Seminar Report on Cyber Terrorism 2012-2013

INTRODUCTION

Cyberterrorism is a new terrorist tactic that makes use of information

systems or digital technology, especially the Internet, as either an instrument or a

target. As the Internet becomes more a way of life with us,it is becoming easier for

its users to become targets of the cyberterrorists. The number of areas in which

cyberterrorists could strike is frightening, to say the least. The difference between

the conventional approaches of terrorism and new methods is primarily that it is

possible to affect a large multitude of people with minimum resources on the

terrorist's side, with no danger to him at all. We also glimpse into the reasons that

caused terrorists to look towards the Web, and why the Internet is such an

attractive alternative to them. The growth of Information Technology has led to the

development of this dangerous web of terror, for cyberterrorists could wreak

maximum havoc within a small time span. Various situations that can be viewed as

acts of cyberterrorism have also been covered. Banks are the most likely places

to receive threats, but it cannot be said that any establishment is beyond attack.

Tips by which we can protect ourselves from cyberterrorism have also been

covered which can reduce problems created by the cyberterrorist.We, as the

Information Technology people of tomorrow need to study and understand the

weaknesses of existing systems, and figure out ways of ensuring the world's safety

Dept. Of Electrical & Electronics Engg. 1 G.P.T.C, Muttom

Seminar Report on Cyber Terrorism 2012-2013

from cyberterrorists. A number of issues here are ethical, in the sense that

computing technology is now available to the whole world, but if this gift is used

wrongly, the consequences could be disastrous. It is important that we understand

and mitigate cyberterrorism for the benefit of society, try to curtail its growth, so

that we can heal the present, and live the future…

Dept. Of Electrical & Electronics Engg. 2 G.P.T.C, Muttom

Seminar Report on Cyber Terrorism 2012-2013

CYBER TERRORISM
Andrey, Frederick, and Phillip (the Week Three team) aim to help promote

awareness about the dangers of Cyber Terrorism and Cyber Warfare. Many

individuals may not even be aware that Cyber Terrorism and Cyber Warfare exist

and as such are unaware of the damage it can cause. The Week Three team’s

purpose in analyzing Cyber Terrorism and Cyber Warfare is to educate citizens on

how these attacks impact a nation, techniques used in the perpetration of these

attacks, and security measures that can be taken to guard against these attacks.

Purpose

To analyze Cyber Terrorism and Cyber Warfare and understand how it

affects all of us as a nation as well as recommend best practices to help protect

ourselves. It is our purpose to raise awareness of this issue that affects many lives

today.

Scope

Initial analysis of what Cyber Terrorism and Cyber Warfare is. This report

gives a comprehensive review on these two terms are, how it affects us in our daily

lives, and practices to protect ourselves.

Dept. Of Electrical & Electronics Engg. 3 G.P.T.C, Muttom

Seminar Report on Cyber Terrorism 2012-2013

Methods and Procedures

Research was conducted using a variety of secondary sources. Each team

member was responsible for one major category. After aggregating the research,

the team reviewed the information to reach its final recommendation.

Dept. Of Electrical & Electronics Engg. 4 G.P.T.C, Muttom

Seminar Report on Cyber Terrorism 2012-2013

OVERVIEW
As the Internet becomes more pervasive in all areas of human endeavor,

individuals or groups can use the anonymity afforded by cyberspace to threaten

citizens, specific groups (i.e. with membership based on ethnicity or belief),

communities and entire countries, without the inherent threat of capture, injury, or

death to the attacker that being physically present would bring.

As the Internet continues to expand, and computer systems continue to be

assigned more responsibility while becoming more and more complex and

interdependent, sabotage or terrorism via cyberspace may become a more serious

threat.

Dept. Of Electrical & Electronics Engg. 5 G.P.T.C, Muttom

Seminar Report on Cyber Terrorism 2012-2013

BASIC DEFINITION
Cyberterrorism is the leveraging of a target's computers and information ,

particularly via the Internet, to cause physical, real-world harm or severe disruption

of infrastructure. Cyberterrorism is defined as “The premeditated use of disruptive

activities, or the threat thereof, against computers and/or networks, with the

intention to cause harm or further social, ideological, religious, political or similar

objectives. Or to intimidate any person in furtherance of such objectives.” This

definition was created by Kevin G. Coleman of the Technolytics Institute

...subsumed over time to encompass such things as simply defacing a web site or

server, or attacking non-critical systems, resulting in the term becoming less

useful...

