Cy­ber Se­cu­rity


In March 2017, the In­dian anti-ter­ror­ist force (ATF) raided a house in Lucknow and killed Sai­ful­lah, head of an Is­lamic State of Iraq and Syria (ISIS) sleeper cell. Sur­pris­ingly, the ter­ror­ist had never ven­tured out of the coun­try but was rad­i­calised through the In­ter­net. Bangladeshi au­thor­i­ties were as­ton­ished to find that the ter­ror­ists in­volved in the Ho­ley Ar­ti­san Bak­ery at­tack in Dhaka were not rad­i­calised in madrasas but were In­ter­net savvy and ed­u­cated in top schools of the na­tion.

Three sis­ters aged 15, 16 and 17 went miss­ing from their home in Den­ver, Colorado, United States. On in­ves­ti­ga­tion the po­lice dis­cov­ered that they had re­ceived step by step in­struc­tions through the In­ter­net on how to pro­vide di­rect sup­port to ISIS. For­tu­nately the three were ap­pre­hended in Ger­many while they were board­ing a flight to Syria.

The In­ter­na­tional Law Com­mis­sion of the United Na­tions de­fines ‘Ter­ror­ism’ as the use of in­ten­tion­ally indis­crim­i­nate vi­o­lence as a means to cre­ate ter­ror or fear, in or­der to achieve a po­lit­i­cal, re­li­gious or ide­o­log­i­cal aim.

While all these years it was felt that vi­o­lence can only be cre­ated through phys­i­cal means, the cy­ber at­tack which crip­pled the Natanz nu­clear fa­cil­ity in Iran shook the world out of its stu­por. And presently a grow­ing trend in the cy­ber do­main per­tains to the mis­use of the In­ter­net in pro­mot­ing this dark world of ter­ror­ism. At an av­er­age about 4,00,000 cy­ber at­tacks take place daily over the In­ter­net, which orig­i­nate from either cy­ber crim­i­nals, hack­tivists, ter­ror­ists or govern­ment agen­cies. While cy­ber crim­i­nals cater for al­most 98 per cent of these at­tacks, the is­sue of con­cern is the me­thod­i­cal man­ner in which ter­ror­ists are us­ing the In­ter­net for rad­i­cal­i­sa­tion, re­cruit­ment and in some ex­treme cases even ter­ror­ist ac­tiv­i­ties.

Re­cruit­ment and Rad­i­cal­i­sa­tion

The so­phis­ti­ca­tion with which on­line literature is be­ing cre­ated for rad­i­cal­i­sa­tion by ter­ror­ist or­gan­i­sa­tions clearly out­shines the counter pro­pa­ganda be­ing done by the govern­ment. Take a look at the ePubli­ca­tion called Dabiq which is pub­lished by the Is­lamic State. Dabiq is a town in north­ern Syria; there ex­ists a tra­di­tion that this will be the site of a fi­nal bat­tle be­tween the forces of Is­lam and the forces of ‘Rome’, which ISIS in­ter­prets to mean the forces of Chris­tian­ity and/or Amer­ica, where they will achieve fi­nal vic­tory. Dabiq is an on­line mag­a­zine used by the Is­lamic State of Iraq and the Le­vant (ISIL) for pro­pa­ganda and re­cruit­ment. It was first pub­lished in July 2014 in a num­ber of dif­fer­ent lan­guages in­clud­ing English. Dabiq it­self states that the mag­a­zine is for the pur­poses of uni­tar­i­an­ism, truth-seek­ing, mi­gra­tion, holy war and com­mu­nity.

The bat­tle of on­line pub­li­ca­tions is a bat­tle of ideas be­tween the rad­i­cals and the mod­er­ates, and how con­vinc­ingly their views are pre­sented. It also de­pends on the num­ber of pub­li­ca­tions be­ing put out on the In­ter­net. As of now, if Daesh puts out 10 videos, there is only one counter from the side of the govern­ment. Hence the chances of hit­ting a ter­ror­ism in­spir­ing video are to­day bet­ter, and one has to ac­knowl­edge that these ter­ror­ist or­gan­i­sa­tions have been able to mar­ket their literature bet­ter on the In­ter­net. In fact even the qual­ity of their pub­li­ca­tions is very im­pres­sive and it ap­pears that they are em­ploy­ing the ser­vices of highly cre­ative and pro­fes­sional cadres. This is also a silent and safe form of sup­port to the ter­ror­ist ide­ol­ogy. Imag­ine an old teacher who wishes to con­trib­ute to­wards such an or­gan­i­sa­tion — well what bet­ter than write in­sti­gat­ing literature be­ing pub­lished on­line by some­one else or help cre­ate a YouTube video in which the im­pact is made in the first few sec­onds. This is how un­sus­pect­ing, pli­able and fal­li­ble young per­sons are be­ing re­cruited around the world.

To pro­mote ter­ror­ism, Pak­istan has cre­ated about 17,000 fake so­cial me­dia web­sites in or­der to in­flu­ence youth in Kash­mir as well as other young minds. Some web ser­vice providers like Cloud­flare and Lime­stone are also be­ing used by Jaish-e-Mohammed (JeM) and Ja­maat-ud

Dawa ( JuD) as a means of pro­vid­ing train­ing work­shops and also for re­cruit­ing youth.


