The opposing commander's mind is an important target and successfully striking it can provide a decisive advantage – Liddell Hart

Due to the importance of cyber space, proper assessment and response to cyberattacks should be trained via exposure to simulated cyberattacks. Accurate simulation of cybercrime and cyberterrorism can prepare decision-makers for their challenges and develop expertise in addressing cybersecurity issues that will arise in real-world cybercrime and cyberterrorism events. Simulation also has a role to play in identifying offensive and defensive cybercrime and cyberterrorism challenges as well as cyber defense advantages. The simulation issues to be addressed are the aspects of cybercrime and cyberterrorism that must be simulated in order to provide useful insights. We describe an approach to developing a simulation environment to support analysis of cybercrime and cyberterrorism challenges and advantages.

Cybercrime and cyberterrorism are different in several aspects, which leads to different forms of cyberattack as well as different objectives for each type of cyberattack. We discuss the potential effects of cyberterrorism and cybercrime, their common properties and differences, and the motivations for each type of these two types of cyberattacks. We present an approach to cyber warfare simulation that can illuminate the challenges and advantages possessed by the cyberterrorist and the cybercriminal. We present a methodology for assessing the cyber defense's challenges and advantages against both cybercriminal activity as well as cyberterrorist activity.

The first section of the chapter contains discussion of the importance of preparing for cybercriminal and cyberterrorist attacks and broadly outlines our simulation approach for identifying offensive and defensive strengths and weaknesses. Section Two presents a discussion of background research and real-world events that are relevant to our work. Section Three contains a discussion of the differences and similarities between cybercrime and cyberterrorism. Section Four contains a description of the methodology and approach for using simulation to assess cybercriminal and cyberterror strengths and weaknesses. Section Five describes the use of simulation to assess cyber defense strengths and shortfalls against cybercriminal and cyberterrorist activity. Section Six contains a summary and further work.