January 15, 2012

Cyber-terrorism: Truth or hyperbole?

Strategic Issues   Saturday, January 14, 2012
Photo: AFPMirza Sadaqat Huda
The debate on cyber-terrorism ranges from predictions of an 'Electronic Pearl Harbor,' where chaos and destruction resulting from cyber-terrorism attacks on critical infrastructure and communication systems would result in riots, panic and death, to the dismissal of any genuine threat and attributing the media and government as contributors to the hyperbole. To derive a pragmatic opinion on the contemporary threat posed by cyber-terrorism, a non-partisan analysis of definitions, perceptions and facts must be undertaken.
Cyber-terrorism is an opaque concept and its ambiguity is attributable as much to a lack of consensus on definitions, as to conflicting perceptions on the severity of the threat. John Blane has defined cyber-terrorism as 'premeditated, politically motivated attacks by sub-national groups, clandestine agents or individuals against information, computer systems, computer programs and data that result in violence against non-combatants and targets.' This definition gives rise to several deficiencies when applied to real-life scenarios. Terrorists make use of the internet to communicate with each other, recruit members, raise funds, organise activities and distribute propaganda. Since these activities do not constitute violence as a direct consequence, there is ambiguity as to whether they should be included in the definition of cyber-terrorism. In 1999 David Copeland downloaded terrorist handbooks from the internet to build bombs which killed 3 people in London. The terrorist attacks in Mumbai in 2008 were significant not only due to the unprecedented carnage that followed but also due to the use of satellite imagery and internet phones to plan, communicate and coordinate the attacks.
Thus even if the use of computers and the internet does not directly cause violence, it can be an auxiliary to terror attacks and an effective tool for furthering the terrorist's political agenda. Cyber-terrorism as a broader definition is 'the convergence of cyberspace and terrorism which enhances the terrorist's ability to communicate, plan and inflict terror through a network of operatives and cells and is closely entwined to non-virtual terrorist activities and global terrorism.' It is also important to note that cyber-terrorism is distinct from information warfare as cyber-terrorism is about causing fear and harm to anyone in the community, while information warfare has a defined target. For the purpose of this article, a confined definition of cyber terrorism, as it directly relates to causing loss of life, fear and violence through attacks on computers and information systems and which bears a political or ideological motivation, will be used.
The debate on cyber-terrorism is centered on two conflicting schools of thought. Advocates of the cyber-terrorism theory argue that it can be a preferred method of terrorist's modus operandi, as it provides a range of relatively anonymous, non-lethal options (for the terrorist) that can be applied at the speed of light with relatively low risk of escalation. The likelihood of getting caught, let alone incur military operations by the affected country is low compared to the possible benefits. As terrorists have a limited amount of funds, cyber-attacks are more tempting as they require less people and less resources. Richard Clarke, a terrorism and cyber-security analyst has stated that cyber-security is a serious threat to critical infrastructure in the US. From a national security viewpoint, a determined and talented cyber-terrorist could hack into a utility or chemical plants' SCADA (Supervisory Control and Data Acquisition Systems) and cause an accident to kill not only the plant workers but thousands of people in the surrounding areas. In the US, 300 critical infrastructure facilities lie in densely populated regions with 50,000 or more local residents. Scenarios similar to the Bhopal disaster are envisioned in the aftermath of such a cyber-attack. Of particular concern is the vulnerability and openness of the network systems operated by these critical infrastructure facilities. Dr. Harvey Kushner, an expert on terrorism believes that free flowing structures of modern terrorist cells would be highly effective in undertaking freelance cyber-terrorism against Western infrastructures which would be ideologically supported by rogue nations.
Experts who downplay the threat of cyber-terrorism argue that despite the hype surrounding it and the billions of dollars invested by governments and corporations to protect against cyber-attacks, the fact remains that as of date, there has been no fatality related to a cyber-attack. The National Counterterrorism Centre of the US in its annual report accounted for 13,186 deaths due to terrorist attacks in 2010, majority of which were a result of conventional methods of terrorism, including suicide bombings, armed attacks and kidnappings. Not a single attack was attributed to cyber-terrorism. This massive discrepancy between the casualties of the two mediums of terrorism is enough to compel the casual observer of the audacity of spending time and money on cyber-terrorism defence, when the real threat emanates from conventional means of terrorism. Despite no precedence to the 'Electronic Pearl Harbour' idea, governments continue to warn and legislate around the issue. Gartner analyst Richard Mogull has stated that although terrorists continue to use the cyber infrastructure to support their activities, terrorist use of the internet to deliver a significant digital attack is impractical and unrealistic. This is substantiated by security expert Bruce Schneier who stated that the hype of cyber-terrorism is inflated by the United States government and terrorists are more likely to attack via conventional methods.
One of the greatest fears projected by cyber-terrorism is external manipulation of SCADA systems used in critical infrastructure facilities. This theory, when analysed further, appears to be rather primitive and simplistic. Many analysts state that SCADA systems are more robust and resilient than cyber-terrorism theorists would have us believe and are likely to recover from a cyber-attack quickly. Power blackouts, water disruption, air traffic disruptions and other scenarios resembling cyber-terrorism often occurs without being a threat to national security. Cyber-terrorists would thus have to attacks multiple targets for extended periods of time to create terror and have any significant effect on national security.
Thus it can be concluded that cyber-terrorism is not as prevalent a threat as many in the defence and IT field would have us believe, but the underlying causes for terrorist's reluctance to use this medium must be evaluated:
1. Systems are complex and it may be harder to control a cyber-attack and achieve a desired level of damage than using conventional methods. Unless people are injured, there is also less media attention. Tried and true methods and operational success will take precedence over sophistication of attacks. Damages incurred by cyber-attacks can be fixed quickly via system re-instalments and back-up files whereas damages to physical infrastructure including complex machinery and expensive facilities through conventional means of attacks would incur more time and recourses to fix; and
2. If a critical disruption or malfunction occurs due to a cyber-attack, in the case of absence of any physical damage to infrastructure, the operators of the attacked site may deny that the disruption was due to a cyber-attack. This would defeat the purpose of terrorism to instil fear and attract global attention to their cause.
Thus it can be concluded from the above analysis that cyber-terrorism as compared to conventional methods of terrorism at present time, poses a minimal amount of threat. Although cyber-crime and information warfare do pose threats to individuals, businesses and states, cyber-terrorism, in its definitional form, is not a serious threat and has been over-estimated by governments and over-hyped by print and electronic media. This does not denote that cyber-terrorism will not pose a significant national security threat in the future. The future will see deepening economic dependency on computers and this poses greater risks of losses due to disruptions which can adversely affect aviation, communication and financial services. The growing complexity and interconnectedness of these computer systems means that a disruption in one may lead to disruptions in others. Cyber-terrorism could also become more attractive as the real world and cyber world become more connected, with a greater number of physical devices attached to the internet.
In the present time however, since the damages from conventional terrorist operations are of greater magnitude as far as spreading fear and causing fatalities are concerned, national security should be focused on preventing such traditional means of asymmetrical warfare. In the words of Dorothy Denning, 'For now, the truck bomb poses a much greater threat than the logic bomb.'
The writer is a Research Associate, BEI.
Read more:
Enhanced by Zemanta