Computer Attack and Cyber Terrorism: Vulnerabilities and Policy Issues for Congress [October 17, 2003] [open pdf - 175KB]
This report discusses possible cyber capabilities of terrorists and sponsoring nations, describes how computer security vulnerabilities might be exploited through a cyber terror attack, and raises some potential issues for Congress. This report presents a working definition for the term "cyber terrorism," plus background information describing how current technology and management processes may leave computers exposed to cyber attack, and a discussion of possible effects of a cyber attack. Potential issues for Congress are presented in the second section, including: whether appropriate guidance exists for a DOD information warfare response to a cyber attack; whether the need to detect possible cyber terrorist activity interferes with individual privacy; whether the roles and responsibilities for protecting against a possible cyber terrorist attack need more clarity for government, industry, and home users; and, whether information sharing on cyber threats and vulnerabilities must be further increased between private industry and the federal government. The final section describes possible policy options for improving protection against threats from possible cyber terrorism. Appendices to this report explain technologies underlying computer viruses, worms, and spyware, how these malicious programs enable cyber crime and cyber espionage, and how tactics currently used by computer hackers might also be employed by terrorists while planning a possible cyber terror attack.
CRS Report for Congress, RL32114