Cyberterrorism

Definition
Various definitions exist for the term cyberterrorism (also spelled cyber-terrorism), just as various definitions exist for the term “terrorism.” Security expert Dorothy Denning defines cyberterrorism as “politically motivated hacking operations intended to cause grave harm such as loss of life or severe economic damage.”

The Office of the Comptroller of the Currency defines it as “[t]he use of computing resources against persons or property to intimidate or coerce a government, the civilian population, or any segment thereof, in furtherance of political or social objectives.” The Federal Emergency Management Agency (FEMA) defines cyberterrorism as “unlawful attacks and threats of attack against computers, networks, and the information stored therein when done to intimidate or coerce a government or its people in furtherance of political or social objectives.”

Others indicate that a physical attack that destroys computerized nodes for critical infrastructures, such as the Internet, telecommunications, or the electric power grid, without ever touching a keyboard, can also contribute to, or be labeled as cyberterrorism.

At least two views exist for defining the term cyberterrorism:


 * Effects-based: Cyberterrorism exists when computer attacks result in effects that are disruptive enough to generate fear comparable to a traditional act of terrorism, even if done by criminals.
 * Intent-based: Cyberterrorism exists when unlawful or politically motivated computer attacks are done to intimidate or coerce a government or people to further a political objective, or to cause grave harm or severe economic damage.

United States
Threats to the U.S. cyber and telecommunications infrastructure are constantly increasing and evolving as are the entities that show interest in using a cyber-based capability to harm the nation’s security interests. Concerns have been raised since the 1990s regarding the use of the internet and telecommunications components to cause harm to the nation’s [security]] interests.

Activities producing undesirable results include unauthorized intrusion to gain access and view protected data, stealing or manipulating information contained in various databases, and attacks on telecommunications devices to corrupt data or cause infrastructure components to operate in an irregular manner. Of paramount concern to the national and homeland security communities is the threat of a cyber-related attack against the nation’s critical government infrastructures &mdash; “systems and assets, physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health and safety, or any combination of those matters.” Early concerns noted attacks on components of the energy grid, infrastructure control systems, and military equipment as examples of telecommunications based threats to physical infrastructures.

In response, the Department of Energy conducted an experiment in 2007 in which the control system of an unconnected generator, containing similar components as that of larger generators connected to many power grids in the nation supplying electricity, was damaged and became inoperable. While data from federal agencies demonstrate that the majority of attempted and successful cyberattacks to date have targeted virtual information resources rather than physical infrastructures, many security experts are concerned that the natural progression of those wishing to harm U.S. security interests will transition from stealing or manipulating data to undertaking action that temporarily or permanently disables or destroys the telecommunication network or affects infrastructure components. Many security observers agree that the United States currently faces a multi-faceted, technologically based vulnerability in that “our information systems are being exploited on an unprecedented scale by state and non-state actors [resulting in] a dangerous combination of known and unknown vulnerabilities, strong adversary capabilities, and weak situational awareness.” This, coupled with security observers’ contention that the United States lacks the capability to definitively ascertain perpetrators who might unlawfully access a database or cause harm to a network, leaves the nation increasingly at risk. It also causes acts or discussions related to deterring cyberattacks to be ignored or negated by entities exploiting known or newly found vulnerabilities.

Prominent national security experts have emphasized the vulnerability of U.S. infrastructures. As recently as January 2009, former Director of National Intelligence (DNI) Mike McConnell equated “cyber weapons” with weapons of mass destruction when he expressed concern about terrorists’ use of technology to degrade the nation’s infrastructure. In distinguishing between individuals gaining access to U.S. national security systems or corporate data for purposes of exploitation for purposes of competitive advantage, former Director McConnell noted that terrorists aim to damage infrastructure and that the “time is not too far off when the level of sophistication reaches a point that there could be strategic damage to the United States.”

Current State of Cyberterrorism
There is reasonable evidence available that terrorist organizations use cyberspace to conduct the business of terrorism. Terrorists use the Internet and the World Wide Web to communicate with each other, recruit members, gather intelligence, raise money legally and illegally, organize and coordinate activities, obtain illegal passports and visas, and distribute propaganda. For instance:


 * Some Afghan-based terrorists, such as Osama bin-Laden, reportedly have computers, communications equipment, and large data storage disks for their operations.
 * Hamas, a Middle Eastern terrorist organization, reportedly uses Internet chat rooms and e-mail to plan and coordinate operations in Gaza, the West Bank, and Lebanon.
 * Hizballah, another Middle Eastern group, manages several Internet Websites for propaganda purposes, to describe attacks against Israel , and one for news and information.
 * Government computers reportedly were crashed by terrorist groups during elections in Indonesia, Sri Lanka, and Mexico.
 * Irish Republican Army (IRA) supporters reportedly leaked sensitive details on British army bases in Northern Ireland on the Internet. Sinn Fein also maintains a web site.

Labeling a computer attack as “cyberterrorism” is problematic because of the difficulty determining the identity, intent, or the political motivations of an attacker with certainty. Under 22 U.S.C. §2656, “terrorism” is defined as premeditated, politically motivated violence perpetrated against noncombatant targets by sub-national groups or clandestine agents, usually intended to influence an audience.

Criticism
Some observers feel that the term “cyberterrorism” is inappropriate, because a widespread cyberattack may simply produce annoyances, not terror, as would a bomb, or other chemical, biological, radiological, or nuclear explosive (CBRN) weapon. However, others believe that the effects of a widespread computer network attack would be unpredictable and might cause enough economic disruption, fear, and civilian deaths, to qualify as terrorism.