Cyber warfare continues to grow larger than imagination as the public becomes more aware of and involved in technology. This work in writing will identify a case study that presents a 'cell', 'klan', or 'state', which conducted or has the capacity to conduct cyber warfare. This work will describe the elements of: who, what, where, and why and means of conducting such cyber warfare and the organizational ideology behind the attack. Finally, this work will conclude with a review of how the attack could be prevented, either through training or certain tools.
There is a group that calls themselves 'Anonymous' which has exposed the weaknesses in American cybersecurity and while the group Anonymous is not staging or conducting cyberwarfare, they have revealed through their hacking of the Internet that hacking down the American infrastructure would not be as far-fetched as once was believed. Anonymous has managed to conduct hacking operations on agencies including the CIA, police departments and other such websites. While this appears as terrorist in bent group in reality Derek Mead explains that it is instead a group bent on targeting "…the arrogant jerks of the world." (2012) Terrorist cells are hideously more dangerous and are instead of Anonymous which is a group of "fluid netcitizens" are instead on an honor bound mission to inflict holy war upon a peaceable nation. Terrorists are individuals bound by common creeds, religion, ethics, morality, and rationalizations and are driven by hatred and greed with no respect for human life and with not as much as a nod to the ideas of democracy and freedom. One such group is identified and described in the following section of this work in writing.
I. Who? Al Queda
Rollins and Wilson (2007) states that the use of the Internet and other telecommunications devices is expanding rapidly not only in regards to being reliant on thee for support of the activities of their organizations but in achieving the skills to enable operational goals. Examined in the report are "possible terrorist objectives and computer vulnerabilities that might lead to an attempted cyber-attack against the critical infrastructure of the U.S. homeland, and also discusses the emerging computer and other technical skills of terrorists and extremists." (p.1) It was reported May 16, 2012, that Al Qaeda "may be turning its destructive attention to cyber-warfare against the United States. In a chilling video al Queda operative calls for electronic jihad against the United States, and compares vulnerability in vital American computer networks to the flaws in aviation security before the 9/11 attack." (Threat Journal, 2012) The al Queda video is reported to call upon the "covert mujahidin to launch cyber attacks against the U.S. networks of both government and critical infrastructure, including the electric grid." (Threat Journal, 2012) The video is reported as having been obtained by the FBI in 2011 and released in May 2012 by the Senate Committee on Homeland Security and Governmental affairs." (Threat Journal, 2012) The report states that Homeland Security and Governmental Affairs Committee Chairman, Joe Lieberman, I -- Conn stated "This is the clearest evidence we've seen that al Qaeda and other terrorist groups want to attack the cyber systems of our critical infrastructure." (Threat Journal, 2012) Additionally stated in the report is that the national security community states "…the threat of cyber attack is real, and the gap between terrorist aspirations and capability is closing. The senior intelligence official at Cyber Command, Rear Adm. Samuel Cox, has said al Qaeda operatives are seeking the capability to stage cyber attacks against U.S. networks and terrorists could purchase the capabilities to do so from expert criminal hackers." (Threat Journal, 2012)
II. What? Defining Cyberterrorism
Cyberterrorism is defined by some as being an inappropriate label "because a widespread attack may simply produce annoyances, not terror, as would a bomb, or other chemical, radiological, or nuclear explosive (CBRN) weapon. However, other believe that the effects of widespread computer network attack would be unpredictable and might cause enough economic disruption, fear, and civilian deaths to qualify as terrorism." (Rollins and Wilson, 2007, p.3) Two definitions of cyberterrorism include those which are:
(1) Effects-based: Cyberterrorism exists when computer attacks result in effects that are disruptive enough to generate fear comparable to a traditional act of terrorism, even if done by criminals.
