SEARCH
 
   
Government websites:

Home > Back Issues (Journal) > Journal V28 N3 (Jul - Sep 2002) > Cyber-Terrorism: An Emerging Security Threat Of The New Millennium

Back Issues Journal
 

Cyber-Terrorism: An Emerging Security Threat Of The New Millennium
By CPT Ow Kim Meng

 

Terrorism in the world today is changing. The terrorist attacks on the US World Trade Centre on 11 Sep have clearly shown the world that new age terror makers are extremely capable of thinking "out-of-the-box" and exploiting any terror tactics or "weapons" to achieve their demented goals. In this age of information superhighways, the traditional paradigm of terrorism is evolving beyond traditional physical violence, hijacks and bombing. Today, a terrorist does not need to travel thousands of miles to attack a target. The terrorist does not need to risk detection during the long journey. Today, because of the networked nature of critical infrastructures in most countries, a terrorist does not need to risk attacking the target nation's military or government installations if they can much more easily attack its soft digital underbelly: Cyber-Terrorism.

While the world has yet to see an instance of large scale cyber-terrorism, cyber attacks by terrorists resulting in physical or psychological distress to targeted governments or civilian populations by disrupting critical systems will likely occur in the future.1 Just as Osama Bin Laden and Al-Qaeda had caught the US, the mightiest military superpower in the world, by complete surprise with their "out-of-the-box" attacks, we must look beyond traditional boundaries in anticipating new terrorist threats that likely cannot be eliminated, only limited and managed. The defence and containment of these new emerging threats, including cyber-terrorism, will require well-orchestrated and closely co-ordinated efforts and commitment among civilian, intelligence, law enforcement and military organisations, both in-country and across the world.

The Emerging Threat of Cyber-Terrorism

In recent years, a great deal of attention has been paid to the vulnerability of critical infrastructures of a country in light of new cyber vulnerabilities. In many parts of the world today, including Singapore, the military and civilian sectors rely upon critical infrastructures to provide a variety of vital services ranging from telecommunications to emergency services, from financial transactions to military operations and government services. The critical infrastructures of modern society are underpinned by information servers and electronic networks, which enable their national and international access to governments, military and private operators. The dependence of modern society on computers and communications systems to support the day-to-day lives of society, power demands, finance and trade, and transportation systems places most of the modern society at risk in the event of a cyber attack.2

As a nation becomes more technologically advanced, it will also become inherently more vulnerable to such forms of cyber attacks.3 Military strategists around the world fear that it may one day be possible to paralyse an entire nation by cyber attacks and prevent its autonomous involvement overseas. Cyber-terrorism, born from the information warfare genius, is beginning to evolve from a minimal threat associated with isolated attacks to a strategic threat, if co-ordinated with traditional tactics by state-sponsored rogues or organised terrorist groups in pursuit of a higher level agenda. Information warfare techniques utilised by such cyber-terrorists may prove advantageous and deadly in the hands of these pariah terror makers looking to take advantage of vital infrastructure vulnerabilities of modern society to create chaos. Cyber-terrorism, when used in conjunction with a state-sponsored terrorist campaign or antecedent to a state's war campaign, may conjoin to form a strategic threat in tipping over the balance of a war campaign in both the civilian and military sectors.

What is Cyber-Terrorism?

The US Department of Defence (DoD) defines cyber-terrorism as a criminal act perpetrated by the use of computers and telecommunications capabilities, resulting in violence, destruction and/or disruption of services to create fear by causing confusion and uncertainty within a given population, with the goal of influencing a government or population to conform to a particular political, social, or ideological agenda.4 In this context, telecommunications capabilities refer to the specialised knowledge and skill used to manipulate telecommunications systems, thereby allowing individuals to obtain an extensive level of control over a penetrated system.

One of the distinguishing characteristics of cyber-terrorism is that it is the target that defines the nature of cyber-terrorism, not necessarily the means. For example, cyber-terrorism is any attack against an information function, regardless of the means. Installing a malicious code inside a public telecommunications switching facility is cyber-terrorism, if initiated by non-state or state-sponsored perpetrators. The physical destruction of a public telecommunications switching facility is also considered an act of cyber-terrorism.

