IT can also play a major role in the prevention, detection, and mitigation of terrorist attacks.2 By enabling wider awareness of critical information in the intelligence community,3 IT may facilitate the identification of important patterns of behavior. Advances in information fusion, which is the aggregation of data from multiple sources for the purpose of discovering some insight, may be able to help in uncovering terrorists or their plans in time to prevent attacks. In addition to prevention and detection, IT may also enable rapid and accurate identification of the nature of an attack and aid in responding more quickly.
When the IT infrastructure is attacked, the target can be the IT itself. Alternatively, the true target of the terrorist may be another of our society’s infrastructures, and the terrorist can either launch or exacerbate the attack by exploiting the IT infrastructure, or use it to interfere with attempts to achieve a timely and effective response. Thus, IT is both a target and a weapon that can be deployed against other targets.
A terrorist attack that involves the IT infrastructure can operate in one of three different modes. First, the attack can come in “through the wires” alone. Second, it can include the physical destruction of some IT element, such as a critical data center or communications link. Third, the attack can rely on the compromising of a trusted insider who, for instance, provides passwords that permit outsiders to gain entry.4 All of these modes are possible and, because of the highly public nature of our IT infrastructure and of our society in general, impossible to fully secure. Nor are they mutually exclusive—and in practice they can be combined to produce even more destructive effects.
Most of the nation’s civil communications and data network infrastructure offer soft IT targets, but they tend to be localized either geographically or in mode of communication, and if no physical damage is done tend to be recoverable in a relatively short time. One can imagine the use of IT as the weapon in a series of relatively local attacks that are repeated against different targets—banks, hospitals, or local government services—so often that public confidence is shaken and significant economic disruption results. This report is focused on catastrophic terrorism, and the committee’s analysis is aimed at identifying those threats in particular and proposing S&T strategies for combating them. Of course, serious efforts are needed to employ security technologies that research might generate to harden all elements of the IT infrastructure to reduce the damage potential for such repeated attacks.