Digital Terrorism Risk Currently Facing Australia - Research Paper Example

The greatest terrorism risk currently facing Australia is not that of physical violence, but rather digital violence Introduction The term ‘cyberterrorism’ is becoming increasingly popular today, perhaps due to an increase in such a form of terrorism. However, not many people know exactly what the term means, and what activities come under the scope of cyberterrorism (Gordon and Ford, 2003). People are not aware of how to protect themselves, and even some governments, especially of the third world countries, need to be alerted as to how to counter this form of digital violence. Despite the lack of knowledge of many states and people, cyberterrorism is becoming a growing problem for countries today, in the digital age. It is especially a bigger threat for developed countries such as US, Australia, UK and others where people are computer-literate and have the facility of unbeatable internet infrastructure. The idea is for governments to know exactly what it is so that they can protect their people and states by implementing appropriate infrastructure and strategies. This paper will put light on the term ‘cyberterrorism’ and compare its risks to those of other forms of terrorisms such as bomb attacks, suicide attacks, street crime and many others. It will then shed light on the main threats of cyberterrorism. Furthermore, the paper will assess whether governments are doing enough to fight it and what options they have to ultimately counter it. How does the risk of cyberterrorism compare to other forms of terrorism in terms of potential damage? The potential damage of cyberterrorism is greater than other forms of terrorism because, simply, the Internet has made terrorism common and has allowed it to become widespread. To see the difference and comparisons of both cyberterrorism and other forms of terrorism we will look at both their definitions and assess their impacts with the help of Gordon and Ford’s (2003) Terrorism Matrices. Terrorism, defined by Brian Jenkins is “the use or threatened use of force designed to bring about political change”. This is a very simple definition and does not do justice to the breadth of the phenomenon. A more comprehensive definition of terrorism, which will further be used and adapted in this paper, is given by the Federal Bureau of Investigation (FBI) of US. FBI (2002) defines it as: “The unlawful use of force or violence, committed by a group(s) of two or more individuals, against persons or property, to intimidate or coerce a government, the civilian population, or any segment thereof, in furtherance of political or social objectives.” This indicates that terrorism means activities carried out by any individual or groups that force people or governments to carry out things that would sustain the terrorist’s objectivities – be these social, political or religious. Therefore, to get an illustrative idea of the attributes of terrorism in relation to particular existing group, let us take into consideration the Terrorism Matrix proposed by Gordon and Ford (2003): Figure 1 Terrorism Matrix by Group and Attributes of Terrorism (Source: Gordon and Ford, 2003) This matrix shows the different attributes of terrorism. There is a perpetrator – the terrorist, a location, the actions that they carry out, the tools they use to carry out those actions with, victims, associations and their motivations. This matrix rightly shows what constitutes terrorism. Now, to define cyberterrorism, two aspects need to be considered: 1. attacks on computers, networks and data systems 2. attacks using computers The FBI’s definition of cyberterrorism focuses on only the first aspect of it. It defines the term as a: “Premediated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by sub-national groups or clandestine agents” (Centre of Excellence Defence Against Terrorism, 2008). NATO’s definition focuses more on the second aspect. The NATO defines cyberterrorism as: “A cyberattack using or exploiting computer or communication networks to cause sufficient destruction or disruption to generate fear or to intimidate a society into an ideological goal.” (Centre of Excellence Defence Against Terrorism, 2008). Combine both these definitions for a comprehensive idea of what the term cyberterrorism means. To see the impact pf cyberterrorism on traditional forms of terrorism, let us refer to Gordon and Ford’s (2003) Terrorism matrix, this time to include the Internet and computers systems: Figure 2 Terrorism Matrix with the inclusion of the computer (Source: Gordon and Ford, 2003) Figure 2 shows how cyberterrorism is different compared to other forms of terrorism in the context of the risks that it poses. For instance as shown, it is now easier to carry out terrorist attacks and activities globally, with the help of the Internet. It has become easier for terrorist organizations to recruit and educate people, and devise effective strategies. They also now use education as a tool to carry out their activities. This should explain the large number of young people willing to blow themselves up in suicide bomb attacks in countries like Pakistan. With the use of Internet, just like information, products, retailers, and people, terrorism has also become widespread. Globalization removes boundaries and it does in the case of terrorism also. Al Qaeda was only present in Afghanistan but it is highly likely that the Internet facilitated in getting to US and the world over. Examples are the September 11 terrorist attacks on the World Trade Center, the bomb blasts in the London subway stations, and many others. Cyberterrorism, in any form, either attacking the Internet or attacking through the Internet poses a serious threat today because in