Cyber Terrorism & Cyber Warfare 1 Running head: CYBER-TERRORISM & CYBER-WARFARE

Cyber-Terrorism & Cyber-Warfare Prepared by: Andrey Lavochin, Frederick Le & Phillip Tran IT 486: Critical Issues in IT Central Washington University Prepared for: Terry Linkletter April 24, 2010

Cyber Terrorism & Cyber Warfare 2

Table of Contents
Executive Summary .................................................................................................................. 3 Introduction .............................................................................................................................. 4 Purpose ................................................................................................................................... 4 Scope ...................................................................................................................................... 4 Methods and Procedures ......................................................................................................... 4 Cyber Terrorism vs. Cyber Warfare ....................................................................................... 5 Cyber Terrorism...................................................................................................................... 5 Cyber Warfare ........................................................................................................................ 5 Implication ................................................................................................................................ 6 Methods and Techniques .......................................................................................................... 6 Cyber Attacks Increasing ........................................................................................................ 6 The Common Attack Methods ................................................................................................ 7 Popular Targets ....................................................................................................................... 7 CyberSecurity ........................................................................................................................... 8 Conclusion ............................................................................................................................... 10 References ............................................................................................................................... 11

Cyber Terrorism & Cyber Warfare 3

Executive Summary
Cyber Terrorism and Cyber Warfare are considered a priority threat for nations including the United States, China, and the United Kingdom. These attacks can have devastating consequences on the welfare a nation and of its citizens. A research team consisting of Andrey Lavochin, Frederick Le and Phillip Tran collaborated to analyze the threat of Cyber Terrorism and Cyber Warfare. The team¶s goal was to identify the threats and techniques used in such tactics as well as identify potential solutions. The research team concluded that there is not a beall-end-all remedy to Cyber Terrorism and Cyber Warfare but that there are proactive measures that may be taken to reduce the frequency of attacks and mitigate the damage they cause.

Cyber Terrorism & Cyber Warfare 4

Introduction
Andrey, Frederick, and Phillip (the Week Three team) aim to help promote awareness about the dangers of Cyber Terrorism and Cyber Warfare. Many individuals may not even be aware that Cyber Terrorism and Cyber Warfare exist and as such are unaware of the damage it can cause. The Week Three team¶s purpose in analyzing Cyber Terrorism and Cyber Warfare is to educate citizens on how these attacks impact a nation, techniques used in the perpetration of these attacks, and security measures that can be taken to guard against these attacks. Purpose To analyze Cyber Terrorism and Cyber Warfare and understand how it affects all of us as a nation as well as recommend best practices to help protect ourselves. It is our purpose to raise awareness of this issue that affects many lives today. Scope Initial analysis of what Cyber Terrorism and Cyber Warfare is. This report gives a comprehensive review on these two terms are, how it affects us in our daily lives, and practices to protect ourselves. Methods and Procedures Research was conducted using a variety of secondary sources. Each team member was responsible for one major category. After aggregating the research, the team reviewed the information to reach its final recommendation.

Cyber Terrorism & Cyber Warfare 5

Cyber Terrorism vs. Cyber Warfare
Cyber Terrorism There exist multiple expert definitions of what Cyber Terrorism is. The definition of Cyber Terrorism we will employ refers to the act of politically motivated violence against information, computer systems, computer programs, and data which may result in damage (Pollitt, n.d.). We live in the information age where computers have become an integral aspect of our daily existence. We use it at school, work, and at home to communicate with friends and family or to do work. As we know, computer programs are always at risk of compromise which results in companies frantically updating their systems in an attempt to secure their programs. An example act of Cyber Terrorism would be if a group of foreign militants were to attack government networks with the goal of spreading propaganda. This serves as an example of Cyber Terrorism because it is a politically motivated attack against computer systems with the intent of causing harm. Cyber Warfare Some may consider that Cyber Terrorism to be the same as Cyber Warfare. Although both are similar, Cyber Warfare is not political motivated. The definition of Cyber Warfare refers to the use of computers and the internet to conduct warfare in cyberspace. Information technology is emerging in many societies and has become more readily available to hostile nations. Nations that may decide to use their newfound technology to strike at their opponents¶ communications. A serious form of Cyber Warfare would be to attack an electrical power grid. Attackers would penetrate and interrupt an electrical power grid system causing blackouts.

Cyber Terrorism & Cyber Warfare 6 Depending on the size of this attack and its location, this may knock out power to hospitals or other critical systems of a city.

Implication
An implication of Cyber Warfare and Cyber Terrorism is to cause harm to a nation. A goal of these attacks is to create alarm and panic among citizens. Attackers want to show how badly they can damage their victim nations by hacking into government computers and taking control of critical systems. This can affect citizens psychologically causing them to wonder how their government could let this happen and what they can do to protect themselves and their families. By achieving these goals, hackers succeeded in leading a nation into a state of chaos and confusion.

