TACKLING CYBER TERRORISM: ISSUES AND CHALLENGES

OPTIONAL PAPER- CYBER LAWS

Submitted by
Mrunalini Deepak Dhote
UID No.: UG18-54
B.A.LL.B.(Hons.)
Year: IV Semester: VIII

Submitted to
Dr. Divita Pagey
Assistant Professor of Law

MAHARASHTRA NATIONAL LAW UNIVERSITY, NAGPUR

INTRODUCTION

The development of cyberspace has been one of the greatest technological achievements of
mankind. These technological advances entrust mankind with incredible benefits in diverse
fields, yet they always influence the nature of security threats in society. Amongst
contemporary security vulnerabilities, cyberthreats have emerged as a critical threat to our
society. Cyberthreat is an amorphic change in the nature of threats that is capable of
convulsing the economic and social order of the world. These threats are hard to detect and
difficult to investigate because of their anonymity. Since the Internet has developed as an
unregulated, open architect, the globally integrated transnational character of cyberspace has
favoured the growth of cyberthreats. It has been ideal for offenders wanting to anonymously
carry out criminal activities in the cyberworld beyond territorial borders, thereby amplifying
the scope of crime and stimulating it to move beyond mental torture, anguish and physical
assault. Today, the criminals target the Web to derange the global order and virtual life of
people. Like any other space in life, technology has its own benefits and challenges. While it
enhances a man’s life in almost all the aspects whether its health care, transport,
communication, smart cities etc. There are various challenges which we have to overcome to
not turn technology into our own enemy. In this paper, the researcher has tried to shed some
light upon such challenges faced and further tried to discuss about the solutions for the same.

AIM AND OBJECTIVES

The aim of the researcher is to focus on the challenges and issues faced and to tackle cyber
terrorism.

The objectives of the researcher are as:

 To discuss about the issues and challenges at hand.

 To elaborate upon various ways in which the issue can be resolved or managed.

 To understand the significance of cyber security and discuss more ways of cyber
protection.

RESEARCH METHODOLOGY

The doctrinal style of research is proposed to approach the study's stipulated objectives, a
thorough literature survey on the subject will be applied, and the issues under inquiry will be
investigated methodically. This doctrinal work used for research writing is both analytical

2
and descriptive. The researcher attempted to critically evaluate primary materials such as
books and e-resources. Opinions of research scientists, academics, and other specialists,
including advocates, who have dealt with this issue will be considered a genuine contribution
to study. E-resources have made a significant contribution to research by allowing
researchers to access the most up-to-date and relevant material on the web, allowing them to
examine the subject from a variety of perspectives.

ANALYSIS

CYBER TERRORISM

Terrorism in cyberspace consists of both cybercrime and terrorism. Terrorist attacks in

cyberspace are a category of cybercrime and a criminal misuse of information technologies.
The term “cyberterrorism” is often used to describe this phenomenon. But while using such
term, it is essential to understand that this is not a new category of crime. Cyberterrorism has
been defined as unlawful attacks and threats of attack against computers, networks, and
stored information. It has to intimidate or coerce a government or its people in furtherance of
political or social objectives. An attack should result in violence against persons or property,
or at least cause enough harm to generate fear. Serious attacks against critical infrastructures
could be acts of cyberterrorism, depending on their impact.

Another definition covers a criminal act perpetrated by the use of computers and
telecommunications capabilities causing violence, destruction and/or disruption of services.
The purpose must be to create fear by causing confusion and uncertainty in a population, with
the goal of influencing a government or population to conform to a particular political, social
or ideological agenda. Cyberterrorism has also been defined as attacks or series of attacks on
critical information infrastructures carried out by terrorists, and instills fear by effects that are
destructive or disruptive, and has a political, religious, or ideological motivation. These
definitions have one thing in common, the conducts must be acts designed to spread public
fear, and must be made by terrorist intent or motivation. Terrorism in cyberspace includes the
use of information technology systems that is designed or intended to destroy or seriously
disrupt critical information infrastructure of vital importance to the society and that these
elements also are the targets of the attack.

Definition as per Information Technology Act, 2000 (“IT Act”)- Section 66F of the IT Act
defines ‘Cyber Terrorism’ as all those acts by any person with an intent to create threat to the
unity, integrity, sovereignty and security of the nation or create terror in minds of people or

3
section of people by way of disrupting the authorised access to a computer resource or getting
access to a computer resource through unauthorised means or causing damage to computer
network. If these acts cause injuries to persons, cause the death of any person, damage or
destruct any property, cause disruption of essential supplies or services, or negatively affect
the critical information structure, they become punishable in nature. It also includes all those
acts committed knowingly or intentionally in connection to getting access to a computer
resource in an unauthorized way and that the data so obtained was restricted in the interests of
the sovereignty and integrity of the nation.

