Cyber Terrorism

Prior to 9/11, the effects of executive disconnect had given cybersecurity very low priority. The post 9/11 realignment of 22 agencies under DHS was intended to develop cybersecurity awareness. Instead, the intelligence grid reacted as if a proprietary component of their status quo had been amputated and re-grafted into DHS: ‘The Grid’ continued to maintain redundant cybersecurity operations because DHS was perceived as a knee-jerk response to 9/11. This discombobulation weakened the US cybersecurity posture. [Understanding] [Associated] While the Internet enabled terrorists to educate, recruit and carry out coordinated attacks in an unregulated “continuum” of terror, the US counter-cyberterrorism element was forced to spearhead cybersecurity as a unified body. [Washington] [ASIS]

LOOKING DARKLY

The Internet was conceived when DoD wanted to reduce vulnerabilities of its communication infrastructure. The solution was a decentralized communication web that posed so much redundancy that a single tactical objective could not exist – even multiple attacks can not immobilize the Internet. [Washington] Far exceeding malware, espionage and sabotage is the threat terrorists pose to disrupt critical infrastructure that could destroy high-tech systems and impair a national response effort. [Understanding] [Asia] The Internet platform that DoD created to safeguard their communications is also utilized by terrorists to decentralize and protect their operations. Built-in redundancy affords a ‘virtual sanctuary’ that enables terrorists to amplify their message with impunity. Terrorists have introduced a ‘global jihad’ to a worldwide audience through a network of nodes and hubs that conceal their leaders and hide financial sources. [Washington] [Asia] Even Congress can not fathom the extent to which critical infrastructure is controlled by automation networks that are vulnerable to infiltration and sabotage by US enemies. [Associated]

THE ENEMY WITHIN

The effort of federal and local law enforcement agencies to interdict terrorists is impaired by civil liberties organizations that protect a terrorist’s right to anonymity. The ACLU has challenged NSA’s monitoring of terrorist websites because terrorists have a right to tell their side: An attempt to block al Qaeda from raising money violates their civil rights. It violates the First Amendment to arrest Arab students who sponsor terrorism. Americans who die at the hands of terrorist don’t have rights, while terrorist organizations that actively seek the annihilation of western civilization can invoke western laws to block their extradition.

More confounding is that the NSA utilizes a cybersecurity company in Ontario whose software maintenance and testing facility is in Beijing. In spite of persistent

claims that adequate safeguards are in place, a determined foreign agent could infiltrate the Beijing facility and re-program sophisticated sensors designed to monitor battlefield environments to provide false information. To justify expanding their industrial espionage effort, the Chinese government tirelessly accuses the US of embedding tracking software in American products sold there. US industries continue to outsource programming to a growing foray of foreign companies… but the NSA isn’t worried. [Associated]

CYBER VULNERABILITY

Roughly 50% of all annoying spam contains spyware designed to report the validity of an e-mail address back to the spammer. Marketing companies use spyware to track web surfing behavior. In the hands of a motivated terrorist, spyware can be easily modified to have a much more malicious effect. The preeminent concern is that cyberterrorists could parallel a physical attack that immobilizes critical infrastructures in multifaceted ways. [Understanding] The same radios that enable emergency-response teams to communicate can also be used by an enemy to remote detonate an I.E.D.

Terrorists can monitor railroad freight management systems to track and divert shipments of hazardous material or mask a weapon of mass destruction as a benign piece

of freight that detonates in a metropolitan switch yard. The complexity of the freight industry combined with its increasing reliance on information systems compounds vulnerability alongside its many advantages. When synchronized with a physical attack, cyber terrorism can exponentially magnify the effect by disabling air traffic control systems, crashing SCADA or by destroying any critical infrastructure. [Associated]

CYBERTERROR UNIVERSITY

Terrorist websites offer virtual training for building bombs, firing surface-to-air missiles, shooting at US soldiers and sneaking into Iraq unnoticed. Al-Qaeda operatives are known to have learned hacking techniques online. [Council] The most infamous online terrorism instructor and Jemaah Islamiyah member, Imam Samudra, began teaching computer hacking in Bali in 2003. Samudra is the author of several terrorist training manuals and is the first terrorists to introduce the use of steganography. [Asia] [Associated] Steganography enables terrorists to communicate by embedding cryptic messages in Internet images that terrorists can send back and fourth using free e-mail accounts. Al Qaeda proudly displays their theological tenets online and is the first ‘guerrilla movement to operate in cyber space.’ [Washington] [Council]

