cyber-"terrorism"?

[Peter Sommer]

At 23:47 17/09/2002 +0100, InXx wrote:
>my book on the propoganda surrounding
>digital security, in particular the word 'cyber-terrorism'


One of the main problems is the mobility of the term "terrorism", even 
before we get on to "cyber-terrorism".   Perhaps the question you should 
really ask is:  If you wanted to create an act which caused very 
wide-spread disruption or one which spectacularly drew propaganda-like 
attention to your particular cause,  how do cyber methods compare with 
others, such as using bombs,  aircraft,  chemical and biological 
agents,  suicide bombers, etc?

And, depending on what you wanted to achieve and your precise methodology, 
you would get quite wide range of answers.  For example:
    * an attack on a website, either a defacement or a DoS,  might, if done 
intelligently and wittily,  provide effective propaganda
    * a concerted attack on the world financial infrastructure would have a 
high probability of failure, among other reasons,  because it would take a 
long time to collect the intelligence required to by-pass the diverse 
security mechanisms and  hit all the disaster and stand-by facilities that 
are in place, much of the infrastructure is proprietary and not connected 
to the Internet - and in any event there are very few ideological groups 
that would wish to cope with a world where the financial infrastructure has 
wholly collapsed
For the reasonably rational "terrorist" there has to be matching of: 
ideology, aims, technical capability, resource required to achieve a given 
result,  exposure to risk - and probably several other factors as 
well.    And different terrorist organisations have different world views 
in terms of motivation and willingness to self-sacrifice.

All of which seem to me good reasons to use the phrase "cyber-terrorism" 
rarely and occasionally.




Peter Sommer
hcorn@cix.co.uk; P.M.Sommer@lse.ac.uk
Academic URL: http://csrc.lse.ac.uk//Sommer.htm
Commercial URL: http://www.pmsommer.com