[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
PREVIEW: Cyberwarfare: fact or fiction?

Subject: PREVIEW: Cyberwarfare: fact or fiction?
From: Eugene Leitl <eugene.leitl@xxx.xxxxxxxxxxxx.xxx
Date: Mon, 4 Oct 1999 18:28:32 -0700 (PDT)
http://jir.janes.com/sample/jir0499.html

Document created: 21 SEPTEMBER 1999 

Cyberwarfare: fact or fiction? 

Now that cyberwarfare has become an accepted fact, Joshua Sinai
examines the requirements for anti-state groups to employ this and
chemical, biological, radiological and nuclear weaponry.

As the 21st century approaches, there is great concern in worldwide
national security circles about preparations by terrorist groups,
either on their own or jointly with state sponsors, to exploit the
increasing availability of sophisticated lethal technologies to launch
mass destruction and mass disruption warfare against their enemies'
populations and critical infrastructures. Mass destruction warfare
utilises chemical, biological, radiological and nuclear (CBRN)
weaponry, whereas cyber terrorism utilizes information technology (IT)
devices to inflict mass disruption of an opponent's critical IT
infrastructure. The concern about the likelihood of CBRN/Cyber
terrorist attacks is driven by the emergence of new types of terrorist
groups which possess the motivation and technical capability to launch
such attacks, and particularly a power drive by their leaders to
propel their groups on the international arena as a first order of
magnitude technological destroyer and menace.

Only a select number of terrorist groups and few state sponsors are
likely to possess the necessary motivation and capability in the
spheres of organisation, funding, acquisition, technology, storage and
stockpiling, logistics, and other overt and covert resources to be
able to make the transition from conventional to CBRN/Cyber
warfare. For many, the numerous internal and external tasks and
hurdles involved in acquiring, storing and deploying such
sophisticated weaponry and devices are simply too much. Moreover, few
terrorist groups and state sponsors are sufficiently motivated to
carry out mass casualty or mass disruption warfare. For many, small
scale conventional attacks such as car or truck bombings cause
sufficient death and destruction to achieve the objective of
terrorising a targeted population and its government in order to
compel them to pay attention or make concessions to an insurgent's
cause and grievances.  Nevertheless, there is sufficient reporting of
activities by terrorist groups and their state sponsors in the
CBRN/Cyber realm to provide the necessary indications and warning
(I&W) indicators to usher in a new paradigm of super, ultra, and
macro-type catastrophic terrorism. For terrorists, CBRN/Cyber weapons
provide the opportunity to cause death and disruption at unprecedented
levels - resulting in thousands of casualties and billions of dollars
in damages to critical infrastructure nodes. However, depending on the
levels of sophisticated technologies deployed, acquiring a CBRN/Cyber
capability requires extensive funding, an overt or covert acquisition
capability, a technological research and development program to
produce, weaponise and stockpile CBRN materiel (or the capability to
purchase or steal ready-made weapons), and a level of technical
expertise and logistical infrastructure that is appropriate to launch
successful CBRN attacks. This is beyond the technical capability or
motivation of most terrorist groups.

On the other hand, the information revolution ushered in by the
Internet allows terrorists to access articles and documents from the
World Wide Web about the manufacture or acquisition of BW or CW
agents, and commercial-off-the-shelf (COTS) software products can
easily be obtained to conduct cyberterrorism, making CB/Cyber attacks
much more feasible to launch than hitherto.  Radiological and nuclear
weapons, however, are far more difficult for terrorist groups to
acquire or to develop indigenously, to weaponise and deploy, or to
provide storage for.

Although such cost/benefit considerations may limit the majority of
terrorist operations to the realm of conventional warfare in the 21st
century, recent WMD- related events and reports indicate increasing
activity by certain terrorist groups and state sponsors in the
CBRN/Cyber arena. This has been accompanied by a lowering of the
threshold for their conviction that conventional attacks are
insufficiently effective and that a more lethal form of mass casualty
or mass disruption violence is required to achieve their goals.

Thus, the primary differences between conventional and CBRN/Cyber
terrorism lie in the areas of motivation, organisation, funding, and
capability in the realms of acquisition, technology, and
logistics. There is also the issue of the capability to overcome
external hurdles. These include acquisition of the necessary
technologies, cooperation by foreign suppliers, creation of a
logistics network for acquisition and deployment, obtaining state
sponsorship, and also detection, penetration, and deterrence by
foreign intelligence and counterterrorism agencies.

