Violent, non-state actor use of cyberspace
Disucss about the Cyber terrorism and Cyber warfare.
The society utilises the technology for enhancing their life and the lifecycle. However, some people use the technology for meeting their selfish needs. This can be alarming for the society. Hacking has become the tool that is creating a new kind of cyber threat. The threat occurs mainly in two ways- pure cyber terrorism and hybrid cyber terrorism. The pure cyber terrorism is one sort of attack that affects the cyberinfrastructure of the victim. In case of hybrid cyber terrorism, the Internet is used to recruit and encourage others to the acts of terrorism. Both of these threats pose a serious threat to the United Nation, Organisation of Islamic Cooperation and Council of Europe.
The essay states about violent, non-state actor use of cyberspace. The Council of Europe, United Nation faces several challenges for ensuring security against cyberattack. Recommendations have been made in the essay by which the cybersecurity threats can be mitigated.
By analysing the current trends, it can be seen that the society is increasingly depending upon information technology. The people are now using computer technology to meet their selfish needs. The cyber terrorism has gained prominence over the last few years[1]. Cyber terrorism is generally pre-mediated and politically motivated attacks and is conducted by some notorious criminals. They attack one’s computer through information system and make their system vulnerable to use. The cyber terrorism is somewhat related to hacktivism. The cyber terrorists attack the system for meeting their selfish needs whereas the hackers attack the system to gain financially. There are several scenarios where the cyberterrorism, cybercrime and the hacktivism takes place[2]. The cyber-dependent attack that takes place can be a political move as well. The government of a specific country can be negatively affected due to the cyber terrorism. The authors have stated that several examples where terrorism takes place[3].
Example 1: In the year 1998 a cyber-terrorist group attacked the Sri Lankan embassies, and they daily sent about 800 emails per day stating they are the Black Tigers and they are doing it to disrupt the network connections.
Example 2: Another author states attack the Japanese government. The government uses the software related to Aum Shinrikyo. Aum collected all the sensitive data about the nuclear weapons.
Example 3: In recent times a Distributed Denial of Service attack occurs and the attack occurs on the Tel Aviv Stock Exchange website, First International Bank of Israel websites. In the year 2012, a cyber attack occurs against Saudi Arabia’s company. Aramco destroyed around 35,000 computers, and the same virus attacked RasGas Company of Qatar.
Procedures by which the states have responded
Example 4: The attack of 9/11 Al-Qaeda by was analysed, and it was found that the terrorists used the email to coordinate their actions.
The terrorists use the off-the-self software to encrypt the messages; the software also paves the way for transferring files via a peer-to-peer network and torrents. The violent network helps in the electronic surveillance like the Street View and the Google Earth. They conduct data mining from the social networking sites to uncover the names and addresses of the individuals. The violent organisations make use of the tool to raise funds by establishing NGOs and charities. They make use of all these tools to solicit funds. Those fraud organisations make use of social media to make money. They accept all the donations via Pay-pal, credit card and bank transfer[4]. The attackers or the cyber terrorists make use of the varied multimedia techniques and state-of-art propaganda audio files and video files.
There are several areas of cybercrime that must be taken into consideration. The hackers conduct the attacks by the following means-
Phishing attack- The phishing attack is generally carried through fraud emails and users or the victims fall into the trap[5]. The users provide all the credentials like the passwords, identity theft and the sensitive data get breached.
Watering hole- a fake webpage is generated to deploy, and the original page is compromised for a reason.
Ransomware- Ransomware attack is carried out the cybercriminals as well. They restrict the users to log in their system. The users are restricted to get into their system[6]. The users will have to pay a handsome amount of money to get access to their system.
Scanning- The attackers in the name of testing vulnerabilities on the internet deploy attacks at random fashion.
