Sign in

Get started

Cyber Terrorism:
understanding and
preventing acts of terror
within our cyber space

Littl3field

Follow

Jun 7, 2017 · 19 min read

Contents
2. Executive Summary
2.1 Keywords
3. Introduction
3.1 Aim and methodology
4. What is cyber terrorism?
4.1 Origins and definitions of cyber terrorism
4.2 Case studies 4.3 Areas of cyber terrorism
4.4 Potential threats
5 Present and future security measures
5.1 What is being done to prevent cyber terrorism?
5.2 Preventions, mitigations and consequence management of
future attacks 6. Conclusion and suggestions moving forward
7. References

2. Executive Summary

A number of terrorist incidents over the past 20 years have

resulted in a large amount of concern, research and action against
acts of terrorism within our cyber space. As we continually move
into a society ever more reliant on technology, the threat posed to
nations from terrorists is no longer just physical but also expands
to our digital world. This work aims to provide readers with an
understanding as to what cyber terrorism is, its causes and the
strategic approaches in place to prevent damage caused by it. Its
aim is to not address exclusively the current nature of cyber crime,
but to provide an overall perspective of cyber terrorism in all its
facets over a larger time scale. This report covers literature from
academic texts, books and news articles over the past 20 years. In
addition, when discussing legislation or government organisations
in general, particularly within section 4, this will refer to that of
the United Kingdom’s. Key findings This report concludes the
following key messages essential to understanding cyber terrorism
whilst supporting current and future methods of prevention:
• Terrorism is no longer bound by the means of creating harm in
the physical world;
• Terrorism holds an agenda often, though not limited to,
religious, cultural, social, economic and political;
• By definition cyber terrorism means to damage information,
computer systems and data that result in harm against non-
combatant targets;
• The boundaries between acts of cyber terrorism, cyber crime and
‘Hacktivism’ are often interlinked;
• Society faces a number of threats without our cyberspace,
particularly to industrial control systems operating power grids
and nuclear stations;
• Terrorist organisation are promoting the use of computing
expertise to implement cyber attacks against targets;
• Though there are many organisations built to respond to cyber
terrorism, a large amount of society is still unaware of the
potential threat cyber terrorism poses;
• Systems are often developed without security in mind;
• Continually developing identification, tracing and mitigation
methods to cyber terrorism is essential.

2.1 Keywords Botnets , Computer crime , Computer science , Cyber

attacks , Cyber crime , Cyber security , Cyber space , Cyber
terrorism , DDoS , DoS , Hacktivism , Industrial Control Systems ,
Machine learning , Mitigation , Prevention , Terrorism ,
Vulnerabilities , Zero-day attacks

3. Introduction

The act of terrorism is one of the most concerning and important

areas of security for all national states. As discussed by Garrison
(2003), terrorism has a history of over 2000 years, dating back to
48 AD whereby the Jewish resistance group Sicarii-Zealots carried
out attacks against Romans. These campaigns involved the
infiltration of Roman cities to assassinate and kidnap Jewish
collaborators and Roman soldiers (Hudson, 1999). More recently,
the terror attacks on the United States of America on September
11th and others across the world before that, pose a long lasting
threat to the world by groups of individuals with particular
motivations, willing to cause harm to innocent civilians to
promote their cause. Whilst these groups are non-national state
groups, The United States state Department additionally discusses
that nations such as Iran, Iraq, Sudan, Libya, North Korea, Cuba
and Syria are known to have supported terrorist organisations
(United States Department of State, 2002). Because of this, it is
evermore important that we protect ourselves against these
threats by understanding their means and implementing security
against attacks. Many of these terrorist groups seek to inflict harm
in many differing forms, that being both physically and digitally.
As technology progresses, the growing risk of cyber terrorism is
more apparent. 3.1 Aims and methodology This study aims to
address the growing concern of cyber terrorism across the globe.
Addressing the challenges surrounding cyber terrorism, current
control of the threat and discussing methods improving the
response to this form of cyber crime. The report seeks to provide a
general understanding of cyber terrorism in all forms, detailing
previous events in order to understand its causes and preventions
from a strategic perspective. This report is structured into three
sections.
• Section 4 addresses and defines what cyber terrorism is, looking
specifically at prior cases of cyber terrorism with the intention of
gauging a full understanding as to what cyber terrorism is and how
it differentiates itself from cyber crime and the likes of
Hacktivism. Additionally discussing methods and potential
threats.
• Section 5 takes in to consideration everything discussed in the
prior sections, to provide a general overview of the current
measures being taken in order to protect against cyber terrorism
threats. Whilst also discussing prevention and mitigation of
attacks in the future.
• Section 6 will conclude the report and detail three areas of
consideration for improving the prevention of cyber terrorism.

