Cyberterrorism: What Is It - Research Proposal Example

Cyberterrorism Chapter Introduction There were many developments and discoveries during the 20th and 21st centuries, with rapid changes characterizing this era. The world was changed instantaneously, moving in a pace where there is little room for reflection. Despite this unbelievable pace of change, there is one characteristic or prevalent factor that is held in common by these two periods. Technology, or to be more precise, the power of the Internet and high speed computers distinguished the late 20th century and presented a dominant force early in the 21st century and up to now. Such force has been integrated by powerful factions around the world for increased competitiveness across industries. Internet and terrorism may be viewed as not being distinct from each other. The dawn of the 21st century was witness to terrorists attack; though not physical, these were done through the use of the Internet. Hence, the term cyberterrorism has been born, and has become an instant sensation, a new thread that is becoming a major concern not only for developed countries but also for the rest of the world.   Background of the Study   There is ambiguity in the definition of cyberterrorism. The lack of a definition for hacktivism and cyberterrorism is the cause for such ambivalence; as such even the word “cyber” is being debated about by scholars, as to what its true meaning is. However, according to Krasavin (2002), cyberterrorism is considered as being on equal footing with other forms of “terrorism”, as it is a mixture of terrorist activities and an area of specialization. Krasarvin (2002) further pointed out that it was in 1997 that the term “cyberterrorism” was first pointed out by a senior research fellow at the Institute for Security and Intelligence in California named Barry Collin. Cyberterrorism, as defined by Collins (1996), is the fusion of cybernetics and terrorism. It pertains to premeditated, politically motivated assaults carried out by sub national groups or clandestine agents which in turn intend to cause chaos and conflict by carrying out a series of attacks to institutions, computer programs, computer systems and data. The term cyberterrorism does not involve inflicting physical harm it does cause damage to computer programs and systems. These can be disastrous, considering how dependent society is on the computer and the Internet. Collins (1996) emphasizes that the term was “cyberterrorism” was just born recently, but its nature has long been existent. Just like any other terrorist activity, the United States of America is the potential target of most cyberterrorist attacks. Information is what motivates individuals or groups to launch cyber terrorism in the United States as it holds information that is deem vital as it could seriously affect diplomatic ties. However, Krasavin (2002) pointed out that  cyberterrorism has never been launched in the United States; instead, it was more than hacking activities that were caught and were handed down with proper sanctions. This, however, does not imply that the U.S. is safe from cyberterrorism. There are some vulnerabilities in some computer systems and government institutions such as the CIA and NSA have been targeted by the simplest hacking activities over the past decades. A possible cyberterrorism attack in the near future could occur, and damage may be catastrophic considering how valuable the information and programs of the U.S. government are, and their keen interest in keeping these from certain groups or individuals (Krasavin, 2002).    Statement of the Problem   Thanks to technological advancements and financial funding, the United Sates of America was able to thwart possible cyberterrorism attacks. Officials from the Pentagon have asserted that in the near future, adversaries or militant groups who wish to assault the U.S. will likely depend on “asymmetrical warfare” wherein opposing forces would try to offset the technological superiority of the U.S. through sheer strategy and manipulation of existing technologies (Krasavin, 2002). Current terrorist cells around the world rely heavily on the Internet to communicate, raise funds, and gather intelligence about their next target. With this on the line, a possible breach on the U.S. defenses would have catastrophic results as there would be many implications not only for the U.S. but other countries as well (Krasavin, 2002).   The problem of this study lies on the preventive measures implemented by the U.S. government in case that there would be someone or a group that would plan a cyberterrorism attack on one of the government agencies. Despite the technological advantages of the U.S., it is possible that technology would crumble against someone elses technology, thus making it more possible for a breach in the U.S. defense system. Existing within the government of the United States are powerful government agencies that are known throughout the world. To enumerate which ones are likely to be the potential targets of cyberterrorism, these would likely include the Pentagon, DOD, CIA or the NSA. If possible, the study would also seek what immediate courses of actions after the U.S. experienced a terrorist attack through cyberterrorism. Lastly, given that no technological simulations or protocols could overcome or mend the damage, what would be the counterattack policy, if there is any, for the U.S. government.   