Future of Terrorism - the Physical meets the Virtual

• Atobe

  25 May 03, 02:11

  Interesting article to consider in the light of current terrorist threats:
  
  11th ANNUAL INTERNATIONAL SYMPOSIUM ON CRIMINAL JUSTICE ISSUES
  
  The Future of CyberTerrorism:
  Where the Physical and Virtual Worlds Converge
  Remarks by
  Barry C. Collin
  Institute for Security and Intelligence
  
  Terrorism to CyberTerrorism
  The definition of "terrorism" has been well studied, defined, and documented. There is also a degree of understanding of the meanings of CyberTerrorism, either from the popular media, other secondary sources, or personal experience. This paper examines the future of CyberTerrorism - a term the author coined a decade ago, as the indicia of technological dependence and frailty were forming in our New World disOrder. Indeed, that future has come to fruition, today.
  
  The face of terrorism is changing. While the motivations remain the same, we are now facing new and unfamiliar weapons. The intelligence systems, tactics, security procedures and equipment that were once expected to protect people, systems, and nations, are powerless against this new, and very devastating weapon. Moreover, the methods of counter-terrorism that our world's specialists have honed over the years are ineffectual against this enemy. Because, this enemy does not attack us with truckloads of explosives, nor with briefcases of Sarin gas, nor with dynamite strapped to the bodies of fanatics. This enemy attacks us with one's and zero's, at a place we are most vulnerable: the point at which the physical and virtual worlds converge. Let us first define theses two domains.
  
  The Physical World
  The physical world is matter and energy - light, dark, hot and cold, all physical matter - that place in which we live and function.
  
  The Virtual World
  The virtual world is symbolic - true, false, binary, metaphoric representations of information - that place in which computer programs function and data moves.
  
  The physical and virtual worlds are inherently disparate worlds. It is now the intersection, the convergence, of these two worlds that forms the vehicle of CyberTerrorism, the new weapon that we face.
  
  Reliance and Dependence
  This convergence of the physical and virtual worlds, this lattice, is growing larger and more complex as we venture further into technological dependence. Each day, we move ahead with blinding speed into the computerization of every task and process that we face. We are becoming ever more inextricably reliant and dependent on the convergence of these two worlds.
  
  Points of Convergence
  What are some of the more obvious points of convergence?
  A garage door opener.
  A heart pacemaker.
  The computer chip in a late model car.
  A microwave oven.
  
  These are all things taken for granted. Yet, as we progress into a far more technological world, what other points of convergence are taken for granted?
  
  Food processing plants
  Pharmaceutical processing plants
  Electric and natural gas utilities
  Train crossings and traffic control systems
  Next generation air traffic control systems
  Virtually all modern military equipment
  Military and public safety communications
  Civilian communications
  Convergence Drivers
  
  What is driving the convergence of these two worlds? There are three goals:
  1.Access: the goal of universal, ubiquitous interface;
  2.Control: the goal of remote administration; and
  3.Mining: the goal of knowledge acquisition.
  
  Convergence Vehicles
  To achieve these goals, there are four vehicles:
  
  Transmission: longer lines across land and through space;
  Connections: more links to more points;
  Aggregation: more information centralized, and disconnected information linked; and
  Retrieval: more ways of retrieving information, and more importantly, knowledge.
  
  Achieving CyberTerrorist Goals
  So how does a CyberTerrorist achieve his mission? Like any terrorist, a CyberTerrorist actively exploits the goals of the target population in areas in which they take for granted.
  
  There are three potential acts in CyberTerrorism at the point of convergence:
  1.Destruction;
  2.Alteration; and
  3.Acquisition and retransmission (these are a unit).
  As we will see, these three types of acts are most heinous at the point where the physical and virtual worlds converge.
  
  To achieve a true terrorist goal, as we know, we must have scale and publicity. So how does the CyberTerrorist approach a new age - an age of convergence of the physical and virtual worlds? An age where, thanks to our goals, he can perform his CyberTerrorist acts from his living room, undetected, from 8,000 kilometers away?
  
