Professional Documents
Culture Documents
Cyber Terrorism - What It Is and How It's Evolved - Maryville Online
Cyber Terrorism - What It Is and How It's Evolved - Maryville Online
Cyber Terrorism - What It Is and How It's Evolved - Maryville Online
Home / Blog
Tables of Contents
In May 2021, gasoline supplies to the East Coast of the United States were reduced by 45% open_in_new,
causing cars to line up for blocks to fill their tanks. The cause: a cyberattack on the Colonial
Pipeline open_in_new that carried gas and other fuels to the East Coast from Texas. The attack was traced to
the international ransomware group DarkSide, as the Guardian reports.
In June 2021, meat supplies were threatened by a ransomware attack on meat processing
factories open_in_new owned by JBS, a company that supplies more than one-fifth of the beef consumed in
the U.S., as explained in the Guardian. JBS, which is headquartered in Brazil, also experienced
disruptions to operations in Australia and other countries. This was one of several cyberattacks in
2021 thought to have originated in Russia.
A hacking campaign suspected of being sponsored by China has targeted Microsoft’s Exchange
open_in_new email server for corporations. The New York Times reports that the attackers struck in January
2021 and escalated the attacks weeks later. Security analysts believe that tens of thousands of
accounts may have been compromised. Microsoft estimates that 30,000 Exchange customers
were likely affected by the data breach, but the company said it did not know how extensive the
data leak was.
These examples illustrate the dangers posed by cyber terrorism to governments and
organizations around the world. Cyber terrorism and other cyberattacks cost governments,
businesses, and individuals more than $1 trillion each year open_in_new, according to computer security firm
McAfee. Cybersecurity Ventures forecasts that the cost of cyber crime of all types will reach $10.5
trillion annually by 2025. open_in_new
Combating cyber terrorism and cyber crime requires understanding how cyber terrorists act, what
motivates them, and how to prevent their attacks. This guide looks at the evolution of cyber
terrorism, highlights examples of cyber terrorism and cyberattacks, and offers tips for thwarting
cyberattacks.
Back To Top
• An actor or actors with three unique attributes: nonstate, terrorist, and clandestine
• A motive, which may be ideological, social, economic, or political
• An intent to induce or coerce some action, effect change, further objectives, or cause
interference
• The means to commit the act, which includes using a computer and network to access
cyberspace and cross borders to commit acts of cyber warfare or crimes, including
cyberattacks and threats of attacks
• An effect, most commonly violence, service disruptions, physical damages, psychosocial
impacts, economic damages, or data breaches
• A target, most commonly civilians, information and communication technology (ICT), data
sources, government agencies, nongovernment organizations, or physical infrastructure
These are some of the most damaging cyber terrorism attacks and attempts in recent years.
• Information technology firm SolarWinds open_in_new was the victim of a cyberattack that went
undetected for several months, as Business Insider reports. Hackers widely believed to be
operating in Russia were able to spy on private companies, including security firm FireEye,
and many government agencies. In April 2021, the U.S. government implemented
sanctions on Russia open_in_new as a result of the attack.
• Insurance firm CNA Financial open_in_new reportedly paid hackers $40 million in March 2021 after
being the victim of a ransomware attack that locked the company’s computer networks
and stole data, as reported in Bloomberg. The attack did not breach the majority of
policyholder data, according to the company.
• IT services firm Kaseya open_in_new announced in July 2021 that it had been the victim of a
cyberattack by the REvil ransomware, as explained on ZDNet. The attack breached the
company’s supply chain software, resulting in ransomware attacking between 800 and
1,500 of the small managed service healthcare providers that are among Kaseya’s
customers.
• Mobile service provider T-Mobile open_in_new announced in August 2021 that it was the victim of a
cyberattack that compromised the personal information of 13 million customers and an
additional 40 million people who had applied for an account with the company,
as Fortune reports. The attack marks the fourth time in as many years that T-Mobile has
had its customer data hacked: twice in 2020 and once in 2018, when the data of about 2.5
million customers was exposed.
