The psychological effects of cyber terrorism
Michael L. Gross , Daphna Canetti and Dana R. Vashdi
ABSTRACT
When ordinary citizens think of cyber threats, most are probably worried about their passwords
and banking details, not a terrorist attack. The thought of a shooting in a mall or a bombing at an
airport is probably more frightening than a cyber breach. Yet terrorists aim for mental as well as
physical destruction, and our research has found that, depending on who the attackers and the
victims are, the psychological effects of cyber threats can rival those of traditional terrorism.
KEYWORDS
Cyber security; cyber
terrorism
Cyber aggression has become a daily fact of life in the
21st century, yet for most people it’s still only a reality
in the form of cyber crime – hackers targeting financial
information or other personal details. Politically moti-
vated attacks might threaten them as well, but they
tend to be the concern of governments and corpora-
tions rather than ordinary citizens. The thought of a
terrorist shooting in a mall or bombing in an airport
probably seems far more frightening to the average
person than Russian hackers disrupting government
networks in Estonia or Anonymous breaking into the
police department of Ferguson, Missouri. Cyber terror-
ists, after all, have yet to actually kill or injure anyone.
Yet our research has found this perception of cyber
aggression might not be entirely accurate. The aim of
terrorism, after all, is not just physical destruction, and
depending on who the attackers and the victims are,
the psychological effects of cyber terrorism can be just
as powerful as the real thing.
Defining cyber terrorism
People face cyber aggression on an almost daily basis.
Hackers appropriate, erase, or ransom data, defraud
bank customers, steal identities, or plant malevolent
viruses. In many cases, hackers are criminals out for
pecuniary gain. But sometimes their motives are poli-
tical. Some are “hacktivists,” or cyber activist groups,
like Anonymous, others are terror groups like Hamas
or Islamic State, and still others are agents of national
states like Iran, North Korea, or Russia. They are not
usually after money but pursue a political agenda to
foment for social change, gain political concessions, or
cripple an enemy. Sometimes their means are peaceful,
but other times they are vicious and violent. The lines
often blur. Anonymous will hack the Ferguson police
department just as it will initiate an “electronic
Holocaust” against Israel in support of the Palestinian
cause (Rogers 2014). Islamic activists will use the
Internet not only to recruit members and raise funds
for social welfare projects but also to steal money for
terrorist activities or disseminate information to stoke
fear and demoralize a civilian population. States will
pursue online espionage but also wreak havoc by crash-
ing multiple systems – as did the Russians, allegedly, in
Estonia in 2007, with mass denial-of-service attacks on
gove ...
Countering Terrorism, Preventing Radicalization and Protecting Cultural Herit...Alireza Ghahrood
Abstract. The number of terrorist attacks that have brought about bloodshed and
left a mark on recent history have spotlighted once again the need to stem the attempts by terrorist organizations to conduct attacks within the EU, forestalling the
intentions of the martyrs-to-be. The Islamic State of Iraq and Syria (ISIS) is undoubtedly the terrorist group that, more than others, has taken advantage of Internet,
not only as a tactical means of coordination, but also as a tool to carry out proselytism, recruitment, propaganda, and fundraising. As one could imagine, constantly
monitoring the Internet for these activities is an extremely complex and time-consuming activity, requiring a huge amount of money and manpower, and resulting in
very poor – and only temporary – outcomes. To stem this rapidly spreading phenomenon, it can be useful to focus the attention of decision-makers, intelligence and
law enforcement on a possible profile of a “cyber terrorist”.
This paper aims at tracing the identikit of a possible “cyber terrorist” that is as
broad and consistent as possible.
Keywords. Al-Qaeda, cyber terrorist, Internet, ISIS, Islamic State, profiling, propaganda, proselytism, recruiting, terrorist organizations
Article in The Times of Israel by Andy Blumenthal: Israel is a small, but powerful nation that wants to stop attacks before they get to their door, and indeed, their lives depend on that. We can learn from Israel’s military doctrine of deterrence through overwhelming strength, unity, and disincentivizing the attackers to inform other security issues, such as ransomware attacks. I believe that the answer lies in a public-private security partnership financially backed by the government.
Running head ISOL 534 – Application Security 1Running head.docxwlynn1
Running head: ISOL 534 – Application Security 1
Running head: ISOL 534 – Application Security 2
Week-2 Research Paper Topic
Name: Nikhil Vasani
Course: ISOL-534
Professor: Dr. Jerry Alsay
University of the Cumberland
May 23, 2019
Introduction
The topic of security has been an issue for many countries and citizens alike as countries struggle to root out the vice of insecurity that is posing a great threat especially during this technological era where everything is virtually done online. Today every country around the world is grappling with keeping its citizens and institutions safe from external attacks and threats. Some of these threats could be motivated by various factors ranging from political, economic and social issues which make individuals or groups plan some sort of leveling score mission. If we were to review history in the early days during the 17th and 18th century the issues of insecurity among various nations were in existence but not at the height it is in the wake of the 21st century. Those days’ strategic alliances worked best in culminating threats of external and internal invasion, various leaders would call for peaceful resolution of the indifference that might exist between or among groups of nations. The mode or means of attack was not as sophisticated as it today since the only way terrorists would invade empires those days were through the physical means of actually leading an invasion group or plotting with a team on the ground to execute their plan.
Today this tactic has changed leaving institutions mandated with protecting our boundaries and keeping the people safe with a huge task of coming up with various ways of knowing how, where and when the security threats might actually occur. Some of the world leading security institutions that have earned a name for themselves are the homeland security, the Federal Bureau of Investigation FBI and Scotland Yard. These institutions have in the recent past prevented so many attacks plotted against the United States of America and many countries around the world through tapping the wide insecurity network around the world.
Background research
The issue of terrorism and external attacks has led to numerous loss of lives and property and must be cubed and properly managed using the most efficient methods so as to ensure proper security. It is evident that terrorists no longer use outdated strategies while carrying out attacks. With technology evolving with time, they have learned and mastered the use of new technology and have succeeded in coming up with some of the toughest attacks to prevent. Therefore, the DHS is left with a tough task and must improvise some of the best tactics in their strategic plan so as to have a proper chance in managing the situation. The intelligent gathering is one of the best elements that can be applied by the DHS in order to come up with the right solutions that will stop or prevent external attacks and terrorism.
Countering Terrorism, Preventing Radicalization and Protecting Cultural Herit...Alireza Ghahrood
Abstract. The number of terrorist attacks that have brought about bloodshed and
left a mark on recent history have spotlighted once again the need to stem the attempts by terrorist organizations to conduct attacks within the EU, forestalling the
intentions of the martyrs-to-be. The Islamic State of Iraq and Syria (ISIS) is undoubtedly the terrorist group that, more than others, has taken advantage of Internet,
not only as a tactical means of coordination, but also as a tool to carry out proselytism, recruitment, propaganda, and fundraising. As one could imagine, constantly
monitoring the Internet for these activities is an extremely complex and time-consuming activity, requiring a huge amount of money and manpower, and resulting in
very poor – and only temporary – outcomes. To stem this rapidly spreading phenomenon, it can be useful to focus the attention of decision-makers, intelligence and
law enforcement on a possible profile of a “cyber terrorist”.
This paper aims at tracing the identikit of a possible “cyber terrorist” that is as
broad and consistent as possible.
Keywords. Al-Qaeda, cyber terrorist, Internet, ISIS, Islamic State, profiling, propaganda, proselytism, recruiting, terrorist organizations
Article in The Times of Israel by Andy Blumenthal: Israel is a small, but powerful nation that wants to stop attacks before they get to their door, and indeed, their lives depend on that. We can learn from Israel’s military doctrine of deterrence through overwhelming strength, unity, and disincentivizing the attackers to inform other security issues, such as ransomware attacks. I believe that the answer lies in a public-private security partnership financially backed by the government.
Running head ISOL 534 – Application Security 1Running head.docxwlynn1
Running head: ISOL 534 – Application Security 1
Running head: ISOL 534 – Application Security 2
Week-2 Research Paper Topic
Name: Nikhil Vasani
Course: ISOL-534
Professor: Dr. Jerry Alsay
University of the Cumberland
May 23, 2019
Introduction
The topic of security has been an issue for many countries and citizens alike as countries struggle to root out the vice of insecurity that is posing a great threat especially during this technological era where everything is virtually done online. Today every country around the world is grappling with keeping its citizens and institutions safe from external attacks and threats. Some of these threats could be motivated by various factors ranging from political, economic and social issues which make individuals or groups plan some sort of leveling score mission. If we were to review history in the early days during the 17th and 18th century the issues of insecurity among various nations were in existence but not at the height it is in the wake of the 21st century. Those days’ strategic alliances worked best in culminating threats of external and internal invasion, various leaders would call for peaceful resolution of the indifference that might exist between or among groups of nations. The mode or means of attack was not as sophisticated as it today since the only way terrorists would invade empires those days were through the physical means of actually leading an invasion group or plotting with a team on the ground to execute their plan.
Today this tactic has changed leaving institutions mandated with protecting our boundaries and keeping the people safe with a huge task of coming up with various ways of knowing how, where and when the security threats might actually occur. Some of the world leading security institutions that have earned a name for themselves are the homeland security, the Federal Bureau of Investigation FBI and Scotland Yard. These institutions have in the recent past prevented so many attacks plotted against the United States of America and many countries around the world through tapping the wide insecurity network around the world.
Background research
The issue of terrorism and external attacks has led to numerous loss of lives and property and must be cubed and properly managed using the most efficient methods so as to ensure proper security. It is evident that terrorists no longer use outdated strategies while carrying out attacks. With technology evolving with time, they have learned and mastered the use of new technology and have succeeded in coming up with some of the toughest attacks to prevent. Therefore, the DHS is left with a tough task and must improvise some of the best tactics in their strategic plan so as to have a proper chance in managing the situation. The intelligent gathering is one of the best elements that can be applied by the DHS in order to come up with the right solutions that will stop or prevent external attacks and terrorism.
All scientific theories must be able to make testable predictions. S.docxoreo10
All scientific theories must be able to make testable predictions. Such predictions are based on observations. Experiments can then be conducted to verify (or falsify) such predictions. Darwin theorized that evolution occurred through natural selection; however, this may not have occurred in a smooth process. Some evolutionary theorists suggest that evolution by natural selection occurred in step-wise fashion.
Assignment
Write 3–4 pages on the following (not including the title and reference pages):
Explain the concepts of phyletic gradualism and punctuated equilibrium.
What predictions about the fossil record does punctuated equilibrium make?
In this model, what are the processes that produce rapid evolution? Which evolutionary factors are responsible for the periods of relative stasis?
Patterns of punctuated equilibrium have been observed in some cases, but the debate between punctuated equilibrium and phyletic gradualism continues and provides interesting areas of research. Based on your research into the scientific process, what evidence do we see today that supports a long history of life on the planet?
What evidence do we see that supports evolution by gradual change?
What evidence do we see that supports the concept of punctuated equilibrium?
.
All I wnat is to write a reflection paper on my project which is hac.docxoreo10
All I wnat is to write a reflection paper on my project which is hacking tools
My project is about using those 5 tools :
1-
Ice Hole for
Phishing
2-
SocialKlepto for
Social
3-
SmartphonePF and
Mactans
for Mobile
4-
Hping and
Yersinia for networks
5-
LCP and
Cain and Abel for
PasswordCracking
.
Alice,Betty, and Carol are playing a game with 48 marbles in a circl.docxoreo10
Alice,Betty, and Carol are playing a game with 48 marbles in a circle. Alice takes 2 marbles. Betty takes 4 marbles and Carol takes 6 marbles. One of them (not saying which one) now takes as many marbles as she did the first time. Another girl takes twice as many as she had before and the remaining girl takes 4 times as many as before. There are now 10 marbles left in the circle. Which girl took the same amount as the first time?
.
All healthcare organizations must convert to an Electronic Health Re.docxoreo10
All healthcare organizations must convert to an Electronic Health Record (EHR) system by 2014. This is a major expense that will cost many healthcare organizations millions of dollars. Purchasing an EHR system will undoubtedly require the acquisition and use of long-term assets. Prepare a proposal, addressed to the hospital's management, for financing a 1.5 million dollar EHR system for your local hospital. Be sure to include a strategic plan for financing, administering, operating and marketing the new system.
.
All round writer onlyThis is an individual Mediation assignment..docxoreo10
All round writer only
This is an individual Mediation assignment.
Read the attached information.
Assume the first role, that of Samantha (Sam) Pinder,
Executive V.P. of Finance, a mediator/facilitator . Two other roles are also printed out to assist you in understanding how the parties view the dispute.
Resolve
this dispute using the Steps in the Mediation Process and the Mediator's guide which follow the role information.
Describe the
outcome
for all parties.
.
Alice was wondering whether it was a good idea to invest her money i.docxoreo10
Alice was wondering whether it was a good idea to invest her money in treasury bonds. Discuss with Alice the pros and cons of that type of investment, contrasting U.S. treasuries to other sovereign debt. Be sure to include a discussion of risk. Also, show her the different types of bonds that exist in the corporate world.
-400-600 words
- Please include references
.
All organisms have DNA, which differs only in the number and order o.docxoreo10
All organisms have DNA, which differs only in the number and order of each type of nucleotide. This suggests that all organisms have
Answers available in ...
10
Take this time to do your
best on this question.
Eliminate
Reactivate
Eliminate
Reactivate
Eliminate
Reactivate
.
All literature involves some kind of performance which is intended f.docxoreo10
All literature involves some kind of performance which is intended for an audience. Sometimes, however, the performative quality of a work (i.e., the fact that it is being presented to an audience) is more obvious than at others. Drama and poetry, for example, tend to emphasize overt performance more than do short stories, which more often are read silently and in solitude.
How is the more direct performative aspect of drama and/or poetry reflected in these forms? (Consider for example, each genre’s uses of literary structure, language, technique, and style.) How do these literary elements affect your reading experience?
In your post, identify key qualities of drama and poetry which emphasize their performative qualities. Discuss how these characteristics shape your reading response. Support your views with
at least one example of a dramatic text and one example of a poem
.
.
All key elements of the assignment are covered in a substantiv.docxoreo10
All key elements of the assignment are covered in a substantive way.
·
Presentation follows the timeline of the evolution of business.
·
Presentation provides information on the different stages of business evolution, including:
o
Feudalism
o
Mercantilism
o
Capitalism
o
Commerce
o
Property rights
o
The Industrial Revolution
·
Presentation consists of 10 to 15 slides appropriate for the speaker’s audience.
·
Speaker notes are included for each slide.
·
Title and APA reference slide are included.
.
Alice, Betty and Carol are playing a game with 48 marbles in a circl.docxoreo10
Alice, Betty and Carol are playing a game with 48 marbles in a circle. Alice takes 2 marbles, Betty takes 4 marbles and Carol takes 6 marbles. One of them (not saying which one) now takes as many marbles as she did the first time. Another girl takes twice as many as she had taken before and the remaining girl takes 4 times as many as before. There are now 10 marbles left in the circle. Which girl took the same amount as the first time?
.
