UNIT VI STUDY GUIDE
Digital Weapons and Cyberwarfare
Course Learning Outcomes for Unit VI
Upon completion of this unit, students should be able to:
6. Assess terrorist technological threats to homeland security.
6.1 Explain what constitutes digital warfare.
6.2 Discuss the implications of using cyber weapons in warfare.
Course/Unit
Learning Outcomes
6.1
6.2
Learning Activity
Unit Lesson
Chapter 7 Reading
Klein Article
Tatar Article
DHS Video
NatGeo Video
Unit VI Article Critique
Unit Lesson
Chapter 7 Reading
Klein Article
Tatar Article
DHS Video
NatGeo Video
Unit VI Article Critique
Reading Assignment
Chapter 7: Cybersecurity Threats and Technology Applications in Homeland Security
Additional Reading Assignments:
To access and read the following library resources, click the links provided below.
The following article will be required to complete this unit’s assignment. The link to the article will also be
available in the assignment instructions in Blackboard.
Klein, J. J. (2015). Deterring and dissuading cyberterrorism. Journal of Strategic Security, 8(4), 23–38.
Retrieved from
https://libraryresources.columbiasouthern.edu/login?url=http://search.ebscohost.com/login.aspx?direct=tr
ue&db=tsh&AN=112158696&site=ehost-live&scope=site
Tatar, Ü., Çalık, O., Çelik, M., & Karabacak, B. (2014, March 24–25). A comparative analysis of the national
cyber security strategies of leading nations. Proceedings of the 9th International Conference on Cyber
Warfare and Security, 211–218. Retrieved from
https://libraryresources.columbiasouthern.edu/login?url=http://search.ebscohost.com/login.aspx?direct=tr
ue&db=tsh&AN=108623765&site=ehost-live&scope=site
To access and view the following videos, click the links provided below.
Department of Homeland Security. (n.d.). S&T’s Cyber Security Division overview video [Video file]. Retrieved
from https://www.dhs.gov/science-and-technology/sts-cyber-security-division-overview-video
HLS 3306, Homeland Security Technology
1
Click here to access the PDF transcript for this video.
UNIT x STUDY GUIDE
Title
National Geographic. (2017, April 6). The future of cyberwarfare | Origins: The journey of humankind [Video
file]. Retrieved from https://www.youtube.com/watch?v=L78r7YD-kNw
Click here to access the PDF transcript for this video.
The following article will be required to complete this unit’s assignment. Click the link below to access and
read the article. The link to the article will also be available in the assignment instructions in Blackboard.
Singer, P. W. (2015). Stuxnet and its hidden lessons on the ethics of cyberweapons. Case Western Reserve
Journal of International Law, 47(3), 79–86. Retrieved from
https://libraryresources.columbiasouthern.edu/login?url=http://search.ebscohost.com/login.aspx?direc
t=true&db=a9h&AN=108307851&site=ehost-live&scope=site
Unit Lesson
Global and domestic terrorist organizations have been using various types of weapons to target innocent
civilians, groups, critical infrastructures, and other high value objectives for centuries. As time has progressed
to the 21st century, the weapons and types of attacks by terrorist organizations and lone-wolf terrorists have
become more sophisticated, advanced, and creative. In today’s era, terrorist organizations have a wide
selection of technologies and weapons that can be used to carry out attacks against high value targets in the
United States and abroad. In this unit, students will learn about digital warfare, cyber weapons, simple and
advanced technologies, and the use of social media technology as a platform to ensue mass panic and
disruption to society on a social, economic, and psychological scale.
Digital Warfare by Terrorist Organizations
We are at war! Yes, the United States has
been engaged in the War on Terror since
2001, and the public is generally kept
informed of developments through the media
and government actions. However, what
about the current global digital war that is
taking place? What do we know? In cases of
digital warfare, we often do not even know
where it has originated and who the enemy
may be. Rarely will a group, person, or
country claim responsibility for digital
warfare as they often do in overt physical
terror attacks.
Foreign
Terrorists?
Domestic
Terrorists?
An ally?
Lone
Wolf?
Who is
the
enemy?
Hackers?
In addition to determining who the enemy is, the what and why are often even harder to uncover and explain.
