Myths and Realities of Cyberterrorism

Peter Flemming Visiting Research Associate And Michael Stohl Dean and Professor Office of International Programs and The Center for Education and Research in Information Assurance and Security CERIAS Purdue University West Lafayette, Indiana 47906-6207 USA

Paper prepared for the International Conference on Countering Terrorism Through Enhanced International Cooperation, 22-24 September, 2000 Courmayeur, Italy at the initiative of the International Scientific and Professional Advisory Council of the United Nations Crime Prevention and Criminal Justice Programme (ISPAC) and the Centro Nationale di Prevenzione e Difesa Sociale (CNPDS) in cooperation with the United Nations Terrorism Prevention Branch (TPB), United Nations Office for Drug Control and Crime Prevention Published in Countering Terrorism Through International Cooperation, Alex P. Schmid (ed.), ISPAC (International Scientific and Professional Advisory Council of the United Nations Crime Prevention and Criminal Justice Program), Vienna, 2001,pp: 70-105.

Portions of this work were supported by the Center for Education and Research in Information Assurance and Security, Purdue University.

Computers and Terrorism: The Evolving Nature of Terrorist Groups and the Terrorist Threat There is increasing concern that the threat of terrorism in a global environment increasingly reliant on computer networks and information technology is growing and that the very networks and information technology which have been responsible for the dramatic increases in productivity within the world economy may also carry with them even greater capacities to do harm. In this paper we argue that understanding terrorism within the new cyber environment of the twenty-first century is best enhanced by building on what we have learned about terrorists and terrorism in the previous twenty centuries. In short, we believe that the underlying principles of the terrorism behind the threat remain the same. Terrorism is a process that involves acts or threats, emotional reactions and the social effects of the acts or threats and the resultant actions. Terrorism in a cyber setting involves all of the above components within a rapidly changing technological environment which influences terrorist resources and opportunities. These changes directly affect terrorist tactics, targets and weapons and have spawned growing discussion of a new terrorist tactic called “cyber terrorism”. Our current understanding of the nature of terrorism as it relates to the cyber environment is limited by two primary factors - the relatively recent emergence of computer networks and perhaps, even more importantly the legacy of previous analyses which confuse terrorism with a wide range of other forms of violence. 1 This said, new developments in terrorism are best understood by a brief review of the nature of 1

The end result of this confusion is that careful analyses of terrorism statistics are often ignored in favor of speculative assessments. 2

terrorism and the pattern of terrorism during the past thirty years. We begin with a brief definitional discussion and then briefly describe the data set upon which we base our empirical analysis.

We then look at the empirical data through the lens of a set of

common myths which have framed much of the discussion of terrorism. With that as our foundation we then turn to a discussion of cyber terrorism. Terrorism: Definitions, Designs and Myths Definitions:2 We begin with the assertion that terrorism is an act and must be defined as such. To do otherwise confuses the issue by combining other elements of violence with this phenomenon that have no bearing on its basic identity.3 Once the nature of the act has been specified it is then acceptable to add qualifying descriptors to place it into context. For instance, "terrorism" can be "international", "domestic", "state" or "political", with

2

It is generally the case that discussions of terrorism definitions will refer to one or two major pieces that devote their primary focus to this subject. Given the breadth of terrorist research, however, the authors believe that it is infinitely more useful to direct the reader to survey a much wider range of literature to understand how definitions are employed in each case. 3

This understanding is imperative. In the introduction to the most recent State Department report (2000, 7), Patterns of Global Terrorism 1999, it is noted that:"...terrorist acts are part of a larger phenomenon of politically inspired violence, and at times the line between the two can be difficult to draw." If the act of terrorism is not clearly and easily distinguished from these other forms of "politically inspired violence" then it is pointless to employ the concept of terrorism as an analytical tool. The end result of the improper use of terrorism is that the concept assumes the identity of almost any form of violence that the analyst arbitrarily chooses to include. In the case of a report such as the one produced by the US Department of State, political considerations ultimately dictate how the tale of terrorism will be told. 3

each descriptive defining such features as participants, locale, perpetrators or motives, but the core act always remains the same. 4 The act of terrorism is special in that it combines a specific target with a wider audience. While many acts of violence target only the entity that is meant to be harmed or destroyed, terrorism is unique in that the actual target that is attacked serves as a gateway to influencing a larger and sometimes more diverse audience. Terrorism is “the purposeful act or the threat of the act of violence to create fear and/or compliant 5 behavior in a victim and/or audience of the act or threat (Stohl, 1988:3).” Within this

definition, the components of a purposeful act, violence, fear, victim and audience all contribute to the uniqueness of terrorism. 6 It is also essential to note that the immediate victims of terrorism are different from the target audience. 7 By inflicting violence on the former, terrorism influences the latter. In the following discussion this relationship will become more apparent, especially if the reality of terrorism is contrasted with its myths. Designs:

4

Terrorism can also be discussed in the context of more encompassing instances of violence such as war. See for instance Thomas Schelling’s (1966:16-17) reference to terrorism used as a diplomatic tool during wartime. 5

The US Army Field Manual 100-20, Stability and Support Operations provides a similar definition that focuses on the nature of the act. Terrorism is, “the calculated use of violence or the threat of violence to inculcate fear; intended to coerce or to intimidate governments or societies in the pursuit of goals that are generally political, religious or ideological. 6

The US Army Field Manual further states, “...terrorism is calculated. Terrorists generally know what they are doing. The selection of a target is planned and rational.....Terrorist violence is neither spontaneous nor random....[T]errorism is a psychological act conducted for its impact on an audience.” 7

See Stohl (1989:3-4) for further elaboration of this and related points. 4

The terrorism that the world has witnessed during the past three decades has been characterized by a number of clearly identifiable traits. The actual empirical record of terrorism bears only marginal resemblance to contemporary media portrayals and popular beliefs. To illustrate we present an extract of analyses of international terrorism drawn from our examination of ITERATE IV

8

, an annually updated data-set of

international terrorist events that presently covers the 1968 to 1994 period. Overall, ITERATE IV recorded 10,837 incidents of international terrorism. 9 In sum, this analysis details the who, what, when and where of international terrorism and in doing so establishes benchmarks10 from which to assess international terrorist events of the past, present and future. 11 We begin with the heart of the fear generating capacity of terrorism, the threat to life. Mention terrorism and the images that immediately come to mind are large-scale tragedies, the bombings in Oklahoma City or Moscow, or the embassies in Nairobi and Dar es Salaam, for example. However, relatively few incidents of international terrorism

8

Mickolus et al. (1999). Also see the four volumes of international terrorist chronologies compiled by Mickolus (1980, 1993) and Mickolus, Sandler and Murdock (1989a, 1989b). It is imperative to remember that the data presented in this chapter is taken from ITERATE and includes only international terrorism. Thus, domestic, as well as state terrorism are not covered. Moreover, there are other data-sets (See for instance Jaffee Center, Rand or State Department) that provide both different counts of terrorist incidents and different variables associated with the nature of the incidents. For further analysis of the various data-sets that are available see for instance Flemming (1992:131132) or Fowler (1981). 9

This is an average of 401 incidents per annum.

10

One aspect which seems especially important in this respect surrounds the question of how certain political contexts encourage or discourage terrorism. 11

See Gurr (1988) who raises several important questions related to the analysis of international terrorism data undertaken in this section. 5

end in death. The total number of recorded deaths from incidents of international terrorism from 1968-1994 was 9,65412 Most incidents (9,210, 85.5%) were fatality free. Another 876 incidents (8.1%) were characterized by a single death. In total, fatality free and single death incidents accounted for 93.6 per cent of all international terrorist incidents. In the twenty-seven year period surveyed for this study there were at least 16,854 people wounded (624/yr) by incidents of international terrorism. 13 This is an average of 1.55 individuals wounded per incident. The most victims wounded in any given year was 1,28314 in 1981. In the majority of international terrorist incidents 8,907 (82.2% of incidents), no one was wounded and in another 685 (6.3%) only one person was wounded per incident.15 Thus, big events with many deaths and injuries are in our consciousness, none or few deaths and injury free events are the “reality” for most incidents. In general, most incidents of international terrorism produced no property damage at all. Over five thousand (5,777) or 53.3 per cent of all international terrorist incidents fall within this category. The second largest category of property damage was "unknown" 12

This figure represents the total number of known deaths.

13

This is the known total of wounded. The compilers of ITERATE IV recognize that more people were wounded. This caveat applies to all counts of wounded. 14

This is an average of 2.74 wounded per incident.

15

In addition to a general count of the number of victims wounded, ITERATE IV also counts the number of foreigners, US citizens and government officials wounded. Data shows that there were 3,401 foreigners wounded or 28.18% of all victims wounded. It also shows 885 Americans wounded or .08 per incident. In relative terms this represents 5.25 per cent of all victims wounded, a much lower figure than the 29 per cent victimization rate the United States faces over all. Finally, ITERATE IV data reveal that at least 1,608 government officials were wounded or .22 per incident. 6

(3,884 incidents, 35.8%).16 Data analysis further indicates that there were 861 incidents (8.0%) resulting in "slight" damage; with 145 (1.3%) "moderate"; 86 (.8%) "high"; and 76 (.7%) "severe" damage. .

The frequency of international terrorist incidents, while punctuated by occasional

declines, nevertheless continued to grow over the 1968 to 1994 period. 17 ITERATE IV data reveal that at least

18

123 international terrorist incidents were perpetrated in 1968

and the frequency of these acts increased to 375 in 1994. The figure of 123 (1968) represents the low end for incidents, while 578 (1991) represents the high end. Overall,

16

It is difficult to establish the extent of damage caused by many incidents of international terrorism, as reporting on this outcome is often incomplete. In some cases it is probable that incidents in which only minor damage occurs (e.g. a broken window or superficial damage to an embassy wall) are not reported because they are viewed by the victim as trivial or inconsequential (Save of course when governments find a need to reiterate the seriousness of the terrorist threat to a “concerned” public.). In other cases, the dollar value of the damage is difficult to determine because of inconsistent reporting from areas such as the Third World or Eastern Bloc. In these cases damage is apparent, but little information beyond that is accessible. Finally, it should be remembered that only immediate damage is measured. The full extent of expenditures resulting from international terrorist incidents which often includes additional expenses for new or improved security measures is not considered. 17

Again, it is important to remember that the frequency and magnitude of international terrorist events are two distinct phenomena. Thus, even though some years might experience fewer incidents than other years, the severity or magnitude of the lesser number of incidents might still result in more serious consequences (e.g. casualties and damage) than the greater number of incidents. In other words, all international terrorist incidents are included in the data count whether they are simple threats of intended violence or actual major acts of violence such as assassination and suicide bombing. 18

Emphasis added. It is the opinion of the authors that more incidents could always be added to the annual counts if there was better access to information on international terrorism. Part of the overall increase in the frequency of international terrorist incidents can be explained in this respect. However, it could also be argued that if different definitions, as well as, different data coding conventions were employed by the compilers of ITERATE IV the annual counts of international terrorist incidents could also be lower. 7

ITERATE IV recorded 10,837 incidents of international terrorism. 19 In terms of the highest frequency of incidents 1991 (578 incidents) ranked first followed by 1993 (552) and 1986 (533). The lowest frequency of incidents occurred in 1968 (123 incidents), 1969 (179) and 1978 (290). When viewed at the State level of analysis ITERATE IV data reveals that a handful of states served as the locale for the majority of international terrorism. Simply stated, half of all international terrorism was concentrated in just thirteen states. Lebanon topped the list of states with 850 (31.48 incidents/year.) incidents of international terrorism, followed by the United States with 678 (25.11/year.) and West Germany/Germany 20 with 604 (23.39/year.). Other important states in this respect were: France with 578 incidents (21.41/year.); the United Kingdom (567: 21/year.); Greece (387: 14.33/year.); Argentina (385: 14.26 year.); Italy (366: 13.56/year.); Turkey (290: 10.92/year); the Philippines (283:11.79/year); Colombia (272:10.07/year); Peru (272:10.07/ year) and Spain (269: 9.96/year.). Perhaps even more impressive is the fact that the top four states of Lebanon, the United States, West Germany/Germany and France were the site of onequarter of all international terrorism perpetrated between 1968 and 1994. Despite a relatively high frequency of international terrorist incidents in the United States (678) the majority (93.9%) did not produce fatalities or major property damage.

