College Papers

Contents political, religious, social and ideological grounds. Cyber

 

Contents
1…………………………………………………………………………………………. INTRODUCTION… 2
2………………………………………………………………………………………… METHODOLOGY.. 2
2.1……………………………………………………………………. Suitability of the mixed method. 3
3………………………………………………………………………………… LITERATURE REVIEW… 5
3.1……………………………………………………………….. Motivation of Cyberterrorism Acts. 5
3.2…………………………………………………………….. Types of Cyber-terrorism capability. 6
3.3……………………………………………………………………………… Forms of Cyberterrorism… 6
3.4……………………………………………………………. Dissemination of Terrorist Contents. 8
3.5…………………………………………… Examples of Cyberterrorism attacks in the past 9
3.6……………………………………………………………………………… International institutions. 9
3.7…………………………………………………… THE IMPACTS OF CYBERTERRORISM… 9
4……………………………………………………………….. FINDINGS AND
OBSERVATION… 10
5……………………………………………………………………………….. RECOMMENDATIONS. 10
 

 

 

 

 

 

1                     
INTRODUCTION

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

In the present day growing dependency on the
cyber-technology, a new threat begins to emerge on the digital frontier. Our
everyday life is being integrated digitally through computers and mobile
devices. Our nation’s infrastructure and services to the public are also linked
and can be accessed through a computer, making them more vulnerable. Cyber
terrorism is defined as the use of computers and information technology for
terrorist purposes. NATO describes cyber terrorism as an attack from hackers
that target details from computer networks, while FBI depicts cyber terrorism
as an action that is arranged and connected to politics. The aim of
cyber-attacks is to incite fear by destruction and to threaten a society,
government, organization or individual. A broad explanation of cyber terrorism
is the use of IT with the purpose of causing harm to computer networks, servers
or databases on political, religious, social and ideological grounds. Cyber
terrorism is big problem and will become worse in future since everything is
been done in cyber space this days.

The purpose of this paper is to educate individuals who do not know what
cyber terrorism is, the techniques of cyber terrorism and how it affects
internet users and governments. Understanding the threat of cybercrimes is a
very pertinent issue because it holds a great impact on our society as a whole.
Cyber terrorism is growing every day because since technological advancing in
computers makes it very easy for anyone to steal without physically harming
anyone because of the lack of knowledge to the general public on how
cybercrimes are committed and how they can protect themselves against such
threats that cybercrimes poses. This
paper will discuss several aspects of cyberterrorism including: defining the
term, why cybercrimes occur, laws governing them, methods of committing
cybercrimes, who is affected and prevention procedures.

2                    
METHODOLOGY

In this study, mixed method research involves both
collecting and analyzing quantitative and qualitative data in sequential order.
The first stage in the analysis cycle is to frame a theory or hypothesis from
the literatures on cyber terrorism, which can be used as initial guidance for
data collection and data analysis. Once the theory or hypothesis has been
generated, then questionnaires are developed to get in-depth understanding on
the phenomena under investigation. Data collection is a semi structured method
by using in-depth interviews. Interviews are part of most interpretive studies
and as a key way of accessing the interpretations of informants in the field.
Since the first stage is explanatory in nature, data analyses are done by using
grounded theory approach. Qualitative research includes a variety of
methodological approaches and one example is grounded theory. As have been
mentioned earlier, the phrase grounded theory refers to a theory that is
acquired from a collection of data through literatures, interviews and
observations. In the next stage, quantitative approach is applied to
corroborate the researcher’s initial discovery. A survey with close-ended
questions format are used for data collection to determine the views and
opinions of the population that represents various groups in the society. In
this phase, the researcher’s goal is to test the theory or hypothesis, which
finding is generalized from a larger representative sampling. Statistical
analysis is performed to test the validity of the theory or hypothesis. The
numerical findings help to interpret the results, where clearer interpretations
of the statistical results are obtained.

