From car bombs to logic bombs: The growing threat from information terrorism

This article was downloaded by: [Syracuse University Library]On: 27 April 2013, At: 10:08Publisher: RoutledgeInforma Ltd Registered in England and Wales Registered Number:1072954 Registered office: Mortimer House, 37-41 Mortimer Street,London W1T 3JH, UK

Terrorism and PoliticalViolencePublication details, including instructions forauthors and subscription information:http://www.tandfonline.com/loi/ftpv20

From car bombs to logicbombs: The growing threatfrom information terrorismJerrold M. Post a b , Keven G. Ruby c & Eric D.Shaw da Professor of Psychiatry, Political Psychologyand International Affairs Director, PoliticalPsychology Program, George WashingtonUniversity, Washington, DCb Director, Political Psychology Program,George Washington University, Washington, DCc Research Analyst with Political PsychologyAssociates, Ltd.,d Adjunct Associate Professor of PoliticalPsychology, George Washington University,Washington, DCVersion of record first published: 21 Dec 2007.

To cite this article: Jerrold M. Post , Keven G. Ruby & Eric D. Shaw (2000):From car bombs to logic bombs: The growing threat from information terrorism,Terrorism and Political Violence, 12:2, 97-122

To link to this article: http://dx.doi.org/10.1080/09546550008427563

PLEASE SCROLL DOWN FOR ARTICLE

http://www.tandfonline.com/loi/ftpv20

http://dx.doi.org/10.1080/09546550008427563

Full terms and conditions of use: http://www.tandfonline.com/page/terms-and-conditions

This article may be used for research, teaching, and private studypurposes. Any substantial or systematic reproduction, redistribution,reselling, loan, sub-licensing, systematic supply, or distribution in anyform to anyone is expressly forbidden.

The publisher does not give any warranty express or implied or makeany representation that the contents will be complete or accurate orup to date. The accuracy of any instructions, formulae, and drug dosesshould be independently verified with primary sources. The publishershall not be liable for any loss, actions, claims, proceedings, demand,or costs or damages whatsoever or howsoever caused arising directlyor indirectly in connection with or arising out of the use of this material.

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13

http://www.tandfonline.com/page/terms-and-conditions

http://www.tandfonline.com/page/terms-and-conditions

From Car Bombs to Logic Bombs:The Growing Threat from

Information Terrorism

JERROLD M. POST, KEVEN G. RUBYand ERIC D. SHAW

The vulnerability of the critical infrastructure has led to increasing concern that it willbe the target of terrorist attacks. This article explores definitional aspects ofinformation terrorism and identifies two groups likely to find information terrorismattractive: conventional terrorist groups and information culture groups. As computersophisticated youth move into the ranks of conventional terrorist groups, the groupswill increase their reliance on computer technology, and information terrorism will beincorporated into a hybrid tactical repertoire. Information culture groups, however,confine their attacks to cyberspace. In contrast to the powerful group dynamics of thetraditional underground terrorist group, networked groups, particularly informationculture terrorists, may only be in contact electronically, and are subject to a radicallydifferent group psychology, virtual group dynamics, that significantly affects theirdecision making and risk taking, and has dangerous security implications.

Introduction

While the possibility of chemical, biological, and even nuclearweapons falling into the hands of terrorists adds a new andfrightening dimension to physical attacks, such weapons aredifficult to acquire. In contrast, the resources necessary to conducta cyber attack have shifted in the past few years from the arcane tothe commonplace. A personal computer and a telephoneconnection to an Internet Service Provider anywhere in the worldare enough to cause harm.

'The Case for Action', The Report of the PresidentialCommission on Critical Infrastructure Protection (1997: p.x).

In 1998, a group of hackers calling itself the Masters of Downloadingpenetrated the computers of the US Department of Defense and claimed tohave downloaded sensitive software, including satellite control software.1

Another group of hackers going by the name MilwOrm claimed to havehacked into and taken off-line computers at Indian nuclear research

Terrorism and Political Violence, Vol.12, No.2 (Summer 2000), pp.97-122PUBLISHED BY FRANK CASS, LONDON

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13

98 TERRORISM AND POLITICAL VIOLENCE

facilities in protest of the recent Indian nuclear weapons test.2 In 1996, aself-styled offshoot of the terrorist group Liberation Tigers of Tamil Eelam,the Internet Black Tigers, flooded Sri Lankan embassies with e-mail in anattempt to counter the Sri Lankan government propaganda.3 In January2000, an unidentified perpetrator hacked into the customer database of anInternet retailer, stealing customer credit card information and attempting toextort the company for a large amount of money.4 And, in February 2000, aco-ordinated digital attack was mounted by unidentified perpetrators againstseveral top Internet companies, including YAHOO, eBay, and E*TRADE,making their services unavailable to customers.5 All of these attacks havebeen described in news media as acts of cyber-terrorism,6 a term used sobroadly and without rigour so as to become practically useless to an analystattempting to classify such events.

What these events do underscore is the vulnerability to attack anddisruption of information systems and computer networks that areincreasingly critical to the supply of goods and services. Such attacks areoften characterized as heralds of a new form of conflict where the electronreplaces bullets and explosives as the weapon of choice in the informationage. Indeed, much ink has been spilled on what was originally labelledcyber-terrorism by Collin in 19827 but more recently referred to asinformation terrorism by Devost, Houghton and Pollard8 and Ciluffo andGergely.9 Yet while the subject of terrorists using or targeting informationsystems and computer networks has received considerable attention,confusion persists about how cyber attacks relate to traditional politicalviolence and terrorism. Does it even belong in the same category as suchviolent spectaculars as the World Trade Center bombing intended to killwell over a quarter million people; the bombing of the Alfred P. Murahfederal building in Oklahoma City; the bombings of the US embassies inKenya and Dar-es-Salaan; and the 1995 Tokyo subway sarin attack by AumShinrikyo? Indeed, for some, if a politically motivated attack does not resultin blood or rubble, it is not considered terrorism.

This article first discusses definitional considerations with reference toinformation terrorism, attempting to produce a set of criteria by whichattacks against information systems and computerized networks can beclassified as acts of terrorism, linking the old with the new. The article thenconsiders the ways in which information technology is already being usedacross the spectrum of conventional terrorist group types, followed by adiscussion of a new breed of terrorists spawned by the informationrevolution and anchored in the information culture and cyberspace. Thearticle then explores the effects of computer-mediated communication onnetworked organizations and the likely effects of the resultant virtual groupdynamics on the decision making of terrorist groups operating in the

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13

GROWING THREAT FROM INFORMATION TERRORISM 99

information age. The article concludes with a set of predictions on the futureof information technology and terrorism.

Defining 'Information Terrorism'

The centrality of information control in the modern international securityenvironment has been called a Revolution in Military Affairs (RMA).'°Whocontrols the information environment, both offensively and defensively,dominates the twenty-first century battlefield. 'The fight to obtain aninformation advantage will take place in the physical space with bombs andbullets, in the cyberspace with hackers and jammers, and in the "mentalspace" with deception and psychological operations.'" John Arquilla andDavid Ronfeldt have played a leading role in conceptualizing informationwarfare, and have considered the extent to which terrorists will join theranks of information warriors and threaten the integrity of the criticalinfrastructure.12 They have conceptualized what they see as an emergingform of conflict in the information age, 'netwar', in which non-state actorsincreasingly employ networked rather than hierarchical organizationalstructure, 'relying on network forms of organization, doctrine, strategy, andcommunication' to do battle in the information age.13

The primary emphasis in the writings of Arquilla and Ronfeldt is on thesecurity implications of these new forms of organization andcommunication of substate protagonists. Although they do make referenceto the incorporation of new information technologies into the netwarriors'tactical repertoire, netwar does not require that attacks be launched by oragainst computers.14 By organizing themselves in networks in contrast tohierarchical organizational structures, netwar actors are able to achieveconsiderable tactical and strategic advantage over slow-to-adaptbureaucracies of nation states. Thus, 'netwar is about Hamas more than thePLO, Mexico's Zapatistas more than Cuba's Fidelistas, the ChristianIdentity Movement more than the Ku Klux Klan'.15 Arquilla and Ronfeldtpoint out, but do not discuss to great degree, that, in conjunction with theseorganizational trends, '[t]errorists are likely to increasingly use advancedinformation technologies for offensive and defensive purposes.'Information terrorism then can be seen as a key offensive component ofnetwar.

