Seminar Report Cyber Terrorism

Cyber Terrorism
Hurdles faced by the wired
World

www.seminarsTopics.com 1
Seminar Report Cyber Terrorism

ABSTRACT

Cyberterrorism is a new terrorist tactic that makes use of information systems or

digital technology, especially the Internet, as either an instrument or a target. As
the Internet becomes more a way of life with us, it is becoming easier for its users
to become targets of the cyberterrorists. The number of areas in which
cyberterrorists could strike is frightening, to say the least.

The difference between the conventional approaches of terrorism and new

methods is primarily that it is possible to affect a large multitude of people with
minimum resources on the terrorist's side, with no danger to him at all. We also
glimpse into the reasons that caused terrorists to look towards the Web, and why
the Internet is such an attractive alternative to them. The growth of Information
Technology has led to the development of this dangerous web of terror, for
cyberterrorists could wreak maximum havoc within a small time span.

Various situations that can be viewed as acts of cyber-terrorism have also been
covered. Banks are the most likely places to receive threats, but it cannot be said
that any establishment is beyond attack. Tips by which we can protect ourselves
from cyberterrorism have also been covered which can reduce problems created by
the cyberterrorist.

We, as the Information Technology people of tomorrow need to study and

understand the weaknesses of existing systems, and figure out ways of ensuring
the world's safety from cyberterrorists. A number of issues here are ethical, in the
sense that computing technology is now available to the whole world, but if this
gift is used wrongly, the consequences could be disastrous. It is important that we
understand and mitigate cyberterrorism for the benefit of society, try to curtail its
growth, so that we can heal the present, and live the future...

www.seminarsTopics.com 2
Seminar Report Cyber Terrorism

Introduction

The world is a very large place, but it is getting smaller, thanks to the advent of
computers and Information Technology. However, the progress that we've made in
these fields also has a dark side, in that a new terrorist tactic, commonly called
Cyberterrorism has developed. The old, conventional methods of assassination and
hostage taking are slowly fading, as terrorists head towards the Internet to pull
their stunts. The cause for this kind of a transition stems from the fact that the
terrorist has long since realized that removing one official from office only causes
another official to take his place; which is not the end-result the terrorist wished to
achieve. This causes the terrorist to take to the net, thus affecting a wider section
than could otherwise have been targeted. From disabling a country's economy to
shutting off power in large areas, it's all possible, with less risk to the terrorists.

Cyberterrorism is any act of terrorism that uses information systems or digital

technology (computers or computer networks) as either an instrument or a target.
Cyberterrorism can either be "international", "domestic" or "political", according
to the nature of the act, but it is always an act involving a combination of the
terrorist and the computer.

Why IT is so attractive to the terrorist?

Terrorist groups have been using computer technology to secure many of their
goals. They have been exploiting existing modern technology to accomplish the
same goals that they have been working towards in the past. However, the key
differences between their old tactics and their newer methods lie in the ease with
which their operations can be performed, as well as increased anonymity. It is
extremely difficult to detect such clandestine operations, and needless to say, even

www.seminarsTopics.com 3
Seminar Report Cyber Terrorism

more difficult to counter such acts. Terrorist groups take advantage of computer
technology to create support structures that serve to strengthen their tactical and
strategic plans and goals. These are achieved by:
• Political propaganda
• Recruitment
• Financing
• Intra and inter-group communication and coordination
• Information and intelligence gathering
• Ease of operations that are cost-effective, both in terms of resources used, and
ability to strike worldwide.

Specific examples of the facilitation of terrorism through the use of computer

technology illustrate the appeal this technology has for terrorist groups interested
in advancing their particular agendas. The use of the Internet for propaganda and
disinformation purposes is an especially popular one. Many exiled political
opposition groups from such states as Iran, Iraq, Mexico, Northern Ireland and
Saudi Arabia have used the World Wide Web for just such purposes.