There have already been several instances of CBRN/Cyber operations by
terrorist groups. Chemical attacks have been mounted by the Aum
Shinrikyo cult, such as the March 1995 sarin nerve gas attack on the
Tokyo subway system, killing 12 people and injuring 5,500. Chemical
cyanide was included with explosives in the February 1993 bombing
attack by Islamic militants of the World Trade Center. In the
mid-1980s, the Tamil secessionist group, LTTE (which provides its
operatives with a cyanide pill in the event of capture) threatened to
carry out a BW attack by spreading pathogens to infect humans and
crops in Sri Lanka. Aum Shinrikyo also attempted, albeit
unsuccessfully, on at least 10 occasions to disperse biological
warfare agents in aerosol form, and in October 1992 its members
attempted to acquire Ebola virus samples in then Zaire for future use
in biological attacks. In mid-1997, an American white supremacist
faction plotted to attack the New York City subway system with
biological weapons.  Reportedly, Hizbullah and Hamas operatives have
acquired chemical and biological components, although they have so far
refrained from carrying out such attacks.

Until its top leaders were arrested, some members of the Aum group
also studied uranium enrichment and laser technology which are
necessary for acquiring the capability to develop nuclear weapons. The
group had one or possibly more of its followers on the staff of the
Russian Kurchatov Institute's nuclear physics laboratory. In September
1998, Mamdouh Mahmud Salim, a top aide to Osama Bin Laden was arrested
in Munich while trying to procure enriched uranium for developing
nuclear weapons.

One of the first known instances of cyberterrorism occurred in 1997
when the LTTE launched cyber attacks against Sri Lankan government
sites, including hacking into a government web site and altering it to
transmit their own political propaganda. Supporters of the Mexican
Zapatista rebels have jammed Mexican government web sites. The
American terrorist group, the Christian Patriot movement, is active in
the Internet.??? The Osama Bin Laden group utilises an extensive
network of computers, disks for data storage, and Internet for e-mail
and electronic bulletin boards to exchange information. Hamas
operatives in the Middle East and elsewhere use Internet chat rooms
and e-mail to coordinate activities and plan operations. Other Middle
Eastern terrorist groups, such as Lebanon's Hizbullah and Algeria's
Armed Islamic Group, also utilise computers and the Internet for
communications and propaganda.

Terrorists have also targeted critical infrastructure. Thus, for
example, in the Summer of 1998, the LTTE bombed state-owned and
private telecommunications facilities in Sri Lanka, damaging buildings
and disrupting telephone service.

Motivation

Motivation concerns the psychological, political and strategic factors
that are likely to serve as incentives or disincentives for terrorist
groups to resort to CBRN/Cyber warfare, particularly the decision to
embark on a higher lethality and disruption in targeting. Motivations
are an important factor because they influence a group's destructive
or disruptive potential and the paths and links that they are likely
to pursue to acquire the necessary technological and operational
capabilities to launch CBRN/Cyber attacks. It is important to assess
these motivations because a misunderstanding of a terrorist group's
decision making regarding CBRN/Cyber warfare could lead to
underestimating or overestimating a group's CBRN/Cyber capability,
surprises about unanticipated attacks, the types of weapons chosen,
the timeframe for such attacks, and likely targets.

The psychological factors that are likely to drive terrorist groups to
embark on CBRN/Cyber warfare might be irrationally or rationally
based. Thus, irrational factors might be characterised as leadership
by extremist, paranoid or criminally insane border-line personalities,
who are driven by a suicidal 'culture of death'.  On the other hand,
rationally-based factors would include a need for the great prestige
and power that such weapons would provide or the pursuit of
mass-casualty type vengeance against particularly repressive
government policies or excessively harsh government retaliation. Both
types of psychological actors tend to be authoritarian, and, although
the latter type might behave like rational actors, both types reject
commonly accepted societal norms, standards or proportions that would
make them less inclined to exceed a certain violence and mass casualty
threshold, and thus they would be more prone to commit catastrophic
violence and disruption.

The political factors that would motivate terrorist groups to resort
to catastrophic warfare range from particular to broad grievances
against a perceived enemy state, sub-state actors or transnational
organisations, and their objectives vary from revolution, secession
for a religious, ethnic or national community, to nihilism and the
complete destruction of a state. A second set of political factors
that are particularly susceptible to a lack of conventional
constraints on catastrophic violence are religious beliefs that
advocate visions of apocalyptic millennialism, messianic apocalypse or
redemptiveness, in which CBRN/Cyber type violence is employed to
hasten in a new millenium, the arrival of a messiah, or a new order.
This is particularly the case with messianic groups such as Aum
Shinrikyo which view the society that they seek to destroy as
inherently worthless and offer their adherents a path to a higher
existence through rebirth in the next life. A third set of political
factors includes virulent racist or ethnic hatreds by terrorist groups
resolution of which they believe would be achieved by the destruction
or annihilation of the enemy community.

