Cyber Terrorism

 by Rise to Peace

Cyberterrorism in Europe Has a Clear Target, but the Motives are a Mystery

Tehrani’s description of terrorism is defined using Black Law’s dictionary and cites “the use or threat of violence to intimidate or cause panic, especially as a means of affecting political conduct”. Tehrani argues that while an all-describing definition for terrorism has proven difficult to agree on, one common aspect of terrorism is apparent. This includes that acts of terrorism are conducted to cause fear and coerce the ‘enemy’ for the pursuit of a political, ideological, or religious goal.

Recent ransomware attacks in Europe

The application of this type of terrorism to the cyberspace has become a predominant topic of concern in the twenty-first century. The European tendency to digitize infrastructure with the benefit of it being more efficient and accessible has made it equally susceptible to ransomware attacks.

The WannaCry ransomware attack on the UK’s National Health Service in 2017 and the 2021 attack on Ireland’s Health Service Executive are examples of terrorism targeting vital institutions. Additionally, Finland witnessed a ransomware attack on a private company named Vastaamo. The company runs 25 therapy centers in Finland. The transcripts of these therapy sessions had been hacked. Consequently, clients were reportedly threatened to pay $200 dollars in bitcoin to deter their therapy sessions from being leaked. The director of Finland’s National Bureau of Investigation, Robin Lardot, estimates the number of victims to be in the tens of thousands.

Upon an internal inquiry, it was believed that the actual theft may have happened two years prior, in 2018. Despite the victims’ best efforts to adhere to advice set out by ministers and not engage with the threats, confidential notes of therapy sessions for 2000 patients had been discovered on the dark web.

Implications

The WannaCry, Vastaamo, and Health Service Executive attacks depict a grim reality of the most confidential aspects of people’s lives being leaked to the public. The implications are widespread and infringe upon multiple aspects of both personal lives and the functioning of society. The healthcare service attacks resulted in limited access to health services, often involving postponed treatment or even cancellation thereof. England’s NHS saw the cancellation of 19,000 appointments following the WannaCry hacks and cost the health service 92 million pounds. An added reason for concern is in the case hackers have access to the live documents of patients, information on the patients could be altered to result in large-scale misdiagnosis of patients.

In the case of the Irish ransomware attack, a statement made by the HSE declared that a small amount of data had landed on the dark web, much like Vastaamo hack. The curious turn of events happened when the hackers who committed the ransomware attack against HSE Ireland provided the software tool to reverse the hack. Despite this, it took a lot of work to rebuild the system. This clearly depicted how irreversible and deeply damaging a ransomware attack is, especially when data had already been leaked to the public via the internet. Here, nothing can be completely deleted. The truly harmful nature becomes especially noticeable when considering that the attack happened on May 14th, and July’s HSE statement included the warning that it was still being dealt with. This hits especially hard given the COVID-19 pandemic that not only involves more demand for the healthcare system but has also pushed back many vital treatments for those awaiting diagnosis/treatments for other illnesses even further than they already were.

How are ransomware attacks cyberterrorism?

Since ransomware attacks are committed anonymously, it’s impossible for spectators to know with certainty what the motive behind the attacks is, making it all the more difficult to label it as an act of terrorism. That being said, the commonalities in recent ransomware attacks seem quite clear. In Europe especially, health care services and companies are being hacked, and the patients are threatened.

The ransomware attacks definitely share the characteristic of terrorism which proscribes the use of violence to instill fear and coercion against ‘the enemy.’ This furthermore involves the targeting of innocent civilians. The withholding of a health service, especially during a pandemic, might be considered an act of indirect, albeit harmful, violence. What remains unclear, is the perpetrator’s motives, whether they were ideologically or financially motivated. The targeting of civilians, which included demanding ransom from minors, as well as the intentional destabilization of an infrastructure a country and civilians depend on, may be a message in itself which could constitute a new type of terrorism – requiring a new or separate definition. In this case, it may not be the motive, but the target that sets the tone for terrorism.

Conclusion

Moving forward, an increase in cyberterrorism is to be expected. This will become especially pronounced as more companies and institutions make plans to work remotely even post-pandemic lockdowns. For this reason, it is crucial for governments to clearly define cybercrime and cyberterrorism that can be utilized in prosecution.

Additionally, European governments should work towards protecting vulnerable adults and minors who are at risk of becoming victims of cyberterrorism. It must remain a high priority to get students vaccinated and back into educational facilities with safety measures implemented on site. If not possible, institutions are urged to use effective encryption for any data that is handled online.

The Vastaamo attack may have been preventable if the data had been encrypted properly. The continuation of online learning could open doors for cyber-terrorists to gain access to a wide range of new material for ransom threats.

in Europe / Rise to Peace blog 0 comments
 by Carola Angelino

19th Edition of the World Summit on Counter Terrorism in Israel

The 19th edition of the World Summit on Counter-Terrorism was held from 9th to 12th September 2019 in Herzliya, a small maritime city just north of Tel Aviv, Israel.

