Download - Cyberterrorism
CyberterrorismDr Ian Brown, OII
(with thanks to Lilian Edwards)
Outline Definitions - vandalism, crime, terrorism
and war The insecurity of the Internet and how to
fix it The proportionality of state responses to
terrorist Internet use
Cyber graffiti Tipping Point report
found that in 8 years to2007, >100k domainsdefaced
Sometimes politicallymotivated - c.f. UN site12/8/07:
“HACKED BY KEREM125 M0STED ANDGSY
THAT IS CYBERPROTESTHEY ]SRAIL AND USADONT KILL CHILDREN AND OTHER
PEOPLEPEACE FOR EVERNO WAR”
Cyber fraud Phishing (Symantec found 166,248
unique messages 2H 2006) Denial of Service extortion (Symantec
found 6m bots 2H 2006) The organised criminal economy (custom
virus writers, bot herders, mules, dupes);identities for sale $14-$18
Digital Pearl Harbour Exercise conducted by US Naval War
College & Gartner July 2002 3-day simulated attack on CNI with
attackers given $200m, 5 years planning,access to state-level intelligence
Local, temporary attacks could besuccessful; sustained, national attackswould not
Cyber terror “Terrorists get better returns from much simpler
methods such as car bombs. Cyberterror is toolow key: not enough dead bodies result, andattacks are too complex to plan and execute.”(Bird 2006)
Reality is use for communications, research(CBNR info poor - Stenersen 2007),propaganda, recruitment and belonging (Labi2006 and Shahar 2007), tactical intel (US Army2005)
Cyber war Disabling Critical National Infrastructure
(Estonia, May 2007) For political/military/economic espionage
(China, widely publicised 2007)
Estonia May 2007 Attacks on Estonian finance, media and govt
websites by Russian-linked groups. “Complexity and coordination was new… series
of attacks with careful timing using differenttechniques and specific targets” (NATO)
Arbor Networks monitored 128 distinct attacks,with 10 lasting over 10 hours and reaching90Mbps
China TITAN RAIN Incursions into DoD, German chancellory, Whitehall,
NASA, Lockheed Martin… “Chinese attackers are using custom Trojan horse
software targeted at specific government offices, and itis just walking through standard defences. Manygovernment offices don’t even know yet that they areleaking information. 99% of cases are probably still notknown.” (NATO)
“Intrusion detection systems react to obvious signaturessuch as lots of traffic from one IP address – so onionrouting and botnets are used to disguise the origin ofintrusions.” (Sommer)
Fixing Internet insecurity Incentives are key: for more secure
software, networks and banks (House ofLords, 2007)
CNI must be very firmly separated frompublic Internet
Limits to use of COTS software?
Proportionality of stateresponses Lawful access Data retention “Glorification” of terrorism
References Juliette Bird (2006) Terrorist Use of the Internet, The Second International
Scientific Conference on Security and Countering Terrorism Issues, Moscow StateUniversity Institute for Information Security Issues, October 2006.
Nadya Labi (2006) Jihad 2.0, Atlantic Monthly pp.102—107, July/August 2006.
Chief Judge Stein Schjolberg (2007) Terrorism in Cyberspace - Myth or reality?June 2007. Available at http://www.cybercrimelaw.net/1-2007.html
Yael Shahar (2007) The Internet as a Tool for Counter-Terrorism, Patrolling andControlling Cyberspace, Garmisch-Partenkirchen, April 2007.
Anne Stenersen (2007) Chem-bio cyber-class – Assessing jihadist chemical andbiological weapons, Jane’s Intelligence Review, 1 September 2007.
US Army (2005) Army Regulation 530–1, Operations Security (OPSEC), 19 April2007.