Alice Jones was employed as a clerk-typist by a company. She request.docxoreo10
Alice Jones was employed as a clerk-typist by a company. She requested and was refused a vacation day. The employer's refusal was based on her failure to submit the request at least two weeks in advance as required by company policy. She announced that she would take the day anyway, and when she subsequently failed to report for work, was fired for insubordination, plus the unexcused absence. Jones claimed that the company's real reason for firing her was a complaint that she had made to her state's department of labor concerning elimination of employee rest breaks. Explain and evaluate the possible causes of action available to Jones, and identify and explain the possible defenses available to Jones’ employer with regard to each cause of action. Integrate case law and statutory support into your response. (Points : 30)
.
Air and Water Pollution PaperAir and water pollutants exist in m.docxoreo10
Air and Water Pollution Paper
Air and water pollutants exist in many forms. Understanding what they are and where they come from better equips you to address the issues of air and water pollution.
Select
two types of air pollutants and two types of water pollutants.
Write
a 950 paper in which you analyze your selected pollutants and their effect on the environment. In your analysis, include the following items:
·
Indicate whether the selected air pollutants are considered primary or secondary pollutants. Explain why they are considered to be primary or secondary and discuss the sources of these pollutants.
·
Describe how the selected air pollutants affect the different layers of the atmosphere. In looking at this interaction, how do greenhouse gases influence Earth’s climate? Discuss how these air pollutants and greenhouse gases affect human, plant, and animal life.
·
Examine the selected water pollutants. Discuss the sources of these pollutants and indicate their effects on water resources and aquatic life.
·
Discuss the effect of poor water quality on humans and the environment. What are some solutions for reducing poor water quality?
Cite
at least two references.
Format
your paper consistent with APA guidelines.
.
Air pollution is an environmental health problem in many cities thro.docxoreo10
Air pollution is an environmental health problem in many cities throughout the world. Residents in an urban community through which a major freeway transportation route runs are suffering from a number of health effects. The local organization arranges for you, a health educator, to consult with and assist a nurse from a local community clinic in
planning and implementing
a program that will address reduction in exposure of the community, particularly children, to air pollution and thereby reducing the impact of air pollution in the community.
Write a 2-3 page paper in which you do the following:
1. Describe the common health problems associated with
indoor and outdoor air pollution
in urban settings.
2. Describe why children are more vulnerable to the effects of air pollutants.
3. Describe how you (as a Health Educator and consultant in this multi-disciplinary team), would assist the nurse to
plan and implement
a program that will reduce the exposure of this community to air pollution as well as reduce the impact of air pollution on the health of children. In your response, make sure to include preventive steps that can be taken by the community (home and school, for example) to reduce the exposure of children to air pollutants.
.
After your topic has been approved, the next step is to research.docxoreo10
After your topic has been approved, the next step is to research current articles and publications (within one year) and write an outline. You will need to use at least six credible sources that provide objective, authoritative, and accurate descriptions of your selected microeconomics topic. Two of your sources must be from academic journals. Your sources can include the following:
Academic journals
Financial and economic publications like the Wall Street Journal, the Economist, and industry-specific publications
Newspapers such as the New York Times and the Washington Post
Research databases like ProQuest
Use the
Hunt Library (Links to an external site.)
to conduct your research. Do not use Investopedia or Wikipedia.
You may write a formal outline or present your information in paragraph form using current APA formatting. Regardless of the outline format, you must provide the following:
Details that align with your microeconomics topic
List of your sources
Two of the sources must be from academic journals.
.
After watching three of the five movie clips listed in the Multime.docxoreo10
After watching three of the five movie clips listed in the
Multimedia
section, above, describe how they fit into a specific genre (or subgenre) as explained in the text. What elements of the film are characteristic of that genre? How does it fulfill the expectations of that genre? How does it play against these expectations?
.
Aging and Disability WorksheetPart IIdentify 2 or .docxoreo10
Aging and Disability Worksheet
Part I
Identify 2 or 3 issues faced by the aging population.
1.
2.
3.
Answer the following questions in 100 to 200 words each
.
Provide citations for all
the
sources
you use
.
·
What is ageism? How does ageism influence the presence of diversity in society?
·
What is the
Age
Dis
criminitation in Employment
Act (AD
E
A)? How does the AD
E
A address issues for the aging population?
·
What is being done to address the issues you identified?
·
Is the number of aging population expected to rise in numbers or decrease?
·
What types of legislation may or may not be affected by the aging population?
·
How does poverty affect the aging population?
Part II
Answer the following questions in 100 to 200 words each
.
Provide citations for all
the
sources
you use
.
·
What does the ADA provide for people with disabilities?
·
How have people with disabilities been treated in the past?
·
How has the attitude toward people with disabilities changed over time?
·
What are some unique circumstances or issues encountered by people with disabilities?
·
What is being done to address those issues?
·
What types of legislation have been introduced to address issues faced by people with disabilities?
.
After watching the video and reading the Web Resource, CDC Autism .docxoreo10
After watching the video and reading the Web Resource, "CDC: Autism Spectrum Disorders: Signs and Symptoms," discuss how you as an early childhood professional can use this information to increase awareness and early identification of autism, specifically discussing assessment tools that can be used with children with autism.
.
AI Artificial Intelligence1Reading responsePeter .docxoreo10
AI: Artificial Intelligence
1
Reading response
Peter Dormer, “Craft and the Turing Test for Practical Thinking,” in The Challenge of Technology.
What is personal know-how? What is distributed knowledge?
How do they relate to the Turing test?
Give one example of your own how these concepts matter today to artists and makers, or better yet, in your own experience?
Journal homework
Keep a record (text and drawings) of events in daily life where human and machine intersect and interact. Fill at least two pages with your observations.
Mary Shelley, Frankenstein, or The Modern Prometheus, 1818
Boris Karloff in Frankenstein in 1931 directed by James Whale
Mary Shelley first published Frankenstein, or the Modern Prometheus 1818. the novel allegorizes the Romantic obsession with discovering the power or principle of life. Ideas about a life power were consistent with the scientific understanding of the day. Darwin himself spoke of an organizing “spirit of animation” in his Zoonomia; or, The Laws of Organic Life, in which he stated “the world itself might have been generated, rather than created.”
Dr. Frankenstein picked all the parts for his monster based on their beauty, but when it comes to life, the monster is unbearably ugly. “I had worked hard for nearly two years, for the sole purpose of infusing life into an inanimate body…the beauty of the dream vanished, and breathless horror and disgust filled my heart. Unable to endure the aspect of the being I had created, I rushed out of the room”.
4
Two definitions of AI:
“The use of computer programs and programming techniques to cast light on the principles of intelligence in general and human thought in particular.
--Margaret Boden
“The science of making machines do things that would require intelligence if done by humans.”
-Marvin Minsky
BOTH OF THESE STATEMENTS ORIGINATE IN ALAN TURING’S FIRST COMPUTER SCIENCE ARTICLE
Working assumption: all cognition is computable
Question:
Is what’s not yet known to be computable actually computable?
if so, then what?
if not, why not, and what does that tell us about cognition?
7
Who was Alan Turing?
B. 1912 London, attended King’s College, Cambridge and Princeton University. He studied mathematics and logic (he hadn’t invented computer science yet)
At 23, he invented the “Turing machine” and published “On Computable Numbers in 1936, the first and most important paper in comp. sci.
During WWII, solved the German Enigma code by use of electromechanical devices—a precursor to the computer
Laid the foundation for major subfields of comp sci: theory of computation, design of hardware and software, and the study of artificial intelligence
“The Imitation Game,”
aka
“The Turing Test”
In 1950, Turing posited a way to test machine intelligence: a person in a room before a screen. S/he would correspond with two agents and based on their responses, decide which was a machine and which was human. If the machine can pass fo.
Agree or disagree with, and discuss the following statement Corp.docxoreo10
Agree or disagree with, and discuss the following statement: "Corporate intelligence is not corporate espionage because 95 percent of the information a company needs to make strategic decisions is available and accessible to the public." Explain your rationale.
Your response should be at least 200 words in length. All sources used, including the textbook, must be referenced; paraphrased and quoted material must have accompanying citations.
David, F. (2011). 1.
Strategic management: concepts & cases
(Custom Edition ed., pp. 72-74). New York: McGraw-Hill Irwin.
No Wiki, Dictionary.com or Plagiarism
.
After watching Reactions to an Impending Death Sentence and Ti.docxoreo10
After watching
Reactions to an Impending Death Sentence
and
Ties That Bind
, discuss the impact of our various relationships with those who are dying on how death impacts us. For example, how would you relate to a dying child, adult or older adult when they are dying? How would you relate to those left behind: parents, siblings, children, grandchildren, spouse? How do you feel about your own death? Discuss these questions in 250 – 300 words
.
All scientific theories must be able to make testable predictions. S.docxoreo10
All scientific theories must be able to make testable predictions. Such predictions are based on observations. Experiments can then be conducted to verify (or falsify) such predictions. Darwin theorized that evolution occurred through natural selection; however, this may not have occurred in a smooth process. Some evolutionary theorists suggest that evolution by natural selection occurred in step-wise fashion.
Assignment
Write 3–4 pages on the following (not including the title and reference pages):
Explain the concepts of phyletic gradualism and punctuated equilibrium.
What predictions about the fossil record does punctuated equilibrium make?
In this model, what are the processes that produce rapid evolution? Which evolutionary factors are responsible for the periods of relative stasis?
Patterns of punctuated equilibrium have been observed in some cases, but the debate between punctuated equilibrium and phyletic gradualism continues and provides interesting areas of research. Based on your research into the scientific process, what evidence do we see today that supports a long history of life on the planet?
What evidence do we see that supports evolution by gradual change?
What evidence do we see that supports the concept of punctuated equilibrium?
.
All I wnat is to write a reflection paper on my project which is hac.docxoreo10
All I wnat is to write a reflection paper on my project which is hacking tools
My project is about using those 5 tools :
1-
Ice Hole for
Phishing
2-
SocialKlepto for
Social
3-
SmartphonePF and
Mactans
for Mobile
4-
Hping and
Yersinia for networks
5-
LCP and
Cain and Abel for
PasswordCracking
.
Alice,Betty, and Carol are playing a game with 48 marbles in a circl.docxoreo10
Alice,Betty, and Carol are playing a game with 48 marbles in a circle. Alice takes 2 marbles. Betty takes 4 marbles and Carol takes 6 marbles. One of them (not saying which one) now takes as many marbles as she did the first time. Another girl takes twice as many as she had before and the remaining girl takes 4 times as many as before. There are now 10 marbles left in the circle. Which girl took the same amount as the first time?
.
All healthcare organizations must convert to an Electronic Health Re.docxoreo10
All healthcare organizations must convert to an Electronic Health Record (EHR) system by 2014. This is a major expense that will cost many healthcare organizations millions of dollars. Purchasing an EHR system will undoubtedly require the acquisition and use of long-term assets. Prepare a proposal, addressed to the hospital's management, for financing a 1.5 million dollar EHR system for your local hospital. Be sure to include a strategic plan for financing, administering, operating and marketing the new system.
.
All round writer onlyThis is an individual Mediation assignment..docxoreo10
All round writer only
This is an individual Mediation assignment.
Read the attached information.
Assume the first role, that of Samantha (Sam) Pinder,
Executive V.P. of Finance, a mediator/facilitator . Two other roles are also printed out to assist you in understanding how the parties view the dispute.
Resolve
this dispute using the Steps in the Mediation Process and the Mediator's guide which follow the role information.
Describe the
outcome
for all parties.
.
Alice was wondering whether it was a good idea to invest her money i.docxoreo10
Alice was wondering whether it was a good idea to invest her money in treasury bonds. Discuss with Alice the pros and cons of that type of investment, contrasting U.S. treasuries to other sovereign debt. Be sure to include a discussion of risk. Also, show her the different types of bonds that exist in the corporate world.
-400-600 words
- Please include references
.
All organisms have DNA, which differs only in the number and order o.docxoreo10
All organisms have DNA, which differs only in the number and order of each type of nucleotide. This suggests that all organisms have
Answers available in ...
10
Take this time to do your
best on this question.
Eliminate
Reactivate
Eliminate
Reactivate
Eliminate
Reactivate
.
All literature involves some kind of performance which is intended f.docxoreo10
All literature involves some kind of performance which is intended for an audience. Sometimes, however, the performative quality of a work (i.e., the fact that it is being presented to an audience) is more obvious than at others. Drama and poetry, for example, tend to emphasize overt performance more than do short stories, which more often are read silently and in solitude.
How is the more direct performative aspect of drama and/or poetry reflected in these forms? (Consider for example, each genre’s uses of literary structure, language, technique, and style.) How do these literary elements affect your reading experience?
In your post, identify key qualities of drama and poetry which emphasize their performative qualities. Discuss how these characteristics shape your reading response. Support your views with
at least one example of a dramatic text and one example of a poem
.
.
All key elements of the assignment are covered in a substantiv.docxoreo10
All key elements of the assignment are covered in a substantive way.
·
Presentation follows the timeline of the evolution of business.
·
Presentation provides information on the different stages of business evolution, including:
o
Feudalism
o
Mercantilism
o
Capitalism
o
Commerce
o
Property rights
o
The Industrial Revolution
·
Presentation consists of 10 to 15 slides appropriate for the speaker’s audience.
·
Speaker notes are included for each slide.
·
Title and APA reference slide are included.
.
Alice, Betty and Carol are playing a game with 48 marbles in a circl.docxoreo10
Alice, Betty and Carol are playing a game with 48 marbles in a circle. Alice takes 2 marbles, Betty takes 4 marbles and Carol takes 6 marbles. One of them (not saying which one) now takes as many marbles as she did the first time. Another girl takes twice as many as she had taken before and the remaining girl takes 4 times as many as before. There are now 10 marbles left in the circle. Which girl took the same amount as the first time?
.
Alice Jones was employed as a clerk-typist by a company. She request.docxoreo10
Alice Jones was employed as a clerk-typist by a company. She requested and was refused a vacation day. The employer's refusal was based on her failure to submit the request at least two weeks in advance as required by company policy. She announced that she would take the day anyway, and when she subsequently failed to report for work, was fired for insubordination, plus the unexcused absence. Jones claimed that the company's real reason for firing her was a complaint that she had made to her state's department of labor concerning elimination of employee rest breaks. Explain and evaluate the possible causes of action available to Jones, and identify and explain the possible defenses available to Jones’ employer with regard to each cause of action. Integrate case law and statutory support into your response. (Points : 30)
.
Air and Water Pollution PaperAir and water pollutants exist in m.docxoreo10
Air and Water Pollution Paper
Air and water pollutants exist in many forms. Understanding what they are and where they come from better equips you to address the issues of air and water pollution.
Select
two types of air pollutants and two types of water pollutants.
Write
a 950 paper in which you analyze your selected pollutants and their effect on the environment. In your analysis, include the following items:
·
Indicate whether the selected air pollutants are considered primary or secondary pollutants. Explain why they are considered to be primary or secondary and discuss the sources of these pollutants.
·
Describe how the selected air pollutants affect the different layers of the atmosphere. In looking at this interaction, how do greenhouse gases influence Earth’s climate? Discuss how these air pollutants and greenhouse gases affect human, plant, and animal life.
·
Examine the selected water pollutants. Discuss the sources of these pollutants and indicate their effects on water resources and aquatic life.
·
Discuss the effect of poor water quality on humans and the environment. What are some solutions for reducing poor water quality?
Cite
at least two references.
Format
your paper consistent with APA guidelines.
