What is Cyber Terrorism?

In the computerized age, where innovation saturates each part of day-to-day existence, the idea of digital
psychological warfare has arisen as a huge danger. Digital illegal intimidation alludes to the purposeful
utilization of computerized assaults to inflict any kind of damage, interruption, or dread, commonly focusing on
basic foundations, delicate information, or public administrations. Dissimilar to conventional types of
psychological oppression, which depend on actual viciousness, digital psychological oppression works inside the
virtual domain, taking advantage of weaknesses in PC frameworks and organizations. This type of psychological
warfare can have extensive outcomes, influencing everything from public safety to individual protection. As
innovation keeps on advancing, understanding and tending to the danger of digital psychological oppression turns
out to be progressively fundamental for shielding our interconnected world.

What is Cyber Terrorism?

Digital terrorism is the act of utilizing online methods and strategies to execute acts of violence. It usually
pertains to attacks that are driven by political or ideological beliefs, aiming at computer systems, networks, or the
structures that hold information. The objectives can vary from interrupting services and acquiring confidential
information to inflicting physical harm or instilling fear.
Such instances could involve breaching essential systems like electricity grids or transportation networks,
initiating distributed denial-of-service (DDoS) attacks to flood and shut down websites, or distributing viruses to
cause extensive harm. The motive behind digital terrorism is frequently to generate disorder, tarnish reputations,
or push forward political or ideological goals.
Examples of Cyber Terrorism
Here are a few notable examples of cyber terrorism:
 Stuxnet (2010): A refined piece of malware that designated Iran’s atomic improvement offices. It was
intended to cause actual harm to rotators by controlling their velocities, eventually deferring Iran’s atomic
program. This is viewed as perhaps the earliest case of a digital assault causing actual harm.
 Ukraine Power Lattice Assault (2015 and 2016): In December 2015, a digital assault brought down pieces
of Ukraine’s power network, causing far and wide power outages. This assault, attributed to Russian-
connected programmers, was huge for its effect on the basic framework. A comparable assault happened in
December 2016, further showing the weakness of force lattices for digital dangers.
 Sony Pictures Hack (2014): North Korean programmers went after Sony Pictures because of the arrival of
the film “The Meeting,” which portrayed the imaginary death of North Korean pioneer Kim Jong-un. The
assault brought about delicate information, monetary misfortunes, and critical disturbances to Sony’s
activities.
 WannaCry Ransomware Assault (2017): This worldwide ransomware assault impacted a huge number of
PCs across 150 nations. The ransomware encoded documents on tainted PCs and requested emancipate
installments in Bitcoin. It upset basic administrations, remembering medical services frameworks for the UK.
 NotPetya Assault (2017): A digital assault at first masked as ransomware, NotPetya principally designated
Ukraine, yet in addition impacted worldwide organizations. It spread quickly, causing critical monetary harm
and disturbance by encoding information and overwriting Ace Boot records, rendering frameworks unusable.
 Saudi Aramco Digital Assault (2012): Programmers, accepted to be connected to Iran, designated Saudi
Aramco, one of the world’s biggest oil organizations. The assault included sending an infection that cleared
information off of thousands of PCs, disturbing the organization’s tasks, and causing huge monetary harm.

How Big is The Threat of Cyber Terrorism?

