Chapter Overview
This chapter explores the conceptual and practical bounds of responses to cyberterrorism, and proposes a model of agile mechanisms for adaptive responses. We propose a methodological approach starting from a taxonomy of responses, based on familiar taxonomies of attacks and threats, and an emerging (socially constructed) understanding of cyberterrorism. We elaborate on two “aligning ideas” for the spectrum of responses—aligning by the type of response (related to its nature) and time-span (aligning responses before, during and after attacks). The approach aims for a holistic policy for countering cyberterrorism, noting that cyberterrorism policy (derived from cyber security policy) points to possible gaps and overlaps of policy literature on counter terrorism. Connecting conceptual and practical responses suggests a “layered” approach ranging from individual level to organizational to national or international responses. We also argue for agile capabilities for a spectrum of responses. Cyberspace is a swiftly evolving environment where protagonists continuously innovate to penetrate, exploit or attack systems. Learning lessons from past incidents is insufficient preparation for unknown futures and threats. Cyberspace is a cyclical competition where both sides learn and adapt, calling for a dynamic model for cyber counter terrorism responses. The proposed model portrays a value-stream from intelligence in cyberspace to cyber-forensics leading to a value chain of preventive and reactive responses. In this model, the effectiveness of deterrence as a measure against cyberterrorism is questioned. A holistic view of responses pulls together various relevant disciplines, e.g., risk management, business continuity, futures studies and scenario planning, red teaming, and operational knowledge management. It calls for investment in education and research by the triad of academia, industry and governments, to create a “cyber security ecosystem.”
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Further Reading
Falessi N et al (2012) National cyber security strategies: practical guide on development and execution. European Network and Information Security Agency (ENISA)
Klimburg A (2012) National cyber security framework manual. Estonia: NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE)
Luiijf E, Besseling K (2013) Nineteen national cyber security strategies. Int J Crit Infrastruct 9(1/2):3–31
References
Adams A, Sasse MA (1999) Users are not the enemy. Comm ACM 12(42):40–46
Ahmad R, Yunos Z (2012) A dynamic cyber terrorism framework. Int J Comput Sci Inform Secur 10(2):149–158
Alkaabi A et al (2010) Dealing with the problem of cybercrime. In: Proceedings of 2nd international ICST conference on digital forensics & cyber crime, Abu Dhabi
Ariely G (2006) “Learning to Digest During Fighting – Real Time Knowledge Management,” International Institute for Counter-Terrorism, IDC Herzliya http://www.ict.org.il/Articles/tabid/66/Articlsid/229/currentpage/10/Default.aspx
Ariely G (2008) Knowledge management, terrorism, and cyber terrorism. In: Janczewski L, Colarik A (eds) Cyber warfare and cyber terrorism. IGI Global, Hershey
Ariely G (2009) Futures of virtual spaces for higher education in the government sector: immersive learning and knowledge exchange. In: Proceedings of OECD conference on higher education spaces & places for learning innovation & knowledge exchange, Riga
Arquilla J, Ronfeldt DF (1996) The Advent of Netwar. RAND, Santa Monica
Ashton K (2009) That ‘Internet of things’ thing. RFID J. http://www.rfidjournal.com/articles/view?4986. Accessed 4 Aug 2013
Averill B, Luiijf EAM (2010) Canvassing the cyber security landscape: why energy companies need to pay attention. J Energ Secur. http://www.ensec.org/index.php?view=article&id=243%3Acanvassing-the-cyber-security-landscapewhy-energy-companies-need-to-pay-attention&option=com_content&Itemid=361. Accessed 24 Jan 2014
Azani EY et al (2008) Global jihad groups as learning organizations: overcoming outer-perimeter security obstacles. ICT’s Jihadi Websites Monitoring Group- Insights, International Institute for Counter-Terrorism (ICT)
Bayuk JL et al (2012) Cyber security policy guidebook. Wiley, Hoboken
Bilge L, Dumitras T (2012) Before we knew it: an empirical study of zero-day attacks in the real world. In: Proceedings of 2012 ACM conference on computer and communications security
Chen TM (2013) An assessment of the department of defense strategy for operating in cyberspace. Strategic Studies Institute, Carlisle
Clarke RA, Knake R (2012) Cyber war. HarperCollins, New York
Dingledine R et al (2004) Tor: the second-generation onion router. In: Proceedings of 13th USENIX security symposium
Don BW et al (2007) Network technologies for networked terrorists: assessing the value of information and communication technologies to modern terrorist organizations. RAND, Santa Monica