Back To Top
Four of the FBI’s 10 newest most wanted cybercriminals reside in China, three are from South Asian
countries, and three others are from European countries. 1. Bjorn Daniel Sundin, Sweden (ties to
Ukraine). 2. Shaileshkumar P. Jain, India (naturalized U.S. citizen). 3. Alexsey Belan, Latvia (Russian
citizen). 4. Nicolae Popescu, Romania. 5. Farhan Ul Arshad, Pakistan. 6. Noor Aziz Uddin, Pakistan.
7. Sun Kailiang, China. 8. Huang Zhenyu, China. 9. Wen Xinyu, China. 10. Wang Dong, China.
Back To Top
In addition to ICT and physical infrastructure, cyber terrorism attacks target managed service
providers and popular business software such as Microsoft Office. The goal of the attacks is to
steal information or sabotage the systems they infect. IBM lists the most common targets of
cyberattacks open_in_new:
Security vendor Checkpoint Software identifies four trends in cyberattacks open_in_new in its midyear 2021
report:
• An increase in attacks on supply chain software: The two most common forms of attack are
those designed for well-defined targets looking for holes in their list of suppliers, and
those that leverage holes in large distribution networks to use software supply chains to
target as many victims as possible.
• Phishing email attacks become more evasive: Social engineering techniques continue to
gain in sophistication, finding new ways to bypass email security. The attackers frequently
use blackmail to extort money from victims, or they may elude detection by impersonating
someone the victim knows.
• More attacks on data stored in the public cloud: As more organizations and individuals
take advantage of the low cost and security of public cloud services, cyber terrorists and
cybercriminals target these systems in their attacks. A primary source of cloud data
breaches is misconfigured cloud environments.
• Attacks on mobile devices: Malware designed to attack computer networks and computer
users are being adapted to strike people who use mobile devices. Checkpoint Software
notes a 50% increase in the penetration of banking malware in mobile networks between
2018 and 2019. The malware has been found in mobile apps, where it can steal payment
data, credentials, and the victim’s funds.
Back To Top
Terrorists soon took advantage of malicious software such as worms to promote their political,
social, and economic ends. These are among the earliest events in the history of cyber terrorism:
• In March 1999, the Melissa virus open_in_new “began spreading like wildfire” across the internet,
according to the FBI. Melissa targeted Microsoft’s Word word processing software and
Outlook email software to automatically send messages to the first 50 people in the
victim’s contact list. The virus was created by David Lee Smith and was intended not for
financial gain but to cause havoc. Melissa damaged email servers at hundreds of
corporations worldwide, temporarily knocking out access to about 1 million email
accounts.
• In May 2007, government agencies and private businesses in Estonia open_in_new were the target of
massive, weeks-long cyberattacks after the government removed some Russian World War
II memorabilia from the city of Tallinn. The distributed denial-of-service (DDOS) attacks
caused Estonia’s largest bank to shut down, resulting in about $1 million in damage.
Analysts suspect that the Russian Federation supported the attacks, although Russia
denies the charge.
• In August 2013, a hacker group called the Syrian Electronic Army open_in_new took over the
websites of the New York Times, Huffington Post, and Twitter by breaching the network of
MelbourneIT, an Australian internet service provider that manages corporate domain
names. The group had previously targeted the websites of the Washington Post, CNN,
and Time. The motivation for the attack was reprisal for criticism of Syrian president Bashar
al-Assad.
• In May 2017, the WannaCry ransomware open_in_new attack struck Microsoft Windows systems,
demanding $300 in Bitcoin (later increased to $600) from victims to regain access to their
computer files. Months before the attack, Microsoft had issued a patch for the vulnerability
exploited by WannaCry, but many users had not updated their system to protect against
the attack. A fault in the code of the virus prevented victims from recovering their files
even if they paid the ransom.
• On February 5, 2021, hackers used a hole in an old version of Windows to break into the
network of a Florida water treatment plant open_in_new and boost the levels of sodium hydroxide
(lye) to lethal levels. The attack was thwarted before any damage could be done by an
operator who noticed the change and corrected the levels. However, the attack highlights
the vulnerability of water systems and other vital infrastructure in the U.S.
