Is it time to expand the definition of Cyber-Terrorism?
By Mark Storace
As I monitor all of the daily cybercrime newsbytes that come across my desk, I cannot help but wonder where the lines start and stop.
Yesterday, I read about cybercrime against children and schools –
(Excerpt from CSNBC Article)
On October 16, the Department of Education issued a warning for K-12 teachers, parents, students and administrators against the dangers of hackers like The Dark Overlord, citing instances of cyber attacks against school districts in three different states.
"Schools have long been targets for cyber-thieves and criminals," writes the department. "We are writing to let you know of a new threat, where the criminals are seeking to extort money from school districts and other educational institutions on the threat of releasing sensitive data from student records."
One such attack took place in Columbia Falls, Montana, where students and administrators were sent threatening messages demanding $150,000 in bitcoin in exchange for not publishing stolen school records. Columbia Falls Superintendent Steve Bradshaw tells CNN that students had received text messages referencing Sandy Hook Elementary that said things such as, "splatter kids' blood in the hallways."
The attacks against Columbia Falls forced more than 30 schools to shut down for three days while law enforcement determined the hackers were located outside of the United States. According to The Wall Street Journal, Los Angeles Valley College paid hackers $28,000 in ransom.
The Department of Education's letter confirmed that threats like these have now been observed multiple times, stating, "In some cases, this has included threats of violence, shaming, or bullying the children unless payment is received."
As I think about these actions, I cannot help but think of them as Terrorist Acts, designed to instill fear and chaos in the hearts and minds of Americans.
When I look at the definition of Cyber Terrorism, I think we should broaden it to include these types of terrorist acts against our children and schools.
Cyber Terrorism Definition
According to the U.S. Federal Bureau of Investigation, cyberterrorism is any "premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by sub-national groups or clandestine agents."
Unlike a nuisance virus or computer attack that results in a denial of service, a cyberterrorist attack is designed to cause physical violence or extreme financial harm. According to the U.S. Commission of Critical Infrastructure Protection, possible cyberterrorist targets include the banking industry, military installations, power plants, air traffic control centers, and water systems.
Given the above definition, I would propose a broader description to include the emotional violence that occurs when someone targets our Children, our learning institutions and the threats to expose or exploit them and their data/information.