Policing Cyber Hate, Cyber Threats and Cyber Terrorism
eBook - ePub

Policing Cyber Hate, Cyber Threats and Cyber Terrorism

Brian Blakemore, Imran Awan, Imran Awan

Share book
  1. 216 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Policing Cyber Hate, Cyber Threats and Cyber Terrorism

Brian Blakemore, Imran Awan, Imran Awan

Book details
Book preview
Table of contents
Citations

About This Book

What are cyber threats? This book brings together a diverse range of multidisciplinary ideas to explore the extent of cyber threats, cyber hate and cyber terrorism. This ground-breaking text provides a comprehensive understanding of the range of activities that can be defined as cyber threats. It also shows how this activity forms in our communities and what can be done to try to prevent individuals from becoming cyber terrorists. This text will be of interest to academics, professionals and practitioners involved in building social capital; engaging with hard to reach individuals and communities; the police and criminal justice sector as well as IT professionals.

Frequently asked questions

How do I cancel my subscription?
Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.
Can/how do I download books?
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
What is the difference between the pricing plans?
Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.
What is Perlego?
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Do you support text-to-speech?
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Is Policing Cyber Hate, Cyber Threats and Cyber Terrorism an online PDF/ePUB?
Yes, you can access Policing Cyber Hate, Cyber Threats and Cyber Terrorism by Brian Blakemore, Imran Awan, Imran Awan in PDF and/or ePUB format, as well as other popular books in Informatique & Cybersécurité. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Routledge
Year
2016
ISBN
9781317079118
Edition
1

Chapter 1
Cyberspace, Cyber Crime and Cyber Terrorism

Brian Blakemore
The terminology and concepts of cyberspace, cyber hate, cyber threats, cyber terrorism and policing need to be carefully defined. This chapter will examine how Cyberspace in particular lends itself to all these activities and assemble analogies from the wider field of cyber crime about which there is more information in the public domain. Initially the phrase cyber terrorism will be used in its broadest sense, recognising that it is the least well-defined of these terms. A full discussion of what cyber terrorism is and whether an activity is cyber hate, cyber threat or cyber terrorism is developed in Chapter 2 which will also include a more detailed analysis of cyber activities recognising that the computer can be both a weapon to be used and also the subject of a potential attack with examples such as possible attacks on critical national infrastructures such as gas, water, electricity and the use of digital steganography.

