Many
aspects of our modern society now have either a direct or implicit
dependence upon information technology (IT). As such, a compromise of
the availability or integrity in relation to these systems (which may
encompass such diverse domains
as banking, government, health care, and
law enforcement) could have dramatic consequences from a societal
perspective.
In
many modern business environments, even the short-term, temporary
interruption of Internet and e-mail connectivity can have a
significantly disruptive effect, forcing people to revert to other forms
of communication that are now viewed as less convenient. Imagine, then,
the effect if the denial of service was over the long-term and also
affected the IT infrastructure in general. Many governments are now
coming to this realisation.
The
term terrorist or terrorism is a highly emotive term. But the general
term, terrorist, is used to denote revolutionaries who seek to
useterror systematically to further their views or to govern a
particular area.
Cyber terrorism is
a different form of terrorism since physical systematic terror does not
occur (unless, for example, the attack causes a critical system to
fail), but systematic wide spread destruction of information resources
can occur. The problem relates to the fact that aterrorist group could
easily be perceived as a resistance group carrying out lawful actions.
In the context of this article all groups will be defined
as terrorist/resistance groups in order to give a neutral perception of
their activities and aims.
Recent
years have seen the wides preaduse of information technology
by terrorist-type organisations. This has led to the emergence of a new
class of threat, which has been termed cyber terrorism. This can be
viewed as distinct from “traditional” terrorism since
physical terrordoes not occur and efforts are instead focused upon
attacking information systems and resources.
When
viewed from the perspective of skills and techniques, there is little
to distinguish cyber terrorists from the general classification of
hackers. Both groups require and utilise an arsenal of techniques in
order to breach the security of target systems. From a motivational
perspective, however, cyber terrorists are clearly different, operating
with a specific political or ideological agenda to support their
actions. This in turn may result in more focused and determined efforts
to achieve their objectives and more considered selection of suitable
targets for attack. However, the difference does not necessarily end
there and other factors should be considered. Firstly, the fact
that cyber terrorists are part of an organised group could mean that
they have funding available to support their activities. This in turn
would mean that individual hackers could be hired to carry out attacks
on behalf of a terrorist organisation (effectively subcontracting the
necessary technical expertise). In this situation, the hackers
themselves may not believe in the terrorist’s “cause,” but will
undertake the work for financial gain
Terrorist groups
have difficulty in relaying their political messages to the general
public without being censored: They can now use theInternet for this
purpose. Different terrorist groups and political parties are now using
the Internet for a variety of different purposes. Some examples are:
- Tupac
Amaru Revolutionary Movement (MRTA): In 1997, a
Peruvian terrorist group know as MRTA took over the Japanese embassy in
Peru taking a number of hostages. During this time, the Web Site of the
MRTA contained messages from MRTA members inside the embassy as well as
updates and pictures of the drama as it happened.
- Chechen
rebels: Chechen rebels have been using the Internet to fight the
Russians in a propaganda war. The rebels claimed to have shot down a
Russian fighter jet, a claim refuted by the Russians until a picture of
the downed jet was shown on the official Web site of the Chechen
rebels. The Russians were forced to admit their jet had in fact been
shot down.
- Fundraising: Azzam
Publications, based in London and named after Sheikh Abdullah Azzam, a
mentor of Osama bin Laden; is a site dedicated to Jihad around the world
and linked to Al Qaeda. It is alleged that the Azzam Publications site,
which sold Jihad related material from books to videos, was raising
funds for the Taliban in Afghanistan and for guerrillas fighting the
Russians in Chechyna. After September 11, Azzam Publications came under
increased pressure to the point where its products could no longer be
purchased through their site. In a farewell message published on their
site they provide alternatives to ensure that funds can still be raised
and sent around the world to fight the “struggle.” In 2002 the main
Azzam site went back online, offering the same fundraising options. The
new site also mirrored itself around the world and provides its content
in a number of languages including: Arabic, English, German, Spanish,
Indonesian, Bosnian, Turkish, Malay, Albanian, Ukranian, French,
Swedish, Dutch, Italian, Urdu, and Somalian. The reason for doing this
according to the Azzam site “is to protect against Western Censorship
Laws.” It will probably prove to be difficult to close the Azzam site in
the future, when the information is mirrored around the Internet in a
variety of languages.
- Information warfare: Cyber terrorism
or the more appropriate term information warfare as discussed earlier
is becoming a common technique used to attack
organisations. Cyber terrorist groups employ what is known as hacktivism. Hacktivists
are activists involved in defacing the site of an enemy for a political
cause for example, a cyber terrorism group or a group acting on behalf
of a cyber terrorism group
Another
observation is that cyber attacks offer the capability
for terrorist activities with wider-reaching impacts. With
traditional terroristactivities, such as bombings, the impacts are
isolated within specific physical locations and communities. In this
context, the wider populous act only as observers and are not directly
affected by the actions. Furthermore, acts of violence are not
necessarily the most effective way of making a political or ideological
point-the media and public attention is more likely to focus upon the
destruction of property and/or loss of life than whatever “cause” the
activity was intended to promote. The ability
of cyber terrorism activities to affect a wider population may give the
groups involved greater leverage in terms of achieving their objectives,
whilst at the same time ensuring that no immediate long-term damage is
caused which could cloud the issue. For example, in a denial of service
scenario, if the threatened party was to accede to
the terrorist demands, then the situation could (ostensibly at least) be
returned to that which existed prior to the attack (i.e. with service
resumed). This is not the case in a “physical” incident when death or
destruction has occurred.
Cyber terrorists operate
with a political agenda. This motivation (which could often be more
accurately described as fanaticism) will mean these types of attacks
will be more specifically targeted and aimed at more critical systems.
This collective action would do more harm than the action of a single
hacker. There is also the issue of funding, since terrorist groups could
have substantial funds available, they could easily employ hackers to
act on their behalf.
Whether
we like it or not, we have developed a significant (and increasing)
dependence upon information technology. The Internet is available 24
hours a day and cyber terrorist groups that view developed countries as a
target will be able to attack 24 hours a day. This means that all
organisations could feel the impact as their sites are attacked just
because they happen to be in Australian, Japan, USA, and so forth. Only
the future will show the risks that we face from the threat
of cyber terrorism