Cyber warfare and the terrorism do not have any specific limits and borders. The main motive of this essay is to share the information related to safety of the modern states, private organisations and the government organisations. NATO analyse that the cyber-attacks have become common now-a-days. The cyber threats can be a threat for the organisations, government administration. There are several phases of cyber security attack. The first phase attack involves the scouting the potential victims. The cyber attackers gather vital information from the hardware and the used applications[7]. The second phase of the attack involves intrusion. Nothing can be done against the target apart from disrupting the availability. The third phase involves the identification of the internal opportunities by assessing the resources to access the restricted parts of the system[8]. The cyber terrorists implement malware and virus into one’s system through email and internet browser. They carry out denial of service attack to restrict the use of the computer system and the network. They also get into the system of government organisation and steal all the important details. They also disrupt the operations of the system[9]. Thus it is a serious problem and that is why it is challenging for the skilled military cyber units to fight against the cyber terrorism. China, USA and China have the skilled cyber unit military base. They apply certain norms and policy and in this way they can assure safety of the system and database. The treaty laws can be useful; the employees can know how to safeguard data of the organisations. They use the firewall and other security hardware and software to prevent the cyber security attacks.
Future Recommendation
Treaty laws provide norms for exercising the universal jurisdiction over cyberterrorism. The universal jurisdiction is controlled by international community and is not controlled by the states[10]. The cyber terrorism is the transactional and the trans-border crime. During the recent times it can be seen that the multilateral cooperation is the most efficient methodology to respond to the terrorist attack. The United nation has taken the lead to coordinate and seek cooperation in dealing with the issues related to the terrorism. UN Security following the tragedy of 9/11 attack has moved forward to fight against terrorism[11]. They declared the international peace and at the same time declared obligation to all the members of the United Nations to support and financing the terrorists. UN Security takes important steps so that they do not the funds. The United Nations are setting up CTC to monitor Resolution 1373 implementation[12]. The United Nations Security requires all the states to cooperate in the fight against the terrorism. The Resolution 1624 (2005) calls states to apply the policies to prevent the chance of cyber security attack. The resolutions taken by the United Nations can take a significant approach to fix the errors related to the cybersecurity.
According to the Law of Treaties declared by Vienna Convention, the parties that are involved with the project can choose to interpret the sources rather than the text of the treaty. The treaties text can be expanded either implicitly or explicitly to cope up with the rapid technological changes. The United Nations have published charters on the war and the terrorism. The United Nations publishes the charters on the terrorism and the war[13]. The United Nation establishes laws and conventions related to the cyber terrorism. By following those norms, they can be able to root out the risks related to the cyber terrorism.
Alongside United nation, the Council of Europe’s European Committee creates an expert committee on cyberspace[14]. They created the cybercrime related convention and convention has been lasted for several years. The conventions are designed in such a way that the international crimes can be monitored and controlled efficiently[15]. They have initiated several norms and the policies by which the cybercrime can be detected and can be mitigated.
The Council of Europe has taken up several measures to prevent the cybercrime attack. Cyber terrorism is the fast-growing threats prevailing and it is not limited to individuals only rather it spreads to the public as well as private organisations. It must be ensured that proper measures are taken to curb the power of the cyber terrorisms[16]. The digital architecture must be analysed every time to find out any vulnerabilities within. They will gain significant benefits if the following questions are answered- What are the cyber terrorists are wanting to do over here? How can those unethical actions be checked? What are the productive measures they should take?
They must act reasonably and must assume the potential threats that have been informed. The digital architecture tools that are used today are the strong password, firewalls, key encryption[17]. IP Sec, intrusion detection system and the Secure Socket Layer are some of the measures that can be taken[18]. The United Kingdom’s government must take appropriate actions towards the Ministry of Defence, Government Communications Headquarters and Military Intelligence Section[19]. GCHQ is under National Cyber Security Centre, and it is primarily established in the year 2017. NATO is also taking tough decisions to handle all the cyber attacks against the cyber terrorism three months before GCHQ. There is another organisation called Centre for the Protection of National Infrastructure is also working to mitigate the cyber terrorism[20]. They intend to enhance their network against the cyberattacks. According to United Kingdom’s Cyber Security Strategy, the government decides to take measures against the cybersecurity attacks[21].
