This week is a guest article submitted by Irish security consultant Terry Conlon. This is a deep and technical subject but one which is is worthwhile for every security professional to take an interest in. While it is still a considered relatively low likliehood risk for many businesses it is certainly a high impact occurrence and one which presents a high level of vulnerability across many Irish and European businesses. I wont interrupt this one with my rantings so I’ll leave it to Terry to present the subject.
Terrorist groups have invaded cyberspace and established a battleground. Moreover, terrorists no longer rely on the utilization of military force, as an alternative, they have become savvier, and their techniques have a technological point of reference. Besides, the practices of terrorists are not restricted to the use of propaganda and fundraising. They have extended their field through sabotaging online infrastructure from any location globally (NATO & Centre of Excellence Defence Against Terrorism, 2008). This new form of terrorism is not directly open as the individuals committing the crime tend to hide their actual identity. As such, it is essential to consider the adoption of different measures, which can help in addressing this form of crime. This report will discuss the nature and scale of cyber-terrorism and initiatives that can be adopted to address the issue.
The rapid growth of technology has been considered beneficial to humans, but it has also led to the rise of cyber-terrorism, which is one of the most dangerous international threats. Cyber-terrorism attacks have become one of the most pressing issues because of the deficiency of an international treaty that is consistent to resolve the problem (Verton, 2003). Cyber-terrorism emerges as one of the fastest growing threats to individuals, private organisations, as well as nations. Cyber-terrorism refers to an attack that focuses on using electronic means to break in and severely interfere with the use of critical infrastructure. In this case, critical infrastructure refers to services, facilities, and networks, which can produce severe problems to the public economy, environment, or health in case it remains offline for a long duration. Cyber threats are emerging to challenge public trust as well as confidence in global institutions, norms, and governance while inflicting costs on the United States and the international economies.
As the internet continues to offer new and alternative means of aiding crime, there is a need for security agencies to widen their scope in dealing with the crime. Through the use of the dark web, where there is anonymity, it is easy for individuals to purchase anything using cryptocurrencies. The availability of digital currencies has helped in necessitating terrorists to carry out different transactions without being discovered. The illegal use of digital currencies is on the rise and is likely to increase with the growth of cyber-terrorism. In reaching a common understanding in addressing cyber-terrorism threats, the comprehensive solutions provided by the international treaties need to be considered first while looking at the available options against transnational cyber threats. Emanating from the reasoning that cyber-terrorist attacks are carried out in different countries, the process of prosecution is difficult. Thus, the attacked country is likely to invoke international law in seeking justice for the resulting damages. Although countries should establish legal self-regulatory mechanisms for dealing with the misuse of new technologies, the mechanisms should be supported by international agreements as well as appropriate national legislation.
Cyber-terrorism is fast growing in the international arena since it is cheaper compared to the traditional terrorist approaches (Tehrani, 2017). The terrorists prefer cyber-terrorism because all that they require is a personal computer fed with an internet connection. When being involved in cyber-terrorism practices, terrorists do not need to purchase weapons such as explosives and guns. Alternatively, the rate of cyber-terrorism has increased at an alarming speed due to the anonymity that the cyberspace provides. Terrorists do not desire to act in the open because they need to hide their actions from their targets. The cyberspace has helped in providing the anonymity needed leading to many terrorists shifting to the use of the internet to carry out their activities. Furthermore, the numbers of targets are numerous on the cyberspace. For instance, the cyber-terrorists may have an intention of attacking computers and computer networks for individuals public utilities.
Nature and Scale of Cyber-Terrorism
Cyber-terrorism entails the convergence of terrorism and cyberspace. The aspect is understood as an act that is executed through cyberspace by people, groups, or agencies that are directly influenced by certain terrorist movements (Gustin, 2004). The practice is also encouraged by the desire to realise ideological or political transformation. In an attempt to establish approaches that can assist in fighting cyber-terrorism efficiently, two main forms of cyber-terrorism threat must be distinguished. The two forms are hybrid cyber-terrorism and true cyber-terrorism. Hybrid cyber-terrorism focuses on the use of the internet to support terrorist practices such as radicalisation, training, communication, data mining, enrollment, misinformation, as well as planning for the actual assail of terrorists.
