Cyberterrorism

The recent attacks on the USA are the security industry's "Call to Arms" and your SFBA Chapter of ASIS is ready to act. To assist you with becoming more aware of Cyberterrorism, I have prepared the following brief Fact Sheet of information that I gathered from various Congressional reports and related legitimate information resources. I would also like to encourage you to visit the SFBA Chapter library and review the many books on counter-terrorism that are available.

Definition -

Cyberterrorism is a premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against noncombatant targets by sub national groups or clandestine agents.

The 5 primary Types of Cyberterrorists are:

  1. Religious
  2. New Age
    Single issue factions like PETA (People for the Ethical Treatment of Animals)
  3. Ethno-national Separatists
  4. Revolutionary
  5. Far-right Extremists

Common Methods of Attack:

  1. Computer viruses
  2. Flooding mailboxes with e-junk mail resulting in DoS (Denial of Service)
  3. Intentional destruction of files
  4. Password redistribution
  5. Encrypted messages hidden inside image files
  6. Coordinated attacks on a single web server
  7. "Friendly" requests for technical assistance that trick personnel into allowing "back door entry" to computer systems
  8. Covering tracks - destroying records that would reveal the true intentions or activities of the attacker
  9. Hacktivists (People who modify other people's web sites.)
  10. Interception of confidential data
  11. Physical attacks on data cables

Some Methods of Counter-Cyberterrorism

  1. Anti-virus software
    Needs to be installed on ALL computers, should never be disabled, and should always be kept up to date with the latest detection and cleaning data files.
  2. Additional protection measures for data cables
  3. Validated off-site backup files
  4. 24 hour computer system monitoring
  5. "No exceptions" policy for Technical Support personnel
    Blocks "back door entry" attempts by callers and logs/reports any suspicious attempts.
  6. File encryption
    Encryption can be used on context sensitive email, critical files, etc.
  7. "Blocking" IP addresses of known terrorist organizations
    Prevents employees from viewing or receiving information from these Internet locations.
  8. Redundant computer systems
  9. Armed Security Guards for computer and data cable protection
  10. Strengthening company policies restricting employee remote access

Additional sources of information on the Internet about Cyberterrorism

http://netsecurity.about.com/cs/cyberterrorism/
http://netsecurity.about.com/library/weekly/aa102300a.htm
http://www.cve.mitre.org/cve/downloads/full-cve.html
http://techcenter.gmu.edu/programs/curricular_initiatives/cyber_terrorism.html

 

By Steve Duell
SFBA Chapter Webmaster

Copyright by ASIS International San Francisco Bay Area Chapter.