Traditional attacks such as bombings and plane hijackings could become a thing of the past, as terrorism finds a new focus.
Rogue attackers are increasingly targeting the computer systems of critical infrastructure such as power stations, roads and public transport.
As those attacks potentially become more sophisticated and frequent, governments and the private sector need to find increasingly innovative ways to protect themselves.
"These are the weapons of the future," says Professor Zahir Tari.
"There will be future wars based on this - you don't need to attack a country's military when you can attack it economically. If you stop the electrical system of New York, New York will collapse."
One well-documented case in Australia, which dates back to 2001, came from a disgruntled worker who was sentenced to two years in prison after he hacked into a council waste management system in Queensland and caused millions of litres of raw sewage to spill into local parks and rivers.
More recently, it was reported from the US that a cyber-attack had occurred on a nuclear power plant in Ohio, which disabled a safety monitoring system for several hours.
Tari says many such attacks take place but governments and organisations do not want to release information on critical infrastructure attacks.
Tari and his team at RMIT have been working on creating better security and protection for supervisory control and data acquisition systems (known as SCADA), which control infrastructure such as electricity, gas, water, waste management, railways and traffic.
"Disruptions of such systems may cause outcomes ranging from financial disasters to loss of life," Tari says.
The team has worked on building simulation tools to assess the vulnerabilities of critical systems because security testing cannot be done on live systems; designing solutions that detect attacks in real time; and designing solutions that can keep critical systems operating in the event of an attack.
Funded by the Australian Research Council, the project also involved the University of Sydney and Qatar University.
"We wanted to first of all create the technology to detect an attack while it's happening, then work out how to make the system robust enough that it can survive and keep operating during an attack," Tari says.
The team came up with a large-scale security simulation tool, called SCADASim.
The tool enables the simulation of SCADA systems with the benefit of testing a large number of attack and security solutions.
Tari says there are very few SCADA simulators around.
The ones that do exist are usually developed by a single organisation and not released publicly, or are not generic enough to apply to a wide variety of systems.
Developing the "survivability" of systems needs to be a priority for companies so that they keep operating at a critical level, even during an attack, says Tari.
The need for protection has become more urgent because SCADA systems are now connected to the internet, leaving them far more vulnerable to attack.
"Before, they were stand-alone systems on closed networks but now they are large-scale systems operating over open networks such as the internet," Tari says.
SCADASim is at the prototype stage but the RMIT team hopes it can be developed further and taken to industry.
Story: Rachel Kleinman
Photo: Carla Gottgens
This story was first published in RMIT's Making Connections magazine.