One of the most demonstrative examples, however, involves the case of the
December, 1996 takeover of the Japanese Ambassador's residence in Lima, Peru
by the Tupac Amaru Revolutionary Movement. Not only did this terrorist group
use the Internet to communicate its revolutionary message to the rest of the world
through a European website, it even offered a video clip of its members preparing
for their mission.

The added attractiveness of the Internet for terrorists is that the widest possible
audience for their violent activity not only reminds them of the major themes of

www.seminarsTopics.com 4
Seminar Report Cyber Terrorism

their campaigns, it also heightens fear in the target audience by reminding it

of the potential for future violence.
In addition to aiding terrorist propaganda, computer networks also enhance
terrorist recruitment and financing. Various supremacist groups in the United
States have also used the Internet for financial gain.

The nature of modern computer technology is such that it also lends itself to the
communication and intelligence activities of terrorist groups. The attractiveness of
this feature for groups eager to expand their activities can be explained as follows:
Information Technology gives individuals and groups a reach and influence that
was previously reserved for well-organized, state-funded terrorist organizations.
Physical distance and national borders that once separated terrorists from their co-
conspirators, their audience and their targets cease to exist in the world of modern
telecommunications and the Internet.

Organizations such as the Islamic fundamentalist groups that follow Osama Bin
Ladin rely on computers to coordinate their activity. The Revolutionary Armed
Forces of Colombia, for example, is known to respond to press inquiries via e-
mail. In the case of the intelligence gathering activities of terrorist groups,
computer networks and access to the World Wide Web are equally important.

Modern computer technology has not only enhanced much of the above activity,
but it has done so in such a fashion that the terrorist groups that utilize it are now
able to operate beyond the range of traditional counter terrorist approaches. The
terrorist ability to engage in "growth activity" such as recruitment, communication
and especially financing without the knowledge of state authorities may inevitably
lead to stronger and hence, more resilient terrorist groups. In turn, the potential for
terrorist groups to engage in activity that focuses less on threats and more on
actions that can be seen and felt is significantly heightened. Modern terrorist

www.seminarsTopics.com 5
Seminar Report Cyber Terrorism

groups that are able to develop undetected may become stronger, more elusive and
deadlier than their earlier counterparts.

Moreover, and perhaps even more importantly the advent of computer networks
has spawned a new direction in the organizational structure of terrorist groups.
Terrorist groups utilizing computers for communication are likely to move beyond
hierarchical organizational structures and employ networked ones.

What the Cyberterrorist can do?

Terrorist groups engaging in cyberterrorism are noted for threats to commerce,

public safety and national security. These threats can take any number of forms,
but are generally seen as computer versus computer confrontations (While the
current discussion focuses on the use of "high tech" applications in terrorist
operations, "low tech" operations against a victim's "high tech" infrastructure
should not be ignored.) Terrorist groups use their own computer technology to
threaten or attack a victim's computer resources. This can take the form of threats
or attacks against national infrastructures that have become heavily reliant and
interconnected to computer networks. Activity of this sort is tangible in nature and
thus, generates most of the interest we have in cyberterrorism today. Cyberterrorist
threats can include:
• rapid communication of threats to a wide or specific audience
• threats to public utilities and transportation
threats to commercial institutions and transnational corporations
• threats to IGOs and NGOs
• threats to individuals
• threats to political groups or other ethnic, religious or nationalist
entities (all of these can include other terrorist groups) identified as "the enemy"

www.seminarsTopics.com 6
Seminar Report Cyber Terrorism

• threats to security forces

• threats to nation states

What we occasionally see (what is reported) is actual damage to the above targets
in the form of temporary disruption of services, public inconveniences or financial
loss. These incidents, however, are most often in the form of cyber crime and fall
short of what is considered as cyberterrorism. In summary, there have been no
instances where cyberterrorism has been directly translated a catastrophic loss of
life or physical destruction associated with the most violent acts of "conventional"
terrorism. The threat, however, remains real and takes on an added significance
when the growing potential of terrorist group resources is considered.

