Technically the whole world could be at war. Currently, many governments, organizations and businesses around the world are struggling to survive against cybercriminals. The opponent is not only evil, but also very cunning. Invisibility is one of their most powerful weapons, so most of us are unaware of the devastating damage they do. You don’t need to bomb or shoot to bring the city to its knees. A simple attack on a vital system can impact a person’s life. DarkSide, for example, is a Russian hacker that is both sophisticated and difficult to find, according to the FBI. Expert at exploiting human weaknesses and leveraging technology for money and power.
You can’t be completely impenetrable uanless you cut off the internet. The truth is that we are in the middle of a wave of cyber hacks that are causing damage and costing major companies billions of dollars, but they have said nothing about it. The number of businesses and infrastructures attacked is staggering. People are worried that things will get worse. Spam calls and emails designed to steal our personal information. On the other hand, the company is considered the most profitable.
These cyberattacks’ perpetrators can destroy or manipulate computer systems while remaining anonymous. They can take the shape of lone individuals looking to cause havoc or criminal groups locking up computer systems or stealing data in order to demand a ransom. They might be state actors out to subvert democracy or steal information from the country. The truth is that both the purpose and identity of cyberattackers are usually unclear. Who is currently winning in the cyber world—the good guys or the bad guys? As a result, it is a persistent issue.
Threat actors, including nation states and criminals, are actually given more confidence to carry out their operations. Because of this, they multiply daily. The current spike in ransomware attacks intended to extract money from organizations and corporations worries the democratic administration greatly. In essence, ransomware is malicious code that is downloaded into a computer, locks it, and prevents you from accessing your files. It may also be devastating. When you can’t access your computer, they’ll send you an email with a note that says something along the lines of, “Hey, here’s the address you need to send money to online.” We have highly intelligent state actors, highly intelligent organized crime syndicates, and lone hackers. It covers a wide spectrum, and all of those folks pose a severe threat to our country.
Cyber terrorism and its involvement with dark web
Hackers no longer need to build malicious software because all of the tools they require can be purchased on the Darkweb. Large sections of the dark web are dedicated to hacking forums where you can register on a website similar to eBay or Amazon and buy viruses and tools that you can use to hack websites even if you don’t have technical expertise. As a result, there is an open door for criminals who are not technically savvy. Most cyber thieves profit from anonymity and the reluctance of most businesses to report cyber attacks.
In addition, terrorist organizations use the anonymity and security of the dark web to disseminate training manuals for cyberattacks to longtime supporters. Terrorist organizations are increasingly using the dark web to recruit and train new members, share information, and organize attacks in the real world. Additionally, terrorists are increasingly employing encrypted software and the dark web to establish a digital safe haven for their communications, logistics, and financing of their operations. At the moment, cybercriminals and cyberterrorists are the most active actors on the dark web.
The two greatest anxieties of our time—terrorism and cyberspace—are combined in cyber terrorism, a modern-day kind of terrorism. The dark web, in particular, is ideal for cyberterrorists because it allows for rapid and encrypted contact between them, eliminating all barriers. Terrorist organizations are also active on the dark web with their propaganda and fanaticism. Due to terrorists’ limited cyber capabilities, cyber terrorism has not yet emerged as a serious danger. The majority of terrorists’ cyberspace attacks are serious hacking-related offenses including defacements and DDOS attacks.
Additionally, it appeared that cyberterrorists were focusing on advancing cryptocurrency technology since it is the greatest and most anonymous source for their funding and trade on the dark web, both of which are essential for the success of their operations. Additionally, cyberterrorists may be drawn to exploiting dark markets to buy cybercrime tools like malware and ransomware in order to carry out cyberattacks that may ultimately extort and generate financial benefit.
Initiatives taken to mitigate Cyber terror attacks worldwide
Cybercrime Convention: International Forums
- United Nations (UN)
Global Counterterrorism Strategy of the UN: The plan demonstrates the dedication of all UN member nations to the elimination of terrorism in all its forms. The resolution strives to prevent the spread of terrorism via cyber networks and to increase international and regional collaboration and coordination among nations, business actors, and others in the fight against cyber terrorism. The member states are urged to make sure that the internet “is not a safe haven for terrorists” in the 2018 resolution regarding the sixth review of the strategy. Member states are urged to combat terrorist propaganda, provocation, and recruiting, including online.
United Nations Office of Counter-Terrorism (UNOCT) : The UNOCT was established on June 15, 2017, by resolution of the UNGA, in response to the Secretary-General’s report on the UN’s role in helping member states implement the UN’s counterterrorism policy.
The UNOCT supports member states’ counterterrorism activities, especially those against cyberterrorism. It offers multi-stakeholder collaboration to protect each country’s cyberspace from cyberterrorist threats. It has started a number of projects targeted at improving state capacity to counteract cyberattacks and increasing public awareness of cyberterrorism.
- Shanghai Cooperation Organisation (SCO)
The SCO has adopted several significant steps to counter the menace of cyber terrorism. It established the Regional Anti-Terrorist Structure (RATS) in 2001 against terrorism. The 22nd session of SCO RATS council approved various proposals to combat cyber terrorism, and also discussed the proposal to establish a cyber terrorism center. In 2019, SCO member states conducted anti-cyber terrorism drills to prepare for future Cyber terror crisis.