Information terrorism has been defined by Collin as 'the definition ofterrorism plus "through the exploitation of computerized systems deployedby the target'".16 It is necessary therefore first to place information terrorismwithin the broader context of terrorism per se. Drawing on the review ofterrorism definitions by Schmid and Jongman," and incorporating keyelements of the definitions of the US Department of Defense and Federal

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


Bureau of Investigations, we define 'terrorism' as premeditated, politicallymotivated violence - or the threat of violence — against non-combatants orproperty by subnational groups or clandestine agents to influence, coerce orintimidate an audience extending beyond the immediate target of theattack.18

Expanding on this definition, Devost, Houghton and Pollard define'information terrorism' as 'the intentional abuse of a digital informationsystem, network or component toward an end that supports or facilitates aterrorist campaign or action'.19 They go on to emphasize that computers andcomputerized networks should be viewed as both targets and tools, and thatan incendiary bomb used to destroy a computing facility is as muchinformation terrorism as a digital attack that destroys critical data orindirectly results in physical harm (such as spoofing an air traffic controltower to cause an airliner to crash).20

It is useful here to discuss the question of violence in the context ofinformation terrorism. As mentioned above, for some the absence of bloodor rubble as in an electronic attack launched solely at a computer networkto disrupt services does not rise to the level of the kind of violence necessaryto constitute a terrorist act. In effect, expanding the definition of violence toinclude digital violence in which people are merely inconvenienced iswatering down the concept of terrorism. Certainly to identify the 16-year-old hacker who breaks into a Department of Defense website as aninformation terrorist so broadens and weakens the term as to render ituseless. But within the hacker culture is a subset of individuals who areactively pursuing their anti-authority agenda with the digital weapons oftheir trade. The anti-establishment motivation of the 'digital libertarian' hasmany elements in common with the psychology of European socialrevolutionary terrorists. Politically motivated 'hactivists', who carry outwebsite defacement and other forms of petty computer crime to generateattention to their cause or disrupt their antagonists, do seem to represent thelow end of the information terrorism spectrum.21 Moreover, as DorothyDenning has pointed out, information terrorists are not limited to dramaticacts of information terrorism: they may draw on a diverse repertoire ofmethods that include activism (using the Internet for propaganda),hactivism ('the marriage of hacking and activism', covering 'operations thatuse hacking techniques against a target's Internet site with the intent ofdisrupting normal operations, but not causing serious damage') and cyber-terrorism ('the convergence of cyberspace and terrorism'). In general, asDenning points out, as one moves from the first category, activism, to thethird, cyber-terrorism, there is progressively greater damage, although notnecessarily greater political effectiveness. It is the act itself that serves as thepoint of reference.22 The boundaries between information terrorism and

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


hactivism will remain hazy, but in the end, it will likely be a qualitativeanalysis of the degree to which the attack was designed to produce fear andintimidation in a target audience in order to accomplish an ideological goalthat makes the determination.

When analysing an attack for information terrorism potential, it isessential therefore to evaluate the degree to which the attack:

(1) was ideologically motivated (including political, ethnic and religiousmotivations);

(2) used an information system and/or targeted an information system bydigital or physical means to affect the information system itself, or toaffect persons or property dependent upon those systems;

(3) was intended to influence, intimidate or coerce an audience beyond theimmediate target of the attack.

Briefly returning to two of the cases identified at the beginning of thearticle, the denial of service attacks perpetrated against major e-commerceproviders meets criterion (2) and perhaps criterion (3). However, currentdata does not provide enough information to determine motive, and anideological cause was not identified, so a definitive classification asinformation terrorism is not possible. In the case of MilwOrm's attack on thecomputers of the Indian nuclear research facilities, all three criteria seem tobe met. The act was politically motivated, designed to punish India forexploding a nuclear weapon and sent a message that future tests wouldresult in at least equally harmful retaliations by the hacker group inquestion. The group used digital means to attack a digital target, and theattack was used to influence Indian policy-makers who were likely afraidsensitive information relating to their weapons research activities wascompromised or that research efforts may have been hampered by denial ofaccess to important systems.

Many youthful hackers have taken pride in their ability to penetrate andalter unclassified US government systems, such as retitling the CentralIntelligence Agency website the Central Stupidity Agency, or retitling theDepartment of Justice website the Department of Injustice. This falls farshort of our concept of information terrorism. To be sure, it is designed fora broader audience and is designed to convey a political message ofcontempt for the system, but it is more of the quality of a prank than avicious act designed to affect a political goal through fear and intimidation,and would better be characterized as hacktivism. The majority of anti-establishment acts by hackers consist of such mischievous acts, although thedenial of service attacks on major e-commerce sites in February 2000assuredly goes well beyond cyber-vandalism, for the estimated financial

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


loss was in the millions of dollars. But, by our earlier definition, these actsstill would not qualify as information terrorism, for there is no apparentideological motivation.

Conventional Terrorist Groups and Information Terrorism: Assessingthe Risk

In considering the attractiveness of information terrorism to conventionalterrorist groups, which are still relying on bombs and bullets, the advantagesof using information technology as a weapon are numerous. It permitsremote attacks from anywhere with access to a telephone line, reducing therisk of injury or death associated with traditional terrorist means. It enablessimultaneous attacks at multiple nodes worldwide without requiring a largeterrorist infrastructure necessary to mount equivalent attacks usingtraditional methods. In addition, as Arquilla and Ronfeldt point out:

Cyberspace offers the opportunity for such actors to inflict costly,disruptive damage, but without inflicting the physical and humandestruction that so often arouses the ire of victims, or that may evenalienate the affections of the terrorists' sponsors or constituencies.Unlike blowing up planes or killing hostages, disrupting the flow ofinformation can inflict enough pain to convey the symbolic messageso central to terrorism, while avoiding the more unsavory aspects oftraditional destructive terrorism.23

At the same time, augmenting traditional terrorist attacks with the tactics ofinformation terrorism can dramatically increase casualties. Ciluffo andGergely argue that '[t]errorist incidents have become more deadly and havemoved into the age of mass casualty attacks ... This trend is unlikely to bereplaced by a kinder, gentler information-based terrorism.' Instead:

'[t]errorist organizations are more likely to seek the capability toconduct super-terrorist incidents with massive casualties ... whichcould well be achieved through the planned, synergistic use of verylarge conventional explosives, weapons of mass destruction, and[information warfare] and infrastructure warfare techniques.'24

For example, to conduct the bombing of a major building whilesimultaneously conducting a denial of service attack on the 911 emergencyresponse network would dramatically increase casualties.

That being said, information terrorism is sometimes lumped togetherwith weapons of mass destruction (WMD) terrorism, using chemical,biological, radiological or nuclear (CBRN) weapons. A flexible tactic,information terrorism is more likely to be used as a weapon of mass

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


disruption. The constraints against the use of weapons of mass destructionare not present for weapons of mass disruption, for the group need not beconcerned as directly with the potential counterproductive consequences fortheir group of the massive loss of human life precipitated by the use ofCBRN weapons. It is important to emphasize that, as has been the case indetermining the level of threat for weapons of mass destruction terrorism,the gap between what could happen in terms of technological feasibility andwhat has actually happened is very large. It is reminiscent of the nuclearsuperpower confrontation, where the inability to estimate intentions becauseof the failure to understand the psychology and motivations of ouradversaries in closed societies led to a marked overestimation of the danger,as technological nuclear capability, not intention, became the basis ofestimation. Whether what could be done will be done is a matter of terroristmotivation and decision-making. As with weapons of mass destructionterrorism, it is important that not just capability, but the contextualcharacteristics of the terrorist group, be considered in evaluating risk foremploying information terrorism.

