Cyber terror

As all things are becoming computerized in work, play, and even socialization, so is the negative side of the equation. Where efficiencies are made in aiding people, these same technologies are being used for more nefarious designs such as terrorism. With the increase in computational power and connectivity, we are seeing a rise in efficiencies here as well.

Cyber terrorism cannot easily be defined and there are few in the industry who agree on exactly what it means and what the effects can/may be. However, the simplest explanation is that cyber terror is the future of terrorism as all things move online.

"Terrorism" is defined as "the attempt to change a target's political process through fear and intimidation“.1 When this is done online using networked systems, it is cyber terror. We have witnessed a change in terrorism over the past decades. As soft targets have improved their defences, other targets have come to the fore. This has moved attacks from government buildings and figures toward civilian targets. In the coming years, this will become even easier as the mind-set of those in control of the various terror groups evolves.
Although few like to admit it, Cyber Terror is the next big threat.

Cyber terror can be used to attack critical infrastructure and to create chaos. This does not, as some have supposed, mean Armageddon or the end of the world. More traditional terror attacks, from hijacking airliners, to the Bali bombing, and even as far as the US World Trade Towers in 911, have not resulted in what can be seen as widespread damage and loss of life. The death toll can be significant, but it never reaches a point where society is affected from this loss alone. All that is needed is a means to instil fear and panic.

Traditionally, terror groups have used suicide pacts to fulfil their mission. In an online world, the terrorist does not need to die to achieve the same effects. The scope of such an incident can be seen from the aftermath of the Polish rail hack in 20082. In this incident, the attack was not designed as a terror attack but was committed by a rather ignorant teen hacker. These incidents will only help to educate the terrorist of the future.

As the terrorist of the future will not need to commit suicide, nor take a risk to complete an assignment, this will result in many attacks, not one, from an individual terrorist. Some see this as a reason why cyber terror will not become an issue. They believe that without the act of suicide, or at least significant risk to the terrorist, fear will not be created from the event.

In reality, there will be more fear. In the past, there was a focus on the fear caused by a terror event. When this can be anyone and anything, the fear effect escalates. If it had been an organized interception of the Polish Rail system with announcements that Western countries will be next, rather than a teenage hacker, the results would have been far different.

Short-Term

We have time, as existing terror groups have not formed a real, coherent strategy for cyberspace, but this is changing. Short-term pain is easier to handle than a long-term strategic plan for damage. Right now, many groups have a focus on traditional kinetic effects. The result is a disjointed approach to non-state terror.
This is more luck than anything else.

Long-Term

In time, and we are starting to see this change, terror groups will become more sophisticated and organized. Then, plans will move from months to years as forces move from traditional cell based models to newer distributed forms based on social networks and distributed lines of communication (some of which can be impossible to trace).

How Cyber Terror has and is Developing

Currently, we are in the early days and many systems have been infiltrated by state players. These are separate issues, but remain a concern. As much as some say that terror groups are acting with the complete use of technology, traditional terror groups may recruit online but they are still behind. In many ways they have lacked patience, but this too is changing as newer generations bring new schools of thought into old groups.

Types of attacks

At present, short term plans, and lack of more strategic plans, have left terror groups at a disadvantage. New forms of attack based on longer term strategic goals are starting to develop. This will see a move from simple-unstructured attacks to complex-coordinated attacks, in time.

Simple-Unstructured

Currently, terror groups are engaged in electronic terror efforts in a simplistic and unstructured manner. This involves the capability to conduct basic hacks against individual systems using tools created by someone else. What we see are groups that possess little target analysis, command and control, or learning capability3.

Advanced-Structured

This In the coming years this will change and become more advanced, leading to the capability to conduct more sophisticated attacks against multiple systems or networks, and possibly to modify or create basic hacking tools. will come about as terror organizations start to possess an elementary target analysis, command and control, and learning capability.

Complex-Coordinated

The final phase is the development of long-term strategy goals in cyberspace that impact the physical world. This will involve the capability for coordinated attacks capable of causing mass-disruption against integrated, heterogeneous defences (including cryptography). What we will see is an increasing ability to create sophisticated hacking tools outside of the state-based players. More importantly, technological advances will provide a capacity for terror groups to engage in a highly capable target analysis, command and control, and organizational learning capability that will enable complex attacks without any attribution of the source.

Now…

Right now we remain in the simple-unstructured phase of cyber terror. Here we see the open use of common tools, website defacement and interference, and basic attacks on public-facing systems. This will change in time with the advanced stage taking two to four (or more) years before this level can be achieved. What may accelerate this is outsourcing...
Cyber crime groups have made significant advances in their ability to infiltrate systems. To make it into the highest levels of effect takes eight to twelve years worth of training and co-ordination, but existing groups have been too impatient and new groups have not reached this level as yet.

Conclusion

Using public sources openly and without resorting to illegal means, it is possible to gather at least 80 percent of all information required about the enemy4. This is where we stand now. Terror groups recruit and use network systems as a means to gather information. We are at a junction as we witness a change in tactics. Now is the time to start planning and guiding the future instead of reacting to it.

1 As quoted by Marcus Ranum and viewed online at http://blog.tenablesecurity.com/2008/05/cyberterror-par.html

2 See http://www.theregister.co.uk/2008/01/11/tram_hack/

3 See the following paper for a more in-depth analysis: http://www.au.af.mil/au/awc/awcgate/nps/cyberterror_prospects.pdf

4 Taken from a captured al Qaeda training manual.

About us

Who we are

What we do

Leadership

The CSCSS Deliverable

Expert Cyber Support for Government

Experts

Regions

Partnerships

Call for Cyberspace / Cyber Security Faculty + Analysts

Contact CSCSS

Enterprise Technology + Security Consortium

Technology Accreditation Group (TAC)

Security Consultancy

Strategic Vendor Partners

Deliverables

Defence + Intelligence

National - Defense Agencies

Intelligence Community

Civilian Government Agencies

Commercial Organizations

International Cybersecurity + Intelligence Protection

Cyberspace

Programs + Initiatives

Strategic Cyberspace Science

Partnerships

Industry Security Working Groups

National Cyberspace Cyber Security Initiatives

Critical Infrastructure Protection (CIP) Group

Cyber Conflict Centre

Organization

Activities

Core Competencies

Research, Development + Training

University / Academic Partnerships

Information Security Oversight/National Security Information Requirements

Research

Cyberspace Science Research + Development Group (CSRD Group)

CSRD Group Strategic Goals

A Comprehensive Cyber Conflict Research Agenda

Cyber Conflict Studies

Challenges and Opportunities for State Actors in Cyber Conflict

The Weaponry and Strategies of Cyber Conflict

Cyber Modelling + Simulation Centre | CMSC

News + Events + Briefings

News

Events

Commentary + Research

Briefings

CSCSS Press Releases

© 2012 Center for Strategic Cyberspace + Security Science | Site by Snuffbox