At this point it is also helpful to speak in terms of "cyberspace-based threats."

There is a wide spectrum of possibilities for "evil actions" in cyberspace. These
include attacks on the data contained within the systems, the programs and
processing hardware running those systems, and the environment
(communications, networks, etc.) in which they operate.

Examples of Cyberterrorism

Cyber terrorism takes many forms. One of the more popular is to threaten a large
bank. The terrorists hack into the system and then leave an encrypted message for
senior directors, which threatens the bank. This message says that if the bank does
not pay a set amount of money, then the terrorists will use anything from logic
bombs to electromagnetic pulses and high-emission radio frequency guns to
destroy the bank's files. The fact that the terrorists may be in another in another
country adds to the difficulty of catching the criminals. A second difficulty is that

www.seminarsTopics.com 7
Seminar Report Cyber Terrorism

most banks would rather pay the money than have the public know how
vulnerable they are.
Significant confusion in understanding cyberterrorism also emerges when
cyberterrorism is confused with "cyber crime" and vice versa. Cyber crime is
similar to cyberterrorism in its use of computer networks and information systems
but clearly different in its motivation and goals. This appreciation, however, is
often overlooked. In many instances there is little effort to distinguish the obvious
differences between the two. Some people treat cyberterrorism simply as an
extension of cyber crime.

Cyberterrorists are often interested in gaining publicity in any possible way. For
example, information warfare techniques like Trojan horse viruses and network
worms are often used to not only do damage to computing resources, but also as a
way for the designer of the viruses to "show off" his "creativity". This is a serious
ethical issue, because many people are affected by these cases. For one, the viruses
can consume system resources until networks become useless, costing companies
lots of time and money. Even if the person never meant to harm someone with
their virus, it could have unpredictable effects that could have terrible results.

In one of its more unusual forms, cyber-terrorism can be used for an assassination.
In one case, a Mafia boss was shot but survived the shooting. That night while he
was in the hospital, the assassins hacked into the hospital computer and changed
his medication so that he would be given a lethal injection. He was dead a few
hours later.

They then changed the medication order back to its correct form, after it had been
incorrectly administered, to cover their tracks so that the nurse would be blamed
for the "accident". Thus, a man was killed by the hackers' actions. Also, the life of
the nurse was probably ruined, along with the reputation of the hospital and all its

www.seminarsTopics.com 8
Seminar Report Cyber Terrorism

employees. Thus, there are often more victims in a terrorist situation that the
immediate recipient of the terrorism.
Cyber-terrorists often commit acts of terrorism simply for personal gain. Such a
group, known as the Chaos Computer Club, was discovered in 1997. They had
created an Active X Control for the Internet that can trick the Quicken accounting
program into removing money from a user's bank account. This could easily be
used to steal money from users all over the world that have the Quicken software
installed on their computer. This type of file is only one of thousands of types of
viruses that can do everything from simply annoy users, to disable large networks,
which can have disastrous, even life and death, results.

Terrorism can also come in the form of disinformation. Terrorists can many times
say what they please without fear of action from authorities or of accountability
for what they say. Recently, the rumor that a group of people was stealing people's
kidneys and putting them for sale was spread via the Internet. The rumour caused
thousands of people to panic, and the number of people affected was unlimited.

Minor attacks come in the form of "data diddling", where information in the
computer is changed. This may involve changing medical or financial records or
stealing of passwords. Hackers may even prevent users who should have access
from gaining access to the machine. Ethical issues in this case include things like
invasion of privacy and ownership conflicts. It could be even more serious if, for
instance, the person who needed access to the machine was trying to save
someone's life in a hospital and couldn't access the machine. The patient could die
waiting for help because the computer wouldn't allow the necessary access for the
doctor to save his or her life.

www.seminarsTopics.com 9
Seminar Report Cyber Terrorism

What can be done about Cyberterrorism?

