Terrorists who want to stage a cyberattack against the United States may lean on criminal networks to assist them, a former Defense Department official said.
Steven Bucci, former deputy assistant secretary for homeland defense, said conventional wisdom states that terrorist organizations aren’t interested in cyberattacks because they don’t make for spectacular, bloody video footage that can be used for propaganda.
He disagrees. Imagine infiltrating the computers of a chemical plant, and ordering them to “open up all the valves,” he said at a Heritage Foundation talk. Such an attack could rival the Bhopal disaster in India, and deliver the effects groups such as al-Qaida are looking for.
“That’s pretty darn spectacular, and pretty elegant from an attack standpoint. You don’t really need that big a capability,” he said.
A full-scale cyberwar between nations is possible, but unlikely, Bucci said. It’s akin to nuclear war where there was mutually assured destruction. “The most likely threat in my mind is a cyberterrorist attack enabled by cybercriminal capabilities,” Bucci said.
Such an operation would require more than a single hacker sitting at a computer, but not a whole lot more. “It does not require an entire cyberarmy to pull off one of these events.”
It may require the expertise found in cybercriminal networks, though.
Bucci predicted a nexus between terrorists and the criminal underworld. “They are more than happy to work with anybody who has the money.”
Such cooperation may have already happened when there was a massive denial-of-service attack on the Israeli civil defense system as forces prepared to invade the Gaza Strip last year.
While there is no direct evidence that such a cooperative agreement occurred, the attack had all the hallmarks of the Estonia denial-of-service attack in 2007, which involved a criminal network, he said.
Alejandra Bolanos, a National Defense University assistant professor of international security studies, predicted state-actors seeking to attack or infiltrate networks will use these criminal organizations as a proxy. That way, they can have “plausible deniability” when the victim is searching for those responsible for the network intrusions, she said.