Cyber Terrorism – A Clear and Present Danger

Cyber terrorism is a threat on everyone’s radar and is typically defined by:

• Intent – is the goal to damage an infrastructure, damage a brand or monetize assets?
• Nature of the attacker – can the attacker be identified as a nation-state actor?
• Outcome – was the attack successful or a disruption?

While attacks used to mean flooding a victim with packets, attacks have moved up the stack to Layer 7 and are more sophisticated. Further, a variety of readily available tools, such as Dirt Jumper, make it easy for cyber terrorists to launch DDoS attacks.

Many times the success of an attack depends on the maturity of the organization. From a maturity spectrum, the financial services industry can be considered to be more mature and the most ready to fend off an attack. Media and publishing, on the other hand, can be said to be in a Wild West state of maturity. Another group that is highly susceptible to attack is start-up companies that have just announced their Series-A funding.

Best practices and lessons learned include:

• Look to mature industries, such as financial services, for defense strategies.
• Share information and intelligence received from the federal government regarding attacks within industry groups.
• Work closely with internal government affairs teams and lobbyists to gain information on legislation being proposed and supported that may make you the target of an attack.
• Monitor public sources of information, such as Hackmageddon.com, to learn who has claimed responsibility for attacks and whether it was successful; as well as to get an idea of whether attacks against certain industries are trending upward.
• Establish a documented, formal process for readiness to deal with cyber threats and terrorism in general. It’s been proven over time that a formal, documented process improves the ability to respond and can help make the difference between the attack being successful or a mere disruption.