Myths and Realities of Cyberterrorism - UCSBmstohl.faculty.comm.ucsb.edu/Myths and Realities of...
Transcript of Myths and Realities of Cyberterrorism - UCSBmstohl.faculty.comm.ucsb.edu/Myths and Realities of...
Myths and Realities of Cyberterrorism
Peter Flemming
Visiting Research Associate And
Michael Stohl Dean and Professor
Office of International Programs and
The Center for Education and Research in Information Assurance and Security CERIAS
Purdue University
West Lafayette, Indiana 47906-6207 USA
Paper prepared for the International Conference on Countering Terrorism Through Enhanced International Cooperation, 22-24 September, 2000 Courmayeur, Italy at the initiative of the International Scientific and Professional Advisory Council of the United Nations Crime Prevention and Criminal Justice Programme (ISPAC) and the Centro Nationale di Prevenzione e Difesa Sociale (CNPDS) in cooperation with the United Nations Terrorism Prevention Branch (TPB), United Nations Office for Drug Control and Crime Prevention Published in Countering Terrorism Through International Cooperation, Alex P. Schmid (ed.), ISPAC (International Scientific and Professional Advisory Council of the United Nations Crime Prevention and Criminal Justice Program), Vienna, 2001,pp: 70-105.
Portions of this work were supported by the Center for Education and Research in Information Assurance and Security, Purdue University.
2
Computers and Terrorism: The Evolving Nature of Terrorist Groups and the Terrorist Threat
There is increasing concern that the threat of terrorism in a global environment
increasingly reliant on computer networks and information technology is growing and that
the very networks and information technology which have been responsible for the
dramatic increases in productivity within the world economy may also carry with them
even greater capacities to do harm. In this paper we argue that understanding terrorism
within the new cyber environment of the twenty-first century is best enhanced by building
on what we have learned about terrorists and terrorism in the previous twenty centuries.
In short, we believe that the underlying principles of the terrorism behind the threat
remain the same.
Terrorism is a process that involves acts or threats, emotional reactions and the
social effects of the acts or threats and the resultant actions. Terrorism in a cyber setting
involves all of the above components within a rapidly changing technological environment
which influences terrorist resources and opportunities. These changes directly affect
terrorist tactics, targets and weapons and have spawned growing discussion of a new
terrorist tactic called “cyber terrorism”.
Our current understanding of the nature of terrorism as it relates to the cyber
environment is limited by two primary factors - the relatively recent emergence of
computer networks and perhaps, even more importantly the legacy of previous analyses
which confuse terrorism with a wide range of other forms of violence.1 This said, new
developments in terrorism are best understood by a brief review of the nature of
1 The end result of this confusion is that careful analyses of terrorism statistics are often ignored in favor of speculative assessments.
3
terrorism and the pattern of terrorism during the past thirty years. We begin with a brief
definitional discussion and then briefly describe the data set upon which we base our
empirical analysis. We then look at the empirical data through the lens of a set of
common myths which have framed much of the discussion of terrorism. With that as our
foundation we then turn to a discussion of cyber terrorism.
Terrorism: Definitions, Designs and Myths
Definitions:2
We begin with the assertion that terrorism is an act and must be defined as such.
To do otherwise confuses the issue by combining other elements of violence with this
phenomenon that have no bearing on its basic identity.3 Once the nature of the act has
been specified it is then acceptable to add qualifying descriptors to place it into context.
For instance, "terrorism" can be "international", "domestic", "state" or "political", with
2 It is generally the case that discussions of terrorism definitions will refer to one or two major pieces that devote their primary focus to this subject. Given the breadth of terrorist research, however, the authors believe that it is infinitely more useful to direct the reader to survey a much wider range of literature to understand how definitions are employed in each case. 3 This understanding is imperative. In the introduction to the most recent State Department report (2000, 7), Patterns of Global Terrorism 1999, it is noted that:"...terrorist acts are part of a larger phenomenon of politically inspired violence, and at times the line between the two can be difficult to draw." If the act of terrorism is not clearly and easily distinguished from these other forms of "politically inspired violence" then it is pointless to employ the concept of terrorism as an analytical tool. The end result of the improper use of terrorism is that the concept assumes the identity of almost any form of violence that the analyst arbitrarily chooses to include. In the case of a report such as the one produced by the US Department of State, political considerations ultimately dictate how the tale of terrorism will be told.
4
each descriptive defining such features as participants, locale, perpetrators or motives,
but the core act always remains the same.4
The act of terrorism is special in that it combines a specific target with a wider
audience. While many acts of violence target only the entity that is meant to be harmed
or destroyed, terrorism is unique in that the actual target that is attacked serves as a
gateway to influencing a larger and sometimes more diverse audience. Terrorism is “the
purposeful act or the threat of the act of violence to create fear and/or compliant
behavior in a victim and/or audience of the act or threat (Stohl, 1988:3).”5 Within this
definition, the components of a purposeful act, violence, fear, victim and audience all
contribute to the uniqueness of terrorism.6 It is also essential to note that the immediate
victims of terrorism are different from the target audience.7 By inflicting violence on the
former, terrorism influences the latter. In the following discussion this relationship will
become more apparent, especially if the reality of terrorism is contrasted with its myths.
Designs:
4 Terrorism can also be discussed in the context of more encompassing instances of violence such as war. See for instance Thomas Schelling’s (1966:16-17) reference to terrorism used as a diplomatic tool during wartime. 5 The US Army Field Manual 100-20, Stability and Support Operations provides a similar definition that focuses on the nature of the act. Terrorism is, “the calculated use of violence or the threat of violence to inculcate fear; intended to coerce or to intimidate governments or societies in the pursuit of goals that are generally political, religious or ideological. 6 The US Army Field Manual further states, “...terrorism is calculated. Terrorists generally know what they are doing. The selection of a target is planned and rational.....Terrorist violence is neither spontaneous nor random....[T]errorism is a psychological act conducted for its impact on an audience.” 7 See Stohl (1989:3-4) for further elaboration of this and related points.
5
The terrorism that the world has witnessed during the past three decades has
been characterized by a number of clearly identifiable traits. The actual empirical record
of terrorism bears only marginal resemblance to contemporary media portrayals and
popular beliefs. To illustrate we present an extract of analyses of international terrorism
drawn from our examination of ITERATE IV 8, an annually updated data-set of
international terrorist events that presently covers the 1968 to 1994 period. Overall,
ITERATE IV recorded 10,837 incidents of international terrorism.9 In sum, this analysis
details the who, what, when and where of international terrorism and in doing so
establishes benchmarks10 from which to assess international terrorist events of the past,
present and future.11
We begin with the heart of the fear generating capacity of terrorism, the threat to
life. Mention terrorism and the images that immediately come to mind are large-scale
tragedies, the bombings in Oklahoma City or Moscow, or the embassies in Nairobi and
Dar es Salaam, for example. However, relatively few incidents of international terrorism
8 Mickolus et al. (1999). Also see the four volumes of international terrorist chronologies compiled by Mickolus (1980, 1993) and Mickolus, Sandler and Murdock (1989a, 1989b). It is imperative to remember that the data presented in this chapter is taken from ITERATE and includes only international terrorism. Thus, domestic, as well as state terrorism are not covered. Moreover, there are other data-sets (See for instance Jaffee Center, Rand or State Department) that provide both different counts of terrorist incidents and different variables associated with the nature of the incidents. For further analysis of the various data-sets that are available see for instance Flemming (1992:131-132) or Fowler (1981). 9 This is an average of 401 incidents per annum. 10 One aspect which seems especially important in this respect surrounds the question of how certain political contexts encourage or discourage terrorism. 11 See Gurr (1988) who raises several important questions related to the analysis of international terrorism data undertaken in this section.
6
end in death. The total number of recorded deaths from incidents of international
terrorism from 1968-1994 was 9,65412 Most incidents (9,210, 85.5%) were fatality free.
Another 876 incidents (8.1%) were characterized by a single death. In total, fatality free
and single death incidents accounted for 93.6 per cent of all international terrorist
incidents.
In the twenty-seven year period surveyed for this study there were at least 16,854
people wounded (624/yr) by incidents of international terrorism.13 This is an average of
1.55 individuals wounded per incident. The most victims wounded in any given year was
1,28314 in 1981. In the majority of international terrorist incidents 8,907 (82.2% of
incidents), no one was wounded and in another 685 (6.3%) only one person was
wounded per incident.15 Thus, big events with many deaths and injuries are in our
consciousness, none or few deaths and injury free events are the “reality” for most
incidents.
In general, most incidents of international terrorism produced no property damage
at all. Over five thousand (5,777) or 53.3 per cent of all international terrorist incidents
fall within this category. The second largest category of property damage was "unknown"
12 This figure represents the total number of known deaths. 13 This is the known total of wounded. The compilers of ITERATE IV recognize that more people were wounded. This caveat applies to all counts of wounded. 14 This is an average of 2.74 wounded per incident. 15 In addition to a general count of the number of victims wounded, ITERATE IV also counts the number of foreigners, US citizens and government officials wounded. Data shows that there were 3,401 foreigners wounded or 28.18% of all victims wounded. It also shows 885 Americans wounded or .08 per incident. In relative terms this represents 5.25 per cent of all victims wounded, a much lower figure than the 29 per cent victimization rate the United States faces over all. Finally, ITERATE IV data reveal that at least 1,608 government officials were wounded or .22 per incident.
7
(3,884 incidents, 35.8%).16 Data analysis further indicates that there were 861 incidents
(8.0%) resulting in "slight" damage; with 145 (1.3%) "moderate"; 86 (.8%) "high"; and 76
(.7%) "severe" damage.
. The frequency of international terrorist incidents, while punctuated by occasional
declines, nevertheless continued to grow over the 1968 to 1994 period.17 ITERATE IV
data reveal that at least 18 123 international terrorist incidents were perpetrated in 1968
and the frequency of these acts increased to 375 in 1994. The figure of 123 (1968)
represents the low end for incidents, while 578 (1991) represents the high end. Overall,
16 It is difficult to establish the extent of damage caused by many incidents of international terrorism, as reporting on this outcome is often incomplete. In some cases it is probable that incidents in which only minor damage occurs (e.g. a broken window or superficial damage to an embassy wall) are not reported because they are viewed by the victim as trivial or inconsequential (Save of course when governments find a need to reiterate the seriousness of the terrorist threat to a “concerned” public.). In other cases, the dollar value of the damage is difficult to determine because of inconsistent reporting from areas such as the Third World or Eastern Bloc. In these cases damage is apparent, but little information beyond that is accessible. Finally, it should be remembered that only immediate damage is measured. The full extent of expenditures resulting from international terrorist incidents which often includes additional expenses for new or improved security measures is not considered. 17 Again, it is important to remember that the frequency and magnitude of international terrorist events are two distinct phenomena. Thus, even though some years might experience fewer incidents than other years, the severity or magnitude of the lesser number of incidents might still result in more serious consequences (e.g. casualties and damage) than the greater number of incidents. In other words, all international terrorist incidents are included in the data count whether they are simple threats of intended violence or actual major acts of violence such as assassination and suicide bombing. 18 Emphasis added. It is the opinion of the authors that more incidents could always be added to the annual counts if there was better access to information on international terrorism. Part of the overall increase in the frequency of international terrorist incidents can be explained in this respect. However, it could also be argued that if different definitions, as well as, different data coding conventions were employed by the compilers of ITERATE IV the annual counts of international terrorist incidents could also be lower.
8
ITERATE IV recorded 10,837 incidents of international terrorism.19 In terms of the
highest frequency of incidents 1991 (578 incidents) ranked first followed by 1993 (552)
and 1986 (533). The lowest frequency of incidents occurred in 1968 (123 incidents),
1969 (179) and 1978 (290).
