Article

Cyberterrorism?

Authors:
To read the full-text of this research, you can request a copy directly from the authors.

Abstract

The term cyberterrorism is becoming increasingly common in the popular culture, yet a solid definition of the word seems to be hard to come by. While the phrase is loosely defined, there is a large amount of subjectivity in what exactly constitutes cyberterrorism. In the aftermath of the September 11th attacks, this is somewhat disconcerting. In an attempt to define cyberterrorism more logically, a study is made of definitions and attributes of terrorism and terrorist events. From these attributes a list of attributes for traditional terrorism is developed. This attribute list is then examined in detail with the addition of the computer and the Internet considered for each attribute. Using this methodology, the online world and terrorism is synthesized to produce a broader but more useful assessment of the potential impact of computer-savvy terrorists. Most importantly, the concept of ‘traditional’ cyberterrorism, which features the computer as the target or the tool is determined to be only a limited part of the true risk faced. Finally, the authors discuss the impact this new view of cyberterrorism has on the way in which one should build one’s defenses. In particular, the breadth of the issue poses significant questions for those who argue for vertical solutions to what is certainly a horizontal problem. Thus, the validity of special cyberterrorism task forces that are disconnected or loosely connected with other agencies responsible for fighting the general problem of terrorism is questioned, and a broader, more inclusive method suggested.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

... Bu saldırılar ile beraber uluslararası arenada siber terör ve terörizm kavramları sıklıkla konuşulurken [2,3,4], ulusal literatürde bu alanda yapılan çalışmaların azlığı göze çarpmaktadır. Ülkemizde, akademik veri tabanının "siber terör" başlığı ile taranması sonucunda; Ekim 2018 itibari ile toplam 10 adet çalışma ile karşılaşılmaktadır [4][5][6][7][8][9][10][11][12][13] ve bu çalışmalardan 3 tanesi, siber terör konusuna teknik bakış açısı getirmektedir [5][6][7]. ...
... S.Atasever vd./ Siber Terör ve DDoS 228 "Siber saldırı" tanımı günümüzde gerek uluslararası platformda gerekse de ulusal platformda kesin olarak yapılamamaktadır [14]. Buna bağlı olarak "siber terör" kavramının, ortak kabul edilmiş bir tanımı bulunmadığından, ucu açık bir kavram olarak kabul edilmektedir [2]. Türk dil kurumunun terör tanımı ve bu saldırıların sayısal ortamlarda gerçekleştirildiği göz önünde bulundurulduğunda, siber terör; bireylerin veya toplumların can ve mal güvenliğini riske atmak/zarar vermek için etkileşimde bulundukları, sayısal teknolojilere ve/veya platformlara gerçekleştirilen saldırılar olarak tanımlanabilir. ...
... Ciddi ekonomik kayıp ve güvenlik ihlali meydana gelebilir. Bir ulusun sosyal ve politik istikrarı ve uyumu ciddi bir şekilde ihlal edilebilir [2]. Bu eylemler, saldırganların gözünden bakıldığında ise, bir sosyal hak olarak görülebilir iken [15], saldırıların bireysel hak ve özgürlükleri tehdit etmesi ve toplum düzenine zarar vermesinden dolayı eylemlerin bir terör saldırısı olarak kabul edilmesi de önerilmektedir [16]. ...
Article
Full-text available
Siber terörizm eylemlerinde etkili bir araç olarak kullanılan DDoS saldırıları 1980’li yıllarda amatör bilgisayar korsanları (script kiddies) tarafından oyun/gösteriş amaçlı gerçekleştirilmeye başlamıştır. Bu saldırılar ile ciddi ekonomik zararlar verebileceğini fark eden siber suçlular, 90’lı yıllarda DDoS saldırılarını elektronik ticaret şirketlerinden şantaj ile para kazanma aracı olarak kullanmaya başlamışlardır. 2000’li yıllarda ise DDoS siber protesto ve saldırı aracı olarak kullanılmaktadır. Bu çalışmada DDoS saldırılarının gerçekleştirilme nedenleri tarihsel değişimi ile incelenmektedir. Ayrıca; DDoS saldırılarını gerçekleştirmekte kullanılan yöntemler, kategorize edilip örnekler ile anlatılmaktadır. DDoS ’un bir siber terör aracı olarak nasıl kullanıldığı açıklanmaktadır. Ayrıca, siber terörizm ile DDoS saldırıları arasındaki ilişki sunulmaktadır.
... Tomorrow's terrorist may be able to do more damage with a keyboard than with a bomb" (National Research Council, 1990). The term 'cyberterrorism' was first used by Barry Collin in the 1980s (Gordon and Ford, 2002) and has many different connotations depending on where in the world it is being defined and by whom; very similar to traditional terrorism. Dorothy Denning's testimony before the Special Oversight Panel on Terrorism in 2000 is one of the most cited papers on the issue of cyberterrorism. ...
... Since the term cyberterrorism has been introduced to the world there have been hundreds of definitions as to its exact nature and purpose (Gordon and Ford, 2002). Most definitions agree that for an act to qualify as cyberterrorism it must be instigated from an IT system through cyberspace with the direct target being another IT system. ...
... Most definitions agree that for an act to qualify as cyberterrorism it must be instigated from an IT system through cyberspace with the direct target being another IT system. Since the term was first coined by Barry Collin, many experts, professionals and politicians have stated that the threat from cyberterrorism could be as catastrophic as real world events and the alarmist buzz words such as electronic Pearl Harbor, digital Armageddon and electronic Chernobyl have been used to stoke the fears of cyberterrorism and maintain a high level of public anxiety (Green, 2002) However, similar to terrorism, cyberterrorism appears to lack a solid, unified definition (Gordon and Ford, 2002). Some of the popular definitions state that only an attack on a country's critical national infrastructure (CNI) would quantify it as a cyberterrorism attack whilst others opt for an opposite and more diluted definition where "any application of terrorism on the internet, including posting videos of attacks online and building websites to attract supporters, should be considered as cyberterrorism" (Kaplan, 2009). ...
... The most cited definition for cyberterrorism comes from Denning which was given before the Special Oversight Panel. It states: "Cyberterrorism is the convergence of terrorism and cyberspace... unlawful attacks and threats of attack against computers, networks, and the information… done to intimidate or coerce a government or its people in furtherance of political or social objectives... to qualify a cyberterrorism, an attack should result in violence against persons or property, or at least cause enough harm to generate fear" [15]. Desouza and Hensgen define cyberterrorism as "A purposeful act, personally or politically motivated, that is intended to disrupt or destroy the stability of organizational or national interests, through the use of electronic devices which are directed at information systems, computer programs, or other electronic means of communications, transfer, and storage" [8]. ...
... · Cyberterrorism is mainly motivated by political, social or religions reasons. The CLC model will incorporate the different motivating reasons [15], [8], [25]. ...
