Imagine a cyber-terrorist shutting down electrical power to all of lower Manhattan with a desktop computer a thousand miles away. Imagine a terrorist exploding a bomb in a large metropolitan area. And then jamming our 911 lines, or wreaking havoc on our banking systems with the push of a button.
These frightening scenarios, proposed by experts before the House Science Committee on Oct. 10, could happen. However, in the war on terrorism, combating cyber-terror should not be among our top priorities.
Cyber-terrorism is "the convergence of terrorism and cyberspace," said Dorothy Denning, director of the Georgetown Institute for Information Assurance. To qualify as cyber-terrorism, the attack must focus on computers or computer networks, the purpose must be to coerce a government, and the magnitude of the damage should be enough to cause violence.
Under this definition an act of cyber-terrorism has never occurred. Nothing done on the Internet so far has directly resulted in violence or human casualties. Past cyber attacks are best to be labeled as "nuisance attacks" or "cyber protests" rather than acts of terrorism. These attacks (if we can even call them that) have included flooding e-mail boxes or defacing Web sites, which are comparatively petty in the face of recent human tragedies.
This past April, denial-of-service attacks crashed U.S. government Web sites during the controversy surrounding the collision between an American surveillance aircraft and a Chinese fighter plane. Although irritating to system administrators and costly for some businesses, these attacksdid not cause any significant long-term damage.
|
||||||||||||||||||||
But just because cyber-terrorism, by definition, never has happened before does not mean it will not happen in the future. Asgovernment, business and personal computer systems become more interconnected, they also become more vulnerable. More companies are using the same pieces of software such as Windows NT, and this change makes attacking easier for computer crackers since they only need to learn one system to attack many computers. Since the network is often more homogeneous, viruses also spread more easily.
But more important than the issue of history is whether terrorists even possess the capability to carry out cyber-attacks.
An attack can be made easier if the terrorist can get inside access. If a cyber-terrorist is able to recruit an operator at a power company either through bribery, ideology or blackmail, he can get crucial knowledge on how to shut down the system.
The most powerful potential cyber-terrorist groups are those that have support from foreign governments. According to Michael Vatis, director of the Institute for Security Technology Studies at Dartmouth College, countries such as Syria, Iraq, Iran, Sudan and Libya are believed to be developing information warfare capabilities. Because they are receiving funding from their governments, it is conceivable that a well-funded intelligent group given enough time could infiltrate a critical infrastructure like an electrical power grid for an entire city. This was demonstrated in Project Eligible Receiver when the National Security Agency hired a group to break into a simulation of critical computer systems. Alarmingly, they succeeded.
It is much less likely, however that a small group like al-Qaeda and its supporters, even with millions of dollars at its disposal, could do it. If recent events are any indication, the group is not equipped with the computer savvy experience necessary to launch a cyber attack. Additionally, there may be backup systems or contingency plans that they may not be aware of without inside access.
Nuisance attacks are an option for an organization like al-Qaeda, but these attacks are not very potent. Vatis predicted that such "nuisance attacks" are "extremely likely" following any U.S military action. Some of these attacks have occurred but have been insubstantial compared to other types of attacks which have a human toll attached to it.
In countering cyberterrorism, high-tech solutions are not necessarily the answer. We should first and foremost prevent terrorists from getting inside access, and this relies on relatively low-tech devices such as background checks and polygraphs. Right now, people are the weakest link.
The government should allocate reasonable funds to at least understand the problem better. While we need to be vigilant about all forms of security, we also need to be skeptical.
(David Friedman is a fourth year Engineering student. Keen Browne is a third year Engineering student.)
Read More
Honor Committee plans Dorm Talks and finals week initiatives
By Lexie Stadler | YesterdayIn an effort to enhance student outreach and introduce incoming students to the Honor System, the Committee will reintroduce Dorm Talks in the Fall 2024 semester.
BREAKING: Two fraternities suspended, one terminated after hazing allegations
By Ford McCracken | 2 days agoThe University’s chapter of Pi Kappa Alpha is the founding chapter of the fraternity, which was founded in West Range room 47 in 1868.
From the archives: April 22 – April 28
By Maisy Callahan and Grace Franklin | 2 days agoThose opposed to the Mall feared closing Main St. would create inconvenience and traffic, which would in turn decrease the income made by merchants.
