It’s Time We Called Cyber Criminals What They Really Are – Terrorists

image While it may be true that cyber crime doesn’t fit neatly into the restrictive classical definition of terrorism, (motivation is a definitive factor), nevertheless, cyber crime’s effect on Internet users’ is  arguably similar  – intimidation, coercion (think Rogue software), and instilling fear.

Motivation be damned! Simply because a hacker’s motivation is money, rather than political gain, hardly changes the effect of the crime. Cyber criminals, by my definition, are terrorists.

Consider the following two points:

If a group, or an individual, dug holes in a highway in your community making it unsafe to use, (put the motivation aside for a moment), how would you refer to that person, or group, based on the impact on you? The reality is – cyber criminals, blow holes in the Internet highway on a daily basis.

If you couldn’t get to work today, because a criminal gang held the subway system to ransom – with a bomb threat, how would you, or more particularly, law enforcement officials, refer to that group? The reality is – cyber criminals hold individuals, and web sites, to ransom every day.

As Shakespeare said, in Romeo and Juliet , “That which we call a rose, by any other name would smell as sweet.”  The point being – it doesn’t matter what you call a thing; what matters is – what the thing is. Cyber crime though, is a misnomer – terrorism is not.

This morning, when I was editing my Tech Net News column, I included the following high profile cyber crime occurrences which were reported over this past weekend. I could easily have added a dozen more, all from the last few days, but I think the point was made.

Newest Social Net Scam: Stranded Friend – Analysis: Beware a common hoax involving a hijacked email account and a plea for quick cash from a familiar name.

Trojan attacks now almost solely from legitimate websites – According to reports, surfers are now almost always attacked from the hacked web sites of legitimate providers. Previously the general assumption was that malware was only found on sex sites and other shady web sites, but these days all you need to do is visit the site of your favorite newspaper to come under attack.

Reports of Possible YouTube Hack Light up Social Media Sites – Reports have surfaced on social media sites that YouTube may have gotten hacked and that Apple’s iTunes App Store may also be compromised.

App Store Hacked – Two iPhone App developers have spotted what appears to be a hacking of the App store rankings by a rogue developer. What’s more concerning is that it seems individuals iTunes accounts have been hacked to make mass purchases of that one developer’s apps.

Existing penalties for cyber crimes, including those mentioned above, are far less than adequate. So, calling cyber criminals what they are – terrorists; would open up a whole new spectrum of possibilities – including the application of criminal penalties, and sanctions, more in line with the true nature of the offense – terrorism.

I’ve always been curious as to why it is, governments and law enforcement agencies, protect us across a broad spectrum – from noisy neighbors, all the way to ensuring our safety while travelling on airplanes. And yet, these same governments and law enforcement agencies, leave it us, at an individual level, to deal with cyber crime.

This hands off policy has led to staggering costs to world economies – (a Trillion dollars or more, annually), and the impact on individuals, is immeasurable.

I suspect, that if cyber crime was referred to in a more appropriate manner – terrorism; we might find ourselves less alone in our daily struggle to stay safe on the Internet.

What do you think:

Are you tired and frustrated with having to deal with cyber crime on your own?

Should the nature of cyber crime be reflected in a more appropriate way, by calling it what it is – terrorism?

Should the penalties for cyber crime be set at a level commensurate with the true nature of the offense?

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Advertisements

33 Comments

Filed under Bill's Rants, cybercrime, Don't Get Scammed, Don't Get Hacked, Interconnectivity, Malware Advisories, Windows Tips and Tools

33 responses to “It’s Time We Called Cyber Criminals What They Really Are – Terrorists

  1. Ranjan

    Hey Bill,
    Truly said. Nice comparison.

    My views:
    Are you tired and frustrated with having to deal with cyber crime on your own?
    Yes, but thats an evil necessity. Govt doesn’t seem to be much active against cyber crime/terrorism. We bought our pc for work related and entertainment purposes, not for fighting an endless war…

    Should the nature of cyber crime be reflected in a more appropriate way, by calling it what it is – terrorism?
    Yes.

    Should the penalties for cyber crime be set at a level commensurate with the true nature of the offense?
    No, if you leave/forgive any cyber criminal/terrorist for his/her low-level offense, he/she might might be the cause of collapsed economy one day. Afterall, these novice cyber-criminals or script kiddies will evolve into a skilled hacker/criminal/terrorist one day.

  2. Liam O' Moulain

    Bill,

    Cyber crime has impacted enormously, in a negative way, on my enjoyment of the Internet.

    We should stand these guys up against a wall – bang, bang.

    Liam

  3. Ranjan

    Its always a pleasure to be a part of discussion here… 🙂

  4. Pingback: Overclocking For Noobs « Tech – for Everyone

  5. Mal

    Hey Bill,

    I hate these scum that do this. It’s a never ending struggle to keep up to date with their latest tricks. Not to mention that everytime there is a computer glitch, one tends to think whether it is a glitch and some scumbag who has got his crap on my machine. It plays with your head after a while.

