Cyber Terrorism Now at the Top of the List of Security Concerns

By Kevin Coleman — Defense Tech Cyberwarfare Correspondent

In the shadow of the 10th anniversary of the 9-11 terrorist attacks, the United States finds itself facing a different threat from terrorists. Secretary of the Department of Homeland Security (DHS) Janet Napolitano recently stated that, “The U.S. has become ‘categorically safer’ since 9/11, but cyber-terrorism now tops the list of security concerns.”

One of the most accepted definitions of cyber terrorism comes from the U.S. Federal Bureau of Investigations (FBI). According to the FBI, cyber terrorism is the “premeditated, politically motivated attack against information, computer systems, computer programs and data which results in violence against non-combatant targets by sub-national groups or clandestine agents.” That definition is intentionally broad to leave room for the seemingly continuous change in the cyber attack strategies and tactics used in general that are often adopted by terrorists.

Cyber terrorist seem to have an endless number of targets to attacks. Given that the United States is the most computerized country in the world, you would have thought that we would have or should have learned valuable lessons from the cyber attacks on Estonia and Georgia as well as the Stuxnet incident in Iran, but it appears we haven’t! Could a Stuxnet type attack be launched against the critical infrastructure systems of the United States and be successful? The answer is yes and many believe that is highly likely!

Government is moving quickly as compared to the sluggish pace we have come to expect. However, this pace is nowhere near the speed this threat is evolving. Many security professionals find it difficult to sit and watch as their continuous warnings go all but unheard. Equally concerning is that federal legislators seem to be more concerned about how they can get a piece of the monies being allocated to this threat and jobs for the area they represent rather that the national security threat of a cyber terrorist attack on our critical systems!

In remembrance of those who lost their lives on 9-11 as well as those who continue to suffer from the affects of the events that day.

  • Alex

    Activating rant mode in: 3…2…

    “Equally concerning is that federal legislators seem to be more concerned about how they can get a piece of the monies being allocated to this threat and jobs for the area they represent rather that the national security threat of a cyber terrorist attack on our critical systems”

    Couldn’t they wait till we have a system in place before they start fleecing! D:< Rant mode: OFF

  • NotaNoob

    Also, the threat of cyber attack from China is also blown out of proportion (cyber attack, not cyber espionage). Sure China could disrupt 9/11 calls, screw with traffic lights, cut the power. China can also detonate a nuke above the US or just nuke a major city. But when discussing these possibilities we often forget one important question: Why? Why would China ever do any of that?
    Any of those actions would be a declaration of war against a nuclear armed power. I’d love to sit in on Chinese war plans.
    “So what are the possible outcomes of this strike?”
    “Well, America could go ape shit and wage full out war… they have a history of doing that Sir.”

    The EMP scenario is absurd. When America says it will respond to a nuclear attack with nuclear weapons, it doesn’t narrowly interpret a nuclear attack as one that kills X amount of citizens or detonates at X miles above the ground. The US would still have the ability to launch hundreds of cruise missiles. If the US was really mad… our commanders could send in a couple nukes too.

    Chinese General: “Haha you lose power!!”
    American General: “Hahah you dead!”

    not smart

    • IMO this is not the way this would end. The US has too much too lose. and so does China. But if things would heat up that China launches a EM strike. The US probably do the same, to avoid MAD.

      • NotaNoob

        I created a silly hypothetical situation. How we respond matters less than the fact that we can respond (and respond in a devastating manner).

  • dddd

    I don’t think the THREAT is necessarily exaggerated, but what it is misrepresented is how difficult it would be for the government/industries to get back up and online after an attack occurred.

    • NotaNoob

      The US has a second strike capability… whether that is done in the conventional, nuclear, or cyber domain is irrelevant. An EMP/Cyber attack will not destroy America’s second-strike capability. It is stupid to launch an attack against a foe w/ a second strike capability unless you can guarantee that you can neutralize that second strike capability. China is not going to attack the American homeland. They may launch cyber attacks against US military assets in the Pacific, but only as a opening to a invasion of Taiwan which seems highly unlikely at the moment.

  • Reader

    Directly attributable facts provided in this article:

    1. Secretary Napolitano’s quote.
    2. FBI’s definition of cyber terrorism.

    Usual fluff:
    “Could Stuxnet happen? Yes, many believe so!”

    “Government is slower than the threat and is greedy.”

    Summary: “I am a security professional, and people in my profession are not getting the attention that I believe they deserve.” With blog posts as poorly written and unsubstantiated as this, I wonder why.

    • Brian

      The problem with security is there are way to many know-it-alls like you! Nothing constructive to offer will go down as your greatest contribution.

      • NotaN00b

        Quick lesson in logical fallacies (mainly for Brian):

        Ad hominem: attacking the arguer instead of the argument
        Example: “The problem with security is there are way to many know-it-alls like you!”

        Appeal to consequences: the conclusion is supported by a premise that asserts positive or negative consequences from some course of action in an attempt to distract from the initial discussion
        Example: “Nothing constructive to offer will go down as your greatest contribution.” (Also an appeal to emotion)

        Brian…. that was not a valid response. Hope we learned something.

        • dddd

          Studying for the LSAT are we?

          • blight

            If (phrase==latin)

          • NotaNub

            lol. no. ima electrical engineer

          • Kevin

            Remember the old saying – You can tell an engineer but you can’t tell them much :-)

          • NotaNoob

            cool quote dude

          • blight

            But you must be some kind of liberal, you don’t agree with the groupthink!

  • jason

    The admit its exaggerated. why because “we have to stay vigilant ” or we need more money.

  • NotaNub

    Defensetech editors,

    I have been hesitant to call your article what it is: fear mongering. It relies heavily on appeals to emotion, specifically fear. Fear mongering leads to the development of “Death Stars” that the military neither wants nor needs. Fear mongering leads to public anger at the defense establishment. You end up hurting the men and women you intended to support. American citizens are smart enough to comprehend the real rationale behind US strategies.

    I completely understand that certain nations are developing cyber weapons that threaten US military systems. However, this is neither new nor surprising. Cyber operations are an effective counter to networked systems just as anti-tank rounds are an effective counter to…well.. tanks. Our adversaries will always seek means to balance against American power.

    However, it makes ZERO sense to use these weapons systems unprovoked against the American homeland unless it is the opening act of war. As I have stated above, America has a second strike capability in every war-fighting domain. It’s like a kid going up to the really tough and incredibly short-tempered kid on playground and slapping him across the face. Not a good idea. Never start a fight where the best option is minor injury, and the worst option (albeit remote) is death.

    Unless our relations with certain foreign nations deteriorate to a state of war, it is doubtful that nations will launch cyber attacks against America. On that note, it is more important to work to improve relations than spending billions building castle walls. Identify the sources of conflict and mitigate them.

    Sorry, I didn’t have time to edit this. i need sleep. b4 i go: i aint no hippy tree hugger. i work in defense. kbi

  • blight

    I love how in cyberwarfare we’re covering the same ideological ground we did with nuclear weapons: the only employment will be en masse, once Pandora’s Box is open. Flexible responsible evolved once we realized that going MAD wasn’t an option; and the same thing will happen with cyberwarfare.

    Cyber attacks /will/ happen especially as they can be false-flagged or obfuscated. Very tempting. Is there any “point” to launching an ineffective response to a cyber-attack, just as there was to random arrests near a car bombing in Iraq? The targeted response and attack-the-support-network mechanisms that work in COIN aren’t yet translateable to the cyberworld…

  • I agree with Nota