Cyber terrorism denotes unlawful attacks and threats of attack against computers, networks and information stored therein to intimidate or coerce a government or its people for propagating hidden political or unlawful social and religious agendas. These attacks result in violence against persons or property or cause public unrest. Few examples could be explosions, plane crashes and severe losses. Terrorists are known to use internet to prepare the schemes, raise funds and spread cyber terrorism. For instance, Razmi Yousef who was a key person behind World Trade Centre attack had details schemes to destroy United States airliners encrypted files in his laptop computer.
We know that Cyber terrorism is the crime that has emerged in recent times, to use the medium of Internet to terrorize the minds of citizens. Admirably, the Laws through the implementation of the Information technology Act, 2000, is one of the efficient steps taken towards the creation of punishment of these kinds of crimes. There is need of innovative laws and global standards on preventive action.
The Indian Information Technology Amendment Act 2008 lays down Section 66F as a specific provision dealing with the issue of cyber terrorism that covers denial of access, unauthorized access, introduction of computer contaminant leading to harm to persons, property, critical infrastructure, disruption of supplies, ‘sensitive data’ thefts, acts which are punishable with imprisonment which may extend to imprisonment for life.
Definitions: Terrorism and Cyber Terrorism
What is Terrorism?
Terrorism can be defined as “The unlawful use or threatened use of force or violence by a person or an organized group against people or property with the intention of intimidating or coercing societies or governments, often for ideological or political reasons”- (Denning, 2000, pp. 54-55).
What is Cyber terrorism?
Ø “The premeditated, politically motivated attack against information, computer systems, computer programs, and data which result in violence against noncombatant targets by sub national groups or clandestine agents.” -Mark M. Pollitt
Ø “[the] use of information technology and means by terrorist groups and agents.”-Serge Krasavin
Ø “Politically motivated hacking techniques used in an effort to cause grave harm, included but not limited to loss of life or serious economic damage.” -Larisa Paul
Labeling a “cyber attack” as “cybercrime” or “cyber terrorism” is problematic because of the difficulty determining with certainty the identity, intent, or the political motivations of an attacker. “Cybercrime” can be very broad in scope, and may sometimes involve more factors than just a computer hack. “Cyber terrorism” is often equated with the use of malicious code. However, a “cyber terrorism” event may also sometimes depend on the presence of other factors beyond just a “cyber attack.”
Pure Cyber Terrorism
The concept of ‘pure’ cyber terrorism — that is, terrorism activities that are carried out entirely (or primarily) — in the virtual world is an interesting one. The Internet provides many different ways of anonymously meeting with ‘like minded’ individuals in a (comparatively) safe way. Furthermore, successful cyber terrorism event could require no more prerequisite than knowledge — something that is essentially free to the owner once acquired, and an asset that can be used over and over again.
Thus, it would be possible that such an environment could facilitate the creation of entirely new terrorist groups — no duty would be required for actions, and members could organize themselves quickly and easily in the anonymity of cyberspace. This is very different from certain examples given above, where the computer can aid the task of the terrorist, but ‘real’ resources are still required to execute the plan. It is this pure cyber terrorism that most writers mean when they discuss the dangers posed by the cyber terrorist, and this compartmentalization poses a significant barrier to our ability to protect ourselves.
One question that has not been adequately addressed in the literature is what this terrorism might look like. At this time, there is much confusion, based largely upon lack of agreement in definitions. However, using ‘traditional’ terrorism models should help make the situation more suited to analysis, and this is certainly a topic for future research.
Characteristics of Cyber - Terrorism
Generally speaking Cyber- terrorism has several distinct characteristics. These features help to better differentiate the time-line between a cyber- terror attack versus a cyber attack or activities of a hacker. Cyber- terrorism will or may display following codes.
Ø Attack is predefined and victims are specifically targeted.
Ø Attack has an objective to destroy or damage specific targets such as political, economic, energy, civil, and military infrastructure.
Ø Attack may even target specific opposing religions group’s information infrastructures to insight religious racket.