19

This is an average of 401 incidents per annum.

20

ITERATE IV counts West Germany and then Germany after the fall of the Berlin Wall as the same entity. 8

Figures from ITERATE IV show 92 victims killed over a twenty-seven year time span. 21 Property damage occurred in 56.7 per cent of the incidents. In addition to the American citizens whom experienced the bulk of the victimization (39.6% of all international incidents in the US), other states that were regularly victimized included the Soviet Union (7.5%); Cuba (5.6%); Iran (2.5%); Yugoslavia (2.4%); and Mexico (2.4%).22 In total, 90 states were victimized at one time or another. The most frequent type of immediate victims were foreign diplomats (31.5% of incidents); corporation officials (26.6%); and private parties (21.4%), while property was attacked almost four times as often as people. In terms of types of incidents, bombings accounted for slightly more than half (50.5%)23, followed by threats (13.4%). The logistical success rate for all international terrorist incidents in the United States from 1968 to 1994 was 69.3 per cent. And most (77%) of the international terrorist incidents in the United States were perpetrated by just eight groups, four of which were Cuban (Omega-7, El Poder Cubano, Secret Cuban Government, indeterminate anti-Castro Cubans (with no definitive names), three Puerto Rican (FALN, MIRA and indeterminate Puerto Ricans) and one Jewish (Jewish Defense League) in origin. 24

21

3.4 fatalities per annum. This is a major contrast to domestic terrorism where fatalities generated by a single event (the bombing of the Alfred P. Murrah building easily eclipses all fatalities recorded in a twenty-seven year span of international terrorism. 22

The nationality of the victims is clearly indicative of the international political climate of the time (i.e. the Cold War) and the persistence of other regional concerns in Cuba and Puerto Rico. 23

This total is 63.9% if incendiary attacks and arson are included.

24

The origin of these groups is logical given their close geographic proximity to the United States and the nature of their political struggles, all of which routinely involved American foreign policy. It is perhaps, more important to note, however, that these groups were not part of what would be considered a “leftist” or “Arab” inspired threat that regularly 9

At the other end of the spectrum, a majority of states remained relatively free of international terrorism. Twenty states25 recorded a single event of international terrorism each over the twenty-four year period surveyed. Eleven states26 were the site of two incidents each and another eleven states27 experienced just three incidents each. In fact, ninety-seven states experienced less than one incident of international terrorism per year; eighteen states greater than one, but less than two; and forty-four states two or more incidents per year. In other words, 115 of 159, or seventy-two per cent of the states examined witnessed less than one incident of terrorism per year on their home soil. An even more specific analysis of the location of international terrorism involves the examination of the scene where terrorist incidents occur. Certain locations are dominated American treatments of terrorism during that time period. Statistics (US State Department, 2000) show no incidents of international terrorism perpetrated on American soil during 1999, however, one individual with suspected ties to Usama Bin Ladin was arrested at the Canada - US border. In the 1980s Smith and Damphousse (1998:135137) have documented an increase in domestic and a decrease in international terrorism. For further information on domestic terrorism in the United States see reports such as the FBI Analysis of Terrorist Incidents in the United States (various years); Terrorism in America: Pipe Bombs and Pipe Dreams (Smith, 1994); “Two Decades of Terror: Characteristics, Trends and Prospects for the Future of American Terrorism” (Smith and Damphousse, 1998); and “False Patriots: The Threat of Antigovernment Extremists” (Southern Poverty Law Center, 1996). These and other recent studies chronicling domestic terrorism in the United States point to a future threat of terrorist violence from “right-wing”, religious and “single-issue” groups. This development has important implications for the future of terrorism/computer networks and will be dealt with in the second section of the present study. 25

These states are: Antigua, Armenia, Azores, Cabinda, Dominica, Falkland Islands, Equatorial Guinea, Gibraltar, Grenada, Mali, Malawi, Muscat and Oman, Qatar, Seychelles, Sierra Leone, Solomon Islands, South Yemen - PDRY, Vietnam, West Indies Federation and Zanzibar. 26

These states are: Bahamas, Burkina Faso, Congo, Estonia, Guyana, Ghana, Iceland, Latvia, Martinique, Mauritania and Scotland. 27

These states are: Albania, Bahrain, Bulgaria, Cameroun, Central African Republic, Eritrea, Guadeloupe, Kurdistan, New Caledonia, Senegal, and The Ukraine. 10

favored over others with the most frequent one being the office or place of employment of the victim. Over four thousand (4,088, 37.7% of total incidents) incidents of international terrorism were perpetrated at this scene. The second most common scene of international terrorism is the non-residential/non-vocational site of the victim. This type of scene includes street corners, markets, theaters, taverns and hotels. There were 2,023

(18.7%) incidents of international terrorism perpetrated at this scene. Less

frequent scenes of international terrorism were the homes of victims (1,024 incidents, 9.6%), vehicles (988, 9.1%), aircraft (632, 5.8%), embarkation areas (169, 1.6%), ships (150, 1.4%) and trains (53, .5%). Another 1,692 incidents (15.6%) were coded as having occurred at "other" scenes or as missing. An analysis of this variable reveals that the primary nature of victim targeted during international terrorist incidents for the 1968-1994 period was property. Over four thousand (4,364) incidents or slightly more than forty per cent (41.58%) of the total were directed at this type of target. People were targeted on 3,608 (34.3%) occasions and a combination of people and property was targeted another 2,537 (24.1%) times.28 During the twenty-seven years surveyed property proved the favorite target of international terrorists for seventeen years, while people were favored for nine years and a combination of the two for one year.29

28

Due to missing data, specific targets were identified for only 10,513 of the 10,837 incidents. 29

In 1991, property was targeted in 69.7% of all international terrorist incidents and in 1977 people were targeted 63.5% of the time. 11

Still another approach to comprehending the nature of international terrorism is to investigate which type of immediate victim30 is regularly subjected to terrorist targeting. ITERATE IV classifies immediate victims as follows: host government officials31; foreign diplomats or official nonmilitary; host government military; foreign military; corporation officials; prominent opinion leaders; private parties, including tourists, missionaries and students; and suspected terrorists.32 Data analysis of the immediate victim variable shows that foreign diplomats or official nonmilitary clearly ranked as the most frequently targeted type of immediate victim. Over thirty (31.1%) per cent or 3,193 incidents of international terrorism were directed at foreign diplomats or official nonmilitary between 1968 and 1994. Foreign diplomats or official non-military were also the most frequently targeted immediate victims in fourteen different years. Other types of immediate victim in order of frequency of victimization included: corporation officials (2,256 incidents, 21.9%)33; foreign military

30

Immediate victims are those victims that are directly affected by terrorist incidents. Generally speaking, it is these targets that bear the brunt of and come into direct contact with terrorist violence. Most terrorist acts, however, also have a wider target audience. Although this audience falls outside of the direct terrorist violence, it is nevertheless influenced by the fact that the violence visited on the immediate victim might one day be directed specifically at it. Immediate victims are relatively easy to identify by virtue of their close association to terrorist incidents. Wider target audiences are more difficult to discern are thus, not incorporated into the ITERATE IV data set. They must, however, not be dismissed as irrelevant if the true nature of terrorism is to be fully understood. 31

The host government is the government from the state in which the international terrorist incident begins. 32

When property rather than individuals is attacked, the type of property determines how the immediate victim will be coded. When an incident is directed at an embassy, for instance, the immediate victim is coded as diplomatic. If a corporate head office is involved, the immediate victim will be coded as a corporation official. 33

Corporations were the favored target in three years, from 1974 to 1976. 12

(854, 8.3%); prominent opinion leaders (375, 3.6%); host government officials (343, 3.3%); suspected terrorists 215 (2.1%); and host government military (152, 1.4%). The analytic approach used above presents a somewhat different picture of which type of victim is most likely to experience international terrorism directly. Although diplomats (one type of authority figure) when treated as a distinct class are the most often targeted type of immediate victims, non-government groups counted in aggregate are the immediate victims of international terrorism more often. Thus, in aggregate terms private parties represent the most regularly targeted group by international terrorists. The ITERATE IV data suggest a minority of terrorist groups engaged in a majority of international terrorist activity, while a majority of terrorist groups engaged in relatively few incidents. Only seventeen terrorist groups perpetrated an average of two or more (54) incidents of international terrorism per year. Nineteen groups were responsible for more than one, but less than two incidents and 1,127 groups were responsible for less than one incident per year. Nearly one-half of all groups engaged in only a single event. Finally, the groups most frequently involved in international terrorism are similar in that they are characterized by relatively well-defined political agendas34 and supportive political constituencies.35 In short, terrorist groups that are marked by longevity and

34

These generally have their roots in national (irridentist, secessionist, anti-colonial movements) or religious (fundamentalist) identities and are not as likely to emanate from purely ideological (Marxist, Maoist) motivations. 35

Every group needs outside support to survive. Nationalist groups for instance represent larger constituencies that they hope to share their political gains with following successful terrorist campaigns. Ideologically motivated groups also rely on supporters who subscribe to the same political beliefs. The more successful terrorist groups such as the Provisional Wing of the Irish Republican Army have been able to develop, maintain and use their supporters to further their own operations. See Jeffrey A. Sluka’s (1989) Hearts and Minds, Water and Fish: Support For the IRA and INLA in a Northern Irish Ghetto. 13

sufficient resources to operate on a regular basis represent the greatest source of international terrorism. With this brief introduction to the data of international terrorism, let us turn to a brief analysis of seven myths that dominate the popular (and often official political) conceptualization of terrorism. At least three myths routinely characterize explanations of the processes of terrorism. Myths which monopolize thinking in this area are: - Myth One: Terrorism is random and lacks specific direction. - Myth Two: Terrorism knows and respects no boundaries. - Myth Three: Terrorism is synonymous with massive death and destruction. Other myths which focus on the origins, motivations, perpetrators and goals of terrorism and also have implication for our understanding of terrorism, computers and computer networks include: - Myth Four: Terrorism is the exclusive activity of non-governmental actors and its purpose is to create chaos.36 - Myth Five: All terrorists are madmen or criminals.37 - Myth Six: Governments always oppose non-governmental terrorism. - Myth Seven: The source of contemporary political terrorism may be found in the evil of one or two major actors (the devil made me do it!).38

36

Although the present essay deals almost exclusively with the use of terrorism by nonstate actors the authors are positively aware of the significance of state actors in the terrorism equation. 37

This is a condensation of Stohl’s (1988) second and third myths, the purpose of which is to illustrate how terrorist organizations can be easily vilified and denied any legitimacy. 38

See Stohl (1988:7-23) for a list of ten myths of contemporary political terrorism. 14

Each of these myths will be dealt with in the context of providing a framework from which the changing nature of the terrorist threat can be assessed. Myths Myth One: Terrorism is random and lacks specific direction. To the innocent bystander caught in the crossfire or explosion connected to a terrorist incident there is no doubt that the incident and his/her victimization is random and hence even more terrifying. However, the reality of terrorism is that it is purposeful and involves selectivity in its execution. Confirmation of this assertion can be found in further analysis of the events based data of the patterns of both the theater of operations and targeting of international terrorism introduced above. These reveal a distinctive set of patterns which suggest that factors such as environment and terrorist group composition play significant roles in the nature of the terrorism that transpires. More specifically, terrorist groups develop their modus operandi based on where they originate, who supports them, who their enemies are, what their likelihood of success will be and a host of other tactical and strategic considerations. For example, nationalist/ethnic based terrorist groups clearly have developed primary spheres of operation and in general focus their attention on specific targets related to their goals. For instance, the Provisional wing of the Irish Republican Army, while crossing borders for some of their operations, operated primarily in the United Kingdom and against UK targets abroad and it is highly unlikely that it would operate in the Middle East or Latin America39, nor is it likely for this group to attack Israel or Israeli

