In the world there is always a treat lurking in one way or another. Digital revolution has transformed the dimensions of everything; whether good or bad. With the amazing advancement in technology and shrinking size of interfaces along, overall methodology of cyber crimes has been altered drastically.
There are varieties of cyber crimes but the most devastating one is when it’s organized by a nation which then becomes cyber terrorism.
Like the conventional terrorism, cyber terrorism also has both its roots and remedies on similar lines of tackling the terrorism for ages now. Broadly we can categorize cyber terrorism threat actors into five basic categories which then bring us to essentially three categories of attack that they undertake. Eventually, it is a three phased progressive maturity of these cyber attacks unleashed by cyber terrorism threat actors as such.
These all specifics have drawn over decades of analysis and research being blurred by the technological breakthrough every now and then Internet of Things, Artificial Intelligence to start with. None of the industries or services is immune to this ever rising threat of cyber terrorism in modern world.
There are instances of cyber terrorism every now and then to witness but are not officially owned by anyone till date. With the national security being equated with cyber terrorism now even India is doing what it can marred by its inherent bureaucratic-political-cultural show stoppers along.
Like every other nation, even India is buckling up to face ever changing tactics of cyber terrorism. There is a slow and steady rise in the overall preparedness and fronts being catered to by government at state and central level. The ultimate way forward is to take as seriously and with focus as various industrial revolutions have been in India.
Globally, Technical/Digitalization clairvoyants are busy claiming that omnipresent and highly interconnected digital technology will scale up productivity and efficiency in a utopian realm, as well as new capabilities that the world has neither seen nor imagined. Point taken, let us flip the coin and also look at the vulnerability that this advancement will pose.
By most prevalent definition standards; Cyber terrorism is the deliberate, preplanned disruptive activity, or thethreat thereof, by use of computers, network targeting the same with the intention to cause harm or further distorted social, ideological, religious, political or similar objectives, or to intimidate any person while pursuing such goals.
Terror tactics have transformed over time as the class of criminal perpetrators and the security measures in place to obstruct them has advanced and evolved. With the increasing awareness and measures, the criminals are always shifting to new pastures, the easier and unexpected ones. This transition is shown in the changing terrorist tactics over a century now, from political assassination in the early 20th century to most shocking and unexpected instance of 9/11 attack in 2001 in which passenger aircraft were used as weapon by terrorists. New terrorist groups have deep pockets, are technically advanced thus capable of inflicting catastrophic damage to diversified set of targets.
Breakdown of Cyber Terrorism
Computers— The New Age WMD aka. Weapons of Mass Destruction
Certainly at least ‘weapon’ of the cyber terrorist is a computer if not the target too. Well, limiting the access to a computer just as to an explosive, will that be fruitful? The paramount mandate is protection of plethora of ‘connected computer(s) without any exception. The constitution & law thereby guides; for example; how one should protect a firearm from its illegal/dangerous use. The enforced use of trigger locks, although controversial, is sought to prevent danger in case the weapon is illegally possessed.
Existing laws address the harm done by/to a third party owing to a deliberate or unintentional exploitation of a piece or part or whole of any corporate/personal property. The applicability of such laws or the definition of ‘misuse’ with respect to computers have been bleak till sometime ago but now the sanctified & revived acts & laws are catching up. However, there is a need for clear laws and standards which will equivocally engulf & hold accountable, all the operators of large networks of Internet-connected ecosystems; both virtual and physical; to ensure a zero tolerance and prevent deviation from security & integrity at the least.
- Non-State Terrorist Organizations
- Nation/State Cyber Teams
- Organized Criminals/Crime Syndicates
- Lone Wolf or Individual Attackers
- Hacking activists
- Varying motivations, capabilities, and targeting priorities influence capabilities and threats posed by these groups accordingly.
Categorization of Attacks
The attacks on the computer infrastructure (virtual-physical-hybrid) can be classified into three categories as such:
- Physical Attack: The computer infrastructure is damaged by vandalism, fire and explosives.
- Syntactic Attack: By altering the system-logic to incorporate delay or to render the system unpredictable. Such attacks are facilitated by computer viruses and trojans.