Research Questions   Preventive measures were seen as the main problem of this study. As it was argued, despite the technological advantages of the U.S., there would come a time when a far more advanced and complicated technology will offset that of the U.S. military defense system, allowing groups or individuals to attain classified information vital for the U.S. As such, the sub questions are created assuming that the defense mechanism of the United States against cyberterrorism has been breached. The research questions of the current research are as follows:   1) What are the factors that could cause a possible defense mechanism failure? 2) Which are the possible targets for cyber terrorism? What are the factors that make these subjects appealing as targets of cyberterrorism? 3) What are possible risks and effects of cyberterrorism? 4) What are the counter or preventive measures of the U.S. in order to thwart attacks instigated by cyberterrorism? Objectives of the Study   As of now, the U.S. has every resource that could thwart possible attacks instigated by cyberterrorism. However, despite the technological superiority of the U.S., it is a normal occurrence that there may be technology that may eventually surpass that of the U.S. Such more advanced technology may be possibly used against them. In lieu of this, the objective of this study is to formulate possible preventive and countermeasures against cyberterrorism. The purpose of the study is to single out possible attack targets and the factors that cause these institutions or organizations to be appealing targets for such terrorist attacks. Hence, there could be immediate improvement for these institutions defense mechanisms or counter measure policies or protocols against cyberterrorism. Furthermore, the study also intends to raise the level of awareness about cyberterrorism and the difference between the latter and hacking. In doing so, society would be better informed about this phenomenon and how it can be fought. Significance of the Study  This study focuses on cyber terrorism, and pays particular importance to the possible countermeasures and preventive policies that could be used to counter this phenomenon. The impact of cyberterrorism encompasses an international scale. As the world is linked by the internet, the possible damage would likely result in a domino effect; damaging and affecting one country after another. As was pointed earlier, cyberterrorism relies heavily on the Internet and computers, just as most societies rely on these in their everyday lives.   To be specific, there are three parties for whom this research would be most beneficial. This study would benefit policy makers, as it would contribute information that could help in creating policies specifically designed to combat cyber terrorism. Moreover, the study would also be beneficial to the public as it would inform them about the specifics of cyberterrorism and let them take a closer look at how it is being carried out. As such, they would be more aware about this phenomenon and what collective action may be carried out. Lastly, the study would benefit future researchers, as it would add to the literature about cyberterrorism; this study may be used as a springboard for future similar researches. Research Design and Methodology   In order to gather the necessary information needed to validate and justify this study, the methodology section would make use of a qualitative approach, making particular use of the case study method. A quantitative study would be inappropriate in this study, as there is no need for statistical data. Qualitative methods are more apt since the study would focus more on simulations and possible factors involving cyberterrorism. A case study would permit the analysis of certain cases in which cyberterrorism were carried out successfully, making it a reference for this study. The methods for data gathering would be interviews and review of secondary data.   Conceptual Framework    The conceptual framework involves the four (4) possible targets of cyber terrorism which are the NSA, CIA, FBI and the Pentagon. These are all are important as together, they influence the combat capability of the United States. Possible breach in the defenses may lead to chaos, as it would imply that the military arsenals would be compromised while vital information are in the hands of known terrorist groups. The conceptual framework shows a possible breach in the defense mechanisms of these targets. Thus, the purpose of the research is to single out the reasons and factors as to why do the defense system may be breached. This would allow government officials to carry out imperative improvements to change the systems or materials to avert breaches. Furthermore, these institutions are rather specific with their functions, which will facilitate the drafting of definite and countermeasures.     