Cyberterrorism: concept, terms, counteraction

August 31, 2004 · Vladimir Golubev

Distribution of weapons of mass destruction, transnational organized crime, drug selling business and international terrorism are the principal threats to security of modern world taking into account present-day conditions. Due to its scales and abruptness, nowadays terrorism turned into one of the most dangerous social and moral problems that humanity faced in the 21 century. Terrorist groups became a highly remunerative business involving selling drugs, weapons, counterfeit production, porn, blackmail and kidnapping. Their activities are more varied now; they are more and more linked with national, religious, and ethnic conflicts, separatist and liberation movements.

Tragic events of September 11 became a crucial moment of the world community’s perception of international terrorism. The status of this problem has gained a unanimous recognition in the documents of the UN and the OSCE (Organization for Security and Co-operation in Europe).

As it was mentioned more than once by participants of the Second International Conference “World Community against the Globalization of Crime and Terrorism” (Moscow, 2004), the main determinants of terrorism have a multilateral nature, equally political and social, ideological, religious and ethnic. However, social economic reasons expressed in extreme social discrepancy are the main basis of modern terrorism.

According to V. Luneev, it is impossible for terrorist leaders to develop serious terrorist activities without involvement of wide social base [1]. That’s why modern terrorism broadly (especially international terrorism) is not so much a conflict of religions, nations, civilizations, as it is an antagonism between extreme poverty of people, who often live in potentially rich regions and unlimited wealth of another countries. In this point, the mainstream is not so much about poverty, as it is about extreme social unfairness in the world, suppressed by serious direct and indirect pressure and violence of a certain social layer, country and one nation against the other.

Terrorism, particularly its new forms: technological or high-tech terrorism, showed itself globally as the phenomena of the international character, acting openly without any frontiers.

According to the Treaty of CIS countries on cooperation to fight terrorism [2], technological terrorism is: a) use of nuclear, radiological, chemical and bacteriological (biological) weapons or its components, b) use of pathogenic micro organisms radioactive and other substances, that are harmful for people; including capture, damage and destruction of nuclear, chemical and other objects of heightened technological or ecological danger, life-supporting systems of cities or other localities; if these actions appear to be intended:

to breach public security;
to intimidate or coerce civilian population;
to influence governmental policy by intimidation or coercion;
to achieve political, mercenary or other ends, and also attempts to commit any of the mentioned above violations for the same purposes; c) managing, financing or participation as a monger, an accomplice or an ally to the person who commits or attempts to commit such violation.

Terrorists use information technologies and global network posing a dangerous threat to the humanity in the 21 century. According to the Fiscal Year 2000 Performance Report and Fiscal Year 2002 Performance Plan, rapid technological advancements of the information age have rendered crime-fighting efforts increasingly complex and opened new avenues for global criminal activities, increasing interconnectivity of American critical infrastructures through cyber and information systems has created new vulnerabilities as criminals, terrorists, and foreign intelligence services learn to exploit the power of cyber tools and weapons; the challenge that computer crime presents to federal law enforcement in the 21st century creates a clear goal to help secure cyberspace by minimizing the impact of malevolent actors on the U.S. information systems[3].

Cyberterrorism or computer terrorism is a dangerous display of technological terrorism; it causes special anxiety of experts due to high vulnerability of computer systems that control critical infrastructure (transport, nuclear power stations, water and energy supply) connected to the Internet.

The Internet presents terrorists exclusive opportunities[4]. It serves as a source of easy (without drawing any unnecessary attention) access to almost all data: starting from potential arms suppliers and ending with necessary manuals on how to make bombs. Anyone can easily transfer or receive necessary funds (by collecting donations or hacking into banks), recruit mercenaries or teach their thoughts throughout the Internet. Finally, terrorists can rapidly disrupt normal operation of any object of civil or military infrastructure through the Internet almost without any costs. All this can be done with high-level safety from governmental interference in information flows, and with the secrecy that is a main feature of terrorist activity. Still, terrorists generally use the Internet as a means of communication or transfer of their ideology, but not as a weapon. Another day, another governmental body or another bank is exposed to computer attacks. We can’t call such attacks terrorism, as they do not lead to casualties or threats to people’s lives. However, cyberterrorism has already become a means of blackmail. So, everything else is a question of time, we can witness a birth of a new kind of terrorism, where subversive activity will be committed not by means of explosives, but through attacks at biggest information systems on the Internet. Governmental organizations and huge commercial institutions will become the first victims of cyberterrorism [5].

