Eli Akovi

Connie Douglas
English 2116-091
30 April 2016
Introduction

Cyber terrorism is one of the many major threats that our world continues to face.
Terrorists have found many ways to carry out attacks. In the past, bombs, Kalashnikov AK 47 or
AK 74 weapons, and explosives were some of the main attack methods that terrorists used. The
level of threat that such weapons cause around the globe can be easily imaginable. However,
nowadays, the internet has opened many new ways of attack that terrorists can use. Such attacks
are labeled as cyber terrorism attacks. Cyber terrorism can be defined as, the politically
motivated use of computers and information technology to cause severe disruption or widespread
fear in society [1]. Any terrorist with little knowledge of accessing and tinkering internet
securities can manage to execute dangerous cyber-attacks. The attacks of cyber security are
unique because any attack can be carried out from any location in the world. This gives terrorists
an advantage to specify their targets regardless of their locations.
The purpose of this report is to inform professionals in the field of cyber security about
the advanced threats of cyber terrorism. Many will consider the term cyberterrorism as an act
carried out using bombs or guns or other physical weapons. However, in the past few years,
cyber terrorism has become the main stream of attacks from terrorists. With the help of the
internet, terrorists can cause damage to even the most sophisticated cyber defense systems. I
conclude with several recommendations based on my research.
Information in this report discussing the cyber terrorism threats that our world faces
today was obtained from different sources. All sources discuss the topic from different
perspectives by pointing out the common challenges of cyber terrorism and the many possible
ways to defend such attacks. All of the sources were obtained from University of North Carolina
Database. The research was completed in one month.
Cyberterrorism
Cyberterrorism clearly is an emerging and growing threat. Terrorist groups are
increasingly recruiting computer savvies, and some probably are acquiring the ability to use their
skills to inflict isolated and brief disruptions of US infrastructure. Due to the prevalence of
publicly available hacking tools, many terrorist groups are becoming capable of launching
denial-of-service and nuisance attacks against Internet-connected systems. As terrorists become
more computer savvy, their attacks will continue to increase.
FBI reports that cyber-attacks attributed to terrorist attacks have been mostly limited to
non-sophisticated efforts such as emails and internet sites. In addition, the FBI also reports that
terrorists will continue their investment in cyber-attack by increasingly using the internet as their

main stream to execute their dangerous attacks. Considering the potential harm that could be
caused by cyber-terrorist attacks, the US information infrastructures systems lack the necessary
defense tools to adequately meet the coming challenges. For instance, international financial
systems network could be the target of cyber-attacks, and this can create a fiscal panic in the
public. As a result, that could lead to economic damage [2].
The institutions that could be affected by cyber terrorism are financial institution, nuclear
central, industries and hospitals. We can imagine the impact of the damage if terrorists can use a
computer to change the function of those institutions.
Amongst various online attacks hampering IT security, Denial of Service (DoS) has the
most devastating effects. It has also put tremendous pressure over the security experts lately, in
bringing out effective defense solutions. These attacks could be implemented with a variety of
tools and codes. Since there is not a single solution for DoS, this attack has managed to prevail
on the internet for nearly a decade. Hence, it becomes indispensable for governments agencies
like the FBI to carry out these attacks in small test bed environments in order to understand them
better.
There are several reasons why an attacker would like to cause DoS. It could be a group of
people who would like to bring down a specific webpage or website in order to keep it isolated
from the business. Thus the company might lose all its online transactions and thus end up
failing. Rivalry in business could be one main factor for these attacks. There have also been
incidents where protesters show their dislike for the government with an attack. [ 3].
Companies can prevent DoS by implementing or installing dotDefender. With a
dotDefender web application firewall, companies and internet users can avoid DoS attacks
because dotDefender inspects the http traffic and checks their packets against rules such as to
allow or deny protocol, ports, or IP addresses to stop web applications from being exploited [4].
The number of cyber attacks continues to increase. This has effect on financial and
personal security worldwide. Terrorists can use computers or the internet to attack institutions
after which they are able to delete all proof and method they use to attend their goal.
A possible solution to avoid the cyber-attack in this case is: Cyber/digital Forensics
(which means a process of uncovering and interpreting electronic data for usage in a court law)
and also provide a better education, training and certification. Revising law and better
communication, especially between financial institutions and law enforcement, is necessary.
Controlling terrorist websites and checking variety of activity they can plan through internet.
Websites will be controlled, and information they contain will be analyzed [5].
Malware is also used by terrorists; malware is any computer code that has a malicious
intent. Malware is often used to destroy something on a computer or to steal private information.
Odds are, nearly everyone with a computer has fallen victim to some form of malware in their
time.

