Some argue that targeted cyberattacks and acts of cyberterrorism may be over-sensationalized, but with real-life incidents occurring regularly can we afford to ignore it?
We live in a world that has become used to spectacular and daring acts of conventional terrorism. But, as with the world around us, terrorism, and the threat it poses, is constantly evolving. We understand the power of the bullet and the bomb but now we also face exposure to a new, complex and potentially devastating form of terror: cyberterrorism. Increasingly, our societies are becoming wired together beyond national borders through a complex link of information and communication technology (ICT) networks and systems. Utilizing the same links that bind us together globally, a new generation of terrorists is able to strike from virtually anywhere in the world, causing catastrophic social and economic harm to countries thousands of miles away And due to their decentralized nature, these attacks are difficult to detect with traditional detection methods alone. A co-ordinated and sustained cyberattack against Estonia in March 2007 crippled banking and governmental IT systems, disrupting the lives of its citizens.
In 2015, credit-checking company Experian was hacked and 15 million T-Mobile customers had their information stolen. In the last year 300 million records were leaked and over USD1 billion stolen online. Chances are that you or someone you know has been affected by a cyberattack within the last few years, which is why it is essential for governments worldwide to do more than ensure our physical security. There is a need to come together and share the information and resources that will guarantee our cybersecurity. Governments cannot contain the threat of cyberterrorism through domestic measures alone. Without expert collaboration and knowledge sharing individual countries lessen their ability to respond to cyberattacks, as well as exposing other countries to even greater risks as cyber terrorists learn to exploit nations’ ICT weaknesses one-by-one. No single government possesses all the expertise to counter cyberterrorism.
Chances are that you or someone you know has been affected by a cyberattack within the last few years.
The talent pool of experts needed to meet disparate threats is dispersed across the globe, and in most instances, it is to be found in the private sector and academia rather than in government hands. The ability to respond quickly to contain and learn from cyberattacks is critical if damage is to be limited and the threat to other nations reduced. However, governments generally hesitate to collaborate with others on security related matters, thus adding to the challenge. To meet this growing threat, former Malaysian Prime Minister, Abdullah Badawi, launched a global initiative called IMPACT (the International Multilateral Partnership Against Cyber Threats). It’s the first global public-private initiative, and allows countries to interact between themselves, the private sector and academia. Inspired by the Centers for Disease Control and Prevention (CDC), IMPACT seeks to offer the global community the best brains and the best facilities to complement the nations of the world to counter cyber threats.
In 2011, IMPACT became the cybersecurity executing arm of the U.N. Many ICT systems – in both the public and private sector – face daily threats from hackers and their bots – networks of zombie computers, millions strong, bombarding scanning and probing their websites with the aim of exploiting the vulnerable ones. For the most part, the probes come from criminal groups intent on stealing identities, credit details, passwords and other information they can turn to financial gain. As well as groups of so-called ‘black hats’ trying to break in simply for the thrill and kudos of breaching multi-million dollar security networks. But as many recent, well-publicized, hacks have shown, these same skills can be used for political purposes, to create a breakdown in a country’s social and economic fabric. These attacks prove very publicly that cyberterrorism is neither a game, nor a hoax, and that these nightmare scenarios are a very real threat. We are all at risk from cyberterrorism. Even those of us who have never touched a mouse or keyboard.
It could be something as simple as disabling the banking networks, halting ATM withdrawals and credit card payments, or manipulating the stock markets and causing banks and other institutions to fail, taking jobs, pensions and savings with them. In an address at the e-Crime Congress in London as far back as 2008, Suleyman Anil, Head of NATO’s Computer Incident Response Capability Co-Ordination Centre, stated that “Cyberdefence is now mentioned at the highest level along with missile defense and energy security. We have seen more of these attacks and we don’t think this problem will disappear soon.” With dozens of international bodies and organizations jostling for position and power in the cybersecurity sector, the problems of legal jurisdiction and national interest are boundless. Yet, as systems and software become ever more complex and connected, allowing hackers to breach so-called ‘soft targets’ and find a back door into more crucial and secure systems, the race to find a coordinating body becomes ever more desperate, and the need to cooperate across borders and jurisdictions becomes more urgent.