Cyber Terrorism: A Study of the Extent of Coverage in Computer Security Textbooks

Prichard, Janet J., MacDonald, Laurie E., Journal of Information Technology Education

Introduction

Terrorism is the most pressing national security issue facing the United States and its allies around the world. This became shockingly clear on September 11, 2001 and promises to be a long-lasting threat requiring a total commitment by the United States to eliminate terrorist organizations wherever they are found. Terrorism is an old problem, and the word terrorism dates to France's Reign of Terror in 1793-94 (Garrison, 2003). The United States State Department has defined terrorism as violence against noncombatants for the purpose of influencing public opinion (Council on Foreign Relations [CFR], n.d.).

The former deputy chief of the CIA Counterterrorist Center has identified four elements that are common to all acts of terrorism (Vatis, 2001). Acts of terrorism are: (1) premeditated and not simply acts born of rage, (2) political and designed to impact political structure, (3) targeted at civilians and civilian installations, and (4) conducted by ad hoc groups as opposed to national armies. The war on terrorism is sure to result in cyber attacks against US assets launched by terrorist groups, nation-states that provide support for terrorists, and hackers who sympathize with the terrorists (Vatis, 2001).

The term "cyber terrorism" was coined to characterize computer-based attacks against an adversary's assets. It takes place were cyberspace and terrorism converge (Denning, 1999). Though these attacks occur in cyberspace, they still exhibit the four elements common to all acts of terrorism:

(1) premeditated and not simply acts born of rage

Cyber terrorist attacks are premediatated and must be planned since they involve the development or acquistition of software to carry out an attack.

(2) political and designed to impact political structure

Computer terrorism is an act that is intended to corrupt or completely destroy a computer system (Galley, 1996). Cyber terrorists are hackers with a political motivation, their attacks can impact political structure through this corruption and destruction.

(3) targeted at civilians and civilian installations

Cyber terrorist attacks often target civilian interests. Denning (2000a) qualifies cyber terrorism as an attack that results in violence against persons or property, or at least causes enough harm to generate fear.

(4) conducted by ad hoc groups as opposed to national armies

Cyber terrorism is sometimes distinguished from cyber warfare or information warfare, which are computer-based attacks orchestrated by agents of a nation-state.

Cyber warfare is another term that is often used to describe various aspects of defending and attacking information and computer networks in cyberspace, as well as denying an adversary's ability to do the same (Hildrith, 2001). Cyber warfare and information warfare employ information technology as an instrument of war to attack an adversary's critical computer systems (Hirsch, Kett, & Trefil, 2002). Winn Schwartau (1994) has proposed three categories for classifying information warfare: (1) Personal Information Warfare, (2) Corporate Information Warfare, and (3) Global Information Warfare.

Personal Information Warfare involves computer-based attacks on data about individuals. It may involve such things as disclosing or corrupting confidential personal information, such as those in medical or credit files. Corporate Information Warfare may involve industrial espionage or disseminating misinformation about competitors over the internet. Global Information Warfare is aimed at a country's critical computer systems. The goal is to disrupt the country by disabling systems, such as energy, communication or transportation.

Another level of politically motivated computer attacks is often referred to as hacktivism--a combination of political activism and hacking. The intent in hacktivism is to disrupt normal operations but not cause serious damage (Denning, 2000b). These may include web sit-ins, automated email floods, and weak viruses. Hence, hacktivism is distinguished from cyber terrorism by the level of damage and disruption intended by the politically motivated hackers.

Hacking Techniques--Types of Attacks

Galley (1996) discusses three types of attacks against computer systems: (1) Physical, (2) Syntactic, and (3) Semantic. A physical attack uses conventional weapons, such as bombs or fire. A syntactic attack uses virus-type software to disrupt or damage a computer system or network. A semantic attack is a more subtle approach. Its goal is to attack users' confidence by causing a computer system to produce errors and unpredictable results.

Syntactic attacks are sometimes grouped under the term "malicious software" or "malware". These attacks may include viruses, worms, and Trojan horses. …

Questia, a part of Gale, Cengage Learning. www.questia.com
Publication information: Article title: Cyber Terrorism: A Study of the Extent of Coverage in Computer Security Textbooks. Contributors: Prichard, Janet J. - Author, MacDonald, Laurie E. - Author. Journal title: Journal of Information Technology Education. Volume: 3. Publication date: Annual 2004. Page number: 279+. © 2008 Informing Science Institute. COPYRIGHT 2004 Gale Group.

This material is protected by copyright and, with the exception of fair use, may not be further copied, distributed or transmitted in any form or by any means.