Ø The purpose of any attack is to create fear of the group’s intentions and further their own political agenda or goals or gain fellowship by succeeding in their attacks.
Ø Destroy enemy’s capabilities to further operate within their own arena.
Ø Persuade others to believe that the victim or victims are vulnerable and their stability negligent.
Ø Create increased loyalty and pride within the group based on their successes.
Cyber Terrorists- Who are they?
While thinking about the cyber terrorists, two questions can be easily created by an intellect.
i) Are they existing terrorists groups, or
ii) Are they newly created organizations?
While there are some groups of “pure” cyber terrorists in operation in the world the main threat would seem to come from groups that have historically operated in the “real” world.
In this era, terrorist organizations, which generally get no access to television or radio communication, can easily broadcast their messages to the entire world via the Internet.In fact, many of the largest terrorist groups either maintain their own website, or have sites dedicated to them.
Aum Shinrikyo, the group who chest rated the gas bombing on Tokyo subways, operates its own site.
HIZBULLAH, the Party of God, an anti- West and an Anti- Israeli terrorist organization, has been implicated in many noxious attacks which includes the bombing of United States military barracks in Beirut also having its own site. These sites allow terrorist organizations to reach ultimate target audience - The world wide population.
From American point of view, the most dangerous terrorist group is Al- Queda - which is the first enemy of the United States. According to the US officials data from computer seized in Afghanistan indicate that the group has scouted systems that control US energy facilities, water distribution, communication systems and other critical infrastructure.
A study that covered the second half of the year 2002 showed that the most dangerous nation for originating malicious cyber attacks in the US with 35.4% of the cases down from 40% for the first half of the same years. South Korea came next with 12.8%, followed by China with 6.2%, then Germany with 6.1%, followed by France and UK with 4% and 2.2% respectively.
According to the same study, Israel was the most active country in terms of number of cyber attacks related to the number of internet users.
The Unix Security Guards (USG) a pro- Islamic group launched a lot digital attacks in May 2002. Another group called World’s Fantabulous Defacers (WFD) attacked many Indian sies. Also there is another pro- Pakistani Group called Anti Indian Crew (AIC) who launched cyber attacks against India. Also there are many Palestinian and Israeli groups fighting each other through the means of digital attacks.
Cyber Terrorism – An Appealing choice
There are quite a few reasons for cyber terrorism becoming an appealing and attractive option for the terrorists. They are
Ø It’s economical than any other traditional terrorist methods. They just need a personal computer and an online connection to create all kind of these chaoses.
Ø Cyber terrorism is anonymous to a very greater extent than normal terrorism. Here terrorists use some kind of nicknames or may log on to a website as an unspecified “guest user”.
Ø The multiplicity of targets. The cyber terrorist could aim the computers and computer networks of governments, individuals, public utilities and so forth.
Ø This kind of terrorism does not need any kind of physical training, psychological investment, and no risk of morality is faced by them etc
Ø Next, as the I LOVE YOU virus showed, cyber terrorism has the potential to affect directly a large number of people than traditional terrorist methods, thereby generating greater media, which is ultimately what terrorists want.
Cyber Terrorism – Is the hazard authentic?
The peril imposed by cyber terrorism has snatched the attention of the world mass media, the security population, and the Information Technology (IT) industry. Journalists, politicians, and experts in a variety of fields have popularizes a scenario in which sophisticated cyber terrorists electronically break into computers that control dams or air traffic systems, wreaking havoc and endangering not only millions of lives but national security itself.
We know that the most critical infrastructure in Western Societies is networked through computers, so any kind of threat from cyber terrorist is highly alarming. Our dependence on IT is growing day to day and it has created vulnerability giving terrorist the chance to approach targets that would otherwise be utterly unassailable, such as national defense systems and air traffic control systems. So in short, the most technologically advanced country is most vulnerable to the cyber terrorist attacks.
General John Gordon indicated that whether someone explodes a bomb that cause bodily harm to innocent people or hacked into a web-based IT system in a way that could, for instance take a power grid offline and result in blackout, the result is ostensibly the same. He also stated that the potential for terrorist cyber is real.