• The FBI now considers ransomware as grave a danger to U.S. interests as terrorism open_in_new in
the aftermath of the attacks of Sept. 11, 2001, as the New York Times reports. The agency
is currently analyzing 100 different software variants used in ransomware attacks by
criminal gangs and by groups operating within China and Russia. Analysts expect more
damaging attacks to target critical infrastructure in the U.S.
• In October 2021, the U.S. National Security Agency (NSA) warned businesses against
using wildcard Transport Layer Security (TLS) digital encryption certificates to guard
against a new type of malware called ALPACA (Application Layer Protocols Allowing
Cross-Protocol Attack). ALPACA infiltrates hardened web applications via non-HTTP
services that use a certificate identical to or similar to a TLS certificate. The technique tricks
web servers into responding to encrypted HTTP requests using unencrypted protocols.
Back To Top
According to Trend Micro, attacks on business email systems increased by 4% in the first quarter
of 2021, and 164 malicious apps related to COVID-19 scams were detected in the period.
These are the most common examples of cyber terrorism currently used by cybercriminals.
Among the methods used by hacktivist groups open_in_new are web defacement (sometimes referred to as
internet graffiti), denial-of-service (DOS) attacks designed to inundate web servers with traffic, and
doxxing — exposing the personal information of police officers and others targeted by the
attackers for political or social reasons. While many hacktivists attempt to minimize actual damage
when calling attention to their cause, others have attempted to incite violence and encourage
real-world protests against their targets.
Cyber warfare and cyber terrorism are linked through their common goals: to destabilize enemy
states or compromise their physical and/or digital infrastructure. Examples of cyber warfare
include the 2010 Stuxnet worm open_in_new that disabled Iran’s nuclear infrastructure (believed to have
been developed by the U.S. with Israeli support), the 2015 breach of the U.S. Office of Personnel
Management by China, and Russia’s interference in the 2016 U.S. presidential election.
Back To Top
A Statista survey of IT security professionals worldwide indicates a sharp increase in cyberattacks
since the start of the COVID-19 pandemic. These are the cyberattack attempts with the greatest
increase in prevalence between the first quarter of 2020 and July 2021. Data exfiltration, leakage:
55% increase. Phishing emails: 51% increase. Account takeover: 44% increase. Malware
downloads: 36% increase. Ransomware: 35% increase. Application-targeted attacks: 20% increase.
Back To Top
Malware
Malware open_in_new is malicious software that gains unauthorized access to computers and networks, and
damages or disrupts them with the goal of causing harm to the victim and/or financial gain for the
attacker. Among the common delivery mechanisms for malware are phishing emails, email
attachments, malicious ads, bogus software installation programs, and infected USB drives and
applications.
Types of malware include ransomware, viruses that perform some malicious action when opened,
worms that copy themselves on the host machine and from machine to machine, and spyware that
tracks the victim’s actions, records communications, and downloads personal files.
Phishing
Phishing is an attack disguised as an email to trick the recipient into launching malware that
collects personal information or does other damage. This is the most common method for cyber
terrorists and other criminals to infect the machines and networks of their victims.
CRN reports that the FBI’s Internet Crime Complaint Center (ICCC) recorded twice as many
phishing incidents open_in_new in 2020 as in the previous year. A recent trend in cybercrime is for attackers
to focus on creating the ransomware payload and outsourcing the phishing component to a third
party, which is called an “initial access broker.”
Ransomware
Ransomware is malicious software that locks victims out of their computer files and blocks other
resources, releasing them only after the victims pay a ransom, typically in the form of a
cryptocurrency such as Bitcoin. Ransomware is usually delivered via a phishing attack or more
sophisticated spear phishing attempt, which uses social engineering to trick the victim into
opening the file and launching the attack.
The security vendor BlackFog identifies the most frequent targets of ransomware attacks: open_in_new
• Ireland’s Health Service Executive refused to pay the attackers’ $20 million ransom
demand. The attack disrupted healthcare services in the country for several weeks.
