Library

Welcome to VOX-Pol’s Online Library, a research and teaching resource, which collects in one place a large volume of publications related to various aspects of violent online political extremism.

Our searchable database contains material in a variety of different formats including downloadable PDFs, videos, and audio files comprising e-books, book chapters, journal articles, research reports, policy documents and reports, and theses.

All open access material collected in the Library is easy to download. Where the publications are only accessible through subscription, the Library will take you to the publisher’s page from where you can access the material.

We will continue to add more material as it becomes available with the aim of making it the most comprehensive online Library in this field.

If you have any material you think belongs in the Library—whether your own or another authors—please contact us at onlinelibrary@voxpol.eu and we will consider adding it to the Library. It is also our aim to make the Library a truly inclusive multilingual facility and we thus welcome contributions in all languages.

Featured

Full Listing

TitleYearAuthorTypeLinks
Digital Discourse, Online Repression, And Cyberterrorism: Information Communication Technologies In Russia’s North Caucasus Republics
2019 Tewell, Z.S. MA Thesis
Is the cyber-utopian versus cyber-repression argument the most effective way to frame the political uses of new technologies? Contemporary discourse on social media fails to highlight political dynamics in authoritarian regimes with weak state control, where independent groups can capitalize on the use of coercive force. In this thesis, I will explore the various methods through which information communication technologies are utilized by civil groups, uncivil groups, and the state using Russia's North Caucasus republics as a case study. New technologies are exploited through a variety of means by an array of actors in the North Caucasus whose goals may not necessarily be democratic. Through this evidence I demonstrate that information communication technologies do not inherently aid democratization, nor do they necessarily aid the incumbent regime; rather, they are merely a conduit through which existing groups put forth their agendas regarding their ideals of the modern state.
An Analysis Of International Agreements Over Cybersecurity
2018 Ashbaugh, L. MA Thesis
Research into the international agreements that increase cooperation over cybersecurity challenges is severely lacking. This is a necessary next step for bridging diplomatic challenges over cybersecurity. This work aspires to be push the bounds of research into these agreements and offer a tool that future researchers can rely on. For this research I created, and made publicly available, the International Cybersecurity Cooperation Dataset (ICCD), which contains over 350 international cybersecurity agreements and pertinent metadata. Each agreement is marked per which subtopics within cybersecurity related agreements it covers. These typologies are:
• Discussion and Dialogue
• Research
• Confidence Building Measures
• Incident Response
• Crime
• Capacity Building
• Activity Limiting
• Defense
• Terrorism
Drawing on ICCD and R for summary statistics and significance tests, as well as some quantitative insights, this research explores the relationship between different agreements, organizations, and other possibly related factors. The most significant takeaways from this research are:
1. Governments view cybersecurity in terms of relative advantages and are hesitant to engage competitors with agreements over topics like incident response and capacity building.
2. Authoritarian governments are involved with agreements over controlling or projecting state power and government authority while democratic governments focus on resilience and defense.
3. There are two groupings of authoritarian governments, those with high technical capabilities and those without. Technically capable governments focus on agreements over terrorism, and they also often end up participating in activity limiting agreements. Those without are preoccupied with agreements over criminal activity.
4. Discussion and dialogue agreements tend to accompany agreements over additional topics about one fifth of the time. While policy-makers shouldn’t create a hard rule out of this statistic, it does possibly strengthen an optimistic hypothesis that dialogue consistently leads to agreements.
Hopefully this research invigorates researchers’ interest in studying and understanding when cooperation over cybersecurity is successful or not. Policy-makers will need this knowledge if they are to achieve their goals in an environment that is rapidly increasing in state actors and
complexity
The Discourse Of Cyberterrorism: Exceptional Measures Call For The Framing Of Exceptional Times