Chapter 2 Review of Related Literature Background   Since the 9/11 bombing, there have been an increase in the numbers of terrorists who are directly or indirectly using the internet in carrying out attacks. They carry this out through sheer manipulation of computer programs. According to Pladna (2008), before the 9/11 bombing, there were only 70-80 websites which are identified as terrorist sites or were indirectly linked to terrorist organizations around the world. However, on the aftermath of the 9/11bombing, there was a rapid, marked increase in such terrorist sites. As cited in Pladna’s (2008) work, there are now at least 7, 000-8, 000 sites that have indirect and direct affiliation with terrorist groups. Whilst having different objectives and visions, the basic functions of these sites is to spread militant propaganda around the world, inviting people to join their cause. According to Pladna (2008), this is the effective way to spread violence and terrorist ideologies on a global scale.   At the same time, the United States of America have taken several steps in order to improve its own computer security. This is to encourage the private sector to adopt better computer practices and security polices in order to avoid or reduce infrastructure vulnerabilities (Wilson, 2003). Through Homeland Security and Department’s Information Analysis and Infrastructure Protection Directorate, the federal government has created the Office of National Cyber Security Division, a year after the 9/11 day bombing. According to Wilson (2003), its functions are as follows: 1) To closely track cyberspace threats and possible vulnerabilities in order to determine when to issue warnings or countermeasures; 2) To improve the capabilities of inter-government agencies through extensive information sharing programs that would also allow the other departments to be updated and well informed about pertinent security situations; 3) To aide other government agencies in times of national emergency; and 4) To respond to major cyber security incidents (Wilson, 2003). The role of the National Cyber Security Division (NCSD) is to patrol cyberspace for possible terrorist attacks and to monitor computer systems for government agencies which are likely to be the next targets of cyberterrorism. It covers a wide range of agencies, monitoring more than 20. Furthermore, it collaborates with the computer security system on each agency, creating a double layer of protection (Wilson, 2008). Wilson (2003) also pointed out that NCSD was able to strengthen the defense mechanism of government agencies by linking each one and putting them within a single defense mechanism while maintaining each agencys security protocols and policies.   To aid the National Cyber Security Division in carrying out its tasks, the federal government has created another agency in January 2003, the Terrorist Threat Integration Center (TTIC). Its function is to monitor threats from various government agencies and analyze them in order to assess whether these would occur or not. According to Verton (2003), various government agencies received threats everyday, and for most of the time, these threats are pranks, carried out by delinquents. However, the difference between a real and prank threats are heard to deal with. This where TTIC do their job. Instead of allotting extra time and resources to single out the most potential threats, these agencies let the TTIC do the job, thus conserving time and resources without subverting the analysis of the job. The TTIC is an independent authority from other government agencies despite its leadership coming from one of the military agencies such as the CIA, FBI and DOD (Vatis, 2001). There have been some issues about the independence of TTIC, due to its authority to gather intelligence and combine data elements on trans-national terrorist activity. According to Wilson (2003), TTIC should be housed within the DHS rather than with the CIA, in order to avoid possible cultural and constitutional conflicts between two leading information based government agencies, the CIA and FBI.   According to Prichard and MacDonald (2004), computer reports and analysis have shown that computer based attacks against key industries and various government agencies have been increasing every year. Based on the study of Rollins and Wilson (2007), computer vulnerabilities persist through these repetitious attacks, implying that sooner or later, weakness in the defense would present itself after being exposed through various attacks with different patterns . As such, the federal agencies have been under criticism for the past 2 years. The subject is mainly about the effectiveness of their security programs and of their computer systems against cyberterrorism and hacking activities (Verton, 2003). The growing concern came from the increasing number of computer attacks against key industries and infrastructures such as power, energy and financial services. The difference of those attacks from the previous ones is that these are now carried globally, trying to inflict damage on a wider scale (Verton, 2003).   