Cyber terrorism; Don’t be target of choice, opportunity

  • Published
  • By Staff Sgt. Chad Thompson
  • 90th Missile Wing Public Affairs
F.E. WARREN AIR FORCE BASE, Wyo. --  Terrorism has been a word muttered from everyone's lips for the past few years, but there is a new form of terrorism on the rise -- cyber terrorism. 

Maj. David Stone, 90th Communications Squadron commander, said cyber terrorism "would be an activity that targets or uses the components of cyberspace -- the electromagnetic spectrum, networks and electronic systems -- in premeditated and politically motivated violent attacks against innocent people. 

"There are different motivations [in cyber terrorism]. If terrorism is an activity that is going to use violence for political ends, a lot of what we see in cyber misconduct is more criminal activity, such as extortion, especially in attempts to get money... rather than seeking some political purpose," he explained. 

The motivation may be different, but with cyber terrorism they don't need to buy a plane ticket to instill fear. 

"There are no indicators with cyber terrorism," said Tech. Sgt. Nicholas Cichon, 90th Missile Wing Information Assurance NCO in charge. "In the field you would see increased real-world activity if there was a terrorist threat, but with cyber terrorism there is a global reach, and they don't need to buy plane tickets to cause chaos." 

But how real is the threat of cyber terrorism? 

"Take it seriously and recognize, as Airmen, our own dependence on cyberspace and the vulnerabilities that exist there," Major Stone said. Airmen need to continue to look at threats in terms of protecting themselves from crime, and they must be aware of the malicious threats by taking care of devices they use in cyberspace in order to protect Air Force computer systems. 

Major Stone said most targets of cyber terrorism fall into two classes: targets of choice or targets of opportunity. 

"By and large our Airman fall into targets of opportunity," he said. "They become targets because they make themselves available to whomever is doing the targeting. 

"When we don't update anti-virus software or keep an updated firewall at home on our personal computer, we make ourselves a target of opportunity," Major Stone explained. 
"If we recognize that we have something to lose and we listen to so much of the advice that is out there on how to be safe on the Internet, then we can keep ourselves from being targets of opportunity." 

Avoiding being a target is difficult because cyber terrorists are clever and they feed on people's generosity during times of crisis. 

"Every time there is a natural disaster or some kind of emergency or catastrophe you can expect to see legitimate communication in cyberspace soliciting help, and right behind it you will see criminal elements looking to capitalize on the opportunity with illegitimate organizations trying to make money," Major Stone said. "People are more likely to fall victim to [terrorism] in cyberspace just because it is an easier medium to reach a lot of people, and it is more difficult to tell the difference between legitimate and illegitimate foundations." 

Cyberspace presents a good opportunity for that. 

"[A cyber criminal] can contact one million people in a heartbeat, and if only 10 percent of the people take the bait then they have 100,000 people they scored a hit with," Major Stone said. For the cyber terrorists who aren't after an Airman's wallet but instead are trying to advance political aims, they are mostly seen planning and coordinating their next event, or they are using the Internet to reinvigorate their cause. 

Best practice and common sense will deny the criminal threat but there may be exceptions, Major Stone said. 

"For the most part, best practice and common sense is the best defense for a cyber threat, but for the cyber terrorist who is going to try and affect our critical infrastructure and who is going to try and create violence through cyberspace its going to take more," he explained. "Its going to take best practice, common sense, a significant investment in defenses and manned operations devoted to countering that threat." 

Common sense is important when combating a cyber threat, but the communication squadron worries about the insider threat the most. 

"We build our computer network defenses based around this notion there is a perimeter that can be defended ... and it is tied to Army methods of securing a two-dimensional space on a battlefield but unfortunately our networks don't exist in a two-dimensional space," Major Stone said. "What we find is that the enemy is already inside, and if the enemy is inside then the perimeter defenses are meaningless. So we are seeking a new way of defense where it's not about keeping them out, but what are we going to do now that they are in." 

The Air Force has some of the best protection software available, from anti-virus software, to firewall protection, to intrusion detection software. Despite all that technology, the computer operator is going to be the most important piece in preventing a compromise, Major Stone said. 

"We depend on our Airmen who are receiving or processing applications to recognize fraud and forgery, and we depend on our Airmen who own a piece of data out in the world to protect it and to defend their piece of the global information grid, even if their piece is only the computer that is sitting in front of them," he said. "When funny things happen on the computer, we can't just dismiss it as funny things anymore. We have to question it, and not only do we have to question those odd things, we have to comply with the direction that is in place." 

Questioning unexplainable activity on a government computer is not where vigilance ends, everyone needs to treat each computer as if it was a weapon system. 

"For the vast majority of the people that work at Warren, they look at a computer as a tool to get their job done, just like a carpenter would look at a hammer," Sergeant Cichon said. "And they don't fully understand that these computers are weapon systems that can be used by a cyber terrorist, or something an Airman did on a computer inadvertently could cause a mission failure. It hasn't gotten to that point yet, but someday we could see a mission failure at Warren through cyberspace." 

"Our Airmen need to not wait for technology to solve minor problems, because it never will," Major Stone said. "As soon as we implement a technology solution the terrorist or criminal element will find a way to subvert it, guaranteed, and it will take us, as an Air Force, much longer to implement the technology fix than it will for the terrorist to implement the next technology subversion. 

"While we wait for the technology to come we can all be 'cyber-riflemen,' and we can all protect our piece of the GIG," Major Stone said. 

(Editor's note: This is the final story in a series of articles highlighting Air Force computer security.) 


Steps in preventing malicious logic: 

--Do not visit or download software programs from unauthorized or unnecessary Web sites.
--Scan all removable media -- thumb drives, flash drives, CDs -- before opening any executable files.
--If working at home, be sure the computer has an anti-virus program and the virus definition files are current.
--If anti-virus software is popping up at work saying virus signatures are out of date, contact a client support administrator (CSA).
--Never open a file if the sender can't be verified, and don't double click any e-mail attachments that have an executable file. 


Steps for correcting corrupted computers: 

--Immediately disconnect the computer from the network to avoid spreading a threat to the entire network.
--Contact an immediate supervisor, CSA, information systems security officer (ISSO) or the information assurance office at 773-5139.
--Write down any error messages that the computer might display.
--The computer should never be shut down or logged off, because there are many boot sector viruses trigger on reboot.
Common phrases to look for in a phishing e-mail scam:
--Verify your account
--You have won the lottery
--If you don't respond within 48 hours, your account will be closed
--Thank you for serving, click here for your free trip
--Click the link below to gain access to your account
--If someone suspects a phishing scam or social engineering forward the e-mail to 90cs.netsec@warren.af.mil or contact the information assurance office.