Vladimir Golubev, Ph.D.

founder and Director of the Computer Crime Research Center (CCRC)


Cyberterrorism as the new form of terrorism

 As the criminal - legal phenomenon, terrorism has the international character and according to a line of the international documents, it concerns to number of the international crimes. To the full it is distributed to new forms of his display - a cyberterrorism or electronic terrorism. The analysis of world tendencies of electronic terrorism development allows predicting, that its threat every year will grow.

Technical progress develops so promptly, that some its consequences are realized by a society too late, when for correction of a situation significant efforts are required already. There is even an opinion, that at transition of some critical point, the progress starts to work already on mankind destruction. Such situation has developed, for example, with ecology and, unfortunately, develops in the field of information technologies.

The number of Internet users grows constantly. There are 158 million in USA, ninety-five - in Europe, 90 - in Asia, - fourteen - in Latin America, and three - in Africa. In Russia, by different ratings, the quantity of Internet users is made from 3,5 up to 8 million.

Today it is possible to speak, that the Internet covers all countries of the world, as with application of new technologies (use of mobile satellite devices of communication) connection to the Internet from any point of globe is possible. If to speak about the developed infrastructure in such context the Internet covers today more than 150 countries of the world.

Introduction of modern information technologies, has resulted, to occurrence of new kinds of crimes, such as computer criminality and computer terrorism - the illegal intervention in job of computers, systems and computer networks, plunder, assignment, extortion of the computer information).

The cyberterrorism is a new form of terrorism, which uses computers and electronic networks, modern information technologies for achievement of the terrorist purposes [1]. On the mechanism, ways of fulfillment and concealment computer crimes have the certain specificity, are characterized by a high level of latent and a low level of disclosing.

According to experts of the Council of Europe, only swindles with credit cards carry away annually about 400 million dollars. Losses from viruses make about 12 billion, and infringement of the property rights damages in 250 billion dollars.

The novelty of the arisen problems has caught napping law enforcement bodies, which appeared not ready to an adequate opposition and struggle against this new social - legal phenomenon. Today the problem of computer criminality and a cyberterrorism has left sphere of the control of law enforcement bodies and threatens to develop in a serious state and international problem.

From the point of view of national safety of Ukraine in this area there is the dangerous tendency connected to increase of technical and technological dependence of our state. The domestic production of competitive means of information and communication practically does not develop. Information both state, and commercial structures is carried out basically on the basis of foreign technology and computer techniques. There is no sufficient state support of fundamental and applied domestic researches in sphere of the prevention of struggle with cybercriminality that does not allow our state to join in world information system on an equal in rights basis.

Especially sharply the question of maintenance of information safety, rises in a context of occurrence transnational computer criminality and a cyberterrorism.

Clause 258 of the Criminal code of Ukraine (Act of terrorism) [2] contains a number of norms, which provide the criminal liability for fulfillment of act of terrorism. This clause formulates act of terrorism as application of the weapon, fulfillment of explosion, an arson or other actions which create danger to a life and health of people, causing of significant property harm or approach of other heavy consequences if such actions have been made with the purpose of infringement of public safety, intimidation of the population, provocation of the military conflict, the international complication, or with the purpose of influence on decision-making, fulfillment or not fulfillment of actions by bodies of the government or institutions of local government, service persons of these bodies, associations of citizens, juridical person or attraction of the public attention to certain political, religious or other sights of the terrorist, and also threat of fulfillment of the specified actions with that purpose.

Proceeding from a disposition of considered clause, it is possible to offer the following formulation of the term "cyberterrorism". Under computer terrorism (cyberterrorism), it is necessary to understand deliberate, politically motivated attack to the information processable by a computer, computer system and networks which creates danger to a life or health of people or approaches of other heavy consequences if such actions have been accomplished with the purpose of infringement of public safety, intimidations of the population, provocation of the military conflict. Under computer terrorism (cyberterrorism), it is necessary to understand intimidation of the population and authorities, with the purpose of achievement of criminal intentions. It is shown in threat of violence, maintenance of a condition of constant fear with the purpose of achievement of certain political or other purposes, compulsion to the certain actions, attraction of attention to the person of the cyberterrorist or the terrorist organization, which he represents. Causing or threat of causing of harm is the original prevention of an opportunity of causing of heavier consequences if conditions of the cyberterrorist will not be executed.

Prominent feature of a cyberterrorism and his difference from cybercrime is its openness when conditions of the terrorist are widely notified.

