Terrorism in cyberspace

ABSTRACT

Courage is a precondition for living in harmony in this world of risk and uncertainty. There are
two ways to face the danger: one, stay oblivious to risk, and two, plan, inspire and face the risk
head on. Technology can be used both for constructive and destructive works and is a dual-edged
weapon. Cyber terror is a fine example of technology's disruptive use that affects mankind. The
purpose of this paper is to recognize and resolve the notion of cyberterrorism in the world ,
including India. Time is the major player in any war and it is definitely more important to fight
cyber terror, where technology is rapidly evolving. This paper will also speak about potential
cyberterrorism defenses.

INTRODUCTION

It is crucial that a threat should be closely examined and identified for formulating any kind of
strategy , especially in addressing security threats such as terrorism. Indeed, it is the terrorist
concept itself that we should not be wrong, so let's not be wrong. Beauty and terrorism are not
easy to define in terms of their meanings. The idea of fear remains, as Beauty is in the eyes of the
beholder, with the country.  "Terrorism is a type of violent combat where violence against
civilians is intentionally used to meet political objectives.”1

The Indian Penal Code of 1860 amended from time to time does not contain terrorism as an
offense. In the 1987 Terrorist and Destructive Legislation, the term "terrorism" was first defined,
but this act was abolished in 1993. Again, in the Prevention of Terrorism Act 2002, the word
'terrorism' has found its place. In 2004, the act was also abolished. Finally, on 02 Aug 2019, the
Act 1967 on Criminal Activities (Prevention) containing the definition of a terrorist act was
amended and passed. "The Central Government can designate a terrorist organization in
accordance with this Act if it:

1. Commits or participate in act terrorism or

1
Boaz Ganor Page-17, The Counter-Terrorism Puzzle, A Guide for Decision Makers, 2007 Transaction Publishers,
New Brunswick (U.S.A) and London (U.K).
 2. Prepares for terrorism or
3. Promotes terrorism or
4. Otherwise involved in terrorism.

It is very important to identify 'terrorism.' It allows us to recognize the issue of terrorism and to
bring forward measures to remove that sort of bullet from the face of humanity. The act may also
allow people to be declared terrorists for the reasons listed above. To date, the agreement to
describe terrorism has not been established. It's very shocking.

CYBERTERRORISM

Cyberterrorism is a real danger that spreads its roots very rapidly in society. Global attention and
action to resolve this challenge are urgently needed. Cyberterrorism 's possible goals are the
mechanisms that govern the resistance and give resilience of the nation. Internet addiction has
dramatically increased and security threat horizons have also been increasing. New prospects are
presented by the digital world through traditional ideas and strategies of terrorism. Most terrorist
groups developed a deadly combination of weapons and technology during this time of learning.
IT is a two-edge tool that can be used for both constructive and destructive work. The only
solution to this issue is people's consciousness.

In general, the word cyber is used for computers, but it may include other information
technology, including individuals who are capable of interpreting the information. The Internet,
telecommunication, computer systems, etc. are the interdependent networks of the information
technology. Cyberspace is a global area. The terrorists who use cyber destructive terrorism are
intended to exploit the computer code and corrupt information networks to kill or harm both
physical and virtual national resources. The internet has facilitated extensive information
sharing. Therefore, space has been generated for individual or group operations by both
criminals and terrorists. It is necessary to understand the reasons behind these attacks, which will
enable the word cyberterrorism to be correctly understood. While cyber-terrorism can all be
linked to cybercrimes, cyber-terrorism can not include all cyber-crimes activities. Our cyber
world reliance is rising every day. Life without the internet is simply difficult to conceive about.
Different countries have adopted different rules and regulations on cyber security, but there is a
lack of cooperation at international level. We first of all must find an appropriate concept of
terrorism as well as cyberterrorism before deciding on action against cyberterrorism.

MOTIVES AND INTERESTS OF TERRORISTS IN CYBERATTACKS

There may be other plausible explanations for the cyber-attacks of terrorists. The first and most
important explanation may be the development of fear among people and their influence. The
other motives may be to ruin things and kill people. Subjects such as fund raising, planning,
reclamation, intelligence collection, etc. may be other lesser priorities for maintenance and
support. Specific advantages are described in the cyber domain:

1. Anonymous contact with and own cadres inside other terrorist groups.

2. Owing to personal protection in relation to physical attacks

3. Can quickly reach the goals

4. It is a very economic choice because it is only important to have a Laptop or mobile phone
with internet.

5. Different attacking methods are available

6. Vulnerable targets could be accessed via remote networks.

7. An average person can work without much knowledge. Very simple to use.

8. Speed will spread misinformation worldwide.

Terrorists will prepare, organize and covertly use the communication networks to execute cyber
attacks and other physical attacks. Just a few terrorists may carry out large-scale cyberattacks
and physical attacks in asymmetrical warfare, causing significant harm. Many thinkers and
strategists claim that the word "cyber terror" is not justified since a well-planned cyberattack will
lead to annoyances only and not terror as an IED or bomb. However, according to other theorists
and strategists, when an assault by computer networks leads to significant economic chaos, the
fear of the targeted population spreads, and can destroy civilians and non-combatants, it is thus
called "terrorism."