Methods and Techniques
Cyber Attacks Increasing Computer attacks have been raising the cyber warfare bar to a new level. Each year there are more and more cyber attacks recorded through the world (Germain, The Winds of Cyber War, 2008). In 2007, the U.S. Department of Homeland Security published statistics showing 37,000 reported attempted breaches of government and private computer systems. The prior year¶s report showed 24,000 attempts; a significant 158% increase in 2007 (Germain, The Art of Cyber Warfare, Part 1: The Digital Battlefield, 2008). Due to the increase of cyber attacks, the US Government is trying their best to fortify network security. In the past 12 months, 75 percent of businesses worldwide have experienced a cyber attack (U.S. Urged To Curb Hackers as Cyber Attacks Increase, 2010). It¶s becoming such

Cyber Terrorism & Cyber Warfare 7 a big issue that 42 percent of businesses rated cyber crime as the biggest threat to them, that¶s more than terrorism, traditional crime, and natural disasters combined. Due to the increasing threat, in May 2009, the U.S. President accepted a Cyberspace Policy Review (The Comprehensive National Cybersecurity Initiative, 2010). This policy was to assess U.S. structures and policies for cyber security and is an effort to work towards a reliable and trustworthy digital infrastructure. The Common Attack Methods There are several popular cyber attack methods. These popular methods include denial of service, distributed denial of service, and botnets (Cyber Attack Techniques, 2009). Denial of service works by overwhelming the target computer with useless network traffic, resulting in the blocking of legitimate network traffic to the user. Distributed denial of service is similar in that it overwhelms the target computer with network traffic, but instead this attack is launched from many computers. The other popular method of attack is the use of botnets. A botnet is a network of remotely controlled systems used to attack and distribute malware, spam, and phishing scams. The word ³bot´ is short for ³robots,´ because they are programs that are unknowingly installed on a target computer. This program allows an unauthorized user to remotely control the system for malicious purposes (Cyber Attack Techniques, 2009). Popular Targets Financial institutions and utility grids are now the prime targets of cyber warfare and cyber espionage. After a report was released stating that electric power grid has been infiltrated by foreign spies, the U.S. government has admitted that it is susceptible to cyber attacks (LaMonica, 2009). Janet Napolitano from the US homeland Security claimed ³The vulnerability is something [we] have know about for years.´ World Bank has also reported being infiltrated at

Cyber Terrorism & Cyber Warfare 8 least six times in just one year (Behar, 2008). Many other banks, like Bank of America, have also been the victims of cyber attack. For instance, on January 29th, 2010, their website was down for a good part of the day (Carney, 2010).

CyberSecurity
In a government paper titled ³Defining and Deterring Cyber War´, the purpose of Cyber Security is described as ³[to] increase a state¶s resistance to attacks and reduce the consequences of attacks.´ (Beidleman, 2009) While this paper was written in regards to governments, the concept holds true for businesses as well. Cyber Security can be seen as two parts: resistance and mitigation of damage. Resistance to Cyber Terrorism is primarily implemented through security technologies. The most prevalent security technology for large organizations is the firewall. The firewall is literally the first line of defense when it comes to a computer network. The firewall sits between the internal network of a company and the outside world. It analyzes all incoming and outgoing transmissions and provides multiple security services. Incoming packets are all screened for malicious data before being rebroadcast into the network. Outgoing packets are also all screened. Most firewalls come with features that allow for statistical analysis of a network¶s baseline. Fluxuations in the baseline beyond a certain range may indicate an issue and prompt the firewall to notify a systems administrator for further investigation. The major forms of attack described in the last section (packet flooding and botnets) are both addressed by firewalls. To reiterate - Denial of Service (DoS) attacks, distributed or otherwise, attempt to flood a network with so much traffic that no legitimate forms of data can be accepted into the system. Firewalls block DoS attacks by identifying the sending source and blacklisting all data from that location(s). Botnets or so-called ³zombie computers´ (Strickland,

Cyber Terrorism & Cyber Warfare 9 2007) can also be dealt with by firewalls. As mentioned, if botnets are employed in a DoS attacks, the firewall blocks all traffic from that originating source. Moreover, firewalls can detect botnet computers from within an internal network based on outgoing traffic and can take steps to disinfect them. This involves automatically isolating the infected nodes and informing a systems administrator who takes further steps to fix the device. Beyond the firewall, security software should also be installed on all workstations in the network. The rationale behind this procedure is that individual workstations may be infected by code that slips past the firewall. Security software such as anti-virus and anti-spyware programs should be implemented and kept up-to-date with the latest virus definitions. In addition, all devices on the network should be kept up-to-date with the latest updates to seal potential security vulnerabilities. On the user side, there are several best-practices that can be used to prevent or mitigate damage from cyber terrorist attacks. Firstly is the issue of access control ± users should only have access to resources that they require. The rationale behind this statement is that, should a user account be compromised by attackers, their level of access in the system is limited. To prevent the accounts from being compromised in the first place, policies should be in place that enforce strong passwords. The University of Texas recommends the following for conditions in a strong password (Uni. of TX, 2009):

y y y

³Use both upper- and lower-case letters. Place numbers and punctuation marks randomly in your password. Make your password long and complex, so it is hard to crack. Between 8 to 20 characters long is recommended.

