File Copyright Online - File mutual Divorce in Delhi - Online Legal Advice - Lawyers in India

Cyber Terrorism A Threat to Future

The term implies two elements:
cyber and terrorism. Both if these are regarded as the two great fears of the 20th century, both imply fear of the unknown. Fear of random, violent victimization segues well with the distrust and outright fear of computer technology .[i] Cyber terrorism is a term esoteric, complex and difficult to circumscribe within four corners of a definition, which will be universally acceptable. While the word cyber relates to cybernetics, which is our tool of trade, terrorism denotes an act of violence. In 1997, Barry Collins coined the term cyber terrorism, the term has since entered into parlance and is also defined as “attacking sabotage prone targets by computer, which poses disastrous consequences for our incredibly-computer dependent society. [ii] In the form of cyber terrorism the terrorists, find an easy, risk-free, low-cost option.

A more elaborate definition is given by the FBI, which defines cyber terrorism as:

The premeditated, politically motivated attack against information, computer systems, computer programs and data which result in violence against non-combatant targets by sub-national groups and clandestine agents.[iii]”
Thus, cyber terrorism is the politically motivated use of computers by sub-national and clandestine agents to pressurize an audience or to cause a government to alter its orders or policies. For a subversive attack, borders do not have to be crossed, bombs do not have to be smuggled and placed, hostages do not have to be kidnapped and captured and terrorists do not have to surrender their lives. In short, “…tomorrow’s terrorists may be able to do more with a keyboard than with a bomb.[iv]

Cyber Terrorism And Cybercrime

While all cyber terrorism can be termed as cybercrime, all cybercrimes are not cyber terrorism. Cyber terrorism falls in the taxonomy of cybercrimes. Cybercrimes are usually single handed crimes while cyber terrorism is a chain of acts committed by organised terrorist groups. The motive and the objective differentiate the two while the Modus operandi and consequences unite them.
Cyber terrorism denotes international exploitation of information technology while a cybercrime is mostly done on the individual level.
The mind and motive of the cyber terrorist is drastically different from that of a cyber criminal. While the motive of the cyber terrorists is to terrorize nations, to horrify the population as a means to achieve its objectives, a cyber criminal is often committed out of an inquisitiveness to explore or discover the mysterious world of cyberspace.

The objective a cyber terrorist is social, political or ideological. He resorts to the exploitation of information to achieve a goal and pressurise governments or state to revise or change their policies as per the terrorist’s wishes or demands. They target the innocent people. A cyber criminal’s victim is usually like banks, educational institutions etc.

Cyber Terrorism And Hacking

Cyber terrorism is not the same as Hacking. Hacking is the unauthorized access into computer system with the object of manipulating data stored in therein. Thus, hacking is a cyber attack, which can be employed by hackers, by cyber criminals or by cyber terrorists as well. Thus, cyber-attacks by glory-seeking individuals, organizations with criminal motives, government engaging in information warfare, is not cyber terrorism.
Cyber attacks by cyber terrorists primarily having violence and terror as its goal is premeditated, politically motivated CNA by a handful of terrorists who try to leverage limited resources to instill fear and shape public opinion and dramatic attack on computer networks. However, both the hackers and terrorists are common enemy of the mankind, similar in action but disparate in motive. The hackers are specialists in this field, skilled in bytes and masters of the keyboard. They are also accomplished code-writers and sell their skill for money. The hackers work in groups, they often have political motive but mostly they work for profit. Cyber terrorists being fanatics are preoccupied with their ideologies and they are not the people who work 20 hours a day, on the computers. Thus, they are not computer nerds.

Why The Terrorist Organizations Exploit Cyberspace

Cyber attacks offer a number of opportunities for terrorist activities with wide impacts. By the use of cyber attacks, terrorists can inflict great damage to a country than by resorting to physical violence. With customary terrorist activities, like bombings, the impacts get limited to specific physical locations and communities. A great part of the population acts only as spectators and they are not directly affected by terrorist acts. The public attention is more likely to focus on the devastation of property and/or loss of life than whatever “cause” the activity was intended to endorse. The inspiration of the cyber terrorists comes from their political agenda. Their attacks gets motivation from political areas and directed to specific critical system.

