Where am I? >
Home >
News >
Hacking

Economic warfare enters the cyber-age

Tech-savvy terrorists start using the web for sabotage

vnunet.com, 31 Oct 2002

The internet could become the latest weapon in the arsenal of increasingly technically sophisticated terrorist groups, ushering in a new age of economic warfare.

Addressing delegates at the Compsec security show in London this week, Brian Jenkins, special advisor to the US International Chamber of Commerce, warned that terrorists already use the internet to communicate with each other and to obtain and provide information and disinformation.

They deface or take down sites that hold opposing views and may even be reconnoitring network and system vulnerabilities via the internet, he said.

While Jenkins sees cyber-terrorism as a mainly theoretical risk, reports indicate that terrorists are increasingly starting to use the web for sabotage purposes.

And the threat of this will increase as society becomes more reliant on internet-based systems.

"Over time, terrorists may become more like hackers and hackers may become more like terrorists," he said during his keynote speech.

"Most terrorists still seem to prefer bombs and bloodshed, but increasingly they're recognising that a combination of attacks is more efficient in economic warfare."

The most likely threats are shutting down key systems such as air traffic control, and unleashing extended denial of service attacks to parts of a critical infrastructure such as the national grid.

Another means could be corrupting data in, for example, banking systems causing people to lose confidence, while a so-called 'forced multiplier' attack would see terrorists undertaking physical and cyber attacks concurrently to magnify any potential damage.

Alan Brill, senior managing director at consultant Kroll Associates, picked up the theme during his speech. He insisted that organisations must secure all assets, whether physical or technological, if their security policies are to be effective.

"At least 75 per cent of the companies we looked at had no formal relationship between physical and IT security, but that's become unacceptable and dangerous to the corporation and it cannot be allowed to continue," he said.