    I’ve said it before on here, we are lucky in some ways because we are aware. But most aren’t and will learn the hard way. I think as computer technology gets bigger and more complicated, it will only get worse, because it just creates more holes to exploit.

    Sometimes I wish I was back in the days with my old 486 playing solitaire. At least I knew that was safe.

    Good article.

    Cheers

    • Hey Mal,

      When you consider that there are 99 infected legitimate web sites for every 1 infected porno site, I don’t think we need any further proof that cyber crime is out of control. When YouTube, and the Iphone store, are both hacked in the same weekend ……

      Every time I visit a site I’m on edge; every time I open an email I’m ready for the worst. Using the Internet has gone from a fun experience to a stressful, cautious chore. And you’re right, it plays with your head after a while – if I notice even a momentary system slowdown, alarm bells start to ring.

      Sadly, the days of the 486 and safe surfing, are now nothing more than a fond memory. It sucks!

      Which reminds me, I see virtually no difference in application speed between the bygone days of my old 486, and my new quad core with all its bells and whistles. Some progress!

      Best,

      Bill

  6. Bill,
    I feel your pain with the unsafe condition of the Internet…you know that. However, probably because of my experience with Homeland Security and InfraGard here in the states, I’d rather continue to call the producers and owners of malware cyber criminals. While the result of the acts of these malware criminals, by definition, is a form of terrorism; we need to be able to label the true cyber terrorists when they strike us. I’m referring to attacks on our countries’ infrastructure such as our electric power grid, our agriculture supply chain, our water supplies, and so on. We fully expect that a cyber terror attack will accompany a physical attack to “multiply” the effects of the attack and hinder or preclude a rapid recovery.

    Sorry to go on about this, but I take terrorism very seriously these days and it has a special definition for me.

    Wow, you sure know how to get a discussion going. Thanks for all you do.

    Best,
    Paul

    • Hi Paul,

      One can easily argue that the Internet is, in fact, the backbone of virtually every form of infrastructure in a developed country. Certainly, the economic entities that you mention, could not function efficiently without benefit of the Internet. So you’re right, any cyber attack against these basic components of economies is unquestionably terrorism.

      Keep in mind however, that people, individual people, are the TRUE infrastructure of any country. People populate countries, people form governments. When a corporation’s ability, or an individual’s ability, to safely interact with the Internet is compromised, – it *is* true cyber terrorism. Or, is it only terrorism, in your view, when more than one corporation is compromised?

      Quantifying terrorism by numbers, just doesn’t wash with me. Certainly not, if I’m a victim. It’s not a matter of degree, or motivation, in my judgment – it’s a matter of impact.

      Why is it terrorism only when governments are attacked? Aren’t individuals entitled to be protected – individually? Aren’t individuals, or corporations, entitled to fall inside the same definition vis a vis terrorism, as industrial infrastructures. If the same tools are being used against individuals, and corporations now, that could potentially be used against governments (and called terrorism), why isn’t this terrorism now?

      I don’t buy your argument – it’s the type of “group think”, fostered on people by governments with little or no regard for the welfare of the very people who ARE the infrastructure. On top of that, do you really believe that people are so intellectually stunted that they can’t understand the nuances of terrorism?

      You wanted a discussion – now you’ve got one.

      Best,

      Bill

      • Bill,
        In my reply, I stated that the result of cyber criminal activity is by definition, terrorism. That definition is to purposely disrupt an environment, organization, or country by creating fear among the participants. In this case, users of the Internet; it has caused us to fear the use of this once open and safe environment. So I agree with you that your point is legitimate.

        However, if we use the term cyber terrorism to describe malware, it may confuse people. When a cyber terror attack (as I have described it in my first reply) is about to happen, I don’t want to have to spend valuable time wondering if it’s another nation-state attacking our infrastructure (including the Internet), or if it’s an increase in the use of malware.

        Looks like we may just have to agree to disagree on this one.
        Best,
        Paul

  7. Pingback: Bill Mullins – Cyber Criminals are Terrorists « TTC Shelbyville – Technical Blog

  8. Hi Bill,
    I think you made your point, terrorists don’t have to blow up buildings to create the effect they desire. Sometimes the nerve of these people blows my mind, for instance today. I got an obvious spam message advertising something or another, the return address was @acquiryoursavings.com, wow does that telegraph their intent or not. No doubt they intend to acquire my savings, the bastards are bold.
    Mark

    • Hey Mark,

      It does take just a little creative acceptance to understand that terrorist don’t all wear flowing robes, aren’t all motivated by religious fundamentalism, don’t all carry AK-47s, and don’t blow up everything in site.

