Cyber Terrorism: A Study of the Extent of Coverage in Computer Security Textbooks

Article excerpt

Introduction

Terrorism is the most pressing national security issue facing the United States and its allies around the world. This became shockingly clear on September 11, 2001 and promises to be a long-lasting threat requiring a total commitment by the United States to eliminate terrorist organizations wherever they are found. Terrorism is an old problem, and the word terrorism dates to France's Reign of Terror in 1793-94 (Garrison, 2003). The United States State Department has defined terrorism as violence against noncombatants for the purpose of influencing public opinion (Council on Foreign Relations [CFR], n.d.).

The former deputy chief of the CIA Counterterrorist Center has identified four elements that are common to all acts of terrorism (Vatis, 2001). Acts of terrorism are: (1) premeditated and not simply acts born of rage, (2) political and designed to impact political structure, (3) targeted at civilians and civilian installations, and (4) conducted by ad hoc groups as opposed to national armies. The war on terrorism is sure to result in cyber attacks against US assets launched by terrorist groups, nation-states that provide support for terrorists, and hackers who sympathize with the terrorists (Vatis, 2001).

The term "cyber terrorism" was coined to characterize computer-based attacks against an adversary's assets. It takes place were cyberspace and terrorism converge (Denning, 1999). Though these attacks occur in cyberspace, they still exhibit the four elements common to all acts of terrorism:

(1) premeditated and not simply acts born of rage

Cyber terrorist attacks are premediatated and must be planned since they involve the development or acquistition of software to carry out an attack.

(2) political and designed to impact political structure

Computer terrorism is an act that is intended to corrupt or completely destroy a computer system (Galley, 1996). Cyber terrorists are hackers with a political motivation, their attacks can impact political structure through this corruption and destruction.

(3) targeted at civilians and civilian installations

Cyber terrorist attacks often target civilian interests. Denning (2000a) qualifies cyber terrorism as an attack that results in violence against persons or property, or at least causes enough harm to generate fear.

(4) conducted by ad hoc groups as opposed to national armies

Cyber terrorism is sometimes distinguished from cyber warfare or information warfare, which are computer-based attacks orchestrated by agents of a nation-state.

Cyber warfare is another term that is often used to describe various aspects of defending and attacking information and computer networks in cyberspace, as well as denying an adversary's ability to do the same (Hildrith, 2001). Cyber warfare and information warfare employ information technology as an instrument of war to attack an adversary's critical computer systems (Hirsch, Kett, & Trefil, 2002). Winn Schwartau (1994) has proposed three categories for classifying information warfare: (1) Personal Information Warfare, (2) Corporate Information Warfare, and (3) Global Information Warfare.

Personal Information Warfare involves computer-based attacks on data about individuals. It may involve such things as disclosing or corrupting confidential personal information, such as those in medical or credit files. Corporate Information Warfare may involve industrial espionage or disseminating misinformation about competitors over the internet. Global Information Warfare is aimed at a country's critical computer systems. The goal is to disrupt the country by disabling systems, such as energy, communication or transportation.

Another level of politically motivated computer attacks is often referred to as hacktivism--a combination of political activism and hacking. The intent in hacktivism is to disrupt normal operations but not cause serious damage (Denning, 2000b). …