What is your understanding of cyber terrorism?
The term cyberterrorism is a term that individuals either fully understand or only partially understand its true meaning and principles. Cyberterrorism in simple terminology is a terrorism act committed on the internet. So basically it is an act of Internet terrorism in terrorist activities, including acts of deliberate, large-scale disruption of computer networks, especially of personal computers attached to the Internet, by the means of tools such as computer viruses.
During research it was identified that the Cyberterrorism term appears to be a controversial term. Some authors choose a very narrow definition, relating to deployments, by known terrorist organisations, of disruption attacks against information systems for the primary purpose of creating alarm and panic. By this narrow definition, it is difficult to identify any instances of cyberterrorism.
There is debate over the basic definition of the scope of cyberterrorism. There are constant variation in qualification by motivation, targets, methods, and centrality of computer use in the act. Depending on context, cyberterrorism may overlap considerably with cybercrime, cyberwar or ordinary terrorism. A definition provided by Eugene Kaspersky, founder of Kaspersky Lab, now feels that “cyberterrorism” is a more accurate term than “cyberwar.” He states that “with today’s attacks, you are clueless about who did it or when they will strike again. It’s not cyber-war, but cyberterrorism.” Eugene Kaspersky also equates large-scale cyber weapons, such as the Flame Virus and NetTraveler Virus which his company discovered, to biological weapons, claiming that in an interconnected world, they have the potential to be equally destructive.
If cyberterrorism is treated similarly to traditional terrorism, then it only includes attacks that threaten property or lives, and can be defined as the leveraging of a target’s computers and information, particularly via the Internet, to cause physical, real-world harm or severe disruption of infrastructure. There are some who say that cyberterrorism does not exist and is really a matter of hacking or information warfare. They disagree with labelling it terrorism because of the unlikelihood of the creation of fear, significant physical harm, or death in a population using electronic means, considering current attack and protective technologies. If a strict definition is assumed, then there have been no or almost no identifiable incidents of cyberterrorism, although there has been much public concern. However, there is an old saying that death or loss of property are the side products of terrorism, the main purpose of such incidents is to create terror in peoples mind. If any incident in the cyber world can create terror, it may be called a Cyber-terrorism.
Cyberterrorism is defined by the Technolytics Institute as “The premeditated use of disruptive activities, or the threat thereof, against computers and/or networks, with the intention to cause harm or further social, ideological, religious, political or similar objectives. Or to intimidate any person in furtherance of such objectives.” The term appears first in defence literature, surfacing in reports by the U.S. Army War College as early as 1998.
The National Conference of State Legislatures, an organization of legislators created to help policymakers with issues such as economy and homeland security defines cyberterrorism as:
[T]he use of information technology by terrorist groups and individuals to further their agenda. This can include use of information technology to organize and execute attacks against networks, computer systems and telecommunications infrastructures, or for exchanging information or making threats electronically. Examples are hacking into computer systems, introducing viruses to vulnerable networks, web site defacing, Denial-of-service attacks, or terroristic threats made via electronic communication.
Cyberterrorism can also include attacks on any Internet business, but when this is done for economic motivations rather than ideological, it is typically regarded as cybercrime. Cyberterrorism is reported to only be limited to actions conducted by the following: individuals, independent groups, or organisations. During research and the authors own experience, there are numerous and multiple definitions of cyber terrorism during which the majority are very broad in spectrum and at times are written with such technological terms they are difficult for the layman to understand. There is controversy concerning overuse of the term and hyperbole in the media and by security vendors trying to sell “solutions” to such concerns.
Cyberterrorism can be also defined as the intentional use of computer, networks, and public internet to cause destruction and harm for personal objectives. These types of objectives may be of a political or ideological nature since they can be deemed as a form of terrorism. As with everything else, the advancement of technology and as the Internet becomes more pervasive in all areas of human endeavour, individuals or groups can use the anonymity afforded by cyberspace to threaten citizens, specific groups (i.e. with membership based on ethnicity or belief), communities and entire countries, without the inherent threat of capture, injury, or death to the attacker that being physically present would bring. Many groups such as Anonymous, use tools such as Denial-of-service attack to attack and censor groups who oppose them, creating many concerns for freedom and respect for differences of thought.
