Cyber-Terrorism

Cyber-Terrorism

By Keith Giacobozzi

27, Feb, 2011

"By placing this statement on my webpage, I certify that I have read and understand the GMU Honor Code on http://academicintegrity.gmu.edu/honorcode/ .  I am fully aware of the following sections of the Honor Code: Extent of the Honor Code, Responsibility of the Student and Penalty. In addition, I have received permission from the copyright holder for any copyrighted material that is displayed on my site. This includes quoting extensive amounts of text, any material copied directly from a web page and graphics/pictures that are copyrighted. This project or subject material has not been used in another class by me or any other student. Finally, I certify that this site is not for commercial purposes, which is a violation of the George Mason Responsible Use of Computing (RUC) Policy posted on http://universitypolicy.gmu.edu/1301gen.html web site."

In the modern age’s growing dependency on cyber-technology, a new threat begins to emerge on the digital frontier.  More and more, everyday facts of life are being integrated digitally, and as our nation’s infrastructure becomes linked, it also becomes more vulnerable.  The opinions of cyber-terrorism’s existence and possibilities are far ranging, from those who believe that it’s not really a threat and could never do any serious or lasting damage, to the apocalyptic views of those who believe it can cause devastating damage.  In this paper we will review the types of cyber-terrorism, from the internet as a platform for propaganda to actual cyber-attacks; and the preventative measures and information security available, as well as the social ramifications of a more regulated internet.

            Generally, cyber-terrorism is defined as an attack on electronic communication networks.  However, it is also used loosely to describe the use of the internet by terrorists to spread their messages, their propaganda, and fear.  As terrorist groups have evolved from a hierarchal structure to independent terrorist cells working together to achieve their goals, the internet has become an ideal forum for them to spread their ideals and to keep in communication with their related cells.  It is inexpensive and efficient to use the readily available internet for their purposes, and extremely easy for them to retain their anonymity.

            One very well known terrorist group’s use of the internet for these purposes is Al Qaeda’s cyber-propaganda.   Al Qaeda has used the internet to post claims of responsibility for various acts, such as the downing of Kenyan airplane, and the bombing of the Jakarta Marriott Hotel on 5 August, 2003.  They also use the web site al Qaeda’s Center for Islamic Studies and Research, which published the online journals Sawt al-Jihad, and The Voice of Jihad.  These online magazines focus on the use of violence as jihad’s only way.  Other al Qaeda supporting groups such as the Muslim al-Muhajiroun and the S.O.S. (Supporters of Shareeah) have published web sites to show their support and to help spread their messages.

            Not all terrorist related websites are so overt, however.  The FARC, which are the Revolutionary Armed Forces of Columbia, have much less flashy websites than the al Qaeda’s.  They prefer much more stable sites, focused more on information and publicity.  Terrorists have even been known to use normal websites such as various social networking sites like Myspace, Facebook, and even Youtube to spread their propaganda and threats.  Most well known are the actual videos and stills of terrorist acts that have been posted on the internet, including beheadings, shootings, and other acts of violence and terror.  The nature of the internet makes it the ideal forum to spread these acts; Being quick to spread, hard to shut down, and very difficult to trace.

            The biggest fear of many people and government agencies, however, is the threat of an actual cyber-attack.  In this modern age, everything is being networked, and many systems are reliant on computers and on computer networks.  Hackers and viruses have always been a very real threat that we have dealt with in the past, causing disruption and spreading fear.  Imagine the damage that could be caused if vital infrastructures or sensitive computer networks’ security were breached.

            Disruption via cyber-attack could be caused to a variety of communication systems, including internet, phone, and cable.  There is the possibility of breach into secure networks responsible for running corporations, hospitals, or even government agencies.  Various operations and tests have been carried out in the past to determine the security of various military installations and critical computer networks.  The first such exercise, code named ‘Eligible Receiver’ was carried out by 35 NSA computer hackers known as ‘the Red Team.’  They could only use software and hacking tools that could be downloaded freely from the internet.  They were authorized to break into various Pentagon Networks, but could not break any US laws.  Their main target was the Pacific Command in Hawaii, and they were easily able to break into the network, where they could read and make minor changes to sensitive E-mails, disrupt telephone services, and conduct denial of service attacks.  They managed all of this without being traced or identified. 

            Such exercises in the past made it very clear that the nation’s cyber-security needed to be improved, and led to the creation of the post of Chief Information Officer, and to a push for increased cyber-security.  However, if the nation’s security networks could be penetrated so easily, it means that the private-sector infrastructures are also vulnerable.  Telecommunications networks and electrical power grids, even banks and economic systems could be disrupted by determined cyber-terrorist hackers.  Such attacks could cause widespread panic, and even do damage to the economy. 