... · Motivation is a key aspect in separating traditional cybercrimes from cyberterrorism. The ontology shows motivations that correspond to cybercrime in general (criminal, ethical, financial, military and recreational) [30] and those that relate to cyberterrorism (political, social and religious) [15]. The CLC model will specifically capture the motivations relating to cyberterrorism. ...
Conference Paper
Full-text available
Cyberterrorism has emerged as a new threat in the Information and Communication Technology (ICT) landscape. The ease of use, affordability, remote capabilities and access to critical targets makes cyberterrorism a potential threat to cause wide-scale damage. Cyberterrorism is often incorrectly perceived as encompassing all cybercrimes. However, cyberterrorism differs from cybercrime in various ways including motivation, attack goals, techniques and effects. Motivations for cyberterrorism, which is similar to terrorism in general, stem from religious, social and political views. Cyberterrorists generally would seek to have high impact in order to gain publicity for their cause, whereas cybercriminals often prefer to have their acts undetected in order to hide their financial theft, fraud or espionage. Therefore, there are various factors that drive the development of a cyberterrorist. This paper proposes a model for the development of cyberterrorism in order to show the various influential forces. The Cyberterrorism Life-Cycle (CLC) model presented in this paper is composed of five phases: Prepare, Acquaint, Choose, Execute, and Deter (PACED). In addition the paper looks at various factors, including social, practices, objectives, targets and countermeasures, which are mapped onto the PACED phases in order to show the interaction and dynamic nature during the life-cycle development.
... Tomorrow's terrorist may be able to do more damage with a keyboard than with a bomb' [9]. The term 'cyberterrorism' was first used by Barry Collin in the 1980s [10] and has many different connotations depending on where in the world it is being defined and by whom; very similar to traditional terrorism. Dorothy Denning's testimony before the Special Oversight Panel on Terrorism in 2000 is one of the most cited papers on the issue of cyberterrorism. ...
... This statement generally falls in line with the accepted definition of terrorism but with the terrorist act occurring within cyberspace with computers, networks or stored information being the initial direct targets of an attack. Since the term cyberterrorism has been introduced to the world there have been hundreds of definitions as to its exact nature and purpose [10]. Most definitions agree that for an act to qualify as cyberterrorism it must be instigated from an IT system through cyberspace with the direct target being another IT system. ...
... Most definitions agree that for an act to qualify as cyberterrorism it must be instigated from an IT system through cyberspace with the direct target being another IT system. Since the term was first coined by Barry Collin, many experts, professionals and politicians have stated that the threat from cyberterrorism could be as catastrophic as real world events and the alarmist buzz words such as electronic Pearl Harbour, digital Armageddon and electronic Chernobyl have been used to stoke the fears of cyberterrorism and maintain a high level of public anxiety [12] However, similar to terrorism, cyberterrorism appears to lack a solid, unified definition [10]. Some of the popular definitions state that only an attack on a country's critical national infrastructure (CNI) would quantify it as a cyberterrorism attack whilst others opt for an opposite and more diluted definition where 'any application of terrorism on the Internet, including posting videos of attacks online and building websites to attract supporters, should be considered as cyberterrorism' [13]. ...
Article
Full-text available
Like conventional terrorism, cyberterrorism has the same aims and goals but the act is done exclusively within cyberspace where the computer is both weapon and target. Unlike conventional terrorism, cyberterrorism is not analogue but digital and any potential attack could have global consequences. Current thinking is that Critical National Infrastructure (CNI) is the main target of focus for cyberterrorism but with so many people online on a national or even global scale, public could prove to be an easier, more tempting target. This article addresses how the cyberterrorist could use the public as target of a real or fake attack by using a mimetic virus as the weapon.
... By reviewing previous studies, we define AI crime, and then propose a taxonomy for new types of crime: the AI as tool crime and AI as target crime, inspired by an existing taxonomy used in cybercrime: computer as tool crime and computer as target crime [11], [12]. The AI as tool crime is defined as the expansion of existing crimes, including traditional crime and cybercrime (e.g. ...
... Cybercrime is regarded as the dark side of cyber space [12]. It is categorized into two types, computer as target crime and computer as tool crime [11], [27]. As information has been digitized and connected by network, new types of crimes, such as cyberterrorism, cyberextortion, cyberwarfare, etc., have emerged; these crimes are called computer as target crime. ...
Article
Full-text available
Advances in Artificial Intelligence (AI) have influenced almost every field including computer science, robotics, social engineering, psychology, criminology and so on. Although AI has solved various challenges, potential security threats of AI algorithms and training data have been stressed by AI researchers. As AI system inherits security threats of traditional computer system, the concern about novel cyberattack enhanced by AI is also growing. In addition, AI is deeply connected to physical space (e.g. autonomous vehicle, intelligent virtual assistant), so AI-related crime can harm people physically, beyond the cyberspace. In this context, we represent a literature review of security threats and AI-related crime. Based on the literature review, this article defines the term AI crime and classifies AI crime into 2 categories: AI as tool crime and AI as target crime, inspired by a taxonomy of cybercrime: Computer as tool crime and Computer as tool crime. Through the proposed taxonomy, foreseeable AI crimes are systematically studied and related forensic techniques are also addressed. We also analyze the characteristics of the AI crimes and present challenges that are difficult to be solved with the traditional forensic techniques. Finally, open issues are presented, with emphasis on the need to establish novel strategies for AI forensics.
... In order to fully comprehend the term cyberterrorism; first introduced by Barry Collin in the 1980s (Gordon & Ford, 2002) we must begin by looking at the evolution of conventional terrorism. Terrorism has always been a controversial subject, which 'has been well studied and documented' (Collin, 1997:pp 15-18) but there is a lack of a globally accepted academic or legal agreement on its true definition (Schmid, 2011). ...
... Information gathering using a computer or device which is connected to the Internet or the distribution of propaganda through electronic means such as webcasts or communication between individuals or terrorist cells are all considered forms of cyberterrorism. This viewpoint can be further broken up into two parts: Pure cyberterrorism and regular cyberterrorism (Gordon & Ford, 2002). This notion proposed by Gordon and Ford proposes that regular cyberterrorism falls within the Dilution Theory whereby an act of cyberterrorism is an act whereby a terrorist utilises a computer to further a terrorist's political message, raise funds or research potential targets where the computer is not being used as a metaphorical weapon (Kenney, 2015). ...
Chapter
Conventional terrorism has been around for hundreds of years and even though its tactics and the weapons of choice have evolved over time as well as the use and deployment of weapons may have changed the root definition of terrorism has remained relatively untouched. With the advent of mass computing, cybercrime has increased year on year. This chapter will look at three differing viewpoints of cyberterrorism and its ultimate effects on society. Many industry and academic experts warn that it is only a matter of time before conventional terrorist acts will migrate to the digital arena in the form of cyberterrorism. Current literature suggests that a countries critical national infrastructure will be the main focus of attack for the cyberterrorist but this chapter will address another possible target for the cyberterrorist using a different type of cyber weapon: a mimetic virus. This chapter also looks at how a mimetic virus could use social media to spread throughout the target audience using what is known as Internet memes.
