At an average about 4,00,000 cyber attacks take place daily over the Internet, which originate from either cyber criminals, hacktivists, terrorists or government agencies
In March 2017, the Indian anti-terrorist force (ATF) raided a house in Lucknow and killed Saifullah, head of an Islamic State of Iraq and Syria (ISIS) sleeper cell. Surprisingly, the terrorist had never ventured out of the country but was radicalised through the Internet.
Bangladeshi authorities were astonished to find that the terrorists involved in the Holey Artisan Bakery attack in Dhaka were not radicalised in madrasas but were Internet savvy and educated in top schools of the nation.
Three sisters aged 15, 16 and 17 went missing from their home in Denver, Colorado, United States. On investigation the police discovered that they had received step by step instructions through the Internet on how to provide direct support to ISIS. Fortunately the three were apprehended in Germany while they were boarding a flight to Syria.
The International Law Commission of the United Nations defines ‘Terrorism’ as the use of intentionally indiscriminate violence as a means to create terror or fear, in order to achieve a political, religious or ideological aim.
While all these years it was felt that violence can only be created through physical means, the cyber attack which crippled the Natanz nuclear facility in Iran shook the world out of its stupor. And presently a growing trend in the cyber domain pertains to the misuse of the Internet in promoting this dark world of terrorism. At an average about 4,00,000 cyber attacks take place daily over the Internet, which originate from either cyber criminals, hacktivists, terrorists or government agencies. While cyber criminals cater for almost 98 per cent of these attacks, the issue of concern is the methodical manner in which terrorists are using the Internet for radicalisation, recruitment and in some extreme cases even terrorist activities.
Recruitment and Radicalisation
The sophistication with which online literature is being created for radicalisation by terrorist organisations clearly outshines the counter propaganda being done by the government. Take a look at the ePublication called Dabiq which is published by the Islamic State. Dabiq is a town in northern Syria; there exists a tradition that this will be the site of a final battle between the forces of Islam and the forces of ‘Rome’, which ISIS interprets to mean the forces of Christianity and/or America, where they will achieve final victory. Dabiq is an online magazine used by the Islamic State of Iraq and the Levant (ISIL) for propaganda and recruitment. It was first published in July 2014 in a number of different languages including English. Dabiq itself states that the magazine is for the purposes of unitarianism, truth-seeking, migration, holy war and community.
The battle of online publications is a battle of ideas between the radicals and the moderates, and how convincingly their views are presented. It also depends on the number of publications being put out on the Internet. As of now, if Daesh puts out 10 videos, there is only one counter from the side of the government. Hence the chances of hitting a terrorism inspiring video are today better, and one has to acknowledge that these terrorist organisations have been able to market their literature better on the Internet. In fact even the quality of their publications is very impressive and it appears that they are employing the services of highly creative and professional cadres. This is also a silent and safe form of support to the terrorist ideology. Imagine an old teacher who wishes to contribute towards such an organisation — well what better than write instigating literature being published online by someone else or help create a YouTube video in which the impact is made in the first few seconds. This is how unsuspecting, pliable and fallible young persons are being recruited around the world.
While cyber criminals cater for almost 98 per cent of these attacks, the issue of concern is the methodical manner in which terrorists are using the Internet for radicalisation, recruitment and in some extreme cases even terrorist activities
To promote terrorism, Pakistan has created about 17,000 fake social media websites in order to influence youth in Kashmir as well as other young minds. Some web service providers like Cloudflare and Limestone are also being used by Jaish-e-Mohammed (JeM) and Jamaat-ud-Dawa (JuD) as a means of providing training workshops and also for recruiting youth.
The technique of Ransomware is another creation of the devilish minds lurking in the dark and deep web. The method is simple — first send a malware to the target which would encrypt his important files or the entire desktop or my data, etc. Then ask for the ransom which is linked to a timer and down counter to exert pressure on the target that if he does not comply then his files will be deleted. The selection of target is also done carefully to extract the maximum mileage, and one can visualise the pressure if the target files are the research data of a scientist or the financial data compiled over a number of years. In cases related to terrorism, the terrorist can now demand an action that may be directly linked to an act of terrorism. For example, the terrorist may force the target to dial a number from his mobile which may trigger an explosive device. Or the terrorist could force someone with security clearance to commit an act inside a high security zone. In fact Ransomware has taken a new twist now with the attacker demanding that the target sends an e-mail with his malware attachment to at least two other people. Now a good cyber hygiene has told us not to open e-mails from unknown persons, but if a person is known to you then we will definitely open his e-mail and voila — now the attacker has doubled his target numbers!
Various stories abound the Internet on hard attacks due to software. This issue gained importance from the famous Stuxnet attack which crippled the Iranian nuclear facility. The Shamoon virus was stated as its counter attack. Since then there have been innumerable cases of violent acts through the Internet platform. There are reports of attacks on the pacemakers of persons, often fatal. This scenario is bound to get grimmer with the possibilities of planes, drones and driverless cars being e-jacked. And if one tries to visualise the 50 billion devices being connected in the Internet of Things era by 2020, the consequences are potentially disastrous!
As international outrage grows against terrorism related sites, the major players such as Google and Facebook have taken up a serious campaign with the help of the public to stop the uploading of ‘objectionable’ material on the Internet.
The police are also active in tackling online radicalisation and many extremist websites are removed by agencies such as the British Counter Terrorism Internet Referral Unit (CTIRU). The availability of this type of material on the Internet is being reduced all the time and with large increases in referrals from the public, more and more sites will be taken down in the future. The Internet provides a discreet opportunity for extremists to target young, vulnerable individuals within their own homes which means the work of such agencies is crucially important in the fight against terrorism. During an average week, the CTIRU is removing over 1,000 pieces of content that breach terrorism legislation. Approximately 800 of these are Syria and Iraq related and have been posted on multiple platforms. In the last 12 months, around 38,889 Internet takedowns were undertaken by the CTIRU reducing extremist material available on the Internet. That is over 1,00,000 since the unit was set up in 2010. Much of this has been achieved by forming working relationships with key social media outlets.
On February 18, 2017, at the Munich Security Conference, Vice President Mike Pence highlighted the growing importance of cyber security and terrorism. A few days earlier the Global RSA Cyber Security Conference in the United States witnessed growing concerns on the issue of cyber security, estimated to become a $3-trillion business by 2020. Similar concerns were raised during The Raisina Dialogues held in India during January 2017. Stakeholders are today demanding a Digital United Nations which can issue laws and regulations to bring some method to the madness sweeping the cyber world. The time to act was yesterday, and as India recently took the Paris Initiative for solar energy, can it take the lead in this cyber security initiative also? For the safety of its own Digital India at least.
The writer is former Commandant of Military College of Telecommunication Engineering (MCTE)