Vulnerabilities of Modern Society to Cyber-Terrorism

Before dwelling further on the cyber terror threat, it is important for us to peruse the source of vulnerabilities in today's modern society that provide the strength in cyber terror fears. To this end, Singapore is a highly accurate symbolic reflection of a modern society. The strong dependence of Singapore's living standards on the vital services in the world indicates that any disruption in these services will be inconvenient, costly and even life-threatening. 36 years ago when Singapore first became independent, a prolonged island-wide power disruption would only have affected a small fraction of the well-to-do population and probably a small handful of commercial and government entities. Fast forward to present day, such an outage and its impact would be disastrous and extremely costly. Another vital vulnerability of Singapore, or any modern nation, is the telecommunications infrastructure. The backbone of our nation's financial mechanism, one of the most vital functions of any modern nation, hinges largely on the complex web of telecommunications network ­ coaxial landlines, fibre optics trunk lines, wireless linkages, satellite stations, switches, exchanges ­ spanning our entire island and linking us to the world beyond. A major disruption of these vulnerabilities could severely affect the integrity of our national defence operations, our economy and the integrated services of Singapore's infrastructures. In particular, if fallen prey to such attacks, the SAF would find itself in an extremely unfavourable position, because:

  • Interconnectivity is needed for the conduct of modern military operations.
  • There is widespread utilisation of commercial products, communications infrastructures, and complex commercial software (may be collectively referred to as COTS).
  • Interoperability with joint and multi-national coalitions mandates the use of broadly accepted commercial standards.

The factors listed above are by no means complete, and they are not confined to Singapore or the SAF. These seemingly independent and disjointed factors often form the fracture points that may be wedged apart to create a plethora of "Achilles heels" within modern society. Once compromised, these vulnerabilities may be exploited by anyone with the means and appropriate tools ­ including cyber-terrorists, members of national intelligence organisations, information warriors, criminals, industrial competitors, hackers, and aggrieved or disloyal insiders. What is it that makes us so vulnerable to such attacks?

The world's economy and communications networks are integrating at a staggering pace. Informed estimates by experts suggest that 90 to 95 percent of the information needed to carry out essential governmental functions must in some way be processed by information systems in the privately owned and operated parts of the national information infrastructure. Such a trend can be clearly found within the Asian region. With Asia's rise as an "info power" after experiencing an explosion in economic growth in the late '80s and '90s, and a similarly rapid expansion in the use of communications and information technologies, access to telephones across the region has increased dramatically in the past decade. According to the United Nations World Development Report (UNWDR), in 1990 there were only six telephone lines per 1,000 people in India, eight in Pakistan, less than one in China, six in Indonesia, 10 in the Philippines, 24 in Thailand, 89 in Malaysia and 385 in Singapore. By 1998 the statistics had changed dramatically, with the number of lines per 1,000 people rising to 222 in India, 19 in Pakistan, 70 in China, 27 in Indonesia, 37 in the Philippines, 84 in Thailand, 198 in Malaysia and 562 in Singapore.5 The same trend is also occurring in other countries around the world. With the entire world getting increasingly reliant on such telecommunications infrastructure, the world is also providing cyber-terrorists with a powerful conduit to hold an entire nation, or even the world, hostage.

Another potential area of stranglehold that may be effectively exploited by cyber terror makers is the ever-growing online trend of the world. In Asia alone, there are increasing numbers of people going online. Over 18% of the world's 319 million registered Internet users are from Asia. Within a short span of three years from 1997 and 2000, the proportion of online population in Singapore has grown from a 14.7% to 50%. The trend is even more staggering in China, the country with the largest population in the world. The online population of China has expanded from a measly 0.0001% to 1.34% during the same period. This figure may seem insignificant, but when translated to headcounts, it represented an increase in 16.9 million people! By 2005 the world's online population is expected to rise to 24%.6 As the information age progresses, the entire world is growing increasingly interlinked to one another. The emerging integration of transcontinental and national network services connected to critical infrastructures is increasingly making the world a more vulnerable target to cyber-terrorist attacks. This arena is further inflamed by the proliferation of advanced technologies and weapons systems ­ including nuclear, chemical and biological ­ that may be employed effectively by rogue countries and organised terror groups such as Al-Qaeda to launch physical attacks on a target nation's information and cyber infrastructures.

Why Use Cyber-Terrorism?

