Cyberterrorism: What are we (not) talking about?

In 2016, according to a Gallup poll, 73% of Americans cited cyberterrorism as a leading threat to vital US interests in the next 10 years. However, what does it really mean when we deduce that there is a threat of cyberterrorism? Do we know who the terrorists hiding behind the many lines of code are? Do we really know what we are, or should be, afraid of? And whom?

The consensual, general definition, as for example expressed by Dorothy Denning in her testimony before the U.S. House of Representatives, sees cyberterrorism as ‘unlawful attacks and threats of attack against computers, networks and the information stored therein’ with the intention of intimidating or coercing a government or its people in the furtherance of political or social objectives. For an attack to constitute an act of terrorism, it must also have a serious intended effect in terms of human and economic casualties or intense fear and anxiety – terror – among citizens. And yet, the label ‘cyberterrorist’ in the political discourse has mainly been applied to actors and organisations already framed as terrorist, despite recognising that these actors have not yet carried out activities that could be labelled as cyberterrorism. At the same time, activities of the new ‘cyber age’ organisations that engage in activities that offer a better fit into the above definition, are labelled merely as ‘hacktivist’ and their activities as disruptive, rather than destructive or threatening to national security. Therefore there there is a clear dichotomy at play between the theoretical and practical approach in this search for terrorism and terrorists online.

What follows is a brief insight into some of the questions raised in a recent research paper aimed at highlighting the inconsistencies arising between, on the one hand, the process of reaching a narrow(er) consensual definition of cyberterrorism, and on the other, the framing of cyberterrorist actors, which seemingly follows a different logic.

Who are the cyberterrorists?

The political narrative being created and replicated is that there is a rise in the number of audio and video messages being published online by al-Qaeda, and that Salafist jihadi websites have grown in numbers. We are told that we should be afraid of potential Salafist jihadi autonomous cells waging an electronic Pearl Harbour against the West and the wider, liberal world order, against ‘our way of life’, in their efforts at an electronic, digital and cyber Jihad. This new major national security threat, the ‘Tier One’ security priority, and one of the greatest challenges that national security agencies will be faced with in the near future, is thus merely implanted into the frame of the existing narrative of a War on Terror, a fight against ‘Islamist terrorism’.

For this narrative to exist and replicate, the consensual definition has to be brushed off, marginalised and swamped with alarming news of the activities of these identified (cyber)terrorists groups. As a result, the above-mentioned consensual understanding of what constitutes cyberterrorism is clearly and intentionally being left slightly in the dark, while we are told that we should really be concerned with existing terrorist groups such as al-Qaeda, making use of cyberspace to communicate, spread propaganda, mine data, recruit and fundraise. In simpler terms, we should be afraid of the mere online presence of organisations labelled as terrorist for their terrorist activities in the physical world, and the spread of extremist content they engage in. We are thus encouraged to identify any act by a group labelled as terrorist, as automatically being a terrorist action, to see terrorism as inextricably tied to the organisation itself, and not as an action.

What about the definition?

Groups considered to be ‘hacktivist’, such as Anonymous, are generally left out of the debate. Since they have not been labelled as a terrorist organisation, their actions in cyberspace are not considered to be acts of cyberterrorism. This understanding is maintained despite the fact that, for example, on April 7 each year, Anonymous runs the so-called #OpIsrael, a coordinated cyber-attack, in protest against Israeli policies towards Palestinians, with the aim of ‘erasing Israel from the Internet’. They target the websites of Israeli defence forces, the prime minister’s office, banks and airlines, and in their own words – as seen in videos they post online – threaten Israel with an ‘electronic Holocaust’. And this is only one example of Anonymous’ activities in cyberspace.

The banking system has been defined as part of the national critical infrastructure by a significant number of Western states, and therefore of interest to national security. The information leaked from security services could contain either the personal data of citizens or sensitive information of relevance to national security. And yet, none of these have been framed as cyberterrorist incidents in the general political discourse. Why?

Because Anonymous is not a traditional organisation, it is not linked to a specific territory of strategic interest, it does not promote a specific religious, ethnic, or socioeconomic group in society, nor does it act on behalf of a particular state. Therefore ‘fighting’ Anonymous would not imply a need to topple a foreign regime, or ‘liberate’ a territory, a state, or its people. It does not fall into the existing narrative of fighting terrorism, and the group and its activities are therefore not labelled as such. If the ‘psychological projection of fear’ is the final attribute of cyberterrorism, is an unidentifiable actor, attacking government websites and threatening an ‘electronic Holocaust’ in a video that goes viral online not precisely what we should understand cyberterrorism to be? And why are we not afraid of this then?

What are we (not) talking about then?

It seems that it is back to the drawing board for national security thinkers and decision makers. If we are to truly erect a national security system capable of developing resources to fend off potential terrorist-attacks in cyberspace, a reference needs to be made back to the initial definitions that define terrorism as action, cyberterrorism included. In order to really know what we are speaking of when we use the term, the current political narrative on cyberterrorism needs to be deconstructed by exploring the divide between reality and discourse, breaking away from the established frames of cyberterrorist actors that are currently rather devoid of reality and developing security policies in line with actual threats and challenges, and not wider political, geostrategic interests stemming from other concepts.

To this end, members of the Global Internet Forum to Counter Terrorism, such as Facebook, Microsoft, Twitter and YouTube, have recently pledged to ‘take a hard line against terrorist or violent extremist content’ on their hosted consumer services. This is perhaps a small step, but one in the right direction in terms of branding the content, and not the action of sharing it, as terrorist/extremist. This distinction might gradually show that the political discourse could also be deconstructed in order to better conform to actual reality, and in a way characteristic of the cyber era – pioneered by the tech industry.

Guest blogger Irina Rizmal is currently completing an MSc in Security Studies at the University College London, being awarded a Chevening Scholarship, the UK government’s global scholarship programme funded by the Foreign and Commonwealth Office (FCO) and partner organisations. She previously worked as Senior Project Coordinator at the Centre for Euro-Atlantic Studies, Belgrade.

The opinions expressed in the blog post and research are the author’s own.