I am Nihal Jani from ahmedabad, Sakar English School. I was searching for a good ppt on slideshare on cyber terrorism, but couldn't find one. So I made one instead and am posting it to benifit other people like me...
2. Some Common Definitions of Cyber Terrorism
• Cyber terrorism is the act of Internet terrorism in terrorist activities, including
acts of deliberate, large-scale disruption of computer networks, especially of
personal computers attached to the Internet, by the means of tools such as
computer viruses.
• Cyber terrorism can be also defined as the intentional use of computer,
networks, and public internet to cause destruction and harm for personal
objectives.
3. Cyber-Terror Capability
The following three levels of cyberterror capability is defined by Monterey group
1. Simple-Unstructured: The capability to conduct basic hacks against individual systems using
tools created by someone else. The organization possesses little target analysis, command and
control, or learning capability.
2. Advanced-Structured: The capability to conduct more sophisticated attacks against multiple
systems or networks and possibly, to modify or create basic hacking tools. The organization
possesses an elementary target analysis, command and control, and learning capability.
3. Complex-Coordinated: The capability for a coordinated attack capable of causing mass-
disruption against integrated, heterogeneous defenses (including cryptography). Ability to create
sophisticated hacking tools. Highly capable target analysis, command and control, and
organisation learning capability.
4. Some Terrifying Facts
Here are some interesting statistics.
In the first half of 2002, there were more than 180,000 Internet based attacks on
business.
Attacks against the Internet increase at an annual rate above 60%.
The average business will experience 32 break-in attempts this week.
Reported systems vulnerabilities and security incidents are doubling each year.
The reported number of vulnerabilities and security incidents represent an
estimated 10% of the actual total.
5. Major Effects of Cyber Terrorism : Sabotage
Non-political acts of sabotage have caused financial and other damage. In 2000,
disgruntled employee Vitek Boden caused the release of 800,000 litres of
untreated sewage into waterways in Maroochy Shire, Australia.
More recently, in May 2007 Estonia was subjected to a mass cyber-attack in the
wake of the removal of a Russian World War II war memorial from downtown
Tallinn. The attack was a distributed denial-of-service attack in which selected
sites were bombarded with traffic to force them offline.
6. The Three stages of Defense
In discussing more explicit forms of dealing with terrorist activities in cyberspace, it
will be useful to consider three stages of defense:
1. Prevention: How can we keep an attack from being launched? How can an
attack be made to fail before reaching the target?
2. Incident management, mitigating an attack, damage limitation: An attack has
reached the target. How do we prepare for and conduct defense during an
attack? How do we defeat the attack without loss? How do we identify and
limit damage?
3. Consequence management: What to do after an attack?
7. First Stage of Defence: Prevention
A basic approach is to design the system to be secure from an attack from the
beginning. If this is done properly, attacks may be prevented because they would
be perceived to be futile, or if launched, they would cause no damage. For the
vast majority of IT systems, security was not a major design criterion, if it was
considered at all, even with the original Advanced Research Projects Agency
Network (ARPANET), which was developed by the U.S. Department of Defense. If
security were made a major design criterion for a new system, there is no doubt
that it could be made more secure than most of its predecessors. However, there
should be no delusion that we know how to design large, complex systems that
can be kept and guaranteed safe and secure in today’s world.
8. To prevent penetration of the system at risk from the outside, Passwords are the oldest, and
still most widely used, cyber technique. More recent and somewhat widely used techniques
are firewalls and proxy servers. Like all forms of cyber defense, these can be defeated,
although it is possible to make them real barriers against many attempted attacks. If the
system is penetrated from the outside, a next line of defense is internal
compartmentalization and containment. In this instance, the goals are to limit penetration
and damage, compartmentalization and need-to-know access controls, intrusion tolerance
schemes, maintaining protected redundancies, and hiding assets and protect and gather
information to help with recovery and response after the attack. Most of the activity at this
defensive stage is passive and might be described as “terminal defense,” because it is in the
hands of the owners and operators of parts of cyberspace who are mostly in the private
sector. Serious questions remain as to who is responsible for defending the common areas
in cyberspace, and how it would be done.
Incident Management, Mitigating an attack,
Damage Limitation
9. Consequence Management
There are two primary substages in this stage of defense: recovery and response. Recovery
is largely about reconstituting IT assets so that the organization can operate as close to
normal as possible as soon as possible. Response is concerned with identifying and
punishing the culprits and learning lessons to enable the organization to better defend itself
in the future. A sample of the tasks that would fall under recovery might include:
The removal or shut down of hostile or defective entities.
A damage assessment survey of what is broken or altered, and what is not.
An automated or semi automated process for assessing and quickly and effectively
rationing and reallocating what is left.
Prioritization of functions to be reconstituted.
Restoration to pre-accident or pre-attack status without destroying evidence.