Cyber space is vulnerable to terrorism in two ways:

1. As a means: Cyber space is used by terrorist groups for propaganda, communication (with other terrorists and sympathizers) through encryption, transfer of funds, fundraising, intelligence gathering etc. Here cyber space is a supplementary tool for terrorism.

2. As an End: This is an emerging phenomenon where digital information systems, networks, or components are attacked by terrorists to achieve political, social, religious or ideological objectives. This is 'cyber terrorism' where terrorists make use of the keyboard and the mouse instead of bullets and bombs.

'Cyber terrorism' should not be confused with hacking, which is done for fun or revenge or to gain monetary benefits or information (also known as 'cyber crime'); but there is no intention to intimidate or cause fear or destruction.

Cyber terrorism is also not cyber protest like the one against Indian sites by Pakistani hackers or by a group sympathetic to the LTTE by flooding 800 emails a day to all Sri Lankan embassies disabling their email services. In such case the attack is conducted by hackers sympathetic to a particular cause. Again, no fear is generated or destruction caused though there is a political intent. If there is a physical attack on computer systems it is also not cyber terrorism. Cyber terrorism is a virtual attack aimed at both virtual and physical damage.

Some argue that cyber terrorism is a bogey and that there is no instance yet of cyber terrorism. But, since computer systems have begun to pervade every day lives, the threat of cyber terrorism is evident. Terrorism is sensitive and responsive to technological developments and its arsenal grows conterminously with developments in weapons and weapon systems. Terrorist groups are also looking for new vulnerabilities to exploit them successfully. Aware of susceptibilities in cyber space, terrorists might use cyber tools to launch an attack on computer-dependent critical infrastructure, using hackers as foot soldiers. Hacking tools are available on the web. In due course, terrorists could have a separate wing for cyber attacks (perhaps, 'Cyber Tigers' by the LTTE).

Cyber terrorism offers certain advantages over conventional terrorist attack:

1. Non-violent Violence - no blood or lethal weapons involved.
2. Mobility - could be carried out sitting in one place. No borders to cross; no weapons to hide; no hostages to take.
3. Action-damage Ratio - potential for larger damage when compared to the effort involved.
4. Cost per Operation - much cheaper compared to other methods.
5. Prerequisites - works effectively in techno-savvy society. No technology, no cyber terrorism.
6. 'Plausible Deniability' - Refers to the ability of an attacker to remain anonymous. The attacker could be operating from anywhere.

The potential for damage could be through spread of viruses or 'Trojan' attacks. The spread of single virus - "I LOVE YOU" - for instance, caused damage of around US$10 billion, affecting over 20 mn email users. Terrorists may also launch denial of service (DoS) attacks. A loss of US$7 billion per day would occur if internet is down. Damage could be more and lethal if terrorists disable critical infrastructure like emergency services, aviation, railways, power, administrative services, or health care. For instance, terrorists could manipulate air traffic control systems and cause planes to crash, or break into hospital computers and alter prescriptions.

The efficiency and frequency of cyber terrorist attacks is proportional to the vulnerability of computer systems. The US Defence Information Security Agency found that 88 percent of 3000 computers attacked were easily penetrable; of these 96 percent were not detected; and of the remaining four percent only five percent were reported or investigated. It is, therefore, imperative to strengthen computer systems and network securities. Secure pass words and adequate firewalls are necessary. Threat assessment and protection against new cyber threats should be made. Private expertise should be tapped for joint research in development of requisite counter-measures. Collaboration between networking, computer hardware and software and service providers is also necessary. Since cyber terrorism knows no boundaries, effective international cooperation is vital for addressing the threat. National cyber crime laws should be strengthened. Computer systems should be programmed to recover faster. Ultimately, success lies in staying a step ahead of cyber terrorists.