4. What is Cyber Terrorism?

There is often a large amount of confusion as to what cyber

terrorism is. More specifically, what cyber attacks can we actually
define as acts of terrorism? The internet has allowed for a vast
exchange of information. Thus has created a cyber space in which
both criminals and terrorists can implement
attacks/communications. This use of cyber space results in there
no longer being simply a physical threat of terrorism. When we
consider what cyber terrorism actually is, we must first
understand the motivations behind cyber attacks. Cyber attacks
can come in many differing forms, and it is these forms that help
us understand whether the attack is of crime or terror. Figure 1
shows the distribution of cyberattacks across cultural, social,
economic and political motivations. Gandhi et al. (2011) discusses
that often these dimensions of motivations can often cross over
and the motivating factors behind cyber attacks are needed to be
carefully considered when we discuss cyber terrorism.
Figure 1. The distribution of cyber-attacks across cultural, social,
economic and political motivations

4.1 Origins and Definitions of Cyber Terrorism

Over recent decades, it has become apparent that our society is

becoming increasingly information technology dependant. Though
many of us utilise technology for our own benefit, in aiding and
supporting our lives in many ways, it also introduces many
differing risks and vulnerabilities to our society. Those who use
computer technology to commit crimes and acts of terror pose an
alarming threat across the globe as we become ever more
dependant on information technology. The use of computer
technology and cyber-dependant attacks is becoming a more
prominent threat by terrorist groups; this emerging threat defines
itself as cyber terrorism. Cyber-dependant terrorist acts had often
been speculated in the early 90s, as networks became far more
diverse across the globe. The United State’s Former Deputy
Secretary of Defence John Hamre testified in a congressional
hearing in 1997, regarding the growing threat on cyber security,
defining it by saying: “We’re facing a possibility of an electronic
Pearl Harbor. There is going to be an electronic attack on this
country some time in the future” It’s not unreasonable to state that
the attention of cyber-dependant terrorism is not an often
discussed subject when we think about acts of terrorism. A large
amount of the attacks we’ve seen over recent years are often
committed physically, thus the question arises as to, what defines
cyber terrorism? What is currently being done? What are we doing
to protect ourselves against these attacks? Janczewski, & Colarik
(2008) defines cyber terrorism as: “Cyber terrorism means pre-
mediated, politically motivated attacks by sub national groups or
clandestine agents or individuals against information and
computer systems, computer programs, and data that results in
violence against non-combatant targets.” In addition to this it’s
important to discuss the term cyber crime. Cyber crime, often used
by government agencies, refers to the use of information
technology to commit a crime, often involving financially
motivated cyber attacks. Furthermore, the term Hacktivism, also
refers to the application of hacking techniques against targets to
cause damage or disrupt normal operations, however not causing
serious damage (Denning, 2001). Moreover, often the methods
used in cyber crime, Hacktivism and cyber terrorism, are very
much similar. Thus, it’s important to define that cyber terrorism
uses information technology in order to inflict violence with a
particular political motivation. Vatis (2001) also defines that four
common areas of cyber terrorism are firstly pre-meditated,
politically motivated, targeted at civilians and committed by
groups not associated with national armies. As discussed, it’s
essential to understand that cyber terrorism in essence refers to
the cohesion between cyber space and terrorism (Denning 2001).