... In order to fully comprehend the term cyberterrorism; first introduced by Barry Collin in the 1980s (Gordon & Ford, 2002) we must begin by looking at the evolution of conventional terrorism. Terrorism has always been a controversial subject, which 'has been well studied and documented' (Collin, 1997:pp 15-18) but there is a lack of a globally accepted academic or legal agreement on its true definition (Schmid, 2011). ...
... Information gathering using a computer or device which is connected to the Internet or the distribution of propaganda through electronic means such as webcasts or communication between individuals or terrorist cells are all considered forms of cyberterrorism. This viewpoint can be further broken up into two parts: Pure cyberterrorism and regular cyberterrorism (Gordon & Ford, 2002). This notion proposed by Gordon and Ford proposes that regular cyberterrorism falls within the Dilution Theory whereby an act of cyberterrorism is an act whereby a terrorist utilises a computer to further a terrorist's political message , raise funds or research potential targets where the computer is not being used as a metaphorical weapon (Kenney, 2015 ). ...
Book
Full-text available
As chapters should have been professionally copy edited and submitted in their final form, please remember that no major changes to the text can be made at this stage. Here is a quick step-by-step guide on using the comment functionality in Adobe Reader to submit your changes.
... In order to fully comprehend the term cyberterrorism; first introduced by Barry Collin in the 1980s (Gordon & Ford, 2002) we must begin by looking at the evolution of conventional terrorism. Terrorism has always been a controversial subject, which 'has been well studied and documented' (Collin, 1997:pp 15-18) but there is a lack of a globally accepted academic or legal agreement on its true definition (Schmid, 2011). ...
... Information gathering using a computer or device which is connected to the Internet or the distribution of propaganda through electronic means such as webcasts or communication between individuals or terrorist cells are all considered forms of cyberterrorism. This viewpoint can be further broken up into two parts: Pure cyberterrorism and regular cyberterrorism (Gordon & Ford, 2002). This notion proposed by Gordon and Ford proposes that regular cyberterrorism falls within the Dilution Theory whereby an act of cyberterrorism is an act whereby a terrorist utilises a computer to further a terrorist's political message, raise funds or research potential targets where the computer is not being used as a metaphorical weapon (Kenney, 2015). ...
Chapter
Conventional terrorism has been around for hundreds of years and even though its tactics and the weapons of choice have evolved over time as well as the use and deployment of weapons may have changed the root definition of terrorism has remained relatively untouched. With the advent of mass computing, cybercrime has increased year on year. This chapter will look at three differing viewpoints of cyberterrorism and its ultimate effects on society. Many industry and academic experts warn that it is only a matter of time before conventional terrorist acts will migrate to the digital arena in the form of cyberterrorism. Current literature suggests that a countries critical national infrastructure will be the main focus of attack for the cyberterrorist but this chapter will address another possible target for the cyberterrorist using a different type of cyber weapon: a mimetic virus. This chapter also looks at how a mimetic virus could use social media to spread throughout the target audience using what is known as Internet memes.
... This complicates counterterrorism efforts, as terrorist acts within the cyber-realm have even less regard for borders than terrorist acts within geographic regions. An urgent need for the development of minimum standards of security for computer networks remains (Gordon and Ford, 2002), together with the mindful use of surveillance and research methods to share and collect information on terrorist activities -while respecting the growth of internet capacity, user privacy and sovereignty. ...
Article
This paper seeks to examine the relevance of the term ‘cyberterrorism’ within African spaces. Although the notion of cyberterrorism as a concept is contested by scholars such as Jason Burke and Marc Sageman, the application of the concept in an African context raises a number of concerns. Firstly, rather than focusing on the semantic and conceptual issues only, more attention should be paid to the material implications of such discourses for people and states on the continent who are on the receiving end of such conceptualisation. Discourses regarding fear are always very complex and shape the way in which reality is perceived, understood and how hegemonic power-relations are formed within certain contexts. Secondly, these discourses reflect a Eurocentric bias, because, as visible in the definition used and accepted by US defence analysts, cyberterrorism would refer to “Unlawful attacks and threats of attack against computers, networks, and the information stored therein when done to intimidate or coerce a government or its people in furtherance of political or social objectives.”. These types of discourses are largely state-centric or government-centric, created to operate in spheres where effective governance varies from what is accepted as such on the African continent. While connectivity and globalization are becoming increasingly important for Africa as a whole, it begs the question whether the term is not more appropriate for highly globalized, technologically advanced contexts of the global North. In contrast with countries in the global North, African countries’ limited use and penetration of information technology thus underline the need for a critical (re)examination of the discourses relating to cyberterrorism in the African context. What needs to be established is whether cyberthreats, specifically cyberterrorism, pose a real threat on the continent, or whether the concept has become a platitude or blanket term to describe any form of information-based hostility. The paper questions the application of concepts such as cyberthreats, cyberterrorism and cybersecurity in African-centered approaches.
... As their value rises, the motivation driving cyber attacks on this infrastructure has shifted from the pursuit of notoriety to the pursuit of profit [1,2] or political gains, leading to cyber terrorism on various scales. Cyber terrorism has had its share of case studies and definitions since late 1990s and early 2000s [3][4][5]. A common denominator of the definition of cyber terrorism is the threat posed through the use of cyber infrastructure, especially the Internet. ...
Chapter
Full-text available
Prevalent computing devices with networking capabilities have become critical cyber infrastructure for government, industry, academia and every-day life. As their value rises, the motivation driving cyber attacks on this infrastructure has shifted from the pursuit of notoriety to the pursuit of profit [1, 2] or political gains, leading to cyber terrorism on various scales. Cyber terrorism has had its share of case studies and definitions since late 1990s and early 2000s [3–5]. A common denominator of the definition of cyber terrorism is the threat posed through the use of cyber infrastructure, especially the Internet. Stuxnet, a malware discovered in June 2010, which was a directed attack against the Iranian nuclear program [6], represented a milestone on cyber warfare and posed a new challenge to analyze and understand cyber attacks due to its complexity in attack strategy. While cyber terrorism can have many elements beyond exploiting cyber vulnerabilities, this chapter focuses on analyzing techniques that process observables of malicious activities in the cyberspace.
... One of the most cited definitions of cyberterrorism as presented by Denning before the Special Oversight Panel on Terrorism, refers to cyberterrorism as unlawful attacks and threats of attack against computers, networks and the information stored therein, to intimidate or coerce a government or its people in furtherance of political and social objectives [8]. Terrorism in general is indicative of offensive techniques that are used to promote political, social and religious issues. ...
Conference Paper
Full-text available
Cyberterrorism addresses the convergence of the fear-causing world of terrorism with the abstract realm of cyberspace, computers and networks. While cyberterrorism can be executed using various technical security exploits, it inherently stems various social, political or religious views. This paper presents an overview of the motivating forces behind cyberterrorism which can provide the baseline to develop a countermeasure strategy. In this paper, countermeasures that can be used to deter cyberterrorism from both these psychological and technical perspectives are covered. It provides a high-level overview of the fight against terrorism and discusses countermeasures that can be used to combat cyber terrorism to create awareness.
