This

book is an independent and unofficial supplement and not the original. We

recommend purchasing the full version in addition to this one. Copyright 2015 Brief
Books. All Rights Reserved.

What are Brief Books? Brief Books are short and informative books written to help you
focus on key ideas, remember whats important, and save you time. Brief Books take
complicated topics and simplify them into an interesting and entertaining book that you
can read in about 30 minutes.

BriefBooksPublishing.com

Download a Free Brief Book. Visit our website to read one of our books absolutely free!
No signup required. Read it online or on your Kindle device.

BriefBooksPublishing.com/Free

Get Any Brief Book for Free. We are looking to get private feedback in exchange for a
free copy of any of our books.

BriefBooksPublishing.com/Feedback

On a hot day in mid-summer, at a time when electrical power demand is typically at its
peak, abruptly and without warning, the lights go out. A transformer, an integral part of
distributing electricity, has failed, an event that happens frequently as a result of an aging
infrastructure. Other transformers are configured to take up the load until they too
mysteriously fail. One by one, the increased demand on still operating portions of the
system fail. The transformers, costly to replace and with a lead time of 18 36 months to
acquire and install, have been damaged beyond repair. There is no power for that time.
Radio, television and Internet communication all dependent on electricity are
unavailable. Cell phones operate for up to a few days before they too, without the power
to charge their hungry batteries, fade to silence.

There is no power to operate gasoline pumps, hence there is soon no fuel. Driving would
be inadvisable anyway with no power to operate traffic signals. Those who do attempt to
drive will soon encounter gridlock. Perishable foods, without electricity to cool them, soon
perish. Purchasing additional foods will be impossible as point of sales systems in stores
become inoperable. Without power banks will be forced to close. ATMs will not work.
Security systems will not work, and crime will be nearly impossible to control. As days
follow into weeks and months the strain on emergency services will reach the breaking
point.

An event in which nine yes, nine interconnection substations are destroyed across the
United States would cause a complete disruption of electrical services in the contiguous 48
states, leading to the scenario described, and much worse. The odds of nine substations
going down at once are high, unless it is considered how vulnerable they are to attack. A
physical attack is more difficult in times of heightened awareness of terrorist activity. But
an attack via the Internet, which connects them all and is the path through which many of
the components of the power grid are operated is possible, to many even probable. Similar
catastrophic attacks on the nations dams and waterways, its financial industry,
transportation and shipping industries, and virtually the entire infrastructure, which are
interconnected via the Internet, are occurring daily.

When a cyber attack happens, are you and your family safe?


The United States Federal Bureau of Investigation defines cyberterrorism as, any
premeditated, politically motivated attack against information, computer systems,
computer programs, and data of which results in violence against noncombatant targets by
sub-national groups or clandestine agents. In this brief presentation the reality of existing
cyber terrorist activity is revealed and discussed, and options for preventing a catastrophic

attack via cyberspace on the nations critical infrastructure are offered for consideration by
the reader.

Preface

In 2012 the United Nations International Telecommunication Union asked Kaspersky Lab
to investigate a virus that had invaded computers of the Iranian Oil Ministry. Kaspersky
estimated that the virus had been operating since around the 2010, affecting primarily
governmental institutions and educational facilities in Iran, Israel, Saudi Arabia, and other
Middle Eastern countries. The attackers primarily sought PDF files, text files, and Auto
CAD drawings, evidently for intelligence purposes. In June 2012, an article was published
in the Washington Post which claimed that the virus named Flame by Kaspersky was
jointly developed by the NSA, the CIA, and Israeli military and intelligence services
beginning around 2007.

In February 2014 Kaspersky announced the discovery of another virus dubbed the
Mask that had targeted 31 nations around the world. Organizations described as
primary targets included government institutions and diplomatic offices, gas and oil
companies, and research organizations. The virus had been developed by Spanishspeaking attackers and was described by Kaspersky as a nation-state sponsored
campaign. Kaspersky further described the virus as having been active for more than five
years prior to its discovery. According to Kaspersky the virus was one of the most
advanced global cyber espionage operations to date due to the complexity of the toolset
used by the attackers.


Takeaways

The existence of malware designed for the purposes of espionage is evident.