2015 Auwema, N. M. MA Thesis
The configuration of the discourse of cyberterrorism in the Netherlands is a mix of public and private actors that have diverging views about whether cyberterrorism is a genuine security threat. How and why have several of these actors argued that it is a genuine security threat? What was their interest in doing so? Has cyberterrorism possibly been framed or hyped as a genuine security threat? This thesis examines the discourse of cyberterrorism in the Netherlands by examining the field, the position on cyberterrorism of the actors within this field, and finally, their levels of technological capital, legitimacy and authority. Considering the differences in these levels, this thesis contends that public and private actors have different interests in arguing that cyberterrorism is a threat. While public actors are concerned with the protection of Dutch cyberspace and the Dutch society, private actors, with the exception of Fox-IT, have multiple interests. This has led these private actors to frame or hype cyberterrorism as a genuine security threat, without the necessary background to base their statement on. Exceptional measures have led to the framing of exceptional times.
Cyber-Terrorism: Finding A Common Starting Point
2012 Jeffrey Thomas, B. MA Thesis
Attacks on computer systems for both criminal and political purposes are on the rise in both the United States and around the world. Foreign terrorist organizations are also developing information technology skills to advance their goals. Looking at the convergence of these two phenomena, many prominent security experts in both government and private industry have rung an alarm bell regarding the potential for acts of cyber-terrorism. However, there is no precise definition of cyber-terrorism under United States law or in practice among cyber-security academicians. The lack of a common starting point is one of the reasons existing law fails to directly address cyberterrorism. This paper furnishes a lexicon of cyber-related malicious activities and argues for a common working definition of cyber-terrorism. This definition can be both incorporated into current counter-terror legislation and used by government agencies to combat cyberterrorism. This paper arrives at that definition by analyzing the various definitions proposed by security experts and those in use by governmental organizations. This paper builds on these definitions to arrive at a new definition that is at once broad enough to cover the potentially unique effects of a weapon of cyber-terrorism, while narrow enough to exclude computer network attacks that are relatively minor in nature. Second, analyzing several recent cyber attacks, this paper finds that, while we have not yet faced a “cyber 9/11,” computer network attacks for political purposes are on the rise and becoming increasing complex. Third, this paper analyzes current law related to both cyber-crimes and terrorism, finding that while these laws are applicable in many instances, they fall short in adequately focusing on the most important factor when addressing cyber-terrorism: prevention. This paper concludes by recommending that cyber-terrorism, as defined in this paper, be incorporated into some of our most frequently used laws to combat terrorism.
Identification And Ranking Of Critical Assets Within An Electrical Grid Under Threat Of Cyber Attack
2011 Boyer, B. R. MA Thesis
This paper examines the ranking of critical assets within an electrical grid under threat of cyber attack. Critical to this analysis is the assumption of zero hour exploits namely, the threat of an immediate attack as soon as a vulnerability is discovered. Modeling shows that over time load fluctuations as well as other system variations will change the importance of each asset in the delivery of bulk power. As opposed to classic stability studies where risk can be shown to be greatest during high load periods, the zero hour exploit-cyber-risk assumes that vulnerabilities will be attacked as soon as they are discovered. The probability of attacks is made uniform over time to include any and all possible attacks. Examining the impact of an attack and how the grid reacts immediately following an attack will identify and determine the criticality of each asset. This work endeavors to fulfill the NERC Critical Infrastructure Protection Requirements CIP-001-1 through CIP-009-2, cyber security requirements for the reliable supply of bulk power to customers throughout North America.
The California Independent System Operator Security Vulnerabilities
2010 Brow, S. L. MA Thesis
