Defining cyber terrorism

Wiki Wickramarathna

Cyber-terrorism is a controversial term. Some authors choose a very narrow definition, relating to deployments, by known terrorist organizations, of disruption attacks against information systems for the primary purpose of creating alarm and panic.

By this narrow definition, it is difficult to identify any instances of cyber-terrorism. Cyber-terrorism can also be defined much more generally, for example, as “The premeditated use of disruptive activities, or the threat thereof, against computers and/or networks, with the intention to cause harm or further social, ideological, religious, political or similar objectives. Or to intimidate any person in furtherance of such objectives.” This broad definition was created by Kevin G. Coleman of the Technolytics Institute. The term was coined by Barry C. Collin.

Cyber-terrorism

As the Internet becomes more pervasive in all areas of human endeavour, individuals or groups can use the anonymity afforded by cyberspace to threaten citizens, specific groups (i.e. with membership based on ethnicity or belief), communities and entire countries, without the inherent threat of capture, injury, or death to the attacker that being physically present would bring.

As the Internet continues to expand, and computer systems continue to be assigned more responsibility while becoming more and more complex and interdependent, sabotage or terrorism via cyberspace may become a more serious threat.

One more probability would be the ‘buying’ of a Computer Programer working inside by the Terrorists to ‘enter’ the local area network by duplicating a password.

The basic definition of Cyber-terrorism

Cyber-terrorism is the leveraging of a target’s computers and information, particularly via the Internet, to cause physical, real-world harm or severe disruption of infrastructure.

Cyber-terrorism is defined as “The premeditated use of disruptive activities, or the threat thereof, against computers and/or networks, with the intention to cause harm or further social, ideological, religious, political or similar objectives. Or to intimidate any person in furtherance of such objectives.”

This definition was created by Kevin G. Coleman of the Technolytics Institute. “..subsumed over time to encompass such things as simply defacing a web site or server, or attacking non-critical systems, resulting in the term becoming less useful...”

There are some that say Cyber-terrorism does not exist and is really a matter of hacking or information warfare. They disagree with labelling it terrorism because of the unlikelihood of the creation of fear, significant physical harm, or death in a population using electronic means, considering current attack and protective technologies.

The National Conference of State Legislatures (NCSL), a bipartisan organization of legislators and their staff created to help policymakers of all 50 states address vital issues such as those affecting the economy or homeland security by providing them with a forum for exchanging ideas, sharing research and obtaining technical assistance defines Cyber-terrorism as follows:

The use of information technology by terrorist groups and individuals to further their agenda.

This can include use of information technology to organize and execute attacks against networks, computer systems and telecommunications infrastructures, or for exchanging information or making threats electronically. Examples are hacking into computer systems, introducing viruses to vulnerable networks, web site defacing, Denial-of-service attacks, or terrorist threats made via electronic communication.

Examples of Cyber-terrorism

One example of Cyber-terrorists at work was when terrorists in Romania illegally gained access to the computers controlling the life support systems at an Antarctic research station, endangering the 58 scientists involved. However, the culprits were stopped before damage actually occurred.

Mostly non-political acts of sabotage have caused financial and other damage, as in a case where a disgruntled employee caused the release of untreated sewage into water in Maroochy Shire, Australia. Computer viruses have degraded or shut down some non-essential systems in nuclear power plants, but this is not believed to have been a deliberate attack.

More recently, in May 2007 Estonia was subjected to a mass cyber-attack in the wake of the removal of a Russian World War II war memorial from downtown Talinn.

The attack was a distributed denial of service attack in which selected sites were bombarded with traffic in order to force them offline; nearly all Estonian Government Ministry networks as well as two major Estonian bank networks were knocked offline; in addition, the political party website of Estonia’s current Prime Minister Andrus Ansip featured a counterfeit letter of apology from Ansip for removing the memorial statue.

Despite speculation that the attack had been coordinated by the Russian Government, Estonia’s Defence Minister admitted he had no evidence linking cyber attacks to Russian authorities. Russia called accusations of its involvement ‘unfounded,’ and neither NATO nor European Commission experts were able to find any proof of official Russian Government participation.

In January 2008, a man from Estonia was convicted for launching the attacks against the Estonian Reform Party website and fined. Even more recently, in October 2007, the website of Ukrainian President Viktor Yushchenko was attacked by hackers. A radical Russian nationalist youth group, the Eurasian Youth Movement, claimed responsibility.

Since the world of computers is ever-growing and still largely unexplored, countries new to the cyber-world produce young computer scientists usually interested in ‘having fun’. Countries like China, Greece, India, Israel and South Korea have all been in the spotlight before by the U.S. media for attacks on information systems related to the CIA and NSA.

Though these attacks are usually the result of curious young computer programmers, the United States has more than legitimate concerns about national security when such critical information systems fall under attack.

In the past five years, the United States has taken a larger interest in protecting its critical information systems. It has issued contracts for high-leveled research in electronic security to nations such as Greece and Israel, to help protect against more serious and dangerous attacks.

In 1999 hackers attacked NATO computers. The computers flooded them with email and hit them with a denial of service (DoS).

The hackers were protesting against the NATO bombings in Kosovo. Businesses, public organizations and academic institutions were bombarded with highly politicized emails containing viruses from other European countries.