The internet is utilised by terrorists as well as their organisations to spread and control their propaganda via information warfare, to carry out psychological warfare and to recruit new members across the globe. For instance, DAESH or the Islamic State had different media agencies in its central media command and 37 media offices in distinct countries (Tehrani, 2017). Alternatively, Al-Qaeda has been involved in forming a media referred to as As-Sahab and online magazines such as Inspire and Resurgence in an attempt to reinforce their propaganda (Blane, 2003). Besides, terrorist agencies have been utilising the Telegram application because of its encryption and security. Moreover, they have used the Telegram since the end of 2015 emanating from the closure of Twitter and Facebook accounts belonging to the agencies associated with the acts of terrorism. In the conduct of psychological warfare, United Cyber Caliphate has been involved in the distribution of posters threatening Egypt and the U.S.
Terrorist agencies and groups have made use of social media platforms and encrypted messaging applications such as Whatsapp, Wickr, online gaming chat rooms to convey messages and support private communications. Thus, terrorists have used digital platforms for planning and organising physical attacks and coordination of hacking operations. For example, VoIP phone services were utilised in the Mumbai attacks in 2008 (Tehrani, 2017). The terrorists have also used social media sites and blogs to solicit funds. In this case, fundraising for terrorist associated activities is no longer carried out through charity organisations to hide their activities. However, almost every form of fundraising is carried out through digital platforms. The use of digital currencies such as bitcoin has helped in funding terrorist activities. For instance, a discovery was made by the Indonesian security forces where a financial transmission was made by an IS operative to another party through the use of bitcoin. The Arm Us campaign and The YourSonsatYourService campaigns can be considered as examples of fundraising done by terrorist groups through social platforms.
Furthermore, terrorists have been involved in the use of the internet for mining data in an attempt to gather information concerning a particular place and individuals who are in most cases targets for attacks or recruitment. For instance, in the case of 9/11 attacks, the al-Qaeda terrorist group made use of the internet to gather information such as flight times as well as to share data and coordinate their operations (Janczewski & Colarik, 2008). Presently, DAESH and other terrorist organisations make use of social media platforms to support the selection of individuals for recruitment and radicalisation process. Recruiters tend to categorise possible targets through checking Facebook profiles as well as informal threads and assess whether the people being scrutinised are real sympathisers. The recruiters conduct further assessment by adding target individuals as friends and involve them in private conversation once they are sure that the target individuals can be trusted.
On the other hand, real cyber-terrorism is concerned with the direct attacks of terrorists on a victim’s cyberinfrastructure to achieve religious, political, and ideological goals. In this case, the cyberinfrastructure includes computers, networks, as well as stored information in a given platform or system (Chen, Jarvis & Macdonald, 2014). Pure cyber-terrorism may be grouped into destructive and disruptive cyber-terrorism. Destructive cyber-terrorism entails the corruption and exploitation of information systems operation to damage material as well as virtual assets. In this type of cyber-terrorism, the most fashionable weapon comprises the utilisation of computer worms and viruses. Alternatively, disruptive cyber-terrorism focuses on hacking to take down websites and interrupt the healthy daily life, which relies on the critical infrastructure that supports different important life aspects.
The scope of cyber-terrorism can be indicated as an international issue. The nature of the internet offers users with the ability to disguise their identity, this results in inherent difficulties in establishing the nations that fail to prevent an attack from being introduced within their borders. Thus, there is a need for states to cooperate with each other to share information. Terrorist groups have moved away from the use of conventional attacks and have embraced cyber attacks because the cyberspace helps them in launching attacks from far distances and disregard the existence of borders and physical barriers. The cyberspace has been considered fertile ground for terrorist activities because it disregards the boundaries available from one state to another. Therefore, terrorists can generate fear across societies. Alternatively, cyber-terrorism constitutes an international crime, which implies that there is a need to use international law in addressing the crime. Although different countries have established varying laws to help in addressing various forms of cyber attacks, cyber-terrorism included, there is need to use the provisions of the international law in addressing the crime since cyber-terrorism is not a national issue, but a global concern.
