I was recently asked to give a presentation on the relationship of cyber-crime to cyber-warfare and cyber-terrorism.
This got me thinking about the fact that none of our existing categories may adequately describe the dark side of the net. There are terrorists using the net and many governments, including the US have developed an extensive cyber-warfare capability. But even if these activities fall far short of the 'lone hacker brings down civilization' scenario they should give us at least as much cause for concern, if not more.
During the dotCom boom most observers were confidently predicting that e-tail would effectively replace traditional 'bricks and mortar' stores. A few years later the same pundits had discovered that the 'clicks and mortar' model 0- using the Web to supplement conventional retail was the winning formula for most. similarly, the cyberwarfare capabilities being developed by the major powers (US, China, Russia) appear to be mostly directed at establishing a sabotage capability that might be used in conjunction with a conventional attack as a force multiplier. this is not a new strategy, the Allied D-Day landings in Normandy were greatly assisted by the sabotage campaign waged by the Free French in advance of the attack.
The major powers have avoided coming into direct conflict for the sixty years since World War II. The addition of cyber-warfare does not significantly add to their offensive capabilities. There is however a major difference: deniability. The major powers engaged in proxy warfare throughout much of the cold war. Some (but not all) of the terrorist movements active in the 1970s received training, weapons and funds from state sponsors. Supporting terrorists (or freedom fighters) was considered to provide a deniable means of engaging in low-intensity warfare.
One cyber-security risk is that cyber-warfare will become the new means of conducting deniable, low intensity warfare. But another equally grave risk is that independent groups that are not state sponsored will perform attacks that lead to an escalation in international tensions at a time when the diplomats are busy attempting to reduce them, causing an avoidable diplomatic crisis to result in a war.
A third risk is that a cyber-attack might be launched with the objective of provoking a response against an opponent. This is not a theoretical possibility. The neo-fascist group Nuclei Armati Rivoluzionari is believed to have perpetrated the Bologna Railway Station Massacre in 1980 in an attempt to provoke an authoritarian response by the state. 85 people were murdered and 200 wounded.
Similarly, every significant terrorist group is using the Web to distribute propaganda and in most cases to raise funds from supporters. It is the ability to raise cash through the net that is the biggest cause for concern here. The terrorist organizations that have had the biggest impact are the ones that have secured access to the largest supply of funds. The Baader-Meinhof gang was just another ultra-left communist faction until it began robbing banks. The decline of the Baader-Meinhof gang began when the West German government cut off the supply of funds by ordering banks to significantly reduce the amount of cash that they keep on hand at branches. Similarly the conflict in Northern Ireland came to an end and the separatist movement in Sri Lanka significantly reduced the scope of its activities after the flow of funds from North America dried up in the wake of the September 11 attack.
Just as cyber-warfare merges into cyber-terrorism, cyber-terrorism merges into cyber-crime. In . Until September 11th a bar near my house used to hold monthly fund raisers for a terrorist front organization. Today the front organizations are under close scrutiny and must disguise the flow of funds. addition Cyber-crime provides a ready-built infrastructure for handling terrorist contributions and the terrorists can turn to theft if their supporters are insufficiently generous.
Until the rise of cyber-crime, the ability to present a serious cyber-warfare threat was limited to a very small number of countries. Besides the major powers only Britain and France were thought likely to have established a major offensive capability. Israel had the capability to establish a capability, but no likely opponent that had developed a critical dependence on Internet infrastructure. Today, any state that wants to acquire a cyberwarfare capability can do so easily enough by recruiting cyber-criminals as mercenaries. Any technical capability a state might require is available for a price.
The triangle is thus complete. cyber-warfare, cyber-terrorism and cyber-crime are all interconnected and all represent a serious threat to national security.