Strategy vis-à-vis CBRN/Cyber warfare concerns how a terrorist group's
leadership defines its broad objectives and the means and targets
necessary for their attainment. For example, a terrorist group that is
inclined towards a strategy of minimising risk or failure, of using
violence to influence, but not destroy an opponent, is concerned about
backlash within its own community or intended audience, and fears
massive military retaliation by a foreign state against its own group
and supporting community, might be more likely to adopt tactics that
call for conventional warfare, whereas a group whose strategy is
unconstrained by these factors might be more likely to pursue the
CBRN/Cyber catastrophic option. Thus, an extremist religious terrorist
group that regards violence as a sacramental act or divine duty, and
the constituency of which is limited to its own group, would likely be
unconstrained to employ the most lethal violent means at its
disposal. A further strategic objective might be to carry out or
threaten to carry out a CBRN/Cyber attack in order to perpetrate an
economic extortion or to massively damage a critical infrastructure
node, such as a food supply. Another strategic consideration concerns
the decision whether or not to seek state sponsorship and assistance
in CBRN/Cyber warfare. A final consideration is whether the group
needs to claim credit for a CBRN/Cyber attack. In fact, the reduced
need to claim credit for such attacks signals the emergence of the
"silent terrorists," and is another factor contributing to loosening
self-imposed constraints against higher levels of lethality.

Organization

There are no fixed organisational prerequisites for attaining
CBRN/Cyber capability, particularly in the age of the Internet when
terrorist operatives can be dispersed geographically yet are able to
communicate with each other by using their own secured communications
networks. At one end of the organisational spectrum, the technological
complexities involved in acquiring CBRN/Cyber capability require a
well organised, hierarchical organisation, with a command and control
apparatus staffed by professional terrorists, a highly- developed R&D
apparatus staffed by scientists and technicians, production and
storage facilities, a transnational logistics network to clandestinely
acquire the necessary technology from external sources, and business
activities (either legitimate or illegitimate) to generate the
necessary income to fund the acquisition of CBRN/Cyber operational
capability.

At the other end of the organisational spectrum, a CBRN/Cyber
operational capability might be acquired by a terrorist entity of a
transitory, ad hoc amalgamation that bands together for a single
mission, that is less cohesive and more diffuse organizationally, and
is staffed by a small number of professional operatives and amateur
associates. In addition, such groups, such as the Osama Bin Laden
network, do not generally operate out of geographically bound
sanctuaries or safe-havens and their activities are not confined to
specific operational areas, but are dispersed worldwide. The use of
amateurs by professional terrorists is significant because these can
be used as pawns, cut- outs or expendable minions to conceal the
identity of the particular organisation or state sponsor that actually
orders or commissions a CBRN/Cyber attack. In such a case, CBRN/Cyber
warfare would be carried out by an organizationally ad hoc terrorist
entity, backed by a state sponsor, that joins forces for a specific
one-time operation.

A related organisational issue is the degree of technical and military
professionalization required by terrorist groups to conduct CBRN/Cyber
warfare, or whether amateurs can develop such capability, particularly
when aided by a state sponsor. Thus, to pursue the CBRN/Cyber warfare
option, do terrorist groups need to recruit individuals with technical
degrees and expertise in disciplines such as chemistry, biology,
physics, engineering and computer science?  Moreover, does a group
need to organise the training on its own or is a state sponsor
required to provide instruction and facilities?

A terrorist group might also train its members in not just a single
weapon but a variety of CBRN/Cyber weapons for which different sets
and levels of technological expertise are required in order to attain
operational capability in each of these weapons. Thus, for example,
terrorist groups, such as Aum Shinrikyo, have provided their members
with extensive training and education in a variety of CBRN/Cyber
weapons, including studying uranium enrichment and laser technology,
with at least one of their members working on the staff of a Russian
nuclear physics laboratory, while another contingent traveled to
Africa to study the Ebola virus. Cyberwarfare involves a different set
of training requirements that is also more readily available. Thus,
training in computer science is now widely prevalent among terrorist
groups.

