Cyberterrorism, as per Merriam Webster dictionary involvesterrorist activities intended to damage or disrupt vital computer systems. Defining terrorism, however, is indeed a complex task, as it involves various perspectives, interpretations, and contexts. Many international organizations, governments, and scholars have attempted to define terrorism, but there is no universally accepted definition.The Federal Bureau of Investigation (FBI) defines “cyber terrorism” as “premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by subnational groups or clandestine agents”.An attack on an internet based business entity for economic gains rather than ideological motivations, for instance, can be treated as cybercrime, not cyberterrorism.As per Indian law, the term cyberterrorism has wider connotation and ramifications. The Information Technology Act, 2000 provides for punishment to cyber-terrorist, whoever, –
(A) With intent to threaten the unity, integrity, security or sovereignty of India or to strike terror in the people or any section of the people by– denying or cause the denial of access to any person authorised to access computer resource; or attempting to penetrate or access a computer resource without authorisation or exceeding authorised access; or introducing or causing to introduce any computer contaminant, and by means of such conduct causes or is likely to cause death or injuries to persons or damage to or destruction of property or disrupts or knowing that it is likely to cause damage or disruption of supplies or services essential to the life of the community or adversely affect the critical information infrastructure specified under section 70; or
(B) knowingly or intentionally penetrates or accesses a computer resource without authorisation or exceeding authorised access, and by means of such conduct obtains access to information, data or computer data base that is restricted for reasons of the security of the State or foreign relations; or any restricted information, data or computer data base, with reasons to believe that such information, data or computer data base so obtained may be used to cause or likely to cause injury to the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States, public order, decency or morality, or in relation to contempt of court, defamation or incitement to an offence, or to the advantage of any foreign nation, group of individuals or otherwise, commits the offence of cyber terrorism. Whoever commits or conspires to commit cyber terrorism shall be punishable with imprisonment which may extend to imprisonment for life.
Evidently, cyberterrorism is a complex and evolving concept world over. The intent (mens rea) of the offender is an important criteria for a criminal act (actus reus) to qualify as ‘cyberterrorism’. However, some common modus operandi adopted by cyber-terrorists includes:
Distributed Denial of Service (DDoS) Attacks
In DDoS attacks, attackers use multiple compromised computers to flood a target system or network with an overwhelming volume of traffic, causing it to become unavailable to legitimate users. These attacks can disrupt critical services, such as government websites or financial systems, leading to panic and economic losses.
Malware and Ransomware
Cyberterrorists can develop or deploy malicious software (malware) to infiltrate computer systems and networks, leading to data theft, destruction, or unauthorized access. Ransomware is a specific type of malware that encrypts victims’ data and demands a ransom for decryption, causing financial losses and potentially affecting critical infrastructure.
Hacking and Data Breaches
Cyberterrorists may breach the security of government agencies, businesses, or organizations to steal sensitive data, intellectual property, or classified information. The release or manipulation of this data can lead to reputational damage, economic harm, or destabilization of societies.
Social Engineering
Social engineering techniques involve manipulating individuals or groups to gain unauthorized access to systems or divulge sensitive information. Cyberterrorists may use phishing emails, impersonation, or other tactics to deceive users into revealing valuable data or login credentials.
Propaganda and Psychological Warfare
Cyberterrorists can use social media, websites, and other online platforms to spread propaganda, incite fear, and influence public opinion. Psychological manipulation through disinformation and misinformation campaigns can destabilize societies and create panic.
Insider Threats
Cyberterrorism can also involve individuals or employees within an organization who misuse their access privileges to cause harm, disrupt operations, or leak sensitive information.
Cyber-Physical Attacks
These attacks target critical infrastructure systems, such as power grids, transportation networks, or water supply systems, by exploiting vulnerabilities in their digital components. The consequences can be severe, leading to widespread disruption and potentially endangering human lives.
National Investigation Agency, India’s premier anti-terror investigation agency, has been mandate in 2019 to investigate cyberterrorism offences. There are reports to indicate that NIA is establishing a specialised unit for the investigation of cyber-terror offences. India has witnessed a spurt in the number of cyber-attacks in recent years. Indusface, a leading cybersecurity firm, has in its report revealed that more than 1000 million cyber-attacks were blocked during the first quarter (Q1) of the calendar year 2023, globally, of which 50% of the websites were in India. The report further highlighteda sharp rise in the intensity and frequency of Distributed Denial of Service (DDoS) Attacks and bot attacks. The banking and healthcare industries were the most hit with bot attacks. Another cybersecurity firm CheckPoint Research has also in its study found similar trends. India, as per CheckPoint, has witnessed an increase by 18% in weekly cyberattacks during the same time period, as against an increase of 7% globally, averaging 1,248 attacks per week.