When viewed at the State level of analysis ITERATE IV data reveals that a handful
of states served as the locale for the majority of international terrorism. Simply stated,
half of all international terrorism was concentrated in just thirteen states. Lebanon topped
the list of states with 850 (31.48 incidents/year.) incidents of international terrorism,
followed by the United States with 678 (25.11/year.) and West Germany/Germany20 with
604 (23.39/year.). Other important states in this respect were: France with 578 incidents
(21.41/year.); the United Kingdom (567: 21/year.); Greece (387: 14.33/year.); Argentina
(385: 14.26 year.); Italy (366: 13.56/year.); Turkey (290: 10.92/year); the Philippines
(283:11.79/year); Colombia (272:10.07/year); Peru (272:10.07/ year) and Spain (269:
9.96/year.). Perhaps even more impressive is the fact that the top four states of
Lebanon, the United States, West Germany/Germany and France were the site of one-
quarter of all international terrorism perpetrated between 1968 and 1994.
Despite a relatively high frequency of international terrorist incidents in the United
States (678) the majority (93.9%) did not produce fatalities or major property damage.
19 This is an average of 401 incidents per annum. 20 ITERATE IV counts West Germany and then Germany after the fall of the Berlin Wall as the same entity.
9
Figures from ITERATE IV show 92 victims killed over a twenty-seven year time span.21
Property damage occurred in 56.7 per cent of the incidents. In addition to the American
citizens whom experienced the bulk of the victimization (39.6% of all international
incidents in the US), other states that were regularly victimized included the Soviet Union
(7.5%); Cuba (5.6%); Iran (2.5%); Yugoslavia (2.4%); and Mexico (2.4%).22 In total, 90
states were victimized at one time or another. The most frequent type of immediate
victims were foreign diplomats (31.5% of incidents); corporation officials (26.6%); and
private parties (21.4%), while property was attacked almost four times as often as
people. In terms of types of incidents, bombings accounted for slightly more than half
(50.5%)23, followed by threats (13.4%). The logistical success rate for all international
terrorist incidents in the United States from 1968 to 1994 was 69.3 per cent. And most
(77%) of the international terrorist incidents in the United States were perpetrated by just
eight groups, four of which were Cuban (Omega-7, El Poder Cubano, Secret Cuban
Government, indeterminate anti-Castro Cubans (with no definitive names), three Puerto
Rican (FALN, MIRA and indeterminate Puerto Ricans) and one Jewish (Jewish Defense
League) in origin.24
21 3.4 fatalities per annum. This is a major contrast to domestic terrorism where fatalities generated by a single event (the bombing of the Alfred P. Murrah building easily eclipses all fatalities recorded in a twenty-seven year span of international terrorism. 22 The nationality of the victims is clearly indicative of the international political climate of the time (i.e. the Cold War) and the persistence of other regional concerns in Cuba and Puerto Rico. 23 This total is 63.9% if incendiary attacks and arson are included. 24 The origin of these groups is logical given their close geographic proximity to the United States and the nature of their political struggles, all of which routinely involved American foreign policy. It is perhaps, more important to note, however, that these groups were not part of what would be considered a “leftist” or “Arab” inspired threat that regularly
10
At the other end of the spectrum, a majority of states remained relatively free of
international terrorism. Twenty states25 recorded a single event of international terrorism
each over the twenty-four year period surveyed. Eleven states26 were the site of two
incidents each and another eleven states27 experienced just three incidents each. In fact,
ninety-seven states experienced less than one incident of international terrorism per year;
eighteen states greater than one, but less than two; and forty-four states two or more
incidents per year. In other words, 115 of 159, or seventy-two per cent of the states
examined witnessed less than one incident of terrorism per year on their home soil.
An even more specific analysis of the location of international terrorism involves
the examination of the scene where terrorist incidents occur. Certain locations are
dominated American treatments of terrorism during that time period. Statistics (US State Department, 2000) show no incidents of international terrorism perpetrated on American soil during 1999, however, one individual with suspected ties to Usama Bin Ladin was arrested at the Canada - US border. In the 1980s Smith and Damphousse (1998:135-137) have documented an increase in domestic and a decrease in international terrorism.
For further information on domestic terrorism in the United States see reports such as the FBI Analysis of Terrorist Incidents in the United States (various years); Terrorism in America: Pipe Bombs and Pipe Dreams (Smith, 1994); “Two Decades of Terror: Characteristics, Trends and Prospects for the Future of American Terrorism” (Smith and Damphousse, 1998); and “False Patriots: The Threat of Antigovernment Extremists” (Southern Poverty Law Center, 1996). These and other recent studies chronicling domestic terrorism in the United States point to a future threat of terrorist violence from “right-wing”, religious and “single-issue” groups. This development has important implications for the future of terrorism/computer networks and will be dealt with in the second section of the present study.
25 These states are: Antigua, Armenia, Azores, Cabinda, Dominica, Falkland Islands, Equatorial Guinea, Gibraltar, Grenada, Mali, Malawi, Muscat and Oman, Qatar, Seychelles, Sierra Leone, Solomon Islands, South Yemen - PDRY, Vietnam, West Indies Federation and Zanzibar. 26 These states are: Bahamas, Burkina Faso, Congo, Estonia, Guyana, Ghana, Iceland, Latvia, Martinique, Mauritania and Scotland. 27 These states are: Albania, Bahrain, Bulgaria, Cameroun, Central African Republic, Eritrea, Guadeloupe, Kurdistan, New Caledonia, Senegal, and The Ukraine.
11
favored over others with the most frequent one being the office or place of employment
of the victim. Over four thousand (4,088, 37.7% of total incidents) incidents of
international terrorism were perpetrated at this scene. The second most common scene
of international terrorism is the non-residential/non-vocational site of the victim. This type
of scene includes street corners, markets, theaters, taverns and hotels. There were
2,023 (18.7%) incidents of international terrorism perpetrated at this scene. Less
frequent scenes of international terrorism were the homes of victims (1,024 incidents,
9.6%), vehicles (988, 9.1%), aircraft (632, 5.8%), embarkation areas (169, 1.6%), ships
(150, 1.4%) and trains (53, .5%). Another 1,692 incidents (15.6%) were coded as having
occurred at "other" scenes or as missing. An analysis of this variable reveals that the
primary nature of victim targeted during international terrorist incidents for the 1968-1994
period was property. Over four thousand (4,364) incidents or slightly more than forty per
cent (41.58%) of the total were directed at this type of target. People were targeted on
3,608 (34.3%) occasions and a combination of people and property was targeted
another 2,537 (24.1%) times.28 During the twenty-seven years surveyed property proved
the favorite target of international terrorists for seventeen years, while people were
favored for nine years and a combination of the two for one year.29
28 Due to missing data, specific targets were identified for only 10,513 of the 10,837 incidents. 29 In 1991, property was targeted in 69.7% of all international terrorist incidents and in 1977 people were targeted 63.5% of the time.
12
Still another approach to comprehending the nature of international terrorism is to
investigate which type of immediate victim30 is regularly subjected to terrorist targeting.
ITERATE IV classifies immediate victims as follows: host government officials31; foreign
diplomats or official nonmilitary; host government military; foreign military; corporation
officials; prominent opinion leaders; private parties, including tourists, missionaries and
students; and suspected terrorists.32
Data analysis of the immediate victim variable shows that foreign diplomats or
official nonmilitary clearly ranked as the most frequently targeted type of immediate
victim. Over thirty (31.1%) per cent or 3,193 incidents of international terrorism were
directed at foreign diplomats or official nonmilitary between 1968 and 1994. Foreign
diplomats or official non-military were also the most frequently targeted immediate
victims in fourteen different years. Other types of immediate victim in order of frequency
of victimization included: corporation officials (2,256 incidents, 21.9%)33; foreign military
30 Immediate victims are those victims that are directly affected by terrorist incidents. Generally speaking, it is these targets that bear the brunt of and come into direct contact with terrorist violence. Most terrorist acts, however, also have a wider target audience. Although this audience falls outside of the direct terrorist violence, it is nevertheless influenced by the fact that the violence visited on the immediate victim might one day be directed specifically at it. Immediate victims are relatively easy to identify by virtue of their close association to terrorist incidents. Wider target audiences are more difficult to discern are thus, not incorporated into the ITERATE IV data set. They must, however, not be dismissed as irrelevant if the true nature of terrorism is to be fully understood. 31 The host government is the government from the state in which the international terrorist incident begins. 32 When property rather than individuals is attacked, the type of property determines how the immediate victim will be coded. When an incident is directed at an embassy, for instance, the immediate victim is coded as diplomatic. If a corporate head office is involved, the immediate victim will be coded as a corporation official. 33 Corporations were the favored target in three years, from 1974 to 1976.
13
(854, 8.3%); prominent opinion leaders (375, 3.6%); host government officials (343,
3.3%); suspected terrorists 215 (2.1%); and host government military (152, 1.4%).
The analytic approach used above presents a somewhat different picture of which
type of victim is most likely to experience international terrorism directly. Although
diplomats (one type of authority figure) when treated as a distinct class are the most
often targeted type of immediate victims, non-government groups counted in aggregate
are the immediate victims of international terrorism more often. Thus, in aggregate terms
private parties represent the most regularly targeted group by international terrorists.
The ITERATE IV data suggest a minority of terrorist groups engaged in a majority
of international terrorist activity, while a majority of terrorist groups engaged in relatively
few incidents. Only seventeen terrorist groups perpetrated an average of two or more
(54) incidents of international terrorism per year. Nineteen groups were responsible for
more than one, but less than two incidents and 1,127 groups were responsible for less
than one incident per year. Nearly one-half of all groups engaged in only a single event.
Finally, the groups most frequently involved in international terrorism are similar in
that they are characterized by relatively well-defined political agendas34 and supportive
political constituencies.35 In short, terrorist groups that are marked by longevity and
34 These generally have their roots in national (irridentist, secessionist, anti-colonial movements) or religious (fundamentalist) identities and are not as likely to emanate from purely ideological (Marxist, Maoist) motivations. 35 Every group needs outside support to survive. Nationalist groups for instance represent larger constituencies that they hope to share their political gains with following successful terrorist campaigns. Ideologically motivated groups also rely on supporters who subscribe to the same political beliefs. The more successful terrorist groups such as the Provisional Wing of the Irish Republican Army have been able to develop, maintain and use their supporters to further their own operations. See Jeffrey A. Sluka’s (1989) Hearts and Minds, Water and Fish: Support For the IRA and INLA in a Northern Irish Ghetto.
14
sufficient resources to operate on a regular basis represent the greatest source of
international terrorism.
With this brief introduction to the data of international terrorism, let us turn to a
brief analysis of seven myths that dominate the popular (and often official political)
conceptualization of terrorism. At least three myths routinely characterize explanations of
the processes of terrorism. Myths which monopolize thinking in this area are:
- Myth One: Terrorism is random and lacks specific direction.
- Myth Two: Terrorism knows and respects no boundaries.
- Myth Three: Terrorism is synonymous with massive death and destruction.
Other myths which focus on the origins, motivations, perpetrators and goals of
terrorism and also have implication for our understanding of terrorism, computers and
computer networks include:
- Myth Four: Terrorism is the exclusive activity of non-governmental actors and its
purpose is to create chaos.36
- Myth Five: All terrorists are madmen or criminals.37
- Myth Six: Governments always oppose non-governmental terrorism.
- Myth Seven: The source of contemporary political terrorism may be found in the
evil of one or two major actors (the devil made me do it!).38
36 Although the present essay deals almost exclusively with the use of terrorism by non-state actors the authors are positively aware of the significance of state actors in the terrorism equation. 37 This is a condensation of Stohl’s (1988) second and third myths, the purpose of which is to illustrate how terrorist organizations can be easily vilified and denied any legitimacy. 38 See Stohl (1988:7-23) for a list of ten myths of contemporary political terrorism.
15
Each of these myths will be dealt with in the context of providing a framework from which
the changing nature of the terrorist threat can be assessed.
Myths
Myth One: Terrorism is random and lacks specific direction.
To the innocent bystander caught in the crossfire or explosion connected to a
terrorist incident there is no doubt that the incident and his/her victimization is random and
hence even more terrifying. However, the reality of terrorism is that it is purposeful and
involves selectivity in its execution. Confirmation of this assertion can be found in further
analysis of the events based data of the patterns of both the theater of operations and
targeting of international terrorism introduced above. These reveal a distinctive set of
patterns which suggest that factors such as environment and terrorist group composition
play significant roles in the nature of the terrorism that transpires. More specifically,
terrorist groups develop their modus operandi based on where they originate, who
supports them, who their enemies are, what their likelihood of success will be and a host
of other tactical and strategic considerations.