There are some that say cyberterrorism does not exist and is really a matter

of hacking or information warfare. They disagree with labeling it terrorism because

of the unlikelihood of the creation of fear, significant physical harm, or death in a

population using electronic means, considering current attack and protective

technologies.

BACKGROUND INFORMATION

Public interest in cyberterrorism began in the late 1980s. As the year 2000

approached, the fear and uncertainty about the millennium bug heightened and

interest in potential cyberterrorist attacks also increased. However, although the

Dept. Of Electrical & Electronics Engg. 6 G.P.T.C, Muttom
Seminar Report on Cyber Terrorism 2012-2013

millennium bug was by no means a terrorist attack or plot against the world or the

United States, it did act as a catalyst in sparking the fears of a possibly large-scale

devastating cyberattack. Commentators noted that many of the facts of such

incidents seemed to change, often with exaggerated media reports. The high profile

terrorist attacks in the United States on September 11, 2001 lead to further media

coverage of the potential threats of cyberterrorism in the years following.

Mainstream media coverage often discusses the possibility of a large attack making

use of computer networks to sabotage critical infrastructures with the aim of

putting human lives in jeopardy or causing disruption on a national scale either

directly or by disruption of the national economy.

Authors such as Winn Schwartau and John Arquilla are reported to have

had considerable financial success selling books which described what were

purported to be plausible scenarios of mayhem caused by cyberterrorism. Many

critics claim that these books were unrealistic in their assessments of whether the

attacks described (such as nuclear meltdowns and chemical plant explosions) were

possible. A common thread throughout what critics perceive as cyberterror-hype is

that of non-falsifiability; that is, when the predicted disasters fail to occur, it only

goes to show how lucky we've been so far, rather than impugning the theory.

Dept. Of Electrical & Electronics Engg. 7 G.P.T.C, Muttom

Seminar Report on Cyber Terrorism 2012-2013

EFFECTS

Cyberterrorism can have a serious large-scale influence on significant

numbers of people. It can weaken countries' economy greatly, thereby stripping it

of its resources and making it more vulnerable to military attack. Cyberterror can

also affect internet-based businesses. Like brick and mortar retailers and service

providers, most websites that produce income (whether by advertising, monetary

exchange for goods or paid services) could stand to lose money in the event of

downtime created by

CYBER CRIMINALS.

As internet-businesses have increasing economic importance to countries,

what is normally cybercrime becomes more political and therefore "terror" related.

Dept. Of Electrical & Electronics Engg. 8 G.P.T.C, Muttom

Seminar Report on Cyber Terrorism 2012-2013

CYBER TERRORISM VS. CYBER WARFARE

Cyber Terrorism

There exist multiple expert definitions of what Cyber Terrorism is. The

definition of Cyber Terrorism we will employ refers to the act of politically

motivated violence against information, computer systems, computer programs,

and data which may result in damage (Pollitt, n.d.). We live in the information age

where computers have become an integral aspect of our daily existence. We use it

at school, work, and at home to communicate with friends and family or to do

work. As we know, computer programs are always at risk of compromise which

results in companies frantically updating their systems in an attempt to secure their

programs. An example act of Cyber Terrorism would be if a group of foreign

militants were to attack government networks with the goal of spreading

propaganda. This serves as an example of Cyber Terrorism because it is a

politically motivated attack against computer systems with the intent of causing

harm.

Cyber Warfare

Some may consider that Cyber Terrorism to be the same as Cyber Warfare.

Although both are similar, Cyber Warfare is not political motivated. The definition

of Cyber Warfare refers to the use of computers and the internet to conduct warfare

Dept. Of Electrical & Electronics Engg. 9 G.P.T.C, Muttom

Seminar Report on Cyber Terrorism 2012-2013

in cyberspace. Information technology is emerging in many societies and has

become more readily available to hostile nations. Nations that may decide to use

their newfound technology to strike at their opponents’ communications. A

serious form of Cyber Warfare would be to attack an electrical power grid.

Attackers would penetrate and interrupt an electrical power grid system causing

blackouts. Depending on the size of this attack and its location, this may knock out

power to hospitals or other critical systems of a city.