There are many advantages to using cyber-terrorism against an adversary who is technologically superior. Such an adversary is likely to be more critically dependent on information-related systems and strategies and more vulnerable to their disruption vis-à-vis a backward nation. From the cyber-terrorist's perspective, cyber-terrorism can abet operations meant to deter or defeat traditional military threats stemming from technologically superior adversaries at relatively low costs. Cyber terror may also act as a force multiplier and enable terrorist operations to concentrate resources in other areas or on other targets. Cyber-terrorism offers terrorists five critical advantages that may compel such perpetrators to utilise the cyber battleground. They are:

  • Low entry costs, especially when compared to the costs of conventional military hardware;
  • Immediate and unexpected action ­ there is no time for the victim to act if caught either unaware or unprepared;
  • Veil of anonymity;
  • Global reaches; and
  • Little risk for the individual sitting at the keyboard - attackers can be located anywhere provided they have access to a network through which they could launch their information assault on the desired target.

Weapons and Tactics of Cyber-Terrorism

One of the greatest challenges for us in the light of this emerging threat is the capability to identify a cyber-terrorist attack as it is happening. Presently, it is nearly impossible for most countries, including the US, to detect cyber terror or information warfare attacks in progress due to the lack of such capabilities. Attacks are usually discovered after they have been completed and the damage has been wrought. Most cyber-terrorist acts will go undetected or untraceable. For example, several hackers broke into US military computers during the Gulf war and eluded identification for four days. During this period, the US military did not know who was attacking key defence computers essential to deploying forces to the Persian Gulf. Fortunately in this episode, the hackers were teenagers, not Iraqi forces.7 Cyber attacks can be conceived and planned without any detectable logistic preparation. These attacks can be invisibly reconnoitred, clandestinely rehearsed, and then mounted in a matter of minutes or even seconds without revealing the identity and location of the attacker. Cyber-terrorism will become a strategic threat to a nation's security if the terrorists are able to identify a means of attacking vital assets and disrupting them in such a way that the damage prevents a nation from effectively deploying its military forces to defend its interests.

Cyber-terrorism will take on various forms and tactics, depending on the perpetrators and their objectives. Cyber-terrorism is not limited to attacks on cyber assets or attacks originating in cyberspace, but also includes physical attacks on facilities that support cyber operations. Cyber terror weapons and attacks may be computer generated or rely on more conventional assaults employing truck bombs, poison gas attacks, explosives, or cable cutting to unleash a chain of events in which a power service grid, gas pipeline, or air traffic control system collapses in a cascading effect. Traditional weapons may also be employed to launch attacks against the target nation's information systems. However, the cyber aspect of cyber-terrorism has received a great deal of attention in recent years. A former director of the CIA had said ­ "the electron, in my view, is the ultimate guided weapon." Information infrastructure can be attacked through the application of cyber-terrorism in five mediums8:

  • Through corrupted system hardware or software;
  • Through electronic jamming devices;
  • Through the use of an insider;
  • By means of an external hacker; and
  • By physical attack.

Some forms of such cyber software weapons employed for the purpose of disrupting the information infrastructure include:

  • Computer Viruses
  • Logic Bombs
  • Trojan Horses
  • Worms
  • Sniffer or Electronic Eavesdropping Programs
  • Next Generation Automated Computer Hacking Tools

Having examined the various forms of cyber terror weapons, let us examine some examples of the possible cyber terror tactics9:

  • Remotely accessing the processing control systems of a cereal manufacturer to change the levels of iron supplement of the cereal for the purpose of sickening and killing the children of a nation;
  • The disruption of banks, international financial transactions and stock exchanges, causing the people of a country and foreign investors to lose all confidence in the target nation's economic system;
  • Attacking a target nation's air traffic control systems to cause two large civilian aircraft to collide. Much of the same can be done to the rail lines and domestic mass transit system;
  • Remote alteration of the formulas of medication at pharmaceutical manufacturers. The potential loss of life is unfathomable;
  • Remotely changing of the pressure in the gas lines, causing a valve failure and a gas pipe explosion. Likewise, the electrical grid is also vulnerable to such attacks; and
  • Remotely overriding of a heavy chemical manufacturing plant's internal safety monitoring systems, thereby leading to the devastation of the plant and the contamination of the plant's surrounding area with hazardous chemicals.