For example, nationalist/ethnic based terrorist groups clearly have developed
primary spheres of operation and in general focus their attention on specific targets
related to their goals. For instance, the Provisional wing of the Irish Republican Army,
while crossing borders for some of their operations, operated primarily in the United
Kingdom and against UK targets abroad and it is highly unlikely that it would operate in
the Middle East or Latin America39, nor is it likely for this group to attack Israel or Israeli
39 The PIRA has operated in at least eleven states, however, none have been in the Middle East (save for one documented arms smuggling operation that originated in Libya) or Latin America.
16
related targets.40 By the same token it is unlikely to see the Black September
Organization attack the British Royal Family.41 Such terrorist groups engage in terrorist
activity for a predetermined political purpose and their goals are not furthered by random
attacks which the public (their audience) cannot interpret.42 Although the last three
decades have witnessed thousands of international terrorist incidents they have more
often than not been of a deliberate rather than random nature.
Myth Two: Terrorism knows and respects no boundaries.
The assumption that terrorism knows and respects no boundaries flows from the
same base that perpetuates the myth that terrorism is random and indiscriminate. Yet,
much of the statistical analysis presented in the previous discussion points to identifiable
limits within the realm of terrorist violence. While it is correct to suggest that the entire
international system has experienced international terrorism at one time or another, it is
more accurate to argue that a relatively small group of states are the constant targets of
40 To date incidents involving the PIRA have involved victims from ten states, none of which include Israel. It is unknown if it was the intention of the PIRA to involve all ten states, or some victims were simply “in the wrong place at the wrong time” (e.g. in a public place at the time of a bombing.). 41 The BSO has attacked victims from at least fifteen states, but has only once targeted British tourists in Greece. The BSO has also operated in the United Kingdom twice, once against a Jordanian and once against an Israeli target. 42 Even in cases where terrorists attacks appear to move beyond the limits of other forms of legitimate (?) violence (e.g. women, children, the elderly and infirm should be spared) they are not necessarily indiscriminate or random. This point can be made by examining the 1985 attacks against the Rome and Vienna airports. “The terrorists did not fire indiscriminately in their assaults. They wanted to make sure that children were included among the victims. They succeeded in killing an eleven-year-old girl...” (Simon, 1994:196). The rationale behind this tactic was explained in a note carried by the lone surviving terrorist of the Rome attack. In short, the terrorist goal was to “violate” every aspect of the victims including their children. (Simon, 1994:196). Despite the horrific nature of these attacks there were no random victims.
17
international terrorism while the vast majority reside on the periphery of this violence.
Empirical evidence that over half of all international terrorism has been perpetrated in just
thirteen states and less than seven states account for over fifty per cent of all
victimization indicates the reality of terrorism. Further evidence also suggests that the
majority of terrorist acts are not characterized by the large-scale wanton killing and
destruction that is so often assumed
The evidence presented in the statistical analysis provides only a partial
explanation of why terrorist violence should be treated as a structured phenomenon.
Because terrorism can conceivably cover a full spectrum of violence from non-lethal
threats, to simple destruction of property, to mass loss of life, there is considerable room
for interpretation about its nature. Instead of relying on this conceptualization as the sole
standard for judging terrorist violence, it is more helpful to place individual terrorist acts in
the context of larger terrorist campaigns.43 The end result of establishing the dynamics of
terrorism is that it is then possible to identify the parameters of violence within which
terrorists generally engage.
The second part of the explanation challenging Myth Two centers on
understanding terrorist groups as rational actors. In order to achieve their goals
(regardless of how irrational the goals might appear to outsiders), terrorist groups must
engage in some level of rational behavior. To do otherwise would compromise the very
existence of the group. Groups that focus all their efforts on wild forays into violence
characterized by mass killing are not likely to survive for a number of reasons. Most
43 It would probably also be helpful to review terrorism in relation to other forms of violence. International or civil war also spans a wide spectrum of violence, but is seldom portrayed in the same fashion as terrorism.
18
terrorist groups need the support of wider constituencies in order to survive. This support
is generally not forthcoming if terrorist incidents are deemed “too violent” or beyond the
accepted limits of the constituency. While many constituencies will support violence
against government officials, soldiers and others seen as representing the “occupiers” or
“”repressors,” it is difficult for most groups to sustain the support of their “constituencies”
for acts of terror against “innocent” civilian populations, particularly if there are
widespread civilian victims.
Terrorist groups must also deal with a heightened state response to particularly
violent acts. Bombs placed outside of protective embassy walls do not elicit the same
pressure for counter-terrorist response as bombs placed on airliners. Finally, terrorist
groups must reconcile their use of violence with their own ideologies. If terrorist groups
are to survive and thrive careful attention must be paid to the exact nature of their
terrorist campaigns. Clearly, there are well-defined limits in this respect. Thus, terrorism
is purposeful and this is reflected in the pattern of terrorist violence.
Myth Three: Terrorism is synonymous with massive death and destruction.
Despite its vicious notoriety, the data indicates that international terrorism results
in less than one fatality per incident and over ninety per cent of the incidents have not
resulted in the death of any victims. There are also relatively few “high end” incidents
such as the bombing of airliners. In fact, there were only twenty-one bombings of
airliners over a twenty-seven year period and only twelve resulted in the deaths of more
than twenty people.44 While these types of incident do indeed occur, they are the
44 This is not meant to argue that 20 or less deaths is insignificant, but rather to place the extent of incidents of mass fatalities in their proper context. The ten most lethal incidents of international terrorism (with dates and fatalities) are as follows: 1. June 23, 1985. The
19
exception rather than the rule. The mainstay of terrorism to date has been a combination
of threatened violence with an assortment of other violent acts that have produced
proportionally more fear than death or destruction.
Myth Four: Terrorism is the exclusive activity of non-governmental actors and its purpose
is to create chaos.
The reasoning behind this myth is that small non-state (and perhaps irrational)
actors are the sole force behind terrorism. If this assumption is true, it follows that given
their relatively small stature vis-a-vis states relegates them to disturbing the peace
without realistically establishing any counter-order. While it is clearly true that a primary
purpose of terrorism, as practiced by challengers to governmental authority, is the
production of chaos, to demonstrate the inability of the regime to govern it is also a
reality of terrorism is that it is regularly employed by states to enforce order. This
phenomenon occurs in many states and is noted at several stages of states’ political
development.45 In each case, it is the production of order, not chaos that the relevant
terrorists strive for.
bombing of Air India Flight 182 off the coast of Ireland - 329 dead; 2. August 7, 1998. The bombing of the American Embassy in Nairobi, Kenya - 291 dead; 3. December 21, 1988. The bombing of Pan Am Flight 103 over Lockerbie, Scotland - 273 dead; 4. September 19, 1989. The bombing of UTA Flight 772 over Niger - 171 dead; 5. August 13, 1978. The bombing of an apartment building in Beirut, Lebanon - 161 dead; 6. November 30, 1987. The bombing of Korean Airlines Flight 858 over South East Asia - 115 dead; 7. September 23, 1983. The bombing of an Emirates Boeing 737 near Dubai - 111 dead; 8. November 27, 1989. The bombing of Avianca Flight 203 over Colombia - 110 dead; 8. August 27, 1981. The sabotage of a Far Eastern Air transport near Taiwan - 110 dead; and 10. December 4, 1977. The hijacking and crash of a Malaysian Airlines System Boeing 737 - 100 dead. 45 Early examples suggested by Gross (1957:113) include notable instances such as the Spanish Inquisition directed by the Catholic Church and the use of the guillotine by the Jacobins during the French Revolution.
20
The choice of limiting analyses of terrorism to non-governmental actors is clearly
problematic if a true accounting of terrorist perpetrators is to be achieved. Terrorism is
routinely used by regimes to maintain and strengthen political control.46 In particular, one
can readily point to the widespread use of “state terror” (for purposes of political control)
in most of the world during some part of the twentieth century. From the totalitarian
regimes of Europe during the twenties, thirties and forties, to the single party
dictatorships of Africa and Asia and the Middle East in the post colonial period to the
former states of the Soviet Union and its allies to the “authoritarian” regimes of Latin
America the use of state terror has been routine. States have also repeatedly employed
terrorism in time of war47 and even in times of peace.48 The realization that state actors
engage in terrorism is not only important if all terrorist activity is to be accurately
documented, it is imperative if future perpetrators are to be readily identified and
understood. It is also arguable that states are far more capable of successfully
employing terror tactics than are insurgents. With the advent of terrorism involving
computer networks it is unrealistic to believe that only non-state actors will use the cyber
environment as a new arena of terrorism. State actors will continue to have significant
46: “[T]he term “terror” first developed in response to the systematic employment of violence and the guillotine by the Jacobin and Thermidorian regimes in France.” There are many more historical and contemporary examples of the use of terrorism by state actors (see Stohl 1988:8). 47 One contemporary example is the 1999 NATO bombing campaign against Serbia which sought to terrorize both the Serbian Government and people into abandoning the Serbian province of Kosovo. An earlier example is the 1972 Christmas bombings of Hanoi by the American Government designed to coerce the North Vietnamese into reopening negotiations with the United States. 48 The covert operations of the American Central Intelligence Agency and the Israeli Mossad are but two examples of states using terrorism in pursuit of their own political interests.
21
opportunities49 to combine terrorist tactics and computers in any number of different
forms in their quest to achieve political objectives.
Myth Five: All terrorists are madmen or criminals.50
The assumption that all terrorists are madmen or criminals in its simplest form is a
myth that is promoted by states so as to deny political legitimacy to terrorist actors or
their goals. At one level the myth maintains that, “only madmen would resort to many of
the actions that terrorists have undertaken.” This view, which is common in Western
media and governmental circles, allows observers the easy opportunity to reduce political
actors, actions and problems to psychological ones, the end result of which denies that
terrorists and their violent behavior is anything but rational.51
The notion that terrorists are by definition criminals is true in terms of the legal
code but not necessarily helpful beyond that. As a millennium’s worth of fans has
demonstrated, the Sheriff of Nottingham’s insistence that Robin Hood was a thief and a
common criminal has done nothing to dissuade the populations that have cheered Robin
Hood’s escapades that he was a hero. Instead of recognizing that many acts of terrorism
have a basis in a particular political struggle and must be evaluated and most importantly
from a government, law enforcement perspective, responded to in terms of that struggle,
49 It could also be argued that given their resources, state actors have a distinct advantage over non-state actors in terms of the scope and intensity of the terrorism they are able to perpetrate employing or targeting computers. 50 “Madmen” and “criminals” are easily interchanged with other labels such as “Marxist”, “Maoist”, “Leninist”, “Rightist” and “Fascist”. 51 A history of extended, politically motivated and well-planned international terrorist campaigns would seem to suggest otherwise. At the very least, one might argue that some very sophisticated madmen must be behind the last three decades of international terrorism.
22
acceptance of the myth confuses enforcement of the criminal code with the appropriate
political response. Within this school of thought, all terrorist activity is criminal and can be
dealt with accordingly.52 It is rare for terrorist acts to result in any identifiable criminal
gain.53 However, groups which have been labeled as terrorist groups have engaged in
what are clearly “criminal” acts simply to generate funds for their operations. Such acts
should not be confused with terrorism as their purpose have nothing to do with creating
fear and/or compliant behavior in terms of the political system. The terrorist threat
whether viewed as great or small is not limited to the designs of madmen and criminals.54
In a new era where terrorism and computers/ computer networks have the potential to
become increasingly intertwined, the need to distinguish between cyber criminals/crime
and cyber terrorists/ terrorism is critical.55
Myth Six: Governments always oppose non-governmental terrorism.