39

The PIRA has operated in at least eleven states, however, none have been in the Middle East (save for one documented arms smuggling operation that originated in Libya) or Latin America. 15

related targets.40 By the same token it is unlikely to see the Black September Organization attack the British Royal Family.41 Such terrorist groups engage in terrorist activity for a predetermined political purpose and their goals are not furthered by random attacks which the public (their audience) cannot interpret.42 Although the last three decades have witnessed thousands of international terrorist incidents they have more often than not been of a deliberate rather than random nature. Myth Two: Terrorism knows and respects no boundaries. The assumption that terrorism knows and respects no boundaries flows from the same base that perpetuates the myth that terrorism is random and indiscriminate. Yet, much of the statistical analysis presented in the previous discussion points to identifiable limits within the realm of terrorist violence. While it is correct to suggest that the entire international system has experienced international terrorism at one time or another, it is more accurate to argue that a relatively small group of states are the constant targets of

40

To date incidents involving the PIRA have involved victims from ten states, none of which include Israel. It is unknown if it was the intention of the PIRA to involve all ten states, or some victims were simply “in the wrong place at the wrong time” (e.g. in a public place at the time of a bombing.). 41

The BSO has attacked victims from at least fifteen states, but has only once targeted British tourists in Greece. The BSO has also operated in the United Kingdom twice, once against a Jordanian and once against an Israeli target. 42

Even in cases where terrorists attacks appear to move beyond the limits of other forms of legitimate (?) violence (e.g. women, children, the elderly and infirm should be spared) they are not necessarily indiscriminate or random. This point can be made by examining the 1985 attacks against the Rome and Vienna airports. “The terrorists did not fire indiscriminately in their assaults. They wanted to make sure that children were included among the victims. They succeeded in killing an eleven-year-old girl...” (Simon, 1994:196). The rationale behind this tactic was explained in a note carried by the lone surviving terrorist of the Rome attack. In short, the terrorist goal was to “violate” every aspect of the victims including their children. (Simon, 1994:196). Despite the horrific nature of these attacks there were no random victims. 16

international terrorism while the vast majority reside on the periphery of this violence. Empirical evidence that over half of all international terrorism has been perpetrated in just thirteen states and less than seven states account for over fifty per cent of all victimization indicates the reality of terrorism. Further evidence also suggests that the majority of terrorist acts are not characterized by the large-scale wanton killing and destruction that is so often assumed The evidence presented in the statistical analysis provides only a partial explanation of why terrorist violence should be treated as a structured phenomenon. Because terrorism can conceivably cover a full spectrum of violence from non-lethal threats, to simple destruction of property, to mass loss of life, there is considerable room for interpretation about its nature. Instead of relying on this conceptualization as the sole standard for judging terrorist violence, it is more helpful to place individual terrorist acts in the context of larger terrorist campaigns.43 The end result of establishing the dynamics of terrorism is that it is then possible to identify the parameters of violence within which terrorists generally engage. The second part of the explanation challenging Myth Two centers on understanding terrorist groups as rational actors. In order to achieve their goals (regardless of how irrational the goals might appear to outsiders), terrorist groups must engage in some level of rational behavior. To do otherwise would compromise the very existence of the group. Groups that focus all their efforts on wild forays into violence characterized by mass killing are not likely to survive for a number of reasons. Most

43

It would probably also be helpful to review terrorism in relation to other forms of violence. International or civil war also spans a wide spectrum of violence, but is seldom portrayed in the same fashion as terrorism. 17

terrorist groups need the support of wider constituencies in order to survive. This support is generally not forthcoming if terrorist incidents are deemed “too violent” or beyond the accepted limits of the constituency. While many constituencies will support violence against government officials, soldiers and others seen as representing the “occupiers” or “”repressors,” it is difficult for most groups to sustain the support of their “constituencies” for acts of terror against “innocent” civilian populations, particularly if there are widespread civilian victims. Terrorist groups must also deal with a heightened state response to particularly violent acts. Bombs placed outside of protective embassy walls do not elicit the same pressure for counter-terrorist response as bombs placed on airliners. Finally, terrorist groups must reconcile their use of violence with their own ideologies. If terrorist groups are to survive and thrive careful attention must be paid to the exact nature of their terrorist campaigns. Clearly, there are well-defined limits in this respect. Thus, terrorism is purposeful and this is reflected in the pattern of terrorist violence. Myth Three: Terrorism is synonymous with massive death and destruction. Despite its vicious notoriety, the data indicates that international terrorism results in less than one fatality per incident and over ninety per cent of the incidents have not resulted in the death of any victims. There are also relatively few “high end” incidents such as the bombing of airliners. In fact, there were only twenty-one bombings of airliners over a twenty-seven year period and only twelve resulted in the deaths of more than twenty people. 44 While these types of incident do indeed occur, they are the

44

This is not meant to argue that 20 or less deaths is insignificant, but rather to place the extent of incidents of mass fatalities in their proper context. The ten most lethal incidents of international terrorism (with dates and fatalities) are as follows: 1. June 23, 1985. The 18

exception rather than the rule. The mainstay of terrorism to date has been a combination of threatened violence with an assortment of other violent acts that have produced proportionally more fear than death or destruction. Myth Four: Terrorism is the exclusive activity of non-governmental actors and its purpose is to create chaos. The reasoning behind this myth is that small non-state (and perhaps irrational) actors are the sole force behind terrorism. If this assumption is true, it follows that given their relatively small stature vis-a-vis states relegates them to disturbing the peace without realistically establishing any counter-order. While it is clearly true that a primary purpose of terrorism, as practiced by challengers to governmental authority, is the production of chaos, to demonstrate the inability of the regime to govern it is also a reality of terrorism is that it is regularly employed by states to enforce order. This phenomenon occurs in many states and is noted at several stages of states’ political development.45 In each case, it is the production of order, not chaos that the relevant terrorists strive for.

bombing of Air India Flight 182 off the coast of Ireland - 329 dead; 2. August 7, 1998. The bombing of the American Embassy in Nairobi, Kenya - 291 dead; 3. December 21, 1988. The bombing of Pan Am Flight 103 over Lockerbie, Scotland - 273 dead; 4. September 19, 1989. The bombing of UTA Flight 772 over Niger - 171 dead; 5. August 13, 1978. The bombing of an apartment building in Beirut, Lebanon - 161 dead; 6. November 30, 1987. The bombing of Korean Airlines Flight 858 over South East Asia 115 dead; 7. September 23, 1983. The bombing of an Emirates Boeing 737 near Dubai 111 dead; 8. November 27, 1989. The bombing of Avianca Flight 203 over Colombia 110 dead; 8. August 27, 1981. The sabotage of a Far Eastern Air transport near Taiwan - 110 dead; and 10. December 4, 1977. The hijacking and crash of a Malaysian Airlines System Boeing 737 - 100 dead. 45

Early examples suggested by Gross (1957:113) include notable instances such as the Spanish Inquisition directed by the Catholic Church and the use of the guillotine by the Jacobins during the French Revolution. 19

The choice of limiting analyses of terrorism to non-governmental actors is clearly problematic if a true accounting of terrorist perpetrators is to be achieved. Terrorism

is

routinely used by regimes to maintain and strengthen political control. 46 In particular, one can readily point to the widespread use of “state terror” (for purposes of political control) in most of the world during some part of the twentieth century. From the totalitarian regimes of Europe during the twenties, thirties and forties, to the single party dictatorships of Africa and Asia and the Middle East in the post colonial period to the former states of the Soviet Union and its allies to the “authoritarian” regimes of Latin America the use of state terror has been routine. States have also repeatedly employed terrorism in time of war47 and even in times of peace. 48 The realization that state actors engage in terrorism is not only important if all terrorist activity is to be accurately documented, it is imperative if future perpetrators are to be readily identified and understood. It is also arguable that states are far more capable of successfully employing terror tactics than are insurgents. With the advent of terrorism involving computer networks it is unrealistic to believe that only non-state actors will use the cyber environment as a new arena of terrorism. State actors will continue to have significant 46

: “[T]he term “terror” first developed in response to the systematic employment of violence and the guillotine by the Jacobin and Thermidorian regimes in France.” There are many more historical and contemporary examples of the use of terrorism by state actors (see Stohl 1988:8). 47

One contemporary example is the 1999 NATO bombing campaign against Serbia which sought to terrorize both the Serbian Government and people into abandoning the Serbian province of Kosovo. An earlier example is the 1972 Christmas bombings of Hanoi by the American Government designed to coerce the North Vietnamese into reopening negotiations with the United States. 48

The covert operations of the American Central Intelligence Agency and the Israeli Mossad are but two examples of states using terrorism in pursuit of their own political interests. 20

opportunities49 to combine terrorist tactics and computers in any number of different forms in their quest to achieve political objectives. Myth Five: All terrorists are madmen or criminals.50 The assumption that all terrorists are madmen or criminals in its simplest form is a myth that is promoted by states so as to deny political legitimacy to terrorist actors or their goals. At one level the myth maintains that, “only madmen would resort to many of the actions that terrorists have undertaken.” This view, which is common in Western media and governmental circles, allows observers the easy opportunity to reduce political actors, actions and problems to psychological ones, the end result of which denies that terrorists and their violent behavior is anything but rational. 51 The notion that terrorists are by definition criminals is true in terms of the legal code but not necessarily helpful beyond that. As a millennium’s worth of fans has demonstrated, the Sheriff of Nottingham’s insistence that Robin Hood was a thief and a common criminal has done nothing to dissuade the populations that have cheered Robin Hood’s escapades that he was a hero. Instead of recognizing that many acts of terrorism have a basis in a particular political struggle and must be evaluated and most importantly from a government, law enforcement perspective, responded to in terms of that struggle,

49

It could also be argued that given their resources, state actors have a distinct advantage over non-state actors in terms of the scope and intensity of the terrorism they are able to perpetrate employing or targeting computers. 50

“Madmen” and “criminals” are easily interchanged with other labels such as “Marxist”, “Maoist”, “Leninist”, “Rightist” and “Fascist”. 51

A history of extended, politically motivated and well-planned international terrorist campaigns would seem to suggest otherwise. At the very least, one might argue that some very sophisticated madmen must be behind the last three decades of international terrorism. 21

acceptance of the myth confuses enforcement of the criminal code with the appropriate political response. Within this school of thought, all terrorist activity is criminal and can be dealt with accordingly.52 It is rare for terrorist acts to result in any identifiable criminal gain. 53 However, groups which have been labeled as terrorist groups have engaged in what are clearly “criminal” acts simply to generate funds for their operations. Such acts should not be confused with terrorism as their purpose have nothing to do with creating fear and/or compliant behavior in terms of the political system. The terrorist threat 54

whether viewed as great or small is not limited to the designs of madmen and criminals.

In a new era where terrorism and computers/ computer networks have the potential to become increasingly intertwined, the need to distinguish between cyber criminals/crime and cyber terrorists/ terrorism is critical. 55 Myth Six: Governments always oppose non-governmental terrorism.

