As threats multiply globally, new strategies to combat the are beginning to emergeMaryland University has recently published a resource guide on cyber-terrorism that presents a clear and sober presentation on just how pervasive it is around the globe, and how goverments can begin to systematically combat it. Excerpts of this guide are presented below. Access the complete study here.
In May 2021, gasoline supplies to the East Coast of the United States were reduced by 45%, causing cars to line up for blocks to fill their tanks. The cause: a cyberattack on the Colonial Pipeline that carried gas and other fuels to the East Coast from Texas. The attack was traced to the international ransomware group DarkSide, as the Guardian reports.
In June 2021, meat supplies were threatened by a ransomware attack on meat processing factories owned by JBS, a company that supplies more than one-fifth of the beef consumed in the U.S., as explained in the Guardian. JBS, which is headquartered in Brazil, also experienced disruptions to operations in Australia and other countries. This was one of several cyberattacks in 2021 thought to have originated in Russia.
A hacking campaign suspected of being sponsored by China has targeted Microsoft’s Exchange email server for corporations. The New York Times reports that the attackers struck in January 2021 and escalated the attacks weeks later. Security analysts believe that tens of thousands of accounts may have been compromised. Microsoft estimates that 30,000 Exchange customers were likely affected by the data breach, but the company said it did not know how extensive the data leak was.
These examples illustrate the dangers posed by cyber terrorism to governments and organizations around the world. Cyber terrorism and other cyberattacks cost governments, businesses, and individuals more than $1 trillion each year, according to computer security firm McAfee. Cybersecurity Ventures forecasts that the cost of cyber crime of all types will reach $10.5 trillion annually by 2025.
Combating cyber terrorism and cyber crime requires understanding how cyber terrorists act, what motivates them, and how to prevent their attacks. This guide looks at the evolution of cyber terrorism, highlights examples of cyber terrorism and cyberattacks, and offers tips for thwarting cyberattacks.
Major Cyber Terrorism Attacks And Attempts
Attacks on computer networks, data stores, communication systems, or command-and-control systems are committed using a variety of methods and for many different purposes. While many cyber terrorism attacks are widely reported, most cyberattacks and attempts to breach computer networks receive little or no notice.
These are some of the most damaging cyber terrorism attacks and attempts in recent years:
- Information technology firm SolarWinds was the victim of a cyberattack that went undetected for several months, as Business Insider reports. Hackers widely believed to be operating in Russia were able to spy on private companies, including security firm FireEye, and many government agencies. In April 2021, the U.S. government implemented sanctions on Russia as a result of the attack.
- Insurance firm CNA Financial reportedly paid hackers $40 million in March 2021 after being the victim of a ransomware attack that locked the company’s computer networks and stole data, as reported in Bloomberg. The attack did not breach the majority of policyholder data, according to the company.
- IT services firm Kaseya announced in July 2021 that it had been the victim of a cyberattack by the REvil ransomware, as explained on ZDNet. The attack breached the company’s supply chain software, resulting in ransomware attacking between 800 and 1,500 of the small managed service healthcare providers that are among Kaseya’s customers.
- Mobile service provider T-Mobile announced in August 2021 that it was the victim of a cyberattack that compromised the personal information of 13 million customers and an additional 40 million people who had applied for an account with the company, as Fortune reports. The attack marks the fourth time in as many years that T-Mobile has had its customer data hacked: twice in 2020 and once in 2018, when the data of about 2.5 million customers was exposed.
Cyber Terrorism Trgets And Attackers’ Motivation
According to the Annual Threat Assessment of the U.S. Intelligence Community released on April 9, 2021, the greatest cyber threats against U.S. interests are posed by China and Russia. In addition, countries such as Iran continue to harbor and support Hezbollah and other terrorist groups. The cyber capabilities of groups such as ISIS (the Islamic State of Iraq and Syria) and Al Qaeda remain threats despite recent leadership losses, according to the report.
In addition to ICT and physical infrastructure, cyber terrorism attacks target managed service providers and popular business software such as Microsoft Office. The goal of the attacks is to steal information or sabotage the systems they infect. IBM lists the most common targets of cyberattacks:
- Confidential information from U.S. government agencies
- Sensitive personal data
- Access to IT infrastructure
- Financial payment systems
- Trade secrets and other intellectual property
- Email addresses, user IDs, and passwords
- Customer databases and financial data
- Client lists
Security vendor Checkpoint Software identifies four trends in cyberattacks in its midyear 2021 report:
- An increase in attacks on supply chain software: The two most common forms of attack are those designed for well-defined targets looking for holes in their list of suppliers, and those that leverage holes in large distribution networks to use software supply chains to target as many victims as possible.