Our country is still in the early stages of the 21st century where technology is advancing on a daily basis allowing the threat of terrorism, both domestic and foreign, to pose a serious risk to both its citizens and its assets if not addressed soon. There are numerous potentially vulnerable sites throughout the country that are still left under guarded and under-protected, specifically my emphasis for this project, the California Independent System Operator (ISO). This multilayered project utilizes public information from the Department of Homeland Security manual. The project also includes information from various national publications of defense principles and security countermeasures, as well as law enforcement protocols in place to deal with these types of security threats and potential breaches, scholarly articles, and industry trade journals.
The California ISO lacks physical and some virtual controls that make it more vulnerable to attacks. Specific recommendations have been made to ensure that the ISO is better protected and can still run an effective business.
Cyberterrorism Cyber Prevention Vs Cyber Recovery
1993 DiBiasi, J. R. MA Thesis
The technological age has forced the U.S. to engage a new set of national security challenges. Several potential adversaries have cyberspace capabilities comparable to those of the U.S., and are constantly conducting surveillance, gathering technical information, and mapping critical nodes that could be exploited in future conflicts. How can the U.S. government best defend against future cyber attacks? Recent policy documents set out a strategy for securing all of cyberspace, which experts argue is impossible to implement, but also unnecessary. This thesis seeks to move the discussion beyond this stalemate by undertaking an analysis of the vulnerability of cyberspace to terrorist attacks. The first analysis examines the Code Red Worm and the Slammer Worm. These two worms were selected because they were highly destructive and spread faster than normal worms, making them well suited for assessing the existing security of computers and networks. The next analysis examines a staged cyber attack on critical infrastructure, entitled Attack Aurora. In the staged Aurora attack, researchers from the Department of Energy’s Idaho lab hacked into a replica of a power plant’s control system. This attack is the most recent staged attack and facilitates an analysis of vulnerabilities of critical infrastructures to cyberterrorism.
Design And Control Of Resilient Interconnected Microgrids For Reliable Mass Transit Systems
2019 Egan, T. J. G. MA Thesis
Mass transit systems are relied on a daily basis to transport millions of passengers and bring billions of dollars' worth of economic goods to market. While some forms of mass transit rely on a fuel, electrified railway systems are dependent on the electric grid. The electric grid is becoming more vulnerable to disruptions, due to extreme weather, changing supply and demand patterns, and cyber-terrorism. An interruption to the energy supply of a railway infrastructure can have cascading effects on the economy and social livelihood. Resilient interconnected microgrids are proposed to maintain reliable operation of electri_ed railway infrastructures. An engineering design framework, and supporting methods and techniques, is proposed for an electrified railway infrastructure to be upgraded from its existing form, to one with resilient interconnected microgrids. The sizing of the interconnected microgrids is performed using an iterative sizing analysis, considering multiple resiliency key performance indicators to inform the designer of the trade-o_s in sizing options. Hierarchical control is proposed to monitor and control the interconnected microgrids. A multi-objective problem cast in the tertiary level of control is proposed to be solved using game theory. The proposed designs are modelled and simulated in Simulink. Four case studies of railway infrastructures in Canada and the United Kingdom are used to demonstrate the effectiveness of the proposed designs. While results for each case study vary, resilient interconnected microgrids for railway infrastructures demonstrates a reduced dependence on the electric grid. The examples here are all scalable and can perform within the framework of any available energy system. The results are both extremely impressive and promising towards a more resilient and stable energy future for our railway and other critical infrastructures.
New Zealand Government And Critical Infrastructure Ready Reaction To Cyber Terrorism
2008 Watt, A. C. MA Thesis
The purpose of this research is to obtain input from government agencies, elements of the critical infrastructure and cyber space, to determine what level of knowledge on cyber terrorism exists. Furthermore, are there ready reaction plans in place, and is staff-awareness training conducted on a regular basis? This probably won’t prevent or stop an attack of cyber terrorism, and like any other disaster in the IT world, if contingency planning exists, recovery can be quicker and greater mitigation of costs.

