Cyberterrorism is the use of the
Internet
The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a '' network of networks'' that consists of private, pub ...
to conduct violent acts that result in, or threaten, the loss of life or significant bodily harm, in order to achieve political or ideological gains through
threat
A threat is a communication of intent to inflict harm or loss on another person. Intimidation is a tactic used between conflicting parties to make the other timid or psychologically insecure for coercion or control. The act of intimidation for co ...
or
intimidation
Intimidation is to "make timid or make fearful"; or to induce fear. This includes intentional behaviors of forcing another person to experience general discomfort such as humiliation, embarrassment, inferiority, limited freedom, etc and the victi ...
. Acts of deliberate, large-scale disruption of
computer network
A computer network is a set of computers sharing resources located on or provided by network nodes. The computers use common communication protocols over digital interconnections to communicate with each other. These interconnections are ...
s, especially of personal computers attached to the Internet by means of tools such as
computer viruses,
computer worms,
phishing
Phishing is a type of social engineering where an attacker sends a fraudulent (e.g., spoofed, fake, or otherwise deceptive) message designed to trick a person into revealing sensitive information to the attacker or to deploy malicious softwa ...
,
malicious software
Malware (a portmanteau for ''malicious software'') is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, ...
, hardware methods, programming scripts can all be forms of internet terrorism. Cyberterrorism is a controversial term. Some authors opt for a very narrow definition, relating to deployment by known terrorist organizations of disruption attacks against information systems for the primary purpose of creating alarm, panic, or physical disruption. Other authors prefer a broader definition, which includes
cybercrime
A cybercrime is a crime that involves a computer or a computer network.Moore, R. (2005) "Cyber crime: Investigating High-Technology Computer Crime," Cleveland, Mississippi: Anderson Publishing. The computer may have been used in committing th ...
. Participating in a cyberattack affects the terror threat perception, even if it isn't done with a violent approach. By some definitions, it might be difficult to distinguish which instances of online activities are cyberterrorism or cybercrime.
Cyberterrorism can be also defined as the intentional use of computers, networks, and public internet to cause destruction and harm for personal objectives. Experienced cyberterrorists, who are very skilled in terms of
hacking can cause massive damage to government systems and might leave a country in fear of further attacks.
The objectives of such terrorists may be political or ideological since this can be considered a form of terror.
There is much
concern from government and media sources about potential damage that could be caused by cyberterrorism, and this has prompted efforts by government agencies such as the
Federal Bureau of Investigation
The Federal Bureau of Investigation (FBI) is the domestic intelligence and security service of the United States and its principal federal law enforcement agency. Operating under the jurisdiction of the United States Department of Justice, ...
(FBI) and the
Central Intelligence Agency
The Central Intelligence Agency (CIA ), known informally as the Agency and historically as the Company, is a civilian foreign intelligence service of the federal government of the United States, officially tasked with gathering, processing, ...
(CIA) to put an end to
cyber attack
A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, or personal computer devices. An attacker is a person or process that attempts to access data, functions, or other restricted ...
s and cyberterrorism.
There have been several major and minor instances of cyberterrorism.
Al-Qaeda
Al-Qaeda (; , ) is an Islamic extremism, Islamic extremist organization composed of Salafist jihadists. Its members are mostly composed of Arab, Arabs, but also include other peoples. Al-Qaeda has mounted attacks on civilian and military ta ...
utilized the internet to communicate with supporters and even to recruit new members.
Estonia
Estonia, formally the Republic of Estonia, is a country by the Baltic Sea in Northern Europe. It is bordered to the north by the Gulf of Finland across from Finland, to the west by the sea across from Sweden, to the south by Latvia, a ...
, a Baltic country which is constantly evolving in terms of technology, became a battleground for cyberterrorism in April 2007 after disputes regarding the relocation of a WWII soviet statue located in Estonia's capital Tallinn.
Overview
There is debate over the basic definition of the scope of cyberterrorism. These definitions can be narrow such as the use of Internet to attack other systems in the Internet that result to violence against persons or property.
They can also be broad, those that include any form of Internet usage by terrorists to conventional attacks on information technology infrastructures.
There is variation in qualification by motivation, targets, methods, and centrality of computer use in the act. U.S. government agencies also use varying definitions and that none of these have so far attempted to introduce a standard that is binding outside of their sphere of influence.
Depending on context, cyberterrorism may overlap considerably with
cybercrime
A cybercrime is a crime that involves a computer or a computer network.Moore, R. (2005) "Cyber crime: Investigating High-Technology Computer Crime," Cleveland, Mississippi: Anderson Publishing. The computer may have been used in committing th ...
,
cyberwar
Cyberwarfare is the use of cyber attacks against an enemy state, causing comparable harm to actual warfare and/or disrupting vital computer systems. Some intended outcomes could be espionage, sabotage, propaganda, manipulation or economic war ...
or ordinary
terrorism
Terrorism, in its broadest sense, is the use of criminal violence to provoke a state of terror or fear, mostly with the intention to achieve political or religious aims. The term is used in this regard primarily to refer to intentional violen ...
.
Eugene Kaspersky
Yevgeny Valentinovich Kaspersky (Russian: Евгений Валентинович Касперский; born 4 October 1965) is a Russian cybersecurity expert and the CEO of Kaspersky Lab, an IT security company with 4,000 employees. He co-found ...
, founder of
Kaspersky Lab
Kaspersky Lab (; Russian: Лаборатория Касперского, tr. ''Laboratoriya Kasperskogo'') is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia, and operated by a holding company in th ...
, now feels that "cyberterrorism" is a more accurate term than "
cyberwar
Cyberwarfare is the use of cyber attacks against an enemy state, causing comparable harm to actual warfare and/or disrupting vital computer systems. Some intended outcomes could be espionage, sabotage, propaganda, manipulation or economic war ...
". He states that "with today's attacks, you are clueless about who did it or when they will strike again. It's not cyber-war, but cyberterrorism."
["Latest viruses could mean 'end of world as we know it,' says man who discovered Flame"](_blank)
''The Times of Israel'', 6 June 2012 He also equates large-scale cyber weapons, such as the
Flame Virus
Flame, also known as Flamer, sKyWIper, and Skywiper, is modular computer malware discovered in 2012 that attacks computers running the Microsoft Windows operating system. The program is used for targeted cyber espionage in Middle Eastern count ...
and NetTraveler Virus which his company discovered, to
biological weapons
A biological agent (also called bio-agent, biological threat agent, biological warfare agent, biological weapon, or bioweapon) is a bacterium, virus, protozoan, parasite, fungus, or toxin that can be used purposefully as a weapon in bioterrorism ...
, claiming that in an interconnected world, they have the potential to be equally destructive.
["Cyber espionage bug attacking Middle East, but Israel untouched — so far"](_blank)
''The Times of Israel'', 4 June 2013
If cyberterrorism is treated similarly to traditional
terrorism
Terrorism, in its broadest sense, is the use of criminal violence to provoke a state of terror or fear, mostly with the intention to achieve political or religious aims. The term is used in this regard primarily to refer to intentional violen ...
, then it only includes attacks that threaten property or lives, and can be defined as the leveraging of a target's computers and information, particularly via the
Internet
The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a '' network of networks'' that consists of private, pub ...
, to cause physical, real-world harm or severe disruption of infrastructure.
Many academics and researchers who specialize in terrorism studies suggest that cyberterrorism does not exist and is really a matter of
hacking or
information warfare
Information warfare (IW) (as different from cyber warfare that attacks computers, software, and command control systems) is a concept involving the battlespace use and management of information and communication technology (ICT) in pursuit of a ...
. They disagree with labeling it as terrorism because of the unlikelihood of the creation of fear, significant physical harm, or death in a population using electronic means, considering current attack and protective technologies.
If death or physical damage that could cause human harm is considered a necessary part of the cyberterrorism definition, then there have been few identifiable incidents of cyberterrorism, although there has been much policy research and public concern. Modern terrorism and political violence is not easily defined, however, and some scholars assert that it is now "unbounded" and not exclusively concerned with physical damage.
There is an old saying that death or loss of property are the side products of terrorism, the main purpose of such incidents is to ''create terror'' in peoples' minds and harm bystanders. If any incident in
cyberspace can ''create terror'', it may be rightly called cyberterrorism. For those affected by such acts, the fears of cyberterrorism are quite real.
As with cybercrime in general, the threshold of required knowledge and skills to perpetrate acts of cyberterrorism has been steadily diminishing thanks to freely available hacking suites and online courses. Additionally, the physical and virtual worlds are merging at an accelerated rate, making for many more targets of opportunity which is evidenced by such notable cyber attacks as
Stuxnet
Stuxnet is a malicious computer worm first uncovered in 2010 and thought to have been in development since at least 2005. Stuxnet targets supervisory control and data acquisition ( SCADA) systems and is believed to be responsible for causing su ...
, the Saudi petrochemical sabotage attempt in 2018 and others.
