Trend of cyber terrorism in the present world.pptx
1. TREND OF CYBER TERRORISM IN THE
PRESENT WORLD
SUBMITTED BY,
BINI. R.A,
BA. LLB (HONS),
VTH YEAR, ‘A’ SEC,
HA15023.
2. WHAT IS CYBER TERRORISM?
• In 1997 Barry Collins coined the term cyber terrorism.
• Although cyber terrorism has been acknowledged as a major risk
internationally, there does not seem to be an agreed or universal
definition of cyber terrorism.
• Denning describes cyber terrorism as “the convergence of cyberspace
and terrorism where unlawful attacks and threats of attack against
computers, networks, and the information stored therein are carried
out to intimidate or coerce a government or its people in furtherance of
political or social objectives, and should result in violence against
persons or property, or at least cause enough harm to generate fear.”
3. DO CYBER TERRORISM HAVE SPECIFIC FEATURES?
Cyber terrorism have some universal characteristics which are:
It is done to convey a particular destructive or disruptive message to
the government.
There are various methods to convey this message, viz., through
denial of services, sending threatening emails, defacing of government
websites, hacking and cracking of crucial governmental systems or
‘protected systems’, disrupting the civil amenities through destroying
the proper working of the digital information systems, etc.
4. It could affect the computers and the networks as
a whole, it could also affect the governing
system, and it could affect the population of
target area to create threat.
Computer and digital communication
technology are used as a main tool to achieve
extremist purposes.
The whole act could be motivated by religious,
social or political ideologies.
It is mostly done by hi-tech offenders.
The main aim of cyber terrorists today is to cripple
critical infrastructure of a country by cyber attacks
to further the causes they espouse for as a terrorist
group.
5. REASONS FOR HIKE IN CYBER TERRORISM
i. Spread of terror in large scale:
Through internet the terror attack could be in a larger scale. As compare to
physical attract cyber attack could be done in a larger scale. Attack can be
done more than one place at a same time which makes it easy for the
attackers.
ii. Disability of Government functions:
Every country is becoming digital all the operations are done through digital
process which makes for the attackers a chance to slower down the
functions of a country and to breach the security of that state. Any sector of
a govt. broke down it slowed.
6. iii. Easy way to create threat in people mind:
Internet is the easiest medium through which threat can be created in
the minds of people. It is a global platform to spread treat through
social media or any other networking websites it only effect one
country at a time but the whole world.
iv. Easy to execute:
As compare to physical attack, virtual attack is easy to done. As the
attacker or any person related to don’t have physically presented at
the target of the attack. It makes easy for the attacker to execute his
attack. They can perform activates across territories.
7. HOW TERRORIST USE INTERNET AS
PLATFORM TO COMMIT CRIMES?
• Publication of terrorist ideologies and ideas (propaganda).
• Raising funds/terrorist financing (money transfer/e-cash).
• Recruiting new members (finding each other).
• Launching threat or intimidation campaigns (beheadings).
• Communication among members-P2P, SMS, VOIP
(encryption).
• Obtaining operational information (targeting; JFK Airport).
• Coordinating, planning and discussing terrorist actions.
• Logistics (ordering supplies, car rentals, explosive,
chemical/biological components).
8. PHASES OF CYBER TERRORIST CAPABILITY
i. Enabling – online activities that support the operations of terrorist
groups, such as publicity and propaganda, recruitment, reconnaissance,
clandestine communications between members, and disseminating
manuals and know-how to incite and facilitate attacks by others.
ii. Disruptive – online activities that disrupt the information
technology of opponents, including pro-active cyber breaches of
networks; dissemination of malware; exfiltration of digital information;
financial theft and fraud; denial of service attacks; phishing and other
information technology (IT) hacking activities.
iii. Destructive – cyber attacks that trigger physical damage or injury
through spoofing operation technology (OT) and digital control
systems; attacks on Supervisory Control and Data Acquisition
(SCADA) systems; disabling control and safety systems.
9. RESPONSE TO CYBER TERRORISM THREAT
I. UNITED NATIONS’ RESPONSE
Cyber security is one of the main themes on the traditional debates on
security policy in the UN system. Normally this refers to those debates related to
the threat of terrorism and in the form of Resolutions of the UN Security
Council . The topic is covered in the work of the Counter Terrorism Committee
established by Security Council, and it is mentioned in the UN Global Counter-
Terrorism Strategy. In the latter case, the goal is not only “counter terrorism in
all its forms and manifestations on the Internet”, but also with more active
approach to “use the Internet as a tool for countering the spread of terrorism ”.
