Terrorizing World – "Enough is enough"

Time to ACT tough . Now !

Archive for February, 2011

India caught in cyber terror web

Posted by :) on February 15, 2011

Source : Rediff News

Many terrorism experts have been concerned since 9/11 that if there is an act of terrorism involving nuclear material, it will most probably originate from Pakistan. Hence, their worries about the security of Pakistan’s nuclear arsenal and about the possibility of radicalised Pakistani scientists helping Al Qaeda   or pro-Al Qaeda organisations.

Is there a similar danger of an act of cyber terrorism, seeking to damage or destroy critical infrastructure, emanating from India because of the availability of qualified information technology experts in terror groups. This question is likely to occupy the attention of terrorism experts following the announcement by the Mumbai  Police on October 6,2008, of  the arrest  of 20 suspected members of the so-called Indian Mujahideen  (IM), who had played a role in the serial blasts in Ahmedabad   on July 26,2008, in the abortive attempt to organise similar blasts in Surat  the next day and in the serial blasts in New Delhi  on September 13,2008.

Among those arrested are four  IT-savvy members of the IM, who had played a role in sending the e-mail messages in the name of the IM before and after the Ahmedabad blasts and before the New Delhi blasts by hacking into Wi-fi networks in Mumbai and Navin Mumbai. These are :

Mohammed Mansoor Asgar Peerbhoy aka Munawar aka Mannu. A  31-year-old  resident of Pune, who was reportedly working for Yahoo, India, on an annual salary of Rs. 19 lakhs (US $ 45,000).

Mubin Kadar Shaikh, a  24-year-old  graduate of computer science from Pune.

Asif Bashir Shaikh, a 22-year-old mechanical engineer from Pune. In addition to helping in sending the E-mail messages, he also reportedly played a role in planting 18 Improvised Explosive Devices (IEDs) in Surat, all of which failed to explode.

Mohammed Ismail Chaudhary, a  28-year-old   computer mechanic, who is also suspected to have helped in planting the IEDs in Surat.

Peerbhoy is reported to have joined the IM while he was studying Arabic in Pune’s Quran Foundation, which seems to have served  as a favourite recruiting ground for jihadi terrorism. The US intelligence agencies would be interested to know that he had allegedly visited the US twice in recent months. Did he go on his own or in connection with Yahoo’s work?  This is not clear.

Pune as an important recruiting centre for jihadi terrorism has come out of the investigation made so far by the Mumbai Police. One would recall with interest that Abu Zubaidah, the Palestinian, who was supposedly No.3 in Al Qaeda, was also reported to have studied computer science in Pune before crossing over into Pakistan and joining Al Qaeda. He was arrested in the house of a cadre of the Lashkar-e-Toiba (LET) in Faislabad in Pakistani Punjab  in March,2002, and taken to the Guantanamo Bay detention centre in Cuba by the US intelligence. He was considered an IT expert of Al Qaeda.

Peerbhoy has been projected as self-radicalised during a visit to Saudi Arabia for Haj. Despite this, certain questions need to be gone into thoroughly — were he and others self-radicalised or radicalised by Al Qaeda, which would welcome more IT experts?  Were they recruits or volunteers as a result of their self-radicalisation? Were they working only for the IM or were they also helping Al Qaeda and other pro-Al Qaeda organisations?

Their capabilities as demonstrated till now are rather primitive relating to sending E-mail messages through hacked networks. Many young students can do this. Did they have any other capability of an ominous nature?

If the reports that Peerbhoy had visited the US twice in recent months are correct, it shows that he had a valid visa for the US, which he had probably got on the recommendation of Yahoo. It also shows that the Federal Bureau of Investigation (FBI) had no adverse information on him. Otherwise, the US would not have issued a visa to him. If he had managed to get himself transferred to one of the Yahoo offices in the US or in West Europe, Al Qaeda would have had a wonderful cyber sleeping cell in the West. Why did he weaken the possibility of his getting posted to the West one day by helping the IM in doing a simple job of communications, which did not require much expertise?

These and other questions of a similar nature require to be gone into in great detail, if necessary, by enlisting the help of the cyber experts of the US intelligence.

Posted in Uncategorized | Leave a Comment »

Cyber Terrorism- The Dark Side of the Web World.

Posted by :) on February 15, 2011

Source : acharyasubhojyoti@legalserviceindia.com

Cyber terrorism is the premeditated use of disruptive activities, or the threat thereof, in cyber space, with the intention to further social, ideological, religious, political or similar objectives, or to intimidate any person in furtherance of such objectives.