Cyber-experts opine that not only, the state owned critical infrastructures have been targeted, but the private sectors have also been equally been attacked. India is a fast developing country with a thriving IT industry. A jointed public-private approach is vital to counter the emerging cyberthreats. On July 4, 2023, the Parliamentary Standing Committee on Finance held a detailed discussion withsenior executives of private sector giants like Paytm,Apple, Google, Flipkart, Yes Bank, Punjab National Bank, Bank of India, and the Indian Computer Emergency Response Team (CERT) and examined ‘Cybersecurity and rising incidence of cyber/white collar crimes’ in India.
The Indian Home Ministry is planning to organise later this month a two day “G20 Conference on Crime and Security in the Age of Non Fungible Tokens (NFTs), Artificial Intelligence (AI) and Metaverse”in partnership with the Central Bureau of Investigationand other agencies. Apart from delegates from the G20 countries, guests from the invitee nations and international bodies, experts from the legal fraternity, academia, training institutions, financial intermediaries, fintech, social media intermediaries, information and communication technology, cyber forensics, regulators, startups, over the top (OTT) service providers, e-commerce companies and others will also participate in the conference.
It is crucial to note that cyberterrorism is a relatively more lethal form of cybercrime, requiring significant resources, technical expertise, and ideological motivations. Most cyber threats may be criminal in nature, aiming for financial gain, data theft, or disruption, rather than pursuing ideological goals. However, the potential consequences of cyberterrorism make it a significant concern for national security and global stability.
It is paramount to adopt some potent strategies and measures to counter cyberterrorism effectively. First, there is a need to enhance the security posture of critical infrastructure, government agencies, and private sector organizations by implementing robust firewalls, encryption, multi-factor authentication, intrusion detection systems, and regular security updates.Secondly, there is a need to foster collaboration between governments and private companies to share threat intelligence, best practices, and resources. Public-private partnerships can lead to a more coordinated response to cyber threats and enable faster information sharing.Thirdly, since cyberterrorism is a global issue that requires international collaboration.
Governments should engage in information sharing, joint exercises, and capacity-building initiatives to respond to cyber threats more effectively.Fourthly, government needs to enact and enforce strong cybersecurity laws and regulations that address cyber terrorism and cybercrime. Laws should cover areas such as data protection, information sharing, incident reporting, and prosecution of cyber criminals. Fifthly, both government and private sector needs to invest in advanced cyber intelligence capabilities to identify and pre-empt cyber threats before they materialize. This involves monitoring and analysing online activities, including dark web forums and social media platforms, to detect potential threats. Sixthly, there is a need to educate individuals and organizations about cybersecurity best practices, including safe online behaviour, recognizing phishing attempts, and protecting sensitive information. An informed and vigilant populace can act as the first line of defence against cyber threats. Seventhly, conducting regular cyber exercises and simulations to test the preparedness and response capabilities of various entities in the face of cyber-attacks can help countering a cyberattack effectively. These drills can identify weaknesses and gaps in the response plan and facilitate improvements.
Eighthly, there is a need to encourage ethical hackers and security researchers to report identified vulnerabilities to organizations promptly. Establishing channels for responsible disclosure can help patch vulnerabilities before they are exploited for malicious purposes. Ninthly, government and private firms need to establish dedicated cyber incident response teams to handle and mitigate cyber-attacks effectively. These teams should have well-defined roles, protocols, and communication channels.Tenthly,all stakeholders should encourage the development of innovative cybersecurity technologies and solutions to stay ahead of evolving cyber threats. Invest in research and development to create more robust defence mechanisms. Eleventhly, there is a need topay close attention to online platforms to detect and combat cyber terrorists’ propaganda, recruitment efforts, and dissemination of harmful information.
Countering cyberterrorism requires a comprehensive and multi-faceted approach that involves various stakeholders, including governments, private sector organizations, international agencies, and individuals. It is crucial for all stakeholders to collaborate and coordinate their efforts to ensure a more secure cyberspace for everyone.
(The Author is a student at JPIS, Jaipur. He can be followed on twitter @arssh_kumar)