If cyber terrorism fulfills the following requirements, it may be considered an act of terrorism:

Effects-Cyberterrorism is present if the influence of computer-based attacks is sufficiently

destructive to trigger fear in targeted people's minds in contrast to conventional acts of terrorism.

Intent-based case- The goal of cyberterrorism is to threaten or coerce an individual or group of

persons for the purpose of achieving a political motive or harming or causing significant harm to
the properties of the targeted nationality. The goal of the incident is to end this cyber terrorism.

THE USES OF INTERNET BY TERRORIST FOR CYBERTERRORISM

Computer technology is used for political propaganda, terrorist recruiting and funding,
communication and collaboration with and between organizations, intelligence gathering, etc.
This helps terrorist groups to retain secrecy and to operate on a cost-effective basis during
routine activities and tactical operations.

Digital technologies as a particular component of terrorist targets or weapons include computer-

based attacks or threats or public transit systems, commercial facilities, people, political or ethnic
groups, security forces, national states or as far as any 'perceived enemy' is concerned. It is well
known that terrorists have knowledge of computers, the Internet and many other devices and
their use to support their terrorist cause. Such causes may range from social objectives to
political gaols.2

OBJECTIVES OF CYBERATTACKS

Inimical factors such as deliberate destruction of digital networks may have a variety of goals,
causing economic damage, damaging military equipment, encouraging citizens to join terrorist
2
[P.Brunts, “ Terrorism and Internet: New threats posed by cyberterrorism and terrorist using internet, “ M.
Wadea and A.Malijevic, eds, A war on Terror: The European Stance on a New Threat, Changing Laws and Human
Rights Implications, New York: Springer 2010 ].
groups, etc. There may also be other objectives. Cyber attacks are described as the intentional
acts for modifying, disrupting, upsetting, weakening, or destroying computer systems or
networks, and/or information transit. Cyberattack includes strategic use of computer systems,
technology-dependent businesses and networks.

A cyber-attack interferes with data integrity and authenticity mainly by malicious code which
changes the software in the program system , resulting in a disruptive or incorrect performance.
The entire internet network is absolutely checked by manipulation of security software. The
computer can be remotely controlled via the internet once infected.

Cyber attacks can disrupt the way ordinary people are living (for example, confusion if none of
the automated distributors are in operation). The link between global financial institutions, made
possible by modern communication technologies, increases the risk.3

STAGES OF A CYBER-ATTACK

Modern attacks are happening almost daily in all civilian or military weather organisations in our
cyber world. We must think and do things like military thought in order to combat these attacks.
These attacks take place at various stages in keeping with the terrorists' mission and aim. A cyber
attack occurs in 7 steps, described below:

 Identification – Hackers initially begin to look for a target profile that includes names,
titles, email addresses, mobile telephone numbers, etc. The targets are identified and the
assault is then prepared.
 Weaponization-The database of codes that are used by hackers and their attacks are
modified. They take into account the victims' networks, machine software and operating
system. Hackers then change their own codes and assault the unregulated software
program.
 Supply- Hackers are informed by study about the names of the CEO and other company
functionaries. Get their info from the search for Google. And then lure the boss and other
employees through various phishing tactics.

3
Orman, L. 2013 “Technology at Risk”, IEEE Technology and Society magazine, 23-31.
• Process- The hackers send CEO and other employees with attachments perfectly feasible
messages.

• Installation – The supervisor and other company workers are most likely to open the e-mail
with the connection received. If malicious software has been clicked it will take root.

• Command and control- After malicious code is created, messages are sent to hackers
remotely to the computer station. Then the hackers get the information and data disabled
according to their needs and demands.

• Target action – Eventually, hacks may create and carry out the desired operations by
contacting targets / targets.