Many believe that cyberterrorism is an extreme threat to countries’ economies, and fear an attack could potentially lead to another Great Depression. It is always prevalent during many debates of leaders whom agree that cyberterrorism has the highest percentage of threat over other possible attacks on their soil and territory. Although natural disasters are considered a top threat and have proven to be devastating to people and land, there is ultimately little that can be done to prevent such events from happening. Thus, the expectation is to focus more on preventative measures that will make Internet attacks impossible for execution.
As the Internet continues to expand, and computer systems continue to be assigned increased responsibility while becoming more complex and interdependent, sabotage or terrorism via the internet may become a more serious threat and is possibly one of the top 10 events to “end the human race.” The internet of things promises to further merge the virtual and physical worlds, which some experts see as a powerful incentive for states to use terrorist proxies in furtherance of objectives.
Dependence on the internet is rapidly increasing on a worldwide scale, creating a platform for international cyber terror plots to be formulated and executed as a direct threat to countries and their national security. For terrorists, cyber-based attacks have distinct advantages over physical attacks. They can be conducted remotely, anonymously, and relatively cheaply, and they do not require significant investment in weapons, explosive and personnel. The effects can be widespread and profound. Incidents of cyberterrorism are likely to increase. They will be conducted through denial of service attacks, malware, and other methods that are difficult to envision today. In an article about cyber-attacks by Iran and North Korea, the New York Times observes, “The appeal of digital weapons is similar to that of nuclear capability: it is a way for an outgunned, out financed nation to even the playing field”. ’These countries are pursuing cyber weapons the same way they are pursuing nuclear weapons,’ said James A. Lewis, a computer security expert at the Center for Strategic and International Studies in Washington. ‘It’s primitive; it’s not top of the line, but it’s good enough and they are committed to getting it.’
It was during the late 1980s, when the real public interest in cyberterrorism began, during which the term was coined by Barry C. Collin. From here as 2000 approached, the fear and uncertainty about the media hyped millennium bug heightened, as did the potential for attacks by cyber terrorists. Although the millennium bug was by no means a terrorist attack or plot against the world, it did act as a catalyst in sparking the fears of a possibly large-scale devastating cyber-attack. Commentators noted that many of the facts of such incidents seemed to change, often with exaggerated media reports.
During the research it was apparent that the majority of the media and publications originated from the Unites States such as the high profile terrorist attacks in the United States on 11th September 2001 and the ensuing “War on Terror” by the US led to further media coverage of the potential threats of cyberterrorism in the years following. Mainstream media coverage often discusses the possibility of a large attack making use of computer networks to sabotage critical infrastructures with the aim of putting human lives in jeopardy or causing disruption on a national scale either directly or by disruption of the national economy.
As earlier discussed about the so-called solutions and success, authors such as Winn Schwartau and John Arquilla are reported to have had considerable financial success selling books that described what were purported to be plausible scenarios of mayhem caused by cyberterrorism. Many critics claim that these books were unrealistic in their assessments of whether the attacks described (such as nuclear meltdowns and chemical plant explosions) were possible. A common thread throughout what critics perceive as cyber terror-hype is that of non-falsifiability; that is, when the predicted disasters fail to occur, it only goes to show how lucky we’ve been so far, rather than impugning the theory.
An operation can be done by anyone anywhere in the world, for it can be performed thousands of miles away from a target. An attack can cause serious damage to a critical infrastructure which may result in casualties. Attacking an infrastructure can be power grids, monetary systems, dams, media, and personal information. Some attacks are conducted in furtherance of political and social objectives, as the following examples illustrate:
- In 1996, a computer hacker allegedly associated with the White Supremacist movement temporarily disabled a Massachusetts ISP and damaged part of the ISP’s record keeping system. The ISP had attempted to stop the hacker from sending out worldwide racist messages under the ISP’s name. The hacker signed off with the threat, “you have yet to see true electronic terrorism. This is a promise.”