Such malware is distributed globally and is monitored remotely from unknown
locations.

The source of such malware can only be surmised based on the nature of the
institutions or nations being targeted.

Chapter 1 Cyberterrorism or Hacking?

A cyber attack against critical infrastructure that causes a serious disruption of essential
services could be considered an act of cyberterrorism. A hacking attack that caused the
disruption of nonessential services, in other words generating a nuisance, is generally not
considered an act of cyberterrorism. And yet it could be. It is well known that the terrorist
group known as ISIL obtains significant funding through kidnapping and extortion. Theft
of identity data from the hacking of websites could easily lead to the theft of funds that
could then be used to support terrorist activities. To argue whether or not this is actually
occurring is pointless, rather it should be recognized that vulnerability exists which should
be secured. Every security weakness discovered and exploited by a hacker, whether an
amateur or an organized professional entity, is a weakness that could be exploited by cyber
terrorists.

A common argument against the reality of cyberterrorism is that no demonstrable cyber
attack against infrastructure has as yet occurred. This argument is basically saying if they
could do it they would have and since they havent they cant. The irrationality of this
argument is self-evident. Prior to 9/11, nobody had hijacked four jet airliners and directed
them against targets. After the 9/11 attacks enhanced security systems were put in place to
prevent them from happening again. Had those systems been in place prior to the attacks it
could be argued that the attacks would never have happened. In the case of cyber security
it may be wise to recognize the potential risks and eliminate them before an attack occurs.

Cyberterrorism is not an abstract theory or a means of generating voter hysteria for
political purposes. It is a real, growing and omnipresent threat, which in many cases has
already been identified and thwarted. In other areas it has been discovered only after
generating considerable economic and physical damages. Waiting until it generates human
casualties before acknowledging its existence is, in a word, ridiculous.


Takeaways

Cyber attacks have caused billions of dollars in damage to equipment businesses
and individuals.

The argument that cyberterrorism cannot happen because it has not yet happened is
senseless.

The same security weaknesses which are daily exploited by hackers are available to
be exploited by cyber terrorists.

Chapter 2 How Cyberterrorism Could Affect the Power

Grid?

In 2011 the United States Department of Energy released a report entitled Roadmap to
Achieve Energy Delivery Systems Cyber security. The report was an update to a document
released in 2006. The report notes, Intelligence reports indicate that cyber adversaries are
more persistent and better financed, and their ability to develop and launch new attack
tools and techniques could outpace the sectors ability to develop and deploy new
countermeasures. The report further takes note of what it describes as increasing
advanced cyber attack capabilities and escalating criminal enterprise, terrorist, and
nation state threats. Thus a cabinet level US governmental organization recognizes the
potential threat of cyberterrorism to the electrical power grid.

Because of its combination of aging equipment merged with evolving technologies the
electrical power grid is particularly vulnerable, and a major attack on the grid could cause
damage estimated by Lloyds of London of nearly $1 trillion economically. A sustained
loss of power over a widespread area such as the American Northeast would rapidly
degenerate into major social upheaval. The loss of power for even a few days in large
urban areas such as New York would undoubtedly lead to looting, a disruption of the
water supply, failure of traffic control systems, a collapse of the local healthcare system,
and casualties.

While it is encouraging that the US Department of Energy recognizes the need to prepare
a defense against such an eventuality, it is discouraging that political leadership has thus
far failed to provide funding for such a defense. The US power grid is a consortium, as it
were, of individual companies that must of a necessity work together in order to secure the
grid. Absent government leadership and in many cases driven by profits, these companies
are responding to the threat of cyberterrorism piecemeal.


Takeaways

The United States Department of Energy recognizes cyberterrorism as a serious
threat.

A successful cyberattack against the power grid would be catastrophic.

The economic impact of a successful act of cyberterrorism against the electrical

power grid has been estimated to be as high as $1 trillion by no less an entity than
Lloyds of London.

Chapter 3 Is It Cyberterrorism or Cyber Crime?

