CYBEREYE—Commentary

Web site hacking: Terrorism or rogue diplomacy?

It doesn’t really reach the level of terrorism, but some countries seem to be including online attacks in their portfolio of diplomatic activities

Recent Web site attacks apparently connected to sensitive international issues have generated a lot of talk about cyber terrorism. There was the spate of denial-of-service attacks in early July against government and financial sites in the United States and South Korea, supposedly originating in North Korea and, more recently, attacks against the Web site of an Australian film festival that had offended the Chinese government.

DNSSEC deployment gaining traction

The Domain Name System Security Extensions, a scheme for digitally signing the records that direct much of our Internet activity, are slowly gaining traction.

Several countries already have signed their zones, the U.S. government has signed the .gov top-level domain and agencies are working toward getting second-tier domains signed by the end of the year. The Public Interest Registry, which runs the .org domain, has started signing and testing, and on a much smaller scale, the Energy Department’s Energy Sciences Network is signing ESnet records within the .org and .net domains.

But it will take awhile for these efforts to bear fruit. In addition to signing records, network administrators will have to distribute keys so that data can be authenticated, which requires large-scale key management and creating either trusted repositories for keys or trust relationships. It is likely to be several years before DNSSEC becomes a routine part of our online life.

Neither of those incidents rose to the level of terrorism. Instead, they appeared to be part of a trend toward the use of online activism as a kind of rogue diplomacy. Countries that want to be taken seriously can grab a lot of attention by taking down a few Web sites.

The Korean activity came at a time of heightened squabbling between North Korea and the rest of the world about missile tests. According to security experts, the distributed denial-of-service attacks were about as sophisticated as the missiles the country has been launching. But, like the missiles, they received international attention.

More recently, the Web site of the Melbourne International Film Festival was defaced with a Chinese flag and angry messages July 25, shortly after a diplomatic protest from China against the showing of a documentary film, “Ten Conditions of Love,” about Uighur activist Rebiya Kadeer. The Chinese government blames Kadeer, now living in exile in the United States, for recent riots in China that left 200 people dead, and the country withdrew its films from the festival because of the documentary.

It is difficult to pinpoint the source of and motive behind online attacks, and beyond speculation, there has been nothing solid to tie the Korean attacks to the North Korean government. According to the Australian Broadcasting Company, a Chinese citizen who claimed to be the film festival hacker denied by e-mail any connection with the Chinese government and said he was acting out of anger over the perceived national slight.

This kind of hacktivism is not new, but it is appearing more often in connection with international issues. With an increasingly tense and fragmented international community, the number of such attacks is likely to increase.

The U.S. government claims that a number of countries are developing cyber offensive capabilities. That makes sense because the asymmetrical nature of cyber warfare could make even a small country a formidable opponent online. Countries that would never have the resources to attack us militarily could easily match us click for click with a relatively modest outlay.

In the same way, a country can use cyberattacks to bring attention to its concerns, sometimes out of proportion to its international influence. North Korea has a real image problem, and most of the world does not take its threats seriously. But if someone is kept out of Amazon.com for a few hours, North Korean concerns become a factor in his or her life. It is unlikely that many people outside Australia would have known about China’s displeasure with the Uighur film had someone not gone after the festival Web site. As tensions flare over major and minor issues around the world, we probably can expect corresponding spikes in online hostile activity.

About the Author

William Jackson is freelance writer and the author of the CyberEye blog.

Reader Comments

Wed, Aug 12, 2009 arclight

All: Perhaps "terrorism" is an incorrect moniker, but it's still criminal activity, and eventually someone will die because of it, if they haven't already (e.g. Georgia, or similar). When they do, what do we do then? I don't think folks want to just write the dead bodies off as a cost of "the way business gets done", or provide excuses for the folks who do this kind of thing.

Tue, Aug 11, 2009 David

This is not terrorism. It is information operations. There is no psychological component of terror. The goal is to increase attention and to make things more difficult, not to inspire terror. Likewise, H, piracy is not terrorism. It is financially-motivated crime and extortion. If it were terrorism, the goal would be to scare all of the boats away, which is not at all what pirates are hoping for.

Tue, Aug 11, 2009 TW Maryland

I agree that labeling many things "terrorism" dilutes the true meaning of the word. Terrorism is achieved when an event instills a persistent state of fear in a people. Have any of these recent web attacks caused damage and financial distress sufficient to cause the populus to live in terror? The answer is NO. While these attacks were "hostile", "malicious" and certainly "criminal", they were not "terrorism" by a long margin. The correct term to use might be "attempted terrorism". The intent to cause terror may have been present, but overall, they failed. There are only two groups of people who felt that this was terrorism. (1) poor, misguided souls who insist on labeling all evil events as "terrorism" and (2) the media.

Mon, Aug 10, 2009 Millie Yellowknife

The danger in making "all things terrorism" is that the term "terrorism" loses its sting. The term is already loose enough - to expand it to include any action intent on behaviour influence is counter-productive. Plus, cyber defences are readily available (albeit requiring constant monitoring and upgrade) and the vast majority of web users are employing at least some of them. Users (including consumers) have come to accept occasional theft, web defacing, service suspension, etc., without abandoning the web itself through basic precautions and damage limiting strategies. Cyber attacks may attempt harrassment and intimidation, but are just not in the same league as "terrorism".

Mon, Aug 10, 2009 H New York

In my view cyber attacks are in the same category as terrorism. When you consider the commercial aspect of the internet it is clearly an attack on capitalism, just via another avenue. Would you not consider piracy as terrorist activity? The intent is to do harm, in much the same way as a physical attack. With more and more activity on the web how can this be judged a "prank"? As we speak there are known (and most probably unknown) botnets sitting in waiting for the trigger to be pulled. What damage could be done if say Salesforce.com had a DOS attack? What is there was a DOS attack between main sites and third party vendors (think outsourced here)? Besides isn't terror political?

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above