52

In some cases, the acceptance of terrorism as simply another form of crime allows the state to adopt new and potentially repressive measures to deal with a type of crime that cannot be easily contained by existing legal apparatus. 53

In this instance, criminal gain is regarded as encompassing some form of financial reward. The majority of terrorist assassinations, bombings and threats have political, but no criminal components. They are intended for symbolic purposes without accompanying financial gain. Although some hijackings and kidnappings involve ransom demands, these are traditionally part of a larger package of demands which also include the publication of political manifestos, release of political prisoners or other imprisoned terrorists and safe passage or political amnesty. These incidents are also a demonstration to larger audiences of the inability of governments to adequately protect their own citizens. 54

Treating terrorists as criminals merely trivializes the problem and ignores the fact that the solution to stopping terrorist violence lacks a “convenient” solution (see Stohl 1989:13). 55

This issue and related points will be addressed in greater detail in the following section. 22

The myth that states: “Governments always oppose non-governmental terrorism,” can be easily corrected by adding the simple contextual addendum, “when they find it politically expedient.” Although states have traditionally been considered as “society’s neutral conflict manager,” a more accurate view treats them as interested parties. In this conceptualization the role of states as keepers of order is expanded to include instances where non-state actors have acted with a state’s political interests in mind. In other words, there are circumstances where the terrorist activity of non-state actors is accepted as order rather than chaos inducing. One prominent example of state support for nongovernmental terrorism is found in the relationship between certain states and vigilante groups engaged in domestic terrorism. When vigilante groups seek to assist the established government in the maintenance of order they are not only tolerated, but encouraged by governments, for example, both the Argentine and Brazilian governments resorted to supporting domestic, non-state terrorist groups during the 1970s56 with the intent of achieving greater political control within their own borders. State support for nongovernmental terrorism also extends to the international arena. Again, there are instances where the terrorism of non-state entities coincides with the national interests of sovereign states. State support in this respect generally depends on a cost-benefit analysis that calculates the benefit thought possible from the desired outcome, the believed probability with which the action will bring about the desired state of affairs and the believed probable cost of engaging in the action. International non-state

56

The groups in question are the Anti Communist Alliance (AAA) (Argentina) and the Esquadro de Morte (Brazil). 23

terrorism supported by states is an example of surrogate terror. More specifically, this terrorism appears as: 1) State-supported terrorism: An occurrence where the initial terrorist actions of third parties are subsequently supported by interested states; or 2) State acquiescence: Instances where the terrorist activity of non-state actors is tacitly approved or at least not condemned; 57 In both of the above cases the actions of states are at odds with the myth that these actors always oppose state terrorism. This reality is also in direct contrast with another widely held belief that terrorism is a weapon of the weak. Even the most powerful states have found that support for non-state terrorism serves a purpose in international relations. The United States government has indicated great concern with the possibilities of state support for non-state terrorism involving computers/computer networks. Myth Seven: The source of contemporary political terrorism may be found in the evil of one or two major actors (the devil made me do it!). The political expediency of the final myth of terrorism is best explained by reviewing each of the six previously discussed myths which all demonstrate the essential flaw of highlighting the importance of actor over action. The ability to equate the horrors of terrorism with the newly defined satanic character of the state or group engaged in it creates a powerful tool in the arena of international public opinion58 and also enables us

57

State acquiescence involves the minimal use of state resources, but is also subject to little control on the part of the acquiescing state (See Stohl 1988:183). 58

Evidence of this situation can be found in the public American scolding of the Soviet involvement in training, funding and equipping international terrorists (Stohl, 1988:20). 24

to ignore the potential sources of political cause for the acts which we rightly condemn. The nature of terrorism as abhorrent as it may be has not precluded its use by a wide spectrum of actors. When the tool is successfully employed, the evil of the state in question grows to mythical proportions and it can be held responsible for all wrongs without addressing the potential legitimacy of the political grievances which led to the abhorrent act. In addition to the Soviets, world leaders (Muammar Quaddafi, the Ayatollah Khomeini) and other terrorist personages (Abu Nidal, Yasir Arafat and Usama Bin Ladin) were all elevated to devil status and given far more “credit” for the perpetrating of terrorist acts than the record indicates they had responsibility.59 More recently the concept of Rogue State (recently banished from the State Department Lexicon) was adopted. The persistence of the “Devil Theories of Terrorism” myth is, unfortunately, not merely a concern for terrorism analysts, commentators and the casual observer. Governmental authorities who have embraced the myth continue to perpetuate it for their own interests which permits greater freedom to pursue policies that have much to do with foreign policy interests, but little to do with terrorism abatement 60. This said, the 59

See Chomsky’s (1986) Pirates and Emperors: International Terrorism in the Real World for some insightful and provocative (for those who accept terrorism myths) analysis of how the pejorative use of terrorism terminology and the demonization of certain actors works. 60

Perhaps the most obvious example is the American air attack (El Dorado Canyon) against Libyan targets on April 14, 1986, a mere nine days after the terrorist bombing of the La Belle discotheque in West Berlin. By linking Libya (a state) to the bombing, the United States was able to point to a substantive target and thus engage in swift retaliation. The identification of state actors as terrorist perpetrators offers the international community the opportunity to respond to international terrorism by means of established international law. The added attraction of punishing a satanic source of terrorism makes this type of foreign policy response all the more attractive (see Stohl, 1987: 166-67). 25

future analysis of terrorism in the cyber environment must critically assess all origins and sources of terrorism. If the myth of satanic actors persists into the next generation of terrorism many opportunities for countering the phenomenon will be lost. All of the myths outlined above inhibit clear thinking on the subject of terrorism and are equally important in terms of understanding terrorism of that is of both conventional and cyber in nature. In light of the relative newness of terrorism and computers a comparison of the relationship between the seven myths and the reality of conventional terrorism, combined with a hypothesized view of the reality of cyber terrorism is in order. These points are illustrated in Table 1.1.Table 1.1: Terrorism Myths, Conventional Terrorism and Cyber Terrorism Myth 1.Terrorism is Random and lacks specific direction.

Conventional Reality

Hypothesized Cyber Reality Cyber terrorism will continue Terrorism has a specific purpose and is driven by well to be marked with purposeful defined goals. The often forays of terrorist threats symbolic nature of terrorist and violence into the cyber violence tends to exacerbate environment. The ever increasing public access to views of its irrational and awareness of this reputation. environment adds significant potential for creating a new breed of terrorist monsters.

26

In the world of cyber terrorism, terrorists will continue to pick and choose their enemies and targets. While average citizens are not likely to directly experience future violence, they are more likely to become more aware and in some form feel threatened by it. Although major terrorist groups remain cognizant of their constituencies, emerging groups may find room for experimentation within the new environment and expand the boundaries of terrorism. The nature of cyber 3. Terrorism is synonymous Terrorism is not nearly as terrorism is best described destructive or fatal as it is with massive death and by the introduction of a new often portrayed. Events destruction. operating environment that involving massive fatalities brings with it new modes of and destruction are the terrorist operation. There are exception rather than the rule. The perceived nature of no compelling reasons to terrorism is far more suggest that this unpleasant than its real one. development will Both terrorist groups and automatically signal a governments have exploited change in the fundamentals this myth to their own of terrorist behavior. advantage. Terrorists have always had the ability to perpetrate acts of mass destruction, but have chosen not to do so. Cyber terrorism certainly offers new means to accomplish these feats, but little in the way of heightened motivation to carry them out. 2.Terrorism knows and respects no boundaries.

The history of conventional terrorism has generally been marked by carefully planned terrorist campaigns. The “scourge” of international terrorism has had little impact on the majority of individuals beyond inciting unfounded fears. Successful terrorist groups understand the importance of serving their supporting constituencies and avoid alienating them with unnecessary acts of violence.

27

The belief that only insurgent Both insurgents and states will carve the own niche in non-state groups resort to the arena of cyber terrorism. terrorism has not only compromised awareness of There is every indication that the perpetrators of governments will find cyber terrorism, it has also led to terrorism offers a less inadequate counterconspicuous means of terrorism policy. Terrorism is engaging in terrorism (an a form of violence used by important consideration given both state (governments) international condemnation of and non-state (insurgent) human rights abuses). The actors. The nature of purpose of terrorism is terrorism remains the same obviously different from the regardless of its source. The nature of terrorism. purpose of terrorism used by Terrorism serves many purposes and masters. states is the production of Terrorists will exploit new order. Although this notion seems to run counter to the forms of technology within the cyber environment and contemporary view of the do so with many goals in terrorism - insurgency mind. chaos equation, it is, nevertheless, an important reality. The essence of terrorism remains the same in either case. Only its goals are different. 5. All terrorists are madmen Terrorists emerge from a In the world of cyber or criminals wide range of economic, terrorism, terrorist groups historical, political and social with clearly identifiable conditions. Terrorists can be political agendas will madmen or criminals, but the continue to dominate. Even terrorist campaigns oriented true threat of terrorism emanates from a much more around single issues will be complex set of evident. The work of circumstances. madmen and criminals has little to do with cyber terrorism other than to confuse the true origins of this new form of terrorism. 4. Terrorism is the exclusive activity of non-governmental actors and the purpose of terrorism is the production of chaos

28

6. Governments always oppose non-governmental terrorism.

7. The source of contemporary political terrorism may be found in the evil of one or two major actors (the devil made me do it!)

Governments often find it useful to support nongovernmental terrorists. Support can take a number of different forms and the terrorism itself can be either domestic or international. While terrorism is mistakenly interpreted as the weapon of the weak, major players also support and engage in it.

Cyber terrorists will be supported by states in the same fashion that conventional terrorists are. As long as governments believe that the actions of cyber terrorists are to their own advantage they will support them. If states are falsely lulled into believing that the origins of cyber terrorism are less detectable than those of conventional terrorism, there is a possibility that this calculation will figure in decisions of future support. The repeated identification of In the beginning, the term only certain devil or satanic “cyber terrorist” will be used groups as the source of pejoratively. Cyber terrorism, terrorism is a political will be treated as the worst exercise that has little form of terrorism as it is new bearing in reality. Terrorists and its nature remains are not only “leftist”, or relatively unknown. “Arab” or even “fascist”. Undoubtedly it will be used in They have many origins and concert with other terms can not be properly dealt such as “Muslim with by simply focusing Fundamentalist,” making it attention on the most even more threatening. Evil “disliked” groups. Terrorism actors will be portrayed as is not about labels, but cyber terrorists and vice rather about violent versa. Any confusion of who processes related to is responsible for terrorism economic, political and social will be heightened especially problems. On the other side if myths of cyber terrorism of the coin, however, promote notions that it is terrorism portrayals even more mysterious than (especially those by conventional terrorism. Devil governments), are frequently actors and cyber terrorism linked to the use of labels for seem likely to go hand in purposes of demonization. hand.