Even a cursory review of the information available on the subject of cyberterrorism
exposes a great deal of debate over semantics. There is no clear line established between
what is considered crime and what is defined as terrorism. One pundit suggests
cyberterrorism is limited to the use of information technology by known terrorist groups
and agents. The catastrophic results of an attack on the power grid have been presented yet
by the above definition such an attack perpetrated by an individual with no association
with terrorist activities would not be considered cyberterrorism, regardless of the damage
and casualties which would ensue. Such an argument is frequently presented as a means of
opposing US government monitoring of the Internet.

The debate over what is cybercrime and what is cyberterrorism is senseless. Any attack
which would cause so much damage and potentially disrupt the lives of so many is
terroristic in nature. Over the short span of time in which it has been in existence the
Internet has evolved into an essential part of American infrastructure, thoroughly entwined
within nearly all other aspects of American life. As such it is essential that it be monitored
and protected against misuse, as well as all Americans be protected from it being used to
harm them.

Terrorists are by definition criminals. If cyber criminals steal large databases of classified
information and sell that information to terrorist organizations, they too are terrorists. If
they sell the information to organized crime they are not.

A large reason to identify much of the activity occurring on the Internet as crime is to
avoid the use of the word cyberterrorism. This verbal sleight of hand then permits the
argument that the intervention of the US federal government is simply an act of expansion
of power, threatening the liberties of a free people. Using semantics to cloud the issue for
political purposes in the face of the existing threat of cyberterrorism is pedantic
foolishness. The need to respond to the existing threats, which are real and well
documented, is clearly the responsibility of the federal government. It can be
accomplished without compromising personal privacy and individual liberty, and a
consensus of thinking needs to be reached in order to provide for the common defense.


Takeaways

That the Internet can be used as a weapon is recognized throughout the US

government.

Not all cybercrime is cyberterrorism but all cyberterrorism is cybercrime.

Debate over semantics is self-defeating and detracts from finding a solution to the
problem of cyberterrorism.

Chapter 4 How Are Terrorist Groups Using the Internet?

In October 2015, Caitlin Durkovich, assistant secretary for infrastructure protection,
Department of Homeland Security, informed executives from American energy firms that
ISIL is beginning to perpetrate cyberattacks. Indeed, it is not only ISIL which has been
conducting attacks, with malware on industrial control systems for both pumps and
engines having previously been traced to the Russian government. As yet ISIL attacks
have been unsuccessful largely due to their lacking the most sophisticated hacking tools
but the concern in government is that they will be able to buy the necessary technology on
the black market.

The US government has also obtained information that members of Al Qaeda, from
remote locations outside of the United States, have previously conducted reconnaissance
on critical infrastructure within the United States, using Internet searches as simple as
Google maps. Students within the United States with links to terrorist activities have been
arrested, in some cases while studying at major American universities in subjects such as
engineering and cybersecurity. Numerous computers and laptops confiscated from former
Al Qaeda sites have been found with software and programming information for both
power and water company sites.

Although it is belived that neither ISIL nor Al Qaeda possess the technical capabilities of
the NSA or Israeli intelligence at this time, it is clear that they are training to achieve that
parity. The fact that they are doing so indicates a strong interest in using the Internet to
continue, and expand, their terrorist activities.

Both ISIL and Al Qaeda, as well as the Taliban and the East Turkestan Independence
Movement, (an Islamic terrorist organization focused in China) use the Internet for the
purpose of recruiting and for coordinating operations. The use of the Internet for direct
operational control is limited for obvious reasons, but there are experts who believe that
cyberattacks can be and have been used to co-ordinate with simultaneously conducted
physical operations.


Takeaways

ISIL has already begun limited cyberattacks on American infrastructure.

Captured equipment and other materials from Al Qaeda demonstrate a strong

interest in the use of cyberspace.

In the aftermath of the 9/11 attacks it was learned that the hijackers trained
extensively in the United States prior to launching the attacks, similarly there is
evidence of Al Qaeda sympathizers training in cybersecurity in the United States.

Chapter 5 Is America Prepared for Cyberterrorism?

