"Traditional terrorism refers to violent acts that indiscriminately target civilians," says Jon Iadonisi, former Navy SEAL, cyber security expert and co-founder, White Canvas Group. Traditional terrorists are largely interested in achieving or thwarting political or ideological goals in the process. "Cyberterrorism invokes the specific use of computer networks to induce violence against innocent civilians," says Iadonisi.
Lloyd's of London affirms the occurrence and rising risk of physical danger from cyberterrorist attacks. But, as the risks increase, the law is not rising to the occasion to prosecute these terrorists.
"We have a growing criminal body [cyberterrorists] that has technically out maneuvered federal prosecutors," says Iadonisi. The cyberterrorism landscape is exposing federal judges to cases they are unable to prosecute. "When you look at the evidentiary support and try to prove guilt, you realize there is no existing statute," says Iadonisi.
This leaves CSOs and CISOs with technical and policy solutions for the cyberterrorism challenge.
Cyberterrorism events point to risks
Increasing occurrences demonstrate the risk of cyberterrorism. In 2010, the Stuxnet worm attacked Iran's Natanz nuclear facility in a probable attempt to halt Iran's uranium enrichment program by disabling its nuclear centrifuges, according to Charles Tendell, CISSP, C|EH, cyber security expert for the U.S. military. Stuxnet creators designed the worm to take out Siemens industrial control (SCADA) systems of the type that the Natanz nuclear facility employed. Stuxnet accomplished this using a rootkit for programmable logic controllers.
"The Stuxnet authors used 4 zero-day exploits cleverly integrated in such a way as to resemble non-alarming Windows files. Instead of bypassing common anti-virus protocols, the authors designed Stuxnet to gain acceptance as an innocuous set of files and later spawn exploits from within the trusted enclave," says Iadonisi. The complexity of the Stuxnet code was such that it had over 15,000 lines of code with a low bug-per-1000 lines ratio—something that required very talented software engineers, according to Iadonisi.
While cyber security experts have suggested that the U.S. and Israel had the resources to create Stuxnet, famous NSA whistle-blower Edward Snowden has openly proclaimed that their collaboration on the worm is a fact, according to Tendell.
In 2012, the Shamoon virus attacked Saudi Aramco in an attempt to disrupt oil operations. The virus erased and rendered approximately 30,000 computer hard drives throughout the company useless. Numerous experts who examined the code found that the Shamoon virus included evidence of anti-American sentiment such as an image of a burning U.S. flag, according to Iadonisi.
"The elements of the Saudi Aramco attack denote a textbook cyberterrorism example—a politically motivated (anti-US) organization attacking a civilian infrastructure with the intent to cause an O & G disaster," says Iadonisi. The political / hacktivist movement the Cutting Sword of Justice claimed responsibility for the attack.
Sign up for CIO Asia eNewsletters.