Guest blogger Anthony Marszalek discusses in depth some of the concerns with cyber warfare and the ideas on how it exists (if it exists). He also discusses cyber terrorism and tries to make a distinction between the two. Mr. Marszalek is a student at Purdue University Calumet and we thank him for allowing us to post his work. You can download a PDF of his paper here. – Sam.
Cyber Warfare and Cyber Terrorism are a growing threat in today’s world. As technology advances, there are more and more ways that this new technology can be taken advantage of. Being aware of what Cyber Warfare and Cyber Terrorism is and how it can affect a person, community, city, or even a nation could help prevent Cyber Warfare or Cyber Terrorism from occurring.
What is Cyber Warfare and Cyber Terrorism?
Cyber Warfare is using computers over the Internet to conduct acts of warfare against other websites or groups on the Internet. This could include defacing websites, distributed denial of service attacks, distributing propaganda, and gathering classified data over the Internet. Cyber Terrorism is different from Cyber Warfare. Cyber Warfare can be inconvenient from having to clean up a website from vandalism or suffering from downtime because of a denial of service attack. With Cyber Terrorism, violence can result from an attack.
According to Mark Pollitt of the Federal Bureau of Investigation (1997), the definition of Cyber Terrorism is, “the premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against noncombatant targets by subnational groups or clandestine agents” (p.285-289). This definition according to Verton (2003), “covers both cyber terrorism and terrorism in general” (p.27), he continues on that, “not only can systems be attacked through cyber means, but also attacking the physical hardware that makes up computer systems” (p.27).
Cyber Warfare and Cyber Terrorism have both similarities and differences. They are similar in that both involve using computer systems against other computer systems, although with Cyber Terrorism the physical system can also be targeted. They are both different because in Cyber Terrorism, violence can occur, such as people be can be hurt or killed. Several questions need to be answered to understand Cyber Warfare and Terrorism. Some of these questions are, why would these attacks occur, what are the reasons for these attacks, who performs these attacks, and who is affected by these attacks?
Understanding Cyber Warfare and Cyber Terrorism
Why do these Attacks Occur, Who Performs these Attacks, and the Reasons for
Answering the questions, why these attacks occur, who performs these attacks, and the reasons for these attacks will give an insight into Cyber Warfare and Cyber Terrorism. There are many reasons why these attacks occur. Probably one of the main reasons is to state a goal or objective that disagrees with a view of another community. For example, an anti-abortion group defacing an abortion clinic’s website, or performing a denial of service against a website so that people cannot access it and receive information from it. These would be acts of Cyber Warfare. Mostly with Cyber Warfare though, some of the defacement and denial of service attacks will come from people who just do that sort of thing for fun because they think they can.
With Cyber Terrorism, these attacks occur because of numerous reasons. The word terrorism itself has the word terror in it, which means to strike fear and dread into an individual. There have been many Terrorism attacks throughout history, including the one on September 11, 2001. With Cyber Terrorism, it uses that fear and dread by utilizing it over the Internet to attack computer systems that control numerous things, hacking government websites and stealing top secret information that could be used against that government by the terrorists. Similar to Cyber Warfare, most terrorist goals, besides striking fear into other groups and nations, is to convey a political message to the government or nation that they oppose.
Who is affected by these attacks and what are some examples?
By answering the question of who is affected and what are some examples of Cyber Warfare and Cyber Terrorism, it will bring a better view of who the victims are in these cyber attacks. With Cyber Warfare, any website on the Internet and the people who are affiliated with them can be affected by Cyber Warfare attacks. Going back to the previous example of the abortion clinic, not only has the website been defaced by an anti-abortion group, it effects the people who run the website, mainly those of the abortion clinic, and people who support abortion can be affected by this act of vandalism. Also depending on the intensity of the vandalism, the clinic itself can lose credibility. On the other side of this spectrum, the people who are against abortion are pleased with the results.
Another example of who is affected by Cyber Warfare would be going back to the denial of service attack against a website. Say this website is a bank website, and a hacker performs a denial of service attack against this website. The website can now not be accessed by its patrons, causing them not to be able to access their accounts, forcing them to physically go to the bank to perform their daily transactions, increasing the business of the bank with lots of unhappy patrons. This also affects the reputation of the banks online security, possibly scaring people out of that bank and into another bank where they may feel more secure. On a side note, this attack could have been performed by a rival bank to scare people out of one bank and having them come to their bank. These are just a few possible ways of Cyber Warfare.
With Cyber Terrorism a small amount of people can be affected, or entire nations can be affected. An example that Verton (2003) gives is in 2001 when an Australian man used the Internet and stolen control software to release one million liters of raw sewage into public parks (p.27). The reason behind this was to get back at a company that would not hire him, so he got back at the community and the company by releasing the sewage. This was not as much of a terror attack as a revenge attack, but it made the community aware that some government and local utility systems are not safe, and can be utilized against them. Also, with the release of the sewage, some of the animals and marine life in the area were killed (p.27).
A more sinister Cyber Terrorism plot that was foiled would have occurred sometime in 1996 in London (2003). Members of the Irish Republican Army (IRA) were planning to blow up and destroy six key electric substations in London (2003). Had the IRA succeeded in their goal, they would have disrupted power to major portions of London for months (2003). To figure out which substations to bomb, they used libraries and open sources of information to select key nodes that would impact the grid the most (2003). This example would have been a terror attack and would have stuck fear into the people of London. This would also be an example of a physical attack on computer systems.
Ways to prevent and fight Cyber Warfare and Cyber Terrorism?
There is no way to be completely secure from any type of Cyber Warfare or Cyber Terrorism attack. The more security a computer system has in place, the easier it can become to attack this system. For Cyber Warfare, one has to deal with securing information systems, including computer networks, and all the data of a corporation or government entity, having a good IT security team and security plan will help protect the company’s data. For Cyber Terrorism, physical systems need to be guarded, and if they are high priority targets subject to attack, the appropriate measures to secure this data need to be in place.
To combat Cyber Terrorism in the United States, the U.S. Department of Defense made the United Stated Strategic Command in charge of dealing with Cyber Terrorism, and it established through the Joint Task Force-Global Network operations (Wikipedia). Other governments should also set up Cyber Terrorism divisions and come up with some sort of plan in case a Cyber Attack on their nation was to occur.
In conclusion, Cyber Warfare and Cyber Terrorism are a growing threat in this world. More and more groups are becoming aware of the possibility of Cyber Warfare and Cyber Terrorism. Cyber Terrorism has been occurring within the last twenty years and as time progresses and more and more nations become even more computerized, there will be more and more attacks through cyberspace. Although hard, it is possible to try and combat cyber terrorism through the securing of systems, but there will always be an exploit someplace whether it’s through the computer or through the gullible user. Cyber Terrorism and Cyber Warfare are a looming threat in this technologically advancing world.
Cyber-Warfare. Wikipedia. Retrieved on April 25, 2008, from http://en.wikipedia.org/wiki/Cyber- warfare
Pollitt, M.M. (1997, October). Cyberterrorism: Fact or Fancy? Proceedings of the 20th National Information Systems Security Conference, 285-289
Verton, D (2003). Black Ice: The Invisible Threat of Cyber-Terrorism, 27-28