In effect, such acts of cyber-terrorism can make certain that the population of the target nation will not be able to eat, drink, move, communicate or live. In addition, the people charged with the protection of their nation ­ including the military, law enforcement agencies and other homefront protection agencies - will not have any warning prior to the attacks. Neither too will they be likely to be able to shut down the cyber-terrorists, since they would most likely be on another part of the world. In the networked world of today, the effects of such cyber attacks could spread far beyond the radius of a bomb blast. The new technological innovations of the information revolution of the new millennium have opened up a Pandora's Box of exploitable vulnerabilities for the entire world.

Deterring Cyber-Threat

How can we plan to deter a phenomenon that cannot be detected, has real-time striking ability, may be misrepresented under the guise of false-flags and can be caused by either an internal malfunction, hacker, cyber-terrorist or foreign adversary? Many experts in this field have suggested that proper cyber-terrorism deterrence should be limited to an Information War response, or response in-kind. Others have proposed for the mitigation of a nation's vital vulnerabilities by switching all its vital assets to separate isolated and secured computer networks. As the arena of cyber-terrorism is a relatively new emerging form of security threat, there are few countries and security/military organisations that we may draw references and lessons from. However, there are several elements of Information Warfare that would probably prove to be effective in deterring cyber-terrorism. One such element is Psychological Operations (Psyops). Psyops use a variety of methods such as misinformation to affect the enemy's reasoning. A terrorist organisation capable of launching a cyber attack could be bombarded with e-mails detailing a caveat against cyber-terrorism attacks and adumbrating retaliation that would guarantee their destruction. Counter cyber-terrorism operations could also be disseminated through their computer resources. Psyops may also assist in deterring cyber-terrorism by manipulating the potential cyber-terrorists' computer, financial and internet resources to such a degree that they may feel it is in their best interests not to employ cyber-terrorism as a means to their ends.

Another effective form of deterrence to cyber-terrorism is the employment of Electronic Warfare (EW). EW can include tactical operations against terror forces via the Internet or through any electronic means of communication. For example, the US had employed varied forms of EW to eavesdrop on the activities of Osama Bin Laden through his mobile phone communications after the 11 Sep attacks. The US had also employed EW and Information Warfare techniques to detect, trace and disrupt international money transfers and other financial activities of Muslim activists who supported the suspected terrorist groups.

Security measures form an important deterrence to cyber-terrorism because they reject efforts to corrupt the integrity of military and civilian assets through cyber attacks. Effective security measures keep the adversary from learning about the target nation's true capabilities and intentions. Current security measures include OPSEC (Operations Security), COMSEC (Communications Security) and COMPUSEC (Computer Security). Obviously, the most effective means of negating the threat of cyber-terrorism is to have a well-defended information infrastructure that is impervious to cyber attacks. To this end, the tools of Information Warfare provide an effective means to deal with cyber-terrorism. Furthermore, Information War operations and the advanced technologies that make a nation more vulnerable are also the best tools of deterrence that may promote its defence if used effectively. Certainly, improved intelligence collection and assessment, as well as modern information processing and C2 capabilities will be critical in any successful deterrence against would-be aggressors.

An effective deterrence policy used to combat cyber-terrorism should involve a wide range of multi-faceted responses, including military operations and retaliations. Such possibility of retaliatory actions will contribute to the deterrence of attacks by instilling the idea of "an eye for an eye". Certainly, cyber-terrorists would be less willing to wage cyber-terrorism operations if they thought the consequences for such attacks would mean the destruction of their assets, resources, and potentially, their existence. The message of the will and ability to carry out retaliation must be credible and unwaiverable to achieve the best effect of deterrence.

Conclusion

The face of terrorism is changing in the new millennium. While the motivations remain the same, the world is now facing new and unfamiliar means of waging terror, one of which is cyber-terrorism. The existing intelligence systems, tactics, security procedures and equipment that were once expected to protect people, systems, and nations, are generally powerless against this new emerging form of terror. Cyber-terrorism may serve as a vital element to terrorist strategy because as a force multiplier, cyber-terrorism may provide terrorists with an additional resource to cause disruption of critical infrastructures and other strategic assets without having to deploy their operators. As can be seen from the 11 Sep attacks, even a military super-power such as the US can be "stung" by surprise and suffer grievous civilian and economic consequences, much less the rest of the world.

In the face of this new emerging form of security threat of the new millennium, we must develop the capability to deny, detect, and deter cyber-terrorism without sacrificing any vital infrastructures or military credibility. As technology continues to proliferate, cyber-terrorism is likely to mature in this new century. If cyber-terrorism policy, deterrence and response capabilities are not developed to meet ongoing technological advances in civilian industry, then the world may find itself paralysed in responding to a looming international security threat.