29

Computers and Terrorism: Linking the Past with the Future Definitions:61 Despite the use of the term “cyber terrorism” as a new and distinct form of terrorism, it is more properly defined as new terrorist tactic.62 The nature of cyber terrorism is governed by the very principles that underpin all terrorism. To reiterate the thrust of our earlier argument terrorism involves a clearly defined process, not simply a random act of violence perpetrated by an enemy or other despised entity. Cyber terrorism by its very title is terrorism that involves a cyber component. As such, it is essentially the same as any other terrorism. Cyber terrorism is however, unique from other terrorist tactics in that it does not exist beyond its intimate relationship with computers. Barry Collins (White, 1998:3), who is said to have coined the term defines cyber terrorism as “the intentional abuse of a digital information system, network, or component toward an end that supports or facilitates a terrorist campaign or action.” Two further definitions of cyber terrorism have been advanced by Dorothy Denning and Rod Stark. Denning (2000:10) argues that: Cyberterrorism is the convergence of terrorism and cyberspace. It is generally understood to mean unlawful attacks against computers, networks and the information stored therein when done to intimidate or coerce a government or its people in furtherance of political or social 61

To date, there has been no attempt to catalogue definitions of cyber terrorism in the same manner in which definitions of conventional terrorism are dealt with. 62

The question of exactly how cyber terrorism differs from conventional terrorism has been addressed by John F. Murphy (1999:3-4) who asks, “does the prospect of computer network attacks by terrorists constitute something “really different,” or does it amount only to a new technique of attack for terrorists raising no new issues of law and policy? The answer, it appears, is that the possibility of computer network attacks does raise some new issues, although many of the old conundrums still pertain.” 30

objectives....[A]n attack should result in violence against persons or property, or at least cause enough harm to generate fear.63 Stark (1999:8-9) submits a definition similar to Denning’s in that it attempts to capture both the conventional and cyber aspects of cyber terrorism. He writes: [C]yber-terrorism is defined as the purposeful or threatened use of politically, socially, economically or religiously motivated cyber warfare or cyber-targeted violence, conducted by a non-state or state-sponsored group for the purposes of creating fear, anxiety, and panic in the target population, and the disruption of military and civilian assets.64 Stark (199:9) also explains that it is the target that defines the nature of cyber terrorism. In other words, cyber terrorism involves any attack against information systems and does not necessarily have to involve the use of computers to do so. We have chosen to define cyber terrorism as any act of terrorism that uses information systems or digital technology (computers or computer networks) as either an instrument or target 65. Once again, qualifying descriptors can be used to place cyber terrorism into more specific contexts. "Cyber terrorism" can be "international",

63

Denning (2000:1) suggests that examples of cyber terrorism would include those incidents that result in casualties, property damage or “severe economic loss.” “Serious attacks against critical infrastructures could be acts of cyberterrorism, depending on their impact. Attacks that disrupt nonessential services or that are mainly a costly nuisance would not.” 64

Stark (1999:9) also adds that in a legal sense cyber terrorism involves the intentional abuse of digital information systems and networks if these actions are in support of terrorist activity. 65

There is still much confusion on this point as is evidenced by the remarks of Michael Vatis, Deputy Assistant Director and Chief, National Infrastructure Protection Center, Federal Bureau of Investigation, to the Potomac Institute for Policy Studies (1998:3): “[W]hat is cyberterrorism? Is it any use of computers or new information technologies by terrorist groups? Or is it a particular type of use of computers of information technologies? Is it the use of those technologies by traditional terrorist groups?..What is a cyber-terrorist?” 31

"domestic", "state" or "political", but the core act involving a combination of the terrorist act and computers always remains the same. Two related terms used in describing cyber conflict are “cyberwar” and “netwar.” Arquilla and Ronfeldt (1998:8) define these as: “Cyberwar - a concept that refers to information-oriented military warfare” which is becoming more evident at the military end of the spectrum; and “Netwar [which] figures prominently at the societal end of the spectrum where the language is normally about small-scale contingencies” These researchers further (Arquilla, Ronfeldt and Zanini, 1999:82) note that “netwar is more likely to involve nonstate, paramilitary, and irregular forces - as is the case of terrorism.” According to Arquilla and Ronfeldt (1999:4) “evidence is mounting about the rise of network forms of organization and about the importance of “information strategies” and “information operations” across the spectrum of conflict, including among ethnonationalists, terrorists, guerrillas and activists.”66 The key to both cyberwar and netwar is that “[n]either concept is simply about technology; both refer to comprehensive approaches to conflict based on the centrality of information - comprehensive in that they

66

This is a helpful distinction as far as information warfare is concerned, but only if a further distinction between non-state actors and terrorists is also made (an issue the authors acknowledge in their later discussion.). Further analysis finds that “ethnonationalist netwar” has the potential to be one of the more violent forms of netwar (1999:4). Hundley and Anderson (1996:17) meanwhile have identified a set of potential “bad actors” who have access to cyberspace and the objectives behind their actions: Actor Objective Hackers To satisfy personal agendas Disgruntled or Co-opted Insiders For a variety of motives Criminals For personal financial gain, etc. Terrorists or Other Malevolent Groups For Industrial espionage or to disrupt competitors Nation States For espionage or economic advantage or as a tool of warfare 32

combine organizational, doctrinal, strategic, tactical and technological innovations, for offense and defense.”(Arquilla and Ronfeldt 1998:9). Moreover, there is “information warfare” (IW) as it is discussed by military analysts. Definitions for this concept range from simple: “information dominance” on the battlefield; to more complex: “actions taken to achieve information superiority by affecting adversary information, information based processes, information systems, and computerbased networks while leveraging one’s own information (US Department of Defense).;” and “deliberate...and systematic attack on critical information activities which seek to exploit, modify, corrupt information or to deny service (UK Ministry of Defence).” (Rathmell, 1997:41). In this scenario, cyber terrorism is information warfare used by “politically motivated” sub-state groups such as the PIRA. 67 (Rathmell, 1997). Finally, a recent bibliography on “information-age warfare” by Timothy L. Sanz (1998:83) finds, “Cyberwar, infowar, information-based warfare, cyber-terrorism, netwar, cyberpunks, information (or digital) warriors, information dominance, cyberspace defense, [and] information chaos...are just a few recent coinages reflecting the language dealing with the very broad topic of information-age warfare (I-AW).” Most of the present terminology lacks accepted definitions.68

67

“Politically motivated sub-state groups is a term that covers the gamut from pressure groups in democracies using direct action tactics, through outlawed opposition movements in autocracies to organized paramilitary or terrorist organizations.” (Rathmell, 1997:43). 68

In still another variation, Hoo, Goodman and Greenberg (1997) refer to “Information Technology Terrorism.” Although they offer no specific definition of their own Grabosky and Smith (1998:53), nevertheless, suggest that: “While contemporary terrorists seem to prefer explosives, the possibility of disabling entire communications networks or other major systems would seem to provide a variety of attractive targets.” 33

Significant confusion in understanding cyber terrorism also emerges when cyber terrorism is confused with “cyber crime”69 and vice versa. Cyber crime is similar to cyber terrorism in its use of computer networks and information systems, but clearly different in its motivation and goals. This appreciation, however, is often overlooked. 70 In many instances there is little effort to distinguish the obvious differences between the two. Perhaps nowhere is this more evident than in policy circles which treat cyber terrorism simply as an extension of cyber crime. In recent testimony given before the House International Relations Committee of the US Congress (2000:6), Ambassador Michael Sheehan, Office of the Coordinator for Counterterrorism notes: The Commission recommends that the Administration help create an international convention on cyber crime 71....this issue is larger than terrorism and should be addressed in a broader context. After all, terrorism is just one type of international criminal activity that can be perpetrated using the Internet. 72 In another example, the Report of the National Commission on Terrorism (1999:24) lumps cyber terrorism with cyber crime and suggests they can be dealt with in a similar fashion.

69

For further discussion of cyber crime see Grabosky and Smith (1998) for a discussion of what they refer to as “crime in the digital age,” or “telecommunications-related crime.” 70

In at least one case a distinction has been made. Rathmell (1997:42) finds that “[i]t is useful to distinguish between three classes of groups [using information warfare] hackers, criminals and politically motivated sub-state groups.” White (1998:2) also distinguishes between hackers and cyber-terrorists, “hackers and cyber-terrorists differ...in their intentions: Hackers may be only criminally destructive adventurers, whereas cyber-terrorists are advanced enemies of a nation state.” 71

Our emphasis. This seems an awfully odd request given that Ambassador Sheehan’s interests lie with terrorism and not crime. At the very least, the request could focus on methods to deal with cyber terrorism, that might also have implications for curtailing cyber crime. 72

Our emphasis. 34

The discrepancy concerning cyber crime is also found in the ruminations of analysts such as James Adams (Regan, 1999:2) the head of a security firm called Infrastructure Defense. Adams finds that “cyber-terrorism is likely to be committed by Russian organized crime.” The obvious question then becomes, why would criminals become involved in cyber terrorism and not cyber crime? A second concern when analyzing cyber terrorism is how this tactic fits within the overall spectrum of terrorist violence. Generally, analysts understand where to locate conventional terrorist tactics and actions such as assassinations, bombings and kidnappings and how to evaluate their outcomes. The same cannot be said for cyber terrorism. It is a tactic that is often misunderstood and fear of it often assumes outlandish proportions. An example of the latter thinking can again be found in the latest government counterterrorism assessments. In Countering the Changing Threat of International Terrorism a report of the National Commission on Terrorism (1999:8) the prevailing sentiment is that: Cyber attacks are often considered in the same context with CBRN. 73 Respectable experts have published sobering scenarios about the potential impact of a successful cyber attack on the United States....Certainly, terrorists are making extensive use of the new information technologies, and a conventional terrorist attack along with a coordinated cyber attack could exponentially compound the damage. In short, discussions of cyber terrorism too easily move from the inconvenience and disruptions of the hacker to discussions of catastrophic consequences associated with chemical, biological, radiological and nuclear attacks.

73

CBRN refers to “Chemical, Biological, Radiological or Nuclear” materials. It is believed that terrorists will use these materials in order to cause mass casualties. (Report of the National Commission on Terrorism, 1999:7-8). 35

Present attempts to define and understand cyber terrorism remain mired in biases that continue to perpetuate the myths surrounding conventional terrorism. Knowledge of the “who” and “what” of cyber terrorism is limited to ambiguous interpretations of terrorist actors and speculative extrapolations of potential terrorist activity. In both of the cases highlighted above, cyber terrorism has become a “catch all” term that can be pulled from the “trick bag” to fit any number of scenarios or purposes. For the policymaker, this means that political expediencies often dictate what should be pragmatic measures. In the case of the analyst the ambiguity in delineating cyber crime from cyber terrorism gives rise to the pseudo study of the latter. Lastly, it is also essential to remember that for the victim, the type perpetrator behind the attack is often less important than the consequences of the attack. “Cyberspace attacks mounted by the different types of actors are indistinguishable from each other, insofar as the perceptions of the target personnel are concerned.” (Hundley and Anderson, 1996:18).

The Evolution of Cyber Terrorism The evolution of cyber terrorism74 can be analyzed by examining how access to cyber technology is perceived and used by terrorist groups. Two views of the subject are presented by Schmitt and Rathmell. Schmitt (Murphy, 1999:5) distinguishes between 74

At this point it is also helpful to speak in terms of “cyberspace-based threats.” Rand analysts Hundley and Anderson (1996:1) consider these as, “adverse actions involving and mediated by computer and telecommunications systems and networks.” Accordingly, there are a wide spectrum of possibilities for “evil actions” in cyberspace. “These include attacks on the data contained within the systems, the programs and processing hardware running those systems, and the environment (communications, networks, etc.) in which they operate.” (Hundley and Anderson, 1996:12). 36

information operations and computer network attacks. The former is defined as encompassing “virtually any nonconsensual actions intended to discover, alter, destroy, disrupt, or transfer data stored in a computer, manipulated by a computer, or transmitted through a computer network.” Information systems can be either defensive or offensive in nature. Computer network attacks are considered offensive information operations and “disrupt, deny, degrade, or destroy information resident in computers and computer networks, or the computers and networks themselves.” Rathmell (1997:3-4) identifies three categories of information warfare that can be used by sub-state groups. These are: Category I - new techniques applied to traditional activities in the form of “intelligence gathering, communication, money laundering and propaganda. All substate groups have to engage in these to survive;” Category II - old techniques applied to new activities. This “involves using physical violence against the information activities of a target entity....[I]ncreasing reliance of all of these entities [armies, governments, nation-states or companies] on information activities enables a sub-state group to leverage its limited resources into a damaging attack;” and Category III - new techniques applied to new activities. This “involves using digital attack techniques against the information activities of a target entity...[and] is perhaps the purest form of IW....”75 Let us consider two primary components of cyber terrorism, terrorist employment of computers for non-violent activity that facilitates, but falls short of terrorism, and

