Prevention and Control of Cyber Terrorism
Terrorism is continually changing. While at the surface, it remains “the calculated use of unlawful violence or threat of unlawful violence to inculcate fear.” In wake of the recent computer attacks, new breed of terrorism is on the rise and our country must defend itself with all possible means.
Cyber Terrorism may be defined as “the premeditated use of disruptive activities, or threat thereof, in cyber space, with the intention to further social, ideological, religious, political or similar objectives, or to intimidate any person in furtherance to such objectives.”
Evolution of Cyber Terrorism
Cyber Terrorism can be traced back to June 1944’s attack on the communication system and logistic support of Germany. Thereafter, USA Defense Department started Internet and Computer Networks and evolved ICANN (Internet Corporation for Assigned Names and Numbers) system to regulate cyberspace. In 1988, Osama Bin Laden established “Al-Qaeda” based on “Jihad” and the same year, West German hackers accessed Department of Defense Systems of the USA. Thereafter “Gulf War” was the first information war or I-war. By 1995, Internet became popular through World Wide Web in India and before that LTTE groups’ (militant group that fought for a separate Tamil state between 1976 and 2009) activities were dependent on websites and internet.
Modes of Cyber Terrorism
- Attack on National Security: National security depends on confidentiality and secret information. When terrorists attack them, they delete or modify this information or purport to do the same.
- Cyber Terrorism is the Forerunner of Warfare: When one nation causes terrorist violence against other nation by using new technology, it is called net war or warfare.
- International Cyber Terrorist Attack: When international terrorist groups communicate with each other through Internet to attack any nation then it may fall under an Internationally planned cyber terrorist attack.
- Network to Send Terror Message: The cyber criminals have started using technology to develop their own website to send terror messages and to communicate within or between groups.
- Digital Signature System: Terrorists use e-mail, SMS, encryption programs and digital signature system to communicate securely and confidentially.
- Flowing Worm: Flowing “Worms”, Viruses, Trojan Horses to collapse government and people interest sites, network and computer is also one mode of cyber terrorism.
- Cyber Theft: Includes downloading illegal music files, stealing millions of dollars from online bank accounts.
Case Study: Cyber Terrorism against Indian Parliament:
In year 2001, Indian Parliament was attacked with the help of information technology. Accused forged an official gate pass with the logo of Ministry of Home Affairs and other information along with the layout of Indian Parliament. Police found out a laptop from main accused Md. Afzal and S. Hussein Guru and also found out that they did it through a Pakistani Internet Service Provider. They controlled the identity and E-mail system of Indian Army.
On 11th September, 2001 attack on WTC can also be pictured under cyber terrorism. Terrorist’s unauthorized access over the network of one airline and hijacking two airlines that resulted in crashing of those airlines into WTC twin towers and Pentagon.
Indian Legal Provision
The Information Technology (Amendment) Act 2008 has made the provision for cyber terrorism under Section 66F. It provides Life Sentence, though definition is not considered comprehensive. This section is a combination of Section 66 [Compute related offences] and Section 70 [Protected System] of the Act. What separates section 66F from other sections is degree and nature of the offence.
Although there are many protective measures available for private corporations, there are several hurdles preventing corporations from implementing them. First, implementing all of the necessary protective measures is expensive for private corporations. Depending on the size of the corporation, it could cost hundreds of thousands of dollars for a consultant to determine the corporations’ vulnerabilities and install protective measures. Second, determining a corporation’s computer systems vulnerabilities, installing security software, and upgrading it is very time consuming. It takes time away from what the corporation was originally formed, and decreases profits. Third, many of the security systems and complex technological advances in cyber terrorism protective software are confusing and difficult to learn. It often takes a computer security specialist to determine what the corporation needs for security and how to install it. Finally, many private corporations do not want to report cyber terrorist incidents to the authorities. It is embarrassing for a private corporation to have its network’s security breached.