Vulnerabilities in the software show that there are several security flaws in the technology field and the cyber terrorists are making use of this vulnerability and exploiting the network. The Internet of Things devices is being exploited by the cyberterrorists[22]. Recently the MIT Slogan Management publish a essay which states that the companies are not concerned about the security of the devices[23]. The cyberterrorists can take the advantage, can exploit the IoT devices and can make those devices vulnerable to use. They can take away the sensitive information of the employees. They can take away the financial details as well.
Thus precautions should be taken to prevent the cyber-terrorist works. The organisations must take necessary steps; they must analyse the risks of the cyber terrorism and must take necessary steps and actions[24]. The terrorists do not follow the legislation, and they do not bother about the identification or the consequences of the attack. They can juts create harm to the community and the community holders[25]. The organisations must focus on developing new intrusion systems to reduce the attack of the of the cyber terrorism[26]. The intrusion system must be capable of detecting any cyber-related threat, and the threat must be mitigated as early as possible. They must ensure that such kind of attack does not harm others in future. The responses to the cyberattack can be enhanced by focusing more on preserving data while conducting the attack[27]. The private companies, the government organisations, can safeguard their data with the aid of the cybersecurity norms can be able to mitigate the cyber security threats. They must have installed updated version of the system, they must have the updated database installed at their premises.
Conclusions
Thus it can be conclude that cyber terrorism is a serious concern and must be taken into consideration. The cyber terrorism must be mitigated so that everyone can use the technology ethically and efficiently. The terrorists and their attack can be recognised until they attack. They hide within the society unless and until they trigger an attack. Every terrorist have their specific motivation and they can harm both physically and digitally. From the incidents of cyberattack it can be learnt that by applying suitable methods the terrorist attack can be traced and this is important for jurisdictions. This government agency must take the necessary actions like tightening of cybercrime laws, surveillance and developing technologies to detect intrusions to systems. The cyber terrorism is one of the major concerns of for the government as well. The security details of a particular country can be threatened. The trace of the terrorists must be detected as it will ensure safety for the mankind and the society. The government can take several measures to implement the security features. The safety measures must be taken to root out the risk of cyber security attack. The cyber attackers are not concerned about the attack but the victims will have to suffer the consequences. The government will face heavy losses, their reputation will be at stake, the country or state’s security can be compromised. Thus a safe barrier must be constructed to identify the harmful attack of the terrorists and to take necessary actions against the cyber terrorists. There are several techniques which can be applied to safeguard the system and the data from the cyber terrorists. Passwords can be used as it is the most convenient method to detect the intrusions. The organisations must constantly work on mitigating the attack or the risk caused by cyber terrorists. The private organisations and the government organisations do not keep backup of the data and file; they should keep backup of the sensitive data and the files. The enterprises as well as the government organisations with the aid of data mining and the machine learning can be able to analyse the potential risks. They must adopt some new technology that will help them to mitigate the risks related to the cyber attacks. Both the private organisations and the government organisations must be provided training so that they can use the technology. The systems that are planned to develop to mitigate the threats and the risks must be capable enough to limit the vulnerabilities.
References
Akatyev, Nikolay, and Joshua James. “United Nations Digital Blue Helmets as a Starting Point for Cyber Peacekeeping.” In ECCWS 2017 16th European Conference on Cyber Warfare and Security, p. 8. Academic Conferences and publishing limited, 2017.
Al Mazari, Ali, Ahmed H. Anjariny, Shakeel A. Habib, and Emmanuel Nyakwende. “Cyber terrorism taxonomies: Definition, targets, patterns, risk factors, and mitigation strategies.” International Journal of Cyber Warfare and Terrorism (IJCWT) 6, no. 1 (2016): 1-12.
Army, U. S. “Cyberterrorism After Stuxnet-Terrorist Cyberattacks, Distributed Denial of Service (DDoS), Motives, Critical US Infrastructure Vulnerabilities, al-Qaeda Computer Capability, PC Attacks.” (2017).
