Terrorism Goes Viral

Unfortunately, terrorism is far from a new phenomenon, and it does not seem to be a passing occurrence. The harsh reality is that as humanity progresses forward with scientific research and technological advancement, terrorists also expand on their own techniques and further their military capabilities. Progress has been, and always will be, a double-edged sword, and it is ever vital that the fervor for what the future brings is equally matched with caution for the collateral damage that is paired with it. This is not to say that discoveries should cease to be made, or that new findings be kept under wraps, but that the potential for nefarious applications be addressed. Although this may seem a cynical way to look at the world, possible drawbacks must be taken into account when making change – even if for the better.

Although terrorism has changed rapidly over time, varying in purpose and execution, in recent years there have been paramount shifts that the global community has needed to adapt to. Terrorism in the past was largely based off of ethno-nationalistic sentiment, driven by wartime conviction with identifiable targets and motivations. Today, acts of terror are far more indiscriminate with questionable conviction at their roots. Although this adds a factor of seemingly random variability, one aspect has become far more of a certainty, and it is that these attacks will occur. There is no longer a question of if, but rather when and where, these acts will be carried out. It is an inevitability that must be faced, but that also forces learning to combat terrorism’s very existence.

Despite being left with this burdensome task, the global community has not sat idly by. This change is discernible in the panorama of daily life, through the physical changes that have become regularized in everyday routines. There is far greater security detail in areas that authorities know have the potential to be a future target. Immediately following the 2016 attacks in Brussels, there was “increased police presence and more bag searches at major New York locations, including subways and major areas,” including Grand Central Station, Penn Station, and various other airports and high-traffic areas. That type of proactive reaction demonstrates a learning experience, as a protocol was clearly instituted rather than a desperate scramble to adjust to the situation as it arose.

Backpacks are no longer allowed at many venues, including Montreal’s Bell Centre and the Guggenheim Museum in New York City. Two widely different cities, in two different countries, are instituting the same policies as a response to acts of terror taking place both near and far from their own borders. This is indicative that common denominators and unifying factors have been identified across these atrocities, and have worked their way into how security policies are formed and utilized. Slogans such as “See something, say something,” are also part of this culture of hyper awareness that has been a byproduct of recent events. The subconscious conditioning and training of individuals to pick up on suspicious and alarming activity is yet another piece of evidence that terrorism, more specifically the fight against it, is a learning experience. Clearly, learning is occurring, but the concerning question is whether that process is happening fast enough. This dilemma is most aptly highlighted by the next stage in terror’s evolution: cyber-terrorism.

Cyber-terrorism goes beyond visible warning signs and the ability for citizen initiatives to make a difference. Physical barriers and checkpoints are useless when it comes to a proficient hacker with a malicious agenda. Even more worrisome is the type of data and information that has the potential to be compromised, as entire systems and their contents have been moved online into the digital realm. The level of security may be top-notch, but rarely, if ever, impermeable, especially as techniques become more advanced and hackers more familiar with the obstacles in their way. By being stored in cyberspace, nuclear codes, infrastructure controls, classified correspondence, and an endless supply of other sensitive material are all subject to being obtained and manipulated. This has horrific implications for not only national security and international relations, but also for institutions such as hospitals, financial hubs, and media powerhouses.

The ransom-ware attack on the National Health Service (N.H.S) in May 2017 is just one example of the breadth and depth that these attacks can have. The N.H.S is the public healthcare system for the entirety of England, Wales, and Scotland, and through the use of ransom-ware, hackers were able to render its computer system inoperable, preventing medical staff from obtaining records and having access to their own information. To compound the issue, if a ransom was not paid by bitcoin, the perpetrators stated they would destroy the information all together. This is indicative of just how widespread a cyber-attack can be, and just how debilitating it can be to basic societal functioning. Previously, and in this case, ransom-ware has been utilized by hackers largely to make a profit. However, an even more recent incident revealed a problematic shift in the purpose of such attacks.