.
Air pollution is an environmental health problem in many cities thro.docxoreo10
Air pollution is an environmental health problem in many cities throughout the world. Residents in an urban community through which a major freeway transportation route runs are suffering from a number of health effects. The local organization arranges for you, a health educator, to consult with and assist a nurse from a local community clinic in
planning and implementing
a program that will address reduction in exposure of the community, particularly children, to air pollution and thereby reducing the impact of air pollution in the community.
Write a 2-3 page paper in which you do the following:
1. Describe the common health problems associated with
indoor and outdoor air pollution
in urban settings.
2. Describe why children are more vulnerable to the effects of air pollutants.
3. Describe how you (as a Health Educator and consultant in this multi-disciplinary team), would assist the nurse to
plan and implement
a program that will reduce the exposure of this community to air pollution as well as reduce the impact of air pollution on the health of children. In your response, make sure to include preventive steps that can be taken by the community (home and school, for example) to reduce the exposure of children to air pollutants.
.
After your topic has been approved, the next step is to research.docxoreo10
After your topic has been approved, the next step is to research current articles and publications (within one year) and write an outline. You will need to use at least six credible sources that provide objective, authoritative, and accurate descriptions of your selected microeconomics topic. Two of your sources must be from academic journals. Your sources can include the following:
Academic journals
Financial and economic publications like the Wall Street Journal, the Economist, and industry-specific publications
Newspapers such as the New York Times and the Washington Post
Research databases like ProQuest
Use the
Hunt Library (Links to an external site.)
to conduct your research. Do not use Investopedia or Wikipedia.
You may write a formal outline or present your information in paragraph form using current APA formatting. Regardless of the outline format, you must provide the following:
Details that align with your microeconomics topic
List of your sources
Two of the sources must be from academic journals.
.
After watching three of the five movie clips listed in the Multime.docxoreo10
After watching three of the five movie clips listed in the
Multimedia
section, above, describe how they fit into a specific genre (or subgenre) as explained in the text. What elements of the film are characteristic of that genre? How does it fulfill the expectations of that genre? How does it play against these expectations?
.
Aging and Disability WorksheetPart IIdentify 2 or .docxoreo10
Aging and Disability Worksheet
Part I
Identify 2 or 3 issues faced by the aging population.
1.
2.
3.
Answer the following questions in 100 to 200 words each
.
Provide citations for all
the
sources
you use
.
·
What is ageism? How does ageism influence the presence of diversity in society?
·
What is the
Age
Dis
criminitation in Employment
Act (AD
E
A)? How does the AD
E
A address issues for the aging population?
·
What is being done to address the issues you identified?
·
Is the number of aging population expected to rise in numbers or decrease?
·
What types of legislation may or may not be affected by the aging population?
·
How does poverty affect the aging population?
Part II
Answer the following questions in 100 to 200 words each
.
Provide citations for all
the
sources
you use
.
·
What does the ADA provide for people with disabilities?
·
How have people with disabilities been treated in the past?
·
How has the attitude toward people with disabilities changed over time?
·
What are some unique circumstances or issues encountered by people with disabilities?
·
What is being done to address those issues?
·
What types of legislation have been introduced to address issues faced by people with disabilities?
.
After watching the video and reading the Web Resource, CDC Autism .docxoreo10
After watching the video and reading the Web Resource, "CDC: Autism Spectrum Disorders: Signs and Symptoms," discuss how you as an early childhood professional can use this information to increase awareness and early identification of autism, specifically discussing assessment tools that can be used with children with autism.
.
AI Artificial Intelligence1Reading responsePeter .docxoreo10
AI: Artificial Intelligence
1
Reading response
Peter Dormer, “Craft and the Turing Test for Practical Thinking,” in The Challenge of Technology.
What is personal know-how? What is distributed knowledge?
How do they relate to the Turing test?
Give one example of your own how these concepts matter today to artists and makers, or better yet, in your own experience?
Journal homework
Keep a record (text and drawings) of events in daily life where human and machine intersect and interact. Fill at least two pages with your observations.
Mary Shelley, Frankenstein, or The Modern Prometheus, 1818
Boris Karloff in Frankenstein in 1931 directed by James Whale
Mary Shelley first published Frankenstein, or the Modern Prometheus 1818. the novel allegorizes the Romantic obsession with discovering the power or principle of life. Ideas about a life power were consistent with the scientific understanding of the day. Darwin himself spoke of an organizing “spirit of animation” in his Zoonomia; or, The Laws of Organic Life, in which he stated “the world itself might have been generated, rather than created.”
Dr. Frankenstein picked all the parts for his monster based on their beauty, but when it comes to life, the monster is unbearably ugly. “I had worked hard for nearly two years, for the sole purpose of infusing life into an inanimate body…the beauty of the dream vanished, and breathless horror and disgust filled my heart. Unable to endure the aspect of the being I had created, I rushed out of the room”.
4
Two definitions of AI:
“The use of computer programs and programming techniques to cast light on the principles of intelligence in general and human thought in particular.
--Margaret Boden
“The science of making machines do things that would require intelligence if done by humans.”
-Marvin Minsky
BOTH OF THESE STATEMENTS ORIGINATE IN ALAN TURING’S FIRST COMPUTER SCIENCE ARTICLE
Working assumption: all cognition is computable
Question:
Is what’s not yet known to be computable actually computable?
if so, then what?
if not, why not, and what does that tell us about cognition?
7
Who was Alan Turing?
B. 1912 London, attended King’s College, Cambridge and Princeton University. He studied mathematics and logic (he hadn’t invented computer science yet)
At 23, he invented the “Turing machine” and published “On Computable Numbers in 1936, the first and most important paper in comp. sci.
During WWII, solved the German Enigma code by use of electromechanical devices—a precursor to the computer
Laid the foundation for major subfields of comp sci: theory of computation, design of hardware and software, and the study of artificial intelligence
“The Imitation Game,”
aka
“The Turing Test”
In 1950, Turing posited a way to test machine intelligence: a person in a room before a screen. S/he would correspond with two agents and based on their responses, decide which was a machine and which was human. If the machine can pass fo.
Agree or disagree with, and discuss the following statement Corp.docxoreo10
Agree or disagree with, and discuss the following statement: "Corporate intelligence is not corporate espionage because 95 percent of the information a company needs to make strategic decisions is available and accessible to the public." Explain your rationale.
Your response should be at least 200 words in length. All sources used, including the textbook, must be referenced; paraphrased and quoted material must have accompanying citations.
David, F. (2011). 1.
Strategic management: concepts & cases
(Custom Edition ed., pp. 72-74). New York: McGraw-Hill Irwin.
No Wiki, Dictionary.com or Plagiarism
.
After watching Reactions to an Impending Death Sentence and Ti.docxoreo10
After watching
Reactions to an Impending Death Sentence
and
Ties That Bind
, discuss the impact of our various relationships with those who are dying on how death impacts us. For example, how would you relate to a dying child, adult or older adult when they are dying? How would you relate to those left behind: parents, siblings, children, grandchildren, spouse? How do you feel about your own death? Discuss these questions in 250 – 300 words
.
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
Embracing GenAI - A Strategic ImperativePeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Biological screening of herbal drugs: Introduction and Need for
Phyto-Pharmacological Screening, New Strategies for evaluating
Natural Products, In vitro evaluation techniques for Antioxidants, Antimicrobial and Anticancer drugs. In vivo evaluation techniques
for Anti-inflammatory, Antiulcer, Anticancer, Wound healing, Antidiabetic, Hepatoprotective, Cardio protective, Diuretics and
Antifertility, Toxicity studies as per OECD guidelines
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
Acetabularia Information For Class 9 .docxvaibhavrinwa19
Acetabularia acetabulum is a single-celled green alga that in its vegetative state is morphologically differentiated into a basal rhizoid and an axially elongated stalk, which bears whorls of branching hairs. The single diploid nucleus resides in the rhizoid.
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
Introduction to AI for Nonprofits with Tapp Network
The psychological effects of cyber terrorismMichael L. Gross.docx
1. The psychological effects of cyber terrorism
Michael L. Gross , Daphna Canetti and Dana R. Vashdi
ABSTRACT
When ordinary citizens think of cyber threats, most are
probably worried about their passwords
and banking details, not a terrorist attack. The thought of a
shooting in a mall or a bombing at an
airport is probably more frightening than a cyber breach. Yet
terrorists aim for mental as well as
physical destruction, and our research has found that, depending
on who the attackers and the
victims are, the psychological effects of cyber threats can rival
those of traditional terrorism.
KEYWORDS
Cyber security; cyber
terrorism
Cyber aggression has become a daily fact of life in the
21st century, yet for most people it’s still only a reality
in the form of cyber crime – hackers targeting financial
information or other personal details. Politically moti-
vated attacks might threaten them as well, but they
tend to be the concern of governments and corpora-
tions rather than ordinary citizens. The thought of a
terrorist shooting in a mall or bombing in an airport
probably seems far more frightening to the average
person than Russian hackers disrupting government
networks in Estonia or Anonymous breaking into the
police department of Ferguson, Missouri. Cyber terror-
ists, after all, have yet to actually kill or injure anyone.
2. Yet our research has found this perception of cyber
aggression might not be entirely accurate. The aim of
terrorism, after all, is not just physical destruction, and
depending on who the attackers and the victims are,
the psychological effects of cyber terrorism can be just
as powerful as the real thing.
Defining cyber terrorism
People face cyber aggression on an almost daily basis.
Hackers appropriate, erase, or ransom data, defraud
bank customers, steal identities, or plant malevolent
viruses. In many cases, hackers are criminals out for
pecuniary gain. But sometimes their motives are poli-
tical. Some are “hacktivists,” or cyber activist groups,
like Anonymous, others are terror groups like Hamas
or Islamic State, and still others are agents of national
states like Iran, North Korea, or Russia. They are not
usually after money but pursue a political agenda to
foment for social change, gain political concessions, or
cripple an enemy. Sometimes their means are peaceful,
but other times they are vicious and violent. The lines
often blur. Anonymous will hack the Ferguson police
department just as it will initiate an “electronic
Holocaust” against Israel in support of the Palestinian
cause (Rogers 2014). Islamic activists will use the
Internet not only to recruit members and raise funds
for social welfare projects but also to steal money for
terrorist activities or disseminate information to stoke
fear and demoralize a civilian population. States will
pursue online espionage but also wreak havoc by crash-
ing multiple systems – as did the Russians, allegedly, in
Estonia in 2007, with mass denial-of-service attacks on
government sites, and in Ukraine in 2016, with cyber
attacks on the airport and power grid (Polityuk 2016).
4. national security, we know little about its effects on
human security.
Human security emphasizes the conditions neces-
sary for a vibrant civil society (Tadjbakhsh 2014). At
the most basic level, people must be able to live free of
undue fear, anxiety, and trepidation. At a more devel-
oped level, civil society requires energetic public dis-
course, judicious public policy, and respect for human
dignity. Following 9/11, we now recognize that con-
ventional terrorism undermines human security even
more than national security. It is a common truism
that terrorists want a lot of people watching, not a lot
of people dead (Jenkins 1975; Lerner et al. 2003). The
dead are few; it is the living whose daily lives are
transformed by the constant fear of impending doom.
Conventional terrorism exacerbates feelings of insecur-
ity and perceptions of threat that prompt public cries
for protective and militant government policies that
can short circuit public discourse, intensify intolerance
for dissident views, and infringe on human rights
(Boggs 2002; Hirsch-Hoefler et al. 2014). Does cyber
terrorism cause similar effects?
At first glance, it seems that it cannot. In their
attempts to formulate the law of cyber warfare, the
framers of the Tallinn Manual on the International
Law Applicable to Cyber Warfare remain unconvinced
that cyber attacks that block e-mail, deny service,
employ economic coercion, undermine confidence in
the government or economy, or, in their example,
“cause panic by falsely indicating that a highly conta-
gious and deadly disease is spreading through the
population” cause sufficient mental suffering to rise
5. to the level of a terrorist attack (Schmitt 2013, §11.2,
3; 30.12; 36.3; 59.9). Unfortunately, these assumptions
are untested and in a series of field experiments we
studied how cyber terrorism affects psychological well-
being and political attitudes that impinge upon human
security by causing stress, anxiety, and fear – all of
which radicalize political attitudes and push people to
exchange privacy for security to prevent cyber terror in
the future.
Simulating cyber terrorism
In our field survey experiments, we first interviewed
522 individuals following Anonymous’s well-publicized
attempt to perpetrate an “electronic Holocaust” in
April 2015, when the hacktivist group promised to
take down servers and “erase Israel from cyber
space.” In a second study, in January 2016, 907 subjects
viewed various film clips describing hypothetical
Hamas attacks on Israel’s national water company. In
one scenario, cyber terrorism was fatal; terrorists
poisoned the water supply with an overdose of chlorine
that killed two and injured many more. In other sce-
narios, cyber terrorism was not lethal; no one suffered
physical harm but hackers appropriated the bank
account numbers of the company’s customers and suc-
cessfully transferred money to Hamas. A third group of
subjects viewed a fatal but conventional mass-casualty
terrorist attack, while a control group viewed a neutral
film depicting the dedication of a water treatment
plant. Following these screenings, we surveyed respon-
dents on measures fundamental to human security.
These included stress, anxiety, insecurity and threat
perception, political militancy, and a willingness to
relinquish privacy.
6. In some ways, Israelis are a unique population for such
a study. The ongoing conflict between Israelis and
Palestinians (and Palestinian allies like Hezbollah and
Iran) is a constant feature of everyday life. Terrorism,
too, simmers beneath the surface. In the 18 months
since January 2015, terrorists have taken 30 civilian lives
in Israel and the West Bank (B’Tselem 2016). Yet Israelis
know their enemy, know what they want, and can ima-
gine the way to peace. This puts terrorism and cyber
terrorism in the context of a political struggle that has,
in many ways, fixed and acceptable costs. Like a couple of
wary boxers, each side circles the other, constantly poking
and provoking. This leaves Israelis, who score very high
on the UN’s world happiness index, weary but resilient.
In contrast, the West’s confrontation with radical Islam
is enigmatic and exceptionally violent. In the same 18
month period, 68 Americans and 269 Europeans have
lost their lives in terrorist attacks (Indian Express 2016;
International Security 2016; McHugh 2016). Unlike
Israelis, Americans and Europeans don’t know their
enemy, have no clear idea what they want or how to
confront their demands. Islamic State attacks are brutally
violent for their own sake. Americans and especially
Europeans will find resilience elusive as terrorism and
cyber terrorism fuel an inescapable cycle of fear.
Learning from the Israeli case and understanding the
effects of cyber terrorism for other Western nations are
crucially important.
Measuring stress and insecurity
Not surprisingly, exposure to cyber terrorism is stress-
ful. Figure 1 uses the State-Trait Anxiety Inventory
(STAI) to show how stress and anxiety grow as attacks
7. become more deadly. With a score of 4.00, conven-
tional mass-casualty terrorism (e.g. suicide bombings)
evokes a level of anxiety at the top of the scale. The
stress scores for lethal and nonlethal cyber terrorism
are not far behind, and all the scores significantly
BULLETIN OF THE ATOMIC SCIENTISTS 285
surpass the control group. But the interesting point is
this: Individuals were equally disturbed by lethal and
nonlethal cyber terrorism, meaning there is no signifi-
cant difference between the two when it comes to
stress. Both cause significant panic and anxiety and
both, it seems, are equally capable of cracking the
foundations of personal well-being and human
security.
