The Internet is used as a prime recruiting tool for insurgents. Extremists use chat rooms, dedicated servers and websites, and social networking tools as propaganda machines, as a means of recruitment and organization, for training grounds, and for significant fund-raising through cybercrime. These websites and other Internet services may be run by international terrorist groups, transnational cybercrime organizations, or individual extremists. YouTube channels and Facebook pages of Taliban and Al Qaeda supporters may radicalize Western-based sympathizers, and also provide a means for communication between these “lone wolf” actors and larger organized networks of terrorists. The decentralized nature of the Internet as a medium and the associated difficulty in responding to emerging threats can match the franchised nature of terrorist organizations and operations. It is unclear how great a role the Internet plays in coordinating the efforts of a single group or strategy.
Many Arabic-language websites are said to contain coded plans for new attacks. Some reportedly give advice on how to build and operate weapons and how to pass through border checkpoints. Other news articles report that a younger generation of terrorists and extremists, such as those behind the July 2005 bombings in London, are learning new technical skills to help them avoid detection by various nations’ law enforcement computer technology.
Cybercrime has now surpassed international drug trafficking as a terrorist financing enterprise. Internet Ponzi schemes, identity theft, counterfeiting, and other types of computer fraud have been shown to yield high profits under a shroud of anonymity. According to press reports, Indonesian police officials believe the 2002 terrorist bombings in Bali were partially financed through online credit card fraud. There may be some evidence that terrorist organizations seek the ability to use the Internet itself as a weapon in an attack against critical infrastructures. Also, links between terrorist organizations and cybercriminals may show a desire to hone a resident offensive cyber capability in addition to serving as a means of procuring funds.
To some observers, the term “cyberterrorism” is inappropriate, because a widespread cyberattack may simply produce annoyances, not terror, as would a bomb, or other chemical, biological, radiological, or nuclear explosive (CBRN) weapon. However, others believe that the effects of a widespread computer network attack would be unpredictable and might cause enough economic disruption, fear, and civilian deaths to qualify as terrorism. At least two views exist for defining the term cyberterrorism as traditionally understood:
- Effects-based. Cyberterrorism exists when computer attacks result in effects that are disruptive enough to generate fear comparable to a traditional act of terrorism, even if done by criminals other than terrorists.
- Intent-based. Cyberterrorism exists when unlawful, politically-motivated computer attacks are done to intimidate or coerce a government or people to further a political objective, or to cause grave harm or severe economic damage.
- ↑ Deputy Assistant Secretary of Defense Garry Reid, in testimony before the Senate Armed Services Subcommittee on Emerging Threats and Capabilities, Hearing on U.S. Government Efforts to Counter Violent Extremism (Mar. 10, 2010).
- ↑ For an explanation of how a terrorist group is transformed and applicable U.S. policy implications, see John Rollins, Al Qaeda and Affiliates: Historical Perspective, Global Presence, and Implications for U.S. Policy (CRS Report R41070).
- ↑ Id.
- ↑ Michael Evans & Daniel McGrory, “Terrorists Trained in Western Methods Will Leave Few Clues,” London Times, July 12, 2005.
- ↑ Alan Sipress, “An Indonesian’s Prison Memoir Takes Holy War Into Cyberspace,” Wash. Post (Dec. 14, 2004).
- ↑ For more information on critical infrastructures, see Critical Infrastructures: Background, Policy, and Implementation.
- ↑ For a more in-depth discussion of the definition of cyberterrorism, see Terrorist Capabilities for Cyberattack: Overview and Policy Issues.