Dialogue  April-June 2008 , Volume 9 No. 4

Terrorists online-the New Dimensions in National Secuirty                

Subimal Bhattacharjee*

Everytime there is a terrorist attack in any part of the country nowadays; there is a linkage to the cyberspace. The recent blasts in Jaipur (May 2008), the blasts in Varanasi (March 2006), Hyderabad (Aug 2007) and the serial blasts in UP (Nov 2007) all have trails that lead to some activity in the cyberspace. Even the attack on Parliament in December 2001 had a cyber angle to it. This is generally in the form of some emails sent from some public internet access joint to some law enforcement agency or media house and also the meticulous planning behind the incident. The terrorist and their sympathizers find cyberspace the best mode to communicate their presence and message without meaning any direct physical harm and immediate identification. But this is turning out to be a serious national security issue that we as a nation can hardly ignore anymore. 

      Cyberspace has evolved with the massive spread of the medium of internet and this has also had revolutionary impact on the whole global community. Today out of 6.6 billion world population, about 1.4 billion people in the world use the medium of internet out of which about 46 million are in India where the total population is about 1.2 billion. This is roughly about 20% of the global population while in India the penetration is about just 3.5%. Internet has facilitated communication and information gathering in the first place and in its explosive growth path has also given a new dimension to traditional commerce in the  form of electronic commerce. From the home user who uses the medium for emails, chatting, phoning and blogging to the corporate user doing business, banking and signing global deals using the medium. Even governments have not been left behind- besides using the medium for citizen service deliveries, information dissemination and also improving its own functioning, there are a lot of efforts on to improve the pace of development using the medium of internet. Likewise the functioning of critical infrastructures depends today completely on network connectivity.

     However this good medium has not remained unscathed- abuses and criminal activities started and they grew in sophistication and frequency in no time and steadily many of these criminal efforts have been transforming into terrorist activities and also warfare programmes. Thus today we can broadly enlist the three Cs- cyber crimes, cyber terrorism and cyber warfare as negative elements that could destroy the very nature of cyberspace.

    While cyber crimes have been soaring, the real fear that grips our nation now is the usage of cyberspace by terrorists and also cyber terrorism that could cause catastrophic damages. The latter refers to the destruction of critical infrastructures using cyber attacks. Terrorists have found cyberspace to be a very safe mode for communicating with each other, spreading their propaganda, collecting funds from sympathizers and also recruiting cadres. All these activities have grown over the years and there are open statements to this effect by various terrorist groups including the Al-Qaeda. There are various websites that openly espouse the cause of the different terrorist groups. Websites propagating jihadi sentiments and call for participating in jihadi missions are quite popular and growing in numbers. Many of these websites also foster a network of fidayeens who will launch common attacks from their own bases like a distributed denial of service attack on a pre-determined target network at a particular time. There have already been some successfully executed such attacks. Terrorists also find the safest means to communicate through emails, chatrooms in coded messages and also false mailboxes.

     But this is not all. Many of the terrorist groups are also involving various hacking groups to launch attacks on networks to cause damages and also disrupt networks. This serves the purpose of displaying their presence, although such exercises generally do not end up in directly causing loss of lives or injuries like a bomb blast. Terrorists themselves are learning these new skills and tools of cyber attacks and also recruiting symapthisers with technology zeal. The common form of attacks bing undertaken, varying in degrees of sophistication, are planting of malicious viruses, worms and Trojan horses, electronic frauds, phishing and pharming and distributed denial of service attacks. Even there are email threats issued from time to time to innocuous citizens and also to police stations and media houses around incidents that they plan and execute in the physical world. Even hoax emails surrounding public communications are becoming a menace.

      The soaring incidents of terrorists making their presence felt through cyberspace and also fostering cyber attacks has caught the attention of the governments across the world. But not much of action has followed so far to address and tackle the menace. This is partly due to the poor understanding of issues concerning cyberspace and also due to the rapidly changing parameters of the technology surrounding the media. Today governments and businesses across the world have come to such a stage that the functioning of critical systems cannot happen without cyber networks. The penetration of information technology tools into government networks has been increasing day by day. Apart from the normal functioning of governments, many of the citizen delivery services can only be smoothly addressed using the medium. However a proper security approach to these ever increasing networks is not being emphasized. So in most cases the response to attacks is reactionary instead of a comprehensive policy to address each and every aspect of the issue. Many countries have come up with some policies to address these issues and the ever increasing role of terrorists in cyberspace is covered in those efforts. Particularly the critical information infrastructure policies (CIIP) of the US, UK and a few European countries have comprehensively addressed many of these issues.

      In India, there has been some awareness raised about the growing menace of cyber attacks. However we still do not have comprehensive CIIP which encompasses a broad approach of the usage of the national cyberspace. The need to realize the growing impact of cyber attacks on national security has to be realized. Particularly for India which is high on the radar of terrorists who strike repeatedly in different places across the country, cyber security should be an integral part of the national security initiatives. There are some urgent measures required on all the three fronts of institutions, infrastructure and legislation. 

   On the institutional front, to address cyber security the National Information Board (NIB) was set up in 2002 and is chaired by the National Security Adviser and the Deputy National Security Adviser serves as the Member Secretary of the NIB. The NIB consisting of 21 members mostly Secretaries in the central government acts as the highest policy formulation body at the national level and is to periodically reports to the Cabinet Committee on Security. However the NIB rarely meets and so the essence is lost in a dynamically changing field which require urgent attention.