Cyber terrorism also left individuals insecure and
wary of future cyber terrorist attacks. These judgments
are measures of threat perception and gauged by such
questions as: “To what extent do cyber attacks under-
mine your sense of personal security?” and “To what
extent do you feel threatened by cyber terrorism?” Like
stress, threat perception increased steadily as attacks
grew more severe (Figure 2). But even in our control
group, Israelis are on edge, and exposure to nonlethal
cyber terrorism did not appreciably increase perceptions
of threat. Lethal attacks, on the other hand, did trigger a
significant jump in threat perception and it didn’t mat-
ter much whether they were cyber or conventional ter-
rorist attacks. These findings show how stress and threat
perception are two different phenomena. Stress is emo-
tional while threat perception is cognitive. And while
lethal and nonlethal cyber attacks evoke feelings of
8. stress, only terrorism accompanied by injury and loss
of life nurtures a serious preoccupation about the next
attack. If a person’s reaction to cyber terrorism has both
an emotional and cognitive dimension, it is also sensi-
tive to circumstance and the identity of the perpetrator.
After it was clear that Anonymous’s threat of an “elec-
tronic Holocaust” was empty, threat perception fell by
10%. People were still fearful, but not so much. But
many Israelis do fear Hamas. And when that group,
rather than Anonymous, was the perpetrator, threat
perceptions increased by 20%, from a mean score of
2.9 to a score of 3.5. Hamas is a far more frightening
adversary than Anonymous, even as they perpetrate
similar attacks.
Stress, anxiety, insecurity, and perceptions of
threat do not stand alone. Instead, we know that
studies of conventional terrorism show how stress,
anxiety, and heightened perceptions of threat radica-
lize political attitudes and draw individuals away
from concerns about civil liberties to worries about
national security (Verton and Brownlow 2003). In
the wake of mass-casualty terrorism, individuals
turn inward, disparage outgroups, move to the right
on security and privacy issues, and call upon their
government to take strong military action (Canetti
et al. 2013; McDermott 2010). The effects can have a
chilling effect on civil society and political discourse
in many democratic nations, as debates about tor-
ture, rendition, due process, military belligerency,
and surveillance show. We were not surprised to
see similar effects from cyber terrorism.
Figure 1. Anxiety in the wake of terrorism.
9. 286 M. L. GROSS ET AL.
Political reactions
Figures 3 and 4 depict an array of political attitudes that
harden in the wake of terrorism. As noted, individuals in
our first survey confronted an ongoing cyber attack by
Anonymous and in the second, a simulated attack by
Hamas. In each case, we asked individuals about their
support for internet surveillance, government regulation,
and military retaliation in the context of an unspecified
cyber terror attack. Questions centered on surveillance and
civil liberties (“Should the government monitor emails and
social networks for suspicious phrases?”; “Are you willing
to let the government read emails to improve personal and
national security?”),1 government regulation (“Should the
government require businesses to install cyber security
systems?”), and military retaliation (“Following a cyber
terrorism attack, should the government respond with a
small-scale cyber attack against military targets, a large-
scale cyber attack against military and civilian targets, a
small-scale conventional (missiles, bombs, and artillery)
attack against military targets, or a large-scale conventional
attack attacks against military and civilian targets?”)
Attitudes varied depending on the perpetrator. When
Anonymous was the attacker, 54% of the respondents in
our survey would allow the government to monitor
e-mails for suspicious phrases, 48% would allow the
government to monitor Facebook and Twitter, and 23%
would allow the government to read e-mails. When the
perpetrator was Hamas, support for government surveil-
lance leaps to 67% in favor of monitoring e-mails, 46% in
10. favor of monitoring social media, and 61% in favor of
reading e-mails. Among Americans in general, by con-
trast, only 43% of the respondents would allow the US
government to monitor the communications of US citi-
zens (Shelton, Rainie, and Madden 2015, 6). Among
Israelis, support for surveillance depends on the identity
of the perpetrator. And while the identity of the attacker
did not affect calls for government regulation (74% of the
respondents would require business to install cyber secur-
ity software) fears of Islamic terrorism dominate the
public’s demand for military responses. As Figure 4
demonstrates, individuals facing Hamas terrorism were
considerably more militant and supported conventional
retaliation by a margin of nearly 2:1 compared to those
facing the hacktivist group Anonymous. One reason may
be greater fear of Hamas but another may be the recogni-
tion that Hamas, like Islamic State, has infrastructures
and territory vulnerable to conventional attack. On the
other hand, it is fear of Hamas rather than its vulner-
ability that drives greater support for surveillance. These
Figure 2. Threat perception and insecurity.
BULLETIN OF THE ATOMIC SCIENTISTS 287
data highlight the public’s willingness to employ conven-
tional military measures to quash cyber terrorism, strong
attitudes that will no doubt influence political leaders as
they weigh kinetic military responses to cyber threats
(Libicki forthcoming).
From a psychological perspective, the data offer a
curious finding. We expected to find a clear connection
11. between exposure to cyber terrorism and militant,
hardline attitudes. The harsher the terrorist attack our
subjects experienced, the greater their militancy. But
this is not what we discovered. Instead, we found that
the greater one’s perception of threat, the greater one’s
militancy. The odds were more than twice as high that
individuals with high levels of threat perception will
Figure 4. Percent favoring small-scale and large-scale or
conventional retaliation.
Figure 3. Percent favoring surveillance and government
regulation.
288 M. L. GROSS ET AL.
support surveillance, government regulation, and mili-
tary retaliation compared to those whose threat percep-
tion is lower. We cannot explain why some individuals
are more fearful than others. Past exposure to cyber
attacks explains only a small part of the variance. Other
personality factors, beyond the scope of our study to
examine, are also probably at work. Nevertheless, it is
clear that the threat of terrorism and how one perceives
it are better determinants of militancy and hardline
attitudes than the experience of an actual attack. And,
indeed, this is how terrorism works. One need not
suffer direct harm to be terrorized; it is enough that
one fear direct harm to suffer the ravages of contem-
porary terrorism, whether cyber terrorism or conven-
tional terrorism.
From Anonymous and Hamas to Islamic state
12. These results offer tantalizing evidence that cyber ter-
rorism mirrors conventional terrorism even when its
victims do not suffer injury or loss of life. We found
that cyber terrorism increases stress, anxiety, fear, hard-
line attitudes, and political militancy. But circumstances
matter, because the identity of the perpetrator helps
explain the political attitudes related to cyber terrorism.
Hamas is more threatening than Anonymous. When
Hamas is at the wheel, Israelis see a brutal terrorist
organization and do not much distinguish between
cyber and conventional terrorism. Anonymous, on the
other hand, still carries some cachet as a rogue hacktivist
group that is unwilling or unable to harm anyone phy-
sically. Hamas, for the most part, poses no threat to
Americans and Europeans. But Islamic State certainly
does, and it will not be long before the group gains the
capabilities to mount cyber-terrorism attacks. And, as
with Hamas, the fact that these attacks might cause little
physical harm may be irrelevant. Islamic State, like
Hamas, will trade on its ruthless terrorist image.
Leveraging its success at conventional terrorism, it will
move seamlessly and effectively to cyber terrorism to
produce outsized fear and panic. Marrying conventional
and cyber terrorism will have chilling effects: Islamic
State and other terrorist groups will be able to achieve
the dramatic effects of suicide attacks and mass casual-
ties at the relatively low cost and risk of cyber terrorism.
There will be no need for suicide cyber bombers. Cyber
terrorism is a force multiplier that can magnify the
effects of limited, sporadic, and even failed kinetic ter-
rorist attacks. In tandem, conventional and cyber terror-
ism can undermine human security in a most
fundamental way.
Restoring human security
13. Human security thrives when societies are open, toler-
ant, peaceful, and vibrant, and when they offer citizens
the conditions necessary to flourish economically, intel-
lectually, physically, and emotionally (Tadjbakhsh and
Chanoy 2007). Physical security is a necessary condition
for human security but not sufficient if civil society fails
to allow its members to thrive. To thrive, individuals
must maintain tolerance and social discourse. By indu-
cing stress and anxiety, cyber terrorism endangers psy-
chological well-being and increases perceptions of threat
even if individuals suffer no physical harm. Once cyber
terrorism successfully breaches a critical infrastructure
to kill and injure (as in our film clips), these effects are
more pronounced. Threat perception is not all bad.
Reasonable perceptions of threat are essential to protect
individuals and their communities from dangerous sur-
prises but become disabling when they foster insecurity
and prompt visions of an inescapable cycle of violence
(Canetti-Nisim et al. 2009). It is the nature of cyber
terrorism to target civilians (Gross 2015, 153–183).
Some of this is mere efficiency: Civilian targets are softer
than military targets or critical infrastructures, which
states take great pains to protect. But part is strategic:
Targeting civilians is a way to demoralize and terrorize.
This is precisely what Anonymous, Hamas, and Islamic
State promise to do.
In response, civilians are increasingly willing to jet-
tison privacy and support military retaliation. Neither
outcome bodes well for human security. Privacy
embraces the right to keep secrets and preserves a
domain for individuals to build their personal identities
and communicate without interference or duress.
Surveillance inhibits free speech, discourages political
opposition, prevents dissenters from organizing or
publishing anonymously, and disrupts the flow of
14. information necessary for a well-functioning civil
society. Surveillance threatens privacy but not without
cause. Surveillance can strengthen physical security.
Gaining access to the content of e-mails and social
media may allow law enforcement authorities and
intelligence agencies to co-opt and cripple hostile orga-
nizations. Physical security is as important for human
security as privacy. Balancing the two will be excep-
tionally challenging in the shadow of cyber terrorism,
and cyber security experts and policy makers cannot
unilaterally fortify the former at the expense of the
latter.
Political militancy is equally problematic. Facing
cyber terrorism and the threat it poses to national
and human security, governments consider a range of
BULLETIN OF THE ATOMIC SCIENTISTS 289
tempered policies that include criminal prosecution,
counter espionage, and active cyber defenses. Because
most offensive cyber attacks fall far short of war, each
of these retaliatory responses is freighted with fears of
escalation that the United States and other nations wish
to avoid. Nations must be careful as they weigh their
responses to hostile cyber operations (Hathaway et al.
2012). Civilians, particularly those who already find
themselves in the midst of an armed conflict, are less
restrained and may push their governments in unwar-
ranted and dangerous directions as they call for harsh
military retaliation following cyber attacks. Human
security does not demand pacifism but it thrives best
in a society that is cautious about the use of armed
force. Cyber terrorism, like conventional terrorism,
15. upends judicious decision making.
Eliminating the toxic effects of cyber terrorism is
not simply a matter of cyber security. It is not enough
to thwart or reduce the incidence of cyber-terror
attacks. Protecting facilities is only half the battle.
Fear, insecurity, anxiety, and militancy are often the
product of perceived, not actual, threats. Cyber terror-
ists lurk in the background, and individuals will not be
mollified unless they are eliminated. Despite their best
efforts, however, no government will ever eradicate
cyber terrorism, and people will always be driven by
their outsized fears. Mitigating these fears is as equally
important as reducing the incidence of attack. But the
means are entirely different. Perceptions depend cru-
cially on information and, as a result, risk assessment
and communication are of crucial importance in the
war against cyber terrorism. Individuals who misun-
derstand the nature of cyber terrorism and the threat it
poses are most likely inclined to greater fear, insecurity,
and militancy than those whose assessment is sober.
Experts, to be sure, remain divided over the risk of
cyber terrorism. Nevertheless, the cyber security com-
munity must address the fears of everyday citizens by
cogently assessing the danger of cyber terrorism and
the protective measures necessary to maintain secure
networks. Risk communication is sorely lacking; prop-
erly implemented, it can reduce insecurity and percep-
tions of threat. Finally, there is also room to think
about psychological intervention and cognitive beha-
vior therapy to treat cyber terrorism-induced anxieties,
just as it is used to treat the effects of conventional
terrorism.2 Risk assessment and psychological treat-
ment protocols address the human dimension of
cyber terrorism and should not be neglected as nations
work to fend off cyber terrorists of all stripes.
16. Cyber terrorism has many faces, as does the psy-
chology of the masses. Our research demonstrates how
even nonlethal, seemingly banal forms of cyber
terrorism have a considerable impact on the attitudes
of victimized populations. Our experiments show a
“cyber terrorism effect” that can enable terrorists to
foster fears akin to kinetic terrorism and pursue simi-
larly ideological goals. In this way, cyber terrorism
pushes well beyond cyber crime even when its methods
– identity theft, destruction of data, and disruption of
service – are sometimes similar. When Anonymous
threatens an electronic Holocaust by corrupting data
or stealing identities, they are taking sides in violent,
armed conflict, and their actions are far more than
criminal. They are attacking innocent civilians, not
bilking an easy mark. Victims know the difference.
Under attack, they react not only with fear and trepi-
dation, as do victims of crime, but also with demands
for protection from the enemies of the state via harsh
military retaliation, surveillance, and strong govern-
ment. This is the psychology of terrorism.
Notes
1. “Reading” and “monitoring” are different. “Monitoring”
suggests either the collection of metadata or only read-
ing e-mails that trigger security concerns, while “read-
ing” suggest scrutinizing every e-mail.
2. For example, see Somer et al. (2005).
Disclosure statement
No potential conflict of interest was reported by the authors.
17. Funding
This research was made possible, in part, by grants awarded
to Daphna Canetti from the US National Institute of Mental
Health [R01 MH073687], from the Israel Science Foundation
[594/15], and from the US-Israel Binational Science
Foundation [2009460], and to Michael L. Gross from the
Israel Science Foundation [156/13].
Notes on contributors
Michael L. Gross is a professor in and the head of the School
of Political Science at the University of Haifa, Israel. His
recent books include The Ethics of Insurgency (Cambridge
2015), Moral Dilemmas of Modern War (Cambridge 2010)
and the forthcoming, Soft War: The Ethics of Unarmed
Conflict (Cambridge).
Daphna Canetti is a professor of political science at the
University of Haifa and the director of the university’s grad-
uate program in Democracy Studies. Canetti’s research
examines the psychological challenges and policy implica-
tions of terrorism, warfare, and political violence. Her pub-
lications appear in political and psychological outlets
including the Lancet, the American Journal of Political
290 M. L. GROSS ET AL.
Science, the British Journal of Political Science, and Political
Psychology. Her commentary has been featured in media
outlets including NPR and the Washington Post.
Dana Vashdi is the head of the Division of Public
18. Administration and Policy at the University of Haifa, Israel.
Her research focuses on the well-being of citizens in general
and of employees in particular as well as on teams in public
organizations, organizational learning, and healthcare policy.
She has published articles in a wide variety of academic
journals including the Academy of Management Journal,
British Medical Journal, Human Resource Management, and
Public Administration Review.
ORCID
Michael L. Gross http://orcid.org/0000-0001-5835-7879
Daphna Canetti http://orcid.org/0000-0003-0794-4090
Dana R. Vashdi http://orcid.org/0000-0003-3644-2129
References
Boggs, C. 2002. “Militarism and Terrorism: The Deadly
Cycle.” Democracy & Nature 8 (2): 241–259. doi:10.1080/
10855660220148598.
