Internet Terrorist: Does Such A Thing Really Exist?
by Rick Lawhorn - Director of Information Security & Compliance at PlanIT Technology Group - Tuesday, 19 August 2008.
If we take all the three definitions and compare them, we can understand the governments’ intent in defining the actions and the basic fundamental characteristics of terrorism. Realistically, the lack of a solid, universally accepted definition and having to rely on intent is the first major strike against understanding the threat. The first rule in being able to track a threat is to understand what that threat is and the characteristics that make up the profile. If we do not have this understanding up front, it will spur a great amount of activity for the least possible value in targeting Internet terrorism. With so many different definitions, you can start to understand the reason behind failures in the identification and of course, tracking and monitoring.

In the interest of moving to the next phase in our discussion, let’s assume that terrorism is defined as an unlawful use or threatened use of force or violence against people or property to coerce or intimidate businesses, governments or societies. We can now tack on the term “internet” to explore how the definition changes and the impact of those changes on information security. By building the term “internet terrorism”, we are saying that violence and physical harm can be conducted electronically. Now I don’t believe that this is the intent, but in essence layering intent upon intent has now diluted our definition. This causes confusion and forces us to lean upon our beliefs, environment and current situations to form a definition. This does not provide us with any greater capability in tracking or monitoring and just seems to muddy the waters even further.

So how we identify the threat and what can we do to protect ourselves? Internet terrorism is really about two separate uses of the Internet. First, a terrorist can utilize the Internet as a vehicle to cause outages and denial of services with an overarching message to instill fear and to threaten physical harm. From an information security point of view, we can readily understand this first point since we experience this noise today within on our networks. The attacks are targeting our assets to cause electronic pain and fear with our Internet presence. But as we know, attacks that are conducted against our organizations can originate from many diverse groups with for different reasons. Former employees, competitors, or fraudsters can have justifiable reasons in their mind to electronically cause you pain or reputation harm. It becomes apparent that the campaign against Internet terrorism using the Internet in this fashion may stem from known terrorist in the real world who has conducted violent or harmful crimes to invoke fear. The challenge is to know when these seemingly “innocent” attacks actually become terror. Does the act require a certain number of members, a certain political/ideological principle, or a certain funding to be considered terrorism? Can one person be considered a terrorist? These are great questions that need a clear definition to gain the appropriate buy-in and funding within an organization. Since the activity and characteristics are not well defined, the message today will be a hard sell for information security professionals and will get lost in the shuffle of shifting priorities. Likewise, when the terrorist begin to electronically target organizations and prevent services from working, companies today would see the threat as noise since there is nothing that distinguishes them from the rest of the pack. The challenge is determining how to distinguish the noise that is normally experienced from an actual terrorist activity.


Credential manager system used by Cisco, IBM, F5 has been breached

Pearson VUE is part of Pearson, the world's largest learning company. Over 450 credential owners (including IT organizations such as IBM, Adobe, etc.) across the globe use the company's solutions to develop, manage, deliver and grow their testing programs.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Nov 25th