- In 1998, Spanish protesters bombarded the Institute for Global Communications (IGC) with thousands of bogus e-mail messages. E-mail was tied up and undeliverable to the ISP’s users, and support lines were tied up with people who couldn’t get their mail. The protestors also spammed IGC staff and member accounts, clogged their Web page with bogus credit card orders, and threatened to employ the same tactics against organizations using IGC services. They demanded that IGC stop hosting the website for the Euskal Herria Journal, a New York-based publication supporting Basque independence. Protestors said IGC supported terrorism because a section on the Web pages contained materials on the terrorist group ETA, which claimed responsibility for assassinations of Spanish political and security officials, and attacks on military installations. IGC finally relented and pulled the site because of the “mail bombings.”
- In 1998, ethnic Tamil guerrillas attempted to disrupt Sri Lankan embassies by sending large volumes of e-mail. The embassies received 800 e-mails a day over a two-week period. The messages read “We are the Internet Black Tigers and we’re doing this to disrupt your communications.” Intelligence authorities characterized it as the first known attack by terrorists against a country’s computer systems.
- During the Kosovo conflict in 1999, NATO computers were blasted with e-mail bombs and hit with denial-of-service attacks by hacktivists protesting the NATO bombings. In addition, businesses, public organisations, and academic institutes received highly politicized virus-laden e-mails from a range of Eastern European countries, according to reports. Web defacements were also common. After the Chinese Embassy was accidentally bombed in Belgrade, Chinese hacktivists posted messages such as “We won’t stop attacking until the war stops!” on U.S. government Web sites.
- Since December 1997, the Electronic Disturbance Theater (EDT) has been conducting Web sit-ins against various sites in support of the Mexican Zapatistas. At a designated time, thousands of protestors point their browsers to a target site using software that floods the target with rapid and repeated download requests. EDT’s software has also been used by animal rights groups against organizations said to abuse animals. Electrohippies, another group of hacktivists, conducted Web sit-ins against the WTO when they met in Seattle in late 1999. These sit-ins all require mass participation to have much effect, and thus are more suited to use by activists than by terrorists.
- In 2000, a Japanese Investigation revealed that the government was using software developed by computer companies affiliated with Aum Shinrikyo, the doomsday sect responsible for the sarin gas attack on the Tokyo subway system in 1995. “The government found 100 types of software programs used by at least 10 Japanese government agencies, including the Defense Ministry, and more than 80 major Japanese companies, including Nippon Telegraph and Telephone.” Following the discovery, the Japanese government suspended use of Aum-developed programs out of concern that Aum-related companies may have compromised security by breaching firewalls. Gaining access to sensitive systems or information, allowing invasion by outsiders, planting viruses that could be set off later, or planting malicious code that could cripple computer systems and key data system.
- In March 2013, the New York Times reported on a pattern of cyber-attacks against U.S. financial institutions believed to be instigated by Iran as well as incidents affecting South Korean financial institutions that originate with the North Korean government.
- In August 2013, media companies including the New York Times, Twitter and the Huffington Post lost control of some of their websites Tuesday after hackers supporting the Syrian government breached the Australian Internet company that manages many major site addresses. The Syrian Electronic Army, a hacker group that has previously attacked media organisations that it considers hostile to the regime of Syrian president Bashar al-Assad, claimed credit for the Twitter and Huffington Post hacks in a series of Twitter messages. Electronic records showed that NYTimes.com, the only site with an hours-long outage, redirected visitors to a server controlled by the Syrian group before it went dark.
Apart from the above other actions can cause damage and even though they are attributed to the cyber domain can damage physical products; non-political acts of sabotage have caused financial and other damage. In 2000, disgruntled employee Vitek Boden caused the release of 800,000 litres of untreated sewage into waterways in Maroochy Shire, Australia. More recently, in May 2007 Estonia was subjected to a mass cyber-attack in the wake of the removal of a Russian World War II war memorial from downtown Tallinn. The attack was a distributed denial-of-service attack in which selected sites were bombarded with traffic to force them offline; nearly all Estonian government ministry networks as well as two major Estonian bank networks were knocked offline; in addition, the political party website of Estonia’s current Prime Minister Andrus Ansip featured a counterfeit letter of apology from Ansip for removing the memorial statue. Despite speculation that the attack had been coordinated by the Russian government, Estonia’s defence minister admitted he had no conclusive evidence linking cyber-attacks to Russian authorities. Russia called accusations of its involvement “unfounded,” and neither NATO nor European Commission experts were able to find any conclusive proof of official Russian government participation. In January 2008 a man from Estonia was convicted for launching the attacks against the Estonian Reform Party website and fined.