Definite examples of such attack was seen in January 2003, wherein a Internet worm reportedly caused disruption towards the operation of a nuclear power plant in Ohio (Wilson, 2003). The internet worm entered the system and disrupted the flow of computer systems, causing the operation cease for 5 hours. Similarly, the same year also witnessed a blaster computer worm causing several communication lines to degrade and have reduced performance output. However, both attacks were assessed as accidents in the eyes of government officials. Some of the more recent attacks were seen in some parts of Europe. In Romania, 58 lives of scientists were endangered as someone illegally gained access to the life support system of a research institution that was based in Antarctica. A more recent example happened in Estonia in 2007, wherein government offices and two major banks were knocked offline as their systems were subjected to a mass cyber attack. The target was bombarded with traffic, causing these institutions to be offline (Wilson, 2008).  The latest installment of defenses to combat cyber terrorism was launched in November 2006 by the United States Air Force and was named as the Air Force Cyber Command (AFCC). The main function of AFCC is to monitor and protect the interest of American People in cyberspace. It is done by drawing personnel resources as well as upgrades in computer defense systems in order to impose stricter rules and regulations around the internet (Wilson, 2003). However, despite these upgrades, there were instances when the computer defense system is overridden or offset by a complicated computer programs, as seen from the experiences of Estonia and Romania. According to Pladna (2003), the best course would be collective action against perpetrators of cyber terrorism. Such would entail involvement of different groups or individuals in which the defenses for computer security are monitored not only by the government agencies assigned or created to monitor it, but also by private individuals who have the ability to do so.    Computer Vulnerabilities and Attacks   Computer vulnerabilities will continue to exist and eventually, computer attacks instigated by cyberterrorism would be successful. There are various reasons why scholars and government officials consider this scenario. One of the possible reasons is that there will always be entry points for computer defense systems in which vulnerabilities present itself. According to Wilson (2008), vulnerabilities present themselves through poor security practices and procedures, inadequate training in computer security, and poor quality in software products. An example of poor security practices is seen on the delay of installation of important software security patches, despite having the security patch available weeks before the scheduled upgrades. The delay could cause necessary adjustments as computer systems tend to change over the time which entails additional workload and more time for assessment. Additionally, security patches tend to disrupt computer systems instead of improving it, this is why a compatibility test is sometimes required to ensure that instead of a security downgrade, improvement will be implemented (Hummel, n.d.).  Nevertheless, upgrades delay would open the computer system of that organization to threats and attack, increasing and inflicting more damage. Furthermore, According to Janczewski & Colarik (2008) even if the installation was pursued despite the delay, there is a big chance that the security patches could not handle the current threat of cyberterrorism as the former would lag behind. This is why, government officials as well as experts in the field of computer security systems, remind organizations as well as private individuals to constantly upgrade security programs. As cited in the work of Clem and his colleagues (2003), the simplest way of protecting ones computer as well as oneself against cyberterrorist threats would be daily upgrades of anti-virus programs and firewalls, as it is the basic forms of defense that anyone could have.   In connection with security software such as anti-virus programs, Wilson (2008) has cited that another source of vulnerability lies in the commercial software that have errors when bought, which eventually causes computer vulnerabilities. According Curran and his colleagues (2008), statistics shows that 80 percent of the intrusion and failure of computer security programs is because of software errors and poor quality of computer security programs that open up vulnerabilities. If it is just on the level of personal use, considerations could be made. However, these commercial software programs are used by federal agencies and such occurrences could lead to dangerous outcomes. Furthermore, the government has not imposed strict regulations and regulatory mechanisms against these matters, as such, making the producer of the product immune from any liability (Macdonald & Fougere, 2003). According to Wilson (2003), the best course of action is to impose strict regulations that would ensure that products such as computer security programs would not endanger its owner. Additionally, Wilson (2003) asserts that it would be convenient if federal agencies would have properly trained security experts who can oversee such important matters. The latter would be the core of the defense system, and not the security programs per se.   