Case Study
In March 2000, in Australia, a disgruntled employee (who failed to secure full-time employment) used the Internet to release 1 million liters of raw sewage into the river and coastal waters in Queensland. [v]

In 1998, a terrorist guerrilla organization flooded Sri Lankan embassies with 800 emails a day for a two-week period. The messages simply read “We are the Internet Black Tigers and we’re doing this to interrupt your communications.” Intelligence departments characterized it as the first known attack by terrorists against a country’s computer systems. [vi]

In July 1997, the leader of a Chinese hacker group claimed to have temporarily disabled a Chinese satellite and announced he was forming a new global “cracker” organization to protest and disrupt Western investment in China. [vii]

Internet saboteurs defaced the Home Page of, and stole e-mail from, India’s Bhabha Atomic Research Center in the summer of 1998. The three anonymous saboteurs claimed in an Internet interview to have been protesting recent Indian nuclear blasts.[viii] Cyber terrorism may be used not only to inflict damage, but also in blend with conventional or non conventional terrorism.

Counteraction To Cyber Terrorism
As cyber terrorism is a combination of an urge to cause terror with the help of technology, no single measure can successfully deal with it or combat it. Thus, a multi- thronged counteraction can bring an effective result.

1) Legal Response
The main role in cyber terrorism is played by criminal societies, organized criminal groups and national and transnational criminal organizations. Thus, in cyber legislations of various countries, recognition is given to the criminal liability of the cyber terrorists.
A. US Approach-
After the assaults of 11 September 2001 in New York and Washington, the US Congress passed the new anti-terrorist law- The Patriot Act. The Congress introduced the new legal term ‘cyber terrorism’ which stands for various forms of hacking and causing damage to protected computer networks of citizens, legal entities or governmental authorities, including damage to computer system used by governmental agency to manage national defense or to assure national security. [ix] Another act called the Federal Information Security Management Act, 2002 was enacted which gave responsibility for security standards for civilian federal agency computer systems to the office of Management and Budget.

Again in 2005, the Department of Homeland Security Authorization Act for Fiscal year 2006 was passed which aims at the enhancement of cyber security in the US. The Act of 2005 comes up with several cyber security programs to secure the critical infrastructure of US and Data Acquisition systems towards developing processes for information sharing.

B. UK approach-
The UK lagged behind many of the other major states in introducing computer scientific legislation. The Law Commission of UK suggested reforming the present law of hacking by making possible criminalization of conduct, which is not at present directly covered by criminal law.

The Computer Misuse Act, 1990 in section 1 regards “unauthorized access” as an offence which is the basic “hacking” or “cracking” offence. Article 7 of DPA requires organizations to implement adequate technical measures to protect against unauthorized access to unauthorized data. [x] Thus, hacking when done by organized terrorist groups would be regarded as an offence and would be dealt with under the relevant provisions.

C. Indian approach-
India responded to the misuse of information technology and internet vandalism by passing its cyber act, the IT Act,2000.[xi] It also made amendments in traditional laws like in the Evidence Act, 1872; the Penal Code, 1860: the Bankers’ Books Evidence Act, 1891 so as to update them. The word “cyber terrorism” did not occur in the Act until 2008 when the amendment made important introductions relating to the subject of cyber terrorism.

The IT (Amendment) Act, 2008 (10 of 2009) not only defines the term cyber terrorism but it has many sections in pari material. It is the amalgamation of several sections in the amended Act which. Taken together makes a meaningful law provision to address this dreaded peril.