The potential threats of attacks by terrorists in cyberspace would focus on systems and
networks that contains critical information infrastructure. It may include conducts against the
confidentiality, integrity and availability of such systems and networks through cybercrimes:
illegal access, illegal interception, data interference, system interference, and misuse of
devices. Serious hindering of the functioning of a computer systems and networks of the
critical information infrastructure of a State or government would be the most likely targets.
The dependency of information and communication technology creates at the same time a
vulnerability that is a challenge for cyber security. Attacks against critical information
infrastructures may cause comprehensive disturbance and represent a significant threat that
may have the most serious consequences to the society. Potential targets may be
governmental systems and networks, telecommunications networks, navigation systems for
shipping and air traffic, water control systems, energy systems, and financial systems, or
other functions of vital importance to the society.

It should constitute a criminal offence when terrorists are able of hindering or interrupting the
proper functioning, or influence the activity of the computer system, or making the system
inoperative e.g. crashing the system. Computer systems can thus be closed down for a short
or extended period of time, or the system may also process computer data at a slower speed,
or run out of memory, or process incorrectly, or to omit correct processing. It does not matter
if the hindering being temporarily or permanent, or partial or total. Hindering or interruption
may be caused by a Denial-of-Service (DOS) attack. The most potential denial of service
attacks by terrorists in cyberspace is flooding computer systems and networks with millions
of messages from networks of hundreds of thousands of computers from all over the world in
a coordinated cyberattack. Such an attack has a potential to crash or disrupt asignificant part
of a national information infrastructure and may be caused by botnets. Categories of such
attacks are also blocking users from legitimate access by entering wrong passwords for

4
correct user name in order to block the access for that user name. Or triggering a denial of
service attack alert without the existence of any such attack at all, so that the computer
system really restricts access to anyone. Terrorist offences in cyberspace and attacks on
critical information infrastructures are cybercrimes. Massive and coordinated cyber attacks
were in May 2007 launched against websites of the government, banks, telecommunications
companies, Internet service providers and news organizations in Estonia. The attacks have
been described as targeted and well organized from outside Estonia, and were attacks on the
public and private critical information infrastructure of a State. It was estimated that 1 million
computers around the world were involved through the use of botnets. Some described it as
“the Big Bang” as 4 million packets of data per second, every second for 24 hours,
bombarded a host of targets that day. The attacks forced banks to shut down online services
for all customers for an hour and a half, and disrupted government communications. The
purposes and intent of the attacks may be described as terrorist purposes included in the
Council of Europe Convention on the Prevention of Terrorism of 2005, if they fulfill the
requirement of: “…seriously destabilize or destroy the fundamental political, constitutional,
economic or social structure of a country…”

THREATS CAUSED BY CYBER TERRORISM

Cyberterrorism poses critical security threats to the world. The CIs, like nuclear installations,
power grids, air surveillance systems, stock markets and banking networks, are dependent
upon cyberspace. This functional dependence has made CIs vulnerable to cyberterror attacks
and increased the scope for cyberterror footprints exponentially. Most CIs globally are poorly
protected. Therefore, cyberterror attacks on CIs can cause egregious damages to the society.
Further, today there is a persistent threat of sensitive information of national interests being
stolen by terrorists, destruction of computer networks or systems superintending the
functioning of CIs.

Objectives of Cyberterror Attack

Cyberterrorism is based on specific objectives, such as:

1. Target CIs of the country, like air traffic, military networks, financial and energy
systems, telecommunications and others, to cause physical devastation.

5
 2. Cause disruptions sufficient to compromise the industrial and economic operations of
a country. A cyberterror attack thwacks a large part of the world population and
causes monetary disorder and loss of data.

3. Cause physical injuries, loss of lives, explosions, crashing of aircraft and other aerial
vehicles,  theft of technology and privileged information.

4. Move beyond the realms of destruction and send a signal of ferocious disruption and
fear to governments.  

Exploitation of Cyberspace by Terrorists

Terrorist organisations use cyberspace for recruitment, command and control and spreading

their ideology. Internet being the largest reservoir of knowledge has fuelled terror outfits to
use this quality to set up virtual training camps in cyberspace. In 2003, Al-Qaeda established
its first online digital repository, providing information on matters ranging from bomb-
making to survival skills. Today, the Internet is used by multiple self-radicalised patrons as a
resource bank. Cyberspace has emerged as a new operational domain for terror and extremist
establishments, appending new dimensions to cybersecurity of precluding online jihadist
recruitment, radicalisation and raising of funds. The terror outfit of IS has manoeuvred this
stratagem and used it proficiently for itself. The militant group was able to recruit 30,000
fighters through social media. Social media subsequently helped the group to establish its
franchises and expand its base in different countries. Additionally, terrorists use Internet
proficiency to reach out to masses to inspire acts of terror as well as disseminate their
messages.