75

Rathmell (1997:3) suggests that the third category of information warfare is of the most concern to the public imagination. 37

terrorist activity where computer technology is a specific component (weapon or target) of a terrorist incident.76 a) Computer technology as a facilitator of terrorism: Terrorist groups increasingly use computer technology (as many political, commercial and criminal entities do) to secure many of their organizational goals.77 In this sense, terrorist groups are simply exploiting modern tools to accomplish the same goals they sought in the past. The difference between conventional terrorist tactics and those involving computers can be found in three key ingredients: ease of operations; developing potential; and increased anonymity. None of these activities are easily detected or readily countered and thus, enable terrorist groups that take advantage of computer technology to create viable support structures to further their tactical and strategic goals.78 These are accomplished through: - political propaganda (including disinformation programs) - recruitment - financing - intra and inter-group communication and coordination - information/intelligence gathering

76

In their Terrorism Update (1998:1), the Anti-Defamation League notes that, “[t]errorism and the Internet are related in two ways.” The first involves the Internet as a forum for terrorist propaganda and the second involves individuals or groups attacking computer networks (cyberterrorism or cyberwafare). 77

The Report of the National Commission on Terrorism (1999:12) concurs suggesting that “[t]errorists are using the same modern technology as the rest of us....” 78

In its 1998 (1999:17) report on terrorism in the United States, the Federal Bureau of Investigation finds: “Terrorists are known to use information technology and the Internet to formulate plans, raise funds, spread propaganda, and communicate securely.” 38

-stealth/anonymity in both routine activity and tactical operations -ease of operations that are “cost effective” both in terms of resources expended and ability to strike world-wide Specific examples of the facilitation of terrorism through the use of computer technology illustrate the appeal this technology has for terrorist groups interested in advancing their particular agendas. The use of the Internet for propaganda and disinformation purposes is an especially popular one. Many exiled political opposition groups emanating from such states as Iran, Iraq, Mexico, Northern Ireland and Saudi Arabia have used the World Wide Web for just such purposes (Rathmell, 1997:4-5). Neo-Nazi groups (White 1998), the Colombian ELN, Hezbollah and Zapatistas79 (World Report, 1998:1) have also adopted similar tactics. One of the most demonstrative examples, however, involves the case of the December, 1996 takeover of the Japanese Ambassador’s residence in Lima, Peru by the Tupac Amaru Revolutionary Movement (MRTA). Not only did this terrorist group use the Internet to communicate its revolutionary message to the rest of the world through a European website, it even offered a video clip of its members preparing for their mission. 80 (Damphousse and Smith, 1998:216). The added attractiveness of the Internet for terrorists is that the widest possible audience for their violent activity not only reiterates the major themes of their campaigns, it also heightens fear in the target audience by reminding it of the potential for future violence. 79

In the case of the Zapatistas, as group of supporters called the Electronic Disturbance Theater (EDT) have used the Internet stage disturbances as a means of on-line protest. (Denning, 2000,2). 80

Internet sites were also established in Canada and the United States in support of the MRTA’s activity (Anti-Defamation League, 1998:1). 39

In addition to aiding terrorist propaganda, computer networks also enhance terrorist recruitment and financing. Various supremacist groups in the United States have also used the Internet for financial gain (Damphousse and Smith, 1998:220). In still another example, Damphousse and Smith (1998:220) have found that “international terrorist groups such as Peru’s Shining Path (Sendero Luminoso) have web sites where supporters seek to export the revolutionary message...while the groups seek financial support by hawking revolutionary products like T-Shirts, posters and videos.” All in all, cyber technology especially in the form of the Internet is an attractive tool for terrorist groups desiring to strengthen their basic infrastructures. The nature of modern computer technology is such that it also lends itself to the communication and intelligence activities of terrorist groups. The attractiveness of this feature for groups eager to expand their activities can be explained as follows: IT [Information Technology] gives individuals and groups a reach and influence that was previously reserved for well-organised, state-funded terrorist organisations. It represents, in many respects, the ‘death of distance’. Physical distance and national borders that once separated terrorists from their co-conspirators, their audience and their targets cease to exist in the world of modern telecommunications and the internet. (Hoo et al., 1997:138). Organizations such as the Islamic fundamentalist groups which follow Usama Bin Ladin81 (Arquilla et al., 1999:91-92) and Hamas (Anti-Defamation League, 1998:1)82 rely on computers to coordinate their activity. The Revolutionary Armed Forces of Colombia (FARC) for example is known to respond to press inquiries via e-mail. (Anti-Defamation

81

“Back in 1996 the headquarters of terrorist financier bin Laden in Afghanistan was equipped with computers and communications equipment.” (Denning, 2000:12). 82

In extreme instances Hamas has used its web sites to appeal for its supporters to murder Jews (1998:1). 40

League, 1998:1). In the case of the intelligence gathering activities of terrorist groups, computer networks and access to the World Wide Web are equally important. Modern computer technology has not only enhanced much of the above activity, but has done so in such a fashion that the terrorist groups that utilize it are now able to operate beyond the purview of traditional counter terrorist approaches.83 The terrorist ability to engage in “growth activity” such as recruitment, communication and especially financing without the knowledge of state authorities may inevitably lead to stronger and hence, more resilient terrorist groups. In turn, the potential for terrorist groups to engage in activity that focuses less on threats and more on tangible actions is significantly heightened. Modern terrorist groups that are able to develop undetected may become stronger, more elusive and deadlier than their earlier counterparts.84 Moreover, and perhaps even more importantly the advent of computer networks has spawned a new direction in the organizational structure of terrorist groups. Terrorist groups utilizing computers for communication are likely to move beyond hierarchical organizational structures and employ networked ones.85 b): Computer technology as a specific component of terrorist weapons or targets:

83

The use of effective encryption devices for communication purposes are very important in this respect. 84

This said, the original objectives and motivations of terrorist groups must be kept in mind. In particular, it is important to ask: In what respect will computer technology which facilitates terrorist group development impact terrorist desires to escalate the level of violence they now exercise? 85

See Arquilla, Ronfeldt and Zanini (1999) for a detailed discussion of this point especially as it relates to Usama Bin Ladin and a growing network of Islamic fundamentalist groups. 41

Terrorist groups engaging in cyber terrorism are noted for threats to commerce, public safety and national security.86 These threats can take any number of forms, but are generally parlayed into computer versus computer confrontations (While the current discussion focuses on the use of “high tech” applications in terrorist operations, “low tech” operations against a victim’s “high tech” infrastructure should not be ignored.) Terrorist groups use their own computer technology to threaten or attack a victim’s computer resources. This can take the form of threats or attacks against national infrastructures that have become heavily reliant and interconnected to computer networks.87 Activity of this sort is tangible in nature and thus, generates most of the interest we have in cyber terrorism today. Cyber terrorist threats can include: - rapid communication of threats to a wide or specific audience - threats to public utilities and transportation - threats to commercial institutions and transnational corporations - threats to IGOs and NGOs - threats to individuals - threats to political groups or other ethnic, religious or nationalist entities (all of these can include other terrorist groups) identified as “the enemy” - threats to security forces

86

Although the actual identification of and reference to specific threats remains minimal (which begs the question of whether there have been any actual threats), there is clearly a perceived threat. In the case of the United States this perception/reality has led to the signing of Presidential Decision Directive 63 and the establishment of the National Infrastructure Protection Center (NIPC). 87

The FBI (1999:17) has warned that: “While the threat of conventional, physical attacks on our critical infrastructures has always been a source of concern, electronic, information-based attacks constitute a relatively new and growing threat.” 42

- threats to nation states What we occasionally see (what is reported) is actual damage to the above targets in the form of temporary disruption of services,88 public inconveniences or financial loss. These incidents, however, are most often in the form of cyber crime and fall short of what is considered as cyber terrorism. 89 Denning (2000:23) contends, “there are few if any computer network attacks that meet the criteria for cyberterrorism.” Moreover, ”[t]here is little concrete evidence of terrorists preparing to use the Internet as a venue for inflicting grave harm.” (Denning, 2000:24). In summary, there have been no instances where cyber terrorism has been directly translated a catastrophic loss of life or physical destruction associated with the most violent acts of “conventional” terrorism. The threat, however, remains real and takes on an added significance when the growing potential of terrorist group resources90 is considered. Assessing the Cyber Terrorist Threat Terrorist Groups, the Cyber Environment and the New Terrorist Agenda Many studies have dealt with terrorism by examining the nature of terrorist group characteristics and their resultant behavior. Few, however, have taken into account how 88

There are at least two examples of disruption of services being linked to terrorist groups. In the first case in 1998, Spanish protesters disrupted the operations (through cyber tactics) of the Institute for Global Communications because the Internet service provider had hosted a web page in support of the ETA a Basque separatist group. In the second case, also in 1998, a Tamil group from Sri Lanka calling itself the “Internet Black Tigers” managed to disrupt the communications of Sri Lankan embassies with extensive e-mail attacks (Denning, 2000:2). 89

Many of the references cited above discuss these incidents of cyber crime as they relate to cyber terrorism. See Denning (2000), FBI (1999), and Rathmell (1997) for examples. Also see Busby (2000:3-4) for several examples of commercial threats. 90

Part of the growing potential can be found in the proliferation of “cyber attack” tools. (FBI, 1999:17). 43

the cyber environment will impact this behavior. In order to assess accurately the nature of the terrorist threat in this decade, it is imperative to include the significance of this factor into future analyses. Part of the “mystique” of terrorism can be understood by identifying the profile of actions or motivations that drive the actions of various terrorist groups. Each group has a relatively unique identity that helps to define how it will behave. While it is unlikely that the emergence of computer technology will radically reshape the essence of why certain terrorist groups choose to exist, the convergence of this technology along with a number key political and social changes will ultimately be reflected in a “new terrorist agenda.” Perhaps the most profound environmental change to affect the course of terrorism in the last decade has been the collapse of the former Soviet Union. The end of the cold war and the rise of the present American hegemony has had important implications for the many political ideologies that have encouraged and sustained terrorist campaigns over the last forty years. In particular, the goal of a left-backed global revolution is no longer tenable. At the same time, the demise of all but a few communist states has eliminated the raison d'être of many right-wing groups whose existence depended upon their identification as the bulwark of anti- communism The ideological void faced by terrorist groups of the twenty-first century has not, however, led to the demise of terrorism. In contrast to earlier periods where leftist or Marxist ideologies were mistakenly characterized as the greatest source of international terrorism, religious identity has now taken center stage. 91 Nationalist and ethnic sources

91

This is especially true if the American perspective of current international terrorism is considered. Testimony before the House International Relations Committee (1999) by Ambassador Michael Sheehan stresses this point with warnings that both the Taliban of 44

which were always a prominent, but less emphasized aspect of terrorist motivations continue in importance. Nationalist and ethnic ambitions have been further accentuated by regional conflicts, some of which have also developed along religious lines. Despite noteworthy changes in the global political environment, non-state terrorism continues. Terrorist Groups, the Cyber Environment and the New Evolution of Terrorist Group Resources The ability of terrorist groups to capitalize on modern computer technology is now a requisite for developing the underlying basis for effective and robust activity. In previous decades, terrorist groups were initially constrained because the accumulation of sizeable resources was inevitably linked to sufficient manpower and the ability to keep growth activities clandestine. The recent introduction of computer technology has not lessened the need to accumulate similar resources, but has had major implications for how they are accrued. In order to succeed92 in what can only be described as an increasingly competitive (enhanced security measures and awareness, negative public opinion, lack of external state support, poorly defined ideologies, constantly changing international problems) political and social environment, terrorists groups must ensure that they are able to develop the appropriate infrastructure to continue to operate on a regular basis. Groups that fail to do so will not survive. Afghanistan (a fundamentalist Islamic group) and the Saudi Arabian terrorist (who operates out of Afghanistan) Usama Bin Ladin represent the future face of international terrorism. Bin Ladin in particular is singled out as having created a “transnational terrorist enterprise.” Other groups that fall within the same vein include the Egyptian Islamic Jihad, Algerian Armed Islamic Group and Kashmiri separatist. 92

In this case “succeed” refers to the ability of a terrorist group to sustain itself until it has completed its stated goals. 45