These are:
# Section 66-F - Punishment for cyber terrorism
# Section 70 – Protected System
# Section 43 – Unauthorized access
# Section 70-A – National Nodal agency
# Section 70-B – Indian Computer Emergency Response Team

Cyber terrorism under IT Act, 2000 (Section 66F)-
1) Whoever,-
(A) with intent to threaten the unity, integrity, security or sovereignty of India or to strike terror in the people or any section of the people by –
(i) denying or cause the denial of access to any person authorised to access computer resource; or
(ii) attempting to penetrate or access a computer resource without authorisation or exceeding authorised access; or
(iii) introducing or causing to introduce any Computer Contaminant.
and by means of such conduct causes or is likely to cause death or injuries to persons or damage to or destruction of property or disrupts or knowing that it is likely to cause damage or disruption of supplies or services essential to the life of the community or adversely affect the critical information infrastructure specified under section 70, or

(B) knowingly or intentionally penetrates or accesses a computer resource without authorisation or exceeding authorised access, and by means of such conduct obtains access to information, data or computer database that is restricted for reasons of the security of the State or foreign relations; or any restricted information, data or computer database, with reasons to believe that such information, data or computer database so obtained may be used to cause or likely to cause injury to the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States, public order, decency or morality, or in relation to contempt of court, defamation or incitement to an offence, or to the advantage of any foreign nation, group of individuals or otherwise, commits the offence of cyber terrorism.

(2) Whoever commits or conspires to commit cyber terrorism shall be punishable with imprisonment which may extend to imprisonment for life.

Section 66F has introduced a new cybercrime in the statute. It says that anyone who has intentionally in order to threaten the unity of the country strikes terror using the electronic means, commits cyber terrorism. To assure safety of the CII, the act lays down several safety measures which would be helpful in preventing cyber terrorism or mitigating its impact. A new section 70-A has been formulated only to secure CII through a national Nodal Agency which is to be established by the Central Government. This agency shall undertake research and development work in respect of CII. The establishment of such agency will be done as per the newly inserted Section 70-B. The Central government shall appoint a government agency called Indian Computer Emergency Response Team as the national agency to look into the cyber security of the country.

2) International Response
There is an international consensus that a hacker should not be allowed to get away only because of legal inadequacies.[xii] Cyber terrorism, being a global menace, it is impossible to combat it without international harmonization of laws on the subject and efforts by international society. Cyber terrorism can be thwarted only when nations come together and make a positive move. Following steps are directed to achieve this end.

A. Commission on crime prevention and criminal justice (CCPC)
A unit of the United Nations made several exercises as to how to prevent and control high technology and computer related crimes. The commission recommends that one way of doing this is to forge closer links between nations so that the cyber criminal is relentlessly pursued across frontiers.

B. United Nations Convention on Transnational Organized Crime
It was adopted by the Central Assembly on 15 November 2000, though not directly applicable to routine computer crimes, is however attracted where organised gangs like that of the cyber terrorists use telecommunication and computer network for their operations.

C. Convention on Cybercrime
The main objective of the convention is to “pursue a common criminal policy aimed at the protection of society at cybercrime, especially by adopting appropriate legislation and fostering international co-operation”. Cooperation at this level is of ofcourse the most powerful way of ensuring a consistent international approach to the problem of cybercrime.

D. International agreements
US and other countries directed initiatives to conclude mutual agreements on judicial support, extradition, investigatory authorities, delimitation and unification of laws so as to facilitate implication of cyber terrorist even when he is a foreigner.

3) Governmental Response
US, having the densest connectivity and convergence, is the easiest target of cyber terrorism. Thus, the governmental response in this country is strongest compared to the other countries.
After II September 2001, the US government reacted towards it in the most effective manner so as to construct a more resilient society of Americans which will strengthen them to fight terrorism of any sort. However, much before that, the government also announced plans to safeguard the critical infrastructure or Supervisory Control and Data Acquisition (SCADA) when they are connected to the Internet to monitor certain industrial processes and also national security of America.[xiii]

4) Technological Response
As cyber terrorism has purely technical modus operandi, mere legal provisions or planning alone would not be sufficient to combat it. When a terrorist group which lacks technical skills need to scan for vulnerabilities and launch a computer based attack, it may gain access through forming a link with hacker criminals or with other terrorist groups. The US government first responded to it by data mining programs such as the former Terrorism Information Awareness Program (TIAP) to uncover these linkages but had to shelve it as the TIA raised grim privacy concerns.

