Tuesday, May 16, 2006

Techno Imperialism and the Effect of Cyberterrorism

It's been a while since I've last blogged about Cyberterrorism, and while many did mentioned the topic in between the recent DRDoS attacks, Cyberterrorism is so much more than simply shutting down the Internet, namely the ability to communicate, research, recruit and use propaganda to achieve goals based on ideological beliefs, or the convergence of Terrorism and the Internet.



Can we argue that cyberterrorism is the direct effect of techno imperialism, or let's use a more friendly word such as IT-dependent society and information infrastructure?





What exactly does cyberterrorism mean? When does an average internet user's malicious activity turns into cyberterrorism ones? Are there clear definitions, or the lack of such as resulting in the in a total misunderstanding for both, the media and the general public. The recently released Google Trends, which I covered in a previous post, doesn't even count Cyberterrorism, so I looked further and came across to a very good research "Fear-mongering or fact: The construction of ‘cyber-terrorism’ in U.S., U.K, and Canadian news media" that aims to emphasize on the common misunderstanding when defining Cyberterrorism and the media's acceptance of the concept. The outcome? Declining media presence with the years, to end up where it is today, but what you should keep in mind is that the concept is still out there.





Trying to seperate Cyberterrorism as a tool for achieving Information Warfare dominance is like on purposely ignoring the the big picture -- that Cyberterrorism, one that sometimes results out of hacktivism tensions is a powerful tool for achieving the full effect of information warfare. Whereas such attacks occur all the time, I can argue that the actual impact of cyberterrorism cannot be easily and quantitatively justified. We all know that it's theoretically logical for terrorists to use the Internet for various cyberplanning and cyber communication, what can we do about it?

Crawling for terrorist web sites clearly associated with different organizations, or trying to spot terrorist symphatizers have been in the execution stage for yers. Projects such as the Terrorism Knowledge Discovery Project, take a very deep look into the subject by introducing Terrorism Knowledge Portal, an aggregated source for intelligence. Moreover, according to a recent article :


"SAIC has a $US7 million Defence Department contract to monitor 1500 militant websites that provide al Qaeda and other militant organisations with a main venue for communications, fund-raising, recruitment and training." It's also interesting to note other initiatives that started back in 2001, such as the Automatic Identification of Extremist Internet Web Sites.



Another concept goes in-depth into Confronting Cyberterrorism with Cyber Deception as "if it is possible to deceive terrorists, then it should also be possible to deceive cyberterrorists. The reliance of cyberterrorists on information technology makes them vulnerable to cyber deceptions. In addition, many of the methods and tools that cyberterrorists would use are similar to those used by other less malicious hackers, so we can plan specific deceptions to use against them in advance." As you can see on the grid above, the actors, the deception target and the level of difficulty provide more insight into the idea, great research!





Steganography embedded images used by terrorists on the public web can be doubtful, but on the Dark Web, why not? According to a research I came across to some time ago :


"In academia, graduate students Niel Provos and Richard Honeyman at the University of Michigan have written a web crawling program to detect steganographic images in the wild. The program has already digested 2 billion JPEG’s on popular sights such as ebay and has so far found only one stego-image in the wild. The detected image was on an ABC web page that dealt with the topic of steganography."





Detecting Steganographic Content on the Internet as a concept has been around for ages, while plain old encryption is the de-facto practice according to a well researched news article :





• Wadih El Hage, one of the suspects in the 1998 bombing of two U.S. embassies in East Africa, sent encrypted e-mails under various names, including "Norman" and "Abdus Sabbur," to "associates in al Qaida," according to the Oct. 25, 1998, U.S. indictment against him. Hage went on trial Monday in federal court in New York.





• Khalil Deek, an alleged terrorist arrested in Pakistan in 1999, used encrypted computer files to plot bombings in Jordan at the turn of the millennium, U.S. officials say. Authorities found Deek's computer at his Peshawar, Pakistan, home and flew it to the National Security Agency in Fort Meade, Md. Mathematicians, using supercomputers, decoded the files, enabling the FBI to foil the plot.





• Ramzi Yousef, the convicted mastermind of the World Trade Center bombing in 1993, used encrypted files to hide details of a plot to destroy 11 U.S. airliners. Philippines officials found the computer in Yousef's Manila apartment in 1995. U.S. officials broke the encryption and foiled the plot. Two of the files, FBI officials say, took more than a year to decrypt.





Among the many cases I am aware of worth mentioning are :





- What are the real risks of cyberterrorism? In 1998, a 12-year-old hacker broke into the computer system that controlled the floodgates of the Theodore Roosevelt Dam in Arizona, according to a June Washington Post report. If the gates had been opened, the article added, walls of water could have flooded the cities of Tempe and Mesa, whose populations total nearly 1 million.





- Cyberterrorism: How Real Is the Threat? Yonah Alexander, a terrorism researcher at the Potomac Institute—a think tank with close links to the Pentagon—announced in December 2001, the existence of an “Iraq Net.” This network supposedly consisted of more than one hundred websites set up across the world by Iraq since the mid-1990s to launch denial-of-service or DoS attacks against U.S. companies. The concept of botnets wasn't that popular at the time, so that's an example of marginal thinking on acquiring DoS power.





- In the indictment against Zacharias Moussaoui, it states that Moussaoui had among his possessions a flight simulator program, software for reviewing pilot procedures for a Boeing 747 Model 400, and a computer disk of information on aerial spraying of pesticides. The indictment also outlines Moussaoui’s use of e-mail to inquire about flight training.



For almost two years, intelligence services around the world tried to uncover the identity of an Internet hacker who had become a key conduit for al-Qaeda. The savvy, English-speaking, presumably young webmaster taunted his pursuers, calling himself Irhabi -- Terrorist -- 007. He hacked into American university computers, propagandized for the Iraq insurgents led by Abu Musab al-Zarqawi and taught other online jihadists how to wield their computers for the cause.





I can argue which article is more intriguing compared to BusinesWeek's writeup on catching the ShadowCrew, but anyway all you need to a get a reader's attention is a name such as Abu Musab al-Zarqawi, a point that I feel is totally brainwashed in this paragraph :)





Cyberterrorism is an inseparable part of Information Warfare, and while we would hopefully never witness a catastrophic scenario, that is offensive use of Cyberterrorism, recruitment and propaganda flood the Internet on a daily basis. Just stop being suspicious about everyone, and try to enjoy life in between, can you, as terrorists are not everywhere -- but where we see them at the bottom line!