| Cyber terrorism is the premeditated use of disruptive | | | | • Loss of intellectual property - research, pricing, etc. |
| activities, or the threat thereof, in cyber space, with the | | | | • Costs of forensics for recovery and litigation |
| intention to further social, ideological, religious, political or | | | | • Loss of critical communications in time of |
| similar objectives, or to intimidate any person in | | | | emergency. |
| furtherance of such objectives. | | | | Indirect Cost Implications |
| Computers and the internet are becoming an essential | | | | • Loss of confidence and credibility in our financial |
| part of our daily life. They are being used by individuals | | | | systems |
| and societies to make their life easier. They use them | | | | • Tarnished relationships& public image globally |
| for storing information, processing data, sending and | | | | • Strained business partner relationships - domestic |
| receiving messages, communications, controlling | | | | and internationally |
| machines, typing, editing, designing, drawing, and almost | | | | • Loss of future customer revenues for an individual |
| all aspects of life. | | | | or group of companies |
| The most deadly and destructive consequence of this | | | | • Loss of trust in the government and computer |
| helplessness is the emergence of the concept of | | | | industry |
| “cyber terrorism”. The traditional concepts and | | | | The following are notable incidents of cyber terrorism: |
| methods of terrorism have taken new dimensions, | | | | • In 1998, ethnic Tamil guerrillas swamped Sri |
| which are more destructive and deadly in nature. In the | | | | Lankan embassies with 800 e-mails a day over a |
| age of information technology the terrorists have | | | | two-week period. The messages read "We are the |
| acquired an expertise to produce the most deadly | | | | Internet Black Tigers and we're doing this to disrupt |
| combination of weapons and technology, which if not | | | | your communications." Intelligence authorities |
| properly safeguarded in due course of time, will take | | | | characterized it as the first known attack by terrorists |
| its own toll. The damage so produced would be almost | | | | against a country's computer systems. |
| irreversible and most catastrophic in nature. In short, | | | | • During the Kosovo conflict in 1999, NATO |
| we are facing the worst form of terrorism popularly | | | | computers were blasted with e-mail bombs and hit |
| known as "Cyber Terrorism". | | | | with denial-of-service attacks by hacktivists protesting |
| The law dealing with cyber terrorism is, however, not | | | | the NATO bombings. In addition, businesses, public |
| adequate to meet the precarious intentions of these | | | | organizations, and academic institutes received highly |
| cyber terrorists and requires a rejuvenation in the light | | | | politicized virus-laden e-mails from a range of Eastern |
| and context of the latest developments all over the | | | | European countries, according to reports. Web |
| world. | | | | defacements were also common. |
| Cyber terrorist prefer using the cyber attack methods | | | | • Since December 1997, the Electronic Disturbance |
| because of many advantages for it. These are:- | | | | Theater (EDT) has been conducting Web sit-ins |
| 1. It is Cheaper than traditional methods. | | | | against various sites in support of the Mexican |
| 2. The action is very difficult to be tracked. | | | | Zapatistas. At a designated time, thousands of |
| 3. They can hide their personalities and location. | | | | protestors point their browsers to a target site using |
| 4. There are no physical barriers or check points to | | | | software that floods the target with rapid and |
| cross. | | | | repeated download requests. EDT's software has also |
| 5. They can do it remotely from anywhere in the | | | | been used by animal rights groups against |
| world. | | | | organizations said to abuse animals. Electrohippies, |
| 6. They can use this method to attack a big number of | | | | another group of hacktivists, conducted Web sit-ins |
| targets. | | | | against the WTO when they met in Seattle in late |
| 7. They can affect a large number of people. | | | | 1999. |
| Forms of cyber terrorism- | | | | The Interpol, with its 178 member countries, is doing a |
| (I) Privacy violation: | | | | great job in fighting against cyber terrorism. They are |
| The law of privacy is the recognition of the individual's | | | | helping all the member countries and training their |
| right to be let alone and to have his personal space | | | | personnel. |
| inviolate. The right to privacy as an independent and | | | | The Council of Europe Convention on Cyber Crime, |
| distinctive concept originated in the field of Tort law, | | | | which is the first international treaty for fighting against |
| under which a new cause of action for damages | | | | computer crime, is the result of 4 years work by |
| resulting from unlawful invasion of privacy was | | | | experts from the 45 member and non-member |
