3

Cyber Terrorism – How Real is the Threat?

May 04, 2016 By Paul Curran

As our dependency on the internet increases from our phones to our streets, hospitals and cities, so do the threats posed by cyber terrorism. “Cyber terrorism” is a contested term that can erroneously include acts of “hacktivism” and internet vandalism which do not directly threaten the lives and livelihoods of their victims. The potential threats posed by cyber terrorism are daunting, but are they really within the reach of cyber terrorists?

What is cyber terrorism?

Cyber terrorism, also known as electronic terrorism or information wars, can be defined as any act of Internet terrorism which includes deliberate and large-scale attacks and disruptions of computer networks using computer viruses, or physical attacks using malware, to attack individuals, governments and organizations. While cyber crime is often motivated by economic gain, and hacking, or internet vandalism, often is done to satisfy the hacker’s ego, cyber terror is fueled by an ideology.

 

The term “cyber terror” can be controversial since many cyber attacks fall into gray areas that can also be considered hacking, acts of “internet anarchy,” or cyber crime, so it’s important to connect the concept of cyber terror to the definition of terrorism itself to fully understand, and differentiate, cyber terrorism from other internet based security threats.

 

The goal of terrorism is to create a feeling of terror in the minds of the victims. Keeping this concept in mind, it becomes easier to differentiate cyber attacks for a financial, or egotistical, gain from acts of cyber terrorism. Cyber terrorists operate with the goal of damage and destruction at the forefront of their activities.

 

The term “cyber terrorism” was first coined by Barry C. Collin of the Institute for Security and Intelligence in the late 1980’s, but the concept only began to resonate with the general public as the countdown began to the year 2000 and the millennium bugs associated with the big date switch gained wide scale recognition. The terror attacks on September 11th, 2001 further thrust the concept of cyber terror into public discourse as the threat of giant disruptions to economy, infrastructure and national security were often discussed in depth by the media.

 

Where, and how, can cyber terrorism occur?

Cyber terrorism threatens us the most at the vulnerable points where our physical and virtual worlds converge. Barry C. Collin outlines the cyber terrorism points of convergence and the potential acts of cyber terrorism at these points of convergence in his paper on the The Future of Cyber Terrorism.
Cyber terrorism point of convegence
Everyday points of convergence of the physical and virtual worlds include mundane things such as our microwaves, garage door openers and the like, but also include large scale targets for cyber terrorists such as air traffic control systems (both on the ground and in the cockpit), communication infrastructures, power plants, Supervisory Control and Data Acquisition (SCADA) which is the backbone of the “smart city” concept, and modern military equipment.

 

To commit acts of cyber terrorism at these points of convergence, the terrorist can commit acts of destruction and alteration as well as acquisition and retransmission which can result in crippling effects on the economy, military, civilian infrastructure leading to large scale death or destruction. The potential destruction of a smart city being hacked or having a smart army being exploited is huge, and this is something that cyber terrorists are keenly aware of.

 

Possible attack vectors for cyber terrorists

As more and more civilian and military infrastructure become computerized to various extents via the “Internet of Things,” the potential for cyber terror attacks greatly increases. International examples of cyber attacks, and proof of concept attempts, on governmental and civilian infrastructure have proven the level of severity posed by threats of cyber terror.

 

In Iran, the Stuxnet virus proved to the world that malware infections are able to disrupt the operations at their nuclear facilities. In Ukraine, cyber attacks on their energy provider resulted in deliberate blackouts. In the United States, Cesar Cerrudo, a security researcher, was able to take control and manipulate traffic systems by exploiting vulnerabilities in the traffic control devices.

 

Cyber terror attack vectors, however, don’t have to be limited to industrial scale disruptions and disturbances. Cyber terrorists could use well known methods of attack, such as XSS phishing attacks or spear phishing, to steal data, or funds, in order to finance real world terrorism.

 

How real is the threat posed by cyber terrorism?

Most of the “cyber attacks” that are attributed to cyber terror groups such as the Cyber Caliphate (a group of pro-ISIS hackers) and other groups have been limited to attacks that are more “hacktavist” in nature, rather than cyber terrorism. While cyber terror groups are limited by their skills, they make it no secret to increase their arsenals of potentially devastating cyber weaponry.

 

Additionally, the services offered for sale by hackers lurking on the dark net present an added layer of threat which countries and organizations face from cyber terrorism. Currently, terrorist groups such as ISIS, are more likely to spread their terror through “lone wolf” real world attacks, but they are seeking to upgrade their cyber arsenal despite the fact that they have not achieved any real world cyber terror attacks to date.

 

Conclusion

Despite the impact that Stuxnet had on the Iranian nuclear infrastructure, researchers agree that only a state, or multiple states, could be capable of carrying out an attack of this magnitude. Right now, the capability of a large scale attack remains out of the hands of cyber terror groups, although that could change in the future as these groups recruit more members that are well versed in exploiting cyber security and could possibly forge alliances with other hacker groups that seek to harm states based on their own, parallel ideologies.

 

Currently, cyber terror groups stand to gain more through financial cyber crime rather than cyber terror. These financial gains, however, could be used to pay for larger cyber terror operations through the hiring of professional hackers with considerable experience.

 

Despite continually aspiring to increase their cyber terror abilities, groups such, such as ISIS, are more likely to keep on spreading their destruction with sleeper cell attacks like in Paris, or Brussels, rather than large scale cyber attacks. In fact, squirrels, birds and racoons have caused more electricity grid disruptions than terrorists, or even governments.

 

While there is no one solution to protecting an organization, infrastructure or country from cyber terrorism, since the attacks can range from exploits of code vulnerabilities to physical attacks involving USB hosted malware and others, secure application development from the beginning of coding will make it easier to mitigate any threats that may arise in the future. Also, promoting security awareness within your organization and ensuring that your team includes an app sec champion will also help to mitigate the risks posed by cyber terrorism.

 

The following two tabs change content below.

Paul Curran

Content Specialist at Checkmarx
With a background in mobile applications, Paul brings a passion for creativity reporting on application security trends, news and security issues facing developers, organizations and end users to Checkmarx's content.

Latest posts by Paul Curran (see all)

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.