I had the pleasure to live this unique opportunity, which gathers distinguished professionals working in the field of counter-terrorism under one roof, to facilitate the chance to exchange views and ideas on this very pertinent topic. The first two days of the Counter-Terrorism Summit are reserved for plenary sessions where members of the academia and policymakers set the scene for the Summit and illustrate how the issue is being dealt around the world.

During the 19th edition of the Summit, among the variety of aspects discussed, the growing issue of cyber terrorism, one which has become of very high concern in current times for many Western governments such as the United States, especially in terms of online radicalization.

In today’s times, many terrorist recruiters have moved to social media platforms (exactly the ones we use daily e.g. Telegram or Twitter) to target vulnerable subjects and attract them to join extremist organizations such as the Islamic State of Iraq and Levant (ISIL). For this reason, platforms such as Facebook have recruited over three hundred people to ensure that terrorist content of all kind does not appear on their platforms.

On the second day, the most remarkable and touching event took place as part of the Memorial for the victims of the 9/11 attacks. American Congressmen, Military Personnel and Secretaries of States and all the attendees joined in a minute of silence for the victims followed by both the American and Israeli anthems.  This was an emotional moment where everybody put aside their personal identities to join a unique battle, winning over terrorism worldwide.

The third day marked the start of multiple workshops at the Interdisciplinary Center (IDC), Herzliya. Here, numerous topics related to various aspects of terrorism and counter-terrorism were discussed and recommendations were put forth by professionals, research fellows and members of the academia on ways to deal with this worldwide security threat.

Radicalization is among the most compelling issues, stressing the need for more policies able to detect subjects undertaking processes of radicalization. During the workshops, there was a repeated assertion regarding the need to control websites and social media platforms to identify extremist content and push it away from the access of youngsters and vulnerable subjects, a way of countering radicalization by denying terrorist the platform to access their audience.

The last day saw an interesting session on returning foreign terrorist fighters, an issue that demands more focus than it currently gets. However, it should not surprise how this phenomenon involves a variety of different aspects: from fueling the risks of radicalization to questions related to their integration in the society, but the most critical concern in this entire scheme of things is regarding children and women as foreign terrorist fighters often return with their families.

During the discussion, it was highlighted that besides the traumatic experience lived by the children, significant attention needs to be given to the role women have begun adopting over the past few years

During the discussion, it was highlighted that besides the traumatic experience lived by the children, significant attention needs to be given to the role women have begun adopting over the past few years. In this regard, Miss Devorah Margolin provided a thorough explanation on how the role of women has shifted from “staying at home” as wives of the fighters to “fighting on the field”, thus falling into the radar of many extremist organizations. Under these circumstances, it is crucial to remember that women have always been seen part of any conflict, though this role was previously limited to the domestic environment, with women being mothers and wives of the soldiers, but also nurses taking care of the casualties in a conflict.

The closing keynote address of the Summit highlighted on how the Islamic State might have been defeated geographically, but the challenge now is to remove its remaining signs around the world, as remnants of the group are still operating in the Middle East and some other parts of the world.

Finally, the Summit drew the attention to other emerging extremist organizations that are expanding their activities and gaining power in Africa and Lebanon, including Hezbollah and Boko Haram.

The stunning memento of this Summit is definitely the presence of a large number of people from different backgrounds, who gathered together with a sole goal of winning the global fight against terrorism.

Everybody can do something about terrorism, even a single word can help millions of people and we shall not forget this.

Not only is the Summit an opportunity to keep updated on counter-terrorism measures being applied around the world, but also the presence of students, professionals, policymakers or retired fellows suggests that counter-terrorism is not only a job but a mission to share among countries and regions of the world.

Everybody can do something about terrorism, even a single word can help millions of people and we shall not forget this.

in MENA / Rise to Peace blog / women-in-extremism 0 comments
 by Caleb Septoff

Terror’s New Form

Source: The East African (2014)

Author: Caleb Septoff

Perhaps one of the greatest scientific achievements in human history is the invention of the internet, which landmarked the beginning of the digital age in the modern era. Its uses span multiple fields and in large part is responsible for the high levels of rapid globalization we have become accustomed to today. Although it has improved humanity in many facets, it has also led to the increase in the susceptibility of nations’ and individuals to cyber-attacks. The internet has evolved over the last decade with the inception of social media and cyber currency, but with this evolution comes a new wave of terrorism in the form of cyber-attacks, propaganda, hacking, and online recruitment. The threat has grown substantially – enough for even university institutions, namely New York University (NYU), to offer cyber security majors and courses solely to deter these types of attacks.