... Denning (in (Gordon, Ford 2002)) talks about cyberterrorism being done to intimidate or coerce a government or its people to further political or social objectives. In addition, various terrorist groups are also strongly driven by religious beliefs, for example Al Qaeda prescribes to the principles of Islam. ...
Conference Paper
Full-text available
Cyberterrorism and the use of the Internet for cyberterrorism is an emerging field. Often cyberterrorism activities overlap with traditional hacking and Information and Communication Technology (ICT) Infrastructure exploitation. As a result, the defining and differentiating characteristics of cyberterrorism can easily be misunderstood. The use of an ontology specifically developed for cyberterrorism, will provide a common framework to share conceptual models. By using an ontology, the internal and external environment of a field (in this case, cyberterrorism) can be captured together with the relationships between the environments. This paper proposes an ontology to identify whether a cyber event can be classified as a cyberterrorist attack or a support activity. The role of the cyberterrorism ontological model will be to provide a better structure and depiction of relationships, interactions and influencing factors by capturing the content and boundaries in the field of cyberterrorism. The ontology will be developed using a cyberterrorism framework covering influencing factors, together with a compiled network attack classification ontology. Classes will be drawn from research carried out on the use of ICT in the support of cyberterrorism. As defined in this research, a cyberterrorism attack consists of a high-level motivation that is religious, social or political. The individual/group can furthermore be classified as having a specific driving force depending of the level of extremism or revolutionary thinking. Thus, the ontology will take into consideration the motivating characteristics that play a significant role in contributing towards the definition of cyberterrorism. Overall, this paper promotes the understanding of the field of cyberterrorism and its relation to ICT manipulation, together with the use of the Internet to support terrorism in general. Ontologies enable a common view on a specific domain to generate knowledge that can be shared and reused. Ontologies can further be populated with specific dynamic instances of information and therefore can be used to generate real-world scenarios. In this paper, the proposed ontological model will form a knowledge base for the field of cyberterrorism and will provide instances that aim to convey realistic cyberterrorism situations and support examples.
... 18 Discussions of the utility of broader understandings of cyberterrorism, on the other hand, include Gordon and Ford's exploration of the Internet's penetration into all aspects of ''the terrorism matrix.'' 19 In their view, the dominant focus on ''pure cyberterrorism'' (terrorist activities carried out entirely or primarily in the virtual world) is a potentially costly one given the potential of this to obscure other terrorism-related online activities. ...
Article
Full-text available
This article reports on a recent survey designed to capture understandings of cyberterrorism across the global research community. Specifically, it explores competing views, and the importance thereof, amongst 118 respondents on three definitional issues: (a) the need for a specific definition of cyberterrorism for either policymakers or researchers; (b) the core characteristics or constituent parts of this concept; and (c) the value of applying the term “cyberterrorism” to a range of actual or potential scenarios. The article concludes by arguing that while a majority of researchers believe a specific definition of cyberterrorism is necessary for academics and policymakers, disagreement around what this might look like has additional potential to stimulate a rethinking of terrorism more widely.
Chapter
This study explores the significant impact of the internet on terrorism and extremism by focusing on three key areas: cyberterrorism, social media usage, and attack planning. Cyberterrorism has emerged as a major threat, with incidents such as the WannaCry ransomware attack highlighting its potential to disrupt critical infrastructures. The study reveals that the low cost and difficulty in tracing cyberterrorists contribute to its rising prevalence. Furthermore, social media has become a vital tool for extremist groups in that it facilitates global communication, recruitment, and propaganda dissemination. Events such as the Christchurch mosque attacks illustrate the challenges of monitoring extremist content online. The internet also aids in attack planning by providing discreet communication channels, easy access to materials, and simplified travel arrangements, as seen in the 9/11 and Manchester Arena bombings. Additionally, the chapter discusses how technological advancements have enhanced security agencies’ capabilities, leading to more effective prevention and response strategies. The findings highlight the dual role of the internet as both a facilitator of terrorism and a crucial asset in countering these threats.
Article
Information sharing is examined to determine if the willingness to share information relates to the willingness to collaborate in interorganizational actions used to address cybersecurity threats. This study employs ANOVA by placing 85 organizational representatives that participated in a cyber terrorism training exercise into two categories: higher versus lower willingness to share information. The dependent measures in this study are proxies for collaboration measured by willingness to seek assistance from other organizations and willingness to offer assistance to other organizations. There is a significant statistical difference between the two categorizations of organizational representatives. The category that had a lower tendency to share information also had a lower willingness to collaborate with other organizations. This research shows that sharing information is critical when collaborative interorganizational action is required to face cybersecurity threats. Managers of organizations that respond to cybersecurity threats should promote the tendency to share information with other organizations that have the resources to aid in addressing the threat. Organizations involved in cybersecurity threats that are willing to share information are more willing to participate in integrative interorganizational efforts. This study includes a sample of actual decision makers of organizations that would handle cybersecurity attacks in their community. In this study, we demonstrate the role of information sharing for enhancing integrative, collaborative action in a time where promoting this type of action is imperative to cybersecurity initiatives.
Chapter
Governments worldwide are confronted with the formidable challenge of safeguarding their populations and critical infrastructures against ever-evolving cyber threats posed by malicious actors, including terrorist groups and their sympathisers. In response to this challenge, this chapter aims to illuminate the intricate relationship between terrorists and the Internet, providing valuable insights to assist policymakers, researchers, and security professionals in devising proactive strategies to combat cyberterrorism. To achieve this goal, the chapter begins by offering a comprehensive examination of the current cyberterrorism landscape, with a specific focus on the impact of the COVID-19 pandemic on online terrorism. It highlights how terrorist groups leverage the Internet’s interactivity and global reach for various nefarious activities, such as propaganda dissemination, recruitment, training, planning, funding, and executing attacks. Furthermore, the chapter emphasizes the paramount importance of national security in addressing challenges associated with cyberterrorism, highlighting the arduous task governments worldwide face in safeguarding their populations and critical infrastructures from evolving cyber threats posed by terrorist actors. Moreover, it delves into the multifaceted nature of cyberterrorism, elucidating the characteristics of cyberattacks, their most common forms, and objectives. Understanding these tactics is crucial for developing effective countermeasures and enhancing cybersecurity at both the national and international levels. This chapter contributes to the existing body of knowledge on cyberterrorism by providing valuable insights into its current state, along with a specific examination of the impact of the COVID-19 pandemic on its proliferation.
Chapter
The COVID-19 Pandemic has accelerated the digital transformation of organisations and services across the United Kingdom (UK) providing numerous opportunities for economic and social development in the UK. However, these opportunities also bring about unprecedented challenges for law enforcement agencies (LEAs), and has led to the progression of serious and advanced cyber threats. This chapter aims to analyse different types of cyber threats, identify the risk they pose to national security, and provide a critical evaluation of cybersecurity policy in the UK. The chapter will examine how current UK Government policies and practices effectively mitigate the cyber threats to national security, and will explore how these responses can be further developed, with reference to the National Cyber Security Centre, the Active Cyber Defence programme, and the National Cyber Security Strategy 2022–2030. The methodological approach for this chapter utilises a literature-based review to further develop research on the criminological issue of cyber threats, cybersecurity and national security in the UK.
