3. Outline
Definitions - vandalism, crime, terrorism
and war
The insecurity of the Internet and how to
fix it
The proportionality of state responses to
terrorist Internet use
4. Cyber graffiti
Tipping Point report
found that in 8 years to
2007, >100k domains
defaced
Sometimes politically
motivated - c.f. UN site
12/8/07:
“HACKED BY KEREM125 M0STED AND
GSY
THAT IS CYBERPROTEST
HEY ]SRAIL AND USA
DONT KILL CHILDREN AND OTHER
PEOPLE
PEACE FOR EVER
NO WAR”
5. Cyber fraud
Phishing (Symantec found 166,248
unique messages 2H 2006)
Denial of Service extortion (Symantec
found 6m bots 2H 2006)
The organised criminal economy (custom
virus writers, bot herders, mules, dupes);
identities for sale $14-$18
6. Digital Pearl Harbour
Exercise conducted by US Naval War
College & Gartner July 2002
3-day simulated attack on CNI with
attackers given $200m, 5 years planning,
access to state-level intelligence
Local, temporary attacks could be
successful; sustained, national attacks
would not
7. Cyber terror
“Terrorists get better returns from much simpler
methods such as car bombs. Cyberterror is too
low key: not enough dead bodies result, and
attacks are too complex to plan and execute.”
(Bird 2006)
Reality is use for communications, research
(CBNR info poor - Stenersen 2007),
propaganda, recruitment and belonging (Labi
2006 and Shahar 2007), tactical intel (US Army
2005)
8. Cyber war
Disabling Critical National Infrastructure
(Estonia, May 2007)
For political/military/economic espionage
(China, widely publicised 2007)
9. Estonia May 2007
Attacks on Estonian finance, media and govt
websites by Russian-linked groups.
“Complexity and coordination was new… series
of attacks with careful timing using different
techniques and specific targets” (NATO)
Arbor Networks monitored 128 distinct attacks,
with 10 lasting over 10 hours and reaching
90Mbps
10. China TITAN RAIN
Incursions into DoD, German chancellory, Whitehall,
NASA, Lockheed Martin…
“Chinese attackers are using custom Trojan horse
software targeted at specific government offices, and it
is just walking through standard defences. Many
government offices don’t even know yet that they are
leaking information. 99% of cases are probably still not
known.” (NATO)
“Intrusion detection systems react to obvious signatures
such as lots of traffic from one IP address – so onion
routing and botnets are used to disguise the origin of
intrusions.” (Sommer)
11. Fixing Internet insecurity
Incentives are key: for more secure
software, networks and banks (House of
Lords, 2007)
CNI must be very firmly separated from
public Internet
Limits to use of COTS software?
13. References
Juliette Bird (2006) Terrorist Use of the Internet, The Second International
Scientific Conference on Security and Countering Terrorism Issues, Moscow State
University Institute for Information Security Issues, October 2006.
Nadya Labi (2006) Jihad 2.0, Atlantic Monthly pp.102—107, July/August 2006.
Chief Judge Stein Schjolberg (2007) Terrorism in Cyberspace - Myth or reality?
June 2007. Available at http://www.cybercrimelaw.net/1-2007.html
Yael Shahar (2007) The Internet as a Tool for Counter-Terrorism, Patrolling and
Controlling Cyberspace, Garmisch-Partenkirchen, April 2007.
Anne Stenersen (2007) Chem-bio cyber-class – Assessing jihadist chemical and
biological weapons, Jane’s Intelligence Review, 1 September 2007.
US Army (2005) Army Regulation 530–1, Operations Security (OPSEC), 19 April
2007.