{
  "id": "RL32114",
  "type": "CRS Report",
  "typeId": "REPORTS",
  "number": "RL32114",
  "active": false,
  "source": "EveryCRSReport.com, University of North Texas Libraries Government Documents Department",
  "versions": [
    {
      "source": "EveryCRSReport.com",
      "id": 341096,
      "date": "2008-01-29",
      "retrieved": "2016-04-07T03:44:43.930069",
      "title": "Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress",
      "summary": "Cybercrime is becoming more organized and established as a transnational business. High technology online skills are now available for rent to a variety of customers, possibly including nation states, or individuals and groups that could secretly represent terrorist groups. The increased use of automated attack tools by cybercriminals has overwhelmed some current methodologies used for tracking Internet cyberattacks, and vulnerabilities of the U.S. critical infrastructure, which are acknowledged openly in publications, could possibly attract cyberattacks to extort money, or damage the U.S. economy to affect national security.\nIn April and May 2007, NATO and the United States sent computer security experts to Estonia to help that nation recover from cyberattacks directed against government computer systems, and to analyze the methods used and determine the source of the attacks. (See Larry Greenemeier, \u201cEstonian Attacks Raise Concern Over Cyber \u2018Nuclear Winter,\u2019\u201d Information Week, May 24, 2007, at http://www.informationweek.com/\u00bfnews/\u00bfshowArticle.jhtml?articleID=199701774.) Some security experts suspect that political protestors may have rented the services of cybercriminals, possibly a large network of infected PCs, called a \u201cbotnet,\u201d to help disrupt the computer systems of the Estonian government. DOD officials have also indicated that similar cyberattacks from individuals and countries targeting economic, political, and military organizations may increase in the future. (See Jeanne Meserve, \u201cOfficial: International Hackers Going After U.S. Networks,\u201d CNN.com, October 19, 2007, http://www.cnn.com/\u00bf2007/\u00bfUS/\u00bf10/\u00bf19/\u00bfcyber.threats/\u00bfindex.html. and Sebastian Sprenger, \u201cMaj. Gen. Lord Is a Groundbreaker,\u201d Federal Computer Week, October 15, 2007, vol. 21, no. 34, p. 44.)\nCybercriminals have reportedly made alliances with drug traffickers in Afghanistan, the Middle East, and elsewhere where profitable illegal activities are used to support terrorist groups. In addition, designs for cybercrime botnets are becoming more sophisticated, and future botnet architectures may be more resistant to computer security countermeasures. (See Tom Espiner, \u201cSecurity Expert: Storm Botnet \u2018Services\u2019 Could Be Sold,\u201d CnetNews.com, October 16, 2007, http://www.news.com/\u00bfSecurity-expert-Storm-botnet-services-could-be-sold/\u00bf2100-7349_3-6213781.html.)\nThis report discusses options now open to nation states, extremists, or terrorist groups for obtaining malicious technical services from cybercriminals to meet political or military objectives, and describes the possible effects of a coordinated cyberattack against the U.S. critical infrastructure. This report will be updated as events warrant.",
      "type": "CRS Report",
      "typeId": "REPORTS",
      "active": false,
      "formats": [
        {
          "format": "HTML",
          "encoding": "utf-8",
          "url": "http://www.crs.gov/Reports/RL32114",
          "sha1": "520cad2b21532f31b9f163a40eb99259d789b409",
          "filename": "files/20080129_RL32114_520cad2b21532f31b9f163a40eb99259d789b409.html",
          "images": null
        },
        {
          "format": "PDF",
          "encoding": null,
          "url": "http://www.crs.gov/Reports/pdf/RL32114",
          "sha1": "8294aa43128813e53c36b477045759f64165868c",
          "filename": "files/20080129_RL32114_8294aa43128813e53c36b477045759f64165868c.pdf",
          "images": null
        }
      ],
      "topics": []
    },
    {
      "source": "University of North Texas Libraries Government Documents Department",
      "sourceLink": "https://digital.library.unt.edu/ark:/67531/metadc808622/",
      "id": "RL32114_2007Nov15",
      "date": "2007-11-15",
      "retrieved": "2016-03-19T13:57:26",
      "title": "Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress",
      "summary": null,
      "type": "CRS Report",
      "typeId": "REPORT",
      "active": false,
      "formats": [
        {
          "format": "PDF",
          "filename": "files/20071115_RL32114_3f7b28529906da6a316020299fbeff37dae49314.pdf"
        },
        {
          "format": "HTML",
          "filename": "files/20071115_RL32114_3f7b28529906da6a316020299fbeff37dae49314.html"
