Cyber Terrorism: Is Sri Lanka Ready?
53 Pages15191 Words297 Views
Added on 2023-06-13
About This Document
In this study we will discuss about cyber terrorism and below are the summaries point:-
-
Cyberterrorism poses a growing threat in Sri Lanka, with an increase in cybercrime activities observed.
-
Traditional crimes have moved online, including money laundering, child exploitation, fraud, and more.
-
The government has taken actions to address cyberterrorism, but a comparison with international legislation is necessary.
Cyber Terrorism: Is Sri Lanka Ready?
Added on 2023-06-13
ShareRelated Documents
RESTRICTED
CYBER TERRORISM; IS SRI LANKA READY?
1
RESTRICTED
CYBER TERRORISM; IS SRI LANKA READY?
1
RESTRICTED
RESTRICTED
CONTENT
1. Chapter One Introduction
2. Chapter Two Problem Statement
Research Hypothesis
Objective
Methods of Data Collection
Limitations
3. Chapter Three Data presenting and analysing
Definition of the cyberterrorism
The major hacking events world has experienced
Sri Lanka’s experiences of cyber terrorism
4. Chapter Four Governments perspective
Sri Lanka’s legislations on cyberterrorism
Action taken by the government
5. Chapter Five Legal background
United States of America’s legislations on
cyberterrorism
Summary of Europe Budapest Convention on
cyberterrorism
2
RESTRICTED
CONTENT
1. Chapter One Introduction
2. Chapter Two Problem Statement
Research Hypothesis
Objective
Methods of Data Collection
Limitations
3. Chapter Three Data presenting and analysing
Definition of the cyberterrorism
The major hacking events world has experienced
Sri Lanka’s experiences of cyber terrorism
4. Chapter Four Governments perspective
Sri Lanka’s legislations on cyberterrorism
Action taken by the government
5. Chapter Five Legal background
United States of America’s legislations on
cyberterrorism
Summary of Europe Budapest Convention on
cyberterrorism
2
RESTRICTED
RESTRICTED
Comparison of Sri Lankan legislation and U.S.A
6. Chapter Six Reccomendation
7. Chapter Seven Conclusion
3
RESTRICTED
Comparison of Sri Lankan legislation and U.S.A
6. Chapter Six Reccomendation
7. Chapter Seven Conclusion
3
RESTRICTED
RESTRICTED
CHAPTER ONE
INTRODUCTION
1. Traditional crime has long ago moved online. Crimes like money laundering, child
pornography, sexual exploitation of children, sale and trafficking of illegal drugs,
prostitution, internet fraud, credit card fraud, illegal gambling, hate propaganda, racism
crimes, intellectual property theft, piracy harassment, stalking threats, extortion identity
theft and many more.
2. Cybercrime is rather a novel aspect of criminal activity to the Sri Lankan society.
With the advancement of information technology and knowledge of computer science in Sri
Lankans, some individuals have turned cybercrime as a mean of acquiring wealth in an
unlawful and undetected manner and also to achieve political and social status. Cybercrime is
mostly committed by the educated youth. There has been an increasing of cybercrime
complains within the last year according to the Sri Lanka, Computer Emergency Response
Team (SLCERT). In the recent past, an increase in the number of cyber-criminal activities in
Sri Lanka had been observed. A representative of SLCERT said that most complaints are
related to hacking of passwords, stealing of information, demanding ransoms in addition to
Facebook and credit card related crimes.
3. In the wake of the recent computer attacks, many have been quick to jump to
conclusions that a new breed of terrorism is on the rise and Sri Lanka must defend itself with
all possible means. As a society we have a vast operational and legal experience and proved
techniques to combat terrorism, but are we ready to fight terrorism in the new arena – cyber
space?
4
RESTRICTED
CHAPTER ONE
INTRODUCTION
1. Traditional crime has long ago moved online. Crimes like money laundering, child
pornography, sexual exploitation of children, sale and trafficking of illegal drugs,
prostitution, internet fraud, credit card fraud, illegal gambling, hate propaganda, racism
crimes, intellectual property theft, piracy harassment, stalking threats, extortion identity
theft and many more.
