Question

Global Politics: What are some of the ways to address cyber terrorism?

Answer 1

It would seem prudent to expect that such attacks will be launched sooner or later. Therefore we should ask ourselves the following: How do we try to deal with terrorists in cyberspace? We start to answer this question by distinguishing between two forms of defense: passive and active defense.

Passive defense is essentially target hardening. It largely consists of the use of various technologies and products (for example, firewalls, cryptography, intrusion detection) and procedures (for example, those governing outside dial-in or reconstitution and recovery) to protect the information technology (IT) assets owned or operated by an individual or organization. Some forms of passive defense may be dynamic, such as stopping an attack in progress, but by definition, passive defense does not impose serious risk or penalty on the attacker.

Active defense by definition imposes serious risk or penalty on the attacker. Risk or penalty may include identification and exposure, investigation and prosecution, or preemptive or counter attacks.

With only passive measures, the attackers are free to continue the assault until they either succeed or get frustrated and look elsewhere. Given the vulnerabilities of most cybersystems, the low cost of most attacks, and the ability of attackers to strike from positions of physical safety, a skilled and determined attacker may be more likely to succeed than to become frustrated.

Some defensive actions, for example stopping an attack in progress, can be pursued using both passive and active means. Passively, the defender might plug a vulnerability hole in real time. Actively, the defender might try to locate and get back to the source of the attack.

For several legal and other reasons, most forms of active defense will necessarily fall to governments.The effective pursuit of active forms of defense, with a high probability of correct identification and few false positives, is very challenging technologically.