52 In some cases, the acceptance of terrorism as simply another form of crime allows the state to adopt new and potentially repressive measures to deal with a type of crime that cannot be easily contained by existing legal apparatus. 53 In this instance, criminal gain is regarded as encompassing some form of financial reward. The majority of terrorist assassinations, bombings and threats have political, but no criminal components. They are intended for symbolic purposes without accompanying financial gain. Although some hijackings and kidnappings involve ransom demands, these are traditionally part of a larger package of demands which also include the publication of political manifestos, release of political prisoners or other imprisoned terrorists and safe passage or political amnesty. These incidents are also a demonstration to larger audiences of the inability of governments to adequately protect their own citizens. 54 Treating terrorists as criminals merely trivializes the problem and ignores the fact that the solution to stopping terrorist violence lacks a “convenient” solution (see Stohl 1989:13). 55 This issue and related points will be addressed in greater detail in the following section.
23
The myth that states: “Governments always oppose non-governmental terrorism,”
can be easily corrected by adding the simple contextual addendum, “when they find it
politically expedient.” Although states have traditionally been considered as “society’s
neutral conflict manager,” a more accurate view treats them as interested parties. In this
conceptualization the role of states as keepers of order is expanded to include instances
where non-state actors have acted with a state’s political interests in mind. In other
words, there are circumstances where the terrorist activity of non-state actors is
accepted as order rather than chaos inducing.
One prominent example of state support for nongovernmental terrorism is found in
the relationship between certain states and vigilante groups engaged in domestic
terrorism. When vigilante groups seek to assist the established government in the
maintenance of order they are not only tolerated, but encouraged by governments, for
example, both the Argentine and Brazilian governments resorted to supporting domestic,
non-state terrorist groups during the 1970s56 with the intent of achieving greater political
control within their own borders.
State support for nongovernmental terrorism also extends to the international
arena. Again, there are instances where the terrorism of non-state entities coincides with
the national interests of sovereign states. State support in this respect generally depends
on a cost-benefit analysis that calculates the benefit thought possible from the desired
outcome, the believed probability with which the action will bring about the desired state
of affairs and the believed probable cost of engaging in the action. International non-state
56 The groups in question are the Anti Communist Alliance (AAA) (Argentina) and the Esquadro de Morte (Brazil).
24
terrorism supported by states is an example of surrogate terror. More specifically, this
terrorism appears as:
1) State-supported terrorism: An occurrence where the initial terrorist actions of
third parties are subsequently supported by interested states; or
2) State acquiescence: Instances where the terrorist activity of non-state actors is
tacitly approved or at least not condemned;57
In both of the above cases the actions of states are at odds with the myth that
these actors always oppose state terrorism. This reality is also in direct contrast with
another widely held belief that terrorism is a weapon of the weak. Even the most
powerful states have found that support for non-state terrorism serves a purpose in
international relations. The United States government has indicated great concern with
the possibilities of state support for non-state terrorism involving computers/computer
networks.
Myth Seven: The source of contemporary political terrorism may be found in the evil of
one or two major actors (the devil made me do it!).
The political expediency of the final myth of terrorism is best explained by
reviewing each of the six previously discussed myths which all demonstrate the essential
flaw of highlighting the importance of actor over action. The ability to equate the horrors
of terrorism with the newly defined satanic character of the state or group engaged in it
creates a powerful tool in the arena of international public opinion58 and also enables us
57 State acquiescence involves the minimal use of state resources, but is also subject to little control on the part of the acquiescing state (See Stohl 1988:183). 58 Evidence of this situation can be found in the public American scolding of the Soviet involvement in training, funding and equipping international terrorists (Stohl, 1988:20).
25
to ignore the potential sources of political cause for the acts which we rightly condemn.
The nature of terrorism as abhorrent as it may be has not precluded its use by a wide
spectrum of actors.
When the tool is successfully employed, the evil of the state in question grows to
mythical proportions and it can be held responsible for all wrongs without addressing the
potential legitimacy of the political grievances which led to the abhorrent act. In addition
to the Soviets, world leaders (Muammar Quaddafi, the Ayatollah Khomeini) and other
terrorist personages (Abu Nidal, Yasir Arafat and Usama Bin Ladin) were all elevated to
devil status and given far more “credit” for the perpetrating of terrorist acts than the
record indicates they had responsibility.59 More recently the concept of Rogue State
(recently banished from the State Department Lexicon) was adopted.
The persistence of the “Devil Theories of Terrorism” myth is, unfortunately, not
merely a concern for terrorism analysts, commentators and the casual observer.
Governmental authorities who have embraced the myth continue to perpetuate it for their
own interests which permits greater freedom to pursue policies that have much to do
with foreign policy interests, but little to do with terrorism abatement60. This said, the
59 See Chomsky’s (1986) Pirates and Emperors: International Terrorism in the Real World for some insightful and provocative (for those who accept terrorism myths) analysis of how the pejorative use of terrorism terminology and the demonization of certain actors works. 60 Perhaps the most obvious example is the American air attack (El Dorado Canyon) against Libyan targets on April 14, 1986, a mere nine days after the terrorist bombing of the La Belle discotheque in West Berlin. By linking Libya (a state) to the bombing, the United States was able to point to a substantive target and thus engage in swift retaliation. The identification of state actors as terrorist perpetrators offers the international community the opportunity to respond to international terrorism by means of established international law. The added attraction of punishing a satanic source of terrorism makes this type of foreign policy response all the more attractive (see Stohl, 1987: 166-67).
26
future analysis of terrorism in the cyber environment must critically assess all origins and
sources of terrorism. If the myth of satanic actors persists into the next generation of
terrorism many opportunities for countering the phenomenon will be lost.
All of the myths outlined above inhibit clear thinking on the subject of terrorism and
are equally important in terms of understanding terrorism of that is of both conventional
and cyber in nature. In light of the relative newness of terrorism and computers a
comparison of the relationship between the seven myths and the reality of conventional
terrorism, combined with a hypothesized view of the reality of cyber terrorism is in order.
These points are illustrated in Table 1.1.Table 1.1: Terrorism
Myths, Conventional Terrorism and Cyber Terrorism
Myth Conventional Reality Hypothesized Cyber Reality
1.Terrorism is Random and lacks specific direction.
Terrorism has a specific purpose and is driven by well defined goals. The often symbolic nature of terrorist violence tends to exacerbate views of its irrational reputation.
Cyber terrorism will continue to be marked with purposeful forays of terrorist threats and violence into the cyber environment. The ever increasing public access to and awareness of this environment adds significant potential for creating a new breed of terrorist monsters.
27
2.Terrorism knows and respects no boundaries.
The history of conventional terrorism has generally been marked by carefully planned terrorist campaigns. The “scourge” of international terrorism has had little impact on the majority of individuals beyond inciting unfounded fears. Successful terrorist groups understand the importance of serving their supporting constituencies and avoid alienating them with unnecessary acts of violence.
In the world of cyber terrorism, terrorists will continue to pick and choose their enemies and targets. While average citizens are not likely to directly experience future violence, they are more likely to become more aware and in some form feel threatened by it. Although major terrorist groups remain cognizant of their constituencies, emerging groups may find room for experimentation within the new environment and expand the boundaries of terrorism.
3. Terrorism is synonymous with massive death and destruction.
Terrorism is not nearly as destructive or fatal as it is often portrayed. Events involving massive fatalities and destruction are the exception rather than the rule. The perceived nature of terrorism is far more unpleasant than its real one. Both terrorist groups and governments have exploited this myth to their own advantage.
The nature of cyber terrorism is best described by the introduction of a new operating environment that brings with it new modes of terrorist operation. There are no compelling reasons to suggest that this development will automatically signal a change in the fundamentals of terrorist behavior. Terrorists have always had the ability to perpetrate acts of mass destruction, but have chosen not to do so. Cyber terrorism certainly offers new means to accomplish these feats, but little in the way of heightened motivation to carry them out.
28
4. Terrorism is the exclusive activity of non-governmental actors and the purpose of terrorism is the production of chaos
The belief that only insurgent non-state groups resort to terrorism has not only compromised awareness of the perpetrators of terrorism, it has also led to inadequate counter- terrorism policy. Terrorism is a form of violence used by both state (governments) and non-state (insurgent) actors. The nature of terrorism remains the same regardless of its source. The purpose of terrorism used by states is the production of order. Although this notion seems to run counter to the contemporary view of the terrorism - insurgency - chaos equation, it is, nevertheless, an important reality. The essence of terrorism remains the same in either case. Only its goals are different.
Both insurgents and states will carve the own niche in the arena of cyber terrorism. There is every indication that governments will find cyber terrorism offers a less conspicuous means of engaging in terrorism (an important consideration given international condemnation of human rights abuses). The purpose of terrorism is obviously different from the nature of terrorism. Terrorism serves many purposes and masters. Terrorists will exploit new forms of technology within the cyber environment and do so with many goals in mind.
5. All terrorists are madmen or criminals
Terrorists emerge from a wide range of economic, historical, political and social conditions. Terrorists can be madmen or criminals, but the true threat of terrorism emanates from a much more complex set of circumstances.
In the world of cyber terrorism, terrorist groups with clearly identifiable political agendas will continue to dominate. Even terrorist campaigns oriented around single issues will be evident. The work of madmen and criminals has little to do with cyber terrorism other than to confuse the true origins of this new form of terrorism.
29
6. Governments always oppose non-governmental terrorism.
Governments often find it useful to support non-governmental terrorists. Support can take a number of different forms and the terrorism itself can be either domestic or international. While terrorism is mistakenly interpreted as the weapon of the weak, major players also support and engage in it.
Cyber terrorists will be supported by states in the same fashion that conventional terrorists are. As long as governments believe that the actions of cyber terrorists are to their own advantage they will support them. If states are falsely lulled into believing that the origins of cyber terrorism are less detectable than those of conventional terrorism, there is a possibility that this calculation will figure in decisions of future support.
7. The source of contemporary political terrorism may be found in the evil of one or two major actors (the devil made me do it!)
The repeated identification of only certain devil or satanic groups as the source of terrorism is a political exercise that has little bearing in reality. Terrorists are not only “leftist”, or “Arab” or even “fascist”. They have many origins and can not be properly dealt with by simply focusing attention on the most “disliked” groups. Terrorism is not about labels, but rather about violent processes related to economic, political and social problems. On the other side of the coin, however, terrorism portrayals (especially those by governments), are frequently linked to the use of labels for purposes of demonization.
In the beginning, the term “cyber terrorist” will be used pejoratively. Cyber terrorism, will be treated as the worst form of terrorism as it is new and its nature remains relatively unknown. Undoubtedly it will be used in concert with other terms such as “Muslim Fundamentalist,” making it even more threatening. Evil actors will be portrayed as cyber terrorists and vice versa. Any confusion of who is responsible for terrorism will be heightened especially if myths of cyber terrorism promote notions that it is even more mysterious than conventional terrorism. Devil actors and cyber terrorism seem likely to go hand in hand.
30
Computers and Terrorism: Linking the Past with the Future
Definitions:61
Despite the use of the term “cyber terrorism” as a new and distinct form of
terrorism, it is more properly defined as new terrorist tactic.62 The nature of cyber
terrorism is governed by the very principles that underpin all terrorism. To reiterate the
thrust of our earlier argument terrorism involves a clearly defined process, not simply a
random act of violence perpetrated by an enemy or other despised entity. Cyber
terrorism by its very title is terrorism that involves a cyber component. As such, it is
essentially the same as any other terrorism. Cyber terrorism is however, unique from
other terrorist tactics in that it does not exist beyond its intimate relationship with
computers. Barry Collins (White, 1998:3), who is said to have coined the term defines
cyber terrorism as “the intentional abuse of a digital information system, network, or
component toward an end that supports or facilitates a terrorist campaign or action.”
Two further definitions of cyber terrorism have been advanced by Dorothy
Denning and Rod Stark. Denning (2000:10) argues that:
Cyberterrorism is the convergence of terrorism and cyberspace. It is generally understood to mean unlawful attacks against computers, networks and the information stored therein when done to intimidate or coerce a government or its people in furtherance of political or social
61 To date, there has been no attempt to catalogue definitions of cyber terrorism in the same manner in which definitions of conventional terrorism are dealt with. 62 The question of exactly how cyber terrorism differs from conventional terrorism has been addressed by John F. Murphy (1999:3-4) who asks, “does the prospect of computer network attacks by terrorists constitute something “really different,” or does it amount only to a new technique of attack for terrorists raising no new issues of law and policy? The answer, it appears, is that the possibility of computer network attacks does raise some new issues, although many of the old conundrums still pertain.”
