The advent of the information age resulted in the creation of a new domain of war. It is a new way to wage war where Nations won’t have to encounter with thousands of ground casualties or the necessity to develop costly winning strategies. Instead, States will suffer unconventional attacks carried out with even more unconventional weapons. The ability to connect people, countries, multinational companies from all over the world is one of the most relevant revolutions of human history. Nevertheless, the last decade has also shown the network’s dark side, acting as a refuge and platform for the development of hostile acts against its own creators.
Although the terms “cyberwar” and “cyberterrorism” have been widely used in official governmental reports, a clear and worldwide shared definition is still missing. Nowadays, the web is playing a very important role, although demonstrating its pros and cons. Time and space have been deeply modified; social networks have nullified the distance among people enabling masses’ mobilization. As communication tools and war strategies have evolved throughout the years so did the menaces.
Terrorism began to threat global stability around the ’60s with the creation of national and international terrorist groups. Only after the Revolution of Iran (1979), religious international terrorism has demonstrated to be the most challenging, threatening and asymmetric security menace of all times. The network’s evolution and its strong, intrusive presence in everyday life makes the entire International community susceptible to cyber-terrorist attacks.
Cyberterrorism represents a severe threat to the economy and to Nations’ security, especially at a time when fundamentalist groups are growing fast and are spreading around the globe even faster, and where something as harmless as thenetwork is playing a vital role. Among Internet users, terrorists silently rooted to distribute their propaganda and spread fear. The web turned out to be the perfect arena for terrorist groups as it offered easy access, little or no regulation, anonymity, quickly, effective and economic tools of communication between individuals worldwide. Most of the terrorist organizations have websites where they promote their ideology, sell products, encourage people to obey and practice their interpretation of religion, and explain how to construct and use weapons against the infidels. Exploiting the Internet was a major challenge and an immense success for terrorist groups who previously relied on the exclusive “cream-skimming” by the media to publicise their actions.
During the last months cyberterrorism has provoked serious alarm among experts, who believe that a major terrorist attack to governments or private systems, against military and financial infrastructures could cause permanent damage to the economy and to nations’ security apparatus. Islamic terrorist groups have demonstrated, throughout the years, the ability to efficiently combine secular guerrilla warfare tactics and exploit advanced technologies to maximise their goals.
The war on Terrorism has always been subject to considerable criticism, from academics, philosophers to certain political parties, as it is not clear against whom the Western world is fighting and for how long. Islamic fundamentalist terrorism is a global network that uses asymmetric warfare to create chaos, spread terror and a sense of vulnerability. Over the past few years, it has been witnessed how the number of terrorist websites has drastically increased and that they are mainly used as tools to create speeches, graphics or blogs. Jihadist leaders use the net to incite violence against the West and the infidels, aiming directly at individuals’ minds.
Recently the International community has seen how mujahideen, Muslim guerrilla radical Islamists, have developed an online warfare known as electronic jihad, where Muslims are encouraged to engage in an ideological war against theWest. So far, the International community has not experienced any relevant terrorist attack through the fifth domain but, a relatively new terrorist group, the so called ISIS, seems to be very attracted to the web’s potential in terms of inflicting massive damage, to carry out militants recruitment and spread a strong psychological message among the population worldwide. The simple fact that most of the critical infrastructures within Western societies is linked and relies on Internet technology, transforms the web potential benefits into the Achilles heel of modern society.
Until last year ISIS’ resounding successes, the International Community ignored the extremely dangerous nature of the Islamic State, underestimating the terrorist threats to bring war inside everyone’s home. That rather small terrorist group now controls vast areas of Syria, Iraq and is approaching the Mediterranean Coasts. ISIS belongs to the hard-line orientation of the Jihadi-Salafism school, based on an extremist reading of Islamic scriptures.
Differently from secular terrorist groups, who relied on conventional arms and bomb attacks against specific targets, this relatively new Islamic fundamentalist organization shows strong adaptation skills to the 21st century technology. Social media networks, such as Facebook, Twitter, Instagram or Youtube have played a major role in the recruitment process, counting around thirty-to-forty thousand foreign fighters from all over the world.
