Crimes Against Information - Essay Example

Running head: COMBATING CYBER-TERRORISM Combating the Destruction of Cyber-Terrorism Combating the Destruction of Cyber-Terrorism At one time, an individual with a gun could decimate several people and would be highly feared. Now a mischievous individual with access to informational systems is thought not only to be menacing but also lethal to integral parts of society. Criminals no longer opt to torment a few victims using firearms or explosives; rather, they chose to inflict terror on the mass by crippling or even crashing critical informational systems. Cyber-terrorism, a new wave of crime and torture, obliterates much needed systems and leaves individuals or agencies that are dependent on those systems deprived and extremely vulnerable. While some motives and methods of cyber-terrorists are known, sufficient strategies to deter the crime are yet to be implemented. Emerging Threat of Cyber-Terrorism Cyber-terrorism is the new crime preference to inflict havoc on the masses of society. Watson (2002) defines cyber-terrorism as "the use of cyber tools to shut down critical national infrastructures (such as energy, transportation, or government operations) for the purpose of coercing or intimidating a government or civilian population." (p.8) Over the years, the level of cyber-terrorism has evolved. Years ago, hackers attained satisfaction by simply breaking into a system (Wilmot, 2004). However, Littleton (1995) still regards hackers as dangerous and further implies imminent danger by questioning the ability of a hacker to become a cyber-terrorist. Wilmot (2004) contends that hackers' abilities to "crack passwords or find a back door route through a security firewall" shows that hackers can easily use a simple act to corrupt data in high technology. (p. 287). Though hackers implement a more simplistic form of cyber-terrorism, and their trespassing is not as harmful as modern day crackers-those who seek to disable networks or systems-both hackers and crackers pose danger to the world that holds critical information. However, the sophistication of cyber-terrorists' methods correlates with the degree of their motives. Motives and Methods of Cyber-Terrorists An intent of cyber-terrorist includes causing a devastating amount of damage, while remaining elusive. To illustrate the elusiveness of a cyber-terrorist, Littleton (1995) uses two examples from the late 1980's. The identification, trial, and conviction of Robert T. Morris transpired only because he spoke of his creation, the 1988 Internet Worm, to several people. Rather, the author of the famous Michelangelo virus remains unidentified and escaped consequences altogether. The low risk of being captured coupled with the benefit of easily gaining access to restricted areas makes the crime of cyber-terrorism more appealing to criminals. Motives of cyber-terrorists range from mischief to malice. Today's juveniles have joined the cyber-terrorist realm by defacing Web sites. However, Watson (2002) regards the less serious crimes as highly consequential. When a site is defaced, its information is altered. Misleading information ultimately deceives viewers of the site and result in decrease of confidence and capital for owners of the site. Both hackers and crackers gain access to exclusive information by deciphering protective codes (Wilmot, 2004), which Littleton (1995) claims is not hard to do. A mischievous hacker seeks to only occupy an area considered off limits. On the other hand, a malicious cracker not only breaks codes to enter off-limits areas, but he or she seeks to vandalize or defile the area by causing immediate damage or planting viruses which slowly infiltrate and destroy systems that operate as critical infrastructures (Morris; Wilmot, 2004). Impact of Cyber-Terrorism According to Wilmot (2004), citizens cannot function without the critical infrastructures of their communities. One part of the critical infrastructure extremely vulnerable to cyber-terrorism is the public safety system. Branches of the public safety system depend on the interconnectivity of other networks that hold valuable information. While director of the Defense Intelligence Agency, Lieutenant General Patrick M. Hughes stated: Transnational Infrastructure Warfare involves attacking a nation's or sub-national entity's key industries and utilities; to include telecommunications, banking and finance, transportation, water, government operations, emergency services, energy and power, and manufacturing. These industries normally have key linkages and interdependencies, which could significantly increase the impact of an attack on a single component. (Wilmot, 2004, p. 284) To further illustrate Hughes' point, the Fort Lauderdale Police Department (FLPD) of Florida has a network of critical information that is connected to other networks covering a much broader area. Like many public safety agencies, FLPD's mission is to ensure the safety of its citizens (ci.ftlaud.fl.us/police) which results in its dependency on the interconnectedness of informational systems (SafirRosetti, 2006). The department's Information Systems Unit supports Florida's Crime Information Center Systems along with The National Crime Information Center Systems. As a result, the efficient system alerts officers in multiple parts of the nation. While the interconnectivity of systems provides efficiency of pertinent information (ISACA), the connection and centralization of it makes it extremely vulnerable. Like any culprit, cyber-terrorists hunt weaknesses. Vulnerability is a weakness upon which cyber-terrorist rely. The simplest and most inexpensive means as a possibility to wreak havoc motivate hackers to implement a plan of attack (Morris, 2005; Wilmot, 2004). For a cyber-terrorist, breaking codes to gain unauthorized access is a minute effort in comparison to its massive effect. The interconnectivity