I. HOW
TERRORISM IS CHANGING
1.
International terrorism
is changing in ways that may make it more dangerous and difficult to
combat. Despite the fall of the
communist bloc, which once provided support to left-wing terrorists, and the
resulting reduction in the number of states supporting terrorism, incidents
reported around the world have not decreased.
Moreover, terrorist attacks are becoming more lethal: according to a
recent report to the US Congress, in the 1990s a terrorist incident was almost
20% more likely to result in death than an incident two decades ago. Although significant, this is not the only
change occurring in international terrorism.
Terrorist groups now
have now different motivations,
organisation, structures, and tools.
2.
Times and political
environment have always shaped the definition of terrorism. It is significant to note that, so far, most
definitions adopted by governments and international bodies include three basic
characteristics: terrorism (1) is aimed at non-combatants; (2) uses violence to
exact revenge, influence or intimidate an audience; and (3) is premeditated and
politically motivated. The most recent definitions do not limit
motives only to the political sphere but include “religious, or other
ideological objectives”.
3.
Most terrorist groups in
the 1970s and 1980s had concrete political agendas, such as social‑revolutionary
or nationalist-separatist programmes.
Although these groups have not completely disappeared, “new” terrorists
have emerged having different motives unrelated to clear political goals,
including religious and ethnic fanaticism, millenarian and apocalyptic cults,
white supremacism, and environmental ultra-radicalism. The trend towards higher lethality in part reflects the
changing motives of today’s terrorists.
Traditional political terrorists generally calibrated their attacks to
produce just enough violence to get attention for their cause, but not so much
as to alienate public support.
Religiously motivated terrorists, such as Osama bin Laden’s al‑Qaida, representing a growing
trend toward hatred of the West - and the United States in particular -
have few goals other than to “punish” their enemies and to killing
as many of them as possible.
4.
Changes in motives have
produced changes in the organisation and structure of terrorist groups. While state-sponsored political terrorists
usually have rigid hierarchical structures, new political or religious groups
rely on looser affiliations and organisations among like-minded people, often
from different countries. An
organisational figure that appears to apply to many terrorist organisations is
the Segmentary, Polycentric, Ideologically Integrated Network (SPIN), a
definition originally coined for 1960s'’ social
movements. Of course, leaders still
exist, but rather than “military” commanders they are more likely to be
charismatic figures offering political and ideological guidance.
5.
These more loosely affiliated,
transnational terrorist groups usually rely on various means for funding and
logistical support, as well as on self-financing criminal activities. Their networks of support include legitimate
businesses, associations and non-governmental organisations. Computers, satellite phones,
and other modern technologies offer these terrorists very effective
organisational and communication tools.
They use them to co-ordinate and support their activities, collect money and, spread
information and propaganda.
6.
Statistically, most
terrorists still prefer guns and conventional weapons. However, evidence suggests that some of the
“new” terrorist groups may be willing to inflict mass casualties for a variety
of motives other than political goals.
The famed Aum Shinrikyo sarin gas attack on the Tokyo subway in 1995,
already analysed by your Rapporteur in 1999 [Biological Weapons: the Threat of the New Century, AS 287 STC/MT (99) 8], has attracted the general
attention on to the possible terrorist use of weapons of
mass destruction (WMD). The emergence
of a new breed of terrorists less constrained by traditional ethics or
political pressures, coupled with the diffusion of know-how about nuclear,
biological and chemical weapons, may increase the probability of a major WMD
terrorist incident. In the next section
, we
will try to give a brief assessment of this threat.
7.
Terrorists’ familiarity
with IT (and the examples offered by hackers and criminals) make it
increasingly possible that they will resort to cyberattacks or other forms of
attacks to on information systems, thus exploiting our
societies’ reliance on computers and networked information systems. Some terrorist (or cyberterrorist) groups
are becoming increasingly sophisticated in the use of these technologies, and there is evidence
that they could inflict serious damage to our information systems. Another section will be devoted to
terrorists using highly sophisticated technology, and to the specific area of the so-called
cyberterrorism.
8.
Many analysts have
defined the emergence in the 1990s of these new non‑traditional threats
with the term: “asymmetric threats”.
These are threats that do not present the menace of a major conventional
war but do present equal dangers to Western populations and governments. Former US President Bill Clinton, the former president of the
United States, well defined these threats well in a 1998 address
to the US Naval Academy: “our security”, he stated, “is challenged increasingly by non-traditional threats from
adversaries, both old and new, not only hostile regimes, but also international
criminals and terrorists who cannot defeat us in traditional theatres of
battle, but search instead for new ways to attack by exploiting new
technologies and the world’s increasing openness”. This report will try to outline precisely how technologies may
enable new and extremely dangerous forms of terrorism. Current strategies to counter these threats
will then be briefly assessed. Finally,
your Rapporteur will offer a few suggestions to improve our public safety
through a better use of new technologies , and
legal and political remedies.
9.