Identifying Cyber Terrorism
The definition of computer attack includes any actions directed against computer systems to disrupt equipment operations, change processing control, or corrupt stored data. Different attack methods target different weaknesses and involve different types of weapons. Several of these methods may be within the current capabilities of some terrorist groups. Three different methods of attack are identified, based on the effects of the weapons used. However, as technology evolves, distinctions between these methods may begin to blur. These methods are the following:
Ø A physical attack involves conventional weapons directed against a computer facility or its transmission lines;
Ø An electronic attack (EA) involves the use the power of electromagnetic energy as a weapon, more commonly as an electromagnetic pulse (EMP) to overload computer circuitry, but also in a less violent form, to insert a stream of malicious digital code directly into an enemy microwave radio transmission; Electronic attack methods employ the uses of computer viruses, logic bombs, Trojan horses, and (distributed) denial of service attacks to break software. A relatively new addition to the list is the use of “bot nets”. It is estimated that thousands of computers connected to the Internet are infected with remote controlled “bot” software. These computers, otherwise known as “zombies”, are activated only when needed and are used by the cyber terrorist to collectively attack a selected target server (Hacking Exposed).
Ø A computer network attack (CNA), usually involves malicious code used as a weapon to infect enemy computers to exploit a weakness in software, in the system configuration, or in the computer security practices of an organization or computer user. However, CNA may also occur when an attacker uses stolen information to enter restricted computer systems.
The physical attacks are focused towards destroying hardware using electronic waves or pulses. These devices effectively “microwave” a circuit board causing temporary or even permanent damage. Leading technologies are listed and defined as:
• T.E.D. (TRANSIENT ELECTROMAGNETIC DEVICE) (Schriner) (Radio Frequency Weapons and Proliferation)
T.E.D.s is an inexpensive, yet powerful, method of delivering radio frequency (RF) interference into a circuit. T.E.D.s delivers a spiked-pulse of energy, as opposed to the traditional RF device which delivers a fluid sine-wave flow of energy.
• R.F. WEAPON (RADIO FREQUENCY WEAPON) (Schriner) (Radio Frequency Weapons and Proliferation)
Uses a flowing sine-wave pattern of energy to excite particles. This can be projected by using a parabolic reflection vector. An example might be to modify a microwave by putting a salad bowl around its wave emitter. The salad bowl would project and focus the energy along a particular line.
• R.F. MUNITIONS (RADIO FREQUENCY MUNITIONS) (Cereijo)
R.F. weapons are also packaged as R.F. Munitions, which use explosives to produce radio-frequency energy. In the hands of skilled Cuban scientists, these munitions come as hand grenades or mortar grounds.
• ELECTROMAGNETIC PULSE (Definition)
An electromagnetic pulse (EMP) is an intense burst of electromagnetic (EM) energy caused by an abrupt, rapid acceleration of charged particles, usually electrons. An EMP can contain energy components over a large part of the EM spectrum, from very-low-frequency (VLF) radio to ultraviolet (UV) wavelengths. An EMP is found in lightning strikes and high-altitude nuclear explosions, and destroys all electrical circuits within its range.
• T.E.M.P.E.S.T. (TRANSIENT ELECTRO MAGNETIC PULSE EMULATION STANDARD) (The
Complete, Unofficial TEMPEST Information Page)
A U.S. government code word that identifies a classified set of standards for limiting electric or electromagnetic radiation emanations from electronic equipment. EM radiation emanations from computers and specifically monitors can be intercepted and used to recreate the images produced by a computer screen.
Forms of Cyber Terrorism
(I) Privacy violation:
The law of privacy is the recognition of the individual's right to be let alone and to have his personal space inviolate. In recent times, however, this right has acquired a constitutional status, the violation of which attracts both civil as well as criminal consequences under the respective laws. The intensity and complexity of life have rendered necessary some retreat from the world. Man under the refining influence of culture, has become sensitive to publicity, so that solitude and privacy have become essential to the individual. Right to privacy is a part of the right to life and personal liberty enshrined under Article 21 of the Constitution of India. With the advent of information technology the traditional concept of right to privacy has taken new dimensions, which require a different legal outlook. To meet this challenge recourse of Information Technology Act, 2000 can be taken.