Computers and the internet are becoming an essential part of our daily life. They are being used by individuals and societies to make their life easier. They use them for storing information, processing data, sending and receiving messages, communications, controlling machines, typing, editing, designing, drawing, and almost all aspects of life.

The most deadly and destructive consequence of this helplessness is the emergence of the concept of “cyber terrorism”. The traditional concepts and methods of terrorism have taken new dimensions, which are more destructive and deadly in nature. In the age of information technology the terrorists have acquired an expertise to produce the most deadly combination of weapons and technology, which if not properly safeguarded in due course of time, will take its own toll. The damage so produced would be almost irreversible and most catastrophic in nature. In short, we are facing the worst form of terrorism popularly known as “Cyber Terrorism”. The expression “cyber terrorism” includes an intentional negative and harmful use of the information technology for producing destructive and harmful effects to the property, whether tangible or intangible, of others. For instance, hacking of a computer system and then deleting the useful and valuable business information of the rival competitor is a part and parcel of cyber terrorism.

The definition of “cyber terrorism” cannot be made exhaustive as the nature of crime is such that it must be left to be inclusive in nature. The nature of “cyberspace” is such that new methods and technologies are invented regularly; hence it is not advisable to put the definition in a straightjacket formula or pigeons hole. In fact, the first effort of the Courts should be to interpret the definition as liberally as possible so that the menace of cyber terrorism can be tackled stringently and with a punitive hand.

The law dealing with cyber terrorism is, however, not adequate to meet the precarious intentions of these cyber terrorists and requires a rejuvenation in the light and context of the latest developments all over the world.

A. Definition of Cyber Terrorism-
Before we can discuss the possibilities of “cyber terrorism, we must have some working definitions. The word “cyber terrorism” refers to two elements: cyberspace and terrorism.

Another word for cyberspace is the “virtual world” i,e a place in which computer programs function and data moves. Terrorism is a much used term, with many definitions. For the purposes of this presentation, we will use the United States Department of State definition:” The term ‘terrorism’ means premeditated, politically motivated violence perpetrated against noncombatant targets by sub national groups or clandestine agents.”

If we combine these definitions, we construct a working definition such as the following:
“Cyber terrorism is the premeditated, politically motivated attack against information, computer systems, computer programs, and data which result in violence against noncombatant targets by sub national groups or clandestine agents.”

The basic definition of Cyber-terrorism subsumed over time to encompass such things as simply defacing a web site or server, or attacking non-critical systems, resulting in the term becoming less useful. There is also a train of thought that says cyber terrorism does not exist and is really a matter of hacking or information warfare. Some disagree with labeling it terrorism proper because of the unlikelihood of the creation of fear of significant physical harm or death in a population using electronic means, considering current attack and protective technologies.

B. Who are cyber terrorists?
From American point of view the most dangerous terrorist group is Al-Qaeda which is considered the first enemy for the US. According to US official’s data from computers seized in Afghanistan indicate that the group has scouted systems that control American energy facilities, water distribution, communication systems, and other critical infrastructure.

After April 2001 collision of US navy spy plane and Chinese fighter jet, Chinese hackers launched Denial os Service (DoS) attacks against American web sites.
A study that covered the second half of the year 2002 showed that the most dangerous nation for originating malicious cyber attacks is the United States with 35.4% of the cases down from 40% for the first half of the same year. South Korea came next with 12.8%, followed by China 6.2% then Germany 6.7% then France 4%. The UK came number 9 with 2.2%. According to the same study, Israel was the most active country in terms of number of cyber attacks related to the number of internet users. There are so many groups who are very active in attacking their targets through the computers.

The Unix Security Guards (USG) a pro Islamic group launched a lot of digital attacks in May 2002.
Another group called World’s Fantabulas Defacers (WFD) attacked many Indian sites. Also there is another pro Pakistan group called Anti India Crew (AIC) who launched many cyber attacks against India.

C. Why do they use cyber attacks?
Cyber terrorist prefer using the cyber attack methods because of many advantages for it.
It is Cheaper than traditional methods.
The action is very difficult to be tracked.
They can hide their personalities and location.
There are no physical barriers or check points to cross.
They can do it remotely from anywhere in the world.
They can use this method to attack a big number of targets.
They can affect a large number of people.