31
objectives....[A]n attack should result in violence against persons or property, or at least cause enough harm to generate fear.63
Stark (1999:8-9) submits a definition similar to Denning’s in that it attempts to capture
both the conventional and cyber aspects of cyber terrorism. He writes:
[C]yber-terrorism is defined as the purposeful or threatened use of politically, socially, economically or religiously motivated cyber warfare or cyber-targeted violence, conducted by a non-state or state-sponsored group for the purposes of creating fear, anxiety, and panic in the target population, and the disruption of military and civilian assets.64
Stark (199:9) also explains that it is the target that defines the nature of cyber terrorism.
In other words, cyber terrorism involves any attack against information systems and
does not necessarily have to involve the use of computers to do so.
We have chosen to define cyber terrorism as any act of terrorism that uses
information systems or digital technology (computers or computer networks) as either an
instrument or target65. Once again, qualifying descriptors can be used to place cyber
terrorism into more specific contexts. "Cyber terrorism" can be "international",
63 Denning (2000:1) suggests that examples of cyber terrorism would include those incidents that result in casualties, property damage or “severe economic loss.” “Serious attacks against critical infrastructures could be acts of cyberterrorism, depending on their impact. Attacks that disrupt nonessential services or that are mainly a costly nuisance would not.” 64 Stark (1999:9) also adds that in a legal sense cyber terrorism involves the intentional abuse of digital information systems and networks if these actions are in support of terrorist activity. 65 There is still much confusion on this point as is evidenced by the remarks of Michael Vatis, Deputy Assistant Director and Chief, National Infrastructure Protection Center, Federal Bureau of Investigation, to the Potomac Institute for Policy Studies (1998:3): “[W]hat is cyberterrorism? Is it any use of computers or new information technologies by terrorist groups? Or is it a particular type of use of computers of information technologies? Is it the use of those technologies by traditional terrorist groups?..What is a cyber-terrorist?”
32
"domestic", "state" or "political", but the core act involving a combination of the terrorist
act and computers always remains the same.
Two related terms used in describing cyber conflict are “cyberwar” and “netwar.”
Arquilla and Ronfeldt (1998:8) define these as: “Cyberwar - a concept that refers to
information-oriented military warfare” which is becoming more evident at the military end
of the spectrum; and “Netwar [which] figures prominently at the societal end of the
spectrum where the language is normally about small-scale contingencies” These
researchers further (Arquilla, Ronfeldt and Zanini, 1999:82) note that “netwar is more
likely to involve nonstate, paramilitary, and irregular forces - as is the case of terrorism.”
According to Arquilla and Ronfeldt (1999:4) “evidence is mounting about the rise of
network forms of organization and about the importance of “information strategies” and
“information operations” across the spectrum of conflict, including among ethno-
nationalists, terrorists, guerrillas and activists.”66 The key to both cyberwar and netwar is
that “[n]either concept is simply about technology; both refer to comprehensive
approaches to conflict based on the centrality of information - comprehensive in that they
66 This is a helpful distinction as far as information warfare is concerned, but only if a further distinction between non-state actors and terrorists is also made (an issue the authors acknowledge in their later discussion.). Further analysis finds that “ethno-nationalist netwar” has the potential to be one of the more violent forms of netwar (1999:4). Hundley and Anderson (1996:17) meanwhile have identified a set of potential “bad actors” who have access to cyberspace and the objectives behind their actions:
Actor Objective Hackers To satisfy personal agendas
Disgruntled or Co-opted Insiders For a variety of motives Criminals For personal financial gain, etc.
Terrorists or Other Malevolent Groups For Industrial espionage or to disrupt competitors
Nation States For espionage or economic advantage or as a tool of warfare
33
combine organizational, doctrinal, strategic, tactical and technological innovations, for
offense and defense.”(Arquilla and Ronfeldt 1998:9).
Moreover, there is “information warfare” (IW) as it is discussed by military
analysts. Definitions for this concept range from simple: “information dominance” on the
battlefield; to more complex: “actions taken to achieve information superiority by affecting
adversary information, information based processes, information systems, and computer-
based networks while leveraging one’s own information (US Department of Defense).;”
and “deliberate...and systematic attack on critical information activities which seek to
exploit, modify, corrupt information or to deny service (UK Ministry of Defence).”
(Rathmell, 1997:41). In this scenario, cyber terrorism is information warfare used by
“politically motivated” sub-state groups such as the PIRA.67 (Rathmell, 1997).
Finally, a recent bibliography on “information-age warfare” by Timothy L. Sanz
(1998:83) finds, “Cyberwar, infowar, information-based warfare, cyber-terrorism,
netwar, cyberpunks, information (or digital) warriors, information dominance, cyberspace
defense, [and] information chaos...are just a few recent coinages reflecting the language
dealing with the very broad topic of information-age warfare (I-AW).” Most of the present
terminology lacks accepted definitions.68
67 “Politically motivated sub-state groups is a term that covers the gamut from pressure groups in democracies using direct action tactics, through outlawed opposition movements in autocracies to organized paramilitary or terrorist organizations.” (Rathmell, 1997:43). 68 In still another variation, Hoo, Goodman and Greenberg (1997) refer to “Information Technology Terrorism.” Although they offer no specific definition of their own Grabosky and Smith (1998:53), nevertheless, suggest that: “While contemporary terrorists seem to prefer explosives, the possibility of disabling entire communications networks or other major systems would seem to provide a variety of attractive targets.”
34
Significant confusion in understanding cyber terrorism also emerges when cyber
terrorism is confused with “cyber crime”69 and vice versa. Cyber crime is similar to cyber
terrorism in its use of computer networks and information systems, but clearly different in
its motivation and goals. This appreciation, however, is often overlooked.70 In many
instances there is little effort to distinguish the obvious differences between the two.
Perhaps nowhere is this more evident than in policy circles which treat cyber terrorism
simply as an extension of cyber crime. In recent testimony given before the House
International Relations Committee of the US Congress (2000:6), Ambassador Michael
Sheehan, Office of the Coordinator for Counterterrorism notes:
The Commission recommends that the Administration help create an international convention on cyber crime 71....this issue is larger than terrorism and should be addressed in a broader context. After all, terrorism is just one type of international criminal activity that can be perpetrated using the Internet. 72
In another example, the Report of the National Commission on Terrorism (1999:24)
lumps cyber terrorism with cyber crime and suggests they can be dealt with in a similar
fashion.
69 For further discussion of cyber crime see Grabosky and Smith (1998) for a discussion of what they refer to as “crime in the digital age,” or “telecommunications-related crime.” 70 In at least one case a distinction has been made. Rathmell (1997:42) finds that “[i]t is useful to distinguish between three classes of groups [using information warfare] - hackers, criminals and politically motivated sub-state groups.” White (1998:2) also distinguishes between hackers and cyber-terrorists, “hackers and cyber-terrorists differ...in their intentions: Hackers may be only criminally destructive adventurers, whereas cyber-terrorists are advanced enemies of a nation state.” 71 Our emphasis. This seems an awfully odd request given that Ambassador Sheehan’s interests lie with terrorism and not crime. At the very least, the request could focus on methods to deal with cyber terrorism, that might also have implications for curtailing cyber crime. 72 Our emphasis.
35
The discrepancy concerning cyber crime is also found in the ruminations of
analysts such as James Adams (Regan, 1999:2) the head of a security firm called
Infrastructure Defense. Adams finds that “cyber-terrorism is likely to be committed by
Russian organized crime.” The obvious question then becomes, why would criminals
become involved in cyber terrorism and not cyber crime?
A second concern when analyzing cyber terrorism is how this tactic fits within the
overall spectrum of terrorist violence. Generally, analysts understand where to locate
conventional terrorist tactics and actions such as assassinations, bombings and
kidnappings and how to evaluate their outcomes. The same cannot be said for cyber
terrorism. It is a tactic that is often misunderstood and fear of it often assumes
outlandish proportions. An example of the latter thinking can again be found in the latest
government counterterrorism assessments. In Countering the Changing Threat of
International Terrorism a report of the National Commission on Terrorism (1999:8) the
prevailing sentiment is that:
Cyber attacks are often considered in the same context with CBRN.73 Respectable experts have published sobering scenarios about the potential impact of a successful cyber attack on the United States....Certainly, terrorists are making extensive use of the new information technologies, and a conventional terrorist attack along with a coordinated cyber attack could exponentially compound the damage.
In short, discussions of cyber terrorism too easily move from the inconvenience and
disruptions of the hacker to discussions of catastrophic consequences associated with
chemical, biological, radiological and nuclear attacks.
73 CBRN refers to “Chemical, Biological, Radiological or Nuclear” materials. It is believed that terrorists will use these materials in order to cause mass casualties. (Report of the National Commission on Terrorism, 1999:7-8).
36
Present attempts to define and understand cyber terrorism remain mired in biases
that continue to perpetuate the myths surrounding conventional terrorism. Knowledge of
the “who” and “what” of cyber terrorism is limited to ambiguous interpretations of terrorist
actors and speculative extrapolations of potential terrorist activity. In both of the cases
highlighted above, cyber terrorism has become a “catch all” term that can be pulled from
the “trick bag” to fit any number of scenarios or purposes. For the policymaker, this
means that political expediencies often dictate what should be pragmatic measures. In
the case of the analyst the ambiguity in delineating cyber crime from cyber terrorism
gives rise to the pseudo study of the latter. Lastly, it is also essential to remember that
for the victim, the type perpetrator behind the attack is often less important than the
consequences of the attack. “Cyberspace attacks mounted by the different types of
actors are indistinguishable from each other, insofar as the perceptions of the target
personnel are concerned.” (Hundley and Anderson, 1996:18).
The Evolution of Cyber Terrorism
The evolution of cyber terrorism74 can be analyzed by examining how access to cyber
technology is perceived and used by terrorist groups. Two views of the subject are
presented by Schmitt and Rathmell. Schmitt (Murphy, 1999:5) distinguishes between
74 At this point it is also helpful to speak in terms of “cyberspace-based threats.” Rand analysts Hundley and Anderson (1996:1) consider these as, “adverse actions involving and mediated by computer and telecommunications systems and networks.” Accordingly, there are a wide spectrum of possibilities for “evil actions” in cyberspace. “These include attacks on the data contained within the systems, the programs and processing hardware running those systems, and the environment (communications, networks, etc.) in which they operate.” (Hundley and Anderson, 1996:12).
37
information operations and computer network attacks. The former is defined as
encompassing “virtually any nonconsensual actions intended to discover, alter, destroy,
disrupt, or transfer data stored in a computer, manipulated by a computer, or transmitted
through a computer network.” Information systems can be either defensive or offensive in
nature. Computer network attacks are considered offensive information operations and
“disrupt, deny, degrade, or destroy information resident in computers and computer
networks, or the computers and networks themselves.”
Rathmell (1997:3-4) identifies three categories of information warfare that can be
used by sub-state groups. These are:
Category I - new techniques applied to traditional activities in the form of “intelligence
gathering, communication, money laundering and propaganda. All substate groups have
to engage in these to survive;”
Category II - old techniques applied to new activities. This “involves using physical
violence against the information activities of a target entity....[I]ncreasing reliance of all of
these entities [armies, governments, nation-states or companies] on information activities
enables a sub-state group to leverage its limited resources into a damaging attack;” and
Category III - new techniques applied to new activities. This “involves using digital attack
techniques against the information activities of a target entity...[and] is perhaps the
purest form of IW....”75
Let us consider two primary components of cyber terrorism, terrorist employment
of computers for non-violent activity that facilitates, but falls short of terrorism, and
75 Rathmell (1997:3) suggests that the third category of information warfare is of the most concern to the public imagination.