Awan, Imran. “Debating the Term Cyber-terrorism: issues and problems.” Internet Journal of Criminology. ISSN 2045, no. 6743 (2014): 1-14.
Awan, Jawad, and Shahzad Memon. “Threats of cyber security and challenges for Pakistan.” In International Conference on Cyber Warfare and Security, p. 425. Academic Conferences International Limited, 2016.
Bendersky, Corinne, and Catherine H. Tinsley. “Finding Cyber Terrorists: The Influence of Status on Inter-agency Counter Terrorism Taskforces.” (2015).
Brill, Alan. “The Use of Internet Technology by Cyber Terrorists & Cyber Criminals: The 2014 Essay.” (2015): 1-14.
Chaturvedi, Manmohan, Aynur Unal, Preeti Aggarwal, Shilpa Bahl, and Sapna Malik. “International cooperation in cyber space to combat cyber crime and terrorism.” In Norbert Wiener in the 21st Century (21CW), 2014 IEEE Conference on, pp. 1-4. IEEE, 2014.
Dawson, Maurice, Marwan Omar, and Jonathan Abramson. “Understanding the methods behind cyber terrorism.” In Encyclopedia of Information Science and Technology, Third Edition, pp. 1539-1549. IGI Global, 2015.
Dhaliwal, Sukhmani. “The Future of Cyber Terrorism: Where the Physical and Virtual Worlds Converge.” International Journal of Scientific Research and Management 4, no. 9 (2016).
Droogan, Julian, and Lise Waldek. “Where are All the Cyber Terrorists? From Waiting for Cyber Attack to Understanding Audiences.” In Cybersecurity and Cyberforensics Conference (CCC), 2016, pp. 100-106. IEEE, 2016.
Georgescu, Constantin, and Monica Tudor. “Cyber Terrorism Threats to Critical Infrastructures NATO’S Role in Cyber Defense.” Knowledge Horizons. Economics 7, no. 2 (2015): 115.
Gordon, Theodore J., Elizabeth Florescu, and Jerome C. Glenn, eds. Identification of Potential Terrorists and Adversary Planning: Emerging Technologies and New Counter-terror Strategies. Vol. 132. IOS Press, 2017.
Griffiths, Jordan Luke. “Cyber security as an emerging challenge to South African national security.” PhD diss., University of Pretoria, 2017.
Gross, Michael L., Daphna Canetti, and Dana R. Vashdi. “The psychological effects of cyber terrorism.” Bulletin of the Atomic Scientists 72, no. 5 (2016): 284-291.
Lam, Anthony, José Fernandez, and Richard Frank. “Cyberterrorists Bringing Down Airplanes: Will it Happen Soon?.” In ICMLG 2017 5th International Conference on Management Leadership and Governance, p. 210. Academic Conferences and publishing limited, 2017.
Lee, Jaehee, Jinhyeok Jeon, Changyeob Lee, Junbeom Lee, and Jaebin Cho. “An implementation of log visualization system combined SCADA Honeypot.” (2016).
Parekh, Vrunda Chaintanya Rana1 Kanchi Saurabh, and VarshaGirish Tank. “Cyber-Crime Effects and Issues on Company and its Stock Market Prices.” (2017).
Paul, Shuva, Md Sajed Rabbani, Ripon Kumar Kundu, and Sikdar Mohammad Raihan Zaman. “A review of smart technology (Smart Grid) and its features.” In Non Conventional Energy (ICONCE), 2014 1st International Conference on, pp. 200-203. IEEE, 2014.
Perlin, Jonathan B. “Health information technology interoperability and use for better care and evidence.” Jama316, no. 16 (2016): 1667-1668.
Salleh, Nurhashikin Mohd, Siti Rahayu Selamat, Robiah Yusof, and Shahrin Sahib. “Discovering Cyber Terrorism Using Trace Pattern.” IJ Network Security 18, no. 6 (2016): 1034-1040.