2. Cybercrime is rather a novel aspect of criminal activity to the Sri Lankan society.
With the advancement of information technology and knowledge of computer science in Sri
Lankans, some individuals have turned cybercrime as a mean of acquiring wealth in an
unlawful and undetected manner and also to achieve political and social status. Cybercrime is
mostly committed by the educated youth. There has been an increasing of cybercrime
complains within the last year according to the Sri Lanka, Computer Emergency Response
Team (SLCERT). In the recent past, an increase in the number of cyber-criminal activities in
Sri Lanka had been observed. A representative of SLCERT said that most complaints are
related to hacking of passwords, stealing of information, demanding ransoms in addition to
Facebook and credit card related crimes.
3. In the wake of the recent computer attacks, many have been quick to jump to
conclusions that a new breed of terrorism is on the rise and Sri Lanka must defend itself with
all possible means. As a society we have a vast operational and legal experience and proved
techniques to combat terrorism, but are we ready to fight terrorism in the new arena – cyber
space?
4
RESTRICTED
RESTRICTED
CHAPTER TWO
PROBLEM STATEMENT
4. This onset of the information-dependent third wave provides opportunities for
spectacular gains and serious losses for individuals, corporations, and states. It is within this
world that the cyber terrorists will operate. In the same manner that terrorists have exploited
widely accepted technology such as dynamite and the airplane (for bombing and hijacking),
they may exploit the tools of the "information age" to bring their case before the citizens of
the world. To defend against a threat, one must understand its critical elements.
5. Cyber terrorism, like "conventional" terrorism, will strive to change the mind of its
intended audience. However, cyber terrorism may utilize a different means to this end. In the
wake of the recent computer attacks, many have been quick to jump to conclusions that a new
breed of terrorism is on the rise and Sri Lanka must defend itself with all possible means. As
a society we have a vast operational and legal experience and proved techniques to face
combat terrorism but we have to know if we are ready to face this new aspect of terrorism.
RESEARCH HYPOTHESIS
6. Sri Lanka is having a high risk in near future in the area of information technology.
This threat has not been a complicated one for the time being but with the availability of
resources and with the developing technology over time, the potential of being attacked
through the means of information technology has increased but our government haven’t acted
in an effective manner to mitigate these risks.
5
RESTRICTED
CHAPTER TWO
PROBLEM STATEMENT
4. This onset of the information-dependent third wave provides opportunities for
spectacular gains and serious losses for individuals, corporations, and states. It is within this
world that the cyber terrorists will operate. In the same manner that terrorists have exploited
widely accepted technology such as dynamite and the airplane (for bombing and hijacking),
they may exploit the tools of the "information age" to bring their case before the citizens of
the world. To defend against a threat, one must understand its critical elements.
5. Cyber terrorism, like "conventional" terrorism, will strive to change the mind of its
intended audience. However, cyber terrorism may utilize a different means to this end. In the
wake of the recent computer attacks, many have been quick to jump to conclusions that a new
breed of terrorism is on the rise and Sri Lanka must defend itself with all possible means. As
a society we have a vast operational and legal experience and proved techniques to face
combat terrorism but we have to know if we are ready to face this new aspect of terrorism.
RESEARCH HYPOTHESIS
6. Sri Lanka is having a high risk in near future in the area of information technology.
This threat has not been a complicated one for the time being but with the availability of
resources and with the developing technology over time, the potential of being attacked
through the means of information technology has increased but our government haven’t acted
in an effective manner to mitigate these risks.
5
RESTRICTED
RESTRICTED
OBJECTIVES
7. The main objective of this research is to analyse the vulnerabilities of Sri Lanka to a
cyber-terrorist attack.