Dr Magnus Ranstorp, Director of the Center for the Study of Terrorism and Political Violence at the University of St Andrews, Scotland, one of the biggest world’s expert on Islamic terrorism and a CNN principal consultant on Terrorism and bin Laden before and after 11 September 2001 writes in his analysis entitled “Al-Qaeda in cyberspace: terrorism challenges in the information era” that terrorists use the Internet as it presents maximum organizational and assaulting capabilities. Cyber space allows conducting theoretical, military, theological teaching and propaganda, and also recruiting and maintaining communication between separate units.

Besides satellite phones and indefinable cellular sim-cards, for instance Swiss, Al Qaeda uses e-mail at popular portals like Hotmail and Yahoo to exchange messages and it is impossible to intercept them. Terrorists use a huge archive of users’ “templates”, users gave them screen names and passwords. Thus terrorists may communicate using e-mail addresses of their familiars or relatives who are not known to special services; they often use Internet cafes.

Osama bin Laden showed the importance of the Internet to him when he created an original hacker school at the faculty of electronics at his university. This importance is also displayed by introduction of Cyber University in Pakistan to study these SCADA systems controlling water distribution networks, dams, gas and oil pipelines and nuclear power plants.

Ranstorp reminds that Lebanese terrorist group Hezbollah also possesses up-to-date information technologies at their disposal and he also believes that Al-Qaeda is able to organize a scaled terrorist act having united all traditional actions with information attack and it might lead to huge monetary losses.

An original electronic Pearl Harbor may happen like this: an explosion of “electronic bomb” in a financial center of a huge Western city then followed by Internet attacks on key elements of economy like bank transfer systems, American Fedwire and international CHIPS and Swift.

“It is becoming perfectly clear that Al Qaeda have spent much more time to learn cyber space than we expected”, Ranstorp concludes. “They will try to attack most vulnerable targets. The question is not whether Ben Laden will start Internet warfare, the question is: When he will do it.”

Dorothy Denning, a renowned expert in research into computer crime, in her book “Activism, Hacktivism and Cyberterrorism: The Internet as a Tool to Influence Foreign Policy” writes “Is cyberterrorism the way of the future” For a terrorist, it would have some advantages over physical methods. It could be conducted remotely and anonymously, it would be cheap, and it would not require handling of explosives or a suicide mission. It would likely garner extensive media coverage, as journalists and the public alike are fascinated by practically any kind of computer attack. One highly acclaimed study of the risks of computer systems began with a paragraph that concludes, “The terrorist of tomorrow may be able to do more with a keyboard than with a bomb[6].”

“Cyber space has become a component of our economy. The number of transactions made over the Internet has swift increased for the past years in the USA. The work of almost all branches of the country’s economy, including energy, transport and communications, banking sphere use computer networks, and, thus, branches depend on the capacity of these networks,” said Condoleeza Rice, US National Security Advisor, speaking at the forum devoted to computer security. “The breakage of these networks may paralyze the whole country.” The President’s Assistant spoke for narrow cooperation between governments and private sector to assure computer security and to prevent computer terrorism.

In his recent interview, Professor Yonah Alexander, director of the International Center for Terrorism Studies, one of the world’s leading expert on terrorism warned that groups like Al Qaeda any other day will begin to resort to weapons of mass destruction for diversions against the West and to promulgating their ideology. Professor supposes that Al Qaeda’s main battlefield will shift to Europe where extremists have already created a branchy underground network.

