summary
1. Review: What is the author trying to convey, and what are the primary and secondary
points that are made?
2. Analysis: What do you (personally and critically) think about the reading? Based on your knowledge or personal and professional experiences, do you think all of what is said is valid? Is some of it? Is none of it? Why? What are some strong or weak aspects of what is said, and why? What are the major limitations, and are they correctable? If so, how?
3. Application: How might the main points of the reading be applicable in real life – given
the fact that we cannot fully control human behavior? How can the ideas be used to
address, prevent, or reduce teen technology misuse in schools, families, and communities?
1
Cyberterrorism: Hype and Reality
Maura Conway
Dublin City University
Introduction
The term cyberterrorism unites two significant mode
rn fears: fear of
technology and fear of terrorism. Both of these fea
rs are evidenced in this quote from
Walter Laqueur, one of the most well known figures
in terrorism studies: “The
electronic age has now made cyberterrorism possible
. A onetime mainstay of science
fiction, the doomsday machine, looms as a real dang
er. The conjunction of technology
and terrorism make for an uncertain and frightening
future.”
1
It is not only academics
that are given to sensationalism. Cyberterrorism fi
rst became the focus of sustained
analysis by government in the mid-1990s. In 1996 Jo
hn Deutch, former director of the
Central Intelligence Agency (CIA), testified before
the Permanent Subcommittee on
Investigations
of the United States’ Senate Governmental Affairs C
ommittee:
International terrorist groups clearly have the ca
pability to attack the
information infrastructure of the United States, ev
en if they use relatively simple
means. Since the possibilities for attacks are not
difficult to imagine, I am concerned
about the potential for such attacks in the future.
The methods used could range from
such traditional terrorist methods as a vehicle-del
ivered bomb — directed in this
instance against, say, a telephone switching centre
or other communications node — to
electronic means of attack. The latter methods coul
d rely on paid hackers. The ability
to launch an attack, however, are likely to be with
in the capabilities of a number of
terrorist groups, which themselves have increasingl
y used the Internet and other
modern means for their own communications.
2
Both the popularity and, to some extent, the credi
bility of such scenarios was
given a boost by the entertainment industry. Hollyw
ood, eager to capitalise on the
cyberterrorist threat, released the James Bond film
Goldeneye
in 1995. Other sectors
were quick to follow with the publishing industry i
ntroducing Tom Clancy and Steve
R. Pieczenik’s
Net Force
series in 1998. As Ralf Bendrath has pointed out
:
“Sometimes it is hard to tell what is science and w
hat is fiction. Winn
Schwartau, for example, the rock manager turned pre
acher of ‘information
warfare’ who runs the famous website infowar.com, h
as testified several times
as an IT security expert before Congress, and has w
ritten two novels on cyber-
terror. Even renowned cyber-war theoreticians like
John Arquilla have not
hesitated to publish thrilling cyber-terror scenari
os for the general audience.
But these works are not only made for entertainment
. They produce certain
visions of the future and of the threats and risks
looming there.”
3
In 1998 the Global Organized Crime Project of the C
enter for Strategic and
International Studies in Washington DC published a
report entitled
Cybercrime,
Cyberterrorism, Cyberwarfare: Averting an Electroni
c Waterloo
. This was the first
major academic contribution to the field. The docum
ent’s authors view cyberterrorism
as a sub-species of Information Warfare (IW). This
is because information warfare is
a form of asymmetric warfare and is therefore viewe
d as an eminently suitable
terrorist strategy. Cyberterrorism has since come t
o be viewed as a component allied
to offensive information warfare, but one that has
a direct corollary in traditional,
physical, non-information based ‘warfare’ (i.e. cla
ssical political terrorism). In other
words, cyberterrorism is recognised as having links
with traditional terrorist tactics,
2
but may be viewed as a new strategy employing new t
ools and exploiting new
dependencies.
Although the author’s of the CSIS report fail to p
rovide a definition of what it
is they mean by ‘cyberterrorism,’ they are at pains
to illustrate its potentially
disastrous consequences:
A smoking keyboard does not convey the same drama a
s a smoking
gun, but it has already proved just as destructive.
Armed with the tools of
Cyberwarfare, substate or nonstate or even individu
al actors are now powerful
enough to destabilise and eventually destroy target
ed states and societies…
Information warfare specialists at the Pentagon est
imate that a properly
prepared and well-coordinated attack by fewer than
30 computer virtuosos
strategically located around the world, with a budg
et of less than $10 million,
could bring the United States to its knees. Such a
strategic attack, mounted by
a cyberterrorist group, either substate or nonstate
actors, would shut down
everything from electric power grids to air traffic
control centers.
4
A focus on such ‘shut-down-the-power-grid’ scenario
s is increasingly a feature of
analyses of the cyberterrorist threat.