Defining cyberterrorism
Assigning a concrete definition to cyberterrorism can be hard, due to the difficulty of defining the term terrorism itself. Multiple organizations have created their own definitions, most of which are overly broad. There is also controversy concerning overuse of the term,
hyperbole
Hyperbole (; adj. hyperbolic ) is the use of exaggeration as a rhetorical device or figure of speech. In rhetoric, it is also sometimes known as auxesis (literally 'growth'). In poetry and oratory, it emphasizes, evokes strong feelings, and ...
in the media and by security vendors trying to sell "solutions".
One way of understanding cyberterrorism involves the idea that terrorists could cause massive loss of life, worldwide economic chaos and environmental damage by hacking into critical infrastructure systems. The nature of cyberterrorism covers conduct involving computer or Internet technology that:
# is motivated by a political, religious or ideological cause
# is intended to intimidate a government or a section of the public to varying degrees
# seriously interferes with infrastructure
The term "cyberterrorism" can be used in a variety of different ways, but there are limits to its use. An attack on an
Internet business
The dot-com bubble (dot-com boom, tech bubble, or the Internet bubble) was a stock market bubble in the late 1990s, a period of massive growth in the use and adoption of the Internet.
Between 1995 and its peak in March 2000, the Nasdaq Compo ...
can be labeled cyberterrorism, however when it is done for economic motivations rather than ideological it is typically regarded as
cybercrime
A cybercrime is a crime that involves a computer or a computer network.Moore, R. (2005) "Cyber crime: Investigating High-Technology Computer Crime," Cleveland, Mississippi: Anderson Publishing. The computer may have been used in committing th ...
.
Convention also limits the label "cyberterrorism" to actions by individuals, independent groups, or organizations. Any form of
cyberwarfare
Cyberwarfare is the use of cyber attacks against an enemy state, causing comparable harm to actual warfare and/or disrupting vital computer systems. Some intended outcomes could be espionage, sabotage, propaganda, manipulation or economic war ...
conducted by governments and states would be regulated and punishable under international law.
[Gable, Kelly A. "Cyber-Apocalypse Now: Securing the Internet against Cyberterrorism and Using Universal Jurisdiction as a Deterrent". ''Vanderbilt Journal of Transnational Law'', Vol. 43, No. 1]
The Technolytics Institute defines cyberterrorism as
e premeditated use of disruptive activities, or the threat thereof, against computers and/or networks, with the intention to cause harm or further social, ideological, religious, political or similar objectives. Or to intimidate any person in furtherance of such objectives.
The term appears first in defense literature, surfacing (as "cyber-terrorism") in reports by the
U.S. Army War College
The United States Army War College (USAWC) is a U.S. Army educational institution in Carlisle, Pennsylvania, on the 500-acre (2 km2) campus of the historic Carlisle Barracks. It provides graduate-level instruction to senior military officer ...
as early as 1998.
The
National Conference of State Legislatures
The National Conference of State Legislatures (NCSL), established in 1975, is a "nonpartisan public officials’ association composed of sitting state legislators" from the states, territories and commonwealths of the United States.
Background ...
, an organization of legislators created to help policymakers in the
United States
The United States of America (U.S.A. or USA), commonly known as the United States (U.S. or US) or America, is a country primarily located in North America. It consists of 50 states, a federal district, five major unincorporated territorie ...
with issues such as economy and
homeland security
Homeland security is an American national security term for "the national effort to ensure a homeland that is safe, secure, and resilient against terrorism and other hazards where American interests, aspirations, and ways of life can thrive" t ...
defines cyberterrorism as:
e use of information technology by terrorist groups and individuals to further their agenda. This can include use of information technology to organize and execute attacks against networks, computer systems and telecommunications infrastructures, or for exchanging information or making threats electronically. Examples are hacking into computer systems, introducing viruses to vulnerable networks, web site defacing, Denial-of-service attack
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host conn ...
s, or terroristic threats made via electronic communication.
NATO
The North Atlantic Treaty Organization (NATO, ; french: Organisation du traité de l'Atlantique nord, ), also called the North Atlantic Alliance, is an intergovernmental military alliance between 30 member states – 28 European and two No ...
defines cyberterrorism as "
cyberattack using or exploiting computer or communication networks to cause sufficient destruction or disruption to generate fear or to intimidate a society into an ideological goal".
The United States
National Infrastructure Protection Center The National Infrastructure Protection Center (NIPC) was a unit of the United States federal government charged with protecting computer systems and information systems critical to the United States' infrastructure.Gale Encyclopedia of Espionage & ...
defined cyberterrorism as:
A criminal act perpetrated by the use of computers and telecommunications capabilities resulting in violence, destruction, and/or disruption of services to create fear by causing confusion and uncertainty within a given population, with the goal of influencing a government or population to conform to a political, social, or ideological agenda.
The FBI, another United States agency, defines "cyber terrorism" as "premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by subnational groups or clandestine agents".
These definitions tend to share the view of cyberterrorism as politically and/or ideologically inclined. One area of debate is the difference between cyberterrorism and
hacktivism
In Internet activism, hacktivism, or hactivism (a portmanteau of ''hack'' and ''activism''), is the use of computer-based techniques such as hacking as a form of civil disobedience to promote a political agenda or social change. With roots in hac ...
. Hacktivism is "the marriage of hacking with political activism". Both actions are politically driven and involve using computers, however cyberterrorism is primarily used to cause harm. It becomes an issue because acts of violence on the computer can be labeled either cyberterrorism or hacktivism.
Types of cyberterror capability
In 1999 the Center for the Study of Terrorism and Irregular Warfare at the
Naval Postgraduate School
The Naval Postgraduate School (NPS) is a public graduate school operated by the United States Navy and located in Monterey, California.
It offers master’s and doctoral degrees in more than 70 fields of study to the U.S. Armed Forces, DOD ci ...
in Monterey, California, defined three levels of cyberterror capability:
[
]
* Simple-Unstructured: the capability to conduct basic hacks against individual systems using tools created by someone else. The organization possesses little target-analysis,
command-and-control, or learning capability.
* Advanced-Structured: the capability to conduct more sophisticated attacks against multiple systems or networks and possibly, to modify or create basic hacking-tools. The organization possesses an elementary target-analysis, command-and-control, and learning capability.
* Complex-Coordinated: the capability for a coordinated attack capable of causing mass-disruption against integrated, heterogeneous defenses (including cryptography). Ability to create sophisticated hacking tools. Highly capable target-analysis, command-and-control, and organization learning-capability.
Concerns
Cyberterrorism is becoming more and more prominent on
social media
Social media are interactive media technologies that facilitate the creation and sharing of information, ideas, interests, and other forms of expression through virtual communities and networks. While challenges to the definition of ''social medi ...
today. As the Internet becomes more pervasive, individuals or groups can use the anonymity afforded by
cyberspace to threaten other individuals, specific groups (with membership based, for example, on ethnicity or belief), communities and entire countries, without the inherent threat of identification, capture, injury, or death of the attacker that being physically present would bring.
Many groups such as
Anonymous, use tools such as
denial-of-service attack
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host conn ...
s to attack and censor groups which oppose them, creating many concerns for freedom and respect for differences of thought.
Many believe that cyberterrorism is an extreme threat to countries' economies, and fear an attack could potentially lead to another Great Depression. Several
leader
Leadership, both as a research area and as a practical skill, encompasses the ability of an individual, group or organization to "lead", influence or guide other individuals, teams, or entire organizations. The word "leadership" often gets vi ...
s agree that cyberterrorism has the highest percentage of threat over other possible attacks on U.S. territory. Although natural disasters are considered a top threat and have proven to be devastating to people and land, there is ultimately little that can be done to prevent such events from happening. Thus, the expectation is to focus more on preventative measures that will make Internet attacks impossible for execution.
As the Internet continues to expand, and computer systems continue to be assigned increased responsibility while becoming more complex and interdependent, sabotage or terrorism via the Internet may become a more serious threat and is possibly one of the top 10 events to "end the human race." People have much easier access to illegal involvement within cyberspace by the ability to access a part of the internet known as the
Dark Web. The
Internet of Things
The Internet of things (IoT) describes physical objects (or groups of such objects) with sensors, processing ability, software and other technologies that connect and exchange data with other devices and systems over the Internet or other comm ...
promises to further merge the virtual and physical worlds, which some experts see as a powerful incentive for states to use terrorist proxies in furtherance of objectives.
Dependence on the Internet is rapidly increasing on a worldwide scale, creating a platform for international cyber-terror plots to be formulated and executed as a direct threat to national security.
For terrorists, cyber-based attacks have distinct advantages over physical attacks. They can be conducted remotely, anonymously, and relatively cheaply, and they do not require significant investment in weapons, explosives or personnel. The effects can be widespread and profound. Incidents of cyberterrorism are likely to increase. They can be expected to take place through denial-of-service attacks, malware, and other methods that are difficult to envision today. One example involves the deaths involving the Islamic State and the online social networks Twitter, Google, and Facebook – leading to legal action being taken against them, that ultimately resulted in them being sued.
In an article about cyber attacks by Iran and North Korea, ''
The New York Times
''The New York Times'' (''the Times'', ''NYT'', or the Gray Lady) is a daily newspaper based in New York City with a worldwide readership reported in 2020 to comprise a declining 840,000 paid print subscribers, and a growing 6 million paid ...