The threat of cyber terrorism is significant and growing due to several factors:
 Expanded Network: As additional frameworks and foundations become interconnected through the Web
and IoT (Web of Things), the potential assault surface for digital psychological militants grows. This
interconnectedness builds on the weaknesses of basic foundations like power networks, transportation
frameworks, and monetary organizations.
 Cutting-Edge Innovation: Advances in innovation and digital capacities have made it simpler for aggressors
to execute modern assaults. Devices and procedures that were once accessible just to state entertainers or
profoundly talented programmers are presently more open to a more extensive scope of noxious entertainers.
 Potential for Extreme Effect: Digital psychological warfare can possibly hurt. Assaults on the basic
foundation can prompt broad interruptions of administrations, monetary misfortunes, and, surprisingly, actual
damage, assuming frameworks like influence lattices or transportation networks are compromised.
 Namelessness and Attribution Difficulties: The obscurity of the Web makes it hard to follow and credit
assaults to explicit culprits or gatherings. This confounds endeavors to forestall, answer, and prevent digital
illegal intimidation.
 Inspiration and Plan: Digital fear mongers might be propelled by political, philosophical, or financial
objectives. This expectation can drive them to target prominent or high-influence frameworks to boost their
impact and harm.
 Developing Digital Abilities: Both state and non-state entertainers are progressively putting resources into
digital capacities, including creating progressed malware, taking advantage of weaknesses, and sending off
facilitated assaults. This speculation upgrades their capacity to successfully direct digital psychological
oppression.
 Absence of Readiness: Numerous associations and legislatures are as yet fostering their digital guard systems
and reaction capacities. Insufficient readiness can leave frameworks more helpless against assault and lessen
the capacity to really answer.

How Businesses Can Defend Against Cyber Terrorism?

Businesses can take several steps to defend against cyber terrorism and improve their overall cyber security
posture:
 Carry out Vigorous Network safety Arrangements: Foster far reaching online protection strategies that
frame methodology for safeguarding information, answering episodes, and keeping up with security norms.
Guarantee these arrangements are consistently refreshed to address advancing dangers.
 Put Resources into Cutting Edge Security Innovations: Use progressed network safety apparatuses, like
firewalls, interruption location frameworks (IDS), interruption anticipation frameworks (IPS), and endpoint
assurance arrangements. Execute encryption for delicate information to shield it from unapproved access.
 Normal Security Preparing: Direct customary network protection preparing and mindfulness programs for
workers. Teach them about phishing assaults, social designing, and safe internet based practices to diminish
the gamble of human mistake.
 Lead Standard Security Evaluations: Perform customary weakness appraisals and entrance testing to
recognize and address expected shortcomings in your frameworks. Tending to these weaknesses proactively
can assist with forestalling effective assaults.
 Keep Frameworks and Programming Refreshed: Routinely update and fix working frameworks,
applications, and firmware to address known weaknesses. Mechanized fix the board can assist with
guaranteeing ideal updates.

What to Do If a Cyber Threat is Received Via Telephone?

Here’s a step-by-step approach:

 Remain Cool-Headed: Keep your poise and abstain from overreacting. Draw in with the guest expertly and
uncover no touchy data.
 Accumulate Data: Record whatever number subtleties as could be expected under the circumstances about
the call, including:
 Try not to Draw in or Arrange: Try not to arrange or participating in discussions that could heighten what is
happening. Basically tune in and take notes.
 Confirm the Danger: Check with your interior security group or IT office to check in the event that the
danger is believable. They might have to examine whether there are any related dangers or signs of a genuine
break.
 Report the Danger: Advise your association’s security group or assigned episode reaction group about the
danger. Give them every one of the subtleties you assembled. They will direct the reaction and examination
process.
 Contact Policing: the danger appears to be solid or on the other hand assuming it includes criminal
operations, report it to policing. They can offer help and possibly research the matter further.
 Report Everything: Keep a record of all interchanges and activities taken with respect to the danger. This
documentation will be valuable for examinations and might be required for legitimate purposes.
 Upgrade Safety Efforts: Audit and support your association’s network protection measures and occurrence
reaction conventions. Guarantee that all representatives know about strategies for revealing and taking care of
dangers.
 Screen for Follow-up Dangers: Watch out for any extra dangers or dubious movement following the
underlying call. Be watchful and prepared to answer assuming that further episodes happen.

Cyber security and Cyber Terrorism

Network protection and digital psychological oppression are interconnected ideas; however they address various
parts of the computerized danger scene. Here is an outline of each and how they connect with each other.