5
This chapter is concerned with explicating the orig
ins and development of the concept
of cyberterrorism with a view to separating the hyp
e surrounding the issue from the
more prosaic reality. This is more difficult than i
t may at first appear, however. Ralf
Bendrath has identified three major stumbling block
s.
6
First, this debate is not simply
about predicting the future, but is also about how
to prepare for it (i.e. the future) in
the present. The problem is that those involved in
the debate cannot draw on either
history or experience to bolster their positions, a
s a major cyberterrorist incident has
never yet occurred. For this reason different scena
rios or stories about the possible
course of future events are providing the grounds o
n which decisions must be made.
The upshot of this is that the various actors (i.e.
government and opposition, the
computer security industry, the media-entertainment
complex, scholars, and others)
with their various, and often times divergent, inte
rests are competing with each other
by means of their versions of the future, which are
particularly subject to political
exploitation and instrumentation.
A second, and related, problem is the nature of the
space in which a
cyberterrorist attack would occur:
“In the physical landscape of the real world, any a
ction has its
constraints in the laws of nature…Cyberspace, in co
ntrast, is a landscape
where every action is possible only because the tec
hnical systems provide an
artificial environment that is built to allow it. T
he means of attack therefore
change from system to system, from network to netwo
rk. This makes threat
estimation and attack recognition much more difficu
lt tasks.”
7
Bendrath’s final point relates to the highly techni
cal nature of the new threat and the
constraints this places on social scientists and th
eir ability to estimate the magnitude
of that threat. Bendrath’s solution is for social s
cientists to draw conclusions by
looking at how the threat is perceived: “The way a
problem is framed normally
determines or at least limits the possible solution
s for it.”
8
With this in mind, this paper seeks to excavate the
story of the concept of
cyberterrorism through an analysis of both popular/
media renditions of the term and
scholarly attempts to define its borders. It must b
e stated at the outset that, in both
media and academic realms, confusion abounds. This
is startling, particularly given
that since the events of 9-11, the question on ever
ybody’s lips appears to be ‘Is
Cyberterrorism Next?’
9
In academic circles the answer is generally ‘not y
et.’ The
Gabriel Weimann
Cyberterrorism
How Real Is the Threat?
Summary
• The potential threat posed by cyberterrorism has provoked considerable alarm. Numer-
ous security experts, politicians, and others have publicized the danger of cyberterror-
ists hacking into government and private computer systems and crippling the military,
financial, and service sectors of advanced economies.
• The potential threat is, indeed, very alarming. And yet, despite all the gloomy pre-
dictions, no single instance of real cyberterrorism has been recorded. This raises the
question: just how real is the threat?
• Psychological, political, and economic forces have combined to promote the fear of
cyberterrorism. From a psychological perspective, two of the greatest fears of modern
time are combined in the term “cyberterrorism.” The fear of random, violent victimiza-
tion blends well with the distrust and outright fear of computer technology.
• Even before 9/11, a number of exercises identified apparent vulnerabilities in the com-
puter networks of the U.S. military and energy sectors. After 9/11, the security and
terrorism discourse soon featured cyberterrorism prominently, promoted by interested
actors from the political, business, and security circles.
• Cyberterrorism is, to be sure, an attractive option for modern terrorists, who value its
anonymity, its potential to inflict massive damage, its psychological impact, and its
media appeal.
• Cyberfears have, however, been exaggerated. Cyberattacks on critical components of
the national infrastructure are not uncommon, but they have not been conducted by
terrorists and have not sought to inflict the kind of damage that would qualify as
cyberterrorism.
• Nuclear weapons and other sensitive military systems, as well as the computer systems of
the CIA and FBI, are “air-gapped,” making them inaccessible to outside hackers. Systems
in the private sector tend to be less well protected, but they are far from defenseless,
and nightmarish tales of their vulnerability tend to be largely apocryphal.
www.usip.org
1200 17th Street NW • Washington, DC 20036 • 202.457.1700 • fax 202.429.6063
S
PECIAL
R
EPORT
119 Decem
ber 2004
A
BOUT
THE
R
EPORT
The threat posed by cyberterrorism has grabbed
headlines and the attention of politicians, security
experts, and the public. But just how real is the
threat? Could terrorists cripple critical military,
financial, and service computer systems? This
report charts the rise of cyberangst and examines
the evidence cited by those who predict imminent
catastrophe. Many of these fears, the report contends,
are exaggerated: not a single case of cyberterrorism
has yet been recorded, hackers are regularly mistaken
for terrorists, and cyberdefenses are more robust than
is commonly supposed. Even so, the potential threat
is undeniable and seems likely to increase, making it
all the more important to a
ddress the danger without
inflating or manipulating it.
