Cyber Nexus: Crime+Terrorism

The intersection between cyber-crime and organized crime has received attention for several years. As the financial returns available from cyber-crime have simultaneously increased in potential and visibility, the cyber-criminals have become more organized and more closely linked to conventional organized crime. Organized crime in various forms has discovered the usefulness of encryption and steganography for confidential communications, how to perform real money laundering in virtual environments that is difficult to trace, and that extortion and blackmail have a bright future in cyberspace.

The kind of computer “hacking” that is considered cyber-crime is essentially a form of asymetric warfare. It is a conflict between large, established, legitimate groups with tremendous resources and an overwhelming advantage in “weapons” and small, shadowy, surreptitious groups or even individuals with few resources and “weapons” that are often home built. The “weaker” of these two groups is forced to adapt tactics and strategy rapidly, use makeshift tools and techniques, and strive to find and exploit every tiny little weakness in the defenses of the “stronger” groups. This is also a good working description of terrorism. How long will it be before terrorists discover the advantage they can gain by using cyber-attack techniques to their advantage or to amplify their more conventional physical world attacks?

The Confluence of Cyber-Crime and Terrorism – [frontpagemag.com]

While we face a scenario emerging from the cyber-threat spectrum that fully fits the part of the most dangerous threat, we must also face and prepare for a most likely scenario that is unique and, frankly, is not yet on the cyber-threat spectrum. This threat will involve the joining of the growing cyber-crime capability we see today with the terrorists’ realization that the cyber realm is ripe for exploitation and that joining with cyber criminals will be their path to that exploitation.

Attack vs Defense on an Organizational Scale – [hackingtheuniverse.com]

This paper describes a theoretical cyber attack and defense scenario between fictional organizations, using real techniques and tools for both attack and defense. The defenders will be framed as a typical network administration team responsible for the security of a large enterprise network, and using modern security standards. The fictional defending organization is a public hospital network presented as a federal government agency, known as the “Public Hospital Administration” or PHA for short. The PHA oversees the operation of public hospitals in most major cities in the U.S. They use modern information technology practices, including a nationwide network that ties all the hospitals together. Their systems are predominantly Microsoft Windows based. They have national gateways with massive firewalls, proxy servers, enterprise anti-virus software and some level of network intrusion detection capability. The PHA uses NIST SP 800-53 as the backbone of their computer security policy.

The fictional attacking organization was actually a composite of several groups that decided to co-operate with each other for the short term purposes of this attack scenario. The driving group was an international organization of fundamental religious terrorists who wanted to strike the U.S. in any way that will create terror, make headlines and disrupt the U.S. and its economy. They planned an attack against several major cities using biological weapons. In order to maximize the effect of this attack, they decided to also launch a parallel attack against the computer infrastructure of the hospitals in the same cities. They recruited help from a secret Chinese Academy that teaches cyber attack methodology and produces over a hundred new graduates each year that are in essence, well trained professional hackers. They also recruited help from an organized crime group in Russia. The operation was financed by selling identity information harvested from the hospital network before the final attack. The Russian crime group handled this part of the operation and also any needed extortion or “muscle” operations. The Chinese group provided the cyber attackers and oversaw the entire attack operation against the computer network. In exchange, they were grandly rewarded with practical experience in the field for a select team of their graduates as well as information they highly valued on how to attack a U.S. Federal Government Agency. The terrorist group handled the biological weapons attack and coordinated the timing of the overall operation.

Leave a Reply

You must be logged in to post a comment.