Wider in the UN systems, cyber security is regularly recognized as a central
feature that will be constantly developed in the international agenda for
international security. In the UN system, the International Telecommunication
Union (ITU) has highest responsibility for the practical aspects and applications
of the international cyber security. The ITU mission statement embraces the
issue of cyber security in direct terms. The purpose of the organization is to
10. develop confidence in the use of cyberspace through
enhanced online security. Achieving of the cyber security
and cyber peace are some of the most critical concerns in
the ICT development, and ITU takes concrete measures
through its Global Cyber security Agenda (GCA) .
In September 2008, the ITU and the International
Multilateral Partnership Against Cyber Threats
(IMPACT) signed an agreement under which GCA is
located in IMPACT headquarter in Cyberjaya, Malaysia.
11. II. INDIA’S RESPONSE
India responded to the misuse of information technology
and internet vandalism by passing its cyber act, the IT
Act,2000. It also made amendments in traditional laws like
in the Evidence Act, 1872; the Penal Code, 1860: the
Bankers’ Books Evidence Act, 1891 so as to update them.
The word “cyber terrorism” did not occur in the Act until
2008 when the amendment made important introductions
relating to the subject of cyber terrorism. The IT
(Amendment) Act, 2008 (10 of 2009) not only defines the
term cyber terrorism but it has many sections in pari
material. It is the amalgamation of several sections in the
amended Act which. Taken together makes a meaningful
law provision to address this dreaded peril.
12. IT ACT AND CYBER TERRORISM
Section 66F of the Information Technology Act, 2000 deals about punishment for cyber terrorism
1) Whoever,-
(A) with intent to threaten the unity, integrity, security or sovereignty of India or to strike terror in
the people or any section of the people by –
(i) denying or cause the denial of access to any person authorised to access computer resource; or
(ii) attempting to penetrate or access a computer resource without authorisation or exceeding
authorised access; or
(iii) introducing or causing to introduce any Computer Contaminant.
and by means of such conduct causes or is likely to cause death or injuries to persons or damage to
or destruction of property or disrupts or knowing that it is likely to cause damage or disruption of
supplies or services essential to the life of the community or adversely affect the critical
information infrastructure specified under section 70, or
(B) knowingly or intentionally penetrates or accesses a computer resource without authorisation or
exceeding authorised access, and by means of such conduct obtains access to information, data or
computer database that is restricted for the reasons of the security of the state or foreign relations;
13. or any restricted information, data or computer
database, with reasons to believe that such
information, data or computer database so obtained
may be used to cause or likely to cause injury to the
interests of the sovereignty and integrity of India, the
security of the State, friendly relations with foreign
States, public order, decency or morality, or in relation
to contempt of court, defamation or incitement to an
offence, or to the advantage of any foreign nation,
group of individuals or otherwise, commits the
offence of cyber terrorism.
(2) Whoever commits or conspires to commit cyber
terrorism shall be punishable with imprisonment
which may extend to imprisonment for life.
14. IPC AND CYBER TERRORISM
The Indian Penal Code, 1860 states about cyber
terrorism. Chapter VI of Indian Penal Code also
discussed about offenses against the state. This chapter
of IPC talks about any kind of offense committed
against the country. It also covers the areas of threat
from cyber space as per the Supreme Court of India.
Section 499 IPC can read along with section 66F
IT Act.
15. CYBER TERRORISTS ATTACK IN WORLD COUNTRIES
• In September 1998, on the eve of parliamentary elections in Sweden, saboteurs
attack the Web site of the right-wing political party in Sweden and created a
link to a Web site on the left and to the pornographic sites. The same month,
saboteurs attacked the website of the Mexican government in protest against
government corruption and censorship. Analysts point out these crime
examples as low level information warfare.
• Romanian hackers on one occasion managed to intrude into the computer
systems controlling the life support systems at an Antarctic research station,
endangering the 58 scientists involved. Fortunately, their activity is stopped
before any accident occurred.
• During the Kosovo conflict, Belgrade hackers conducted a denial of service
attack (DoS) on the NATO servers. They “flooded" NATO servers with ICMP
Ping messages, typically used for diagnostic or control purposes or generated
in response to errors in IP operations.