4.2 Case studies

Whilst the line between the definitions of cyber terrorism, cyber
crime and Hacktivism can in many cases be somewhat ambiguous,
the following case studies depict scenarios in which cyber-
dependant attacks can be attributed to a terrorist organisation or
political motive. This, along with the definition seen in section 2.1,
can allow us to discuss cases of what we can vaguely define as
cyber terrorism. There are in fact many authors that detail there
being no definitive cases that give a clear indication of cyber
terrorism (Akhgar, Staniforth, & Bosco, 2014), thus this
attribution is important to recall within this section. Denning
(2000) cites that the first characterised act of cyber terrorists,
identified by intelligence authorities, was by Tamil Tigers,
guerrilla terrorists in Sri Lanka 1998. Sri Lankan embassies, were
sent 800 emails a day for over two weeks with a message that read
“We are the Internet Black Tigers and we’re doing this to disrupt
your communications”. In addition to this, Denning (2000) also
discusses the Japanese terrorist group Aum Shinrikyo, who over
numerous years have various cases of cyber attacks to aid this
terrorism. In 2000, an investigation discovered that the Japanese
government had been using software developed by a company
associated with Aum Shinrokyo (Akhgar, Staniforth, & Bosco,
2014). It’s reported that Aum had collected sensitive data
regarding nuclear weapons, to which they had previously
discussed purchasing with Russia in 1993 (RAND Corporation,
2005). Finally, in more recent events a Pro-Palestinian hacker
group titled “Nightmare” implemented a Distributed Denial of
Service attack on the Tel Aviv Stock Exchange, Tel Al Airlines and
First International Bank of Israel websites. “The penetration of
Israeli websites opens a new sphere of opposition and a new
electronic warfare against the Israeli occupation”

4.3 Areas of Cyber Terrorism

As discussed many acts of cyber terrorism are often synonymous

with acts of cyber crime. Thus the means by which attacks are
implemented by terrorists may also be done by criminals. These
can come in many forms, as discussed by GCHQ and Cert-UK
(2015), attacks are often either un-targeted or targeted. These can
include, though not limited to:
Un-targeted Attacks
• Phishing — These attacks typically involve fraudulent emails to
convince a target of it’s legitimacy of a user or organisation in
order to attain private information (E.g, passwords, banking
information, identity theft etc.) (“What are phishing scams and
how can I avoid them?”, 2017)
• Watering Hole — The deployment of a fake webpage to
compromise the original, in order to attack visiting users (e.g the
downloading of Remote Access Tools) (National Cyber Security
Centre, n.d.)
• Ransomware — Infecting a system by encrypting files and/or
locking the users access to said system. Then requiring a ‘ransom’
to gain normal access again. (“Protecting your organisation from
ransomware”, 2016)
• Scanning — Testing for vulnerabilities in specific internet
networks or systems to deploy attacks on a wider scale to attack at
random (GCHQ, Cert-UK, 2015).

Targeted Attacks
• Spear-Phishing — These attacks are much the same as the’
Phishing’ mentioned previously, however specifically targeted at
an individual or organisation.
• Distributed Denial of Service — This is to deploy a mass amount
of packet requests, often from a Botnet , to a 1 website or network
in order to overload the system and prevent regular access by
legitimate users.
• Supply chain — attacking an element of an organisation before it
arrives (GCHQ, Cert-UK, 2015).
• Zero-day — Bespoke exploitation of a system with specific
vulnerabilities not yet known to the author (National Cyber
Security Centre, 2016).
4.4 Potential threats

