NCJ Number
195353
Date Published
1999
Length
43 pages
Annotation
This document discusses the new threat spectrum of cyberterrorism within private corporations.
Abstract
The development of the Internet presents serious threats to the security of the corporation. Corporations are increasingly seen as nonstate or mega-state entities, and are targets of aggression. They are also converging with the military and industrial complexes of their home-states, presenting a target to the use of force directed towards the Nation. The increasing dependence on the Internet leaves them vulnerable to many forms of attacks directed at computer networks and the information stored on them. These attacks range from physical destruction to the crashing of vital information systems on a grand scale. Traditional corporate command and control structures may not be adequate to deal with new forms of aggression, which may be invisible or come from new and unanticipated sources. The new aggressors can range from political activists to commercial competitors, to criminals and terrorists. There will need to be a revision of the approach to the determination of risk and the treatment. There is also the need of fundamental re-thinking of the way corporations organize themselves, and the way they present themselves to a risk. Traditional forms of risk management represent a hierarchical paradigm, which may not deal adequately with new forms of threat. A hierarchical corporation may be vulnerable if an information flow is disrupted. A corporate entity based on a network may be better placed to respond to a potentially disabling attack. Diversified information and command lines could be called into action and used should one line be cut. The corporation would be able to continue its core operations in a much shorter time frame. Potential threats should be identified and provided for. Defenses from cyberterrorism should be put in place. 156 footnotes