FIGHTING CYBER TERRORISM

Teams from the nation’s four military academies are attacked by NSA specialists in a ‘Cyber Defense Exercise’ designed to strengthen cybersecurity awareness in tomorrow’s leaders. As the Pentagon deploys more advanced computer systems, planners realize that a hacker can kill more US soldiers with bits and bytes than an enemy can with bombs and bullets. Our military relies on sophisticated technology to locate enemy targets: The same technology that gives our soldiers a tactical advantage in the field, can kill them if the data is corrupted. DHS has expanded efforts to monitor and intercept potential cyberterrorist attacks against DoD and critical US infrastructure. All of the major ISPs and every type of computer network is vulnerable to a cyber attack. [Associated]

CYBER CLOKE AND DAGGER

The Internet enables terrorists to disseminate successful insurgent operations in Iraq to a large numbers of disaffected youths ages 7 to 25. Capturing journalists, murdering relatives and bombing homes guarantees that the media will publicize terrorist activities. [American] Even many Arabs detest the vicious killing of their countrymen.

Industrial security experts believe that terrorist organizations are in league with eastern European crime syndicates to conduct industrial espionage against US

companies: US industrial secrets are then sold to rogue foreign businesses or held for ransom. The US Treasury, DOJ, DHS and the intelligence grid have identified a broad range of potential vulnerabilities that call for more dynamic response plans. [USA]

Terrorists have been known to create fake websites with instructions for building a bomb that will prematurely explode and kill its maker. Those sites have sometimes led US forces into a trap. Hoax websites are intended to preoccupy law enforcement so that graphically more substantive websites can operate unnoticed. One Iraq-based al Qaeda cell has boldly posted footage of roadside bombings, the decapitation of American hostages and the execution of kidnapped foreign diplomats. There are jihadi websites with video games in which 7-year-olds can pretend to be holy warriors who kill US soldiers. Although stealth is a tremendous advantage, terrorist fundraising has become so mundane that terrorist organizations can accept donations through common online payment systems like PayPal. [Council] Al Qaeda gleans roughly 80% of its actionable intelligence from online sources before planning an attack and uses videotaped executions to boost morale. [Washington]

The most infamous figure in the world of online terrorism was Younis Tsouli, 22, a.k.a. Irhaby 007 who organized cyber terrorist organizations around the globe with his ‘Seminar for Hacking Websites.’ He created a network of technology-savvy terrorist

disciples and was arrested by Scotland Yard in October 2005. Equally notorious is Juba, the ‘Baghdad Sniper,’ who stalked and murdered 143 US soldiers and published graphic footage of his savage attacks online. [Council]

THE INTELLIGENCE PERSPECTIVE

The counter-cyberterrorism community believes that terrorist online activity provides a wealth of information that should be tolerated; by monitoring online chatter, German officials were alerted to the Madrid bombing in March 2004. Many websites are protected by a menagerie of mirror sites that cross-link to each other worldwide, making it virtually impossible to target content that exists at 1,000 global locations. Mirror sites mitigate serious damage to web content that can not be traced to a specific source. [Council]

CYBER SAFEGUARDS

If the Global Early Warning Information System detects a critical Internet security breech, the government can instantly switch to a Cyber Warning Information Network which is completely isolated from outside intervention. [Associated] Cybersecurity experts have recommend that small businesses tailor their cyber resilience

strategies to match their financial capabilities alongside Bill Gates announcement that cybersecurity would become Microsoft’s #1 priority. [Contingency] [CPR-I] The FBI, Secret Service and Treasury Department enhanced internal cybersecurity after concluding that no specific guideline could anticipate and interdict every act of terrorism. [USA] [ASIS]

CONCLUSION

Between 1996 - 2006, terrorist websites increased to 5,000, including organizations listed under the US Antiterrorism and Effective Death Penalty Act of 1996. Many experts believe that biometrics will introduce a new era of improved cybersecurity by requiring positive ID at all Internet access points: A biometrically secured cyber environment will enable law enforcement agencies to interdict terrorists and confiscate funding sources while disabling Internet access to terrorists and Internet criminals. In the wake of terrorist ambitions to extinguish all life on Earth, it is ironic that an invention of western ingenuity, solidly iconic of core democratic values, can be used as a weapon against its creator. [Washington] [Associated]

BIBLIOGRAPHY

American Forces Press, Smith, S. (May 5, 2006) Terrorists Use Internet for Propaganda

Retrieved March 15, 2008, from:

http://www.defenselink.mil/news/newsarticle.aspx?id=15854

Asia One, Computer Crime Research Center (February 23, 2005)

Singapore unveils $23 million plan to fight cyber terrorism

Retrieved March 15, 2008, from:

http://www.crime-research.org/news/23.02.2005/984/

ASIS International Commission on Guidelines (2004) TASR Guideline

Retrieved March 15, 2008, from:

http://www.iiiweb.net/File/ASIS_crisis_planning_guideline.pdf_CCvHjLDBW.pdf

Associated Press, Paul, J. (July 3, 2003)