The possibility that
terrorists use WMD to conduct mass casualty attacks has become a serious
national security concern for the United States. Since the mid-1990s, the US government has steadily
increased funding to programmes to counter and combat WMD terrorism: according
to the Monterey Center for Nonproliferation Studies, Washington spends about $5
billion per year in this area. As a
consequence,This
has sparked a
debate in the West has sparked between those who believe
the expenses are justified, because the threat is indeed real, and those
convinced that risks are exaggerated by defence officials and think-tanks in
order to draw out resources from the political system. The general terms of this debate were
already outlined by your Rapporteur in the cited 1999 report on biological
weapons. However, the rich recent
literature on the subject allows for a deeper analysis that would also take into account also chemical
and radiological agents, and nuclear devices.
10.
The historical record
includes very few terrorist incidents in which chemical and biological agents
were used and no cases involving radiological agents or nuclear weapons
(although there have been episodes of smuggling of fissile material). The main explanation seems to be that this
form of terrorism requires not only the motive to employ such weapons but also the
technical skills to produce and deliver them effectively. The number of terrorists possessing the
right characteristics are is therefore limited. As Jessica Stern’s study The Ultimate Terrorists indicated,
politically motivated, state‑sponsored groups are the most technically
proficient but “likely to avoid large-scale use of WMD, for fear of alienating
their constituents or evoking harsh reactions from authorities”. On the other hand, loners,
schizophrenics and sociopaths may well want to inflict mass killings , but
are less likely to overcome the technical obstacles.
11.
Why would terrorists
decide to use WMD? One reason might be
to attract attention: apart from the actual casualties, WMD – especially
biological and chemical agents – may produce an enormous psychological impact
because of the sheer fear they inspire.
Terrorists might desire to impress their target audiences by demonstrating their
technological prowess with the use of “unusual” weapons. More specifically, biological weapons might
be appealing to religious fanatics because they want to emulate God and produce
devastating outbreaks. Right-wing
extremists and neo-nazis might be drawn towards the use of nerve gas or other chemicals out
of a highly perverse admiration for the methods employed by the Nazis. Finally, considering the recent level of
attention for WMD and the number of countermeasures adopted by some
governments, terrorists might just want to prove their superiority by
overcoming such measures.
12.
In sum, past experience
and analyses of the current situation suggest that probably few terrorists are
capable of surmounting the motivational, technical, political, moral,
and organisational obstacles to the use of WMD. However, many experts agree that the greatest danger of WMD
terrorism lies with two specific groups: religious extremists (both religious
fundamentalists and millenarian cults) and right-wing extremists organised as
ad-hoc groups.
13.
Transnational radical
Islamists, whose origins can be traced to the West-sponsored insurgency against
the Soviet occupation of Afghanistan, have consistently justified inflicting
mass casualties in their “holy war” against the United States, seen as the main
enemy of the Muslim world. Osama bin
Laden, the Saudi-born terrorist charged with masterminding the bombings of two
US embassies in Africa and the deadly attack against the US destroyer Cole in Yemen, has declared
that his mission (and that of his terrorist group Al Qaeda, the Base) is to drive US forces out of Saudi Arabia and
the Middle East by targeting US civilians, possibly with mass casualties mass
casualties weapons. “We
don’t consider it a crime if we tried to have nuclear, chemical, biological
weapons.” Declared bin Laden to a Western newspaper in 1999, “We have the right
to defend ourselves and to liberate our holy land.” Similarly, many millenarian cults or new religion extremists
perceive themselves in a struggle for survival against a demonised enemy that
must be destroyed by any possible means, including mass-casualty weapons.
14.
Right-wing terrorist
groups seek to preserve the status and privileges of a “dominant” ethnicity or
race. Generally anti-Semitic and
anti-government, these groups are particularly active in the United States and
increasingly recognise themselves in as a pseudo-religion, or Christian
Identity, which combines traditional elements
of fundamentalist Protestantism with persecutory ideologies. These groups have developed a political
agenda that justifies violent aggression (and even mass casualties) against Jews,
non-whites and the US federal government.
In the early 1990s, four members of one of these groups, calling
themselves the Minnesota Christian Patriots and conspiring to kill local and
federal law enforcement officials, were convicted and sentenced to prison for
acquiring ricin, a deadly protein toxin derived from castor beans.
15.
As this last case
showed, certain biological or chemical agents are relatively easy to acquire or
produce: a single person with the right expertise could do it. However, the studies of all the known
incidents involving these weapons collected in the book Toxic Terror indicate that terrorists have seldom used chemical
agents, and biological agents more rarely still. Technical constraints are considerable and involve not so much
acquiring and producing the agent as disseminating it. Using radiological agents or detonating a
nuclear device present even more binding technical constraints. According to Stern, “the US military found
that disseminating gamma-emitting radiological agents in air involved enormous
difficulties because of the heat generated by the material and the problem of
dissipation.” Finally, as the same
expert points out, “detonation of a nuclear device is the least likely form of
terrorism involving WMD”, and only the most sophisticated groups would be
likely to consider it because of the enormous technical obstacles.
16.
In conclusion, we cannot
undoubtedly
say categorically
that WMD terrorism is on the rise.