Funding

Significant financial resources are required for terrorist groups to
develop an indigenous CBRN/Cyber operational capability unless a group
succeeds in weaponising a crude, low-technology device, or stealing or
hijacking such a device. In general, a range of costs are involved in
acquiring, operationalizing, stockpiling and deploying CBRN/Cyber
weapons of varying levels of sophistication and lethality. As a
result, financial considerations play a role in deciding whether a
group will choose single or multiple CBRN/Cyber weapons, the types of
dispersal systems, and whether these weapons will be indigenously
developed, obtained from an external source (whether legally or
through smuggling, hijacking or theft), or are provided by a state
sponsor. CBRN/Cyber weapons for use in terrorist attacks vary greatly
in their cost. For example, acquiring production and operational
capability to deploy chemical, biological, radiological, or cyber
capability involves relatively small financial resources, and are
within the means of many terrorist groups. Far more significant
financial resources, which only a few groups possess, are necessary to
acquire a nuclear weapons capability. Nevertheless, some terrorist
groups, such as the Aum Shinrikyo in its heyday, the Bin Laden
network, or Colombian narco-traffickers, could, potentially, acquire a
miniaturized nuclear weapon because of the vast financial resources
accruing from their multiplicity of legitimate and criminal business
enterprises. To launch a cyber attack, a terrorist group could
purchase relatively inexpensive commercial-off-the-shelf (COTS)
software and hardware, with some weapons of mass disruption software
available on hacker bulletin boards and Web sites.

State Sponsors

Obtaining the sponsorship of a state with WMD resources can be a major
facilitator in transitioning to CBRN/Cyber terrorism. There are a
number of motivations, requirements, and bureaucratic considerations
involved in the relationship between terrorist groups and potential
state sponsors regarding the resort to CBRN/Cyber warfare. However,
obtaining the support of a state sponsor is not automatic or
inevitable. Potential state sponsors would have to weigh the costs and
benefits involved in sponsoring CBRN/Cyber operations by terrorist
groups, including providing assistance in the phases of research,
development, production, and operations planning. Other issues concern
the conditions and arrangements for providing the terrorist group with
CBRN/Cyber weapons, training, logistics, diplomatic cover and
deniability.

Thus, a number of cost/benefit factors are involved in the relations
between state sponsors and surrogate terrorist groups. For both there
are advantages and disadvantages. For terrorist groups state
sponsorship can provide assistance in terms of funding, intelligence,
CBRN/Cyber weaponry, technical expertise, training, laboratories,
logistics, target reconnaissance and surveillance, escape assistance
and safe haven, diplomatic cover, and deniability. Thus, for example,
attaining the support of a state sponsor with nuclear capability (such
as Iran, Iraq, Pakistan or North Korea) would shortcut the process of
fabricating a high-grade nuclear bomb with weapons-grade material,
which would be extremely difficult, although not impossible, for most
terrorist groups to develop on their own. Such a nuclear weapon,
however, would likely be miniaturised and of a tactical, not a
strategic variety.

State support need not be explicit or direct. Thus, a state sponsor
might indirectly influence or remotely control a terrorist group's
actions. A state sponsor might use amateur terrorists as dupes or
cut-outs to conceal their involvement, and thus avoid the possibility
of retaliation.

External Hurdles

There are a number of external hurdles that terrorist groups must
overcome in order to acquire operational CBRN/Cyber capability. These
hurdles include technological and logistical factors, obtaining state
sponsorship and deterrence by foreign intelligence and
counterterrorism agencies.

In terms of technological hurdles, CBRN weapons and Cyber devices vary
in the levels of technological sophistication required for their
development, weaponization and deployment. There is also a clear
distinction between CBRN weapons and Cyber devices.

Cyberterror devices involve high end technologies, although of a
different magnitude than CBRN weapons, because, among other factors,
the means required to access and achieve the massive destruction or
breakdown of a critical infrastructural information technology
(IT)-type target involve entirely different kinds of delivery systems
(eg computers).

CBRN weapons are generally at the high end of the technological
spectrum, although within this high end range there are gradations of
technological sophistication that terrorists are likely to utilise
because of the variances in their own operational capabilities. In
general, the ranking of CBRN weapons involves consideration of the
levels of technological sophistication required to develop a
particular CBRN weapon and the potential weapon effects. Thus, if
potential weapon effects are being ranked, chemical devices would be
placed at the low end with tactical nuclear and biological weapons at
the high end. On the other hand, in terms of levels of sophistication
required to develop CBRN weapons, the ranking would begin with the
lower end chemical and biological to the higher end radiological and
nuclear. The reason for this ranking is the relative ease with which
it is possible to construct crude chemical and biological
devices. Weapons grade biological agents from a producer-country such
as Russia are also particularly vulnerable to theft or
smuggling. Radiological and tactical nuclear weapons are harder to
develop, although crude approximations of them are feasible for some
terrorist groups.