The Importance of Context

Just as terrorist groups do not arise outside of a sociopolitical context,context plays a significant role in specifying the kinds of tactics - whethercar bombs or logic bombs - that will be considered and selected. In the caseof information terrorism, the following contextual features are likely to bepredictive of a terrorist group's likelihood of choosing this means of attack,whether as the sole component of a terrorist campaign or as part of a hybridarsenal of conventional and digital tactics.

The ideology of the group

In 1978, the Italian Red Brigades issued a Strategic Decision Directive (seebelow) associating computers directly with their ideological enemy,capitalism, designating computer centres as high-priority targets for terroristattacks. In general, if a group identifies computers and networks as either asecurity tool of an adversary or the means by which the adversary maintainsdominance, that group is at increased risk for striking out against theadversary's information systems. Moreover, some groups which might beopposed to violence perpetrated against persons might not be as constrainedagainst attacking computers.

The leader's computer literacy

The computer-literate leader will bring increased awareness of theadvantages that attacks upon information systems underpinning society can

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


bring, and will be more receptive to suggestions from newer computer-literate members. Indeed, a leader intensely focused on informationtechnology can recruit individuals with the requisite computer skills into thegroup. Conversely, a leader who is not computer literate will tend to inhibitthe adaptation of information terrorism tactics.

The group members' capabilities

As computer-literate youth increasingly join the ranks of terrorist groups,today's radical tactical innovations will become increasingly mainstreamed.For a group to move actively to incorporate information terrorism into itstactical repertoire will require members with the requisite technical skills inaddition to a computer-literate leader motivated to attack the electronicfrontier.

The degree to which the environment is information rich

The degree of availability of and dependence on information systems andcomputers within a society creates an environment in which informationtechnology, both as tool and target, is highly salient as an option for aterrorist group's tactical considerations. Thus one can expect terrorist groupsoperating in post-industrial societies like Europe and the United States to bemore likely to consider and employ information terrorism than groupsoperating in developing regions with limited technological penetration.

The extent of provocation: the use of computers against the terrorist group

Terrorists typically see themselves as being at war with the establishment.Feracutti has conceptualized this as 'the fantasy war'.25 When thegovernment relies significantly upon computers to counter the group, or,more importantly, the group believes that the government is relying uponcomputers to attack or pursue the group, the group, consumed by defensiveaggression, may feel impelled to counter-attack. Periodically media storiesappear concerning government security agencies electronically attacking aterrorist group's financial resources, stripping overseas bank accounts, etc.Such reports could well precipitate an electronic counter-attack.26

The extent of a rival groups use of information terrorism

Historically, when a group has successfully innovated and conducted anoperation with a new tactic that won widespread media attention,characteristically it has led to imitation by rival groups. It is expected thatthe first occurrence of an information terrorism spectacular will motivateother groups to follow their lead along this pathway.

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


The degree to which a specific adversary is perceived to be dependent oninformation technology

The more a terrorist group perceives its adversary to be dependent oninformation systems, the greater the risk those systems will be targeted.

The degree to which a group already uses information technology

Groups that are currently using information technology and computerizednetworks, either for purposes of maintaining a networked organizationalstructure and logistical networks or for propaganda purposes, are attuned tothe options computers can bring a terrorist campaign. Moreover, theypossess the requisite sophisticated information technology skills. They aretherefore at greater risk for information terrorism.

Conventional Terrorist Groups and IT

The map of terrorism is a variegated one. A wide variety of psychologiesand motivations can lead to the final common pathway of terrorist action.Groups differ historically, ideologically, psychologically and structurally.This article now examines the degree to which conventional terrorist groupsalready employ information technology as either operational support,weapon or target by the different types of substate terrorist groups: socialrevolutionary, nationalist-separatist, religious extremist - both religiousfundamentalist organizations and non-traditional religions - and right-wingextremist groups and organizations.

Social revolutionary groups

Social revolutionary groups seek to overthrow the capitalist economic andsocial order. They are typified by the European 'fighting communistorganizations' active throughout the 1970s and 1980s (e.g. the Red ArmyFaction in Germany and the Red Brigades in Italy), although socialrevolutionary groups have been active around the world, including theShining Path in Peru and the Japanese Red Army Faction.27

A February 1978 'Strategic Directions Resolution' by the Red Brigades,the Italian social-revolutionary terrorist organization, identified computersas 'the highest profile target':

We must not underestimate the use of computer technology inrepression of the class war, as the efficiency of computers is supportedby ideology and by the technical-military personnel responsible fortheir functioning. Computer systems are the monopoly of theAmerican multinationals and, in addition to ensuring the United Stateshegemony over the world economy (the electronic sector is the

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


strategic sector of advanced capitalism), they also guarantee theexportation of forms of control, of police methods, and they exportalso the highest level of representation, ripened in the strongest link ofimperialism.

In fact, the exportation of these 'systems' is not only exportationof advanced technology. It is also a relationship of production, of anideology. It is the American 'filing system' ruling the controlstructures of all the states of the imperialistic chain. And exactlybecause of this, it is also the creation of a layer of technicians-policemen in charge of preventive and total espionage of the people.

You see, computers are identified as a symbol, the highest profiletarget. It is important to destroy their mesh, to disrupt these systems,beginning from the technical-military personnel who direct them,instruct them, and make them functional against the proletariat.28

Indeed, a 1988 review of terrorist attacks against computer centrescompiled by Rozen and Musacchio identified 57 attacks from 1978 to1988.29 Of the 57 recorded computer attacks, 52 per cent were in Italy; 21per cent in France, 12 per cent in West Germany and seven per cent inBelgium. Thus fully 92 per cent of the attacks on computer centres in thedecade following the Red Brigade Strategic Directive took place in westernEuropean nations characterized by information-rich environments that alsohad active social-revolutionary terrorist movements.

More specifically, Campbell and Whiteside reported the following actstargeting computers.30 The French social revolutionary terrorist group,Direct Action Organization of 27-28 March, teamed with a group callingitself Comite Liquidant ou Detoumant les Ordinateurs (Committee on theLiquidation or Deterrence of Computers, CLODO) claimed responsibilityfor the destruction of computer systems and data in the 1980 attack onPhilips Data Systems in Toulouse, France. In the attack they burnedcomputer programs and magnetic cards in the office toilet. The publicstatement, attributed to CLODO, indicated:

We are computer workers and therefore are well placed to know thepresent and future dangers of computer systems. Computers are thefavorite instrument of the powerful. They are used to classify, control,and to repress. We do not want to be shut up in ghettos of programsand organizational patterns.

The Japanese social revolutionary groups East-Asian Anti-Japan Frontand the Middle Core Faction, the Angry Brigade in the United Kingdom andthe Red Army Faction in Germany targeted computer centres vital tocorporate interests and, in at least one case, transportation infrastructure.

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


During the Vietnam War, several computer centres at American universities,reputed to be engaged in research for the Department of Defense, wereattacked by radical students and dissident groups. In 1970, for example, abomb exploded outside the Army Mathematics Research Center at theUniversity of Wisconsin, killing one and causing $16m worth of damage tothe centre and the computer data it contained.

These examples clearly support the historical association betweensocial-revolutionary groups and attacks against information resources assymbols of authority and control. The importance of anti-authoritarianmotivation for these groups is supported by psychological profiles of social-revolutionary group members, especially from Germany.31

While social-revolutionary terrorist groups have experienced a rapiddecline over the last two decades, paralleling the end of the Cold War andthe collapse of Communism in the Soviet Union and eastern Europe,revolutionary efforts against authoritarian regimes are still underway and,given their need to damage, destabilize and destroy the system, they dorepresent a ripe category of groups to find information terrorism attractive.The fighting Communist organizations of Europe are down, but they are notout, as evidenced most recently by the July 1999 political assassination bythe Red Brigades.