Interview questions were distributed to New Zealand government departments and elements that make up the critical infrastructure, to obtain an insight into the current situation. From this and other comparisons, inferences have been drawn to determine that if some of the groups were targeted would the fact that they could be deficient in knowledge on cyber terrorism, make the effect more intense and longer lasting. It has also provided the state of knowledge, the level of planning and the general readiness that currently exists.

In view of these findings recommendations have been made that will ensure there is consistency across all organisations, both government and nongovernment. All organisations, including the government, are reliant on the critical infrastructure and the internet for both operational and domestic survival. It is therefore pertinent that agencies give some consideration to these findings.
Knowledge And Perceptions Of Cyberterrorism
2007 Van Hoogensty, A. J. MA Thesis
While the threat of terrorists utilizing the Internet to execute a cyberterrorist attack is of prominent concern there exist great misconceptions and factual errors in the media as to the nature of this threat (Conway, 2002; Embar-Seddon, 2002; Weimann, 2005). This thesis examined media exposure, knowledge of cyberterrorism, fear of terrorism and perceived seriousness of cyberterrorist events in a sample of college students. Generally, participants had little knowledge of cyberterrorism. Women were found to be more fearful of terrorism and cyberterrorism than men. A positive relation was found between media consumption and fear of terrorism among women. Finally, fear of terrorism was positively related to perceived seriousness of cyberterrorist events.
The Effectiveness Of The Principle Of Distinction In The Context Of Cyber Warfare
2014 Van Breda, L. C. MA Thesis
International humanitarian law provides foundational norms which are to be observed by states in order to protect civilians from the harsh realities of war. These norms have been applied to traditional kinetic methods of warfare but as technology advances at a rapid pace so too do methods of warfare. As weaponry becomes more sophisticated it is necessary to revisit the foundational principles of international humanitarian law and apply them to situations that could only previously have been imagined. The principles of distinction is a core principle of this branch of law and it is not to be disregarded as a result of the fact that it predates modern methods of warfare but rather it is to be re-examined, its importance observed and applied to the warfare that we are faced with today. Protecting civilians has been of utmost importance in recent history and the development in the technology of weapons should not change that fact in the present or future.
Confronting Cyberterrorism With Cyber Deception
2003 Gregory Tan, K. L. MA Thesis
This thesis concerns the possibility of deceiving cyberterrorists using defensive deception methods. As cyberspace today is a battleground for myriad cyber attacks and intrusions, it may only be a matter of time before terrorists choose to advance their deadly cause in cyberspace. We explore some of the questions raised regarding the threat of cyberterrorism by examining different perspectives, motivations, actors, targets, and how they may be confronted. One way is to draw from the lessons of deception and apply them against cyberterrorist attacks. Cyber deception applies in cyberspace just as well as deception in military battles. From the different categories of attackers that could perpetrate cyberterrorism, we examine the ways in which they may be deceived. Many of the methods and tools that cyberterrorists would use are similar to those used by other less malicious hackers, so we can plan specific deceptions to use against them in advance.
The Threat Of Cyberterrorism: Contemporary Consequences And Prescriptions
2004 Thomas Stocking, G. A. MA Thesis
This study researches the varying threats that emanate from terrorists who carry their activity into the online arena. It examines several elements of this threat. First, it explores elements of virtual to virtual attacks. Second, it looks at threats against critical infrastructures that can be traced to online sources. Third, this thesis reports on ways that terrorists are using information technology such as the Internet for propaganda and communication purposes. Finally, it highlights the most crucial ways in which the United States government has responded to the problem. It concludes with a few recommendations for best practices for future engagement with varying aspects of cyberterrorism.
Cyberterrorists: Their Communicative Messages and the Effect on Targets
2003 Minei, E. MA Thesis
This qualitative study provides a semiotic perspective on cyberterrorism and its opportunity to cause maximal damage while using terrorist propaganda. The very definition of cyberterrorism refers to Internet use, technology, and computer-based networks against critical infrastructures. The application of Stamper’s Semiotic Ladder– morphological, empirical, syntactical, semantic, pragmatic and social world –to the various methods of propaganda utilized by cyberterrorists will uncover aspects on the transition from traditional to modern methods of attack, cyberterrorist communication, and the recruitment of new members to their cause. Additionally, this research focused on the role of the media in the equation of planning by propaganda to the fruition of an attack. Interviews were collected from ten participants during 30-60 minute segments. Based on the data, five themes emerged: (1) Acknowledgement of the Existence of Cyberterrorism, (2) Postmodern Propaganda and Publicity, (3) Detrimental Effects on Targets, (4) Media Implications, and (5) Communicative Messages. This provides readers with an organized order to the data and provides a way to progressively detail cyberterrorism, with a specific focus on the actual effects of their semiotic intents on targets, on the public, and on the world at large or what is being conveyed. Ultimately, the themes that emerged follow Stamper’s Semiotic Ladder, starting with surface level understanding of cyberterrorism and work up to the global impact of cyberterrorism on various aspects of culture, beliefs, and expectations.
Sony Pictures And The US Federal Government: A Case Study Analysis Of The Sony Pictures Entertainment Hack Crisis Using Normal Accidents Theory
2017 Ismail, M. MA Thesis