In response to heightened awareness of the potential for cyber-terrorism President
Clinton, in 1996, created the Commission of Critical Infrastructure Protection. The
board found that the combination of electricity, communications and computers
are necessary for the survival of the U.S., all of which can be threatened by cyber-
warfare. The resources to launch a cyber attack are commonplace in the world; a
computer and a connection to the Internet are all that is really needed to wreak
havoc. Adding to the problem is that the public and private sectors are relatively
ignorant of just how much their lives depend on computers as well as the
weaknesses of those computers.

Currently there are no foolproof ways to protect a system. The completely secure
system can never be accessed by anyone. Most of the militaries classified
information is kept on machines with no outside connection, as a form of
prevention of cyberterrorism. Apart from such isolation, the most common method
of protection is encryption. The wide spread use of encryption is inhibited by the
government's ban on its exportation, so intercontinental communication is left
relatively insecure. The Clinton administration and the FBI opposed the export of
encryption in favor of a system where by the government can gain the key to an
encrypted system after gaining a court order to do so. The director of the FBI's
stance was that the Internet was not intended to go unsupervised and that the
police need to protect people's privacy and public-safety rights there. Encryption's
drawback is that it does not protect the entire system, an attack designed to cripple
the whole system, such as a virus, is unaffected by encryption.

Others promote the use of firewalls to screen all communications to a system,

including e-mail messages, which may carry logic bombs. Firewall is a relatively
generic term for methods of filtering access to a network. They may come in the
form of a computer, router other communications device or in the form of a

www.seminarsTopics.com 10
Seminar Report Cyber Terrorism

network configuration. Firewalls serve to define the services and access that are
permitted to each user. One method is to screen user requests to check if they
come from a previously defined domain or Internet Protocol (IP) address. Another
method is to prohibit Telnet access into the system.
Here are few key things to remember to protect yourself from cyber-terrorism:
1. All accounts should have passwords and the passwords should be
unusual, difficult to guess.
2. Change the network configuration when defects become know.
3. Check with venders for upgrades and patches.
4. Audit systems and check logs to help in detecting and tracing an intruder.
5. If you are ever unsure about the safety of a site, or receive suspicious
email from an unkown address, don't access it. It could be trouble.

Types Of Cyber Crimes: --

Broadly three types of cyber crimes are recognized:

* Hacking without any intention to commit any further offence.

* Unauthorized access with intention to commit further offences. These can

include theft, fraud, miss-appropriations, forgery, cracking.

* Distribution of digital information through use of virus, trogon horses,

logic bombs.

Hacking:
Hackers might be

1. Code hackers – They know computers inside out. They can make the
computer do nearly anything they want it to.

2. Crackers – They break into computer systems circumventing operating

systems and their security is their favourite pastime.

www.seminarsTopics.com 11
Seminar Report Cyber Terrorism

3. Cyber pumps – They are masters of cryptography.

4. Phreakers – They combine their in-depth knowledge of the Internet and

mass telecommunication systems.

Hackers are becoming menacing, so uncontrollable that even largest

companies in the world are finding it difficult to cope up with their incessant
attacks. An act to constitute trespass under-section 441 I.P.C. must compromise
one of the following.

1. There must be an unauthorised entry into or upon property against the

will of the person in possession; or
2. There must be an unauthorised entry lawfully obtained into or upon
property but unlawfully remaining therein.

Five common methods of attacks through internet:

Network pocket sniffers: -

It is package softer which uses a network adaptor card in promiscuous made to

capture all network pockets that are sent across a local area network this provide
user with meaningful and often sensitive information such as accounts and
passwords. Attacker uses pocket sniffers to get passwords accounts etc.

IP spoofing: -

An IP (internet protocol) Spoofing attack occurs when an attacker out side the
network enters pretending as if he is inside network and takes all information
from network or destroy information. Password attacks, Distribution of sensitive
internal information to external sources.

www.seminarsTopics.com 12
Seminar Report Cyber Terrorism

 Man – in – the – middle attacks

Fraud on Internet:
This is a form of white collar crime whose growth may be as rapid and diverse as
growth of the internet itself. In 1997 1152 crimes were reported. But in 1998 they
skied up to 7500.