D. Forms of cyber terrorism-
(I) Privacy violation:
The law of privacy is the recognition of the individual’s right to be let alone and to have his personal space inviolate. The right to privacy as an independent and distinctive concept originated in the field of Tort law, under which a new cause of action for damages resulting from unlawful invasion of privacy was recognized. In recent times, however, this right has acquired a constitutional status, the violation of which attracts both civil as well as criminal consequences under the respective laws. The intensity and complexity of life have rendered necessary some retreat from the world. Man under the refining influence of culture, has become sensitive to publicity, so that solitude and privacy have become essential to the individual. Modern enterprise and invention have, through invasions upon his privacy, subjected him to mental pain and distress, far greater than could be inflicted by mere bodily injury. Right to privacy is a part of the right to life and personal liberty enshrined under Article 21 of the Constitution of India. With the advent of information technology the traditional concept of right to privacy has taken new dimensions, which require a different legal outlook. To meet this challenge recourse of Information Technology Act, 2000 can be taken.

The various provisions of the Act aptly protect the online privacy rights of the citizens. Certain acts have been categorized as offences and contraventions, which have tendency to intrude with the privacy rights of the citizens.

(II) Secret information appropriation and data theft:
The information technology can be misused for appropriating the valuable Government secrets and data of private individuals and the Government and its agencies. A computer network owned by the Government may contain valuable information concerning defence and other top secrets, which the Government will not wish to share otherwise. The same can be targeted by the terrorists to facilitate their activities, including destruction of property. It must be noted that the definition of property is not restricted to moveables or immoveables alone.

In R.K. Dalmia v Delhi Administration the Supreme Court held that the word “property” is used in the I.P.C in a much wider sense than the expression “movable property”. There is no good reason to restrict the meaning of the word “property” to moveable property only, when it is used without any qualification. Whether the offence defined in a particular section of IPC can be committed in respect of any particular kind of property, will depend not on the interpretation of the word “property” but on the fact whether that particular kind of property can be subject to the acts covered by that section.

(III) Demolition of e-governance base:
The aim of e-governance is to make the interaction of the citizens with the government offices hassle free and to share information in a free and transparent manner. It further makes the right to information a meaningful reality. In a democracy, people govern themselves and they cannot govern themselves properly unless they are aware of social, political, economic and other issues confronting them. To enable them to make a proper judgment on those issues, they must have the benefit of a range of opinions on those issues. Right to receive and impart information is implicit in free speech. This, right to receive information is, however, not absolute but is subject to reasonable restrictions which may be imposed by the Government in public interest.

(IV) Distributed denial of services attack:
The cyber terrorists may also use the method of distributed denial of services (DDOS) to overburden the Government and its agencies electronic bases. This is made possible by first infecting several unprotected computers by way of virus attacks and then taking control of them. Once control is obtained, they can be manipulated from any locality by the terrorists. These infected computers are then made to send information or demand in such a large number that the server of the victim collapses. Further, due to this unnecessary Internet traffic the legitimate traffic is prohibited from reaching the Government or its agencies computers. This results in immense pecuniary and strategic loss to the government and its agencies.

It must be noted that thousands of compromised computers can be used to simultaneously attack a single host, thus making its electronic existence invisible to the genuine and legitimate citizens and end users. The law in this regard is crystal clear.

(V) Network damage and disruptions:
The main aim of cyber terrorist activities is to cause networks damage and their disruptions. This activity may divert the attention of the security agencies for the time being thus giving the terrorists extra time and makes their task comparatively easier. This process may involve a combination of computer tampering, virus attacks, hacking, etc.

E. The danger of cyber terrorism-
General John Gordon, the White House Homeland Security Advisor, speaking at the RSA security conference in San Francisco, CA Feb. 25, 2004 indicated that whether someone detonates a bomb that cause bodily harm to innocent people or hacked into a web-based IT system in a way that could, for instance, take a power grid offline and result in blackout, the result is ostensibly the same. He also stated that the potential for a terrorist cyber attack is real.

Cyber terrorists can destroy the economy of the country by attacking the critical infrastructure in the big towns such as electric power and water supply, still the blackout of the North Western states in the US in Aug. 15, 2003 is unknown whether it was a terrorist act or not, or by attacking the banks and financial institutions and play with their computer systems.

Senator Jon Kyle, chairman of the senate judiciary subcommittee on terrorism, technology and homeland security mentioned that members of al-Qaeda have tried to target the electric power grids, transportation systems, and financial institutions.