today’s digital age, most functions are entirely dependent on computer systems and the Internet. Ms. Condoleeza Rice, National Security Advisor to President George W. Bush said in a conference in March 2001 that “Today the cyber economy is the economy. Corrupt those networks and you disrupt this nation” (Verton, 2003). Traditional forms of terrorism were more localized and posed a lighter threat to global economies compared to cyberterrorism. Therefore, cyberterrorism poses risks for not only the IT infrastructures but other significant infrastructures and system also. Just like virtual organizations, terrorist organizations have also become networked and informal. This means that the level of hierarchies has decreased and the structure flattened. They rely on communication using Web technologies and free flow of information to make such an approach work. Important people in the structure become gateways and gatekeepers of information and are responsible for distributing information to the rest of the players. They also train, spread skills and intelligence and carry out logistical activities throughout the terrorist organization and its affiliations (Colarik, 2006). Moreover, the Internet has allowed distribution of illegal content (Council of Europe, 2007). It allows terrorist organizations to glorify themselves through education, incitement, advertisements. The Internet also allows them to recruit and train also. Also, they can easily spread racism and xenophobia using the Internet to create confusion and chaos. Finally, the Internet facilitates terrorist with logistics in that it allows easier inside communication, acquiring of information and better analyses of the target (Council of Europe, 2007). What are the main threats that cyberterrorists currently propose? The major threats that cyberterrorism pose are, again, attacks on the Internet and attacks on human life using the Internet. There are four kinds of attack, as identified by the Council of Europe (2007) that cyberterrorist perpetrators carry out: 1. Large Scale Attacks – these use a network of robots or bot-nets that use viruses or Trojans to control other systems. Once these systems become controlled, they act like zombies and are instructed by bot-masters to carry out certain activities over the Internet such as sending out spam mail, or forward huge numbers of requests to sites to make them unapproachable. Terrorists can rent bot-nets to distribute emails with illegal content such as propaganda. Lufthansa has been attacked using such a plan where its customer could not access its page. 2. Hacking Attacks – These attacks are used to get into other systems due to security weaknesses. This gives the perpetrator access into the system. Unlike large scale attacks that aim to make other systems inaccessible, this one looks to gain access. Terrorists can use this to control government systems. Moreover, other important information can be gained. For example, the Australian Security Intelligence Organisation (ASIO) verified that intelligence services have been attacking using the Internet to gain confidential Australian Government and business information. (ASIO, 2009). Attacks that go unnoticed are even more dangerous. 3. Hybrid Attacks – This is when a physical attack is carried out such a bomb blast in addition to an Internet attack such as a Large Scale attack so that it creates confusion and havoc. It intimidates and generates fear in people, at the same time it makes systems accessible so not much can be done in the case of such an attack. 4. Attacks Causing Physical Damage – In some situations, a computer system is physically damaged by the perpetrator. This happens by using either a large scale attack or a hacking attack along with a Security Control and Data Acquisition (SCADA) system. To go into details of such a system is beyond the scope of this paper. These are exampled of some of the direct attacks on infrastructure. Many physical and traditional attacks can be organized by terrorists using the IT infrastructure. It is difficult to say which is more dangerous. Cyberterrorists attack anything that is important to the people in order to create fear. They will attack anything via the Internet or anything connected to the Internet. This has implication for traditional terrorist also who would use the same techniques to further their own motives. The Internet has allowed terrorist organizations to administer attacks from anywhere in the world, at low costs and high speed (Centre of Excellence Defence Against Terrorism, 2008). The threat that comes with it is that prediction of an attack has become nearly impossible. Collaborations have become stronger and networked. More proliferation takes place in the form of more recruitment and easy dissemination of information. If other systems such as banking, stock exchange, transportation, power are IT-oriented, then they have the potential of being damaged. It is difficult to trace back to who carried out the attack because disguise and camouflage is easier. Moreover, the Netrwork Approach is now used by terrorist organizations (Colarik, 2006). The threat that comes with this approach is that the terrorist organization, now networked, will not close down or halt its activities, planning and dissemination and flow of information if one group shuts down or fails. In 2004, a report in Forbes by Lezner and Vardi described how alQaeda used the Net to disseminate information – “to circulate Propaganda and communicate with operatives”. It explained that plans for attacking financial institutions in New York and New Jersey were devised following the arrest of a computer engineer in Pakistan (Colarik, 2006) Are governments doing enough to counter the risk of cyberterrorism? Most governments do as