From the nature of cyber-terrorism, it is apparent that critical infrastructures used by individuals in society are affected. When critical infrastructures are affected, it implies that individuals cannot access essential services or products. One of the socioeconomic impacts of cyber-terrorism is that it affects the delivery of essential services to the community (O’Day, 2005). This being the case, it implies that the healthy lifestyle of individuals is affected by cyber-terrorism. For instance, in case the medical infrastructure of a country is under the control of cyber-terrorists, it implies that individuals in the society are likely to be denied the right to access health services as required. This may force individuals to seek health services from neighbouring countries or the private sector. This is an indication that individuals in the society, where terrorists have captured the medical infrastructure, are likely to pay high costs to access medical services. Such a move is likely to affect the economy as well as social welfare of individuals. In instances where terrorists access the transport infrastructure, the public is likely to experience difficulties moving from one point to another. In such a case, individuals may be affected economically and socially since they would not move to their workplaces. This implies that they may be economically worse since they cannot carry out their businesses as usual. As people lack the means to satisfy their needs, some of them may result in being involved in crimes so that they can make money to buy the resources they need. Thus, the rate of crimes may increase in society in instances where cyber-terrorists capture the critical infrastructures for an extended duration.
The potential threat in the national security environment may involve cyber attacks on the command and control capabilities of the U.S. military (Janczewski & Colarik, 2005). In case the command and control capabilities become attacked, it may become difficult for the military to operate in a time of war. For instance, through attacking the command and control capabilities, the military forces may be left disconnected from each other during a time of war. Moreover, the attack on the command and control capabilities of the military may lead to officers being directed to make shootings in wrong directions. This implies that a country may lose the war as a result of the national security infrastructure being hijacked by cyber-terrorists. The effects of losing a war may affect individuals adversely both economically and socially.
Furthermore, cyber-terrorists may use cyberspace to influence the functioning of personal information. For instance, cyber-terrorists may capture banking information about a particular client to obtain critical data that may affect the financial status of the individual. In such a scenario, a client may be forced to provide resources or any details, which the cyber-terrorists may need (Akhgart, 2014). In some cases, the hacking of the financial information of a client may lead to loss of financial status that an individual may have since the client may be required by the terrorists to pay them a certain amount to release the information they possess.
Recommendations for Fighting Cyber-Terrorism Internationally
One of the recommendations that can help in addressing the issue of cyber-terrorism internationally is the development of a legislative framework. There is a need to enact internet regulations based on the different threats posed by cyber-terrorism. The regulations should include the monitoring of social media platforms in an attempt to detect, deter, and respond to any possible spreading of radicalisation communication and propaganda among individuals and well-recognised terrorist groups (Ching, 2010). However, in the development of the legislative framework, adequate mechanisms should be put in place to allow the freedom of privacy and expression. Besides, monitoring must be performed with integrity and uniformity targeting terrorists and other people who pose a danger to security.
Another recommendation is having international cooperation among different states. There is a need to coordinate action and conclude agreements with other nations concerning crimes associated with cyber-terrorism. For instance, countries need to exchange information to prevent operations of cyber-terrorists. States must also consider exchanging best actions and lessons that they have learned in addressing cyber-terrorism. This will help countries that have never experienced cyber-terrorism to have an idea of the strategies that they can apply to address the issues associated with cyber-terrorism. In exchange for information, they will need to regulate how information is exchanged.