Many terrorist groups which previously could court state sponsors for resources now can consider cyber terrorism as a cost-effective tactic that frees them from a reliance on outside support. On this point Rod Stark (1999:45) writes: A significant evolution in terrorism is that malefactors are beginning to discover cyber terrorism as a way of sidetracking the need for statesponsorship due to the low cost and anonymity. Independents do not need to rely on states for the necessities such as funds, training or sanctuary. Kevin Soo Hoo and his colleagues (1997:143) concur on the expanding role of information technology and its impact on the state sponsorship of terrorism. They note in part that: [T]errorists engaged in IT-enabled forms of terrorism may escape the need for state funding. Compared to the costs modern terrorists incur for armaments, international travel and training facilities, IT terrorism is relatively inexpensive...In the final analysis, state sponsorship may no longer be the essential ingredient it once was for terrorists as IT effectively renders the many advantages of state sponsorship obsolete. The opportunities presented by the cyber environment to what would otherwise be marginally viable terrorist groups has translated into more groups that are less reliant on external sponsors. As a terrorist group’s freedom from sponsorship grows, so does its freedom to pursue a truly idiosyncratic campaign of terrorism. Terrorist Groups, the Cyber Environment and the New Potential of Terrorism The question of terrorist behavior as it relates to the cyber environment has yet to be answered with any certitude as little research emphasis has been placed on explaining how various types of terrorist groups will approach and exploit evolving computer technology. General patterns of terrorist behavior as they relate to cyber terrorism have been addressed in the previous section, but it is helpful to take an additional step if the complexity of terrorist group cyber activity is to be fully understood. 46

In order to proceed with the analysis of cyber terrorism and terrorist group behavior a small, but functional typology has been created with the intent of identifying basic terrorist group characteristics which are thought to influence much of their activity. The typology is composed of four classes of terrorist group which are currently active and are likely to develop their own sets of cyber modus operandi. The four classes of terrorist group comprising the typology and relevant examples of these groups are as follows: 1) Nationalist/Ethnic (Basque Fatherland and Liberty - Military Wing (ETA-M), Provisional Wing of the Irish Republican Army (PIRA), Liberation Tigers of Tamil Eelam (LTTE)); 2) Religious (Armed Islamic Group (GIA), Aum Supreme Truth - Aum Shinrikyo (Aum), Egyptian Islamic Jihad); 3. Political (Covenant, the Sword and the Arm of the Lord (CSA), Revolutionary Organization 17 November (17 November), Tupac Amaru Revolutionary Movement (MRTA)); 4. Single Issue (Animal Liberation Front (ALF), Earth Liberation Front, People for the Ethical Treatment of Animals (PETA)). Each class of group varies from one another in terms of motivation, 93 size,94 age, 95 parliamentary representation (or lack thereof),96 political constituency,97 enemy98 and

93

The political motivation of a terrorist group is an important factor in determining the direction the group will take in terms of both the scope and intensity of its operations. 94

The size of a terrorist group is indicative of its resources, outside support and ability to stage both sophisticated and protracted activity. 95

The age of a terrorist group indicates superior survivor skills, greater likelihood of constituent support and group traditions (sometimes equated with established modus operandi). 47

theater of operations.99 In a conventional environment the features of a terrorist group will either retard or enhance what a group is willing and capable of conducting. In a cyber environment the same rationale applies with the caveat that access to computers and computer networks add a new dimension to how group behavior is determined. 100 The extent of change in terrorist group behavior from conventional to cyber settings is dependent on the degree to which the groups desire and are able to interface with their new tool of choice. At least two initial observations can be made in this regard. First, terrorist groups will universally adopt those aspects of the cyber environment that will enable them to operate and grow with a greater degree of efficiency. This is to say that all types of terrorist groups stand to benefit from improved communication skills

96

Terrorist groups with some form of parliamentary representation are generally represented by both a political and military wing. These groups are more likely to have well-defined, long term political goals and represent larger political or social constituencies. 97

The political constituency of a terrorist group is important in terms of supporting group infrastructure, but inevitably constrains certain group activities if they do not conform with the expectations of the larger group. 98

The stated enemy of a terrorist group is an important component of target selection and also helps to determine operational features such as scope, intensity and frequency. 99

The theater of operations of a terrorist group will vary according to the group’s identification of potential targets, ability to operate in a variety of environments and other political considerations related to limiting the scope of a terrorist campaign. 100

On a related note, Arquilla, Ronfeldt and Zanini (1999:97-98) present three hypotheses relating the emergence of information technology with organization for netwar. In sum, terrorist group organizational structure and the use of information technology are hypothesized to be closely related. 48

whether they are used purely for propaganda purposes, act as new vehicles of financial growth, or are even used more discreetly for intra/inter group conferencing. 101 The second observation centers on how each class of terrorist group will move beyond the relatively “simple” task of using computers for non-violent purposes to actually engage in cyber terrorism. The degree to which terrorist groups embrace computer technology as weapon of choice remains to be seen. At one level, the use of cyber technology for inflicting harm on a victim requires a greater level of sophistication than merely using the same technology for communication or propaganda. Not only, must there be some level of expertise in translating the “raw” cyber technology into a weapon of destruction, there must be a recognition that the effectiveness of this alternative supercedes conventional options. Simply stated, a cyber attack against an opponent should produce similar or greater results102for less effort than a conventional one. 103 Can for instance, the cyber disruption of an air traffic control system (with the intent of endangering civilian air traffic) be undertaken with less effort, produce the same results and have a greater likelihood of success than an attack on the same system by conventional means (armed attack, or bombing), or a conventional attack that bypasses the air traffic control system in favor of a direct attack on an airliner? If the answer is an

101

Suffice it to say, there are still likely to be variations both within and between group type as a number of factors such as individual expertise, physical access to computers and ambition to abandon traditional methods in favor of new ones continue to enter into group planning. 102

These can be thought of as a greater degree of terror or longer lasting fear on the part of the victim. 103

Less effort is defined in terms of fewer resources, less manpower and quicker/easier planning, all of which should translate into reduced risk/greater likelihood of logistical success. 49

affirmative one, there is room to believe that cyber terrorism will become an accepted method of operation and find favor with a widening array of terrorist groups. If the answer is negative, however, conventional themes will continue to define terrorist activity. The second consideration influencing the attractiveness of cyber terrorism as a preferred tactic revolves around its destructive potential and the degree to which it can effectively terrorize an opponent. Much has been made of the increasing capabilities of cyber terrorists (FBI, 1999:12) and the many vulnerabilities inherent in national infrastructures (Rathmell, 1997, Stark, 1999). Relatively little discussion, however, has been focused on the extent of destructive/lethal incidents of cyber terrorism, as well as their consequences.104 Evidence, would thus suggest, that there is a sizeable gap between the potential and reality of the cyber terrorist threat. Terrorist groups embarking on this new path of violence surely recognize its limitations just as they do when preparing to engage in conventional acts of terrorism. In short, cyber terrorism must be judged pro forma as a new tactic and not necessarily as a greater or for that matter, lesser type of threat. In all likelihood, the efficacy of cyber terrorism will be demonstrated in select incidents with the greatest emphasis placed on conventional attacks against cyber infrastructures. Attacks against infrastructures in general are not part of a new terrorist strategy, but rather an ongoing tactic designed with both symbolic and disruptive 104

Michael Whine (1999:10) stresses this point in the conclusion to his article, Cyberspace, A New Medium for Communication, Command and Control by Extremists: “Fears by western governments that their national infrastructures may be a target for information warfare or cyber-terrorism may be well-founded, but the evidence so far is that sub-state groups at least, use ICT’s [information and communication technology] mainly for propaganda, secure communications, intelligence gathering and funds management.” 50

purposes in mind. In at least one notable case the Provisional Wing of the Irish Republican Army was involved in terrorist attacks against an assortment of British national infrastructure targets particularly after 1988. This has been a result of a recognition that bomb attacks on these targets are low risk, both to the Active Service Units (ASU) and to the civilian population...[and] can inflict substantial costs on the economy and generate extensive publicity. These attacks have focused on the transport infrastructure..., the energy and power infrastructures and on commerce. (Rathmell, 1997:6). With the growing interconnectedness of infrastructures relying on cyber technology, the targeting selection of cyber terrorism is likely to be significantly influenced by those targets that allow for a maximum level of disruption. The same, however, is not necessarily true with respect to the mode of attack. Cyber technology allows for an addition variable to be introduced into tactical equations, but clearly represents a single choice in terms of overall modes of operation. Given the likely range of possibilities for the future of cyber terrorism and the manner in which different types of terrorist groups will adopt them, the following table highlights the hypothesized relationship between the two.

Table 1.2: Terrorist Group Characteristics and Hypothesized Cyber Behavior Group Type Group Characteristics Nationalist/ Ethnic

Hypothesized Group Behavior When Using Cyber Technology -national or ethnic identity Nationalist/ethnic groups will find -relatively large in size and increasing uses for computer technology mature in age particularly as it creates opportunities for -political wing gaining new sources of financing from -relatively well defined political abroad (expatriate communities). The constituency, enemy and theater same applies to the broadening of of operations terrorist propaganda and other related

51

political campaigns. The larger, more mature groups are already successful in terms of engaging in violence and should identify computer technology more as a means to diversify the nature of their campaigns.

52

Religious

-religious identity often driven by a fundamentalist viewpoint -variable size and generally immature -minimal parliamentary representation -loosely defined political constituency, specific enemy and variable theater of operations

Political

-ideologically oriented generally emanating from the far left or right of the political spectrum -relatively small and immature -minimal parliamentary representation -well defined, but generally disinterested political constituency, ideologically defined enemy and variable, but limited theater of operations

Single Issue - political activist groups that are formed to redress a specific political grievance - relatively small and immature - possible sympathy from individual parliamentarians, but lacking in formal representation - narrowly defined constituency, well-defined enemy and limited theater of operations

Religious terrorist groups are emerging at a time when cyber technology offers many advantages to new, loosely structured and politically extreme terrorists. The cyber environment will allow religious terrorist groups to coordinate many small cells in larger terrorist campaigns. This behavior typifies how conventional activity will be implemented and directed through cyber tactics. Some initial lack of inhibition will also mean that religious groups will be more likely to seek out cyber tactics consistent with heightened damage or casualties. Political terrorist groups given their relatively small size and lack of stature will utilize cyber technology to accentuate their strengths and camouflage their weakness. In short, these groups will increase their activity through: “cyber threats” and follow-up propaganda, recruitment globalizing the scope of their operations to target new victims (previously beyond conventional reach), interaction with like-minded groups and attempts to gain greater recognition through acts of cyber terrorism that escalate damage and casualties. Single-issue groups while generally dedicated to fighting for a single cause will nevertheless find cyber technology attractive for purposes of spreading related propaganda, intensifying threats and communicating with similarly inclined groups. Areas of concern for this type of group include diversification of initial grievances, greater scope of operations and the possibility of contagion.

53

Observations and Conclusions The state of the relationship between terrorism and computer technology is such that its potential is best understood by reexamining contemporary theory and practice of the phenomenon. While the study of terrorism routinely exaggerates such acts as assassinations, bombings, hijackings and kidnappings, these events account for a relatively small portion of what occurs within the rubric of the terrorism experience and 105

are meaningless if they are not understood in terms of their overall consequences.

The

same is true with respect to cyber terrorism. The rapidly emerging cyber environment brings many concerns and uncertainties. Modern computer technology is such that it offers contemporary terrorist groups a wide range of opportunities to continue their campaigns of violence and if they are proficient, significantly further their political objectives. For the most part, computer technology will play a major role in providing a wider range of options for terrorist growth potential. While this is not cyber terrorism per se, it does have critical implications for the future of both conventional and cyber terrorism. The fact that group infrastructures will evolve to mirror these changes is also a salient concern. Developments in the organizational structure of terrorist groups will not only test existing counter terrorist intelligence efforts, but will undoubtedly facilitate new and potentially unconventional terrorist group alliances.

