Many aspects of our modern society now have either a direct or implicit dependence upon information technology (IT). As such, a compromise of the availability or integrity in relation to these systems (which may encompass such diverse domains as banking, government, health care, and law enforcement) could have dramatic consequences from a societal perspective.
In many modern business environments, even the short-term, temporary interruption of Internet and e-mail connectivity can have a significantly disruptive effect, forcing people to revert to other forms of communication that are now viewed as less convenient. Imagine, then, the effect if the denial of service was over the long-term and also affected the IT infrastructure in general. Many governments are now coming to this realisation.
The term terrorist or terrorism is a highly emotive term. But the general term, terrorist, is used to denote revolutionaries who seek to useterror systematically to further their views or to govern a particular area.
Cyber terrorism is a different form of terrorism since physical systematic terror does not occur (unless, for example, the attack causes a critical system to fail), but systematic wide spread destruction of information resources can occur. The problem relates to the fact that aterrorist group could easily be perceived as a resistance group carrying out lawful actions. In the context of this article all groups will be defined as terrorist/resistance groups in order to give a neutral perception of their activities and aims.
Recent years have seen the wides preaduse of information technology by terrorist-type organisations. This has led to the emergence of a new class of threat, which has been termed cyber terrorism. This can be viewed as distinct from “traditional” terrorism since physical terrordoes not occur and efforts are instead focused upon attacking information systems and resources.
When viewed from the perspective of skills and techniques, there is little to distinguish cyber terrorists from the general classification of hackers. Both groups require and utilise an arsenal of techniques in order to breach the security of target systems. From a motivational perspective, however, cyber terrorists are clearly different, operating with a specific political or ideological agenda to support their actions. This in turn may result in more focused and determined efforts to achieve their objectives and more considered selection of suitable targets for attack. However, the difference does not necessarily end there and other factors should be considered. Firstly, the fact that cyber terrorists are part of an organised group could mean that they have funding available to support their activities. This in turn would mean that individual hackers could be hired to carry out attacks on behalf of a terrorist organisation (effectively subcontracting the necessary technical expertise). In this situation, the hackers themselves may not believe in the terrorist’s “cause,” but will undertake the work for financial gain
Terrorist groups have difficulty in relaying their political messages to the general public without being censored: They can now use theInternet for this purpose. Different terrorist groups and political parties are now using the Internet for a variety of different purposes. Some examples are:
- Tupac Amaru Revolutionary Movement (MRTA): In 1997, a Peruvian terrorist group know as MRTA took over the Japanese embassy in Peru taking a number of hostages. During this time, the Web Site of the MRTA contained messages from MRTA members inside the embassy as well as updates and pictures of the drama as it happened.
- Chechen rebels: Chechen rebels have been using the Internet to fight the Russians in a propaganda war. The rebels claimed to have shot down a Russian fighter jet, a claim refuted by the Russians until a picture of the downed jet was shown on the official Web site of the Chechen rebels. The Russians were forced to admit their jet had in fact been shot down.
- Fundraising: Azzam Publications, based in London and named after Sheikh Abdullah Azzam, a mentor of Osama bin Laden; is a site dedicated to Jihad around the world and linked to Al Qaeda. It is alleged that the Azzam Publications site, which sold Jihad related material from books to videos, was raising funds for the Taliban in Afghanistan and for guerrillas fighting the Russians in Chechyna. After September 11, Azzam Publications came under increased pressure to the point where its products could no longer be purchased through their site. In a farewell message published on their site they provide alternatives to ensure that funds can still be raised and sent around the world to fight the “struggle.” In 2002 the main Azzam site went back online, offering the same fundraising options. The new site also mirrored itself around the world and provides its content in a number of languages including: Arabic, English, German, Spanish, Indonesian, Bosnian, Turkish, Malay, Albanian, Ukranian, French, Swedish, Dutch, Italian, Urdu, and Somalian. The reason for doing this according to the Azzam site “is to protect against Western Censorship Laws.” It will probably prove to be difficult to close the Azzam site in the future, when the information is mirrored around the Internet in a variety of languages.
- Information warfare: Cyber terrorism or the more appropriate term information warfare as discussed earlier is becoming a common technique used to attack organisations. Cyber terrorist groups employ what is known as hacktivism. Hacktivists are activists involved in defacing the site of an enemy for a political cause for example, a cyber terrorism group or a group acting on behalf of a cyber terrorism group
Another observation is that cyber attacks offer the capability for terrorist activities with wider-reaching impacts. With traditional terroristactivities, such as bombings, the impacts are isolated within specific physical locations and communities. In this context, the wider populous act only as observers and are not directly affected by the actions. Furthermore, acts of violence are not necessarily the most effective way of making a political or ideological point-the media and public attention is more likely to focus upon the destruction of property and/or loss of life than whatever “cause” the activity was intended to promote. The ability of cyber terrorism activities to affect a wider population may give the groups involved greater leverage in terms of achieving their objectives, whilst at the same time ensuring that no immediate long-term damage is caused which could cloud the issue. For example, in a denial of service scenario, if the threatened party was to accede to the terrorist demands, then the situation could (ostensibly at least) be returned to that which existed prior to the attack (i.e. with service resumed). This is not the case in a “physical” incident when death or destruction has occurred.
Cyber terrorists operate with a political agenda. This motivation (which could often be more accurately described as fanaticism) will mean these types of attacks will be more specifically targeted and aimed at more critical systems. This collective action would do more harm than the action of a single hacker. There is also the issue of funding, since terrorist groups could have substantial funds available, they could easily employ hackers to act on their behalf.
Whether we like it or not, we have developed a significant (and increasing) dependence upon information technology. The Internet is available 24 hours a day and cyber terrorist groups that view developed countries as a target will be able to attack 24 hours a day. This means that all organisations could feel the impact as their sites are attacked just because they happen to be in Australian, Japan, USA, and so forth. Only the future will show the risks that we face from the threat of cyber terrorism