2.1               
Suitability
of the mixed method

All the relevant methodological issues discussed in
this paper provide justification and practical approach on how the research is
conducted. The methodology explained in this paper provides the researchers
with the right direction and understanding in conducting the research by
choosing the right research design. Research design as defined by Cooper and
Schindler is a plan and structure of investigation so believed as to obtain
answers to research questions. It includes an outline on what the researcher
will do from initiation of the research to the final analysis of the data. In
this study, we suggest that a mixed method research approach is appropriate to
be applied. The driving factors in applying the mixed method as opposed to a
single method, are due to the following reasons. Firstly, the nature of the
research is exploratory and explanatory in nature, and is grounded in theory.
The goals are to discover and to develop a conceptual framework that describes
the phenomena (qualitative method); and to test or verify the conceptual
framework that describes the phenomena (quantitative method). As noted by Yauch
and Steudel, the mixed method research complements each other, which explains
the results of analyses. The qualitative research is interpretive, which allow
for the discovery of new ideas and unanticipated occurrences. Qualitative
research aims to achieve an in-depth understanding of a situation or a certain
phenomenon. Focus of the research is to understand and interpret a situation or
a certain phenomenon. On another hand, quantitative research aims to achieve
precise measurement of something such as participant’s behavior, knowledge or
opinion. Focus of the research is to describe and explain hypothesis about a
situation or a certain phenomenon. Therefore, by utilizing a mixed method
research, we believed it would bring conclusive findings on outcome of this
study. Secondly, mixed method approach helps to answer questions that cannot be
answered by qualitative or quantitative approaches alone, thus, provide breadth
and depth to the study. Researchers who conduct mixed methods research are more
likely to select methods and approaches with respect to their underlying
research questions in ways that offer the best opportunity for answering
important research questions. In this research, a survey questionnaire using
qualitative in-depth interviews is conducted as a way to tap into participants’
perspectives and insights. During analysis, the qualitative researcher uses
content analysis of written or recorded materials drawn from participants’
expressions and observations or documents review. Qualitative research study
via questionnaires interview, and supplement with close-ended survey systematically
provide breadth and depth to the research. Quantitative research looks at the
frequency or any kind of research that produces findings arrived at by means of
statistical procedures. Through this approach, it is believed that the findings
are corroborated across different approaches, thus provide greater confidence
in the conclusion. Lastly, the research framework of mixed method is chosen to
apply the concept of triangulation.

 

3                    
LITERATURE
REVIEW

Although it is known that terrorists already routinely
use the Internet for purposes such as spreading propaganda or conducting
internal communication, the threat that results from this use is heavily
debated. Especially the question whether a cyber-terrorist attack is imminent
or if it is only a purely fictitious scenario is subject to many discussions. A
most agreed definition of cyber-terrorism is the use of computer networks to
cause destruction and harm for personal objectives. We are going to delve into
what is usually considered as “real” cyberterrorism: attacks that are carried
out via the Internet and that are aimed at other IT systems, real-world
property, human lives and governments. Therefore, this analysis is based on
cybercrimes and cyberterrorism literature as well as specialized security
reports, case studies, and news reports. Only such a broad approach allows the
inclusion of occurrences of the past and also gives consideration to possible
future threats.

3.1               
Motivation
of Cyberterrorism Acts

·                    
Location independence: cyber-terrorist do not necessarily have to be
physically present on the target location of the attack, they just need to be
connected to the internet from anywhere in the world.

·                    
Speed:
attackers hardly depend on their own connection speed for attacks they launch
over the internet. Instead they can use the bandwidth and speed of third party
especially in situations where a distributed denial-of-service (DDoS) attack is
launched.

·                    
Anonymity: there
are countless ways that cyber-terrorist can carry out their attacks online
without being noticed. This involves the use of proxy servers, virtual private
network (VPN) or they can route their traffic over thousands of hacked
computers of innocent users.

·                    
Cost-Benefit Ratio: cyber
terrorist choose targets considering cost benefits of their own definitions.
Attacks that require minimal initial investments but have a larger benefit or
visibility are prioritized.

·                    
Fear: cyber
terrorist aim primarily at the generation of fear.

·                    
Creation of economic losses: cyber terrorist who target organizations or
governments infrastructure intend to cause losses and also as way of passing
out their revenge.

