Professional Documents
Culture Documents
Cyber Terrorism
Cyber Terrorism
Hurdles faced by the wired
World
www.seminarsTopics.com
Seminar Report
Cyber Terrorism
ABSTRACT
Cyberterrorism is a new terrorist tactic that makes use of information systems or
digital technology, especially the Internet, as either an instrument or a target. As
the Internet becomes more a way of life with us, it is becoming easier for its users
to become targets of the cyberterrorists. The number of areas in which
cyberterrorists could strike is frightening, to say the least.
The difference between the conventional approaches of terrorism and new
methods is primarily that it is possible to affect a large multitude of people with
minimum resources on the terrorist's side, with no danger to him at all. We also
glimpse into the reasons that caused terrorists to look towards the Web, and why
the Internet is such an attractive alternative to them. The growth of Information
Technology has led to the development of this dangerous web of terror, for
cyberterrorists could wreak maximum havoc within a small time span.
Various situations that can be viewed as acts of cyber-terrorism have also been
covered. Banks are the most likely places to receive threats, but it cannot be said
that any establishment is beyond attack. Tips by which we can protect ourselves
from cyberterrorism have also been covered which can reduce problems created by
the cyberterrorist.
We, as the Information Technology people of tomorrow need to study and
understand the weaknesses of existing systems, and figure out ways of ensuring
the world's safety from cyberterrorists. A number of issues here are ethical, in the
sense that computing technology is now available to the whole world, but if this
gift is used wrongly, the consequences could be disastrous. It is important that we
understand and mitigate cyberterrorism for the benefit of society, try to curtail its
growth, so that we can heal the present, and live the future...
www.seminarsTopics.com
Seminar Report
Cyber Terrorism
Introduction
The world is a very large place, but it is getting smaller, thanks to the advent of
computers and Information Technology. However, the progress that we've made in
these fields also has a dark side, in that a new terrorist tactic, commonly called
Cyberterrorism has developed. The old, conventional methods of assassination and
hostage taking are slowly fading, as terrorists head towards the Internet to pull
their stunts. The cause for this kind of a transition stems from the fact that the
terrorist has long since realized that removing one official from office only causes
another official to take his place; which is not the end-result the terrorist wished to
achieve. This causes the terrorist to take to the net, thus affecting a wider section
than could otherwise have been targeted. From disabling a country's economy to
shutting off power in large areas, it's all possible, with less risk to the terrorists.
Cyberterrorism is any act of terrorism that uses information systems or digital
technology (computers or computer networks) as either an instrument or a target.
Cyberterrorism can either be "international", "domestic" or "political", according
to the nature of the act, but it is always an act involving a combination of the
terrorist and the computer.
www.seminarsTopics.com
Seminar Report
Cyber Terrorism
should not be ignored.) Terrorist groups use their own computer technology to
threaten or attack a victim's computer resources. This can take the form of threats
or attacks against national infrastructures that have become heavily reliant and
interconnected to computer networks. Activity of this sort is tangible in nature and
thus, generates most of the interest we have in cyberterrorism today. Cyberterrorist
threats can include:
political
groups or
other
ethnic, religious
or nationalist
entities (all of these can include other terrorist groups) identified as "the enemy"
threats to security forces
threats to nation states
What we occasionally see (what is reported) is actual damage to the above targets
in the form of temporary disruption of services, public inconveniences or financial
loss. These incidents, however, are most often in the form of cyber crime and fall
short of what is considered as cyberterrorism. In summary, there have been no
instances where cyberterrorism has been directly translated a catastrophic loss of
life or physical destruction associated with the most violent acts of "conventional"
terrorism. The threat, however, remains real and takes on an added significance
when the growing potential of terrorist group resources is considered.
At this point it is also helpful to speak in terms of "cyberspace-based threats."
There is a wide spectrum of possibilities for "evil actions" in cyberspace. These
include attacks on the data contained within the systems, the programs and
www.seminarsTopics.com
Seminar Report
processing
hardware
Cyber Terrorism
running
those
systems,
and
the
environment
Examples of Cyberterrorism
Cyber terrorism takes many forms. One of the more popular is to threaten a large
bank. The terrorists hack into the system and then leave an encrypted message for
senior directors, which threatens the bank. This message says that if the bank does
not pay a set amount of money, then the terrorists will use anything from logic
bombs to electromagnetic pulses and high-emission radio frequency guns to
destroy the bank's files. The fact that the terrorists may be in another in another
country adds to the difficulty of catching the criminals. A second difficulty is that
most banks would rather pay the money than have the public know how
vulnerable they are.
