September 3rd, 2003, 11:02 AM
Ok everyone I need you help, For my final in my Political Science class I ahve picked the topic of "electronic terrorism". I would greatly appreseate it if anyone and everone could post any know reliable sorces on the topic. No this is not me trying to be alzy, I will also be searching the online world for information about this as well as spening hours in the library, Im just asking to be a little more efficent. So thank you all inadvance and a link to anything simialr to the topic would be great. Oh and if it meens anything i will give greenies to those of you who help me. Thanks.
September 3rd, 2003, 11:08 AM
Electronic Terrorism seems fairly broad. What exactly are you writing about? eg. that it's possible; historical view; legality; etc.
September 3rd, 2003, 11:27 AM
September 3rd, 2003, 11:39 AM
Ok, Msmittens is right that is too broad, Im aiming for globalization, how everyone says the internet brings friends closer, I wanna show that it brings your enemy to your door step, also I want to show how the US is so dependent on technology that if we were to get attacked we would crash and burn so to speak. And thank you both for your rapid response
September 3rd, 2003, 12:55 PM
i can't imagine terrorist using the internet directly for there purposes, i see it more as a backbone to aid them. Obviously e-mail's and information being sent very quickly accross the world is gunna help. Also PGP (public key encryption) used on the internet for secure transmissions, mainly used for ligitamate reasons, can also hide terrorist plans from the government. However after September 11th the FBI got acceptance from the supreme court to search hotmail for files relating to the attacks, and about a couple of hours later they had done it. If you think about this i can see this as a diffrent type of terror because i am not an american and yet the supreme court in America allowed the FBI to scan my files, i think this terror is the same even though the message has been manipulated by the media (for example hardly telling anyone that this had been done) also the reaction time of the FBI to this allowance seemed rather quick i have heard many people who think this is done regularly however the FBI can only use the information they gather for leads because people would ask them were they got there info and they wouldn't be able to explain.
i think you should try to think outside the box like is thousands of peadophiles gathering and talking not a terror but how can we stop them, is it out of anyone's control, should it be controled? i know it doesn't sound like terrorism but many things on the internet might be corrupting the ideas of our youth and changing political ideas that way.
maybe i am way off subject i don't know but exposing banks to the internet could make them vulnerable to attack from terrorist attacks and i suppose virus's could be used to good effect to terrorize a population
i am most likely just rambling................... oh well
September 3rd, 2003, 01:00 PM
Forgetting that Encryption isnt legal in some other countries? If you dont think it is try installing the encryption pack for Windows 2000. The read me lists countries where that is not legal. In America its legal, but that doesnt mean it is everwhere else.
September 3rd, 2003, 01:23 PM
If you look at the north koreans there was a story about them recently how they are suspected of having a cyber warfare team,
It makes perfect sense really they havent the money to do anything really, so they get a couple of computers and develop techniques, all they really need is people capable of using Nmaps and exploiting vunerablitys. imagine what they could do with people who knew how to create exploits and the like.
electronic terriosm can take place from anywhere in the world, theres no physical barriers preventing people entering a country, they could be in a internet cafe or libary weres theres no secuirty cameras, wear gloves and other such precutions, and if the computer was ever located that was used for the attack the chance of catching someone who has worn glove in a public place if going to be remote, not to mention the serious amounts of DNA left.
Electronic terriosm can be anything really, from basic DoS attacks to the extremes like bringing down public services (power or water) or even the unlikely such as launching missles, (very unlikely)
Anything that disrupes the country is terrrosim, the westen world is based on the economy and communications, disrupted these and theres going to be serious problems
The internet is ideal, as its annonomous and relativly simple to create havoc if the computer is in the correct (incorrect?) hands
also things such as bringing down physical secuirty messages (CCTV, alarms) can also help the would be terriorist,
September 3rd, 2003, 01:28 PM
Terrorism in any of it's forms is impossible to stop without the absolute removal of the freedoms many of us hold dear. There is a big difference though between all the other forms of terrorism and cyber-terrorism. It kinda runs along the lines of MAD, (Mutually Assured Destruction), in the Cold War era. If a terrorist group is big enough and well organized enough it can throw enough bombs at you to ensure that at least some get through to do the damage they require. In Cyber Terror however it becomes more difficult to inflict damage for sufficient time to be of significant use. Yes, they can bring down the root DNS servers by flooding them..... But for how long? If it lasts long enough I can create my own hosts file if I want and still have limited access to the world I need to see. But is it conceivable that all the root servers can be DoSed for sufficient time..... And if they do bring it down I can still pick up the phone/fax and do business.
