CYBER TERRORISM

1
CYBER TERRORISM

• PRESENTED BY
• MEENU SHUKLA
• Mtech(1st sem CYB)
• ERP 0151CYB019

2
CYBER TERRORISM

• Tomorrows terrorist may be able to do more
  damage with a keyboard than with a bomb

3
INTRODUCTION ABOUT TOPICS

• History
• Features
• Working Strategy
• Common attack
• Forms
• Examples
• Countering IMPACT
• Affect In Future
• Prevention Protection
• Punishment
• Conclusion
• References

4
INTRODUCTION

• As the use of Internet is increasing day by day,
  traditional concepts and methods of terrorism
  have taken new dimensions.
• Individuals or groups can use the anonymity
  afforded by cyberspace to threaten citizens,
  specific groups (i.e. with membership based on
  ethnicity or belief), communities and even the
  countries.

5
History of Cyber Terrorism

• The term "terrorism" comes from the French word
  terrorisme, which is based on the Latin verb
  terrere (to cause to tremble).
• Public interest in cyber terrorism began in the
  late 1980s, when the term was coined by Barry C.
  Collin in 1996.

6
What is Cyber terrorism???

• A cyber-terrorist is a criminal who uses computer
  technology and the Internet, especially to cause
  fear and disruption.
• Some cyber-terrorists spread computer viruses,
  and others threaten people electronically.

7
Categorized By
8
Crimes Which Comes Under Cyber Terrorism
9
Brief Definitions(Contd)

• Extortion is a crime involving an attack or
  threat of attack against an enterprise, coupled
  with a demand for money to avert or stop the
  attack.
• Ex Nokia (FINNLAND)What happened A news broke
  in 2007 about a blackmail case that had Nokia pay
  millions of euros in extortion money. The Finnish
  phone manufacturer was being held hostage by a
  hacker who managed to steal an encryption key
  used in its prevalent Symbian operating system.
  The attacker threatened to make the key public if
  Nokia didn't meet payment demands, putting
  Symbian at risk of other criminals using the key
  to upload legitimate-looking but malicious apps
  to phones worldwide.
•  Vandalism includes the addition, removal, or
  other modification of the text that is either
  humorous, nonsensical, or that is of an
  offensive, humiliating, or otherwise degrading
  nature of that project. Ex Wikipedia
• Cyber Hate refers to any use of electronic
  communications technology to spread racist,
  extremist or terrorist messages or information.
  These electronic communications technologies
  include the Internet (i.e., Web-sites, social
  networking sites, dating sites, blogs, online
  games and E-mail.

10
Features of Cyber Terrorism

• Difficulty Identifying Attackers It remains
  difficult to determine the identity of the
  initiators of most cyber attacks.
• Lack of Boundaries Attacks can originate from
  anywhere in the world and from multiple locations
  simultaneously.
• Speed of Development The time between the
  discovery of a new vulnerability and the
  emergence of a new tool or technique that
  exploits the vulnerability is getting shorter
• Low Cost of Tools The technology employed in
  attacks is simple to use, inexpensive, and widely
  available.
• Automated Methods The methods of attack have
  become automated and more sophisticated,
  resulting in greater damage from a single attack.
  

11
Working Strategy of Cyber terrorism..

• Hacking into computer systems.
• Introducing viruses to vulnerable networks.
• Website Defacing.
• Denial-of-Service(DoS) attacks.
• Terroristic threats made via e-mail.

12
How does Cyber Terrorism work?

• Eavesdropping Any data that is transmitted over
  a network is at some risk of being eavesdropped,
  or even modified by a malicious person.
• Indirect attacks Attacks which is launched by a
  third party computer which has been taken over
  remotely.
• Backdoors  A backdoor is a potential security
  risk. Attackers often use back doors that they
  detect or install themselves, as part of an
  exploit.

13
TOOLS FOR CYBER TERRORISM
14
Who partakes in the act of cyber terrorism?

• Terrorists- Anyone who terrorizes by using
  violence, threats, coercion, and/or intimidation
  as a way to instill fear and gain submission.

15
METHODS OF ATTACK

• Three methods of attack involves different types
  of weapons
• (a) Physical Attack
• against computer facilities and/or transmission
  lines.
• accomplished by use of conventional weapons to
  destroy or seriously injure computers and their
  terminals.
• (b) Electronic Attack
• use of power of electromagnetic energy or
  electromagnetic pulse to overload computer
  circuitry.
• (c) Cyber Attack or Computer Network Attack
• use of a malicious code to take advantage of
  software's weakness or
• an attacker uses stolen information to enter
  restricted computer systems.

16
3 most common attack methods

• IP spoofing.
• Password Cracking.
• Denial-of-service attacks.

17
IP Spoofing

• Refers to creation of IP packets with forged
  source IP address with the purpose of concealing
  the identity of sender.
• Mostly used in Denial-of-Service attacks.
• Most effective in corporate networks where users
  can log in without a username or password.

18
Password Cracking

• Password cracking can be implemented using
  brute-force attacks, Trojan horse programs and IP
  spoofing.
• Password attacks usually refer to repeated
  attempts to identify a user account and/or
  password these repeated attempts are called
  brute-force attacks.
• One example is weak encryption(LM hash) used by
  Microsoft windows XP, can easily be attacked

19
Denial-of-Service attacks

• Denial-of-service attacks focus on making a
  service unavailable to intended users.
• 2 forms of DoS attacks those that crash services
  and those that flood services.
• One common attack method involves saturating the
  target machine with communications requests such
  that it cannot respond to the traffic.