During the Russia-Georgia War, on 5 August 2008, three days before Georgia launched its invasion of South Ossetia, the websites for OSInform News Agency and OSRadio were hacked. The OSinform website at osinform.ru kept its header and logo, but its content was replaced by a feed to the Alania TV website content. Alania TV, a Georgian government supported television station aimed at audiences in South Ossetia, denied any involvement in the hacking of the websites. Dmitry Medoyev, at the time the South Ossetian envoy to Moscow, claimed that Georgia was attempting to cover up information on events which occurred in the lead up to the war. One such cyber-attack caused the Parliament of Georgia and Georgian Ministry of Foreign Affairs websites to be replaced by images comparing Georgian president Mikheil Saakashvili to Adolf Hitler. Other attacks involved denials of service to numerous Georgian and Azerbaijani websites, such as when Russian hackers allegedly disabled the servers of the Azerbaijani Day.Az news agency.
Matusitz, Jonathan (April 2005). “Cyberterrorism:”. American Foreign Policy Interests 2: 137–147.
“India Quarterly : a Journal of International Affairs”. 42-43. Indian Council of World Affairs. 1986: 122. The difficulty of defining terrorism has led to the cliche that one man’s terrorist is another man’s freedom fighter
What is cyberterrorism? Even experts can’t agree at the Wayback Machine (archived November 12, 2009). Harvard Law Record. Victoria Baranetsky. November 5, 2009.
“Latest viruses could mean ‘end of world as we know it,’ says man who discovered Flame”, The Times of Israel, June 6, 2012
“Cyber espionage bug attacking Middle East, but Israel untouched — so far”, The Times of Israel, June 4, 2013
Harper, Jim. “There’s no such thing as cyber terrorism”. RT. Retrieved 5 November 2012.
White, Kenneth C. (1998). Cyber-terrorism: Modern mayhem. U.S. Army War College. Retrieved 13 March 2015.
Cyberterrorism National Conference of State Legislatures.
Gable, Kelly A. “Cyber-Apocalypse Now: Securing the Internet against Cyberterrorism and Using Universal Jurisdiction as a Deterrent” Vanderbilt Journal of Transnational Law, Vol. 43, No. 1
Anderson, Kent (October 13, 2010). “Virtual Hostage: Cyber terrorism and politically motivated computer crime”. The Prague Post. Retrieved 2010-10-14.
“Top 10 events that may end the human race”. Yahoo News. Oct 27, 2010. Retrieved 2010-11-01.
Costigan, Sean (25 January 2015). “Cyber terrorism must be jointly tackled”. Sunday Guardian. Retrieved 12 March 2015.
Perlroth, Nicole; Sanger, David E. (28 March 2013). “Corporate Cyberattacks, Possibly State-Backed, Now Seek to Destroy Data”. The New York Times.
William L. Tafoya,Ph.D.,”Cyber Terror”, FBI Law Enforcement Bulletin (FBI.gov), November 2011
“White House shifts Y2K focus to states, CNN (Feb. 23, 1999)”. CNN. 23 February 1999. Retrieved 25 September 2011.
Chabrow, Eric. Obama Cybersecurity Coordinator Resigns. GovInfoSecurity.com, May 17, 2012. Accessed: Feb. 11, 2014.
White House Names New Cybersecurity Chief. BreakingGov.com May 17, 2012. Accessed: Feb. 11, 2014.
McDonald, Ryan.White House Security Chief Warns. Baltimore Biz Journal. January 29, 2014. Access date: Feb. 11, 2014.