Further, in 2015, SCO submitted to UNGA an International Code of Conduct for Information Security, proposing a secured and rule-based order in cyberspace. The code suggests international cooperation among states to combat exploitation of ICTs for terror-related operations. Furthermore, it specifies a code of conduct, responsibilities of states and rights of individuals in cyberspace.
- Brazil, Russia, India, China and South Africa (BRICS) Counter-Terrorism Strategy
The policy intends to combat global terrorism and its funding, strengthen collaboration between law enforcement agencies in extraditing terrorists and providing mutual legal help, among other things. The goal of the approach is to “counter extremist narratives supportive of terrorism and the abuse of the Internet and social media for the purpose of recruiting, radicalizing, and inciting terrorists.”
- The United Kingdom (UK)
In order to defend against cyberattacks, the UK launched the National Cyber Security Programme in 2015. In order to strengthen the UK’s cyberspace’s resilience to attacks and increase its security by 2021, a five-year national cyber security strategy was also unveiled in 2016. To respond to sophisticated cyberattacks, the National Cyber Security Centre was established in 2017.
- The United states of America
Cybersecurity and Infrastructure Security Agency (CISA) Act
The act specifies that the CISA will protect American CIs and cyber networks, design US cybersecurity formations, and create the capacity to thwart cyberattacks. Additionally, it protects the “.gov” domain network used by the federal government. The National Risk Management Center (NRMC), which covers the majority of strategic risks to the nation’s critical infrastructure (CI) and vital operations whose interruption could have grave consequences for American national interests, such security and the economy, is also housed there. In order to modernize US cybersecurity capabilities against escalating cybersecurity threats over CIs and other important assets, the US President issued Executive Order (EO) 13800 in 2017.
National Cyber Strategy of the US
The 2018-released strategy improves the US cyberspace’s ability to defend against cyberattacks. It focuses on defending against cyberattacks and securing federal networks and CIs. The main objectives of the cyber policy are to defend the American people, maintain peace, and advance American interests. Additionally, it allows for military action to stop cyberattacks.
- Europe
The only legally enforceable international agreement on cybercrime is the Budapest Convention, which governs the European Union. It proposes to improvise investigation procedures on cyber crimes for member states and strives to harmonize domestic legislation, including an international cooperative framework. India isn’t a party to this agreement.
Initiatives Taken In India
The Information Technology Act, sometimes known as the Act, authorizes laws pertaining to cyber terrorism. The Act’s Section 66F establishes a framework for law enforcement to combat cyberterrorism. Along with three requirements for an act to qualify as cyberterrorism, it stipulates penalties for the crime up to and including life in prison:
Intention:
The act must intend to afflict terror in people’s minds or jeopardize or endanger the unity, integrity, security or sovereignty of India.
Act: The act must cause:
- unlawful denial of access to any legally authorized person from accessing any online or computer resource or network;
- unauthorized attempt to intrude or access any computer resource; or
- introduce or cause to introduce any computer contaminant.
In addition, Section 66F also applies when someone purposefully infiltrates or accesses a computer resource without authorization or by abusing his legitimate authorization in order to gain access to data, information, or computer bases that have been restricted for Indian security interests or whose disclosure would jeopardize India’s sovereignty, etc.
CII and protected systems The Act includes a provision for “protected systems” that allows the appropriate authority to designate any computer resource as a “protected system” if it directly or indirectly affects the CII facility. If someone attempts to secure access to a protected system or secures access to one, Section 70(3) imposes a sentence of up to 10 years in prison and a fine.
CII is defined as “the computer resource, incapacitation or destruction of which shall have a debilitating impact on national security, economy, public health or safety” in Section 70’s explanatory clause.
CERT-In, the Indian Computer Emergency Response Team To preserve India’s cybersecurity and combat threats to it, Section 70B of the Act mandates the creation of CERT-In. The CERT-In is tasked for defending India’s online infrastructure from cyberattacks, publishing alerts and advisories on the most recent cyberthreats, and coordinating countermeasures to prevent and address any potential cybersecurity incident.
National Cyber Security Policy:
India’s National Cyber Security Policy, which was published in 2013, intends to protect Indian cyberspace and strengthen the country’s ability to fend off threats in all industries. It intends to provide strategies for safeguarding India’s CII as well as procedures for efficiently fending off cyberattacks. It also emphasizes on a trustworthy and secure cyber ecosystem in India.
With the help of the policy, a secure computing environment has been created, and extraordinary trust and confidence in electronic transactions have grown. In addition, a crisis management strategy has been implemented to stop terrorist strikes made possible by the internet. Additionally, the National Investigation Agency (NIA) Act was modified by the Parliament in 2019 to enable the NIA to look into and prosecute instances of cyberterrorism
Technology and threat intelligence also play significant roles in the fight against traditional and cyber terrorism. The multi-agency center (MAC), which was established at the national level following the Kargil intrusion, as well as subsidiary MACs (SMACs), which were established at the state level, have been strengthened and reorganized to enable them to operate on a 24×7 basis. Every organization engaged in counterterrorism is a member of the MAC, which is made up of about 28 entities. Another crucial component of the national plan is this.
Kavya is a bold and adventurous person who is always looking to explore new things in life. She is currently studying law at BMS College of law. An avid reader, and loves immersing herself in interesting articles and mystery novels in her free time. Her curious spirit and willingness to step outside her comfort zone leads Kavya to seek out novel experiences. She approaches life with an open mind, eager to learn and grow.
