This document discusses cyberterrorism and defines it as involving intent to conduct an act using cyber means to influence people or government for political, religious, or ideological motives. While there have been no officially designated cyberterrorism attacks, some alleged incidents include the attacks on Estonia in 2007. Defending against cyberterrorism requires international collaboration between law enforcement and establishing legal frameworks like the Tallinn Manual. As technology advances, more devices are vulnerable to compromise, so future counter-cyberterrorism efforts will need a coordinated multi-national approach.
2. Example of a Cyberterrorism Attack
●
Stock market attacked from out of country
●
Devastating to economy
●
Causes chaos
●
Can cause political tension
●
Is damaging to the entire state
●
Great example of a cyberterrorism attack
3. What is Cyberterrorism?
●
●
●
●
Keiran Hardy
Must involve intent to conduct the act and
to influence people or government
Must include some political, religious, or
ideological motive or purpose
Can include the bringing about of harm
4. What is Cyberterrorism?
●
●
●
Difference between cyberterrorism and
hacking
Hacking may be done for monetary gain or
recognition
Hacking generally affects a small portion of
the population
5. What is Cyberterrorism?
●
●
●
Cyberterrorism has a larger purpose than
hacking
It focuses on attacks that can damage
countries and governments, not individuals
Cyberterrorists may kill citizens or
dignitaries
6. History of Cyberterrorism
●
Originates from cybernetic, from Greek for
“the one who governs” and terrorism, from
the Latin for “to inspire fear”
●
Not much of a history, relatively new field
●
Legal definition
7. History of Cyberterrorism
●
UN's Ad Hoc Committee on Measures to Eliminate
International Terrorism
●
UN International Crime and Justice Research Institute
●
NATO's Cooperative Cyber Defense Center for Excellence
●
G8 Communiques
●
The International Telecommunications Union
●
The International Center for Conuterterrorism
●
INTERPOL
●
EUROPOL
8. History of Cyberterrorism
●
●
●
●
EU Convention on Cybercrime
Most significant international treaty in this
area, still doesn't mention cyberterrorism
It does define national and international
cybercrimes
And lays out procedural law and production
order for investigation of cybercrime
9. History of Cyberterrorism
●
●
No previous attacks defined as
cyberterrorism
Have been alleged cyberterrorism attacks
–
Titan Rain
–
Estonia attacks
–
Stuxnet
10. What Can Be Attacked?
●
Almost everything
●
Pacemakers
●
Other embedded medical devices
●
Vehicles
●
Smart home systems
●
Mobile devices
11. What Can Be Attacked?
●
Nuclear facilities and other infrastructure
●
Stuxnet
●
Devastating attacks, cutting off utilities and
damaging the economy
●
Can funnel money back to terrorist groups
●
International Space Station
●
Attacked multiple times
12. What Methods Are Being Used?
●
Worms
–
–
Code capable of copying itself and corrupting or
destroying system data
–
●
Stuxnet
–
●
Malware program that replicates itself in order to
spread to other computers
Common in botnets, used to infect many computers
Viruses
Trojan Horse
–
Program that breaches security while performing an
otherwise innocuous function
–
Could infect civilian or government systems
13. How Can We Defend?
●
Classic Counter-terrorism
–
–
●
Physical eliminating the threat
Tracking and investigating cybercrimes to
find further evidence
International Collaborations in Countering
Cyberterrorism
–
National police forces and legal systems
struggle
–
Conflicting interest of member-states
14. How Can We Defend?
●
Current Policies
●
Tallinn Manual (2013)
–
Initiated by NATO's Cyber Defense
Centre for Excellence
–
Identifies 95 black letter rules that
represent restatements of the law applied
in cyber context
15. How Can We Defend?
●
Current Policies
●
2012 Chicago Summit Declaration
–
Helped bring all NATO bodies under
centralized cyber protection
–
Created a rapid reaction team to assist
member states
16. How Can We Defend?
●
Current Policies
●
2011 Cyber Defense Policy
–
Confirms that cyber intrusions at the
member-state level must be handled
politically, not militarily
17. Careers in Cyberterrorism
●
United States
–
–
●
Annual growth of 15%
–
●
Currently 91,080 cybersecurity experts
Estimated to have 25,000,000 cybersecurity
experts currently
–
Pushing to have 500,000 cybersecurity experts
in the next five years
–
Currently has 556 experts
China
India
18. Conclusion
●
●
●
●
Cyberterrorism is more than just hacking
There have not been any official incidents
of cyberterrorism
As we develop new devices, they get
compromised
Any counter-cyberterrorism effort will have
to be a multi-national effort
19. Sources
●
A Multidisciplinary Conference on Cyberterrorism: Final Report
–
●
●
Networks and Netwars: The Future of Terror, Crime, and Militancy by John
Arquilla and David Ronfeldt
Cyberterrorism: How Real is the Threat?
–
●
●
http://dspace.cigilibrary.org/jspui/bitstream/123456789/15033/1/Cyberterrorism%20How%20Real%20Is%20the%20Threat.pdf?1
Cybersecurity & Algo Trading Most Happening Careers in the Field of
Management and IT
EU Conventions of Cybercrime
–
●
http://www.cyberterrorism-project.org/wp-content/uploads/2013/07/CTP-Conference-Report.pdf
http://conventions.coe.int/Treaty/en/Treaties/Html/185.htm
Understanding Cyberterrorism
–
http://search.proquest.com/docview/1173888997?accountid=27857