The use of computing resources to intimidate, coerce or harm people , places or systems we depend upon.
Amalgamation of Cyberspace and Terrorism.
Leveraging of a target's computers and information technology, particularly via the Internet, to cause physical, real-world harm or severe disruption with the aim of advancing the attacker's own political or religious goals.
DIFFERENCE B/W CYBER TERRORISM AND REAL WORLD, PHYSICAL TERRORISM
Why would a terrorist decide to use the Internet, rather than using the usual methods of assassination, hostage taking and guerrilla warfare?
Chances of capture, injury, or death to a cyber terrorist are less
Cyber terrorism is difficult to track
Easy to accomplish due to lack of understanding of security risks
But , in one of its more unusual forms, cyber-terrorism can be related with physical, real world terrorism.
Crackers -A cracker is someone who breaks into someone else's computer system, often on a network; bypasses passwords or licenses in computer programs; or in other ways intentionally breaches computer security.
White Hat Hackers – Hackers who break into computers. They have no right to access but they often report the security leaks to the victims.
Script bunnies - People who would like to be hackers but don’t have much technical expertise. They download click-and-point software that automatically does the hacking for them.
FACTORS CONTRIBUTING TO CYBER TERRORISM....
Dependence on Network Infrastructure and the Internet
Lack of Understanding of Security Risks
Lack of Funding for Adequate Network Security Tools
Minor attacks come in the form of " data diddling ", where information in the computer is changed. This may involve changing medical or financial records or stealing of passwords . Hackers may even prevent users who should have access from gaining access to the machine.
Ethical issues in this case include things like invasion of privacy and ownership conflicts .
Credit Card Number Theft
People are using credit cards for more and more of their purchases as time goes on.. Credit cards are especially easy to use fraudulently, because they require no extra identification number to use.
All that a thief needs is pure information-they don't need the card, but just the number on the card . Recently, with people spending more on purchases transacted over the internet, credit card fraud is becoming easier.
More than 40 million credit card numbers belonging to U.S. consumers were accessed by a computer hacker in the year 2005 according to MasterCard International Inc.
We are already well on the way to a cash-free society. People now use ATM cards, credit cards, and check-cards for a large percentage of their purchasing. As we move further from a paper-money society, to a purely electronic economy, new types of crime will emerge as accessing these is quite easier.
All we can be sure of, is that criminals of tomorrow, like those of last century and those of today, will keep on innovating.
This is because, as a system advances, so does the criminals .
Hacking is basically knowing programmable systems and how they work.
How can hacking be helpful ?
Some agencies hire hackers to show them the downfalls in their security system so they can improve it against hackers that want information or access into the computer for other reasons.
Hacking is a form of art for some people .
But generally , it is being used adversely.
One of the popular terror act is to threaten a large bank.
In 2001 , 12 billion dollars in losses due to security breaches, virus attacks and hacked network
The NIMDA virus alone accounted for 2 billion dollars in losses
The Mydoom virus sent 100 million infected e-mails in the first 36 hours, and accounted for roughly a quarter of global e-mail traffic on Jan. 26, 2004.
The pessimists claim that cyber attacks cost $10-$15 billion per year and would cost tens of billions more to fix, the optimists claim that all cyber crime over a five year period cumulatively cost only $1 billion and fixing the current vulnerabilities would only cost $4-$5 billion more.
As the Cyberspace continues to expand, and systems continue to be assigned more responsibility while becoming more and more complex and interdependent, sabotage or terrorism via cyberspace may become a more serious threat.
WHAT CAN WE DO?
Cooperate and share intelligence among all agencies.
The tools of a counter-Cyber Terrorist team must be real-time and dynamic, as the weapons will continually change.
Make building, network and desktop security a priority.
Report instances of cyber crime to local law enforcement agencies.
Use of secure entrances – card keys, biometric entry devices
Personnel should question why non-staff are in the building
Standard operating procedures in cases of dismissal or reprimand
Background checks on contracted service personnel looking for a past history of theft, drug use or sale, assault, computer crime
Desktop/Laptop Computer Security
Virus detection software that is regularly updated
Secure physical set-up that is not open to the public or unmonitored
Passworded screen savers
Require network logins if you are on a network
Standardize the desktop so as to limit what an end-user can and cannot do
The server should be kept in a locked and restricted area
Administrative passwords and equivalencies should be given to a minimal number of people
Administrative passwords should be changed regularly
Users should only be given access to file systems that they will actually need to use
Virus detection software that is regularly updated
Require logins and passwords
Users should be required to change passwords at least every 30 days
The passwords should be easy enough to remember and difficult enough to guess
Use of Firewalls and Routers
Standard Operating procedures when an employee leaves, is terminated or is given formal reprimands
Disable unused accounts
Require users to log-out and login each day
Encrypt all traffic over the LAN
Cyber forensics is a newly emerged and developing field, which can be described as the study of digital evidence resulting from an incident.
It involves collection and analysis of digital data within an investigative process. Cyber forensics involves the investigation and analysis of a computer to determine the potential of legal evidence
To prevent cyber stalking avoid disclosing any information pertaining to oneself. This is as good as disclosing your identity to strangers in public place.
Always avoid sending any photograph online particularly to strangers and chat friends as there have been incidents of misuse of the photographs.
Never send your credit card number to any site that is not secured, to guard against frauds.
Always keep a watch on the sites that your children are accessing to prevent any kind of harassment or depravation in children.
Use of firewalls may be beneficial.
DISASTER RECOVERY PLANS
Provide for Contingencies if Critical Systems and Networks are Unavailable or Damaged
Determine alternate ways of processing data
Determine dependencies between systems and equipment
Determine backup personnel
The plan should be current and known
SOME HACKING RESOURCES
BEST BOOKS :-
>Hacking exposed by Stuart McClure
>Unofficial guide to ethical hacking by Ankit Fadia
>Google Hacks by Calishain & Cornets
http://www.cybercrimelaw.org/index.cfm - Cybercrime Law
http://www.rbs2.com/ccrime.htm#anchor666666 - Computer Crimes, Ronald B. Standler