According to the U.S. Federal Bureau of Investigation, cyber-terrorism is any “premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by sub-national groups or clandestine agents.”
The North Atlantic Treaty Organization (NATO), for example, has defined cyber-terrorism as “a cyberattack using or exploiting computer or communication networks to cause sufficient destruction or disruption to generate fear or to intimidate a society into an ideological goal.”
Like any other continent across the globe, Africa is also a victim of cyber-terror attacks which once saw an airport in Rwanda going under siege after some hackers managed to gain access into the airport’s traffic control systems. Nigeria is still under the same predicament as the government still struggles to curb Boko Haram attacks. South Africa is one other country which experiences its own cuber-terrors fulled by racial posts on social media which turn to physical confrontations in the end.
Unlike a nuisance virus or computer attack that results in a denial of service (DoS), the FBI defines a cyber-terrorist attack as explicitly designed to cause physical harm to individuals. According to the U.S. Commission of Critical Infrastructure Protection, possible cyber-terrorist targets include the banking industry, military installations, power plants, air traffic control centers and water systems. However, there is no current consensus between various governments and the information security community on what qualifies as an act of cyber-terrorism.
While the FBI defines cyber-terrorism narrowly, excluding all but the most egregious attacks, other organizations and experts suggest that many less harmful attacks can also be considered to be acts of cyber-terrorism, as long as the attacks are intended to be disruptive or to further the attackers’ political stance.
In some cases, the differentiation between cyberterrorism attacks and more ordinary cybercrime activity lies in the intention: the primary motivation for cyberterrorism attacks is to disrupt or harm the victims, even if the attacks do not result in physical harm or cause extreme financial harm.
Examples of Cyberterrorism
Acts of cyber-terrorism can be carried out over private computer servers, against devices and networks visible through the public internet as well as against secured government networks or other restricted networks. Hackers who break into computer systems can introduce viruses to vulnerable networks, deface websites, launch denial-of-service attacks and/or make terroristic threats electronically.
Examples of cyberterrorism include:
- Global terror networks disrupting major websites to create public nuisances/inconveniences or to stop traffic to websites that publish content the hackers disagree with.
- International cyberterrorists accessing and disabling or modifying the signals that control military technology.
- Cyber-terrorists targeting critical infrastructure systems, for example, to disable a water treatment plant, cause a regional power outage, or disrupt a pipeline, oil refinery or fracking operation. This type of cyber-attack could disrupt major cities, cause a public health crisis, endanger the public safety of millions of people as well as cause massive panic and fatalities.