Homeland Security Watch

News and analysis of critical issues in homeland security

April 5, 2011

Is there such a thing as cyber terrorism?

Filed under: Cybersecurity — by Christopher Bellavita on April 5, 2011

This post will end with a ten minute and forty second video that is both the best detective story and the scariest homeland security movie I have seen in years.

But first, the set up….

———————————————–

Is there such a thing as cyber terrorism?

I understand there’s something called cyber warfare. And cyber crime. And cyber security. But what about cyber terrorism?

And if there is something called cyber terrorism, has the US been attacked by cyber terrorists? Or maybe that question should be have terrorists attacked the US with cyber weapons? And if not, could they? Will they?

Experts cannot agree whether cyber terrorism is real or even if it is a useful concept.

I have one colleague who claims that no one in the United States has been killed by cyber terrorism. He says maybe it’s not a valid homeland security threat.

I have another friend who teaches a course on homeland security threats. He says nations attack nations with cyber weapons. Non-state actors don’t use cyber weapons. So in the homeland security threat spectrum, he says, cyber is more about sound than significance.

———————————————–

Former DHS Secretary Chertoff sort of disagrees.

He devotes Chaper 8 to cybersecurity in his book “Homeland Security: Assessing the First Five Years.” He underscored that concern in his March 2 appearance with the other two DHS secretaries:

“We’ve seen some very dramatic, publicized attacks, not terrorism so much as espionage and things of that sort. But that is going to become an increasing area of concern for the Department.”

Secretary Napolitano agreed with Chertoff:

… I think cyber will be an ever-evolving area. And the problem with cyber is, almost by the time you’re talking about something, they’re onto the next thing. I mean, it is really a fast-moving field. And, quite frankly, probably none of us on this stage are as good at understanding it as somebody who’s 20 years old and who’s grown up with the computer just as part of life.

———————————————–

The US has a cyber incident annex to the National Response Plan. I think that was updated in September of 2010 with an Interim Version of the National Cyber Incident Response Plan.  I believe that is meant to serve as part of the National Response Framework. But I’m not sure. Cyber security (i.e., cyber crime, cyber warfare, cyber terrorism) is yet another homeland security issue area I know very little about.

———————————————–

The gap in my knowledge was brought to my attention again this weekend when I saw news stories about something called “LizaMoon.” [see here or here for probably more than you want to know about LizaMoon].

As I understand it, LizaMoon is a small piece of computer code that places itself into certain websites; when someone goes to that website, they see a message (and the resulting screen drama) that tries to convince the user the computer they are using is infected. Liza then offers to clean the computer and the trouble expands.

I don’t know if this is a big deal or not. Some reports say over a million websites were infected. Is that a lot? Other reports (like this one ) say it’s not that big of a deal.

———————————————–
Also this weekend, I learned that a firm called Epsilon had (according to its press release):

“…an incident … where a subset of Epsilon clients’ customer data were exposed by an unauthorized entry into Epsilon’s email system.”

Translated into numbers, “a subset of Epsilon clients” could be several million people.

Perhaps you got an email message today from Hilton, or Target, or Best Buy, or Capital One, or LL Bean, or Walgreens or another Epsilon client that basically said, “Don’t worry; nothing bad happened.”

———————————————–
These were two fairly well publicized cyber incidents over a weekend that included at least the cusp of April Fool’s day.  Maybe I’m overly sensitive to these kinds of incidents since some of my web presence was hacked in December.  It wasn’t terrorism.   But it was disturbing.

Are cyber “attacks” something an inquiring homeland security mind should be concerned about?  I use that word in quotes because I know there are thousands of cyber incursions every day.  How should one even start to think about this cyber stuff?

———————————————–

I went to three government sites that, I thought, would help me frame and understand these incidents: IT-ISAC: The Information Technology Information Sharing and Analysis Center, MS-ISAC: The Multi-State Sharing and Analysis Center, and US-CERT: the United States Computer Emergency Readiness Team.

I thought they might have some information about what I figured might be fairly significant incidents. But if they did, I missed it.

I went back to the sites several times over the weekend, and saw no information about LizaMoon or Epsilon.

But I do have to say the MS-ISAC has a really impressive looking Cyber Operations Center Dashboard.  Looking at it made me feel like Mr. Jones in Bob Dylan’s “Ballad of a Thin Man”:

… something is happening here

But you don’t know what it is

Do you, Mister Jones?

———————————————–

Maybe providing situational awareness for the public is not part of the IT-ISAC, MS-ISAC or US-CERT missions.

The IT-ISAC says:

the mission of the IT-ISAC is to:

• Report, exchange, collect, and analyze across the IT Sector information concerning security incidents, threats, attacks, vulnerabilities, solutions and countermeasures, best security practices and other protective measures,

Establish a mechanism for systematic and protected exchange and coordination of such information [my emphasis] and trusted collaboration; and

• Provide technical thought leadership to U.S. and International policymakers on cyber security and information sharing issues.

The MS-ISAC says:

The mission of the MS-ISAC is to improve the overall cyber security posture of state, local, territorial and tribal governments. Collaboration and information sharing among members, private sector partners and the DHS are the keys to success.

Major Objectives of the MS-ISAC

• provide two-way sharing of information and early warnings on cyber security threats

• provide a process for gathering and disseminating information on cyber security incidents [my emphasis]

• promote awareness of the interdependencies between cyber and physical critical infrastructure as well as between and among the different sectors

• coordinate training and awareness

• ensure that all necessary parties are vested partners in this effort

The US-CERT says:

US-CERT is charged with providing response support and defense against cyber attacks for the Federal Civil Executive Branch (.gov) and information sharing and collaboration with state and local government, industry and international partners.

