Figure 4 - uploaded by Stuart Macdonald
Content may be subject to copyright.
Source publication
This article reports on a recent research project exploring academic perspectives on the threat posed by cyberterrorism. The project employed a survey method, which returned 118 responses from researchers working across 24 different countries. The article begins with a brief review of existing literature on this topic, distinguishing between those...
Contexts in source publication
Context 1
... people or property. As one respondent explained: “no person has ever been killed or injured as the result of an attack executed by using weaponised computer code.” 107 Third, four respondents argued that there is a distinction between cyberterrorism and cybercrime. 108 One of these argued that, while terrorists might commit cybercrime in order to facilitate terrorist activity, this does not render the criminal activity terrorist. On this view, there is a difference between: (a) cyberterrorism and (b) cybercrime committed for terrorist purposes (such as to raise funds). 109 Another respondent argued that hacktivism must be distinguished from cyberterrorism, 110 although two other respondents suggested that the activities of Anonymous render this distinction more problematic. 111 Fourth, four respondents stated that the cyberattacks that have occurred did not instil fear in a wider audience and/or were not carried out with an intention to generate such fear. 112 Absent this element of intimidation or coercion, these respondents said that cyberattacks do not constitute cyberterrorism. Lastly, three respondents said that those who have perpetrated attacks to date lacked the political or ideological motive necessary for the attack to qualify as (cyber)terrorist. 113 As stated previously, the fact that a respondent believed that no cyberterrorist attack has ever occurred did not necessarily mean that cyberterrorism was not viewed as a significant threat. Figure 3 shows the responses to question 10 of those respondents that answered no to question 11. Interestingly, in spite of the perceived absence of any cyberterrorist attacks to date, a greater proportion of these respondents stated that cyberterrorism poses a significant threat than stated it does not (35 percent compared to 29 percent). Moreover, an additional 15 percent of these respondents stated that cyberterrorism may potentially or possibly become a significant threat. The final question to be explored focused more explicitly on issues of vulnerability and response than of capability and intention. Here, respondents were asked to name the most effective countermeasures against cyberterrorism, and then to detail whether there are significant differences to more traditional forms of anti- or counterterrorism. Ninety-three responses were received (response rate: 79 percent), although some respondents only answered part of the question. In response to the first part of the question, twelve countermeasures were identified by at least two respondents (see Figure 4). One—target-hardening—dominated our re- sponses, with 35 respondents mentioning this mechanism. Some of these framed their comments quite generally, for example: “Enhanced IT security” 114 or “Technical security measures.” 115 Others, in contrast, gave more specific suggestions including “Redun- dancies in various civilian and critical online systems,” 116 “Firewalls,” 117 “Closed secure networks,” 118 “Keeping sensitive data in encrypted format,” 119 and “Increases in biometric security systems.” 120 A number of other countermeasures were mentioned by only one respondent. These included: refraining from starting illegal wars; 121 switching our focus from non-state to state actors; 122 and, education and humanitarian aid. 123 The four most common responses to the second part of this question—on the pecu- liarities of countering cyberterrorism—are detailed in Figure 5. Seventeen respondents (18 percent) argued that, while the methods employed might be different, countering cyberterrorism involves the same underlying strategies as other forms of terrorism. By contrast, 16 respondents (17 percent) believed there to be a significant difference with other ...
Context 2
... terrorism in that greater technical expertise is required to counter cyberterrorism. These two viewpoints are not necessarily incompatible. While one focuses on the underlying principles (prevention, protection, resilience, etc.), the other focuses on what the application of these principles looks like in practice. This was summed up neatly by one respondent, who said “Yes, from technological point of view, not from ideological point of view.” 124 The 12 countermeasures listed in Figure 4 were identified by a total of 60 respondents. 125 Of these, it is worth noting that 14 had said (in response to question 10) that cyberterrorism does not constitute a significant threat. 126 So, the majority of the respondents that did not regard cyberterrorism as a significant threat nonetheless identified countermeasures. There were two reasons for this. First, five of these respondents explained that, while cyberterrorism does not constitute a significant threat, cyberwarfare and cybercrime do. 127 Measures taken in response to these other threats will also improve security against cyberterrorism. In the words of one respondent, “defensive measures taken against cybercrime and cyberwarfare will also work against cyberterrorism.” 128 Second, five of these respondents explained that, while cyberterrorism does not constitute a significant threat, other forms of terrorism do. 129 For these researchers, measures taken to combat other forms of terrorism will also improve security against cyberterrorism. In fact, one respondent went further and argued that seeking specifically to tackle cyberterrorism could prove ultimately ...