In Ukraine, a cyber-bomb that had been hidden in the tax preparation software of unknowing accountant Roman N. Klimenko went off, proceeding to obliterate his financial information. Before, this is typically where the damage would have stopped, but instead it spread into crucial governmental systems. Andrew E. Kramer of the New York Times said, “…In Ukraine’s case, a more sinister motive —paralysis of the country’s vital computer systems — may have been at work.” This was not an attack for money, as “it was only masked as an effort to extort money from computer users, with the real goal economic disruption,” stated Ukrainian state adviser Anton Gerashenko. This transforms the act from cyber profiteering into an act of terrorism, with the potential for both material and immaterial damage. 

Even if treated as isolated incidents, both waves of cyber attacks are troubling. However, the fact of the matter is that recent hacks are indeed connected, and the unifying factor is the most problematic detail of the entire situation; the cyber weapons used against Britain and Ukraine were stolen from the National Security Administration (N.S.A) by hackers to begin with. Nicole Perlroth and David E. Sanger explored this connection and indicated that, “Now there is a growing concern that United States intelligence agencies have rushed to create digital weapons that they cannot keep safe from adversaries or disable once they fall into the wrong hands.” In a relatively short amount of time, cyber weapons developed in the United States were used against their own partners’ governmental systems, yet the US has had no intention to take responsibility, let alone have a solution to the issue. This is not the first time the US has been caught off guard, as is exemplified by Russian interference in the 2016 Presidential election of Donald Trump. A great deal has been learned about terrorists and how they operate, dictating policy, protocol, and precautionary measures; However, the sporadic behaviour of governments and corporations in the advent of cyber warfare shows that this is not something experts were prepared for.  

There are gradual adaptations being made, which are important first steps that should not be undervalued. Many companies and organizations have created the entirely new position of Chief Information Security Officer (C.I.S.O) in addition to the Chief Information Officer (C.I.O) they already have. The increased creation and hiring for a position solely dedicated to cyber-security shows just how high of a priority it has become. Although C.I.Os have extensive technological and systematic knowledge, they have far too much to manage to be able to give security the focus it needs. This is a direct result of the events such as those mentioned previously, as well as others like them. Learning is taking place, but it still remains that many companies do not yet see the need for a C.I.S.O, indicating that there is still a great deal of learning left to be done.

Other measures taken have less to do with personnel, and more to do with the design of computer systems themselves. One popular method used, especially when it comes to classified content, is air-gapping computers from the network itself, so that they cannot be accessed by remote hackers. In order to move the data between devices it must be loaded on to a physical intermediary, such as a flash drive, and manually moved by personnel. This type of set-up has not only been utilized by governments to guard information, but also in aviation systems to isolate aircraft controls, financial systems to protect the stock exchange from manipulation, and nuclear power plants to isolate facility controls from external influence.

The realization must be made that adjustments such as the creation of a C.I.S.O and utilization of air gap networking, albeit helpful, are clearly not enough to remedy the issue. They are merely one part of a greater change that needs to take place; a change that must occur, and continue to occur, before the damage done is irreversible. When it was first developed, air gapping was thought to be impossible to hack, but time has shown that is not the case. In 2009, Iran found that centrifuges used in the process of enriching uranium gas were failing at an alarming rate. It was discovered that they were the victim of Stuxnet, which is representative of an entirely new breed of digital weapon. Unlike the viruses or worms before it, Stuxnet is not just for infiltration or theft, but for physical destruction of the targeted system itself. Stuxnet also has been used to bypass air gap security, as it has been designed to spread by utilizing infected flash drives.

Attackers can first target computers of external companies that are in some way connected to their primary target’s computers, aiming “to make each ‘patient zero’ an unwitting carrier who will help spread and transport the weapon on flash drives into the protected facility…”. The speed at which a seemingly fool-proof security method has been invalidated shows just how vital it is to not only learn and react, but continually adapt and never be comfortable. By the time a breach happens, it may be too late to do anything about it. Cyber terror will only become even more popular as the war on terror continues to rage on. Increased security detail and measures taken will force terrorists to find other avenues to inflict damage, and this is one way they can do so. Hopefully, the hacks of today are acknowledged for the threat that they pose and come to influence the very movement against them.