Cybersecurity
Network protection alludes to the practices, innovations, and cycles intended to safeguard PCs, organizations,
projects, and information from unapproved access, assault, harm, or robbery. Its will probably guarantee the
privacy, trustworthiness, and accessibility of data.

Key Components
 Preventive Measures: Incorporates firewalls, antivirus programming, encryption, and secure coding practices
to forestall assaults.
 Investigator Measures: Includes observing frameworks for uncommon action, utilizing interruption
discovery frameworks (IDS), and utilizing security data and occasion the executives (SIEM) arrangements.
 Reaction Measures: Incorporates occurrence reaction plans, scientific investigation, and recuperation
methodologies to deal with and moderate the effect of safety breaks.
 Schooling and Preparing: Gives preparing to representatives on best security practices and how to perceive
and answer dangers.

Objectives
 Safeguard delicate information and frameworks from unapproved access and assaults.
 Guarantee the unwavering quality and execution of data frameworks.
 Keep up with consistence with guidelines and industry principles.
Cyber Terrorism

Digital illegal intimidation includes the utilization of advanced instruments and strategies to complete
demonstrations of psychological oppression, focusing on PC frameworks, organizations, or data foundations with
the aim to inflict damage, disturbance, or dread.
Characteristics
 Inspiration: Frequently determined by political, philosophical, or monetary objectives. The assailants might
try to propel a specific plan or cause tumult.
 Targets: Can incorporate basic foundation (e.g., power matrices, water frameworks), monetary
establishments, or high-profile associations.
 Strategies: May include hacking, sending malware, sending off refusal of-administration assaults, or different
strategies intended to cause harm or disturbance.
Objectives
 Make huge interruption or harm to basic frameworks.
 Cause monetary misfortune and monetary precariousness.
 Spread dread and frenzy among people in general or inside unambiguous areas.

More About Cyber Terrorism

 Cyber Terrorism basically involves damaging large-scale computer networks to achieve a loss of data and
even loss of life. Hackers make use of computer viruses, spyware, malware, ransomware, phishing,
programming language scripts, and other malicious software to achieve their purposes.
 Also, these types of cyber-attacks which often lead to criminal offenses are referred to as Cyber Terrorism.
These cyber-attacks create panic and physical damage to a large number of people.
 Cyber Terrorism deals with creating damage to the people and their data using computer networks
intentionally in order to achieve their meaningful purpose.
 Government Agencies like the FBI (Federal Bureau of Investigations) and the CIA (Central Intelligence
Agency) in the past have detected multiple cyber attacks and cyber crimes through terrorist organizations.
 The main purpose behind carrying out Cyber terrorism is to carry out some cyberattack that makes a threat.
 According to the FBI, a Cyber Terrorism attack is defined as a cybercrime that may be used intentionally to
cause harm to people on large scale using computer programs and spyware.
 A cyber terrorism attack is much more harmful than a normal cybercrime because to intentional harm to the
victims and it may not cause financial damage to cause fear in society.
 In most cases, the criminals target the banking industry, military power, nuclear power plants, air traffic
control, and water control sectors for making a cyber terrorism attack for creating fear, critical infrastructure
failure, or for political advantage.

Working
The cyber terrorism attacks work in the following ways:
 They use computer viruses, worms, spyware, and trojans to target web servers and IT service stations. They
want to attack military utilities, air force stations, power supply stations to disrupt all the services.
 They use a Denial of Service attack where the original verified user cannot access the services for which he is
authorized. This creates a sense of fear among the people for important essential services like medical
emergencies.
 These attacks help cyber criminals to get unauthorized access to the user’s computer using hacking and then
stealing that information to fulfill their wrong purposes.
 Ransomware helps them to hold data and information by asking for some ransom money from the victim and
they even leak the private data of the users if they don’t get the desired amount.
 They mostly use phishing-based techniques to target users using infected spam emails to steal the user’s
information and reveal that identity to everyone.
 The most popular attack used in cyber terrorism is the APT (Advanced persistent threat). They use complex
penetrating network models to hack into large-scale computer networks like in an organization. They make
themselves undetected in that organization network and then they continuously steal information related to
military equipment, national defense information, etc.
Attacks