The various provisions of the Act aptly protect the online privacy rights of the citizens. Certain acts have been categorized as offences and contraventions, which have tendency to intrude with the privacy rights of the citizens.
(II) Secret information appropriation and data theft:
The information technology can be misused for appropriating the valuable Government secrets and data of private individuals and the Government and its agencies. A computer network owned by the Government may contain valuable information concerning defence and other top secrets, which the Government will not wish to share otherwise. The same can be targeted by the terrorists to facilitate their activities, including destruction of property. It must be noted that the definition of property is not restricted to moveables or immovables alone.
In R.K. Dalmia v Delhi Administration the Supreme Court held that the word "property" is used in the I.P.C in a much wider sense than the expression "movable property". There is no good reason to restrict the meaning of the word "property" to moveable property only, when it is used without any qualification. Whether the offence defined in a particular section of IPC can be committed in respect of any particular kind of property, will depend not on the interpretation of the word "property" but on the fact whether that particular kind of property can be subject to the acts covered by that section.
(III) Demolition of e-governance base:
The aim of e-governance is to make the interaction of the citizens with the government offices hassle free and to share information in a free and transparent manner. It further makes the right to information a meaningful reality. In a democracy, people govern themselves and they cannot govern themselves properly unless they are aware of social, political, economic and other issues confronting them. To enable them to make a proper judgment on those issues, they must have the benefit of a range of opinions on those issues. Right to receive and impart information is implicit in free speech. This, right to receive information is, however, not absolute but is subject to reasonable restrictions which may be imposed by the Government in public interest.
(IV) Distributed denial of services attack:
The cyber terrorists may also use the method of distributed denial of services (DDOS) to overburden the Government and its agencies electronic bases. This is made possible by first infecting several unprotected computers by way of virus attacks and then taking control of them. Once control is obtained, they can be manipulated from any locality by the terrorists. These infected computers are then made to send information or demand in such a large number that the server of the victim collapses. Further, due to this unnecessary Internet traffic the legitimate traffic is prohibited from reaching the Government or its agencies computers. This results in immense pecuniary and strategic loss to the government and its agencies.
It must be noted that thousands of compromised computers can be used to simultaneously attack a single host, thus making its electronic existence invisible to the genuine and legitimate citizens and end users. The law in this regard is crystal clear.
(V) Network damage and disruptions:
The main aim of cyber terrorist activities is to cause networks damage and their disruptions. This activity may divert the attention of the security agencies for the time being thus giving the terrorists extra time and makes their task comparatively easier. This process may involve a combination of computer tampering, virus attacks, hacking, etc.
Difficulty Identifying Attackers
Anyone can easily obtain instructions for exploiting computer vulnerabilities via the Internet. However, to date, there is no published evidence linking a sustained or widespread attack using CNA with international terrorist groups. It remains difficult to determine the identity of the initiators of most cyber attacks, while at the same time security organizations continue to report that computer virus attacks are becoming more frequent, causing more economic losses, and affecting larger areas of the globe. For example, the Computer Emergency Response Team Coordination Center (CERT/CC) reports that their office received 137,529 computer security incidents in 2003, up from 82,094 in 2002. The unwillingness of commercial enterprises to report attacks, owing to potential liability concerns, complicates the challenge of identifying the source of the Cyber terrorism.
Possible Effects of Cyber Terrorism
While the number of random Internet cyber attacks has been increasing, the data collected to measure the trends for cyber attacks cannot be used to accurately determine if a terrorist group, or terrorist-sponsoring state, has initiated any of them. A recent private study found that during the latter half of 2002, the highest rates for global cyber attack activity were directed against critical infrastructure industry companies. A new report on industrial cyber security problems, produced by the British Columbia Institute of Technology, and the PA Consulting Group, using data from as far back as 1981, reported a 10-fold increase in the number of successful cyber attacks on infrastructure Supervisory Control and Data Acquisition systems since 2000. DOD officials have also observed that the number of attempted intrusions into military networks has gradually increased, from 40,076 incidents in 2001, to 43,086 in 2002, 54,488 in 2003, and 24,745 as of June 2004.
