Computer Crime Research Center

(By Richard Lowe Jr)

As I watched the television all day long today, viewing the horrible terrorist attack on the World Trade Center and the Pentagon, I asked myself why the terrorists hadn't attacked the internet? After all, with the coming of Code Red, it was apparent to all of us in the Information Technology industry just how vulnerable our vast communication network really is.

In fact, I've read dozens of articles over the last few months explaining in great detail the concepts of cyber-warfare and cyber-terrorism. One of the central assumptions of many of these documents is the value of the internet is obvious to any enemy of the United States and the rest of the free world. It has even been argued that Code Red may very well be a form of cyber-warfare, perhaps even created by a quasi-government agency of some kind.

Now the light has dawned and I understand a basic fact which I did not fully gasp until I saw a plane fly through the World Trade Center building.

The job of a terrorist is to create terror.

Attacks through a communication system such as the internet do not create terror. Yes, you can do one heck of a lot of damage to the American infrastructure by sending attacks through the phone lines. You can cause electric power blackouts, banking failures and many other malicious acts.

A computer programmer shutting off the power to a city is no where near as horrifying as watching a 110 story building crumbling to dust.

What could a cyber-terrorist do?

  • Shut down the stock market? The September 11th terrorists closed it down for two or more days.

  • Get their attacks shown on the evening news? A cyber attack would get no where near the coverage as the terrorists got on this day.

  • Crash a jet? The terrorists did far more than that.

  • Ground a few planes? The terrorists grounded every plane in the United States.

  • Shut down the power grid for a city? Again, nothing compared to a real terrorist attack.

  • That's what we in IT miss ... we are terrified beyond belief by the failure of technology. Most people, however, do not have anywhere near the intimate knowledge and understanding of the shear power that we possess.

    You've got to understand, terrorists are not intelligent beings. They are stupid as stones. Do you really think Usama Bin Laden is intelligent? It does not take brains to ruthlessly kill thousands of innocent human beings. A volcano or mudslide can do that just fine without a single brain cell.

    Read about the first attack on the World Trade Center towers in 1993, and you will find out how stupid terrorists really are. These people make bricks look smart - remember, a brick can do some major damage if it hits someone in the head, but that does not make it intelligent.

    A terrorist would have to understand the internet and the cyber world before he could pull off an attack. On top of that, he would have to gain a realization that the United States depended upon this infrastructure, and then he would have to learn all about it.

    We take it for granted because thirteen year olds in the United States and Europe create viruses and worms in their sleep. As a security manager for a major company, I see dozens of viruses every single day, so I just assume that other people understand these things.

    Well, guess what, the power of the internet is not obvious to ignorant renegade Saudi princes who have been living in the wilderness of Afghanistan for most of their lives.

    Certainly it is easier for this uncivilized savage, dumber than earth barbarian (Usama Bin Laden and every other terrorist) to make a gasoline bomb than it is to create one paragraph of intelligent writing. Anyone can make a gasoline bomb out of an airplane, and it certainly does not take many working brain cells to crash one into a skyscraper.

    You also have to understand that the internet was designed and built to survive a major, country-wide nuclear attack. That's a lot more power than any terrorist scum is likely to possess.

    Is there a danger of cyber-terrorism? Sure there is. This is a critical piece of the world infrastructure and it must be protected, just like any other communication or transportation line.

    There is actually more of a danger of cyber-warfare than of cyber-terrorism. Countries do understand the value of the internet, especially highly civilized nations. Generals and soldiers do understand the value of good communications (which is really what the internet is all about). One of the first and most important tasks of any warmaster is to disrupt communications.

    Terrorists do not want to disrupt communications. In fact, that's the last thing on their mind, since they survive only as long as communications remain intact. Imagine what would happen to any terrorist whose acts were simply ignored. If no terror resulted, then why try and cause terror? Thus, terrorist targets are specifically chosen to be the most visible, and thus the most communicated. You won't find many terrorists who bomb isolated targets out in Siberia - who would see it?

    That, in a nut shell, is why terrorism never has and never will win a war. They are not playing to win - they are playing to terrify. They do cause damage and they do cause, well, terror - but they do not win.

    Attacking via the internet might win a war, but it will not cause terror. Thus, it is not a highly tempting target for terrorists. A terrorist attack against it is not impossible, but it is highly unlikely.


    Home | What's New | Articles | Links
    Library | Staff | Contact Us

    Copyright Computer Crime Research Center 2001, 2002 All Rights Reserved.
    Contact the CCRC Office at +38 061 220 12 83