“We can expect to see an escalation in terrorism on a global scale with a continuation of conventional acts of terror, such as suicide bombings and shooting, as well as mega-terror like September 11 in the US and March 11 in Spain,” Professor warns. “There will also be a move towards the use of non-conventional weapons: biological, chemical, nuclear as in dirty bombs, and cyber-terrorism, whereby perpetrators will try to disrupt power supplies and air traffic, for example, at the touch of a button.”

The probability of cyberterrorism represents a row of substantial challenges. First of all, owing to the internal character of computer attacks, they almost can’t be online forecasted and tracked. That’s why the attack may be started at any time, here or abroad; they may be conducted by adventures-seeking youngsters or malicious countries, criminals, spies and terrorists; it would need significant resources to accurately define who is responsible for these attacks. Technology, as it appears, won’t be able to resolve this problem in the nearest future. Secondly, due to the complexity of law that is globally in force, collecting evidence, prosecution, search, seizure and delivery of separate persons, where the Internet or other electronic means could be used, are problematic. The mentioned problems raise the actuality of understanding current and elaborating new international legal mechanisms to fight cyberterrorism.

One of the main instruments of criminal legal regulation of terrorism in Ukraine, including its new technological ways, is the Law of Ukraine “On Fighting Terrorism” dated March 20, with the purpose to achieve criminal goals 2003. This law defines terrorism as the following:

socially-dangerous activity aimed at deliberate, purposeful violence by way of capturing hostages, arsons, murders, tortures, intimidation of people or government;
other infringement on lives or health of innocent people;
threatening to commit criminal acts with the purpose to achieve criminal goals. Article 1 of this law defines technological terrorism as crimes committed with the terrorist purposes applying nuclear, chemical and bacteriological (biological) or other weapons of mass destruction or its components, other harmful for health of people substances, means of electromagnetic radiation, computer systems and communication networks, including capture, damaging or destruction of potentially dangerous objects, directly or indirectly creating or threatening to occurrence of emergency incidents as a result of these actions and pose danger to personnel, population and environment, create conditions for accidents or disasters of man-made character.

Legal fight against terrorism in Ukraine is based on the Constitution of Ukraine, the Criminal Code of Ukraine, the Law of Ukraine “On Fighting Terrorism”, European Convention on the Suppression Terrorism (1977), International Convention for the Suppression of Terrorist Bombings (1997), International Convention for the Suppression of the Financing of Terrorism (1999), other international treaties involving Ukraine, decrees and orders of the President of Ukraine, decrees and resolutions of the Cabinet of Ministers of Ukraine, and also other legal acts.

Ukraine made a step forward in counteracting to terrorism having ratified the European Convention on the Suppression of Terrorism. According to the Convention, contracting countries shall regarded none of the following offences as a political offence or as an offence connected with a political offence or as an offence inspired by political motives:

an offence within the scope of the Convention of the Suppression of Unlawful Seizure of Aircraft, signed at The Hague on 16 December 1970;
an office within the scope of the Convention for the Suppression of Unlawful Acts against the Safety of Civil Aviation, signed at Montreal on 23 September 1971;
a serious offence involving an attack against the life, physical integrity or liberty of internationally protected persons, including diplomatic agents;
an offence involving kidnapping, taking hostage or serious unlawful detention;
an offence involving the use of a bomb, grenade, rocket, automatic firearm or letter or parcel bomb if this use endangers persons;
an attempt to commit any of the foregoing offences or participation as an accomplice of a person who commits or attempts to commit such an offence.

Nothing in this Convention shall be interpreted as imposing an obligation to extradite if the requested State has substantial grounds for believing that the request for extradition for an offence mentioned in Article 1 or 2 has been made for the purpose of prosecuting or punishing a person on account of his race, religion, nationality or political opinion, or that that person’s position may be prejudiced for any of these reasons[7].

