The term cyber terrorism is becoming increasingly common, which you’ll observe on reading any online hacking weblog. Still, a solid definition of the word seems hard to come by. While the phrase is loosely defined, there is a large amount of ambiguity in what exactly constitutes cyber terrorism. In the post September 11 world, this is somewhat disconcerting.A New Weapon: Cyber TerrorismIn an attempt to define cyber terrorism more logically, a study is made of definitions and attributes of terrorism and terrorist events. From these attributes a list of attributes for traditional terrorism is developed. This attribute list is then examined in detail with the addition of the computer and the Internet considered for each attribute. Using this methodology, the online world and terrorism is synthesized to produce a broader but more useful assessment of the potential impact of computer savvy terrorists. Most importantly, the concept of ‘traditional’ cyber terrorism, which features the computer as the target or the tool is determined to be only a limited part of the true risk faced.Cyber terrorism has been quite a game changer for the way we build our online defenses. In particular, the breadth of the issue poses significant questions for those who argue for vertical solutions to what is certainly a horizontal problem. Thus, the validity of special cyber terrorism task forces that are disconnected or loosely connected with other agencies responsible for fighting the general problem of terrorism is questionable and a broader, more inclusive method more likely to be effective.Defining Cyber TerrorismIt is difficult for people to come to a consensus regarding what exactly cyber terrorism is. When the people in question are computer security experts who’d be the architects of our defenses against cyber terrorism, this discrepancy goes from mere annoying to worrisome. When these 10 people represent varied factions of the governmental agencies tasked with protecting our national infrastructure and assets, it becomes a critical issue. However, given the lack of documented scientific support to incorporate various aspects of computer-related crime into the genre ‘cyber terrorism’, this situation should not be surprising.Despite copious media attention, there is no consensus methodology by which various actions may be placed under the nomenclature ‘cyber terrorism’, yet the term clearly exists in common usage.However, the reality is that the reader, solution provider, or defender is often left to his own devices as to what the term actually means and thus what solutions should be created (or implemented). When a government’s or corporation’s entire infrastructure may be at stake, subjectivity is useful but may not be the best evaluative tool.At the same time, research of this phenomenon shows that cyber terrorism cannot easily be defined. This creates a Catch-22 situation: the thing cannot be defined — yet without defining it, one cannot ‘know’ what it is one is fighting and hence come up with a good solution. Furthermore, even when there is an operational agreement on terms, if an attack/security event does not fit into one of the (often narrowly defined) categories, funding (and as a result investigation or technical remedy) may not be forthcoming.That’s all for now, but keep reading as we’ll continue to update you with more details on online hacking in future posts, with a particular focus on cyber terrorism.