To find solutions to this problem, we need to install antimalware on our computers and
especially we need to be careful about what is coming through our emails. All messages or files
that come into our email inbox are not always something we need to click.
Another way terrorists can reach their goal is to send viruses on computers. As the name implies,
viruses make a computer sick. They infect a computer, just like a real virus infects a person,
and then they hide inside the depths of the computer. Viruses replicate themselves, and they
survive by attaching to other programs or files. Though viruses are one of the oldest types of
cyber attacks, they can be some of the craftiest. Their capability has evolved, and they are often
hard to spot and remove from computer.
All computer systems need to be protected by antivirus applications and regular scan on
the computers and network should be scheduled to detect any virus in the system. Also the
antivirus has to be updated regularly [6].
Terrorists use also spyware, which is a form of malware that monitors or spies on its victims. It
usually remains in hiding, but even so, it can log the various activities performed by a user.
Spyware is capable of recording keystrokes, which means that the attackers can view passwords
that the victim enters into the computer. Spyware is also used to steal confidential information.
To prevent spyware, we need to beware of clickable advertisements, and be selective
about what we download on our computer. For companies, a system to filter any download traffic
should be implemented. This is to avoid downloading unwanted files or programs.
Worm are also a kinds of viruses that terrorist can use. Worms replicate themselves many times
to fulfill a nefarious purpose. However, worms differ from viruses in that they do not need to
attach themselves to other files or programs. Worms are capable of surviving all by themselves,
and not only do they replicate on a single computer host, but they can also replicate across an
entire network of computers (Current Cyber). Because of these features, worm is significantly
more dangerous than a virus [7].
To prevent worm, firewall should be run on any system that is not behind a corporate
firewall. This should be done on any computer that connects to the internet if the connection it
uses is a slow dial up connection.
You can prevent worm by doing the following:

Patching your system with updates to fix vulnerabilities. Patching is the act of
downloading updates to the vulnerable operating system or application and
applying the update to the program.
Continually running antivirus software which may detect worms. This is not the
best defense against worms, however, because sometimes the worm can infect the
system before the anti-virus software can detect it [8].

Password Attacks are attacks that are focused on cracking a victims password so that the
terrorist may obtain access to a secured system. A username/password combination is typically

the standard form of authentication on most systems. Though this type of account security is not
necessarily weak by default, a user must follow good password procedures in order to stand a
chance against a password [9].
Provide a good, clear password policy for the users in your organization. Warn them about the
danger of telling their password to other users, writing their password down on paper, or even
storing their password in a file. Configure all computer systems to support mandatory password
policies. Change your passwords at some regular interval. Set a minimum length for passwords
(usually 6-8 characters). Dont use the name of your dog or the name your child as a password
[10].

Conclusion
This report has detailed the most common cyber terrorism attacks that could potentially breach
even the most advanced security defense systems. Threats such as denial-of-service, virus,
password attacks, worm, spyware and threats are offensive tactics used by terrorists to gain
illegal control or access to our digital device. Cyber attacks work towards compromising the
integrity of a digital devices and the information stored in it.
After recognizing the problems, the report also pointed out the possible and best approaches to
prevent such attacks. Despite all the hard work of cyber security professionals, the sophistication
and number of attacks from terrorists will continue to surge [11]. As a result, security
professionals in the field should be cautious at all times to excel in preventing any type of attack.
Recommendation
The report has explained deeply what terrorists are able to do with a computer and internet. Their
goal is not only to attack with physical weapons, but the one more critical that can cause more
and more disaster are attacks on computer network.
The possible solution to avoid the cyberterrorism, especially in our companies is to review policy
and Employee Education: the system will be to implement applications that avoid employees
using internet to access social media.
However, the solution proposed above is not sufficient; companies can plan Penetration Testing
& Vulnerability Scanning on their infrastructures to identify the possible security threats.
Cyberterrorism is more dangerous than as we can imagine. We have to be aware all the time, so
we can take security actions accordingly.

Work cited

4-Best Practices for Preventing DoS/Denial of Service Attacks,

Michael Cretzman and Todd Weeks,Microsoft Corporation
10-Computers & Security, Dr Chris Pounder Volume 22, Issue 3, April 2003, Pages 207-211
Governments act to improve Security.
3-Denial of Service attacks and mitigation techniques, Subramani rao Sridhar rao
5-Harichandran, Vikram S, Computers & Security. Mar 2016, Vol. 57, p1-13. 13p
Cyber/Digital Forensics
6-Homeland Security Presidential Direction-7, Critical
Infrastructure Identification, Prioritization, and Protection.
December 17, 2003
2-International Debates Dec 2011, Vol9 Issue 9, p19-13. 4p, Computer hackers,
Cyber Terrorism,
11-Pardis Moslemzadeh Tehrani, Nazuru Abdul Manap, 13 November 2013
A Relational jurisdiction for Cyber terrorism
9-Passwords-Common Attacks and Possible Solutions
Dancho Danchev, January 7, 2005
1-Ukraine to probe suspected Russian cyber attack on grid
Pavel Polityuk
7-War of Cyber worm: the most destructive attack on the internet
Mark Bowden
8- What are Computer Worms and How Can I protect Myself From Them?
Vic Hargrave