Cyberterrorism: oh really? presented at Virus Bulletin 2010

by Morton Swimmer (Trend Micro),

Tags: Security


Summary : "
Ever since the Al Qaeda attacks on the New York World Trade Center buildings in 2001, terrorism has had a level of
prominence in people's consciousness that it hasn't seen in most of the West since the 1970s events of the RAF, PLO and
SLA groups. Even previous actions of regional terrorist groups such as the Provisional IRA did not have the same impact
worldwide as this single event. This and the rise of cybercrime and hactivism has raised the spectre of cyberterrorism -
effectively an online version of an act of terror that would target our information technology and control infrastructure.
The logic is compelling: a single motivated cyberterrorist could bring down our financial or SCADA system far more
economically than an armed attack could ever achieve. Furthermore, large multinational companies are beginning to act as
sovereign meta-nations and are coming increasingly in the crosshairs of hactivists and by extension cyberterrorists.
But is this a reasonable conclusion to draw?
In 1993, the author carried out a study with the BBC on computer and network use of left- and right-wing extremist/militant
groups and found that both shared a deep skepticism of IT in general, but at the same time embraced it as a mode of
communication and information dissemination. While there were the occasional pot-shots at each other's BBS systems, the
targets of the militant wings of these groups never included any such soft targets. Since then only a few attacks could be
attributed to actual terrorists and even then with only little circumstantial evidence that it wasn't a hacktivist or
cybercrime extortion attempt instead. In the meantime, however, the Internet has become much more important to society, so
have terrorist and militant attitudes to technology changed as well?
To understand how likely a cyberterrorist attack is, we first need to understand terrorists, their motivations and their
playbooks, and extrapulate this to IT. We need a definition of terrorism. Unfortunately, in decades of trying even the
United Nations has not been able to agree on a definition of terrorism, although A.P. Schmid has come close to providing
one that most can live with. The source of the problem is that intention plays an important part of defining a terrorist,
and intention, as we know in computer security, is incredibly hard to define and measure. Since 2007, starting with a
study group at John Jay College of Criminal Justice and later independently, I have been revisiting the subject with the
intention of determining the risk of an actual cyberterrorist act. While so far cybercrime and hactivism is alive and
thriving, my findings indicate that cyberterrorism remains as unlikely as in 1993. However, this could be poised to
change and so this paper will show my findings and what would have to change in society and the extremist landscape for
cyberterrorism to become a reality or at least a complicit act to a more traditional act of terrorism."