Unsplash/Shahadat Rahman

Terrorism: The Cyberspace Battleground

Yesterday’s hackers have become today’s cyber criminals, & tomorrow could be cyber terrorists. Technology marches on, providing new opportunities both for human progress and for those fixated on destroying Western civilization and the infidel economy.

The information age and the increasing capabilities of computer networks have led to technological breakthroughs never before possible – including some that have been exploited not only by everyday criminals, but also by terrorists. The dimensions of what is now a huge and growing problem – for homeland-security and law-enforcement agencies both – were spelled out, in fact, in a 2006 Federal Bureau of Investigation cybercrime study which noted that 90 percent of U.S. businesses were affected by cybercrime last year in one way or another, and the overall economic cost to the United States is now close to $70 billion annually.

The inherently transnational nature of the Internet makes it an ideal vehicle for those, including criminals, who seek to maximize profits with an acceptable degree of risk.  The conventional view of the lonely teenager or computer programmer as the source of malicious code such as the MiMail virus is often incorrect.  In today’s climate, the hackers associated with major cyber crimes are often working with cyber syndicates, including many in Eastern Europe. Some of the most successful of these crews have been traced to Russia, Romania, Ukraine, Estonia, Latvia, and Lithuania.

The key personnel in these syndicates are professional hackers, available for hire. Eastern Europe boasts a plethora of people who possess advanced computer skills but do not have legal opportunities to use those skills to make a living.  The alternative for them has been cyber crime. Many if not all of the early virus writers used to write code for the art of it, and/or to impress their peers. But they eventually realized they could make a lucrative living from their highly specialized capabilities.

Anonymity and Invisibility

There are several other factors that seem to have made Eastern Europe a major center of hacker activity. Governments are sometimes unstable, and there is a high unemployment rate – but the workforce is highly educated, there is widespread criminal activity of other types, and a thriving underground economy.  Unlike a Mafia group that keeps criminality within an extended family, Eastern European groups tend to act more like trusted merchants on a silk road. Moreover, in the post-Cold War era, individual citizens usually are not tracked by any central authority.

In addition, the ability to maintain anonymity online is taken for granted, and permits hackers to work closely with other hackers, possessing similar skills, whom they have never met. The hackers and/or hacker teams can launch attacks from computers thousands of miles away from their victims, and can use a long chain of several compromised computers to hide their tracks.

Today’s Internet criminals have extended the turf of what law-enforcement agencies have traditionally called the Mafia. They have adapted their goals and methods of operation to new types of crime, shifting from the numbers and narcotics rackets of the mid-20th century to Internetentity theft and denial-of-service (DOS) attacks.  

Smarter and Better Organized

The current and future generations of would-be criminals are and will be computer-literate, and can be expected to use their high-tech computer skills both extensively and successfully. All evidence suggests that there are not only more and more cyber criminals now than ever before, but also that the worst of these criminals, the cyber terrorists, are becoming much better organized and more coldly methodical in their modes of operation.

This is a major change, with ominous implications for all nations of the Free World. When the first federal cybercrime laws were enacted in the early 1980s, U.S. law-enforcement and intelligence agencies found that the majority of their cases involved hackers who were breaking into computers mostly to claim “bragging rights” – i.e., to impress other hackers.  Many developing countries are quick to embrace technologies, such as wireless, because of the potential benefits they offer. These technologies frequently are adopted without proper consideration to, or understanding of, the inherent risks.  Or countries adopt inherently risky technologies, relying on single silver-bullet solutions such as firewalls or encryption to mitigate all risks rather than adopting a multi-layered approach that secures each component of the technologies in play.

Moreover, because of limited public access to information technology, a number of developing countries provide online services to deliver personal information and services through public kiosks, Internet cafes, or other public spaces where several persons use the same computer. Consumers use these computers without realizing that they may be bargaining away not only their privacy, but also the confidentiality and integrity of their personal information, in return for convenient access, speed, and reduced cost.  

Built-In Institutional Handicaps

A major problem is the lack of public awareness of the dangers inherent in the digital environment.  Many developing countries either do not have, or do not properly use, the educational materials required to properly train citizens about the complexities of inherent risks and mitigation techniques.  As a result, users do not take the steps needed to mitigate threats in the online environment so that commerce can continue with minimal risk.  