B’Tselem. 2016. “Fatalities after Operation Cast Lead.”
B’Tselem - The Israeli Information Center for Human
Rights in the Occupied Territories. http://www.btselem.
org/statistics/fatalities/after-cast-lead/by-date-of-death.
Canetti, D., B. J. Hall, C. Rapaport, and C. Wayne. 2013.
“Exposure to Political Violence and Political Extremism: A
Stress-Based Process.” European Psychologist 18 (4): 263–
272. doi:10.1027/1016-9040/a000158.
Canetti-Nisim, D., E. Halperin, K. Sharvit, and S. E. Hobfoll.
2009. “A New Stress-Based Model of Political Extremism:
Personal Exposure to Terrorism, Psychological Distress,
and Exclusionist Political Attitudes.” Journal of Conflict
Resolution 53 (3): 363–389. doi:10.1177/0022002709333296.
19. Gross, M. 2015. The Ethics of Insurgency: A Critical Guide to
Just
Guerrilla Warfare. Cambridge: Cambridge University Press.
Hathaway, O. A., R. Crootof, P. Levitz, H. Nix, A. Nowlan,
W. Perdue, and J. Spiegel. 2012. “The Law of Cyber-
Attack.” California Law Review 100 (4): 817–885.
Hirsch-Hoefler, S., D. Canetti, C. Rapaport, and S. E.
Hobfoll. 2014. “Conflict will Harden Your Heart:
Exposure to Violence, Psychological Distress and Peace
Barriers in Israel and Palestine.” British Journal of
Political Science 1–15. doi:10.1017/S0007123414000374.
Indian Express, 2016. “List of Terrorist Attacks that have
Struck Europe in 2016.” Indian Express. http://indianex
press.com/article/world/world-news/list-of-terrorist-
attacks-that-have-struck-europe-in-2016/.
International Security, 2016. “Deadly Attacks Since 9/11.”
International Security. http://securitydata.newamerica.net/
extremists/deadly-attacks.html.
Jenkins, B. M. 1975. “Will Terrorists Go Nuclear?” P-5541 in
the RAND Paper Series. Santa Monica, CA: The RAND
Corporation.
Lerner, J. S., R. M. Gonzalez, D. A. Small, and B.
Fischhoff. 2003. “Effects of Fear and Anger on
Perceived Risks of Terrorism: A National Field
Experiment.” Psychological Science 14 (2): 144–150.
doi:10.1111/psci.2003.14.issue-2.
Lewis, J. A. 2002. Assessing the Risks of Cyber Terrorism,
Cyber War and Other Cyber Threats. Washington, DC:
20. Center for Strategic and International Studies, December.
Libicki, M. C. forthcoming. ““From the Tallinn Manual
to Las Vegas Rules.” Chap. 32.” In Cyberspace in Peace
and War. Annapolis, MD: Naval Institute Press, 2016.
McDermott, R. 2010. “Decision Making under Uncertainty.”
In Proceedings of a Workshop Deterring Cyberattacks:
Informing Strategies and Developing Options for U.S.
Policy, National Research Council, 227–241. Washington,
DC: The National Academies Press.
McHugh, J. 2016. “Europe Terrorist Attacks 2016.” IBT, March
24. http://www.ibtimes.com/europe-terrorist-attacks-2016-
timeline-bombings-terror-threats-brussels-2341851.
Polityuk, P. 2016. “Ukraine Sees Russian Hand in
Cyber Attacks on Power Grid.” Reuters, February 12.
http://www.reuters.com/article/us-ukraine-cybersecurity-
idUSKCN0VL18E.
Rogers, A. 2014. “What Anonymous is Doing in Ferguson.”
Time, August 21. http://time.com/3148925/ferguson-
michael-brown-anonymous/.
Schmitt, M. N., ed. 2013. Tallinn Manual on the International
Law Applicable to Cyber Warfare. Cambridge: Cambridge
University Press.
Shelton, M., L. Rainie, and M. Madden. 2015. “Americans’
Privacy Strategies Post-Snowden.” Pew Research Center,
March 15. http://www.pewinternet.org/files/2015/03/PI_
AmericansPrivacyStrategies_0316151.pdf.
Somer, E., E. Tamir, S. Maguen, and B. T. Litz. 2005. “Brief
Cognitive Behavioral Phone-Based Intervention Targeting
21. Anxiety about the Threat of an Attack: A Pilot Study.”
Behaviour Research and Therapy 43 (5): 669–679.
doi:10.1016/j.brat.2004.05.006.
Tadjbakhsh, S. 2014. “Human Security Twenty Years on.”
Norwegian Peacebuilding Resource Centre (NOREF), June.
http://www.peacebuilding.no/var/ezflow_site/storage/origi
nal/application/540cb240aa84ac7133bce008adcde01f.pdf.
Tadjbakhsh, S., and A. M. Chanoy. 2007. Human Security:
Concepts and Implications. Abingdon, UK: Routledge.
Verton, D., and J. Brownlow, eds. 2003. Black Ice: The
Invisible Threat of Cyber-Terrorism. Emeryville, CA:
McGraw-Hill/Osborne.
BULLETIN OF THE ATOMIC SCIENTISTS 291
http://dx.doi.org/10.1080/10855660220148598
http://dx.doi.org/10.1080/10855660220148598
http://www.btselem.org/statistics/fatalities/after-cast-lead/by-
date-of-death
http://www.btselem.org/statistics/fatalities/after-cast-lead/by-
date-of-death
http://dx.doi.org/10.1027/1016-9040/a000158
http://dx.doi.org/10.1177/0022002709333296
http://dx.doi.org/10.1017/S0007123414000374
http://indianexpress.com/article/world/world-news/list-of-
terrorist-attacks-that-have-struck-europe-in-2016/
http://indianexpress.com/article/world/world-news/list-of-
terrorist-attacks-that-have-struck-europe-in-2016/
http://indianexpress.com/article/world/world-news/list-of-
terrorist-attacks-that-have-struck-europe-in-2016/
http://securitydata.newamerica.net/extremists/deadly-
attacks.html
http://securitydata.newamerica.net/extremists/deadly-
24. Address correspondence to Jian Hua,
School of Business and Public
Administration, University of the
District of Columbia, 4200
Connecticut Avenue, Washington,
DC 20008. E-mail: [email protected]
1. INTRODUCTION
Considerable research and investigative efforts have been spent
studying ter-
rorism and terrorists. Prevention of bombing, kidnapping, and
other common
types of terrorism has been among the focal concerns in the
struggle for world
peace. However, terrorists do not restrict themselves to common
and regular
methods. The terrorist’s attack of September 11, 2001, is a
primary example.
It is common knowledge that information technology (IT)-based
informa-
tion systems are vulnerable. Hence, it is possible for terrorists
to utilize the
vulnerabilities of IT-based information systems to attack their
adversaries and
to launch an information war (Jormakka & Molsa, 2005; Embar-
Seddon, 2002).
Currently, terrorism is spreading globally and being facilitated
by information
technology (Gable, 2009; Hansen, Lowry, Meservy, &
McDonald, 2005; Chu,
Deng, Chao, & Huang, 2009). Many studies urge paying more
attention to
cyber terrorism (Gable; Hua & Bapna, 2009; Foltz, 2004;
Embar-Seddon).
In a statement before the Senate Select Committee on
25. Intelligence, the
director of the National Intelligence testified that terrorists have
intentions
to deploy cyber attacks against the United States (Gable, 2009).
Cyber
attacks against the U.S. government in 2009 were expected to
increase about
60% compared to the number of attacks in 2008, most of it
coming from
Chinese state and state-sponsored computers (U.S. Government,
2009).
Attacks against Supervisory Control and Data Acquisition
systems (SCADA)
computer networks that operate the critical infrastructure have
risen dra-
matically in 2009 and account for 20% of the 164 incidences
reported since
1982 (Aitoro, 2009a). The reason cyber terrorists cannot launch
attacks to
cause significant damage is that these cyber terrorists have not
gained the
102
sufficient expertise, which could be available within the
next few years (Aitoro, 2009b).
Gable (2009) cites several recent incidences of cyber
terrorism:
• A distributed denial of service (DDOS) attack
launched on July 2009, which affected 27 U.S. and
South Korean government agencies including the
Secret Service and the U.S. Pentagon, may have been
26. the work of cyber terrorists residing in the United
Kingdom.
• Attacks on Estonian government Websites in
2007 effectively crippled the government transac-
tions in that country.
• The information for the stealth fighter jet program
was stolen.
• The U.S. Air Force’s air traffic control systems were
intruded.
Currently, cyber-terrorism research has focused on
three orientations: technology, legal, and economic.
All of these orientations are receiving increasing atten-
tion. The technology-oriented research stream focuses
on the technical means to prevent cyber attacks
(Hansen et al., 2005; Griffith, 1999). The legal-oriented
research stream examines the legal perspectives in order
to prosecute cyber terrorists (Trachtman, 2004; Walker,
2006; Gable, 2009). The economic-oriented research
stream develops and analyzes economic models to
determine the level of investment necessary to safe-
guard information assets (Hua & Bapna, 2009). In this
paper, our research specifically focuses on deterrence
and prevention from cyber terrorism and thus bor-
rows on the technical, legal, and economic orientation
streams.
Because cyber terrorism can result in economically
devastating threats to nations, we need to develop a
framework to deter cyber terrorism. In this paper, we
develop such a framework, relying on existing inter-
disciplinary literature and cyber-terrorism cases. Three
types of infrastructures — technical, policy, and legal —
27. must be present in order to craft cyber-terrorism deter-
rence policies. This paper is divided into five sections.
In section 2, a comprehensive literature survey of ter-
rorism, cyber terrorism, and deterrence is provided.
Since our focus on this paper is on deterrence, we
examine the literature in these areas in details. The lit-
erature shows that punishment may not result in an
adequate deterrence effect even for ordinary crimes,
let alone terrorism. In section 3, we argue that in
order to deter cyber terrorism, it is important to
identify the perpetrators of cyber attacks, which pose
both technical and legal challenges. In section 4, we
develop a framework based on the aspects learned
from the literature review and challenges associated
with current solutions. This framework clearly shows
that both national and international governments
have tremendous leverage to control cyber terrorism.
We provide recommendations for national and inter-
national bodies in order to prevent and deter the
incidents of cyber terrorism. We discuss the implica-
tions of our work in the section 5, “Conclusions and
Implications.”
2. LITERATURE REVIEW
The word “terrorism” came about during the French
Revolution when terror was used by the government to
suppress counter-revolutionary adversaries. Most ter-
rorists share two common aspects: (1) they assault
civilians, and (2) they target victims that are not their
true targets but rather these victims do influence the
target audience. The term terrorist refers to a per-
son who practices terrorism. Terrorism and terrorists
have a strong negative connotation. Terrorists know
that they cannot be superior to their adversaries in
28. conventional resource-intensive warfare. Hence they
rely on terrorism and low-intensive conflict to erode
the enemy’s moral and physical capacities (Oprea &
Mesnita, 2005).
Victoroff (2005) proposed a comprehensive typol-
ogy to illustrate the dimensions of terrorism (Table 1).
The demographic data about terrorists have been pre-
sented in studies by Hassan (2001), Pedahzur, Perliger,
and Weinberg (2003), and Sageman (2004).
People commonly believe that terrorists are insane
or psychopathic. Strictly speaking, the psychopathic
ailment can be divided into two conditions: clinical ill-
ness and personality disorder. The person with clinical
illness cannot differentiate right from wrong, but the
person with personality disorder can. As such, terrorists
are rarely psychotic or insane (Victoroff, 2005).
Contrary to common beliefs, terrorists are also rarely
sociopathic. There is no evidence, from any empirical
study, that demonstrates that terrorists are antisocial.
Considerable evidence supports the observation that
terrorists are regarded as heroes, at least by their groups
or local communities. The Middle Eastern students
103 How Can We Deter Cyber Terrorism?
TABLE 1 Dimensions of Terrorism (Victoroff, 2005)
Variable Classification
Perpetrator Number Individual vs. Group
Sponsorship State vs. Substate vs. Individual
29. Relation to authority Anti-state/Anti-establishment/
Separatist vs. Pro-state
Locale Intrastate vs. Transnational
Military status Civilian vs. Military
Spiritual motivation Secular vs. Religious
Financial motivation Idealistic vs. Entrepreneurial
Political Ideology Leftist vs. Rightist
Hierarchical role Sponsor vs. Leader
Willingness to die Suicidal vs. Nonsuicidal
Target Property vs. Individual vs. Masses
of people
Methodology Bombing, Assassination,
Kidnapping, Mass Poisoning,
other
who join an Islamic radical group may enjoy popular
support and believe they are serving their society in
a pro-social way. Contrary to common understand-
ing, terrorists are altruistic in their groups (Keet, 2003;
Krueger & Maleckova, 2003).
In this section, we define cyber terrorism and delin-
eate the differences and similarities between terrorism
and cyber terrorism. Types of cyber attacks and the
dangers of cyber attacks are provided. We then discuss
the literature on deterrence and how it relates to cyber
terrorism.
2.1. Cyber Terrorism
The term “cyber terrorism” is used to describe
the new approach adopted by terrorists to attack
cyberspace (Parks & Duggan, 2001). It is an extension
30. of traditional terrorism. The threat of cyber terrorism
is more dangerous than that of common information
security attacks (Rogers, 1999; Verton, 2003). Cyber ter-
rorism is becoming a major concern for most countries
(Foltz, 2004).
Two ways to define cyber terrorism have been pro-
posed (Rollins & Wilson, 2007):
• Effects-based: Cyber terrorism exists when computer
attacks result in effects that are disruptive enough
to generate fear comparable to a traditional act of
terrorism, even if done by criminals.
• Intent-based: Cyber terrorism exists when unlawful
or politically motivated computer attacks are done
to intimidate or coerce a government or people to
further a political objective or to cause grave harm
or severe economic damage.
We define cyber terrorism as an activity imple-
mented by computer, network, Internet, and IT
intended to interfere with the political, social, or eco-
nomic functioning of a group, organization, or coun-
try; or to induce physical violence or fear; motivated
by traditional terrorism ideologies. Cyber terrorism
includes all the dimensions as proposed by Victoroff
as shown in Table 1, where the terrorism methodology
is driven extensively by computer and computing net-
work architectures. The main goal of cyber-terrorism
attacks is to create fear and panic among civilians or
to disrupt or destroy public and private infrastructures
(Morgan, 2004). The most dangerous cyber-terrorism
attacks are those that affect national infrastructure or
business systems.
31. Cyber terrorists can be differentiated from the other
hacker groups by their attack motives. (Embar-Seddon,
2002) even though the cyber attack methods and the
targets attacked by cyber terrorists are the same as those
adopted by other hacker groups. Cyber terrorists can
launch DDOS attacks to disrupt public servers within
government, telecommunication services, transporta-
tion communication systems, and utility distribution
systems. They can also intrude into public media sys-
tems to spread rumor or alert civilian targets. Although
cyber terrorists cannot cause death on a large scale,
such as physical terrorism incidents, they might cause
large monetary losses exceeding that of physical terror-
ism or induce fear comparable to physical terrorism
acts. Thus, preventing cyber terrorism is as important
as preventing terrorism.