     Two organisations support the NIB directly - the National Technology Research Organization (NTRO) in providing technical cyber security and intelligence and the National Security Council Secretariat (NSCS) for coordinating cyber-security activities across the country, covering both the public and private sectors. The Computer Emergency Response Team (CERT) established in 2004 under the Ministry of Communications and IT acts as the public interface for incident reporting and response generation. CERT alongwith the Controller of Certifying Authorities (CCA) under the same ministry have played a crucial role in the formative years of the basic national infrastructure to address cyber incidents. The main CERT is located in New Delhi with a backup in Bangalore. CERT-In is responsible for responding to computer security incidents reported by the Indian internet community as well as to create security awareness among Indian IT users. It also plays a key role in educating and assisting IT users in implementing proactive measures to reduce the risks of security incidents. There is the need for establishing sector specific CERTs- for the defence, railways and banking sectors to start with and the government has to take some mission mode approach to establish the basic infrastructure across sectors and across the country to address cyber security concerns.

   The pace of orientation of law enforcement for handling cyber incidents has to be enhanced. At the outset the intelligence community needs to be  trained to handle the leads and the trillions of traffic that generate the leads and patterns for recognizing the attempts of terrorists in cyberspace. There needs to be dedicated teams in all the intelligence agencies- IB, RAW and NTRO at the centre and the state intelligence agencies. Next is the role of the police forces. There should be a proactive policy to train and improve the cyber skills of policemen. There is a need to properly assess if policemen should be trained directly for handling cyber incidents or should the law enforcement work in close tandem with some dedicated cyber experts from the private sectors who are specialists and keep pace with the progress of the terrorists technologies. NTRO and even CERT might still not be the right force to handle all the incidents in terms of their sophistication and growing frequency.  At the same time the investigation forces need to be oriented to the latest technology. The CBI has been active in this field but there is a lot to be fully ready to handle all cyber attack events. Similarly there is a lot to be done for the state police forces. The government should work on incentives to be provided to the policemen who take interest in being network ready. Even the police stations have to be revamped with better computers and bandwidth and a mission mode approach has to be there to digitally connect all the police stations in the form of a National Law Enforcement network. CBI has been in touch with Interpol on a regular basis. Today there is a great need to have a global framework to counter the burgeoning cyber attacks. At the same time, the legal fraternity needs also to tone up their understanding of technology and the intricacies of cyber attacks. On a national scale training and awareness programmes have to be started by the government for all the law enforcement agencies.

      Again the legal mechanism is different in many countries, often not having been revised to consider cyber crimes even. Given the trans-national nature of the crime, there is the need for a global treaty to try all such cases wherever the crime may originate or cause damages. Thus the perpetrator of the I Love You virus attack (in year 2000) and his accomplice, who admitted to their act when traced to Manila, could not be punished, as there was no law in the Philippines to address cyber crimes. Hence they went scot-free inspite of causing losses worth billions of dollars. Till date many countries don’t have specific laws to address cyber crimes.                                                                                                  

    India was one of the first countries to specifically enact a law for information technology related issues in October 2000 called the Information Technology Act 2000 (IT Act). This piece of legislation gave the right fillip and the legal sanctity to all efforts to spread e-commerce in the country. The Act was a landmark one as for the first time apart from facilitating e-trade it also allowed the introduction of digital signatures and addressed a few of the cyber crimes. The Act also had provisions for looking at extra-territorial issues, as many of the problems of Internet were trans-national in nature. However in the last few years of the usage of this Act, many deficiencies have been observed and also newer technological feats needed to be accommodated. So an expert Committee was appointed in January 2006 to recommend changes to the Act and after rounds of deliberations of the parliamentary Standing Committee on IT, the amendment bill is now awaiting Parliament’s approval. Besides calling for making technology a neutral entity in IT deployments and regulatory approach, it has outlined the need for giving electronic contract the desired legal sanctity. It has also come out with changes to the offences and contraventions. The Standing committee has also significantly made the recommendation to the government to define cyber terrorism and make harsh punishment  for such acts.

       International efforts to combat cyber attacks in every form needs to be fostered soon. One of the best possible efforts has been the Council of Europe (CoE) Convention on Cyber crimes. This convention underlines the need for coordination and cooperation among government agencies and the industry for combating cyber crimes. The provisions here require the signatory states to follow the provisions and also have matching national laws to combat cyber crimes which are consistent with the convention. However much of work has to go in to make the Convention the draft law for a global regime and also look at the issue of cyber terrorism. At this point of time 22 countries have signed the Convention while another 21 have ratified it. The best such opportunity today lies in amalgamating the CoE legislation in the efforts of the United Nations whereby it is addressing internet governance. The report of the UN Secretary General appointed Working Group on Internet Governance (WGIG) in the year 2005 has highlighted the importance of the CoE convention. The UNIDR has also been mandated to look at the impact of information communication technology on international security and the role of terrorists and cyber terrorism will be a focal point of this initiative.

      So both nationally and globally, there is a lot of work to be done to come to an understanding of how to deal with the menace. Meanwhile the terrorists are honing their skills and technology is changing fast both for good and bad. As more and more people get connected across the globe, the explosion in the digital world is going to be something that has to be addressed more closely. So cyber security should be an important parameter for future national and global security cooperation.  Unless that happens, the terrorist will have an edge always and strike at will in cyberspace as they still do in the physical world where the risks are still far more than the online anonymity.