Among CBRN weapons, the most substantial hurdles lie in the
fabrication and deployment of nuclear weapons. There are enormous
technological tasks involved in acquiring and utilising weapons grade
materials, such as highly enriched uranium or plutonium, to produce
nuclear explosives. Other than the hurdle of indigenously producing a
nuclear device, terrorist groups would have either to purchase such a
device from external sources, to obtain it from a state sponsor, or to
steal or smuggle it. Tactical nuclear weapons, as opposed to strategic
nuclear weapons, are most vulnerable to theft or illegal purchase by
terrorist groups because of their relatively small size, widespread
dispersal, and the absence among older generations of these weapons of
effective electronic locks or Permissive Action Links (PALs) to
prevent their unauthorized use. There are also complex technical
requirements involved in deploying a nuclear explosive device,
particularly in dispersing radioactive material.

In all these cases of CBRN weapons, it may not be necessary for
terrorist groups to acquire actual battlefield weapons-certain crude
devices or delivery and dispersal systems may not achieve mass
destruction effects, but might be sufficient to inflict mass terror.

The logistics hurdle involves the capability by terrorist groups to
create an organizational apparatus and transnational network not only
to acquire the technology to produce CBRN/Cyber weapons and devices,
but to conduct target reconnaissance and surveillance, and then to
transport, deliver, disperse and disseminate the weapon against the
intended target and, if possible, carry out an escape.

Obtaining state support represents another external hurdle. A state
sponsor might be reluctant to collaborate with a terrorist group in
the CBRN/Cyber warfare realm because of the enormous political costs
and risks of retaliation and exposure. Moreover, there is always the
possibility that a terrorist group might prove unreliable or
inefficient, or, in a worst case scenario, use CBRN/ Cyber weapons
against their sponsor. On the other hand, there are certain factors,
conditions and circumstances that are likely to facilitate cooperation
and joint ventures between state sponsors and terrorist groups. Thus,
for example, using a surrogate group could enable a state sponsor to
achieve certain strategic objectives while denying its role in such an
attack.

Several trends and developments are creating a new dynamic in the
relationship between state sponsors and terrorist groups. In certain
CBRN/Cyber areas, terrorist groups are less dependent on state
sponsors because of widespread access to the Internet and other
resources that make it relatively easy for terrorist groups to learn
how to develop chemical or biological agents indigenously.  Similarly,
in terms of cyberwarfare, terrorist groups may have little need for
state sponsors because much of the applicable software and hardware
are available commercially and targeting can be accomplished from a
computer terminal hundreds of miles away from the intended targets.

Terrorist groups are extremely vulnerable to deterrence by foreign
intelligence and counterterrorism agencies. Thus, terrorist groups
must overcome the continual possibility of their activities and
operations being detected, monitored, penetrated and potentially
preempted, interdicted or destroyed by these agencies.

Conclusion

CBRN/Cyber terrorist warfare is likely to pose a significant threat in
the 21st century as a result of the confluence of motivation,
technical capabilities, and involvement by state sponsors. This
analysis is intended to highlight some of the internal and external
factors, requirements and hurdles that need to be considered in
assessing a terrorist group's current and future development status
and operational capability to conduct CBRN/Cyber warfare. Correlating
these internal and external factors and hurdles would make it possible
to forecast which terrorist groups and state sponsors are likely to
embark on CBRN/ Cyber warfare, the types of adaptations and changes
they would require to transition to such warfare, the types of weapons
and targeting they are likely to pursue (including the possible resort
to single or multiple CBRN/Cyber weapons and devices), the timelines
for such attacks, and vulnerabilities that could be exploited by
foreign intelligence and counterterrorism agencies to constrain
terrorist groups--and, when applicable, state sponsors--from embarking
on such warfare.



                         ©Jane's Information Group 1999
Prev by Date: New era in data storage promised
Next by Date: SpaceDaily Express - October 5, 1999
Previous by thread: New era in data storage promised
Next by thread: Re: PREVIEW: Cyberwarfare: fact or fiction?
Index(es):
- Date
- Thread