Myths and Realities of Cyber Terrorism - PowerPoint PPT Presentation

1 / 41

About This Presentation

Title:

Myths and Realities of Cyber Terrorism

Description:

Purdue University. Center for Education and Research in Information Assurance and ... Instead Hamas, the Palestinian organization that sponsors acts of terror against ... – PowerPoint PPT presentation

Number of Views:230

Avg rating:3.0/5.0

Slides: 42

Provided by: michael47

Category:

more less

Transcript and Presenter's Notes

Title: Myths and Realities of Cyber Terrorism

1
Myths and Realities of Cyber Terrorism

Michael Stohl
Dean of International Programs and Professor of
Political Science
Purdue University

2
Plus ça change,plus c est la même chose

The New York Times
November 7, 1999, Sunday Page 7
A U.S. Study Of Embassies Says Updating Is Urgent
Need

3
(No Transcript)
4

Terrorists Taking Up Cyberspace
Charles Piller LA TIMES , 8 February 2001
A car bomb shattered storefronts in Netanya, a
seaside resort town in northern Israel, and
wounded 60 diners and shoppers on the evening of
Jan. 1. There was one
fatality--the bomber
himself. The group behind this blast didn't call
a TV station to claim credit. Instead Hamas, the
Palestinian organization that sponsors acts of
terror against Israel, posted a note on its
Web site. It turns out that the Internet--inexpe
nsive, open and accessible at any time from
anywhere--is an ideal tool for terrorists.
5
23 Feb. 2001 GENEVA, Switzerland (AP) --
Swiss police arrested a man Friday on suspicion
of hacking into t the computer systems of the
World Economic Forum and stealing private
information about participants.
Geneva police said the man was a 20-year-old
Swiss citizen and part time computer consultant.
He was arrested in the Swiss capital, Bern.
Police said he would be charged with data theft,
unauthorized entry into a computer system, damage
to property and misuse of credit cards. If found
guilty he faces up to five years in prison, or a
fine A shadowy group of anti-globalization hack
ers calling themselves "Virtual Monkeywrench" had
claimed responsibility for the attack.
6
What is terrorism?

The purposeful act or the threat of the act of
violence to create fear and/or compliant behavior
in a victim and/or audience of the act or threat.

7
Process of terrorism

Three Component parts
The act or threat
The emotional reaction
The social effects of the act or threat and the
resultant reaction

8
ITERATE IV 1968-1994 Total incidents 10,837

Fatalities
Total fatalities 9654
Incidents without fatalities 9,210
(85.5)
Incidents with a single fatality 876
(8.1)

9
ITERATE IV 1968-1994

Injuries
Total reported injuries 16, 854
Incidents without reported injury 8907
(82.2)
Incidents with a single injury 685 (
6.3)

10
ITERATE IV 1968-1994

Property damage
Incidents without reported damage 5,777
(53.3)
Incidents with severe damage
76 (00.7)

11
What is Cyber Terrorism?

Two distinct forms
Information systems and technology as
A. Target
B. Weapon

12
Information systems and technology as target

Attacks on Hardware and other physical assets
Attacks on Software
viruses, worms, penetration of data, extraction
of data, alteration of data, etc.

13
Information systems and technology as target

Purpose
As in other forms of terrorism, to create fear or
compliant behavior
reduce confidence in the integrity of systems
extract or destroy resources

14
Information systems and technology as weapons

Using the web and email to communicate, raise
funds, recruit, gather intelligence and launch
attacks
Altering the structure of organizations, moving
them from vertical to horizontal, from chain and
hub networks to all channel networks (Arquilla et
al 1999)

15

Information systems and technology as weapons

Purpose
To increase organizational capabilities
To reduce risk of detection

16
(No Transcript)
17
(No Transcript)
18
(No Transcript)
19
(No Transcript)
20
(No Transcript)
21
(No Transcript)
22
(No Transcript)
23
(No Transcript)
24
(No Transcript)
25
(No Transcript)
26
(No Transcript)
27
Cyberattacks against Pentagon on the
rise BY DAN VERTON (December 14, 2000)

The number of cyberattacks and intrusions into
Pentagon computer networks this year is expected
to top off at 24,000, an increase of 5 compared
with last year, said the U.S. Department of
Defense. However, the overwhelming majority of
those intrusions are due to known vulnerabilities
and poor security practices.
Ninety-nine percent of the successful attacks and
intrusions can be attributed to known
vulnerabilities and security gaps that have gone
unfixed and poor security practices by defense
agencies..

28
COMPUTERWORLD

Malicious hackers and other criminals penetrated
Pentagon network security at least 14,059 times
during the first seven months of this year, said
West. That number will probably increase by at
least 10,000 before the year ends, he said.
Hackers stung the Pentagon at least 22,144 times
last year and 5,844 times in 1998

29
Are cyberterrorists for real?

U.S. struggles to distinguish joy-riding
hackers from state-sponsored attackers FCW June
4, 2000
Richard Clark
terrorism" may be too strong a word when
describing potential cyberthreats.

30
FCW June 4, 2000 (cont.)

experts agree that, to date, most of the major
cybersecurity incidents are best described as
nuisance attacks, although many fear that a
devastating surprise attack, sometimes referred
to as an "electronic Pearl Harbor," is inevitable.

31
CNN.Com December 8, 2000

U.S. cyberspace chief warns of 'digital Pearl
Harbor'
The nation's top cyberspace official (Richard
Clarke) Friday called on the next president to
shore up the government's computer security to
prevent a "digital Pearl Harbor."

32
Richard Power, CSITangled WEB

Now in its fifth year, the annual release of the
results of the CSI/FBI Computer Crime and
Security Survey is a major international news
story, covered widely in the mainstream print and
broadcast media. The CSI/FBI is, for better or
worse, the most widely cited research on the
extent and scope of cybercrime and related
security problems (p.22).

The CSI/FBI Computer Crime and Security Survey is
a non-scientific, informal but narrowly focused
poll of information security practitioners.
The survey is, at best, a series of snapshots
that give some sense of the facts on the ground
at a particular time (p.32).

34
George SmithIssues in Science and Technology,
Fall 1998

FBI reported as fact a computer virus named
Clinton
Defense Information Systems Agency reported
250,000 intrusions by hackers into Defense
department computers in 1995- but the total was
based on reports of 500 actual incidents and
assumed that only .2 are reported

35
CNN February 20, 2001 by La
ura Rohde (IDG) -- Hackers now have
a new tag in the U.K. cyberterrorists. Under
the Terrorism Act 2000, enacted into law
beginning Monday, people who endanger
lives through the manipulation of public computer
systems will be punished under the
anti-terrorism law as would any other terrorist.
"There isn't a specific section that deals with
cybercrime as such, it is covered within the
various sections, but anyone who seriously
interferes with, or seriously disrupts an
electronic system will be dealt with under the
anti-terrorism law," said a spokesman for
the Home Office, the government department that
oversees immigration and crime.

36
The Terrorism Act is intended to extend the
definition of what is legally a terrorist and now
includes, along with violent foreign groups such
as the Irish Republican Army (IRA) or Hezbollah,
any U.K.-based group planning an
attack outside of the U.K. or any group
threatening or planning "serious violence" within
the U.K. That can include hackers or political
protestors if their actions or intentions "turn
violent," the spokesman said.
37
The Project