Cyberspace

Cyberspace may be considered as:
a metaphor for describing the non-physical terrain created by computer systems. Online systems, for example, create a cyberspace within which people can communicate with one another (via e-mail), do research, or simply window shop. Like physical space, cyberspace contains objects (files, mail messages, graphics, etc.) and different modes of transportation and delivery. Unlike real space, though, exploring cyberspace does not require any physical movement other than pressing keys on a keyboard or moving a mouse … Some programs, particularly computer games, are designed to create a special cyberspace, one that resembles physical reality in some ways but defies it in others. In its extreme form, called virtual reality, users are presented with visual, auditory, and even tactile feedback that makes cyberspace feel real. (Webopedia nd)
Cyber refers to concepts of an organised movement and use of electronic data, and of control which is derived from manipulating such data. Space refers to the virtual place where two or more human activities interact. Cyberspace can be used to describe simply the World Wide Web, the Internet as a whole and also to include all global media and communication channels. Sterling (1992) credits Barlow (1990) as the first to use the phrase cyberspace to refer to ‘the present-day nexus of computer and telecommunications networks’.
This convergence of different media creates a world where all modes of communication and information are continually changing, not just the Information and Communication Technology (ICT) product used for communication but fundamentally ‘changing the way we create, consume, learn and interact with each other’ (Jenkins 2006). Current systems may be only at the ‘end of the beginning’ of this fundamental change as virtually all aspects of life, be they institutional activities such as business, government, art, journalism, health and education or recreational and social activities, are all increasingly being carried out in cyberspace across an ever-expanding and evolving network of information and converging communication technology devices. ICT is defined by Schuchart (2003:np) as:
an umbrella term that includes any communication device or application, encompassing: radio, television, cellular phones, computer and network hardware and software, satellite systems and so on, as well as the various services and applications associated with them, such as videoconferencing and distance learning.
The Internet forms the backbone of cyberspace and is a global network of individual computer systems owned by businesses, governments and other public bodies and even individuals. The World Wide Web, which was launched in late 1990, operates within the Internet and is a network of linked multimedia information (web pages) available to all (universality). The technical standards are open and royalty-free and allow anyone to create applications without requiring formal permission or sanction. This is accomplished using common naming (address) and production protocols (URL (uniform resource locator) and HTTP (hypertext transfer protocol)).
The pace of technological change is rapid and accelerating. ‘On the 15th June 2009, 20 hours of new content were posted on YouTube every minute, 494 exabytes [a billion gigabytes] of information were transferred seamlessly across the globe, over 2.6 billion mobile phone minutes were exchanged across Europe and millions of enquiries were made using a Google algorithm’ (Lord Carter, cited in Sheldon and Wright 2010:165). This convergence coupled with the ubiquitous low cost and ease of operation of future ICT systems, suggests that cyberspace will become the place where all our senses coincide with all possibilities of thought and action. Weiser (1991) coined the term ‘ubiquitous computing’ in 1988 referring to a future time when devices and systems would be so numerous and integrated into our lives that technology becomes the media through which people live. This time is nearly upon us and that the final boundary between online life and real life is already ill-defined.
Burns and Weir (cited in Jahankhani et al. 2008:45) propose that ‘Security is a balance between confidentiality, authentication and integrity versus convenience, cost and reliability’. Such factors must be taken into account in the development of new anti cyber crime interventions and especially for technology to support such interventions. This view is supported by Everett (2006) who stated that ‘… perfect security is not economically viable even if practically achievable’. Security systems within cyberspace require continuous innovation in order to match the rapid pace of general technological advancement in cyberspace and the new potential cyber crime opportunities such development produces. It has been asserted that ‘… design flaws and errors are normally the main cause of security holes that are explored by attackers’ (Khan and Mustafa 2009:10). Generally technological developments are far from perfect; for example, Chip and PIN has not eliminated all plastic card fraud. If there are loopholes, cyber criminals and cyber terrorists will seek these and exploit them to their advantage. Even when advances are made, the length of time taken to roll them out across the world may allow for cyber criminals and cyber terrorists to continue operating and initiate ways of countering these advances as they become widespread. With the government and mass media raising awareness of new breakthroughs, cyber criminals and cyber terrorists receive prior warning of the need to develop new ways to penetrate and attack the new technology.
There are a number of crucial factors affecting any new ICT or online security systems success; for example, do they depend upon implementation by another organisation? Kovacich (2007:156) stated, ‘We should never consider any high technology device, any controls, or any portion of any anti fraud program to be able to stop 100 per cent of all fraud threat agents or to thwart all fraud schemes, all we can ever expect is the levels of risk to be made as low as possible’. In support of this statement, Levi and Handley (2002:16) announced, ‘Unless a completely secure payment system is devised, then there will inevitably be some risk, and greater use will normally provide more opportunities for fraud’ and ‘With sophisticated technical systems, the weakest link is often human error’ (ibid:20). Both authors are critical of the expectations often associated with new technology. Many ICT users’ understanding of security issues is lagging behind technological developments; for example according to one study, 56 per cent of Internet users did not understand what a ‘cookie’ was and how it held useable information about the Internet user’s activities (Pew Internet and American Life project 2000:3). However, if all the stakeholders work together cyber crime can be reduced. The UK Card association report a 17 per cent reduction in reported crime involving credit cards during 2010. This is attributed to a combination of efforts amongst the card industry, banks and consumers (UKCA 2011) and Financial Fraud Action UK (2011:1) report reduced levels of some cyber crime in 2010: ‘Online banking fraud losses totalled £46.7 million in 2010 – a 29% fall from the 2009 figure’, demonstrating that using existing security measures can reduce the rate of these crimes but not prevent them. If this is also the case for cyber terrorism then such terrorist acts will continue so long as there is a political, religious or ideological will to commit such activities.