Foltz (2004) listed some of the potential threats of
cyber terrorism, including:
• Access a drug manufacturer’s facility and alter its
medication formulas to be deadly (Wehde, 1998).
• Access hospital records and change patient blood
types (Gengler, 1999).
• Report stolen information to others (i.e., troop
movement) (Desouza & Hensgen, 2003).
• Manipulate perception, opinion, and the political
and socioeconomic direction (Stanton, 2002).
• Facilitate identity theft (Gordon & Ford, 2002a).
• Attack critical infrastructure including electri-
32. cal power systems; gas and oil production,
J. Hua and S. Bapna 104
transportation, and storage; water supply sys-
tems; banking and finance; homeland security;
telecommunication; agricultural and food supply;
and public health (Embar-Seddon, 2002).
In its 1996 report Cyberterror: Prospects and
Implications, The Center for the Study of Terrorism
and Irregular Warfare at the Naval Postgraduate School
in Monterey, California, defined three levels of cyber
terror capability:
• Simple-Unstructured: The capability to conduct
basic hacks against individual systems using tools
created by someone else. The organization pos-
sesses little target analysis, command and control, or
learning capability.
• Advanced-Structured: The capability to conduct
more sophisticated attacks against multiple systems
or networks and possibly to modify or create basic
hacking tools. The organization possesses an ele-
mentary target analysis, command and control, and
learning capability.
• Complex-Coordinated: The capability for coordi-
nated attacks capable of causing mass-disruption
against integrated, heterogeneous defenses (includ-
ing cryptography). Ability to create sophisticated
hacking tools. Highly capable target analysis, com-
mand and control, and organization learning
33. capability.
According to the Center’s estimates, a terrorist
group may be able to reach the advanced-structured
level within two to four years after starting from
scratch and within six to ten years to reach the
complex-coordinated level. However, using outsourc-
ing or sponsorship means, a group may reach the
complex-coordinated level must faster.
Compared with other terrorism approaches, cyber
terrorism requires fewer people and fewer inputs.
Pure cyber terrorism does not require cyber terror-
ists to show up in the target area. Cyber terrorists
can remotely launch attacks and remain anonymous.
Cyber terrorists can use proxy servers and IP-change
methods to hide their real addresses. Because cyber ter-
rorists can easily hide their identity, it is difficult for
government agents to trace and capture them. This
poses tremendous challenges to thwart cyber-terrorist
attacks.
2.2. Deterrence
Deterrence theory has been widely employed in
the fields of economics and criminology to study
the behavior of criminals and antisocialists (Becker,
1968; Pearson & Weiner, 1985). In criminology, deter-
rence theory asserts that the probability of criminal
behavior varies with the expected punishment, which
consists of the perceived probability of being caught and
the punishment level (Pearson & Weiner). The decision
to undertake a criminal action by an individual is made
when the individual’s expected payoff is greater than
the expected punishment and cost. Moreover, the indi-
vidual moves in and out of illegal activities as the
34. opportunities change (Anadarajan & Simmers, 2003).
In the realm of cyber terrorism, the expected pun-
ishment level depends upon the legal national and
international frameworks, and the perceived probabil-
ity of being caught depends upon the ability to identify
the perpetrators and the cooperation for information
sharing between nations. We classify all deterring activ-
ities in terms of three dimensions: technical, policy,
and legal. The ability to use technical means to pre-
vent cyber terrorism is not relevant to this paper, but
the ability to identify terrorists using technical means
is of relevance. Policy decisions, such as how often
to share breaching information, are under the control
of governments and organizations. Governments and
societies operate under their legal infrastructures, and
their ability to prosecute cyber terrorists falls under the
legal dimension.
In criminology, deterrence theory focuses on the
effects of punishment. In economics, deterrence the-
ory focuses on the reward of legal behavior and the
punishment of illegal behavior (Becker, 1968). In eco-
nomics, deterrence theory asserts that individuals make
rational decisions to maximize benefits and minimize
costs. A person can make a decision to undertake a
criminal activity when the expected payoff from the
criminal activity exceeds the expected expense from
the potential cost and punishment (Straub & Welke,
1998). Deterrence theory has an underlying assump-
tion that human behaviors pursue pleasure and avoid
pain. To deter potential criminals from committing
unlawful behavior, it is necessary to impose counter-
measures that increase the cost or reduce the benefits
associated with doing so (Becker). Thus, for cyber ter-
rorism in the existing legal infrastructure, the costs
to commit terrorism can be increased significantly by
35. 105 How Can We Deter Cyber Terrorism?
raising the probability of being tracked. Using different
perspectives (e.g., policing, education, economics, and
behavioral), we show that increasing the punishment
level may not lead to deterring cyber terrorism.
Cameron (1988) studied the theoretical effect of
crime deterrence and compared this effect with empir-
ical works from other economists. Since Becker (1968)
published his famous crime and punishment theory, a
large body of literature on crime believed that police
expenditures were an effective input to deter crime.
To prove Becker’s belief, Cameron conducted a survey
to test whether punishment deterred crime, in theory,
and to test the effectiveness of the police in deter-
ring crime. In comparison, a literature review indicated
that punishment often increases crime or that police
inputs were positively correlated with crime. After care-
ful examination, the author found that studies using
aggregate data failed to demonstrate the deterrence
effects of policy inputs. On the other hand, the stud-
ies of individual prisoners and victims suggested that
police inputs do have a positive deterrent effect on the
supply of crime. The paper provided nine reasons why
punishment may not deter crime:
(1) risk in legal activities,
(2) reductions in private sector deterrence efforts,
(3) spillover/displacement effects,
(4) effects of criminals with a target income,
(5) effects on industry supply behavior for organized
36. crime,
(6) adaptive behavior,
(7) practical certainty,
(8) cognitive dissonance, and
(9) income and substitution effects.
Nations have different legal structures for punishing
criminal activities not only for these reasons but also
from societal mores. Due to conflicting results of the
research on punishment, it is unclear as to what degree
punishment levels may deter cyber terrorism.
Workman and Gathegi (2007) studied the effects
of attitudes towards the law and the effects of
social influence. Their study began by investigating
the counterproductive-behavior literature. Punishment
and ethics education were found to be effective in
deterring cyber criminal behavior. Punishment was
more effective in deterring people who tried to avoid
punishment or negative sequences, other than ethics
education. Ethics education more so than punish-
ment was effective in deterring people who had a
strong social consciousness. People who had a high
level self-control were more responsive to ethics train-
ing. People who had a low level of self-control were
more responsive to punishment for information secu-
rity contravention. Based on the well-know fact that
terrorists are willing to sacrifice their lives, it is unlikely
that the punishment level will be an effective tool in
deterring cyber terrorists.
Oksanen and Valimaki (2007) discussed copyright
violations and solutions on the Internet. The two
authors formed a traditional behavioral economic
model on the deterrence effect of lawsuits against
37. Internet copyright violations. The general deterrence
theory attempted to reduce the successful rates of crim-
inal behavior. Their observations supported the theory
that individuals tried to maximize their payoffs by
calculating utilities. The authors also found that the
strategy of minimizing risk was not only theoretically
practiced but also extensively used. The classic deter-
rence model heavily relied on the utility theory and
had many limitations. The two authors found that the
classic deterrence model should incorporate the repu-
tational cost of violations and the reputational benefit
of violations (Sunstein, 2003). The reputational cost
means the unofficial sanction applied by the indi-
vidual’s peers. The reputational benefit comes from
the support of the individual’s community or peers
(Rebellon & Manasse, 2004). The reputational bene-
fit may play a significant role in individual decision
making. This literature shows the possible existence of
the reputational benefits behind cyber terrorism. The
increased reputation from peer groups after a successful
cyber attack may motivate cyber terrorists to advertise
their activities.
Straub and Welke (1998) considered deterrence the-
ory as a theoretical basis for security countermeasures
to reduce information security risks. They derived four
distinct activities from deterrence theory: deterrence,
prevention, detection, and recovery. With respect to
internal computer abuse, they believed that managers
were the key to successfully deterring, preventing,
detecting, and pursuing remedies. The authors claimed
that deterrent countermeasures were passive because
they had no inherent provision for enforcement. They
also believed that security training for internal employ-
ees was a form of deterrent countermeasures, which
can convince potential internal computer abusers that
38. J. Hua and S. Bapna 106
the company was serious about the security and would
sue the computer abusers. This research clearly points
to the influence of managerial policies for deterrence,
prevention, detection, and recovery from cyber threats,
which may have a similar impact on cyber terrorism.
The punishment may be to a person, group, or to a
party to which the person belongs. The punishment
may not just be imprisonment and fine. For cyber
terrorism, the punishment may include antiterrorism
wars against the state in which the cyber terrorists
reside. Thus, the punishment to cyber terrorists may
be more severe and in some cases exceed the losses
they caused to the victims. Determining the proper
punishment is an important issue in the legal field.
Becker (1968), in his classical paper about punishment
determination, believed that punishment determina-
tion has to consider the social cost of punishments
and that all punishments can be converted to monetary
values. Legal systems in most societies specify punish-
ments that increase with the level of social harm caused
by the criminal activities (Rasmusen, 1995). As cyber
terrorism becomes more harmful, based on Becker’s
theory, increasing the punishment substantially for the
sake of the additional deterrence may be worth the
costs. However, since the research on punishment level
is inconclusive, it is difficult to quantify the level of
punishment that will stop cyber terrorism.
Based on the literature survey, a functional form of
punishment level on the deterrence effect for cyber
39. terrorism is plotted in Figure 1. While the functional
form is a sigmoid curve, low levels of punishment lev-
els have little or no impact on deterrence. Only at high
punishment levels do deterrence effects show up. From
an economic perspective, such high punishment levels
may be achieved only by means of very high invest-
ment levels, for example, extensive crippling of parts
of the cyber infrastructure.
Wible (2003) proposed two approaches to deter
cyber hackers: (1) reinforce the criminal law and
increase punishment, and (2) decriminalized the least
dangerous kinds of hacking in ways that demarginalize
the hacking community. Rational economic models on
deterrence perceive all potential criminals are rational.
However, little empirical research supports the rational
economic models on deterrence (Sheizen, 1995). The
failure reason of rational economic models on deter-
rence is that the hackers’ perception of the probability
of identification and punishment is more complex
than what we thought (Zimring & Hawkins, 1973).
In a recent workshop that discussed how informa-
tion warfare on the United States might be deterred,
several important findings were proposed (IWAR,
2008). We map these findings into three dimensions
of cyber deterrence: technical, policy, and legal.
• The workshop participants always assume that a vis-
ible set of defenses was the beginning to deter cyber
attacks (policy).
• Current employed defenses were inadequate to deter
well-prepared cyber attacks (technology).
40. • Deterrence of cyber-attacks was understood to
depend upon the nature of attackers (policy, legal).
• Deterrence requires identification of the value held
by the potential attackers and the capacity to com-
municate with those attackers (policy).
• It may be impossible to create an omnipotent deter-
rence policy that will be effective (technology, legal,
policy).
FIGURE 1 Effect of punishment level on deterrence. (color
figure available online.)
107 How Can We Deter Cyber Terrorism?
• Cyber attackers could be deterred by explicit threats
and retaliatory actions implying future threats (legal,
policy).
• Aggressive domestic and international law enforce-
ment can certainly have a deterrence effect on
potential adversaries. To deter cyber attackers, realis-
tic threat of capture and punishment should be used
(legal).
• Electronic IDs combined with computer hardware
and software can also deter potential cyber attackers
(technology).
3. CHALLENGES TO THE DETERRENCE
ON CYBER TERRORISM
Deterrence theory can be applied to all cyber
41. crimes including cyber terrorism (Ginges, 1997; Frey &
Luechinger, 2002; Carns, 2001). The literature review
(section 2.2) indicated that the impact of deterrence
(deterrence effect) is positively correlated with the iden-
tification probability, and it also may be positively
correlated with punishment level. Keeping the poten-
tial punishment severity unchanged, the deterrence
effect will be determined by the identification proba-
bility. The identification probability depends upon the
capability to track cyber terrorists. Thus, to increase the
impact of deterrence on cyber terrorism, the identifica-
tion probability must be increased. An inability to track
cyber terrorists would make it difficult for local and
international jurisdictions to track the entire network
of cyber terrorists as well as to prosecute them due to
the lack of proof of identification of these cyber ter-
rorists. In this section, we describe the technical means
available to cyber terrorists to avoid being tracked.
From a cyber terrorist’s perspective, the advantages
of cyber terrorism are anonymity and the ability to
remotely control the terrorist act. To attack a vic-
tim anonymously, a cyber terrorist has to make sure
that he or she cannot be tracked. An experienced
cyber terrorist could utilize the vulnerabilities in soft-
ware, hardware, networks, Internet, human beings, and
jurisdictions to avoid being tracked back.
To avoid being tracked back, cyber terrorists can
employ three methods: (1) spoofing their media access
control (MAC) and Internet protocol (IP) addresses,
(2) using a public Internet, and (3) using proxy servers.
To access a switched network, a cyber terrorist’s com-
puter must have a MAC address. A MAC address
is unique and assigned to a network interface card
42. (NIC) by its manufacturer for identification purpose.
Similarly, if this cyber terrorist wants to access a routed
network, his computer must an IP address. There are
many programs available on the Internet to spoof
MAC and IP addresses. A fake MAC address could
cheat a firewall by bypassing a network access restric-
tion and erase intruders’ fingerprints (a MAC address
is unique and combined with a NIC card). A cyber
terrorist can use a sniffer hacking tool to pick up
MAC addresses from the traffic of a target network,
spoof the MAC, and disguise himself as an autho-
rized user to bypass the network access control of the
target. IP address spoofing is a fairly old intruding
method. In DDOS attacks, a cyber terrorist can spoof
the IP addresses of source computers. Because the IP
addresses are changing, it is difficult for the target to
trace and defend against DDOS attacks. Of course,
spoofing MAC and IP address currently cannot guar-
antee complete anonymity. If an investigator can trace
back to the Internet service provider (ISP) of the cyber
terrorist, the cyber terrorist location still can be nar-
rowed to a small list with the connection logs provided
by the ISP.
Some cyber terrorists may think of using public
Internet connections such as those available at the free
library or in Internet cafés. Usually these free Internet
connection services do not require any identification.
However, this method is not completely safe for a
cyber terrorist, for example, if there are video cameras
in these public areas. Investigators can use recorded
video and the Internet connection logs to make a
narrow suspect list.
Cyber terrorists who are good at sniffing could abuse
43. a private wireless connection which does not have
encryption protection. It is not known how to track
a cyber terrorist in a wireless network (Velasco, Chen,
Ji, & Hsieh, 2008). Closest access point, triangulation,
and radio frequency fingerprinting are commonly used
techniques for tracking in wireless networks, but all of
them are inaccurate (Zeilandoo & Ngadi, 2008). Cyber
terrorists can hide themselves in a neighbor area to uti-
lize intruded wireless network as a proxy server and
escape detection by investigators.