Maryann Cusimano Love.(2011). Beyond Sovereignty: Issues for a Global Agenda. Wadsworth, Cengage Learning.
Yu, Eileen (27 May 2011). “China dispatches online army”. ZDNet Asia. Retrieved 3 June 2011. Geng Yansheng, spokesperson for China’s Defense Ministry, was quoted to say that the PLA set up the cyberwar unit, or ‘cyber blue team’, to support its military training and upgrade the army’s Internet security defense.
“China Confirms Existence of Elite Cyber-Warfare Outfit the ‘Blue Army'”. Fox News. 26 May 2011. Retrieved 3 June 2011. China set up a specialized online ‘Blue Army’ unit that it claims will protect the People’s Liberation Army from outside attacks, prompting fears that the crack team was being used to infiltrate foreign governments’ systems.
Ayers, Cynthia (September 2009). “The Worst is Yet To Come”. Futurist: 49.
Denning, Dorothy (Autumn 2000). “Cyberterrorism: The Logic Bomb versus the Truck Bomb”. Global Dialogue 2 (4). Retrieved 20 August 2014.
Maryann Cusimano Love, Public-Private Partnerships and Global Problems: Y2K and Cybercrime. Paper Presented at the International Studies Association, Hong Kong, July 2001.
Calvin Sims, “Japan Software Suppliers Linked to Sect,” The New York Times (March 2, 2000): A6.
“Malicious Control System Cyber Security Attack Case Study–Maroochy Water Services, Australia” (PDf). csrc.nist.gov.
“Hacker jailed for reverse sewage”. The Register. October 31, 2001.
Estonia has no evidence of Kremlin involvement in cyber attacks
“Estonia fines man for ‘cyber war'”. BBC. 2008-01-25. Retrieved 2008-02-23.
Leyden, John (2008-01-24). “Estonia fines man for DDoS attacks”. The Register. Retrieved 2008-02-22.
“S.Ossetian News Sites Hacked”. Tbilisi: Civil Georgia. 5 August 2008. Retrieved 26 January 2009.
Wentworth, Travis (12 August 2008). “You’ve Got Malice: Russian nationalists waged a cyber war against Georgia. Fighting back is virtually impossible.”. Newsweek. Retrieved 26 January 2009.
Markoff, John (13 August 2008). “Before the Gunfire, Cyberattacks”. The New York Times. Retrieved 26 January 2009.
Today.az (11 August 2008). Russian intelligence services undertook large scale attack against Day.Az server
Russian nationalists claim responsibility for attack on Yushchenko’s Web site International Herald Tribune
“Hackers attack U.S. government Web sites in protest of Chinese embassy bombing”. CNN. Retrieved 2010-04-30.
Copyright | © 2017 Stephen Langley
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
About the Author
Stephen Langley is an accomplished Senior Security Professional and Brand Protection Manager, who has expertise in compliance related investigations. Stephen holds a degree in UK Law (LLB) that he attained from the Open University and a MSc in Security Management that he obtained from the University of Portsmouth and also various Leadership and Management qualifications.
Other Publications from Stephen
Langley S. (2016). ‘Insider Threat’ in M. Petrigh (ed.) Security and Risk Management: Critical Reflections and International Perspectives, Volume 1 (pp. 37-68). London: Centre for Security Failures Studies Publishing
Subscribe to Stephen’s Articles
Readers who would like to receive an automatic notification every time Stephen Langley publishes a new Article on our Blog can subscribe via FeedBurner, either by email or RSS.
The opinions expressed in this Article are those of the author and do not reflect the opinions of the Centre for Security Failures Studies or its Editors or its Members. Neither the Centre for Security Failures Studies nor the author of this Article guarantee the accuracy or completeness of any information published herein and neither the Centre for Security Failures Studies nor the author shall be responsible for any error, omission, or claim for damages, including exemplary damages, arising out of use, inability to use, or with regard to the accuracy or sufficiency of the information contained in this Article.
Your Opinion Matters
Do you have anything to say about this article, the issues it revealed or the insights it gave you? Was it useful, did you like it?Interact with the author of this Article and other security and risk professionals by using the comment box and the “like button” placed just below.