In March 2013 the Pentagons Defense Science Board issued a statement in the wake of a
series of hacking attacks against US government websites. Released after an 18 month
study the statement included this Task Force concluded that the cyber threat is serious
and that the United States cannot be confident that our critical information technology
systems will work under attack from a sophisticated and well-resourced opponent utilizing
cyber capabilities

A critical factor in the war against cyberterrorism is that the various enemies of the United
States, working within the anonymity offered by the Internet, are working together,
motivated by the mutual goal of causing harm to the United States. In early 2013 a group
which called itself the Tunisian Cyber Army, supported by operatives from Al Qaeda and
with the aid of Chinese cyber criminals, hacked websites of the United States Department
of State and the Army National Guard. In announcing their successful extraction of files
from both the State Department and the Army National Guard the group stated that their
next targets would be additional US government websites as well as utility companies.

In July 2014, John Carlin, then assistant attorney general for national security for the
United States Department of Justice, stated that terrorists as well as unnamed nation-states
have the capability now to cause significant damage, through the use of
cyberterrorism. Nearly a year later the Partnership for Public Service and US government
think tank Booz Allen Hamilton released a report which bemoaned a nationwide
shortage of highly qualified cybersecurity specialists, with the federal government falling
behind Our nation is at risk as the number and sophistication of cyberattacks continue to
grow.


Takeaways

Multiple enemies of the United States are working together to conduct cyber
warfare against the United States.

These enemies continue to achieve ever more critical success in entering allegedly
secure government websites.

The United States counter-cyberterrorism capability remains inadequate despite the
growing threat.

Chapter 6 Have There Been Successful Cyberattacks?

In June 2010 a cyber worm that became known as Stuxnet attacked the Iranian nuclear
facility in Natanz and successfully destroyed Irans nuclear centrifuges, setting back the
Iranian nuclear program by more than two years. Although no one ever-claimed
responsibility it was and is widely believed that Stuxnet was a combined effort of the
United States and Israel.

In an attack discovered in 2004, believed by the FBI to have originated from China with
government support, computer networks at NASA, Lockheed Martin, and the Sandia
National Laboratories, as well as Redstone Arsenal were found to have been relieved of
classified data and military intelligence in an operation that came to be known as Titan
Rain.

Perhaps most unnerving of all, as far back as 1982 the CIA successfully disrupted the
operation of a gas pipeline in Siberia. Through the use of what theyd labeled a logic
bomb the CIA caused an explosion within the pipeline in an isolated area, where it was
difficult to control, with the resulting fire visible from space. Although it has since been
claimed that this story may be apocryphal, another logic bomb was used in a March 2013
attack in South Korea, destroying the master hard drives and boot records of three banks
and two media companies.

Many of the attacks that have been discovered led to the realization that the malware had
been infecting the systems involved for years. This leads to an obvious inference. The
possibility is strong that there are many systems currently infected with as yet
undiscovered malware, worms, viruses and Trojans. Some attacks are designed with
suicide software that triggers its own destruction if it detects security software searching
for it. Many other leave backdoor entries when they are detected and removed, allowing
for future re-entries by the same or other attackers.

The fact that many successful cyberattacks have occurred and went for years undiscovered
is a clear indication that many more are underway at any moment, possibly within aging
systems which lack the ability to run software powerful enough to detect their presence.


Takeaways

Successful cyberattacks may date back as far as 1982.


Although never officially admitting responsibility, it is evident that the United
States and Israel, as well as Iran have in the past engaged in cyberattacks.

Many successful cyberattacks have gone undetected for years, and many back
doors have been left within supposedly classified systems by previous attacks.

Chapter 7 What is the Threat from Cyberterrorism to

Individuals?

As in any form of terrorism, the threat level experienced by any individual is based on
their level of exposure, their physical location, and their daily activities. A person who
has no online presence, no email address, no cellular phone, and has never so much as
held a computer mouse in hand is nonetheless susceptible to the threat of cyberterrorism.
Acts of cyberterrorism have the potential to disrupt banking services, including the
processing of checks and ATM transactions. Cyberterrorism could disrupt the distribution
of electrical power, the availability of fresh water, the processing of sewage and waste, the
availability of gasoline, the availability of fresh food, the ability to move about freely and
safely.

