Re: [iwar] Why 'conventional' terrorist groups Not utilizing Cyber/

From: Fred Cohen (fc@all.net)
Date: 2001-08-25 09:00:25


Return-Path: <sentto-279987-1641-998755227-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Sat, 25 Aug 2001 09:01:10 -0700 (PDT)
Received: (qmail 1941 invoked by uid 510); 25 Aug 2001 16:00:34 -0000
Received: from n10.groups.yahoo.com (216.115.96.60) by 204.181.12.215 with SMTP; 25 Aug 2001 16:00:34 -0000
X-eGroups-Return: sentto-279987-1641-998755227-fc=all.net@returns.onelist.com
Received: from [10.1.4.52] by ej.egroups.com with NNFMP; 25 Aug 2001 16:00:27 -0000
X-Sender: fc@big.all.net
X-Apparently-To: iwar@yahoogroups.com
Received: (EGP: mail-7_3_2); 25 Aug 2001 16:00:26 -0000
Received: (qmail 58257 invoked from network); 25 Aug 2001 16:00:26 -0000
Received: from unknown (10.1.10.26) by m8.onelist.org with QMQP; 25 Aug 2001 16:00:26 -0000
Received: from unknown (HELO big.all.net) (65.0.156.78) by mta1 with SMTP; 25 Aug 2001 16:00:26 -0000
Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id JAA15691 for iwar@yahoogroups.com; Sat, 25 Aug 2001 09:00:25 -0700
Message-Id: <200108251600.JAA15691@big.all.net>
To: iwar@yahoogroups.com
In-Reply-To: <000401c12d82$9eccb9e0$eaf274c0@foo> from "MAGLAN 1" at Aug 25, 2001 09:52:16 AM
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Sat, 25 Aug 2001 09:00:25 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: Re: [iwar] Why 'conventional' terrorist groups Not utilizing Cyber/
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Per the message sent by MAGLAN 1:

> Why 'conventional' terrorist groups (main reference: Patterns of Global
> Terrorism" - US State Dept)., e.g. :  Kurdistan Worker's Party (PKK),
> Chilean Communist Party (FPMR),  Fronte di Liberazione Naziunale di a
> Corsica (FLNC), Osama Bin Ladin,  :
> 1. Not utilizing Cyber Terror / Computerized Terror against their opponents
> / targets?
> 2. Not 'integrated' 'conventional' terrorism with Cyber / Computerized
> Terror ?

> or may they are ?

> Thanks in advance for any answer.

Indeed a complex question - or at least I will provide a complex response.

I should begin by indicating that I studied this very question with a
group of others in some detail until our funding ended a year or so ago
(sponsor diddn't have any more budget and couldn't find anyone else with
budget to support it - strange world when cyber terrorism is all the
scare but nobody wil support real study of the issues...).

1) Groups: I should start by saying that, to me, there is no such thing
as a generic 'terrorist group'.  Just as each computer attacker is
unique and each nation state is unique, so is each organization labelled
by the US state department.  The answer is different for every group.

2) Cyber terrorism: What exactly are we talking about here? I will take
the view that we want to know what the identified groups do relative to
information technologies, systems, and infrastructures and ignore which
of these acts are 'acts of terrorism' as opposed to all other acts.

3) Capabilities and Intent: We might consider that groups may be able to
use or abuse information technology in different ways (i.e., have some
capabilities) but may choose to use or not use those capabilities in
different ways (i.e., have some intent).

Answer to the first question:

Many groups identified in the State Department's list of terrorist
organizations do use information technology in a wide variety of ways,
including 'against' their opponent.  These range from the use of IT to
coordinate their activities, to gain intelligence about their enemies,
to trigger explosive devices, to cause economic harm to their enemies,
for propaganda, to pressure individuals and other groups, to take from
their opponents, and for a wide variety of other things.  Different
groups use different IT solutions for different applications, depending
on their needs.  They build or buy capabilities which in this arena are
generally well within their available budget and they use them in a well
coordinated manner according to their intent.

Answer to the second question:

Integrating 'computer terror' with 'physical terror' has been tried but
has not proven highly successful in the sense that terror isn't greatly
heightenned by using computers rather than other media for conveying
messages.  The sound and smell of an explosion seems far more effective
than the defacement of a web site, and it gets more publicity over a
wider area.  They apply technology where it best suits them.  Why don't
they 'bring down the power grid' with IT or some such thing? Because it
is not within the scope of their capabilities and intent as of yet, or
because it's not as easy or cheap as a well placed hand grenade.  Those
that do attack infrastructure are highly successful with conventional
explosives.  Why go to the time, expense, etc.  of cyber attacks when
they already have the capability with less e3xpensive and easier to use
items?

A very brief summary - but still a bit long for the venue.

FC
--This communication is confidential to the parties it is intended to serve--
Fred Cohen		Fred Cohen & Associates.........tel/fax:925-454-0171
fc@all.net		The University of New Haven.....http://www.unhca.com/
http://all.net/		Sandia National Laboratories....tel:925-294-2087


------------------------ Yahoo! Groups Sponsor ---------------------~-->
The Nissan Sentra
Everything but compact
http://NissanDriven.com
http://us.click.yahoo.com/3vsIKC/txlCAA/ySSFAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:40 PDT