Published on

Published in: Technology, News & Politics
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. Cyberterrorism Dr Ian Brown, OII
  2. 2. (with thanks to Lilian Edwards)
  3. 3. Outline Definitions - vandalism, crime, terrorism  and war  The insecurity of the Internet and how to fix it  The proportionality of state responses to terrorist Internet use
  4. 4. Cyber graffiti Tipping Point report  found that in 8 years to 2007, >100k domains defaced Sometimes politically  motivated - c.f. UN site 12/8/07: “HACKED BY KEREM125 M0STED AND GSY THAT IS CYBERPROTEST HEY ]SRAIL AND USA DONT KILL CHILDREN AND OTHER PEOPLE PEACE FOR EVER NO WAR”
  5. 5. Cyber fraud Phishing (Symantec found 166,248  unique messages 2H 2006)  Denial of Service extortion (Symantec found 6m bots 2H 2006)  The organised criminal economy (custom virus writers, bot herders, mules, dupes); identities for sale $14-$18
  6. 6. Digital Pearl Harbour Exercise conducted by US Naval War  College & Gartner July 2002  3-day simulated attack on CNI with attackers given $200m, 5 years planning, access to state-level intelligence  Local, temporary attacks could be successful; sustained, national attacks would not
  7. 7. Cyber terror “Terrorists get better returns from much simpler  methods such as car bombs. Cyberterror is too low key: not enough dead bodies result, and attacks are too complex to plan and execute.” (Bird 2006) Reality is use for communications, research  (CBNR info poor - Stenersen 2007), propaganda, recruitment and belonging (Labi 2006 and Shahar 2007), tactical intel (US Army 2005)
  8. 8. Cyber war Disabling Critical National Infrastructure  (Estonia, May 2007)  For political/military/economic espionage (China, widely publicised 2007)
  9. 9. Estonia May 2007 Attacks on Estonian finance, media and govt  websites by Russian-linked groups. “Complexity and coordination was new… series  of attacks with careful timing using different techniques and specific targets” (NATO) Arbor Networks monitored 128 distinct attacks,  with 10 lasting over 10 hours and reaching 90Mbps
  10. 10. China TITAN RAIN Incursions into DoD, German chancellory, Whitehall,  NASA, Lockheed Martin… “Chinese attackers are using custom Trojan horse  software targeted at specific government offices, and it is just walking through standard defences. Many government offices don’t even know yet that they are leaking information. 99% of cases are probably still not known.” (NATO) “Intrusion detection systems react to obvious signatures  such as lots of traffic from one IP address – so onion routing and botnets are used to disguise the origin of intrusions.” (Sommer)
  11. 11. Fixing Internet insecurity Incentives are key: for more secure  software, networks and banks (House of Lords, 2007)  CNI must be very firmly separated from public Internet  Limits to use of COTS software?
  12. 12. Proportionality of state responses Lawful access   Data retention  “Glorification” of terrorism
  13. 13. References Juliette Bird (2006) Terrorist Use of the Internet, The Second International  Scientific Conference on Security and Countering Terrorism Issues, Moscow State University Institute for Information Security Issues, October 2006. Nadya Labi (2006) Jihad 2.0, Atlantic Monthly pp.102—107, July/August 2006.  Chief Judge Stein Schjolberg (2007) Terrorism in Cyberspace - Myth or reality?  June 2007. Available at Yael Shahar (2007) The Internet as a Tool for Counter-Terrorism, Patrolling and  Controlling Cyberspace, Garmisch-Partenkirchen, April 2007. Anne Stenersen (2007) Chem-bio cyber-class – Assessing jihadist chemical and  biological weapons, Jane’s Intelligence Review, 1 September 2007. US Army (2005) Army Regulation 530–1, Operations Security (OPSEC), 19 April  2007.