Proxy servers are the most common methods to
prevent tracking back. Usually there are many hops
between a cyber terrorist host and a target host. Cyber
terrorists can utilize proxy servers to cover their loca-
tions. For example, if a cyber terrorist is living in Iraq,
he can use several anonymous proxy servers hosted
J. Hua and S. Bapna 108
in other countries as intermediators. If the last proxy
server is located in the United States, the target vic-
tim will assume the connection from a domestic area,
which is not in the highly restricted area. In the other
side, those anonymous proxy servers are used by many
users every day. If one of those proxy servers dumps its
log every two to three hours, it is difficult for investi-
gators to find the cyber attack’s cyber path. The clue
chain is broken. Sometimes cyber terrorists could use
zombies as proxy servers, which are totally under their
control. If cyber terrorists install special programs in
their zombies to physically clean the Internet collec-
tion logs every minute, it is difficult for investigators
to collect evidence. If one of those proxy servers is
44. located in a country that does not consider cyber
attacks a crime or never cooperates with the United
States, it becomes impossible for investigators to col-
lect evidences. We still think the clue chain is totally
broken.
If we cannot find the location of cyber terrorists,
we cannot punish them and alert their community.
Tracking cyber terrorists is a big problem that must
be solved. However, the history of the Internet shows
that it was not designed with foolproof tracking func-
tions. The Internet was originally designed for and
used by scientists and researchers. While the Internet
does have logging capabilities, these capabilities can be
foiled and the Internet protocol has no other means
of recording a user’s activities. Moreover, high-speed
Internet development hinders tracking cyber terrorists.
For example, the primary duty of an Internet route is
to route packets as fast as possible in order to facili-
tate high-speed connections. If the Internet speed is too
fast, it is impossible for a regular router to keep a suffi-
cient log. For example, a router on the Internet with a
speed of 1,000 gigabytes needs a 6,000 gigabyte mem-
ory to record one minute of traffic. The writing speed
of the memory must be 100 gigabytes per second. Even
though this kind of memory exists, it can increase
the price of the router and the expense incurred for
Internet usage. Also, current literature has not shown
any available network infrastructure for tracking.
In summary, the design of the Internet, which is
based on the TCP/IP, poses serious challenges to the
identification of cyber terrorists. TCP/IP has several
weaknesses that are inherent in the architecture of
the protocol. A group knowing about these protocols
can effectively sabotage it to their advantage (Bellovin,
45. 2004). Moreover, even private networks not connected
to the Internet, but based on the TCP/IP protocol they
are susceptible to breaches from “springboard” attacks
(US-CERT, 2005).
4. ENHANCING CYBER-TERRORISM
DETERRENCE
Wible (2003) believes that reinforcing the criminal
law and increasing punishment will improve the deter-
rence effect of cyber crimes. Similarly, increasing the
identification rate will increase the deterrence effect of
cyber terrorism. In order to deter cyber terrorism, the
legal and law enforcement communities will need to
signal the cyber terrorist community that the identi-
fication rate and the punishment severity have been
increased. While it is believed that cyber terrorists fear
punishment, punishment can only occur if the cyber
terrorists can be traced, found, and identified. If the
cyber terrorists believe they will never be identified,
increasing punishment severity will be less effective
in deterring hacking activities. Thus, the first line of
defense is to increase the identification rate since it will
be more effective in deterring potential cyber terrorism
activities. Signaling mechanisms from the legal com-
munity that punishment severity has been increased
also need to be sent to the cyber-terrorist community.
We propose a framework to enhance the deterrence
effect for cyber terrorism (see Figure 2). This frame-
work relies on three critical infrastructures to deter
cyber terrorism activities: the technical, policy, and
legal infrastructure (section 2.2).
The proposed framework incorporates six enti-
ties: the national government, fee-based Internet ser-
46. vice providers, organizations, free Internet service
providers, citizens, and other countries. As per the
framework, the national government plays a leading
role in enhancing deterrence for cyber terrorism. Any
national government has five responsibilities in this
deterrence war:
1. Enhance cooperation among different international
jurisdiction areas. Without international coopera-
tion and agreements, the evidences used to track
and sue the cyber terrorists could be destroyed.
From an international legal perspective, several
bases of jurisdictions are available to prosecute
cyber terrorists: nationality of the victim or the
perpetrator (e.g., anti-child sex tourism, victims
of terrorism), territorial jurisdiction based on a
109 How Can We Deter Cyber Terrorism?
National
Government
• Cooperate with other national
jurisdictions to share
information
• Invest on Internet
Authentication Technologies
• Educate citizens
• Cooperate with ISPs to
tighten access controls
47. • Legal Infrastructure
Free Internet
Service Providers
• Tighten the access control
of the free Internet
service
Internet Service
Providers
• Adopt the latest security
technologies
• Record users activities
Citizens
• Receive education on the
Internet usage
Organizations
• Train employees to
prevent Cyber-Terrorism
• Adopt latest security
technologies
Other Countries
• Cooperate with other
national jurisdictions to
share information
48. (See National
Government
Policies)
FIGURE 2 Framework of enhancing deterrence for cyber
terrorism.
state’s borders (e.g., antitrust conspiracies effecting
local businesses), universal jurisdiction based on the
extreme gravity of the crime (e.g., piracy, slavery,
war crimes), and protective jurisdiction based on the
threat to a state e.g., counterfeiting, treason. Gable
(2009) argues that universal jurisdiction is most
suited to cyber terrorism and is the most efficient
way of deterring such crimes. Universal jurisdic-
tion can be based on treaties among nations or
in customary international law. Numerous treaties
exist to prosecute terrorists, such as the Convention
to Prevent and Punish Acts of Terrorism Taking
the Form of Crimes Against Persons and Related
Extortion that are of International Significance, and
the International Convention for the Suppression
of Terrorist Bombings. These treaties can conceiv-
ably be applied to cyber terrorism (Gable). Similarly,
the United Nations (UN) Security Council has
condemned terrorism through Security Council
Resolutions 1373, 1566, and 1624. UN Resolution
51/210 is specifically aimed at cyber terrorism.
2. Fund research on adoption of Internet authenti-
cation technologies. Current technologies to track
sophisticated cyber terrorists are lacking in trac-
ing capabilities primarily due to the design of the
TCP/IPv4 protocol (see section 3). With increased
investments in universal adoption of IPv6, track-
49. ing problem of any packets can be solved. However,
even IPv6, which uses the secure Internet Protocol
Security (IPsec) to encrypt all data packets at
OSI Layer 3, may not solve all issues, especially
since IPv6 with backwards compatibility defeats
the purpose of authentication. Moreover, terror-
ists may manage to acquire a previously authenti-
cated machine. Increased funding may be directed
towards creation of protocols and processes that
embed authentication at all levels (Lipson, 2002).
3. Enhance cooperation between law enforcement and
local ISPs. If ISPs can use advanced technologies
to record all connection requests, it is much eas-
ier for investigators to track and lockdown the cyber
terrorists (Morris, 2001; Benoist, 2008).
4. Educate and train the public to protect them from
cyber terrorism. A policy of mandating all wireless
users to implement an access control scheme to their
wireless networks should prevent cyber terrorists
from acquiring Internet resources easily. The policy
may mandate that the default configuration of all
wireless access points be set to a secure protocol and
prohibit any access without a unique key assigned to
J. Hua and S. Bapna 110
each and every individual (Morris, 2001). However,
this needs to be balanced by privacy rights.
5. Create a legal infrastructure that will lead to quick
and effective prosecution of hackers and white col-
lar computer crimes. The infrastructure becomes a
50. signaling mechanism to potential cyber terrorists
and thus increases their costs of conducting harmful
activities.
Of these five policies, the first four deal with pol-
icy decisions that a central/local government needs to
make. The legal infrastructure is the glue that binds
these and other cyber security policies.
Internet service providers’ responsibilities include
(1) adopting the latest authentication technologies and
(2) logging the Internet connections. By adopting the
latest authentication technologies, it will be difficult for
cyber terrorists to spoof their MAC and IP addresses.
By logging the Internet connections, investigators can
obtain the raw historical data about all users’ activ-
ities. The technical infrastructure of cyber terrorism
deterrence should support all such responsibilities.
Free Internet service providers need to tighten their
access control of free Internet services. Proper identifi-
cation should be required to use their free Internet ser-
vices, especially for their free wireless Internet services.
Free training on Internet security should be provided
by local governments to their citizens. Education and
mass marketing efforts to citizens should focus on the
citizens to secure their home wireless networks against
unauthorized uses. The technical and policy infrastruc-
tures of cyber terrorism deterrence should support the
free Internet service providers.
Organizations’ responsibilities include (1) adopting
the latest authentication technologies and (2) training
employees to prevent cyber terrorism. By adopting the
latest authentication technologies, organizations can
tighten the access control of their wired network and
51. wireless access points. It will be difficult for cyber ter-
rorists to use the evil twin method to intrude wireless
access points. By training employees against cyber ter-
rorism, organizations can minimize the vulnerabilities
of human beings. It will be difficult for cyber ter-
rorists to utilize social engineering and rogue access
points, which are unauthorized access points built by
an individuals or a department. The technical and pol-
icy infrastructures of cyber-terrorism deterrence should
support organizations.
All nations should adopt similar policies. However,
not all nations may have the resources to fund all lev-
els of deterrence. Nations at risk, such as the United
States, can fund the adoption of the latest Internet
authentication technologies and share that informa-
tion. They should tighten their access control of the
Internet usage along with the help of their local ISPs.
If a country refuses to adopt anti-cyber-terrorism pro-
cedure, policies can be implemented that monitor
their incoming Internet IP packets and slow down
the rate at which Internet packets are handled within
the affected nation. That country may be put on a
black list (e.g., Financial Action Task Force blacklist)
until that country implements the satisfactory level of
anti-cyber-terrorism procedures. An international legal
infrastructure needs to be created for cyber-terrorism
deterrence.
Figure 3 shows the impact of increasing resources
in each of the three infrastructures. The lowest most
FIGURE 3 Impact of improved resource allocations in cyber
terrorism infrastructures. (color figure available online.)
111 How Can We Deter Cyber Terrorism?
52. plot (in red) shows a base deterrence function – it
takes considerable resources to achieve a significant
deterrence level. Improvements in the legal infras-
tructure result in shifting the plot to the left; that
is, fewer resources are needed to achieve the same
deterrence level (shown in blue). By improvements in
resources allocated towards the policy infrastructure
along with improvements in the legal infrastructure,
lesser resources are needed to achieve the same deter-
rence level (shown in green). By further improving
the technical infrastructure, fewer resources are needed
for a target deterrence level (shown in purple). In this
figure, the placement of improvements in the techni-
cal, policy, and legal infrastructures can be swapped
without loss of generality. However, to achieve any
meaningful benefit for deterrence for cyber terror-
ism, resources need to be expended for all the three
infrastructures.
5. CONCLUSION
Cyber terrorism is threatening our national secu-
rity and a major attack can be mounted at any time.
This paper explores the literature on cyber terrorism,
cyber terrorists, and deterrence aspects. In order to
deter cyber terrorism, we customarily think of increas-
ing the punishment severity unilaterally. However, the
effect of deterrence depends not only on the punish-
ment severity but also on the proper identification of
the terrorists. To increase the identification probability,
we must increase the probability of successfully track-
ing cyber terrorists. However, the tracking mechanisms
have many legal and technical challenges, which are
53. discussed in this paper. We proposed a framework to
overcome these challenges and enhance our capabili-
ties to deter cyber terrorism. We propose three types of
infrastructures to deter cyber terrorism: technical, pol-
icy, and legal. Each of the three infrastructures must be
present in order for a deterrence policy to be effective.
For each of the three infrastructures, we have listed key
areas that need to be examined.
In this paper, while we have listed the key areas to
be examined, we have not done any sensitivity anal-
ysis on each of the key areas. For example, we have
not addressed the issue of determining the marginal
benefits of expending resources on each of the key
areas. Our future work addresses this by developing an
optimal resource allocation model to deter cyber ter-
rorism. This paper provides a foundation to work on
such extensions that may be of interest to practitioners
and academic researchers alike.
This paper has discussed several issues with respect
to deterring cyber terrorists, focusing on the identifica-
tion aspects of terrorists. However, an open issue still
remains on how to signal the identification and punish-
ment level to the cyber-terrorist community. We sug-
gest that positive news reports disseminated on TVs
or newspapers can alert potential cyber terrorists (e.g.,
http://www.cybercrime.gov/). Cyber terrorists will be
warned that this is not a “catch me if you can” game but
a “we can catch if you do” game. Evaluating the effect
of sending signals to the cyber-terrorist community is
the focus of our ongoing research project.
REFERENCES
Aitoro, J. R. (2009a). Cyber attacks against critical U.S.
54. networks ris-
ing at a faster rate. Retrieved from
http://www.nextgov.com/nextgov/
ng_20091208_4177.php
Aitoro, J. R. (2009b). Terrorists nearing ability to launch big
cyber
attacks against U.S. Retrieved from
http://www.nextgov.com/nextgov/
ng_20091002_9081.php
Anandarajan, M., & Simmers, C. (2004). Personal web usage in
the work-
place: A guide to effective human resources management.
Hershey:
Idea Group Inc (IGI).
Becker, S. G. (1968). Crime and punishment: An economic
approach.
Journal of Politic Economy, 76(2), 167–217.
Bellovin, S. M. (2004). A look back at “security problems in the
TCP/IP protocol suite”. Proceedings of the 20th Annual
Computer
Security Applications Conference (pp. 229–249). Washington,
D.C.:
IEEE Computer Society.
Benoist, E. (2008). Collecting data for the profiling of web
users.
In Profiling the European citizen cross-disciplinary perspective
(pp.
169–184). Houten, Netherlands: Springer.
Cameron, S. (1988). The economics of crime deterrence: A
55. survey of
theory and evidence. Kyklos, 41(2), 301–323.
Carns, M. P. C. (2001). Reopening the deterrence debate:
Thinking about
a peaceful and prosperous tomorrow. Small Wars &
Insurgencies,
11(2), 7–16.
Chu, H., Deng, D., Chao, H., & Huang, Y. (2009). Next
generation
of terrorism: Ubiquitous cyber terrorism with the accumulation
of
all intangible fears. Journal of Universal Computer Science,
15(12),
2373–2386.
Desouza, K. C., & Hensgen, T. (2003). Semiotic emergent
framework to
address the reality of cyber terrorism. Technological
Forecasting and
Social Change, 70(4), 385–396.
Embar-Seddon, A. (2002). Cyberterrorism. American Behavioral
Scientist,
45(6), 1033–1043.
Foltz, C. B. (2004). Cyber terrorism, computer crime, and
reality.
Information Management & Computer Security, 12(2/3), 154–
166.
Frey, B. S., & Luechinger, S. (2002). How to fight terrorism:
Alternatives
to deterrence. Retrieved from http://ssrn.com/abstract=359824
56. Gable, K. A. (2009). Cyber-Apocalypse now: Securing the
Internet
against cyber terrorism and using universal jurisdiction as a
deterrent.
Retrieved from http://ssrn.com/abstract=1452803
Gengler, B. (1999). Politicians speak out on cyber terrorism.
Network
Security, 1999(10), 6.
Ginges, J. (1997). Deterring the terrorist: A psychological
evaluation of
different strategies for deterring terrorism. Terrorism and
Political
Violence, 9(1), 170–185.
J. Hua and S. Bapna 112
Gordon, S., & Ford, R. (2002a). Cyberterrorism? Computer &
Security,
21(7), 636–647.
Griffith, D. A. (1999). Organizing to minimize a cyber-terrorist
threat?
