Академический Документы
Профессиональный Документы
Культура Документы
TERMS Cyber terrorism The use of the Net for terrorism. Cyber crime The use of the Net for criminal actions. Cyber Attacks Email bombs, viruses, intentional actions. Information Warfare Formalized governmental warfare Netwar Conducting warfare via Networks & the Net Techno Terrorism Use of technology by terrorist groups
Contains two elements:Cyber-Space Terrorism Premeditated Politically motivated Attack against information, computer systems, computer programs and data Result in violence
CYBER-TERRORISTS Terrorist: ..one who causes intense fear; one who controls, dominates, or coerces through the use of terror in furtherance of political or social objectives. Cyber-Terrorist: An individual that uses computer\network technology (i.e., networks, computers, Internet) to cause intense fear; one who uses computer\network technology to control, dominate, or coerce through the use of terror in furtherance of political or social objectives.
Personalities and Location can be hidden No Security to go through Remotely Vast Destruction can be done Big targets can be attacked
Forms of CYBER-TERRORISM Privacy Violation: The law of privacy is the recognition of the individual's right to be let alone and to have his personal space inviolate. The violation of this attracts both civil as well as criminal consequences under the respective laws. Man has become sensitive to publicity, so that solitude and privacy have become essential to the individual. Certain acts have been categorized as offences and contraventions, which have tendency to intrude with the privacy rights of the citizens
Secret information appropriation and data theft: The information technology can be misused for appropriating the valuable Government secrets and data of private individuals and the Government and its agencies. A computer network owned by the Government may contain valuable information concerning defence and other top secrets, which the Government will not wish to share otherwise. The same can be targeted by the terrorists to facilitate their activities, including destruction of property. NOTE: The definition of property is not restricted to moveable's or immoveable
Demolition of E-governance Base: The aim of e-governance is to make the interaction of the citizens with the government offices hassle free and to share information in a free and transparent manner. It further makes the right to information a meaningful reality. In a democracy, people govern themselves and they cannot govern themselves properly unless they are aware of social, political, economic and other issues confronting them. To enable them to make a proper judgment on those issues, they must have the benefit of a range of opinions on those issues
Distributed denial of Service Attack The cyber terrorists may also use the method of distributed denial of services (DDOS) to overburden the Government and its agencies electronic bases. This is made possible by first infecting several unprotected computers by way of virus attacks and then taking control of them. Once control is obtained, they can be manipulated from any locality by the terrorists. These infected computers are then made to send information or demand in such a large number that the server of the victim collapses.
Network packet sniffers A packet sniffer is a software application that uses a network adapter card in promiscuous mode to capture all network packets that are sent across a local-area network and send that to an application for processing IP spoofing An IP spoofing attack occurs when an attacker outside your network pretends to be a trusted computer wish to access to specified resources on your network
What would the Impact be? The intention of a cyber terrorism attack could range from economic disruption through the interruption of financial networks and systems or used in support of a physical attack to cause further confusion and possible delays in proper response Direct Cost Implications: Loss of sales during the disruption Staff time, network delays, intermittent access for business users Increased insurance costs due to litigation Loss of intellectual property - research, pricing, etc. Costs of forensics for recovery and litigation Loss of critical communications in time of emergency Indirect Cost Implications Loss of confidence and credibility in our financial systems Tarnished relationships & public image globally Strained business partner relationships - domestic and internationally Loss of future customer revenues for an individual or group of companies Loss of trust in the government and computer industry Terrorists Groups are generally defined in 3 ways: Simple unstructured: Conduct basic hacks against individuals using tools created by someone else. Little command and control. Advanced structured: Conduct more sophisticated attacks against multiple systems or networks and possibly the ability to create or modify tools. Elementary command and control.
Complex coordinated: Capability for coordinated attacks causing mass disruption, integrated defenses including cryptography, Ability to create sophisticated hacking tools. Highly capable command and control
Effects Cyber terrorism can have a serious large-scale influence on significant number of people. It can weaken countries' economy greatly, thereby stripping it of its resources and making it more vulnerable to military attack. Cyber terror can also affect internet-based businesses. Like brick and mortar retailers and service providers, most websites that produce income (whether by advertising, monetary exchange for goods or paid services) could stand to lose money in the event of downtime created by cyber criminals.
