defacement and disruption of Israeli computer systems by hackers. Finally, after the April 2001 midair collision of a U.S. surveillance plane and Chinese fighter plane, Chinese hacker groups organized and sustained a week-long cybercampaign against U.S. targets. They used denial-of-service attacks to limit the operability of U.S. systems and inserted pro-Chinese images into many U.S. government web sites.5 It is possible that hackers could gain access to web sites on which the government would post emergency information and replace it with incorrect information for the public to access.
In summary, communication during a crisis situation will be a critical part of the emergency response. Coordination is required for an effective response, and rapid, secure communication is the only way to conduct such coordination. A large-scale emergency will stress the communication between organizations that are normally autonomous and in some cases competitive. The necessity of communication and the stress on the system make the lines of communication an attractive target for terrorists hoping to disrupt an emergency response and amplify the effects of a physical attack.
Cyberterrorism is often dismissed as an unlikely tactic of serious terrorist organizations because its results are seen mainly as a nuisance and unlikely to produce casualties. It is clear, however, that a well-thought-out cyberattack on emergency responders could significantly amplify the damage resulting from a physical attack. This paper has attempted to identify the salient properties of an emergency response effort, and then examine a few ways in which the emergency response might be impeded by cyberattacks. Not only must individual agencies work on protecting themselves from cyberattack during a crisis, they must be able to mount a coherent cyberdefense under the stress of a crisis.
Our working group believes that Russia and the United States share this problem. The governments in both countries need to think through how to avert cyberattacks directed at emergency response activities. Policies, plans, and budgets need to be put in place to assure the functioning of emergency responders.
Vatis, M. 2001. Cyber Attacks During the War on Terrorism: A Predictive Analysis. Hanover, NH: Institute for Security Technology Studies at Dartmouth College, September 22, 2001. See pp. 7– 11 of http://www.ists.dartmouth.edu/lib_assessments2.php.