Cyberterrorism

Cyberterrorism Dr Ian Brown, OII

(with thanks to Lilian Edwards)

Outline Deﬁnitions - vandalism, crime, terrorism  and war  The insecurity of the Internet and how to ﬁx it  The proportionality of state responses to terrorist Internet use

Cyber grafﬁti Tipping Point report  found that in 8 years to 2007, >100k domains defaced Sometimes politically  motivated - c.f. UN site 12/8/07: “HACKED BY KEREM125 M0STED AND GSY THAT IS CYBERPROTEST HEY ]SRAIL AND USA DONT KILL CHILDREN AND OTHER PEOPLE PEACE FOR EVER NO WAR”

Cyber fraud Phishing (Symantec found 166,248  unique messages 2H 2006)  Denial of Service extortion (Symantec found 6m bots 2H 2006)  The organised criminal economy (custom virus writers, bot herders, mules, dupes); identities for sale $14-$18

Digital Pearl Harbour Exercise conducted by US Naval War  College & Gartner July 2002  3-day simulated attack on CNI with attackers given $200m, 5 years planning, access to state-level intelligence  Local, temporary attacks could be successful; sustained, national attacks would not

Cyber terror “Terrorists get better returns from much simpler  methods such as car bombs. Cyberterror is too low key: not enough dead bodies result, and attacks are too complex to plan and execute.” (Bird 2006) Reality is use for communications, research  (CBNR info poor - Stenersen 2007), propaganda, recruitment and belonging (Labi 2006 and Shahar 2007), tactical intel (US Army 2005)

Cyber war Disabling Critical National Infrastructure  (Estonia, May 2007)  For political/military/economic espionage (China, widely publicised 2007)

Estonia May 2007 Attacks on Estonian ﬁnance, media and govt  websites by Russian-linked groups. “Complexity and coordination was new… series  of attacks with careful timing using different techniques and speciﬁc targets” (NATO) Arbor Networks monitored 128 distinct attacks,  with 10 lasting over 10 hours and reaching 90Mbps

China TITAN RAIN Incursions into DoD, German chancellory, Whitehall,  NASA, Lockheed Martin… “Chinese attackers are using custom Trojan horse  software targeted at specific government offices, and it is just walking through standard defences. Many government offices don’t even know yet that they are leaking information. 99% of cases are probably still not known.” (NATO) “Intrusion detection systems react to obvious signatures  such as lots of traffic from one IP address – so onion routing and botnets are used to disguise the origin of intrusions.” (Sommer)

Fixing Internet insecurity Incentives are key: for more secure  software, networks and banks (House of Lords, 2007)  CNI must be very ﬁrmly separated from public Internet  Limits to use of COTS software?

Proportionality of state responses Lawful access   Data retention  “Gloriﬁcation” of terrorism

References Juliette Bird (2006) Terrorist Use of the Internet, The Second International  Scientific Conference on Security and Countering Terrorism Issues, Moscow State University Institute for Information Security Issues, October 2006. Nadya Labi (2006) Jihad 2.0, Atlantic Monthly pp.102—107, July/August 2006.  Chief Judge Stein Schjolberg (2007) Terrorism in Cyberspace - Myth or reality?  June 2007. Available at http://www.cybercrimelaw.net/1-2007.html Yael Shahar (2007) The Internet as a Tool for Counter-Terrorism, Patrolling and  Controlling Cyberspace, Garmisch-Partenkirchen, April 2007. Anne Stenersen (2007) Chem-bio cyber-class – Assessing jihadist chemical and  biological weapons, Jane’s Intelligence Review, 1 September 2007. US Army (2005) Army Regulation 530–1, Operations Security (OPSEC), 19 April  2007.

Cyberterrorism

by Ian Brown on May 24, 2008

Accessibility

Categories

Upload Details

Usage Rights

1 Embed 19

Statistics

Cyberterrorism — Presentation Transcript