In 2007, an experimental cyber attack titled the “Aurora

Generator Test”, researchers found that by altering the software of
a power generator remotely they could cause the turbines to set
fire and thus eventually cause serious damage to the generator.
This is an example of a relevant threat from cyber terrorists on the
Industrial Control Systems (ICS) within the industrial sector. In a
report on the infrastructure of these control systems and their
potential threat by terrorists, Dana Shea (2003) cites: “Industrial
control system technologies are often employed in critical
infrastructure industries to allow a single control center to manage
multiple sites. Industrial control systems were originally
implemented as isolated, separate networks. They were viewed as
secure systems which protected remote locations from being
physically broken into and mistreated. For example, the
establishment of remote control systems in dams were believed to
protect against unlawful release of the dammed water, as no hand-
operable valves and switches were accessible.” A botnet is a
number of computers connected to the internet that has been set
up to forward requisitions to other 1 computers amongst other
tasks. Often the owner of a botnet device will be unaware of it on
their system. This simulation is an example of how possible large
scale cyber attacks can be implemented to the industrial sector
and highlights the importance of its security. When considering
potential threats from cyber terrorism we must look at the
industries that may be targeted. It’s not unreasonable to state that
given the outcome of the Aurora Generator Test, the industrial
sector poses large risk factors to cyber terrorist attacks. Cyber
threats to ICS are not uncommon, even before the Aurora
Generator Test, incidences of cyber attacks to critical
infrastructure are documented. Maras (2014) cites that in 2000 a
Russian hacker gained control of an ICS that operated the flow of
natural gas. She goes on to state “Hypothetically, this hacker could
have easily increased the gas pressure until the valves broke,
causing an explosion”. Though this case is not attributed to a
terrorist or organisation and is considered an individuals attack,
it’s a notable case of the potential threats to a nations or
organisations ICS. As a result, it’s evidently clear that there is a
large amount of threat to this infrastructure. Furthermore, and in
more recent years, terrorist groups are publishing media
promoting cyber attacks on these infrastructures and internet
services. In 2011, the Al-Qaeda’s media outlet Al-Shahab released
a report calling for “Electronic Jhiad’s” to attack companies and
governments opposing their beliefs. The reporter states: “We
advise experts within this field to target the websites and networks
of large companies and the governments of countries that attack
the Muslims. They should focus on websites of networks run by
media centres that fight Islam, Jihad, and the mujahideen.” (“Al-
Qaeda Al-Sahab Video on E-Jihad”, 2011) In addition, the report
goes on to detail Distributed Denial of Service attacks conducted
by hacker Michael Calce in February 2000 and how DDoS attacks
work. In 2012, a report released by the United States Senate
Committee on Homeland Security and Governmental Affairs
detailed a video from the terrorist group Al-Qaeda. The video
called for cyber attacks against the United State’s critical
infrastructure, including the power grid and water supply
(Clohery, 2012). It’s assumed that these cyber attacks are aimed to
exploit vulnerabilities in ICS’s, similar to those discovered in the
“Aurora Generator Test”. Commenting on the Al Qaueda video,
U.S. Senator Joseph Lieberman stated “Congress needs to act now
to protect the American public from a possible devastating attack
on our electric grid, water delivery system or financial networks”
(Freeman, 2014). Though this is not the only potential threat we
see from cyber terrorism, it’s apparent that potential attacks such
as this pose a large threat to society. from cyber terrorists and is
certainly of concern for governments and organisations across the
globe.

5. Measures being pursued

As cyber terrorism is one the fastest growing threats, not only to
individuals, public and private organisations, but to nations as a
whole, we must ensure that the correct methods of prevention are
being actioned. This involves both gathering preliminary
reconnaissance on potential threats whilst managing current
threats. The digital infrastructure each of our nations holds is
under constant observation for vulnerabilities, thus cyber security
professionals must be ready for an imminent threat from this act
of terrorism. Drawing from what we have already discussed in this
report, in order for us to look into the current and future measures
to take, it would be productive to consider the following pertinent
questions: 1. What do we foresee terrorists wanting to do in
cyberspace? 2. How can we prevent these actions? 3. How can we
be proactive against these actions? We’ve examined in section
three some possible answers to question one. This being that
terrorists look to utilise cyberspace in order to: 1. Support their
motivation, whether that be their religious, social, cultural,
political or economical beliefs 2. Attack critical infrastructures and
services in society 3. Utilise cyber space to inflict harm to others In
addition to this it’s also important to state that cyber terrorists
may also employ cyberspace not only to cause harm, but also to
facilitate their activities, including the likes of encrypted
communications, laundering of finances, recruitment and
promotion of their activities.