Significant confusion in understanding cyberterrorism also emerges when
cyberterrorism is confused with "cyber crime" and vice versa. Cyber crime is
similar to cyberterrorism in its use of computer networks and information systems
but clearly different in its motivation and goals. This appreciation, however, is
often overlooked. In many instances there is little effort to distinguish the obvious
differences between the two. Some people treat cyberterrorism simply as an
extension of cyber crime.
Cyberterrorists are often interested in gaining publicity in any possible way. For
example, information warfare techniques like Trojan horse viruses and network
worms are often used to not only do damage to computing resources, but also as a
way for the designer of the viruses to "show off" his "creativity". This is a serious
ethical issue, because many people are affected by these cases. For one, the viruses
can consume system resources until networks become useless, costing companies
www.seminarsTopics.com
Seminar Report
Cyber Terrorism
lots of time and money. Even if the person never meant to harm someone with
their virus, it could have unpredictable effects that could have terrible results.
In one of its more unusual forms, cyber-terrorism can be used for an assassination.
In one case, a Mafia boss was shot but survived the shooting. That night while he
was in the hospital, the assassins hacked into the hospital computer and changed
his medication so that he would be given a lethal injection. He was dead a few
hours later.
They then changed the medication order back to its correct form, after it had been
incorrectly administered, to cover their tracks so that the nurse would be blamed
for the "accident". Thus, a man was killed by the hackers' actions. Also, the life of
the nurse was probably ruined, along with the reputation of the hospital and all its
employees. Thus, there are often more victims in a terrorist situation that the
immediate recipient of the terrorism.
Cyber-terrorists often commit acts of terrorism simply for personal gain. Such a
group, known as the Chaos Computer Club, was discovered in 1997. They had
created an Active X Control for the Internet that can trick the Quicken accounting
program into removing money from a user's bank account. This could easily be
used to steal money from users all over the world that have the Quicken software
installed on their computer. This type of file is only one of thousands of types of
viruses that can do everything from simply annoy users, to disable large networks,
which can have disastrous, even life and death, results.
Terrorism can also come in the form of disinformation. Terrorists can many times
say what they please without fear of action from authorities or of accountability
for what they say. Recently, the rumor that a group of people was stealing people's
kidneys and putting them for sale was spread via the Internet. The rumour caused
thousands of people to panic, and the number of people affected was unlimited.
www.seminarsTopics.com
Seminar Report
Cyber Terrorism
Minor attacks come in the form of "data diddling", where information in the
computer is changed. This may involve changing medical or financial records or
stealing of passwords. Hackers may even prevent users who should have access
from gaining access to the machine. Ethical issues in this case include things like
invasion of privacy and ownership conflicts. It could be even more serious if, for
instance, the person who needed access to the machine was trying to save
someone's life in a hospital and couldn't access the machine. The patient could die
waiting for help because the computer wouldn't allow the necessary access for the
doctor to save his or her life.
Seminar Report
Cyber Terrorism
encryption in favor of a system where by the government can gain the key to an
encrypted system after gaining a court order to do so. The director of the FBI's
stance was that the Internet was not intended to go unsupervised and that the
police need to protect people's privacy and public-safety rights there. Encryption's
drawback is that it does not protect the entire system, an attack designed to cripple
the whole system, such as a virus, is unaffected by encryption.
Others promote the use of firewalls to screen all communications to a system,
including e-mail messages, which may carry logic bombs. Firewall is a relatively
generic term for methods of filtering access to a network. They may come in the
form of a computer, router other communications device or in the form of a
network configuration. Firewalls serve to define the services and access that are
permitted to each user. One method is to screen user requests to check if they
come from a previously defined domain or Internet Protocol (IP) address. Another
method is to prohibit Telnet access into the system.
Here are few key things to remember to protect yourself from cyber-terrorism:
1.
All accounts
should
3.
4.
Audit systems and check logs to help in detecting and tracing an intruder.
5. If you are ever unsure about the safety of a site, or receive suspicious
email from an unkown address, don't access it. It could be trouble.
Types Of Cyber Crimes: -Broadly three types of cyber crimes are recognized:
* Hacking without any intention to commit any further offence.
www.seminarsTopics.com
Seminar Report
Cyber Terrorism
Hacking:
Hackers might be
1.
Code hackers They know computers inside out. They can make the
4.
www.seminarsTopics.com
Seminar Report
Cyber Terrorism
IP spoofing: -
An IP (internet protocol) Spoofing attack occurs when an attacker out side the
network enters pretending as if he is inside network and takes all information
from network or destroy information. Password attacks, Distribution of sensitive
internal information to external sources.
Fraud on Internet:
This is a form of white collar crime whose growth may be as rapid and diverse as
growth of the internet itself. In 1997 1152 crimes were reported. But in 1998 they
skied up to 7500.
Types of Fraud
1.
the investments in stock market and growth of companies. But some of them are
found to be tools for fraud.