Selamat, Siti Rahayu, Nurhashikin Mohd Salleh, Robiah Yusof, and Shahrin Sahib. “Constructing cyber terrorism trace pattern for forensic investigation process.” In Proceedings of the 14th International Conference on Applied Computer and Applied Computational Science, Recent Advances in Computer Science, pp. 240-245. 2015.
Sharma, Aakashdeep, and Narinder Singh. “Cyber terrorism and cyber laws: The challenge for governments.” IAHRW International Journal of Social Sciences Review 2, no. 3 (2015).
Singh, Biny Pal, and Ankit Verma. “Cyber Terrorism-An International Phenomena and An Eminent Threat.” IITM Journal of Management and IT 6, no. 1 (2015): 164-168.
Spence, Shannon, J. Alan Roberson, and Kevin M. Morley. “A Simple Action Plan for Utilities to Secure Their Process Control Systems.” Journal?American Water Works Association106, no. 2 (2014): 23-25.
Stockton, Paul N., and Michele Golabek-Goldman. “Prosecuting Cyberterrorists: Applying Traditional Jurisdictional Frameworks to a Modern Threat.” Stan. L. & Pol’y Rev. 25 (2014): 211.
Yunos, Zahri, Nurul Mohd, Aswami Ariffin, and Rabiah Ahmad. “Understanding Cyber Terrorism From Motivational Perspectives: A Qualitative Data Analysis.” In European Conference on Cyber Warfare and Security, pp. 550-557. Academic Conferences International Limited, 2017.
Zeri, Norshahida Noor, and Noor Nirwandy Mat Noordin. “Framing Cyberterrorism: A Content Analysis of The New York Times.” Journal of Media and Information Warfare Vol 9 (2017): 177-198
Bendersky, Corinne, and Catherine H. Tinsley. “Finding Cyber Terrorists: The Influence of Status on Inter-agency Counter Terrorism Taskforces.” (2015).
Gross, Michael L., Daphna Canetti, and Dana R. Vashdi. “The psychological effects of cyber terrorism.” Bulletin of the Atomic Scientists 72, no. 5 (2016): 284-291
Salleh, Nurhashikin Mohd, Siti Rahayu Selamat, Robiah Yusof, and Shahrin Sahib. “Discovering Cyber Terrorism Using Trace Pattern.” IJ Network Security 18, no. 6 (2016): 1034-1040.
Brill, Alan. “The Use of Internet Technology by Cyber Terrorists & Cyber Criminals: The 2014 Essay.” (2015): 1-14.
Droogan, Julian, and Lise Waldek. “Where are All the Cyber Terrorists? From Waiting for Cyber Attack to Understanding Audiences.” In Cybersecurity and Cyberforensics Conference (CCC), 2016, pp. 100-106. IEEE, 2016
Sharma, Aakashdeep, and Narinder Singh. “Cyber terrorism and cyber laws: The challenge for governments.” IAHRW International Journal of Social Sciences Review 2, no. 3 (2015).
Gordon, Theodore J., Elizabeth Florescu, and Jerome C. Glenn, eds. Identification of Potential Terrorists and Adversary Planning: Emerging Technologies and New Counter-terror Strategies. Vol. 132. IOS Press, 2017
Dhaliwal, Sukhmani. “The Future of Cyber Terrorism: Where the Physical and Virtual Worlds Converge.” International Journal of Scientific Research and Management 4, no. 9 (2016).
Griffiths, Jordan Luke. “Cyber security as an emerging challenge to South African national security.” PhD diss., University of Pretoria, 2017.
Zeri, Norshahida Noor, and Noor Nirwandy Mat Noordin. “Framing Cyberterrorism: A Content Analysis of The New York Times.” Journal of Media and Information Warfare Vol 9 (2017): 177-198.
Perlin, Jonathan B. “Health information technology interoperability and use for better care and evidence.” Jama316, no. 16 (2016): 1667-1668.