Questions far from the public eye are being asked daily by specialized homeland security, public, and private
industry personnel dedicated to cyber or digital warfare mitigation and protection as they work to keep pace
with the rapidly growing use of technology by terrorists.
HLS 3306, Homeland Security Technology
2
All of xthese
are GUIDE
questions that
UNIT
STUDY
the United States and our allies
Title
What is the
How is the
are trying to answer on a daily,
target?
weekly, monthly, and yearly
U.S. involved?
basis. If one turns on any news
station or media source in this
current climate, there is most
Who is
likely a story, almost daily,
protecting us
and how?
about hacking, intrusion, data
theft, ransomware, or another
Can an attack
What cyber
malicious digital or cyberattack
be stopped?
threats exist?
happening on a local, national,
or global scale. In addition to
Can the threat
these daily stories, terrorist
be avoided?
organizations are also
becoming involved in digital
warfare, cyber threats, and
cyberattacks. It is up to the United States, our allies, the federal government, and the many national and
international intelligence agencies to work together to counter any and all cyber threats and attacks.
Basics of Encryption and the Dark Web
Terrorist organizations are now using advanced technologies and tools such as data encryption to
communicate securely via the Internet, through email messages, and through data encryption software and
websites. Data encryption is the practice of encoding or encrypting the context of a message in a secure
manner requiring a data application to decode or decrypt the message. The content of a message is changed
to a specific algorithm, set of algorithms, or a set of ciphers. If one does not have the correct application,
security key, security token, or other method to decrypt the message, the content will remain encrypted and
untraceable. There are many advanced data encryption applications used by terrorist organizations that also
disguise the internet protocol (IP) address, the domain name system (DNS) address, the sender’s identity,
and the point of origin for the encrypted message. The IP address is the address assigned to a computer
workstation and client while it is connected to a network. If the IP address can be determined, it can be
compared to various internet service providers (ISPs) to determine the owner of the IP address. The DNS
address is how websites and domains are translated into various IP addresses. Each of these variables in
network traffic can be encoded and encrypted with the correct software and technology. Domestic and
international terrorist organizations typically choose this method of secure communication as it allows their
messages to be untraceable and undetectable in most environments; however, intelligence agencies and
cyber security professionals have tools and methods that can determine the content, locality, and other
pertinent data needed.
The dark web is the part of the Internet that is only accessible by installing secure software or a secure
Internet browser on a local computer or server. It has been used by criminals to conduct illegal activity for
many years. It has only recently become more prominent as more and more illegal activity such as money
laundering, drug trafficking, murder for hire, human trafficking, and other criminal acts have been taking place
on a global scale. An example of a dark web Internet browser is the Tor browser. The Tor browser allows
users to download the application and be up and running in a matter of two minutes or less. In less than two
minutes, a general computer user can go from being traceable to completely anonymous and untraceable.
Terrorist organizations have been linked to secure anonymous protocols such as Tor as the protocol allows
secure communication, illegal trade, and money laundering to take place instantaneously.
In addition to the use of data encryption, secure communications, and using the dark web, terrorist
organizations are also using virtual private networks (VPNs) and proxies to conduct criminal activity. A VPN
allows the user to redirect all web-based Internet traffic to an alternative location by encrypting the
transmission of data. The data transmission typically circumvents the ISP’s servers and routes the traffic to an
overseas VPN server. Terrorist organizations choose this method of browsing the Internet to remain
anonymous, adjust data transmission speeds, and control where the data will be sent. Many VPN services
have servers in various countries around the world. In one instance, the data traffic from a single user may be
going from Afghanistan to China and in another instance 20 minutes later, the same data traffic could be
replicating off a VPN server in Australia. VPN connections are not impossible to trace, but it can be very
difficult for intelligence agencies to gather data and evidence due to the host nations' rules and protocols for
HLS 3306, Homeland Security Technology
3
accessing and assessing the data traffic. As an example, China has a nationwide
that GUIDE
prevents many
UNITfirewall
x STUDY
intelligence agencies from accessing data centers within the country.