5) Miscellaneous Response
A. Coordination to protect against cyber terrorism-
Coordination between the private sector and government requires mutual information about any information they exchange on computer security.[xiv]
B. Special services-
It is necessary to change approaches to fight terrorism. This formidable task is entrusted to such special services which carry out intelligence and counter-intelligence activities simultaneously.

Conclusion
The threat of cyber attacks are at a continuous rate of growth as the online users are at a constant increase and also with the growth of computer technology. A large amount of investments have been made to prevent terrorist attacks but the developed countries remain highly open to cyber attacks against the computer networks. Law enforcements, policies, practices and necessary measures should continue to develop as the computer technology is also at continuous development. Cyber terrorism is at an alarming stage for the whole international community. The current era of international laws, norms, and definitions not only inadequately addresses cyber-terrorism, it actually intensifies the dangers of the threat by creating a gray area that can be very easily exploited by cyber terrorists. National efforts should be coordinated with international efforts to be successful against cyber terrorism.

End-Notes
[i] Mark M. Pollitt, “Cyberterrorism: Fact or Fancy? FBI Laboratory,
[ii] Dave Pettinari, “Cyberterrorism, information warfare and attacks being launched now and in the future in the heartland of America”, Police Futurists International,
[iii] “Cyber-terrorism: The New Kind of Terrorism”, CCRC (8-4-2004).
[v] R. Lemos, “What are the real risks of cyber terrorism?,” ZDNet, 26 August 2002.
[vi] D. Denning, “Cyber terrorism. Testimony before the Special Oversight Panel on Terrorism,” Committee on Armed Services U.S. House of Representatives, Georgetown University, May 2000. http://www.cs.georgetown.edu/~denning/infosec/cyberterror.html.
[vii] K. Curran, K. Concannon and S. McKeever, “Cyber terrorism attacks cyber warfare and cyber terrorism,” Information Science Reference, 2008, p.1-6.
[viii] K. Curran, K. Concannon and S. McKeever, “Cyber terrorism attacks cyber warfare and cyber terrorism,” Information Science Reference, 2008, p.1-6.
[ix] V. Golubev, “Cyberterrorism: Concept, Terms, Counteraction”.Source: CCRC (31-8-2004).
[x] Source: “Lessons from US cyber law” ComputerWeekly.com
[xi] Act 21 of 2000.
[xii] David R. Johnson, “Due Process and Cyber Jurisdiction”, Cyber Law Institute.
[xiii] S. Venkmatesh, "Control of Cyber Terrorism" in Cyber Terrorism. (Authorspress, New Delhi 2003) 277.
[xiv] John Moteff, “Critical infrastructures: Background, Policy and Implementation” (7-8-2003).

Written by: Roshin Iqbal (Jamia Millia Islamia, BALL.B 4th year) and Syed Moosvi Raza Kazmi (Amity University, B.Com LL.B 2nd year). 

Law Article in India

Ask A Lawyers

You May Like

Legal Question & Answers



Lawyers in India - Search By City

Copyright Filing
Online Copyright Registration


LawArticles

Section 482 CrPc - Quashing Of FIR: Guid...

Titile

The Inherent power under Section 482 in The Code Of Criminal Procedure, 1973 (37th Chapter of th...

How To File For Mutual Divorce In Delhi

Titile

How To File For Mutual Divorce In Delhi Mutual Consent Divorce is the Simplest Way to Obtain a D...

Whether Caveat Application is legally pe...

Titile

Whether in a criminal proceeding a Caveat Application is legally permissible to be filed as pro...

The Factories Act,1948

Titile

There has been rise of large scale factory/ industry in India in the later half of nineteenth ce...

Constitution of India-Freedom of speech ...

Titile

Explain The Right To Freedom of Speech and Expression Under The Article 19 With The Help of Dec...

Copyright: An important element of Intel...

Titile

The Intellectual Property Rights (IPR) has its own economic value when it puts into any market ...

Lawyers Registration
Lawyers Membership - Get Clients Online


File caveat In Supreme Court Instantly