One prominent contemporary social revolutionary group usinginformation technology is the Ejercito Zapatista de Liberation Nacional(EZLN) of Chiapas, Mexico, by all counts a traditional revolutionary grouprebelling against local and federal Mexican social and economic policy inChiapas. The EZLN is supported by an extensive presence on the World WideWeb. The EZLN's home page (www.ezln.org) contains speeches by its leaderand news stories in English, Spanish and French documenting the group'sevolution and progress. According to a story appearing in Wired News,supporters of the EZLN hacked into the website of the Mexican FinanceMinistry and plastered the ministry's home page with pictures of the EZLN'snamesake, Emiliano Zapata, and a message reading 'We're watching you, bigbrother'. Another interesting example of the use of the Internet by terroristgroups concerns the seizure of the Japanese embassy in Lima, Peru in thewinter of 1996-97 by Tupac Amaru, a Peruvian social-revolutionary group.Within 15 minutes of the attack, a website was operating out of Canadaproclaiming the revolutionary triumph. This use of the Internet to spread theirpropaganda message does not represent terrorism, as was noted earlier, but thesynchronization and use of the Web to put their spin on the act and propagatethis message internationally do show significant computer sophistication, andthe recognition that IT is an important component of terrorist attacks.32 And agroup that has that level of computer sophistication probably has the technicalability to mount attacks as well.

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


Nationalist-separatists

Nationalist-separatist groups, also known as ethno-nationalist groups, arefighting to establish a new political order or state based on ethnicdominance or homogeneity. The Irish Republican Army (IRA), theLiberation Tigers of Tamil Eelam (LTTE) of Sri Lanka, the BasqueFatherland and Liberty (ETA) in Spain, and radical Palestinian groups suchas HAMAS and the People's Front for the Liberation of Palestine GeneralCommand are prominent examples. The nationalist-separatist terrorists areusually attempting to garner international sympathy for their cause and tocoerce the dominant group. Several nationalist-separatist groups haveestablished websites or have had websites established for them bysympathizers living outside the zone of conflict. Examples include theLTTE (www.eelamweb.com) and HAMAS (www.hamas.org). These sitesprovide expatriates and other supporters with information on the group'sprogress and requests for financial and other assistance.

As mentioned in the introduction, a self-styled offshoot of the LTTEcalling itself the Internet Black Tigers has recently flooded Sri Lankanembassies with e-mail in an attempt to counter government propagandaelectronically.33 To the extent that the dominant government's control effortsare perceived to be supported by information technology, these technologiesmay be subject to attacks similar to those launched by social revolutionarygroups in the past. Moreover, reports of use by intelligence organizations oftargeted information attacks of radical Middle East terrorist groups todisrupt financial transactions34 could certainly be expected to mobilizerevenge attacks against adversary computer centres, systems and networks.

As with other terrorist group types, whether nationalist-separatist groupsemploy information terrorism will depend upon the environment in whichthey are operating. In environments relatively rich in IT, such as Spain,Great Britain and Ireland, increasing routinization of information terrorismcan be expected. However, in contexts where there is a relative lack ofassociation between government control and computers and a relativelyreduced dependence on critical information technologies, the use of thesetactics will remain a relatively low priority.

Religious extremists

Religious extremist groups seek to maintain or create a religious social andpolitical order. Under this heading are included groups representingestablished religious doctrines as well as groups representing non-traditional religious groups. Traditional groups include Islamic, Jewish,Christian and Sikh extremists, while non-traditional religious groupsinclude Aum Shinrikyo, responsible for the 1995 sarin attack in the subwaysof Tokyo, Japan.

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


The activities of religious extremist groups have been associated withattacks resulting in some of the largest numbers of casualties. In contrast tonationalist-separatist terrorists, who are attempting to influencecontemporary society, religious fundamentalist groups are threatened bysecular modernism and seek to defend their faith by attacking those groupsor nations which they see as threats. Their primary audience is God; thusthey are not nearly so constrained by societal counterproductive effects ofmass violence.35 Like Hoffman, we believe religious extremist terrorismprobably accounts for many of the 40 per cent of terrorist acts for which noresponsibility is claimed.36 For the religious extremist groups, revenge anddestabilization are important goals. Major attacks upon a modern nation'scritical infrastructure could be seen as facilitating these goals.

On the other hand, given the hostility of these groups to secularmodernizing economies, would this provide a disincentive to these groups toemploy the tools of high technology? This seems not to be the case. RamziYousef, trained as an electrical engineer and recently sentenced to lifeimprisonment for his role in the World Trade Center bombing, had plannedwith sophisticated electronics to detonate bombs on 12 US airlinersdeparting from Asia for the United States. Furthermore, Yousef utilizedsophisticated encryption algorithms to protect the data on his computer frombeing deciphered by law enforcement in the event of being captured. Usinghis electronic sophistication to mount a major information system attack (e.g.disabling an air traffic control system, or knocking out a power grid) wouldcertainly seem to be consistent with his goals and abilities. Moreover, insofaras students of engineering like Yousef are drawn to the ranks of religiousfundamentalist groups, they will use the tools they know best.

Under the rubric of religious extremist groups, we also include non-traditional religious extremist groups such as Aum Shinrikyo. Thesegenerally closed cults are in a struggle for survival against a demonizedenemy that must be destroyed. While the majority of millennial apocalypticcults are waiting for an appropriate sign, some religious belligerents areseeking to force the end, and, in the case of Aum Shinrikyo, to precipitatethe final struggle.37 Charismatic leaders of closed cults, like Aum's ShokoAsahara, can become obsessed with power, seeing themselves in God-likeroles. Asahara's fascination with high technology led him to recruit nuclearphysicists, nuclear engineers, chemists and microbiologists, simultaneouslyexploring nuclear, biological and chemical weapons. In the information richJapanese culture, employing sophisticated computer scientists to strike amortal blow at the infrastructure of society, which he felt had betrayed himby not electing him to the Diet, is assuredly plausible, and by no means astep beyond the extreme steps he had already taken. Given his obsessionwith financial wealth, it would be surprising if Asahara were not exploring

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


electronic financial fraud or manipulation. In another example, while themillennial Heaven's Gate cult was not a terrorist group - indeed, itcommitted suicide as a group - it should be recalled that the membersearned their living by creating websites, so membership in a closed religiouscult is not incompatible with electronic sophistication.

Right-wing groups

Right-wing terrorist groups seek to preserve the dominance of a threatenedethnic majority or to return society to an idealized 'golden age' in whichethnic relations more clearly favoured the dominant majority. These groupsgenerally espouse fascist ideologies, including racist or anti-Semitic beliefs,as well as hatred for the 'corrupt' government contributing to the decline ofthe majority's dominance.

Many right-wing anti-government groups would have a naturalinclination to destroy the government's electronic infrastructure as anattack, from their point of view, on a source of intrusive, centralized controlover their right to liberty. The central event in the Turner Diaries, a novelpopular in the racist right describing a cataclysmic race war, is the attack onthe computer centre at FBI Headquarters in Washington, DC, with afertilizer bomb designed to destroy the government's ability to monitor theorganization's activities.38 This was an act, according to the broaderdefinition provided earlier, of information terrorism. Timothy McVeigh,convicted of the bombing of the Alfred P. Murah Federal Building inOklahoma City with a fertilizer truck bomb on 19 April 1995, wascaptivated by the Turner Diaries and sold it below cost at gun shows.Highlighted pages of the book enclosed in plastic were found in his car athis arrest. The central theme of the book is also central to the beliefs of theextremist right wing, that the federal government is illegitimate and out todeprive the citizens of their basic liberties, particularly the right to beararms. To attack the government therefore becomes a laudable act. The 19April date was selected to commemorate the fiery end of the siege of thecompound of the Branch Davidians in Waco, Texas, viewed by the rightwing as confirmation of the evil intentions of the US Government and itsabuse of the rights of US citizens.