  Cracker or CyberTerrorist?
  A great deal of "cracks" are committed for the purposes of anarchy, humor, or as often stated by the perpetrators, "to be annoying." However, is this the mindset of a CyberTerrorist? Does the CyberTerrorist make a garage door go up and down? Does he change an Internet web site to say a country's government is evil? Does he hack into a major corporation's voice mail system to make long distance calls? No - that is not the domain of the CyberTerrorist - that is the domain of the amateur cracker community that exists worldwide.
  
  A CyberTerrorist's mindset is quite different. A CyberTerrorist would not alter a voice mail, or even abuse credit cards.
  
  Potential CyberTerrorist Acts
  Let us examine some example CyberTerrorist acts. Based on the definitions of terrorism, a determination can be made if they in fact constitute terrorism:
  
  A CyberTerrorist will remotely access the processing control systems of a cereal manufacturer, change the levels of iron supplement, and sicken and kill the children of a nation enjoying their food. That CyberTerrorist will then perform similar remote alterations at a processor of infant formula. The key: the CyberTerrorist does not have to be at the factory to execute these acts.
  
  A CyberTerrorist will place a number of computerized bombs around a city, all simultaneously transmitting unique numeric patterns, each bomb receiving each other's pattern. If bomb one stops transmitting, all the bombs detonate simultaneously. The keys: 1) the CyberTerrorist does not have to be strapped to any of these bombs; 2) no large truck is required; 3) the number of bombs and urban dispersion are extensive; 4) the encrypted patterns cannot be predicted and matched through alternate transmission; and 5) the number of bombs prevents disarming them all simultaneously. The bombs will detonate.
  
  A CyberTerrorist will disrupt the banks, the international financial transactions, the stock exchanges. The key: the people of a country will lose all confidence in the economic system. Would a CyberTerrorist attempt to gain entry to the Federal Reserve building or equivalent? Unlikely, since arrest would be immediate. Furthermore, a large truck pulling along side the building would be noticed. However, in the case of the CyberTerrorist, the perpetrator is sitting on another continent while a nation's economic systems grind to a halt. Destabilization will be achieved.
  
  A CyberTerrorist will attack the next generation of air traffic control systems, and collide two large civilian aircraft. This is a realistic scenario, since the CyberTerrorist will also crack the aircraft's in-cockpit sensors. Much of the same can be done to the rail lines.
  
  A CyberTerrorist will remotely alter the formulas of medication at pharmaceutical manufacturers. The potential loss of life is unfathomable.
  
  The CyberTerrorist may then decide to remotely change the pressure in the gas lines, causing a valve failure, and a block of a sleepy suburb detonates and burns. Likewise, the electrical grid is becoming steadily more vulnerable.
  
  In effect, the CyberTerrorist will make certain that the population of a nation will not be able to eat, to drink, to move, or to live. In addition, the people charged with the protection of their nation will not have warning, and will not be able to shut down the terrorist, since that CyberTerrorist is most likely on the other side of the world.
  
  Sadly, these examples are not science fiction. All of these scenarios can be executed today. As you may know, some of these incidents already have occurred in various nations. More of such acts will take place tomorrow. Are you prepared?
  
  
• Atobe

  25 May 03, 02:13

  Cont.
  
  CyberTerrorists: Who, Where, and Why?
  The purpose of this paper is to help you understand the threats that exist, and hopefully, to help you prevent these types of atrocities. But know this - there are people out there with very different goals, who are our real threats, and who are, or will be, attacking us. Make no mistake, the threats are real, today.
  
  Who are the CyberTerrorists? There a great many poor movies and too many works of fiction about the hacker and cracker communities. In the popular media, there recently was the Kevin Mitnick incident, where one cracker broke into another cracker's systems. This spawned endless press and at least two best selling books. While this incident received much attention, the events amounted to meaningless children's games.
  
  By and large, the cracker community, based primarily in the United States, Europe, the Middle East, Asia, and in the nations of the former Soviet Union, is composed of individuals who see the cracking process merely as a challenge, a brain teaser, a puzzle. They view themselves as not only being innocent of any crime, but perhaps even doing something righteous, something to counter the dark monoliths of the corporate and government worlds. They believe they are being persecuted. These individuals believe that what they are doing is not doing any true damage. At its least harmful, these crackers just look at information. However, privacy issues and military secrecy can render such infiltrations acts of terror.
  