Marketing Management, 8(2), 9–15.
Hansen, J. V., Lowry, P. B., Meservy, R., & McDonald, D.
(2005). Genetic
programming for prevention of cyber terrorism through dynamic
and evolving intrusion detection. Decision Support Systems,
43(4),
1362–1374.
Hassan, N. (2001). An arsenal of believers: Talking to the
57. human bombs.
The New Yorker, 77(36).
Hua, J., & Bapna, S. (2009). The impact of cyber terrorism on
invest-
ment for information system security. Proceedings of the 40th
Annual
Meeting of Decision Science Institute, New Orleans, LA.
IWAR. (2008). How might IW attacks on the United States be
deterred? Retrieved from
http://www.iwar.org.uk/iwar/resources/
deterrence/iwdCh2.htm
Jormakka, J., & Molsa, J. V. E. (2005). Modeling information
warfare as a
game. Journal of Information Warfare, 4(2), 12–25.
Keet, M. (2003). Terrorism and game theory: Coalitions,
negotiations
and audience costs. Retrieved from http://keetwitnie.tripod.com/
TerrorismGameTheory.pdf
Krueger, A., & Maleckova, J. (2003). Education, poverty,
political vio-
lence, and terrorism: Is there a connection? Journal of
Economic
Perspectives, 17(4), 119–144.
Lipson, H. F. (2002). Tracking and tracing cyber attacks.
Retrieved from
http://www.cert.org/archive/pdf/02sr009.pdf
Morgan, M. J. (2004). The origins of new terrorism. Parameters,
34, 9–42.
Morris, D. A. (2001). Tracking a computer hacker. Retrieved
58. from http://
www.leetupload.com/database/Misc/Papers/Asta%20la%20Vista
/
Web%20Papers/tracking_a_computer_hacker.doc
Nelson, B., Choi, R., Lacobucci, M., Mitchell, M., & Gagnon,
G. (1996).
Cyber terror: Prospects and Implications. Retrieved 16 May
2008.
Oksanen, V., & Valimaki, M. (2007). Theory of deterrence and
individual
behavior. Can lawsuits control file sharing on the Internet?
Review of
Law and Economics, 3(3), 693–714.
Oprea, D., & Mesnita, G. (2005). The information system and
the global
terrorism. Retrieved from http://ssrn.com/abstract=906289
Parks, R. C., & Duggan, D. P. (2001, June). Principle of cyber-
warfare.
Proceedings of the 2001 IEEE Workshop on Information
Assurance
and Security, West Point, NY.
Pearson, F. S., & Weiner, N. A. (1985). Toward an integration
of crimi-
nological theories. Journal of Criminal Law and Criminology,
76(1),
116–150.
Pedahzur, A., Perliger, A., & Weinberg, L. (2003). Altruism and
fatalism:
The characteristics of Palestinian suicide terrorists. Deviant
59. Behavior:
An Interdisciplinary Journal, 24, 405–423.
Rasmusen, E. (1995). How optimal penalties change with the
amount
of harm. International Review of Law and Economics, 15(1),
101–108.
Rebellon, C., & Manasse, M. (2004). Do “bad boys” really get
the girls?
Delinquency as a cause and consequence of dating behavior
among
adolescents. Justice Quarterly, 21(2), 355–390.
Rogers, M. (1999). Psychology of computer criminals. In
Proceedings
of the Annual Computer Security Institute Conference, St.
Louis, MO.
Rollins, J., & Wilson, C. (2007). Terrorist capabilities for cyber
attack:
Overview and policy issues. Retrieved from
http://italy.usembassy.gov/
pdf/other/RL33123.pdf
Sageman, M. (2004). Understanding terror networks.
Philadelphia, PA:
University of Pennsylvania Press.
Sherizen, S. (1995). Can computer crime be deterred? Security
Journal,
6, 177–181.
Skibell, R. (2003). Cybercrime & misdemeanors: A reevaluation
of the
computer fraud and abuse act. Berkeley Technology Law
60. Journal, 18,
909–944.
Stanton, J. J. (2002). Terror in cyberspace. American
Behavioral Scientist,
45(6), 1017–1032.
Straub, D. W., & Welke, R. J. (1998). Coping with systems risk:
Security
planning models for management decision making. MIS
Quarterly,
22(4), 441–469.
Sunstein, C. (2003). Why societies need dissent. Cambridge,
MA: Harvard
University Press.
Trachtman, J. P. (2004). Global cyber terrorism, jurisdiction
and interna-
tional organization. Retrieved from
http://ssrn.com/abstract=566361
U.S. Government. (2009). 2009 report to Congress of the U.S.-
China eco-
nomic and security review commission. Retrieved from
http://www.
uscc.gov/annual_report/2009/annual_report_full_09.pdf
US-CERT. (2005). Vulnerabilities in TCP. Retrieved from
http://www.us-
cert.gov/cas/techalerts/TA04-111A.html
Velasco, E., Chen, W., Ji, P., & Hsieh, R. (2008, August).
Challenges
of location tracking techniques in wireless forensics.
Proceedings
61. of International Conference on Intelligent Information Hiding
and
Multimedia Signal Processing, Harbin, China.
Verton, D. (2003). Black ice: The invisible threat of cyber
terrorism.
Emeryville, CA: McGraw Osborne Media.
Victoroff, J. (2005). The mind of terrorist: A review and
critique of
psychological approach. The Journal of Conflict Resolution,
49(1),
3–41.
Walker, C. (2006). Cyber terrorism: Legal principle and the law
in the
United Kingdom. Penn State Law Review, 110, 625–665.
Wehde, E. (1998). U.S. vulnerable to cyber terrorism. Computer
Fraud &
Security, 1, 6–7.
Wible, B. (2003). A site where hackers are welcome: Using
hack-in con-
tests to shape preferences and deter computer crime. The Yale
Law
Journal, 112(6), 1577–1623.
Workman, M., & Gathegi, J. (2007). Punishment and ethics
deterrents:
A study of insider security contravention. Journal of the
American
Society for Information Science and Technology, 58(2), 212–
222.
Zeidanloo, H., & Ngadi, M. (2009). Intruder Location Tracking.
62. Proceedings of the 2009 Second International Conference on
Computer and Electrical Engineering (507–511). Washington,
D.C.:
IEEE Computer Society.
Zimring, F., & Hawkins, G. (1973). Deterrence. Chicago, IL:
University of
Chicago Press.
BIOGRAPHIES
Jian Hua is an associate professor in the Department
of Marketing, Legal Studies, and Information Systems
at the School of Business and Public Administration,
the University of the District of Columbia. His
research interests include information security, cyber
internal control, and cyber auditing. His paper
has been published or accepted by several aca-
demic journals and conferences. His research has
won the Best Interdisciplinary Research Paper in
2009 Decision Science National Conference. He also
served as a chair of Information Systems Security ses-
sion in 2010 Decision Science National Conference.
He received his BS in Power Engineering from
Southeast University (China), his MS in Information
Engineering, and PhD in Business Administration
from Morgan State University.
Sanjay Bapna is an associate professor in the
Information Sciences and Systems Department at
113 How Can We Deter Cyber Terrorism?
Morgan State University. He has more than 20 years of
63. experience in data gathering and modeling techniques.
He has worked extensively as a principal investigator
for numerous funded studies related to commercial
vehicle operations with the State of Maryland. His
peer-reviews papers on computer security, privacy, and
decision making have been published in top-quality
journals including Decision Sciences and Decision Support
Systems. A joint paper with Dr. Jian Hua was recently
awarded the prestigious 2009 Best Interdisciplinary
Paper Award by the National Decision Sciences
Institute. Another of his papers has been awarded
the Best Paper by the International Association
of Computer Information Systems. He obtained a
B. Tech. in Chemical Engineering from the Indian
Institute of Technology and MBA and PhD with spe-
cialization in information systems from the University
of Iowa.
J. Hua and S. Bapna 114
Copyright of Information Security Journal: A Global
Perspective is the property of Taylor & Francis Ltd and its
content may not be copied or emailed to multiple sites or posted
to a listserv without the copyright holder's
express written permission. However, users may print,
download, or email articles for individual use.
2/15/2018 EBSCOhost
64. http://web.b.ebscohost.com/ehost/delivery?sid=a044cfde-323a-
4432-ab13-
0153ed2567f1%40sessionmgr102&vid=15&ReturnUrl=http%3a
%2f%2fweb.… 1/4
EBSCO Publishing Citation Format: APA (American
Psychological Assoc.):
NOTE: Review the instructions at
http://support.ebsco.com/help/?int=ehost&lang=&feature_id=AP
A and make
any necessary corrections before using. Pay special attention to
personal names, capitalization, and
dates. Always consult your library resources for the exact
formatting and punctuation guidelines.
References
CYBER-TERRORISM. (2011). International Debates, 9(9), 10-
13.
<!--Additional Information:
Persistent link to this record (Permalink):
http://search.ebscohost.com/login.aspx?
direct=true&db=a9h&AN=70080217&site=ehost-
live&authtype=uid&user=grantham&password=research
End of citation-->
CYBER-TERRORISM
Cyber-attacks, Terrorist Capabilities, and Federal Action
Although terrorists have been adept at spreading propaganda
and attack instructions on the Web, it
appears that their capacity for offensive computer network
operations may be limited. The Federal
Bureau of Investigation (FBI) reports that cyber-attacks
attributed to terrorists have largely been limited
to unsophisticated efforts such as email bombing of ideological
65. foes, denial-of-service attacks, or
defacing of websites. However, it says, their increasing
technical competency is resulting in an emerging
capability for network-based attacks. The FBI has predicted that
terrorists will either develop or hire
hackers for the purpose of complementing large conventional
attacks with cyber-attacks.
During his testimony regarding the 2007 Annual Threat
Assessment, FBI Director Robert Mueller
observed that "terrorists increasingly use the Internet to
communicate, conduct operational planning,
proselytize, recruit, train, and to obtain logistical and financial
support. That is a growing and increasing
concern for us." In addition, continuing publicity about Internet
computer security vulnerabilities may
encourage terrorists' interest in attempting a possible computer
network attack, or cyber-attack, against
U.S. critical infrastructure.
Possible Terrorist Objectives
The Internet, whether accessed by a desktop computer or by the
many available handheld devices, is
the medium through which a cyber-attack would be delivered.
However, for a targeted attack to be
successful, the attackers usually require that the network itself
remain more or less intact, unless the
attackers assess that the perceived gains from shutting down the
network entirely would offset the
accompanying loss of their own communication. A future
targeted cyber-attack could be effective if
directed against a portion of the U.S. critical infrastructure, and
if timed to amplify the effects of a
simultaneous conventional physical or chemical, biological,
radiological, or nuclear (CBRN) terrorist
attack. The objectives of a cyber-attack may include the
66. following four areas:
* loss of integrity, such that information could be modified
improperly;
* loss of availability, where mission-critical information
systems are rendered unavailable to authorized
users;
javascript:openWideTip('http://support.ebsco.com/help/?int=eho
st&lang=&feature_id=APA');
http://search.ebscohost.com/login.aspx?direct=true&db=a9h&A
N=70080217&site=ehost-
live&authtype=uid&user=grantham&password=research
2/15/2018 EBSCOhost
http://web.b.ebscohost.com/ehost/delivery?sid=a044cfde-323a-
4432-ab13-
0153ed2567f1%40sessionmgr102&vid=15&ReturnUrl=http%3a
%2f%2fweb.… 2/4
* loss of confidentiality, where critical information is disclosed
to unauthorized users; and
* physical destruction, where information systems create actual
physical harm through commands that
cause deliberate malfunctions.
Publicity would also potentially be one of the primary
objectives for a terrorist cyberattack.
Extensive media coverage has shown the vulnerability of the
U.S. information infrastructure and the
potential harm that could be caused by a cyber-attack. This
67. might lead terrorists to believe that even a
marginally successful cyber-attack directed at the United States
would garner considerable publicity.
Some suggest that were such a cyber-attack by an international
terrorist organization to occur and
become known to the general public, regardless of the level of
success of the attack, concern by many
citizens and cascading effects might lead to widespread
disruption of critical infrastructures.
For example, reports of an attack on the international financial
system's networks could create a fiscal
panic in the public that could lead to economic damage.
According to security experts, terrorist groups
have not yet used their own computer hackers nor hired hackers
to damage, disrupt, or destroy critical
infrastructure systems. Yet reports of a recent disruptive
computer worm that has spread through some
government networks, including that of the National
Aeronautics and Space Administration, have found
a possible link to a Libyan hacker with the handle "Iraq
Resistance" and his online hacker group
"Brigades of Tariq ibn Ziyad," whose stated goal is "to
penetrate U.S. agencies belonging to the U.S.
Army."
According to these reports, references to both the hacker and
group have been found in the worm's
code. However, this does not provide conclusive evidence of
involvement, as email addresses can be
spoofed and code can be deliberately designed to implicate a
target while concealing the true identity of
the perpetrator.
The recent emergence of the Stuxnet worm may have
implications for what potential future cyber-
68. attacks might look like. Stuxnet is thought to be the first piece
of malicious software (malware) that was
specifically designed to target the computer-networked
industrial control systems that control utilities, in
this case nuclear power plants in Iran. Although many experts
contend that the level of sophistication,
intelligence, and access required to develop Stuxnet all point to
nation-states, not only is the idea now in
the public sphere for others to build upon, but the code has been
released, as well. An industrious group
could potentially use this code as a foundation for developing a
capability intended to degrade and
destroy the software systems that control the U.S. power grid, to
name one example.
Federal Government Efforts to Address Cyber-terrorism
A number of U.S. Government organizations appear to monitor
terrorist websites and conduct a variety
of activities aimed at countering them. Given the sensitivity of
federal government programs responsible
for monitoring and infiltrating websites suspected of supporting
terrorism-related activities, much of the
information regarding the organizations and their specific
activities is deemed classified or law
enforcement-sensitive and is not publicly available.
The information listed below represents a sampling of what has
been publicly discussed about some of
the federal government organizations responsible for monitoring
and infiltrating jihadist websites. It
should be noted that the actions associated with the
organizations listed below could be conducted by
employees of the federal government or by civilian contract
personnel.
69. 2/15/2018 EBSCOhost
http://web.b.ebscohost.com/ehost/delivery?sid=a044cfde-323a-
4432-ab13-
0153ed2567f1%40sessionmgr102&vid=15&ReturnUrl=http%3a
%2f%2fweb.… 3/4
* Central Intelligence Agency -- development, surveillance, and
analysis of websites, commonly referred
to as honey pots, for purposes of attracting existing and
potential jihadists searching for forums to
discuss terrorism-related activities.
* National Security Agency -- surveillance of websites and
rendering them inaccessible.
* Department of Defense (DOD) -- surveillance of websites
focused on discussions of perceived
vulnerabilities of overseas U.S. military facilities or operational
capabilities and disabling those that
present a threat to operations.
* Department of Justice -- development of polices and
guidelines for creating, interacting within,
surveilling, and rendering inaccessible websites created by
individuals wishing to use the Internet as a
forum for inciting or planning terrorism-related activities.
* Federal Bureau of Investigation -- monitoring of websites and
analysis of information for purposes of
determining possible terrorist plans and threats to U.S. security
interests.
* Department of Homeland Security -- monitoring of websites
and analysis of information for purposes of