There is increasing, and well-founded, concerns that the threats of possible terror attacks no longer require physical contact to execute because societies in the twenty-first century have become entirely reliant on computer systems and information technology. Subsequently, as the global environment continues to grow and root itself in the lives of people from the personal to national levels, there is the possibility of similar technological advances being the next weapon that terrorists will use against their targets. Now, the utilization of computer networks has proven particularly advantageous by turning the world into a global village and aiding its economy and for that reason alone, the mentioned threats remain unknown. Still, the use of the virtual environment as a threshold through which terrorists can launch attacks remains possible and that is a problem because people may fail to recognize small-scale terror attacks and in some cases mistake other forms of violence as terrorism. This paper asserts that since terror attacks and terrorists cannot change in nature, it is safe to argue that the methods of conventional terrorism are applicable in the virtual environment. To that end, computer networks and information technology pose a threat as weapons of destruction.
Foremost, terrorism is an action and to that extent, the definition of the term encompasses multiple elements that conform to the idea of a person or a group of people executing a series of actions while seeking to cause terror. Therefore, when the definition of terrorism does not involve actions garnered towards creating terror and not just harm, confusion emerges as people and nations may confuse other forms of violence with terrorism. According to a report published by the US Federal Bureau of Investigation in 1999, terrorism is the use of “force and violence” against people and properties as a means to “intimidate or coerce” governments, populations, or groups (I). Hence, terrorism does not end with brutality but instead, extends to cover the results of violent actions against a target. Apparently, while the victims go down, the people who witness the destruction that terrorists cause also matter because they form the group that would exhibit terror. In Demystifying Terrorism, the given claim has an explanation as the author writes that for an action to fit under the heading of terrorism, it must be “intended to influence a wider audience” and send a message of fear (Stohl 3). By extension, just as the portrayal of violence is essential for terrorists, the reaction of the audience is vital to the success of a terror attack. Thus, the presence of the element of fear in the victims and audiences of attack make terrorism different from other acts of violence.
Meanwhile, cyber terrorism as a term depicts a tactic that terrorists use to reach their target, and because it is a possible method, the use of information technology in terrorist assaults does not qualify as a new form of terrorism. In other words, the principles mentioned above as part of the definition of terrorism also govern the nature of cyber terrorism. Therefore, cyber terrorism merely entails an act of terrorism that utilizes the virtual environment to execute its plans. Concurrently, another writer defines the implementation of cyber terrorism as “the use of technology by terrorists to disrupt information systems” and in turn, launch an attack or interfere with plans set by either a government or its civilians (Gus 5). Consequently, as the authors of Networks, Netwar, and Information-Age Terrorism observe, cyber terrorism is comparable to “cyber wars” that refer to “information-oriented” attacks against an enemy (Arquilla, Ronfeldt, and Zanini 81). In each case, cyber terrorism is an action that either turns computer networks into instruments through which terrorists can launch an attack or makes the existing technology the target of terror assaults.
With the given facts in mind, it is important to expound on the note that terrorism targets an initial group, which suffers the blunt force of the attack, but a larger audience has to deal with the aftermath. Evidently, while the attacked units of people and property face possible death and destruction respectively, a more diverse and larger group forms the mentioned audience and completes the plans of a terror assault. A perfect illustration is evident in a report gathered by the panel that created the National Commission on Terrorist Attacks upon the United States and released The 9/11 Commission Report. According to the collected details, on September 11, 2001, a terror group launched an attack on American soil and by the end of the assault, the Al-Qaeda under Osama Bin Laden claimed responsibility for the killings and destruction (National Commission, 51). Now, before the attack in the United States, a series of bombings targeted American embassies in other countries and allies to the government were potential victims in the terrorists’ plans. For example, on August 7, 1998, the group bombed the American embassies in Nairobi, Kenya and Dar es Salaam, Tanzania and when asked about it Bin Laden confirmed that the attacks sought to capture the attention of the United States from the personal to national levels (National Commission, 115). Thus, a few Americans and many Kenyans and Tanzanians formed the immediate casualties, yet the actual target was the government of the United States. Such is the nature of terrorism and no matter the methods used; the results are identical as they only serve to spread terror.