In this case study, I analyze the 2014 North Korean computer database hack of Sony Pictures Entertainment (SPE), a serious national security crisis of cyberterrorism. I utilize Normal Accidents theory as a lens, to help explain how the accident within one system (SPE) and later crisis lead to the interaction with a second system (U.S. Federal Government), the development of a new crisis, and the need for a crisis response from system two. The evolution of a single organization’s accident into a national security crisis does not occur without specific complex interactions that take place to connect the two systems together. To explain this interconnectedness between systems, I introduce two new constructs: 1) common denominator and 2) common goal, which expand Normal Accidents theory allowing it to account for the coupling between the two independent systems (SPE & United States Government) through non-linear interactions. Overall, this case study provides important insight for future crisis communication planning, response, and development regarding between-organization interaction during a crisis.
A Discourse In Conflict: Resolving The Definitional Uncertainty Of Cyber War
2017 Hughes, D. MA Thesis
Since emerging in academic literature in the 1990s, definitions of ‘cyber war’ and cyber warfare’ have been notably inconsistent. There has been no research that examines these inconsistencies and whether they can be resolved. Using the methodology of discourse analysis, this thesis addresses this research need. Analysis has identified that the study of cyber war and cyber warfare is inherently interdisciplinary. The most prominent academic disciplines contributing definitions are Strategic Studies, Security Studies, Information and Communications Technology, Law, and Military Studies. Despite the apparent definitional uncertainty, most researchers do not offer formal definitions of cyber war or cyber warfare. Moreover, there is little evidentiary basis in literature to distinguish between cyber war and cyber warfare. Proximate analysis of definitions of cyber war and cyber warfare suggests a high level of inconsistency between dozens of definitions. However, through deeper analysis of both the relationships between definitions and their underlying structure, this thesis demonstrates that (a) the relationships between definitions can be represented hierarchically, through a discourse hierarchy of definitions; and (b) all definitions share a common underlying structure, accessible through the application of a structural definition model. Crucially, analysis of definitions via these constructs allows a foundational definition of cyber war and cyber warfare to be identified. Concomitantly, use of the model identifies the areas of greatest interdefinitional inconsistency and the implications thereof and contributes to the construction of a taxonomy of definitions of cyber war and cyber warfare. Considered holistically, these research outputs allow for significant resolution of the inconsistency between definitions. Moreover, these outputs provide a basis for the emergence of dominant functional definitions that may aid in the development of policy, strategy, and doctrine.
Historical Events And Supply Chain Disruption: chemical, biological, radiological and cyber events
2003 Lensing, R. P. MA Thesis
In the wake of the attacks of September 11, 2001, terrorism emerged as a legitimate threat not just to society, but to corporations as well. This new threat has challenged old business rules and prompted companies to rethink their supply chain operations. However, the events of September 11th were not the first or the only disruptions that the business world had experienced. This thesis reviews past historical events that simulate the effects of a terrorist attack and extracts lessons that can be applied by today's corporations to prepare for future attacks or disruptions. The types of events studied include Biological, Chemical, Radiological and Cyber disruptions. Through the analysis and synthesis of each event's impact, the following generalized recommendations emerged: Prior warnings and events should be acknowledged, studied and utilized. Government intervention may strain operations under disruptive stress. Alternate sourcing should be considered to ease supply issues. Disruptions should be approached in a comprehensive and forthright manner. A security and safety culture should be fostered to prevent disruptions and control their spread. Systems should be prepared to quickly operate in isolation during a disruption. Finally, impact is frequently less severe then initially predicted. Through the events described and these recommendations, this thesis aims to provide lessons for firms to manage their supply chains through future disruptions.
Risk Of Cyberterrorism To Naval Ships Inport Naval Station Everett a model based project utilizing SIAM
2007 Tester, R. R. A. MA Thesis
Based on numerous high level concerns that the cyber threat is expected to increase, as well as the already documented uses of cyber warfare, it is necessary to ensure our naval ships are hardened against such attacks. In doing so, an influence net model was designed to discover the likelihood of a successful cyber attack. However, first it was necessary to establish what the best mitigation tools are in defense of cyber attack methods. In order to do so, an expert opinion survey was designed and completed by individuals currently working in the field of network security. In combination with the expert opinion surveys and in looking at research and established security techniques it should become apparent whether or not ships are taking all the required steps to best secure themselves against an attack. Though the initial model was designed around a theoretical Naval Station Everett ship, with modification the model can be utilized for any naval asset throughout the United States and the risk for each particular U.S. asset can be evaluated. Additionally, this tool can also facilitate security funding as well as establishing a means of prioritizing the tools for protection if the network needs to be hastily re-established after an attack. Ultimately, the protection of a ship’s computer networks against cyber terrorist threats is fundamental in ensuring continued effective command and control and ultimately the security of this nation.
Users' Adoption Of Emergent Technologies: Towards an Acceptable Model for Safer Cyber-Assisted Olfactory Information Exchanges in Standard, Micro, and Nano Systems
2007 Hyacinthe, B. P. MA Thesis
The potential of terrorists and other enemies to use the Internet and/or other digital information technologies as transport vehicles of weapons of mass destruction (WMD) is becoming more evident. This threat may involve cyber-assisted biochemical transactions, which can be performed through olfactory information exchanges, to attack civilian and military targets anytime. In response, this research is the product of a four-year investigation wherein the researcher went through a rich archive of declassified U.S. military reports (covering biochemical warfare and techno-terrorism)and a selective list of patent applications revealing several concepts related to users’ adoption of emergent cyber-assisted olfaction and aroma-embedded information systems. And after a rigorous analysis of the findings, the researcher hypothesized that careless adoption of unsafe technologies could accelerate a cyber-WMD-nexus.