Gabriel Weimann is a senior fellow at the United
States Institute of Peace and professor of
communication at the University of Haifa, Israel.
He has written widely on modern terrorism, political
campaigns, and the mass media. This report
complements a previous report,
www.terror.net,
issued
in March 2004, which examined the variety of uses
to which terrorists routinely put the Internet. Both
reports distill some of the findings from an ongoing,
six-year study of terrorism and the Internet. A book
based on that larger study is to be published in 2006.
The views expressed in this report do not necessarily
reflect views of the United States Institute of Peace,
which does not advocate specific policy positions.
UNITED STATES INSTITUTE OF PEACE
C
ONTENTS
Introduction 2
Cyberterrorism Angst 2
What Is Cyberterrorism? 4
The Appeal of Cyberterrorism
for Terrorists 6
A Growing Sense of Vulnerability 6
Is the Cyberterror Threat Exaggerated? 8
Cyberterrorism Today and Tomorrow 10
SPECIAL REPORT
• But although the fear of cyberterrorism may be manipulated and exaggerated, we can
neither deny nor ignore it. Paradoxically, success in the “war on terror” is likely to make
terrorists turn increasingly to unconventional weapons, such as cyberterrorism. And as
a new, more computer-savvy generation of terrorists comes of age, the danger seems
set to increase.
Introduction
The threat posed by cyberterrorism has grabbed the attention of the mass media, the
security community, and the information technology (IT) industry. Journalists, politicians,
and experts in a variety of fields have popularized a scenario in which sophisticated
cyberterrorists electronically break into computers that control dams or air traffic control
systems, wreaking havoc and endangering not only millions of lives but national security
itself. And yet, despite all the gloomy predictions of a cyber-generated doomsday, no
single instance of real cyberterrorism has been recorded.
Just how real is the threat that cyberterrorism poses? Because most critical infra-
structure in Western societies is networked through computers, the potential threat from
cyberterrorism is, to be sure, very alarming. Hackers, although not motivated by the same
goals that inspire terrorists, have demonstrated that indiv
iduals
can gain access to sensi-
tive information and to the operation of crucial services. Terrorists, at least in theory,
could thus follow the hackers’ lead and then, having broken into government and private
computer systems, cripple or at least disable the military, financial, and service sectors of
advanced economies. The growing dependence of our societies on information technology
has created a new form of vulnerability, giving terrorists the chance to approach targets
that would otherwise be utterly unassailable, such as national defense systems and air
traffic control systems. The more technologically developed a country is, the more vulner-
able it becomes to cyberattacks against its infrastructure.
Concern about the potential danger posed by cyberterrorism is thus well founded. That does
not mean, however, that all the fears that have been voiced in the media, in Congress, and in
other public forums are rational and reasonable. Some fears are simply unjustified, while others
are highly exaggerated. In addition, the distinction between the potential and the actual dam-
age inflicted by cyberterrorists has too often been ignored, and the relatively benign activities
of most hackers have been conflated with the specter of pure cyberterrorism.
This report examines the reality of the cyberterrorism threat, present and future. It
begins by outlining why cyberterrorism angst has gripped so many people, defines what
qualifies as “cyberterrorism” and what does not, and charts cyberterrorism’s appeal for
terrorists. The report then looks at the evidence both for and against Western society’s
vulnerability to cyberattacks, drawing on a variety of recent studies and publications to
illustrate the kinds of fears that have been expressed and to assess whether we need to
be so concerned. The conclusion looks to the future and argues that we must remain alert
to real dangers while not becoming victims of overblown fears.
Cyberterrorism Angst
The roots of the notion of cyberterrorism can be traced back to the early 1990s, when
the rapid growth in Internet use and the debate on the emerging “information society”
sparked several studies on the potential risks faced by the highly networked, high-tech-
dependent United States. As early as 1990, the National Academy of Sciences began a
report on
computer security with the words, “We are at risk. Increasingly, America depends
on computers. . . . Tomorrow’s terrorist may be able to do more damage with a keyboard
than with a bomb.” At the same time, the prototypical term “electronic Pearl Harbor” was
coined, linking the threat of a computer attack to an American historical trauma.
2
A
BOUT
THE
I
NSTITUTE
The United States Institute of Peace is an
independent, nonpartisan federal institution
created by Congress to promote the prevention,
management, and peaceful resolution of interna-
tional conflicts. Established in 1984, the Institute
meets its congressional mandate through an array
of programs, including research grants, fellow-
ships, professional training, education programs
from high school through graduate school,
conferences and workshops, library services, and
publications. The Institute’s Board of Directors is
appointed by the President of the United States
and confirmed by the Senate.
ORDER THIS ESSAY HERE NOW AND GET A DISCOUNT !!!