Army, U. S. “Cyberterrorism After Stuxnet-Terrorist Cyberattacks, Distributed Denial of Service (DDoS), Motives, Critical US Infrastructure Vulnerabilities, al-Qaeda Computer Capability, PC Attacks.” (2017)
Lee, Jaehee, Jinhyeok Jeon, Changyeob Lee, Junbeom Lee, and Jaebin Cho. “An implementation of log visualization system combined SCADA Honeypot.” (2016).
Akatyev, Nikolay, and Joshua James. “United Nations Digital Blue Helmets as a Starting Point for Cyber Peacekeeping.” In ECCWS 2017 16th European Conference on Cyber Warfare and Security, p. 8. Academic Conferences and publishing limited, 2017.
Awan, Imran. “Debating the Term Cyber-terrorism: issues and problems.” Internet Journal of Criminology. ISSN 2045, no. 6743 (2014): 1-14.
Selamat, Siti Rahayu, Nurhashikin Mohd Salleh, Robiah Yusof, and Shahrin Sahib. “Constructing cyber terrorism trace pattern for forensic investigation process.” In Proceedings of the 14th International Conference on Applied Computer and Applied Computational Science, Recent Advances in Computer Science, pp. 240-245. 2015
Singh, Biny Pal, and Ankit Verma. “Cyber Terrorism-An International Phenomena and An Eminent Threat.” IITM Journal of Management and IT 6, no. 1 (2015): 164-168.
Chaturvedi, Manmohan, Aynur Unal, Preeti Aggarwal, Shilpa Bahl, and Sapna Malik. “International cooperation in cyber space to combat cyber crime and terrorism.” In Norbert Wiener in the 21st Century (21CW), 2014 IEEE Conference on, pp. 1-4. IEEE, 2014.
Paul, Shuva, Md Sajed Rabbani, Ripon Kumar Kundu, and Sikdar Mohammad Raihan Zaman. “A review of smart technology (Smart Grid) and its features.” In Non Conventional Energy (ICONCE), 2014 1st International Conference on, pp. 200-203. IEEE, 2014.
Dawson, Maurice, Marwan Omar, and Jonathan Abramson. “Understanding the methods behind cyber terrorism.” In Encyclopedia of Information Science and Technology, Third Edition, pp. 1539-1549. IGI Global, 2015.
Spence, Shannon, J. Alan Roberson, and Kevin M. Morley. “A Simple Action Plan for Utilities to Secure Their Process Control Systems.” Journal?American Water Works Association106, no. 2 (2014): 23-25.
Awan, Jawad, and Shahzad Memon. “Threats of cyber security and challenges for Pakistan.” In International Conference on Cyber Warfare and Security, p. 425. Academic Conferences International Limited, 2016.
Georgescu, Constantin, and Monica Tudor. “Cyber Terrorism Threats to Critical Infrastructures NATO’S Role in Cyber Defense.” Knowledge Horizons. Economics 7, no. 2 (2015): 115.
Lam, Anthony, José Fernandez, and Richard Frank. “Cyberterrorists Bringing Down Airplanes: Will it Happen Soon?.” In ICMLG 2017 5th International Conference on Management Leadership and Governance, p. 210. Academic Conferences and publishing limited, 2017
Al Mazari, Ali, Ahmed H. Anjariny, Shakeel A. Habib, and Emmanuel Nyakwende. “Cyber terrorism taxonomies: Definition, targets, patterns, risk factors, and mitigation strategies.” International Journal of Cyber Warfare and Terrorism (IJCWT) 6, no. 1 (2016): 1-12.
Yunos, Zahri, Nurul Mohd, Aswami Ariffin, and Rabiah Ahmad. “Understanding Cyber Terrorism From Motivational Perspectives: A Qualitative Data Analysis.” In European Conference on Cyber Warfare and Security, pp. 550-557. Academic Conferences International Limited, 2017.
Stockton, Paul N., and Michele Golabek-Goldman. “Prosecuting Cyberterrorists: Applying Traditional Jurisdictional Frameworks to a Modern Threat.” Stan. L. & Pol’y Rev. 25 (2014): 211.