P. 1
Botnets, Cybercrime, and Cyberterrorism

Botnets, Cybercrime, and Cyberterrorism

Ratings: (0)|Views: 2,394|Likes:
Published by Chuck Achberger
Summary

Cybercrime is becoming more organized and established as a transnationalbusiness. High technology online skills are now available for rent to a variety of customers, possibly including nation states, or individuals and groups that couldsecretly represent terrorist groups. The increased use of automated attack tools bycybercriminals has overwhelmed some current methodologies used for trackingInternet cyberattacks, and vulnerabilities of the U.S. critical infrastructure, which areacknowledged openly in publications, could possibly attract cyberattacks to extortmoney, or damage the U.S. economy to affect national security.
Summary

Cybercrime is becoming more organized and established as a transnationalbusiness. High technology online skills are now available for rent to a variety of customers, possibly including nation states, or individuals and groups that couldsecretly represent terrorist groups. The increased use of automated attack tools bycybercriminals has overwhelmed some current methodologies used for trackingInternet cyberattacks, and vulnerabilities of the U.S. critical infrastructure, which areacknowledged openly in publications, could possibly attract cyberattacks to extortmoney, or damage the U.S. economy to affect national security.

More info:

Published by: Chuck Achberger on Jul 11, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

12/11/2012

pdf

text

original

 
Order Code RL32114
Botnets, Cybercrime, and Cyberterrorism:Vulnerabilities and Policy Issues for Congress
Updated January 29, 2008
Clay WilsonSpecialist in Technology and National SecurityForeign Affairs, Defense, and Trade Division
 
1
Larry Greenemeier, “Estonian Attacks Raise Concern Over Cyber ‘Nuclear Winter,’”
 Information Week 
, May 24, 2007, at [http://www.informationweek.com/news/showArticle. jhtml?articleID=199701774].
2
Jeanne Meserve, “Official: International Hackers Going After U.S. Networks,” CNN.com,October 19, 2007, [http://www.cnn.com/2007/US/10/19/cyber.threats/index.html].Sebastian Sprenger, “Maj. Gen. Lord Is a Groundbreaker,”
Federal Computer Week 
,October 15, 2007, vol. 21, no. 34, p. 44.
3
Tom Espiner, “Security Expert: Storm Botnet ‘Services’ Could Be Sold,” CnetNews.com,October 16, 2007, [http://www.news.com/Security-expert-Storm-botnet-services-could-be-sold/2100-7349_3-6213781.html]. Dan Sullivan, “P2P Botnets Increasingly Sophisticated,Realtime-Websecurity,” April 18, 2007, [http://www.realtime-websecurity.com/articles_and_analysis/2007/04/p2p_botnets_increasingly_sophi.html].
Botnets, Cybercrime, and Cyberterrorism:Vulnerabilities and Policy Issues for Congress
Summary
Cybercrime is becoming more organized and established as a transnationalbusiness. High technology online skills are now available for rent to a variety of customers, possibly including nation states, or individuals and groups that couldsecretly represent terrorist groups. The increased use of automated attack tools bycybercriminals has overwhelmed some current methodologies used for trackingInternet cyberattacks, and vulnerabilities of the U.S. critical infrastructure, which areacknowledged openly in publications, could possibly attract cyberattacks to extortmoney, or damage the U.S. economy to affect national security.In April and May 2007, NATO and the United States sent computer securityexperts to Estonia to help that nation recover from cyberattacks directed againstgovernment computer systems, and to analyze the methods used and determine thesource of the attacks.
1
Some security experts suspect that political protestors mayhave rented the services of cybercriminals, possibly a large network of infected PCs,called a “botnet,” to help disrupt the computer systems of the Estonian government.DOD officials have also indicated that similar cyberattacks from individuals andcountries targeting economic, political, and military organizations may increase inthe future.
2
Cybercriminals have reportedly made alliances with drug traffickers inAfghanistan, the Middle East, and elsewhere where profitable illegal activities areused to support terrorist groups. In addition, designs for cybercrime botnets arebecoming more sophisticated, and future botnet architectures may be more resistantto computer security countermeasures.
3
This report discusses options now open to nation states, extremists, or terroristgroups for obtaining malicious technical services from cybercriminals to meetpolitical or military objectives, and describes the possible effects of a coordinatedcyberattack against the U.S. critical infrastructure. This report will be updated asevents warrant.
 
Contents
Introduction......................................................1Background......................................................2Three Basic Methods for Disrupting Computer Systems...............2Cyberattack, Cybercrime, and Cyberterrorism........................3Definitions for Cyberterrorism....................................4Definitions for Cybercrime......................................4Botnets......................................................5Estonia, 2007.................................................7Other Trends in Cybercrime Methods..............................9Malicious Code Hosted on Websites..........................10Identity Theft............................................10Cyber Espionage.........................................12Terrorism Linked to Cybercrime.................................15Terrorist Groups Linked to Hackers..........................18Terrorist Capabilities for Cyberattack.............................18Possible Effects of a Coordinated Cyberattack......................20SCADA Vulnerabilities....................................22Unpredictable Interactions Between Infrastructures..............23Civilian Technology that Supports DOD.......................24Why Cyberattacks Are Successful................................24The Insider Threat........................................25Persistence of Computer System Vulnerabilities.................25Errors in New Software Products............................26Inadequate Resources......................................26Future Attractiveness of Critical Infrastructure Systems...............27Measuring Cybercrime.........................................28Problems Tracing Cybercrime...................................29Organized Cybercrime.........................................30Federal Efforts to Protect Computers..............................31International Convention on Cybercrime...........................32The Need to Improve Cybersecurity..............................33Issues for Congress...............................................34Growth in Technical Capabilities of Terrorists......................35Better Measurement of Cybercrime Trends.........................35DOD and Cyberattack Response.................................36Incentives for the National Strategy to Secure Cyberspace.............37Improving Security of Commercial Software.......................38Education and Awareness of Cyberthreats.........................38Coordination Between Private Sector and Government...............38Legislative Activity...............................................39
List of Figures
Figure 1. Diagram of Purported Echelon Spy System.....................13

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->