Home >> Terrorism >> Counter-Terrorism

     Email   Print 

Cyber Terror – What If?

Sammy Elrom - 10/12/2009

Studies on the transformation of terror groups from a hierarchal structure into a flat, multi-cell, multi-nation amorphous organization, show that the Internet and mobile communication became the exclusively venue that holds together those disparate cells, ideologically and operationally. During this process, approximately from 2003 and on, terrorists needed Internet and networking expertise which they didn’t have at that time. Understanding how vital those means are for self-survival, recruiting, planning, training and indoctrination, terrorists invested unique efforts in augmenting their knowledge and perfecting Internet exploitation for their purposes. If in 2003 terrorists had few true professionals at their disposal, much more complex and sophisticated intrusion and hacking techniques performed by their in house grown professionals began popping up more frequently. This is because as IT becomes more widely common and public knowledge more cyber terrorists need less highly trained people to perform the suite of activity defined as cyber terrorism acts. In a detailed report released in December 2002 by the Center for Strategic & Intl’ Studies, the project director James Lewis, stressed that “we threat cyber security as an orphan in the storm. This is the place we’re being hurt the most. People have miscalculated the threat”. Obviously, even then there were enough indicators to what was about to come: a combination of official denial propped by private expertise which resulted in a bureaucratization of the subject, neglect to define cyber terrorism threat as real, that led to prevention of regulations aimed at establishing workable countermeasures.

What’s in the cyber terror arsenal?

The Internet and its derivates offer members of terrorist groups endless ways to align themselves with the ideological and practical facets of their organization. It allows local and group leaders to perform a host of tasks which were impossible before switching to the Internet as their main communication frame. Among others, it facilitates:

• Delivery of information – ranging from news to religious fatwas, to recruiting calling campaigns
• Networking – anonymously coordinating, planning and adjusting, adapting and constantly changing the organization to keep it flexible and less predictable. It is also used to mitigate risks, protect sources and add security to the structure
• Intel and info gathering & sharing – ranging from data mining, open sources, exploitation of Western liberties and intruding weak systems
• Recruiting – one of the most effective tools, as it can use all media venues, launch targeted campaigns and focus on certain groups, say computers savvy
• Financing – focused solicitations using various websites simultaneously, benefit from e-schemes, identity theft, e-commerce entities and customer buying tools. Also, raising money through charities and front organizations
• Ideological & psychological warfare – tuned to reach various audiences and population groups, whether by disseminating fear of terror, uncertainty and instability
• Use of open sources – which enable to create, develop and launch programs, viruses and Trojans traps that can be activated at any time

The notion, thought by some pundits and academia gurus, that what we learn and the information we gather from terrorists using the Internet has greater value than the cumulative damage they can create, is long gone (“They are a greater value as an intelligence source than if they were to disappear”, J. Lasker “Watchdogs Sniff Out Terror Sites” piece, 2005). Even if this was true before 9/11, since 2003 the proliferation of terrorist sites is definitively an indication that the payoffs in terms of publicity, indoctrination, recruiting and propaganda values, are higher and more profitable than the exposure risk. Not only that it allows terrorists to trick law enforcement and intelligence agencies by seeding misinformation and conduct psychological warfare, and mislead, confuse and break coordinated efforts to gather intelligence.

Unfortunately, too many options, security gaps and gaffes remain widely open and are fully taken advantage of by a host of known terror groups like Al Qaeda and less known, stealthy small organizations like Al-Takfir Wa’l Hijra (see “Al-Takfir Wa’l Hijra”, www.theelromreport.com , 2007). This is because the Internet is so widely spread and so deeply rooted into our social, economic and financial fabric, that it is impossible to control the flow of information or regulate any of its activities. Every www network aspect becomes old technology faster, and Internet generations shorten with every technology cycle. Therefore, old data processing, content auditing, regulation and computer security models become obsolete, sometime before it has gained grounds. This is a situation which terrorists were quick to grasp and instrumental in attaining technological power to manipulate the tools that it offers for free, thus augmenting the real cyber terrorism threat.

One of the most powerful weapons that the www network offers is uncertainty. Uncertainty of whether terrorists have really harnessed the Internet to the level that it can cause destruction of a national scale, uncertainty whether they consider the Internet an equal weapon to physical attacks, and uncertainty regarding the level of disinformation and misinformation is run do blur what really happens. Nobody denies that the www added new dimensions to their existing assets used by terror groups, basically widening their options.

