Narrowing the Scope of Cyberterrorism
By CHHS Extern Timothy Rice
Politicians have claimed that cyber attacks “can shut this country down” and are “the equivalent of today’s nuclear weapon.” Combined with the widespread threat of terrorist activity, the term “cyberterrorism” invokes fear in the public and puts government on high alert. The debate about whether cyberterrorism poses a threat to homeland security must begin with a proper understanding of cyberterrorism in the first place. If we apply the accurate definitions, the concept of cyberterrorism is narrower than most people imagine but still calls for robust defensive postures.
There is yet no legal definition of cyberterrorism, so we must first separate the two words. The Federal Courts Administration Act of 1992, found under “Crimes and Criminal Procedure” of the U.S. Code, defines terrorism with two main elements: Activity that involves both (1) danger to human life; and (2) an intent to influence a government or civilian population. Another U.S. law, found in the Foreign Relations Authorization Act, defines the word terrorism as “premeditated, politically motivated violence perpetrated against noncombatant targets by subnational groups or clandestine agents.” The two laws are not inconsistent, since “danger to human life” correlates to violence, and influencing a populous correlates to “politically motivated.
As for cyber, it is important to point out that internet and cyberspace are synonymous. A federal appeals court in 1998 defined the internet as “a worldwide network of computers that enables various individuals and organizations to share information.” More simply, cyberspace is “that place in which computer programs function and data moves.”
So, combining the meanings of each word, an appropriate definition of cyberterrorism is rendered: a politically motivated act against a computer system or program that causes danger to human life. The immediate takeaway of this description is that the term is often misused to describe online terrorist activity.
Terrorists can employ cyber activity in three ways: enabling, disruptive, and destructive operations. Enabling activities are akin to propaganda and information warfare. Websites that advertise and promote a terrorist group’s agenda, such as the Islamic State’s broadcasting of brutal acts of violence, do not themselves cause danger to human life. Such websites merely spread the news of an actual act of terrorism, just as pamphlets, magazines, and mainstream media do.
Similarly, disruptive activities refer to cyber attacks that exploit, deface, or deny a victim’s access to the internet. This activity likewise does not cause danger to human life. As one expert puts it, “If you can’t get e-mail for a day, you’re not terrorized, you’re inconvenienced.” Another way to look at this is to understand that you cannot murder someone without killing someone. Since website defacement does not cause danger to human life, this sort of cyber attack is missing one of two elements to constitute cyberterrorism.
Therefore, the only type of internet use by terrorists that can be classified as cyberterrorism is destructive operations. Destructive refers to the use of computer network tools to shut down critical national infrastructures, and this may or may not cause danger to human life. Past cyber attacks against pipelines, the oil industry, and electrical grids have been successful, but not all of the attacks were politically motivated, and none of them caused danger to human life. Nonetheless, the capability to destruct critical infrastructure exists, so cyberterrorism is probably not a myth as some dissidents assert.
The government has warned of destructive cyber attacks for a decade, and the indications are based on more than self-reinforcing dynamics: reported increases in computer attacks on U.S. critical infrastructure suggest terrorists intend to intensify their tactics. We cannot dismiss the possibility that danger to human life may come as a result of a destructive attack. The question is not if terrorists will launch a full-scale destructive attack, but when. Cyberterrorism is a legitimate concept and we should use the term carefully and accurately to describe its possible occurrence.