Criminals, terrorists and spies rely heavily on cyber-based technologies to execute damaging cyberattacks. Cyber terrorism causes a loss of time and money. One estimate placed the annual cost of cybercrime to individuals in 24 countries at $388 billion, according to a report from the Congressional Research Service (CRS). This figure only takes into account individuals who engage in illegal cyberattacks for monetary gain. There are other types of cyberattacks which can have motives apart from monetary gain.
What Is Cyber Terrorism?
Definitions
There is no consensus definition for what constitutes cyber terrorism, according to the CRS.
In law, the closest definition is found in the U.S. Patriot Act 18 U.S.C. 2332b’s definition of “acts of terrorism transcending national boundaries” and reference to activities and damages defined in the Computer Fraud and Abuse Act (CFA) 18 U.S.C. 1030a-c. Interestingly, the CFA’s discussion of the “punishment for an offense” entails fines or imprisonment and suggests that it is a criminal act as opposed to an act of terrorism.
Some legal analyses define cyber terrorism as:
“The premeditated use of disruptive activities, or the threat thereof, against computers and/or networks, with the intention to cause harm or further social, ideological, religious, political or similar objectives, or to intimidate any person in furtherance of such objectives.”
This definition aligns with the Patriot Act and the CFA. Note that these provisions are criminal statutes and refer to individuals or organizations instead of state actors.
Defense analyst Dorothy Denning defines cyber terrorism as:
“Unlawful attacks and threats of attack against computers, networks, and the information stored therein when done to intimidate or coerce a government or its people in furtherance of political or social objectives.”
Her definition of cyber terrorism focuses on the distinction between destructive and disruptive action. As the Journal of Cybersecurity found, cyber terrorism causes responses similar to conventional terrorism, which seeks to “undermine civilians’ resilience by instilling a sense of fear and vulnerability that erodes confidence in the ability of the government and law enforcement agencies to protect citizens against future attacks.”
Related terms include “cyberattack” and “cyberwarfare.” Cyberattack is a recent term that refers to activities conducted through information and communications technology, such as distributed denial of service (DDoS) attacks. Cyberwarfare is considered to be state-on-state action that is the equivalent to an armed attack or the use of force in cyberspace that triggers a military response.
Interested in a Cybersecurity Career?
Explore DegreeCategorizing Attacks as Terrorism
There are difficulties in categorizing attacks, according to the CRS. For instance, Sony experienced a cyberattack in 2014 that disabled systems, destroyed data and released internal materials. Later that same year, warnings surfaced of terrorist attacks on theaters scheduled to show the film “The Interview,” a fictional account of an interview with North Korea’s Kim Jong Un. The threats caused theaters to cancel screenings, and Sony canceled its widespread release. The FBI and the Director of National Intelligence attributed the Sony attacks to the North Korean government, and then-President Barack Obama promised to respond to North Korea’s alleged cyber assault, “in a place, time and manner of our choosing.”
These events raised plenty of questions. Was the cyberattack on Sony, though it is a private corporation with headquarters in Japan, an attack on the United States? Was it a terrorist act, a use of force or a cybercrime? Some questioned the extent of the response to which Obama eluded and who would be on its receiving end. Another potential policy question is under what circumstance the United States would commit troops in response to a cyberattack.
The National Cybersecurity and Communications Integration Center (NCCIC), which is under the Department of Homeland Security (DHS), developed the NCCIC Cyber Incident Scoring System (NCISS) to estimate the risk of an incident. The NCISS looks at the risk severity and incident priority from a nationwide perspective, which can help with various cyber threats and cyber terrorism.
Cybersecurity and Cyber Terrorism
Cyber terrorism involves the same techniques as traditional cyberattacks. Cyber terrorists can use DDoS attacks, various forms of malware, social engineering strategies, phishing campaigns and more to reach their targets.
The CRS categorizes different types of cyber terrorism and cyber warfare by purpose instead of techniques that are used. Following this framework, it is possible to establish a way of identifying the different types of parties involved.
Cyber Terrorists
Cyber terrorists are state-sponsored and non-state actors who use cyberattacks to achieve their objectives. Actors such as transnational terrorist organizations, insurgents and jihadists have used the internet for planning attacks, radicalization and recruitment, propaganda distribution, a means of communication and for disruptive purposes.
Cyber Spies
Cyber spies steal classified or proprietary information from governments or private corporations to gain a strategic, security, financial or political advantage. They often take directions from foreign government entities and target government networks, cleared defense contractors and private companies.
Cyber Thieves
Cyber thieves engage in illegal cyberattacks for monetary gain. An example is an organization or individual who accesses a system to steal and sell credit card numbers.
Cyber Warriors
Cyber warriors are agents or quasi-agents of nation-states who develop capabilities and undertake cyberattacks to support a country’s strategic objectives. Entities may or may not be acting on behalf of the government in terms of the target, timing of the attack and type(s) of cyberattack — and they are often blamed by the host country when accusations result from the attacked nation.
Cyber Activists
Cyber activists perform cyberattacks for pleasure or philosophical, political or other nonmonetary reasons. Examples include an individual who hacks a system for a personal challenge or a “hacktivist” like a member of the cyber-group Anonymous.
“The threats posed by these cyber-aggressors and the types of attacks they can pursue are not mutually exclusive,” according to the CRS. “For example, a hacker targeting the intellectual property of a corporation may be categorized as both a cyber thief and a cyber spy. A cyberterrorist and cyberwarrior may be employing different technological capabilities in support of a nation’s security and political objectives.”
Information Security Analysts
More than 100,000 professionals are employed as information security analysts, according to the Bureau of Labor Statistics (BLS), who are tasked with carrying out security measures that protect an organization’s computer networks and systems. They earn a median annual wage of $92,600 and employment is expected to increase 28 percent by 2026. The BLS does not track employment information for other cybersecurity titles or for specific careers in homeland security, however some other common cybersecurity careers include:
- Security Engineer
- Security Manager
- IT Director
- Systems Engineer
- Penetration Tester
- Risk Manager
Within the DHS, the Office of Cyber and Infrastructure Analysis (OCIA) and Office of Cybersecurity and Communications (CS&C) deal with cyber threats.
Ensuring Cybersecurity
The number of cyberattacks per year is surging; in the first six months of 2017, there were 918 data breaches globally. That number of breaches is up 164 percent from the previous year. The sophistication of malicious code is evolving, and so is the technology used to guard against it. Ensure your industry knowledge is up-to-date with an online master’s degree in Cyber and Homeland Security Administration from Fairleigh Dickinson University. Earning your homeland security degree online means you can attend class when and where it’s right for you, and complete your education at your own pace.