Growing need for cyber terrorism vigilance warn ex-CIA
London, UK - 14 December 2004, 00:30 GMT - More than three OECD member
countries outside the US are embarking on cyber terrorism exercises in December
this year and the first quarter of 2005 to test key components of their critical
economic infrastructure. These imminent exercises enable those countries to
prepare against potential sabotage of critical components and allow the nation
states to evaluate their readiness against threats in a controlled environment.
The information gathered through those drills sheds new light on the potential
impact of cyber-attacks on critical facilities and also allows those countries
to enhance their nation-wide emergency operations. Specific techniques used
for the drill involve computer and communications hacking, physical attack
simulation and media manipulation.
In the last ten days, two former CIA directors, Robert Gates and George Tenet,
have warned that a cyber attack could cripple the US economy and stated that
foreign intelligence services are far ahead of their US counterparts when
it comes to understanding the threat posed by cyber terrorism. "The
internet," Tenet claimed at a recent security conference
in Washington DC, "represents a potential
Achilles heel for our financial stability and physical security if the networks
we are creating are not protected." "Efforts at physical security
will not be enough," he argued, "because
the thinking enemy that we confront is going to school on our network vulnerabilities."
He said that there were "known
adversaries conducting research on information attacks," including
"intelligence services, military organisations
and non-state actors."
Mr Tenet, who left the CIA in July after serving as director for seven years,
warned that Al-Qaeda - although its primary leadership had been largely destroyed
- remained "a sophisticated, intelligent
organization with enormous capability."
The secondary leadership that was emerging, he added, envisioned
"a global, decentralised movement"
whose ability to multiply depended crucially on the internet, which enabled
them to share information from explosives' recipes to the best ways to get
into Iraq undetected. The group, he said, was "undoubtedly
mapping vulnerabilities and weaknesses in our telecommunications networks."
Following the earlier drills in 2004, the second set of cyber-terror exercises
involve the execution of impact analysis studies on unnamed facilities, co-coordinating
planning and logistics as well as assessing current emergency response capability.
Through the cyber warfare drills that specific countries are conducting, those
nations aim to reach a new level of preparedness against potential attacks.
By applying the knowledge gathered through those exercises, they aim to reduce
vulnerabilities and improve response time to cyber-attacks. The exercises
are essentially benchmarking events that the business and government communities
seek to learn from.
Cyber terrorism could be the most devastating weapon of mass destruction yet
and could cripple the US economy according to the former CIA Director, Robert
Gates who was speaking at the cyber terrorism conference held at Rice University.
He said that when a teenage hacker in the Philippines wreaks $10 billion in
damage to the US economy in one night by implanting a virus, imagine what
a sophisticated, well-funded effort to attack the computer base of the US
economy could accomplish.
The CIA and National Security Agency (NSA) had conducted an exercise six years
ago, assigning 50 computer specialists to see how hard it would be to shut
down the nation's electric grid. It took only two days for the group to put
itself in a position to do so, Mr Gates said. He also referred to the blackout
that affected cities from Detroit to New York in August 2003, to illustrate
what he meant in terms of the potential scale of a future cyber attack which
could bring the US economy to its knees. Terrorism is a global challenge that
may take many forms and many years to defeat or contain. He was certain that
terrorists would hit America again. Terrorism continued to evolve in the years
since he had served as CIA director during the early 1990s.
In the 1970s and 1980s, most terrorist groups were directed or sponsored
by governments such as Iran, Iraq, Libya or Syria, making it easier to gather
intelligence. Since they were trying to bring attention to a cause and to
win support, they tended to limit the scale of their violence and the number
of innocent lives they were prepared to take according to Mr Gates. This is
no longer the case. Now terrorists are motivated by religion and are profoundly
revolutionary, he said.
The cyber terrorism exercises are based on the fundamental tenet that the
cyber-terrorist is a very real threat to modern information systems according
to the US Defense Advanced Research Projects Agency (DARPA). This tenet is
based on the following assertions:
1. Sophisticated terrorist threats still exist against economically powerful
countries and their interests abroad;
2. Information systems that manage those nations' defences and critical infrastructures
are vulnerable to cyber attack;
3. Terrorists can forward their agenda by attacking the nations' critical
4. Cyber attack costs - especially in proportion to their perceived relative
effectiveness - are asymmetric and favour the cyber-terrorist; and
5. The ability for the cyber-terrorist to conduct attacks against nation state
assets from foreign shores with little risk of consequence appears to be reality.
In the exercises, the cyber-terrorist is believed to have a level of sophistication
somewhere between that of a sophisticated hacker and a foreign intelligence
organisation. The cyber-terrorist might even employ sophisticated or professional
hackers in their operations. However, this adversary would not have access
to any of the very sophisticated attacks that are available to members of
the nation state sponsored intelligence community. This cyber-terrorist is
believed to have access to all commercial resources that are generally available.
These include, according to DARPA:
1. All publicly available information, which includes tools, attack techniques
and specific intelligence on a particular target, consultants and other commercially
2. Any commercially available technology such as workstations,software, hardware,
and diagnostic tools;
3. Software developers, network developers, and other expertise required for
developing their own attacks against a particular target;
4. The adversary is assumed to have limited funding. However, he is assumed
to be able to raise funds on the order of hundreds of thousands to a few million
dollars, and he is willing to spend those funds to accomplish his mission;
5. The adversary is assumed to be able to acquire all design information on
a system of interest. The assumption is based on the following assertions:
Much of the information is publicly available; information that is not generally
available is loosely controlled; information that is controlled can be obtained
by bribing a trusted insider or through extortion.
"As loathsome as bin Laden and his henchmen are, there is a method to
their madness," Mr Gates said.
"The primary reason bin Laden attacked the United States three years
ago is that dislike and even hatred of the United States is the only point
of agreement that cuts across religious, secular and national divisions throughout
the Arab Middle East."
mi2g is at the leading edge of building secure on-line banking, broking
and trading architectures. The principal applications of our technology are:
2. Digital Risk Management; and
3. Bespoke Security Architecture.
mi2g pioneers enterprise-wide security practices and technology to
save time and cut cost. We enhance comparative advantage within financial
services and government agencies. Our real time intelligence is deployed worldwide
for contingency capability, executive decision making and strategic threat
mi2g Research Methodology: The Frequently Asked Questions (FAQ) List
is available from here in pdf. Please
note terms and conditions of use listed on
Full details of the November 2004 report are available as of 1st December
2004 and can be ordered from here.
(To view contents sample please click here).