            Although no truly devastating attack has occurred yet, there have been instances of cyber-attack in the past already.  In January of 2003, the SQL “Slammer” virus rendered 13,000 ATM Bank of America ATM machines inoperable, and forced Continental Airlines in New Jersey to ground flights due to system inoperability.  In 1998 a 12-year old hacker broke into the computer system controlling Arizona’s Roosevelt Dam’s floodgates and had complete control over the system, which would have allowed him to flood the city of Phoenix.   In April of 2000 the “ILOVEYOU” virus rendered a petroleum refinery in Texas inoperable.  In September of 2003 the “Welchia” virus disabled the State Department’s Consular Lookout and Support System, which contained records from the FBI, State Department, and US immigration. 

            More recently is the Stuxnet computer worm, which was discovered in July 2010.  This Windows based worms targets industrial software and equipment, and was the first malware discovered that spies on and subverts industrial systems.  The worm included a highly specialized malware program that targeted Siemens Supervisory Control And Data Acquisition (SCADA) systems.  Although the worm infected many computers, it only did damage to the Iran nuclear program Siemens SCADA system.  It specifically targeted the centrifuges used in the production of nuclear material, making them spin so fast that they were damaged.  The worm even covered the change in speed to prevent it from being discovered.  This went on for a year before it was discovered and the damage it caused to the Iranian nuclear production plant is estimated to have set back the program about two years.

            So what can we do to protect ourselves from this increasing threat?  In recent years, software and hardware companies have made their products more secure.  Firewalls and anti-virus programs are always being worked on, made to be tougher and quicker at virus detection.  Operating systems’ security has been made stronger.  Even as our security improves, however, creative hackers will find a way to get past the new security code.  It is important, then to always have up to date patches for security, and for the developers to provide new patches against new threats as quickly as possible.  In these regards, constant vigilance is important.  There is no such thing as perfect security, and we must always work to make sure our systems are as safe as possible.

           

            Another method of security is through the monitoring of the internet.  Searching social websites, suspected terrorist web-pages, and even online communications such as chat-rooms and E-mails, is used to detect terrorist activity or terrorist threats.  This process is called sniffing.  A sniffer is a software program that searches internet traffic for specific items or keywords it’s programmed to find.    Another such program is Carnivore, which is akin to a wiretap on the internet.  It intercepts large volumes of E-mail and other online communication methods in order to find suspicious messages. 

            Some issues arise from these aggressive measures, however, especially pertaining to rights to freedom of speech, and freedom of information.  Many people are in protest to such invasive programs, such as the Magic Lantern technology, being developed by the FBI, which allows investigators to secretly install eavesdropping software onto a person’s computer and record every single keystroke.  While security is important, it’s important that a line be maintained when it come to protecting an individual’s rights, and there will always be dispute on where that line should be drawn.

            In conclusion, it is important to be aware of the very real threat of cyber-terrorism.  It is crucial to remain vigilant and to defend ourselves against such potentially devastating attacks.  It is also important to maintain and protect the rights of our citizens, and to find the balance between safety and freedom.  Although such incidents of cyber-attacks have been small in the past, they remain a very real, and very dangerous possibility of the future.

Bibliography

Weimann, G. (2006).  Terror on the Internet. Washington, D.C.: United States Institution of Peace.

Book that Analyzes terrorists and their use of the internet for their goals.

Verton, D. (2003). Black Ice, The Invisible Threat of Cyber-Terrorism. Emeryville, CA: The McGraw-Hill Companies.

Book that talks about cyber-terrorism in the post 9-11 world, and cyber security.

Barnes, E. (26 Nov, 2010). Mystery Surrounds Cyber Missile That Crippled Iran’s Nuclear Weapons Ambitions. FoxNews.com. Retrieved 27 February, 2011, from http://www.foxnews.com/scitech/2010/11/26/secret-agent-crippled-irans-nuclear-ambitions/

Article that describes the Stuxnet worm, which attacked Iran’s nuclear development program.

Skinner, T. (19 Sep, 2008). War and PC: cyberwarfare. Jane’s Defence Weekly. Retrieved 27 february, 2011, from http://www.defence.pk/forums/military-forum/14395-war-pc-cyberwarfare.html

Article that talks about cyber-attacks and new developments in cyber-warfare and cyber-security.

Billo, C. and Chang, W. (2004). Cyber Warfare, An Analysis of the Means and Motivitaions of Selected Nation States. Hanover, NH: Trustees of Dartmouth College.

Article that describes various incidents of cyber-attack in the past, and means of cyber-attacks.