8. Secondary objectives of this research are :
i. To identify the rules and regulations regarding cyber-security
and privacy
ii. To identify the proactive and reactive measures that can be
taken against Cyber Terrorism
METHODS OF DATA COLLECTION
9. The required data for the research were drawn from the following sources;
i. Primary sources -Information collected by interviewing
resource personnel in the relevant field and by distributing a
questionnaire among the selected sample of the population.
ii. Secondary sources -Information was gathered from
relevant books, journals, internet, treaties and conventions and
also international and local enactments of relevance.
LIMITATIONS
i. We have to limit the scope of this research to the
population which is aware about the Information technology.
ii. Secondary data collection has to be limited to the books
available on the relevant field, internet and newspapers.
iii. Difficulties in obtaining information from the required
personal in detail.
6
RESTRICTED
OBJECTIVES
7. The main objective of this research is to analyse the vulnerabilities of Sri Lanka to a
cyber-terrorist attack.
8. Secondary objectives of this research are :
i. To identify the rules and regulations regarding cyber-security
and privacy
ii. To identify the proactive and reactive measures that can be
taken against Cyber Terrorism
METHODS OF DATA COLLECTION
9. The required data for the research were drawn from the following sources;
i. Primary sources -Information collected by interviewing
resource personnel in the relevant field and by distributing a
questionnaire among the selected sample of the population.
ii. Secondary sources -Information was gathered from
relevant books, journals, internet, treaties and conventions and
also international and local enactments of relevance.
LIMITATIONS
i. We have to limit the scope of this research to the
population which is aware about the Information technology.
ii. Secondary data collection has to be limited to the books
available on the relevant field, internet and newspapers.
iii. Difficulties in obtaining information from the required
personal in detail.
6
RESTRICTED
RESTRICTED
CHAPTER THREE
DATA PRESENTING AND ANALYSING
DEFINITION OF THE CYBERTERRORISM
10. The term cyber-terrorism was coined in 1996 by combining the terms cyberspace and
terrorism.(Larry, 2009) Defines cyber terrorism as "The use of computer network tools to
shut down critical national infrastructure (such as energy, transportation, government
operations) or to coerce or intimidate a government or civilian population"
11.The United States Federal Bureau of Investigation (FBI) defines ‘Terrorism’ as the unlawful
use of force or violence, committed by a group(s) of two or more individuals, against persons
or property, to intimidate or coerce a government, the civilian population, or any segment
thereof, in furtherance of political or social objectives”.
12. Former Chief Strategist at Netscape, Kevin Coleman defines cyber terrorism as “The
premeditated use of disruptive activities, or the threat thereof, against computers and/or
networks, with the intention to cause harm or further social, economic, ideological, religious,
political or similar objectives or to intimidate any person in furtherance of such objectives”.
13. It has to be noted that the general public misinterpret hacking as cyber terrorism yet
these two terms has a drastically different meanings. Hacking is the deliberate and
unauthorized access, use, disclosure, and/or taking of electronic data .The computer crime of
hacking is committed when a person wilfully, knowingly, and without authorization or
without reasonable grounds to believe that he or she has such authorization, attempts or
achieves access, communication, examination, or modification of data, computer programs,
or supporting documentation residing or existing internal or external to a
7
RESTRICTED
CHAPTER THREE
DATA PRESENTING AND ANALYSING
DEFINITION OF THE CYBERTERRORISM
10. The term cyber-terrorism was coined in 1996 by combining the terms cyberspace and
terrorism.(Larry, 2009) Defines cyber terrorism as "The use of computer network tools to
shut down critical national infrastructure (such as energy, transportation, government
operations) or to coerce or intimidate a government or civilian population"
11.The United States Federal Bureau of Investigation (FBI) defines ‘Terrorism’ as the unlawful
use of force or violence, committed by a group(s) of two or more individuals, against persons
or property, to intimidate or coerce a government, the civilian population, or any segment
thereof, in furtherance of political or social objectives”.