16. • During the Palestinian-Israeli cyber war in 2000 similar attack has been
used. Pro-Palestinian hackers used DoS tools to attack Israel’s ISP
(Internet Service Provider), Netvision. Although the attack was initially
successful, Netvision managed to resist subsequent attacks by increasing
its safety.
• In October 2007, hackers attacked the Web site of Ukrainian President
Viktor Jushenko. The responsibility for this attack took over the radical
Russian nationalist youth group, the Eurasian Youth Movement.
• An analyst from the U.S. Central Intelligence Agency (CIA) publicly
revealed that in January 2008, hackers successfully stopped power supply
networks in several U.S. cities. In November 2008, the Pentagon had a
problem with cyber attacks carried out by computer virus, prompting the
Department of Defense (DoD) to take unprecedented step of banning the
use of external hardware devices, such as flash memory devices and
DVDs.
17. CYBER TERRORISTS ATTACK IN INDIA
⁕On 26th November, 2008 India Witness very tragic Incident of 12
coordinate shooting and booming lasted 4days across the Mumbai.
Experts said that it was not simple terror attack but it was a major cyber
attack. The terrorist were in touch with Pakistan whole time callphonx
VOIP, and all the Computer systems of Taj Hotel, Leopal cafe, Shivaji
maharaj Terminus, Obori Trident, Came Hospital, Nariman House were
hacked, they had access to all the data of the hotel and other places. They
had whole guest list of Taj Hotel their check in Time, room number etc.
They basically targeted the Foreigner guest from the U.S and England and
other places. As they had access to the whole data of cafe, hospital they
had specific list of people whom they wanted to tar gate. The blast lasted
four days and terrorist were connected to Pakistani hacker all the time.
26/11 was one of the major incidents in our country which made
government to think over the cyber security and cyber threat which could
occur in a nation like India and what steps government could take for it.
18. ⁕ The 2010 Varanasi blast case also saw the usage of cyber
communication wherein the Indian Mujahiddin claimed
responsibility for the blast.
⁕ In July 2011, the digital technology was further used for
bomb blasts in a crowded city market in Jhaveri Bazaar,
Mumbai.
⁕ There are several reports on the hacking and defacement of
Indian government websites. Some of the examples are the
2010 hacking and defacement of the CBI website by the
Pakistani hackers, who called themselves ‘Pakistan cyber
army’, wherein the hackers had put up a message stating
‘Pakistan cyber army is warning the Indian cyber army not
to attack their websites’.
⁕ Some important websites like the website of National
Investigation Agency (NIA) was also affected, but it was
temporarily disabled and not hacked. Investigation on these
offences is still going on.
⁕ Experts had suggested that regular cyber security audits
could prevent such attacks.
19. FINAL THOUGHTS
The threat of cyber terrorism attacks will constantly increase as people
are becoming dependent upon the internet and therefore increasing the
possibilities of cyber terrorism attacks. Terrorists such as ISIS are successfully
creating a powerful image towards the perception of the public globally. The
threat of attacks continuous to grow as the widespread of online users are
constantly increasing. The risk of cyber-attacks to incur increases along with
the rapid growth of computer technology. Thus, law enforcements, policies,
practices and necessary measures should continue to be developing as the
computer technology continuous to develop. It is the responsibilities of officials
to develop a safe technology which is able to determine suspicious activities by
analysing public and private data. Implementations of all these mechanisms
allows computer network and systems to be less vulnerable and manages the
risk of cyber terrorism because each mechanisms possess separate functions for
combatting cyber terrorism.
20. SUGGESTIONS
⁘ Necessary steps must be taken to enable concerning bodies.
⁘ Computer security and awareness training.
⁘ Continuing awareness and education regarding terrorist trends
and methodologies.
⁘ Future readiness to defend against attacks.
⁘ Sensitive information should not be stored in the computer
systems which are connected to the internet.
⁘ Special training program for judicial officers to deal with
cases related to cybercrimes.
⁘ Effective use of intelligence gathered from all sources.
⁘ Ministries and departments have been advised to update IT
systems and carry out regular audits to ensure an error free
system.
21. “Tomorrow terrorist may be able to do more damage with a
keyboard than with a bomb”
- National Research Council