38
terrorist activity where computer technology is a specific component (weapon or target)
of a terrorist incident.76
a) Computer technology as a facilitator of terrorism:
Terrorist groups increasingly use computer technology (as many political,
commercial and criminal entities do) to secure many of their organizational goals.77 In this
sense, terrorist groups are simply exploiting modern tools to accomplish the same goals
they sought in the past. The difference between conventional terrorist tactics and those
involving computers can be found in three key ingredients: ease of operations; developing
potential; and increased anonymity. None of these activities are easily detected or readily
countered and thus, enable terrorist groups that take advantage of computer technology
to create viable support structures to further their tactical and strategic goals.78 These
are accomplished through:
- political propaganda (including disinformation programs)
- recruitment
- financing
- intra and inter-group communication and coordination
- information/intelligence gathering
76 In their Terrorism Update (1998:1), the Anti-Defamation League notes that, “[t]errorism and the Internet are related in two ways.” The first involves the Internet as a forum for terrorist propaganda and the second involves individuals or groups attacking computer networks (cyberterrorism or cyberwafare). 77 The Report of the National Commission on Terrorism (1999:12) concurs suggesting that “[t]errorists are using the same modern technology as the rest of us....” 78 In its 1998 (1999:17) report on terrorism in the United States, the Federal Bureau of Investigation finds: “Terrorists are known to use information technology and the Internet to formulate plans, raise funds, spread propaganda, and communicate securely.”
39
-stealth/anonymity in both routine activity and tactical operations
-ease of operations that are “cost effective” both in terms of resources expended
and ability to strike world-wide
Specific examples of the facilitation of terrorism through the use of computer
technology illustrate the appeal this technology has for terrorist groups interested in
advancing their particular agendas. The use of the Internet for propaganda and
disinformation purposes is an especially popular one. Many exiled political opposition
groups emanating from such states as Iran, Iraq, Mexico, Northern Ireland and Saudi
Arabia have used the World Wide Web for just such purposes (Rathmell, 1997:4-5).
Neo-Nazi groups (White 1998), the Colombian ELN, Hezbollah and Zapatistas79 (World
Report, 1998:1) have also adopted similar tactics. One of the most demonstrative
examples, however, involves the case of the December, 1996 takeover of the Japanese
Ambassador’s residence in Lima, Peru by the Tupac Amaru Revolutionary Movement
(MRTA). Not only did this terrorist group use the Internet to communicate its
revolutionary message to the rest of the world through a European website, it even
offered a video clip of its members preparing for their mission.80 (Damphousse and
Smith, 1998:216). The added attractiveness of the Internet for terrorists is that the
widest possible audience for their violent activity not only reiterates the major themes of
their campaigns, it also heightens fear in the target audience by reminding it of the
potential for future violence.
79 In the case of the Zapatistas, as group of supporters called the Electronic Disturbance Theater (EDT) have used the Internet stage disturbances as a means of on-line protest. (Denning, 2000,2). 80 Internet sites were also established in Canada and the United States in support of the MRTA’s activity (Anti-Defamation League, 1998:1).
40
In addition to aiding terrorist propaganda, computer networks also enhance
terrorist recruitment and financing. Various supremacist groups in the United States have
also used the Internet for financial gain (Damphousse and Smith, 1998:220). In still
another example, Damphousse and Smith (1998:220) have found that “international
terrorist groups such as Peru’s Shining Path (Sendero Luminoso) have web sites where
supporters seek to export the revolutionary message...while the groups seek financial
support by hawking revolutionary products like T-Shirts, posters and videos.” All in all,
cyber technology especially in the form of the Internet is an attractive tool for terrorist
groups desiring to strengthen their basic infrastructures.
The nature of modern computer technology is such that it also lends itself to the
communication and intelligence activities of terrorist groups. The attractiveness of this
feature for groups eager to expand their activities can be explained as follows:
IT [Information Technology] gives individuals and groups a reach and influence that was previously reserved for well-organised, state-funded terrorist organisations. It represents, in many respects, the ‘death of distance’. Physical distance and national borders that once separated terrorists from their co-conspirators, their audience and their targets cease to exist in the world of modern telecommunications and the internet. (Hoo et al., 1997:138).
Organizations such as the Islamic fundamentalist groups which follow Usama Bin
Ladin81 (Arquilla et al., 1999:91-92) and Hamas (Anti-Defamation League, 1998:1)82 rely
on computers to coordinate their activity. The Revolutionary Armed Forces of Colombia
(FARC) for example is known to respond to press inquiries via e-mail. (Anti-Defamation
81 “Back in 1996 the headquarters of terrorist financier bin Laden in Afghanistan was equipped with computers and communications equipment.” (Denning, 2000:12). 82 In extreme instances Hamas has used its web sites to appeal for its supporters to murder Jews (1998:1).
41
League, 1998:1). In the case of the intelligence gathering activities of terrorist groups,
computer networks and access to the World Wide Web are equally important.
Modern computer technology has not only enhanced much of the above activity,
but has done so in such a fashion that the terrorist groups that utilize it are now able to
operate beyond the purview of traditional counter terrorist approaches.83 The terrorist
ability to engage in “growth activity” such as recruitment, communication and especially
financing without the knowledge of state authorities may inevitably lead to stronger and
hence, more resilient terrorist groups. In turn, the potential for terrorist groups to engage
in activity that focuses less on threats and more on tangible actions is significantly
heightened. Modern terrorist groups that are able to develop undetected may become
stronger, more elusive and deadlier than their earlier counterparts.84 Moreover, and
perhaps even more importantly the advent of computer networks has spawned a new
direction in the organizational structure of terrorist groups. Terrorist groups utilizing
computers for communication are likely to move beyond hierarchical organizational
structures and employ networked ones.85
b): Computer technology as a specific component of terrorist weapons or targets:
83 The use of effective encryption devices for communication purposes are very important in this respect. 84 This said, the original objectives and motivations of terrorist groups must be kept in mind. In particular, it is important to ask: In what respect will computer technology which facilitates terrorist group development impact terrorist desires to escalate the level of violence they now exercise? 85 See Arquilla, Ronfeldt and Zanini (1999) for a detailed discussion of this point especially as it relates to Usama Bin Ladin and a growing network of Islamic fundamentalist groups.
42
Terrorist groups engaging in cyber terrorism are noted for threats to commerce,
public safety and national security.86 These threats can take any number of forms, but
are generally parlayed into computer versus computer confrontations (While the current
discussion focuses on the use of “high tech” applications in terrorist operations, “low
tech” operations against a victim’s “high tech” infrastructure should not be ignored.)
Terrorist groups use their own computer technology to threaten or attack a victim’s
computer resources. This can take the form of threats or attacks against national
infrastructures that have become heavily reliant and interconnected to computer
networks.87 Activity of this sort is tangible in nature and thus, generates most of the
interest we have in cyber terrorism today. Cyber terrorist threats can include:
- rapid communication of threats to a wide or specific audience
- threats to public utilities and transportation
- threats to commercial institutions and transnational corporations
- threats to IGOs and NGOs
- threats to individuals
- threats to political groups or other ethnic, religious or nationalist entities (all of
these can include other terrorist groups) identified as “the enemy”
- threats to security forces
86 Although the actual identification of and reference to specific threats remains minimal (which begs the question of whether there have been any actual threats), there is clearly a perceived threat. In the case of the United States this perception/reality has led to the signing of Presidential Decision Directive 63 and the establishment of the National Infrastructure Protection Center (NIPC). 87 The FBI (1999:17) has warned that: “While the threat of conventional, physical attacks on our critical infrastructures has always been a source of concern, electronic, information-based attacks constitute a relatively new and growing threat.”
43
- threats to nation states
What we occasionally see (what is reported) is actual damage to the above targets in
the form of temporary disruption of services,88 public inconveniences or financial loss.
These incidents, however, are most often in the form of cyber crime and fall short of
what is considered as cyber terrorism.89 Denning (2000:23) contends, “there are few if
any computer network attacks that meet the criteria for cyberterrorism.” Moreover,
”[t]here is little concrete evidence of terrorists preparing to use the Internet as a venue
for inflicting grave harm.” (Denning, 2000:24). In summary, there have been no instances
where cyber terrorism has been directly translated a catastrophic loss of life or physical
destruction associated with the most violent acts of “conventional” terrorism. The threat,
however, remains real and takes on an added significance when the growing potential of
terrorist group resources90 is considered.
Assessing the Cyber Terrorist Threat
Terrorist Groups, the Cyber Environment and the New Terrorist Agenda
Many studies have dealt with terrorism by examining the nature of terrorist group
characteristics and their resultant behavior. Few, however, have taken into account how
88 There are at least two examples of disruption of services being linked to terrorist groups. In the first case in 1998, Spanish protesters disrupted the operations (through cyber tactics) of the Institute for Global Communications because the Internet service provider had hosted a web page in support of the ETA a Basque separatist group. In the second case, also in 1998, a Tamil group from Sri Lanka calling itself the “Internet Black Tigers” managed to disrupt the communications of Sri Lankan embassies with extensive e-mail attacks (Denning, 2000:2). 89Many of the references cited above discuss these incidents of cyber crime as they relate to cyber terrorism. See Denning (2000), FBI (1999), and Rathmell (1997) for examples. Also see Busby (2000:3-4) for several examples of commercial threats. 90 Part of the growing potential can be found in the proliferation of “cyber attack” tools. (FBI, 1999:17).
44
the cyber environment will impact this behavior. In order to assess accurately the nature
of the terrorist threat in this decade, it is imperative to include the significance of this
factor into future analyses.
Part of the “mystique” of terrorism can be understood by identifying the profile of
actions or motivations that drive the actions of various terrorist groups. Each group has a
relatively unique identity that helps to define how it will behave. While it is unlikely that the
emergence of computer technology will radically reshape the essence of why certain
terrorist groups choose to exist, the convergence of this technology along with a number
key political and social changes will ultimately be reflected in a “new terrorist agenda.”
Perhaps the most profound environmental change to affect the course of terrorism
in the last decade has been the collapse of the former Soviet Union. The end of the cold
war and the rise of the present American hegemony has had important implications for
the many political ideologies that have encouraged and sustained terrorist campaigns
over the last forty years. In particular, the goal of a left-backed global revolution is no
longer tenable. At the same time, the demise of all but a few communist states has
eliminated the raison d'être of many right-wing groups whose existence depended upon
their identification as the bulwark of anti- communism
The ideological void faced by terrorist groups of the twenty-first century has not,
however, led to the demise of terrorism. In contrast to earlier periods where leftist or
Marxist ideologies were mistakenly characterized as the greatest source of international
terrorism, religious identity has now taken center stage.91 Nationalist and ethnic sources
91 This is especially true if the American perspective of current international terrorism is considered. Testimony before the House International Relations Committee (1999) by Ambassador Michael Sheehan stresses this point with warnings that both the Taliban of
45
which were always a prominent, but less emphasized aspect of terrorist motivations
continue in importance. Nationalist and ethnic ambitions have been further accentuated by
regional conflicts, some of which have also developed along religious lines. Despite
noteworthy changes in the global political environment, non-state terrorism continues.
Terrorist Groups, the Cyber Environment and the New Evolution of Terrorist Group
Resources
The ability of terrorist groups to capitalize on modern computer technology is now
a requisite for developing the underlying basis for effective and robust activity. In
previous decades, terrorist groups were initially constrained because the accumulation of
sizeable resources was inevitably linked to sufficient manpower and the ability to keep
growth activities clandestine. The recent introduction of computer technology has not
lessened the need to accumulate similar resources, but has had major implications for
how they are accrued.
In order to succeed92 in what can only be described as an increasingly competitive
(enhanced security measures and awareness, negative public opinion, lack of external
state support, poorly defined ideologies, constantly changing international problems)
political and social environment, terrorists groups must ensure that they are able to
develop the appropriate infrastructure to continue to operate on a regular basis. Groups
that fail to do so will not survive.
Afghanistan (a fundamentalist Islamic group) and the Saudi Arabian terrorist (who operates out of Afghanistan) Usama Bin Ladin represent the future face of international terrorism. Bin Ladin in particular is singled out as having created a “transnational terrorist enterprise.” Other groups that fall within the same vein include the Egyptian Islamic Jihad, Algerian Armed Islamic Group and Kashmiri separatist. 92 In this case “succeed” refers to the ability of a terrorist group to sustain itself until it has completed its stated goals.