12. Former Chief Strategist at Netscape, Kevin Coleman defines cyber terrorism as “The
premeditated use of disruptive activities, or the threat thereof, against computers and/or
networks, with the intention to cause harm or further social, economic, ideological, religious,
political or similar objectives or to intimidate any person in furtherance of such objectives”.
13. It has to be noted that the general public misinterpret hacking as cyber terrorism yet
these two terms has a drastically different meanings. Hacking is the deliberate and
unauthorized access, use, disclosure, and/or taking of electronic data .The computer crime of
hacking is committed when a person wilfully, knowingly, and without authorization or
without reasonable grounds to believe that he or she has such authorization, attempts or
achieves access, communication, examination, or modification of data, computer programs,
or supporting documentation residing or existing internal or external to a
7
RESTRICTED
RESTRICTED
14. Computer system or computer network. Computer hacking is the most popular form
of hacking nowadays, especially in the field of computer security, but hacking exists in many
other forms, such as phone hacking, brain hacking, etc. And it's not limited to either of them.
15. Since cyber terrorism covers a vast area of technical aspects it is required to know the
exact differences between the following:
i. Hacker: A term used by some to mean "a clever programmer" and by others,
especially those in popular media, to mean "someone who tries to break into computer
systems."
ii. White hat: A hacker who identifies a security weakness in a computer system
or network but, instead of taking malicious advantage of it, exposes the weakness in a
way that will allow the system's owners to fix the breach before it can be taken
advantage by others.
iii. Black hat: A hacker who breaks into a computer system or network with
malicious intent. Unlike a white hat hacker, the black hat hacker takes advantage of
the break-in, perhaps destroying files or stealing data for some future purpose. The
black hat hacker may also make the exploit known to other hackers and/or the public
without notifying the victim. This gives others the opportunity to exploit the
vulnerability before the organization is able to secure it.
iv. Grey hat : A hacker who exploits a security weakness in a computer system or
product in order to bring the weakness to the attention of the owners. Unlike a black
hat, a grey hat acts without malicious intent. The goal of a grey hat is to improve
system and network security. However, by publicizing vulnerability, the grey hat may
give other hackers the opportunity to exploit it. This differs from the white hat who
alerts system owners and vendors of vulnerability without actually exploiting it in
public.
v. Phishing: An e-mail fraud method in which the perpetrator sends out
legitimate-looking email in an attempt to gather personal and financial information
8
RESTRICTED
14. Computer system or computer network. Computer hacking is the most popular form
of hacking nowadays, especially in the field of computer security, but hacking exists in many
other forms, such as phone hacking, brain hacking, etc. And it's not limited to either of them.
15. Since cyber terrorism covers a vast area of technical aspects it is required to know the
exact differences between the following:
i. Hacker: A term used by some to mean "a clever programmer" and by others,
especially those in popular media, to mean "someone who tries to break into computer
systems."
ii. White hat: A hacker who identifies a security weakness in a computer system
or network but, instead of taking malicious advantage of it, exposes the weakness in a
way that will allow the system's owners to fix the breach before it can be taken
advantage by others.
iii. Black hat: A hacker who breaks into a computer system or network with
malicious intent. Unlike a white hat hacker, the black hat hacker takes advantage of
the break-in, perhaps destroying files or stealing data for some future purpose. The
black hat hacker may also make the exploit known to other hackers and/or the public
without notifying the victim. This gives others the opportunity to exploit the
vulnerability before the organization is able to secure it.
iv. Grey hat : A hacker who exploits a security weakness in a computer system or
product in order to bring the weakness to the attention of the owners. Unlike a black
hat, a grey hat acts without malicious intent. The goal of a grey hat is to improve
system and network security. However, by publicizing vulnerability, the grey hat may
give other hackers the opportunity to exploit it. This differs from the white hat who
alerts system owners and vendors of vulnerability without actually exploiting it in
public.
v. Phishing: An e-mail fraud method in which the perpetrator sends out
legitimate-looking email in an attempt to gather personal and financial information
8
RESTRICTED
End of preview
Want to access all the pages? Upload your documents or become a member.