Cyber Attacks

Cyberterrorism is distinct from computer crime, economic espionage and "hactivism" although terrorists may employ any of these forms of computer abuse to further their agendas. Cyberterrorism is the "unlawful attacks and threats of attack against computers, networks and the information stored therein when done to intimidate or coerce a government or its people in furtherance of political or social objectives. Further, to qualify as cyberterrorism, an attack should result in violence against persons or property, or...cause enough harm to generate fear." (Denning, Dorothy E. "Cyberterrorism" August 2000.)

In other words, the weapons of cyberterrorism and computers may differ from chemical, biological and explosives weapons in that they do not cause direct injury or death. They can cause serious consequences to individuals, businesses, industry, government and the public at large. Depending on how they are used, they can lead to injury and death (e.g., the ring leader of the 1993 World Trade Center bombing used encryption technology in his failed plot to blowup U.S. airliners in the Far East).

The following are some general types of cyberterrorism:

Data destruction or corruption - Using viruses, installation of malicious code, or other means to damage a system from within. This can include destroying or corrupting files, changing data in a database or corrupting software programs within the system.
Penetration of a system to modify its output - Embedding code (e.g., Trojan horses or "logic bombs") to perform unauthorized functions at a later time.
Theft - System penetration with the goal of stealing information or sensitive data (e.g., password cracking and theft, "packet sniffing").
Disabling a system - Disruption of information structures (e.g., using e-mail bombings, spamming, denial-of-service attacks, or viruses) to crash or disable a system.
Taking control of a system - Taking over a system (e.g., an air traffic system, a manufacturing process control system, a subway or train system, a 911 communications system) to use it as a weapon.
Website defacement - Hacking into a website and changing its contents to spread misinformation, incite to violence, generate fear, or create chaos.
Terrorist groups use of websites, chat rooms, and encrypted e-mail to plan physical acts of terrorism, raise funds for terrorism, provide instructions to fellow terrorists, provide instructions on how to build bombs, spread hate propaganda, and/or recruit members.

Of greatest concern for emergency planners are terrorist attacks intended to interfere with national life support systems. Systems of greatest priority are below:

Telecommunications
Banking and finance
Electrical power
Oil and gas distribution and storage
Water supply
Transportation
Emergency services
Government services

Improving securtiy involves:

Knowing what data and processes need to be protected,
Recognizing the threats and judging possible impacts,
Calculating the risks and deciding what level of risk is acceptable,
Developing/implementing countermeasures to reduce the risk to an acceptable level,
Testing and tuning the countermeasure strategy to ensure security.

As with all other hazards:

Be prepared to do without services you normally depend on that can be disrupted - electricity, telephone, natural gas, gasoline pumps, cash registers, ATM machines and Internet transactions.
Be prepared to respond to official instructions if a cyber-attack triggers other hazards requiring general evacuation, evacuation to shelter, or shelter-in-place, because of hazardous materials releases, a nuclear power plant incident, or a dam or flood control system failure.

Refer to Cyber-Security Checklist (Checklist 22 in Appendix in the Guidebook or on the checklists page of this site) for more information.