While right-wing groups at this time are not making major use ofelectronics as a weapon, they have perhaps the most extensive Internetpresence of any extremist group type. The US militia movement, forexample, has abundant websites providing the group's spin on news andcurrent events, selling survivalist gear, and providing information onharassing local officials and avoiding the tax collector. Neo-Nazi groups usethe Web to propagate hate material in places where such material is banned,as censoring the Internet is a virtual impossibility.

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


Like the social revolutionary groups from the 1960s and 1970s, attacksagainst government information facilities such as FBI finger print archives,state property registration records or IRS tax facilities would be a naturalextension of their anti-government objectives. In the United States, theapparent representation of militia members within state and nationalmilitary organizations provides an opportunity for group insiders to launchmore damaging attacks against such facilities utilizing physical, as well asdigital, means.

As traditional terrorist groups across the spectrum of terrorism are absorbinginformation technology into their operations and tactics, some individuals andgroups affiliated with the computer underground, steeped in the 'informationculture' and motivated by issues specific to this arena will also be the source offuture information terrorism events. The next section discusses possiblecharacteristics and motives of these potential practitioners of informationterrorism.

Information Terrorists from the Information Culture: deus exmachina

This section concentrates on the 'pure' information terrorists, individualsand groups spawned by the information revolution whose activities areconfined to cyberspace. Immersed in the information culture, they havegained a sense of mastery and control, indeed a sense of God-like power,from that remarkable electronic machine, the computer - literally a case ofdeus ex machina. Consistent with their immersion within the informationculture, these individuals and groups confine their attacks to digital-digitalaggression. Some individuals from the information culture can be expectedto affiliate with conventional terror groups and criminal organizations.39

However, we expect the group which confines itself to pure cyber-terrorismto display unique psychological characteristics.

Within the population of malicious hackers, some could well cross thethreshold from pranks to terrorism, for the psychology of a particular subsetof intensely anti-establishment hackers resembles that of anti-establishmentterrorists, especially the social-revolutionary and right-wing terrorists.

The at-risk hacker subgroup: psychology and motivation™

Recent studies of hackers indicate that they come frequently fromdysfunctional families and have experienced significant personal and socialfrustrations.41 Reporting on his anonymous self-report survey of hackers,Chantler notes:

A high proportion of hackers are from unhappy backgrounds that can

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


be traced to dysfunctional families. Their home environment,particularly with a dislike for a single-parent's partner and a lack ofcommonality, may be the catalyst in causing them to adopt an attitudeof arrogance and contempt for 'the system.'42

Often hackers feel that this treatment is a direct result of special qualitieswhich are never understood and appreciated by peers, parents and teachers.

In 'Conscience of the Hacker', Loyd Blakenship (who identifies himselfon-line as The Mentor) expresses anger that his talents are unappreciated.According to The Mentor, 'We've been dominated by sadists, or ignored bythe apathetic'.43

Alienated from traditional social and career channels, a subgroup ofhackers often find themselves more comfortable with on-line relationshipswith similar individuals. Once on-line, their anger, need for recognition, anda sense of power and control are often vividly exhibited, as exemplified inthe following passage by The Mentor, in which the political tilt is notable:

This is our world now ... the world of the electron and the switch andthe beauty of the baud ... We make use of a service already existingwithout paying for what could be dirt-cheap if it wasn't run byprofiteering gluttons, and you call us criminals. We explore ... andyou call us criminals. We seek after knowledge ... and you call uscriminals. You build atomic bombs, you wage wars, you murder, cheatand lie to us and make us believe it is for our good, yet we're thecriminals.

The expressed anger at authority figures who control his access to and useof information systems is particularly striking. This finding is consistentwith survey research on hacker's hostile attitudes toward authority.44

These individuals share a history of social failures and ostracism andthey admit that the computer replaces direct interpersonal relationships.They are significantly more likely to be independent, self-motivated,aggressive loners who make poor team players. They tend to exhibit anunusual need to show initiative in cyberspace to compensate for underlyingfeelings of inadequacy in the real world.45

The Mentor's comments are also representative of another commonhacker characteristic, what we have designated 'ethical flexibility'. Theirethical values tend to emphasize freedom of access to information at thecost of privacy or proprietary rights to systems or data. For some, thisemphasis on the right to freedom of access to information assumes anideological fervour - the 'digital libertarians'.

A subset of hackers appears to have suffered significant personal andsocial frustrations. Their lack of conventional social skills and adaptation

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


frequently leads them to retreat resentfully to the on-line world.46 Here theirunderlying feelings of inadequacy, need for attention and a sense of greatercontrol and power over their lives become evident in their communicationsand activities. Their high levels of anger at authority, which becomestargeted at individuals and groups associated with perceived efforts tocontrol or limit their access to information resources, are readily apparent.They are fiercely independent and feel they are a law unto themselves.These hackers also apply their own unique ethical systems to life on-line,especially to issues involving the privacy and proprietary nature ofinformation. Some hackers experience the power of their mastery of thecomputer as compensation for the powerlessness in their lives. Terrorism isthe tool of the powerless, and wed to an ideology these feelings couldexpress themselves in information terrorism.

From alienation to action

Although the possession of these characteristics may increase the risk ofdestructive acts, it does not necessarily propel an individual intoinformation terrorism. The final leap into information terrorism, as in thecase of conventional terrorist recruitment, will require a perceived personalprovocation and a sense of affiliation with like-minded individuals whoeither directly or indirectly encourage such acts:

• Perceived blows to the would-be information terrorist's self-esteemcould encourage acts of aggression to restore a sense of power. Forexample, an article in a major newspaper perceived as humiliatingengendered a retaliatory strike against the reporter's e-mail system bythe Internet Liberation Front, which had been portrayed in anunflattering manner.47 Such revenge attacks are not uncommon in thecomputer underground.

• Intergroup rivalry can spawn an escalation in attacks to demonstratesuperiority, as exemplified by the spiralling rivalry between The Legionof Doom and The Masters of Deception in the early 1990s.48

• Perceived abuses by symbols of authority - especially by government,telephone companies or major corporations - can provoke the anti-authoritarian individual or group to strike. Examples include web pagehacks of government agencies in response to the passage of the USTelecommunications Decency Act. Furthermore, some governmentagencies such as the CIA and DOD are characteristically perceived ascontrolling and exerting undue power, and so are continually the objectsof attacks by such groups as The Masters of Downloading and TheEnforcers. Direct attacks against fellow hackers by authorities have also

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


engendered retaliatory strikes, the most prominent case being hacks insupport of imprisoned hacker Kevin Mitnick, such as the September1998 takedown of the New York Times website by Hackers for Girlies toprotest New York Times reporter John Markoff's alleged complicity insensationalizing the Mitnick case for his own personal gain.49

• Events that do not directly affect them but easily play into their anti-authoritarian world view can serve as precipitants.

A striking example of a hacker group perpetrating information terrorismis the group MilwOrm, which has engaged in an electronic harassmentcampaign against Indian nuclear research facilities to protest that country'srecent nuclear tests. According to MSNBC, in addition to defacing India'sprimary nuclear research facility's home page with anti-nuclear graffiti, thegroup allegedly purloined five megabytes of data from the facility andcompletely erased data on two of six servers there.50 As a consequence,according to a statement made by the hackers, facilities in India andPakistan have been taken off the Internet to prevent further attacks. Shortlythereafter, MilwOrm broke into a server hosting 300 domains and replacedall 300 home pages with the group's anti-nuclear tract, forcing awareness ofMilwOrm's agenda upon that server's unsuspecting users." Excerpts fromtheir tract follow:

We will always get more information, we have found that after wemade threats to own more etc. India and Pakistan took machineswhich we targeted OFF the Internet. That shows fear, they are scaredof what we can and will do. The milwOrm Trojan will continue toattack them, not just over the next few weeks, but over the next fewmonths. This isn't just a small-time attack which will see milwOrmcome and go. This is an attack which will see us own more of thesame. We do not like all of this nuclear testing shit and in 1998 itshouldn't even be entering the minds of countries who should wantpeace, not destruction ... [S]o we PROTEST, we stand up to you, weare not scared of letting you know the TRUTH, something that youhave been scared of giving us all these years, so we take our owntruth, we take the evidence we need, and we make sure the peopleknow the truth ... [W]e have power over you .. ."