Types of Fraud
1. Online investment newsletters: These are major tools for advertising
the investments in stock market and growth of companies. But some of them are
found to be tools for fraud.

2. Bulletin boards: Online bulletin boards – whether newsgroups, use

nets or web-based- have become popular tools for sharing the information in
market. Some of these are also found to be fraudulent.

3. E-mail online Spam: Because spam-junk e-mail- is so cheap and easy

to create, fraudsters increasingly use it to find investors for bogus investment
schemes using a bulk e-mail program Spammers can send personalized messages
to thousands and even millions of internet users at a time.

Alternation And Destruction Of Digital Information:

This is largest menace facing the world of computers. They are the
programs created by humans which do destruction. They are :-

1. VIRUS 2. Trojan horses 3. Worms 4. Logic bombs

2.

Types of Viruses
1. File infectors 2. Boot sector virus 3.Macro VIRUS

www.seminarsTopics.com 13
Seminar Report Cyber Terrorism

Impact of Cyber Crimes on functionality, work culture and their

results:-

If any system which is working with help of internet is hacked, it is obvious that
its source code will be modified and system falls in malfunctionality. Hence all
functions taking this system’s help will also fall in malfunctionality. If this
situation happened in banks, military control systems and etc the loss will be of
great amount. Hence Government of India passed some rules to counter Cyber
crimes.

Cyber crimes And Information Technology Act, 2000:----

This act, passed with the objective of promoting a secure electronic

environment deals with issues subsidiary to this secure electronic environment
such as contraventions relating to electronics transactions and I.T. offences. It
also amends the I.P.C. along with a few other statutes.

CONTRAVENTIONS AND I.T. OFFENCES

I.T. act delineates two separate types of penal provisions; contraventions

and I.T. offences. Contraventions have resultant monetary penalties, the offences
may result in the offender being imprisoned or paying a fine or both.

CONTRAVENTOINS AND COMPENSATOINS/PENALTIES

Contraventions – Accessing or securing access to the computer/network,

Downloading any data or information from the computer/network, Introducing or

www.seminarsTopics.com 14
Seminar Report Cyber Terrorism

causing to be introduced any computer contaminant or computer VIRUS into the

computer/network.

Damaging or causing to be damaged the computer/network, data, data base

or any other programs residing in it. Charging the service availed of by a person
to the account of another person by tampering with or manipulating any
computer/network.

The following acts are punishable according to I.T. offences as described in

chapter XI of the I.T. ACT 2000 in I.P.C.
1. Source code attacks: KNOWINGLY OR INTENTIONALLY destroying
computer/network source code that is used to maintain computer/network. This
offence is punishable with imprisonment up to three years or with fine up to 2
lakh rupees or both.

2. Hacking: Destroying, Deleting or altering any information or

diminishing its value or utility by any means with intent to cause loss or damage
to the public or any person. Hacking is punishable with imprisonment up to 3
years or fine up to 2 lakh rupees or both.

3. Obscenity: Publishing or transmitting any material which is lascivious or

appeals to the prurient interest or of its effect is such so as to tend to deprave and
corrupt person who are likely concerned to it. This is punishable on FIRST
CONVICTION with imprisonment of either description for a term which may
extend to 5 years and with fine which may extend to 1 lakh rupees and in event
of a SECOND or subsequent conviction with imprisonment of either description
for a term which may extend to 10 years and also with fine 2 lakh rupees.

4. Failure to comply with controllers directions: The CCA [Controller

Complying Authority] may give certifying authorities to take certain measures to
ensure compliance under act. If nay such person fails to comply with such

www.seminarsTopics.com 15
Seminar Report Cyber Terrorism

directions liable to imprisonment up to three years or fine up to 2 lakh rupees or

both.

