As has been evidenced by the recent cyber-attacks that brought down the Tel Aviv Stock Exchange and Israeli national airline El Al, cyber terrorists can be technologically advanced and capable of executing attacks on diverse targets.
Unlike other conventional modes of terrorist attacks, which can be modeled for potential severity and are for the most part, insurable, the profile of cyber terrorism changes daily and can have a global impact. Cyber terrorism can often evade early detection, hampering loss prevention efforts and the development of effective risk transfer products.
The FBI defines cyber terrorism as “the pre-meditated, politically motivated attack against information, computer systems, computer programs, and data which result in violence against noncombatant targets by sub-national groups or clandestine agents.”
Experts believe and history has shown the most common scenario to be the act of hacking into a network to gain control in order to cause chaos, physical or financial harm. The target of such an attack varies and could include for example: power grids, dams, refineries or transit systems.
The 2010 discovery of the Stuxnet virus, which specifically targeted computers running Siemens software and infiltrated an Iranian nuclear power plant allowing control of the facility remotely, was a particularly chilling reminder of the cyber terrorism threat.
By planting spyware, viruses or other malware, or even by manipulating stock prices, the cyber terrorist could cause direct financial harm to a targeted organization or industry sector and thus must be addressed proactively by corporations.
|This post was part of the special feature about What Risks Will Emerge in 2012? published January 24, 2012. The feature also covered emerging risks in these other fields:|
Power & Utilities
Supply Chain Interruption