'' observes:
The appeal of digital weapons is similar to that of nuclear capability: it is a way for an outgunned, outfinanced nation to even the playing field. "These countries are pursuing cyberweapons the same way they are pursuing nuclear weapons," said James A. Lewis, a computer security expert at the Center for Strategic and International Studies
The Center for Strategic and International Studies (CSIS) is an American think tank based in Washington, D.C. CSIS was founded as the Center for Strategic and International Studies of Georgetown University in 1962. The center conducts polic ...
in Washington. "It's primitive; it's not top of the line, but it's good enough and they are committed to getting it."[
]
History
Public interest in cyberterrorism began in the late 1990s, when the term was coined by Barry C. Collin. As 2000 approached, the fear and uncertainty about the
millennium bug heightened, as did the potential for attacks by cyber terrorists. Although the millennium bug was by no means a terrorist attack or plot against the world or the United States, it did act as a catalyst in sparking the fears of a possibly large-scale devastating cyber-attack. Commentators noted that many of the facts of such incidents seemed to change, often with exaggerated media reports.
The high-profile terrorist attacks in the United States on 11 September 2001, and the ensuing
War on Terror
The war on terror, officially the Global War on Terrorism (GWOT), is an ongoing international Counterterrorism, counterterrorism military campaign initiated by the United States following the September 11 attacks. The main targets of the campa ...
by the US led to further media coverage of the potential threats of cyberterrorism in the years following. Mainstream media coverage often discusses the possibility of a large attack making use of computer networks to sabotage critical infrastructures with the aim of putting human lives in jeopardy or causing disruption on a national scale either directly or by disruption of the national economy.
Authors such as
Winn Schwartau
Winn Schwartau (born July 1, 1952) is computer security analyst who focuses on internet security, internet privacy, infowar, cyber-terrorism and related topics.
Schwartau coined the term "Electronic Pearl Harbor" while testifying before Congres ...
and
John Arquilla John Arquilla (born 1954) is an American analyst and academic of international relations.
Biography
Arquilla received a B.A. from Rosary College in 1975. Until 1987, he worked as a surety-bond executive. He then enrolled at Stanford University, ...
are reported to have had considerable financial success selling books which described what were purported to be plausible scenarios of mayhem caused by cyberterrorism. Many critics claim that these books were unrealistic in their assessments of whether the attacks described (such as nuclear meltdowns and chemical plant explosions) were possible. A common thread throughout what critics perceive as cyberterror-hype is that of non-
falsifiability
Falsifiability is a standard of evaluation of scientific theories and hypotheses that was introduced by the philosopher of science Karl Popper in his book '' The Logic of Scientific Discovery'' (1934). He proposed it as the cornerstone of a s ...
; that is, when the predicted disasters fail to occur, it only goes to show how lucky we've been so far, rather than impugning the theory.
In 2016, for the first time ever, the Department of Justice charged Ardit Ferizi with cyberterrorism. He is accused of allegedly hacking into a military website and stealing the names, addresses, and other personal information of government and military personnel and selling it to ISIS.
On the other hand, it is also argued that, despite substantial studies on cyberterrorism, the body of literature is still unable to present a realistic estimate of the actual threat.
For instance, in the case of a cyberterrorist attack on a public infrastructure such as a power plant or air traffic control through hacking, there is uncertainty as to its success because data concerning such phenomena are limited.
Current threats
Cyberterrorism ranks among the highest potential security threats in the world. It has become more critical than the development of nuclear weapons or the current conflicts between nations. Due to the pervasiveness of the internet and the amount of responsibility assigned to this technology, digital weapons pose a threat to entire economic or social systems. Some of the most critical international security concerns include:
DDoS Attacks – Millions of Denial of Service attacks occur every year and the service disruption can cost hundreds of thousands of dollars each hour they are down. It is important to keep critical systems secured and redundant to remain online during these attacks.
Social Engineering – In 1997 an experiment conducted by the NSA concluded that thirty five-hackers were able to access critical pentagon computer systems and could easily edit accounts, reformat data and even shut down entire systems. Often they used phishing tactics such as calling offices and pretending to be technicians to gain passwords.
Third Party Software – The top retailers are connected with thousands of separate third-party recourses and at least 23% of those assets have at least one critical vulnerability. These companies need to manage and reevaluate their network security in order to keep personal data safe.
Future threats
As technology becomes more and more integrated into society, new vulnerabilities and security threats are opened up on these complex networks that we have set up. If an intruder was to gain access to these networks they have the potential to threaten entire communities or economic systems. There is no certainty for what events will take place in the future, which is why it is important that there are systems build to adapt to the changing environment.
The most apparent cyberterrorism threat in our near future will involve the state of remote work during the COVID-19 pandemic. Companies cannot expect that every home office is up to date and secure so they must adopt a zero-trust policy from home devices. This means that they must assume corporate resources and unsecured devices are sharing the same space and they must act accordingly.
The rise of cryptocurrency has also sparked some additional threats in the realm of security. Cyber Criminals are now hijacking home computers and company networks in order to mine certain cryptocurrencies such as bitcoin. This mining process requires an immense amount of computer processing power which can cripple a business’ network and lead to severe downtime if the issue is not resolved.
International attacks and response
Conventions
As of 2016 there have been eighteen conventions and major legal instruments that specifically deal with terrorist activities and cyber terrorism.
* 1963: Convention on Offences and Certain Other Acts Committed on Board Aircraft
* 1970: Convention for the Suppression of Unlawful Seizure of Aircraft
* 1971: Convention for the Suppression of Unlawful Acts Against the Safety of Civil Aviation
* 1973: Convention on the Prevention and Punishment of Crimes against Internationally Protected Persons
* 1979: International Convention against the Taking of Hostages
* 1980: Convention on the Physical Protection of Nuclear Material
* 1988: Protocol for the Suppression of Unlawful Acts of Violence at Airports Serving International Civil Aviation
* 1988: Protocol for the Suppression of Unlawful Acts against the Safety of Fixed Platforms Located on the Continental Shelf
* 1988: Convention for the Suppression of Unlawful Acts against the Safety of Maritime Navigation
* 1989: Supplementary to the Convention for the Suppression of Unlawful Acts against the Safety of Civil Aviation
* 1991: Convention on the Marking of Plastic Explosives for the Purpose of Detection
* 1997: International Convention for the Suppression of Terrorist Bombings
* 1999: International Convention for the Suppression of the Financing of Terrorism
* 2005: Protocol to the Convention for the Suppression of Unlawful Acts against the Safety of Maritime Navigation
* 2005: International Convention for the Suppression of Acts of Nuclear Terrorism
* 2010: Protocol Supplementary to the Convention for the Suppression of Unlawful Seizure of Aircraft
* 2010: Convention on the Suppression of Unlawful Acts Relating to International Civil Aviation
*2014: Protocol to Amend the Convention on Offences and Certain Acts Committed on Board Aircraft
Motivations for cyberattacks
There are many different motives for cyberattacks, with the majority being for financial reasons. However, there is increasing evidence that hackers are becoming more politically motivated. Cyberterrorists are aware that governments are reliant on the internet and have exploited this as a result. For example, Mohammad Bin Ahmad As-Sālim's piece "39 Ways to Serve and Participate in Jihad" discusses how an electronic jihad could disrupt the West through targeted hacks of American websites, and other resources seen as anti-Jihad, modernist, or secular in orientation (Denning, 2010; Leyden, 2007).
Many of the cyberattacks are not conducted for money, rather the cyberattacks are conducted due to different ideological beliefs and due to wanting to get personal revenge and outrage towards company or individual, the cybercriminal is attacking. An employee might want to get revenge on a company if they were mistreated or wrongfully terminated.
Other motivations for cybercriminals include:
* Political goals
* Competition between companies
* Cyberwarfare between two countries
* Money
Political goals motivate cyber-attackers because they are not happy with candidates and they might want certain candidates to win the election, therefore, they might alter the election voting to help their preferred candidate win.
Competition between two companies can also stir up a cyberattack, as one company can hire a hacker to conduct the attack on a company as they might want to test the rival company's security. This will also benefit a company because it will force their competitor's customers to think that the company is not secure due to them getting cyber attacked effortlessly and they don't want any of their personal credentials getting leaked.
Cyberwarfare is motivation for countries that are fighting each other. This is mainly used to weaken the opposing country by compromising its core systems and the countries data and other vulnerable information.
Money is motivating for cyber attacks for ransomware, phishing, and data theft as the cyber criminals can differently contact the victims and ask for money and in return the data stays safe.
International Institutions
The United Nations has several agencies that seek to address in cyberterrorism, including,
the United Nations Office of Counter-Terrorism,
the United Nations Office on Drugs and Crime,
the United Nations Office for Disarmament Affairs,
the United Nations Institute for Disarmament Research,
the United Nations Interregional Crime and Justice Research Institute, and the
International Telecommunication Union
The International Telecommunication Union is a specialized agency of the United Nations responsible for many matters related to information and communication technologies. It was established on 17 May 1865 as the International Telegraph Unio ...