In fact, many of the most important terrorist groups are unlikely to
consider mass casualties useful or desirable.
However, something new is happening.
According to Brad Roberts, one of the leading experts on WMD terrorism,
“even the strongest critics of the hype in current policy acknowledge that
there is a problem there, and one that deserves serious attention and some
remedies”. Terrorism, as we have
indicated in the opening section, is changing its tactics, structures,
capabilities, and intentions. Moreover, some of the most serious moral
constraints to terrorist use of WMD are easing, with the increasing prominence
of religious fundamentalists, millenarian cults, and right-wing
extremists. Technology, as we will see
in the next section, could play a role in making this kind of terrorism even
more dangerous.
17.
Imagining how the world
might change in the years ahead could help us understand the possible future
developments of the terrorist threat.
One area on which experts have focused their attention is that of
biotechnology and genetic engineering.
Scientific advances in these fields will enhance our capabilities to
make specific calculated changes to the operation of living systems. This will give mankind enormous new
potential for beneficial medicine, but also for abuse in weapon systems. In the very long term, the unregulated
growth and diffusion of the new biotechnologies could open up a wide array of
new potential threats. Malcolm R. Dando
of the University of Bradford (United Kingdom) has singled out three examples
of potential misuse of modern biotechnology and genetic engineering: the enhancement of bacterial and viral
virulence, heterologous gene expression and protein engineering of toxins, and
genetic weapons. The third area raises
particular concern since the completion in 2000 of the human genome sequence. Information from genetic research could be
considered for the design of weapons targeted against specific ethnic or racial
groups.
18.
At the moment, the
production of such weapons ‑ and their use by terrorists ‑ is only
a theoretical possibility. Several
developments, however, indicate that in a not-too-distant future the gap
between possibility and reality may close.
While our societies are strengthening their protective measures against
standard biological agents, as Dando indicates, “terrorists might consider
using known biological weapons in unexpected ways, or move to the use of new
types of biological weapons”. During
the next few decades, the biotechnology revolution is likely to have an
enormous impact on our way of life.
Given the amount of government support and massive corporate investment
that genomics enjoy, scientific and technological developments will spread
rapidly around the world. Therefore,
also the
context in which terrorists operate will also be completely different, making common
what now seems startlingly new.
19.
Another area of concern
in the near future is that of agroterrorism.
In 2001, the US Department of Agriculture (USDA) has allocated almost $ 40
million to prepare against chemical or biological terrorist attacks. This has been generated by realisation that
this kind of attacks against livestock and the food chain
are is much easier and less
risky to carry out than those aimed at humans.
Terrorists could create biological pathogens to destroy agricultural
livestock with less difficulty than assembling weapons directed against
humans. Moreover, as the recent
outbreak of foot-and-mouth disease demonstrated, livestock has become more
disease- prone
in recent years as a result of intensive antibiotic and steroid programmes and
husbandry changes designed to elevate the volume, quality and quantity of meat
production. Terrorists could also use a
great number of agents and vectors to carry out extremely rudimentary
food-borne attacks, disseminating contaminants into plant, vegetable, dairy and
fruit-based products.
20.
Some experts contend
that this can not be properly defined as terrorism
because of the absence of direct physical violence against humans. It should be noted, however, that
agricultural chemical and biological terrorism could have a devastating impact
on our societies, in terms of psychological violence, social instability, and
economic consequences. Agroterrorism
can also have a high payoff as a means of influencing government policies through
basic extortion or blackmail.
21.
An additional area of
concern might come to the fore in the next decade. The event of a regional war between Western allies and a
WMD-armed state of concern can lead to the possible use of chemical or
biological weapons in terrorist-type attacks.
According to Brad Roberts, such asymmetric conflicts “may see a blurring
of the distinction between war and terrorism”, and regional aggressors may
utilise covert attacks against Western civilians to weaken public support for
the war or influence the body politic.
22.
In recent years,
NATO countries have dedicated their efforts to improving protection against WMD
terrorist attacks. At the military
level, a set of defence measures and response capabilities to maintain the
operational level of an armed force after a nuclear, biological or chemical
attack has been developed by most NATO members. Active and passive measures are the two main components of these
defences. An active defence consists,
for instance, in of using missiles to prevent aircraft or
missiles carrying WMD weapons from reaching their target,. wWhereas a
passive defence consists in being able to assess the threat, detect, warn,
protect, decontaminate and carry out medical countermeasures.
23.
At the 1999 Washington
Summit, NATO launched a WMD Initiative to improve political and military
efforts in this area. This resulted,
among other initiatives, in the creation of a specific WMD Centre at NATO
Headquarters in Brussels to improve co-ordination of all WMD-related
activities. The WMD Centre should
improve the quality and quantity of intelligence- and information-sharing; support the
development of a public information strategy; enhance existing Allied military
readiness to operate in a WMD environment and
to counter WMD threats; and enhance the
possibilities for Allies to assist one another in the protection of their civil
populations.
24.
