Cyber Terrorism: The darker side of internet applications

Extract

[...] During the past five years, terrorists have shown a stronger interest in and capability to conduct cyber attacks, and they have successfully conducted numerous attacks against websites. Moreover, even if our critical infrastructures are not under forthcoming threat by terrorists seeking political and social objectives, they must be protected from harmful attacks conducted for other reasons such as money, revenge, youthful curiosity, and war. The owners of these infrastructures and their governments must defend against cyber attacks regardless of who may perpetrate them. G.Meighan. "An Examination of the concept of Cyber-terrorism" Communique Management Journal K.Kerr. "Putting cyberterrorism into context". Australian Computer Emergency Response Team. Oct-2003. D. [...]

[...] Answer is awareness of computer and Internet security loopholes and stays ready with the soft solutions. Establish communication channels before attacks happen: Develop organizational / business continuity plans Raise logging levels Employ security best practices: o Apply software patches and updates o Use firewalls Employ anti-virus software and intrusion detection systems (IDS) Use BLUE and RED teams for assessments Secure critical information assets Practice ingress and egress filtering Duell proposes some methods of counter cyber terrorism for an organization. Anti-virus software: Needs to be installed on ALL computers, should never be disabled, and should always be kept up to date with the latest detection and cleaning data files. [...]

[...] The rest of the paper is organized as follows. Section II describes an overview of cyberterrorism and its targets. Section III explains network security perspective of cyberterrorism. Section IV illustrates how terrorists use the cyberspace. Section V discusses counter measures for cyberterrorism. Section VI tells how serious the threat is? I conclude in section VII followed by list of references used. I. INTRODUCTION India is a witness of terrorism since its birth; but the world started taking it seriously after 9/11. [...]

[...] The CERT Coordination Center, for example, provides several indicators of Internet vulnerability to hacking or other malicious activity; their most recent report indicates the number of annual Internet security incidents grew exponentially from 1988 to 2001. The Internet thus continues to be vulnerable to terrorist offensive information operations. Encryption and information hiding technologies currently available allow almost anyone with an Internet connection to achieve high levels of security for selected files, communications or even whole systems. Numerous means exist by which terrorist organizations can effectively scramble and conceal messages or files. [...]

[...] The NPS study defined three levels of cyber terror capability: Simple-Unstructured: The capability to conduct basic hacks against individual systems using tools created by someone else. The organization possesses little target analysis, command and control, or learning capability. Advanced-Structured: The capability to conduct more sophisticated attacks against multiple systems or networks and possibly, to modify or create basic hacking tools. The organization possesses an elementary target analysis, command and control, and learning capability. Complex-Coordinated: The capability for a coordinated attacks capable of causing massdisruption against integrated, heterogeneous defenses (including cryptography). [...]