Cyberterrorism versus Conventional Terror Attacks

Cyberspace offers anonymity, easy access and convenience to terrorists to reach the masses
without much monetary expenditure. The ubiquitous cyberworld enables terrorists to launch
cyberattacks having far-reaching impacts and causing staggering damages, more critical than
physical attacks. Traditional terror attacks are restricted to the physical limits of the place of
attack. Also, while people outside the territorial limits of the attack do read and observe such
incidents, they do not get affected directly. A cyberterror attack, however, encompasses the
potential of affecting millions without any territorial limitations; at times, it is more enigmatic
to find the perpetrator and trace the point of origin of cyberterror attacks. Hence, cyberspace
facilitates cyberterrorists by enabling them to have a far greater reach than ever before.

6
Further, global interconnectivity of cyberspace results in proliferation of potential targets for
terrorists to attack, making it more dangerous than other terror attacks. Such unmatched
capabilities of cyberterrorism give terrorists extraordinary leverage to engender more harm to
society.

Thus, different factors make cyberattacks a capitative choice of terrorists:

1. Cyberterrorism constitutes a low-cost asymmetric warfare element for terrorists as it

requires fewer resources in comparison to physical terror attacks. The terror groups
can inflict more damage to people and society with the same amount of funds. Thus,
the benefit–cost ratio for a cyberterror attack is very high.

2. Cyberspace provides anonymity, thereby enabling cyberterrorists to hide their

identity. The Indian government had admitted in Rajya Sabha that attackers
compromise the computer systems situated in different locations of the globe and use
masquerading techniques and hidden servers to hide the identity of the computer
system from which the cyberattacks are propelled. It is the anonymous nature of
cyberspace that makes it arduous to attribute cyberattacks to any state.

3. The CIs and other valuable state resources are not fully protected and thus become an
obvious target of cyberterrorists. After designation of the target, the cyberattack can
be launched without any unwarranted delay and need for further preparation.

4. The Internet enables cyberterrorists to initiate a cyberattack on any distinct part of the
world. Unlike physical terror attacks, there are no physical barriers or checkpoints that
block cyberterrorists in the execution of predetermined cyberattacks on designated
targets. Likewise, cyberterrorism involves less risk than physical terrorism.

5. Cyberspace provides broad avenues for disseminating terror organisation propaganda.

It provides a larger audience for cyberterror attacks, whose impact goes beyond
cyberspace to diverse systems.

STRATEGIES TO DEAL WITH CYBER TERRORISM THREATS

In order to counter the ill effects of cyber terrorism, strategic plans should be put in
place to ensure the well being of the nation and its citizens. In the following paragraphs,
the steps that can be taken by the parties involved to deal with the threats of cyber
terrorism effectively will be discussed.

7
i. Pursue and Prosecute the Perpetrators The parties that have been directly affected from
attacks by cyber terrorists should be more aggressive in pursuing the perpetrators. Even
though this exercise might prove to be costly, it will definitely be to the organization’s
advantage if they are able to identify the perpetrators and prosecute them to the full
extent of the law. If there is an increasing number of such attackers that can be brought
to justice, it might change the general mindset of the cyber terrorist community and they
will need to think long and hard of the consequences of their actions if they are going to
get caught. Thus it might prove to be a good way of decreasing the number of such
attacks in the long run.

ii. Develop Best Security Practices Organizations should ensure that they develop and
deploy a tested set of best security practices suited specifically for their own operations.
These activities will require a lot of coordinated efforts from all parties in the
organization because security procedures should be followed by every department. The
developed list of the best security practices should cover all the aspects involved in
information security. As a starting point, it would be a good idea to adopt existing
international standard guidelines for information security such as ISO17799 or BS7799.
These standards provide the detailed steps that should be taken to secure organizations
from an information security standpoint. The organizations can later modify or improve
on the provided guidelines and adapt it based on their own operations and needs in order
to obtain the best results.