Now that the goals of terrorism are clear, the grounds on which terrorists can launch a cyber attack are not only easier to understand but also possible to compare to the conventional methods of terrorism. As noted before, cyber terrorism merges the traditional forms of terror attacks with the virtual environment to produce tools and targets that terrorists use to achieve their goals. Extensively, as explained in the publication of Cyber‐terrorism, cyber attacks are possible via three main methods that successfully allow the use of both new and old techniques to meet the terrorism criteria (Rathmell 41). Apparently, whether it is a new/new or new/old combination, the effects of cyber terrorism remain consistent as it harms some people to gain the attention of larger groups, sometimes at the global capacity.
First, in a new/old model, terrorists can use computer networks to carry out their schemes that would have otherwise taken longer to finish. For example, terrorists require information about a potential subject in planned attacks and at the same time, the group needs to protect itself from detection by authorities (Rathmell, 43). Ordinarily, it would take time and multiple risks to achieve both goals, as it is physically impossible to gain access to buildings without detection unless a person is stealthy enough. However, with computer technology, such actions are possible if not easier to complete simply because of the fast communications and anonymity that machines can provide indiscriminately. In fact, some reports suggest that the Al-Qaeda group was already on the move by 1993. Apparently, investigators found that Osama Bin Laden had “computer specialists” who were responsible for “surveillance” and their use of computer networks provided Al-Qaeda with the necessary information about the target populations before the bombings of 1998 (National Commission, 68).
Secondly, there is the old/new formation that permits terrorists to use the conventional methods of violence, such as physical harm, to disrupt new forms of security that happen to include the use of technology. For illustration purposes, one can consider a scenario in which some vandals gain access into and destroy a company’s security system by smashing the machines with baseball bats. Albeit not an act of terrorism, similar methods can apply to a terror attack and would be particularly efficient because, in a world that is fast becoming reliant on computer networks, such plans can be damaging for the target. The old/new strategy in cyber terrorism encompasses the utilization of physical violence against the “information activities of target [entities]” (Rathmell 43-44). Expectedly, if done correctly and on a large-scale, such terror attacks will be damaging because information is vital for the cohesion of different bodies that include the army and the government. Again on the Al-Qaeda, suicide bombing was a favorite method the terrorists utilized in spreading their influence and in August 1996, Bin Laden voiced his pleasure over the suicide bombing of “American military facilities” (National Commission, 48). At the time, the United States Army faction had access to advanced technology and part of the destroyed facilities included the technological systems.
Finally, yet importantly, there is the possibility of a new/new model in which terrorists create computer attack procedures that they can use to destroy the information activities of those they consider enemies. The idea of modern day information technology as a weapon waged on the battlefield of digital warfare leaves every individual who uses any technology in a vulnerable position. Accordingly, the third formation is the worst form of attack terrorists can launch and for that reason alone, the new/new model ought to cause the most concern for governments and civilians (Rathmell 44). A comparable point of view asserts that terrorists could use information technologies for both “offensive and defensive purposes” and still manage to support their “organizational structures” with such knowledge (Arquilla, Ronfeldt, and Zanini 77). Therefore, the use of emerging technologies by terrorists to attack the computer networks of their foes is the strongest and worst form of cyber terrorism, especially when undetected.
Though interesting, the given models represent the multiple ventures available to terrorists seeking to launch attacks through intelligence-based virtual platforms. Cyber attack tactics reflect potential terror attacks as they show the different ways in which software can become either actual weapons or support of terrorism. Thus said, in what many believe to be the future of cyber warfare, four malware emerged in the last six years: Duqu, Stuxnet, Gauss, and Flame (Shakarian, Shakarian, and Ruef 160). The four malicious programs harvest information from the host computer and in other cases, such as that of the Stuxnet worm, the program targets Industrial Computer Systems (ICS) and destroys their function. This paper focuses on the Stuxnet malware because before its emergence in 2011 the familiar concept of computer viruses encompassed an “unsophisticated code” that infected system files before propagating to other computers and doing similar damages (Shakarian, Shakarian, and Ruef 160). The difference between Stuxnet and other computer viruses was twofold: it was not an ordinary computer virus but a complicated software system, and both the creators and users were unknown to the world.