Similar publications
A promising factor for explaining the relationship between economic situation and time preferences is one's construal level (i.e., the abstractness/concreteness of thinking). In this preregistered experiment, we examined the effects of construal level manipulation on time discounting and additionally examined the relationships between the economic...
There is growing support for the idea that we should aim at greater happiness for a greater number. Yet, there are also qualms about the reality value of that ambition: Some doubt that enduring happiness is not possible at all in the human condition, while others claim that the nature of happiness makes greater happiness as illusory. And there is a...
In recent years, professional skepticism is increasingly being studied as an important building block in internal auditing. As a consequence, auditing standards include limited references to the content of audit evidence that may also have some degree of professional skepticism (SAS 99 - Consideration of Fraud in a Financial Statement Audit, Auditi...
Citations
... Cybercriminals, hackers, and hostile nations are continually developing sophisticated capabilities to carry out these attacks. The cyber domain holds allure for terrorists due to its low cost, the potential to remain anonymous, and the ability to launch attacks at their convenience (Jarvis et al., 2013). Current data shows a consistent annual increase in the number of attacks (Odekon, 2015), making it only a matter of time before terrorists execute a devastating cyber-attack on a valuable critical infrastructure. ...
The increasing reliance on digital technologies in the aviation industry has amplified the need for robust cybersecurity measures. This article examines the critical issue of cybersecurity in aviation, exploring its importance, applications, and associated challenges. Through an analysis of real-world examples of cyber-attacks against aviation, the article highlights the potential consequences of inadequate security measures. Various applications of cybersecurity in aviation are explored, including air traffic management (ATM) Security, blockchain technology, airports, and aircraft systems protection. Furthermore, the article delves into the challenges faced by the industry in implementing effective cybersecurity protocols, considering factors such as evolving cyber threats, system interconnectivity, and the need to balance security with operational efficiency. The findings underscore the vital role of cybersecurity in safeguarding critical systems, protecting passenger data, and maintaining the integrity of aviation operations. The article concludes by emphasizing the necessity for continuous collaboration, information sharing, and investment in research and development to address emerging threats and ensure a secure future for the aviation industry.
... Cyberterrorist attacks have long been a major concern for governments and individuals alike due to the risks associated with terrorist groups using the Internet and digital platforms (Singer & Friedman, 2014;Weimann, 2005b; see also Jarvis, Macdonald, & Nouri, 2014). Embar-Seddon (2002, p. 1034) stated that 'cyberterrorism' combines two major fears of modern times: fear of technology and fear of terrorism, instilling fear among people. ...
This study investigates the effects of trust in government, relational trust, counterterrorism policies, and counterterrorism laws on fear of cyberterrorism and fear of terrorism. The data were collected from randomly selected college students at a university in the United States (N = 353). The results of path analyses using structural equation modeling for both unmediated and mediated models indicated that trust in government was the only factor significantly reducing fear of both terrorism and cyberterrorism. Additionally, trust in government mediated the effects of relational trust, counterterrorism laws, and counterterrorism policies on fear of both terrorism and cyberterrorism. Furthermore, respondents were more fearful of cyberterrorism than terrorism. The results and limitations are discussed. ARTICLE HISTORY
... Cyber-terrorists: It is widely acknowledged that ICT can be utilized to promote, support, facilitate, and/or engage in acts of terrorism. Although there isn't a universally accepted definition, the term "cyberterrorism" has gained traction in literature, describing it as a cyber-dependent crime committed for ideological purposes, aimed at instilling fear, intimidation, and/or coercion within a targeted government or population, with the intent to cause or threaten harm [47]. However, while ideology provides a broad rationale for the targeting of terrorist groups, the selection of specific targets within the spectrum of ideologically ac-ceptable ones is influenced by other factors, which are best described as strategic or tactical [48].For instance, an essential factor influencing terrorist targeting is the level of protection of a facility, as (cyber)terrorists would be more inclined to choose targets that are vulnerable. ...