- Phishing email attacks become more evasive: Social engineering techniques continue to gain in sophistication, finding new ways to bypass email security. The attackers frequently use blackmail to extort money from victims, or they may elude detection by impersonating someone the victim knows.
- More attacks on data stored in the public cloud: As more organizations and individuals take advantage of the low cost and security of public cloud services, cyber terrorists and cybercriminals target these systems in their attacks. A primary source of cloud data breaches is misconfigured cloud environments.
- Attacks on mobile devices: Malware designed to attack computer networks and computer users are being adapted to strike people who use mobile devices. Checkpoint Software notes a 50% increase in the penetration of banking malware in mobile networks between 2018 and 2019. The malware has been found in mobile apps, where it can steal payment data, credentials, and the victim’s funds.
Examples Of Cyber Terrorism
According to IBM, the average cost of a data breach to organizations increased from $3.86 million in 2020 to $4.24 million in 2021. Recent cyber terrorism attacks have been lodged against the Robinhood online trading platform, resulting in the exposure of personal information about its clients, and against the banking industry, which saw a 1,318% increase in ransomware attacks in just one year, as Trend Micro reports.
According to Trend Micro, attacks on business email systems increased by 4% in the first quarter of 2021, and 164 malicious apps related to COVID-19 scams were detected in the period.
These are the most common examples of cyber terrorism currently used by cybercriminals.
Hacktivism is an attack on a computer system by a group with political or social motives. Examples of hacktivism and cyber terrorism include groups such as Anonymous, which promotes what are considered “leftist-libertarian ideals,” and the former LulzSec, which was broken up in 2011 after a series of high-profile attacks (and subsequent arrests), including the infamous attacks on Sony Pictures Entertainment.
Among the methods used by hacktivist groups are web defacement (sometimes referred to as internet graffiti), denial-of-service (DOS) attacks designed to inundate web servers with traffic, and doxxing — exposing the personal information of police officers and others targeted by the attackers for political or social reasons. While many hacktivists attempt to minimize actual damage when calling attention to their cause, others have attempted to incite violence and encourage real-world protests against their targets.
Cyber warfare occurs when states or international organizations perpetrate hostile acts against other states using cyberspace as a battleground. The acts are committed using malware and other technologies to target the computer systems of governments and businesses. Such attacks constitute an act of war because they are acts of aggression by one state against another.
Cyber warfare and cyber terrorism are linked through their common goals: to destabilize enemy states or compromise their physical and/or digital infrastructure. Examples of cyber warfare include the 2010 Stuxnet worm that disabled Iran’s nuclear infrastructure (believed to have been developed by the U.S. with Israeli support), the 2015 breach of the U.S. Office of Personnel Management by China, and Russia’s interference in the 2016 U.S. presidential election.
Effects Of Cyber Warfare On Businesses And Individuals
The impact of cyber terrorism attacks on companies and individuals includes the cost of protecting against increasingly sophisticated attacks. As ransomware becomes more prevalent, companies and individuals are more exposed to the expense of paying ransomware demands and recovering data lost as the result of a ransomware attack.
The World Economic Forum identifies the five greatest cybersecurity challenges facing organizations, governments, and people as cyberattacks increase in number and sophistication:
- Society’s growing dependence on technology makes everyone more vulnerable to attacks on government services, healthcare systems, transportation networks, and communication systems. Solutions become more difficult as national boundaries dissipate and distinctions blur between physical and digital realms.
- Inconsistent and outdated regulations complicate enforcement and help criminals avoid prosecution.
- The growing interdependence of industrial and financial systems makes organizations and individuals more dependent on third parties whose accountability is uncertain.
- The level of expertise in the data security industry can’t keep pace with advances and innovations of cybercriminals. This leaves organizations and individuals reacting to cyberattacks rather than preventing them.
- The likelihood that a cybercriminal will be caught and convicted is estimated to be as low as 0.05% in the U.S., according to figures compiled by Third Way. Cybercrime enforcement needs to be addressed internationally.