By Kevin Coleman
Source: Directions Magazine
Business, government and industry have all become addicted to information. Their reliance on information creates opportunities for terrorism. Imagine a day without the Internet. What would the impact be? Just what is considered to be cyber terrorism?
Cyber terrorism is the premeditated use of disruptive activities, or the threat thereof, against computers and/or networks, with the intention to cause harm or further social, ideological, religious, political or similar objectives, or to intimidate any person in furtherance of such objectives.
If your look at the projected eCommerce number for this year, the Internet being down for just one day could disrupt nearly $6.5 billion worth of transactions. More than just eCommerce transactions flow over the Internet. eMail, voice communications, some banking machines, credit card authorizations for physical stores and the list goes on and on. Information is the life blood of commerce, regulatory oversight and even social status. The importance of the information and the ability to access it, transfer it and act upon it has increased to the point that it is unfathomable for all but the smallest of businesses to operate without computers or networks. As the value of the computing infrastructure increases so to does the value of disruption. The financial implications are one thing, but the psychological impact of the Internet disruption could be even more damaging.
How likely is this to happen? It is not, if it will happen, but when. The likelihood of a cyber terrorism attack disrupting the Internet increases every day. The increased reliance on the Internet by business, government and society has made it a prime target for terrorist intent on disrupting our economy and way of life.
Security professionals have expressed their increasing concern over not only the increase in frequency of attacks against the Internet, but also the increase in the level of sophistication of these attacks. While the complexity of the attacks is increasing, the skill level of the intruder that launched the attack is decreasing. This is a very troubling trend. As the terrorists learn from every attack what works and what doesn’t, where the vulnerabilities are, how we respond, and the methods we use to detect these attacks, they gain the knowledge that will increase their odds for success.
Could the northeast black out in August have been the first cyber attack? A question that is in the back of many people’s minds.
What is the current state of attack?
Despite significant investment in technology and infrastructure, cyber terrorism represents one of the greatest challenges in combating terrorism. Every day the Internet and countless other computer systems are under attack. In the 2002 research study conducted by the Computer Crime Research Center, 90% of respondents detected computer security breaches within the last twelve months. In another more recent study conducted by CIO Online, 92% of companies have experienced computer attacks and/or breaches in the last 12 months. If that is not shocking enough, security professionals are worried about the increased sophistication of threats against computer systems.
Here are some interesting statistics.
- In the first half of 2002, there were more than 180,000 Internet based attacks on business.
- Attacks against the Internet increase at an annual rate above 60%.
- The average business will experience 32 break-in attempts this week.
- Reported systems vulnerabilities and security incidents are doubling each year.
- The reported number of vulnerabilities and security incidents represent an estimated 10% of the actual total.
Most studies to date have shown that critical information infrastructures are potentially vulnerable to a cyber terrorist attack. The increasing complexity of information systems creates new vulnerabilities and challenges for IT management. Even if the technology is armor plated, insiders acting alone or in concert with other terrorists may be able to exploit their access capabilities to wreak considerable harm.
What would the impact be?
The intention of a cyber terrorism attack could range from economic disruption through the interruption of financial networks and systems or used in support of a physical attack to cause further confusion and possible delays in proper response. Although cyber attacks have caused billions of dollars in damage and affected the lives of millions, we have yet witness the implications of a truly catastrophic cyber terrorism attack. What would some of the implications be?
Direct Cost Implications
- Loss of sales during the disruption
- Staff time, network delays, intermittent access for business users
- Increased insurance costs due to litigation
- Loss of intellectual property – research, pricing, etc.
- Costs of forensics for recovery and litigation
- Loss of critical communications in time of emergency
Indirect Cost Implications
- Loss of confidence and credibility in our financial systems
- Tarnished relationships& public image globally
- Strained business partner relationships – domestic and internationally
- Loss of future customer revenues for an individual or group of companies
- Loss of trust in the government and computer industry
New legislation is requiring system breaches to be reported (SB1386 California). Other proposed legislation would allow damages to be sought by victims of attacks that are launched from hacked web systems. California's SB 1386 is a sweeping measure that mandates public disclosure of computer-security breaches in which confidential information of any California resident may have been compromised. The bill further goes on to define personal information as an individual's first name or initial and last name in combination with a SSN, a driver's license number, or any account numbers, credit card numbers, debit card numbers, and associated passwords or codes. Think of the liability an organization would incur if their systems were compromised and thousands of individuals personal information were exposed and even exploited for financial gain – (funding terrorism).
With the “LoveBug” virus costing nearly $10 billion, it is hard to fathom the financial implications of a much more serious and comprehensive attack. Each and every day corporations in the U.S. and abroad spend millions combating the threats of cyber attacks and cyber terrorism. Corporate efforts reach tens (if not hundreds) of billions of dollars annually and with the increased frequency of attacks, the cost will significantly increase in the coming years. As we face more and more complex attacks from professional cyber warriors, corporations will increasing seek help from the governments around the world to thwart these efforts and stem the financial bleeding.
When will it happen?
As discussed earlier as the value of our information infrastructure further increases and the capabilities of the cyber terrorists’ increase, the likelihood of a significant incident increases. As figure 1 depicted, my bet would be the fourth quarter of 2004. Factoring in the increased value of the Internet before, during, and after a Presidential election along with the psychological impact that type of an event would have, coupled with the ever increasing capabilities of the attackers – that would be “PRIME TIME” for such an incident. Would such an attack have a significant direct impact on the election – NO. But if a terrorist were planning to send a message, I can think of no better time.
Thwarting Cyber Terrorism
Corporate America must be forced to wage an all-out war against cyber terrorism. Securing the information infrastructures will require a substantial effort on everyone’s part. Close collaboration between government and the private sector is critical. Even more critical is the close collaboration within the computer, networking and software industries. These industries must work closely and continue efforts to enhance technology security capabilities. Security is designed in, not added on. Until the weakest links in the network are protected we all are vulnerable and may be impacted. The government sector must institute tougher penalties for cyber crimes and increased funding for law enforcement efforts to fight it. Easier said than done. This must be accomplished with a high degree of collaboration globally. Getting countries to agree on anything these days seems to be an almost unachievable task. Is cyber terrorism the shape of future conflict? Is a digital underground developing right now? Will our scientists, software engineers, and technical resources be able to stay one step ahead of these faceless terrorists? Only time will tell!
Computer and information security, data protection, and privacy are all growing problems. No single technology or product will eliminate threats and risk. I do not believe we have even begun to think of the social and economic implications of a considerable cyber terrorism attack against our infrastructure. Securing our computers, information, and communications networks secure our economy and our country. A global strategy and policy for combating this type of terrorism is need now.
Remember our new enemies are just a mouse click away!