·                    
Gain fame, monetary income or information: cyber terrorist may be motivated by the urge to be
famous or to gain monetary income from an attack. They may also be motivated to
access crucial information that does not belong to them.

·                    
Political reasons: hackers
are becoming politically motivated to carry out their attacks.

·                    
Governments’ reliance on the internet: cyber-terrorists are aware that governments are
reliant on the internet for almost all their services to its citizens and have
exploited this as a result.

3.2              
Types
of Cyber-terrorism capability

·                    
Simple-unstructured: the capability to conduct basic hacks against
individual systems using tools created by someone else. The organization
contains little target analysis, command and control or learning capability

·                    
Advanced-structured: the capability to conduct more sophisticated attacks
against multiple systems or networks and possibly to create hacking tools. The
organization possess elementary target analysis, command and control and
learning capability.

·                    
 Complex-coordinated: the capability for a coordinated attack capable of
causing mass disruption against integrated, heterogeneous defenses. Ability to
create sophisticated hacking tools. Highly capable target analysis, command and
control and organization learning capability.

3.3              
Forms
of Cyberterrorism

·                    
Illegal access(hacking)

This
is the illegal access to computer systems and data. In general, a differentiation
between illegal access by only technical means and access with human help can
be made. An example of purely technical access would be the use of a computer
program that uses software flaws that have been identified to gain access to a
system (exploit). The second category refers to access with human help. This
can be achieved, for example, in the form of so-called social engineering, i.e.
deceiving the user to give passwords or other protected information or bribing
an existing staff member. Therefore, successful attacks against protected
targets often require technical and social skills.

·                    
Data
alteration 

After
a successful hacking attack, a perpetrator has many options on what to do with
the system. A comprehensible first reaction would be to delete information or
shut down the system. However, this technique would not be successful because
administrators would immediately notice the failure and could reconstruct the
system from backup files or switch to reserve systems. The amount of damage that
would result from such an attack would therefore not be too high. However, in
some areas, e.g. certain industrial production facilities or in medical
environments, could have disastrous consequences.

·                    
Defacements

Alterations
that are visible to a large audience are often considered to be better, because
they can demonstrate the technical capabilities and create fear of what other
systems could fall foul of future attacks. In this case, a page on the web
server, often the
prominent entry page, is altered. Often are put on the page together with hints
as to the identity of the perpetrator (e.g. the name of a hacking group).

·                    
Data
Espionage

Because
most of today’s communication structure is computer based, data espionage is on
the rise throughout. This is the clandestine exploration and obtaining of
protected digital information, was originally particularly known between states
that try to acquire security relevant information from other states to gain
tactical advantages. However, in the meantime, industrial espionage has also
become an important factor for many economies.

·                    
Denial-of-Service (DOS) attacks

Denial-of-service
(DoS) attacks are targeted at the unavailability of a system or service and
have a long tradition in computer crime. Bot-nets with hundreds or even
thousands of Trojan horse-infected computers, are commanded by individuals to
send massive requests to single targets. These computers are often not able to
handle the enormous amount of traffic and are no longer able to send answers to
either the computers of the bot-net or to other legitimate requests.

·                    
Syntactic attacks

These
crimes involve the exploitation of technical vulnerabilities to commit fraud
examples of such crimes include: viruses, malware, plastic card skimming and
illegal fund transfers.

·                    
Semantic attacks

These
crimes involve the exploitation of social vulnerabilities to gain personal
information such as scam solicitations, identity-related theft and auction
fraud.

·                    
Cyberbullying

Cyberbullying
occurs when someone uses the internet to harass, demean, embarrass or
intimidate someone else. The bully hides behind a login identity to a social
platform making fun of someone else in order to demean another person.

3.4              
Dissemination
of Terrorist Contents

The internet has created the possibility of terrorists
to disseminate information without costs and largely without any control
regarding the content. These terrorist content include:

·                    
Terrorist websites:
terrorist organizations communicate their views, ideas and even launch and
organize attacks using their websites. They are able to influence the media and
the public at large.

·                    
Threats and propaganda: Terrorist may use the internet to threaten their
enemies, or to spread propaganda. It shocking that the terrorist record their
attacks with an aim of influencing the media.