      That email was just too damn cute. I suppose they see little harm in telegraphing their intent, since it won’t stop the world’s losers from replying.

      Best,

      Bill

  9. Nightjar

    Hi Bill

    No. It’s international Organised Crime on the internet

    If you wish to class it as terrorism then so is the trafficking across borders of high value goods, people, drugs & arms. You would also be obliged to include the counterfeiting of brands & piracy in general. All these activities are carried out by the same (or affiliated) groups of criminals

    It is a huge mistake to lump these mere criminals with the highly motivated & fundamentalist terrorists who one day will cook up further ‘spectaculars’ to rival the Twin Towers

    There are times when criminals & terrorists wash each others hands, but I think that the motivation is a very important distinction & we must not blur it

    • Hey Nightjar,

      “It is a huge mistake to lump these mere criminals with the highly motivated fundamentalist terrorists …”. I couldn’t disagree more – they are hardly “mere” criminals.

      In this article I equate terrorism with cyber crime and the “*effect* on Internet users …… intimidation, coercion (think Rogue software), and instilling fear.”, and, I make it clear that the motivation is money. I stand by those statements.

      There’s little doubt that International Organised Crime is primarily responsible for the destructive nature of today’s cyber crime – I could hardly run an Internet Security firm without knowing that. But, who the perpetrators are is not the issue in this article, (the money issue was already covered) – the impact and the consequences faced by both corporations and individuals is. When 67% of small businesses have been attacked over the Internet in the last 12 months, you can call it as you see it; I’ll call it as I see – terrorism.

      Bill

  10. Nightjar

    Bill – as you say – we shall have to differ on this

    The scale or impact is irrelevant to the definition of terms to be used in a discussion. Because organised crime has a huge impact doesn’t change the fact that the ‘reason for being’ & objectives are different

    wordnetweb.princeton.edu/perl/webwn
    “Terrorism: The calculated use of violence (or the threat of violence) against civilians in order to attain goals that are political or religious or ideological in nature; this is done through intimidation or coercion or instilling fear”

  11. The most disgusting thing about these cybercriminals is that it’s almost sure that they’re being helped by wolves in sheep’s clothings -just like how BP oil is being shamefacedly protected by some powerful government officials.

  12. Great article. You are absolutely correct. Linked back to this article. Everyday I work with someone who has lost their Identity, been affected by Malware, lost documents or been hacked in some way. This article is on the money. Also included links to resources including the Identity Theft Resource Center and companies that have been hacked or had a breach.

    Steve

    • Thanks Steve, I appreciate the linkback.

      It seems from the comments, that those who deal with the consequences of cyber crime on a regular basis, are more likely to agree.

      Including the resource links was very thoughtful.

      Bill

  13. Pingback: Geek Squeaks’ of the Week (#67) « What's On My PC

  14. Terrorism is based on intimidation people.Threat cause danger to humans is their foundation activity.I this reset.
    Is once again agree with you Bill.
    I greet the new city, won work-Wroclaw, beautiful city in Poland.
    All the best.:-)
    Link to Wroclaw> http://wroclaw.free.art.pl/

  15. Pingback: Stuxnet – Just Another Virus? « TTC Shelbyville – Technical Blog

  16. Bill,

    Just referenced you again on our site. This article really applies to the Stuxnet virus that can go after SCADA software. We just wrote an article on the virus referencing several other articles and Microsoft. With SCADA affecting human lives (water, electrical, etc.), this type of malware truly is written by criminals.

    Steve

  17. Pingback: Tech Thoughts Daily Net News – July 20, 2010 « Bill Mullins' Weblog – Tech Thoughts

  18. Pingback: Cyber Security

  19. Catch Cyber Criminals

    I have a pretty hard core view of these criminals having fought the Antivir Solution Pro virus most of last night and this morning. I’d like to get my hands on the little punk asses that created it and choke the life out of them. Sounds harsh? No one has the right to cause such chaos to others. My view is beware when you step into my boundaries and impact my life in anyway. I couldn’t get internet access, couldn’t open any applications, porno sites kept popping up, attack emails kept popping up, like someone was sitting back laughing at my expense. I would like to see these criminals get caught and pay for this. I happen to know a bit about computers, but what about the 1000’s of people who have no clue, and are severely impacted by this. Think of the little grandma who doesn’t understand computers having to deal with this. What is being done to find and prosecute these “terrorists”? I agree that they are terrorists by the way.

    • Hi Dorothy,

      Well, I think you’re feelings are shared by many who have been victimized by cyber crooks. So, harsh? I don’t think so.

      As you point out, less experienced users are in for a horrific experience.

      A recent statistic indicates; there are now more rogue security applications, than there are legitimate security applications. And yet, law enforcement continues to literally ignore this issue. Mind blowing!

      I can appreciate that it could not have been easy for you to write on this issue. Thank you for doing so.

      Bill