. Both
EUROPOL and
INTERPOL
The International Criminal Police Organization (ICPO; french: link=no, Organisation internationale de police criminelle), commonly known as Interpol ( , ), is an international organization that facilitates worldwide police cooperation and cri ...
also notably specialize on the subject.
Both Europol and Interpol specialize in operations against cyberterrorism as they both collaborate on different operations together and host a yearly joint cybercrime conference. While they both fight against cybercrime, both institutions operate differently. Europol sets up and coordinates cross-border operations against cybercriminals in the EU, while Interpol helps law enforcement and coordinates operations against cyber criminals globally.
Estonia and NATO
The Baltic state of Estonia was the target of a massive
denial-of-service
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host conne ...
attack that ultimately rendered the country offline and shut out from services dependent on Internet connectivity in April 2007. The infrastructure of Estonia including everything from online banking and mobile phone networks to government services and access to health care information was disabled for a time. The tech-dependent state experienced severe turmoil and there was a great deal of concern over the nature and intent of the attack.
The cyber attack was a result of an Estonian-Russian dispute over the removal of a bronze statue depicting a World War II-era Soviet soldier from the center of the capital, Tallinn.
In the midst of the armed conflict with Russia, Georgia likewise was subject to sustained and coordinated attacks on its electronic infrastructure in August 2008. In both of these cases, circumstantial evidence point to coordinated Russian attacks, but attribution of the attacks is difficult; though both the countries blame Moscow for contributing to the cyber attacks, proof establishing legal culpability is lacking.
Estonia joined NATO in 2004, which prompted NATO to carefully monitor its member states' response to the attack. NATO also feared escalation and the possibility of cascading effects beyond Estonia's border to other NATO members. In 2008, directly as a result of the attacks, NATO opened a new center of excellence on cyberdefense to conduct research and training on cyber warfare in Tallinn.
The chaos resulting from the attacks in Estonia illustrated to the world the dependence countries had on information technology. This dependence then makes countries vulnerable to future cyber attacks and terrorism.
Quick information on the cyber attack on Estonia and its effects on the country.
* Online services of Estoninan banks and government services were taken down by uncontrollable high level of internet traffic
* Media outlets were also down and so broadcasters could not deliver the news of the cyber attacks
* Some of the services were under attack for 22 days, while other online services were taken down completely
* Riots and Looting went on for 48 hours in Tallinn, Estonia
* The cyber attack served as a wake up call to Estonia and for the entire world on the importance of cyber defence.
As cyberattacks continue to increase around the world, countries still look at the attacks on Estonia in the 2007 as an example of how countries can fight future cyberattacks and terrorism. As a result of the attacks, Estonia is now is currently one of the top countries in cyber defence and online safety and its capital city of Tallinn is home to NATO’s cyber defense hub. The government of Estonia continues to update there cyber defence protocols and national cybersecurity strategies. NATO’s Coopeative Cyber Defence Centre in Tallinn also conducts research and training on cyber security to not just help Estonia but other countries that are in the alliance.
China
The Chinese Defense Ministry confirmed the existence of an online defense unit in May 2011. Composed of about thirty elite internet specialists, the so-called "Cyber Blue Team", or "Blue Army", is officially claimed to be engaged in cyber-defense operations, though there are fears the unit has been used to penetrate secure online systems of foreign governments. China's leaders have invested in its foundations of cyber defense and quantum computing and artificial intelligence. 39 Chinese soldiers were chosen to strengthen China's cyber defenses. The reason given by Spokesman for the Ministry of National Defense, Geng Yansheng was that their internet protection was currently weak. Geng claimed that the program was only temporary to help improve cyber defenses.
India
To counter the cyber terrorists, also called "white-collar jihadis", the police in
India
India, officially the Republic of India (Hindi: ), is a country in South Asia. It is the seventh-largest country by area, the second-most populous country, and the most populous democracy in the world. Bounded by the Indian Ocean on the so ...
has registered private citizens as volunteers who patrol the internet and report the suspected cyber terrorists to the government. These volunteers are categorised in three categories, namely "Unlawful Content Flaggers", "Cyber Awareness Promoters" and "Cyber Experts". In August 2021, police arrested five suspected white-collar jihadis who were preparing a hit list of officers, journalists, social activists, lawyers and political functionaries to create fear among people. The white-collar jihadis are considered "worst kind of terrorists" as they remain anonymous and safe in other nations, but inflict "immeasurable" amount of damage and brainwashing.
[Jammu and Kashmir Police cracking down on ‘white-collar jihadis’]
The Tribune, 30 August 2021.
In India, the demand for cyber security professionals has increased over 100 per cent in 2021 and will rise 200 per cent by 2024.
Eighty two percent of companies in India had a ransomware attack in the year 2020. The cost it takes to recover from a ransomware attack in India has gone from $1.1 million in 2020 to $3.38 million in 2021. India is at the top of the list of 30 countries for ransomware attacks.
A cyber-attack took place on the electricity grid in Maharashtra that resulted in a power outage. This occurred in October 2020 and the authorities believe China was behind it.
Important information like dates of birth and full names were leaked for thousands of patients who were tested for COVID-19. This information was made accessible on Google and was leaked from government websites. The job portal IIMjobs was attacked and the information of 1.4 million people looking for jobs was leaked. The information leaked was quite extensive including the location of users and their names and phone numbers. The information for 500,000 Indian police personal was sold on a forum in February 2021. The information contained much personal information. The data was from a police exam taken in December 2019.
Korea
According to 2016 Deloitte Asia-Pacific Defense Outlook, South Korea's 'Cyber Risk Score' was 884 out of 1,000 and South Korea is found to be the most vulnerable country to cyber attacks in the Asia-Pacific region. Considering South Korea's high speed internet and cutting-edge technology, its cyber security infrastructure is relatively weak. The
2013 South Korea cyberattack significantly damaged the Korean economy. This attack wounded the systems of two banks and the computer networks of three TV broadcasters. The incident was a massive blow, and the attacker was never identified. It was theorized to be North Korea. The week before North Korea accused the United States and South Korea of shutting down their internet for two days. In 2017, a
ransomware attack harassed private companies and users, who experienced personal information leakage. Additionally, there were North Korea's cyber attacks which risked national security of South Korea.
In response to this, South Korean government's countermeasure is to protect the information security centres the National Intelligence Agency. Currently, 'cyber security' is one of the major goals of NIS Korea. Since 2013, South Korea had established policies related to National cyber security and trying to prevent cyber crises via sophisticated investigation on potential threats. Meanwhile, scholars emphasize on improving the national consciousness towards cyber attacks as South Korea had already entered the so-called 'hyper connected society'.
North Korea's cyberwarfare is incredibly efficient and the best of state-sponsored hackers. Those who are chosen to be hackers are selected when they are young and trained specifically in cyberwarfare. Hackers are trained to steal money from ATMs but not enough to be reported. North Korea is great at zero-day exploits. The country will hack anyone they chose to. They steal secrets from companies and government agencies and steal money from financial systems to fund their hacking operations.
Pakistan
Pakistan
Pakistan ( ur, ), officially the Islamic Republic of Pakistan ( ur, , label=none), is a country in South Asia. It is the world's List of countries and dependencies by population, fifth-most populous country, with a population of almost 24 ...
i Government has also taken steps to curb the menace of cyberterrorism and extremist propaganda
National Counter Terrorism Authority (Nacta)is working on joint programs with different NGOs and other cyber security organizations in Pakistan to combat this problem. Surf Safe Pakistan is one such example. Now people in Pakistan can report extremist and terrorist related content online on Surf Safe Pakistan portal. The National Counter Terrorism Authority (NACTA) provides the Federal Government's leadership for the Surf Safe Campaign.
Ukraine
A series of
powerful cyber attacks began 27 June 2017, that swamped websites of Ukrainian organizations, including banks, ministries, newspapers and electricity firms.
USA
The
US Department of Defense
The United States Department of Defense (DoD, USDOD or DOD) is an executive branch department of the federal government charged with coordinating and supervising all agencies and functions of the government directly related to national secu ...
(DoD) charged the
United States Strategic Command
United States Strategic Command (USSTRATCOM) is one of the eleven unified combatant commands in the United States Department of Defense. Headquartered at Offutt Air Force Base, Nebraska, USSTRATCOM is responsible for Strategic_nuclear_weapon, ...
with the duty of combating cyberterrorism. This is accomplished through the
Joint Task Force-Global Network Operations
A joint or articulation (or articular surface) is the connection made between bones, ossicles, or other hard structures in the body which link an animal's skeletal system into a functional whole.Saladin, Ken. Anatomy & Physiology. 7th ed. McGraw ...
, which is the operational component supporting
USSTRATCOM
United States Strategic Command (USSTRATCOM) is one of the eleven unified combatant commands in the United States Department of Defense. Headquartered at Offutt Air Force Base, Nebraska, USSTRATCOM is responsible for strategic nuclear deterr ...
in defense of the DoD's
Global Information Grid
The Global Information Grid (GIG) is a network of information transmission and processing maintained by the United States Department of Defense. More descriptively, it is a worldwide network of information transmission, of associated processes, a ...