Ganor B (2001) Defining terrorism: is one man’s terrorist another man’s freedom fighter? http://www.ict.org.il/ResearchPublications/tabid/64/Articlsid/432/Default.aspx. Accessed 4 Aug 2013
Ganor B (2009) Terrorism networks: it takes a network to beat a network. In: Kleindorfer R, Wind YJ, Gunther RE (eds) The network challenge: strategy, profit, and risk in an interlinked world. Wharton School, Upper Saddle River, pp 453–470
Glaser BG, Strauss AL (1967) The discovery of grounded theory: strategies for qualitative research. Aldine de Gruyter, Hawthorne
Goulding C (2002) Grounded theory: a practical guide for management, business and market researchers. Sage, London
Howard JD, Longstaff TA (1998) A Common Language for Computer Security Incidents, Livermore, CA, Sandia National Labs
ICTAC (International Counter Terrorism Academic Community) founded by Ganor, Institute for Counter Terrorism (ICT) at the Interdisciplinary Center (IDC) Herzliya
Jackson BA et al (2007) Breaching the fortress wall: understanding terrorist efforts to overcome defensive technologies. RAND, Santa Monica
Jarvis L, Nouri L, Whiting A (2014) Understanding, Locating and Constructing ‘Cyberterrorism’. In: Chen T, Jarvis L, Macdonald S (eds) Cyberterrorism: understanding, assessment, and response. Springer, New York
Kiltz S et al (2008) Taxonomy for computer security incidents. In: Janczewski L, Colarik A (eds) Cyber warfare and cyber terrorism. IGI Global, Hershey
Kuehl DT (2009) Cyberspace and cyberpower. In: Kramer FD, Starr SH, Wentz LK (eds) Cyberpower and national security. National Defense University Press, Washington, DC
Kuhn TS (1962) The structure of scientific revolutions. University of Chicago Press, Chicago
Libicki MC (2009) Cyberdeterrence and cyberwar. RAND, Santa Monica
Locke K (2001) Grounded theory. Sage, London
Maurer T (2011) Cyber norm emergence at the United Nations—an analysis of the UN’s activities regarding cyber-security? Belfer Center for Science and International Affairs, Harvard Kennedy School, Cambridge
McLuhan M (1966) Understanding media: the extensions of man. McGraw-Hill, London
Meyers C et al (2009) Taxonomies of cyber adversaries and attacks: a survey of incidents and approaches. Lawrence Livermore National Security, LLC, Livermore, CA
NATO (2011) Assured access to the global commons: maritime, air, space, cyber
Nye JS (2010) Cyber power. Harvard Kennedy School, Belfer Center, Cambridge
Parkinson NC (1957) Parkinson’s law and other studies in administration. Houghton Mifflin, Boston
Saffo P (2013) Disrupting undersea cables: cyberspace’s hidden vulnerability. http://www.acus.org/new_atlanticist/disrupting-undersea-cables-cyberspaces-hidden-vulnerability. Accessed 4 Aug 2013
Singer PW (2012) The Cyber Terror Bogeyman. Armed Forces Journal. Washington, D.C.: Brookings Institution. Retrieved from http://www.brookings.edu/research/articles/2012/11/cyber-terror-singer
Strauss AL, Corbin JM (1990) Basics of qualitative research: grounded theory procedures and techniques. Sage, Newbury Park
Thomas TL (2003) Al Qaeda and the Internet: the danger of ‘cyberplanning’. Parameters Spring 33(1):112–123
Thonnard O et al (2012) Industrial espionage and targeted attacks: understanding the characteristics of an escalating threat. Research in attacks, intrusions, and defenses
Toffler A (1990) Powershift: knowledge, wealth, and violence at the edge of the 21st century. Bantam Books, New York
U.S. Army (2006) FM 3-24/MCWP 3-33.5 Counterinsurgency
Veerasamy N, Grobler M (2010) Countermeasures to consider in the combat against cyberterrorism. http://researchspace.csir.co.za/dspace/bitstream/10204/4486/3/Veerasamy3_2010.pdf. Accessed 24 Jan 2014
Vorster A, Labuschagne L (2005) A framework for comparing different information security risk analysis methodologies. In: Proceedings of South African Institute for Computer Scientists and Information Technologists (SAICSIT 2005)
Warnes R (2014) Modelling terrorism and counter-terrorism. Ph.D. dissertation (forthcoming). University of Surrey, Surrey
Weimann G (2005) Cyberterrorism: the sum of all fears? Stud Conflict Terrorism 28:129–149
Zittrain J (2006) A history of online gatekeeping. Harv J Law Tech 19(2):253
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer Science+Business Media New York
About this chapter
Cite this chapter
Ad Ariely, G. (2014). Adaptive Responses to Cyberterrorism. In: Chen, T., Jarvis, L., Macdonald, S. (eds) Cyberterrorism. Springer, New York, NY. https://doi.org/10.1007/978-1-4939-0962-9_10
Download citation
DOI: https://doi.org/10.1007/978-1-4939-0962-9_10
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4939-0961-2
Online ISBN: 978-1-4939-0962-9
eBook Packages: Computer ScienceComputer Science (R0)