This preview shows page 1. Sign up to view the full content.
Unformatted text preview: SRA 211
Lecture 2 Information Warfare Cyber Terrorism Historical Context of Terrorism Terrorist Objectives Causes Manifestations CounterMeasures 1995 pre-historic Sky Dayton, founder of the Earthlink Network has described 1995 as "prehistoric" in networking terms the need for network security became obvious. New threats in Information age The advancement of computer tech and networking rapidly expanded communications and information markets, but this progress comes with costs, both social and economic. The same technology that provides useful services has also been perverted for criminal and terrorist purposed. The Internet is essence, a lawless frontier where bullies, criminals, and terrorists can roam freely with reckless abandon. Computers and networks advanced so quickly, and without adequate regulation and monitoring, that the law of the jungle prevailed. Lawmakers and police officials are still catching up. New threats in Information age Examples? Computers are used to perform traditional criminal acts? New categories of crimes? What is your most feared online crime? The opportunities to commit computer crimes and the technical competence of the criminals have expanded faster than we can control them. Information security A new industry emerged with many publications and products at various aspects of computer security. Can you name some? However, behavioral approaches and descriptions of problems and trends are virtually nonexistent, such as hacker's motivations and behaviors. The computer security industry has grown rapidly without fully understanding the nature of cyber crimes and criminals. Cyber crime, per se, was largely ignored by policy makers and the research community. Warfare Since the beginning of history, warfare has evolved parallel to the development of tools, weapons and technology. In the last century, warfare developed from handtohand and small weapons combat to sophisticated air combat, and now to the electronic "smart" bombs. Buzzwords Information warfare Cyberterrorism Cyberterrorism is a component of information warfare, but information warfare is not necessarily cyberterrorism. Information warfare
Information warfare is the gathering or use of information to gain an advantage over another party. "Those actions intended to protect, exploit, corrupt, deny or destroy information or information resources in order to achieve a significant advantages, objective or victory over an adversary." (John Alger, National Defense University) Information warfare Six components: Psychological operations (psyops) Electronic warfare Military deception Physical destruction Security measures Information attacks Information warfare Psychological operations: use information to affect the state of mind of the adversary, including propaganda. The Internet is a perfect tool for this. Electronic warfare: the denial of information or accurate information to an adversary. Military deception: an ageold attack that generally misleads an adversary about military capabilities or intentions. It can be carried out by more traditional media. Information warfare Physical information warfare: involves a physical attack on an information system. Security measures: the methods of protecting an information system so that an adversary cannot breach it. Information attack: the direct corruption of information without actually changing the physical structure in which it is located. Information warfare Therefore, Information warfare is not limited to those things that can be done with computers. Information warfare is the exploitation or strategic protection of a number of things: telephones, radio signals, radar anything that can be manipulated in order to control or influence the actions of a decision maker. Examples? Implanting a virus into a military computer Blowing up a cell phone tower Little agreement among govt or academic analysts Terrorism Definitions Synonyms: violence, intimidation, unconventional warfare Policy intended to strike with terror those against whom it is adopted; policy & methods of intimidation; terrorising or being terrorised [Oxford] Unlawful use or threatened use of force or violence by a person or an organized group against people or property intending to intimidate or coerce societies or govts, often for ideological, religious or political reasons [Am.Heritage] Terrorism Definitions Examples: "Dropping ATM networks" "shutting down email" "If I can't get to my email for a few days, I am not terrorized". These would be considered more of an act of information warfare. French Revolution Historical Context 19th Century from Fr word "terrorisme" from Latin v. terrere to cause to tremble 1795 Jacobin's "Reign of Terror" 20th Century KKK Anarchists in Czarist Russia Irish Nationalism separation from UK Many others, apologies for omissions! Anxietyinspiring method of repeated violent action By clandestine individual, group or state actors Idiosyncratic, criminal or political reasons Direct targets of violence are not the main targets Immediate victims chosen randomly (targets of opportunity) or selectively (representative or symbolic targets) from target population Serve as message generators Threat and violencebased communication processes to manipulate the main target (audiences) A.P.Schmid, 1988 shorter def peacetime war crime UN's Terrorism Definition USA Patriot Def 802 "Domestic Terrorism" activities that (A) involve acts dangerous to human life that are a violation of the criminal laws of the U.S. or of any state, that (B) appear to be intended (i) to intimidate or coerce a civilian population, (ii) to influence the policy of a government by intimidation or coercion, or (iii) to affect the conduct of a government by mass destruction, assassination, or kidnapping, and (C) occur primarily within the territorial jurisdiction of the U.S. Codified at 18 U.S.C. 2331(4) Terrorism Controversies Generally against nonmilitary targets "Terrorist" Tag Inherently controversial: Violence to achieve political ends is common, legitimacy often determined by the winners contemporary terrorist label is highly pejorative, denotes illegitimacy & immorality Video Terrorism: Ron Paul vs. Giuliani @ SC Debate Ron Paul explains the damage that an interventionist policy can have when it comes to violent blowback. Giuliani throws a fit. http://youtube.com/watch?v=AD7dnFDdwu0 Terrorist Methods Hijacking Vehicles Assassination (s)deliberate killing of strategically important person, political figure for ideological or political agenda Car Bombing Suicide Attack Kidnapping Combination Terrorism Methods Agroterrorism malicious pathogen use to cause devastating disease Bioterrorism biological agent release: bacteria, virus, toxin Cyberterrorism target's computers & IT (Internet) used to cause physical harm or severe disruption Ecoterrorism violence, sabotage, vandalism, property damage, intimidation for environmentalist purposes Infrastructure attacks Information attacks Technological facilitation Promotion Four categories of cyber terrorism/information warfare Cyber Infrastructure role in Industrial Control Systems Infrastructure is the "linchpin" Originally & literally: strong central part; a pin inserted through an axletree to hold a wheel on Used metaphorically & more broadly as central cohesive source of support & stability Critical Infrastructure's Role in Terrorism Supervisory Control and Data Acquisition Systems (SCADA) Distributed Control Systems (DCS) Software toolkits to build industrial systems Process control systems composed of s/w & h/w controlling singlefacility operations Control single machine or related groups on automated production line But also others: transport, communications, dams Cyber-Infrastructure as Critical Infrastructure
Programmable Logic Controllers (PLC) Manufacturing What is CyberVulnerability of these systems? Are standard or centrally controlled systems vulnerable? Digital Terrorism International Relationships: Energy Dependence National Dependence on Information Infrastructure US more infrastructure reliant Centrality of Cyber-Infrastructure to Critical Infrastructures Define CyberInfrastructure Role in all Other Infrastructures, Banking & Financial Electric Power Transportation Communications Energy Cyber-Infrastructure Vulnerabilities Cyberspace Facilitates Terrorism/Crime Cyber Terrorism as Adjunct US Military's Deep Dependence on IT IT as means, Concealing terrorist data, crypto doubleedge, Propaganda, Recruitment Information attacks Information attacks focused on demolishing or altering the content of electronic files or computer systems. Website defacement Cyber plagues: viruses, worms Distributed denial of service Unauthorized intrusions Website disruption, unauthorized attacks Technological facilitation The use of cyber communication to distribute and coordinate plans for a terrorist attack Facilitation of attack Data hiding Cryptography Propaganda and Promotion Recruitment and mobilization Chat rooms and cyber cafes Next class Topic: Critical Infrastructure Protection Reading: What makes an infrastructure critical? Reading & Discussion P. 22, Alvin Toffler, The Third Wave. What are the three waves? How are these waves connected to warfare? ...
View Full Document
- Spring '08