The session was part of the ICT's 16th World Summit on Counter-Terrorism: "Unpuzzling Terrorism". Cyber-terrorism is a growing concern and key battlefield in countering terrorism at the global arena. Terrorists use cyberspace in either an operational, defensive or offensive manner. Currently, terrorists possess little offensive capability, but this may change if terrorists consolidate further relevant expertise or collaborate with criminal elements. An area that is extremely vulnerable to offensive attacks is public and mass transit systems because they may be accessed through legacy connections to the network and are always susceptible to insider threats. As the global community moves forward, a key to success will be creating a common framework to deal with cyber terrorism and crimes, similar to counter human trafficking and fundraising approaches taken by the international community.
Welcoming Remarks: Mr. Steven Stern, Founder, The Steven E. Stern Workshop on Cyber- Terrorism, ICT, IDC Herzliya
Chair: Dr. Eitan Azani, Deputy Executive Director, ICT and Head of BA & MA Specializations in Counter-Terrorism, Lauder School of Government, Diplomacy & Strategy, IDC Herzliya, Israel
Mr. Eli Amar, Chief Technology Officer, Israel National CERT, National Security Authority, Israel
Mr. Oren Elimelech, Cyber Security Expert & Information Security Manager, Ministry of Transport and Road Safety, Israel
Adv. Deborah Housen-Couriel, Associate, ICT, IDC Herzliya & Fellow, Yuval Ne'eman Workshop for Science, Technology and Security, Tel Aviv University, Israel
Dr. Shavit Matias, Former Deputy Attorney General of International Affairs & Director of Programs on Diplomacy and Conflict Resolution, Lauder School of Government Diplomacy and Strategy, IDC Herzliya, Israel
Dr. Robert Tomes, Adjunct Professor of Security Studies at Georgetown University, USA
In his opening remarks, Mr. Stern argued that for every physical aspect of terrorism, for which physical policing is adequate, there is a counter-act in the cyber world. Mr. Stern stressed that one of the main challenges in the cyber world today is the perpetrators’ ability to remain anonymous. He added that the interconnection between terrorism and the cyber world is constantly changing and creating new challenges. Mr. Stern claimed that given these changes and challenges, the cyber-space is an integral part of counter-terrorism and must be analyzed and debated, as this workshop aimed to do.
According to Dr. Eitan Azani, terrorists’ use of the cyber space can be divided in to three different arenas: operational, defensive and offensive. The operational arena includes propaganda, recruitment, communication, fundraising, intelligence etc. The main trends identified during 2015-2016 in the operational arena include: global Jihad groups encouraging lone wolf attacks as well as providing them with virtual communities through social networks; real time broadcasting during terror attacks; recruitment via the Many to Many strategy and narrow casting messages. In the defensive arena, there is an increasing effort by terrorists to secure their use in the cyber space (organization level and individual level) via manuals that explain how to maintain anonymity and how to use self-encrypted programs (such as Telegram) as well as the "Darknet". In the offensive arena, terrorists remain with low + capabilities (defacement, DDOS, killing list etc.). Meaning, they do not have the capabilities to carry out large-scale cyber attack. However, the link with criminal actors (hackers for example) may provide terrorists with more advanced tools.
In addition, unification of cyber groups related to ISIS under one organization may also assist terrorists. In the second part of his presentation, Dr. Azani described ISIS’s channel of communication and propaganda dissemination strategy. He claims that terrorists growing use of cyber space is attributed to the emergence of the Islamic State and its innovated use of social media technologies (including quality of production).
According to Dr. Shavit Matias, there are national and international efforts (including state and non-state bodies such as business companies and academia) to dealing with cyber space threats. However, most of the efforts are only in terms of recommendations. Even the international convention on cybercrime is not strong enough to deal with issues of cyber-terrorism. Dr. Matias claims that in order to counter cyber-terrorism there is a growing need for a structured international cooperation mechanism. In this regard, we should look at the efforts made in other fields of combating terrorism or crime that can assist in countering cyber terrorism, such as human trafficking and countering terrorism fundraising.
Mr. Oren Elimelech presented the cyber threats to the transportation industry. He claimed that there are structured vulnerabilities within the industry. For example, there are critical systems that are meant to be disconnected but are connected to a network that could be the gateway for cyber-attacks. In addition, many systems require maintenance, such as media systems in airplanes that through these systems, one can reach the critical system. Mr. Elimelech also highlighted the threat of the human factor- the worker (insider threat). Cyber-attacks may also be carried out on supporting transportation systems, possibly causing damage to the transportation itself (airplanes, cars, trains etc.) Mr. Elimelech also presented the threat of simple and cheap tools easily used for cyber-attacks on transportation systems.
Adv. Deborah Housen-Couriel expanded on Elimelach’s presentation by highlighting that there is no overarching policy in the transport sector, not globally and not in the international level. Adv. Housen-Couriel explained that the solution will arise by examining counter-terrorism laws and critical infrastructure laws, both at the global and the national level.
Dr. Robert Tomes opened with a brief discussion on 9/11 and its application to the cyber realm. He focused on international and operational trends regarding cyber, specifically from a U.S. perspective. Dr. Tomes presented three inflection points. First, he claims that there is always re-working and adapting institutions and organizations that have only recently reached the point where the nexus between terrorism and cyber-terrorism has allocated sufficient resources. Second, defining and addressing threats is extremely important in this regard. Addressing threats is the first step in executing. Finally, he gave the examples of Snowden and Stuxnet to highlight the idea that people are growing increasingly aware of our cyber capabilities. Dr. Tomes concluded with steps necessary to resolve certain cyber dilemmas and information as to why we haven’t yet seen more cyber terrorist attacks.
Mr. Amar described the Israeli view regarding countering cyber threats and advancing readiness in terms of cyber security. He highlighted a three-layer strategy in use by Israel, which includes robustness, resilience and defense. All these levels focus on different and specific key areas. Mr. Amar presents Israel’s National CERT along with its advantages and disadvantages. He claims information needs to be consolidated and shared between multiple players, and work needs to be done in this regard.