The cyber terrorism attacks are usually carried out as follows:

 Unauthorized Access: Attackers aim to disrupt and damage all the means of access to the service. Instead,
the hacker gains unauthorized access to the important resources.
 Disruption: These attacks focus on disrupting public websites and critical infrastructure resources to create
fear within the society of massive fatalities and commotion.
 Cyberespionage: The government usually carry out some spyware operations on other government of other
country related to military equipment to gain an advantage over rival nations in terms of military intelligence.
 Economic Failure: Cybercriminals want all the technical system failures to cause a large-scale economic
failure like crashing the electricity or water systems for multiple days to create a panic of these services within
the society.
 Prevention
We can prevent situations like cyber terrorism in the following ways:
 Government must regulate all cybercriminal activities and make stricter rules regarding its violation. They
must dedicate more resources to deal with cyber threats.
 There must be more public education about these activities to the general audience. This will help to create
even less vulnerability that the criminals take advantage of targeting the user’s data. It empowers the citizens
to protect themselves from such kinds of phishing and spyware attacks.
 We must use VPNs that help us to use private and protected network setup that is difficult to crack into by
hackers.
 Use strong passwords with a strong combination of alphabets, strings, and numbers in them. Features like two-
factor authentication also play an important role in this thing.
 Don’t open unknown links, URLs, websites, and spam emails that may contain harmful infected files in it and
it may harm the entire computer system.
Conclusion
Cyber psychological oppression alludes to the utilization of advanced assaults by people, gatherings, or countries
to disturb or harm PC frameworks, organizations, or information for political, philosophical, or monetary
purposes. These assaults can inflict damage, including functional disturbance, monetary misfortune, and harm to
notoriety. Not at all like customary psychological oppression, digital illegal intimidation takes advantage of
innovation to create dread and turmoil without actual brutality. As a computerized framework turns out to be
progressively essential to current life, understanding and battling digital psychological warfare is significant for
guaranteeing security and flexibility in our interconnected world. Compelling countermeasures include hearty
network protection rehearsals, global participation, and public mindfulness.

Worms, Viruses and beyond!!