Implication

An implication of Cyber Warfare and Cyber Terrorism is to cause harm to a

nation. A goal of these attacks is to create alarm and panic among citizens.

Attackers want to show how badly they can damage their victim nations by

hacking into government computers and taking control of critical systems. This can

affect citizens psychologically causing them to wonder how their government

could let this happen and what they can do to protect themselves and their families.

By achieving these goals, hackers succeeded in leading a nation into a state of

chaos and confusion.

Dept. Of Electrical & Electronics Engg. 10 G.P.T.C, Muttom

Seminar Report on Cyber Terrorism 2012-2013

METHODS AND TECHNIQUES

Cyber Attacks Increasing

Computer attacks have been raising the cyber warfare bar to a new level.

Each year there are more and more cyber attacks recorded through the world

(Germain, The Winds of Cyber War, 2008). In 2007, the U.S. Department of

Homeland Security published statistics showing 37,000 reported attempted

breaches of government and private computer systems. The prior year’s report

showed 24,000 attempts; a significant 158% increase in 2007 (Germain, The Art of

Cyber Warfare, Part 1: The Digital Battlefield, 2008).

Due to the increase of cyber attacks, the US Government is trying their best

to fortify network security. In the past 12 months, 75 percent of businesses

worldwide have experienced a cyber attack (U.S. Urged To Curb Hackers as Cyber

Attacks Increase, 2010). It’s becoming such a big issue that 42 percent of

businesses rated cyber crime as the biggest threat to them, that’s more than

terrorism, traditional crime, and natural disasters combined. Due to the increasing

threat, in May 2009, the U.S. President accepted a Cyberspace Policy Review (The

Comprehensive National Cybersecurity Initiative, 2010). This policy was to assess

U.S. structures and policies for cyber security and is an effort to work towards a

reliable and trustworthy digital infrastructure.

Dept. Of Electrical & Electronics Engg. 11 G.P.T.C, Muttom

Seminar Report on Cyber Terrorism 2012-2013

The Common Attack Methods

There are several popular cyber attack methods. These popular methods

include denial of service, distributed denial of service, and botnets (Cyber Attack

Techniques, 2009). Denial of service works by overwhelming the target computer

with useless network traffic, resulting in the blocking of legitimate network traffic

to the user. Distributed denial of service is similar in that it overwhelms the target

computer with network traffic, but instead this attack is launched from many

computers. The other popular method of attack is the use of botnets. A botnet is a

network of remotely controlled systems used to attack and distribute malware,

spam, and phishing scams. The word “bot” is short for “robots,” because they are

programs that are unknowingly installed on a target computer. This program

allows an unauthorized user to remotely control the system for malicious purposes

(Cyber Attack Techniques, 2009).

Popular Targets

Financial institutions and utility grids are now the prime targets of cyber

warfare and cyber espionage. After a report was released stating that electric power

grid has been infiltrated by foreign spies, the U.S. government has admitted that it

is susceptible to cyber attacks (LaMonica, 2009). Janet Napolitano from the US

homeland Security claimed “The vulnerability is something [we] have know about

for years.” World Bank has also reported being infiltrated at least six times in just

Dept. Of Electrical & Electronics Engg. 12 G.P.T.C, Muttom

Seminar Report on Cyber Terrorism 2012-2013

one year (Behar, 2008). Many other banks, like Bank of America, have also been

the victims of cyber attack. For instance, on January 29 th, 2010, their website was

down for a good part of the day (Carney, 2010).

CyberSecurity

In a government paper titled “Defining and Deterring Cyber War”, the

purpose of Cyber Security is described as “[to] increase a state’s resistance to

attacks and reduce the consequences of attacks.” (Beidleman, 2009) While this

paper was written in regards to governments, the concept holds true for businesses

as well. Cyber Security can be seen as two parts: resistance and mitigation of

damage.

Resistance to Cyber Terrorism is primarily implemented through security

technologies. The most prevalent security technology for large organizations is the

firewall. The firewall is literally the first line of defense when it comes to a

computer network. The firewall sits between the internal network of a company

and the outside world. It analyzes all incoming and outgoing transmissions and

provides multiple security services. Incoming packets are all screened for

malicious data before being rebroadcast into the network. Outgoing packets are

also all screened. Most firewalls come with features that allow for statistical

analysis of a network’s baseline. Fluxuations in the baseline beyond a certain range

Dept. Of Electrical & Electronics Engg. 13 G.P.T.C, Muttom

Seminar Report on Cyber Terrorism 2012-2013

may indicate an issue and prompt the firewall to notify a systems administrator for

further investigation.