Danger Cyber terrorists can destroy the economy of the country by attacking the critical infrastructure in the big towns such as electric power and water supply, still the blackout of the North Western states in the US in Aug. 15, 2003 is unknown whether it was a terrorist act or not, or by attacking the banks and financial institutions and play with their computer systems. Cyber terrorists can endanger the security of the nation by targeting the sensitive and secret information (by stealing, disclosing, or destroying). With the Internet they target, plan, coordinate and execute attacks.
Examples Terrorists in Romania gained access to the computers controlling the life support systems at an Antarctic research station, endangering the 58 scientists involved Fluffi Bunni defaced web sites numbering in the thousands by redirecting the sites to a page created by himself. The message was Fluffi Bunni Goes Jihad. The Internet is used as a propaganda tool by Hizbullah, which manages three World Wide Web sites its central press office, another to describe its attacks on Israeli targets, and the last for news and information The official web site of the Presidential Palace of How can we protect ourselves? All accounts should have passwords and the passwords should be unusual, difficult to guess Change the network configuration when defects become visible Check with venders for upgrades and patches Audit systems and check logs to help in detecting and tracing an intruder If you are ever unsure about the safety of a site, or receive suspicious email from an unknown address, don't access it Risk Management Periodically conduct an information security risk evaluation that identifies critical information assets
Security Architecture & Design User Accountability and Training Adequate Expertise System & Network Management Software Integrity Backups Authentication & Authorization
Indian Laws In India there is no law, which is specifically dealing with prevention of malware through aggressive defense. Thus, the analogous provisions have to be applied in a purposive manner. The protection against malware attacks can be claimed under the following categories: Protection available under the Constitution of India Protection available under other statutes 1.Protection under the Indian Penal Code (I.P.C), 1860 2.Protection under the Information Technology Act (ITA), 2000
Conclusion Solution requires rigorous application of energy and resources. It must be noted that law is always seven steps behind the technology. This is so because we have a tendency to make laws when the problem reaches at its zenith. We do not appreciate the need of the hour till the problem takes a precarious dimension. At that stage it is always very difficult, if not impossible, to deal with that problem. This is more so in case of offences and violations involving information technology. One of the argument, which is always advanced to justify this stand of non-enactment is that the measures suggested are not adequate to deal with the problem.
to new forms of terrorism ranging from cyber attacks to attacks on military bases abroad to ballistic missile attacks on U.S. cities.
Wars in the 21st century will increasingly require all elements of national power not just the military. They will require that economic, diplomatic, financial, law enforcement and intelligence capabilities work together.
Discussion
Critical Infrastructures Terrorist Internet Exploits Tactics and Strategy
Critical
Infrastruc tures
Where the Crown Jewels Are
Coast Insider 46 intrusions over 2 month period Release of sewage into parks, rivers Environmental damage
Internet probes from Saudi Arabia, Indonesia, Pakistan Casings of web sites regarding emergency telephone systems, electrical generation and transmissions, water storage and distribution, nuclear power plants and gas facilities Exploring digital systems used to manage these systems
Why Cyber
National Security Reduce the U.S.s ability to protect its interests Public Psyche Erode confidence in critical services and the government Economic impact Damage economic systems Enhancement of Physical Attacks Physical damage/distraction efforts Asymmetric Warfare Lack of attribution, low cost/high potential impact
Globalization of infrastructures = vulnerability Anonymous access to infrastructures via the Internet and SCADA Interdependencies of systems make attack consequences harder to predict and more severe Malicious software is widely available and does not require a high degree of technical skill to use More individuals with malicious intent on
Vulnerability Types
Computer based Poor passwords Lack of appropriate protection/or improperly configured protection Network based Unprotected or unnecessary open entry points
Personnel based Temporary/staff firings Disgruntled personnel Lack of training Facility based Servers in unprotected areas Inadequate security policies
Al-Qaeda
Al-Qaeda laptop found in Afghanistan contained: Hits on web sites that contained Sabotage Handbook
Handbook Internet tools, planning a hit, anti-surveillance methods, cracking tools Al-Qaeda actively researched publicly available information concerning critical infrastructures posted on web sites
Terrorist
Terrorists
Attention must be paid to studying the terrorists: Ideology History Motivation Capabilities
by disrupting activities, undermining confidence, and creating fear In the future, cyber terrorism may become a viable option to traditional physical acts of violence due to: Perceived anonymity Diverse targets Low risk of detection Low risk of personnel injury Low investment Operate from nearly any location Few resources are needed
Cyber terrorism
DoS
DDoS WWW Defacement Defacement to embarrass Content modification to convey message Content modification as component of disinformation campaign
Data modification Information gathering Compromised platform : Launch pad for attacks Jump off point for other compromises Target Research and Acquisition Internet makes significant amounts of data instantly and anonymously accessible
Hacktivism
Hacktivism is hacking with a cause and is concerned with influencing opinions on a specific issue. Example: ELF hacks into the web page of a local ski resort and defaces the web page. This is done to reflect the groups
information necessary to construct weapons, obtain false identification Use Internet as a communications tool via chat rooms, BBS, email Hijackers utilized cyber cafs to communicate via Internet and order airline tickets
Cyberterrorism
Cyberterrorism is a criminal act perpetrated by the use of computers and telecommunications capabilities, resulting in violence, destruction and/or disruption of services to create fear by causing confusion and uncertainty within a
given population, with the goal of influencing a government or population to conform to a particular political, social, or ideological agenda.