Regrettably, terrorists are far ahead of us in this new battle field. This is because the pundits’ opinion and the lack of vision, have allowed terrorists to emerge under a new, morphed structure, which made Internet communications a “live or die” issue. The short sighted vision of those in charge with national security made possible the today situation where terrorists have a significant lead. Trying to catch up now requires infinite sources, extreme coordination efforts between and with scoreless agencies and private industry, which is raises questions if it is possible at all. We could have avoided this menacing situation should had those in charge accepted that the terrorists are not all backward individuals with past century beliefs, therefore incapable of using a cell phone, let alone sophisticated internet tools.

First and foremost, there are some fundamental measures that must be taken if we intend to give ourselves a slight chance to succeed, starting with agreeing that the cyber terror is for real, an increasing plague hanging over our head like Damocles’ sword. One of the most serious concerns because of the given nature of the Internet, terrorists can afford to suffer temporary web relate defeat, sites closed and malicious information dissemination blocked. It can even withstand being much more virtually exposed, which translate into providing good information sources to our intelligence and law enforcement agencies. This is because each such case provides them with valuable lessons, allow them to correct mistakes and learn where to pinpoint their efforts in circumventing the security systems in place. Weighing what is the added value we gain from spying after terrorists on the web, against what terrorist gain from our activity and anti cyber terror actions, it becomes increasingly clear that terrorists may have the upper hand. And this should create serious reason for concern. Contrary to counter attacking terrorists, kill them, capture them and have them constantly on the run, if a terrorist website is taken down, nobody dies; they just move to another server, open a new website or communication premise, better organized, better protected and better prepared to deal with our anti cyber attacks.




What if

If there are out there officials in charge with national cyber security which embrace the same unchanged views that cyber terrorism can’t have a disastrous impact on our lives, in spite of the accumulating evidence of the contrary, they should think twice. For the sake of trying to awake the stewards at the nation’s steering wheel and force them to take action, and being convinced that the following is a real scenario which may materialize if we as a nation continue look for solutions blindfolded, we must look at the most dangerous possibilities. Think about this dreadful scenario and ask yourself it isn’t realistic: what if there is a simultaneous attack that combines various forms of cyber attacks on selected targets such as military and police installations, first responder bases and hospitals, either by choking the communication pipelines or by stealth intrusion. What if at the same time there is an attack on one or more critical infrastructure targets such as an oil port, an airport and a big mall. What if the attack involves the detonation of a dirty bomb? And what if communications in the area are down, the roads backed up or blocked and chaos starts reigning in the affected areas. Does it sound to sophisticated for a terrorist group to pull this off? Not really, if you think the coordination level they’ve reached back in 2001, in spite of the excess of information available to us, compared to the “baby-step level of cyber sophistication” we were told they commend. If only part of this terror attack puzzle materializes, is there an alternative plan on our part that coordinates all the forces on the scene, even if the expected and planned emergency and contingency means and equipment are broken? If there is an extremely weak component in any intervention and first response plan, at any level, it is safe and uninterrupted communications. Can any pundit who advises us not to take cyber terror threats too seriously, show us viable alternatives, or do they once more provide their enlightening expertise without considering the consequences, because as usual they won’t be held accountable?


Conclusions

So much has been written about what we have to do to protect ourselves that I find it useless to repeat the same once more. Suffice to say that the more we delay taking on the critical actions, the shorter the meantime needed to close the technological gap between us and them is. Not only this, but the gap is closing at a much faster pace than ever. Firewalls, encrypted programs, anti viruses/phishing/malware and other such programs, as advanced as they are, can’t cope with an abundance of hacking bombardments on the good old and vulnerable World Wide Web network, by millions of ill-intended content, whether just by for-the-fun hackers or by real terrorists. As you’ve read previously, deep intrusion, distortion of data, installation of highly advanced dormant worms and sensitive information theft, are by now all daily practice.

Logically, each such break-in, intrusion, online identity theft or information theft, provides a new source for updates and lessons, from which terrorists siphon vital info and correct previous mistakes. If there is a reasonable systematic defense approach against these inevitable-to-arrive events, it is what always worked: preventive and well coordinated counter attacks. But, in order to be effective, creative and conduct a sustainable dynamic preventive and counter-attack campaign, many basic behaviors must fundamentally change, starting with identifying cyber terrorism as a prime threat to national security. Until we reach a consensus, security officials will continue to drag their feet, while hoping that the private industry will take the necessary measures trying to protect their stake in the huge investments made. While there are spots of concentrated efforts to deal with the problem, like in the military, there is no comprehensive plan designed to coordinate those efforts. This can be seen in the almost panic and disoriented behavior when a major break-in is leaked to the public. What has been done, what is being done and what is planned is far from enough. Bottom line, I am very, very concerned, and the fact that today authorities sound more scared than ever doesn’t bring any comfort, given that our enemies are probably far ahead of us. Can we catch up with them? You tell me !!!