- Semantic Attack: It dispels end users’ belief in system integrity and capabilities. In this attack data keyed into the system is changed without alarming the user at entry and exit scenarios with respect to the system.
Cybercrime is way beyond straightforward system hijacks; now it’s a high level exploitation of social media platforms, impersonation of unique identities/profiles and thus misuse of the personally identifiable information (PII). This is catering to motives of propaganda, sedition which further lead to acts of terror like suicide bombings, facilitation to criminals by unsuspected and unsuspecting users of internet, money laundering for terror funding. Let’s consider three phases of progressively sophisticated terrorist cyber capability:
- Enabling: online activities that support the operations of terrorist groups, such as public declarations, hiring, eavesdropping, anonymous communication etc.
- Disruptive: online activities that interfere with computer services of the target/victim. It is undertaken to deny access of computer services/resources to the victim.
- Destructive: cyber attacks that unleash physical harm or injury through full scale unethical hacking, destruction/impairment of essential service.
Figure 1: Threat Intelligence Quadrant around Major Perpetrators
Few examples of these capability phases are as below:
- Enabling Activity
Online activities indicating advanced command of information technology usage to promote and facilitate the broadcast of groups’ ideologies, recruitment, and operational functionality.
- Terror Group Website
- Video & Social Media
- Funding Operations Manual
- Encrypted Communications
- Disruptive Activity
Resulting in loss of functionality of internetwork:
- Defacement of websites
- Denial of Service by Website Take-down
- Data Ex filtration
- Cyber Heist
- Destructive Activity
Capability to carry out digital heist of credentials resulting in hijacking/exploitation/ un programmed behavior or at worst, complete failure of the target.
- Sensor Spoofing
- Control Engineering Compromise
- Damaging or Disabling Infrastructure
- Scaled Destruction of Multiple Targets
Cataclysmic Catalysts to Cyber terrorism
There are emerging frontiers that can further escalate the grim situation of cyber terrorism unless they are globally regulated and made resilient by uniform laws and frameworks:
- Internet of Things:The ever growing and always-connected syndrome of digitally enhanced and remotely communicating devices, platforms are highly unregulated with lax or no security incorporated by manufacturers, service providers as well as the unaware end users.
- A.I./Artificial Intelligence: Aided by machine learning and cognitive bias incorporated in software by virtue of pattern recognition, enhanced processing speed and quick decision making will result in reduced reflex as well as controlling capabilities of humans eventually.
- Human Chip Implants/Microchips aided by Genome Editing: Genetically enhanced clones controlled by embedded microprocessors in their bodies.
- Next Generation Semiconductors: bending laws of physics in extreme processing speed & sizes.
Figure 2: Strategic Focus for Defining Realistic Cyber Terrorism Scenarios
Typically Cyber terrorism is affecting all vital & fundamental services and industries:
- Real Estate & Property
- Power & Energy
A Rhetoric Scenario Impact Assessment
|Rate of Mortality||Physical Damage||Plausibility Rating|
|Railways Infra Attacked||7||10||7|
|Nuclear Reactor Attacked||10||10||9|
|Ordnance Factory/Base Attacked||8||10||5|
These suggestive scenarios assessments are considered on the basis of an ‘extreme-case-scenario’ based on contributing factors resulting in extreme losses and then scored in terms of the following impacts broadly:
- Rate of Mortality (ranked 0 to 10): Scenarios logarithmically ranked for their worst-case- scenario death toll where 0 indicates no deaths linked, 1 indicates fewer than 10 deaths and 10 indicates a thousand or more.
- Physical Damage (ranked 0 to 10): In terms of economic costs of physical damage rendered by cyber terrorism activities, 0 indicates no physical damage whatsoever, and 10 indicate billions of dollars.
- Plausibility (ranked 0to10): Plausibility is defined as a combination of cyber capability (or the developing cyber capability within a three-year period) and motivation.
Prevalent paradoxical scenarios are out there on news papers and channels to look at time and again so let us perpetuate what lies ahead as manifestation of the ever growing cyber terrorist capabilities that the world is witnessing.
