Title: Could CyberTerrorism Bring Down The United States
1Could Cyber-Terrorism Bring Down The United
States?
- Prepared By Scott Andrews
- National Collegiate Conference Presentation
- March 31st 2007
2Cyber-Terrorism Scenario
3- Distributed Denial Of Service attacks have began
to plague American Websites. - Nine of the 13 DNS root servers that route
Internet traffic globally have become infected. - As a result critical nodes have been unable to
service the Internet backbone.
Source Http//www.citrix.com/.../AA026-BEFORE_vs.
jpg
4- Within minutes, Internet traffic across most of
North America has come to a complete standstill. - The U.S. DoD computers have been crippled.
Source Http//photography-plus.com/images/Pentago
n.jpg
5- One hour after the cyber attack terrorists launch
a missile. - This weapon emits an EMP charge which destroys
everything with a microchip or integrated
circuit. - Everything with an electronic component has been
damaged without repair.
Source Http//www.navey.mil/navydata/policy/visio
n/vs00/p. 72-a.gif
6Results From The Attack
7- Mass hysteria and refuges.
Source Http//www.doublespeakshow.com/images/2006
/04/katrina_victim
8- Breakdown of the American Economy.
- Potential for the loss of human lives within the
weeks and months to come.
Source Http//newsimg.bbc.com.uk/media/images/407
56000/jpg/_40756489_stock203getty.jpg
9Introduction
- Currently, the United States is not equipped to
deal with a major cyber attack on its homeland. - For example, look at the chaos during hurricane
Katrina.
10Cyber-Terrorism
- This presentation will address
- Cyber-terrorism- What is it?
- What constitutes a critical infrastructure.
- An in depth analysis of cyber-terrorism will be
explored. - What can be done to prepare the United States for
a perspective cyber attack. - Steps the Federal Government must take to protect
the country from cyber based attacks.
11What is Cyber-Terrorism?
- Cyber-Terrorism- according to FEMA
- Unlawful attacks and threats of attack against
computers, networks, and the information systems
stored therein when done to intimidate, or coerce
a government or its people in furtherance of
political or social objectives.
12What is a Critical Infrastructure?
- Critical Infrastructure- according to the US
Patriot Act - Systems and assets, whether physical or
virtual, so vital to the U.S. that the incapacity
or destruction of such systems and assets would
have a debilitating impact on security, national
economic security, national public health or
safety, or any combination of those matters.
13Source Http//capcog.org/images/911/2ndcritInfrl.
jpg
14Physical vs. Virtual Boundaries
- The United States has always been protected by
its isolated existence until the birth of the
Internet. - In cyberspace there are no physical or geological
borders. - A person in Iran or North Korea for example could
attack the United States without even touching
American soil. - The cyber attack could then pave the way for a
physical attack on Critical Infrastructures.
Source Http//img.timeinc.net/time/reports/planet
/images/cyberspace.jpg
15Why Choose A Cyber Attack vs. A Conventional
Attack?
- Terrorists would not need to commit considerable
resources such as funding or training. - Only minimal technology is needed. All a
terrorist would need is a computer and a high
speed Internet connection. - There are many online resources available.
Source Http//www.shorrock.dircon.co.uk/images/Te
rror.jpg
16Documented Cyber Attacks Against The United
States
- In 2001, the Code Red and NIMDA computer viruses
attacked United States systems in both the public
and private sectors. - Research has indicated that it would have taken 2
to 3 months of security audits to find the
vulnerabilities that both viruses exploited. - Code Red infected over 150,000 computer systems
in only 14 hours (see graphic). - NIMDA had infected computers in almost every part
of the globe in less than an hour. Globally the
damage was estimated at 13 billion.
Source Http//www.nsf.gov/news/mmg/mecia/images/c
aida_codered_f111.jpg
17Humanity Greatly Depends On The Internet For
Survival
- Information Systems maintain the distribution of
food and medicine across the supply chain to
consumers. - Information Systems regulate the stock market and
banking systems. - Information Systems are used by the Department of
Defense to monitor and maintain U.S. national
security. - The breakdown of the Internet and related
technologies for an extended period of time could
endanger human lives and could be the downfall of
our civilization.
