Event Transcript and Related Links: "Meta-Terror: Terrorism and the Virtual World"

by Andrew Cochran, Counterterrorism Blog
On February 29, I moderated a special panel titled, "Meta-Terror: Terrorism and the Virtual World" before a packed room on Capitol Hill in Washington. Panelists were Kenneth Silva, Senior Vice President and Chief Technology Officer of VeriSign, and Contributing Experts Roderick Jones of Concentric Solutions International and Evan Kohlmann of the NEFA Foundation. The Counterterrorism Foundation co-sponsored this special panel with the GAGE International consulting firm and the NEFA Foundation.

The event drew considerable press interest, with three of us interviewed by the BBC before the event. See "Cyber-threats in Virtual Worlds and Beyond" and "US seeks terrorists in web worlds" on the BBC site, with appreciation to Chris Vallance of BBC.

The following is a transcript of the event, beginning with my introductions of the panelists and continuing through their remarks (edited for grammar and using the panelists' written remarks when available), and including the attendees' questions and the panelists' answers.

Panel Introductions by Andrew Cochran: Good afternoon and welcome to this panel titled, “MetaTerror: Terrorism and the Virtual World.” I am Andrew Cochran, Co-Chairman of the Counterterrorism Foundation and Founder & Site Editor of the Counterterrorism Blog, and I am the moderator for today’s panel. The Counterterrorism Blog (at http://Counterterrorismblog.Org) was the first multi-expert website dedicated solely to terrorism events and counterterrorism policies. I want to thank Rep. Bennie Thompson, Chairman of the House Homeland Security Committee, for allowing us to use this room today, and want to thank his staff, Jake Olcott and Galen Bean, for their assistance. We appreciate the co-sponsorship of the GAGE International consulting firm and the NEFA Foundation.

Now, the standard disclaimer: None of the presentations here today represent the official views of the organizations represented; they are purely the personal views of the individuals making the presentations.

The virtual world is just another battlefield for terrorists. The headlines explode with the results of their successful preparation and exploitation. We chronicle numerous terrorists’ statements and directions on the Counterterrorism Blog, such as transcripts of tapes from Al Qaeda leaders and the propaganda and recruitment materials generated for terrorists worldwide. Our panelists today are among the leading experts in the world on the next generation of the terrorists’ use of the virtual world: Kenneth Silva, Senior Vice President and Chief Technology Officer for VeriSign; Roderick Jones, Vice President of Concentric Solutions International and former member of the UK's Special Branch; and Evan Kohlmann, Senior Investigator for the NEFA Foundation. Roderick and Evan double as Contributing Experts for the Counterterrorism Blog, and Evan is one of our “originals” when we began over three years ago. Each will have 20 minutes to discuss a particular angle, and then we’ll go to questions. I’ll give brief introductions of the panelists.

Ken Silva oversees VeriSign’s infrastructure for protecting billions of interactions every day across the world's voice and data networks. He also oversees the management of two of the world's 13 Internet root servers and coordinates security oversight of the system that protects the majority of secure Web sites on the Internet, including 93 percent of the Fortune 500 sites. He serves on the board of directors for the IT-ISAC, is the Chairman of the Board of the Internet Security Alliance, and advises and participates at the highest levels in a number of national and international committees for organizations.

Roderick Jones works daily at the intersection of technology, security and innovation at Concentric Solutions. Roderick wrote a concept paper on the use of Massive Multi-player Online Role Playing Games (MMPORGs) by terrorists, which I posted on March 1, 2007. That post drew considerable reaction in the broader tech community, which eventually led me to invite him to join us last fall.

Evan Kohlmann is consistently cited as one of the leading experts in the world on terrorists’ use of the Internet, most recently in a new report by the East-West Institute. Evan has spent a decade tracking Al-Qaida and other terrorists, interviewed prominent Al-Qaida spokesmen, and amassed one of the largest databases in the world of terrorist communiqués and multimedia. He has served as a private consultant in terrorism matters for intelligence and law enforcement agencies around the world. He has also testified numerous times as an expert witness in terrorism trials in several countries, including this week in the Abu-jihaad trial in Connecticut, which he will discuss today. It has become almost amusing to read the motions repeatedly filed by defense attorneys to disqualify him from testifying; they all use the same arguments, they always fail, and they keep beating their heads against the wall.

We'll start with Kenneth Silva.

Kenneth Silva: What I think we’re going to spend a fair amount of time talking about today is not the physical threat of terrorism but the potential side effects and threats we face from having such an interconnected world. Its no doubt we understand how much more connected we are today, how much more connected we are than even a couple years ago. Every device we have today is connected in some form or fashion. If not, we complain about it and wait for the next version to come out. the I-Pod is an interesting example there.