As has been amply demonstrated, a terrorist attack can occur at any place, at any time,
without warning, whether it is connected to overseas organized terrorist groups or is
domestic in nature. In the case of cyberterrorism no individual can ensure his or her own
complete safety. The interconnectedness of society and of the infrastructure which
supports it mandates that central authority ensures a societys protection. In the aftermath
of the 9/11 attacks a new government organization, the Department of Homeland Security,
was created for just this purpose. Whether or not this department has been successful in its
mission is viewed differently based on an individuals perspective, what is clear is that its
mission as pertains to cybersecurity will only increase as terrorist organizations improve
their technological capabilities.

Improvements in cybersecurity need not necessarily impinge on personal freedom and
privacy. In most urban areas today individuals are scrutinized by security cameras
constantly as they go about their daily activities. These cameras exist as protections
against both crime and terrorist activities. Most people are blithely unaware of their
existence. Similar protections are necessary when considering the threat to the nations
most critical infrastructure.


Takeaways

Cyberterrorism threatens far more than individual activity on the Internet.

The danger to the nations infrastructure threatens all individuals equally.

The role of the federal government in preventing acts of cyberterrorism will only
expand as the potential for such activity expands.

Chapter 8 Can Cyberterrorism be Prevented?

There is little doubt that the next major war will include cyberspace among its battlefields,
and that all developed nations are preparing for that probability. The United States
Department of Defense lists three primary cyber missions; Defense of DoD networks and
systems, defense against cyberattacks of significant consequence, and providing cyber
support to operational and contingency plans. The US Army, Navy and Air Force each
maintain operational cyber commands. The Department of Homeland Security and the
FBI maintain cyber security divisions. The Obama administration has developed a large
number of initiatives to establish improvements in cybersecurity and created partnerships
with private industry to implement them. The Department of Commerce has launched
initiatives to strengthen security of both hardware and software used internally by
computers and within the Internet. There has also been a marked increase in activity to
strengthen partnerships with allies, including Brazil, India, Japan and the United
Kingdom. Improvements to strengthen NATOs cyber defenses have been undertaken.

Many of these actions are directed at controlling, detecting and punishing cyber crime, and
many more are aimed at defensive and offensive military operations against potential
hostile nations. The question is, how effective will they be in preventing a deliberate act of
cyberterrorism, whether those attacks be initiated by known overseas terrorist groups,
connected domestic cells, or unknown lone wolf terrorists? The answer is unknown.

By its very nature, all terrorist attack is surprise attack. San Bernardino was a surprise
attack. The Boston Marathon bombing was a surprise attack, as of course was 9/11. In
each case, analysis of data discovered after the attack was linked to activity and data prior
to the attack which may, with hindsight, be said to have allowed authorities to predict the
attack prior to its occurrence. Many terrorist attacks have been thwarted by diligence, but
sadly many have taken place, with loss of life and destruction of property. It would seem
that the same metric would apply to cyberterrorism.

Some cyberterrorist attacks would then seem to be inevitable. Even if only one in ten
planned attacks actually takes place, a success rate of 90% for cyber defense, the one
which does take place could occur anywhere, at any time, and do damage impossible to
predict in advance. If then, the inevitably of attacks occurring is accepted, a new means of
defense need be developed and implemented. This means of defense would rely on
resiliency of systems and infrastructure, allowing for quick reaction to the attack, limiting
damages, providing the means for identifying and locating those responsible, and
minimizing the time required to recover from the damage inflicted.

It is part of the history of mankind that each super weapon developed for the inflicting

of harm on ones enemies has been superseded by a defensive mechanism deployed

against it, until the 20th century. The use of nuclear weapons has been prevented only by
the policy of Mutual Assured Destruction (MAD) that dominated military and diplomatic
thinking throughout the Cold War. It may be necessary for civilized nations to develop a
similar policy over cyber warfare, as each strives to achieve superiority in the field. Such a
policy is unlikely with organized terrorist groups, whose agenda goes beyond national
policy. It may well be that the only way to prevent such groups from employing
cyberterrorism is by developing the offensive cyberwarfare capability to destroy theirs.


Takeaways

The inevitability of attacks on the Internet needs to be accepted and appropriate
methods of rapid recovery developed and implemented.

Numerous attacks are occurring on the power grid today, indicating that the ability
to access the system is already in the hands of terrorists and hackers alike.

Evidence exists that numerous entities hostile to the United States are working
together to generate attacks on US based infrastructure and data retrieval systems.