. This is done by integrating
GNO capabilities into the operations of all DoD computers, networks, and systems used by DoD combatant commands, services and agencies.
On 2 November 2006, the Secretary of the Air Force announced the creation of the Air Force's newest
MAJCOM
This is a list of major commands (MAJCOM) of the United States Air Force.
A major command is a significant Air Force organization subordinate to Headquarters, US Air Force. Major commands have a headquarters staff and subordinate organizations, ty ...
, the
Air Force Cyber Command, which would be tasked to monitor and defend American interest in cyberspace. The plan was however replaced by the creation of
Twenty-Fourth Air Force
Twenty-Fourth Air Force / Air Forces Cyber (AFCYBER) was a Numbered Air Force within the United States Air Force. The Air Force consolidated its cyberspace combat and support forces into 24 AF. 24 AF was the Air Force component of U.S. Cyber Co ...
which became active in August 2009 and would be a component of the planned
United States Cyber Command
United States Cyber Command (USCYBERCOM) is one of the eleven unified combatant commands of the United States Department of Defense (DoD). It unifies the direction of cyberspace operations, strengthens DoD cyberspace capabilities, and integr ...
.
On 22 December 2009, the White House named its head of
computer security
Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, t ...
as
Howard Schmidt
Howard Anthony Schmidt (October 5, 1949 – March 2, 2017) was a partner with Tom Ridge in Ridge Schmidt Cyber LLC, a consultancy company in the field of cybersecurity. He was the Cyber-Security Coordinator of the Obama Administration, operating i ...
to coordinate U.S Government, military and intelligence efforts to repel hackers. He left the position in May 2012. Michael Daniel was appointed to the position of White House Coordinator of Cyber Security the same week and continues in the position during the second term of the Obama administration.
Obama signed an executive order to enable the US to impose sanctions on either individuals or entities that are suspected to be participating in cyber related acts. These acts were assessed to be possible threats to US national security, financial issues or foreign policy issues. U.S. authorities indicted a man over 92 cyberterrorism hacks attacks on computers used by the Department of Defense. A Nebraska-based consortium apprehended four million hacking attempts in the course of eight weeks. In 2011 cyberterrorism attacks grew 20%.
In May 2021, President Joe Biden announced an executive order aiming to improve America's cybersecurity. It came about after an increase in cybersecurity attacks aimed at the country's public and private sector. The plan aims to improve the government's cyberdefense by working on its ability to identify, deter, protect against, detect, and respond to attacks. The plan has 10 sections written into the document that include, to name a few, improving sharing of threat information, modernizing the government's cybersecurity, and establishing a Cybersecurity Review Board.
Examples
An operation can be done by anyone anywhere in the world, for it can be performed thousands of miles away from a target. An attack can cause serious damage to a critical infrastructure which may result in casualties.
Some attacks are conducted in furtherance of political and social objectives, as the following examples illustrate:
* In 1996, a computer hacker allegedly associated with the White Supremacist movement temporarily disabled a Massachusetts ISP and damaged part of the ISP's record keeping system. The ISP had attempted to stop the hacker from sending out worldwide racist messages under the ISP's name. The hacker signed off with the threat: "you have yet to see true electronic terrorism. This is a promise."
* In 1998, Spanish protesters bombarded the Institute for Global Communications (IGC) with thousands of bogus e-mail messages. E-mail was tied up and undeliverable to the ISP's users, and support lines were tied up with people who couldn't get their mail. The protestors also spammed IGC staff and member accounts, clogged their Web page with bogus credit card orders, and threatened to employ the same tactics against organizations using IGC services. They demanded that IGC stop hosting the Web site for the Euskal Herria Journal, a New York-based publication supporting Basque independence. Protestors said IGC supported terrorism because a section on the Web pages contained materials on the terrorist group
ETA
Eta (uppercase , lowercase ; grc, ἦτα ''ē̂ta'' or ell, ήτα ''ita'' ) is the seventh letter of the Greek alphabet, representing the close front unrounded vowel . Originally denoting the voiceless glottal fricative in most dialects, ...
, which claimed responsibility for assassinations of Spanish political and security officials, and attacks on military installations. IGC finally relented and pulled the site because of the "mail bombings".
* In 1998, ethnic
Tamil guerrillas attempted to disrupt
Sri Lanka
Sri Lanka (, ; si, ශ්රී ලංකා, Śrī Laṅkā, translit-std=ISO (); ta, இலங்கை, Ilaṅkai, translit-std=ISO ()), formerly known as Ceylon and officially the Democratic Socialist Republic of Sri Lanka, is an ...
n embassies by sending large volumes of e-mail. The embassies received 800 e-mails a day over a two-week period. The messages read "We are the Internet Black Tigers and we're doing this to disrupt your communications." Intelligence authorities characterized it as the first known attack by terrorists against a country's computer systems.
* During the
Kosovo
Kosovo ( sq, Kosova or ; sr-Cyrl, Косово ), officially the Republic of Kosovo ( sq, Republika e Kosovës, links=no; sr, Република Косово, Republika Kosovo, links=no), is a partially recognised state in Southeast Euro ...
conflict in 1999,
NATO
The North Atlantic Treaty Organization (NATO, ; french: Organisation du traité de l'Atlantique nord, ), also called the North Atlantic Alliance, is an intergovernmental military alliance between 30 member states – 28 European and two No ...
computers were blasted with e-mail bombs and hit with denial-of-service attacks by hacktivists protesting the NATO bombings. In addition, businesses, public organizations and academic institutes received highly politicized virus-laden e-mails from a range of Eastern European countries, according to reports. Web defacements were also common. After the Chinese Embassy was accidentally bombed in Belgrade,
Chinese
Chinese can refer to:
* Something related to China
* Chinese people, people of Chinese nationality, citizenship, and/or ethnicity
**''Zhonghua minzu'', the supra-ethnic concept of the Chinese nation
** List of ethnic groups in China, people of ...
hacktivists posted messages such as "We won't stop attacking until the war stops!" on U.S. government Web sites.
* Since December 1997, the Electronic Disturbance Theater (EDT) has been conducting Web sit-ins against various sites in support of the
Mexican Zapatistas
Zapatista(s) may refer to:
* Liberation Army of the South
The Liberation Army of the South ( es, Ejército Libertador del Sur, ELS) was a guerrilla force led for most of its existence by Emiliano Zapata that took part in the Mexican Revolut ...
. At a designated time, thousands of protestors point their browsers to a target site using software that floods the target with rapid and repeated download requests. EDT's software has also been used by animal rights groups against organizations said to abuse animals. Electrohippies, another group of hacktivists, conducted Web sit-ins against the WTO when they met in Seattle in late 1999. These sit-ins all require mass participation to have much effect, and thus are more suited to use by activists than by terrorists.
* In 2000, a
Japan
Japan ( ja, 日本, or , and formally , ''Nihonkoku'') is an island country in East Asia. It is situated in the northwest Pacific Ocean, and is bordered on the west by the Sea of Japan, while extending from the Sea of Okhotsk in the north ...
ese investigation revealed that the government was using software developed by computer companies affiliated with
Aum Shinrikyo
, formerly , is a Japanese doomsday cult founded by Shoko Asahara in 1987. It carried out the deadly Tokyo subway sarin attack in 1995 and was found to have been responsible for the Matsumoto sarin attack the previous year.
The group says ...
, the doomsday sect responsible for the sarin gas attack on the Tokyo subway system in 1995. "The government found 100 types of software programs used by at least 10 Japanese government agencies, including the Defense Ministry, and more than 80 major Japanese companies, including Nippon Telegraph and Telephone." Following the discovery, the Japanese government suspended use of Aum-developed programs out of concern that Aum-related companies may have compromised security by breaching firewalls. gaining access to sensitive systems or information, allowing invasion by outsiders, planting viruses that could be set off later, or planting malicious code that could cripple computer systems and key data system.
* In March 2013, ''The New York Times'' reported on a pattern of cyber attacks against U.S. financial institutions believed to be instigated by
Iran
Iran, officially the Islamic Republic of Iran, and also called Persia, is a country located in Western Asia. It is bordered by Iraq and Turkey to the west, by Azerbaijan and Armenia to the northwest, by the Caspian Sea and Turkmeni ...
as well as incidents affecting South Korean financial institutions that originate with the North Korean government.
* In August 2013, media companies including ''The New York Times'',
Twitter
Twitter is an online social media and social networking service owned and operated by American company Twitter, Inc., on which users post and interact with 280-character-long messages known as "tweets". Registered users can post, like, and ...
and the
Huffington Post
''HuffPost'' (formerly ''The Huffington Post'' until 2017 and sometimes abbreviated ''HuffPo'') is an American progressive news website, with localized and international editions. The site offers news, satire, blogs, and original content, and ...
lost control of some of their websites after hackers supporting the
Syria
Syria ( ar, سُورِيَا or سُورِيَة, translit=Sūriyā), officially the Syrian Arab Republic ( ar, الجمهورية العربية السورية, al-Jumhūrīyah al-ʻArabīyah as-Sūrīyah), is a Western Asian country loc ...
n government breached the Australian Internet company that manages many major site addresses. The Syrian Electronic Army, a hacker group that has previously attacked media organisations that it considers hostile to the regime of Syrian president Bashar al-Assad, claimed credit for the Twitter and Huffington Post hacks in a series of Twitter messages. Electronic records showed that NYTimes.com, the only site with an hours-long outage, redirected visitors to a server controlled by the Syrian group before it went dark.