Near Future/Potential Scenarios of Cyber Terrorism are:
- 4G, 5G, Public Wi-Fi, Internet as well as Satellite Communications are defunct completely.
- Power Distribution Grid has collapsed & cities have plunged in darkness.
- Elevators, Escalators & Electro-digital utilities in industries, hospitals, homes have gone kaput.
- Integrated Public Transport as well as Privately Operated Services comprising of airports, airlines, buses, trains, subways and cabs have come to a standstill suddenly.
People from commercial as well as residential premises have been forced out in the open due to rampant explosions, fires in electrical setups after water supplies thus fire hydrants-sprinklers have dried up. Obviously rendering Police, Health, Fire & Emergency Services crippled due to combination of all above resulting in chaos, stampede, loot, barbarism thus degradation and loss of human life on an unprecedented scale. The social, economical, political turmoil will surpass the disaster management capabilities and global support channels thus devastating the nation. An exhaustive root cause analysis for aforementioned status quo has been practically envisaged with respect to technical and logical renderings applicable.
Let us take a recent scenario for the reference which can be a good succinct overview of above stated probable scenarios: the use of drones in warfare is something we are quite used to hear and read on day-to-day basis for years now..but on 4th August 2018 two drones detonated explosives in Caracas, Venezuela in an attempt to assassinate the president of Venezuela; Nicolas Maduro. This was severely criticized and claimed to be done by opposition faction under support of USA. This was followed by something unprecedented and unexpected in sequential manner..
First Wave: 7th March 2019 witnessed total blackout in 20 out of 23 states in Venezuela which lasted with most of recovery efforts succeeding by 14th March 2019 only.
Second Wave: At least 15 out of 23 states in Venezuela were in darkness from 25th to 28th March 2019.
Third Wave: 29th March 2019 again witnessed blackout in many states of the country.
Fourth Wave: In latter of 30th March again there was blackout in other states of Venezuela.
Result: Serious problems in hospitals and clinics, industry, transport including airways and railways and in water service which resulted in at least 48 confirmed deaths across the country. Severe public outrage due to erratic and arrogant leadership and mismanagement of the disaster added to irresponsible, corrupt ways of government for decades now.
Reason: Power tussle between USA and Russia for decades due to the fact that Venezuela has world’s largest oil reserves and both countries have been trying to control the same by aid of the respective representatives in the country while creating adverse situation for the respective rivals.
Remedies- Proposed Actions to Counter Cyber Terrorism
A summary of traditional counter- terrorist techniques that can be employed are as following:
- Deterrence: The exemplary adherence to exhibit the initiatives, tough stand and quick redressal of such issues must be undertaken by government on a serious note. This will send a strong message and instill a sense of hesitation if not an outright nullification of such acts. This will certainly face resistance from Human Rights perspective though.
- Regulatory Framework: It has evolved from IT Act 2000 till latest Draft Personal Data Protection Bill under consideration with a National Cyber security Policy in place. But we are still far from capable in terms of a full-fledged and robust techno-legal framework to address the contingencies ahead. Multiple individual policies and acts are yet to be conceived and implemented.
- Enhanced Defense: The overall pool of people, processes and technologies instrumental and necessary for the hardening of the virtual-physical-social-infrastructure must be strengthened and sustained for a seamless exchange, execution and to be given freedom to make decision along. For instance, cyber crime police stations spread across India work in silos and are not centralized by strict policies to share, exchange, derive pattern and jointly work in tandem for quicker and effective resolution. This eventually will converge to a national database referenced and utilized with global counterparts by respective authorities.
- Global Joint Ventures: As of now, India has a high level official bilateral framework with USA, UK, Singapore, Russia, Malaysia, Japan, Egypt, China and Australia. Budapest Convention too is being considered. This still leaves a lot to be taken up and dealt with unless the national policies and infrastructures are conducive as well as matured to adapt to international standards.
- Estimating Vulnerabilities(Yet to be started in India): The number of vulnerabilities present in the global supply of digital products in aggregate is not known and new products or updates, when released, are never thoroughly interrogated for a precise quantification of new vistas of compromise or susceptibility inherent. Such susceptibilities can prevail across the hardware, software, network and programming languages, and exist over isolated as well as connected systems alike.
