Team 1 Sec3.3

From CyberSecurity
Jump to: navigation, search

[Final draft of section 3.3 for your feedbacks] [Pravin]

If we need draw the essence of the first four lectures regarding the goals of terrorism, we conclude that primary aim of terrorists is to coerce the government or public opinion by inflicting psychological and physical damage to the target. In our report, we clearly distinguish cyber-terrorism from common cyber-crimes to distinguish terrorists from recreational hackers [2]. The scale of cyber-threats that can be launched was viewed in context of routine disruptions that occurs commonly in these critical infrastructures for it to be of any strategic value to terrorists. We are in the view that for terrorist to achieve the aforementioned goals it needs to go beyond routine disruptions to paralyze or create psychological terror [1].

From all the scenarios we analyzed for cyber-attacks if launched against critical infrastructures, it can be concluded that most of the cyber-attacks if launched have very limited chance of causing widespread havoc in achieving their goals. It would be also fair to say that the fears of the cyber-terrorism have been exaggerated by mass media [2,3] which unfortunately has failed to distinguish between cyber-terrorism and cyber-crimes.

Nevertheless, we cannot deny or ignore the future risks of cyber terrorism. The dependence of our critical infrastructures on computer networks is not static, as is getting more inter-twined , ubiquitous [9] and dependent on them everyday. Also, there seem to be momentum for adopting more standardized versions of network protocol as it provides greater cost advantage than maintain their own propriety standards and protocols. All these factors may make the future cyber-threats more potentially viable in future than it is now. So, it is essential that we put enough resources in research efforts which will make these internet protocols and network infrastructure more secure, robust and resilient to future cyber-attacks.

Also, as lot of scholors (Verton) has argued that Al-Qaeeda has shown great penchant to acquire modern technology. Bin Laden, in his interview published in Arabic newspaper claims to have support of "hundreds of Muslim scientists were with him who would use their knowledge…ranging from computers to electronics". Frank Cilluffo, office of Homeland security, in widely quoted remark states that “While Bin-Laden may have his finger on the trigger, his grandchildren may have their fingers on computer mouse”.

It would be fair to say that threats of cyber-terrorism are exaggerated and manipulated at best in our current times and unfortunately mass media has done a great disservice in this regard. But it would be unwise to ignore the perils of cyber-terrorisms that future may hold as our society becomes more dependent on these computer networks and terrorist groups more technology savvy.

[PRAVIN]


3. Estimated feasibility and strategic value of the attack technique to a terrorist organization:

[PRAVIN]

1) We should be distinguishing hacking with cyber-terrorism in terms of motivations? [EX: Is it strategic enough if I am fighting a war to put these resources on these tactics rather than on something else? This may be very different line of thinking from someone who is a hacker who wants to just deface some websites]

2) Also we should treat them as "warfare tactic" by terrorists and see what is the long term impact in time and damage to national infrastructure?

3) Distinguish if it is just "Weapons of Mass Annoyance" or does it really degrade the national infrastructure/ psychological impact longer term? Is it strategic enough?.

4) Provide the context with "daily disruptions" that does occur in day to day workings of these critical infrastructure and see if these attacks can be more dangerous or significant enough to degrade national infrastrucure or long term psychological impact.

5) Provide evidence and data for each of the points from scholars so they may not appear as personal optinions.


Reply: For points 1 and 2, terrorism does have different motivations from everyday hacking, but it is also different from warfare. Terrorism doesn't have to do long-term damage to national infrastructure; for instance, the Spanish train bombings by al Qaeda did not do a large amount of damage.

For points 3 and 4, you're right that a denial-of-service attack is mostly an annoyance, so it's not terrorism. But I do think terrorist groups might want to do these things anyway, the same way al Qaeda makes propaganda videos.