National strategies
against WMD terrorism are generally putting the emphasis on prevention. For instance, the US Presidential Decision
Directive (PDD) 39, issued in 1995, addressed in particular nuclear, chemical,
and biological (NBC) terrorism and provided guidelines for US counter- terrorism
policy. “There is no higher priority,”
stressed the document, “than preventing the acquisition of this capability
[i.e. WMD use] or removing this capability from terrorist groups potentially
opposed to the US”.
25.
International efforts to
reduce and safeguard former-Soviet Union WMD arsenals in the former Soviet Union and the
related military and scientific complex are extremely important in the global
strategy to combat WMD terrorism. In
particular, the US programmes to improve security at weapons sites in Russia
and other Newly Independent States (NIS) and increase export and border
controls have significantly reduced the risk of illegal trafficking of in nuclear material,
chemical and biological agents.
26.
Despite prevention
strategies, vulnerability is still acute in the case of a low‑technology
chemical or biological attack targeting the civilian population. As we have seen, terrorists are more likely
to use industrial chemical poisons or biological agents than nuclear
devices. Some of these weapons are so
easy to make that prevention is unlikely to be fully entirely successful. Appropriate defences against these kinds of
attack have to be based on improved civil emergency planning and public health
surveillance and response.
27.
Our societies have
become totally dependent on information technology. As a consequence, attacks upon computer systems, both public and
private, have become the norm: cyber criminals conduct fraudulent transactions and, steal personal
data and trade secrets; crackers (criminal hackers) break into computer systems,
disrupt service, sabotage data, launch viruses and worms, and harass
individuals and companies. Many of
these attacks are serious and produce severe economic loss and damage. They are facilitated by increasingly
powerful and user-friendly software tools, mostly available for free from
thousands of websites on the Internet.
28.
This Committee’s General
Rapporteur, Vernon J. Ehlers, has already analysed attacks upon information
systems in his 1999 report “Information Warfare and International Security” [AS 285 STC (99)
8]. In this section, we will
therefore concentrate on the relationship between information technology and
terrorism, or cyberterrorism. We shall
define cyberterrorism as any act of terrorism (already defined in par. 2) that
uses information systems or computer technology either as a weapon or a target. It is important to
stress the distinction between cyberterrorism
and cyber crime,
which are similar in their use of information technology but different in their
motives and goals. This confusion is
particularly evident in the media, where the catch-all definition
“cyberterrorism” is often used to describe any kind of cyberattack. Cyberterrorism is politically, socially, or
religiously motivated, aimed at generating fear and, panic among civilians,
or at disrupting military and civilian assets.
Further, two different components of cyberterrorism can be singled out:
(1) terrorist use of computers as a facilitator of their activities; and (2)
terrorism involving computer technology as a weapon or target.
29.
Terrorist groups
currently use computer technology to facilitate traditional forms of subversive
activity. Quite simply, they are
exploiting modern tools to perform common terrorist actions such as internal
communication and co-ordination, propaganda and misinformation, recruitment and
financing, information and intelligence gathering. The use of the Internet for propaganda purposes is particularly
popular. Radical opposition groups such
as Hezbollah and Zapatistas use it regularly to communicate their revolutionary
programmes. Various neo-nazi and white
supremacist groups in the United States also use the World Wide Web to recruit
supporters and collect finance.
30.
The activities of
transnational terrorist groups are greatly enhanced by the use of the Internet,
which eliminates physical distance and national borders. Bin Laden’s Islamist terrorist group reliesy heavily on
computers and other modern communication tools. At the beginning of February 2001, Islamist terrorists were
claimed to use sport chat rooms, pornographic sites and other Web venues to
disguise maps and
photographs of their targets, together with instructions for their
activities. According to the US
officials that have discovered them, the messages were scrambled using free
encryption programmes set up by Internet privacy groups. Images were created through a series of
dots, inside which were strings of letters and numbers that computers could
read to recreate the images.
31.
Intelligence- and information- gathering can
also be effectively conducted through computer networks. Irish terrorists, for instance, had hired
contract hackers to penetrate computers in order to acquire the home addresses of
law enforcement and intelligence officers.
In March 2000, Japanese police forces discovered that a software system
they had procured to monitor 150 police vehicles had been developed by firms
subcontracted by members of the Aum Shinrikyo cult, the same that gassed the
Tokyo subway in 1995. When this was
discovered, the cult had collected classified tracking information on 115
police cars. Moreover, the cult had
sold other software to no less than 80 Japanese companies and 10
government agencies, making it potentially easy for them to conduct
cyberattacks at a later stage.
32.
Some experts are
reluctant to label as cyberterrorism the simple use of computer networks and
the Internet by terrorist groups.
According to Dorothy E. Denning, a Computer Science professor at
Georgetown University (United States), the fact that terrorists use computers
is not in itself a proof “that they are pursuing cyberterrorism, either alone
or in conjunction with acts of physical violence”. But However, other analysts argue that computer
technology has not only enhanced terrorist activities but created new and more
dangerous form of terrorism. In fact,
according to a study from by Michael Stohl and Peter Flemming of Purdue
University, Indiana (USA), terrorists that who utilise computers
“are now able to operate beyond the purview of traditional counter- terrorist
approaches”, because their ability “to develop undetected may become stronger”.
