As Robert said, this article sounds as if an expert in traditional (CBRN) terrorism is now trying to sound up-to-date by inserting the word "cyber" and appending a sentence or two at the end of a paragraph (e.g. in the Funding section). The two types of attack should not be lumped together so blithely, as they are distinct sets with a limited overlap.
The author analyzes the standard types of terrorist organizations, and then tries to apply this model to the "cracker" mentality. This may work in a few cases, but most cyber-attacks do not fit the traditional terrorist mold. A much better format would be to discuss the "cracker" mentality separately, and then compare this to the more conventional terrorist. The differences are not just economic; the author seems to completely miss the concept that many damaging attacks are not carried out by people with an agenda.
The article should add or expand upon the following concepts:
Hacker / cracker psychology. This is often very different from terrorist psychology. Many crackers do not have a political agenda; they are simply thrill-seekers who want to watch other people react, or snoopers who are curious to see if something is possible or not. An excellent article here is Homesteading the Noosphere by Eric S. Raymond.
Organization. Although the author acknowledges the existence of ad-hoc loosely structured organizations, he seems to believe that all terrorists must belong to an organization to have an effect. This is simply untrue when dealing with cyber-terrorism, where a lone hacker can have a devasting impact. The author of the Melissa virus, for example, caused an enormous amount of disruption all by himself.
Motivation. Crackers, as discussed above, have a very different psychology than most terrorists. As a result, cracker motivation cannot be lumped in the same discussion as terrorist motivation. Economic motivation is barely mentioned here, but it will increase significantly as e-commerce becomes more mainstream.
Cyber terrorism targets. This needs to be analyzed in conjunction with cracker psychology, because a "good" target to a religious group would not necessarily interest a cracker. Many cyber attacks, such as viruses, do not have a specific target at all.
IT asset types. The author needs to distinguish between information assets and physical / IT infrastructure assets, and discuss which are more likely targets. Most security-aware organizations do not put highly sensitive (military, corporate, etc.) data on servers that are accessible to the Internet, and design their WWW servers to be "disposable" (easily reinstalled from CD or tape). These organizations also typically keep their servers in restricted-access areas.
IT asset backups. Most organizations with sensitive data keep off-site backups. Write-once CDs are becoming very popular because they are inexpensive, compact, and convenient to restore from. To cause serious and lasting damage, a terrorist would need to destroy or corrupt not only the contents of the hard drives, but the backups as well. This is much more difficult if backups are stored off-site.
IT infrastructure weaknesses. In many cases, IT infrastructure still has a single point of failure, such as a trunk line that can be taken out by a backhoe. Conventional CBRN attacks are not nearly this easy.
This article needs major reworking to make the IT-related content useful and relevant. As it stands, it is misleading and out-of-date. ================================== neophase
Slashdot Mirror
The author analyzes the standard types of terrorist organizations, and then tries to apply this model to the "cracker" mentality. This may work in a few cases, but most cyber-attacks do not fit the traditional terrorist mold. A much better format would be to discuss the "cracker" mentality separately, and then compare this to the more conventional terrorist. The differences are not just economic; the author seems to completely miss the concept that many damaging attacks are not carried out by people with an agenda.
The article should add or expand upon the following concepts:
- Hacker / cracker psychology. This is often very different from terrorist psychology. Many crackers do not have a political agenda; they are simply thrill-seekers who want to watch other people react, or snoopers who are curious to see if something is possible or not. An excellent article here is Homesteading the Noosphere by Eric S. Raymond.
- Organization. Although the author acknowledges the existence of ad-hoc loosely structured organizations, he seems to believe that all terrorists must belong to an organization to have an effect. This is simply untrue when dealing with cyber-terrorism, where a lone hacker can have a devasting impact. The author of the Melissa virus, for example, caused an enormous amount of disruption all by himself.
- Motivation. Crackers, as discussed above, have a very different psychology than most terrorists. As a result, cracker motivation cannot be lumped in the same discussion as terrorist motivation. Economic motivation is barely mentioned here, but it will increase significantly as e-commerce becomes more mainstream.
- Cyber terrorism targets. This needs to be analyzed in conjunction with cracker psychology, because a "good" target to a religious group would not necessarily interest a cracker. Many cyber attacks, such as viruses, do not have a specific target at all.
- IT asset types. The author needs to distinguish between information assets and physical / IT infrastructure assets, and discuss which are more likely targets. Most security-aware organizations do not put highly sensitive (military, corporate, etc.) data on servers that are accessible to the Internet, and design their WWW servers to be "disposable" (easily reinstalled from CD or tape). These organizations also typically keep their servers in restricted-access areas.
- IT asset backups. Most organizations with sensitive data keep off-site backups. Write-once CDs are becoming very popular because they are inexpensive, compact, and convenient to restore from. To cause serious and lasting damage, a terrorist would need to destroy or corrupt not only the contents of the hard drives, but the backups as well. This is much more difficult if backups are stored off-site.
- IT infrastructure weaknesses. In many cases, IT infrastructure still has a single point of failure, such as a trunk line that can be taken out by a backhoe. Conventional CBRN attacks are not nearly this easy.
This article needs major reworking to make the IT-related content useful and relevant. As it stands, it is misleading and out-of-date.==================================