Technical Feasibility
Crime top priorities FBI recruitment of engineers and computer scientists critical skills Increasing agents dedicated to cyber crime Creation of Cyber Task Forces in field offices
Felony to hack into computer used in furtherance of national security or national defense
Share with DOJ for criminal prosecution Permits roving surveillance FISA orders for intelligence allowed if there is a significant reason for application rather than the reason Authorizes pen
register and trap and trace orders for email as well as telephone conversations
International Investigation s
Cyber Evidence in USA MLAT Request Joint FBIForeign Police Investigation Legal Subpoena Cyber Terrorism
Conclusion
Our national security, databases, and economy are extremely dependent upon automation Therefore, there exists a target rich environment for
those who would do harm via the Internet Our critical infrastructures require joint private/public efforts to protect them
The threat of terrorist attacks against U.S. citizens and U.S. interests around the world has become the nations most pressing national security issue. This aggression may include cyber attacks by the
Even more likely are cyber attacks by sympathizers of the terrorists, hackers with general anti-US or anti-allied sentiments, or
What Do We Know?
Cyber attacks are increasing in volume, sophistication, and coordination Cyber attackers are attracted to high-value targets Many, if not most, targets would probably be commercial computer and communications systems
Cyberwar Strategies
The basic elements are:
Hacking
Mass disruption can be unleashed over the internet, but Attackers first must compromise private and secure networks
They can crack systems that might withstand casual assault Will use more sophisticated tactics
Serious IW attackers would not reveal their activities until it is absolutely necessary
Corporations
News organizations Telephony suppliers Component suppliers (boots, food, radios, etc.) Civilian consulting companies Government funds tied up in commercial banks Pharmacies, hospitals, clinics Drug companies (vaccines, antibiotics)
For 11 days in Feb 2001, a development server at cal-ISO electricity exchange was left connected to the internet and was being quietly hacked
Transportation systems
A foreign adversary could significantly hinder U.S. Forces in reaching, say, the Persian gulf or Taiwan straits by attacking the computers at commercial harbor facilities used to ship ammunition or the air traffic control system that would be needed to support and airlift personnel and supplies (Bruce Berkowitz)
Water authorities
Low barriers to entry laptops cost a lot less than tanks Complex societies are dependent on computers and networks Computer disruption has economic, logistical, and emotional effect Paralysis caused by computer outages levels the playing field for less-wellequipped countries
Educate senior management on risks of cyberwarfare Make infosec a top priority Beef up your security technology Insist on flawless execution: compliance to security standards in all areas
Maintain high alert & vigilance Update OS and applications regularly Enforce strong passwords Lock down" systems Keep anti-virus software installed and up-to-date Employ intrusion detection systems and firewalls
Selected Sources
Berkowitz, Bruce, Information Warfare: Time to Prepare. Issues in Science and Technology, Winter, 2000. http://www.nap.edu/issues/17.2/berkowi tz.htm Gaudin, Sharon, Protecting a net in a time of terrorism, Network World, 09/24/01.
http://www.nwfusion.com/archive/2001/125 631_09-24-2001.html
Cyber Attacks During the War on Terrorism: A Predictive Analysis. Dartmouth Institute for Security Technology Studies.
http://www.ists.dartmouth.edu/ISTS/countert errorism/cyber_attacks.htm
Bickers, Charles, Innovation, Cyberwar, Combat on The Web. Far Eastern Economic Review, August 16, 2001 Risks Digest. http://catless.ncl.ac.uk/Risks
I. Introduction