The estimation of the same is adjudged by the virtue & benchmarks dynamically maintained by the Cyber Green project. The worlds’ computer emergency response teams report into a metrics portal at the Cyber Green website. These shared resources generate a general metric of the performance of computer emergency response teams (CERT) globally.
National Cyber security Landscape
A progressive yet nascent stage of Public-Private Cooperation, Institutional & Regulatory Framework by hybrid though intermittent communication/exchange along thereby hindering overall strength sought for the efficacy of execution and governance of same.
The comprising bodies/institutions converging into government, for example
NIC: National Informatics Centre
CERT-In: Indian Computer Emergency Response Team
NISAP: National Information Security Assurance Program
NCIIPC: National Critical Information Infrastructure Protection Centre
CHCIT: Cyber and Hi-Tech Crime Investigation and Training Centre
Legal Foundations: National Cyber Security Policy was adopted in 2013. It is an elaborate plan comprising of high-level principles as well as specific objectives with due proposals. Although it is not yet fully implemented so overall legal framework supporting cyber security is feeble.
Operational Entities: CERT-In, the leading one in this eco-system, is involved in high level policy discussions, related to information security and evolving trends, patterns.
Public-Private Partnerships: This again is an endeavor in nascent stage. CERT-IN, DSCI are instrumental in liaison with global players like ISACA for example. There is so much more that needs to be addressed by public-private partnerships and patronized programs of governments. Every individual in the country is being serviced directly or indirectly by ecosystem of connected systems and/ digital interfaces so any and every product, service whether paid or complimentary must pass through rigorous battery of confidentiality, integrity, security and compliance before, during and after it’s interaction with the end users. This must be monitored by dedicated bench strength and not workforce that is either ad-hoc or has an over lapping (at times even conflicting) job profile and responsibilities.
Sector-Specific Cyber security Planning: Although there isn’t an official joint public-private sector plan catering to this need of cyber security in dimension. A joint working group has been setup to discuss and present recommendations on public-private partnerships in cyber-security. This group is comprised of representatives from various industries.
Education and Awareness: Government is pursuing a culture of cyber security awareness courtesy promotional activities, educational initiatives as outlined in and being an objective of; Indian National Cyber security Policy 2013 which also includes a commitment to a comprehensive national awareness raising campaign aimed towards cyber security specifically.
On the lines of Israel, mandatory cyber education should be tailored to a progressive roadmap of school curriculum in India too and resultant advancement incorporated at undergraduate and the higher education. This way a massive sensitization , awareness will be effortlessly introduced in society as well as a strong workforce will be readied to cater to ever rising requirements of cyber security and the digitally skilled manpower overcoming looming unemployment issue because of drastically transforming job scenarios due to digitization.
Cyber law Framework Enhancement: Although India has shown a lenient stance due to missing legal and policy adherence mandate for cyber security providers in order to regulate this industry but every now and then there are specific incidents that are forcing a serious consideration for same to gain momentum.
Cyber security Strategy Maturity
As of November 2017, the second Global Cyber security Index (GCI), released by the UN telecommunications agency International Telecommunication Union (ITU), India with its 23rd rank featured among ‘maturing’ 77 nations which is the category for countries with evolving, complex commitments and programs towards cyber security on the whole in respective setups. In the same report for 2018, India has attained 10th rank in Asia Pacific region and 47th globally.
Eventually, we can concur that there is a sense of seriousness by both government and private bodies to synergize the cyber security capabilities and catch up with traditional to modern state-of-art as well as hybrid incursions by antisocial elements that is fast becoming a grim situation though we are far from safe or even at ease of attaining the same. The mechanism to shoulder and enrich such a dynamic industry’s evolution must include a concept of crowd-sourcing too, overcoming the silo of projects-research-formulation for betterment in perspectives of ideation, innovation, capital and execution for this pursuit. A succinct, evolving, collaborative regulatory framework with zero tolerance is need of the hour and this has to be a socially and technologically inclusive perusal to be successful in long run.