Cyberterror has been on government radars for the last couple of years. Politicians and security experts have publicized the danger and disaster that will follow if cyberterrorists gain access to government and private computer systems: they could cripple the military, financial, and service sectors of our nations. The potential threat is critical and very disturbing. We have become so reliant on computer-based systems, that few would cope without internet banking. Worse, few supply chains would manage having to liaise and organize without automated secure systems. Late last year, the conception of this threat became less theoretical and more real. Articles were published and academics have begun to debate definitional boundaries. How is cyberterrorism different from simple hacking?
There has been no instance of real cyberterrorism. Yet, this morning – be it a distasteful April fool’s joke, or a legitimate risk – newspapers have published articles about the threat to airports, power stations, and hospitals. The Telegraph’s headline reads, “airports and nuclear power stations on terror alert as government officials warn of ‘credible’ cyber threat.”
Nameless terrorist groups have allegedly developed ways of bypassing safety checks: “Intelligence agencies believe that Islamic State of Iraq and the Levant (ISIL) and other terrorist groups have developed ways to plant explosives in laptops and mobile phones that can evade airport security screening methods.” This all comes only weeks after announcements that large electronics with be barred from cabins of flights departing from “dangerous” nations. The announcement of this new threat is a convenient way to put a stop to the public complaints about this decision. It isn’t only the electronic devices we must now fear, but there are fears that computer hackers will bypass nuclear power stations’ security measures, too. British government officials have warned that terrorists, foreign spies, and “hacktivists” are looking to exploit “vulnerabilities.” Mr Norman said, “The Government is fully committed to defending the UK against cyber threats, with a £1.9 billion investment designed to transform this country’s cyber security.” He said the civil nuclear strategy published in February sets out ways to ensure that the civil nuclear sector “can defend against, recover from, and remain resilient to evolving cyber threats.”
The problems of Cyberterror
As mentioned above, there has never been a credible cyberattack. The problems of cyberterror go beyond the obvious. Governments have worked hard to create this idea of the threat with little evidence. For now, we accept it. It is scary and easy to imagine disaster. The fear of cyberterrorism is something that western governments work hard to create through psychological, political, and economic manipulation. It is relatively easy to create this fear; we have a natural fear of random, violent action. Combine this with a distrust of technology, technological advances, and security, and you create a very real spectre – one which individuals can do very little about. The problem is that humans are sceptical of threats without proof – remember the boy who cried wolf? Without tangible evidence of the threat, on one level people fear it, but on another they question its validity and will do little to change their behaviour.
On an intellectual level, the threat of cyberterror is very real. Everyone knows that computer systems aren’t secure. There is no way to create an entirely impenetrable system. Even if there were, human error is not something we can remove. Systems will always be vulnerable. Now there are attacks on infrastructure, but it’s not by terrorists. The most common hackers are teenagers and young adults who enjoy finding holes in what their governments claim are secure platforms. But these holes, while potentially disruptive, will not lead to outright disaster. Nuclear weapons and sensitive military systems are “air-gapped” – they can’t be found on the internet. They are disconnected from the internet itself and from any computer connected to the internet, and are thus safe from outside hackers. There is no way for a terrorist hacker sitting on a computer to gain access and control of the world’s nuclear weapons. There is nothing to fear in this regard. But there are plenty of systems that can disrupt our daily lives that are accessible.
Somewhat paradoxically, the “war on terror” has increased the likelihood of a cyberterror attack. Every action blocking physical access drives more and more terrorists to unconventional weapons. The young, dispossessed, and more computer-savvy generation will pick these unconventional weapons with relative ease. So by fighting terror, we’ve created a system were terror attacks may not kill civilians, but could affect the daily lives of more innocents. If terror is designed to disrupt western governments and their control, death isn’t needed. Create a scenario where the UK, USA, or Australia’s people can no longer rely on banks, can no longer rely on electronic security checks and identity verification, can no longer rely on electronic records at all – and while you won’t destroy the nation, you will set it back a number of years and behoove their governments to focus on domestic rather than international issues.
What can be done?
In truth, not much. Electronic security holes will always exist, and those with time on their hands will eventually find these holes. Security systems are created by people and people can break them. To maintain our current way of life, we can’t disconnect from technology, cloud-based systems, and electronic banking. It leaves something of a dilemma, as the threat has real potential. This dilemma has one solution: instead of fighting the threat, we need to make the threat not exist. Instead of fighting, instead of encouraging those wavering to join organizations because we treat them badly, we have a responsibility to cut off support. The easiest, most bloodless, and perfectly achievable way of doing this is to acknowledge the social problems that exist in the modern world and to stop proving terrorist groups correct. If people are happy and content with their lives, they are infinitely less likely to join a terrorist organisation – and despite what the media and governments would like the public to think, the majority of terrorist attacks are not the result of refugees or infiltration, but are caused by citizens discontent with their way of life. Governments need to stop supporting the status quo. They need to listen to their people, discover what problems exist, and solve these problems. It is only then that recruitment into terrorist organizations will lessen and the created cyber threat will decrease.