If you bomb my power plant it takes me months to properly recover. If you bomb my DNS it takes me hours/days..... The differential in damage is not sufficient to make it a serious threat to national security. OTOH, improperly secured networks utilized by the security apparatus of a country is a much more valuable goal for cyber terrorists. Imagine knowing ahead of time that the FBI are investigating Ali Bin Sali...... He can go to ground and someone else can take over his tasks..... When the FBI stop or shelve their investigation of him he can return to duty..... Ever played "Whack the Mole"...... Imagine it with the stakes being 100, 1000 or 10000 lives if you fail...... There's your threat......
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
September 3rd, 2003, 01:29 PM
Forms of electronic terrorism
I think that you can divide electronic terrorism into many different forms, so of them more serious than others.
For example, for those countries that have national proxies for Internet access (such as the United Arab Emirates for example), a terrorist could hack that proxy to: disrupt access, redirect to pornographic material, open up to all information, ...
Another example of terrorism could be the release of a virus/worm targetted at power plants. An example of vulnerability was given in this post:
Slammer worm and power plants
Aside from these electronic attacks, you could also imagine hitting physical infrastructure to disrupt global networks. For example, blowing up the Amsterdam Internet Exchange would have a severe impact on the Internet in the Netherlands and on trans-atlantic connections, since Amsterdam is one of the main European cities for connections to the US.
Back in May 2002, the International Telecommunication Union has a symposium on the security of information networks, trying to identify the weaknesses and the risks in a global network world. The US can strengthen its networks all it wants, but as long as these networks are then connected to other countries, you are creating weaknesses in your armour.
You can find more information on it at: Creating Trust In Critical Network Infrastructures
auio_head brings up an interesting point about the reach of the FBI in scanning Hotmail accounts. Since you are using a service provided by an American company located in the United States, this is understandable. However, did you know that the Patriot Act included a paragraph giving the United States the power to filter and scan every packet of information transiting through the United States. This means that for an email going from Europe to Australia, it would most likely transit through the US and suddenly fall under US jurisdiction.
The short of the story is that, as we get more reliant on communications networks, we also become more vulnerable to attacks against them. What was the impact on New York of a power outage? Tremendous. It even had an impact on trans-Atlantic Internet traffic and airlines in Europe. That's the result of our global environment.
"To estimate the time it takes to do a task, estimate the time you think it should take, multiply by two, and change the unit of measure to the next highest unit. Thus we allocate two days for a one-hour task." -- Westheimer's Rule
September 3rd, 2003, 04:07 PM
As we have all seen, terrorists tend to attack where the chance of defeating the attack is small and the effect (or sometimes just the publicity) of the attack will create a psychological and/or physical effect that they perceive to be of benefit t their cause. Whether they will engage in electronic or cyber terrorism is dependent solely on whether situations can be found that will create effects they wish to create with an acceptable level of risk to themselves (sometimes the acceptable level of risk is quite high, e.g., suicide bombers.)
The proper function of the FBI or other agencies of government is to raise the level of risk to an unacceptable level for the terrorist while not overly impacting the rights of citizens. In the absense of a citizen voice on these issues, it is natural for a government agency to tend toward extremes -- after all, who is blamed when the disaster happens? Conversely, who praises any government organization for exercising moderation in these matters (usually they are simultaneously criticised by one group for going too far and another for not going far enough.
It is our responsibility as security professionals to be active in these discussions, supporting needed security measures and pointing out sham security measures that make bureaucrats feel better. but add nothing or even subtract from actual security.