Article
Full-text available
Cybersecurity plays a role in national security. This study introduces cybersecurity concepts in ways familiar to defense economists and identifies parallel methods of analysis in the fields. The theoretical tools of both fields include microeconomics and game theory. These tools enable analyses of phenomena present in both milieus: public goods, externalities, commons, incentives, interdependent security, platform economics, and inefficiency of decentralized decision making. Additional topics include cyber war, cyberterrorism, deterrence and disinformation in cyberspace, price of anarchy, and economics of cryptography.
Article
Full-text available
The most often reported danger to computer security is malware. Antivirus company AV-Test Institute reports that more than 5 million malware samples are created each day. A malware classification method is frequently required to prioritize these occurrences because security teams cannot address all of that malware at once. Malware’s variety, volume, and sophistication are all growing at an alarming rate. Hackers and attackers routinely design systems that can automatically rearrange and encrypt their code to escape discovery. Traditional machine learning approaches, in which classifiers learn based on a hand-crafted feature vector, are ineffective for classifying malware. Recently, deep convolutional neural networks (CNNs) successfully identified and classified malware. To categorize malware, a smart system has been suggested in this research. A novel model of deep learning is introduced to categorize malware families and multiclassification. The malware file is converted to a grayscale picture, and the image is then classified using a convolutional neural network. To evaluate the performance of our technique, we used a Microsoft malware dataset of 10,000 samples with nine distinct classifications. The findings stood out among the deep learning models with 99.97% accuracy for nine malware types.
Article
Full-text available
Terrorism, crime, and war are all familiar notions; however, the way in which these have been altered through cyberspace is not yet fully, nor unanimously, understood through definitions, theories, and approaches. Although the threat level of terrorism in the UK has lowered to moderate, the threat posed by cyber terrorism has nonetheless heightened throughout the COVID pandemic due to the greater necessity and presence of technology in our lives. This research aimed to highlight the necessity for a unanimous cyber terrorism definition and framework and further aimed to determine what perceptions are held by the general public regarding cyber terrorism through a mixed methods approach. The literature review confirms that there is an absence of a unanimously agreed upon definition of cyber terrorism, and furthermore that the existing academic definitions are not compatible with UK legislation. In addition, the literature review highlights an absence of a cyber terrorism framework that classifies what kind of terrorist activity is cyber enabled or cyber dependent. Quantitative data from the online survey find a couple of significant effects implying the necessity for greater diversity amongst stakeholders which could potentially enhance the detection and prevention of terrorism in the UK. The qualitative data find that although there is some agreement amongst the sample population in views held towards cyber terrorism, some misconceptions are nonetheless present which could have implications on the general public’s ability to identify and report cyber terrorist activity. Overall, the findings from the literature review and the primary data collection aid in developing a cyber terrorism definition that is compatible with UK legislative definitions, and further aids in developing a terrorist activity framework that succinctly highlights the inextricable links between traditional, cyber enabled, and cyber-dependent terrorism.
Article
Full-text available
Significant cybersecurity and threat intelligence analysts agree that online criminal activity is increasing exponentially. To offer an overview of the techniques and indicators to perform cyber crime detection by means of more complex machine- and deep-learning investigations as well as similar threat intelligence and engineering activities over multiple analysis levels (i.e., surface, deep, and darknets), we systematically analyze state of the art in such techniques. First, to aid the engineering and management of such intelligence solutions. We provide (i) a taxonomy of existing methods mapped to (ii) an overview of detectable criminal activities as well as (iii) an overview of the indicators and risk parameters that can be used for such detection. Second, to find the major engineering and management challenges and variables to be addressed. We apply a Topic Modelling Analysis to identify and analyze the most relevant threat concepts both in Surface and in Deep-, Dark-Web. Third, we identify gaps and challenges, defining a roadmap. Practitioners Value and Conclusions. The analysis mentioned above effectively provided a photograph of the scientific and practice gaps among the Surface Web and the Deep-, Dark-Web cybercrime and threat engineering and management. More specifically, our systematic literature review shows: (i) the dimensions of risk assessment techniques today available for the aforementioned areas—addressing these is vital for Law-enforcement agencies to combat cybercrime and cyber threats effectively; (ii) what website features should be used in order to identify a cyber threat or attack—researchers and non-governmental organizations in support of Law Enforcement Agencies (LEAs) should cover these features with appropriate technologies to aid in the investigative processes; (iii) what (limited) degree of anonymity is possible when crawling in Deep-, Dark-Web—researchers should strive to fill this gap with more and more advanced degrees of anonymity to grant protection to LEAs during their investigations.
Chapter
It has long been recognised that terrorists make use of the internet as one of many means through which to further their cause. This use of the internet has fuelled a large number of studies seeking to understand terrorists' use of online environments. This chapter provides an overview of current understandings of online terrorist behavior, coupled with an outline of the qualitative and quantitative approaches that can and have been adopted to research this phenomenon. The chapter closes with a discussion of the contentious issue of ethics in online terrorism research. The aim of the chapter is to equip readers with the necessary knowledge and skills to conduct their own research into terrorists' online behavior, taking best ethical practices into consideration when doing so.
Chapter
This chapter critically analyzes the academic literature on cyberterrorism produced between 1996 and 2009. It begins by detailing the origins of the concept and follows up with a brief overview of the cyberterrorism literature produced to date. The remainder of the chapter is divided into five major sections. The first of these is concerned with the definitional debates surrounding cyberterrorism, particularly the question of whether disruption of data is too minimal, given the necessary motivational factors are present, to be classed as cyberterrorism and destruction is necessary. The second and third sections are devoted to untangling cyberterrorism from hacking and cyberterrorism from cybercrime, respectively. Section four is focused upon strategies for separating the cyberterrorism hype from the reality, while section five departs from the cyberterrorism literature to draw attention to an argument from the “terrorism as communication” approach that, although it dismisses cyberterrorism as an imminent threat and thus bears similarities to much of the literature discussed in this chapter, introduces a new and different rationale for same.
Chapter
In this rapidly growing era of technology, terrorist organizations do not ultimately depend on weapons, army, bombs, and lethal weapons to inflict terror. As the entire earth is developing at a rapid pace, so do the terrorists. The strategies adopted by them have become cannier and more sinister. In addition to that, they no longer involve in training, making tedious plans, undergoing physical training, and subjecting their allies to physical attacks. Rather, they impose serious threats by attacking their victims by vandalizing the online infrastructure. This can be done conveniently from any part of the globe, thus enabling them to use the dark side of the internet. This chapter focuses on digital terrorism attacks, its impact, and it furnishes certain methods for prevention.