Before venturing into the subject of digital terrorism, it is important to explore something less widely known to the average internet user; this being the deep web and dark net. The internet is composed of two main points of access; the surface web and the dark web. The surface web is most common to everyday users and comprises mainly of search engines, like Google and Bing, and the information found is unrestricted. Comparatively, the deep web differs mainly in size, estimated at four to five hundred times bigger than the surface web, accounting for 90% of the internet. In comparison to the surface web, the wealth of information stored on the deep web is gigantic. Most of the deep web is restricted by applications, which grant access to databases or password protected sites. Anything from social media, such as Facebook or Instagram, to online banking are considered part of the deep web. In addition to its size, the dark web differs  in its accessibility. Despite popular beliefs, the deep web and dark net are not synonymous. Rather, the dark net exists hidden below the surface web. The dark net is almost entirely unregulated and is even harder to access than the deep web. To date, the dark net hosts an unknown number of websites, but the content ranges from people sending messages who wish to maintain anonymity to underground drug dealing, sex trafficking, weapons dealing, and the focus of this article, terrorists and extremists’ sites.

The Islamic State of Iraq and the Levant (ISIL) or Daesh, was the first terrorist organization to truly maximize their outreach using the internet. When Abu Bakar al-Baghdadi declared the caliphate, a wave of propaganda and recruitment media took social media by storm. While destructive, authorities and the companies themselves were able to mitigate much of the content since it took place on the more accessible surface web. However, the organization consistently found new ways to respond to authorities’ crackdowns. First, they began attracting people through social media and other corners of the surface web and then slowly moved them towards more difficult protected places like domains and chat rooms on the dark net. In addition, the use of messaging applications that offered heavy encryption, like Telegram, were core ways for them to communicate. The use of these cyber tools aided in attracting over 20,000 foreign fighters from more than 10 different countries to flock to Syria to fight on ISIL’s behalf, and even more followers aided the organization from remote positions around the globe. In early 2018, New York Times’ reporter, Rukimini Callimachi, released a podcast by the name of “Caliphate.” The podcast goes into detail about one Canadian man’s experience of being recruited through multiple steps, starting on social media and eventually moving into private chat rooms. Callimachi’s reporting highlights how effective ISIL’s extensive reach was, not only technologically, but by simply creating effective connections with people, especially the youth.

Thus far, terrorists’ groups have not been able to do much more than the defacement of webpages and execution of minor cases of hacking. For example, a series of attacks in 2015, all claiming ties to Daesh, were executed in various countries. Most notably, a self-titled group called Cyber Caliphate managed to hack Malaysia Airlines’ main website, deface the French TV5 broadcast station, and hack the US military Central Command’s YouTube and Twitter accounts. Technology is continuously growing and it gets more sophisticated every year. As greater attention turns to digital recruitment and terrorism, these “small” attacks will grow larger in scope and harm. The possibility of cutting electric to hospitals or inciting mass riots through the spread of false media is very real and dangerous. The need to find adequate responses to the rising dangers of cyber terrorism is crucial to the future of counter terrorism. Perhaps most conspicuously, the important question becomes how to best be proactive in thwarting attacks and rather than simply being reactive.

The international community has a plethora of different third-party watch dogs when it comes to war and terrorism, whether they come in the form of global entities like the United Nations (UN) or International Non-Profit Organizations (INGO). In addition, a multitude of international treaties and agreements exist to set standards for war and outline what is not acceptable. The Geneva Convention, one of the most important and widely known, is comprised of four treaties and three protocols that establish standards for humanitarian rights and treatment during times of war. Yet, something these organizations don’t cover adequately is how to respond to cyber warfare and digital terrorism. One of the greatest challenges in dealing with these online threats is attribution, or ascribing blame to those who have committed the crime and proving it. According to a RAND Corporation video on the subject, they identify three main types of attribution: political (dealing with diplomatic knowledge and political actors’ objectives), technical (IP addresses, log file analysis, etc.), and clandestine (classified information and political insights).

Categorizing makes it easier to decide how to interpret the crime and, thus, how to assign punishment. However, it is not simple to prove digital crimes without access to data that, for the most part, is private, anonymous and not easily tracked. Citizens’ right to privacy and the level of privacy that is entitled has become a topic of high contention in the debate for higher cyber security. Although these are difficult issues to deal with, the international community needs to step up and begin to take action before cyber warfare reaches a level with much higher stakes. Like the UN, there needs to be a large international organization that can specialize in cyber security and cyber terrorism. It would require the nonexistence of any political affiliation to be effective and act on behalf of any country that requires its services to increase its credibility. Perhaps, most important, would be its role in providing international laws on cyber warfare and attacks to clearly and concisely build a foundation or framework for security agencies to work from. It would also be responsible for developing the mechanisms for freedom of expression and privacy; although this would most likely fall to the specific countries rather than the independent watch dog organization.

Social media platforms have done relatively well at combing through their users and content to locate possible terrorist activities, but this is not enough. Further action needs to be taken regarding regulation. Systems need to be devised to adequately monitor both the surface web content and the deep and dark web to locate, deter and respond to these threats before they can implement harm to critical infrastructures, governments, businesses, and even the psyches of viewers. Creating measures to regulate data and prevent data mining for terrorist activities is crucial to preventing the attacks in the future. There is no easy answer to the rising threat of cyber terrorism and warfare, but it’s imperative that solutions and international cooperation begins sooner than later.

in MENA / Rise to Peace blog 0 comments