Story

Cyberterrorism: our latest threat

Whilst the emergence of the Internet has shaped the way information is shared, it has also become a new front for sabotage and war. A computer could be comprised and information stolen over the Internet, and the user may not even be aware it has happened.

Whilst this might sound very futuristic, such attacks are becoming increasingly commonplace, due to the anonymity and relative cheapness of such an attack.
The most prominent and inflammatory cyberterrorism attacks in recent years has been on Iran’s nuclear facilities last year.

A variant of Stuxnet worm, first discovered in 2010, had been found to have infected Iran’s computers responsible for their nuclear program.

The worm infected computers that controlled the speed of centrifuges (which enrich nuclear fuel), and by altering the speed at which they ran, caused them to break apart, thus hindering Iran’s nuclear programs, albeit only temporarily.

The Institute for Science and International Security (ISIS) produced a dossier describing how the worm worked, and surmised that this was responsible for the breakage of over one thousand (roughly 10 per cent) of the centrifuges in one of Iran’s centres.

The source of this worm is still unknown, but is widely suspected to be from a corroboration of the USA and Israel. Indeed, officials from Israel have broken into “wide smiles” when asked about the worm’s origin, and the USA have said nothing more than that the worm “originates from abroad”.

Experts say that the worm could only have been produced with nation-sized support, and some have gone so far to say that only the US would have the technical capabilities to produce such a cyberweapon.

Cyberwarfare, however, seems to be a product of not just national security, but business. It has recently emerged that a large number of companies, including Google and the Internet security company McAfee, have stringent protocols about electronic devices taken into some countries to prevent espionage by governments or competitors.

For example, McAfee’s guidelines say that any device inspected at the Chinese borders can never again be connected to their network, for fear of compromise. Google’s employees must take “loaner” laptops into China, which must be inspected and wiped immediately on return.

Whilst this could sound like paranoia, it isn’t. The US Chamber of Commerce was infected this way in 2010, which the FBI only found when investigating later. It turned out that emails, from some of the country’s largest corporations, had been stolen and sent to servers in China.

After securing their network, they then found out much later on in another investigation that their printer and thermostat were still communicating with the servers.

A new breed of cyberterrorist has become increasingly prominent in the last years- “hacktivist” groups like LulzSec and Anonymous. Whilst not terrorists in the standard sense, they have the ability to do enormous damage to businesses and governments alike.

These groups tend to be anonymous (hence the name) groups of highly skilled computer hackers, which use the Internet to both co-ordinate and effect their attacks.

Their actions are often justified by a sense of vigilantism or to expose security holes, such as hacks in protest for ACTA, which brought down the FBI, MPAA (Motion Picture Association of America) and the US Justice Department websites, but they have been criticised and lauded in equal measure.

Probably the most high profile of their attacks was on Sony last year, which resulted in massive data loss. Whilst no group has taken credit for the attack on the PlayStation Network (PSN), which compromised the personal information of nearly 80 million users, LulzSec took credit for the data loss from more of Sony’s servers soon after.

The attacks had huge consequences for Sony, who took down the PSN for over 3 weeks and ended up having to offer compensation and fraud cover for users. It is presumed that the data wasn’t stolen for profit, but stolen simply for, as the groups call it, “the lulz”.

It seems that the age of physical warfare might be giving way to warfare over the Internet. Whilst it is undoubtedly a computer’s biggest strength, it is also its greatest weakness.

The amount of successful cyberattacks at the moment is low, but as systems get more and more complicated and reliant on “the cloud”, hacking will no doubt respond appropriately.