The National Academies Press

Currently Skimming:

5 Cyberterrorism and Security Measures
Pages 43-54

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 43... ... These include major forms of transportation, banking and finance, energy distribution, emergency preparedness and response, and public health. Digital control and supervisory control and data acquisition systems (DC/SCADA) Read the entire page →
From page 44... ... Possible attacks under category 3 would include compromising transportation or other supervisory control systems to cause disasters resulting in extensive consternation and costing many lives (for example, air traffic control, routing shipping containers, and process control for toxic chemical production) Read the entire page →
From page 45... ... We start to answer this question by distinguishing between two forms of defense: passive and active defense.23 Passive defense is essentially target hardening. It largely consists of the use of various technologies and products (for example, firewalls, cryptography, intrusion detection) Read the entire page →
From page 46... ... For each of these stages, I will illustrate several basic approaches. A much more detailed and comprehensive breakdown is given in Protecting Critical Infrastructures Against Cyber-Attack.25 That source has a number of extensive tables organized by strategic objective (for example, mitigating cyber attacks) Read the entire page →
From page 47... ... Red teams, test beds, or simulations may be used to do this. Another approach, at least to the often-serious threat of possible insider attacks, is to more thoroughly screen employees with potentially sensitive access. Read the entire page →
From page 48... ... In this instance, the goals are to limit penetration and damage, protect surviving assets, and protect and gather information to help with recovery and response after the attack. Approaches include creating internal physical barriers and cyberbarriers through compartmentalization and need-to-know access controls, intrusion tolerance schemes, setting up decoys, maintaining protected redundancies, and hiding assets. Read the entire page →
From page 49... ... More insidious attacks that build up slowly and surreptitiously present a much more difficult problem in identifying a state where the information is uncorrupted and the system is free from inserted malicious code. It is also important to have strong audit functions to identify after the fact when an attack started and to collect information that might assist in the identification and apprehension of the attacker and help the organization better defend itself against similar attacks in the future. Read the entire page →
From page 50... ... Presumably by this stage we know that we have been severely attacked by terrorists. A brief assessment of our overall capabilities to deal with terrorists using cyberspace would conclude that for most potential targets, we are technologically and procedurally weak in every aspect the three stages of cyber defense against skilled, patient, and determined attackers who are not likely to be easily deterred. Read the entire page →
From page 51... ... Briefing for the National Security Telecommunications Advisory Committee, December 16, 2003. Several Defense Advanced Research Projects Agency offices have extensive research and development agendas related to cybersecurity. Read the entire page →
From page 52... ... government or in the mostly privately owned and operated national information infrastructure. If an effective Indian national cyberprotection strategy exists, I am not aware of it. Read the entire page →
From page 53... ... Seeking widely adopted national laws criminalizing activities under at least categories 2 and 3 is an important objective. Having such laws on the books may also legitimatize the subject of serious cyberattacks in ways that help achieve progress under the second and third recommendations as well. Read the entire page →
From page 54... ... For example, spam and pornography plague tens of millions of users on a continuous basis, and computer accidents have turned off the lights in large geographic regions. As with other domains, terrorism is one very serious but relatively low probability threat on a spectrum of other hazards. Read the entire page →

From page 43...

... These include major forms of transportation, banking and finance, energy distribution, emergency preparedness and response, and public health. Digital control and supervisory control and data acquisition systems (DC/SCADA)

Read the entire page →

From page 44...

... Possible attacks under category 3 would include compromising transportation or other supervisory control systems to cause disasters resulting in extensive consternation and costing many lives (for example, air traffic control, routing shipping containers, and process control for toxic chemical production)

Read the entire page →

From page 45...

... We start to answer this question by distinguishing between two forms of defense: passive and active defense.23 Passive defense is essentially target hardening. It largely consists of the use of various technologies and products (for example, firewalls, cryptography, intrusion detection)

Read the entire page →

From page 46...

... For each of these stages, I will illustrate several basic approaches. A much more detailed and comprehensive breakdown is given in Protecting Critical Infrastructures Against Cyber-Attack.25 That source has a number of extensive tables organized by strategic objective (for example, mitigating cyber attacks)

Read the entire page →

From page 47...

... Red teams, test beds, or simulations may be used to do this. Another approach, at least to the often-serious threat of possible insider attacks, is to more thoroughly screen employees with potentially sensitive access.

Read the entire page →

From page 48...

... In this instance, the goals are to limit penetration and damage, protect surviving assets, and protect and gather information to help with recovery and response after the attack. Approaches include creating internal physical barriers and cyberbarriers through compartmentalization and need-to-know access controls, intrusion tolerance schemes, setting up decoys, maintaining protected redundancies, and hiding assets.

Read the entire page →

From page 49...

... More insidious attacks that build up slowly and surreptitiously present a much more difficult problem in identifying a state where the information is uncorrupted and the system is free from inserted malicious code. It is also important to have strong audit functions to identify after the fact when an attack started and to collect information that might assist in the identification and apprehension of the attacker and help the organization better defend itself against similar attacks in the future.

Read the entire page →

From page 50...

... Presumably by this stage we know that we have been severely attacked by terrorists. A brief assessment of our overall capabilities to deal with terrorists using cyberspace would conclude that for most potential targets, we are technologically and procedurally weak in every aspect the three stages of cyber defense against skilled, patient, and determined attackers who are not likely to be easily deterred.

Read the entire page →

From page 51...

... Briefing for the National Security Telecommunications Advisory Committee, December 16, 2003. Several Defense Advanced Research Projects Agency offices have extensive research and development agendas related to cybersecurity.

Read the entire page →

From page 52...

... government or in the mostly privately owned and operated national information infrastructure. If an effective Indian national cyberprotection strategy exists, I am not aware of it.

Read the entire page →

From page 53...

... Seeking widely adopted national laws criminalizing activities under at least categories 2 and 3 is an important objective. Having such laws on the books may also legitimatize the subject of serious cyberattacks in ways that help achieve progress under the second and third recommendations as well.

Read the entire page →

From page 54...

... For example, spam and pornography plague tens of millions of users on a continuous basis, and computer accidents have turned off the lights in large geographic regions. As with other domains, terrorism is one very serious but relatively low probability threat on a spectrum of other hazards.

Read the entire page →

← Previous Chapter Skim

Next Chapter Skim →

This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More information on Chapter Skim is available.

5 Cyberterrorism and Security Measures Pages 43-54

5 Cyberterrorism and Security Measures
Pages 43-54