The cyberterrorism is the serious threat to mankind comparable to the nuclear, bacteriological and chemical weapon, and a degree of this threat by virtue of the novelty, not up to the end is still realized and investigated. Experience which already is present at the world community in this area with all evidence testifies to doubtless vulnerability of any state as the cyberterrorism has no frontiers, the cyberterrorist is capable to threaten equally to the information systems located practically in any point of globe. To find out and neutralize the virtual terrorist rather difficultly because of too small quantity of traces left by him, as against the real world where traces of done remains nevertheless more. Special concern acts of terrorism cause in law enforcement bodies connected with use of a global network the Internet from which open sources it is possible to receive manufacturing techniques biological, chemical and even the nuclear weapon of terrorists.

Cracking sites, cyberterrorists get access to a different sort of the information, including confidential. On many pages of local authorities data of a various degree of importance are laid out. For example, it can be circuits of underground communications. Plus to this, criminals can get access to the personal data of many users of a network, beginning from the address and a phone number and finishing the detailed information on the person, including a hobby and the schedule of a life. And, at last, abduction of the data on credit cards enables to steal money.

Ronald Dika, a director of the National Infrastructure Protection Center of FBI the USA, in the report published on a website of the Federal Bureau of Investigations <http://www.fbi.gov/> [3] speaks, that in the world the new form of terrorism - "cyberterrorism" was generated, it uses a computer and communication networks for destruction of parts of a national infrastructure and achievement of the purposes. We every day collide with computer attacks to the governmental organizations. Achilles' heel of America is growing dependence on computer systems and information technologies.

It is fine known to its opponents: recently two Chinese officers have issued the book in which methods of influence on USA military power with use of computer viruses and cyberattacks are discussed.

Today a number of the Islamic terrorist organizations use this method for updating the "cash departments". As if to attempts of breaking up the sites of state institutions the USA they are difficult for counting up. Only for last three years official Internet - representations of the American authorities have been attacked up to one million times.

As against the usual terrorist who for achievement of the purposes uses an explosive or a small arms, the cyberterrorist uses modern information technologies, computer systems and the networks, the special software intended for non-authorized penetration into computer systems and the organizations of remote attack to information resources of a victim for achievement of the purposes. First of all these are computer program bookmarks and viruses, including network, carrying out the reading, updating or destruction of the information, so-called " logic bombs ", "Trojan" programs, programs - snuffers and other kinds of the information weapon.

As example of a cyberterrorism with use of modern information technologies the murder accomplished in 1998 in one clinic the USA. There was a hardly wounded important witness under protection of FBI. Got through the Internet the non-authorized access to a local area network of clinic and having overcome a number of gateways and protective barriers, the hacker - murderer has made recustomizing cardiostimulator therefore the patient has died.

The computer virus which has received the name “ I love you ”, started in the Internet on May, 1, 2000 in Asia, with improbable speed was distributed on a planet, having broken job of government agencies, parliaments and corporations of many countries. The Pentagon in cooperation with the private companies in the field of computer safety began job on struggle against “love worm” with the purpose of creation of a necessary antivirus. The federal bureau of investigations the has excited criminal investigation on the fact of virus attack to the Internet, and soon, the National bureau of investigations (NBI) of Philippines has received the warrant for arrest of the hacker who lived on Manila suburb and has started a computer virus “ I love you ”. Agents of FBI believe he has started a virus on two e-mail addresses - spydersuper.net.ph. and mailmesuper.net.ph, from which “ I love you ” also it started to be distributed worldwide, having destroyed programs about 45 million computer networks, including in the Pentagon and the British parliament. “ I love you ” became the most high-speed computer virus from all existing till now. Experts warn, that due to ability of "mutation", it can increase the destructive potential.

According to American group “Computer Economic”, the virus “ I love you ” represents the act of a cyberterrorism - most serious of number ever registered. For first five days from the moment of its occurrence it has put a material damage of 6,7 billion dollars.

Unfortunately, danger of virus cyberattacks grows. So in April 2002 the dangerous version of Internet - worm Klez again became more active. In result millions computers all over the world appeared infected with this program and their quantity grows with unprecedented speed, and scales of epidemic and danger of this nocuous program puts "Klez.h" in the same line with “ I love you ”, "CodeRed", "Sircam" which became the reason of enormous losses which exact sum should be counted up.