5.1 What is being done to prevent cyber terrorism?

We must be reasonable in assuming the potential threats

discussed thus far in this report can be actioned at any time,
without warning. Most of our digital infrastructure already has a
large amount of defence, as detailed by Beggs, & Butler (2004);
current technologies include the likes of: firewalls, password
protection systems, key encryption (e.g 3DES, RSA), stenography,
intrusion dectection systems, Secure Socket Layer (SSL), IPsec,
access control lists etc. When discussing acts of terrorism in
general, the responsibility of prevention normally falls to
governments and national organisations. Looking at the United
Kingdom’s government actions against cyber terrorism, our
national security is lead by our Intelligence Services such as the
Ministry of Defence, Government Communications Headquarters,
Military Intelligence Section 5 and 6. Addressing this, the British
government categorise cyber attacks as a Their One threat to
national security (“2010 to 2015 government policy: cyber
security”, 2015). These services cover investigations into acts of
cyber terrorism, analysis and surveillance of potential threats.
Addressing the growing concern of cyber attacks from not only
acts of terrorism, but also crime, a subdivision of GCHQ the
National Cyber Security Centre (NCSC) was launched in 2017.
Head of NCSC, Ciaran Martin, stated that the organisation had
already handled 188 high-level cyber attacks against the nation
across three months prior to NCSC opening (“Britain to enter ‘new
era of online opportunity’”, 2017). Organisations such as NATO
are also taking action against cyber terrorism threats, with allies
making a ‘Cyber Defence Pledge’ in July 2016 (“Cyber defence”,
2017). Taking a proactive response to threat intelligence, the
government also launched the Cyber security Information Sharing
Partnership (CiSP) in 2013 which allowed for a greater level of
communication between private sector and public sector security
professionals (“2010 to 2015 government policy: cyber security”,
2015). Moreover, the Centre for the Protection of National
Infrastructure also addresses its work with organisations that
support the United Kingdoms digital infrastructure such as that
discussed in section 3.4. The intention of this is to greatly improve
communication between both government bodies and private
organisations, in order to strengthen our networks against cyber
attacks. In the Cabinet Office’s annual report on the United
Kingdom’s Cyber Security Strategy, the government addresses
their actions against cyber attacks to the nation and details their
spending review on cyber security, see figure 2 (Office of Cyber
Security and Information Assurance, 2016).
Figure 2. Five year spending review of the government program to
improve the National Cyber Security Strategy

5.2 Preventions and mitigations of future attacks

Over recent years vulnerabilities in softwares and new

technologies have proved that security is not often at the forefront
of priority during it’s development. An example being, The
Internet of Things (IoT) devices, which have been widely discussed
in the past few years due to this issue. Reporter Lucian Constantin
(2015) cites that: “The research was performed by a team from
application security firm Veracode for six up-to-date devices
acquired in December and found serious issues in five of them” In
addition to this a study conducted by the MIT Sloan Management
Review reports that companies are alarmingly unconcerned with
the security of such devices (Ulmanu, 2017). Moving forward, it’s
notable that a large amount of our cyberspace is built without
security in mind and organisations may not be fully aware of the
risks of the technologies they are using. Thus, a valuable method
of developing prevention against cyber terrorist threats before
they could happen, is by implementing security as one of the
integral parts of development in softwares and devices. Whilst our
government has many deterrents for those committing cyber
attacks, the probability of getting caught is often in the minds of
criminals, it could be said that for terrorist and terrorist
organisations this is not a concern. As a result, when discussing
prevention methods against cyber terrorism as appose to that of
cyber crime, the methods must be considered differently due to
the perspective of the attacker. Often terrorist have no legislation
to follow and are not concerned with the consequences of
identification before or during an attack. Concluding that it is of
vital importance for preliminary reconnaissance, defence and
action to identify attackers is made in the swiftest of nature.
Intrusion detection is one of the most active areas of research
within cyber terrorism over the past 20 years (SANS Institute,
2003). Creating safe barriers, both within our systems and
physically, are necessary in order to identify occurring attacks in
order to implement the right method of mitigation. Many of these
techniques, as previously discussed, include the likes of
encryption. Passwords, could be seen as one of the oldest methods
of intrusion detection. As these methods get more widely used,
vulnerabilities become more common. It’s notable that in order to
develop the mitigation of an attack, we must constantly develop
new intrusion detection systems in order to be as effective as
possible during an attack. Not only does this improve the
mitigation, but it also allows for a compartmentalisation of a
system to allow for a limitation of possible damage and thus
protecting valued assets before irreparable damage occurs.
Additionally, responses to cyber attacks can be improved by
focusing more attention on preserving data during an attack. As
discussed by many security professionals across the globe, often
data breaches are not recently backed up, thus it is vital to have up
to date versions of systems or databases at all times. Limiting the
amount of damage caused after a cyber attack is an essential part
of incident management. This is a primary stage of recovering and
responding to an act of cyber terrorism and enables for future
protections. 6. Conclusion and suggestions moving forward One of
the largest conclusions to convey from this report is the
importance that cyber terrorism must be considered as an
imminent threat at all times. Terrorists hide within our society
until they action an attack. When we discuss terrorism, this
accounts for space both physically and digitally. Each and every
terrorist has specific motivations that they wish to convey by
inflicting harm, shown in section 3. This must always be
considered when looking for potential attacks, like the potential
threats to Industrial Control Systems discussed in section 3.4. It is
important that counter terrorism methods use this exposure to
their advantage. Understanding where cyber terrorism may occur
and developing a proactive response to potential threats is
essential. We have learnt that whilst a cyber attack can be actioned
at any time or place, developing the methods for identifying and
tracing terrorist is of vital importance in each an every
jurisdictions. This may involve the likes of surveillance, tightening
cyber crime laws or developing technology to detect intrusions to
systems. Whilst the prevention of cyber terrorism, examined in
section 4, is one of the largest concerns for our government, as it is
evidently being developed further, the following suggestions are
made to aid in improving the response of cyber threats: 1.
Implementing ‘Fire Drill’ procedures, effectively testing the
security of systems, mitigation and incident response of an attack.
This is particularly emphasised for Industrial Control Systems. 2.
Understanding the importance of developing and improving
identification technologies, with a particular focus on gathering
preliminary reconnaissance on cyber threat intelligence. Methods
that could be considered or expanded include the likes of data
mining and machine learning to predict potential attacks. 3.
Providing a greater amount of education to private and public
sector organisations that are developing technologies used that
may be at risk from cyber terrorism. Those developing new
systems must ensure that security is at the forefront of focus
during it’s creation in order to limit the amount of vulnerabilities
it may have.