(2) Intent-based: Cyberterrorism exists when unlawful or politically motivated computer attacks are done to intimidate or coerce a government or people to further a political objective, or to cause grave harm or severe economic damage. (Rollins and Wilson, 2007, p.3)
II. How? The Objectives of a Cyberattack
The objectives of a cyberattack are reported to include those stated as follows:
(1) Loss of integrity, such that information could be modified improperly;
(2) Loss of availability, where mission critical information systems are rendered unavailable to authorized users;
(3) Loss of confidentiality, where critical information is disclosed to unauthorized users; and,
(4) Physical destruction, where information systems create actual physical harm through commands that cause deliberate malfunctions. (Rollins and Wilson, 2007, p.4)
It is related in the work of Rollins and Wilson (2007) that Richard Clarke, former Administration Counter Terrorism Advisor and National Security Advisor states that if terrorists were to "…launch a widespread cyberattack against the United States, the economy would be the intended target for disruption, while death and destruction might be considered collateral damage. Many security experts also agree that a cyberattack would be most effective if it were used to amplify a conventional bombing or CBRN attack. Such a scenario might include attempting to disrupt 911 call centers simultaneous with the detonating of an explosives devices. This type of example is usually contrasted to a widespread, coordinated cyberattack, unaccompanied by a physical attack, that would technically be very difficult to orchestrate and unlikely be effective in furthering terrorists' goals." (p.5)
The interdependencies among infrastructure sectors means that a cyberattack affecting one sector could as well "have disruptive, unpredictable and perhaps devastating effects on other sectors, and possibly long-lasting effects to the economy." (Rollins and Wilson, 2007, p.5) It is asserted that Al Qaeda and other terrorist groups with which they associate are "…becoming more technically sophisticated, and years of publicity about computer security weaknesses has made them aware that the U.S. economy could be vulnerable to a coordinated cyberattack." (Rollins and Wilson, 2007)
One of the primary objectives for a terrorist attack in the form of a cyber attack would be that of publicity. It is stated specifically: "Extensive coverage has been given to the vulnerability of the U.S. information infrastructure and to the potential harm that could be caused by a cyberattack. This might lead terrorists to feel that even a marginally successful cyberattack directed at the United States may garner considerable publicity." (Rollins and Wilson, 2007, p.6) It has been suggested that if a cyberattack were to occur and to become know to the public in general, that the attack would be a success no matter what the level of success actually experienced due to the attack and could lead to "widespread withdrawal of funds and selling of equities." (Rollins and Wilson, 2007, p.6)
It is reported that a security expert demonstrated at the 2005 Black Hat computer security conference "an exploit of what many consider to be a significant Internet security flaw, by showing how the most commonly used Internet routers; the computer's device that forwards data to a desired destination, could quickly be hacked." (Rollins and Wilson, 2007, p.6) The vulnerability in this router could enable an attacker to "disrupt selected portions of the Internet, or even target specific groups of banks or power stations." (Rollins and Wilson, 2007, p.6)
A report released in 2005 by the President's Information Technology Committee (PITAC) reported that the United States information technology infrastructure, critical for "communication, commerce and control of the physical infrastructure is highly vulnerable to terrorist and criminal attacks." (Rollins and Wilson, 2007, p.7) The report additionally stated that the private sector's role is one that is very important in protection of national security in its deployment of sound security products, and through adoption of sound security practices. (Rollins and Wilson, 2007, paraphrased)
Rollins and Wilson report that in a recent survey of 136,000 PCs that were used in 251 commercial businesses in the United States found that a "major security software patch, known as SP2, was installed on only nine percent of the systems, despite the fact that Microsoft advertized the importance of installing the security patch one year ago. The remaining 91% of commercial businesses surveyed will continue to be exposed to major security threats until they deploy the software patch throughout their organizations. This may bring into question the extent to which the private sector will self-protect without greater incentive." (Rollins and Wilson, 2007, p.7)
Studies conducted by computer security firms state findings that the "highest rates for computer attack activities were directed against critical infrastructures such as "government, financial services, manufacturing and power." (Rollins and Wilson, 2007, p.8) Additionally reported it the results is that the United States "…is…