2.
nets or web-based- have become popular tools for sharing the information in
market. Some of these are also found to be fraudulent.
www.seminarsTopics.com
10
Seminar Report
3.
Cyber Terrorism
2.
Types of Viruses
1.
If any system which is working with help of internet is hacked, it is obvious that
its source code will be modified and system falls in malfunctionality. Hence all
functions taking this systems help will also fall in malfunctionality. If this
situation happened in banks, military control systems and etc the loss will be of
great amount. Hence Government of India passed some rules to counter Cyber
crimes.
www.seminarsTopics.com
11
Seminar Report
Cyber Terrorism
www.seminarsTopics.com
12
Seminar Report
2.
Cyber Terrorism
diminishing its value or utility by any means with intent to cause loss or damage
to the public or any person. Hacking is punishable with imprisonment up to 3
years or fine up to 2 lakh rupees or both.
3.
appeals to the prurient interest or of its effect is such so as to tend to deprave and
corrupt person who are likely concerned to it. This is punishable on FIRST
CONVICTION with imprisonment of either description for a term which may
extend to 5 years and with fine which may extend to 1 lakh rupees and in event
of a SECOND or subsequent conviction with imprisonment of either description
for a term which may extend to 10 years and also with fine 2 lakh rupees.
4.
digital signature is false and still goes ahead and certifies it is guilty and he is
punishable with imprisonment up to 2 years or fine up to 2 lakh or both.
7.
www.seminarsTopics.com
13
Seminar Report
Cyber Terrorism
HACKING
Original term referred to learn programming languages and computer systems;
now associated with the process of bypassing the security systems on a computer
system or network.
HACKER: A term sometimes used to describe a person who pursues the
knowledge of computer and security systems for its own sake, sometimes used to
describe a person who breaks into computer system for the purpose of
stealing or destroying data. Hacker's and criminals to transmit computer viruses,
invade privacy, steal or corrupt valuable information.
TYPES OF HACKING
1. CYBER MURDERS: A hacker breaks into hospital medical records and
maliciously alters prescriptions. Say, if a patient is allergic to penicillin, the
hacker adds 500 mg of penicillin to his usual dose of medication. The nurse
administers the drug causing immediate death.
2. EFFECT ON US GOVERNMENT SITES: US government sites were
hacked by mujihadeen.Two US government sites were hacked late last week
by a group calling themselves mujihadeen. The pages were defaced with the
flag of Saudi Arabia and a message in Urdu, which translates as Allah is the
greatest of all, Americans be prepared to die. The hackers called themselves
mujihadeen threatened further cyber terrorism.
3. HACKING INCIDENT CLOSES SECURITY NEWS SITE: A hacker
had offered $10,000 bounty for information about fluffy bunny, a notorious
hacker who defaced the schmitz site. The owners site came crashing down.
www.seminarsTopics.com
14
Seminar Report
Cyber Terrorism
be it of any company.
6. CRASHING OF SITES: Sometimes a mischievous hacker tries to crash down
site by sending millions of email like the tempest site.
ADVANTAGES:
Web business have recently found an old way to protect their new concepts
by making the patent application public on his site Mr.Tim Grey effectively put
copycats on notice.
Like Grey Natgoldhaber had fears about his company cybergold being
copied. He applied for a patent and after three years of waiting his site his one
of a handful of net business that can count a newly granted patent as one of its
assets.
Media misconceptions:
www.seminarsTopics.com
15
Seminar Report
Cyber Terrorism
inventors who thirst for knowledge. They dont want to destroy the world.
They want to rule the world. The media typically mislabels hackers as crackers
and crackers as hackers.
DISADVANTAGES:
If you have an account on hotmail, yahoo or excite its vulnerable to hackers.
These services allow an unlimited number of log on attempts.
Secondly the user is not notified when a number of failed login attempts
have occurred.If a password attack has been attempted against a user.
Password crackers attempt to obtain an account password by exhaustively
guessing word and number combination. Password cracking is an extremely
common hacker technique.
BAG OF DIRTY TRICKS:
attacks serves millions of different combinations of letters and words until they
find your password and hack into your system.
Credit card numbers: These are similar to password generators and can help a
Hacking
hackerisfind
a euphemism
and use yourfor
credit
whatcard
is innumber.
fact an act of electronic war with
devastating consequences.
VSN
L
PROXY
SERVE
www.seminarsTopics.com
INTERNE
16
Seminar Report
USER
LOGBOO
Cyber Terrorism
AOL,
YAH
OO...
e-mail leaves behind a trace leading back to its point of origin in the form of an email header. To view the header all we need to do is press options button and
then go to preferences. This will throw of two boxes where you can view your email in full, complete with IP addresses. The IP address, usually a number like
120.12.111,can be traced to VSNL. But only the police have authority to trace
back the route of message up to the doorstep of the offending subscriber.
www.seminarsTopics.com
17
Seminar Report
Cyber Terrorism
www.seminarsTopics.com
18
Seminar Report
Cyber Terrorism
support lines were tied up with people who couldn't get their mail. IGC
finally relented and pulled the site because of the "mail bombings."
