The world around us is evolving faster and at rapidly along with development in technology. The use of technology is gaining large importance. Cyberspace in the current world is falling into the hands of terrorists. There is a term known as cyber terrorism which is a combination of cyber and terrorism. In simple terms, cyber terrorism means ‘ a criminal act carried out by the use of computers and telecommunication tools resulting in violence, destruction, loss of life to achieve political or ideological gains’.
NATO defines cyber terrorism as ‘a cyber-attack using or exploiting computer or communication networks to cause destruction or disruption to generate fear or to intimidate a society into an ideological goal’.
The U.S National Infrastructure Protection Centre defines the term as ‘a criminal act perpetrated by the use of computers and telecommunications capabilities, resulting in violence, destruction and disruption of services to create fear by causing confusion and uncertainty within a given population, intending to influence a government or population to conform to particular political, social or ideological agenda’.
Types of Cyberterror Capability
In 1999, the Centre for the Study of Terrorism and Irregular Warfare at the Naval Postgraduate School in Monterey, California defined three levels of cyberterror capability:
- Simple-unstructured: the capability to conduct basic hacks against individual systems using tools created by someone else. The organization possesses little target analysis, command-and-control, or learning capability.
- Advanced-structured: the capability to conduct more sophisticated attacks against many systems or networks and to change or create basic hacking tools. The organization possesses an elementary target analysis, command-and-control, and learning capability.
- Complex-coordinated: the capability for a coordinated attack capable of causing mass disruption against integrated, heterogeneous defences. Ability to create sophisticated hacking tools. Highly capable target analysis, command-and-control, and organizational learning capability.
The Past Incidents of Cyber Terrorism Attack
Public interest in cyber-terrorism began in the late 1990s when the term was coined by Barry C. Collin. As 2000 approached, the fear and uncertainty about the millennium bug heightened, as did the potential for attacks by cyber terrorists.
- In 1998, ethnic Tamil guerrillas attempted to disrupt Sri Lankan embassies by sending large volumes of emails. The embassies received 800 e-mails a day over two weeks. The messages read “We are the Internet Black Tigers and we’re doing this to disrupt your communications.” Intelligence authorities characterized it as the first known attack by terrorists against a country’s computer systems.
- In 2015, the U.S convicted Ardit Ferizi. Ferizi was being accused of providing ISIS with the data of over 1300 military personnel to help ISIS target their attacks, he gained access to the data after hacking into a protected computer. And also In 2015, the cyber caliphate, an ISIS hacking group, hacked into the U.S central command’s social media accounts and posted pro-ISIS messages as well as threats.
- In 2018, a U.K citizen, Kane Gamble, was convicted for leaking confidential information from the FBI, department of justice, and CIA databases. He gained access to these databases by impersonating a CIA chief.
With the development of technology, even the terrorists’ groups and organizations are also evolving as they are recruiting advanced people having cyber knowledge to conduct cyber-terrorist attacks. This poses a threat in the upcoming future as terrorist groups and organizations are recruiting advanced hackers.
International Response to the Cyber Terror Attacks
Till now both governmental and international steps have taken place. Governments are organising themselves to tackle the new threat. Some countries have established Computer Emergency Response Teams (CERTs) to handle cyber attacks. Even the United Nations, The Organization for Economic Cooperation and Development (OECD), the North Atlantic Treaty Organization (NATO) are focusing on the issue of the need for cybersecurity law and policies.
Many governments continue to struggle to set up organizations or laws against cyber threats, but some countries have been able to successfully form national organizations or laws against national threats. For instance, In Brazil, the federal government established the Critical Infrastructure Protection Information Security Working Group in august 2009. In Australia, a 2009 defence government report announced the establishment of a national Cyber Security Operations Centre, within the military’s defence signals directorate. In Turkey, ‘The Scientific and Technological Research Council of Turkey is being tasked as a coordinator organization on cybersecurity. They were able to form the national cyberspace security policy in 2009.
The United Nations has several agencies that seek to address cyber terrorism, including, the United Nations Office of Counter-Terrorism, the United Nations Office on Drugs and Crime, the United Nations Office for Disarmament Affairs, the United Nations Institute for Disarmament Research, the United Nations Interregional Crime and Justice Research Institute, and the International Telecommunications Union.
As of 2016, there have been seventeen conventions and major legal instruments that specifically deal with terrorist activities and can also be applied to cyber terrorism:
- 1963: Convention on Offences and Certain Other Acts Committed on Board Aircraft
- 1970: Convention for the Suppression of Unlawful Seizure of Aircraft
- 1971: Convention for the Suppression of Unlawful Acts Against the Safety of Civil Aviation
- 1973: Convention on the Prevention and Punishment of Crimes against Internationally Protected Persons
- 1979: International Convention against the Taking of Hostages
- 1980: Convention on the Physical Protection of Nuclear Material
- 1988: Protocol for the Suppression of Unlawful Acts of Violence at Airports Serving International Civil Aviation
- 1988: Protocol for the Suppression of Unlawful Acts against the Safety of Fixed Platforms Located on the Continental Shelf
- 1988: Convention for the Suppression of Unlawful Acts against the Safety of Maritime Navigation
- 1989: Supplementary to the Convention for the Suppression of Unlawful Acts against the Safety of Civil Aviation
- 1991: Convention on the Marking of Plastic Explosives for Detection
- 1997: International Convention for the Suppression of Terrorist Bombings
- 1999: International Convention for the Suppression of the Financing of Terrorism
- 2005: Protocol to the Convention for the Suppression of Unlawful Acts against the Safety of Maritime Navigation
- 2005: International Convention for the Suppression of Acts of Nuclear Terrorism
- 2010: Protocol Supplementary to the Convention for the Suppression of Unlawful Seizure of Aircraft
- 2010: Convention on the Suppression of Unlawful Acts Relating to International Civil Aviation
Cyber terrorism threat is an unrest situation prevailing in the international community which has unbearable consequences. Many believe that cyber terrorism is a potential threat to a country’s economies and infrastructure and any attack could potentially lead to great repression. As technology is advancing and the internet is reaching throughout the world the potential threat of cyber terror attacks will increase shortly and this needs to be tackled through strict international laws, conventions, regimes. Even though many international and national legal instruments deal with cyber terror attacks, they are nevertheless useful as they have some grey areas or gaps which allow the terrorists to exploit and take advantage of those grey areas or gaps. The UN and NATO are two key international organizations that can tackle cyber terror issues. The UN, the organization which has unique international recognition and powers vested in it through its founding charter can talk about a wide range of issues and solve them must be acknowledged by the whole world and cooperate with it to accomplish a strict legal instrument in tackling the cyber terror attacks. NATO can be brought into discussion for international military deterrence and can be shaped under the guidance of strategic concepts of NATO. So the UN and NATO and of course the other international organizations need to cooperate to tackle the cyber terror attacks.