6. References

2010 to 2015 government policy: cyber security. (2015). Gov.uk.

Retrieved 25 April 2017, from https://www.gov.uk/
government/publications/2010-to-2015-government-policy-
cyber-security/2010-to-2015-government-policy-cyber-security
Akhgar, B., Staniforth, A., & Bosco, F. (2014). Cyber crime and
cyber terrorism investigator’s handbook (1st ed.). Waltham, MA:
Syngress. Al-
Qaeda Al-Sahab Video on E-Jihad. (2011). Cjlab.memri.org.
Retrieved 24 April 2017,
from http://cjlab.memri.org/labprojects/clips-on-cyber-jihad/al-
qaeda-al-sahab-video-on-e-jihad/

Beggs, C., & Butler, M. (2004). Developing New Strategies to

Combat Cyber-Terrorism. http://dx.doi.org/ 10.4018/978–1–
59140–261–9.ch099

Brenner, S. (2010). Cyber threats (1st ed.). Oxford: Oxford Univ.

Press. Britain to enter ‘new era of online opportunity’. (2017).
Ncsc.gov.uk. Retrieved 25 April 2017, from
https:// www.ncsc.gov.uk/news/britain-enter-new-era-online-
opportunity

Clohery, J. (2012). Virtual Terrorism: Al Qaeda Video Calls for

‘Electronic Jihad’. ABC News. Retrieved from http://
abcnews.go.com/Politics/cyber-terrorism-al-qaeda-video-calls-
electronic-jihad/story?id=16407875

Constantin, L. (2015). Researchers: IoT devices are not designed

with security in mind. Infoworld. Retrieved from
http:// www.infoworld.com/article/2906641/security/researchers
-iot-devices-are-not-designed-with-security-in-mind.html

Cyber defence. (2017). NATO. Retrieved 25 April 2017,

from http://www.nato.int/cps/en/natohq/topics_78170.htm

Denning, D. (2000). Cyber Terrorism. Retrieved

from https://pdfs.semanticscholar.org/7fdd/ae586b6d2167919ab
ba17eb90e5219b7835b.pdf
Denning, D. (2001). Activism, Hacktivism, and Cyberterrorism:
The Internet as a Tool for Influencing Foreign Policy. Georgetown
University. Retrieved
from http://www.iwar.org.uk/cyberterror/resources/denning.htm