For nearly a decade, disinformation has dominated social debates, with its harmful impacts growing more evident. Episodes like the January 6 United States Capitol attack and the Rohingya genocide exemplify how this phenomenon has been weaponized. While considerable attention has been paid to its impact on societal discourse and minority persecution, there remains a gap in analyzing its role as a malicious hybrid tool targeting critical infrastructures. This article addresses this gap by presenting three case studies: a hypothetical scenario involving the electric grid, an attack on traffic management, and XZ Utils backdoor. Additionally, the study undertakes a criminological analysis to comprehend the criminal profiles driving such attacks, while also assessing their implications from a human rights perspective. The research findings highlight the necessity for comprehensive mitigation strategies encompassing technical solutions and crime prevention measures in order to safeguard critical infrastructures against these emerging threats.
... First, target-hardening techniques are commonly cited as an effective countermeasure against cyberterrorism. For example, when asked about the most effective countermeasures against cyberterrorism, the majority of the participants -who were also members of the international cyberterrorism research field -discussed various target hardening measures involving enhanced IT security and technical security measures (Jarvis, Macdonald and Nouri 2014). Here they suggested that security measures such as firewalls, closed secure networks, data encryption, redundancies in various civilian and critical online systems, and increases in biometric security systems were the most effective measures to counter cyberterrorism (Jarvis, Macdonald and Nouri 2014). ...
... For example, when asked about the most effective countermeasures against cyberterrorism, the majority of the participants -who were also members of the international cyberterrorism research field -discussed various target hardening measures involving enhanced IT security and technical security measures (Jarvis, Macdonald and Nouri 2014). Here they suggested that security measures such as firewalls, closed secure networks, data encryption, redundancies in various civilian and critical online systems, and increases in biometric security systems were the most effective measures to counter cyberterrorism (Jarvis, Macdonald and Nouri 2014). also suggest two other target hardening strategies to prevent cyberterrorism, which include enhancing the target system's survivability (i.e., resiliency); and hiding the targeted system so would-be attackers cannot find it (i.e., invisibility). ...
This chapter is broken up into two sections: terrorists' and violent extremists' use of the Internet, and cyberterrorism. In the first half of the chapter, we first define terrorism, violent extremism and radicalization and highlight the challenges of conceptualizing such terms. Next, we provide an overview of the central ideologies that motivate terrorists and violent extremists. We then describe their core uses of the Internet and the role of the Internet in the process of radicalization, followed by a discussion of some of the ways of combating their online activities. In the latter half of the chapter, we unpick the complexities of defining cyberterrorism, followed by a look at tactics and targets of cyberterrorism campaigns. We also discuss the likelihood of a cyberterrorist attack and conclude with a discussion of possible responses to cyberterrorism.
... In the United States (US), according to Allen [7], in December 2013, Target (a departmental store based in Minneapolis) reported that information from more than 110 million credit and debit card payments by its customers were accessed illegally. The hackers stole personal identification numbers (PINs) from the cards, and as a result, Target lost more than $3.5 billion [8]. Hutchings [9] cited that Neiman Marcus (a Dallas based retail store) also reported that the information from 1.1 million credit and debit card payments was hacked in 2013. ...
The Internet and related technologies have enabled companies to automate almost all of their operations resulting in enhanced efficiencies and cost-effectiveness. The technologies, however, have also introduced numerous security risks. Through security risks such as Electronic Hacking (EH), individuals and companies have lost a lot of valuable data and money. In this regard, there is a need to understand the extent of the threat of EH. A comprehensive thematic review and analysis of EH with a focus on developments, evolution, challenges, prognosis, and prevalence in select institutions was thus conducted. The research involved reviewing the literature on cybersecurity and its effect on organizations' operations. The result shows that cases of security breaches and associated costs continue to increase. Over five years, the healthcare and medical institutions were the most vulnerable. They were closely followed by corporations. The implications are that as institutions become more automated, their respective degrees of cybercrime vulnerability increase. The consequences of security breaches are normally dire for companies, as well as individuals. Millions, or possibly billions, of dollars worth of data, have been lost as a result of security breaches. This trend is expected to continue in the future, as computers and Internet technologies continue to advance. Through cybercrimes, numerous companies' operations have been sabotaged, and personal information from social media and email stolen. Long term, effective and sustainable strategies are therefore required. The paper is significant because it identifies the information security risks various organizations are exposed to and strategies that organizations can use to mitigate the risks.
... Upaya Singapura dalam menjalankan perubahan doktrin juga dapat terlihat pada tahun 2019 yang lalu telah Selain itu, pembentukan pasukan cyber beserta teknologi-teknologi pertahanan cyber juga menjadi sangat vital mengingat potensi serangan cyber semakin meningkat. Kelompokkelompok terror juga kerap kali memanfaatkan teknologi komunikasi dan informasi seperti internet dalam melakukan aktifitasnya (Andreas & Naím, 2012;Blaker, 2015;Heickerö, 2014;Jarvis et al., 2014;Sultan, 2018;Ward, 2018). ...