* Pakistani Cyber Army is the name taken by a group of
hackers
A hacker is a person skilled in information technology who uses their technical knowledge to achieve a goal or overcome an obstacle, within a computerized system by non-standard means. Though the term ''hacker'' has become associated in popu ...
who are known for their defacement of websites, particularly
India
India, officially the Republic of India (Hindi: ), is a country in South Asia. It is the seventh-largest country by area, the second-most populous country, and the most populous democracy in the world. Bounded by the Indian Ocean on the so ...
n,
Chinese
Chinese can refer to:
* Something related to China
* Chinese people, people of Chinese nationality, citizenship, and/or ethnicity
**''Zhonghua minzu'', the supra-ethnic concept of the Chinese nation
** List of ethnic groups in China, people of ...
, and
Israel
Israel (; he, יִשְׂרָאֵל, ; ar, إِسْرَائِيل, ), officially the State of Israel ( he, מְדִינַת יִשְׂרָאֵל, label=none, translit=Medīnat Yīsrāʾēl; ), is a country in Western Asia. It is situated ...
i companies and governmental organizations, claiming to represent
Pakistani nationalist
Pakistani nationalism refers to the political, cultural, linguistic, historical, ommonlyreligious and geographical expression of patriotism by the people of Pakistan, of pride in the history, heritage and identity of Pakistan, and visions ...
and
Islam
Islam (; ar, ۘالِإسلَام, , ) is an Abrahamic religions, Abrahamic Monotheism#Islam, monotheistic religion centred primarily around the Quran, a religious text considered by Muslims to be the direct word of God in Islam, God (or ...
ic interests. The group is thought to have been active since at least 2008, and maintains an active presence on social media, especially Facebook. Its members have claimed responsibility for the hijacking of websites belonging to
Acer,
BSNL, India's
CBI,
Central Bank
A central bank, reserve bank, or monetary authority is an institution that manages the currency and monetary policy of a country or monetary union,
and oversees their commercial banking system. In contrast to a commercial bank, a central ba ...
, and the State Government of
Kerala
Kerala ( ; ) is a state on the Malabar Coast of India. It was formed on 1 November 1956, following the passage of the States Reorganisation Act, by combining Malayalam-speaking regions of the erstwhile regions of Cochin, Malabar, South ...
.
*British hacker
Kane Gamble
Kane or KANE may refer to:
Art, entertainment and media Fictional entities
*Kane (comics), the main character of the eponymous comic book series by Paul Grist
*Kane (Command & Conquer), Kane (''Command & Conquer''), character in the ''Command & Co ...
, sentenced to 2 years in youth detention, posed as
CIA
The Central Intelligence Agency (CIA ), known informally as the Agency and historically as the Company, is a civilian foreign intelligence service of the federal government of the United States, officially tasked with gathering, processing, ...
chief to access highly sensitive information. He also "cyber-terrorized" high-profile
U.S. intelligence
The United States of America (U.S.A. or USA), commonly known as the United States (U.S. or US) or America, is a country primarily located in North America. It consists of 50 states, a federal district, five major unincorporated territori ...
officials such as then CIA chief
John Brennan John Brennan may refer to:
Public officials
* Jack Brennan (born 1937), U.S. Marine officer and aide of Richard Nixon
* John Brennan (CIA officer) (born 1955), former CIA Director
* John P. Brennan (1864–1943), Democratic politician in the U. ...
or Director of National Intelligence
James Clapper
James Robert Clapper Jr. (born March 14, 1941) is a retired lieutenant general in the United States Air Force and former Director of National Intelligence. Clapper has held several key positions within the United States Intelligence Community. H ...
. The judge said Gamble engaged in "politically motivated cyber terrorism".
*In March 2021 hackers affiliated with Russia were reported to have targeted Lithuanian Officials and decision makers. The cyber-espionage group APT29 which is believed to have carried out the attacks utilized the country's own IT infrastructure against organizations involved in the development of a
COVID-19
Coronavirus disease 2019 (COVID-19) is a contagious disease caused by a virus, the severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2). The first known case was COVID-19 pandemic in Hubei, identified in Wuhan, China, in December ...
vaccine.
*On 21 March 2021, the CNA was attacked with a ransomware attack, which caused the company to have no control over its network. CNA Financial Corporation is one of the largest insurance companies based in the United States. It offers cyber insurance to its customers. This attack caused the organization to lose access to online services and business operations. Thus, the CNA had to pay 40 million dollars to regain control of its network. At first, the CNA decided to ignore the hackers by trying to solve the problem independently, but they could not find a way, so they surrendered money to the group within a week. The group responsible for this attack is called Evil Corp. They used a new type of malware called Phoenix CrytoLocker. The new malware encrypted 15,000 devices on the network and employees working remotely while logged into the company's VPN during the attack. The FBI strongly discourages companies from paying ransomware because it encourages more attacks in the future, and data might not get returned.
*On 7 May 2021, the Colonial Pipeline was hit with a cyberattack that disrupted oil distribution. The Colonial Pipeline is a pipeline that controls almost half (45%) of the oil that runs through the East Coast of the United States. This attack caused the company to turn off the pipeline, which it had never done before. Thus, many people panicked buying gasoline at gas stations, and the government thought this attack would quickly spread. Ultimately, the Colonial Pipeline paid nearly an amount of 5 million dollars worth of cryptocurrency. Even though the Colonial paid all the money, the system did not turn on as rapidly as it used to. The hacker accused of this attack is a group called DarkSide. The money that the Colonial paid went to DarkSide, but there are other entities involved as well. For now, DarkSide has decided to discontinue its operations.
*On 30 May 2021, JBS was exposed to a cyberattack of ransomware which delayed the plant's meat production. JBS is the world's largest meat producer that provides meat-related products for people. This attack caused the shutdown of all nine beef factories in the United States and disrupted poultry and pork production. In addition, labor had to be cut due to the closings of the factories, and the cost of meat increased due to no meat being produced. Ultimately, JBS had to pay 11 million dollars worth of cryptocurrency to regain control. A group called REvil was responsible for the attack. REvil is a group based in the country of Russia that is also one of the most productive ransomware organizations.
* In the summer of 2021, crimes committed in Cyprus, Israel and Lithuania were classified by experts as Internet terrorism. Anonymous persons informed law enforcement authorities through the internet about mined business centers and office buildings. Main target was the gambling company Affise. According to Ambassador John R. Bolton, these occurrences are vivid examples of Internet terrorism. Amb. Bolton believes that they are consequences of financial conflict stirred among the owners of Affise, PlayCash and "CyberEye-25" group. According to the expert, all three companies gain illicit income associated with criminal activities on the Internet.
*In early December 2021 it was reported least nine U.S State Department had their phones hacked by an unknown attacker. All nine employees had Apple Iphones. The hack, which took place over several months, was done through the use of iMessages that had a software attached that when sent, without needing to be interacted with, installed spyware known as Pegasus. The software used was developed and sold by an Israel-based spyware development company named
NSO Group
NSO Group Technologies (NSO standing for Niv, Shalev and Omri, the names of the company's founders) is an Israeli cyber-intelligence firm primarily known for its proprietary spyware Pegasus, which is capable of remote zero-click surveillance ...
.
*In December 2021 at least five US defense and tech firms have been hacked by a group operating from China. The group took advantage of an exploit used in these organization's software to conduct their campaign which came to light in upcoming months. The target of these breaches were passwords as well as having the goal of intercepting private communications. As of right now the extent of the damage is unclear as the breaches are ongoing.
* As a response to the
2022 Russian invasion of Ukraine
On 24 February 2022, in a major escalation of the Russo-Ukrainian War, which began in 2014. The invasion has resulted in tens of thousands of deaths on both sides. It has caused Europe's largest refugee crisis since World War II. An ...
,
Anonymous performed many attacks against computer systems in
Russia
Russia (, , ), or the Russian Federation, is a List of transcontinental countries, transcontinental country spanning Eastern Europe and North Asia, Northern Asia. It is the List of countries and dependencies by area, largest country in the ...
. Most notably, Anonymous committed a cyberattack against
Roskomnadzor
The Federal Service for Supervision of Communications, Information Technology and Mass Media, abbreviated as ''Roskomnadzor'' (RKN) (russian: Роскомнадзор КН, is the Russian federal executive agency responsible for monitoring, co ...
in March 2022.
Sabotage
Non-political acts of
sabotage
Sabotage is a deliberate action aimed at weakening a polity, effort, or organization through subversion, obstruction, disruption, or destruction. One who engages in sabotage is a ''saboteur''. Saboteurs typically try to conceal their identitie ...
have caused financial and other damage. In 2000, disgruntled employee Vitek Boden caused the release of 800,000 litres of untreated sewage into waterways in
Maroochy Shire
The Shire of Maroochy was a local government area about north of Brisbane in the Sunshine Coast region of South East Queensland, Australia. The shire covered an area of , and existed as a local government entity from 1890 until 2008, when it ...
