Summary
Cyber terrorism refers to terrorist attacks that are aimed at computer systems. It is similar to the traditional physical terrorism in its aim of distraction with the difference that it targets computer systems and not human beings and other physical property.
This paper highlights possible cyber terror threats in Australia in government agencies and the commercial sector. Possible options over terrorism is then highlighted which include international efforts to curb the vice. The paper recommends independent efforts by institutions, governments and the international community in the war against the vice.
Background
The history of cyber terrorism spans back to the development of application of internet services that was introduced in the 1970s. The introductory use of the internet was centrally operated throughout the globe but this was changed with decentralization that resulted from the cold war conflict between the United States and the Soviet Union.
The initially restricted use of internet was also liberated towards the year 1990 that allowed private individuals to freely use the internet. The availability of internet together with its terms of usage which are associated with high degree of freedom has been identified as the main reason why it has been transformed by some individuals and groups as a weapon for assault.
One of the realized features of the internet usage that makes it a weapon is its accessibility and “little or no regulation, censorship, or other forms of government control” (Pladna, n.d., p. 3) that offers an unregulated practice.
The internet is similarly identified to be affordable and at the same time anonymous that offers opportunities for undertaking activities in the background. These among other features of the internet have been identified to form the basis of the cyber terrorism attacks (Pladna, n.d., p. 3).
Particularly identified attacks of this nature have included hacking of data in other entity’s accounts that are normally aimed at causing harm to the systems and even a subsequent damage to the parties. An example of such attacks would include gaining an unauthorized access to a country’s security system with the aim of compromising the system.
It can also take the form of compromising information of an institution with the motive of causing harm. An attack can, for instance, be made with respect to the information system of a health service institution.
This takes the form of altering information about patients with a subsequent effect of causing an inappropriate medication that can cause harm to the institution’s patients. The examples illustrate the two categories of cyber terrorism, “effect based and internet based” (Pladna, n.d., p. 4).
Cyber terrorism attacks are said to be effect based if they are primarily meant to cause fear among individuals. Though the attacks are based on computer systems, their effects are normally similar to those of physical terrorism. Internet based cyber terrorism are on the other hand intended to cause damage rather that fear.
This form of attack is associated with compromising systems of an entity so as to cause loses due to system malfunctioning. Cyber terrorism can thus be associated with intentions to establish “loss of integrity, loss of availability, loss of confidentiality and physical damage” (Pladna, n.d., p. 4).
Application and subsequent development of cyber attacks have similarly been associated with development of technology and the globalization effect that has stemmed up efforts to curb the traditional physical terrorism.
Factors such as high security along country boarders that has for instance restricted the activities of terrorists in the international concept has seen terrorists resort to the use of the internet to attain their objective of causing destruction.
Contrary to the restricted across boarder physical movements due to security, the internet does not have any form of geographical limitation thus allowing access to any country.
This has particularly lured terrorists to the cyber attacks. Engagements in illegal activities that have also been significantly associated with terrorist groups such as drug trafficking and even smuggling of illegal arms have witnessed a corporation between the terrorists and other parties such as computer specialists among others to help in ensuring the success of these illegal activities.
Accessing systems of other parties such as a country’s security system for example reveal loopholes which can then be used to smuggle the commodities past security forces. Cyber attacks can in this manner be used to disrupt systems by causing inefficiencies which then allows for the illegal intentions of the groups. Reports have also indicated the use of cyber attacks to defraud individuals of money through credit cards.
Intelligence has also revealed that the internet has been converted into a hub for terrorist group as a centre through which they “communicate, conduct operational planning, proselytize, recruit and train to obtain logistical and financial support” (Pladna, n.d., p. 5).
Developments and increased level of cyber terrorism has adequately extended to the dependence of technocrats with individual groups either hiring computer specialists or training ones for their operations. The developments have also led to transformations of targets to make government institutions and corporate entities as the main targets of the terrorist attacks (Pladna, n.d., p. 5).
Possible threats facing Australia due to cyber terrorism
Cyber attacks have been significantly identified in Australia to be majorly attached to political motives in addition to the creation of “harm and the spread of fear to people” (Beggs and Warren, 2009, p. 2) with the aim of influencing either domestic or global activities.
Example of access to official data from an institution or an agency that is then used to launch an attack by altering system operations which would then lead to an accident such as an explosion are for example highlighted in Australia as a possible cyber terrorism. This would be due to the expected level of harm and fear together with destruction that such moves would create.
The supervisory control and data acquisition (SCADA) is for example identified as the potential target for cyber attacks. The system is used to manage distribution of commodities in the country, some of which are primarily essential.