| recognized. | | | | countries including Japan, USA, and Canada. This |
| (II) Secret information appropriation and data theft: | | | | treaty has already enforced after its ratification by |
| The information technology can be misused for | | | | Lithuania on 21st of March 2004. |
| appropriating the valuable Government secrets and | | | | The Association of South East Asia Nations (ASEAN) |
| data of private individuals and the Government and its | | | | has set plans for sharing information on computer |
| agencies. | | | | security. They are going to create a regional |
| (III) Demolition of e-governance base: | | | | cyber-crime unit by the year 2005. |
| The aim of e-governance is to make the interaction of | | | | The protection of I.T.A can be claimed for: |
| the citizens with the government offices hassle free | | | | (a) Preventing privacy violations, |
| and to share information in a free and transparent | | | | (b) Preventing information and data theft, |
| manner. It further makes the right to information a | | | | (c) Preventing distributed denial of services attack |
| meaningful reality. In a democracy, people govern | | | | (DDOS), and |
| themselves and they cannot govern themselves | | | | (d) Preventing network damage and destruction. |
| properly unless they are aware of social, political, | | | | Here are few key things to remember to protect from |
| economic and other issues confronting them. This, right | | | | cyber-terrorism: |
| to receive information is, however, not absolute but is | | | | 1. All accounts should have passwords and the |
| subject to reasonable restrictions which may be | | | | passwords should be unusual, difficult to guess. |
| imposed by the Government in public interest. | | | | 2. Change the network configuration when defects |
| (IV) Distributed denial of services attack: | | | | become know. |
| The cyber terrorists may also use the method of | | | | 3. Check with venders for upgrades and patches. |
| distributed denial of services (DDOS) to overburden | | | | 4. Audit systems and check logs to help in detecting |
| the Government and its agencies electronic bases. | | | | and tracing an intruder. |
| This is made possible by first infecting several | | | | 5. If you are ever unsure about the safety of a site, or |
| unprotected computers by way of virus attacks and | | | | receive suspicious email from an unknown address, |
| then taking control of them. Once control is obtained, | | | | don't access it. It could be trouble. |
| they can be manipulated from any locality by the | | | | The problems associated with the use of malware are |
| terrorists. These infected computers are then made to | | | | not peculiar to any particular country as the menace is |
| send information or demand in such a large number | | | | global in nature. The countries all over the world are |
| that the server of the victim collapses. | | | | facing this problem and are trying their level best to |
| (V) Network damage and disruptions: | | | | eliminate this problem. The problem, however, cannot |
| The main aim of cyber terrorist activities is to cause | | | | be effectively curbed unless popular public support and |
| networks damage and their disruptions. This activity | | | | a vigilant judiciary back it. The legislature cannot enact |
| may divert the attention of the security agencies for | | | | a law against the general public opinion of the nation at |
| the time being thus giving the terrorists extra time and | | | | large. Thus, first a public support has to be obtained not |
| makes their task comparatively easier. This process | | | | only at the national level but at the international level as |
| may involve a combination of computer tampering, | | | | well. The people all over the world are not against the |
| virus attacks, hacking, etc. The intention of a cyber | | | | enactment of statutes curbing the use of malware, but |
| terrorism attack could range from economic disruption | | | | they are conscious about their legitimate rights. Thus, |
| through the interruption of financial networks and | | | | the law to be enacted by the legislature must take |
| systems or used in support of a physical attack to | | | | care of public interest on a priority basis. This can be |
| cause further confusion and possible delays in proper | | | | achieved if a suitable technology is supported by an |
| response. | | | | apt legislation, which can exclusively take care of the |
| Effects of Cyber Terrorism on economic & social | | | | menace created by the computers sending the |
| life- | | | | malware. Thus, the self-help measures recognized by |
| Direct Cost Implications | | | | the legislature should not be disproportionate and |
| • Loss of sales during the disruption | | | | excessive than the threat received by the malware. |
| • Staff time, network delays, intermittent access for | | | | Further, while using such self-help measures the |
| business users | | | | property and rights of the general public should not be |
| • Increased insurance costs due to litigation | | | | affected. |