5. Subscriber’s failure to comply with controller’s requirements for

decryption. In national or public interest or fails to support to CCA in such cases
the subscriber is punishable with an imprisonment for a term that may extend to
seven years.

6. Publishing false digital signature certificate: If a person knows that a

digital signature is false and still goes ahead and certifies it is guilty and he is
punishable with imprisonment up to 2 years or fine up to 2 lakh or both.

7. Making Available Digital Signature for Fraudulent Purpose: Is

punishable with imprisonment for 2 years or fine up to 1 lakh rupees or both.

HACKING

Original term referred to learn programming languages and computer systems;

now associated with the process of bypassing the security systems on a computer
system or network.

HACKER: A term sometimes used to describe a person who pursues the

knowledge of computer and security systems for it’s own sake, sometimes used to
describe a person who breaks into computer system for the purpose of
stealing or destroying data. Hacker's and criminals to transmit computer viruses,
invade privacy, steal or corrupt valuable information.

 TYPES OF HACKING

www.seminarsTopics.com 16
Seminar Report Cyber Terrorism

1. CYBER MURDERS: A hacker breaks into hospital medical records and

maliciously alters prescriptions. Say, if a patient is allergic to penicillin, the
hacker adds 500 mg of penicillin to his usual dose of medication. The nurse
administers the drug causing immediate death.
2. EFFECT ON US GOVERNMENT SITES: US government sites were
hacked by ‘mujihadeen’.Two US government sites were hacked late last week
by a group calling themselves ‘mujihadeen’. The pages were defaced with the
flag of Saudi Arabia and a message in Urdu, which translates as “Allah is the
greatest of all, Americans be prepared to die”. The hackers called themselves
‘mujihadeen’ threatened further cyber terrorism.
3. HACKING INCIDENT CLOSES SECURITY NEWS SITE: A hacker
had offered $10,000 bounty for information about fluffy bunny, a notorious
hacker who defaced the schmitz site. The owner’s site came crashing down.
4. MANIPULATING STOCK MARKETS: A hacker can some how go to
the stock markets web site and manipulate various shares they by giving some
companies great losses and some great profits.
5. TRANSMISSION OF VIRUS: In hacking a hacker can paralyze the
systems by transmitting virus they by affecting the whole data
be it of any company.
6. CRASHING OF SITES: Sometimes a mischievous hacker tries to crash down
site by sending millions of email like the tempest site.

ADVANTAGES:
 Web business have recently found an old way to protect their new concepts
by making the patent application public on his site Mr.Tim Grey effectively put
copycats on notice.
 Like Grey Natgoldhaber had fears about his company cybergold being
copied. He applied for a patent and after three years of waiting his site his one

www.seminarsTopics.com 17
Seminar Report Cyber Terrorism

of a handful of net business that can count a newly granted patent as one of its
assets.

ARE HACKERS REALLY CRIMINALS?

Not according to Pete Shipley, chief security architect at KPMG consultancy.
Shipley is proud to call himself a hacker. He suggested the CHAOS THEORY
which is given as below

Media misconceptions:

What is a hacker? A hacker is someone who pursues technology. Ben Franklin

was an inventor, an experimenter and a hacker. According to him hackers are
inventors who thirst for knowledge. They don’t want to destroy the world.
They want to rule the world. The media typically mislabels hackers as crackers
and crackers as hackers.

DISADVANTAGES:

If you have an account on hotmail, yahoo or excite it’s vulnerable to hacker’s.

These services allow an unlimited number of log on attempts.
 Secondly the user is not notified when a number of failed login attempts
have occurred.If a password attack has been attempted against a user.
 Password crackers attempt to obtain an account password by exhaustively
guessing word and number combination. Password cracking is an extremely
common hacker technique.
 BAG OF DIRTY TRICKS:
 Password generators: Software in this genre is a hacker’s dream. These software
attacks serves millions of different combinations of letters and words until they
find your password and hack into your system.
www.seminarsTopics.com
Credit card numbers: These are similar to password generators and can help
18 a
hacker find and use your credit card number.
 Seminar Report Cyber Terrorism

Hacking is a euphemism for what is in fact an act of electronic war with

devastating consequences.