In 45 days after September 11, 2001 assaults on New York and Washington, the US Congress passed the new anti-terrorist law known as the Patriot Act. By this Act, the Congress has introduced a new legal term “cyberterrorism” to stand for various forms of hacking and causing damage to protected computer networks of citizens, legal entities or governmental authorities, including damage caused to computer system used by a governmental agency to manage national defense or to assure national security. Cyberterrorism is the premeditated, politically motivated attack against information, computer systems, computer programs, and data which result in violence against noncombatant targets by sub national groups or clandestine agents.

European countries experience similar trends. A question of legal and organizational mechanisms of computer networks use regulation is raised to priority tasks. Cybercrime Convention accepted by European Council dated November 23, 2001 has become the first international treaty bringing up legal and procedural aspects of investigation and criminal prosecution of cybercrimes[8]. The Convention stipulates actions targeted at national and inter-governmental level, directed to prevent unlawful hindrance of computer system functions.

Certainly, skeptics may object that the question of terrorism as its newest ways is not the critical issue for Ukraine today. However, renowned Ukrainian experts involved in research into problems of terrorism do not agree with this statement. So, Vasiliy Krutov believes that there already have been all the prerequisites of emergence of terrorism in Ukraine. There would be internal contradictions, as well as external factors. The first are economic and social problems like delimitation of the population by their revenues, political tension, and criminalization of all spheres of the social life.

Taking into account the processes of globalization and further escalation of terrorism, Ukraine, as the biggest European corridor, will scarcely stand aside. Therein, the study of international experience in fighting high tech ways of terrorism, making unified terms, exclusion of ambiguity standards in evaluating phenomenon and measures to counteract cyberterrorism are important to minimize dangerous trends of terrorism at the international level.

Cyberterrorism, in our opinion, should be regarded as deliberate attack on information processed by computer, computer system or network that endangers life and health of people or causes other grave consequences, if these actions were committed with the purpose of public security breach, to intimidate or coerce a civilian population or to provoke an armed conflict[9].

The arsenal of computer terrorists is quite huge: various viruses, so-called logical bombs (pieces of code in a program that deletes files, starts a DDOS etc., usually part of a virus but it could have also been placed into the code by a programmer on purpose beforehand), trojan horses.

Owing to the real threat posed by cyberterrorism, today we may outline several possible scenarios of the forthcoming events, in particular, the most probable kinds of attacks on computer systems:

various kinds of attacks allowing breaking into the attacked network or to obtain control over the network;
computer viruses, including network worms that modify and destroy information or hinder operation of computer systems;
logical bombs, a code placed into the programs and are activated at some time;
“trojans” that allow executing certain actions without the knowledge of the owner of the compromised system (trojans sending their owner through the Internet different data from the infected system, including users’ passwords, are widespread at the moment);
means designed to hinder exchange of information in networks and to launch DDOS attacks[10].

International terrorism has come forward as the main challenge to the present. Prevention of terrorism is an utterly complicated task, since its phenomenon is emerged by many social, political, psychological, economic, historical and other causes. The efficiency of measures undertaken to combat it and their further improvement will depend on how precisely the causes for its emergence will be determined.

We can overcome cyberterrorism only by taking thorough measures. Above all, we need a clear and consistent policy. We need high-skilled intelligence. The work of law enforcement and armed forces is also important here. We absolutely need means to prevent high tech and cybernetic terror.

Computer crime and cyberterrorism represent a special social national and international danger. Owing to this threat, they are a particular measure of terrorist activity with specific causal base; we will need special actions to fight and control this activity. A single person or groups of people may commit such criminal activity, like any other. Nevertheless main players in cyberterrorism are organized criminal groups, criminal societies and national/transnational criminal organizations[11].

Terrorism threats can be neutralized by consolidation of efforts of the whole international community to liquidate economic and ideological roots of this phenomenon. In the meanwhile, the efficiency of cooperation within the international antiterrorist coalition is far from being perfect.

Prevention and suppression of cybercrime and cyberterrorism represent a complex problem. Nowadays laws should meet requirements of the present level of technological development. It is necessary to carry out purposeful work to unify and improve national laws regulating information distribution in public communication networks. Management of cooperation and coordination of efforts of law enforcement, special services and judicial system, and supplying material and technical basis are the priority directions as well.