18Could The Breakdown of Critical Infrastructures
Happen By Accident?
- In 2001, a freight train derailed in a Baltimore
tunnel and started a massive fire while
underground. - Fiber optic cabling that serviced the Internet
backbone ran through the tunnel and was damaged. - As a result, along the Eastern Seaboard there was
no Internet Service or the service was
considerably slow.
Source Http//www.baltimoresun.com/geatures/bal-t
rainfiregallary, 0,1855948.photogallery?index8
19Who Is To Blame For Cyber-Terrorism?
- Many unfriendly nation states have
cyber-terrorism and cyber warfare units. These
include - Russia, China, Iran and North Korea.
- All of these countries listed could possibly
bring down civilian and military critical
infrastructures if given the chance or
opportunity. - Think of cyber warfare a a poor mans atomic
bomb.
Source Http//www.treachery.net/images/the_myth_o
f_cyber-terrorism.jpg
20Government SimulationEligible Receiver
- In 1997, the NSA implemented a simulation to
measure the vulnerabilities of the DoD and
National Security computer systems. - 35 NSA agents posed as hackers.
- The agents were only allowed to use any online
resources and not break any U.S. or International
laws. - With little effort the agents were able to break
into the U.S. Pacific Command where they could
have crippled the entire Pacific Fleet of
Operations. - The breeches of security were never detected.
21Governments Report Card On Cyber Security
- In 2003, the Washington Post printed a story that
many IT professionals are worried about the
Governments ability to defend against a major
cyber attack. - A survey was conducted by the House Government
Reform Subcommittee On Technology with disturbing
results. - Over ½ of the Federal Agencies surveyed received
a D or F. - The DHS that is entrusted to protect the U.S.
against terrorist attacks received an overall F.
Source Http//troublepholadelphiaweekly.com/archi
vers/report.card.jpg
22How to Protect the United States?
- Home and small business users must employ
Internet Security Suites with anti-virus and
firewall software. - Large Enterprises (corporations, educational
institutions, or government organizations) must
have adequate information security policies in
place. - Critical infrastructures (public and private
sectors) must unite and share information about
security weaknesses. - There must be more research and development in
the area of cyber security.
23Hardware Software VendorsNeed More Regulation
- For example, CISCO and Microsoft have had
security vulnerabilities with some of their
products. - At times both companies have not released
information about the proper patches within a
reasonable amount of time with the of fear of
loosing any market share. - The Feds must employ regulations on the reporting
of such vulnerabilities and their should be
financial penalties if information is not
released.
24What Should the Federal Government Do?
- The Federal Government must set up regulations on
the reporting of security vulnerabilities in IT
products. - IT companies should be obligated to notify the
DHS if they have any evidence that any security
vulnerability was exploited by hackers or
terrorists. - There should be strong penalties if any
vulnerability was exploited and not reported
especially if any personal information was lost
or stolen. - Businesses, IT companies, and ISPs must have
strong and sound computer security policies in
place.
25Conclusion
- The United States most likely will face a major
cyber attack in the next decade. - Historians have labeled this day an Electronic
Pearl Harbor. - Computers and the Internet are two of mankinds
greatest accomplishments and humanity depends on
these for its survival. - If the United States takes the proper steps to
secure its critical infrastructures and
cyberspace an attack might not be prevented
however, its impact and after effects could be
greatly minimized.
26- In order to prevent ourselves from creating our
own extinction, Americans as well as our
government and its political leaders must
understand the differences among cultures in the
world. - Quote from the late President John F. Kennedy
- Our problems are manmade therefore, they can
be solved by manNo problem of human destiny is
beyond human beings - Our most basic common link is that we all
inhibit this planet. We breathe the same air.
We all cherish our childrens future. And we are
all mortal
27Cyber-Terrorism Are We Prepared?
Source http//cache.trafficmp.com/tmpad/content/n
etflix/0207/0107_001_A_720300_A_200727181937.htm