The Singapore government since 2000 has stated their goals to have a strong and capable Singapore Armed Forces (SAF). The urgency of having a strong and capable SAF cannot be separated from the multidimensional threats that Singapore has to deal with. China's growing military capability coupled with increased aggressiveness in the South China Sea and relations with two conflicting neighbors are examples of traditional threats facing Singapore. Non-traditional threats, especially terrorism, also haunt Singapore. This article argues that the Revolution in Military Affairs implemented by Singapore is the mitigation of such strategic disadvantage. Through the implementation of the Revolution in Military Affairs which was marked by the acquisition of advanced weaponry technology and followed by changes in military doctrine and organizational adaptation, the SAF has already been transformed into a powerful military in the region.
... In a study of academic opinion around cyberterrorism, Jarvis, Macdonald, and Nouri identified "considerable disagreement" regarding the "extent to which this phenomenon poses a security threat." 39 Simplifying, they characterize this disagreement as a debate between "the concerned" and "the sceptics" -for whom cyberterrorism remains little more than a hyperbolic media construction. Heickerö dichotomizes this debate similarly between those who view the cyberterrorist threat as "real and considerable," and others for whom there is 'no threat at all or only a very limited one." ...
This chapter focuses on understandings and debates around cyberterrorism as well as the effect particular representations of this phenomenon have upon assessing its threat. The chapter begins by introducing various understandings of cyberterrorism and differentiates between narrow and broad conceptions as well as effects and intent based definitions. Moving onto consider the threat of cyberterrorism the chapter identifies an ongoing debate between ‘concerned’ and ‘sceptical’ voices as well as those that contest whether cyberterrorism has ever taken place. The chapter then introduces a range of broadly constructivist studies which question the orthodox approach to cyberterrorism as an ontological reality and highlight the importance of media representations of this threat. To illustrate this, the chapter concludes by highlighting findings from a recent study of global news media coverage. It shows that this media is frequently apprehensive in tone, despite the existence of diverse understandings of cyberterrorism and cybersecurity
... Drawing inspiration from important earlier efforts to snapshot the terrorism research community, a survey was conducted focusing on researcher understandings of the meaning of cyberterrorism, the threat that it poses, and the appropriate responses to this threat. Key findings from this survey -considered further detail below -included: the existence of widespread support for a specific, stand-alone definition of cyberterrorism -albeit with considerable disagreement on the appropriate content of such a definition; 5 researcher skepticism about the proliferation and value of adjacent terms -especially 'cyber jihad' or 'pure cyberterrorism' -in this context; 6 evidence of a pronounced and important divide between "skeptical" and "concerned" perspectives on the threat posed by cyberterrorism; 7 and, some sympathy for the validity of the proposition that states are capable of engaging in cyberterrorism. 8 In the years that have now passed since that initial exercise, we have witnessed two developments of relevance to those interested in cyberterrorism. ...
This article reports on a survey of researchers designed to capture current perspectives on core questions around cyberterrorism. The survey—conducted in 2017 as a follow-on to an initial, 2012, exercise—focused on questions of definition, threat and response. By documenting our findings in each of these areas—and highlighting developments in the years between our surveys—we identify three particularly important trends. First, an increasing convergence around the core characteristics of cyberterrorism, albeit with continuing conceptual disagreements at the concept’s penumbra. Second, increasing researcher concern with the threat posed by cyberterrorism, underpinned by a widespread view that this threat has increased, and a growing feeling that cyberterrorist attacks have now taken place. Third, support for a diversity of counter-measures to this threat, although perhaps counter-intuitively little suggestion that resort to exceptional or draconian measures is needed. In order to inform future research, the article concludes by detailing some of the major limitations, gaps and weaknesses within academic research to date as identified by our respondents.
... Siber terörizm, kişileri, kurumları ve ulusları sindirmek ve baskı altına alabilmek amacıyla kritik altyapılara, akıllı sistemlere, resmi birimlerin bilgisayarlarına ve ag yapılarına, bilgi ve veri tabanlarına zarar vermek için gerçekleştirilen faaliyetlerdir [4], [5]. Buşekilde gerçekleşen saldırılar ile kritik veriler teröristlerin eline geçtigi takdirde; bedensel yaralanma, patlama, uçak kazası, ekonomik krizler, paranın deger kaybetmesi, askeri darbe girişimi, su kirliligi, agır ekonomik kayıplar, vb. ...