, Australia.
More recently, in May 2007
Estonia
Estonia, formally the Republic of Estonia, is a country by the Baltic Sea in Northern Europe. It is bordered to the north by the Gulf of Finland across from Finland, to the west by the sea across from Sweden, to the south by Latvia, a ...
was subjected to a mass cyber-attack in the wake of the removal of a Russian World War II war memorial from downtown Tallinn. The attack was a distributed
denial-of-service attack
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host conn ...
in which selected sites were bombarded with traffic to force them offline; nearly all Estonian government ministry networks as well as two major Estonian bank networks were knocked offline; in addition, the political party website of Estonia's Prime Minister Andrus Ansip featured a counterfeit letter of apology from Ansip for removing the memorial statue. Despite speculation that the attack had been coordinated by the Russian government, Estonia's defense minister admitted he had no conclusive evidence linking cyber attacks to Russian authorities. Russia called accusations of its involvement "unfounded", and neither
NATO
The North Atlantic Treaty Organization (NATO, ; french: Organisation du traité de l'Atlantique nord, ), also called the North Atlantic Alliance, is an intergovernmental military alliance between 30 member states – 28 European and two No ...
nor
European Commission
The European Commission (EC) is the executive of the European Union (EU). It operates as a cabinet government, with 27 members of the Commission (informally known as "Commissioners") headed by a President. It includes an administrative body o ...
experts were able to find any conclusive proof of official Russian government participation. In January 2008 a man from Estonia was convicted for launching the attacks against the
Estonian Reform Party website and fined.
During the
Russia-Georgia War
The 2008 Russo-Georgian WarThe war is known by a variety of other names, including Five-Day War, August War and Russian invasion of Georgia. was a war between Georgia, on one side, and Russia and the Russian-backed self-proclaimed republics of Sou ...
, on 5 August 2008, three days before Georgia launched its invasion of South Ossetia, the websites for
OSInform News Agency and
OSRadio were hacked. The OSinform website at osinform.ru kept its header and logo, but its content was replaced by a feed to the
Alania TV website content. Alania TV, a Georgian government-supported television station aimed at audiences in South Ossetia, denied any involvement in the hacking of the websites.
Dmitry Medoyev
Dmitry Nikolayevich Medoyev (russian: Дмитрий Николаевич Медоев), born 15 May 1960, is the former foreign minister of South Ossetia. Previously, he was the Ambassador of South Ossetia to the Russian Federation. Previous to ...
, at the time the South Ossetian
envoy
Envoy or Envoys may refer to:
Diplomacy
* Diplomacy, in general
* Envoy (title)
* Special envoy, a type of diplomatic rank
Brands
*Airspeed Envoy, a 1930s British light transport aircraft
*Envoy (automobile), an automobile brand used to sell Br ...
to
Moscow
Moscow ( , US chiefly ; rus, links=no, Москва, r=Moskva, p=mɐskˈva, a=Москва.ogg) is the capital and largest city of Russia. The city stands on the Moskva River in Central Russia, with a population estimated at 13.0 million ...
, claimed that Georgia was attempting to cover up information on events which occurred in the lead-up to the war.
One such cyber attack caused the
Parliament of Georgia
The Parliament of Georgia ( ka, საქართველოს პარლამენტი, tr) is the supreme national legislature of Georgia. It is a unicameral parliament, currently consisting of 150 members; of these, 120 are proportio ...
and
Georgian Ministry of Foreign Affairs websites to be replaced by images comparing Georgian president
Mikheil Saakashvili
Mikheil Saakashvili ( ka, მიხეილ სააკაშვილი ; uk, Міхеіл Саакашвілі ; born 21 December 1967) is a Georgian and Ukrainian politician and jurist. to
Adolf Hitler
Adolf Hitler (; 20 April 188930 April 1945) was an Austrian-born German politician who was dictator of Nazi Germany, Germany from 1933 until Death of Adolf Hitler, his death in 1945. Adolf Hitler's rise to power, He rose to power as the le ...
.
Other attacks involved
denials of service to numerous Georgian and Azerbaijani websites,
such as when Russian hackers allegedly disabled the servers of the Azerbaijani Day.Az news agency.
[ Today.az (11 August 2008)]
Russian intelligence services undertook large scale attack against Day.Az server
/ref>
In June 2019, Russia
Russia (, , ), or the Russian Federation, is a List of transcontinental countries, transcontinental country spanning Eastern Europe and North Asia, Northern Asia. It is the List of countries and dependencies by area, largest country in the ...
has conceded that it is "possible" its electrical grid is under cyber-attack by the United States
The United States of America (U.S.A. or USA), commonly known as the United States (U.S. or US) or America, is a country primarily located in North America. It consists of 50 states, a federal district, five major unincorporated territorie ...
. The ''New York Times'' reported that American hackers from the United States Cyber Command
United States Cyber Command (USCYBERCOM) is one of the eleven unified combatant commands of the United States Department of Defense (DoD). It unifies the direction of cyberspace operations, strengthens DoD cyberspace capabilities, and integr ...
planted malware potentially capable of disrupting the Russian electrical grid.
Website defacement and denial of service
Even more recently, in October 2007, the website of Ukrainian president Viktor Yushchenko
Viktor Andriyovych Yushchenko ( uk, Віктор Андрійович Ющенко, ; born 23 February 1954) is a Ukrainian politician who was the third president of Ukraine from 23 January 2005 to 25 February 2010.
As an informal leader of th ...
was attacked by hackers. A radical Russian nationalist youth group, the Eurasian Youth Movement, claimed responsibility.
In 1999 hackers attacked NATO
The North Atlantic Treaty Organization (NATO, ; french: Organisation du traité de l'Atlantique nord, ), also called the North Atlantic Alliance, is an intergovernmental military alliance between 30 member states – 28 European and two No ...
computers. The computers flooded them with email and hit them with a denial-of-service attack
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host conn ...
. The hackers were protesting against the NATO bombings of the Chinese embassy in Belgrade. Businesses, public organizations and academic institutions were bombarded with highly politicized emails containing viruses from other European countries.
In December 2018, Twitter
Twitter is an online social media and social networking service owned and operated by American company Twitter, Inc., on which users post and interact with 280-character-long messages known as "tweets". Registered users can post, like, and ...
warned of "unusual activity" from China
China, officially the People's Republic of China (PRC), is a country in East Asia. It is the world's most populous country, with a population exceeding 1.4 billion, slightly ahead of India. China spans the equivalent of five time zones and ...
and Saudi Arabia
Saudi Arabia, officially the Kingdom of Saudi Arabia (KSA), is a country in Western Asia. It covers the bulk of the Arabian Peninsula, and has a land area of about , making it the fifth-largest country in Asia, the second-largest in the A ...
. A bug was detected in November that could have revealed the country code of users' phone numbers. Twitter said the bug could have had ties to "state-sponsored actors".
In May 2021 successive waves of DDOS attacks aimed at Belnet
Belnet (the Belgian National research and education network) is a Belgian internet provider for educational institutions, research centres, scientific institutes and government services. Since 1993, BELNET provides web services to higher educati ...
, Belgium's public sector ISP, took down multiple government sites in Belgium. 200 sites were affected leaving public offices, universities, and research centers unable to access the internet fully or partially.
In fiction
* The Japanese
Japanese may refer to:
* Something from or related to Japan, an island country in East Asia
* Japanese language, spoken mainly in Japan
* Japanese people, the ethnic group that identifies with Japan through ancestry or culture
** Japanese diaspor ...
cyberpunk
Cyberpunk is a subgenre of science fiction in a dystopian futuristic setting that tends to focus on a "combination of lowlife and high tech", featuring futuristic technological and scientific achievements, such as artificial intelligence and cyber ...
manga
Manga (Japanese: 漫画 ) are comics or graphic novels originating from Japan. Most manga conform to a style developed in Japan in the late 19th century, and the form has a long prehistory in earlier Japanese art. The term ''manga'' is u ...
, ''Ghost in the Shell
''Ghost in the Shell'' is a Japanese cyberpunk media franchise based on the seinen manga series of the same name written and illustrated by Masamune Shirow. The manga, first serialized in 1989 under the subtitle of ''The Ghost in the Shell'' ...
'' (as well as its popular movie and TV adaptations) centers around an anti-cyberterrorism and cybercrime
A cybercrime is a crime that involves a computer or a computer network.Moore, R. (2005) "Cyber crime: Investigating High-Technology Computer Crime," Cleveland, Mississippi: Anderson Publishing. The computer may have been used in committing th ...
unit. In its mid-21st century Japan setting such attacks are made all the more threatening by an even more widespread use of technology including cybernetic enhancements to the human body allowing people themselves to be direct targets of cyberterrorist attacks.
