Antiquity and the Cyber Terrorism Incident over Kosovo. Information Security Journal: A

Global Perspective, 20(1), 34-44. doi:10.1080/19393555.2010.544702

Montgomery, G. (2003). Cyberterrorism: ready to explode. Australian Personal Computer,

(292), 26. Retrieved from EBSCOhost.

Neil, S. (2009). NON-PROFIT TARGETS CYBER-SECURITY IN PLANTS. Managing

Automation, 24(9), 10-12. Retrieved from EBSCOhost.

PATEL, S. C., BHATT, G. D., & GRAHAM, J. H. (2009). Improving The Cyber Security of

Scada Communication Networks. Communications of the ACM, 52(7), 139-142. Retrieved from

EBSCOhost

Piggin, R. (2010). The reality of cyber terrorism. Engineering & Technology (17509637), 5(17),

36-38. doi:10.1049/et.2010.1721

Saini, H. H., & Saini, D. D. (2007). Proactive Cyber Defense and Reconfigurable Framework for

Cyber Security. International Review on Computers & Software, 2(2), 89-97. Retrieved from

EBSCOhost.

11


State Drug Database Held Hostage. (2009). Information Management (15352897), 43(5), 6.


Stevens, T., & Jusko, J. (2001). Cyber-terrorists under attack. Industry Week/IW, 250(2), 11.


Tsuchiya, M. (2009). Defense against Cyber Terrorism: Head War and Body War. Conference

Papers -- International Studies Association, 1-10. Retrieved from EBSCOhost.

UK 'COULD BE TARGET FOR CYBER-TERRORISTS'. (2003). IEE Review, 49(2), 15.


cyber warfare: cyber terrorism

Documents