Article
This article reports on a survey of researchers designed to capture current perspectives on core questions around cyberterrorism. The survey—conducted in 2017 as a follow-on to an initial, 2012, exercise—focused on questions of definition, threat and response. By documenting our findings in each of these areas—and highlighting developments in the years between our surveys—we identify three particularly important trends. First, an increasing convergence around the core characteristics of cyberterrorism, albeit with continuing conceptual disagreements at the concept’s penumbra. Second, increasing researcher concern with the threat posed by cyberterrorism, underpinned by a widespread view that this threat has increased, and a growing feeling that cyberterrorist attacks have now taken place. Third, support for a diversity of counter-measures to this threat, although perhaps counter-intuitively little suggestion that resort to exceptional or draconian measures is needed. In order to inform future research, the article concludes by detailing some of the major limitations, gaps and weaknesses within academic research to date as identified by our respondents.
Article
Full-text available
The aim of this article is to define cyberterrorism. With that in mind, the first part of this article analyzes the notion of terrorism, a broad category to which the species “cyberterrorism” belongs. The second part of this article, on the other hand, is fundamentally about determining the scope of the term cyberterrorism, and presenting the challenges that this creates in a global and interconnected world.
Chapter
It has long been recognised that terrorists make use of the internet as one of many means through which to further their cause. This use of the internet has fuelled a large number of studies seeking to understand terrorists’ use of online environments. This chapter provides an overview of current understandings of online terrorist behavior, coupled with an outline of the qualitative and quantitative approaches that can and have been adopted to research this phenomenon. The chapter closes with a discussion of the contentious issue of ethics in online terrorism research. The aim of the chapter is to equip readers with the necessary knowledge and skills to conduct their own research into terrorists’ online behavior, taking best ethical practices into consideration when doing so.
Chapter
It has long been recognised that terrorists make use of the internet as one of many means through which to further their cause. This use of the internet has fuelled a large number of studies seeking to understand terrorists' use of online environments. This chapter provides an overview of current understandings of online terrorist behavior, coupled with an outline of the qualitative and quantitative approaches that can and have been adopted to research this phenomenon. The chapter closes with a discussion of the contentious issue of ethics in online terrorism research. The aim of the chapter is to equip readers with the necessary knowledge and skills to conduct their own research into terrorists' online behavior, taking best ethical practices into consideration when doing so.
Article
The concept of an assault on the critical infrastructure of the United States is often referred to as a ‘Cyber Pearl Harbor’. This implies that such an attack would come as a surprise. By 2016, however, few could claim to be surprised by such an event. This paper explains how the Clinton administration addressed cybersecurity in the 1990s as computers became an everyday item. With the benefits of this era, however, came potentially devastating implications for national security as the Clinton administration was required to confront a form of politically motivated violence unlike any that had been seen before Cyberterrorism.
Article
Full-text available
This article looks at the definition of cyber terrorism and terrorist use of the Internet. The article evaluates cyber terrorist threats facing countries such as the United States of America, the United Kingdom, India and South Africa. The article also examines measures introduced by the respective governments in these countries to counteract cyber terrorist threats. Finally, the article will propose a way forward to counteract such possible threats in the future. The face of terrorism is changing. The convergence of the physical and virtual worlds has resulted in the creation of a “new threat” called cyber terrorism. Cyber terrorism is one of the recognised cyber crimes. The absence of suitable legal frameworks to address cyber terrorism at national and regional levels, the lack of adequate safeguards, the lack of cyber security strategies and the pre-occupation of countries with internal factors have all contributed to the creation of an environment that can be easily infiltrated by cyber terrorists. The horrific events of 9/11 provided the impetus for many countries to introduce anti-terrorist legislation. The United States of America, United Kingdom, India and South Africa have introduced legislation to address the threat of cyber terrorism.
Article
This article explores original empirical findings from a research project investigating representations of cyberterrorism in the international news media. Drawing on a sample of 535 items published by 31 outlets between 2008 and 2013, it focuses on four questions. First, how individuated a presence is cyberterrorism given within news media coverage? Second, how significant a threat is cyberterrorism deemed to pose? Third, how is the identity of ‘cyberterrorists’ portrayed? And, fourth, who or what is identified as the referent – that which is threatened – within this coverage? The article argues that constructions of specificity, status, and scale play an important, yet hitherto under-explored, role within articulations of concern about the threat posed by cyberterrorism. Moreover, unpacking news coverage of cyberterrorism in this way leads to a more variegated picture than that of the vague and hyperbolic media discourse often identified by critics. The article concludes by pointing to several promising future research agendas to build on this work.
Article
By reflecting on active public-domain government documents and statements, this article seeks to develop securitisation theory’s articulation of the dichotomy between legitimate and illegitimate violence as it is reflected in British government policy. This dichotomy has (re)developed through a process wherein GCHQ and MI5 are portrayed as “faceless guarantors” of security, in Manichean juxtaposition to the discursively created phantom cyberterrorists, who are presented as “faceless detractors” of security. It has previously been stated that the terrorism discourse associated with the present “War on Terror” is attributed, in part, to mechanics of fantasy. I argue that, within the securitised discourse of cyberterrorism, the limits of fantasy possesses a murky nuance, which in turn, allows for a deeper – or at least more entrenched – securitisation. The official discourse surrounding the intelligence services’ online surveillance apparatus operates with a similar opaque quality, but this is upheld by securitising actors as a strength to be maintained.
Article
Full-text available
Current literature suggests that critical national infrastructure is the main focus of attack for cyberterrorism but this researchwill address the issue of whether a mimetic virus is a viable cyberterrorist attack against a target population.Statistical data was obtained from questionnaires with 100 random participants regarding their understanding and current levels of fear of a cyberterrorist attack against them; responses indicated that there was a good level of understanding as to what cyberterrorism was and that participants’ fear levels of an impending attack were low. The participants were then introduced using a fabricated video clip to what they were led to believe was a real weaponised computer virus which attacked laptop batteries causing them to explode. The data showed that not only had participants’ fear levels increased but they would also modify future habits and behaviour. This research highlighted that the general publiccould indeed be a target of cyberterrorism and a mimetic virus could be an effective method of attack. Cyberterrorism targeting general public through social media. Available from: https://www.researchgate.net/publication/299467589_Cyberterrorism_targeting_general_public_through_social_media [accessed Apr 4, 2016].
Chapter
This chapter introduces the field of digital forensics. It is intended as an overview to permit the reader to understand the concepts and to be able to procure the appropriate assistance should the need for digital forensics expertise arise. Digital forensics is the application of scientific techniques of discovery and exploitation to the problem of finding, verifying, preserving, and exploiting digital evidence for use in a court of law. It involves the use of hardware and software for finding evidence of criminal activity on digital media, either in a computer or in a network device, and attributing that evidence to a suspect for the purposes of conviction. Digital forensics can also be used for non-law enforcement purposes. Data recovery is a form of computer forensics used outside of the legal arena. The authors hope that the reader will understand some of the intricacies of digital forensics and be able to intelligently respond to incidents requiring a digital forensic response.