of public safety systems represents a pulsing vein for a cyber-terrorist to strike. One vial or deleted piece of information can corrupt or lock an entire system's operations. For example, FLPD's Information Systems Unit houses and manages critical databases that support other critical databases world and nationwide (SafirRosetti, 2006). Thus, tampering with FLPD's informational network would not only put Fort Lauderdale's citizens in danger but also citizens in other parts of the country. At any rate, the presence of a hacker or cracker poses a threat of mass disruption or destruction to critical infrastructures-one in particular, the public safety system. Deterrents to Cyber-Terrorism Threats and actual occurrences of cyber-terrorism prove its reality. In response to the growing threat, the Federal Bureau of Investigation (FBI) implemented several counterterrorism programs. Watson (2002) states, "Between fiscal years 1993 and 2003, the number of Special Agents dedicated to the FBI's counterterrorism programs grew approximately 224 percent." (p. 9) Shortly after, the FBI Counterterrorism Center was established in 1996, the National Infrastructure Protection Center was created in 1998. In addition, the FBI created a mobile crime laboratory. Of its many functions, the FBI Laboratory supports nationwide investigations of terrorism. Once a terrorist threat is detected, the Threat Warning System alerting federal, state, and local law enforcement agencies is set in motion. Much like cyber-terrorists' fervent efforts to disrupt and destroy, valiant efforts to deter terrorism are also in place. While some officials commend governmental efforts to combat cyber-terrorism (Watson, 2002), others acknowledge much needed improvement (Morris, 2005; Wilcot, 2004). In some cases, victims must empower themselves to combat cyber-terrorism. In-house precautions could potentially keep companies or individuals from being victimized. Additionally, the reckless procedures of some agencies results in their vulnerability to cyber-terrorists. Some emergency response agencies release sensitive information through the Internet. In addition, agency homepages include links to Computer-Aided Dispatch (CAD) data screens. In most cases, the CAD is directly connected to the main database which harbors important files (SafirRosetti, 2006). Thus, an agency that provides a link to the CAD also provides a channel for a cyber-terrorist to enter other restricted databases. Seemingly, reckless decisions make some agencies easy targets to cyber-terrorist. Another in-house precaution agencies should take is rigid protection of informational systems, which appears to be a secondary priority. Wilcot (2004) points out the haphazard security of information: "In most agencies, security is relegated to someone in the information services (IS) department, who usually has many other duties." (p 291) The Department of Justice governs law enforcement standards but provides no aid for data and information storage or security. Clearly, some agencies must reassess their sources and procedures to avoid vulnerability cyber-terrorists. Once violated by cyber-terrorist, victims should partner with others to fight cyber-terrorist. In January 2000, President Bill Clinton announced a $2 billion proposal to combat terrorism by establishing an Institute for Information Infrastructure Protection (Wilcot, 2004). Part of the proposal included the partnership of the public and private industry to combat cyber-terrorism. It has clearly been acknowledged that victims who ban together oftentimes deter crimes. Despite past efforts to encourage partnerships, some fail to realize the strength in numbers and choose to bear being violated alone. Rather than share information or contact law enforcement, systems operators who have been victimized opt to fix the damage and strengthen their guards against cyber-terrorists (Morris, 2005). Conclusion Whether it is a native-born cyber-terrorist of the United States or foreign groups that are hostile to the United States, the threat of cyber-terrorism remains a quick and inexpensive weapon to deliver a detrimental effect. Wilcot (2004) contends that laws and consequences holding cyber-terrorists responsible and matching the detriment of their crimes have not been implemented. In fact, some laws (such as the public record laws and right-to-know legislation) add to cyber-terrorists pool of knowledge and further enable them to carry out their attacks. Though efforts to combat cyber-terrorism are not entirely futile, other factors such as victims taking precautions and laws conflicting with efforts continue to make combating cyber-terrorism a continuous task. References Fort Lauderdale Police Department. About the Fort Lauderdale Police Department. Retrieved January 3, 2007, from http://ci.ft.aud.fl.us/police/intro.html. ISACA: Serving IT Governance Professionals. ISACA overview and history. Information Systems Audit and Control Association. Retrieved January 3, 2007, from http://www.isaca.org/PrinterTemplate.cfmsection=overview_and_History&Template=Co... Littleton, M. J. (1995). Information age terrorism: Toward cyber terror. Retrieved January 13, 2007, from http://www.fas.org/irp/threat/cyber/docs/npgs/terror.htm. Morris, D. A. (2005). Tracking a computer hacker. United States Department of Justice. Retrieved January 8, 2007, from http://www.usdoj.gov/criminal/cybercrime/usamay2001_2.htm. SafirRosetti (2006) Staffing Study of Fort Lauderdale Police Department. Retrieved January 5, 2007, from http://ci.ftlaud.fl.us/documents/safir_study071505.pdf. Wilmot, R. (Ed.) Domestic and international terrorism. Boston, MA: Pearson Custom Publishing. Watson, D.L. (2002). Congressional testimony: The terrorist threat confronting the United States. The Federal Bureau of Investigation. Retrieved January 8, 2007, from http://www.fbi.gov/congress02/watson020602.htm. Read More