The term cyber terrorism was coined by Barry C. Collin in the 1980s and he defined Cyber terrorism as any act of terrorism over the world networks, including deliberate attacks and disruptions of computer networks, by using computer viruses, or attacks using malware, to affect individuals or government. The world has recently seen a shift in terrorism from the traditional world to the cyber world.
The national security of states is in jeopardy due to the adoption of advanced skills by the terrorists, wherein they tend to target and damage the critical infrastructure of the states. Cyber terrorism is likely to turn out an immediate threat to the country’s national security. This could be the use of the internet by terrorists to plan, recruit, and communicate with other terrorists inside and outside the territorial boundaries. While terrorists may not have the advanced skills to target critical, sensitive infrastructure, they are likely to use the vulnerability of the internet or its unmonitored facilities to communicate, recruit, and plan terrorist attacks.
In this era of globalization, the world is getting more interconnected, which will increase the chances of cyber warfare, and our dependency on the internet will create more hurdles in overcoming this perceived threat of cyber-terrorism. The Internet has made it easy for terrorists to recruit, plan, communicate with the perpetrators, and execute their plans without being physically present at the target place. The threat of cyber terrorism is one of the techniques used by terrorists nowadays. Cyber terrorists gain access to the computer networks to disrupt the sensitive infrastructure of a state which not only endangers the lives of the individuals but also national security itself.
Most of the critical infrastructure of the Western world is linked through computer networks thus the potential threat of cyber terrorism is for sure quite alarming. The increasing dependency of our societies on technology has made the states and individuals vulnerable, giving terrorists a chance to approach the targets which would otherwise not be quite easy. The hackers break into private and government computer systems to disable or disrupt the military, financial or economic advancements.
After the 9/11 attacks, President Bush created the Office of Cyberspace Security and appointed his former counterterrorism coordinator, Richard Clarke as the head. Keeping in view the techniques used by terrorists to disrupt the state’s activities; terrorists can sit at one computer connected to one network and can create worldwide havoc. They don’t necessarily require explosive devices to cripple a sector or shut down a power grid. According to the International Business Times ISIS is the new perceived cyber threat. “The electronic war has not yet started” was one message sent in a video released on May 11, 2015, from a hacker group that claimed to be affiliated with the Islamic State.
Undermining National Security of Pakistan
With the advent of the information age, the thinking of states and sub-state groups has been impacted. The government of Pakistan has been fighting against extremism and terrorism for many years and another front on which Pakistan is facing severe threats is cyber terrorism. It is no surprise that Pakistan has a cyberspace dilemma. The cyberspace in Pakistan is spreading at a rapid pace such as into the institutions of banking, military, education, and government sectors but Pakistan somehow lags behind in securing the critical infrastructure of the state. Pakistan fails to keep pace with technical parameters and has not developed any sophisticated security system to tackle cyber threats. The threats of such nature are becoming a menace to the national security of Pakistan because of the vulnerable person and government information.
McAfee, an internet security company, in its report of 2007 has stated that approximately 120 countries have been involved in developing ways to use the internet as a tool to target government computer systems and utilities. There are shreds of evidence that Indian hackers have often hacked and penetrated the websites of the Pakistan government. The cyber analysts in Norway have claimed in the report “Operation Hangover”, published by Norman Shark, that some hackers based in India had been involved in targeting Pakistan military and government networks to get access to the information of national security interest to India.
The government of Pakistan allocated very less budget i.e. 0.29% GDP for the field of science and technology for the year 2015-2016. The government of Pakistan does not consider this field as a priority, as a result of which it is facing economic turmoil for years. The Secretary of the Ministry of Science and Technology, Kamran Ali Qureshi, gave the statement that Japan spends 25% of the budget on science and technology, whereas Pakistan has allocated less than 1% of its budget for the respective field and suggested that more importance should be given to this field, in the economy. Whereas, the government has allocated 2427.947 million rupees for the next fiscal year 2017-2018.