METHODS OF CYBERATTACKS

Today, technology is changing very fast; this world is driven by social networks, online-
transactions, cloud-computing and many other automated processes. Good and bad always
progress at the same rates. On the one hand this technology has facilitated smoothness in our life,
at the same time it has given birth to new types of threat in our life. When terrorists and criminals
carry out cyberattacks, they use different strategies and tactics to re-invent the wheel. Common
types of cyberattacks are mentioned under:

1. Malware- Attackers love to use malware to gain foothold in users’ computer networks
and consequently the offices they work in. This type of attack is very effective. Malware
is kind of harmful software which damage the digital infrastructure. Viruses, spyware,
worms, ransomware are the popular examples.
2. Phishing- It is process of sending the fraudulent communication that appears to be come
from reliable sources. It is generally sent through emails. The goal is to steal the
confidential information or install malware on the victim’ computer. Advanced Persistent
Threats (APTs) and ransomware often start with phishing.
3. Man-in-the-middle-attacks- Also known as eves dropping attacks, occur when attackers
insert themselves in a two- party-transaction. Once the attackers interrupt the traffic, they
can filter and steal the data. They can basically enter through two routes.
 4. Denial of service attack- Through this they attack the floods systems, servers or
networks with traffic to exhaust the resources and bandwidth. As a result, system is
unable to fulfil the legitimate requests.
5. SQL Injection Attack- A Structure Query Language (SQL) injection occurs when an
attacker inserts the malicious code into a server that uses SQL and forces the server to
reveal information it would not normally. This can be done through injection of malicious
code in website search box.
6. Zero-day exploit- Attackers do this when a compromise is established and patching
work or remedial measures are initiated. They exploit the vulnerabilities during time
available.
7. Cross-Site Scripting (XSS)-Under these malicious scripts are injected in otherwise
benign or trusted websites. Attackers use web application to send malicious code,
generally in the form of browser side script, for different end using.

CYBERATTACKS IN INDIA

Cyber-attacks target the device and its users' recorded vulnerabilities. The world's lowest rate is
provided by Indian telecom service providers. India is more than 1.3 billion people, internet
users will certainly increase and vulnerabilities in the future will also rise.

In 2016, 50,362 cases of cyber-attacks were registered, according to the information provided by
the Computer Emergency Reponse Team (CERT). The number grew to 53,117 in 2017 with
2.08,456 cases significantly in 2018. By October 2019, there were 3,18,649 cases registered, the
highest over the past 4 years.” 4

“In 2016, cybercrooks were found to have stored thousands of files exposing the compatibility of
Indian submarine scorpedes. There were approximately 22,400 pages.” 5

“On 23 May 2017, under unclear circumstances, an SUKHOI 30 aircraft intended for air war
crashed on the Indo-China border. Three days after the crash the plane was destroyed and the

4
Amrita Nayak Dutta, The Print, India 25 Nov, 2019.
5
Economic Times CIO.com, 09 Dec, 2019.
Indian Air Force ( IAF) performed a crash report. The IAF internal investigation led to believe
that when airborne aircraft were cyber-attacked.” 6

Heist the Union Bank of India. Via a phishing email, hackers had access to funds transfer
credentials, swindling the Union Bank of India $171 million, but swift action led to the bank 's
recovery of almost the entire sum. In June 2017Petya Ransomware had a global impact,
including India, where container handling operations at the terminal run in Mumbai Jawaharlal
Nehru Port Trust by the Danish company A P Moler Maersk have been impacted.

“Kundankulam Nuclear Power Plant (KNPP) came under cyberattack in the last week of Oct,
2019. The damage was in the form of data theft, the same data can used to enhance future
attacks. Even ISRO faced attacks prior to Chandrayan-2 mission.” 7

In late Feb 2019, Pakistan based threat actor Green Havildar (a.k.a Goron Group) used to lure
related to airstrikes conducted by Indian Military within, Pakistan, airspace, allegedly targeting a
Jaish-e-Mohammad training camp. The lure document delivered crimson RAT payload to
victims. 8

COUNTERING CYBERATTACKS IN INDIA

As per Dr. V K Saraswat, member, NITTI Aayog, the state cyberattacks and cyber security are
enumerated as under:

 India is third in terms of the largest number of internet users worldwide after the United
States and China. In 2012-2017, the number increased by six, which is increased by 44%
a year.
 India is winning spots with the USA among the world's top 10 spam transmitters.
 According to the 22 October report of online security company "Symantec Corp," India
is one of the top five countries affected by cybercrime.

6
Naveen Gaud, Cybersecurity Insiders, May 23, 2017.
7
16. Analytics India Magazine, Dec19, 2019.
8
Cyber Threats 2019: A year in Retrospective. Cyber threat operations Feb 2020 by PWC.
The main perpetrators of cybercrime are usually members of nationally and globally active
organised criminal groups, criminal networks and criminal organisations. Almost everyone in the
world recognises the inherent criminal obligation of terrorist organisations. Since the terrorist
attack on the United States of America on 11 September 2001, the war on terrorism has
intensified internationally. Terrorism is considered a human concern. There have been several
countries reforming their existing laws, and some countries have implemented new legislation to
counter terrorism. Since 1947 Indian terrorism has been funded mainly by the state. India had
been strict with respect to extremism and the t amendments in 2008.