The nature of the on-line environment simplifies what is quite perilous inthe real world - making contact with others who feel badly treated by thesystem and wish to take revenge against it. Revenge is just a few keystrokesaway. This stands in stark contrast to the paranoid world of the terrorist, inwhich physical security concerns are paramount, and serve as a barrier tocontact, association and full membership. Indeed, in the world of the cyber

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


terrorist, one can belong to a group in which the members have never metface to face, whose only contact is electronic. Previous studies of terroristpsychology have emphasized the importance of group dynamics.53 But thenature of the groups formed on the Internet have very specialcharacteristics. We designate the special form of group relationshipestablished on-line virtual group dynamics. These potential terrorists arefundamentally different from individuals affiliated with traditional terroristgroups - indeed, we are talking here about virtual groups that coalesce inthe digital ether and are confined to action within cyberspace. This providesa powerful medium for the development of communities of belief, generallycentering on themes of anarchism, anti-government sentiments, and theneed to keep information free. Among these groups, cohesion tends to beminimal and temporary as groups coalesce, disband and reform intodifferent groups as causes become popular and tap into the psyche of thecomputer literati.

Emerging research on computer-mediated communications indicatesthat the on-line communications format has an important impact on groupdynamics,54 with implications for group emergence, group decision-makingand group security. As Arquilla and Ronfeldt have pointed out, substateprotagonists, including both traditional and digital terrorist groups, arerelying increasingly upon networked forms of organization.55 This makes itextremely likely that communications among members of an informationterrorist group or organization, especially those from the informationculture, will take place on-line, displacing traditional face-to-facerelationships. This has disturbing implications for their decision-making,dangerousness and the security threat they pose, as these groups fall underthe influence of virtual group dynamics, the translation of traditional groupdynamics into the digital world of cyberspace. Virtual group dynamics willaffect all networked organizations which are linked only by computer-mediated communications, though the effects will be particularly strongwithin groups whose members only meet in cyberspace, in contrast tonetworked groups whose external communications are electronic whileinternal communications are still face-to-face.

Group emergence

For many extremists with a paranoid orientation, the on-line worldconstitutes their only safe, interpersonal haven. Their ability to come and goas they please, terminate contact at will and avoid direct physical contactmakes the on-line world quite attractive. The popularity of Internet 'hatesites' suggests that these forums also supply a vehicle for the safeexpression of anti-social sentiments dominated by anger and frustration.These individuals can develop a sense of community with others through

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


the net, and may be moved to action from ideas shared on-line withoutbelonging to a formal organization per se. This represents what we havedesignated the 'community of belief'.56 In the right-wing in particular, lonewolves, inspired by the extremist rhetoric found on hate sites and otherright-wing related home pages on the Internet, may be influenced by aparticular ideology without ever formally joining a group or organization.

From a group process perspective, computer-mediated communicationshave often been characterized as more emotional. The same anonymity,physical separation, independence and ability to terminate communicationsand to role-play that attract individuals" appear to provoke more emotional,spontaneous, 'flaming' (enraged) communications.58 These findings areconsistent with reports from computer crime investigators and systemadministrators we have interviewed who have found very differentpersonality presentations by hackers in person in contrast to their on-linepersonae. The mild-mannered hacker who rarely socializes or confronts orcontacts others when unhappy can be transformed into an arrogant, cocky,outspoken critic on-line. This can produce a group dynamic - a virtualgroup dynamic - characterized by high conflict, low coherence, reducedstability and strong resistance to forms of hierarchical leadership andcontrol. Such groups are more prone to factionalism or splitting, acharacteristic associated with the emergence of more radical, moreviolence-prone subgroups. The history of malicious hacker (often calledcracker) groups, such as The Legion of Doom and The Masters ofDeception, tend to support this finding.

Group decision-making

The same factors may influence group decision-making and the potentialdangerousness of group activity. In addition to reduced coherence andstability, the competitiveness of members is likely to contribute to periodsof intense escalation. As in hacker and cracker groups, for example, statusmay be based upon technical prowess as demonstrated by the mostaudacious hack or crack. Similarly, in a pure information terrorist group,group status may be derived from the most technically sophisticated anddisruptive attacks. This suggests that these groups will be characterized byregular leadership struggles based on competition between individuals orfactions to produce the most disruptive events. Thus competition andescalation within the group can lead to a split, followed by competitionbetween the new groups, with consequent escalation. The appearance of asudden rash of information terrorism may be associated with intra- and/orinter-group competition for status and dominance.

Group security

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


Virtual group dynamics have both positive and negative consequences forgroup security and counter-terrorism efforts. The on-line format can hideeffectively the number of group members. It may be impossible to know, asa group member or a security professional, whether you are dealing with anindividual, a co-located group or a virtual group. Recall the initial efforts ofthe UNAbomberto present himself as an anti-technology group. Dependingon member skills, this more anonymous, physically distant, less cohesivegroup will tend to be more difficult to track down. The combined use ofdigital telephone and Internet technology could make such groups virtuallyuntraceable. As in terrorist operations, subgroups may 'assemble' only forspecific operations and then disappear. On the other hand, thecompetitiveness and diminished bonds of loyalty between members mayalso make them more vulnerable to betraying fellow conspirators.

The group's virtual nature can also make it easy for a skilful leader toobscure his real motivation and manipulate members. Cases have beenreported where older individuals manipulate young hackers - oftentargeting only the under aged who cannot be prosecuted as adults - withmoney, drugs or sometimes just the challenge. The phenomenon of the oldercriminal with his cadre of juveniles has been called the Fagin syndrome,after Charles Dickens' villain in Oliver Twist who trained children to bethieves. What may be presented as financial incentives or as an intellectualchallenge may be conducted for purposes of terrorism. This ability toconceal the group's aims can confer an additional layer of security byleaving members blind to the actual purpose of their activities.

Outlook: The Growing Threat from Information Terrorism

What is avant garde now will become mainstream in the next five to tenyears as youth who have been socialized on computers join the ranks ofterrorist groups. As computer sophisticated youth move into the ranks ofconventional terrorist groups, there is every reason to believe their relianceon computer technology will become increasingly routinized, andinformation terrorist tactics will become incorporated into hybrid tacticalrepertoires. The rapidity with which information technology is integratedwill depend primarily on the group's sociopolitical context and the degreeto which utilizing information technology facilitates the group's cause.Information terrorism is particularly likely to emerge among anti-establishment groups who perceive technological resources to be a sourceof vulnerability to their opponent or to be important to their opponent'sefforts against them.

Possible exceptions to the gradual nature of this evolutionary processmay involve revenge and contagion. These processes have the capacity to

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


escalate the use of information terrorism dramatically. Should conventionalterrorist organizations perceive that they are under attack by informationtechnologies, they probably would be motivated to demonstrate their abilityto respond in kind. Such a desire may lead to previously unplanned foraysrather than the slow evolution of these methods into the terrorist arsenal.Tactical and technical contagion is another factor in the evolution ofterrorist tactics. From hostage-taking to hijacking to car bombs, newmethods have quickly been absorbed and copied among terrorist groups.59 Amove to information terrorism by one group can be expected to be followedquickly by others. Combined, these processes theoretically could lead torapid adoption of information terrorism tactics among traditional groups.The information context in which the group is operating will influencematerially the degree to which the group turns to information terrorism. It isparticularly likely to emerge as a tactic among anti-establishment groupswho perceive IT resources to be a source of their opponent's vulnerability,or to be important to their opponent's efforts against them.

While most anti-establishment acts by hackers more properly should becategorized as hacktivism and do not warrant being categorized asinformation terrorism, within the hacker culture there is a subset ofalienated individuals who find compensation for their sense ofpowerlessness in their mastery of the computer and who are activelypursuing their anti-authority agenda with the digital weapons of their trade.The anti-establishment motivation of the digital libertarian has manyelements in common with the psychology of the social revolutionaryterrorist.