Costs of Cyber Crime
Attacks are becoming more destructive, widespread and more difficult to contain. Post 9/11, there seems to be a greater appreciation for how much information security means not only to each individual enterprise but also to the economy itself and to society as a whole. Following are some economic impact statistics:
Ø $17 billion dollars will be spent worldwide on security products and services
Ø $200 - $300 is spent by US companies for every host that needs patching
Ø In 2003, $221.2 billion dollars were lost worldwide due to identity theft (up from $73.8 billion in 2002) with $73.8 billion (up from $24.6 billion) of those losses in the United States.
The Information Technology Act, 2000
So far as India is concerned in order to combat cyber terrorism through law, the Information Technology (Amendment) Act, 2008 has been enacted to include the same within the meaning of offences and therefore, is made punishable. Though, cyber terrorism has not been defined, but sec. 66(f) of the Information Technology (Amendment) Act, 2008 prescribes as to when cyber terrorism is said to have been committed. Sec. 66(f) of the said Act reads as to the following effect-
“Whoever:- (A) With the intent to threaten the unity, integrity, security or sovereignty of India or to strike terror in the people or any section of the people by—
(i) By denying or cause the denial of access to any person authorized to access computer resource; or (ii) Attempting to penetrate or access a computer resource without authorization or exceeding authorized access; or (iii) Introducing or causing to introduce any computer contaminant;
And by means of such conduct causes or is likely to cause death or injuries to persons or to damage to or destruction of property or disrupts or knowing that it is like to cause damage or disruption of supplies or services essential to the life of the community or adversely affect the critical information infrastructure specified under section 70, or
(B) Knowingly or intentionally penetrates or accesses a computer resource without authorization or exceeding authorized access, and by means of such conduct obtains access to information, data or computer database that is restricted for reasons for the security of the state or foreign relations, or any restricted information, data or computer database, with reasons to believe that such information, data or computer database so obtained may be used to cause or likely to cause injury to the interests of the sovereignty and integrity of India, the security of the state, friendly relations with foreign states, public order, decency or morality, or in relation to contempt of court, defamation or incitement to an offence, or to the advantage of any foreign nation, group of individuals or otherwise, Commits the offence of cyber terrorism.
(2) Whoever commits or conspires to commit cyber terrorism shall be punishable with imprisonment which may extend to imprisonment for life.”
Cyber Terrorism threat to India
The sensational episodes of online warfare are high against this nation. But still we witness that mostly we are not prepared to counter the cyber terror attack by China and Pakistan against our great India. Recently gaping holes in the Indian e-security environment were shown when a Swedish “ethical hacker” blogged details of e–mail accounts and passwords of several Indian government institutions, including the Defence Research and Development Organization, the National Defence Academy etc. he matter assumes significance particularly because China has been steadily strengthening its ability to wage electronic warfare alongside its rapid (and non-transparent) modernization of its military and armory.
Hackers from Pakistan and terrorist organizations are increasing their attacks on Indian websites to provide a new dimension to the ongoing Indo- Pak conflict over Jammu and Kashmir. The terrorist organizations were resorting to the internet and information systems to extend their warfare into a completely new ground to give a new, lost-cost dimension, with maximum effect and reach. Hacker groups from Pakistan like Pakistan Hacker Club had intensified their attacks on Indian websites, especially over the last few years.
Some incidents of cyber attack
1. Cyber attacks in Middle East
With the Middle East Conflict as a very heated moment between bordering countries Pro- Palestinian and Pro- Israel Cyber Groups have been launching an offensive against websites and mail services used by the political sectors the opposing groups show support for. The attacks had been reported by the NIPC (National Infrastructure Protection Center) in October of 2000 to U.S officials. The attacks were a volley of e-mail floods. DoS attacks and Ping flooding of such sites as the Israel Foreign Ministry, Israeli Defense Forces, and in reverse, sites that belonged to groups such as Hamas and Hezbollah.