Thus, the study conducted in support of this research sought to examine and explain the adoption of emergent cyber-assisted olfactory information technologies. Cyber-assisted olfaction is an emergent technology that involves the replication of the human sense of smell by computer systems. It can be manifested in the stimulation of human olfactory receptors by computer-emitted biochemical or aromatic particles. Certain olfaction-based biosensors, known as electronic noses, mimic the sense of smell to detect chemical plumes (aroma or warfare agents) in a variety of settings. Notably, the literature revealed an innovative dimension of multimodal, affective human-computer interactions involving scented emails, aroma therapy, and olfaction-based marketing. Unfortunately, the lack of security and safety persists at a potentially catastrophic cost, which is at the root of the researcher’s stated research problem below.

Largely supported by Everett Rogers’ innovation diffusion theory (IDT) and Fred Davis’ technology acceptation model (TAM), the researcher went beyond the “smell-o-vision” aphorism to offer a fertile ground for a new, comprehensive, and flexible framework to understand various aspects of cyber-assisted olfactory information systems, which may be usefully applied to a wide range of auxiliary information systems (i.e., standard, micro, and nano devices). In relation to national security and defense, the proposed Model for Safer Cyber-Assisted Olfaction (MSCAO) can be applied in subway systems, aircrafts, cruise ships, and various mixing/distribution systems (i.e., water systems and chemical plants) to automatically detect and neutralize a biological or chemical threat. Many military applications are also anticipated for emerging urban warfare and emergency rescue operations using devices such as miniature robots and nano air vehicles (NAVs).

Consistent with the aim of this investigation, the researcher used a mixedmethods approach that combined (1) the content analysis of a series of declassified military reports on airborne warfare agents with that of (2) a patent search on aroma embedded information systems to examine, with the help of a carefully designed survey instrument, the perceptions of potential adopters of the proposed MSCAO. Further, in order to collect data and obtain statistical evidence linked to the selected variables (perceived credibility, ease-of-use, and usefulness), the researcher surveyed a diverse group of students from a major Engineering School in southeastern United States, which offers degree programs in Mechanical, Electrical, Chemical and Biomedical Engineering. Based on the analysis performed, credibility, ease-of-use, and usefulness were found to be significant enough to be considered as positively influencing the acceptability of the MSCAO. In essence, the respondents expressed a significantly high level of need for harm-reduction and cyber security measures against potential threats and considered the MSCAO as meeting their need.

Perceived usefulness (67%) was identified as the principal determinant of the respondents’ intention to adopt the proposed model. Though less substantial than perceived usefulness, perceived ease-of-use (56%) appeared to have a greater influence on the MSCAO than perceived credibility (54%). In sum, extrapolating from the findings reported herein, the researcher concluded that potential users are more likely to accept an emergent technology that is useful, easy-to-use, and that offers credible harm-reduction measures.
Cyberterrorism: Cyber Prevention Vs Cyber Recovery
2007 DiBiasi, J. R. MA Thesis
The technological age has forced the U.S. to engage a new set of national security challenges. Several potential adversaries have cyberspace capabilities comparable to those of the U.S., and are constantly conducting surveillance, gathering technical information, and mapping critical nodes that could be exploited in future conflicts. How can the U.S. government best defend against future cyber attacks? Recent policy documents set out a strategy for securing all of cyberspace, which experts argue is impossible to implement, but also unnecessary. This thesis seeks to move the discussion beyond this stalemate by undertaking an analysis of the vulnerability of cyberspace to terrorist attacks. The first analysis examines the Code Red Worm and the Slammer Worm. These two worms were selected because they were highly destructive and spread faster than normal worms, making them well suited for assessing the existing security of computers and networks. The next analysis examines a staged cyber attack on critical infrastructure, entitled Attack Aurora. In the staged Aurora attack, researchers from the Department of Energy’s Idaho lab hacked into a replica of a power plant’s control system. This attack is the most recent staged attack and facilitates an analysis of vulnerabilities of critical infrastructures to cyberterrorism.