Finally, in contrast to the powerful group dynamics of the traditionalunderground terrorist group, terrorist groups relying on networkedorganizational structures and computer-mediated communications,especially those from the information culture who may only be in contactelectronically, are subject to virtual group dynamics, which significantlyaffects their decision-making and risk-taking, and has dangerous securityimplications.

At this point it is appropriate to ask why, if the tools and tactics ofinformation terrorism are as readily available and relatively simple toimplement as suggested by the report of the PCCIP, has a major informationterrorism event, such as a takedown of the power grid, the scrambling of airtraffic control systems to crash a plane, or the disabling of the telephonesystem, not yet taken place? For indeed, sufficient scenarios have been spunby defence planners and information warfare specialists concerned withinformation terrorism to give the uninspired terrorist a host of creative ideasto make dramatic statements from the safety of digital obscurity.

It must be noted that this appears less a question of whether and more a

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


question of scale, for, as noted above, there already have been attacks byboth traditional and information culture groups that have targetedinformation systems and networks. There may be, however, several reasonswhy neither conventional terrorists nor nascent information cultureterrorists have yet to perpetrate a major information terrorist attack that hasintentionally threatened lives or the integrity of the critical infrastructure.

First, targeting critical infrastructure or causing casualties usinginformation-based attacks may not be as simple as many informationterrorism scenarios imply. Secondly, for the majority of traditional terroristgroups at least, conventional means such as bombings and hostage-takingare still the most effective means in achieving their goals, particularly inregions with low dependence on IT. Thirdly, as some have argued, terroristsmay be disinclined to threaten the information infrastructure upon whichthey themselves rely for communications and logistical support. Fourthly,information culture groups have shown preference for a very narrow rangeof targets inspired by ideological opposition to the use of the Internet bygovernment or corporate interests. This is consistent with the targetselection patterns of social revolutionary groups (high selectivity, lowcasualties), with which information culture groups share considerablepsychological overlap.

However, all of the above inhibiting factors are likely to change overtime. As information systems increasingly form the underpinnings ofmodern society, terrorist attacks using tools of the information revolutionand targeting information systems will become more prevalent.

NOTES

1. J. Glave, 'Have Crackers Found Military's Achilles' Heel?', Wired, 21 April 1998,http://www.wired.com/news/print/0,1294,11811,00.html.

2. B. Meeks and M. Moran, 'India's Nuclear Servers Hacked, Compromised', MSNBC, 5 June1998, http://www.msnbc.com/news/170944.asp.

3. 'US reports first cyber-terrorist act', The Straits Times Interactive, 6 May 1988, http://www.asial.com/straitstimes/pages/stcyb7.html.

4. 'CD Universe hack: Hacker steals credit card information from online retailer', Fox MarketWire, 10 January 2000, http://www.foxmarketwire.com/wires/0110/f_ap_0110_10.sml.

5. J. Sandberg, T. Hayden, G. Vistica and D. Lorch, 'Hunting the Hackers', Newsweek, 21February 2000, pp.38-44.

6. See e.g. 'Week in review, Feb. 7-11, 2000: "Hackers" commit "cyberterrorism"', USA-TODAY, http://www.usatoday.com/life/cyber/tech/ctweek021100.htm.

7. B. Collin, Convergence of the Physical and Virtual Worlds (San Jose, CA: Institute forSecurity and Intelligence 1997).

8. M. Devost, B. Houghton and N. Pollard, 'Information Terrorism: Political Violence in theInformation Age', Terrorism and Political Violence 9/1 (Spring 1997) pp.72-83.

9. F. Cilluffo and C. Gergely, 'Information Warfare and Strategic Terrorism', Terrorism andPolitical Violence 9/1 (Spring 1997) pp.84-94.

10. M. Brown, 'The Revolution in Military Affairs: The Information Dimension', in A.Campden, D. Dearth and R. Goodde (eds.), Cyberwar: Security, Strategy and Conflict in the

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


Information Age (Fairfax, VA: AFCEA International Press 1996) pp.31-52. See also N.Davis, 'An Information-based Revolution in Military Affairs', in J. Arquilla and D. Ronfeldt(eds.), In Athena's Camp: Preparing for Conflict in the Information Age (Santa Monica, CA:RAND 1997) pp.79-98.

11. Brown (note 10) p.43.12. D. Ronfeldt, 'Netwar Across the Spectrum on Conflict: An Introductory Comment', Studies

in Conflict & Terrorism 3/22 (July-Sept. 1999) pp.189-92.13. J. Arquilla and D. Ronfeldt, 'The Advent of Netwar: Analytical Background', Studies in

Conflict & Terrorism 22/3 (July-Sept. 1999) p. 195.14. Ibid., p. 196.15. J. Arquilla and D. Ronfeldt, The Advent of Netwar (Santa Monica, CA: RAND 1996) p.5.16. Collin (note 7).17. A. Schmid and A. Yongman, Political Terrorism: A New Guide to Actors, Authors, Concepts,

Concepts, Data Bases, Theories, and Literature (Amsterdam: Transactions Books 1988).18. While property as target is frequently left out of definitions of terrorism (e.g. it does not

appear in the definition of terrorism found in Title 22 of the United States Code, section2656f(d)), attacks on property have been a consistent feature of terrorism through the years.For example, the Weather Underground set off bombs in banks and other symbolic targets atnight specifically to avoid taking human life. They were committing violence againstproperty in order to call attention to their cause. Indeed, Sprinzak reports that the opening actin the Weathermen's terror campaign against the war in Vietnam was a bombing of a policemonument followed by the announcement of 'national action': E. Sprinzak, 'ThePsychopolitical Formation of Extreme Left Terrorism: The Case of the Weathermen', in W.Reich (ed.), Origins of Terrorism: Psychologies, Ideologies, Theologies, and States of Mind(New York: University of Cambridge Press 1990) p.65. Property is included in thedefinitions of terrorism used by the US Department of Defense and Federal Bureau ofInvestigation.

19. Devost, Houghton and Pollard (note 8) p.75.20. Ibid., p.78.21. Referring to recent politically motivated hacker exploits, such as the virtual sit-in organized

by New York-based Electronic Disturbance Theater that co-ordinated like-minded hactivistsin an attempted denial of service attack against the Department of Defense, Michael Vatis,chief of the National Infrastructure Protection Agency at the Federal Bureau of Investigation,commented: 'What this demonstrates is the capacity of groups with political causes to hackinto systems ... I wouldn't characterize vandalizing Web sites as cyberterrorism, but the onlyresponsible assumption we can make is that there's more going on that we don't knowabout.' A. Harmon, '"Hactivists" of all Persuasions Take their Struggle to the Web', NewYork Times, 31 Oct. 1998, pp.A1, A5.

22. D. Denning, 'Activism, Hactivism, and Cyberterrorism: The Internet as a Tool forInfluencing Foreign Policy'. Paper presented at The Internet and International Systems:Information Technology and American Foreign Policy, World Affairs Council, SanFrancisco, 19 Dec. 1999.

23. Arquilla and Ronfeldt (note 15) p.69.24. Cilluffo and Gergely (note 9) p.86.25. F. Bruno cited in F. Feracutti, 'Ideology and Repentance: Terrorism in Italy', in W. Reich

(ed.), Origins of Terrorism: Psychologies, Ideologies, Theologies, and States of Mind (NewYork: University of Cambridge Press 1990) p.61.

26. W. Pincus, 'CIA Turns to Boutique Operations, Covert Action Against Terrorism, Drugs,Arms', Washington Post, 14 Sept. 1997, p.A6.

27. For a survey of European social revolutionary groups, see Y. Alexander and D. Pluchinsky(eds.), Europe's Red Terrorists: The Fighting Communist Organizations (Portland, OR:Frank Cass 1993).