33.
Terrorist groups have
used computer technology to threaten or attack national infrastructures,
including national security onesinfrastructures, and commercial firms. These attacks have reportedly generated
actual damage only in the form of temporary disruption of services, public
inconveniences, or financial loss. So
far, no attack has led to violence, either physical or psychological, against
civilians, or to major disruption.
Probably the first politically motivated cyberattack was conducted by
ethnic Tamil guerrillas, who in 1998 swamped Sri Lankan embassies with hundreds
of e-mails over a two-week time. The
attacks upon NATO computer systems during the Kosovo campaign in 1999 (see
Ehlers’ report) could also be defined as cyberterrorism, although they were
presumably not conducted not by terrorists but
by individual hackers protesting against the Alliance’s bombings.
34.
In 1999, a report by the
Center for the Study of Terrorism and Irregular Warfare (CSTIW) at the Naval
Postgraduate School in Monterey, California, tried to assess the prospects of
terrorist organisations pursuing cyberterrorism. The study defined three levels of cyber terror capability:
·
Simple or unstructured: basic attacks against
individual systems using tools created by someone else and conducted by an
organisation that possesses little target analysis, command and control, or
learning capabilities;
·
Advanced or
structured: more sophisticated attacks against multiple systems or networks
using modified or created basic hacking tools, conducted by an organisation
that possesses elementary target analysis, command and control, and learning
capabilities;
·
Complex or co-ordinated: attacks capable of causing mass -disruption against integrated,
complex defences (including cryptography) using sophisticated and originally
created hacking tools, conducted by an organisation that possesses high target
analysis, command and control, and learning capabilities.
35.
The CSTIW report also
estimated that it would take a group starting from scratch 2 two to 4 four years to reach the
advanced level and 6 six to 10 ten years to reach the
complex one, although some groups might make it in less time by either turning
either to
outsourcing or to sponsorship
to expand their capabilities.
36.
The most sceptical
analysts, such as Denning, are convinced that “there is little concrete evidence
of terrorists preparing to use the Internet as a venue for inflicting grave
harm”. Most experts, however, admit
that the threat, although likely to be a few years into the future, is indeed
real and must be addressed.
37.
Yet another threat seems
more imminent. As Ehlers indicated in
his report, computer systems and all electronic devices can be seriously
damaged by weapons producing electro-magnetic pulses (EMP). High Power Microwaves (HPM) or EMP bombs and
High Energy Radio Frequency (HERF) guns can radiate intense pulses of
electro-magnetic energy capable of severely damaging computers, radar and all
electronic equipment. They can even destroy circuits,
microprocessors and other components.
These weapons are well-known in Russia, where extensive studies were
conducted during the Cold War. The US Air Force used
EMP and HERF weapons successfully in 1991 against Iraqi radar installations,
and in 1999, against Yugoslav electronic
infrastructure.
38.
The possibility of
terrorists using EMP weapons has been raising alarm for at least a decade among
defence analysts. According to Winn
Schwartau, an information warfare specialist, rudimentary EMP devices have been
assembled by US Department of Defense consultants within two weeks at the cost
of $ 500. Such devices, capable of disrupting
computers, medical equipment, and cars, could be placed into
a van or even reduced to fit into a suitcase.
Criminal organisations in Russia have been accused of using EMP devices
to bypass alarm systems. According to
the Russian Aarmed
Fforces,
Chechennyan
rebels might have used similar technology to disrupt Russian electronic
communication equipment.
39.
In his book Cybershock, Schwartau considers some
possible effects of a well-orchestrated EMP attack upon Western infrastructure:
·
Wall
Street or other banking systems can be attacked, causing repetitive failures resulting in
financial losses. Also past records can
be wiped out by onslaughts of electromagnetic pulses;
·
aeroplanes’
aircraft avionics
and guidance systems can be overloaded by targeted HERF, causing potentially
deadly conditions;
·
medical
equipment can fail under the attack of intense energy spikes, putting human
lives in danger;
·
communication
nodes can be burned out by intense microwave radiation;
·
municipal
emergency services can be made inoperable by debilitating wide-band microwave
jamming;
·
power lines and
transformers may serve as efficient conductors to transmit huge current to
victim businesses and sub-stations, causing regional black-outs.
40.
The ability to build EMP
weapons is apparently quite diffusewidespread, yet there are no international
controls over the import and export of the related technologies. Defensive techniques, although in some cases
expensive, have been partially deployed in the public sector (especially to
protect military assets), but remain extremely rare in the private sector.
C. WHO ARE THE
TERRORISTS?
41.
As it was the case
for WMD, it is important to understand which groups are more likely to turn to
cyberterrorism. The CSTIW report examined
five terrorist group types: right-wing extremists, left-wing revolutionaries,
ethno-nationalists, millenarian cults, and religious extremists. The conclusions indicated that only the
religious groups are likely to seek the most damaging capability level, which
is consistent with their indiscriminate application of violence. Some millenarian cults might try to inflict
damage with sophisticated computer attacks.