* In the movie ''Live Free or Die Hard
''Live Free or Die Hard'' (released as ''Die Hard 4.0'' outside North America) is a 2007 American action-thriller film directed by Len Wiseman, and serves as the fourth installment in the ''Die Hard'' film series. It is based on the 1997 arti ...
'', John McClane
John McClane is a fictional character and main protagonist of the ''Die Hard'' film series, based on Joe Leland from Roderick Thorp's action novel, '' Nothing Lasts Forever''. McClane was portrayed in all five films by actor Bruce Willis, and ...
(Bruce Willis
Walter Bruce Willis (born March 19, 1955) is a retired American actor. He achieved fame with a leading role on the comedy-drama series ''Moonlighting'' (1985–1989) and appeared in over a hundred films, gaining recognition as an action hero a ...
) takes on a group of cyberterrorists intent on shutting down the entire computer network of the United States.
* The movie ''Eagle Eye
''Eagle Eye'' is a 2008 American action-thriller film directed by D. J. Caruso and with a screenplay by John Glenn, Travis Adam Wright, Hillary Seitz and Dan McDermott from a story by McDermott. The film stars Shia LaBeouf, Michelle Monaghan ...
'' involves a super computer controlling everything electrical and networked to accomplish the goal.
* The plots of '' 24'' Day 4 and Day 7 include plans to breach the nation's nuclear plant grid and then to seize control of the entire critical infrastructure protocol.
* The Tom Clancy created series Netforce was about an FBI/Military team dedicated to combating cyberterrorists.
* Much of the plot of ''Mega Man Battle Network
is a tactical role-playing video game series created by Masahiro Yasuma and developed and published by Capcom as a spin-off of the ''Mega Man'' series; it premiered in 2001 on the Game Boy Advance and takes place in an alternate continuity wh ...
'' is centered around cyberterrorism.
* In the 2009 Japanese animated film '' Summer Wars'', an artificial intelligence cyber-terrorist attempts to take control over the world's missiles in order to "win" against the main characters that attempted to keep it from manipulating the world's electronic devices.
* In the 2012 film Skyfall
''Skyfall'' is a 2012 spy film and the twenty-third in the ''James Bond'' series produced by Eon Productions. The film is the third to star Daniel Craig as fictional MI6 agent James Bond and features Javier Bardem as Raoul Silva, the vill ...
, part of the James Bond
The ''James Bond'' series focuses on a fictional British Secret Service agent created in 1953 by writer Ian Fleming, who featured him in twelve novels and two short-story collections. Since Fleming's death in 1964, eight other authors have ...
franchise, main villain Raoul Silva (Javier Bardem
Javier Ángel Encinas Bardem (; born 1 March 1969) is a Spanish actor. Known for his roles in blockbusters and foreign films, he won the Academy Award for Best Supporting Actor for his performance as the psychopathic assassin Anton Chigurh in ...
) is an expert cyberterrorist who is responsible for various cyberterrorist incidents in the past.
* Cyberterrorism plays a role in the 2012 video game '' Call of Duty: Black Ops II'', first when main antagonist Raul Menendez cripples the Chinese economy with a cyberattack and frames the United States for it, starting a new Cold War between the two powers. Later, another cyberattack with a computer worm leads to Menendez seizing control of the entire U.S drone fleet. Finally, one of the game's endings leads to another attack similar to the latter, this time crippling the U.S' electrical and water distribution grids. An alternate ending depicts the cyberattack failing after it is stopped by one of the game's characters pivotal to the storyline.
* The plot of the 2014 video game ''Watch Dogs
''Watch Dogs'' (stylized as ''WATCH_DOGS'') is an action-adventure video game franchise published by Ubisoft, and developed primarily by its Montreal and Toronto studios using the Disrupt game engine. The series' eponymous first title was rel ...
'' is heavily influenced by cyber-terrorism. In which players take control of the game's protagonist, Aiden Pierce, an accused murder suspect, who hacks into a ctOS (Central Operating System), giving him complete control of Chicago
(''City in a Garden''); I Will
, image_map =
, map_caption = Interactive Map of Chicago
, coordinates =
, coordinates_footnotes =
, subdivision_type = Country
, subdivision_name ...
's mainframe in order to hunt down his accusers.
* The video game ''Metal Slug 4
is a run and gun video game for the Neo-Geo console/arcade platform created by Mega Enterprise along with Noise Factory. It was released in 2002 for the Neo-Geo MVS arcade platform, and is the fourth game in the ''Metal Slug'' series. Two y ...
'' focuses on Marco and Fio, joined by newcomers Nadia and Trevor, to battle a terrorist organization known as Amadeus that is threatening the world with a computer virus.
* The visual novel '' Baldr Force'' has the main character Tooru Souma joining a military organization to fight cyberterrorism to avenge the death of his friend.
*The Japanese manga and live action ''Bloody Monday
Bloody Monday was a series of riots on August 6, 1855, in Louisville, Kentucky, an election day, when Protestant mobs attacked Irish and German Catholic neighborhoods. These riots grew out of the bitter rivalry between the Democrats and the Nat ...
'' is highly influenced by hacking and cracking. The main character Takagi Fujimaru is a Super Elite hacker which use his hacking knowledge to fight against his enemies.
* In the television series ''Mr. Robot
''Mr. Robot'' is an American drama thriller television series created by Sam Esmail for USA Network. It stars Rami Malek as Elliot Alderson, a cybersecurity engineer and hacker with social anxiety disorder, clinical depression and dissociati ...
'', the main plot line follows groups of hackers who engage in cyber terrorism as well as other events.
See also
* 2007 cyberattacks on Estonia
* 2008 cyberattacks during South Ossetia war
* Anonymous (group)
Anonymous is a decentralized international Activism, activist and Hacktivism, hacktivist collective and Social movement, movement primarily known for its various cyberattacks against several governments, government institutions and Governm ...
* Computer crime
* Cyberwarfare
Cyberwarfare is the use of cyber attacks against an enemy state, causing comparable harm to actual warfare and/or disrupting vital computer systems. Some intended outcomes could be espionage, sabotage, propaganda, manipulation or economic war ...
* FBI Cyber Division
The Cyber Division (CyD) is a Federal Bureau of Investigation division which heads the national effort to investigate and prosecute internet crimes, including "cyber based terrorism, espionage, computer intrusions, and major cyber fraud." This d ...
* List of cyber warfare forces
Many countries around the world maintain military units that are specifically trained to operate in a cyberwarfare environment. In several cases this units acts also as the national computer emergency response team for civilian cybersecurity threa ...
* Patriotic hacking
* United States Computer Emergency Readiness Team
The United States Computer Emergency Readiness Team (US-CERT) is an organization within the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Specifically, US-CERT is a branch of the Office of ...
(US-CERT)
References
Further reading
*
*Bibi van Ginkel
"The Internet as Hiding Place of Jihadi Extremists" (International Centre for Counter-Terrorism – The Hague, 2012)
*
*
*
*
*
*
*
*
* U.S. Army Cyber Operations and Cyber Terrorism Handbook 1.02
*
*
* Rolón, Darío N., (2013
Control, vigilancia y respuesta penal en el ciberespacio
Latinamerican's new security thinking, Clacso.
*
* Record, Jeffery: Bounding the Global War on Terrorism, Strategic Studies Institute, US Army War College, Leavenworth, 2003
* Schmid, Alex and Jongmans, Albert et al.: Political Terrorism: A new guide to Action, Authors, Concepts, Data Bases, Theories and Literature, Transaction Books, New Brunswick, 1988
* COE DAT Cyber Terrorism Couse IV 9 Mar
* Hennessy, Joh L and others: Information Technology for Counterterrorism, National Academies Press,
Washington DC, 2003
* Hoffman, Bruce: Inside Terrorism, Columbia University Press, New York, 2006
* Laqueur, Walter: The New Terrorism: Fanaticism and the Arms of Mass Destruction, Oxford University
Press, New York, 1999
* Sageman, Marc: Understanding Terror Networks, Penn, Philadelphia, 2004
* Wilkinson, Paul: Terrorism Versus Democracy, Routledge, London, 2006
External links
General
CRS Report for Congress – Computer Attack and Cyber Terrorism
– 17/10/03
ABC Australia interview with Professor Hsinchun Chen
Hsinchun Chen is the Regents' Professor and Thomas R. Brown Chair of Management and Technology at the University of Arizona and the Director and founder of the Artificial Intelligence Lab (AI Lab). He also served as lead program director of the Sm ...
Department of Defense Cyber Crime Center
Global response to cyberterrorism and cybercrime: A matrix for international cooperation and vulnerability assessment
News
Cyber Security Task Force Takes 'Whole Government' Approach
FBI
The Federal Bureau of Investigation (FBI) is the domestic Intelligence agency, intelligence and Security agency, security service of the United States and its principal Federal law enforcement in the United States, federal law enforcement age ...
, 20 October 2014
BBC News – US warns of al-Qaeda cyber threat
– 01/12/06
BBC News – Cyber terrorism 'overhyped'
– 14/03/03
Calls for anti-cyber terrorism bill resurface in South Korea
– NK News
{{Doomsday
Cyberwarfare
Cybercrime
Terrorism by method
Cyberattacks