        }
      ],
      "topics": []
    },
    {
      "source": "University of North Texas Libraries Government Documents Department",
      "sourceLink": "https://digital.library.unt.edu/ark:/67531/metacrs6315/",
      "id": "RL32114 2005-04-01",
      "date": "2005-04-01",
      "retrieved": "2005-06-12T09:14:54",
      "title": "Computer Attack and Cyberterrorism: Vulnerabilities and Policy Issues for Congress",
      "summary": "This report provides background information for three types of attacks against computers (cyber-attack, physical attack, and electromagnetic attack), and discusses related vulnerabilities for each type of attack. The report also describes the possible effects of a coordinated cyberattack, or computer network attack (CNA), against U.S. infrastructure computers, along with possible technical capabilities of international terrorists.",
      "type": "CRS Report",
      "typeId": "REPORT",
      "active": false,
      "formats": [
        {
          "format": "PDF",
          "filename": "files/20050401_RL32114_1729f8812bf5a0b031dcb5b714921fe531634223.pdf"
        },
        {
          "format": "HTML",
          "filename": "files/20050401_RL32114_1729f8812bf5a0b031dcb5b714921fe531634223.html"
        }
      ],
      "topics": [
        {
          "source": "LIV",
          "id": "Technology",
          "name": "Technology"
        },
        {
          "source": "LIV",
          "id": "Terrorism",
          "name": "Terrorism"
        },
        {
          "source": "LIV",
          "id": "Infrastructure - Security measures",
          "name": "Infrastructure - Security measures"
        },
        {
          "source": "LIV",
          "id": "Computer networks - Security measures",
          "name": "Computer networks - Security measures"
        },
        {
          "source": "LIV",
          "id": "Criminal justice",
          "name": "Criminal justice"
        },
        {
          "source": "LIV",
          "id": "Telecommunication",
          "name": "Telecommunication"
        }
      ]
    },
    {
      "source": "University of North Texas Libraries Government Documents Department",
      "sourceLink": "https://digital.library.unt.edu/ark:/67531/metacrs5513/",
      "id": "RL32114 2003-10-17",
      "date": "2003-10-17",
      "retrieved": "2005-06-12T09:13:31",
      "title": "Computer Attack and Cyber Terrorism: Vulnerabilities and Policy Issues for Congress",
      "summary": "This report presents a working definition for the term \u201ccyber terrorism\u201d, plus background information describing how current technology and management processes may leave computers exposed to cyber-attack, and a discussion of possible effects of a cyber-attack. Potential issues for Congress are presented in the second section, including: whether appropriate guidance exists for a DOD information warfare response to a cyber-attack; whether the need to detect possible cyber terrorist activity interferes with individual privacy; whether the roles and responsibilities for protecting against a possible cyber terrorist attack need more clarity for government, industry, and home users; and, whether information sharing on cyber threats and vulnerabilities must be further increased between private industry and the federal government. The final section describes possible policy options for improving protection against threats from possible cyber terrorism.",
      "type": "CRS Report",
      "typeId": "REPORT",
      "active": false,
      "formats": [
        {
          "format": "PDF",
          "filename": "files/20031017_RL32114_bdfacf890eaa1238d5fa01c4f550176b2eb897ba.pdf"
        },
        {
          "format": "HTML",
          "filename": "files/20031017_RL32114_bdfacf890eaa1238d5fa01c4f550176b2eb897ba.html"
        }
      ],
      "topics": [
        {
          "source": "LIV",
          "id": "Technology",
          "name": "Technology"
        },
        {
          "source": "LIV",
          "id": "Terrorism",
          "name": "Terrorism"
        },
        {
          "source": "LIV",
          "id": "Infrastructure - Security measures",
          "name": "Infrastructure - Security measures"
        },
        {
          "source": "LIV",
          "id": "Computer networks - Security measures",
          "name": "Computer networks - Security measures"
        },
        {
          "source": "LIV",
          "id": "Criminal justice",
          "name": "Criminal justice"
        },
        {
          "source": "LIV",
          "id": "Telecommunication",
          "name": "Telecommunication"
        }
      ]
    }
  ],
  "topics": [
    "Crime Policy",
    "Foreign Affairs",
    "Intelligence and National Security",
    "National Defense"
  ]
}