Security threats Toolkit

Hollywood ensures cyberterror myth will Die Hard

Tags:
Cyberterrorism

Andrew Donoghue ZDNet.co.uk

Published: 03 Aug 2006 15:10 BST

...to help. Former US intelligence officer Dan Verton interviewed some of the key security figures in the Bush Administration for his 2003 book, Black Ice: The Invisible Threat of Cyber-Terrorism. "While Bin Laden may have his finger on the trigger, his grandchildren may have their fingers on the computer mouse," said Frank Cilluffo, special assistant to the US President and adviser for external affairs at the Office of Homeland Security, back in June 2001. That may be seen as progress: mouse-related deaths worldwide still comfortably lag those caused by AK-47s.

The real danger of cyberterrorism isn't that it might kill you — it won't — but that the disproportionate amount of attention it gets reduces resources available for other, more pressing threats. According to security experts such as Bruce Schneier, the terrorist threat is over-hyped and the criminal threat is under-hyped: the latter is less sexy and more troublesome, and thus far less attractive to politicians.

Even former White House cyber security adviser Richard Clarke dislikes "cyber" and "terror" being used together. "Cyberterrorism is not a term I like," he said recently. "Many different groups use cyber-vulnerabilities, and it's hard to know who they are. Some may be terrorists, but not many. It's a very serious problem that costs millions, but it's not terrorism."

In other words, if there are terrorists benefiting from criminal activities online, the only way we'll find out is if we investigate the crimes we know about — not if we spend our time chasing after Hollywood villians. And that means good, old-fashioned police legwork — collecting evidence, collating cases, investigating the thousands of cases of real damage done to real people.

Unfortunately, the UK's National High Tech Crime Unit no longer exists, having been subsumed into the larger Serious and Organised Crime Agency. Questions are already being asked about how effective SOCA can be at tackling cybercrime, given its wide remit. Last month, a Manchester woman who had her computer files held to ransom by hackers had her case turned down by local police, and whereas the case would have been taken up by the NHTCU previously, SOCA would not comment at the time on whether it would pursue the case.

If the security agencies and politicians are serious about tackling terrorism, this is where to start — not with Bruce Willis but with Dixon of Dock Green.