Cyberterrorism is a planned cyberattack on information systems, programs and data, leading to violent actions, which is aimed at achieving the political or ideological motives of criminals.
The FBI describes cyberterrorism as any cyberattack designed to intimidate or physically harm a victim. Attackers often achieve this by destroying or damaging the critical infrastructure of the target.
However, the information security community interprets cyberterrorism as attacks aimed at achieving the political goals of criminals. Even in the absence of physical danger or large financial losses, the main purpose of cyberterrorism is to disrupt the operation of systems or cause any harm to targets.
According to the Center for Strategic and International Studies (CSIS), major attacks are aimed at state institutions, defense and high-tech companies, as well as at committing financial crimes with damage of more than $ 1 million.
Types of cyberterrorism
APT attacks
Advanced Persistent Threats (APT) access the network using sophisticated methods of penetration. Once online, cyberterrorists try to steal data while remaining unnoticed. APT attacks often target organizations with valuable information, including in the national defense, manufacturing, and financial sectors.
Malware
Malware, computer worms and viruses are used to attack military systems, transportation and electrical networks, and critical infrastructure.
DoS attacks
A Denial of Service (DoS) attack is an attack aimed at disabling a machine or network, making them inaccessible to users. During DoS attacks, the target is flooded with traffic or receives information that causes a malfunction. A DoS attack blocks authorized users from accessing certain computer systems and devices.
Hacking
Hacking involves obtaining unauthorized access in order to collect confidential data of organizations, governments and commercial enterprises.
Ransomware programs
Ransomware encrypts all the victim’s data and systems until she pays the required ransom. In addition, some ransomware attacks lead to data exfiltration.
Phishing
Phishing is an attempt to obtain confidential information (for example, usernames, passwords, or credit card data) by forging emails from a trusted source.
Spoofing
Spoofing is a cyberattack in which a fraudster pretends to be a reliable source in order to gain access to important data or information. The main purpose of spoofing is to gain access to personal information, steal money, bypass network access control, and also spread malware.
Examples of cyberterrorism
Computer servers, devices and networks accessible via the Internet are often used in cyberterrorist activities. The targets are secure government networks.