This essay won a Commendation Award in the CDF Essay Competition ­ 2001.

Endnotes

1 "New (or innovative modifications of old) forms of warfare are emerging and will likely be employed in the future." & " Transnational Infrastructure warfare, attacking a nation's key industries and utilities; telecommunications, energy and power, transportation, governmental operations and services, emergency services, financial, manufacturing, etc.", web article Global Threats And Challenges: The Decades Ahead, Lieutenant General Patrick M. Hughes, USA, Director Defense Intelligence Agency, 1998.

2 "The Pentagon is already planning advanced forms of information warfare, including computer-based sabotage of an enemy's computing, financial and telephone systems before a shot is fired in anger.", web article The New Canons Of War - Chronicles Of The Future, C Stewart, 1999.

3 "HI-TECH nations such as Australia could be threatened by terrorism and warfare waged through the Internet ", web Article Australia: Www Wired For War, J Masanauskas, 1998

4 Extracted from US DoD Report on "Cyberterrorism: An Evolving Concept" (Published 2001), Pg 2.

5 Statistics on Asian telecommunications growth extracted from web Article Asia - Grasping Information Warfare, 2000.

6 Statistics on Asian online population growth extracted from web article Asia - Grasping Information Warfare, 2000.

7 Based on account of incident published in web Article Cyber Wars, Wars Of The Future... TODAY, Jun 1999.

8 Information obtained from web Article GLOBAL THREATS AND CHALLENGES: THE DECADES AHEAD, Lieutenant General Patrick M. Hughes, USA, Director Defense Intelligence Agency, 1998.

9 Information extracted from web article The Future Of Cyberterrorism, Barry C. Collin, 1999.

Bibliography

1. "Cyberwar is Coming", Strategic Review, Vol 12, 1999.

2. "The Strategic Implications of Information Dominance" , Strategic Review, Vol 22, 2000.

3. "The Information Revolution and Warfare 2020", Defence News, March 1999.

4. "Information Warfare and the Air Force: Wave of the Future? Current Fad?", RAND, March 1996.

5. "Report Urges Info System Safeguards", Defence News, March 1997.

6. "Cyber-terrorism", Foreign Report, September 1997.

7. "Cyber wars", The Economist, 13 January 1996.

8. "Defense Technology", The Economist, 10 June 1995.

9. "National Security in the Information Age", Devost Matthew, 1995.

10. "Russian Views on Future War", Jane's Intelligence Review, September 1998.

11. "Russian Views on Electronic Signals and Information Warfare", American Intelligence Journal, May 1994.

12. Information Warfare at the Crossroads, Frederick Brian E, 1997.

13. "The Future of Warfare: Select Enemy. Delete", The Economist, 08 March 1997.

14. The Data Weapon, Grier Peter, June 1998 3rd edition.

15. Information Warfare and Deterrence, Harknett Richard J, 1996.

16. "Information Warfare: A Two-Edged Sword", RAND, November 1998.

17. "Desert Storm: The First Information War", Airpower Journal, Winter 1994.

18. Information-Age Warriors, Byte, July 1992.

19. Defensive Information Warfare, Albert David S, 1996.

20. Computers under Attack: Intruders, Worms and Viruses, Deming Peter, 1995.

21. Information War, Lewonowski, Mark C, 1993.

22. What is Information Warfare?, Libicki Martin C, 1995.

23. Sun Tzu and Information Warfare, Neilson Robert E, 1997.

Information Warfare: Chaos on the Electronic Superhighway, Schwartau Winn, 1994.

CPT Ow Kim Meng is a Weapons Systems Officer (C3) by training and is currently a Staff Officer at HQ RSAF. Previously he held the appointment of controller at a Squadron. He graduated with a BEng (1st Class Honours) in Computing and a MSc in Advanced Computing from the Imperial College of Science, Technology and Medicine - London. He won a Commendation Award in the 1998 CDF Essay Competition.

 
Last updated: 03-Jul-2006


PUBLICATIONS


Journal


Supplement


Monograph

 

Privacy Policy | Terms of Service | Contact Us | Sitemap
Copyright 2003-2006 iMINDEF. All rights reserved