Article
Chapter Overview: This chapter engages with the concept of cyberterrorism by investigating three connected questions. First, to what - if anything does cyberterrorism refer, and from where does its meaning derive? Second, how useful is this term for academics, policymakers, legislators and other potential users? Third, what problems or limitations might be identified with the concept of cyberterrorism? The chapter begins with a brief account of the concept's emergence in the 1980s, linking this to two prominent dynamics of this period: a post-Cold War geopolitical reshuffle, and the rise of new security concerns linked to the Internet. Upon this, we note that although the concept has become increasingly prominent in the intervening years, its meaning has, if anything, become more rather than less contested. The chapter's second section builds on our account of this contestability by exploring whether it is useful, or even desirable, to situate cyber-activities of any sort within a broader history of terrorism. While acknowledging the evolution (hence variability) of terrorism over time, we identify a number of factors that make it challenging to describe any cyber-activity as 'terrorist'. The paper's third section posits three competing ways to deal with these challenges. The first is simply to abandon the concept of cyberterrorism as a misnomer. The second is to engage in further definitional work to clarify that to which cyberterrorism might refer. The third-our preferred route-is to eschew the question of definition altogether and approach cyberterrorism as a social construction rather than a stable and coherent ontological entity. © 2014 Springer Science+Business Media New York. All rights reserved.
Article
Chapter Overview: This chapter examines the use of the criminal law to prevent terrorist attacks by prohibiting online preparatory activities. The chapter begins by explaining our understanding of the term cyberterrorism, arguing that whilst it is important that cyberterrorism is construed narrowly it is also important to recognise that it is qualitatively distinct from traditional forms of terrorism. After outlining the variety of ways in which terrorists may use the Internet in preparation for both cyber and non-cyber based attacks, the chapter then explains why terrorism precursor offences have been deemed necessary and argues that the notion of normative involvement offers both a principled basis on which to justify the criminalisation of preparatory activities as well as a yardstick for evaluating whether these offences overreach. Finally, the chapter considers another suggestion for limiting the scope of the precursor offences: stipulating that inherently innocent conduct should fall outside the scope of the criminal law. It argues that this proposal is problematic and that a more fruitful approach would be to strengthen the extra-legal constraints on prosecutorial discretion. © 2014 Springer Science+Business Media New York. All rights reserved.
Article
This chapter critically analyzes the academic literature on cyberterrorism produced between 1996 and 2009. It begins by detailing the origins of the concept and follows up with a brief overview of the cyberterrorism literature produced to date. The remainder of the chapter is divided into five major sections. The first of these is concerned with the definitional debates surrounding cyberterrorism, particularly the question of whether disruption of data is too minimal, given the necessary motivational factors are present, to be classed as cyberterrorism and destruction is necessary. The second and third sections are devoted to untangling cyberterrorism from hacking and cyberterrorism from cybercrime, respectively. Section four is focused upon strategies for separating the cyberterrorism hype from the reality, while section five departs from the cyberterrorism literature to draw attention to an argument from the "terrorism as communication" approach that, although it dismisses cyberterrorism as an imminent threat and thus bears similarities to much of the literature discussed in this chapter, introduces a new and different rationale for same.
Article
Full-text available
ICT security has been one of the major causes of problems in the world in that billions of dollars are lost every year because of cyber terrorism that has become a way to destroy the world in just a few seconds, nevertheless Universities are not exception to this kind of terrorism, that's why they are encouraged to ensure strict ICT security within the University campus. This research study aimed at describing the critical need for ICT security in Universities and to show that ICT security can affect academic progress in Universities. The population of study comprised of ICT academic personnel (Lecturers, Technicians, and Lab-Attendants). Findings showed that there is a strong relationship between academic activities and ICT security. Therefore, without a well-secured ICT security, a University can come to a standstill.
Article
Chapter Overview: This chapter argues that debates around the threat posed by cyberterrorism have been dominated by a focus on issues relating to technological potentialities. To balance this, it focuses on the 'terrorism' aspect of cyberterrorism, arguing that it is important to situate cyber attacks within an analysis of terrorist interests and options. Doing so, it argues, leads to a far more optimistic forecast of the likelihood of cyberterrorism than is common, for four reasons. First, the costs of cyber attacks-although difficult to estimate-are vastly higher than those of non-cyber equivalents, such as car bombings. Second, terrorist groups typically lack the mastery to carry out successful cyber attacks which are exponentially more difficult than non-cyber terrorism. Third, the destructive potential of non-cyber attacks can be far more readily materialised than that of cyber attacks. And, fourth, cyberterrorism lacks the theatricality of more conventional attacks and therefore is likely to be less desirable to terrorist groups. Taken together, these four arguments indicate that cyberterrorism remains far less likely than is frequently supposed. © 2014 Springer Science+Business Media New York. All rights reserved.
Article
Terrorist and extremist movements have long exploited mass communications technology in pursuit of their political ends. The advent of the internet offers new opportunities. In response, state counter-measures seek to stem the impact of extreme ideologies by a number of tactics. “Positive” measures refer to those online initiatives that seek to make an impact through digital engagement and education and the provision of counter-narratives. “Negative” measures describe those approaches that advocate for, or result in, the deletion or restriction of violent extremist online content and/or the legal sanctioning of its online purveyors or users. More sanctions-based outcomes arise through discretionary state activity such as warnings and counselling of vulnerable individuals, or through disruptive counter-measures such as bans on the giving of lectures or prohibitions on the entry into the country of speakers or the taking down of extremist internet sites. Other measures step over into criminal justice, as when individuals are prosecuted for collecting materials or information (including typically information downloaded from the internet) or for issuing messages which can be construed as direct or indirect incitements to terrorism. This paper will analyse the responses to extremist uses of the internet, with an emphasis upon legal responses – “online laws”.
Chapter
Terrorism is one of the fears that influenced the economic, political and security transformations of contemporary societies. The effects of terrorism can be traced back to ancient Greece and evolved en par with societies through the centuries. The anarchist ‘propaganda by deed’ methodology was followed by other terrorist movements later on in history, as well as in the modus operandi of the terrorist organization in the last decade. So the question remains, so now what’s next? The Internet and its ‘natural habitat’ gave the possibility to develop what has been recognized as cyber-terrorism. The services provided by the Internet allow terrorists to adopt an entrepreneur approach to their business. New products are quickly sought and customised to achieve defined goals like any other enterprise. The Internet allows terrorists to spread their message to a far wider audience than that permitted by other non-Internet environments. Cyber-terrorism evolved from being the support infrastructure necessary to commit an attack to the attack itself. This lethal cocktail kindles the need to rethink the economic, political and security strategies in order to mitigate the effects of cyber-terrorism.
