Cyber Terrorism

Table of Contents

DECLARATION OF ORIGINAL WORK.

EXECUTIVE SUMMARY

TABLE OF CONTENTS

TABLE OF ILLUSTRATIONS

1 CYBER TERRORISM - FACT OR FANCY?

2 THE CURRENT UNDERSTANDING

3 SEMIOTICS OF CYBER TERRORISM
3.1 A SEMIOTIC DISCOURSE TO ANALYZING CYBER TERRORISM
Morphological
Empirical
Syntactical
Semantic
Pragmatics

4 AN ECONOMIC CONTEMPLATION OF CYBER TERRORISM
4.1 ECONOMIC CONSEQUENCES

5 A CYBERNETIC MODEL FOR PREVENTION
5.1 SYSTEM MODEL: TERROR PREVENTION

6 REFERENCES

Executive Summary

The dependency on Information Systems and Technology is a given fact of today’s world either in public or in business. But this dependency also creates vulnerabilities in form of new targets for particular groups instead of the supposed improvements of overall life quality. Cyber attacks therefore pose complex problems to national security and public policy as well as to the economy.

Cyber terrorism occurs in the virtual world of bits and is being seen as a convergence of terrorism and cyberspace. It can take place in simple structured styles up to complex coordinated ways of attacking and should be differentiated in conventional or unique manners of execution.

To provide a deeper understanding of the field of cyber terrorism it is investigated with the method of ‘semiotics’. This is be done through the Morphological, Empirical, Syntactical, Semantic and Pragmatic layer to be able to classify and categorize cyber terrorism on risk and the rate of impact.

The concluding part deals with the economic costs of cyber terrorism on the hand and provides a prevention model for terrorism on the other.

Economic costs do not only cover the direct costs involved for security there are as well opportunity cost involved which have to be taken into account. The loss of intellectual property, the lower productivity caused by cyber attacks and the hurt of third party liability are non monetary measures for the ladder.

The prevention model is based on the cybernetic approach to build up a system where the complex structure of ‘cause and affect’ of the anti terrorism variables is incorporated. The sensitivity of this tough system is shown on some particular elements. The model provides a network for the development of sustainable solutions to limit the overall economical costs of the fight against terrorism.

Economics for Managers - Christian Nitschke

Table of Illustrations

Illustration 1: The Semiotics of cyber terrorism

Illustration 2: System Model: Terror Prevention

1 Cyber Terrorism - fact or fancy?

Terrorism and especially cyber terrorism is a contemporary issue of today’s society. The government and business world as well as an increasing part of human beings is confronted with technology day for day.

The dependency on Information Systems and their underlying machinery becomes or has become a critical success factor in various parts of life. Militant actions are not primarily fights of human against human anymore, it is more about intelligence agencies - information about the behaviour of militant groups or changes of the infrastructure in a particular country is gathered by state organisations like the CIA or independent institutions like the World Bank permanently - and complex networked information systems which determine the current structure of conflict.

Cyber attacks, network security and information pose complex problems that reach into new areas for national security and public policy (Lewis, 2002). cyber terrorism is “the use of computer network tools to shut down critical national infrastructures (such as energy, transportation, government operations) or to coerce or intimidate a government or civilian population.” The premise of cyber terrorism is that as nations and critical infrastructure became more dependent on computer networks for their operation, new vulnerabilities are created - “a massive electronic Achilles' heel.” A hostile nation or group could exploit these vulnerabilities to penetrate a poorly secured computer network and disrupt or even shut down critical functions.

Much of the literature on cyber terrorism assumes that the vulnerability of computer networks and the vulnerability of critical infrastructures are the same, and that these vulnerabilities put national security at a significant risk. Given the newness of computer network technology and the rapidity with which it spread into economic activity, these assumptions are not surprising. A closer look at the relationships between computer networks and critical infrastructures, their vulnerability to attack, and the effect on national security, suggests that the assumption of vulnerability is wrong. A full reassessment is outside the scope of this paper, but a brief review suggests that while many computer networks remain very vulnerable to attack, few critical infrastructures are equally vulnerable.

A recently developed software by an PhD-student in the United States can explore the most vulnerable areas of the data network of a country. His study concentrates on the question at which points terrorists have to attack the data network to cause the maximum level of impact on government and businesses. The software does not concentrate on attacks in the virtual world instead it calculates the most “valuable” sections of the networks - the real infrastructure like fiber optic cables - to cause as much harm as possible. The interesting fact is that all information needed is available on the World Wide Web (Traufetter, 2003).

The investigation focuses on the societal and economical impacts of cyber terrorism. Despite that there are definitely diverse other factors which influence the genesis of this kind of action. cyber terrorism could be seen from a technological viewpoint which deals with the protection mechanisms like firewalls or from a motivational viewpoint which explores the rationales of Cyber terrorists.

The first part of the report will give actual definitions and understandings of cyber terrorism to start from the same base. The second part deals with a reflection in a semiotic way and considers economic of the discussed topic. Finally a preventive model for international terrorism is discussed.

2 The current understanding

The purists maintain the fact that unless a computer is used specifically as a tool, weapon or target involving a victim, it can not be considered as an instrument of terrorism. If you review the argument regarding firearms: “It is not the gun that kills people, it’s the people who use guns that kill people”. The sole consideration in cyber terrorism should be the intention of the actor, not their choice of weapon or method of conveyance (Desouza, 2003).