Cyber Terrorism & Cyber Warfare 10 y Use one or more of these special characters: ! @ # $ % * ( ) - + = , < > : : ³ µ´

Moreover, the password policy should require that passwords be reset every month and that identical passwords or password characters may not be reused for a set period of time. This is so that cyber terrorists cannot run automated programs that try every possible combination of characters to guess a password. The final step to deterring cyber attack is continual penetration testing and security audits of an organizations own system. By attacking its own security system, vulnerabilities may be identified and fixed before they can be taken advantage of by attackers. To help mitigate the damage from attacks, organizations should keep backups of their data in an easily-retrievable format. This way, should a cyber attack succeed in destroying data, files can be restored from the time of the last backup.

Conclusion
After a thorough analysis on why Cyber Terrorism and Cyber Warfare occur, the determination was that these events for the reason of bringing fear to the public. Even though these acts can be politically motivated, the goal is still the same. There are many different methods for such attacks, like using botnets or denial of service to bring down popular targets; institutions and power grids. Even with these methods of attack, the use of network security products, such as firewalls and anti-virus, can greatly reduce the risk of being a victim of cyber attacks.

Cyber Terrorism & Cyber Warfare 11

References
Behar, R. (2008, October 10). World Bank Under Cyber Siege in 'Unprecedented Crisis'. Retrieved May 7, 2010, from http://www.foxnews.com/story/0,2933,435681,00.html Beidleman, S. (2009). Defining and deterring cyber war. Strategy Research Project, Retrieved from http://www.dtic.mil/srch/doc?collection=t3&id=ADA500795 Carney, J. (2010, January 29). Bank of America's Website Has Been Down All Morning. Retrieved May 10, 2010, from http://www.businessinsider.com/bank-of-americaswebsite-has-been-down-all-morning-2010-1 Cyber Attack Techniques. (2009, May 28). Retrieved April 28, 2010, from http://www.cybersecuritymarket.com/2009/05/28/cyber-attack-techniques/ Germain, J. M. (2008, April 29). The Art of Cyber Warfare, Part 1: The Digital Battlefield. Retrieved April 20, 2010, from http://www.ecommercetimes.com/story/62779.html Germain, J. M. (2008, September 16). The Winds of Cyber War. Retrieved April 10, 2010, from http://www.technewsworld.com/story/The-Winds-of-Cyber-War-64494.html LaMonica, M. (2009, April 8). Report: Spies hacked into U.S. electricity grid. Retrieved May 3, 2010, from http://news.cnet.com/8301-11128_3-10214898-54.html Lewis, J. (2002). Assessing the Risks of Cyber Terrorism, Cyber War and Other Cyber Threats:. Retrieved April 30, 2010, from http://csis.org/files/media/csis/pubs/021101_risks_of_cyberterror.pdf Pollit, M. (n.d.). CYBERTERRORISM ± Fact or Fancy?. Retrieved April 30, 2010, from http://www.cs.georgetown.edu/~denning/infosec/pollitt.html Security-gurus. (n.d.). Cyber Warfare. Retrieved April 30, 2010, from http://www.securitygurus.de/papers/cyberwarfare.pdf

Cyber Terrorism & Cyber Warfare 12 Sproles, J & Byars, W. (1998). Cyber-terrorism. Retrieved April 30, 2010, from http://csciwww.etsu.edu/gotterbarn/stdntppr/#Define Strickland, J. (2007, September 10). How Zombie computers work. Retrieved from http://computer.howstuffworks.com/zombie-computer.htm# The Comprehensive National Cybersecurity Initiative. (2010, March 2). Retrieved April 20, 2010, from http://www.whitehouse.gov/cybersecurity/comprehensive-nationalcybersecurity-initiative Uni. of TX. (2009, October 7). Keep Safe with strong passwords. Retrieved from http://www.utexas.edu/its/secure/articles/keep_safe_with_strong_passwords.php U.S. Urged To Curb Hackers as Cyber Attacks Increase. (2010, February 25). Retrieved April 15, 2010, from http://www.spywareremove.com/security/us-urged-to-curb-hackerscyber-attacks-increase/

Sign up to vote on this title
UsefulNot useful