Ethno-nationalists and left-wing groups are likely to adopt simple
hacking or cracking techniques.
Right-wing extremists seem the least interested to cyber terror, which
does not offer the cathartic effects that are central to their psychology.
42.
These findings are
extremely interesting when confronted with the indications about terrorists
likely to use WMD (see p. 3). It is
probably not a coincidence that religious groups (such as bin Laden’s) and
millenarian cults (such as Aum Shinrikyo) demonstrated interest in - or have
indeed used - both strategies, although in different circumstances. Moreover, as highlighted by a report of the
US National Commission on Terrorism, “a conventional terrorist attack along
with a coordinated cyberattack could exponentially compound the damage”.
43.
The threat posed by
cyberattacks has been generally recognised by governments and international
organisations. Several NATO nations
have adopted protective measures for their critical infrastructures relying on
information technology and adopted specific laws of varying
effectiveness dealing with computer-related crimes and cyberattacks.
44.
With its high reliance
on technology networks and systems, the United States has become the most
vulnerable target for cyberattacks. The
cornerstone of the US strategy is PDD 63, issued in May 1998 by the then
President Bill Clinton, and aimed at protecting infrastructures from
intentional acts that would diminish the ability of the Federal and local
governments to perform essential national security missions, to deliver minimum
essential services and to ensure the general public health and safety. One of the main goals of this strategy is to
build an information‑ sharing forum among agencies in
collaboration with the private sector.
The National Infrastructure Protection Center (NIPC) at the FBI, which includes
representatives from the Departments of Defensce, Energy, Transportation, the
Intelligence Community and the private sector, provides such a forum.
45.
The Clinton
Administration has also proposed several initiatives, not all implemented because of financing problems or
opposition in Congress, to defend the nation’s computer systems, such as:
·
increasing federal
R&D investments in computer security;
·
designing a Federal
Intrusion Detection Network (FIDNET) to protect vital systems in federal
civilian agencies;
·
establishing an
Institute for Information Infrastructure Protection that will combine federal
and private efforts to fill the gaps in critical research;
·
establishing a Federal
Cyber Service Training and Education initiative, which will fund scholarships
to students who develop new programmes in computer security and agree to work
in this field for the government for at least two years.
46.
A number of governments
are following the US example and formulating Critical Infrastructure Protection
(CIP) policies. In late 1999,
the United Kingdom established the National Infrastructure Security
Co-ordination Centre and supported the creation of the Information Assurance
Advisory Council, a private-public co-operation forum. Other NATO members, such as France and
Germany, are setting up CIP strategies.
47.
Nonetheless, some
analysts have criticised the US government’s efforts because of their focus on
“infrastructure protection”. John
Arquilla, ion
The New Republic, argues that such an
attention on infrastructure protection “misunderstands the cyber war
threat”. As a result, the government
has constructed “a kind of Maginot line”, based on the assumption that it is
possible to wall off safe areas.
Instead, he proposes countermeasures such as electronic camouflage for
files or strong encryption. Further,
according to experienced hackers, US policy does not address the weakest link
in the computer security chain: human failures, which make most computer
intrusions possible. Major investments
in human resources would probably be more productive.
48.
Other critics observe
that the continuous development of new software makes passive defences, such as
CIP, easier to defeat. Moreover, as
previously isolated elements of large networks are linked together, new avenues
of attack emerge. Reliance over on passive defences is
therefore limited. A better approach
would be to combine passive with active defence measures, such as actions to
discourage attacks, or disable or destroy the equipment used to attack. However, such strategies require effective
technical methods to track attackers, organisational structures to support
them, and internationally agreed standards of legal attribution.
49.
More generally, two
major problems have emerged in the various national strategies against
cyberattacks. First, the confusion
between cyberterrorism and cyber crime. Such confusion is partly caused by the lack of clear definitions
of the two phenomena. A UN manual on
computer‑related crime recognises that, even after several years of debate
among experts on just what constitutes cyber crime and what
cyberterrorism, “there is no internationally recognised definition of those
terms”. This confusion has produced a
lack of specific focus on cyberterrorism in national legislation. The second major problem derives from the
fact that cyberattacks against a nation’s infrastructures can be conducted from
anywhere in the world. This creates
jurisdictional problems for prosecutors and law enforcement.
50.
Indeed, most domestic
laws define terrorism as requiring violence or the threat to or the taking of human life for
political or ideological ends. As we
have seen, most information attacks that can be defined as cyberterrorism would
mainly result in large-scale financial losses, massive disruption of essential
public services, eventually generating panic and chaos, or destruction of
information databases.
51.