20
DDos Attack (Contd..)
21
Forms of Cyber Terrorism

• Unauthorized access Hacking
• Trojan Attack
• Virus and Worm attack
• E-mail related crimes

22
Cost Means of Attack
Cost of Capability
1955
1960
1970
1975
1985
1945
Today
23
Examples of Cyber terrorist attacks

• 9/11 attack in 2001.
• Ahmedabad bomb blast.
• 26/11 Mumbai attack.
• 13/03 DRDO files Hacked in 2013.

24
9/11 Twin Towers Attack

• Al-Qaeda laptop was found in Afghanistan.
• Hits on web sites that contained Sabotage
  Handbook.

• Al-Qaeda actively researched publicly available
  information concerning critical infrastructures
  posted on web sites.

25
Ahmedabad Bomb Blast(26-07-08)

• A mail with id alarbi_gujrat_at_ yahoo.com was being
  sent by a group of Terrorists.
• Person named Kenneth Haywoods unsecured WIFI
  router in his house was being misused by
  terrorists.

3 more mails were sent after the blast with the
same misuse of unsecured WIFI routers.
26
26/11 Mumbai Attack 2008

• Terrorists communicated with handlers in Pakistan
  through Callphonex using VoIP(Voice over Internet
  Protocol).
• All the mission planning (for Mumbai terrorist
  attack) was done via Google Earth.
• The accused communicated to terrorists with an
  email id Kharak_telco_at_yahoo.com which was
  accessed from 10 different IP addresses

27
DRDO ATTACK (13-03-2013)

• Chinese hackers breached the computers of India's
  top military organization, the Defence Research
  and Development Organization (DRDO), in what was
  touted to be amongst the biggest such security
  breaches in the country's history.

 It was the more sophisticated attacks, as the
attacker will use a new "zero day vulnerability",
in which attackers send email attachments which
when opened exploit vulnerabilities in the Web
browsers.
28
Countering Cyber Terrorism

• Because of this need the International
  Multilateral Partnership Against Cyber Threats
  (IMPACT) was formed.
• -IMPACT is the first global public-private
  initiative against cyber-terrorism.
• -IMPACT is dedicated to bringing together
  governments, industry leaders and Cyber Security
  experts to enhance the global communitys
  capacity to prevent, defend and respond to Cyber
  Threats.
• -IMPACTs global HQ facility is located in
  Cyberjaya, Malaysia.
• Its extensive infrastructure contains training
  rooms, computer labs, auditorium, well-equipped
  meeting facilities and administrative offices.
• -IMPACT acts as the foremost Cyber Threat
  resource center for the global community complete
  with an emergency response center to facilitate
  swift identification and sharing of available
  resources to assist member-governments during
  emergencies.PACTs role also includes
  establishing a comprehensive Early Warning System
  for the benefit of all member-countries and
  providing proactive protection across the globe.

29
Contd

• The Department of Defense charged the United
  States Strategic Command with the duty of
  combating cyber terrorism.
• Countering attacks is done by integrating GNO
  capabilities into the operations of all DoD
  computers, networks, and systems used by DoD
  combatant commands, services and agencies.
• Many issues are involved when dealing with
  countering cyber terrorism. For example, some
  people believe that their privacy and civil
  rights are at stake.
• The question is
• Whats more important our privacy or our
  protection?

30
Cyber terrorism against traditional terrorism

• In the future, cyber terrorism may become a
  feasible option to traditional physical acts of
  violence due to
• Perceived anonymity.
• Low risk of detection.
• Low investment.
• Operate from nearly any location.
• Few resources are needed

31
How does Cyber Terrorism affect you and your
future?

• Air traffic control towers or our airlines
  infrastructure could be hacked into.
• Banking systems could be violated and all of our
  money could be stolen.
• Bombs and other explosives could be set off by
  remote.
• Hospitals could lose all of their information.
• Learn Government secrets and plans
• The tampering of our water systems.

32
What do we need to do??

• Enforce strong passwords.
• Lock down" systems.
• Update OS and applications regularly.
• Be cautious about opening email attachments.
• Keep anti-virus software installed and
  up-to-date.
• Employ intrusion detection systems and firewalls.

33
Punishment for Cyber Terrorism
34
(Contd)
35
(No Transcript)
36
References

• http//www.crime-research.org/library/Cyber-terror
  ism.htm
• http//maryamheidari.blogspot.in/2010/04/forms-of-
  cyber-terrorism.html
• http//www.terrorism-research.com/incidents
• http//www.legalservicesindia.com/article/article/
  historical-perspective-of-terrorism--cyber-terror
  ism-365-1.html
• https//en.wikipedia.org/wiki/Password_cracking
• http//www.cyberterrorism-project.org/symposium-20
  14/
• http//www.cyberlawsindia.net/cases2.html
• http//www.satp.org/satporgtp/sair/Archives/sair10
  /10_48.htm

37
Some Closing Thoughts

• Cyber terrorism is a scary concept for many
  reasons.
• It can do possible serious damages to various
  aspects of our lives. It is even scarier that
  cyber terrorism is so difficult to catch and
  track and prosecute.
• The information age has brought us many good
  things, but along with those good things came
  some bad things too.
• All we can do as citizens is to protect ourselves
  by protecting our information, who we give it to
  and how much we give it out.
• Our government is trying to do its part, so lets
  support them and their efforts and stop this
  cyber battle.

38
QUERIES PLEASE
39
Presented By.
MEENU SHUKLA
40
THANK YOU