Minister of Justice USA Janet Rinohas called the hi-tech companies to help the government with struggle against electronic crimes. “ I call leaders of the hi-tech industry to undertake this problem and to undertake concrete steps, on informing law enforcement bodies on the incidents concerning penetration into computer networks ”, - she has declared on June 19, 2000 at the conference devoted to electronic safety.

Till now the companies and banks reluctantly went on such cooperation with authorities, mainly because of fears of disclosure of the internal information. However the government promises to limit the intervention in sphere of private business at presence of counter steps of the companies.

“ Efficiency of any strategy is based on active participation of all parties, - Rino has noticed. - We have a common aim - it is necessary to provide the safety and reliability of our computer networks ”. The USA seriously is afraid of the powerful cyberattacks, capable to paralyze all civil infrastructure of the country. As Richard Clark, coordinating the programs of struggle against terrorism and a safety of computer systems, has declared, the separate unfriendly countries are engaged in penetration into USA computer networks with the purpose of revealing a degree of their vulnerability.

“ It is not from the theory, it is quite real, - he has said, reporting at the conference devoted to electronic safety. - These countries conduct today electronic investigation of computer networks of our civil infrastructure. They search for ways of an attack on the USA computer networks in case of war”. Thus, Clark has refused to say he meant which countries. Earlier the American special services reported the congress that China appears among the states, which actively develop means of conducting electronic war.

The USA economy suffers a special loss from cyberterrorists. Such opinion has stated the assistant of USA president on national safety Condolise Rise. “ Today the cybernetic space became a part of our economy ”, - she has noted. The number of the commercial transactions concluded by means of the Internet, in the USA last years has promptly increased, and financial damage from cyberattacks in 2000, according to experts, has made almost 400 million dollars. Besides, by Rise, practically each branch of national economy, including power engineering, transport and communication, bank sector uses computer networks and, accordingly, depends on their serviceability. “ Having broken job of these networks, it is possible to paralyze the country ”, - Rise has declared, reporting at the forum on computer safety.

Terrorist groups actively use the Internet and an e-mail for planning, propagation and recruitments of new members. Director of CIA George Tenet has declared, that terrorist groups, including Heisbolla, Hamas, Abu Nidal and the organization of Ben Laden “Al Queda ” the most actively use computers for their activity. In particular, Ramsi Jusef, who organized explosion of September 11, received instructions on the terrorist act organization by the ciphered messages directly on the notebook. Other terrorist groups, including “Black tigers” attack websites and e-mail addresses of the governments supporting authorities of Sri Lanka. During confrontation on the Western coast of the Jordan the government of Israel faces a problem of hackers’ attacks, which thus support Islamic extremists.

Summarizing concerning a problem of a cyberterrorism, it may safely be asserted, that this socially dangerous phenomenon is not a myth, but a reality, both for world community, and for our state. Mass transition to electronic management of technological processes in manufacture will result our country to essentially new kinds of crimes, including to electronic terrorism.

The urgency of problems of computer terrorism for Ukraine is dual: on the one hand, the state is not so rich to convert modern control facilities of the chemical enterprises, atomic power stations and other critical and vulnerable structures. It would make their impregnable for attacks of intellectual saboteurs. On the other hand, the formed information infrastructure becomes a strategic resource, which demands constant attention. Today, open networks are means of an information antagonism in hands of politicians, businessmen, the religious organizations, terrorist groups and criminal groupings.

Effective struggle against transnational computer criminality and terrorism is a key element of a safety, and not only by way of struggle against a cyberterrorism, but also is a real counteraction to new forms of terrorism and the organized crime.

Events on September 11 have called new dynamics, which is capable to overcome former barriers and disagreements. The computer form of terrorism is only one of challenges in the sphere of safety, a situation is really potentially disturbing, but completely is not hopeless.

As the recommendations directed on counteraction to dangerous tendencies and effectiveness increase of struggle against a cyberterrorism, we offer the following:

  1. Jury Travnikov. Crimes in the Web: Borders without the deputies. http://www.pl-computers.ru/article.cfm?Id=742&Page=3
  2. The criminal code of Ukraine (accepted by the seventh session of the Supreme Rada of Ukraine on April, 5, 2001). The Official bulletin of Ukraine, 2001. -p.105-106.
  3. Ronald L. Dick. Issue of Intrusions into Government Computer Networks. http://www.fbi.gov/congress/congress01/rondick.htm
  4. Andrew Konri-Mjurrej. The safety politics in days of terror. http://www.osp.ru/lan/2002/02/083.htm