In a partial effort to
address this problem, the British Parliament passed a bill in
February 2001, the Terrorism Act 2000, which broadens the definition of
terrorist organisations. Such a
definition now includes
now everyone
who plans violent acts in the United Kingdom, even if they are staged
abroad. The goal is to prevent
dissident political groups from using the UK as a base for terrorism. But the Act’s definition of terrorism also
includes actions that “seriously interfere with or seriously disrupt an
electronic system”. This appears as to be a step in the
right direction, although concerns have been raised about the vagueness of the
law concerning activism conducted on the Internet (or “hacktivism”). It will be up to police investigators to
decide whether an action is to be considered regarded as terrorism.
52.
With regard to the
second problem, governments have asked for more effective international co‑operation
on the issue of transnational cyberattacks. Currently, few international
efforts have been undertaken with the specific goal of controlling information
terrorism. In December 1998, the United
Nations General Assembly, at on the initiative of the Russian Federation,
adopted Resolution 53/70 Developments in
the Field of Information and Telecommunications in the Context of International
Security. The document invited
member states to inform the UN Secretary-General of their views and assessments
on (1) the issues of cyber crime and terrorism; (2) definition of basic notions
related to information security; and (3) advisability of developing
international principles that would enhance the global information and
telecommunication systems and help combat information terrorism and crime.
53.
The Council of Europe
has implemented a draft convention that is so far the only existing project for
multilateral agreement on cybercrime.
This document accomplishes makes some progress by providing for the
criminalisation of conduct against the confidentiality, integrity and
availability of computer systems; by empowering domestic law enforcement with
procedural authorities; and by developing mechanisms for international legal
assistance in investigation and prosecution.
The document, drafted with the active contribution of observers from the
United States and Japan, also
tries also to ensure a proper balance
between the interests of law enforcement and respect for fundamental human
rights.
54.
The European Commission
is also trying to develop a harmonised policy to combat computer crime without
affecting citizens’ fundamental rights to privacy. At the end of January 2001 it presented its proposals to combat
computer-related crime, which include legislative as well as non‑legislative
proposals. The former include
harmonising member states’ laws, including strengthening criminal laws in areas
such as hacking and denial of service attacks.
The latter include the establishment of a EU Forum that will bring together
several actors parties involved in the matter.
55.
It seems clear from the
above analysis that the terrorist threat, because of its changing nature and
means, is increasingly dangerous and difficult to oppose. Countering this threat requires deterring
and preventing as much as preparing public and private capabilities to respond
to actual attacks. Both WMD and
cyberterrorism are giving rise to the most pressing needs for new strategic
thinking on preparedness and response.
In this conclusion, we would like to offer a few indications as how to
shape international and national strategies against these new kinds of
terrorism.
56.
A few basic
recommendations can be useful to in shapinge a general
counter- terrorism
strategy:
·
Strengthen intelligence to prevent terrorist attacks. Recruiting informants with access to terrorists’ plans should be
encouraged. The selective and
authorised use of electronic surveillance and physical searches should be
facilitated. Counter- terrorism
agencies must also be able to extract more information from computer networks
and other modern communication resources.
·
Bring terrorists to justice for their crimes, without making any concessions or
striking deals.
·
Isolate, and apply diplomatic pressure on to, states sponsoring terrorism to force them diplomatically to
change their behaviour. Efforts should also be devoted asmade well to
stop or disrupt non-state sources of support for international terrorism.
57.
In the area of WMD
terrorism, as terrorists are more likely to use chemical or biological agents
than nuclear devices, strategies for minimising loss of life are more likely to
be effective:
·
Train and equip “first responders” (fire-fighters, police, public- health and
other emergency personnel) for managing the consequences of terrorist
attacks. These services also need to
work together and co-ordinate their efforts.
Designating an office of national co-ordination for all policies related
to countering WMD terrorism may be useful.
·
Prepare hospitals to respond. Public
health authorities may not realise immediately there has been a biological
agent attack. For this reason,
they must be trained to respond to their earliest suspicions once victims begin
showing symptoms.
·
Increase government surveillance of diseases of public health importance in humans, animals and
plants.
·
Prepare public service announcements to inform the public about the nature of the attack,
how to minimise exposure, and where to seek treatment and counselling. This may also prevent the public from
panicking and attempting to flee, thus exposing others to contagion.
·
Increase funding for R&D to detect, disable, and mitigate the effects of
WMD. If new technologies have made
terrorism more lethal, they can also make it easier to combat. To counter chemical and biological attacks,
requirements include the development of better detection devices and
pharmaceuticals.
·
Improve international sharing of intelligence. To help
intelligence and law enforcement agencies, we suggest the creation of a continuously
updated database of terrorist groups and incidents (especially involving WMD),. and eEnhancing the
capabilities of the World Health Organisation (WHO) to monitor global
infectious disease trends and unusual outbreaks.
58.
WMD terrorism should be
fought also by updating and strengthening international and national laws and
arms control strategies:
·
Strengthen the Biological Weapons Convention (BWC) by the adoption of a legally binding protocol
setting mechanisms for inspections.
Such a protocol
should also provide a system for investigating unusual outbreaks of disease in
humans, animals and plants. Exports of
dual-use chemical and biological equipment should be controlled and export laws
harmonised. Also increase diplomatic
efforts to convince all countries to sign and ratify the BWC and the Chemical
Weapons Convention.
