Use the metaphor of a battleground in relation to a discussion of cyber security, and the term "cyber terrorism" immediately comes to mind. Even some of the terminology we commonly use to describe certain types of cyber activity evokes the image of a battleground. Consider the terms "war driving" and "cyber attack," for instance. Referencing cyber security as the battleground of the future, however, belies the fact that the battle has been raging for a long time and continues to grow increasingly more intense.
The term "cyber terrorism" is likely to evoke a variety of images among security professionals. In Congressional testimony before the Senate Select Committee on Intelligence in February 2002, the FBI defined cyber terrorism as "the use of cyber tools to shut down critical national infrastructures Ã¢â‚¬Â¦ for the purpose of coercing or intimidating a government or civilian population."
While common application of the term often lends it a broad connotation, most of us would agree that we would know cyber terrorism if we saw it.
Ã¢â‚¬Ë˜ An al Qaeda operative, secreted somewhere in a safe house abroad (or in a public library or cyber cafe somewhere in the United States), sits hunched over a laptop, surfing the Internet to assess some sector of America's critical infrastructure as a potential target. His plans for delivery of the attack might involve a truck, aircraft or other transportation conveyance, some other part of our critical infrastructure or the Internet itself.
Ã¢â‚¬Ë˜ The same individual launches a malicious virus aimed at disrupting a vital component of the U.S. financial infrastructure or some other major symbol of America's economic power. (By Osama Bin Laden's own admissions, the September 11 attacks were as much about striking a blow at the U.S. economy as they were about causing massive loss of life.)
Ã¢â‚¬Ë˜ A small group of young protesters in an American city coordinates a distributed denial of service attack against the Web page of a multinational financial interest to protest its foreign lending policies on the eve of a major economic summit.
While the political motivation behind these scenarios clearly places them in the category most would consider cyber terrorism, this distinction has not always been easy to make. The series of hacking attacks dubbed Solar Sunrise, aimed at the Pentagon from February 1 through February 26, 1998, occurred concurrently with U.S. military preparation for possible action in Iraq. Based upon the events that had preceded the attacks, the attacker's target, and the apparent sources of the attacks, the activity at first was believed to have been an organized act of cyber terrorism or a state-sponsored act of cyber warfare intended to disrupt U.S. military response to potential hostility in the region. The attacks appeared to come from the United Arab Emirates, Israel, France, Taiwan and Germany. The investigation of this case ultimately led not to known foreign terrorists, but to two teenagers located in California and one in Israel.
The Threat Is Real
There are two areas of concern regarding the potential for cyber terrorism that have become the subject of extensive discussion among security experts in government and private industry. These are both areas in which the cyber world and the physical world could potentially collide. The first involves the potential for perpetration of a mass-casualty attack immediately preceded by a cyber attack against the communications sector to disable first responder and other emergency capabilities. The second, more insidious threat, involves exploitation of the potential cyber vulnerabilities of distributed control systems, SCADA (supervisory control and data acquisition) devices and digital control processors. In this case, a computer-based attack would be staged to interfere with critical industries such as electrical power, natural gas, oil, and water and wastewater. Such an attack would also create potential life safety hazards.