iii. Be Proactive Organizations and the general public should be more proactive in
dealing with cyber terrorism issues by keeping up to date on the latest information
related to threats, vulnerabilities and incidents and they should be more committed in
improving their information security posture. By being constantly aware of the various
components of cyber terrorism that could directly affect us, we would be able to be
implement stronger security measures that would reduce the chances of cyber attacks
from happening to us. Organizations should always be looking to improve upon their
existing security infrastructure. Organizations should deploy multi-level security
architecture instead of the single-tier ones in order to protect themselves better. Critical
activities such as security audits should be performed more often to reduce redundancies
in the security implementation. It should be remembered that, As part of GIAC practical
repository. Author retains full rights. security is a continuous process, not an off the

8
shelf solution. Thus, in my opinion the best way to handle security is to be proactive
about it .

iv. Deploy Vital Security Applications The use of security applications such as firewalls,
Intrusion Detection Systems (IDS), anti-virus software and others should be encouraged
and in some cases, mandated to ensure better protection against cyber terrorism.
Organizations should deploy both network and host-based IDS along with other security
applications. There should be personnel who are assigned to record, monitor and report
all suspicious activities in the organization’s network and with the aid of the latest
security systems, all these tasks can be done much faster and simpler. The prevention
and retention of critical information required for forensic analysis should be ensured in
order to facilitate further investigations.

v. Establish Business Continuity and Disaster Recovery Plans It is important that

business continuity and disaster recovery plans should be in place in all organizations.
These plans, to be included with incident response activities if not in existence, should
be established and maintained. These plans should be rehearsed and tested at regular
intervals to ensure their effectiveness. The plans that are implemented should involve
two main activities which are repair and restoration. The repair activity should fix the
problem in order for the function to operate normally. The restoration plans should be
activated with pre-specified arrangements with hardware, software and service vendors,
emergency services, public utilities and others.

vi. Cooperation with Various Firms and Working Groups Organizations as well as the
general public should establish working relationships or arrangements with public and
private bodies that could assist with various issues related to cyber terrorism. These
working groups can assist tremendously in activities such as developing standard
guidelines on improving organizational security, developing disaster recovery plans,
discuss on the emerging and rising issues in cyber terrorism and others. Thus by
exchanging information on such issues on a regular basis, it would create a pool of much
needed experts in the field of cyber terrorism in order to increase resistance in general
from such attacks.

vii. Increase Security Awareness It is important to increase the awareness on cyber

terrorism issues to the masses. By educating them, they would realize the importance of

9
defending themselves from such attacks and thus it would assist in developing
communities that are more proactive in dealing with information security issues. As part
of GIAC practical repository. Author retains full rights. training programs can assist
people to equip themselves with the right skills and knowledge that are needed to protect
their computer and networks systems effectively.

viii. Stricter Cyber Laws The government can assist in controlling cyber terrorism
attacks by adopting and revising new cyber laws that will punish the perpetrators more
heavily if they are involved in such activities. New acts to encourage the development of
efficient cyber security practices and to support the development and permit the use of
more effective tools for law enforcement should be introduced. Organizations especially
from the public sector should support research and development activities of
personalized security tools such as firewalls and IDS. The main advantage of pursuing
this approach rather than buying off the shelf product is that it will leave the perpetrators
in the dark over the actual capabilities that the targets possess, and this can be a huge
advantage when dealing with such knowledgeable and experienced attackers.

INITIATIVES TAKEN IN INDIA

Information Technology Act: Cyberterror Law of India

The Information Technology Act (hereafter the Act) sanctions legal provisions
concerning cyberterrorism. Section 66F of the Act enacts legislative framework over
cyberterrorism. It provides for punishment, extending to life imprisonment, for
cyberterrorism, along with three essential elements for an act to constitute as
cyberterrorism:

 Intention: The act must intend to afflict terror in people’s mind or jeopardise or
endanger the unity, integrity, security or sovereignty of India.
 Act: The act must cause:

(i) unlawful denial of access to any legally authorised person from accessing any
online or computer resource or network; or
(ii) unauthorised attempt to intrude or access any computer resource; or
(iii) introduce or cause to introduce any computer contaminant.

10
3. Harm: The act must also cause harm, like death, injuries to people, adverse or
destructive effect on the critical information infrastructure (CII), damage or destruction
of property or such disruptions likely to cause disturbances in such services or supplies
which are essential to life