The Threat The computer systems may become a victim of virus, worm, hacking etc types of attacks. The
computer systems may crash, sensitive data can be stolen and misused or driver problems may arise in few
cases Who may do it It is the Hacker: someone who seeks and exploits weaknesses in a computer system or
computer network. They are the malicious programmers. They have excellent programming skills and design a
bug which gets embedded in the pc and cause it to malfunction. Types of Infections: There are many types of
infections that may affect a pc performance and functionality. Some of the major infections are: Virus: Small
pieces of software that attach themselves to real programs.
 The term “virus” is also commonly but erroneously used to refer to other types of malware, adware, and
spyware programs that do not have the reproductive ability.
 A true virus can spread from one computer to another (in some form of executable code).
 Viruses can increase their chances of spreading on to other computers by infecting files on a network file
system or a file system that is accessed by another computer.
 Viruses always mostly corrupt or modify system files on the targeted computer.
Worm: A self-replicating program
 The major difference between a virus and a worm is that worm does not attach itself to other existing program
as viruses do .
 Worms spread across networks due to poor security of the infected computers.
 Asthis type of infection runs by itself it can have devastating impacts.
 Worm Viruses Include: lovgate.F, sobig.D ,trile. C
Trojan Horses: Allow the hackers to gain remote access of a target system.
 Once a Trojan horse has been installed on a target computer system, the hacker can access it remotely and
perform various operations.
 Trojans can illegally trace important login details of users online
E-Banking is very common among users, therefore, vulnerability of tracing user’s login details, if the system is
infected with Trojan Horse Malware: stands for malicious software
 Malware is a broad term that refers to a variety of malicious programs.
 Software that can be used to compromise computer functions, steal data, bypass access controls, or otherwise
cause harm to the host computer.
 Adware: Advertisement-supported software
 They are generally spread through download of a software from an untrusted source from Internet
 It is any software package that automatically delivers advertisements
 Common examples of adware include pop-up ads on websites and advertisements that are displayed by
software. Often times software and applications offer “free” versions that come bundled with adware.
Spyware: The spy inside your PC
 It is program that is put in someone’s computer to secretly gather information about the user and relay it to
advertisers or other interested parties.
 Spyware can get in a computer as a software virus or as a result of installing a new program.
Ransomware holds a computer system, or the data it contains, hostage against its user by demanding a
ransom for its restoration.
 It is considered a “scareware” as it forces users to pay a fee (or ransom) by scaring or intimidating them
 Some ransomware encrypts files called “cryptolocker”.
 Ransomware can be downloaded by the unwitty users through some websites. They may also arrive as a
payload, either dropped or downloaded by other malware. Some ransomware are delivered as attachments to
spammed email.
Shortcut virus: creates shortcut files everywhere in the pc, results in disk space
consumption. RootKit :Activated each time your system boots up.
 Difficult to detect because they are activated before your system’s Operating System has completely booted
up.
Email Virus: Virus spread via an email.
 Such a virus hides in an email and the effect is seen when the recipient opens the mail.
 Examples of email virus’s are the Melissa Virus, and the ILOVEYOU virus.
Browser Hijacker :Changes web browser’s home page and default search provider to a different one
without user’s permission.
 It infects certain browser functions especially in form of re-directing the user automatically to certain sites.
Browser Hijackers Include sojou.com, ask toolbar, Conduit search Bots: Sophisticated types of crimeware.
 They are similar to worms and Trojans
 They perform a wide variety of automated tasks on behalf of their master (the cybercriminals) who are often
safely located somewhere far across the Internet.
Malware Detection Here are some of the situations that one can use to identify whether the computer system
has been affected by malware or not:
 Increased CPU usage
 Slow computer or web browser speeds
 Frequent freezing or crashing
 Appearance of strange files, programs, or desktop icons
 Programs running, turning off, or reconfiguring themselves
 System not booting up
 Emails/messages being sent automatically and without user’s knowledge

How to Be safe
 Always scan the external devices pen drives,CD’s before opening them
 Always scan the attachments which come via mail
 Do not download unknown software from internet
 Make sure Windows Firewall is enabled while accessing Internet
 Use a light weight antivirus software like malware bytes, adwcleaner.
 Don’t use very heavy weight antivirus software as they may cause the CPU slow.
 Call the computer engineer if the problem persists.
 Run a full scan of the system once in a month at least.
 Keep deleting the temporary files over a period of 3 months.
Malicious Script
Malicious scripts are used by cybercriminals in order to harm the recipients by injecting harmful code designed
by them into a legitimate website or simply modifying the code without anyone permission. Cyber threat actors
hide client-side online apps and webpages on respectable websites, third-party scripts, and other places to
undermine their security.
Customers and users of online applications or websites are the most typical victims of malicious scripts since they
have no way of knowing that dangerous script exists in these websites or applications and believe the business
with which they are dealing is secure and safe.
Malicious scripts are codes used on websites to exploit their vulnerabilities and system flaws in order to upload
malware like viruses, adware, worms, backdoor attacks, Trojan horses, bots, logic bombs, and spyware. Users can
be harmed by them visiting compromised websites or clicking on a broken email link or attachment to introduce
malicious code onto their machines.