The tech­nique of Ran­somware is an­other cre­ation of the dev­il­ish minds lurk­ing in the dark and deep web. The method is sim­ple — first send a mal­ware to the tar­get which would en­crypt his important files or the en­tire desk­top or my data, etc. Then ask for the ran­som which is linked to a timer and down counter to ex­ert pres­sure on the tar­get that if he does not com­ply then his files will be deleted. The se­lec­tion of tar­get is also done care­fully to ex­tract the max­i­mum mileage, and one can vi­su­alise the pres­sure if the tar­get files are the re­search data of a sci­en­tist or the fi­nan­cial data com­piled over a num­ber of years. In cases re­lated to ter­ror­ism, the ter­ror­ist can now de­mand an ac­tion that may be di­rectly linked to an act of ter­ror­ism. For ex­am­ple, the ter­ror­ist may force the tar­get to dial a num­ber from his mo­bile which may trig­ger an ex­plo­sive de­vice. Or the ter­ror­ist could force some­one with se­cu­rity clear­ance to commit an act in­side a high se­cu­rity zone. In fact Ran­somware has taken a new twist now with the at­tacker de­mand­ing that the tar­get sends an e-mail with his mal­ware at­tach­ment to at least two other peo­ple. Now a good cy­ber hy­giene has told us not to open e-mails from un­known per­sons, but if a per­son is known to you then we will def­i­nitely open his e-mail and voila — now the at­tacker has dou­bled his tar­get numbers!

Vi­o­lent Acts

Var­i­ous sto­ries abound the In­ter­net on hard at­tacks due to soft­ware. This is­sue gained im­por­tance from the fa­mous Stuxnet at­tack which crip­pled the Ira­nian nu­clear fa­cil­ity. The Shamoon virus was stated as its counter at­tack. Since then there have been in­nu­mer­able cases of vi­o­lent acts through the In­ter­net plat­form. There are re­ports of at­tacks on the pace­mak­ers of per­sons, of­ten fa­tal. This sce­nario is bound to get grim­mer with the pos­si­bil­i­ties of planes, drones and driver­less cars be­ing e-jacked. And if one tries to vi­su­alise the 50 bil­lion de­vices be­ing con­nected in the In­ter­net of Things era by 2020, the con­se­quences are po­ten­tially dis­as­trous!


As in­ter­na­tional out­rage grows against ter­ror­ism re­lated sites, the ma­jor play­ers such as Google and Facebook have taken up a se­ri­ous cam­paign with the help of the public to stop the up­load­ing of ‘ob­jec­tion­able’ ma­te­rial on the In­ter­net.

The po­lice are also ac­tive in tack­ling on­line rad­i­cal­i­sa­tion and many ex­trem­ist web­sites are re­moved by agen­cies such as the Bri­tish Counter Ter­ror­ism In­ter­net Re­fer­ral Unit (CTIRU). The avail­abil­ity of this type of ma­te­rial on the In­ter­net is be­ing re­duced all the time and with large in­creases in re­fer­rals from the public, more and more sites will be taken down in the fu­ture. The In­ter­net pro­vides a dis­creet op­por­tu­nity for ex­trem­ists to tar­get young, vul­ner­a­ble in­di­vid­u­als within their own homes which means the work of such agen­cies is cru­cially important in the fight against ter­ror­ism. Dur­ing an av­er­age week, the CTIRU is re­mov­ing over 1,000 pieces of con­tent that breach ter­ror­ism leg­is­la­tion. Ap­prox­i­mately 800 of these are Syria and Iraq re­lated and have been posted on mul­ti­ple plat­forms. In the last 12 months, around 38,889 In­ter­net take­downs were un­der­taken by the CTIRU re­duc­ing ex­trem­ist ma­te­rial available on the In­ter­net. That is over 1,00,000 since the unit was set up in 2010. Much of this has been achieved by form­ing work­ing re­la­tion­ships with key so­cial me­dia out­lets.

While cy­ber crim­i­nals cater for al­most 98 per cent of these at­tacks, the is­sue of con­cern is the me­thod­i­cal man­ner in which ter­ror­ists are us­ing the In­ter­net for rad­i­cal­i­sa­tion, re­cruit­ment and in some ex­treme cases even ter­ror­ist ac­tiv­i­ties


On Fe­bru­ary 18, 2017, at the Mu­nich Se­cu­rity Con­fer­ence, Vice Pres­i­dent Mike Pence high­lighted the grow­ing im­por­tance of cy­ber se­cu­rity and ter­ror­ism. A few days ear­lier the Global RSA Cy­ber Se­cu­rity Con­fer­ence in the United States wit­nessed grow­ing con­cerns on the is­sue of cy­ber se­cu­rity, es­ti­mated to be­come a $3-tril­lion busi­ness by 2020. Sim­i­lar con­cerns were raised dur­ing The Raisina Di­a­logues held in In­dia dur­ing Jan­uary 2017. Stake­hold­ers are to­day de­mand­ing a Dig­i­tal United Na­tions which can is­sue laws and reg­u­la­tions to bring some method to the mad­ness sweep­ing the cy­ber world. The time to act was yes­ter­day, and as In­dia re­cently took the Paris Ini­tia­tive for so­lar en­ergy, can it take the lead in this cy­ber se­cu­rity ini­tia­tive also? For the safety of its own Dig­i­tal In­dia at least. The writer is former Com­man­dant of Mil­i­tary Col­lege of Telecom­mu­ni­ca­tion En­gi­neer­ing (MCTE)


Newspapers in English

Newspapers from India

© PressReader. All rights reserved.