  Sometimes crackers make minor changes, just for fun, to be annoying, or to make a statement. The potential for damage here is enormous.
  
  Crackers as Facilitators
  Individuals with a background in intelligence are aware that a frequent element of case execution is enlisting the indigenous, sometimes called "facilitators," to assist in a campaign. At the convergence of the physical and virtual worlds, the indigenous are the crackers.
  
  There is the incorrect assumption in the cracking community that they, the crackers, are so sophisticated or so knowledgeable as to know when they are being approached for a truly illicit reason (e.g., to be enlisted as a facilitator to commit an act of terrorism). However, despite cracker arrogance, these individuals are easy targets for enlistment.
  
  What about those crackers who actively wish to cross the line, or more basically, need money? To a teenager, a $1,000 U.S. can purchase a good many compact disks, a new modem, and a great deal of libation. Beyond youths, there are professionals in this arena as well.
  
  Historically, individuals engaged in the practice of terror tended not to be people working upon a computer 20 hours per day. Terrorists have not been in the business of tracking the latest holes found in UNIX or an obscure government telnet opportunity. There are people, however, who are in that business - for illicit as well as good cause. As stated, just as indigenous people may be turned into soldiers, so can crackers be turned into CyberTerrorists. Sometimes such a transition may be motivated by money or prestige. Usually, this transition will occur without the cracker's cognizance. The potential threat from such transitions is mind boggling, considering the damage even one mis-directed cracker can cause.
  
  Further, as young, educated people are brought into the folds of terrorist groups, this new generation will have the talent to execute the acts of CyberTerrorism of which we have spoken.
  
  We are going to see increasing levels of in-house expertise, and concomitant exponential increases CyberTerrorism. Unlike other methods of terrorism, CyberTerrorism is safe and profitable, and difficult to counter without the right expertise and understanding of the CyberTerrorist's mind. Combine our increasing vulnerability, with the explosive increases in the level of violence, and increasing expertise available inside terrorist organizations through new blood and outside through facilitators, and we can see that at the point where the physical and virtual worlds converge, the old models of managing terrorism are obsolete.
  
  Methods of Protection: No Easy Answers
  We must consider the following elements when building a counter-CyberTerrorist program:
  
  We must accept that while the theories of terrorism stand true, the way in which we approach counter-terrorism, in this case, counter-CyberTerrorism, must change.
  We must cooperate and share intelligence in ways we have never have before.
  
  We must enlist the assistance of those individuals who understand the weapons we are facing and have experienced fighting these wars.
  
  We must learn the new rules, the new technologies, and the new players.
  
  Unfortunately, one cannot learn how to fight this very unconventional warfare from someone who hasn't been there, nor from someone whose experience is in the old ways and old technologies. The old data processing, auditing, and computer security models in use today are obsolete. On this battlefield, against this weapon, the terrorist is already far ahead. The building of a counter-CyberTerrorist team must be real-time and dynamic, as the weapons will continually change, to morph, in an attempt to beat you, your systems, and your people. There is no re-machining, and unlike other terrorists, if the CyberTerrorist loses today, he does not die - he learns what did not work, and will use that information against you tomorrow.
  
  Conclusion
  If a computer security advisor states that you, your organization, and your country are safe behind firewalls, behind a system put into place by people who have never fought cyberbattles, behind audit trails, passwords, and encryption, then a great and dangerous fallacy (or fantasy) is being perpetrated upon you. The only solution is the quick deployment of a counter-CyberTerrorist - someone who knows what you are up against today, someone who lives in the world of the people who are, and will be, attacking - someone who can train the people who must fight the battles.
  
  Ex Post Facto
  An effective auditing system will only inform the target manager that they have taken a hit; perhaps a fatal hit. By that point, it is too late. Now is the time to take action. Unfortunately, due to this open nature of this document, specific counter-CyberTerrorism measures cannot be discussed. Those discussions must be reserved for secured facilities.
  
