IN the wake of the WannaCry incident and recent terrorist attacks in Britain, could cyber-attacks rise as an alternative for terrorists to inflict serious damage remotely?
The recent attacks in Manchester and London that claimed the lives of 30 people and left dozens injured have devastated both the United Kingdom and the world. The particular incidents reflect, according to intelligence gathered so far, the work of “lone wolfs” who acted alone, albeit claiming some vague connection to wider terrorist networks. All the while, there are much more elaborate ways for terrorist networks to wreak havoc without having to physically infiltrate Western countries.
Cyber-terrorism is a contested term, as it tends to lump together attacks with various motives, including hackers seeking ransom and hacktivists promoting political causes, often related to privacy and technology-related issues. Cyber-warfare and espionage are more common than it might seem, as most incidents do not find their way to mainstream media. Last October, it was revealed that a hack into the Australian Bureau of Meteorology which saw sensitive documents stolen was the work of foreign powers. According to the same source, the country’s Threat Report estimated that within three years terrorists could be able to compromise secure government networks with disastrous consequences.
The recent allegations of Russian meddling with the US presidential campaign and elections only serves to underscore the damage that similar cyber-attacks can do. Just last week, evidence came to light that allegedly proves the Russian government launched a spear-phishing attack on computers at an American voting machine company while earlier this year it was reported that the Democratic National Committee’s computer system was hacked into, possibly by groups associated with the Russian military. It seems therefore that espionage and international antagonism have in some part migrated to the virtual world – although according to resources shared by NATO, we cannot yet talk of “cyber-war”. Still, cyber-attacks are not out of the question in the global rise of terrorist attacks on Western countries. But how exactly could such attacks be carried out?
The WannaCry attack that affected more than 200,000 organisations in around 150 countries, including the NHS, exploited a vulnerability in Microsoft’s software that was first discovered by the NSA. Other attacks however are not so sophisticated. In the past, hackers have used tried-and-tested methods, such as the infamous SQL injection – an attack vector that uses malicious SQL code to manipulate databases in order to gain unauthorised access to information, including sensitive data. This type of attack might also allow the hacker to delete information or even gain administrative rights to a database, with devastating effects.
An SQL injection was behind the October 2015 TalkTalk breach, which led to the attacker accessing the personal data of 156,959 customers including names, addresses, dates of birth, phone numbers and email addresses, while in 15,656 cases they also gained access to bank account details and sort codes. In that case, the company was fined a record of £400,000 by the Information Commissioner’s Office for failing to take simple security measures that could have prevented the attack – which serves to demonstrate that security must be a top priority and that simple steps might work wonders for increasing protection. This seems especially crucial in light of what could happen if the wrong people gained access to sensitive networks, as was the case with the US elections and WannaCry’s damage on NHS.