VSN
L

PROXY
SERVE INTERNE

USER AOL,
LOGBOO
YAH
OO...

www.seminarsTopics.com 19
Seminar Report Cyber Terrorism

e-mail leaves behind a trace leading back to it’s point of origin in the form of an e-
mail header. To view the header all we need to do is press ‘options’ button and
then go to ‘preferences’. This will throw of two boxes where you can view your e-
mail ‘in full’, complete with IP addresses. The IP address, usually a number like
120.12.111,can be traced to VSNL. But only the police have authority to trace
back the route of message up to the doorstep of the offending subscriber.

PREVENTIVE MEASURES: The FBI’s national infrastructure protection has

released a test of seven simple preventive measures. Computer users can take to
step up a security on their machines from hacking.
1. Use strong passwords: use passwords that are difficult or impossible to
guess. Give different passwords to all accounts.
2. Make regular backup’s of critical data: Backup’s must be done atleast once
each day.
3. Use virus protection software this means three things having it in your
computer check daily for new virus signature updates and then scan it.
4. Use firewall as a gatekeeper between your computer and Internet.
5. Do not keep computers online when not in use: either shut them or
disconnect them from Internet connection.
6. Do not open e-mail attachments from strangers. Regularly down load
security.

INTERLIANT BEEFS UP SECURITY OFFERING:

www.seminarsTopics.com 20
Seminar Report Cyber Terrorism

The security vulnerability includes comprehensive audit of an enterprises network

security including internal and external penetration testing, host based operating
system configuration topology and infra structure assessment and firewall router
and switch analysis.

Instances Of Cyber Terrorism

Some attacks are conducted in furtherance of political and social objectives, as the
following examples illustrate:
 In 1998, Spanish protestors bombarded the Institute
for Global Communications (IGC) with thousands of bogus e-mail
messages. E-mail was tied up and undeliverable to the ISP's users, and
support lines were tied up with people who couldn't get their mail. IGC
finally relented and pulled the site because of the "mail bombings."
 In 1998, ethnic Tamil guerrillas swamped Sri
Lankan embassies with 800 e-mails a day over a two-week period. The
messages read "We are the Internet Black Tigers and we're doing this to
disrupt your communications." Intelligence authorities characterized it as
the first known attack by terrorists against a country's computer systems.
 During the Kosovo conflict in 1999, NATO
computers were blasted with e-mail bombs and hit with denial-of-service
attacks by hacktivists protesting the NATO bombings. In addition,
businesses, public organizations, and academic institutes received highly
politicized virus-laden e-mails from a range of Eastern European countries,
according to reports. Web defacements were also common.
While these incidents were motivated by political and social reasons, whether they
were sufficiently harmful or frightening to be classified as cyberterrorism is a
judgement call. No attack so far has led to violence or injury to persons, although
some may have intimidated their victims .

www.seminarsTopics.com 21
Seminar Report Cyber Terrorism

Factors Leading To Cyberterrorism:

 Whether there are targets that are vulnerable to attack that could lead to
violence or severe harm.
 Whether there are actors with the capability and motivation to carry them
 Misuse of the technology that make it open to attack even after the high
security
 Involvement of the insiders, acting alone or in concert with the other
terrorist misusing their access capabilities.
 Role of consultants and contractor causing grave harm.

Cyberterror In Practice:
Terrorists do use cyberspace to facilitate traditional forms of terrorism such as
bombings. They put up Web sites to spread their messages and recruit supporters,
and they use the Internet to communicate and coordinate action. However, there
are few indications that they are pursuing cyberterrorism, either alone or in
conjunction with acts of physical violence. It is believed that members of some
Islamic extremist organizations have been attempting to develop a 'hacker
network' to support their computer activities and even engage in offensive
information warfare attacks in the future. The members of the militant Indian
separatist group Harkat-ul-Ansar had tried to buy military software from hackers
who had stolen it from Department of Defense computers they had penetrated.