On other hand India is spending more in this field, thus creating challenges for Pakistan on this front which is considered to be more complex than the traditional threats. Israel is also suspected of helping India in the field of technology against Pakistan. This factor is one of the security dilemmas of the State of Pakistan. Indian hackers are more skilled and advanced than the hackers based in Pakistan to break the safe boundaries of the cyber world. Pakistan has to take initiatives to secure its critical infrastructure and protection of the sovereignty of the state. To deter the threat, Pakistan needs effective cyber command.
Terrorist organizations operate anonymously throughout the globe and are well trained in the cyber field. No law can be enforced on them as they operate anonymously and remotely and are difficult to browse. The reasons behind hacktivism in Pakistan are political extremism, unemployment, poverty, ethnic affiliations, and in broader sense terrorism. These groups pose a serious threat to the national security of Pakistan. Pakistan’s virtual system is not quite effective to stop the illegal access of Pakistani websites.
Also, the website of the National Database and Registration Authority (NADRA) is vulnerable. The personal data of citizens is easily accessible. Several cyber experts and authors have recognized the underlying concerns regarding cyber terrorism and have presented different strategies and mechanisms to ward off the threat to strengthen the national security of a state.
O’Brien has described a set of initiatives under the standard security paradigm of Deterrence, Prevention, Detection, and Reaction. Although O’Brien gives some solutions to stop cyber-terrorism by keeping the operating systems and software updated, enforcement of strong password policies, and employment of high detection systems and firewalls, but still these preventive measures are incomplete in their scope and are not enough.
The more explicit form of dealing with cyber-terrorist activities include three stages of defense i.e. Prevention; to prevent a cyber-attack from being launched in the first place and to take pre-emptive measures, Incident management and mitigating an attack; to prepare and take defensive measures and limit the damage, Consequence management; this stage includes two primary sub-stages: recovery and response. Recovery is the passive form of defense whereas the response is concerned with the punishments imposed on the culprits and enabling the organization to defend itself in the future by taking new effective measures.
The security plan to avoid cyber-attacks can be outlined into nine points i.e. Education, Communication, Technology, Responsibility, Funding, Commitment, and cooperation. The plan recommends possible measures that governments, organizations,s, and individuals could use to avert the threat of cyber terrorism.
The development of new strategies and technologies is playing a vital role to ward off the threat of cyber terrorism but ironically these are also providing cyber terrorists more opportunities to exploit the critical infrastructures across the globe. The plans for dealing with cyber threats should not only consider the technical aspects but also need to incorporate the development of strategies, policies, and effective Act and its implementation. Several countries have given importance to national plans and policies to secure cyberspace.
Governments while taking countermeasures must be aware of that the terrorists can easily launch the attacks in a disguise. They operate covertly both in physical and cyberspace attacks. Thus, this makes cyberspace intelligence intensive. States are recommended to sign bilateral or multilateral agreements on cyber security issues and engage in constructive dialogues, as cyber terrorism is the growing concern of the whole international community. It is not confined to one state or organization.
The Prevention of Electronic Crimes Bill 2014 was presented before the National Assembly in 2014. The bill was presented by Ms. Anusha Rehman, Minister of State for Information Technology. This bill gained more importance because of the coverage of several crimes of their respective nature in it. This comprehensive law was the need of the hour. An amendment was made to the clause which states that the Federal Government may establish a law enforcement agency to inquire and investigate cyber offenses. Several more amendments were made to define some vague terms. The Act also focuses on the offense of cyber-terrorism. Moreover, the investigation is to be carried out with the court’s consent.
Pakistan has been fighting against terrorism since 2000 and now the threat of cyberterrorism is emerging which needs to be addressed. The government of Pakistan needs to allocate more budget for the field of science and technology. The government should assist in controlling the menace of cyber terrorism attacks by establishing and revising cyber laws. The conjunction of terrorism and technology is a complex issue that requires serious attention. It is nearly impossible to ignore the fact that cyber terrorism will take an extreme form in the coming future.
Note: Sania Khan is coauthor of this article, she has done her undergraduate degree in Strategic Studies from National Defense University, Islamabad.