Furthermore, there is a need for national partnerships. When it comes to security issues, different nations tend to have varying stakeholders involved in security matters. This means that every nation has to strengthen how all the stakeholders carry out their responsibilities. Alternatively, there is a need for forming strong partnership ties amid security stakeholders from one nation to another. The partnerships among security stakeholders from different countries would be critical in ensuring that there are proper coordination and exchange of information from one country to another. This would facilitate the development of appropriate strategies, which countries can adapt to address crimes associated with cyber-terrorism.
Moreover, international laws developed by the global community agencies such as the United Nations should be reviewed. International law is inadequate since it fails to address all the issues associated with cyber-terrorism (Reich & Gelbstein, 2012). This being the case, there is a need to review the international law and include different concerns associated with cyber-terrorism.
Cyber-terrorism has been associated with different threats to individuals and society. The main tools used by cyber-terrorists are computers and internet connection. This has made terrorists move away from the traditional approach to terrorism to the adoption of new attacks that make use of the cyberspace. Through the use of the internet, terrorists are in a position to hide their identity and coordinate their attacks with great privacy. As the internet continues to offer new and alternative means of aiding crime, there is a need for security agencies to widen their scope in dealing with the crime. Through the use of the dark web, where there is anonymity, it is easy for individuals to purchase anything using cryptocurrencies. Indeed, the availability of digital currencies has helped in necessitating terrorists to carry out different transactions without being discovered. The illegal use of digital currencies is on the rise and is likely to increase with the growth of cyber-terrorism. The scope of cyber-terrorism can be indicated as an international issue. The nature of the internet offers users with the ability to disguise their identity, which results in inherent difficulties in establishing the nations that fail to prevent an attack from being introduced within their borders. Thus, states need to cooperate with each to share information to attribute attackers. Moreover, they should enact internet regulations based on the different threats posed by cyber-terrorism. The regulations must include the scrutiny of social media tools in an attempt to notice, dissuade, and respond to any possible spreading of radicalisation, contact, and misinformation among individuals and well-known terrorist groups.
Cyber terrorism is one of those subjects many fear because they dont know enough about it. Knowledge is power as they say and I would like to express my gratitide to Terry once again for bringing this insightful piece to us this week. As always if you are involved in the security indsutry and are interested in submitting an article for publication please feel free to send it in.
References and further reading
Akhgar, B., Bosco, F. M., Elliot, S., Kumaraguruparan, P., Rearick, B., Rogers, M., & Staniforth, A. (2014). Cybercrime and cyber terrorism investigator’s handbook. Waltham, Massachusetts: Elsevier.
Blane, J. V. (2003). Cybercrime and cyberterrorism: Current issues. New York, NY: Novinka Books.
Chen, T. M., Jarvis, L., & Macdonald, S. (2014). Cyberterrorism: Understanding, assessment, and response. New York: Springer.
Ching, J. (2010). Cyberterrorism. New York, NY: Rosen Central.
Gustin, J. F. (2004). Cyber terrorism: A guide for facility managers. Lilburn, Ga: Fairmont Press
Janczewski, L., & Colarik, A. M. (2005). Managerial guide for handling cyber-terrorism and information warfare. Hershey PA: Idea Group Pub.
Janczewski, L., & Colarik, A. M. (2008). Cyber warfare and cyber terrorism. Hersey: Information Science Reference
NATO & Centre of Excellence Defence Against Terrorism. (2008). Responses to cyber terrorism. Amsterdam, Netherlands: IOS Press
O’Day, A. (2005). Cyberterrorism. Burlington, VT: Ashgate. Top of Form
Reich, P. C., & Gelbstein, E. (2012). Law, policy, and technology: Cyberterrorism, information warfare, and Internet immobilization. Hershey, PA: Information Science Reference.
Tehrani, P. M. (2017). Cyberterrorism: The legal and enforcement issues. New York: Wiley & Sons.
Verton, D. (2003). Black ice: The invisible threat of cyber-terrorism. New York: McGraw-Hill/Osborne.