Terrorists are known to use the Internet for communications, planning, recruitment, propaganda, and reconnaissance. They have shown interest in carrying out cyberattacks on U.S. critical infrastructures, although no such serious attacks are known publicly to have occurred. The discovery of the Stuxnet malware in July 2010, and its analysis over the next several months, was widely believed to have been a landmark event in cybersecurity, because it showed that cyberattacks against industrial control systems, hypothesized for a long time, are actually possible. After Stuxnet, there were public concerns that terrorists might be encouraged to acquire capabilities for similar cyberattacks.
This monograph examines cyberterrorism before and after Stuxnet by addressing questions of:
1. Motive—Are terrorists interested in launching cyberattacks against U.S. critical infrastructures?
2. Means—Are terrorists building capabilities and skills for cyberattacks?
3. Opportunity—How vulnerable are U.S. critical infrastructures?
It is noted that no serious cyberterrorism attacks have occurred after Stuxnet. This can be explained from a cost-benefit perspective that has not changed since Stuxnet. It can be argued that U.S. policies can really address vulnerabilities only by strengthening defenses of critical infrastructures.
Related products:Prospects for the Rule of Law in Cyberspace
is available here: https://bookstore.gpo.gov/products/sku/008-000-01222-9Legality in Cyberspace: An Adversary View
is available here: https://bookstore.gpo.gov/products/sku/008-000-01108-7Cyberspacce: Malevolent Actors, Criminal Opportunities, and Strategic Competition
is available here: https://bookstore.gpo.gov/products/sku/008-000-01210-5The Rise of iWar: Identity, Information, and the Individualization of Modern Warfare
can be found here: https://bookstore.gpo.gov/products/sku/008-000-01198-2NATO Cyberspace Capability: A Strategic and Operational Evolution
can be found here: https://bookstore.gpo.gov/products/sku/008-000-01191-5
About the Author
ABOUT THE AUTHOR
THOMAS M. CHEN is a professor of cybersecurity in the School of Engineering and Mathematical Sciences at City University London, United Kingdom (UK). He was formerly a Professor in Networks in the College of Engineering at Swansea University, UK. Prior to joining Swansea University, he was an Associate Professor in electrical engineering at Southern Methodist University, Dallas, Texas, and a senior member of technical staff at GTE R&D Laboratories (now Verizon Labs), Waltham, Massachusetts. He has 22 years of research experience in academia and industry. Dr. Chen has published widely on issues related to Internet security. His work has been supported by government agencies, such as the National Science Foundation and Department of Homeland Security, and various companies including Nortel Networks, Alcatel, and Sprint. He regularly collaborates with researchers in major security companies. Recently he has been involved in an interdisciplinary research project in cyberterrorism with colleagues in Law and Political Science at Swansea University. Dr. Chen holds B.S. and M.S. degrees from Massachusetts Institute of Technology, and a Ph.D. in electrical engineering from University of California, Berkeley.