105

Whether or not this appreciation of terrorism actually receives its due in the formulation of counter terrorist policy, it has nevertheless been articulated in the latest State Department (2000:5) report on global terrorism. “Furthermore, terrorist acts are part of a larger phenomenon of politically inspired violence, and at times the line between the two can be difficult to draw.” 54

The “real” cyber terrorism has yet to evolve beyond the nuisance stage. While the potential for serious cyber attacks that physically destroy national infrastructures should not be treated lightly, the destructive nature of this form of violence must be kept in context. First, there are no compelling reasons to believe that cyber attacks will be any more deadly than conventional ones. Second, terrorist desires to escalate current levels of violence are as much dependent on who the groups are and what they hope to achieve, as upon the weapons they have at hand. Doomsday and other haunting scenarios involving weapons of mass destruction existed long before the advent of cyber terrorism and will continue to do so as long as political actors, security firms and others who can benefit from them can exploit the basic myths surrounding terrorism for their own purposes (some of which are indeed for the purpose of encouraging proper preparation and protection).

We will better prepare

ourselves for such purposes by examining not only the doomsday scenarios in our darkest imaginations and the vulnerabilities which lead to them but also the probabilities of exploitation and how to protect against such actions. Instead of simply equating cyber terrorism with the zenith of terrorist violence, a much wiser approach will examine how the cyber environment both facilitates and encourages terrorist behavior beyond conventional standards and how it affects the ability of states and the private sector to gather information and create technical as well as political countermeasures. If the fundamentals of terrorism remain the same, the quest to understand cyber terrorism is as much about comprehending the past, as it is about predicting the future.

55

References Anti-Defamation League. “Terrorism Activities on the Internet - Terrorism Update.” http://206.3.178.10/terror/focus/16_focus_a.html. 1999. Anti-Defamation League. “CyberTerrorism - Terrorism Update.” http://206.3.178.10/ terror/focus/16_focus_a2.html. 1999. Arquilla, John and David Ronfeldt. “The Advent of Netwar: Analytic Background.” Studies in Conflict and Terrorism. Vol. 22, Issue 3, July-September, 1999. Arquilla, John and David Ronfeldt. The Zapatista Social Netwar in Mexico. Santa Monica, California. Rand, 1998. Arquilla, John, Ronfeldt, David and Michele Zanini. “Networks, Netwar and InformationAge Terrorism.” in Zalmay M. Khalilzhad and John P. White (eds.). The Changing Role of Information in Warfare. Santa Monica, California, Rand, 1999. Busby, Col. Daniel J.. “Peacetime Use of Computer Network Attack.” Carlisle Barracks, Pennsylvania: U.S. Army War College, 2000. Chomsky, Noam. Pirates and Emperors: International Terrorism in the Real World. New York: Claremont Publications, 1986. Damphousse, Kelly R. and Brent L. Smith. “The Internet: A Terrorist Medium for the 21st Century.” in Harvey W. Kushner (ed.). The Future of Terrorism: Violence in the New Millennium. Thousand Oaks, California: SAGE Publications, Inc. 1998. Denning, Dorothy E..Activism, Hacktivism, and Cyberterrorism: The Internet as a Tool for Influencing Foreign Policy., http://www.nautilus.org/info-policy /workshop /papers/denning.html., February 4, 2000. Denning, Dorothy E..Cyberterrorism. Testimony before the Special Oversight Panel on Terrorism Committee on Armed Services U.S. House of Representatives, May 23, 2000. Flemming, Peter A.. Patterns of Transnational Terrorism in Western Europe, 1968-1987: A Quantitative Perspective. West Lafayette: Purdue University, Ph. D. Dissertation, 1992. Fowler, William Warner. Terrorism Data Bases: A Comparison of Missions, Methods, and Systems. Santa Monica: Rand, 1981. Grabosky, P.N. and Russell G. Smith. Crime in the Digital Age: Controlling Telecommunications and Cyberspace Illegalities. New Brunswick, New Jersey: Transaction Publishers, The Federation Press, 1998. 56

Gross, Feliks. The Seizure of Political Power. New York: Philosophical Library, 1957. Gurr, Ted Robert.”Empirical Research on Political Terrorism: The State of the Art and How it Might Be Improved.” in Robert O. Slater and Michael Stohl (eds.). Current Perspectives on International Terrorism.London: The MacMillan Press Inc., 1988. Hoo, Kevin Soo, Seymour Goodman and Lawrence Greenberg. “Information Technology and The Terrorist Threat.” Survival. Volume 38, Number 3, Autumn 1997. Hundley, Richard O. and Robert H. Anderson. A Qualitative Methodology For The Assessment of Cyberspace-Related Risks. Santa Monica: Rand, 1996. Mickolus, Edward F.. Terrorism, 1988-1991: A Chronology of Events and A Selectively Annotated Bibliography. Westport, Connecticut: Greenwood Press, 1993. Mickolus, Edward F..Transnational Terrorism: A Chronology of Events, 1968-1979. Westport, Connecticut: Greenwood Press, 1980. Mickolus, Edward F., Todd Sandler and Jeanne Murdock. International Terrorism in the 1980s: A Chronology of Events (Volume I 1980-1983). Ames, Iowa: Iowa State Press, 1988. Mickolus, Edward F., Todd Sandler and Jeanne Murdock. International Terrorism in the 1980s: A Chronology of Events (Volume II 1984-1987). Ames, Iowa: Iowa State Press, 1988. Mickolus, Edward F., Todd Sandler, Jeanne Murdock and Peter A. Flemming. ITERATE III: Attributes of Terrorist Events, 1978-1987. Falls Church, Virginia: Vinyard Software, 1988. Mickolus, Edward F. with Susan L. Simmons. Terrorism, 1992-1995 : A Chronology of Events and A Selectively Annotated Bibliography. Westport, Connecticut: Greenwood Press, 1997. Murphy, John F.. “Computer Network Attacks By Terrorists: Some Legal Dimensions.” 1996. National Commission on Terrorism. Countering the Changing Threat of International Terrorism. Report of the National Commission on Terrorism, http://www.fas.org/irp/threat/commission.html. 1998. Potomac Institute for Policy Studies. “Seminar On Cyber-Terrorism and Information Warfare: Threats and Responses.” Proceedings Report PIPS-98-2, Arlington, Virginia: Potomac Institute for Policy Studies, 16 April, 1998. 57

Potomac Institute for Policy Studies. “Special Briefing On Terrorism: Current and Future Trends.” Proceedings Report, Arlington, Virginia: Potomac Institute for Policy Studies, 23 August, 1998. Rathmell, Dr. Andrew. “Cyber-terrorism: The Shape of Future Conflict,” Royal United Service Institute Journal. October, 1997. Sanz, Timothy L.. “Information-Age Warfare: A Working Bibliography.” Military Review. Volume LXXVIII, Number 2, March-April, 1998 Schelling, Thomas. Arms and Influence. New Haven: Yale University Press, 1966. Schmid, Alex P. and Albert J. Jongman. (eds.) Political Terrorism: A New Guide to Actors, Authors, Concepts, Data Bases, Theories and Literature. New York: North-Holland Publishing Company, 1988. Sheehan, Michael. “Senate Foreign Relations Committee.” Office of the Coordinator for Counterterrorism. Washington, DC. June 15, 2000 Sheehan, Michael. “Testimony Before the House International Relations Committee.” Office of the Coordinator for Counterterrorism. Washington, DC. July 12, 2000. Simon, Jeffrey D..The Terrorist Trap: America’s Bloomington: Indiana University Press, 1994.

Experience

with

Terrorism.

Sluka, Jeffrey A.. Hearts and Minds, Water and Fish: Support for the IRA and INLA in a Northern Irish Ghetto. Greenwich, Connecticut: JAI Press, Inc. 1989. Smith, Brent L.. Terrorism in America: Pipe Bombs and Pipe Dreams. Albany: State University Press of New York, 1994. Smith, Brent L. and Kelly R. Damphousse. “Two Decades of Terror Characteristics, Trends, and Prospects of the Future of American Terrorism,” in Harvey W. Kushner (ed.). The Future of Terrorism: Violence in the New Millennium. Thousand Oaks, California: SAGE Publications, Inc. 1998. Southern Poverty Law Center. False Patriots: The Threat of Antigovernment Extremists. Montgomery, Alabama: Southern Poverty Law Center, 1996. Stark, Rod. “Cyber Terrorism: Rethinking New Technology,” Department of Defense and Strategic Studies, 1999. Stohl, Michael. “Demystifying Terrorism: The Myths and Realities of Contemporary Political Terrorism,” in Stohl, Michael (ed.). The Politics of Terrorism. Third Edition. New York: Marcel Decker, Inc., 1988. 58

Stohl, Michael (ed.). The Politics of Terrorism. Third Edition. New York: Marcel Decker, Inc., 1988. Stohl, Michael. States, “Terrorism and State Terrorism: The Role of the Superpowers,” in Robert O. Slater and Michael Stohl (eds.). Current Perspectives on International Terrorism. London: The MacMillan Press, Ltd., 1988. US Department of Justice. Terrorism in the United States, 1998. Washington D.C.: Federal Bureau of Investigation, Counterterrorism Threat Assessment and Warning Unit, National Security Division, 1999. US Department of State. Patterns of Global Terrorism: 1983. Washington D.C.: US Department of State, August 1984. US Department of State. Patterns of Global Terrorism: 1984. Washington D.C.: US Department of State, November 1985. US Department of State. Patterns of Global Terrorism: 1985. Washington D.C.: US Department of State, October 1986. US Department of State. Patterns of Global Terrorism: 1986. Washington D.C.: US Department of State, January 1988. US Department of State. Patterns of Global Terrorism: 1987. Washington D.C.: US Department of State, August 1988. US Department of State. Patterns of Global Terrorism: 1988. Washington D.C.: US Department of State, March 1989. US Department of State. Patterns of Global Terrorism: 1989. Washington D.C.: US Department of State, April 1990. US Department of State. Patterns of Global Terrorism: 1990. Washington D.C.: US Department of State, April 1991. US Department of State. Patterns of Global Terrorism: 1991. Washington D.C.: US Department of State, April 1992. US Department of State. Patterns of Global Terrorism: 1992. Washington D.C.: US Department of State, April 1993. US Department of State. Patterns of Global Terrorism: 1993. Washington D.C.: US Department of State, April 1994.

59

US Department of State. Patterns of Global Terrorism: 1994. Washington D.C.: US Department of State, April 1995. US Department of State. Patterns of Global Terrorism: 1995. Washington D.C.: US Department of State, April 1996. US Department of State. Patterns of Global Terrorism: 1996. Washington D.C.: US Department of State, April 1997. US Department of State. Patterns of Global Terrorism: 1997. Washington D.C.: US Department of State, April 1998. US Department of State. Patterns of Global Terrorism: 1998. Washington D.C.: US Department of State, April 1998. US Department of State. Patterns of Global Terrorism: 1999. Washington D.C.: US Department of State, April 2000. US Department of State. Patterns of International Terrorism: 1981. Washington D.C.: US Department of State, August 1982. US Department of State. Patterns of International Terrorism: 1982. Washington D.C.: US Department of State, September, 1983. US News and World Report. “Terrorists on the Web: Electronic ‘Safe Haven’ Guerrillas Use Guns, Bombs and Home Pages.” Volume 124, Issue 24, p.46., June 22, 1998. Whine, Michael. Cyberspace: A New Medium for Communication, Command and Control by Extremists. http://www.ict.org.il/articles/cyberspace.htm. April, 1999. White, Col. Kenneth C..”Cyber-Terrorism: Modem Mayhem.” Carlisle Barracks, Pennsylvania: U.S. Army War College, 1998.

60

61