Lankan embassies with 800 e-mails a day over a two-week period. The
messages read "We are the Internet Black Tigers and we're doing this to
disrupt your communications." Intelligence authorities characterized it as
the first known attack by terrorists against a country's computer systems.
computers were blasted with e-mail bombs and hit with denial-of-service
attacks by hacktivists protesting the NATO bombings. In addition,
businesses, public organizations, and academic institutes received highly
politicized virus-laden e-mails from a range of Eastern European countries,
according to reports. Web defacements were also common.
While these incidents were motivated by political and social reasons, whether they
were sufficiently harmful or frightening to be classified as cyberterrorism is a
judgement call. No attack so far has led to violence or injury to persons, although
some may have intimidated their victims .
Factors Leading To Cyberterrorism:
Whether there are targets that are vulnerable to attack that could lead to
violence or severe harm.
Whether there are actors with the capability and motivation to carry them
Misuse of the technology that make it open to attack even after the high
security
Involvement of the insiders, acting alone or in concert with the other
terrorist misusing their access capabilities.
Role of consultants and contractor causing grave harm.
www.seminarsTopics.com
19
Seminar Report
Cyber Terrorism
Cyberterror In Practice:
Terrorists do use cyberspace to facilitate traditional forms of terrorism such as
bombings. They put up Web sites to spread their messages and recruit supporters,
and they use the Internet to communicate and coordinate action. However, there
are few indications that they are pursuing cyberterrorism, either alone or in
conjunction with acts of physical violence. It is believed that members of some
Islamic extremist organizations have been attempting to develop a 'hacker
network' to support their computer activities and even engage in offensive
information warfare attacks in the future. The members of the militant Indian
separatist group Harkat-ul-Ansar had tried to buy military software from hackers
who had stolen it from Department of Defense computers they had penetrated.
Cyberterror Capabilities:
There are three levels of cyberterror capability
Advanced-Structured:
Drawbacks:
www.seminarsTopics.com
20
Seminar Report
Cyber Terrorism
their old ones as inadequate, particularly when the new methods require
considerable knowledge and skill to use effectively.
high, and that terrorists generally lack the wherewithal and human
capital needed to mount a meaningful operation.
www.seminarsTopics.com
21
Seminar Report
Cyber Terrorism
Cyberterror In Future:
The next generation of terrorists will grow up in a digital world, with ever more
powerful and easy-to-use hacking tools at their disposal. They might see greater
potential for cyberterrorism than the terrorists of today, and their level of
knowledge and skill relating to hacking will be greater. Hackers and insiders might
be recruited by terrorists or become self-recruiting cyberterrorists. Some might be
moved to action by cyber policy issues, making cyberspace an attractive venue for
carrying out an attack. Cyberterrorism could also become more attractive as the
real and virtual worlds become more closely coupled, with a greater number of
physical devices attached to the Internet.
www.seminarsTopics.com
22
Seminar Report
Cyber Terrorism
Conclusion
This article is not meant to give amateur hackers a crash-course in cyberterrorism,
but to provide insights on the dangers of cyberterrorism. Computer professionals
the world over need to be aware of the problem areas of information systems that
may be susceptible to terrorist attacks, to be able to attempt putting an end to such
activity. There are a large number of ethical issues to be taken into consideration,
as well. For example, there are sites on the Internet that deal with methods of
making bombs, and sites from which these materials can be purchased. This
information is available to everybody. However, if an individual acted on this
information, and made a bomb with evil intentions, then one could not blame
technology, but society, for producing such a person. Technology must be used for
the betterment of mankind, not with the intent of destroying what He created.
Doomsday and other haunting scenarios involving weapons of mass destruction
existed long before the advent of cyberterrorism and will continue to do so as long
as political actors, security firms and others who can benefit from them can exploit
the basic myths surrounding terrorism for their own purposes. Cyberterrorists have
been giving the entire computing profession a bad reputation, but we, as part of the
IT world need to realize that one of our immediate concerns must be to promote
the good name of the profession we call our own. It is extremely important that we
try to understand and mitigate cyberterrorism for the benefit of society as a whole,
and try to curtail its growth, so that we can heal the present, and live the future...
www.seminarsTopics.com
23
Seminar Report
Cyber Terrorism
REFERENCES
www.cyberlawindia.com
www.seminarsonly.com
www.seminarsTopics.com
24