Team 1 Sec3.2
We have four sections so each gets little less than two pages. I am targeting each subsection to be 2/3 pages, give and take few lines here and there.
3. Estimated feasibility and strategic value of the attack technique to a terrorist organization: 3.1 Scalability Below is the outline for what I am working on. But it has been constant flux so final thing may appear
- Distinguish hacking with Cyberterrorism (More precise definition accepted in academic circle)
- Scalability of attacks if possible (warfare)
a)national infrastructure (water, electricity, dams etc.) b) economic/finacial institutions c) psychologically terrorize the nation
[I am going from the perspective "warfare" defined by military that will cause long term harm to national interest rather than annoyance which does not have much significance over time. For example, hackers hacks into Amazon.com webpage, users may go to website of another bookseller or may delay buying the book but does ultimately. Attack was able to create inconvenience to users but in long term GDP output or infrastructure, psyschological damage was nothing. Contrast it with situation if someonehacks into stock exchange and able to carry fictitiuous transactions of billions of dollars which scares of investors,dents the confidence in finacial markets and crash stock markets? But again is it possible to do in scalable fashion?]
3.2. Feasibility of acquiring the required technical and financial resources
I'm still working on the details, but here is an outline. I know, it includes topics from the other sections, but when I write this up, I'm just going to focus on the technical requirements. Question: Any suggestions about the amount of effort needed for these attacks? I gave some estimates, but they're just random guesses. I'm going to look for case studies of past attacks. --Yi-Kai
- Low-end targets: PC's w/ well-known vulnerabilities, no defenses. These are very common, and will likely remain so (see Section 4). Usual approach is to spread a worm, or assemble a botnet and use it to do a distributed denial-of-service attack.
Technical requirements are minimal: vulnerabilities are well-documented, and exploit code and rootkits are freely available. Estimate: takes 5 moderately skilled programmers, a few weeks? Alternatively, a botnet can be bought for ? price.
Examples: Code Red worm, DDoS attacks.
- High-end targets: PC's that have been patched to fix known vulnerabilities, w/ network defenses. These are typical in high-value business/government applications. Attacker may seek to destroy data, disrupt operations, or gather intelligence.
Technical requirements are substantial: need to find new vulnerabilities and develop new exploits; attacks are more complicated, and one has to worry about detection. Some information is available from hackers, but each attack must be tailored to a specific target. Insider information is helpful. Could be done by a software engineer, w/ experience in systems and network programming; substantial investment of effort (5 people, a few months?).
Examples: return-to-libc attack, getting around intrusion detection systems.
- Specialized targets: Uncommon, one-of-a-kind systems, like routers, mainframes, embedded control systems, SCADA. These may be found in critical infrastructure.
These can be very different from conventional PC's. Few sources of information about these systems--insider information is very helpful. May require special compilers, SDK's, hardware for testing--availability of special tools can help a lot. Developing an attack requires technical expertise, creativity, sustained effort (hard to predict?). However, many of these systems were not designed for security, and a successful attack can have catastrophic consequences.
Examples: Cisco routers, sewage control system, electric grid.
Note that states such as the US and China are developing technologies for information warfare; state sponsorship is a possibility.