Working of Malicious Script:

Malicious scripts are mainly carried out to execute malware attacks. The threat actors can hack into an ordinarily
trustworthy website and inject their own code inside it either to steal their personal data or install malware into
their system.
For example, a reputed e-commerce website called “Shoppinger” where users make online payments are hacked
and the hackers inject their own code such that when a user clicks on “Buy Now”, two things could happen, he
could be either redirected to the hackers’ website which is identical to the Shoppinger’s payment page and the
user fills in their Bank PIN which gets revealed to the attackers, or a harmful software can start to download in
the user’s system which without a firewall or an antivirus cannot be detected.
This is how, hackers can infect clients’ computers with harmful malware by exploiting one of the many flaws in
browsers, operating systems, third-party programs, or the website itself that allow them to introduce exploits in
the first place.
The hackers can easily read the original code to mix their own code into it without any inconvenience because
before the machine-readable code is executed, the human-readable code like Java, Javascript, and machine-
readable Python is processed line by line by the system. Thus the computer being unnotified of any attack
executes the command once the interpreter converts it to machine-readable code.

Types of Malicious Script Attacks:

1. Cross-site scripting (XSS): Cross-site scripting, termed (XSS) is one of the most popular malicious script
attacks. XSS can be used to inject client-side harmful scripts into web pages that are being viewed by other users.
A cross-site scripting weakness could be used by an attacker to get around access restrictions like the same-origin
policy.
Symantec shared that XSS attacks are extremely easy to exploit, 21 cyber issues of every 25 attacks happening
until 2007 were carried out using online cross-site scripting attacks.
XSS attacks are more sensitive to websites that require very high security and authentication system in order to
protect the sensitive information being shared among the users with each other. So in such cases, XSS can
implement minor breaches if not major attacks.
When an attacker stores malicious script in the data provided by a website’s search or contact form, this is known
as reflected cross-site scripting. A reflected XSS attack example would be that a hacker while analyzing a website
notices that a user fillable information which gets stored in the website server can allow tags and thus fills
Javascript malicious code to attack users who click on the attacker’s profile page where the malicious code
submitted by them is written.
2. HTML injection: Injection of Hypertext Markup Language (HTML) is a technique where the website users’
security is breached by taking advantage of vulnerable sites of the webpages in that website by entering
unjustifiable input data to modify that web page. The web page is modified by code written in HTML when
programs are unsuccessful in checking user-provided data, in order to change website content that is presented to
other users.
A specially constructed query can result in the inclusion of attacker-controlled HTML elements in the web page,
changing the way application material is exposed to the web.
3. Skimming: Skimming is the kind of cyber attack in which the hacker tries to steal the financial particulars of
the users using an otherwise legitimate e-commerce website or online payment website where they need to fill in
their bank information like UPI ID, bank number, account number, CVV, PINs.
The malicious software used in skimming attacks is called Magecart, that is why the other name of skimming
attacks is called Magecart Attacks. Magecart is also the name of the hackers or group of cybercriminals who
participate in skimming attacks to steal financial information. This stolen information of the users is then sold in
the illegal markets for further exploitation.
To protect from skimming attacks, as a user, use payment apps/websites which securely store card information so
that they are not regularly used while making payments, as an owner of payment apps, regularly audit your code.
4. Malvertising: Malvertising is an acronym for malicious advertising, a relatively new hacking technique in
which hackers insert dangerous malware into digital adverts. The software frequently redirects users to bogus
websites. It might be challenging for both internet users and publishers to discover these infected ads because
they are regularly displayed to consumers through authorized advertising networks. Multiple redirections between
different servers happen after a person clicks on an ad. Attackers take advantage of this intricacy to deliver
harmful content to publishers and ad networks in unexpected areas.

Protection from Malicious Scripts:

To avoid such attacks, users must remember that there is no such thing as a completely safe website on the
internet, therefore they must take efforts to protect themselves. It is necessary to upgrade the operating system
and software that are most vulnerable to these attacks in order to minimize them (namely browsers, Flash Player,
and Java). However, having a security solution that can detect these dangerous scripts – not only those written in
JavaScript but also those written in PowerShell and other scripting languages – isn’t always enough.
Allowing risky code to run in client programs like web browsers is the greatest approach to prevent being
attacked in the first place. You can avoid this by adopting a range of scenario-specific strategies, such as a guide
against cross-site scripting attacks, avoiding compromised code libraries, and web server security standards.