There is a technological arms race between cyber criminals and those policing cyberspace; the race is one of technological leapfrog with each side trying to make an advantage and capitalise on it during a brief period of technological supremacy. The time frame during which harmful activities can occur in cyberspace is much shorter than in a non-ICT system but the scope for gain or damage is significantly greater. Wall (2007) describes the current situation as the third generation of cyber crimes utilising networked technologies that are converging with other technologies.
One example of such technological leapfrogging is the discovery of a tailored computer attack in a process control system. Generally, malicious software programs that attack systems or steals information from systems are known as worms that spread across networks by finding and using security flaws or viruses that inhabit static files and require the user to unwittingly assist with their spread. Specifically the ‘Stuxnet’ worm was discovered in Sieman’s propriety software systems that are used to control and monitor the performance of industrial processes. The worm rewrote the computer controllers in the system, and concealed these changes. Stuxnet is estimated to have infected 100,000 host computers and although this worm has been found worldwide, 60 per cent of the infections have been linked to Sieman’s systems in Iran (TCE 2010a), suggesting a focused cyber state-sponsored attack that is undoubtedly designed to slow the development of Iran’s nuclear capability: this may be an example of a cyber threat or even cyber warfare. These issues are discussed in greater depth in Chapter 2. Iran has confirmed that the worm caused problems at its enrichment plant in Natanz (TCE 2010b). The infection spread from five industrial domains that have operations in Iran and that were linked to the Natanz uranium production facility to impede this site’s operation (TCE 2011). A spokesperson from the security firm Kaspersky described Stuxnet as ‘a working and fearsome prototype of a cyber-weapon that will lead to the creation of a new arms race’ (BBC News 2010b).
Other cyber attacks include the following: in 2007, Estonia was the subject of a series of cyber attacks which crippled the Internet across the country; Operation Aurora attacks on Google in China in January 2010 penetrating this ICT company’s protective software, targeting information on human rights activists; and the ‘Night Dragon’, a series of ongoing attacks which are coordinated attempts to penetrate at least a dozen multinational oil, gas and energy companies that began in November 2009. These attacks exploited Microsoft’s operating systems despite the security systems installed by these organisations (TCE 2011). The National Security Review (HM Government 2010) rated cyber attacks as a tier one risk to the UK’s security – the highest possible level of threat. There is no completely secure Internet system (TCE 2011) which raises the risk of successful cyber attacks following the introduction of increasingly complex Internet-based systems such as Cloud Computing.
Cloud computing replaces the storing of bought software on individual computers with the rental of such software on servers and accessing the software via the Internet. Organisations can expand processing power by adding more servers. There are already both public and private clouds systems in operation (Greenaway 2010). Cloud computing had a market worth $47 billion in 2008 and will be ubiquitous within 3 years according to Microsoft, with 20 per cent of email using cloud computing by 2012 (Payton 2010). This will allow organisations to save money on internal ICT services and to spread costs of new software over a longer period via rental rather than purchasing licence agreements. However, this will fundamentally shift the onus for security to the Internet-based provider. The advocates of cloud computing argue that such providers will have the resources, that is, finance and technical expertise, to provide more enhanced security than the present system which depends very much upon individual organisations perceptions of risks, technical ability, expertise and outlook. The breaching of Sony’s PC games site (Goodin 2011) demonstrates that very large organisations that have invested considerable resources into their network security cannot be considered 100 per cent secure and that the personal details of its 77 million customers may have been accessed. Certainly Facebook, a cloud-based system, has become a part of daily life for many people in modern society. The US, Japanese and UK governments are all launching cloud applications (Greenaway 2010) and need to come to terms with some processing of their data taking place outside their national boundaries. Governments will be concerned with access to sensitive data and will use encryption, access and storage security measures within their risk assessments to decide precisely what can be located on a cloud application (Greenaway 2010).
Encryption technology, such as the digital certificates used to secure payment transactions using Paypal, allows users to protect their files from being opened by others but this tool can be employed by cyber criminals and cyber terrorists to keep their own material secure from police and security monitoring activities. Oliver Drage was imprisoned for 4 months for refusing to reveal his 50-character encryption key to Lancashire police who were investigating child exploitation. Seventeen months after seizing his computer they had still not cracked his code (Radenedge 2010). With the emails sent by Rajib Karim, a convicted terrorist, it took a team of code-breakers nine months to crack the codes he used (Twomey 2011). Encryption can use several layers of data and can include more than keyboard characters by using graphics and photographs to compose the key or code (Radenedge 2010). Further discussion of encryption and digital steganography follows in Chapter 2. Government legislation such as in the USA has required providers to design and provide a ‘backdoor’ into encrypted programmes so that law enforcement agencies can more easily read messages but this also allows for the possibility of hackers or terrorists finding and accessing this ‘backdoor’. The legislative approaches to dealing with cyber terrorism are discussed more fully in Chapter 6.
Artificial intelligence (AI) is an ICT development that can be used by businesses and security/ law enforcement agencies to protect themselves from cyber attacks. Many organisations ranging from Amazon to banks, credit card companies and Yahoo use AI and this includes the use of AI in their security systems (Chillingworth 2011). According to Sabarirajan (in Chillingworth 2011) AI is the preferred method of fraud detection in the financial sector. However, the use of AI is limited at present as using AI to analyse language is complicated because of the numerous rules and even more numerous exceptions to those rules (Norvig in Chillingworth 2011). Another limitation in intercepting communications is the limitation of speech recognition programs, and although the company Nuance has stored millions of speech samples and can...

Table of contents