To print: Click here or Select File and then Print from your browser's menu

This story was printed from silicon.com, located at http://www.silicon.com/

Story URL: http://management.silicon.com/government/0,39024677,39116842,00.htm

'Cyber terrorism': Don't believe the hype says Gartner
Theory and reality are distant relations...

By Patrick Gray

Published: Tuesday 11 November 2003

Gartner's information security and risk research director has dismissed cyber-terrorism as a "theory".

The comments came during a media round-table session at the Gartner Symposium and IT Expo, which began today in Sydney, Australia. The director, Rich Mogull, told journalists that despite the incidence of high profile digital attacks, cyber terrorism is a phenomenon that has never occurred.

"The goal of terrorism is to change society through the use of force or violence, resulting in fear," he explained. "I want to put this cyber terrorism thing to rest. It's a theory, it's not a fact."

Even though there were examples of attacks that have physical consequences - they could not be described as terrorist acts, Mogull explained. To a large extent it comes down to motive, he said.

"If a directed cyber attack on, say, a power system that... resulted in the blackout of an entire nation or a large region and deaths because of that... that would constitute cyber terrorism if they claimed they did this as a terrorist act," he said. "The motive will define what's terrorism and what's not."

Mogull maintains the argument is largely academic - it doesn't matter who's attacking an organisation, it should be doing the best it can to protect itself in the first place, whether attacks are coming from criminals or "cyber terrorists".

"Let's stop running around being scared about these esoteric threats out there. Let's look at protecting ourselves by closing the vulnerabilities we know exist, and protecting ourselves from the attacks that we know exist," he said.

Patrick Gray writes for ZDNet Australia