March 5, 2014
— How serious is the cyber-terrorism threat today?
— The impact of the high technologies on the contemporary terrorism in the professional sphere is certain. The terrorist activity gains new qualitative content and direction. This type of terrorism is hazardous to the economy and ecology and capable to provoke mass destruction of the population. Besides, here there is an effect of so called technological trap: the more the information infrastructure of this or that facility is developed, the higher the level of its potential vulnerability is. The automated control systems of the critical facilities are no exception. More over, the damage simultaneously affects in cascades several spheres of the public life, so today the experts have all the grounds to believe that the hi-tech terrorism can produce systematic crisis in any state with developed informational infrastructure.
The results of independent researches in 14 countries of the world, including Russia, showed that 91 percent of the companies questioned had encountered information security threats. The cyber terrorists target diplomatic and government bodies all over the world In recent years, the list of potential targets has been enlarged to include companies dealing with energy, water supply and nuclear and aerospace issues.
As a matter of fact, it is a potential cyber war. But unlike the previous wars waged within the previous technological formats, this war is an undeclared one which participants are unknown and the means of destruction used could be found out only after a considerable lapse of time And the most important is that the cyber wars have no valid legal frameworks and regulations.
— Is this problem new for the anti-terrorism structures of the CIS member-states and what counter-measures are used?
— Hi-tech terrorism is not new for us. The Commonwealth member-states have long ago formulated approaches to understanding of technological terrorism by fixing it in the respective provisions of the Cooperation Agreement of the CIS member-states, but the hi-tech terrorism introduces additions into their structure. First of all, high technologies are exclusively the means of commitment of such crimes, i.e. software and hardware of the terrorist acts are suggested. This automatically provides the terrorist act of such type with anonymity, remoteness, physical security for the executors. We have long ago come to a consolidate opinion on the essence of the cyber terrorism and soberly evaluated possible prospects of the emergency and dangerous aftermaths it bears potentially. And the legal, technical and management decisions aimed at counteracting hi-tech terrorism are being actively elaborated nowadays.
I would like to note that the Commonwealth member-states possess all necessary mechanisms of cooperation which undoubtedly may be used in developing s system of measures to combat hi-tech terrorism.
Thus, the Inter-Parliament Assembly of the CIS member-states has adopted a model law "On counteracting organizations and persons which activity is aimed at committing terrorist acts in the territory of other states". Its provisions are advisory in nature and may largely serve a ground for generating a block of legal measures for counteracting hi-tech terrorism. However this law as a fundamental mechanism for counteracting preparation of the terrorist acts in the territory of other states suggests enhancement of the customs control over export and import of goods, first of dual-use goods (goods used for peaceful purposes but can be used in creating mass destruction weapons and their missile-delivery means: some types of row stuff, materials, as well as technologies and scientific and technical information which can be used in creating weapons). This is not enough in view of the hi-tech terrorism. So today the CIS ATC brings up a point of necessary expansion of the existing system of measures for counteracting international terrorism in the hi-tech sphere.
— What are the prospects for conducting counter-terrorism operations in the cyber space?
— I believe the problem of regulation of the counter-terrorism operations in the cyber space will come up sooner or later. This is especially important when such a cyber counter-terrorism operation or joint operational search actions will be conducted by the security bodies and special services of several CIS member-states. I think it makes sense to look at the practice of joint exercises of the CIS member-states defence ministries in negating cyber attacks on the military and other infrastructure sites. Russia and Belarus have such an experience.
— Social networks are frequently used for committing different crimes. What is their role in preparation of hi-tech terrorist acts and cyber wars?
— Here we shall differentiate cyber wars and and information wars. It is true that both are conducted in the cyber space. But they have different targets. The information wars are intended for targeting consciousness of people, change their views, convictions and conduct. The results of the information wars may be extremely destructive. This type of actions aimed at shattering civics and political systems, national security in general represents one of the most serious problems for the Commonwealth member-states. Social networks represent one of the channels used for the information wars. They have become part of our life space but as any socially useful technological novelty have their shade side. Social networks are often used by the terrorist organizations for propaganda of extremism and terrorism, as well as for active recruitment of new members of the criminal organizations. Here the information wars are directly linked with specific acts of active terrorist activity.
Today the social networks house a good number of prohibited terrorist organizations. The UN experts directly point at this fact. According to the specialists' assessment more than one hundred active Internet web-sites of the radical structures operate in the Russian segment. Roskomnadzor is engaged in activities aimed at prevention of distribution of extremist ideas in the networks and all this is definitely carried out within the legal environment.
Among the objects of attention of the special services is a new phenomenon of astroturfing meaning the use of special software or specially employed users to artificially alter public viewpoints. It is used to push out opinion of the real persons on the web forums, to organize fake campaigns in the Internet and first of all in the social networks which create an opinion that a majority of people demand something specific or oppose something.
— What can create a threat of cyber terrorism?
— We view the main direction of the interstate and international cooperation in the sphere of counteracting hi-tech terrorism in the context of legal and management decisions.
First, there is a national (step-by-step) approach — generation and development of national strategies of cyber security, foundation of national governmental programs for development of security standards, including rapid restoration of the systems, legal limitations or prohibition of operation of anonymous network resources, generation and update of technical (protocols) of standards for security of the key facilities. The interstate approach provides generation and update of the model legislation of the CIS member-states which regulate cyber security issues with regard to harmonization of the national legislation/ Electronic investigations, legal prosecution under conditions of extraterritorial nature of the acts or mixed jurisdiction fill the special place. There is an international approach at the more global level meaning possible formation of the international strategy (like The Geneva Convention that establishes limits and some rules of traditional war).
Second, there is a need in intensive and large-scale introduction of the application educational programs for the security and law enforcement specialists emphasizing on the modules of methods for identification of users of the Internet anonymous segments, methods of identification of Tor traffics and similar networks, use of contemporary software for identification of terrorist and extremist cyber resources. We offer joint workshops dedicated to the above directions. Besides there is a necessity in detailed topology of the networks in the national domains, topology of the social networks, dynamic modelling of the cyber terrorist and extremist activity.
Third, it is necessary to intensify links with all subjects having relation with management of common response to the cyber accidents. In this case, I think that joint projects with international organizations like Interpol in the sphere of applicable technologies of coordination of the operational resources (for example, computer forensic analysis in investigation of cyber crimes) - as well as development of strategies for counteracting cyber crimes committed with use of latest methods will be practical. The United Nations Interregional Crime and Justice Research Institute is developing the Hacker's Profiling Project (the program based on the developed forensic and social research which allows defining a social-psychological portrait), this resource is seemed also quite efficient from our point of view.