28. D. Campbell, 'Computer Sites: Targets for Destruction', Security Management (July 1988)p.52.

29. A. Rozen and J. Musacchio, 'Computer Sites: Assessing the Threat', Security Management(July 1988) pp.41-51.

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


30. Campbell (note 28); T. Whiteside, Computer Capers: Tales of Electronic Thievery,Embezzlement, and Fraud (New York: Thomas Y. Crowell 1978).

31. H. Jäger, G. Schmidtchen and L. Süllwold (eds.), Analysen zum Terrorismus 2:Lebenslaufanalysen (Opladen: Westdeutscher Verlag 1981), summarized in J. Post, 'Noteson the Psychodynamic Theory of Terrorist Behavior', Terrorism 7/3 ([month] 1984)pp.241-56.

32. For communiques issued during the embassy seizure, see Tupac Amaru's website hosted atthe University of California San Diego, http://burn.ucsd.edu/~ats/mrta.htm.

33. 'US reports first cyber-terrorist act', The Strait Times, 5 June 1998, http://www.asial.com/straitstimes/ pages/stcyb7.html.

34. Pincus (note 26).35. According to Hoffman, 'For the religious terrorist, violence is a sacramental act or divine

duty, executed in direct response to some theological demand or imperative and justified byscripture. Religion functions therefore as a legitimizing force, specifically sanctioning wide-scale violence against an almost open-ended category of opponents (i.e., all peoples who arenot members of the religious terrorists' religion or cult).' B. Hoffman, 'Terrorism Trends andProspects', in I. Lesser, B. Hoffman, D. Ronfledt and M. Zanini, Countering the NewTerrorism (Santa Monica, CA: RAND 1999) p.20. See also J. Post, 'Prospects for NuclearTerrorism: Psychological Incentives and Constraints', in P. Leventhal and Yonah Alexander(eds.), Preventing Nuclear Terrorism (Lexington, MA: Lexington Books 1987).

36. B. Hoffman, 'Why Terrorists Don't Claim Credit - An Editorial Comment', Terrorism andPolitical Violence 9/1 (Spring 1997) pp. 1-6.

37. D. Kaplan and A. Marshall, The Cult at the End of the World (New York: Crown PublishersInc. 1996).

38. 'As carefully as we could, we calculated what we should have, at least 10,000 pounds ofTNT or an equivalent explosive to destroy a substantial portion of the building and wreck thenew computer center in the sub-basement. To be on the safe side, we asked for 20,000pounds. Instead, what we have is a little under 5,000 pounds, and nearly all of that isammonium nitrate fertilizer ...' A. MacDonald, The Turner Diaries (Hillsboro, WV:National Vanguard Books 1980) p.35.

39. I. Winkler, Corporate Espionage: What It Is, Why It Is Happening in Your Company, Whatyou Must Do About It (Rocklin, CA: Prima Publishing 1997), Ch.4, pp.37-88.

40. This understanding of hackers is informed by a two-year study of perpetrators if insidercomputer crime conducted by the authors and sponsored by the Department of Defense.Findings of the research are published in E. Shaw, J. Post and K. Ruby, 'Inside the Mind ofthe Insider', Security Management (Dec. 1999) pp.34-44.

41. For survey research on hackers, see N. Chantler, Risk: Profile of a Computer Hacker(Doctoral Thesis, Curtin School of Business, Curtin University of Technology 1995); Forcase studies on hackers and hacker groups, see S. Dreyfuss, Underground: Tales of Hacking,Madness and Obsession on the Electronic Frontier (Kew, Australia: Mandarin 1997); KatieHaffner and John Markoff, Cyberpunk (New York: HarperPerennial 1991); D. Freedman andC. Mann, @ Large: The Strange Case of the World's Biggest Internet Invasion (New York:Simon and Schuster 1997); J. Littman, The Watchman: The Twisted Life and Times of SerialHacker Kevin Poulson (New York: Little Brown 1997); B. Clough and P. Mungo,Approaching Zero: Data Crime and the Computer Underworld (Boston: Faber and Faber1992).

42. Chantler, ibid., p.395.43. L. Blakenship, 'Conscience of the Hacker' (1996) http://www.cat.pdx.edu/~alf/html/

manifesto.html.44. Chantler reports: that here is a way in which they can address their feelings through

"hacking"; to be able to gain "power and control"; to become the lone "freedom fighteragainst the establishment".' Chantler (note41) p.161.

45. M. Shotten, 'The Costs and Benefits of Computer Addiction', Behavior and InformationTechnology 19/3 (1991) pp.219-30.

46. Coldwell recorded the following statements made by computer science undergraduates inAustralia: 'I'm not much good with people, so computers seem to be a logical substitute.'

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13


Another, in describing his feelings about the technological power derived from working withcomputers, spoke o f '... getting my own back on the society that's screwed me up'. Coldwellhas called this attitude the 'Revenge Syndrome': R. Coldwell, 'Some Social Parameters ofComputer Crime', The Australian Computer Journal 22/2 1990 p.45.

47. The statement justifying the hack, as well as an interview with the Internet Liberation Front,can be found in N. Gilboa, 'Getting Gray with the Internet Liberation Front', Gray Area(1994-95) http://www.grayarea.com/ilf7.htm.

48. M. Slatalla and J. Quittner, Masters of Deception: The Gang that Ruled Cyberspace (NewYork: HarperPerennial 1995).

49. L. Walker, 'The Gray Lady, Exposed: Hackers Attack the New York Times Web Site',Washington Post, 14 Sept. 1998. pp.B1, B11.

50. Meeks and Moran (note 2).51. J. Glave, 'Anti-Nuke Cracker Strikes Again', Wired, 3 July 1998, http://www.wired.com/

news/news/technology/story/13446.html.52. The full text of MilwOrm's anti-nuclear proclamation is mirrored at http://www.antionline.

com/SpecialReports/masshack/archive.53. See e.g. J. Post, 'Hostilité, Conformité, Fraternité: The Group Dynamics of Terrorist

Behavior', International Journal of Group Psychotherapy 36/2 (April 1986) pp.211-24.54. See e.g. C. Werry, 'Functional Comparisons of Fact-to-Face and computer-mediated decision

making', in S. Herring (ed.), Computer-Mediated Communication (Philadelphia, PA: JohnBenjamins Publishing Co. 1996); and G. Columb and J. Simutis, 'Group Dynamics in an E-mail Forum', in S. Herring (ed.), ibid.

55. Arquilla and Ronfeldt (notes 12-15).56. Milton Kleim, self-proclaimed 'Net Nazi Number 1' before renouncing his Nazi views,

wrote the following on the power of the Internet: 'All my comrades and I, none of whom Ihave ever met face-to-face, share a unique camaraderie, feeling as though we have beenfriends for a long time ... This feeling of comradeship is irrespective of national identity orstate borders.' Cited in M. Whine, 'Cyberspace - A New Medium for Communication,Command and Control by Extremists', Studies in Conflict and Terrorism 22/3 (July-Sept.1999), p.234. See also the discussion of right-wing and religious extremist communities ofbelief in J. Post, 'Psychological and Motivational factors in Terrorist Decision Making:Implications for CBW Terrorism', in J. Tucker (ed.), Toxic Terror (Cambridge, MA: MITPress 2000) pp.28-7.

57. S. Turkle, Life on the Screen: Identity in the Age of the Internet (New York: Touchstone1995).

58. P. Thompsen, 'What's Fueling the Flames in Cyberspace? A Social Influence Model', in L.Strate, R. Jacobson and S. Gibson (eds.), Communication and Cyberspace (Cresskill, NJ:Hampton Press, Inc. 1996) pp.275-96.

59. G. Wardlaw, Political Terrorism: Theory, Tactics, and Counter-measures, 2nd ed. (NewYork: Cambridge University Press 1989) pp.77-8.

Dow

nloa

ded

by [

Syra

cuse

Uni

vers

ity L

ibra

ry]

at 1

0:08

27

Apr

il 20

13

Date post:	09-Dec-2016
Category:	Documents
Upload:	eric-d
View:	215 times
Download:	0 times

From car bombs to logic bombs: The growing threat from information terrorism

Documents