PUNISHMENT FOR CYBER TERRORISM

(1) Whoever – (a) trying to threaten or terrorise in the citizens or any part of the citizens by
India's unity, dignity, stability or sovereignty –

(i) denying or causing denial of access to the computer resource of any person allowed

or (ii) try, without authorisation or exceeding permitted access, to enter or access the computer
resource;

Or (iii) add or allow some Device Contaminant to be added. and by behaviour such as that causes
death , injury to persons or harm, loss of property or distortions, or knowing that the vital
information infrastructure referred to in section 70, or is liable to cause harm or disturbance to
provision or service necessary to the life of a Society, or that this is adversely affecting.

or (b) deliberately, or knowingly, access or access a computer resource without permission or

excess permitted access, and by means of such actions, access is granted to the information ,
data, or computer databases which is restricted, for the sake of the protection of the State or
foreign relations; For reasons that are fair to believe that information, data or computer databases
so obtained could be used for or likely to harm the interests of India's sovereignity and dignity,
the protection and security of that State and the friendly 26 foreign relations , public order,
decency or morale or in respect of court disdain, or any restricted information, data or computer
data database. The offence of cyber terrorism shall be defamed or incited, or to the benefit of,
any foreign country, group of persons, or otherwise.
(2) Someone who commits or conspires to commit cyber terror can be punished with life
imprisonment.

Several agencies in India work together to overcome the threats raised by cyberterrorism.

1. Indian-Computer Emergency Response- -- It was set up in 2004 and belongs to the Ministry
of Electronics and IT. This Nodal Agency battling cybersecurity threats such as hacking,
malware, spam, phishing, etc..

2. National Cyber Coordination Centre- In theory it was approved in 2013 and is the
responsibility of the National Information Board. It is a cyber-security and electronic service
monitoring company in India. The goal is to track communication metadata and to conduct the
activities of other agencies in the collection of intelligence.

3. Cyber and Information Security Division – Involved in cyber defence, cyber crime, national
security details, and politics, Natgrad, etc, he is a member of the Indian Ministry of the Internal
Affairs. It also functions as a main agency to prevent cyber space from being exploited in order
to enable radicals and terrorists to tackle cybercrime.

4. National Technical Research Organisation- It was established under the leadership of the
National Security Advisor in the Indian Prime Minister's Office in 2004. It also included the
National Institute for Cryptological Research and Development, the first one of its kind in Asia.
It is a domestic intelligence organisation.

5. Defence Intelligence Agency (India) - Formed in 2002, it provides and organises the military
intelligence of the Indian Defense Forces. It also talks about the technical features of our security forces.
The information warfare in general is treated such as psychological interception, cyberwar, etc.

6. National Crime Records Bureau— In 1986, the investigating agencies were formed to
provide information about crimes and criminals in order to link crime with preponderants. It
monitors, coordinates and carries out crimes and tracks criminal networks and schemes.

CONCLUSION

Terrorism is a dynamic and emotional topic. This approach is complex since it covers many
other issues including political , psychological, metaphysical, military, historical etc. It is
emotive, on the other hand, that an act of terrorism (by any means) generates feelings / emotions
in different parts of society. As such terrorism is confronted, various emotions arise. Terrorism
constitutes an unprecedented risk to humanity. The terrorist aim is to cause disturbance and to
cause fear in the minds of people. The reasons for such drastic actions can vary from political to
religious. History reveals that some nations have also used physical force in order to brace
themselves against others. National States and criminal groups that take part in such acts breach
the legal framework of the existing government. Digital world terrorist groups will infiltrate the
targeted group with pace and information amount. Through the use of digital networks, terrorists
may spread, employ and train young people to link to their equipment and collect funds. They
are also involved in the creation and implementation of subway operations with criminals who
normally kill people and damage infrastructure. These terrorists are helped to mask and divert
the attention of law enforcement authorities by criminal activity.

The identification and coordination of various cyber terrorism agencies is extremely significant.
However, much work is required for such a collaborative plan, it's easier to say than to do. We
thought we would win the war from the tactical stage for hundreds of years. Now the physical
location in the digital room has been moved. Various social scientists and cyber security
technology, in intelligence and terrorism studies, in international security, cyber terrorism and
online security, have explored and discussed various threats and complex topics both in India
and in the world. In the well-defined policies and procedures for all organisations, adequate
cyber hygiene is essential.Cybersecurity should be part of the process of every coordinating
group. After the report, the technical advances could be based on overcoming more advanced
threats, such as honey traps, stupid websites, malware trapping sandboxing, trapping games and
punching pants. Proactive, ready and organised cyberterrorism is required with a set of
inspections, expertise and a well-established security strategy, with legislation , regulations,
duties and roles defined. The Management Strategy should concentrate on good principles of IT
governance and concentrate on definable standards that give all stakeholders trust.