Gordon and Ford (2002: 636-647) give a definition of cyber terrorism based on the definition and attributes of Terrorism. They examine these factors in the context of a technological & computer minted environment and synthesize their findings to give a broad definition of the concept of “Pure-cyber terrorism”; that is, terrorism activities that are carried out entirely (or primarily) in the virtual world.

Denning (2000) states the following: “cyber terrorism is the convergence of terrorism and cyberspace. It is generally understood to mean unlawful attacks and threats of attacks against comp uters, networks, and the information stored therein when done to intimidate or coerce a government or its people in furtherance of political or social objectives. Further to qualify as cyber terrorism an attack should result in violence against person or property or at least cause enough harm to generate fear. … Serious attacks against critical infrastructures could be acts of cyber terrorism depending on their impact.”

The definition given by Denning leads to a separation of the word cyber terrorism to the two eleme nts: “cyberspace” and “terrorism”.

Another word for cyberspace is ‘virtual world’ which is defined as “symbolic - true, false, binary, metaphoric, representations of information - that place in which computer programmes function and data moves”. (Collin, 1996).

The FBI defines terrorism as the unlawful use of force or violence against persons or property to intimidate or coerce a government, the civilian population or any segment thereof, in furtherance of political or social objectives. (FBI, 2002)

These definitions combined gives that cyber terrorism is the premeditated, politically motivated attack against information, computer systems, computer programs, and data which result in violence against non-combatant targets by sub national groups or clandestine agents.

This definition is necessarily narrow to differentiate cyber terrorism from other kinds of computer abuse such as computer crime, economic espionage or information warfare.

A categorization of types of cyber terrorism developed by the Naval Postgraduate School can be done dependent on the underlying structure of the intended attacks. The first type is the “simple unstructured” representing the more rudimentary kinds of attacks against individual systems using easily accessible tools. The second one is “advanced structured” which is characterized by more sophisticated assault against multiple systems. The third class involves “complex coordinated” attacks that are capable of causing mass disruptions to multiple targets either concurrently or sequentially.

Another differentiation is to look at either “conventional” or “unique” attacks. Conventional attacks which normally occur overt involve disruption to information structures through use of viruses or denial of service (DOS). Unique attacks are a variant of cyber terrorism in which the use of legitimate electronic outlets to facilitate communication among terrorist groups is conducted.

3 Semiotics of Cyber Terrorism

Sanders Pierce (1839-1914), a mathematician and logician, founded semiotics as the "formal doctrine of signs". The field of semiotics, a problem-solving tool, provides a new approach to insights into the world of cyber terrorism. Cyber terrorism occurs in the symbolic world of binary digits - as mentioned above if the term cyberspace is used to explain one part of the word - and the domain of semiotics is adept at making sense of signs, their meanings and associations, and their evolution. The domain of semiotics can be divided into the study of the following: "syntactics," dealing with relationships or linkages between various components; "semantics," concerned with putting the relationships in context and perspective; and "pragmatics" that garners meaning and insight from relationships within the context of the first two sections.

illustration not visible in this excerpt

Illustration 1: The Semiotics of cyber terrorism

Source: Desouza, 2003

3.1 A semiotic discourse to analyzing cyber terrorism

A variant of the traditional semiotic ladder is used to segment threat phases into five levels - morphological, empirical, syntactical, semantic, and pragmatic. Using a semiotic discourse towards understanding cyber terrorism provides two valuable contributions. First, it has the ability to analyze a "level" of cyber-attack. This assists to classify and categorize activities based on risk, propensity of occurrence, and rate of damage or impact. Second, cyber terrorism acts emerge through semiotic levels. This is an important concept. Emergence can be defined as the attainment of "bottom-up order" (Desouza, 2003), i.e., rather than imposing top-down order on to a system; order emerges from the parts to make up the whole. It is not possible to prevent attacks of empirical or semantic natures without first curtailing issues at the morphological layer. The majority of the acts at the lower level of the semiotic discourse are centered on efficiency from swift and highly cost efficient attacks. Conversely, at the higher levels, effectiveness or severity of an attack is more critical because it entails the broader and widespread destruction of networks. Terrorist activities can be viewed as a natural progression. As we move through the semiotic layers, from the morphological to the pragmatic, the scope of terrorist activities increases because their sophistication and knowledge base, related to the system, must increase. We must therefore study not only activity involving cyber terrorism at the various semiotic levels, but also how these acts emerge and move across levels.

Morphological

The lowest level of the semiotic ladder is the morphological or physical layer, which is concerned with objects and agents, at a rudimentary stage. Each object is analyzed in isolation and an agent's activity and is considered in isolation. Cyber terrorism at the morphological level is restricted to individual acts executed by an agent. Typical concerns at this level involve the activities of crackers, or hacking agents that conduct malicious acts to attain self- fulfilling goals. For instance, a cracker might bring down a Website through detonation of denial of service attacks intended to prevent access to the site. Some ignore the threat of crackers in discussions about cyber terrorism but we argue that studying the behavior of crackers is relevant. Crackers have the ability to cause harm to organizations through their acts; analyzing their patterns of operations can provide insights into the weaknesses of systems and infrastructure. It is interesting that, once caught, crackers are often asked to provide companies with informatio n intended to better protect systems from assault.

[...]