Introduction:
We are living in the age of massive scientific and technological growth. Nowadays, almost all of our routine activities are aided by technology. It won’t be wrong to say that our lives are surrounded by technology. The most widely adopted application of technology that is common in our society is the internet. Like any other thing in the world, the internet has provided a lot of comfort and ease in our lives. But it also has its downside. The use of the internet for harmful activities is increasing day by day, which is alarming. Things like hacking, cybercrimes, cybersecurity breaches, and hacking are becoming a norm in society.
Cyberterrorism:
Cyberterrorism refers to the use of the internet and technology to spread terror among people through violent activities. This is done to spread deliberately to spread fear in society. These activities include threatening an individual, causing physical harm or loss of life using the internet for the accomplishment of ideological or political goals. In a broad view, the use of malicious software, worms, phishing activities, viruses and programming scripts purposefully for causing computer network disruption are also included in cyberterrorism. Terrorism, in any form, is not acceptable for any society as it causes severe damage which the community cannot recover quickly. Keeping in view the impacts of cyberterrorism, we can say that it is a new threat to our cybersecurity.
Small and medium online businesses such as websites offering online shopping, reading materials, academic writing and dissertation writing UK also face the danger of cyberterrorism activities due to a lack of professional resources in terms of cybersecurity.
Types of cyberterrorism:
Experts have divided cyber-terrorist activities into five main types. They are mentioned below.
Incursion
Cyber incursion refers to the attacks that involve accessing and penetrating into networks or computer systems in order to modify, change, alter or steal information. This information is later used for terrorist activities.
Destruction
These types of activities include encroaching into networks or computer systems to cause severe damage for destroying the entire system. The attacker may use different methods for this attack like Stuxnet, frequency jammer, BadBIOS, etc. Most of the destructive malware variants delete and wipe off essential files for running the operating system correctly.
Disinformation
As the name implies, disinformation involves spreading false information or rumours to cause harm to a specific target. It can be against a person, an organisation or a country. The main aim of a disinformation attack is to confuse, manipulate, or mislead an audience. To spread disinformation, digital tools like Artificial Intelligence technology, algorithms and bots are used. These types of attacks are usually designed to cause harm to the democracy of a state. Machine learning applications, adjustment systems and fact-checking algorithms can help in defence against disinformation attacks.
Denial of service
Denial of Service (DoS) means disrupting or disabling a server’s functionality by sending an abnormally huge number of requests. This will fail the system to handle and process these requests and eventually disable the server. The two types of DoS attacks include flooding services and crashing services. The main objective of this attack is to shut down the target’s system, machine or network. Due to this, the network’s original users (members, account holders or employees) cannot access it. These attacks are more common in high-profile organisations like media companies, commerce and banking businesses. The recovery from Denial of service attacks involves a massive amount of money and time investment. The most popular flood attacks include SYN flood, ICMP flood and Buffer overflow attacks.
Defacement of websites
Defacement of websites refers to malicious parties’ penetration into a website to replace the original content with their own. They may replace the website’s original content with a notice that the website has been hacked or a threat or inappropriate content that may result in banning the website. Some common defacement attacks’ causes include unauthorised access, SQL injection, cross-site scripting, DNS hijacking and malware infection. The primary purpose of these types of attacks is to cause embarrassment and loss to the website owner.
Cyberterrorists may perform the above mentioned five types of cyberterrorism activities in three ways; Simple-Unstructured, Advanced-Structured and Complex-Coordinated. These categories are based on the hacking tools being used in the process and the magnitude of the attack.
Countering cyberterrorism:
It is crucial to plan and execute defence strategies to protect yourself and your organisation from cyberterrorist activities because of their lasting negative impacts. Otherwise, you will be helpless in case of facing any cyber terrorist activity. There are three stages of a defence strategy.
Prevention: The first stage is called prevention. It is essential to make efforts for stopping an attack in the first place from attacking you. This means failing the attack before reaching the target or decreasing the probability of a cyber attack. The main idea is to make a plan that prevents you from being attacked in the first place and intercept its effect even if you get attacked. To fulfil the purpose of prevention, the systems should be designed with strong security settings. It is because adding security systems afterwards is costly. It also decreases performance and efficiency. This stage carries immense importance because if the attackers know that they will be punished in any invasion.
Incident management: The second stage is incident management. This stage comes to action in case an attack has been made. It includes executing a defence system during an attack. The primary objective is to cope with the attack without any loss or at least a minimum loss. It involves the identification of the damage and then limiting it. Firstly, the attack is detected and then notified to the system to activate and come to action. The system then tries to stop further invasion and penetration of the attackers by putting barriers in their way. For this purpose, passwords, proxy servers and firewalls are used. Physical protection, like fencing and biometrics, may also help. A new approach in this regard is the automatic reallocation or shutdown of the system in case an attack is detected. By this, the damage is reduced.
Consequence Management: The last stage is named consequence management. It refers to the strategy directing towards measures to be taken after an attack. It involves two sub-stages, namely recovery and response. The first sub-stage is concerned with rehabilitating the system to work routine as soon as possible. It includes IT assets’ reconstitution. Response implies to identification and punishment of the attacker. Moreover, learning from the experience and making strategies about making necessary changes.