46
Many terrorist groups which previously could court state sponsors for resources
now can consider cyber terrorism as a cost-effective tactic that frees them from a
reliance on outside support. On this point Rod Stark (1999:45) writes:
A significant evolution in terrorism is that malefactors are beginning to discover cyber terrorism as a way of sidetracking the need for state-sponsorship due to the low cost and anonymity. Independents do not need to rely on states for the necessities such as funds, training or sanctuary.
Kevin Soo Hoo and his colleagues (1997:143) concur on the expanding role of
information technology and its impact on the state sponsorship of terrorism. They note in
part that:
[T]errorists engaged in IT-enabled forms of terrorism may escape the need for state funding. Compared to the costs modern terrorists incur for armaments, international travel and training facilities, IT terrorism is relatively inexpensive...In the final analysis, state sponsorship may no longer be the essential ingredient it once was for terrorists as IT effectively renders the many advantages of state sponsorship obsolete.
The opportunities presented by the cyber environment to what would otherwise be
marginally viable terrorist groups has translated into more groups that are less reliant on
external sponsors. As a terrorist group’s freedom from sponsorship grows, so does its
freedom to pursue a truly idiosyncratic campaign of terrorism.
Terrorist Groups, the Cyber Environment and the New Potential of Terrorism
The question of terrorist behavior as it relates to the cyber environment has yet to
be answered with any certitude as little research emphasis has been placed on
explaining how various types of terrorist groups will approach and exploit evolving
computer technology. General patterns of terrorist behavior as they relate to cyber
terrorism have been addressed in the previous section, but it is helpful to take an
additional step if the complexity of terrorist group cyber activity is to be fully understood.
47
In order to proceed with the analysis of cyber terrorism and terrorist group
behavior a small, but functional typology has been created with the intent of identifying
basic terrorist group characteristics which are thought to influence much of their activity.
The typology is composed of four classes of terrorist group which are currently active
and are likely to develop their own sets of cyber modus operandi. The four classes of
terrorist group comprising the typology and relevant examples of these groups are as
follows:
1) Nationalist/Ethnic (Basque Fatherland and Liberty - Military Wing (ETA-M), Provisional
Wing of the Irish Republican Army (PIRA), Liberation Tigers of Tamil Eelam (LTTE));
2) Religious (Armed Islamic Group (GIA), Aum Supreme Truth - Aum Shinrikyo (Aum),
Egyptian Islamic Jihad);
3. Political (Covenant, the Sword and the Arm of the Lord (CSA), Revolutionary
Organization 17 November (17 November), Tupac Amaru Revolutionary Movement
(MRTA));
4. Single Issue (Animal Liberation Front (ALF), Earth Liberation Front, People for the
Ethical Treatment of Animals (PETA)).
Each class of group varies from one another in terms of motivation,93 size,94 age,95
parliamentary representation (or lack thereof),96 political constituency,97 enemy98 and
93 The political motivation of a terrorist group is an important factor in determining the direction the group will take in terms of both the scope and intensity of its operations. 94 The size of a terrorist group is indicative of its resources, outside support and ability to stage both sophisticated and protracted activity. 95 The age of a terrorist group indicates superior survivor skills, greater likelihood of constituent support and group traditions (sometimes equated with established modus operandi).
48
theater of operations.99 In a conventional environment the features of a terrorist group
will either retard or enhance what a group is willing and capable of conducting. In a cyber
environment the same rationale applies with the caveat that access to computers and
computer networks add a new dimension to how group behavior is determined.100
The extent of change in terrorist group behavior from conventional to cyber
settings is dependent on the degree to which the groups desire and are able to interface
with their new tool of choice. At least two initial observations can be made in this regard.
First, terrorist groups will universally adopt those aspects of the cyber environment that
will enable them to operate and grow with a greater degree of efficiency. This is to say
that all types of terrorist groups stand to benefit from improved communication skills
96 Terrorist groups with some form of parliamentary representation are generally represented by both a political and military wing. These groups are more likely to have well-defined, long term political goals and represent larger political or social constituencies. 97 The political constituency of a terrorist group is important in terms of supporting group infrastructure, but inevitably constrains certain group activities if they do not conform with the expectations of the larger group. 98 The stated enemy of a terrorist group is an important component of target selection and also helps to determine operational features such as scope, intensity and frequency. 99 The theater of operations of a terrorist group will vary according to the group’s identification of potential targets, ability to operate in a variety of environments and other political considerations related to limiting the scope of a terrorist campaign. 100 On a related note, Arquilla, Ronfeldt and Zanini (1999:97-98) present three hypotheses relating the emergence of information technology with organization for netwar. In sum, terrorist group organizational structure and the use of information technology are hypothesized to be closely related.
49
whether they are used purely for propaganda purposes, act as new vehicles of financial
growth, or are even used more discreetly for intra/inter group conferencing.101
The second observation centers on how each class of terrorist group will move
beyond the relatively “simple” task of using computers for non-violent purposes to
actually engage in cyber terrorism. The degree to which terrorist groups embrace
computer technology as weapon of choice remains to be seen. At one level, the use of
cyber technology for inflicting harm on a victim requires a greater level of sophistication
than merely using the same technology for communication or propaganda. Not only, must
there be some level of expertise in translating the “raw” cyber technology into a weapon
of destruction, there must be a recognition that the effectiveness of this alternative
supercedes conventional options. Simply stated, a cyber attack against an opponent
should produce similar or greater results102for less effort than a conventional one.103 Can
for instance, the cyber disruption of an air traffic control system (with the intent of
endangering civilian air traffic) be undertaken with less effort, produce the same results
and have a greater likelihood of success than an attack on the same system by
conventional means (armed attack, or bombing), or a conventional attack that bypasses
the air traffic control system in favor of a direct attack on an airliner? If the answer is an
101 Suffice it to say, there are still likely to be variations both within and between group type as a number of factors such as individual expertise, physical access to computers and ambition to abandon traditional methods in favor of new ones continue to enter into group planning. 102 These can be thought of as a greater degree of terror or longer lasting fear on the part of the victim. 103 Less effort is defined in terms of fewer resources, less manpower and quicker/easier planning, all of which should translate into reduced risk/greater likelihood of logistical success.
50
affirmative one, there is room to believe that cyber terrorism will become an accepted
method of operation and find favor with a widening array of terrorist groups. If the
answer is negative, however, conventional themes will continue to define terrorist activity.
The second consideration influencing the attractiveness of cyber terrorism as a
preferred tactic revolves around its destructive potential and the degree to which it can
effectively terrorize an opponent. Much has been made of the increasing capabilities of
cyber terrorists (FBI, 1999:12) and the many vulnerabilities inherent in national
infrastructures (Rathmell, 1997, Stark, 1999). Relatively little discussion, however, has
been focused on the extent of destructive/lethal incidents of cyber terrorism, as well as
their consequences.104 Evidence, would thus suggest, that there is a sizeable gap
between the potential and reality of the cyber terrorist threat. Terrorist groups embarking
on this new path of violence surely recognize its limitations just as they do when
preparing to engage in conventional acts of terrorism. In short, cyber terrorism must be
judged pro forma as a new tactic and not necessarily as a greater or for that matter,
lesser type of threat.
In all likelihood, the efficacy of cyber terrorism will be demonstrated in select
incidents with the greatest emphasis placed on conventional attacks against cyber
infrastructures. Attacks against infrastructures in general are not part of a new terrorist
strategy, but rather an ongoing tactic designed with both symbolic and disruptive
104 Michael Whine (1999:10) stresses this point in the conclusion to his article, Cyberspace, A New Medium for Communication, Command and Control by Extremists: “Fears by western governments that their national infrastructures may be a target for information warfare or cyber-terrorism may be well-founded, but the evidence so far is that sub-state groups at least, use ICT’s [information and communication technology] mainly for propaganda, secure communications, intelligence gathering and funds management.”
51
purposes in mind. In at least one notable case the Provisional Wing of the Irish
Republican Army was involved in terrorist attacks against an assortment of British
national infrastructure targets particularly after 1988.
This has been a result of a recognition that bomb attacks on these targets are low risk, both to the Active Service Units (ASU) and to the civilian population...[and] can inflict substantial costs on the economy and generate extensive publicity. These attacks have focused on the transport infrastructure..., the energy and power infrastructures and on commerce. (Rathmell, 1997:6).
With the growing interconnectedness of infrastructures relying on cyber technology, the
targeting selection of cyber terrorism is likely to be significantly influenced by those
targets that allow for a maximum level of disruption. The same, however, is not
necessarily true with respect to the mode of attack. Cyber technology allows for an
addition variable to be introduced into tactical equations, but clearly represents a single
choice in terms of overall modes of operation.
Given the likely range of possibilities for the future of cyber terrorism and the
manner in which different types of terrorist groups will adopt them, the following table
highlights the hypothesized relationship between the two.
Table 1.2: Terrorist Group Characteristics and Hypothesized Cyber Behavior
Group Type Group Characteristics Hypothesized Group Behavior When Using Cyber Technology
Nationalist/ Ethnic
-national or ethnic identity -relatively large in size and mature in age -political wing -relatively well defined political constituency, enemy and theater of operations
Nationalist/ethnic groups will find increasing uses for computer technology particularly as it creates opportunities for gaining new sources of financing from abroad (expatriate communities). The same applies to the broadening of terrorist propaganda and other related
52
political campaigns. The larger, more mature groups are already successful in terms of engaging in violence and should identify computer technology more as a means to diversify the nature of their campaigns.
53
Religious -religious identity often driven by
a fundamentalist viewpoint -variable size and generally immature -minimal parliamentary representation -loosely defined political constituency, specific enemy and variable theater of operations
Religious terrorist groups are emerging at a time when cyber technology offers many advantages to new, loosely structured and politically extreme terrorists. The cyber environment will allow religious terrorist groups to coordinate many small cells in larger terrorist campaigns. This behavior typifies how conventional activity will be implemented and directed through cyber tactics. Some initial lack of inhibition will also mean that religious groups will be more likely to seek out cyber tactics consistent with heightened damage or casualties.
Political -ideologically oriented generally emanating from the far left or right of the political spectrum -relatively small and immature -minimal parliamentary representation -well defined, but generally disinterested political constituency, ideologically defined enemy and variable, but limited theater of operations
Political terrorist groups given their relatively small size and lack of stature will utilize cyber technology to accentuate their strengths and camouflage their weakness. In short, these groups will increase their activity through: “cyber threats” and follow-up propaganda, recruitment globalizing the scope of their operations to target new victims (previously beyond conventional reach), interaction with like-minded groups and attempts to gain greater recognition through acts of cyber terrorism that escalate damage and casualties.
Single Issue - political activist groups that are formed to redress a specific political grievance - relatively small and immature - possible sympathy from individual parliamentarians, but lacking in formal representation - narrowly defined constituency, well-defined enemy and limited theater of operations
Single-issue groups while generally dedicated to fighting for a single cause will nevertheless find cyber technology attractive for purposes of spreading related propaganda, intensifying threats and communicating with similarly inclined groups. Areas of concern for this type of group include diversification of initial grievances, greater scope of operations and the possibility of contagion.
54
Observations and Conclusions
The state of the relationship between terrorism and computer technology is such
that its potential is best understood by reexamining contemporary theory and practice of
the phenomenon. While the study of terrorism routinely exaggerates such acts as
assassinations, bombings, hijackings and kidnappings, these events account for a
relatively small portion of what occurs within the rubric of the terrorism experience and
are meaningless if they are not understood in terms of their overall consequences.105 The
same is true with respect to cyber terrorism.
The rapidly emerging cyber environment brings many concerns and uncertainties.
Modern computer technology is such that it offers contemporary terrorist groups a wide
range of opportunities to continue their campaigns of violence and if they are proficient,
significantly further their political objectives. For the most part, computer technology will
play a major role in providing a wider range of options for terrorist growth potential.
