From Government Computer News – > “Cyberwarfare—a sustained digital attack on critical infrastructures—isn’t easy to wage, but there are indications that some groups might be preparing to try.
“We really haven’t seen an act of cyberterror,” Matthew G. Devost, president of the Terrorism Research Center of Burke, Va., said at a recent conference held by the Terrorism Research Center and the Washington Metro Transit Police. “It’s more difficult to execute than you have been led to believe.”
Terrorist groups, however, could be financing the education of computer science students to get the necessary expertise. “We’re starting to see an increase in sponsorships of degrees in computer science,” Devost said, although no students have been tied to particular organizations. ”
Cyberattack by a nation or a terrorist organization would be relatively inexpensive and low risk, but the results would likely be correspondingly slight, Devost said, and perhaps masked by routine glitches and system failures.
War games held last summer by the Naval War College and Gartner Inc. of Stamford, Conn., showed that significant damage was unlikely even if cyberattackers had a hefty budget and a five-year timeline.
A study last year on cyberthreats by the Center for Strategic and International Studies of Washington concluded that, despite network vulnerabilities, “cyberweapons seem to be of limited value in attacking national power or intimidating citizens.”
Redundant and decentralized infrastructures serving the power, financial and transportation industries already deal routinely with failures and outages without serious impact on the nation’s economy or well-being, the study said.
“The United States has already run a large-scale experiment on the effects of disrupting electrical power supplies, thanks to California’s experience with deregulation” in 2001, it said. “Deregulation was a more powerful attack on the electrical infrastructure than anything a cyberterrorist could mount.”
Despite their inconvenience, the power shortages did not have the kind of impact terrorists seek, the center said. But cybercrime and espionage do pose real threats.
A digital attack could become a force multiplier, for example, disrupting local communications and emergency response in conjunction with a physical attack.
By William Jackson
GCN Staff