·                    
Financing: online
advertising and other ways of getting money online has become a profitable
venture for terrorist organizations. They also use their websites to transfer
necessary information such as credit card information in order to fund their
terrorist activities.

3.5              
Examples
of Cyberterrorism attacks in the past

1.                   
Google China (2009)

Chinese
Google suffered a series of cyber-attacks in 2009, just 3 years after it was
launched. Known as operation aurora, the attack stole intellectual property
from Google. Other major Chinese companies also suffered as targets of the
malware.

2.                  
Sony (2011)

About
77 million PlayStation Network and Sony Online Entertainment accounts including
credit and debit card information users were stolen by an unknown group of
hackers

3.                  
Canadian Government hack(2011)

The
Canadian Government revealed that they became victims of cyber-attacks, whereby
three departments within its government had their classified information
infiltrated and transmitted to China by Chinese hackers.

4.                  
The Original Logic Bomb

During
the cold war in 1982, the CIA caused Siberian gas pipeline to explode using a
portion of code in the computer system that controls its operation. The effects
of the resulting explosion was devastating.

3.6              
International
institutions

As of 2016 the United Nations only has one agency that
specializes in cyberterrorism, the International Telecommunications Union
(ITU).

3.7              
            THE IMPACTS
OF CYBERTERRORISM

1.                  
In the case of identity
theft the cyber-terrorist can steal their credit information and destroy their
credit ratings.

2.                  
Security costs: companies
and governments have to hire experts to protect their systems and also update
their software often thereby raising the cost of being secure.

3.                  
Monetary losses: many
people are victims to scams that add up to a lot of money. The cyber-terrorism
field is overtaking the drug business in the amount of illegal income per year.

4                    
FINDINGS AND OBSERVATION

The
findings indicated that the nature of cyber terrorism should have been
formulated from six different perspectives: motivation, method of attack, types
of cyberterrorism capability, examples of cyberterrorism attacks and impact.
Motivation is about influencing human beings and the decisions they make.
Motivation is forces behind cyber terrorism such as social, political,
ideological and economic forces. With the growing interconnectedness of
critical infrastructures in ICT, the selection of a target that allows the
maximum level of disruption would significantly influence the perpetrator. The
perpetrator can exploit vulnerabilities over a targeted system through a vast
array of intrusive tools and techniques. The method of attack could be done
through network warfare and psychological operation. Cyberspace is the domain
in which terrorist-type attack is conducted. The perpetrator employs unlawful
use of force or unlawful attacks to conduct the premeditated attack. The impact
or consequence is high as the cyber-attacks that are done to intimidate or
coerce a government or people lead to violence against persons or properties.
According to the data analysis, most of all the cyber-attacks took place in the
United States followed by Nigeria, Canada, South Africa, Romania, Spain,
Indonesia, Russia and Netherlands, most of the crimes are said to originate from
China, North Korea and Russia.

5                    
RECOMMENDATIONS

Most internet browsers email service, and Internet
providers provide a spam-blocking feature to prevent unwanted messages, such as
fraudulent emails and phishing emails, from getting to your inbox. However,
every user must ensure to turn them on and do not turn them off whatsoever.
Also, users must install and keep up-to-date antivirus programs, firewalls and
spyware checkers. Along with keeping them up to date, users must make sure that
they run the scans regularly. Encryption of information that you do not want
anyone to have unauthorized access to is a good way to avoid some cybercrimes;
information such as password and credit card information for example.
Encryption software runs your data through encryption algorithms to make it
unintelligible to anyone who tries to hack into your computer.

Try to avoid unknown websites, in particular those
that ask for your name, mailing address, bank account number or social security
number. When doing online shopping make sure website is secure, look for urls
that starts with “https”and/or have the Trustee or VeriSign seal. If you do not
see these anywhere on the site, you run the risk of submitting credit card
information and other personal information to a site that maybe a fraud.

Another way to avoid being a victim of cyberterrorism
is to avoid being susceptible to common frauds, such as inherences letter,
letter asking for your help in placing large sums of money in overseas bank
accounts, foreign lotteries, and phony sweepstakes.