Case Study On Cyber Terrorism
Case Study On Cyber Terrorism
Case Study On Cyber Terrorism
Why Cyber:
Why would a terrorist decide to use the Internet, rather than using the usual
methods of assassination, hostage taking and guerrilla warfare?
Part of the problem is that terrorist may come to realize that removing one
official from office only causes another to take the officials place, which may
not cause the result the terrorist wished to achieve. By using the internet the
terrorist can affect much wider damage or change to a country than one could
by killing some people. From disabling a countries military defence to shutting
off the power in a large area, the terrorist can affect more people at less risk to
him or herself, than through other means.
Public interest in cyber terrorism began in the late 1980s. As the year 2000
approached, the fear and uncertainty about the millennium bug heightened
and interest in potential cyber terrorist attacks also increased. However,
although the millennium bug was by no means a terrorist attack or plot against
the world or the United States, it did act as a catalyst in sparking the fears of a
possibly large-scale devastating cyber-attack. Commentators noted that many
of the facts of such incidents seemed to change, often with exaggerated media
reports.
The high profile terrorist attacks in the United States on September 11, 2001
led to further media coverage of the potential threats of cyberterrorism in the
years following. Mainstream media coverage often discusses the possibility of
a large attack making use of computer networks to sabotage critical
infrastructures with the aim of putting human lives in jeopardy or causing
disruption on a national scale either directly or by disruption of the national
economy.
Authors such as Winn Schwartau and John Arquilla are reported to have had
considerable financial success selling books which described what were
purported to be plausible scenarios of mayhem caused by cyberterrorism.
Many critics claim that these books were unrealistic in their assessments of
whether the attacks described (such as nuclear meltdowns and chemical plant
explosions) were possible. A common thread throughout what critics perceive
as cyberterror-hype is that of non-falsifiability; that is, when the predicted
disasters fail to occur, it only goes to show how lucky we've been so far, rather
than impugning the theory.
Hackers as a terrorist:
Criminals, for the most part, are motivated by greed and power, and
computers are the hottest crime tool enabling that today. Cybercrime is a very
serious matter, and unless it can be gotten under control, it may mutate into a
very real, very dangerous national security issue with potentially catastrophic
ramifications. Cybercrime may also mutate into or enable cyberterrorism.
Terrorist organizations surely can find a number of highly trained, intelligent,
and computer-literate people who are in agreement with their cause, and even
if they can't, a cash-rich terrorist organization can surely afford to purchase
cyber criminal botnets or obtain the services of high-level organized crime.
Regardless of whether cyber terrorism will become the future's most prevalent
form of terrorism (a debatable issue in many circles, and dependent mainly
upon whether the field of terrorism studies ever figures out whether the
"status" or demographics of the perpetrator is as equally important as the
"nature" of the act), it can be safely said that hackers, like terrorists, tend to
work in asymmetric, non-hierarchical formation, which means that they do not
have organizations like gangs and so forth. The concept of net war might or
might not be useful at explaining these new kinds of formations. Although the
concept of net war is at odds with traditional forms of organization, criminal
networks tend to have the following types of members, which can be
compared to the components of a terrorist cell:
Netwar:
Netwar is the most likely way cyber terrorists would operate. They have an
interest in getting their message and/or demands across, so therefore would
use the Internet to disseminate information or misinformation. A number of
terrorist groups already have websites, and more can be expected. Hackers
also seem to be evolving more in the direction of hactivism. It is unlikely that
terrorists will ever give up their traditional weapons.
Cyber terror can also affect internet-based businesses. Like brick and mortar
retailers and service providers, most websites that produce income (whether
by advertising, monetary exchange for goods or paid services) could stand to
lose money in the event of downtime created by cyber criminals.
Mi2g, a British firm, publishes estimates of the costs of worm, virus, and other
Malicious software (which it calls “malware”) attacks. In addition, the firm
Publishes figures on the incidence and costs of a broader category of cyber-
attack, which it calls “overt digital attacks.”18 The number of such attacks
reported has gone from near zero in the mid-1990s (4 attacks reported in
1995) to about 200,000 in 2004.19 Cost estimates for digital attacks, including
hacking, malware, and spam, are shown in table 4 below. The estimated costs
include business interruption, denial of service, data theft or deletion, loss of
sensitive intelligence or intellectual property, loss of reputation, and share
price declines.
Solution:
1. Prevention: How can we keep an attack from being launched? How can
an attack be made to fail before reaching the target?
Preventive measure:
A) Encryption: This is considered as an important tool for protecting data in transit. Plain text
(readable) can be converted to cipher text (coded language) by this method and the recipient of the
data can decrypt it by converting it into plain text again by using private key. This way except for the
recipient who is the possessor of the private key to decrypt the data, no one can gain access to the
sensitive information.
B) Firewalls: It creates a wall between the system and possible intruders to protect the classified
documents from being leaked or accessed. It would only let the data to flow in computer which is
recognized and verified by one’s system. It only permits access to the system to ones already
registered with the computer.
C) Digital Signature: Are created by using means of cryptography by applying algorithms. This has its
prominent use in the business of banking where customer’s signature is identified by using this
method before banks enter into huge transactions.
D)Updated anti-virus ,malware, spyware software: It helps preventing any malicious activities than
can disrupt normal functionality of system
INCIDENT MANAGEMENT:
To prevent penetration of the system at risk from the outside, we try to erect barriers and otherwise
harden it. Both cyber and physical approaches are necessary. Passwords are the oldest, and still
most widely used, cyber technique. More recent and somewhat widely used techniques are firewalls
and proxy servers.
CONSEQUENCE MANAGEMENT:
No one can deny the positive role of the cyber space in today’s world be it political, economic, or
social sphere of life. But everything has its pro’s and corns, cyber terrorists have taken over the
technology to their advantage. The Information Technology Act 2000 came into existence, in order
to curb the undue advantage of cyberspace taken by cyber terrorists.