Article
Full-text available
In his article the Author attempts to address religious extremism and the factors confounding its conceptual and definitional understanding within the existing reality of Pakistan. He particularly highlights and analyzes the demographic magnitude of extremists’ potential, inspirations, channels and geographical location of extremism in the country; these areas have been ignored in the extant literature on extremism in Pakistan. In his article a few broad policy suggestions are also offered including a generalizable framework to measure the holistic spread of extremism in Pakistan in order to be able respond meaningfully to the situation. Although his analysis focuses on Pakistan, many lessons from this article can be drawn for the terrorist threat that faces many NATO member nations.
Article
Full-text available
In order to deter cyber terrorism, it is important to identify the terrorists, since punishment may not deter them. The identification probability relies heavily on tracking cyber terrorists. However, there are legal and technical challenges to tracking terrorists. This paper proposes suggestions and insights on overcoming these challenges. Three types of infrastructures must be present in order to deter cyber terrorism: technical, policy, and legal. We list some of the key items that academics as well as practitioners need to focus on to improve cyber-terrorism deterrence.
Article
Full-text available
What is the economic impact of cyber terrorism? Can organizations achieve strategic advantage in the cyber terrorism game? A general game theoretical model is proposed to study the optimal information systems (ISs) security investment and then applied to compare the losses caused by cyber terrorists and common hackers. Literature is reviewed on IS security, game theoretical models of IS security, cyber terrorism, cyber deterrence and IS security breach function. Simulations with varying levels of attacker's preference, breach function sensitivity and deterrence level are carried out to determine sensitivity to the optimal IS security investment. Results suggest that organizations should invest more to protect their strategic information systems against cyber terrorists who have long-term goals.
Article
Full-text available
This article reports on a recent research project exploring academic perspectives on the threat posed by cyberterrorism. The project employed a survey method, which returned 118 responses from researchers working across 24 different countries. The article begins with a brief review of existing literature on this topic, distinguishing between those concerned by an imminent threat of cyberterrorism, and other, more skeptical, views. Following a discussion on method, the article's analysis section then details findings from three research questions: (1) Does cyberterrorism constitute a significant threat? If so, against whom or what?; (2) Has a cyberterrorism attack ever taken place?; and (3) What are the most effective countermeasures against cyberterrorism? Are there significant differences to more traditional forms of anti- or counterterrorism? The article concludes by reflecting on areas of continuity and discontinuity between academic debate on cyberterrorism and on terrorism more broadly.
Article
Full-text available
While hype around the benefits of ‘cloud computing’increase, challenges in maintaining data security and data privacy have also been recognised as significant vulnerabilities (Ristenpart et al. in Proceedings of the 14th ACM conference on computer and communications security, pp 103–115, 2009; Pearson in CLOUD’09, pp 44–52, 2009; Vouk in J Comput Inf Technol 4:235–246, 2008). These vulnerabilities generate a range of questions relating to the capacity of organisations relying on cloud solutions to effectively manage risk. This has become particularly the case as the threats faced by organisations have moved increasingly away from indiscriminate malware to more targeted cyber-attack tools. From forensic computing perspective it has also been recognised that ‘cloud solutions’ pose additional challenges for forensic computing specialists including discoverability and chain of evidence (Ruan et al. in Adv Digital Forensics VII:35–46, 2011; Reilly et al. in Int J Multimedia Image Process 1:26–34, 2011). However, to date there has been little consideration of how the differences between indiscriminate malware and targeted cyber-attack tools further problematize the capacity of organisations to manage risk. This paper also considers these risks and differentiates between technical, legal and ethical dilemmas posed. The paper also highlights the need for organisations to be aware of these issues when deciding to move to cloud solutions.
Article
Like most new technologies, virtual reality VR has been the subject of a great deal of idealization. This paper both debunks that idealization by discussing some problems that certain types of VR could cause and emphasizes how other types of VR could bring the technology closer to its ideal. Virtual reality is divided into four types: social there are real other people to interact with, nonsocial other interactants are simulations of people, creative users can create elements in the virtual environment, and noncreative users interact with a fixed environment created for them. Nonsocial VR may cause problems by making it difficult for children and adolescents to learn social skills. Noncreative VR is problematic because it places limits on users' creativity and freedom. Engineers developing VR technology are encouraged to develop social and creative VR.
Department of Defense Education Activity Internal Physical Security. Department of Defense
  • Dod
DOD, 2002. Department of Defense Education Activity Internal Physical Security. Department of Defense. DoDEA Regulation 4700.2 DOS, 2002. United States Code. Title 22, Section 2656f
Pentagon Deflects Web Assault. Wired
  • N Mckay
McKay, N. 1998. Pentagon Deflects Web Assault. Wired, September 1998.
Investigators look into how library computers may have linked terrorists. South Florida Sun-Sentineel
  • J Holland
Holland, J. 2001. Investigators look into how library computers may have linked terrorists. South Florida Sun-Sentineel.
Terrorists on the Web: Electronic ‘Safe Haven
  • K Whitelaw
Whitelaw, K. 1998. Terrorists on the Web: Electronic 'Safe Haven'. US News & World Report, Vol.124, p. 46. WCC, 2002. IFIP World Computer Congress Workshop. IFIP World Computer Congress. Montreal, Quebec, Canada. August 2002. Cyberterrorism? Sarah Gordon and Richard Ford
Clinton launches plan to protect IT infrastructure
  • E Luening
Luening, E. 2000. Clinton launches plan to protect IT infrastructure. CNET, 7 January 2000.
Clinton commits $1.46B to fight cyberterrorism
  • M Hamblen
Hamblen, M. Clinton commits $1.46B to fight cyberterrorism http://www.cnn.com/TECH/computing/9901/26/clinton.idg, 26 January 1999. HLS, 2002. National Strategy for Homeland Security. Office of Homeland Security. July 2002.
Watson Research Laboratory in New York in the AntiVirus Research and Development Team
  • J Thomas
Thomas J. Watson Research Laboratory in New York in the AntiVirus Research and Development Team. She may be reached at sgordon@symantec.com.
He went on to complete his doctorate at Oxford in Low Temperature Semiconductor Physics. He began work immediately after as an executive editor of Virus Bulletin, the world's foremost technical publication on computer viruses and malicious software. Now an independent consultant
  • Dr
Dr. Ford was educated at Oxford in his native England and holds a Bachelors Degree and a Masters in Physics from that university. He went on to complete his doctorate at Oxford in Low Temperature Semiconductor Physics. He began work immediately after as an executive editor of Virus Bulletin, the world's foremost technical publication on computer viruses and malicious software. Now an independent consultant, Ford resides in Boca Raton with his wife Sarah.
The Future of Cyberterrorism, Crime and Justice International
  • B Collin
How Terrorism Ends. US Institute of Peace working group report
  • M Crenshaw
National Strategy for Homeland Security. Office of Homeland Security
Canadian dollar in for a ride with Martin Firing
  • Reuters
Testimony before the Special Oversight Panel of Terrorism Committee on Armed Services, US House of Representatives
  • D Denning
  • Cyberterrorism
Code of Federal.Regulations. 28 CFR. Section 0.85 on Judicial Administration
  • Fbi