Lastly, Wilson (2003) emphasizes that the biggest source of vulnerability is the lack of proper training for security administrators. It is pointed out earlier that delay of proper installation of security patches would be catastrophic. Peterson (2005) cited that such delay is caused by improper training of security personnel. If properly trained, the importance of installing security patches would be instilled among security personnel. Furthermore, a properly trained security personnel would be able to keep track of current cyber threats, thus making them more perceptive as to what would be the most appropriate configuration for their computer security (Peterson, 2005). According to Verton (2003), it would greatly benefit U.S. infrastructures as human capital is the most effective and important resource, as they are instilled with decision making capabilities.   Core Factors and Effects of a Cyber Attack   Cyber terrorism is mainly a product of the availability of the Internet and high speed computers. It has effectually brought forth tighter security measures implemented worldwide and an increased awareness regarding terrorist activities (Wilson, 2008). Terrorists, after the 9/11 bombing, have been on the spotlight, as the U.S. and its allied countries have began to implement counter measures in order to avoid such catastrophic incidents like that of the 9/11 day bombing. According to Rollins and Wilson (2007), terrorists have seen the internet or cyber space as their tool in instigating attacks on their targets. There are also benefits as to why terrorists have chosen to exploit these media as methods of attack. According to Vatis (2001), they are the following:  1) The risk of being detected is much lower compared to physical forms of attacks. Detection is avoided as their are various ways to get past certain systems without compromising the identity of the attacker . 2) The damage that could be done is more catastrophic and costly for the target. Most targets rely on computer systems to carry out some of their important tasks such as keeping vital information, schematics and money. 3) Lastly, the attack could be carried out anywhere from around the globe and the only weapon of choice is a computer. Cyberterrorism mainly relies on skills and knowledge of a programmer about cyber space and its target. Furthermore, identity could be hidden, avoiding detection and capture (Rollins & Wilson, 2007). There is no arguing that cyberterrorism is a modern way of carrying out terrorist activities. According to Hummel (n.d.), this is also the most elusive and hardest to detect kind of terrorism as the identity of the perpetrators could be easily masked by false identification or multiple layers of defense systems. What is more frightening, according to Hummel (n.d.), is that successful cyber attacks could cause a chain reaction wherein an attack towards a target could cause other institutions to fall or malfunction at the least.   The best way to understand and describe the possible effects of a cyber attack is a chain effect or is called a domino effect. It is certain that society is linked by computers and the internet. According to Wilson (2008), this linkage is the very reason why cyber attacks are seen as catastrophic. By being linked with each other, perpetrators could easily program an attack that could begin from a far away target and could crawl up its way to its main target. An example of such attack could be seen from a purposely corrupt credit card that is used in a retailer site, which afterwards could cause corrupted data to spread into banking systems and could erode public confidence in the financial sector. Moreover, in other computer systems, such a card may be used for global commerce (Prichard and MacDonald, 2004). Furthermore, according to Wilson (2008), what makes cyber attacks elusive is that these rely on technology and it is natural that technology itself would evolve, creating new attack patterns that are different from those in the past.   Cyberterrorism may be tedious. According to Krasavin (2002), launching a widespread coordinated attack against critical infrastructure would need significant resources such as human capital and machineries that could perform multiple complicated operations. It is estimated that in order to carry out a successful cyber attack against multiple systems and networks, a preparation period of 2-4 years is required. The planning stage may involve surveillance and testing of cyber attack tools towards certain programs that have similar components or attributes as the target primary defense mechanism (Krasavin, 2002).   The only bright side of cyber terrorism is that it has no powerful psychological impact unlike a bombing or biological warfare. According to Wilson (2003), unless cyber terrorism could actually produce physical damage or bloodshed, it would always be shrugged upon, as it is perceived as less serious than other forms of terrorist attacks such nuclear, biological and so on. However, the damage that cyber terrorism inflicts could be dangerous for any country, especially if the focus of the attack affects the financial sector. Furthermore, there have been various and complicated programs that have been launched in order to counteract cyber attacks.   