Since computer terrorism has already become real, it is necessary to legislatively fix the obligation of governmental and private institutions to take technical measures assuring protection of computer networks as the most vulnerable component.

The question of control of information distributed throughout the Internet remains topical. It is necessary to elaborate a system of criteria of the Internet sources promulgating xenophobia, racial and religious intolerance, and to create a list of such sources in order to coordinate efforts directed at their further suppression on this basis. The given problem bears complex and all-round character. On the one hand, it is obvious that information right is the milestone of a free society. On the other hand, it’s not a secret that terrorists use rights and liberties granted by the modern society. The necessity of suppression of terrorist activities on the Internet raised the question that special services should legally monitor cyber space and take measures to deter terrorist activities on the Web.

According to Alexei Chistyakov, Head of the World Anticriminal and Antiterrorist Forum in Ukraine, it is necessary to change approaches to fight terrorism. This fight is mainly entrusted to special services that simultaneously carry out intelligence and counter-intelligence activities, he said. The fight against terrorism, including one of its forms - cyberterrorism, should become the prior function of all law enforcement and other corresponding authorized bodies, he added[12].

Such scaled task will require a lot of time and money. However, the reality is such that whether the country exists or not is defined by its ability to efficiently and opportunely respond to internal challenges. Therein, the question of creating an effective system to counteract to computer terrorism is, actually, a question of the country’s survival under modern conditions. Of course, it is impossible to cover the whole specifics of cyberterrorism in one article, and all the more to expand all related problems, including definition of concepts and elaboration of the united definition internationally and also coordinated measures to counteract to this phenomenon. Thus and so, comprehension of the problems of cyberterrorism, elaboration of conceptual basis and, above all, criteria of definition of this dangerous phenomenon are the priority ways to fight high tech terrorism and its dangerous kind - cyberterrorism.

[1] I. Mikheev, Terrorism: concept, responsibility, prevention. - http://www.crime.vl.ru/docs/stats/stat_62.htm. [2] Treaty of CIS countries on cooperation to fight terrorism, dated July 4, 1999. Collection of statutory acts regulating cooperation of CIS countries to fight crime, 2nd publication. CIS Executive Committee, Minsk, 2001. - p.98. [3] Strategic Goal One: Keep America Safe by Enforcing Federal Criminal Laws (Fiscal Year 2000 Performance Report and Fiscal Year 2002 Performance Plan. - http://www.usdoj.gov/ag/annualreports/pr2000/NewSG1.pdf , P. 25. [4] Michael Whine. Cyberspace: A New Medium for Communication, Command and Control by Extremists. - http://www.ict.org.il/ [5] V. Vasiliev, Psychology of terrorism, Modern terrorism: state and perspective, edited by E. Stepanova, Editrorial URSS, 2000. - p.178. [6] Dorothy E. Denning. Activism, Hacktivism, and Cyberterrorism: The Internet as a Tool for Influencing Foreign Policy. - http://www.crime.vl.ru/docs/stats/stat_92.htm. [7] “European Convention on the Suppression of Terrorism” dated January 27, 1977. - http://zakon.kuban.ru/nd2/2001/270177ek.shtml. [8] Convention on Cybercrime (Budapest, 23.XI.2001). - http://www.crime-research.org/library/cybercrime-convention.doc. [9] V. Golubev, Cyberterrorism - a threat to national security. - http://www.crime-research.ru/articles/Golubev_Cyber_Terrorism/. [10] V. Golubev, T. Saytarly, Problems of fighting cyberterrorism in modern conditions. - http://www.crime-research.ru/library/e-terrorism.htm. [11] V. Golubev, Organizational legal aspects of counteraction to computer terrorism. - Entrepreneurship, state and law, Scientific practical magazine, Kyiv, 2004, #7, p.121-124. [12] Alexei Chistyakov, Manifestations of terrorism in the country could be minimized. - http://www.crime-research.ru/news/14.07.2004/1252.