For point 5, I'm working on that... --Yi-Kai


More things to add:

  • Terrorist goals: Get attention, create fear, influence public opinion, change government policy. Internet attacks can do physical or economic damage, attract publicity, communicate specific demands.
  • Internet attacks, and the rise of international terrorism.

Internet attacks can be done from a safe haven, personnel need not enter target country; "friendly" regime provides sanctuary from international law enforcement.

Side benefits: self-financing via criminal operations (fraud); useful for propaganda and recruitment.

Cyberspace is international: no clear governmental authority, fewer constraints on malicious activities.

  • Terrorism as warfare: Current internet attacks are not highly destructive, though they can augment a physical attack in useful ways. However, this situation is changing, as several states are developing information warfare capabilities.

--Yi-Kai



3.3. potential value of cyberattack as a tool for achieving the various terrorist aims identified in lectures 1, 2, 3, and/or 5.

Here is a first attempt at this. Any suggestions? --Yi-Kai

This is not the final draft! Take Section 3.3 from Team_1_Sec3 instead. --Yi-Kai

Terrorism is violence intended to manipulate a larger audience. Acts of terrorism may cause mass destruction and casualties, but the ultimate goal is to create fear even among people who were not directly affected. Internet attacks enter the picture in two ways: first, as a tool for causing physical harm; and second, as a way of attracting attention and creating psychological effects.

Physical harm: Generally speaking, an internet attack does not do much damage by itself, but it can be a component of a larger attack (e.g., using the internet to gain control of a SCADA system, in order to damage the electric power grid; or disrupting the internet to hinder emergency response to a physical attack). There are a few exceptions to this rule: a denial-of-service attack can hurt e-commerce retailers like Amazon.com, and phishing attacks can lead to identity theft and fraud. In these cases, there is financial damage.

Psychological effects: Because of their novelty, Internet attacks tend to get extra news coverage (particularly large-scale attacks such as worms). Terrorist groups may see this as a way to get attention, show off their capabilities, and make themselves more credible. This would lead them to choose targets with high visibility, not monetary value: www.whitehouse.gov instead of www.amazon.com. Another possibility is that terrorists would use the internet as a communications medium, like television and radio. The equivalent of an al Qaeda video might be a worm that downloads a terrorist manifesto onto every computer it infects. Terrorists might find this attractive because, unlike traditional media, the internet lets them communicate directly with their audience.

My feeling is that internet attacks are more useful as psychological tools, and carrying out such an attack would be relatively easy. There just aren't many ways that an Internet attack could cause serious physical damage. Internet attacks can be used to augment a physical attack, but that would require good coordination, it would be a distraction from the physical attack, and I don't think it's worth the extra effort.


Comments:

You might want to address terrorists' aims more directly than with the simple tool of "causing fear in those not directly involved in the attack". The first two lectures went through a number of different examples of terrorist groups and the different motives that they had. I beleive that the slides are on the web for these, so you can get a feel for the aims that Maurer feels terrorist groups have pursued. He builds up a list throughout the lecture that grows, so he was definitely trying to generalize beyond the perticular examples. On the other hand, the list is probably much longer than this (sub)section of the paper needs to be successful.

If you do want to focus fully on the fear aspect, I think that it is probably important to mention the way that computers play the dual roles of absolutely essential to the productivity of so many people as well as being something that many people identify towards as a tool they could not possibly understand. As such, I think that people can develop irrational fear, since anytime they are connected to the internet, they "might" be vulnerable to losing all their personal information (who backs up anything?) and they might have little idea if they are vulnerable or how to stop their vulnerability in any case. So in this way, a widespread cyber attack might have a lot of fear value. But feel free to ignore all these comments, I am just thinking out loud for you. --Jameel

Yeah, I should be more specific about the motivations of terrorist groups, and some examples wouldn't hurt. I'll look at Maurer's slides. --Yi-Kai

Retrieved from "http://cubist.cs.washington.edu/CyberSecurity/index.php?title=Team_1_Sec3.3&oldid=2251"