In England the National High-Tech Crime Unit (NHTCU) survey showed that 97% of the UK companies were victims to cyber crime during the period from June 2002 to June 2003.

Cyber terrorists can endanger the security of the nation by targeting the sensitive and secret information (by stealing, disclosing, or destroying).

F. The Impact of Cyber Terrorism- a brief idea
The intention of a cyber terrorism attack could range from economic disruption through the interruption of financial networks and systems or used in support of a physical attack to cause further confusion and possible delays in proper response. Although cyber attacks have caused billions of dollars in damage and affected the lives of millions, we have yet witness the implications of a truly catastrophic cyber terrorism attack. What would some of the implications be?

Direct Cost Implications
• Loss of sales during the disruption
• Staff time, network delays, intermittent access for business users
• Increased insurance costs due to litigation
• Loss of intellectual property – research, pricing, etc.
• Costs of forensics for recovery and litigation
• Loss of critical communications in time of emergency.

Indirect Cost Implications
• Loss of confidence and credibility in our financial systems
• Tarnished relationships& public image globally
• Strained business partner relationships – domestic and internationally
• Loss of future customer revenues for an individual or group of companies
• Loss of trust in the government and computer industry

G. Some incidents of cyber terrorism-
The following are notable incidents of cyber terrorism:
• In 1998, ethnic Tamil guerrillas swamped Sri Lankan embassies with 800 e-mails a day over a two-week period. The messages read “We are the Internet Black Tigers and we’re doing this to disrupt your communications.” Intelligence authorities characterized it as the first known attack by terrorists against a country’s computer systems.
• During the Kosovo conflict in 1999, NATO computers were blasted with e-mail bombs and hit with denial-of-service attacks by hacktivists protesting the NATO bombings. In addition, businesses, public organizations, and academic institutes received highly politicized virus-laden e-mails from a range of Eastern European countries, according to reports. Web defacements were also common.
• Since December 1997, the Electronic Disturbance Theater (EDT) has been conducting Web sit-ins against various sites in support of the Mexican Zapatistas. At a designated time, thousands of protestors point their browsers to a target site using software that floods the target with rapid and repeated download requests. EDT’s software has also been used by animal rights groups against organizations said to abuse animals. Electrohippies, another group of hacktivists, conducted Web sit-ins against the WTO when they met in Seattle in late 1999.

One of the worst incidents of cyber terrorists at work was when crackers in Romania illegally gained access to the computers controlling the life support systems at an Antarctic research station, endangering the 58 scientists involved. More recently, in May 2007 Estonia was subjected to a mass cyber-attack by hackers inside the Russian Federation which some evidence suggests was coordinated by the Russian government, though Russian officials deny any knowledge of this. This attack was apparently in response to the removal of a Russian World War II war memorial from downtown Estonia.

H. Efforts of combating cyber terrorism-
The Interpol, with its 178 member countries, is doing a great job in fighting against cyber terrorism. They are helping all the member countries and training their personnel. The Council of Europe Convention on Cyber Crime, which is the first international treaty for fighting against computer crime, is the result of 4 years work by experts from the 45 member and non-member countries including Japan, USA, and Canada. This treaty has already enforced after its ratification by Lithuania on 21st of March 2004.

The Association of South East Asia Nations (ASEAN) has set plans for sharing information on computer security. They are going to create a regional cyber-crime unit by the year 2005.

The protection of I.T.A can be claimed for:
(a) Preventing privacy violations,
(b) Preventing information and data theft,
(c) Preventing distributed denial of services attack (DDOS), and
(d) Preventing network damage and destruction.

I. Protection from cyber terrorism- a few suggestions
Currently there are no foolproof ways to protect a system. The completely secure system can never be accessed by anyone. Most of the militaries classified information is kept on machines with no outside connection, as a form of prevention of cyber terrorism. Apart from such isolation, the most common method of protection is encryption. The wide spread use of encryption is inhibited by the governments ban on its exportation, so intercontinental communication is left relatively insecure. The Clinton administration and the FBI oppose the export of encryption in favor of a system where by the government can gain the key to an encrypted system after gaining a court order to do so. The director of the FBI’s stance is that the Internet was not intended to go unpoliced and that the police need to protect people’s privacy and public-safety rights there. Encryption’s draw back is that it does not protect the entire system, an attack designed to cripple the whole system, such as a virus, is unaffected by encryption.