SCADA Systems  Aside from the creation of NCSD, TTIC and AFCC, the federal government also made the Supervisory Control and Data Acquisition (SCADA) systems as the main tool in combating cyber threats. The function of the SCADA is to automatically monitor and adjust switching, manufacturing, and other process control activities, based on feedback data gathered by sensors (Janczewski and Colarik, 2008). According to Wilson (2003) SCADA could be considered as the first line of defense against cyber threats. Its main role is to facilitate various economic activities, monitor the water system, electrical supply and air traffic. According to Verton (2003), the usual target of cyber threats would be to cause large scale chaos and by that, instigators usually target power plant, airports and other facilities. SCADA monitors the activities in these areas in order to counteract any impending cyber attacks. Additionally, SCADA systems use Proprietary computer software, which is considered by many as less appealing for cyber terrorists as the software is custom built (Wilson, 2003).   SCADA systems have been exposed to several simulation tests in order to assess their capability of managing out cyber threats. One of the simulations was conducted by the U.S. Naval War College, in which they launched a cyber attack towards the SCADA systems. The result was that there was electric failure but is comparable to a temporary power outage that is normally experienced. Similarly, the attack also triggered a malfunction in the telecommuncation systems; however, the latter was only crippled for a short period of time due to the SCADA sytems. According to Rollins & Wilson (2007), these simulations were able to reject the claim of cyber theorists that the SCADA sytems are open to cyber attacks as they show vulnerabilties. The criticism was born due to the incidence in Ohio and the vulnerability was caused by the use Commercial-Off-The-Shelf (COTS) software.   COTS is more appealing to cyberterrorists as the latter could easily break down the program and bypass it. The use of COTS in the SCADA systems have brought the issue of security failures, as the COTS is directly linked to the internet and to their corporate headquaters. Unlike COTS propietary computer software which are confined and whose operation is mainly situated in isolated networks. The simulation that was conducted by the U.S. Naval War College has emphasized that the real threat of cyber attacks is directly linked with the usage of the Internet and systems that are part of the financial structure (Rollins & Wilson, 2007).          References Collin, B.(1996). The future of cyberterrorism. Proceedings of 11th Annual International Symposium on Criminal Justice Issues, The University of Illinois at Chicago. Clem A, Galwankar S, Buck G: (2003) Health implications of cyber-terrorism. Prehospital Disaster Medicine, 18(3), 23-27.   Curran, K. ,Concannon, K.& Mckeever S. (2008). Cyber terrorism attacks. Retrieved March 17, 2009 at http://www.lnb.lt/stotisFiles/uploadedAttachments/10200821584616.pdf  Hummel, M.(n.d). Cyberterrorism is a concern. Retrieved March 17, 2009 at http://www.crime-research.org/news/2003/02/Mess1701.htm  Krasavin, S. (2002). What is Cyber terrorism? Retrieved March17, 2009 at http://www.crime-research.org/library/Cyber-terrorism.htm  Janczewski, L & Colarik, A, (2008). Cyber wafare and cyberterrorism. Retrived March 18, 2009 at http://bul soft.com/hacking/Computer%20Security%20Enthusiast/4/Cyber%20Warfare%20&%20Cyber%20Terrorism.pdf  MacDonald, L. & Fougere, K. (2003). Software piracy: A study of the extent of coverage in introductory. MIS textbooks. Journal of Information Systems Education, 13, 325-329.  Pladna, B. (2008), Cyber terrorism and information security. Retrieved March 17, 2009 at http://www.infosecwriters.com/text_resources/pdf/BPladna_Cyber_Terrorism.pdf  Peterson, W. (2007). What is cyber terrorism today? Retrieved March 17, 2009 at http://www.securitycertified.net/getdoc/f560006d-4495-4196-90b1-b749e4ad8c37/Cyber_Terrorism-pdf.aspx  Prichard, J.& MacDonald, L. (2004). Cyberterrorism: A study of the extent of coverage in computer security textbooks. Journal of Information Technology Education 3  Rollins, J., & Wilson, C. (2007). Terrorist capabilities for cyberattack: Overview and policy issues. Library of Congress, Foreign Affairs, Defense and Trade Division. Washington, DC: US Government.  Vatis, M. (2001). Cyber attacks during the war on terrorism: A predictive analysis. Retrieved March 19, 2009 at http://www.ists.dartmouth.edu/ISTS/counterterrorism/cybera1.pdf  Verton, D. (2003). Black ice: The invisible threat of cyber-terrorism (1st ed.). McGraw-Hill; Osborne Media.  Wilson, C. (2003). Computer attack and cyber terrorism: Vulnerabilities and policy issues for Congress. Retrieved March 17, 2009 at http://www.fas.org/irp/crs/RL32114.pdf  Wilson, C. (2008). Botnets, cybercrime, and cyber terrorism: Vulnerabilities and policy issues for Congress. Retrieved March 17, 2009 at http://www.fas.org/sgp/crs/terror/RL32114.pdf        Read More