While this is not cyber terrorism per se, it does have critical implications for the future of
both conventional and cyber terrorism. The fact that group infrastructures will evolve to
mirror these changes is also a salient concern. Developments in the organizational
structure of terrorist groups will not only test existing counter terrorist intelligence efforts,
but will undoubtedly facilitate new and potentially unconventional terrorist group alliances.
105 Whether or not this appreciation of terrorism actually receives its due in the formulation of counter terrorist policy, it has nevertheless been articulated in the latest State Department (2000:5) report on global terrorism. “Furthermore, terrorist acts are part of a larger phenomenon of politically inspired violence, and at times the line between the two can be difficult to draw.”
55
The “real” cyber terrorism has yet to evolve beyond the nuisance stage. While the
potential for serious cyber attacks that physically destroy national infrastructures should
not be treated lightly, the destructive nature of this form of violence must be kept in
context. First, there are no compelling reasons to believe that cyber attacks will be any
more deadly than conventional ones. Second, terrorist desires to escalate current levels
of violence are as much dependent on who the groups are and what they hope to
achieve, as upon the weapons they have at hand.
Doomsday and other haunting scenarios involving weapons of mass destruction
existed long before the advent of cyber terrorism and will continue to do so as long as
political actors, security firms and others who can benefit from them can exploit the basic
myths surrounding terrorism for their own purposes (some of which are indeed for the
purpose of encouraging proper preparation and protection). We will better prepare
ourselves for such purposes by examining not only the doomsday scenarios in our
darkest imaginations and the vulnerabilities which lead to them but also the probabilities
of exploitation and how to protect against such actions. Instead of simply equating cyber
terrorism with the zenith of terrorist violence, a much wiser approach will examine how
the cyber environment both facilitates and encourages terrorist behavior beyond
conventional standards and how it affects the ability of states and the private sector to
gather information and create technical as well as political countermeasures. If the
fundamentals of terrorism remain the same, the quest to understand cyber terrorism is
as much about comprehending the past, as it is about predicting the future.
56
References
Anti-Defamation League. “Terrorism Activities on the Internet - Terrorism Update.” http://206.3.178.10/terror/focus/16_focus_a.html. 1999. Anti-Defamation League. “CyberTerrorism - Terrorism Update.” http://206.3.178.10/ terror/focus/16_focus_a2.html. 1999. Arquilla, John and David Ronfeldt. “The Advent of Netwar: Analytic Background.” Studies in Conflict and Terrorism. Vol. 22, Issue 3, July-September, 1999. Arquilla, John and David Ronfeldt. The Zapatista Social Netwar in Mexico. Santa
Monica, California. Rand, 1998. Arquilla, John, Ronfeldt, David and Michele Zanini. “Networks, Netwar and Information-
Age Terrorism.” in Zalmay M. Khalilzhad and John P. White (eds.). The Changing Role of Information in Warfare. Santa Monica, California, Rand, 1999.
Busby, Col. Daniel J.. “Peacetime Use of Computer Network Attack.” Carlisle Barracks,
Pennsylvania: U.S. Army War College, 2000. Chomsky, Noam. Pirates and Emperors: International Terrorism in the Real World. New
York: Claremont Publications, 1986. Damphousse, Kelly R. and Brent L. Smith. “The Internet: A Terrorist Medium for the 21st
Century.” in Harvey W. Kushner (ed.). The Future of Terrorism: Violence in the New Millennium. Thousand Oaks, California: SAGE Publications, Inc. 1998.
Denning, Dorothy E..Activism, Hacktivism, and Cyberterrorism: The Internet as a Tool
for Influencing Foreign Policy., http://www.nautilus.org/info-policy /workshop /papers/denning.html., February 4, 2000.
Denning, Dorothy E..Cyberterrorism. Testimony before the Special Oversight Panel on
Terrorism Committee on Armed Services U.S. House of Representatives, May 23, 2000.
Flemming, Peter A.. Patterns of Transnational Terrorism in Western Europe, 1968-1987:
A Quantitative Perspective. West Lafayette: Purdue University, Ph. D. Dissertation, 1992.
Fowler, William Warner. Terrorism Data Bases: A Comparison of Missions, Methods,
and Systems. Santa Monica: Rand, 1981. Grabosky, P.N. and Russell G. Smith. Crime in the Digital Age: Controlling
Telecommunications and Cyberspace Illegalities. New Brunswick, New Jersey: Transaction Publishers, The Federation Press, 1998.
57
Gross, Feliks. The Seizure of Political Power. New York: Philosophical Library, 1957. Gurr, Ted Robert.”Empirical Research on Political Terrorism: The State of the Art and
How it Might Be Improved.” in Robert O. Slater and Michael Stohl (eds.). Current Perspectives on International Terrorism.London: The MacMillan Press Inc., 1988.
Hoo, Kevin Soo, Seymour Goodman and Lawrence Greenberg. “Information Technology
and The Terrorist Threat.” Survival. Volume 38, Number 3, Autumn 1997. Hundley, Richard O. and Robert H. Anderson. A Qualitative Methodology For The
Assessment of Cyberspace-Related Risks. Santa Monica: Rand, 1996. Mickolus, Edward F.. Terrorism, 1988-1991: A Chronology of Events and A Selectively
Annotated Bibliography. Westport, Connecticut: Greenwood Press, 1993. Mickolus, Edward F..Transnational Terrorism: A Chronology of Events, 1968-1979.
Westport, Connecticut: Greenwood Press, 1980. Mickolus, Edward F., Todd Sandler and Jeanne Murdock. International Terrorism in the
1980s: A Chronology of Events (Volume I 1980-1983). Ames, Iowa: Iowa State Press, 1988.
Mickolus, Edward F., Todd Sandler and Jeanne Murdock. International Terrorism in the
1980s: A Chronology of Events (Volume II 1984-1987). Ames, Iowa: Iowa State Press, 1988.
Mickolus, Edward F., Todd Sandler, Jeanne Murdock and Peter A. Flemming. ITERATE
III: Attributes of Terrorist Events, 1978-1987. Falls Church, Virginia: Vinyard Software, 1988.
Mickolus, Edward F. with Susan L. Simmons. Terrorism, 1992-1995 : A Chronology of
Events and A Selectively Annotated Bibliography. Westport, Connecticut: Greenwood Press, 1997.
Murphy, John F.. “Computer Network Attacks By Terrorists: Some Legal Dimensions.”
1996. National Commission on Terrorism. Countering the Changing Threat of International
Terrorism. Report of the National Commission on Terrorism, http://www.fas.org/irp/threat/commission.html. 1998.
Potomac Institute for Policy Studies. “Seminar On Cyber-Terrorism and Information
Warfare: Threats and Responses.” Proceedings Report PIPS-98-2, Arlington, Virginia: Potomac Institute for Policy Studies, 16 April, 1998.
58
Potomac Institute for Policy Studies. “Special Briefing On Terrorism: Current and Future
Trends.” Proceedings Report, Arlington, Virginia: Potomac Institute for Policy Studies, 23 August, 1998.
Rathmell, Dr. Andrew. “Cyber-terrorism: The Shape of Future Conflict,” Royal United
Service Institute Journal. October, 1997. Sanz, Timothy L.. “Information-Age Warfare: A Working Bibliography.” Military Review.
Volume LXXVIII, Number 2, March-April, 1998 Schelling, Thomas. Arms and Influence. New Haven: Yale University Press, 1966. Schmid, Alex P. and Albert J. Jongman. (eds.) Political Terrorism: A New Guide to
Actors, Authors, Concepts, Data Bases, Theories and Literature. New York: North-Holland Publishing Company, 1988.
Sheehan, Michael. “Senate Foreign Relations Committee.” Office of the Coordinator for
Counterterrorism. Washington, DC. June 15, 2000 Sheehan, Michael. “Testimony Before the House International Relations Committee.”
Office of the Coordinator for Counterterrorism. Washington, DC. July 12, 2000. Simon, Jeffrey D..The Terrorist Trap: America’s Experience with Terrorism.
Bloomington: Indiana University Press, 1994. Sluka, Jeffrey A.. Hearts and Minds, Water and Fish: Support for the IRA and INLA in a
Northern Irish Ghetto. Greenwich, Connecticut: JAI Press, Inc. 1989. Smith, Brent L.. Terrorism in America: Pipe Bombs and Pipe Dreams. Albany: State
University Press of New York, 1994. Smith, Brent L. and Kelly R. Damphousse. “Two Decades of Terror Characteristics,
Trends, and Prospects of the Future of American Terrorism,” in Harvey W. Kushner (ed.). The Future of Terrorism: Violence in the New Millennium. Thousand Oaks, California: SAGE Publications, Inc. 1998.
Southern Poverty Law Center. False Patriots: The Threat of Antigovernment Extremists.
Montgomery, Alabama: Southern Poverty Law Center, 1996. Stark, Rod. “Cyber Terrorism: Rethinking New Technology,” Department of Defense and
Strategic Studies, 1999. Stohl, Michael. “Demystifying Terrorism: The Myths and Realities of Contemporary
Political Terrorism,” in Stohl, Michael (ed.). The Politics of Terrorism. Third Edition. New York: Marcel Decker, Inc., 1988.
59
Stohl, Michael (ed.). The Politics of Terrorism. Third Edition. New York: Marcel Decker,
Inc., 1988. Stohl, Michael. States, “Terrorism and State Terrorism: The Role of the Superpowers,” in
Robert O. Slater and Michael Stohl (eds.). Current Perspectives on International Terrorism. London: The MacMillan Press, Ltd., 1988.
US Department of Justice. Terrorism in the United States, 1998. Washington D.C.:
Federal Bureau of Investigation, Counterterrorism Threat Assessment and Warning Unit, National Security Division, 1999.
US Department of State. Patterns of Global Terrorism: 1983. Washington D.C.: US
Department of State, August 1984. US Department of State. Patterns of Global Terrorism: 1984. Washington D.C.: US
Department of State, November 1985. US Department of State. Patterns of Global Terrorism: 1985. Washington D.C.: US
Department of State, October 1986. US Department of State. Patterns of Global Terrorism: 1986. Washington D.C.: US
Department of State, January 1988. US Department of State. Patterns of Global Terrorism: 1987. Washington D.C.: US
Department of State, August 1988. US Department of State. Patterns of Global Terrorism: 1988. Washington D.C.: US
Department of State, March 1989. US Department of State. Patterns of Global Terrorism: 1989. Washington D.C.: US
Department of State, April 1990. US Department of State. Patterns of Global Terrorism: 1990. Washington D.C.: US
Department of State, April 1991. US Department of State. Patterns of Global Terrorism: 1991. Washington D.C.: US
Department of State, April 1992. US Department of State. Patterns of Global Terrorism: 1992. Washington D.C.: US
Department of State, April 1993. US Department of State. Patterns of Global Terrorism: 1993. Washington D.C.: US
Department of State, April 1994.
60
US Department of State. Patterns of Global Terrorism: 1994. Washington D.C.: US Department of State, April 1995.
US Department of State. Patterns of Global Terrorism: 1995. Washington D.C.: US
Department of State, April 1996. US Department of State. Patterns of Global Terrorism: 1996. Washington D.C.: US
Department of State, April 1997. US Department of State. Patterns of Global Terrorism: 1997. Washington D.C.: US
Department of State, April 1998. US Department of State. Patterns of Global Terrorism: 1998. Washington D.C.: US
Department of State, April 1998. US Department of State. Patterns of Global Terrorism: 1999. Washington D.C.: US
Department of State, April 2000. US Department of State. Patterns of International Terrorism: 1981. Washington D.C.:
US Department of State, August 1982. US Department of State. Patterns of International Terrorism: 1982. Washington D.C.:
US Department of State, September, 1983. US News and World Report. “Terrorists on the Web: Electronic ‘Safe Haven’ Guerrillas
Use Guns, Bombs and Home Pages.” Volume 124, Issue 24, p.46., June 22, 1998.
Whine, Michael. Cyberspace: A New Medium for Communication, Command and
Control by Extremists. http://www.ict.org.il/articles/cyberspace.htm. April, 1999. White, Col. Kenneth C..”Cyber-Terrorism: Modem Mayhem.” Carlisle Barracks,
Pennsylvania: U.S. Army War College, 1998.
61