Freeman, K. (2014). Game Plan: How to Protect Yourself from the

Coming Cyber-Economic Attack (1st ed., p. 80). Regnery
Publishing. Gandhi, R.,

Sharma, A., Mahoney, W., Sousan, W., Zhu, Q., & Laplante, P.
(2011). Dimensions of Cyber-Attacks: Cultural, Social, Economic,
and Political. IEEE Technology And Society Magazine, 30(1), 28–
38. http://dx.doi.org/10.1109/ mts.2011.940293

Garrison, A. (2003). Terrorism: The nature of its history. Criminal

Justice Studies, 16(1), 39–
52. http://dx.doi.org/ 10.1080/08884310309608 GCHQ,

Cert-UK. (2015). Common Cyber Attacks: Reducing The Impact.

Retrieved
from https://www.gov.uk/government/uploads/system/uploads/
attachment_data/file/400106/Common_Cyber_Attacks-
Reducing_The_Impact.pdf

Hudson, R. (1999). The Sociology and Psychology of Terrorism:

Who Becomes A Terrorist and Why?. Federal Research Division,
Library of Congress. Retrieved
from https://www.loc.gov/rr/frd/pdf-
files/Soc_Psych_of_Terrorism.pdf

Janczewski, L., & Colarik, A. (2008). Cyber warfare and cyber

terrorism (1st ed., pp. 13–14). Hershey [Pa.]: Information Science
Reference.
Maras, M. (2014). Computer Forensics (1st ed.).

Sudbury: Jones & Bartlett Learning, LLC. Meserve, J. (2007).

Staged cyber attack reveals vulnerability in power grid. CNN.
Retrieved from http://www.e-ir.info/ 2013/09/02/the-threat-of-
cyberterrorism-to-critical-infrastructure/

National Cyber Security Centre. (2016). Common cyber attacks:

reducing the impact. National Cyber Security Centre. Retrieved
from https://www.ncsc.gov.uk/content/files/protected_files/guid
ance_files/common_cyber_attacks_ncsc.pdfNational Cyber
Security Centre. Attack Type — Watering-Hole Attack. NCSC.
Retrieved
from https://www.ncsc.gov.uk/content/files/MWR_Threat_Intell
igence_Case%20Study_WHA.pdf

Office of Cyber Security and Information Assurance. (2016). The

UK Cyber Security Strategy 2011–2016. Cabinet Office. Retrieved
from https://www.gov.uk/government/uploads/system/uploads/
attachment_data/file/516331/UK_Cyber_Security_Strategy_Ann
ual_Report_2016.pdf

Protecting your organisation from ransomware. (2016).

Ncsc.gov.uk. Retrieved 24 April 2017, from
https:// www.ncsc.gov.uk/guidance/protecting-your-
organisation-ransomware

RAND Corporation. (2005). Aum Shinrikyo, Al Qaeda, and the

Kinshasa Reactor. Retrieved
from http://www.rand.org/content/dam/rand/pubs/documented
_briefings/2005/RAND_DB458.pdf
SANS Institute. (2003). Federal Intrusion Detection, Cyber Early
Warning and the Federal Response.

SANS Institute Reading Room. Shea, D. (2003). Critical

Infrastructure: Control Systems and the Terrorist Threat.
Retrieved from https://fas.org/irp/crs/ RL31534.pdf

Thomas, P. (1997). Experts prepare for ‘an electronic Pearl

Harbor’. CNN (Washington). Retrieved from http://
edition.cnn.com/US/9711/07/terrorism.infrastructure/

Ulmanu, A. (2017). Study: Companies largely unconcerned with

IoT security. Bitdefender. Retrieved from
https:// www.bitdefender.com/box/blog/iot-news/study-
companies-largely-unconcerned-iot-security/?sm_id=SMGlobal

United States Department of State. (2002). Patterns of Global

Terrorism (p. 63). Retrieved
from https://www.state.gov/documents/organization/10319.pdf
Vatis, M. (2001). Cyber Attacks During The War On Terrorism: A
Predictive Analysis. Institute for Security Technology Studies at
Dartmouth College. Retrieved
from http://www.ists.dartmouth.edu/docs/cyber_a1.pdfWhat are
phishing scams and how can I avoid them?. (2017). Kb.iu.edu.
Retrieved 24 April 2017, from https://kb.iu.edu/ d/arsf