İnternet kullanımının yaygınlaşması ile birlikte son kullanıcılar, yaşamlarının büyük bir kısmını sanal ortamlarla etkileşim içerisinde geçirmektedir. Kötü niyetli saldırganlar bireysel/siyasal/ekonomik fikirleri, inançları, hırsları, hedefleri, çıkarları, beklentileri veya misyonları doğrultusunda sanal ortamları kendi gruplarının, toplumlarının veya uluslarının amaçlarına göre olumlu veya olumsuz yönde kullanmaktadırlar. Bu ortamlarda ise bireyleri, toplumları veya ulusları, sonuçta dünyamızı doğrudan etkileyen en önemli tehdit ise siber terördür. Teröristler sanal ortamlarda propaganda yaparak, taraftar toplayarak veya sempatizanlar oluşturarak kritik altyapılara saldırılar gerçekleştirmektedir, kişisel ve kurumsal bilgi varlıklarına zarar vermektedir, elektronik ortamlara güveni zedelemektedir, kaosa altyapı oluşturmaktadır. En büyük arzuları ise mücadele ettikleri sistemleri veya diğer bir ifadeyle ulusal güvenliği tehdit etmektedir. Bu çalışmada; siber terörizm kavramı, etki alanı, hedefleri, saldırı yaklaşımları ve etkisi araştırılmıştır, ülkemizde siber terör üzerine geliştirilen akademik çalışmalar ilk kez detaylı olarak incelenmiştir. Siber terörle alakalı strateji ve politikalar analiz edilerek, bu araştırma sonucunda elde edilen bulgular değerlendirilmiştir. Sonuç olarak siber terörle mücadele için bazı öneriler sunulmuştur.
... Malicious actors, hackers, and adversarial nations are developing sophisticated capabilities to conduct cyber-attacks. The cyber domain is an attractive option for terrorists because of the low-cost, the ability to remain anonymous, and the opportunity to attack at will (Jarvis, MacDonald, & Nouri, 2014). Current attacks are increasing annually (GAO, 2015) and it is only a matter of time before terrorists conduct a catastrophic cyber-attack on a prized critical infrastructure. ...
... According to researchers, cyber terrorism is a moderate threat to any organization, corporation, or institution that is capable of compromising data, computer networks, intellectual property, or components, which is a tactic to cause fear (Jarvis, MacDonald, & Nouri, 2014). Cyber terrorism is an emerging phenomenon that propagates vulnerabilities such as the irregularity and substantial cost of software updates, hyperconnectivity, technological advances, and implementation of detection systems and capabilities (Jarvis, MacDonald, & Nouri, 2014). ...
... According to researchers, cyber terrorism is a moderate threat to any organization, corporation, or institution that is capable of compromising data, computer networks, intellectual property, or components, which is a tactic to cause fear (Jarvis, MacDonald, & Nouri, 2014). Cyber terrorism is an emerging phenomenon that propagates vulnerabilities such as the irregularity and substantial cost of software updates, hyperconnectivity, technological advances, and implementation of detection systems and capabilities (Jarvis, MacDonald, & Nouri, 2014). In fact, cyber security threats, cyber terrorism, and cyber-attacks across the globe, on average costs about 400 million dollars, in which U.S. based organizations paid 100 million dollars in 2013 (Zuerich & Graebe, 2015). ...
Civil aviation faces increased cybersecurity threats due to hyperconnectivity and the lack of standardized frameworks and cybersecurity defenses. Educating the civil aviation workforce is one method to enhance cyber defense against cyber-attacks. Educating the workforce will lead to initiatives and strategies to combat cyber-attacks. Private and public entities need to remain aggressive in developing cyber defense strategies to keep pace with the increasing vulnerabilities of hyperconnectivity. Areas that require immediate attention to safeguard against cybersecurity threats in civil aviation are: 1) Eliminating supply risks, 2) Upgrading legacy systems, 3) Mitigating technological aftereffects, 4) Increasing cybersecurity awareness, 5) Developing cybersecurity workforce, 6) Managing hyperconnectivity, and 7) Leveraging international entities. To safeguard civil aviation infrastructure from cybersecurity threats require assertive, coordinated, and effective strategies and capabilities to defend the network.