Title
Social Media: Terrorist Organizations’ Strongest Weapon in the 21st Century
Social media platforms and technologies such as Facebook, Twitter, LinkedIn, and Pinterest are being used
to target the civilian population in many ways. Terrorist organizations such as Al Qaeda and ISIS are using
social media to spread propaganda and to recruit civilians to join their terrorist organizations. Since most of
the social media outlets are built on an international model, ISIS and other terrorist organizations can recruit
and publish propaganda in multiple languages for several audiences. As an example, ISIS has become one of
the largest terrorist organizations in the world and spans multiple nations. This allows ISIS terrorists in each of
these nations to understand the local societal, economic, and psychological factors that exist to target
civilians in each of these areas. The propaganda and recruiting tactics used for United States citizens will
most likely differ from those that are using in Germany due to the geographic location and local ideologies
that exist. Social media has also been linked to the radicalization of several lone-wolf terrorists around the
world. Examples include the Florida Pulse Night Club incident; the San Bernardino shooting in 2016; and the
international terrorist attacks in Stockholm, Paris, London, and Barcelona in 2017. Social media allows
international and domestic terrorist groups to gain access to billions of accounts and users.
Technology companies such as LinkedIn and Facebook have hired thousands of additional employees to stop
these types of recruitment tactics and propaganda from taking place; however, it is a significant challenge as
the user base for each social media platform grows exponentially each day, week, month, and year.
Facebook and other social media platforms are also using state-of-the art tools, algorithms, ciphers, and other
proprietary technology to scan their websites and news feed threads for illicit content, violent videos, and
illegal use of built-in tools and features such as Facebook Live.
Historical Cyber Threats: Stuxnet and Understanding Critical Infrastructure Threats
Global terrorist organizations and state sponsors of terrorism are looking for new and innovative ways to instill
fear and incite mass panic in society. One of the highest profile cyberattacks to occur was the creation and
use of the Stuxnet worm. It is unclear who the originator of Stuxnet truly was, but Edward Snowden (as cited
in Ngak, 2013) claimed the United States and Israel worked together to create the worm. Stuxnet targeted the
network infrastructure and the industrial control systems (ICS) in Iran. The goal of Stuxnet was to stop and
destroy the Iranian nuclear program by sending a worm to the ICS pumps of the nuclear centrifuges. In short,
pumps typically control the internal speed of the centrifuges. If the speed increases, it destroys the nuclear
centrifuges and stops the uranium enrichment process. The complex part about accessing the ICS systems is
that they are not typically linked to a computer network. The worm can be stored on something as small as a
flash drive, so an operator can covertly insert it in a control room asset. The malicious application is then
transferred to the ICS and centrifuges.
The main concern with computer worms such as Stuxnet is that the focus is on industrial control systems that
reside in the majority of critical infrastructures around the United States and the global community. ICS is
used in nuclear power plants, power grids, dams, wastewater treatment facilities, and many other critical
areas that control everyday social infrastructure. If terrorist organizations were able to gain access to a
computer worm such as Stuxnet, it could cause the destruction and shutdown of major critical infrastructures
around the world. What would happen if nuclear weapons or material were released to the general public?
What would happen if the power grids in the United States were shut down indefinitely? It is imperative for
industry stakeholders, intelligence agencies, cyber analysts, the United States military, and other parties to be
fully aware of cyber threats that exist today. It is also important that these same parties know how to prepare,
respond, mitigate, and recover from such attacks.
This unit discussed the emerging technologies used by terrorists to conduct terrorism in the domestic United
States and abroad. Although there are many physical weapons available, the use of digital warfare, cyber
threats, and cyberattacks in the global community is a trend growing at an alarming rate. Modern day history
and recent events have demonstrated that digital warfare and the use of technology by terrorists knows no
boundaries. The current fight against terrorists and digital warfare is at the doorstep of the United States. It is
up to us to fight!
HLS 3306, Homeland Security Technology
4
Reference
UNIT x STUDY GUIDE
Title
Ngak, C. (2013, July 9). NSA leaker Snowden claimed U.S. and Israel co-wrote Stuxnet virus. Retrieved from
https://www.cbsnews.com/news/nsa-leaker-snowden-claimed-us-and-israel-co-wrote-stuxnet-virus/
HLS 3306, Homeland Security Technology
5
Purchase answer to see full
attachment