US-CERT interacts with federal agencies, industry, the research community, state and local governments, and others to disseminate reasoned and actionable cyber security information to the public. [my emphasis]

———————————————–

If it isn’t at least part of their job to provide situation awareness to the public about cyber security matters (i.e., cyber war, cyber crime, cyber terrorism), whose job is it? Have we essentially privatized situational awareness? I learned more about both attacks this weekend by monitoring Twitter.

I guess I’m ok with that as an interim fix.

But is that the plan?

———————————————–

Ok, that’s the set up. Now the movie.

Perhaps you’ve heard of stuxnet. If not, you can read about it here.  The New York Times claims it may be “the most sophisticated cyberweapon ever deployed.”

So, to answer the question I posed at the start of this post, maybe currently there isn’t such a thing as cyber terrorism.

However after watching this video (also available here) — particularly at the 8:45 mark, when the speaker talks about the possibility of a cyber weapon of mass destruction — I think the homeland security enterprise would be foolish to discount the use of cyber weapons by terrorists.

 

 

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print

4 Comments »

Comment by William R. Cumming

April 5, 2011 @ 1:17 am

Well the following is my two cents:

“understand there’s something called cyber warfare. And cyber crime. And cyber security. But what about cyber terrorism?”

I answer yes to all. The definitions not yet fully covering the full spectrum of the above but they well over time.

By the way how do the old fashion terms of slander and sabotage fit the above?

Comment by J.

April 5, 2011 @ 6:49 am

“when the speaker talks about the possibility of a cyber weapon of mass destruction”

yawn. Just another guy who doesn’t understand the origin of the term and wants to use it for rhetorical emphasis. Cyberwarfare may be a tool of mass disruption but it’s not equivalent to a nuclear weapon. You can replace corrupted hard drives with new ones pretty easily and move on, just as Iran did with its Stuxnet problem.

Comment by William R. Cumming

April 5, 2011 @ 8:46 am

IMO there are still few backups for attacks on SCADA!

Comment by "Go Green; Recycle Congress and the White House!"

April 6, 2011 @ 8:09 am

Having worked a bit w/those on the IT/software side, I applaud many in various local/state and the select folks engaged in this protection business. My hats off to those astute whether at FBI or NYPD or NSA and other who understand that cyber attack does not have to be on a WMD scale to cause psychological and much disruption – let’s keep the present funding and in fact, increase it as many more are being trained by those who seek our demise…I would not be surprised at a substantial challenge and by the way, given this “charade” in Washington, we know we are being hoodwinked and the nation hijacked and to think so many have given their Lives w/pride standing steadfast on behalf of our Constitutin, our flag, our beloved nation!

Here on “Main Street USA” a grassroots party truly by the people and for the people, I just ordered a sign to stage another one man protest holding sign on Main Street USA commencing next week w/subject sign reading:

“Go Green; Recycle Congress and the White House!”

When driving by or riding by on you bicycle, hoot and wave for “Joe Citizen” as gas now reaching $4/per galllon and $400 for 100 gallons of home heating fuel and milk $4.00!

Holster your Rights to weapon for all lawful purposes to protect yourself and family from those seeking to rob, to even kill as desperation finds it way into a lost middle America….Fight like hell for your 2nd Amendment Rights and watch (WH) Barry et al for he is making every effort to cunningly circumvent your Rights –

….For soon with it will not be cybersecurity attack we fear, but just “Joe Citizen” who has been raped and the campaign slogan “change” led by Barry and Deval, you bet, you have taken every bit of change out of our pockets and distributed not among us, but for the select few elitists such as the professor and his “friends” who can reach into his deep pockets and pay for the ferry ride to vacation on the Vineyard! Food prices, gasoline prices, taxes and more fees, full time professions replaced by two and three part-time jobs….250 master’s and Phd’s applying for one sales job on the Staples floor….lost our edge, you bet!

We have given the keys over to the other including the Nazis and the corruptness of the Vatican who have again shown up to resurrect the seventh crusade and to utilize and manipulate NATO and the UN to its EU requirements and it is these German-led Europeans and the Vatican who know full well they must reclaim the Mediterranean and win their quest against the “Brutes of Tehran” and the competition to control Jerusalem which unfortunately fellas, neither of you will be allowed to do while we here in the once good ‘ol USA, a quickly fading memory fail in every way….w/the Assyrians, the Germans understanding that radical Islam is boiling just 120 km to its south and is an ever present danger lurking in its own neighborhods son to be eradicated and which it cannot and will not allow Islamic fundamentalists to gain such foothold in North Africa and the Middle east w/Ethiopia coming into the spotlight in the next coming weeks which will add to the mix and threaten supply routes –

Cybersecurity in every way for few, very few truly understand what will be taking place in the next months and thereafter, such disruption, such despair, such a corrupt disclosure of humanity’s vile and dysfuntional ways –

Keep a weary eye on the Strait of Gibralter, on Cyprus…the Strait of Gibralter situated on Spain’s southern tip which is the division between Africa and Europe — it is not the currency problem, nor the real cybersecurity proble which does indeed exist, but the – regional – strategic problem which will become more and more apparent to humanity as food prices skyrocket, fuel costs the same and Islamic fundamentalists take the reigns over from the corrupt regimes….

God Bless our beloved America!

“Go Green; Recycle Congress and the White House!”

Christopher Tingus
PO Box 1612
Harwich (Cape Cod), MA 02645
chris.tingus@gmail.com
“Main Street USA”

RSS feed for comments on this post. TrackBack URI

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>