• German chemical distributor Brenntag paid a $4.4 million ransom demand open_in_new to the
criminal gang DarkSide. The attackers encrypted devices on the company’s network and
stole unencrypted files.
Man-in-the-middle attacks
A man-in-the-middle attack open_in_new is similar to spyware in that the attacker lurks on the victim’s
network or computer, tracking and recording all the information that the person accesses or
transmits. The software captures personal identification numbers, passwords and user IDs, and
financial information. Attackers frequently change the victim’s IDs and passwords to lock the
victim out of their information and devices.
Data breaches
A data breach open_in_new occurs when an attacker gains unauthorized access to a person’s or
organization’s information. Most data breaches target personal information and data of value,
such as financial transactions, customer databases, user credentials, and email addresses.
The Identity Theft Resource Center open_in_new reports that through the third quarter of 2021, the number
of publicly reported data events for the year reached 1,291, which surpasses the 1,108 data
events recorded in all of 2020.
Back To Top
The World Economic Forum identifies the five greatest cybersecurity challenges open_in_new facing
organizations, governments, and people as cyberattacks increase in number and sophistication:
For the 11th year in a row, healthcare is the industry recording the highest average cost of a data
breach in 2020-21, followed by the financial, pharmaceutical, and technology industries. Here’s
how the average cost of a data breach to businesses breaks down by category, according to IBM.
Average total cost of a data breach: $4.24 million. Average lost business costs: $1.59 million (38%
of total). Detection and escalation costs: $1.24 million (29%). Post-breach response costs: $1.14
million (27%). Notification costs: $270,000 (6%).
Back To Top
• The average cost to an organization of a single breached data file open_in_new was $161 between
May 2020 and March 2021 (up from $146 in the previous annual timeframe), according to
IBM’s Cost of a Data Breach Report 2021.
• The average total cost of a data breach to an organization in the U.S. was $9.05 million
between May 2020 and March 2021; the global average cost per organization was $4.24
million.
• These are the most common types of data compromised in a breach, according to IBM:
Back To Top
• Minimize data transfers: Avoid replicating data on too many systems, especially mobile
devices. Doing so limits the potential damage should an individual system or device
become compromised.
• Verify download sources: Restrict the sites you download software and files from, and scan
files for viruses before downloading (most browsers and other software perform a virus
scan automatically, but the programs aren’t foolproof).
• Keep software and systems patched and updated: The one action that will prevent the
greatest number of potential malware threats is ensuring that software is set to update
automatically. When prompted that an update is available for operating systems or other
critical software, download and install the update as soon as possible.
• Use end-to-end encryption and two-factor authentication: Set browsers and other software
to encrypt all communications automatically. Using a virtual private network (VPN) service
adds a level of protection for extremely sensitive data transfers. Two-factor authentication
requires that a cyberattacker gain access to two of your devices, such as your computer
and smartphone, for a successful attack.
The steps that organizations need to take to prevent cyberattacks focus on two areas:
• Choose effective data breach monitoring tools: Enterprises use an average of 29 separate
security monitoring tools open_in_new, according to a report from Trend Micro, yet many are unused
or underused because they can’t be integrated, companies lack employees with the
expertise to use them, they’re out of date, or the firms simply don’t trust them.
• Devise an attack response plan: The plan is intended to ensure that the organization can
continue to function in the aftermath of an attack. The plan can also reduce system
downtime by delegating responsibilities clearly to avoid gaps and delays in plan
implementation.
Back To Top
Back To Top
Infographic Sources
Statista, “Where Do IT Professionals See an Increase in Cyber Attacks and Attack Attempts
Following the COVID-19 Pandemic?” open_in_new
Be Brave
Bring us your ambition and we’ll guide you along a personalized path to a quality education that’s
designed to change your life.
Step 1 of 4
— Select —
Next Step
Home / Blog
Areas of Study
Student Login open_in_new
Business
Consumer Information open_in_new
Communication
Computer Science
Cybersecurity
Education
Healthcare
Human Services
Liberal Arts
Science & Mathematics
Social Sciences