Cyberterrorism & HACKING

Cyberterrorism

What is cyberterrorism?Terrorism that involves computers, networks, and the information they contain. Computer networks have been attacked during recent conflicts in Kosovo, Kashmir, and the Middle East, but the damage has mostly been limited to defaced Web sites or blocked Internet servers. However, with American society increasingly interconnected and ever more dependent on information technology, terrorism experts worry that cyberterrorist attacks could cause as much devastation as more familiar forms of terrorism. Is the United States vulnerable to cyberterrorism?Experts disagree about how large and immediate a threat cyberterrorism poses. In 1997, the Pentagon simulated a cyberattack and found that attackers using ordinary computers and widely available software could disrupt military communications, electrical power, and 911 networks in several American cities. Hacking tools and expertise have become only more widespread since then. Is cyberterrorism the same as hacking?While some people use the term "cyberterrorism" (which was coined in the 1980s) to refer to any major computer-based attack on the U.S. government or economy, many terrorism experts would not consider cyberattacks by glory-seeking individuals, organizations with criminal motives, or hostile governments engaging in information warfare to be cyberterrorism. Like other terrorist acts, cyberterror attacks are typically premeditated, politically motivated, perpetrated by small groups rather than governments, and designed to call attention to a cause, spread fear, or otherwise influence the public and decision-makers.Hackers break in to computer systems for many reasons, often to display their own technical prowers or demonstrate the fallibility of computer security. Some on-line activists say that activities such as defacing Web sites are disruptive but essentially nonviolent, much like civil disobedience.Terrorists try to leverage limited resources to instill fear and shape public opinion, and dramatic attacks on computer networks could provide a means to do this with only small teams and minimal funds. Moreover, "virtual" attacks over the Internet or other networks allow attackers to be far away, making borders, X-ray machines, and other physical barriers irrelevant. Cyberterrorists would not need a complicit or weak government (as al-Qaeda had in Afghanistan) to host them as they train and plot. On-line attackers can also cloak their true identities and locations, choosing to remain anonymous or pretending to be someone else.Terrorists might also try to use cyberattacks to amplify the effect of other attacks. For example, they might try to block emergency communications or cut off electricity or water in the wake of a conventional bombing or a biological, chemical, or radiation attack. Many experts say that this kind of coordinated attack might be the most effective use of cyberterrorism. What kinds of attacks are considered cyberterrorism?Cyberterrorism could involve destroying the actual machinery of the information infrastructure; remotely disrupting the information technology underlying the Internet, government computer networks, or critical civilian systems such as financial networks or mass media; or using computer networks to take over machines that control traffic lights, power plants, or dams in order to wreak havoc. How do cyberattacks work?Attacks on the physical components of the information infrastructure would resemble other conventional attacks: for example, a bomb could be used to destroy a government computer bank, key components of the Internet infrastructure, or telephone switching equipment. Another option would be an electromagnetic weapon emitting a pulse that could destroy or interrupt electronic equipment.Attacks launched in cyberspace could involve diverse methods of exploiting vulnerabilities in computer security: computer viruses, stolen passwords, insider collusion, software with secret "back doors" that intruders can penetrate undetected, and orchestrated torrents of electronic traffic that overwhelm computers - which are known as "denial of service" attacks. Attacks could also involve stealing classified files, altering the content of Web pages, disseminating false information, sabotaging operations, erasing data, or threatening to divulge confidential information or system weaknesses unless a payment or political concession is made. If terrorists managed to disrupt financial markets or media broadcasts, an attack could undermine confidence or sow panic.Attacks could also involve remotely hijacking control systems, with potentially dire consequences: breaching dams, colliding airplanes, shutting down the power grid, and so on.

Hacking

• The Love Bug virus caused damage, expected to run into billions of dollars, by invading business computers. Can you afford the loss of business, staff time, or the repair costs that such an attack could bring?
• Hackers scan thousands of computers looking for identities to steal and vulnerable systems to attack. They could break into your Website and deface it and even reroute your customers.
• As many as 90 percent of all information security breaches originate from inside the company in which they occur. Do you have a dissatisfied employee who could corrupt your customer information or disrupt your billing?

Is your information protected against...

• Computer viruses?
• Hackers?
• Software bugs?
• Technical failure?
• Disgruntled employees?
• Cyber criminals?
• Human error?

Why is information security good business?Today's customers are becoming very security conscious. In our electronic age, information is the foundation for success. Whether you're a wholesaler, manufacturer, doctor, realtor, or philanthropist You could suffer major losses in profits or credibility if your:

• financial records were lost.
• customer records were stolen.
• business strategies fell into the hands of your competitor.

What can you do?

• Install and maintain a computer anti-virus program or, if applicable, consult with your information technology supplier to find out the best method for you.
• Be prepared to do without services you normally depend on that could be disrupted - electricity, telephone, natural gas, gasoline pumps, cash registers, ATM machines, and internet transactions.
• Be prepared to respond to official instructions if a cyber attack triggers other hazards, for example, general evacuation, evacuation to shelter, or shelter-in-place, because of hazardous materials releases, nuclear power plant incident, dam or flood control system failures.