Difference between revisions of "Team 1 Sec3.1"
Pravinmittal (talk | contribs) |
(Reply to Section 3.1) |
||
| Line 17: | Line 17: | ||
| − | + | ||
| + | '''Comment:''' I agree that cyberterrorism must go beyond routine disruption of services, but I don't think it has to cause long-term damage to national infrastructure. The motivation for terrorism is different from the motivation for war -- terrorists want to influence people's behavior, which is not the same as destroying a country's physical infrstructure. For instance, a terrorist would consider attacking a public transit system, even though that is not a good military target. --Yi-Kai | ||
| + | |||
| + | ---- | ||
We have four sections so each gets little less than two pages. I am targeting each subsection to be 2/3 pages, give and take few lines here and there. | We have four sections so each gets little less than two pages. I am targeting each subsection to be 2/3 pages, give and take few lines here and there. | ||
Revision as of 05:44, 22 October 2005
Below is the first draft for the review. Please let me know your feedbacks: 3.1 Scalability and Strategic incentives of Cyberterrorism
Before we delve into if cyberspace can be used as a tool for terrorism, we should try to get more precise semantic definition of word “Cyberterroism”. Most widely accepted and unambiguous definition was put forward by Dorothy Denning, a professor of Computer Science, on the subject before House Armed Services in May 200, which states: “Cyberterrorism is the convergence of cyberspace and terrorism. It refers to unlawful attacks and threats of attacks against computers, networks and the information stored therein when done to intimidate or coerce a government or its people in furtherance of political or social objectives. Further, to qualify as cyberterrorism, an attack should result in violence against persons or property, or at least cause enough harm to generate fear. Attacks that lead to death or bodily injury, explosions, or severe economic loss would be examples. Serious attacks against critical infrastructures could be acts of cyberterrorism, depending on their impact. Attacks that disrupt nonessential services or that are mainly a costly nuisance would not.” Above definition clearly distinguishes cyberterrorism from common cybercrimes /hacking activities. We should now look from the perspective of military strategist to define what is threshold of damage from cyber-attacks which will constitute threat to national security? What strategic advantage does terrorist (group of people or nation-state) gain by launching these attacks? If we define that a nation will not tolerate single day of disruption of some part of the national infrastructure it would be setting too high a goal when viewed against the larger context where hundreds of systems which provides critical infrastructure routinely fails without endangering the national security. So it is reasonable to think from a strategic military level that the scale of cyber-attacks should go beyond routine disruptions and deteriorate long term infrastructure capabilities to provide strategic incentives terrorists for them to contemplate these measures.
Now let’s evaluate scenarios of attacks on critical infrastructures if they are scalable enough for terrorists to put resources in it.
Many analysts (Washington Post) believe cyberterrorist may hack into water supply infrastructure, take control of dams and floodgates to use them to cause widespread havoc in terms of life and property. This is not an easy task given that United States has 54,064 separate water systems serving uneven spread of population. Most of them work independently and has diverse set of network technologies making it harder for the terrorists. Also, many of these supplies get routinely disrupted without causing terror or paralysis as lot of redundancy is built into these systems. So for terrorist will need to simultaneously disrupt hundreds of these for longer period of time to be of any strategic value.
Similarly, U.S electrical power grid consists of 3000 electrical power providers, private and public, uses a variety of different technologies to operate them. To effectively undermine them it will need vast group of hackers and identify different vulnerabilities as it is an heterogeneous system which is very difficult task. This is supported by congressional testimony by NERC, an industry group, which stated that neither viruses or Denial of service interrupted their service. Another independent study on risk assessment done by Task force of National Security Telecommunications Advisory Committee has come to similar conclusions.
Another cyberthreat scenario which has been bought forward by lot of analysts is hackers taking control of air traffic systems and aircrafts. Again, aircrafts still carry pilots and we are not is stage where remote computer systems control individual aircrafts in air. Again, Federal Aviation Authority does not solely depends on computer networks to contol air-traffic or its communications. Now given the context that it is normal for 15000-20000 flights to be delayed or cancelled every month, small intrusions if occurs will provide no strategic incentive for terrorists.
[Paragraph on internet infrastructure and military which I will complete by tonight or tomorrow morning.]
Comment: I agree that cyberterrorism must go beyond routine disruption of services, but I don't think it has to cause long-term damage to national infrastructure. The motivation for terrorism is different from the motivation for war -- terrorists want to influence people's behavior, which is not the same as destroying a country's physical infrstructure. For instance, a terrorist would consider attacking a public transit system, even though that is not a good military target. --Yi-Kai
We have four sections so each gets little less than two pages. I am targeting each subsection to be 2/3 pages, give and take few lines here and there.
3. Estimated feasibility and strategic value of the attack technique to a terrorist organization:
3.1 Scalability and Strategic incentives of Cyberterrorism
Below is the outline for what I am working on. But it has been constant flux so final thing may appear little different
- Define Cyberterrorism which distinguishes hacking with Cyberterrorism (More precise definition accepted in academic circle)
- Scalability of attacks if possible and if it is strategic from terrorist's perspective
a)national infrastructure (water, electricity, dams etc.) b) economic/finacial institutions c) psychologically terrorize the nation
[I am going from the perspective "warfare" defined by military that will cause long term harm to national interest rather than annoyance which does not have much significance over time. For example, hackers hacks into Amazon.com webpage, users may go to website of another bookseller or may delay buying the book but does ultimately. Attack was able to create inconvenience to users but in long term GDP output or infrastructure, psyschological damage was nothing. Contrast it with situation if someonehacks into stock exchange and able to carry fictitiuous transactions of billions of dollars which scares of investors,dents the confidence in finacial markets and crash stock markets? But again is it possible to do in scalable fashion?]