much as there resources allow them to do so that they can protect themselves and their people from terrorist attacks. For example, in order to counter cyberterrorism, the Australian government increased its funding from $62m to $353m to ASIO in 2008 to 200. This continues to rise over 2009 and 2010 also, with revenue from the Australian Government going up $56m (16 per cent) to $409m (ASIO, 2009). Moreover, many countries such as US, China, Russia, India, Pakistan, Israel and France are countering cyberterrorism using cyber warfare and “information warfare” programs and strategies (Centre of Excellence Defence Against Terrorism, 2008). Collective efforts are also being taken place such as those of G8 countries and the EU. EU was one of the earliest to adopt a MUD approach (discussed in the following section) to recognize threats in the start, predict attacks and fight them (Centre of Excellence Defence Against Terrorism, 2008). On the contrary, the US State Department in its annual report of 2003, called many states “sponsors of terrorism” including Cuba, Iran, North Korea and Syria (Colarik, 2006). Governments may sometime support terrorism to meet their own political objectives, or religious ones, in the case of Iran. According to the report, Iran was one of the most active sponsors of terrorism in 2003 where its Islamic Revolutionary Guard, Ministry of Intelligence and Security Personnel were responsible for planning attacks. It discouraged anti-Israeli activities, which then was a religious objective. Much has been invested by governments to counter traditional terrorist attacks but the western world today has to face cyberattacks. Today’s terrorism – cyberterrorism – is relatively new and many countries do not know how to deal with this problem. Moreover, many governments do not even sponsor terrorism for their own political and religious interests anymore because of the great potential damage that activities today have (Colarik, 2006). Also, they do not understand how to protect their IT infrastructures and other infrastructures from IT- oriented and –facilitated attacks. This is especially true for Third World countries where resources and literacy is relatively lower than those of countries like the US, UK, Australia and others. What are the key strategies that could be implemented to better protect countries against cyberterrorism? There are a number of things that governments can do, either individually or in collaboration with other governments or groups, to counter cyberterrorism. If resources were unlimited and if access was very restrictive, it would have been possible to protect all online assets. However, this is not true in the real world. In the real world, governments must devise strategies. One way is to cooperate with other governments in order to counter it. Terrorism, with the Internet, has become global, therefore it is important for international players to get together, pool resources, skills and ideas to devise relevant strategy. Colarik (2006) claims that terrorist organizations today are taking the networked approach. He also holds the opinion that such an organization can only be countered using only a Network Approach (Colarik, 2006). Therefore governments should take the same approach in combatng terrorists, cyber or conventional. They need to become stronger, more collaborative, remove hierarchies, rely on information, be function regardless of the activities of all other areas, and be persistent. The Centre of Excellence Defence Against Terrorism proposes the MUD Approach. The approach can be understood using an illustration (refer to Figure 3). Using this approach, governments must continually monitor activity on the Internet to respond to and predict the reactions of terrorist organizations. Many of their campaigns are propaganda and religious campaigns. Governments must start influence campaigns of their own. For example, potential recruits must be identified and influenced. Moderate religious scholars must be appointed to lead such campaigns. Experts must be appointed that have the skills, strategies and cyber weapons to fight cyberterrorism. The MUD approach is more of a precautionary approach rather than a reactive one. Figure 3 The MUD Approach (Source: Centre of Excellence Defence Against Terrorism, 2008) Moreover, resources must be spent on securing important infrastructure and systems so gaining access can be highly difficult if not possible. Strong firewalls must be used by all Internet-based business and governmental systems to protect foreign access. As mentioned earlier, an attack that goes unnotived is the most dangerous, so continuous monitoring and bug fixing activities must be carried out by all organizations to identify potential and existing bugs. Generally, governments should subsidize organizations so that they can spend more on security of their systems, like the Australian government did for ASIO. More must be spent on research and international collaboration must take place. Bibliography Centre for Excellence Defence Against Terrorism. 2008. Responses to Cyber Terrorism, Volume 2007. IOS Press. Colarik, A. M. 2006. Cyber terrorism: political and economic implications. Idea Group Inc. Council of Europe. 2007. Cyberterrorism: the use of the internet for terrorist purposes. Council of Europe. Gordon, S. and Ford, R. 2003. Cyberterroism?. [Online]. Symantec Security Response. Available from: http://www.symantec.com/avcenter/reference/cyberterrorism.pdf [Accessed November 8, 2010]. Verton, D. 2003. Black ice: the invisible threat of cyber-terrorism. McGraw-Hill Professional. 2009. Annual Report. ASIO [Online]. Available from: http://www.asio.gov.au/Publications/Content/CurrentAnnualReport/Content/Cover.aspx [Accessed November 8, 2010]. Read More