CEBIT: Terrorists Won't Hit The Internet, Panelists Agree

The cyberterrorism threat is overstated — terrorists won't strike the Internet because bombs are more effective, an expert panel agreed Friday.

“Cyberterrorism is largely overblown,” Bruce Schneier, founder and chief technical officer of Counterpane Internet Security in Cupertino, California, said speaking in a panel on cyberterrorism at the CeBIT technology trade show.

“I don't see a cyberattack as a terror attack of choice. Dropping ATM networks and shutting down e-mail is not terrorism. If I can't get to my e-mail for a day I am not terrorised. We are many years away from somebody being able to launch large-scale electronic attacks that have the effects of a bomb,” Schneier said.

Other panellists, executives from security software vendors RSA Security and Trend Micro and representatives from the European Union and the North Atlantic Treaty Organization (NATO), agreed. They blame the US government, certain IT vendors and the media for creating cyberterrorism angst.

“Terrorists will use the Internet to communicate, which is different from an attack. We do not see a terrorist attack on the Internet happening,” Rainer Fahs, senior information security engineer of NATO's Air Command & Control Systems Management Agency said.

Fueled by post-September 11 fears, the US government and its agencies especially warned of terrorists bringing down the Internet or using the network to topple critical infrastructure such as telecommunications and electric power grids, oil, gas and water systems, and transportation and emergency services.

Panelists had this to say about those warnings:

— “Critical systems don't run on the Internet, they are based on secure networks, we have protected our systems and do not rely on the Internet,” Fahs said.

— “I don't want to belittle the threats (to the Internet), but they are not coming from terrorists. The threat from common criminals is understated,” Schneier said.

— “I think the threat of cyberterrorism is overstated,” but general threats to IT systems are in some cases underestimated, Arthur Coviello, president and chief executive officer of RSA said. He advises companies to assess risks and then apply security measures.

— “The US government after September 11 wanted a broader front to attack terrorism an cyberterrorism is part of that. Some in the industry got headlines by calling a lot of attention to this,” Coviello said.

NATO's Fahs understands the US government's reasoning, but warned that civil liberties may be at stake because of a push against a threat that is not actually there.

“This is something that was created and I think there is a big risk that the liberty of people will be sacrificed for the sake of security,” Fahs said.

The panellists' opinions match a Symantec Corp. survey released last month that found that cyberterrorism is more fear than reality. None of the severe events detected by Symantec were traced to countries linked with terrorism and less than 1 per cent of all attack traffic came from such countries.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.
Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by Joris Evers

Latest Videos

More videos

Blog Posts