This involves the distribution of materials such as “water, gas and electricity” as well as the transportation of waste materials for disposal (Beggs and Warren, 2009, p. 2). The SCADA system has at the same time been transformed to depend on modern technology for its operations.
Integration of modern software as well as hardware has been the characteristics of operations of the system. There is therefore a possibility of security breach with respect to the system that can be used to launch attacks on the operations of the system. This is actually an imminent threat owing to the fact that such attacks have been realized in Australia in the past few years.
Cases such as attacks on “the polish tram system in 2008, Estonia in 2007, SQL Slammer in 2003, Queensland in 2000 and Gazprom in 1999” (Beggs and Warren, 2009, p. 2) are illustrations that brings the possibility of similar actions. The application of technology to operate the systems makes it liable for manipulation that can then lead to harmful incidents.
An individual who gains access into the system can for example greatly increase the pressure with which the fluids such as water, gas and even waste materials are transported in order to cause explosive busts of the transporting vessels. This would for example lead to immediate harm of individuals at the explosion site as well as the curtailed delivery of services that will be interrupted.
There will also be the impression of incompetence of the system that will be created in public opinion as well as extended fear of possible breaches in other services that can be very dangerous (Beggs and Warren, 2009, p. 4).
Another possible cyber terrorism threat to Australia is its corporate system. The level of vulnerability that has been realized in a variety of institution has raised alarm over the safety of the business sector in the country. Experience of attacks that have been realized with respect to the country’s infrastructure has a possibility of shifting to commercial organizations.
The breach in the commercial sector can take two forms, attacks on organization as the main target or attacks on systems in financial institutions with the aim of extracting money from people’s accounts.
An attack on an organization can take the form of paralyzing the information system of the organization which can at the same time be accompanied by subsequent harmful activities by the terrorist. In either way, a disruption, financial loss and fear with respect to security will have been realized.
Attacks which are aimed at accessing people’s accounts for transferring money from such accounts will on the other hand have effects on both the institutions as well as the individual customers. Similar impacts such as instilled sense of insecurity and fear as well as lost trust will be realized due to the attacks. Fears of such cyber attacks on the country’s security systems such as the armed forces have also been raised.
This would however be more serious with possibility of subsequent physical terrorism attacks. Though the short term effects of the different attacks may vary, there is a long term impact that such cyber attacks impose to Australia and any other country that is faced with threats of cyber attacks.
There is the issue of economic instability that may result from the fear that is occasionally induced by the cyber attacks. Individual account holders whose accounts are hacked and misappropriated will for example suffer from economic instability that might be spilled over to the country’s economy especially if a significant number of accounts are compromised and the funds diverted outside the country.
Attacks on corporate institutions and government agencies are also characterized with an increased level of insecurity that can scare away investors to the disadvantage of the country’s economy (McDonald, 2010, p. 1).
Such threats have similarly been realized in other countries such as Britain. Though Britain never took a drastic measure following an attack which it realized in association with cyber terrorism in the year 2005, it was recognized as a possible future threat that is worth consideration. Cyber attack threats have also been identified in the United States though no significant countermeasures have been publicly outlined (McDonald, 2010, p. 1).
Options against cyber terrorism
The extensiveness of the use of computers that provides room for international attacks from any part of the globe offers restrictions over independency of states and nations in the war against cyber terror. One of the options that can be employed to curb the attacks is the combined effort of the international community against the vice.
Use of conventions such as the one that was established in Europe in the year 2004 is thus an alternative. Under these provisions, standards can be outlined that can then be universally used to regulate the use of the internet for harmful purposes (Rollins and Wilson, 2007, p. 21).
A comprehensive international collaboration among investigators and prosecution teams in cases of cyber attacks have also been identified as an option to controlling the practice. The need to control the use of the internet due to the attacks is however countered by the fact that the wide use of the internet is identified to be of importance (Escorial, 2009, p. 4).
Recommendations
Following the global threat over cyber attacks, a globally established body is required to ensure appropriate regulation and prosecution with respect to the terrorists. Individual countries are also supposed to take measures to protect their institutions from such attacks by ensuring standards for safer systems. Individual institutions are also supposed to strengthen their system and immediately report any identified attacks.
References
Beggs, C. and Warren, M. (2009). Safeguarding Australia from cyber- terrorism: a proposed cyber terrorism SCADA risk framework for industry adoption. Web.
Escorial, San. (2009). CoE- OAS/CICTE Conference on terrorism and cyber security, conclusions. Web.
McDonald, T. (2010). Governments on alert for cyber terror threat. Web.
Pladna, B. Cyber terrorism and information security. Web.
Rollins, J. and Wilson, C. (2007). Terrorists capabilities for cyber attack: overview and policy issues. Web.