2. Cyber attacks between Pakistan and India
As tensions between the neighboring regions of India and Pakistan over Kashmir grew over time, Pro- Pakistan cyber-terrorists and recruited hackers began to target India’s Internet Community. Just prior to and after the September 11th attacks, it is believed that the sympathizers of Pakistan (which also included members of the Al Qaeda Organization) began their spread of propaganda and attacks against Indian Internet based communities. Groups such as G- Force and Doctor Nuker have defaced or disrupted service to several major entities in India such as the Zee TV Network, The India Institute of Science and the Bhabha Atomic Research Centre which all have political ties. The Group, Pakistani Hackerz Club also went as far as to target the United States Air Force Computing Environment and the Department of Energy’s website.
Now it’s high time to take action. It is a fact that counter terrorists are duty bound to save property and lives. We all are increasingly connected, dependent and vulnerable. With combination of knowledge, responsibility and expertise, a counter- cyber terrorism team can build an effective policy for preventing cyber terrorist incidents, managing threats and responding to Cyber- Terrorist acts. So now we agree the fact that the traditional concepts and methods of terrorism have taken new dimensions, which are more deadly and destructive in nature. The damage so produced would be almost irreversible and most catastrophic in nature. The law dealing with cyber terrorism is however not adequate to meet the precarious intentions of these cyber terrorists and requires a transformation in the light and context of the latest developments all over the world. The laws have to take care of the problems originating at the international level because the internet, through which these terrorist activities are carried out, recognizes no boundaries. Thus a cyber terrorist can collapse the economic structure of a country from a place with which a country may not have reciprocal arrangements, including an “extradition treaty”. The only safe guard which is available to us is to use the latest technology to counter these problems. Thus, we understand that a good combination of the latest security technology and a law dealing with cyber terrorism is the need of the hour.
1. An introduction to Cyber Laws- Dr. R.K Chaubey
2. Guide to Cyber Laws- Rodney O. Ryder
3. CRS Report for Congress, Received through the CRS Web
4. Symantec Security Response- by Sarah Gordon
5. Dr. Marco Gercke, Lecturer at the University of Cologne, Germany, Expert for the Council of Europe- Cyber Terrorism
6. Cyber Terrorism: A Study of the Extent of Coverage in Computer Security Textbooks,Janet J. Prichard and Laurie E. MacDonald, Bryant University, Smithfield, RI, USA
# Remember, just because an individual or group commits a crime qualifying its actions as a cyber based hack or attack activity, the perpetrator is not
# Alexander, Yonah Swetman, Michael S (2001) Cyber Terrorism and Information Warfare; Threats and Responses. Transnational Publishers. Inc. U.S
# Aum ( Sect of Supreme truth) of Japan, its leader is Shoko Ashara, they were blamed for various terrorist attacks including nerve gas attack on the Tokyo Subway in March 1995, killing 12 and injuring thousands.
# Mudawi Mukhtar Elmushraf, Cyber Terrorism: The new kind of terrorism, Computer Crime Research Centre April 8, 2004
# The worm, first discovered in Hong Kong, arrived in e- mail boxes on May 4, 2000 with the simple subject of “ILOVEYOU” with an attachment “LOVE –LETTER –FOR-YOU.TXT.vbs” it began in the Philippines on May 4, 2000, and spread across the whole world in one day (travelling from Hong- Kong to Europe to the United States), infecting 10% of all computers connected to the internet and causing about 5.5 billion dollars in damage. The Pentagon, CIA, and the British Parliament all had to shut down their E-mail systems to get rid of the worm as did most large corporations.
# Gabriel Weimann, Cyberterrorism; How Real Is the Threat? Special Report No.119, United States Institute of Peace, December, 2004.
# General John Gordon, the White House Homeland Security Advisor, speaking at the RSA security conference in San Francisco, CA Feb.25, 2004
The author can be reached at: firstname.lastname@example.org