  Counter-terrorists of all backgrounds are duty-bound to save property, and more importantly, save lives. However, we are not isolated. We are all increasingly connected, dependent, and vulnerable. The very basic things we take for granted (e.g., food, medicine, energy, air, freedom of movement, communications, freedom from violence) are being threatened by the new weapon of CyberTerrorism.
  
  If we do not work together, we will be responsible for the outcome. If we fail to be ready when and where the virtual and physical worlds converge, then all that will be left is terror - in one's and zero's.
  
  http://www.afgen.com/terrorism1.html
  
  
• Stevenson101

  25 May 03, 12:04

  As Kierkegaard once said, the most dangerous mental faults are laziness and impatience. Laziness of mind meant unwillingness to face unfamilar, complex and refractory realities. Impatience led to infatuation with supposedly all explantory theories in lieu of thought and judgement. This is the mentality that leads to tyrancy and terrorism.
  
  As those who have experience with programming, a good programmer, a truly good one think in terms of logic. Terrorism itself is an illogical reasoning, a belief of only one chapter of the book and refusing to accept any other. Causing fear in the name of a God is a mentality that doesn't appeal to a hacker, for God is also an illogical entity. So is doing that in the name of racial purity. And these are normally the primary motivations for terrorism.
  
  Do you think that a good hacker would view 1000 US as an attractive wage? When they can easily obtain credit card numbers and purchase anything they need on the net? You can't hack the credit card server itself, but it is a simple matter to obtain the number from the client side. Considering that survival is not a concern to such individuals what do you think would appeal to them? Challenge.
  
  That's the reason why hacking crimes are normally committed in mischief and rarely done for any malice. Hackers do what they do because they can, not for any fancy reasons or for anyone. Once they're done with the security they leave their mark and move on to the next challenging target. Besides taking a few files as possible profits, they get nothing for meaningless loss of lives and get the law on them instead. Which basically is also illogical.
  
  I doubt hackers can really get recruited into terrorism groups for their ideals. But rather, the hackers can be threatened into helping the terrorist groups.
  
  I think this study was made with little research on the mentality of hackers. They assume that the minds of hackers operate the same as everyone else, with the same motivations. I think the best example is what the hacker said in the movie The Core, his mind works far faster than most humans, so can the concerns of average humans truly interest them?
• Atobe

  26 May 03, 21:42

  
  Interesting points that serves as an alternative view, but would you not consider that the vanity of a true hacker can be taken advantage of by an intelligent terrorist, who has no scruples in using talent from any source.
  
  Will an innocent hacker be deceitfully led into doing something that is out of his depth ?
  
  
• Stevenson101

  26 May 03, 23:48

  My view basically on this subject is that cyber terrorism can only be used as a one time only weapon, to accomplish an objective. Much the same way suicide bombing is used, but it'd be far harder to get a good hacker than a religious zealot.
  
  Yes, the stituation you state is very possible. Indeed no one can stop an imaginative preemptive strike from an intelligent adversary which is hiding in the dark. 9-11 is the perfect example.
  
  Unlike terrorism, cyber terrorism cannot make use of the human's natural tendency to grow lax with time. The computer defenses will always be alert, always ready to handle any intrusions.
  
  I will not say cyber terrorism cannot work. It will work once, a big bang same as 9-11. Then the world will get into an uproar, and there will be an all out hunt for this terrorist and hacker. Computer defenses will be fortified and countries will start keeping a list on hackers and monitoring them to make sure this incident cannot be repeated. Laws will be passed and counter measures will be implemented to make it near impossible to repeat.
  
  Cyber terrorism can happen, but it will be extremely difficult to execute. The hardware to make a truly destructive cyber terror attack is too easily traceable. And unlike terrorism where you can strike basically anywhere with a crowd to accomplish your objective Cyber terrorism have fixed targets which is easier to defend.
  
  My belief is that hackers will not join terrorist causes willingly. And it will be difficult to get good hackers undetected and even more difficult to use them any more than once. There will be isolated incidents probably. But do the numbers, how many religious fanatics are there to a single talented hacker?