E-Terrorism: An online war?(by Vivienne Fisher, ZDNet Australia)
Few if any Internet-based attacks fall into the realms of terrorism according to leading security experts in Australia, however there are those who believe the threat of e-terrorism is realSource: news.zdnet.co.uk
How serious is the danger of Internet-based terrorism? How do we mitigate the risks involved, and how is the Internet contributing to a propaganda war on all sides of the debate?
Greetings in the name of Allah.
We are Al-shiite Youth movement of Nigeria, founded on the 5th of September 1993, and since then our organisation is made up of over 55,033 members in north -south, eastern and western, zones of Nigeria. Over the years we have tried to increase our followers, but due to lack of funds, we are fighting a lost battle."
--Excerpt from email authored by Danjuma Mohammad, Admin Secretary, of the Al-shiite Youth movement of Nigeria.
Email based circulars asking for donations are by no means peculiar to Islamic splinter groups. In fact almost anyone with an email address would have received requests to lend support to a particular cause, through writing an email, signing a petition or donating time, money and in the case of the Red Cross -- perhaps even a litre of blood.
What is peculiar about the email circulated by the Al-Shiite Youth movement of Nigeria, was the solemn promise that all donations would contribute to its ultimate goal of overcoming the influence of Christianity in Nigeria, and the implementation of Sharia Law throughout the country.
Welcome to the apparently innocuous face of e-terrorism.
"As soon as someone uses the term e-terrorism they begin to lose credibility with me," says Graham Ingram, general manager for Internet security watch-dog AusCERT. "The whole idea of terrorism is to do something that creates terror. You need the physical realisation of violence, and there is very little terror inspired by bits and bytes."
Nonetheless, Ingram points out that the Internet can be used in a variety of ways to support terrorist acts, outlining scenarios whereby a physical attack is timed to coincide with an attack on essential communications services.
"You might have a terrorist act which involves violence and death, and somehow interrupt the 000 emergency number so that the authorities couldn't respond as effectively," Ingram says.
However, not everyone agrees with Ingram's definition.
Kim Valois, security service director at IT integrator CSC says that while e-terrorism includes in the first instance any attack on critical information systems infrastructure, it can also include the use of an information system to benefit or support a terrorist organisation.
"Any disruption to information systems that are in public use, like banking or transport, any use of such systems to disrupt, undermine or cause damage in some way -- attacks against the power supply or the banking system -- these are all part of e-terrorism." Valois says. "However, some groups are more likely to use the Internet for information dissemination or fundraising activities."
When it comes to Internet-based acts of terrorism for example, there is little difference between a politically motivated terrorist attack and a malicious corporate or nuisance hack attack.
The only difference, according to Dean Kingsley, partner in enterprise risk services for Deloitte Touche Tohmatsu, is the potential for e-terrorists to be more highly motivated, and perhaps better funded than their counterparts.
"There is the potential for e-terrorism to have a significant impact, but the likelihood is very small because the counter measures businesses and government need to take against the terrorists are the same as those they should already have in place to mitigate the risks organisations face every day," Kingsley says.
In a similar vein, senior advisor on national information infrastructure, Mike Rothery, argues that while the potential exists for e-terrorism to create a substantial disruption to essential services, the likelihood is minimal.
"We would argue that there is no recoded occurrence of cyber terrorism. That is not to say that it can't happen given the right combination of capability and intent, but those groups capable of launching an Internet-based attack which might threaten life have not got together to do so," Rothery says.
Like Ingram, Rothery argues that few if any Internet-based attacks fall into the realms of terrorism.
"We live in an environment where the threat of a politically motivated attack is very real, but Website defacement for political aims falls way short of terrorism," Rothery says.
Nonetheless, as Valois points out, there can be no doubt that the Internet has been used as a means to generate support for different terrorist organisations, creating a dangerous dilemma for governments who find themselves under threat.
For starters, the Hizbollah which supports suicide bombers, and the School of the Americas, which has spent decades training and recruiting right-wing terrorists in the US, have Websites which openly refer to their activities and motivations.
Others such as the Christian Falangist Party of America make loud claims that they do not condone religious violence, whilst displaying links to the Phalange Christian groups in Lebanon responsible for countless acts of violence and terror.
Oddly enough, many sites created to encourage violence like the profoundly anti-Semitic Holy War claim to be attempting to combat terrorism, while describing Israel as a Communist-Jewish-satanic state.
There is even a Website claiming to represent the Taliban, which warns Israelis to leave Israel or face total destruction.