Cyberterror Capabilities:
There are three levels of cyberterror capability
 Simple-Unstructured: The capability to conduct basic hacks against
individual systems using tools created by someone else. The organization
possesses little target analysis,command and control, or learning capability.

www.seminarsTopics.com 22
Seminar Report Cyber Terrorism

 Advanced-Structured: The capability to conduct more sophisticated

attacks against multiple systems or networks and possibly, to modify or create
basic hacking tools. The organization possesses an elementary target analysis,
command and control, and learning capability.
 Complex-Coordinated: The capability for a coordinated attacks capable of
causing mass-disruption against integrated, heterogeneous defenses (including
cryptography). Ability to create sophisticated hacking tools. Highly capable
target analysis, command and control,and organization learning capability.

Drawbacks:
 Systems are complex, so it may be harder to control an attack and
achieve a desired level of damage than using physical weapons.
 Terrorists may be disinclined to try new methods unless they see
their old ones as inadequate, particularly when the new methods require
considerable knowledge and skill to use effectively.
 Terrorists generally stick with tired and true methods.
 Novelty and sophistication of attack may be much less important
than assurance that a mission will be operationally successful.
 The risk of operational failure could be a deterrent to terrorists
 The barrier to entry for anything beyond annoying hacks is quite
high, and that terrorists generally lack the wherewithal and human
capital needed to mount a meaningful operation.

www.seminarsTopics.com 23
Seminar Report Cyber Terrorism

Cyberterror In Future:
The next generation of terrorists will grow up in a digital world, with ever more
powerful and easy-to-use hacking tools at their disposal. They might see greater
potential for cyberterrorism than the terrorists of today, and their level of
knowledge and skill relating to hacking will be greater. Hackers and insiders might
be recruited by terrorists or become self-recruiting cyberterrorists. Some might be
moved to action by cyber policy issues, making cyberspace an attractive venue for
carrying out an attack. Cyberterrorism could also become more attractive as the
real and virtual worlds become more closely coupled, with a greater number of
physical devices attached to the Internet.

www.seminarsTopics.com 24
Seminar Report Cyber Terrorism

Conclusion

This article is not meant to give amateur hackers a crash-course in cyberterrorism,

but to provide insights on the dangers of cyberterrorism. Computer professionals
the world over need to be aware of the problem areas of information systems that
may be susceptible to terrorist attacks, to be able to attempt putting an end to such
activity. There are a large number of ethical issues to be taken into consideration,
as well. For example, there are sites on the Internet that deal with methods of
making bombs, and sites from which these materials can be purchased. This
information is available to everybody. However, if an individual acted on this
information, and made a bomb with evil intentions, then one could not blame
technology, but society, for producing such a person. Technology must be used for
the betterment of mankind, not with the intent of destroying what He created.

Doomsday and other haunting scenarios involving weapons of mass destruction

existed long before the advent of cyberterrorism and will continue to do so as long
as political actors, security firms and others who can benefit from them can exploit
the basic myths surrounding terrorism for their own purposes. Cyberterrorists have
been giving the entire computing profession a bad reputation, but we, as part of the
IT world need to realize that one of our immediate concerns must be to promote
the good name of the profession we call our own. It is extremely important that we
try to understand and mitigate cyberterrorism for the benefit of society as a whole,
and try to curtail its growth, so that we can heal the present, and live the future...

www.seminarsTopics.com 25
Seminar Report Cyber Terrorism

REFERENCES

 A Paper by Dr.Peter Grabosky – Cyber crime

 A Paper by Gaylen Duncan – Cyber crime

 Computers @Home Magazine

 www.cyberlawindia.com

 www.seminarsonly.com

www.seminarsTopics.com 26