Further, Section 66F also applies to instances where a person without any authorisation
or by exceeding his legitimate authorisation intentionally penetrates or accesses a
computer resource and obtains access to such data, or information or computer base
which has been restricted for Indian security interests, or whose disclosure would affect
the sovereign interests of India, etc. Protected Systems and CII The Act has a provision
of ‘protected systems’, empowering the appropriate government to declare any computer
resource that either directly or indirectly affects the facility of CII as ‘protected
system’. Section 70(3) sanctions punishment up to 10 years with fine in case a person
secures or attempts to secure access to a protected system.  The explanation clause of
Section 70 defines CII as: ‘The computer resource, incapacitation or destruction of
which, shall have a debilitating impact on national security, economy, public health or
safety.’ The central government, under Section 70A of the Act, has designated National
Critical Information Infrastructure Protection Centre (NCIIPC) as the National Nodal
Agency in respect of CII protection. The union government has also established Defence
Cyber Agency to deal with matters of cyberwarfare and cybersecurity.
Indian Computer Emergency Response Team (CERT-In)

Section 70B of the Act provides for the constitution of CERT-In to maintain India’s
cybersecurity and counter cybersecurity threats against it. The CERT-In is expected to protect
India’s cyberspace from cyberattacks, issue alert and advisories about the latest cyberthreats,
as well as coordinate counter-measures to prevent and respond against any possible
cybersecurity incident. It acts as the national watch and alert system and performs functions
like:
(a) Collect, analyse and disseminate information on cybersecurity incidents;(b) Forecast and
issue alerts on cyber-incidents;(c) Emergency measures to handle cybersecurity incidents;(d)
Coordinate cyberattack response activities;(e) Issue guidelines, advisories, over cybersecurity
measures, etc.

India has established domain-specific computer emergency response teams(CERTs) to

counter domain-specific cyberthreats and create a more secured cybersecurity ecosystem in

11
respective domains, like power grids and thermal energy. Further, sectoral CERTs in the
cybersecurity fields of finance and defence have been constituted to cater to such critical
domain’s cybersecurity requirements.

National Cyber Security Policy

The National Cyber Security Policy of India, released in 2013, aims to secure Indian
cyberspace and concretise its resilience from cyberthreats in all sectors. It aims at developing
plans to protect India’s CII and mechanisms to respond against cyberattacks effectively. It
further focuses on creating a safe and dependable cyber ecosystem in India. The policy has
facilitated the creation of a secure computing environment and developed remarkable trust
and confidence in electronic transactions. Furthermore, a crisis management plan has been
instituted to counter cyber-enabled terror attacks. The Parliament also amended the National
Investigation Agency (NIA) Act in 2019, empowering the NIA to investigate and prosecute
acts of cyberterrorism.

Moreover, technology and threat Intelligence play major roles to counter terrorism and
cyberterrorism. The multi-agency centre (MAC) at the national level, set up after the Kargil
intrusion, along with subsidiary MACs (SMACs) at state levels, have been strengthened and
reorganised to enable them to function on 24x7 basis. Around 28 agencies are part of the
MAC and every organisation involved in counter-terrorism is a member of this mechanism.
This is yet another important element of national initiative.

CONCLUSION

Even though the field of cyber terrorism is relatively new to most of us, it has proved to be a
very challenging one. So far, significant progress has been made through industry and
government initiatives in many countries to protect against cyber attacks. It is widely
accepted and well known by everyone that security is not a one-stop solution. Instead it is a
continuous journey that requires everyone involved to be committed to it. The many aspects
connected to cyber terrorism such as understanding the different motivations and types of
attack, realizing its effects on critical infrastructures, businesses and humans, as well as
undertaking the sometimes complex steps to decrease the chances of such attacks from
happening makes the task of protecting against it such an enviable one. However, the
implementation of strategic security measures and improved working relationships among the
various bodies including the industry, the government and the general public provide all of us
a strong hope of winning this battle. The fact of the matter is, cyber terrorism is here to stay

12
and we still have a long way to go in protecting the nation’s, businesses’ and our interests
effectively against it. The good news though, with the various strategic plans in place, we are
getting closer to achieving our main objective which is to have a highly secure and
productive working environment.

BIBLIOGRAPHY

Websites

 https://www.idsa.in/jds/cybersecurity-and-threats-15-2-2021
 https://www2.deloitte.com/ch/en/pages/risk/articles/impact-covid-cybersecurity.html
 https://blog.ipleaders.in/
 https://www.insightsonindia.com/security-issues/cyber-security/various-cyber-
threats/cyber-terrorism/

Other

 David, M. W., & Sakurai, K. (2003). Combating Cyber Terrorism: Improving

Analysis and Accountability. Journal of Information Warfare, 2(2), 15–26.
https://www.jstor.org/stable/26502765

 Prasad, Shalini & Kumar, Abhay. (2022). Cyber Terrorism: A Growing Threat to
India’s Cyber Security. 10.1007/978-981-16-3735-3_4.

 https://www.giac.org/paper/gsec/3108/countering-cyber-terrorism-effectively-ready-
rumble/105154

13