Chapter 9 Will the Threat of Cyberterrorism Ever Pass?

If global terrorism is ever eliminated the threat presented by cyberterrorists will be
eliminated along with it, although such an eventuality is extremely unlikely. There are
hundreds of terrorist organizations operating in nations around the world associated with
Al Qaeda alone. Where once many of these organizations activities were limited to the
nation or nations in which they are located, the universal nature of the Internet allows
them to ignore borders and operate anywhere. The complete elimination of these groups is
an overly optimistic goal, and one that is unlikely to be achieved.

Even if it were to be achieved, there are scores of other terrorist groups around the world,
many of them hostile to the United States. These groups, rather than supporting Islamic
jihad, are focused on tribal disputes, ethnic cleansing, border changing, and ancient
quarrels.

There are also domestic organizations whose hatred of the federal government and its
activities have led to terror attacks in the past, as in Timothy McVeighs bombing of the
federal building in Oklahoma City. And there are the lone wolf attackers who may decide
to use their programming skills to render attacks, rather than electing to blow themselves
up or attack with guns.

There are also nations that actively support international terrorist activities as a means of
continuing their own anti-American policies in a less than overt manner. These nations
include North Korea, Iran, Russia and China, among others. Throughout 2014-15
numerous data mining attacks on US systems were identified by both the FBI and CIA as
originating in China. Although the Chinese government has frequently denied official
involvement, the FBI has identified several attacks as having originated on Chinese
government servers.

To say the elimination of international terrorism is unlikely is thus an understatement to an
order of magnitude. Terrorist groups are a fact of life, and even if they are successfully
driven underground, that fact will force them to focus on generating attacks using covert
means, an ideal use of the Internet in their eyes. Visible success against Al Qaeda will
force them to resort to other means of attacking their enemies us in a manner by which
they can plausibly claim responsibility after the fact.

Nor is it likely the Americans will become less reliant on the Internet. Trends are in the
opposite direction. Automobiles, appliances, home security systems, clocks, how we
watch television, how we watch movies, how we play games, purchase tickets, order

pizza, fill prescriptions, schedule hair appointments, acquire news, and virtually every
waking minute how we monitor our smart phones and tablets are all dependent on the
Internet. The current generation just graduating from college and entering the work force
in 2016 have lived their entire lives relying on the Internet. Now virtually the whole of the
American infrastructure is connected as well.

Terrorism is here to stay. So is the Internet. The only solution is to enhance security to the
point where the threat is reduced to acceptable levels, and the damage minimized in the
event that an attack does penetrate the security levels.

Opposition to increased government intrusion into the Internet has become part of the
political dialogue that has increasingly polarized society along partisan lines. Like so
much of Americas infrastructure, which is crumbling in many areas, the decision to spend
the money necessary to restore and improve it is a political football, kicked back and forth
by politicians who cite philosophy rather than address the reality of the times. Many deny
the threat of cyberterrorism exists, not because of the data but because the constituents
who elect them to office remain uninformed of the dangers being faced. It is almost surreal
that the information superhighway is faced with the threat of attack largely because its
users lack the information they need to motivate their leaders to address the threat.


Takeaways

The threat of cyberterrorism is currently present, and will increase as conventional
efforts to control terrorism succeed.

Cyberspace will be a battlefield in any conventional warfare as well as in the
ongoing global war against terror.

The only way to reduce the risk of cyberterrorism is improved security and constant
vigilance by the government and the private sector working together.

Share Your Review. Help other customers decide what to buy and let us know what you
think. Use the link below to leave your review on Amazon.

What did you enjoy most about this book?
What was the most interesting thing you learned?
Is there anything you would add or change?

BriefBooksPublishing.com/Reviews

Access Our New Books for Free. Signup for our newsletter to be notified when our
books are available for free. Most books are available for free shortly after their release.
We send at most one email per week. No SPAM. Your email address will always be kept
private.

BriefBooksPublishing.com/Newsletter

View All Brief Books. Visit our Author Central page on Amazon to view every book we
have for sale, including our best-sellers and highest reviewed books.

Amazon.com/Author/BriefBooks

Thank you for reading our book. Our team appreciates your business.