Others promote the use of firewalls to screen all communications to a system, including e-mail messages, which may carry logic bombs. Firewall is a relatively generic term for methods of filtering access to a network. They may come in the form of a computer, router other communications device or in the form of a network configuration. Firewalls serve to define the services and access that are permitted to each user. One method is to screen user requests to check if they come from a previously defined domain or Internet Protocol (IP) address. Another method is to prohibit Telnet access into the system.

Here are few key things to remember to protect from cyber-terrorism:
1. All accounts should have passwords and the passwords should be unusual, difficult to guess.
2. Change the network configuration when defects become know.
3. Check with venders for upgrades and patches.
4. Audit systems and check logs to help in detecting and tracing an intruder.
5. If you are ever unsure about the safety of a site, or receive suspicious email from an unknown address, don’t access it. It could be trouble.

J. Indian law & Cyber terrorism-
In India there is no law, which is specifically dealing with prevention of malware through aggressive defense. Thus, the analogous provisions have to be applied in a purposive manner. The protection against malware attacks can be claimed under the following categories:
(1) Protection available under the Constitution of India, and
(2) Protection available under other statutes.

(1) Protection under the Constitution of India:
The protection available under the Constitution of any country is the strongest and the safest one since it is the supreme document and all other laws derive their power and validity from it. If a law satisfies the rigorous tests of the Constitutional validity, then its applicability and validity cannot be challenge and it becomes absolutely binding. The Constitutions of India, like other Constitutions of the world, is organic and living in nature and is capable of molding itself as per the time and requirements of the society.

(2) Protection under other statutes:
The protection available under the Constitution is further strengthened by various statutory enactments. These protections can be classified as:
(A) Protection under the Indian Penal Code (I.P.C), 1860, and
(B) Protection under the Information Technology Act (ITA), 2000.

J. Conclusion-
The problems associated with the use of malware are not peculiar to any particular country as the menace is global in nature. The countries all over the world are facing this problem and are trying their level best to eliminate this problem. The problem, however, cannot be effectively curbed unless popular public support and a vigilant judiciary back it. The legislature cannot enact a law against the general public opinion of the nation at large. Thus, first a public support has to be obtained not only at the national level but at the international level as well. The people all over the world are not against the enactment of statutes curbing the use of malware, but they are conscious about their legitimate rights. Thus, the law to be enacted by the legislature must take care of public interest on a priority basis. This can be achieved if a suitable technology is supported by an apt legislation, which can exclusively take care of the menace created by the computers sending the malware. Thus, the self-help measures recognized by the legislature should not be disproportionate and excessive than the threat received by the malware. Further, while using such self-help measures the property and rights of the general public should not be affected. It would also not be unreasonable to demand that such self-help measures should not themselves commit any illegal act r omission. Thus, a self-help measure should not be such as may destroy or steal the data or secret information stored in the computer of the person sending the malware. It must be noted that two wrongs cannot make a thing right. Thus, a demarcating line between self-help and taking law in one’s own hand must be drawn. In the ultimate analysis we must not forget that self-help measures are “watchdogs and not blood-hounds”, and their purpose should be restricted to legitimate and proportionate defensive actions only. In India, fortunately, we have a sound legal base for dealing with malware and the public at large has no problem in supporting the self-help measures to combat cyber terrorism and malware.

K. References & Acknowledgements-
I. Cyber Terrorism By Kevin Coleman , Technolytics.
II. Cyber Terrorism : The new kind of Terrorism By: DR. MUDAWI MUKHTAR ELMUSHARAF.
III. Cybercrime and cyberterrorism: Preventive defense for cyberspace violations By PRAVEEN DALAL.
IV. Computer Crime Research Center.
V. Coleman, Keivin “Cyber Terrorism”
VI. Collin, Barry C. “The Future of Cyber Terrorism”
Proceedings of 11th annual international symposium on criminal justice Issue.
VII. Jemmy, Sprdes &Will, Brars; Examples of Cyber Terrorism.
VII. Kerr, Kothryn, “Putting cyber terrorism into context.
VIII. CYBERTERRORISM – Fact or Fancy? By Mark M. Pollitt.
IX. Cyber-terrorism: Wikipedia.
X. Defining Cyber terrorism By Adv. Rohas Nagpal.
XI. Cyber Terrorism by Jimmy Sproles and Will Byars for Computer Ethics

Authors contact info - articles The  author can be reached at: acharyasubhojyoti@legalserviceindia.com

Posted in Uncategorized | Leave a Comment »