The major forms of attack described in the last section (packet flooding and

botnets) are both addressed by firewalls. To reiterate - Denial of Service (DoS)

attacks, distributed or otherwise, attempt to flood a network with so much traffic

that no legitimate forms of data can be accepted into the system. Firewalls block

DoS attacks by identifying the sending source and blacklisting all data from that

location(s). Botnets or so-called “zombie computers” (Strickland, 2007) can also

be dealt with by firewalls. As mentioned, if botnets are employed in a DoS attacks,

the firewall blocks all traffic from that originating source. Moreover, firewalls can

detect botnet computers from within an internal network based on outgoing traffic

and can take steps to disinfect them. This involves automatically isolating the

infected nodes and informing a systems administrator who takes further steps to fix

the device.

Beyond the firewall, security software should also be installed on all

workstations in the network. The rationale behind this procedure is that individual

workstations may be infected by code that slips past the firewall. Security software

such as anti-virus and anti-spyware programs should be implemented and kept up-

to-date with the latest virus definitions. In addition, all devices on the network

Dept. Of Electrical & Electronics Engg. 14 G.P.T.C, Muttom

Seminar Report on Cyber Terrorism 2012-2013

should be kept up-to-date with the latest updates to seal potential security

vulnerabilities.

On the user side, there are several best-practices that can be used to prevent

or mitigate damage from cyber terrorist attacks. Firstly is the issue of access

control – users should only have access to resources that they require. The

rationale behind this statement is that, should a user account be compromised by

attackers, their level of access in the system is limited. To prevent the accounts

from being compromised in the first place, policies should be in place that enforce

strong passwords. The University of Texas recommends the following for

conditions in a strong password (Uni. of TX, 2009):

 “Use both upper- and lower-case letters.

 Place numbers and punctuation marks randomly in your password.

 Make your password long and complex, so it is hard to crack. Between 8 to

20 characters long is recommended.

 Use one or more of these special characters: ! @ # $ % * ( ) - + = , < > : : “

‘”

Moreover, the password policy should require that passwords be reset every

month and that identical passwords or password characters may not be reused for a

Dept. Of Electrical & Electronics Engg. 15 G.P.T.C, Muttom

Seminar Report on Cyber Terrorism 2012-2013

set period of time. This is so that cyber terrorists cannot run automated programs

that try every possible combination of characters to guess a password.

The final step to deterring cyber attack is continual penetration testing and

security audits of an organizations own system. By attacking its own security

system, vulnerabilities may be identified and fixed before they can be taken

advantage of by attackers. To help mitigate the damage from attacks, organizations

should keep backups of their data in an easily-retrievable format. This way, should

a cyber attack succeed in destroying data, files can be restored from the time of the

last backup.

Dept. Of Electrical & Electronics Engg. 16 G.P.T.C, Muttom

Seminar Report on Cyber Terrorism 2012-2013

CONCLUSION
After a thorough analysis on why Cyber Terrorism and Cyber Warfare

occur, the determination was that these events for the reason of bringing fear to the

public. Even though these acts can be politically motivated, the goal is still the

same. There are many different methods for such attacks, like using botnets or

denial of service to bring down popular targets; institutions and power grids. Even

with these methods of attack, the use of network security products, such as

firewalls and anti-virus, can greatly reduce the risk of being a victim of cyber

attacks.

