by Shamim Zakaria 8 October 2018
Finding a definition
As one among the many different newest modus operandi used by terrorists in recent times, with the boom in the internet one that has come to existence is the term ‘cyber terrorism’. As it’s evident from the word cyber, this new phenomenon of terrorism is related to the cyber world that is the world of the internet. Now, to coin an apt definition of cyber terrorism is somewhat difficult because of the obvious fact that this comes together with the word terrorism and there has not been any common definition of terrorism itself so far. Barry Collin, a senior research fellow at the Institute for Security and Intelligence in California, coined the term ‘cyberterrorism’ in the 1980s, which primarily had two elements: cyberspace and terrorism.[1] This following article will look to investigate the very basis of cyberterrorism and if anything of this sort really exists? Is cyberterrorism a fact, fiction or a fantasy?
The term cyber terrorism has appeared in both academic literatures and has been defined by defence and security organisations. According to the Cyber Operations and Cyber Terrorism, Handbook No. 1.02 of the US Army TRADOC 2005, cyber terrorism is a new type of terrorism that involves the use of technology and network so that the terrorist groups can conduct their operations with nominal or barely any physical threat to themselves[2]. It states, “The premeditated use of disruptive activities, or the threat thereof, against computers and/or networks, with the intention to cause harm or further social, ideological, religious, political or similar objectives. Or to intimidate any person in furtherance of such objectives.”
According to the National Conference of State Legislators (NCSL), “Cyberterrorism can be defined as the use of information technology by terrorist groups and individuals to further their agenda. This can include the use of information technology to organize and execute attacks against networks, computer systems and telecommunications infrastructures, or for exchanging information or making threats electronically. Examples are hacking into computer systems, introducing viruses to vulnerable networks, web site defacing, denial-of-service attacks, or terroristic threats made via electronic communication”.[3]
NCSL has brought numerous modus operandi under the purview of cyber terrorism that incudes direct attacks on networks, computer systems, computer programs, and data that has an impact on key infrastructural facilities.
Looking at the definition provided by key government agencies, Mark M. Pollitt by taking cue from the definition of terrorism by US Department of Justice goes to define terrorism as, “a premeditated, politically motivated attack against information, computer systems, computer programs, and data which result in violence against non-combatant targets by subnational groups or clandestine agents.”[4]
NATO defines cyber terrorism as, “A cyberattack using or exploiting computer or communication network to cause sufficient destruction or disruption to generate fear or to intimidate a society into an ideological goal.”[5]
Why it’s important to scratch the reality?
Just like terrorism, the definition of cyberterrorism put forward by government agencies bears bombastic terms like destruction, disruption, fear etc. Thus it’s very important to find out if this phenomenon of cyber terrorism really exists and if so how big potential threat it possess? Knowing so would help the government and law enforcement agencies to work in the right direction and formulate means to combat this as a defence. However, if there is no any real threat from cyber terrorism then spending money, energy and resources in defence of something non-existence is a waste. Furthermore, by bringing into existence something which do not exist we are creating an atmosphere of fear thus giving and advantage to the goal of terrorists itself. According to Weimann an exaggerated and hyped statements in the media like ‘success in the “war on terror” is likely to make terrorists turn increasingly to unconventional weapons, such as cyberterrorism. And as a new, more computer-savvy generation of terrorists comes of age, the danger seems set to increase.”[6]
Getting to the bottom of it
The same report ‘Responses to Cyber Terrorism’ where NATO has defined cyber terrorism, Lt. Everard categorically mentioned that many in the world of information technology (IT) do not believe in the existence of the phenomenon of cyber terrorism. While individuals or groups may attack using informational warfare to meet their personal goals but the intensity cannot be categorised as destructive or devastation as that to the scale of a terrorist attack.[7] In the very definition of cyber terrorism, NATO starts by defining cyberattacks and not cyber terrorism. Further, it concedes that because of the fact that ‘cyber terrorism’ is non-physical in a nature it is very difficult to define aptly this particular term.
According to a Gallup poll of 2016, 79 per cent of Americans ranked a cyberterrorism attack as third in a list of the greatest threats facing the US. [8] However, former FBI special agent Andre McGregor denied the existence of any threat from cyber terrorism. He said, “I’m not too concerned that were going to have a cyber 9/11 tomorrow.” He believes that of course there are hacking or cyberattacks which could be destructive but it’s not terrorism.[9]
From an academic perspective, Maura Conway in the paper – Reality Bytes: Cyber terrorism and Terrorists use of the internet – concluded that tough terrorists group maybe be using the internet as a tool for propaganda building, dissemination of information and fund raising activities however they haven’t yet resorted to cyber terrorism or haven’t shown any intention of doing so.[10]
Gabriel Weimann in Cyberterrorism “How Real Is the Threat?” has come up with the view that the potential impact of cyberterrorism is indeed alarming however no real instance of cyberterrorism has been recorded so far. The fears of cyberterrorism is unjustified and exaggerated because most of the time members of the press or the politicians mixes the cyberattacks, hacking with cyberterrorism.[11] Weimann elicits, “Cyberattacks are common, but they have not been conducted by terrorists and they have not sought to inflict the kind of damage that would qualify them as cyberterrorism. Technological expertise and use of the Internet do not constitute evidence of planning for a cyberattack.”
Conclusion
Thus by investigating the academic and empirical evidences and looking at what law enforcement agencies have to say we can conclude that, the phenomenon of cyber terrorism is a hyped and exaggerated one. Of course, there has been numerous instances of cyberattacks by individuals or groups, also terrorist organisations have used the internet for propaganda building or communication but until now neither they have used to stage a potential attack or shown any inclination to do so. As mentioned by Weimann keeping in lines with terrorism, we can actually use the term cyber terrorism only when, an attack using the cyber medium results in ‘violence against persons or property, or at least cause enough harm to generate fear.’ “Attacks that lead to death or bodily injury, explosions, or severe economic loss would be examples. Serious attacks against critical infrastructures could be acts of cyberterrorism, depending on their impact. Attacks that disrupt nonessential services or that are mainly a costly nuisance would not qualify as cyber terrorism.”[12]
It is worthwhile to mention that cyberterrorism does have the potential to cause large scale disruption and get unprecedented access to national defence systems, air traffic control systems, power grids etc., but as of now that exists only in theory and there isn’t sufficient evidence – academic and empirical – to corroborate about the existence of cyber terrorism.
[1] The Future of Cyberterrorism. See http://afgen.com/terrorism1.html
[2] Cyber operations and cyber terrorism. See http://www.dtic.mil/cgi-bin/GetTRDoc?Location=U2&doc=GetTRDoc.pdf&AD=ADA439217
[3] See http://www.ncsl.org/programs/lis/CIP/cyberterrorism.htm
[4] Mark M. Pollitt, “Cyber terrorism – fact or fancy”
[5] P. Everaed, “NATO and Cyber terrorism”, p119
[6] Weimer. See https://www.usip.org/sites/default/files/sr119.pdf
[7] P. Everaed, “NATO and Cyber terrorism”, p118
[8] See https://www.irishtimes.com/business/technology/how-real-is-the-threat-of-cyberterrorism-1.2608935
[9] The Irish Times, 2016
[10] Conway, 2002
[11] Weimann, “Cyberterrorism How Real Is the Threat?” 2004.
[12] Weimann, 2004, See https://www.usip.org/sites/default/files/sr119.pdf