Simultaneously, a senior-level lack of awareness is proving to be a key limitation for e-security managers and other professionals. Without proper education, system administrators and law-enforcement personnel in emerging countries can face a critical handicap in their ongoing security efforts. This serves to weaken their technological infrastructures, making them vulnerable to cyber attacks.

Many developing countries lack the institutional structure to implement, monitor, and enforce proper e-security measures. Laws, specifically including those involving cyber crime and/or e-commerce, must be revised to create better incentives for proper e-security.  Furthermore, even if the laws and regulations are adequate, a deficiency in enforcement capabilities can greatly hinder their effectiveness.  

Today it can be taken for granted that what affects networks in Romania eventually will affect networks in other countries – including the United States. As is the case with organized crime, terrorists are becoming more sophisticated in their ability, and willingness, to use hackers in their war against the West.  Better educated than their forebears, but motivated by the same hatred of Western culture, the new generation of terrorists can move quickly and virtually through cyberspace to strike at the very heart of the Western economic infrastructure.  

Another major concern for homeland-security professionals, and for political decision makers, is that criminal and terrorist operations may converge as the terrorist motivation shifts from destroying the infidel economy to controlling it.  The capitalist market thus would become the funding mechanism to support traditional terrorist tactics.  As a result, organized crime, terrorists, and the state sponsors of terrorism may well be able to operate in the same environment, ultimately negotiating for control of and access to financial information and the funding it provides for their respective activities.

A Harbinger of Future Nightmares

An ominous harbinger of greater dangers ahead is that the Internet already is being used to gather information on potential targets.  The website operated by what U.S. intelligence agencies call the “Muslim Hackers Club” reportedly featured links to U.S. sites that disclose sensitive information such as code names and the radio frequencies used by the U.S. Secret Service.  The same website offered tutorials in hacking.

The Internet is a true force mobilizer and force multiplier for non-state actors.  Ronald Dick, former director of the FBI’s National Infrastructure Protection Center, said that he considered the theft of or manipulation of data by terrorist groups to be his worst nightmare, and was particularly concerned by the possibility that cyber attacks might be merged with physical attacks on infrastructure targets such as the power grid.  As a result of the increasing U.S. dependency on cyberspace, consumers can no longer detach themselves from the electronic crimes that are committed overseas.  Law-enforcement agencies must cooperate across national borders in order to slow the tide of cyber crime.  The Internet has become the vehicle of choice to coordinate crimes and launch attacks against Western societies.

For international law-enforcement agencies to counter what might otherwise be a cybercrime epidemic, several important steps must be taken, among them the following. First, all nations must ratify the Council of Europe Convention on Cybercrime. In November 2001 the Council of Europe approved a treaty to foster cooperation between sovereign states and the private sector in combating cybercrime and to protect legitimate interests in the use and development of information technologies. One of the principal tenets of the treaty was that to effectively combat cybercrime would require increased, rapid, and well-functioning international cooperation in criminal matters. The United States has yet to ratify the treaty.

Second, international institutions must work together in creating a “culture of security” by allocating grants for cyber forensics training for the law-enforcement agencies of developing countries. Lastly, the Internet Service providers of the world should maintain their log files for a minimum of one year so that trails remain for global investigations.

If the recently revealed U.S. Veterans Administration data breach symbolizes anything, it is that personal information has become an increasingly lucrative commodity. Cybercrime is in that context not really new, but merely a much more effective vehicle that can be used by organized criminals to carry out their illegal activities. A respect for their level of sophistication and tactics needs to be earned if the world is to slow this virtual scourge.  

Thomas Kellerman

Thomas Kellerman is a Cyber Security Analyst and serves as a member of the Financial Action Taskforce Against Child Pornography, The Anti-Phishing Working Group and is an active member of the American Bar Association’s working group on Cyber-crime. He is a Certified Information Security Manager (CISM). He formerly held the position of Senior Data Risk Management Specialist on the World Bank Treasury Security Team, and was responsible for Cyber-intelligence and policy management within the World Bank Treasury.



No tags to display


Translate »