Dept. Of Electrical & Electronics Engg. 17 G.P.T.C, Muttom

Seminar Report on Cyber Terrorism 2012-2013

REFERENCES
Behar, R. (2008, October 10). World Bank Under Cyber Siege in 'Unprecedented
Crisis'. Retrieved May 7, 2010, from
http://www.foxnews.com/story/0,2933,435681,00.html
Beidleman, S. (2009). Defining and deterring cyber war. Strategy Research
Project, Retrieved from
http://www.dtic.mil/srch/doc?collection=t3&id=ADA500795
Carney, J. (2010, January 29). Bank of America's Website Has Been Down All
Morning. Retrieved May 10, 2010, from
http://www.businessinsider.com/bank-of-americas-website-has-been-down-
all-morning-2010-1
Cyber Attack Techniques. (2009, May 28). Retrieved April 28, 2010, from
http://www.cybersecuritymarket.com/2009/05/28/cyber-attack-techniques/
Germain, J. M. (2008, April 29). The Art of Cyber Warfare, Part 1: The Digital
Battlefield. Retrieved April 20, 2010, from
http://www.ecommercetimes.com/story/62779.html
Germain, J. M. (2008, September 16). The Winds of Cyber War. Retrieved April
10, 2010, from http://www.technewsworld.com/story/The-Winds-of-Cyber-
War-64494.html
LaMonica, M. (2009, April 8). Report: Spies hacked into U.S. electricity grid.
Retrieved May 3, 2010, from http://news.cnet.com/8301-11128_3-
10214898-54.html
Lewis, J. (2002). Assessing the Risks of Cyber Terrorism, Cyber War and Other
Cyber Threats:. Retrieved April 30, 2010, from
http://csis.org/files/media/csis/pubs/021101_risks_of_cyberterror.pdf

Dept. Of Electrical & Electronics Engg. 18 G.P.T.C, Muttom

Seminar Report on Cyber Terrorism 2012-2013

Contents

INTRODUCTION .......................................................................................................................... 1

Purpose........................................................................................................................................ 3

Scope ........................................................................................................................................... 3

Methods and Procedures ............................................................................................................. 4

Cyber Terrorism .......................................................................................................................... 9

Cyber Warfare ............................................................................................................................. 9

Implication .................................................................................................................................... 10

METHODS AND TECHNIQUES ............................................................................................... 11

Cyber Attacks Increasing .......................................................................................................... 11

The Common Attack Methods .................................................................................................. 12

Popular Targets ......................................................................................................................... 12

CyberSecurity ............................................................................................................................... 13

CONCLUSION ............................................................................................................................. 17

REFERENCES ............................................................................................................................. 18

Dept. Of Electrical & Electronics Engg. 19 G.P.T.C, Muttom

Seminar Report on Cyber Terrorism 2012-2013

ABSTRACT

Cyber Terrorism and Cyber Warfare are considered a priority threat for

nations including the United States, China, and the United Kingdom. These attacks

can have devastating consequences on the welfare a nation and of its citizens. A

research team consisting of Andrey Lavochin, Frederick Le and Phillip Tran

collaborated to analyze the threat of Cyber Terrorism and Cyber Warfare. The

team’s goal was to identify the threats and techniques used in such tactics as well

as identify potential solutions. The research team concluded that there is not a be-

all-end-all remedy to Cyber Terrorism and Cyber Warfare but that there are

proactive measures that may be taken to reduce the frequency of attacks and

mitigate the damage they cause.

Dept. Of Electrical & Electronics Engg. 20 G.P.T.C, Muttom

Seminar Report on Cyber Terrorism 2012-2013

The problem of cyber terrorism is multilateral having varied facets and

dimensions. Its solution requires rigorous application of energy and resources. It

must be noted that law is always seven steps behind the technology. This is so

because we have a tendency to make laws when the problem reaches at its zenith.

We do not appreciate the need of the hour till the problem takes a precarious

dimension. At that stage it is always very difficult, if not impossible, to deal with

that problem. This is more so in case of offences and violations involving

information technology. One of the argument, which is always advanced to justify

this stand of non-enactment is that “the measures suggested are not adequate to

deal with the problem”. It must be appreciated that “something is better then

nothing”. The ultimate solution to any problem is not to enact a plethora of statutes

but their rigorous and dedicated enforcement. The courts may apply the existing

laws in a progressive, updating and purposive manner. It must be appreciated that

it is not the “enactment” of a law but the desire, will and efforts to accept and

enforce it in its true letter and spirit, which can confer the most strongest, secure

and safest protection for any purpose. The enforcement of these rights requires a

“qualitative effort” and not a “quantitative effort”. Thus, till a law dealing

expressly with cyber terrorism is enacted, we must not feel shy and hesitant to use

the existing provisions.

Dept. Of Electrical & Electronics Engg. 21 G.P.T.C, Muttom