With that becomes a lot of horsepower in the hand, in the home and in the office. We used to measure threats and attacks in cyberspace in the megabits or the tens of megabits and we thought that was a big deal and a big threat. But know this - the threats that took down much of the infrastructure In Estonia were only tens of megabits in size and in fact were only one one-hundredth of the size of the threats that companies like mine face on a daily basis. Tens of gigabits a day is a normal average.

There are a number of weapons available to what we would call a cyber terrorist and there would be a debate over what a cyber terrorist is, because they don’t have to fall in an infrastructure like al Qaeda or Hezbollah.

The internet enables people who otherwise would not become activists or terrorist to become one relatively easily, with some sophisticated weaponry available to them, which is not as difficult to find as something like uranium or dynamite. If any of you in this room wanted to obtain weapons to take down cyber infrastructures in the world, it wouldn’t be that difficult, you would just need a little money and time.

There are an estimated two million machines which are available as bot-networks that are shared or sold as portion of networks to each other.

The infrastructure has recently become an interesting target for attacker, the reason why is because its often times where the least amount of investment is made in corporations. Corporations and big companies and governments tend to put most of their capital investment in the content to their users and not the infrastructure its delivered upon. Even our own federal government computer systems are vulnerable to attack from a variety of sources. And not just direct attacks at the website, but on the infrastructure such as the domain name system.

More recently, we have seen just how fragile this network can be, the reality is that most of the interconnected routers on the internet itself are actually formed based on a bunch of informal agreements, handshakes or virtual handshakes over the level of security used between the two routers.

This is never more evident than the example of Pakistan directing all of you-tubes network to Pakistan.
This was done quite simply, Pakistan wanted to tell all of its constituents that you-tube existed somewhere in Pakistan and they just ground those packets and send them into the ether. But they told the whole world that, and the whole world believed them, including you-tube.

So for about two hours the most heavily used site on the internet - I’m not saying this is a terrorist attack but that by accident things like this happen,a nd if people wanted to do something like redirect you-tube, which is heavily fortified - because of all of these informal arrangements, people could simply whisper along that this is where You-Tube is and it could propagate along the whole internet, and no one router questioned this.

So this is a very telling take to the state of the infrastructure today, and its not just things you consider to be internet infrastructures, we tend to look at the internet as something that grew up from emails and websites and instant messages. But the reality is that infrastructures that had nothing to do with the internet, and spent the last decades or centuries growing up independent of the internet, are now migrating in mass with millions of users and pieces of infrastructure, like railways, air traffic control, power grid systems and telephony and television systems. So they are bringing with them a more connected world which we consider to be a very good thing, which is a good thing for consumers in terms of our lifestyles, but it also places us at a level of vulnerability that we don’t fully understand. Because of these interconnections you may not be aware of, when disruptions happen on the internet, when you think it may have some disruptions from a convenience standpoint, the reality is it could have a much bigger effect. Twice recently we’ve had some power outages, one a few years ago in NYC and one recently in Florida, where something seemingly small actually caused millions of citizens to be without power. If that can happen in a power grid that is a 100 years old, imagine what can happen to a relatively new infrastructure like the internet. The reality is that underdeveloped nations are actually building better infrastructures in their country than we have here. That’s because they didn’t have one before and they are using the latest technology. If you look back at these Estonia attacks, they weren’t that well organized, but organized enough to target critical infrastructure and create financial disruptions throughout the whole country for telephony systems, power, and most of the citizens weren’t even aware of how connected they were and this isn’t even a developed country by our standards.

These attacks actually had less bandwidth targeting the victim than many users in the US have at their home today. With the bandwidth being used today, Verizon does a great job of this, you can get tens of millions of megabits directed at your house, imagine that much bandwidth directed at our military structure or power infrastructure at the right time of the day, or directed at the financial markets. Imagine the disruption that would cause.

This is not unthinkable, a few years ago Richard Clarke sat in front of congress and spoke about a “cyber pearl harbor.” I don’t think he was that far off base then. Attempts have been made to make that happen a couple of times. The internet root servers that really house the master directory of how you find websites, have been attacked a number of times, last time in October of 2002, which we thought then was the largest attack to ever attack the internet, which was a 4 gigabit attack and at the time we thought it was a pretty big deal. But then in 2006 our servers were attacked with 15 gigabits per second. Couple this with a growth trajectory with a 100% growth every 14 months, with the normal volume you would process. So this is an infrastructure challenge just with the growth of cyberspace itself. The trend isn’t going to go down, once you get on the internet you don’t get off, you stay there. We don’t have a renewal rate problem on the internet.

Sphere: Related Content