·
Sustain and enlarge non-proliferation programmes aimed at the former Soviet Union’s WMD complex,
particularly with regard to combating illegal traffic of in nuclear weapons
technology and chemical/biological agents.
·
Make it illegal to possess chemical and biological
agents and diffuse information
on how to build and use such weapons (taking into account that the Internet is
increasingly used to this purpose).
National laws of some countries (such as the United States) should be
strengthened.
59.
Some indications about
how better to counter information terrorism have already been given in the
section devoted to it. We summarise the
main points:
·
Adopt national infrastructure
protection policies. The
US strategy provides a good example, but improvements are possible, especially
by increasing the use of strong encryption and electronic camouflage
techniques. Passive defences should be
combined with active defences, such as technologies to track attackers,
discourage them or disable their equipment.
·
Encourage NATO to include defence against IT threats in its activities and envisage some form of
co-ordination among members in this area.
·
Invest in human resources. Training
and education in the field of cyber security should be compulsory in the public
sector (and some key private utilities) of all NATO countries.
·
Increase international legal co-operation on transnational cyberattacks. The UN should organise an international
convention to discuss an agreement or treaty on threats to computer
systems. Mechanisms for international
investigation and prosecution of these crimes should also be developed.
·
Monitor the Internet and share intelligence. To
discourage terrorists’ use of the Internet, intelligence agencies should
regularly monitor the Web and exchange information. When necessary, active measures, such as counter-attacks to
disable or destroy equipment and software should be adopted.
60.
Protection against EMP
and HERF attacks should also be increased in the context of the above strategy
to counter information terrorism.
Traditional shielding techniques using iron, copper mesh and other
non-magnetic metals have been already adopted to protect sensitive military
technology. However, these techniques
are extremely expensive, especially for use in the private sector. More research is needed in this area, but
alternative technologies may soon be available:
·
Radiation-resistant microprocessors. The US
Department of Energy’s Sandia National Laboratory has already commissioned
these chips for use in satellites, and military reconnaissance and
communication equipment. Similar ‑ and
less expensive ‑ technologies should be created for civilian use.
·
High-speed plasma limiters for sensitive circuits. In this
devices, synthesiszed
gases would sense threshold electric fields and, if thresholds are exceeded,
would block the offending signals.
Sections I. and II. relied mainly on: Jessica Stern,
The Ultimate Terrorists, Harvard
University Press, Cambridge, Mass., 1999; Jonathan B. Tucker (ed.), Toxic Terror, Assessing Terrorist Use of
Chemical and Biological Weapons, MIT Press, Cambridge, Mass., 2000; and
Brad Roberts (ed.), Hype or Reality? The
“New Terrorism” and Mass Casualty Attacks, The Chemical and Biological Arms
Control Institute, Alexandria, VA, 2000.
Information in Section II. part A. comes from
Malcolm R. Dando, Benefits and threats of
developments in biotechnology and genetic engineering, Appendix 13A, Sipri
Yearbook 1999, Oxford University Press; and Peter Chalk, “The US agricultural
sector: a new target for terrorism?”, Jane’s
Intelligence Review, February 2001.
Section III. is based mainly on Peter Flemming and
Michael Stohl, Myths and Realities of
Cyberterrorism, at http://www.ippu.purdue.edu/info/gsp/cyberterror_intro.html;
Dorothy E. Denning, “Cyberterrorism”, Testimony before the Special Oversight
Panel on Terrorism, Committee on Armed Services, US House of Representatives,
23 May 2000; Dorothy E. Denning,
“Activism, Hacktivism, and Cyberterrorism: The Internet as a Tool for
Influencing Foreign Policy”, at http://www.nautilus.org/info-policy/workshop/papers/denning.html
; Gregory D. Grove, Seymour E. Goodman and Stephen J. Lukasik, “Cyber-attacks
and International Law”, Survival,
Autumn 2000; Andrew Rathmell,
“Information operations – coming of age?”, Jane’s
Intelligence Review, May 2000; John
Arquilla, “Screen saver”, The New
Republic, 1 May 2000; Richard W.
Aldrich, Cyberterrorism and Computer
Crimes: Issues Surrounding The Establishment of an International Regime, Institute for National Security
Studies, US Air Force Academy, Colorado Springs, Occasional Paper 32,
April 2000; and Part 4, Chapter 3 of Winn Schwartau, CyberShock, Thunder’s Mouth Press, New York, 2000.
For the Conclusions, indications were drawn from all
of the above plus Frank J. Ciluffo, Sharon L. Cardash, Gordon N.
Lederman, Combating Chemical, Biological,
Radiological and Nuclear Terrorism: A Comprehensive Strategy, Center for
Strategic and International Studies, Washington DC, December 2000; and Countering the Changing Threat of
International Terrorism, Report of the National Commission on Terrorism
(Pursuant to Public Law 277, 105th Congress), at http://www.fas.org/threat/commission.html
_____________