Perhaps the best demonstration of the Stuxnet malware’s destructive capabilities is evident in the case of the Iranian nuclear power in which, a cyber attack using the Stuxnet worm as a weapon set the country’s nuclear program back by two years (Dawson 3). The brand of ICS that the Stuxnet software tends to attack is the Supervisory Control and Data Acquisition (SCADA) system that carries out data collection while gauging and monitoring commands in computer-controlled equipment. Typically, the system operates through a connection with the hardware component of the operations dubbed the Programmable Logic Computers (PLCs). In a hypothetical situation, an administrator would use a basic Windows computer to send new instructions to the PLC component that the SCADA operated ICS controls; however, if Stuxnet affects the system, it intercepts the initial commands and alters them at the ICS stage leading to a PLC malfunction. In 2010, the then Iranian President, Mahmoud Ahmadinejad confirmed that a computer worm created problems for some of the country’s “nuclear centrifuges” (Shakarian, Shakarian, and Ruef 224). Although it was not a terrorist attack, it is possible to apply similar methods and launch an assault from a remote position without detection. In fact, it is possible that the Stuxnet program can serve as a weapon if one uses it to either launch a missile or cause detonating nuclear malfunctions at a site.
In conclusion, computer technology can assume two roles in cyber terrorism: that of a facilitator and as a component of a weapon or a target. About facilitating terrorism, information technology in the hands of terrorists is perfect for exploitation simply because it is a modern invention and is widely used by most populations. In that sense, terrorists can use the virtual environment to meet the goals that closely resemble those set before the introduction of computers. The only difference would be unlike the traditional methods, new tactics that incorporate computers simplify operations, allow one to be anonymous when he or she desires, and cannot backfire because the world cannot stop using technology. Correspondingly, the assimilation of computers as part of the weapons that terrorists use in the fight against an opposing power or as the actual target at which they are aiming shows the role of technology in cyber terrorism. Through computers, terrorists can issue threats against national security and place nations in panic mode. From threatening and attacking a single victim’s technological resources to bringing down infrastructures that rely on computer networks, cyber terrorism can take the form of a weapon. The given examples based on the Al-Qaeda group that Osama Bin Laden governed and the use of the Stuxnet malware against the Iranians provides sufficient evidence to the relevance of technology in modern day warfare that involves the virtual world. Hence, new tactics are necessary to increase cybersecurity and combat the rising threats.
Works Cited
Counterterrorism Threat Assessment and Warning Unit, National Security Division. Terrorism in the United States. Government Report. Washington D.C.: Federal Bureau of Investigation, 1999. Web. <https://www.fbi.gov/stats-services/publications/terror_98.pdf>.
Dawson, Maurice. New Threats and Countermeasures in Digital Crime and Cyber Terrorism. Pennsylvania: IGI Global, 2015. Web.
John Arquilla, David Ronfeldt, and Michele Zanini. "Networks, Netwar and Information-Age Terrorism." Strategic Appraisal: The Changing Role of Information in Warfare. Ed. Zalmay M. Khalilzad and John P. White. California: RAND Corporation, 1999. 75-111. Print.
Martin, Gus. Understanding Terrorism: Challenges, Perspectives, and Issues. 4th. Carlifornia: SAGE Publications, 2012. Print.
Shakarian Paulo, Shakarian Jana, and Ruef Andrew. Introduction to Cyber-Warfare: A Multidisciplinary Approach. Boston: Newnes, 2013. Print.
Rathmella, Andrew. "Cyber‐terrorism: The shape of future conflict?" The RUSI Journal 142.5 (1997): 40-45. Web.
Stohl, Michael. "Demystifying Terrorism: The Myths and Realities of Contemporary." The Politics of Terrorism. Ed. Michael Stohl. New York: Marcel Decker, Inc., 1988. 1-28. Print.
The National Commission on Terrorist Attacks Upon the United States. Complete 9/11 Commission Report. Government Report. Washington, D.C.: Government Printing Office, 2004. Web. <http://govinfo.library.unt.edu/911/report/911Report.pdf>.
