Looking first at vulnerabilities, several studies have shown that vital infrastructures are potentially open to cyber terrorist attack. “Eligible Receiver”, a no-warning exercise conducted by the US Department of Defence in 1997, found that power grid and emergency 911 systems had weaknesses that could be exploited by an adversary using only tools publicly available on the Internet. Although neither of these systems was actually attacked, study members concluded that the services these systems provide could be disrupted
Although many of the weaknesses in computerised systems can be corrected, it is effectively impossible to eliminate all of them. There is always the possibility that insiders, acting alone or in concert with other terrorists, will misuse their access capabilities. For instance, the state-run gas monopoly Gazprom was hit in 1999 by hackers who collaborated with a Gazprom insider. The hackers allegedly used a Trojan horse to gain control of the central switchboard, which controls gas flows in pipelines. Gazprom, the world’s largest natural gas producer and the largest gas supplier to Western Europe, denied the report.
If we assume, then, that vital infrastructures are vulnerable to cyber terrorist attack, the question becomes one of whether there are actors with the capability and motivation to carry out such operations. While many hackers have the knowledge, skills and tools to attack computer systems, they generally lack the motivation to cause violence or severe economic or social harm. Conversely, terrorists who are motivated to cause violence seem to lack the capability or motivation to cause damage in cyberspace.
No comments:
Post a Comment