Cyber Warfare and Cyber Terrorism

The overall tone of the survey is optimistic. We, as a society, have put a curb on the rising wave of computer-based crime. The survey’s findings confirm that.

Factor 5

The mass media reports everyday on terrorist attacks around the world. These attacks may be launched at any time in any place and country. The method of attack in the overwhelming majority of cases is the same: an individual or a group triggers an explosion at a target. It could be done remotely or in suicidal mode. The common dominator of these tragic events is that the attackers are representing only a small part of society and most of the victims are innocent people who just happen to be in the proximity of the explosion.

The important conclusions that may be drawn from these five factors:

All of the above has laid the foundation to the discipline called cyber terrorism. So what are the objectives of cyber terrorism, or rather, why do we need to worry about it?

Because of the enormous efficiencies gained over the past 25 years due to the introduction of computers and telecommunications technologies, organizations have a vested interest to maintain and sustain their deployment regardless of any residual issues. The use of these systems and networks means that there now is a major concentration and centralization of information resources. Such a consolidation creates a major vulnerability to a host of attacks and exploitations. Over the past 35 years, electronic economic espionage has resulted in the theft of military and technological developments that have changed the balance of power and continue to threaten the safety and stability of the world. In 2005 alone, more than 93 million people in the United States were subjected to the potential of identity theft as a result of information breaches and poor information security. When viewed globally, organizations of all kinds are obviously doing something terribly wrong with the security of proprietary and personal information. This is why it is so important to re-energize the need to protect these systems and reexamine our underlying organizational processes that may contribute to future breaches. The emergence of cyber terrorism means that a new group of potential attackers on computers and telecommunications technologies may be added to “traditional” cyber criminals.

The use of technology has impacted society as well. Due to automation technologies, organizational processes are becoming similar around the world. Governments are sharing information and aligning legal frameworks to take advantage of these synergies. Businesses are operating in distributed structures internationally to expand global reach, as well as outsourcing services requiring the use of information to less expensive centers around the world. This has created an extended communication structure between functional units, vendors, and suppliers in order to maintain an efficient value chain of products and services. This facilitated the capabilities of attacking targets wherever they may be located.

Individuals now have access to a vast storage of information resources for the creation of new thought, ideas, and innovations. This includes technological as well as political ideas and innovations. Cultures are becoming closer through shared communications, and as a result are changing at faster rates than previously seen in recorded history. While these technologies have inherent benefits to unify disparate groups and nationalities, this is also creating ultra-minorities that may be inclined to engage in extremism in order to control these changes and compete in this unifying environment. The facilitation of the underlying technologies is also being utilized by these groups to form solidarity and global reach for those of similar mindset and means. Thus, the underlying infrastructures are allowing small groups of people to gain their own form of scales of economies. People and organizations are realizing that in order to be able to compete in a globally connected world, they must master the underlying infrastructure that supports this connectivity. Whether this is to gain access to the opportunities that lie ahead from its mastery or it is to undermine and/or destroy these opportunities for others is still an emerging issue we are all facing today and into the future. Therefore, the exploitation of its inherent strengths (i.e., communication and coordination of global activities, and intelligence gathering) and vulnerabilities (i.e., protocol weaknesses and people processes) can be considered one of the primary sources of attacks today and in the future. This is why we cannot ignore the societal and organizational influences that create the motivations to commit cyber warfare and cyber terrorism in addition to the technological requirements to securing our systems and eliminating any inherent vulnerability.

This book a compilation of selected articles written by people who have answered the call to secure our organizational, national, and international information infrastructures. These authors have decided to come together for this project in order to put forth their thoughts and ideas so that others may benefit from their knowledge and experience. They are dedicated people from around the world who conduct research on information security, and develop and/or deploy a host of information security technologies in their respective fields and industries, and have brought forward a host of key issues that require greater attention and focus by all of us. It is our sincerest hope that the readings provided in our book will create new lines of thought and inspire people around the world to assist in improving the systems and processes we are all now dependent on for our sustained futures.

Following this prologue, there is a chapter Introduction to Cyber Warfare and Cyber Terrorism formulating an overview with basic definitions of cyber terrorism and information warfare. Basic recommendations on how to handle such attacks are also presented. The main part of the book follows, containing more detailed discussions of the topics mentioned in the first chapter and other relevant issues. The articles are grouped roughly following the content of the most known security standard ISO 17799, which is entitled “Code of practice for information security management.” In each chapter, the reader will find two types of articles: summaries of a given method/technology or a report on a research in the related field. An epilogue is then presented to conclude the content.

The purpose of this book is to give a solid introduction to cyber warfare and cyber terrorism, as we understand it at the beginning of the 21st century. Our book is not a guide to handling issues related to these topics but rather a review of the related problems, issues, and presentations of the newest research in this field. Our main audience is information technology specialists and information security specialists wanting to get a first-hand brief on developments related to the handling of cyber warfare and cyber terrorism attacks.

AC & LJ