With so much attention being demanded by terrorism these days, it is a wonder that there have not been any real cases of Cyber Terrorism. Why is this? Should we be worried, or is it all under control?
What Cyber Terrorism Is and Is Not
According to the FBI, cyber terrorism is a premeditated and politically motivated attack against information, computer systems, computer programs and data that results in non-physical violence against noncombatant targets. Simply put, cyber terrorism means using the web to cause real world harm to a noncombatant target, advancing an individual or a group’s religious and political goals. This rules out cyber attacks that are not politically motivated (hacking), as well as any attacks on military targets, such as US Armed Forces computers (cyber warfare).
The threat to the general public and to government agencies lies in the fact that cyber terrorists possess the ability to shut down all of the major systems that we depend upon, including the water system and the banking system. The effects that an intrusion upon these systems would have on our nation as a whole are devastating, as they could potentially shut down the entire nation. Cyber terrorism may not pose an immediate physical threat to the population, but it certainly poses a threat to Internet users. That is why there are now many agencies, and homeland security degree programs working to make our Internet based systems terrorist-proof, and thus protect the entire world against a ruinous attack that could affect any country that shares an Internet connection.
Cyber Attacks In The Past
In 2004, a group of hackers in Romania gained access to the computers that control the life systems of a research station in the Antarctic. The culprits were stopped before any damage was done. Some argued that the incident should not be classified as cyber terrorism but as a cyber crime instead, since it was not politically motivated. The fact remains though that if it their mission had been accomplished, the lives of 58 people in the station would have been endangered.
Take the case of an Australian who hacked into the computerized waste management system of Maroochy Shire , Queensland just because his application to the agency was rejected. His action led to the spillage of millions of liters of raw sewage into the rivers, local parks and even the grounds of the Hyatt Regency hotel. The area’s creek water turned black and marine life died.
Those two cases may have been brought about by personal motives or by curiosity, but some believe that those are two perfect examples of what cyber terrorists can possibly do on a much larger scale.
The Present, and The Future
Compared to the other terrorism weapons, is the threat of cyber terrorism for real or is it just hyped and exaggerated? Since the 9/11 attacks in the United States , FBI warnings of potential terror attacks through the Internet spawned diverse reactions from different groups. Some believe that the threat is real and possible at any given moment, while some countered that it is not that easy, and is almost impossible with all of our security systems.
Should the threat of cyber terrorism be for real, what damage can it bring to humankind and how bad can it get?
The rippling effect of the 9/11 attacks has made US authorities take a look at a very basic and important need of their citizens: water. Representatives from the government’s water system had looked into the potential for a water based attack prior to 9/11, but their efforts and warnings remained unfunded and ignored until that terrible day.
Indianapolis Water Company’s Peter Beering stated in 2001 that water is the quintessential target in any armed conflict and proofs of this can be traced back in history through any of the great wars or civil conflicts. The Nazi’s for example, dumped sewage and dead animals in the wells of Kosovo making the water unusable.
So how can illegal cyber activities do the same thing? Water in the US is distributed and controlled using supervisory control and data acquisition or SCADA systems. According to studies, many of these systems are vulnerable to electronic attack. The good thing about it is that most of these systems are not directly connected to the Internet so the only real threat is internal, according to security experts.
Still, the reaction from the drinking water community led to greater federal and state support to heighten water system security. Just weeks after 9/11, the Drinking Water Security Task Force was created to look into system vulnerabilities and find ways to address them. One of the actions taken was vulnerability assessments or VAs on approximately 400 large systems, which cost the United States Environmental Protection Agency $53 million. Both the federal and state governments have spent millions not only in securing water facilities physically, but also from network attacks.
Cyber terrorism has also inspired a number of individuals and companies to create security measures to protect the water systems. High Tower , a California-based software company, came up with TowerView Security, which the company claims can analyze and immediately correlate electronic data from thousands of location points within a system. The product is said to allow officials to check trends at water facilities and to monitor any kind of system anomaly since data from different devices can be continuously displayed and updated on a 3D cyber grid.
Long before the phrase cyber terrorism was coined, banks and other wire dependent industries have been victims of system or network intrusions not only from world-class cyber criminals, but from amateurs and the curious as well. Sources from Great Britain say that between the years 1993 to 1995, cyber criminals have taken about 400 million pounds by threatening financial institutions, banks in particular. US businesses meanwhile lose $138 million every year from hackers according to the FBI.
Even some US security institutions have not been spared from illegal cyber activities. A survey revealed that the Pentagon’s systems have been accessed in excess of 250,000 times and only 150 illegal intrusions have been detected. In 1996, a Science Applications International Corporation survey also uncovered millions of losses from 40 major US corporations due to computer break-ins.
Such incidents were taken as consequences of the world’s dependency on convenience and technology, but since that fateful day in September of 2001, and other incidents that followed from other countries around the globe that claimed lives; people have looked into these with a different view. It would be a relief if the people behind such acts just take money for mere personal gratification, but the possibility of using those large amounts and information to back attacks against humanity posts fear and resentment from innocent people from all sides of the world. That is not to mention the potential for further stock market damage being done by all of the theft going on under the radar.
What It All Means
One question remains though. Does cyber terrorism really pose physical danger to anyone? Should we always be wary of losing our lives because of it?
Cyber terrorism threats to disable several major Internet systems are indeed real and have already been proven. But as for threats of network or system attacks that could lead to massive loss of lives, as far as the experts are concerned, that is still Hollywood material. This does not mean, however, that concerned authorities reject the possibility of physical danger due to electronic intrusions. US authorities even conducted an exercise to find out whether cyber terrorism threats to human lives are of immediate concern.
Called the digital Pearl Harbor , the U.S. Naval War College-sponsored exercise in July of 2002 had analysts acting as terrorists and simulated a large scale attack on infrastructures. The study found out that to do such offense in reality, a $200 million budget, five years of preparation and high level of intelligence are needed. It was also concluded that such an attack would not result in catastrophic events and deaths but can cripple communications in heavily populated areas.
Even with such reassurance, it is still quite hard to convince people from countries such as the US to have their reservations. It is already a known fact that it was very easy for four terrorists to use airplanes as weapons to claim the lives of 2, 948 people. Some say that terrorists would still prefer bombs to bytes. But according to Texas Representative Lamar Smith, a mouse can be just as dangerous as a bullet or a bomb.
One cannot help but wonder why even the world’s superpowers admit vulnerability to cyber attacks. Some incidents already occurred and were only publicized after 9/11, and some remains as threats that need further investigations. The only reality that even experts cannot dismiss and control is the fact that since 2001, people, especially those who are in countries fronting the war against terror, are still gripped with fear that anything associated with terrorism drives them to make negative and paranoid conclusions. While people seem to have moved on since the physical attacks, there is still a lingering worry about the possibility of an even greater attack made on the world market through the Internet.
The history of cyber terrorism has already been established as a way of stealing money and shutting down important national systems. Cyber terrorism is an even greater issue today as more and more corporations are running their businesses online, and more people are willing to share information over the Internet. The future or cyber terrorism is questionable as it will always be a threat, but since the 9/11 attacks, there are hundreds of new security companies working on making the Internet a safe way to conduct business without the threat of being intercepted by terrorists.