The use of Internet from terrorist groups should not come as a surprise to the Western world. Al Qaeda before ISIS used the net to circulate propaganda and gain support worldwide. Some experts believe that ISIS still does not hold the appropriate means to launch massive cyber terrorist attacks against Europe, however there is some discrepancy between beliefs and action. The Islamic State’s cyber activity is carried out with the help of Abu Hussain Al Britani, a British hacker from Birmingham, who after being released from the UK police travelled to Syria to join the Jihadist group. Al Britani, a former hacker responsible for the creation of thecyber-warriors’ group “Team Poison”, was jailed in 2012 for hacking into the Ex Prime Minister Tony Blair’s Gmail account and posting private details online. Among jihadist targets there have been the Pentagon, U.S State Department website and Israeli websites as a response to the Gaza conflict against Hamas. The Osama Bin Laden call to electronic arms has been clearly answered. The importance of digital warfare was then stressed by another leader within the Al Qaeda group, Abu Hamza Al-Muhajir who believed that future wars will be fought within the cyber domain and called for talented hackers to join the Holy War against the West.
While France and the Western were still psychologically shaken from the Charlie Hebdo terrorist attacks, cyber cells at ISIS dependence turned out to have the capacity to break, into Albuquerque Journal twitter account or in the Malaysia Airways homepage displaying the following message: “Error 404 – Airplane not found. ISIS will win”. Earlier this year, ISIS CyberCaliphate hacked the U.S Central Command social medias, stealing sensitive data of dozens of U.S. military officials. The message ISIS left was loud and clear:
“American Soldiers, we are coming, watch your back. ISIS”, it followed “In the name of Allah, the Most Gracious, the Most Merciful, the CyberCaliphate under the auspices of ISIS continues its Cyberjihad. While the US and its satellites kill our brothers in Syria, Iraq and Afghanistan we broke into your networks and personal devices and know everything about you. You’ll see no mercy infidels. ISIS is already here, we are in your PCs, in each military base. With Allah’s permission we are in CENTCOM now. We won’t stop! We know everything about you, your wives and children. U.S soldiers! We’re watching you! Here’s a part of confidential data from your mobile devices: There is no God but Allah and Muhammad is his Prophet! There is no law but Sharia!”
The Command quickly clarified how, ISIS didn’t compromise any military operation and could not get access to classified information. The incident was defined as a pure case of cyber vandalism. The West is mostly weakened by using different approaches to this matter: experts, the army and the governments lack of an efficient, cohesive and viable response against terrorism.
About ISIS and its capacities in terms of cyber power, much is unknown. It is unclear what means and what extension has the ISIS hacker capacity; what is known for certain is that the battle with fundamentalist militants has physically reached western soil and soon it will include also the cyber dimension. James Lewis, a cyber-security expert at the Center for Strategic and International Studies observed how “[…] the episode doesn’t underline so much the abilities of the attackers as much as the absence of a prompt response from the victim”, which is a far greater cause for concern. Until now, Lewis explains how terrorist groups have been more interested to the social and political effects of their online propaganda than to destroy critical infrastructures. However, things might evolve rapidly if the western world won’t be able to respond in an effective and flexible manner.
A new Islamic organization is on the rise; many Caliphate affiliates are young individuals born and grown up in the West, whose knowledge of the network is more sophisticated than anyone could expect. Militants have a deep knowledge of how social medias affect people’s life and, intrude into CentCom twitter account was a media victory. If ISIS has a cyber team, it can be easily described as an army and not as a simple jihadist group.
It is in this spectrum of indecision, among experts, that ISIS is getting stronger and more unpredictable. The perception of terrorism, as the International Community meant it for the past decades, has evolved at such a fast pace, especially within the last two years, that the Western world is struggling to keep up. Countriesare “ill equipped” to counter major cyber threats which could cause injury and possible deaths. Europol’s assessment threat, published late last year, reported that “the Internet of Everything (IoE) is inevitable. We must expect a rapidly growing number of devices to be rendered “smart” and hence to become interconnected. Unfortunately, we feel that it is equally inevitable that many of these devices will leave vulnerabilities via which access to networks can be gained by criminals”. Internet is very important if not essential in the life of European citizens and governments but, as technology is getting more sophisticated so cyberterrorism is becoming a real threat to European safety. The European Commission adopted, back in 2002, a provision in which all members of the European Union can punish activities defined as “attack through interference with information systems” like terrorist act if their aim is a “serious alteration or destruction of political, economic or social structures”. Even if member states are adopting cyber security means to actively respond to terrorist cyber threat, they can’t keep up the pace to terrorist organizations. The world is facing a real guerrilla on the web composed of cyber attacks, codes and alterations of security systems. It is not necessary to travel to the Islamic State, there is no need to display a flag or create an army; a cyberjihad attack can be carried out anywhere, anytime at no cost. ISIS cyber potential comes as a surprise to Western societies but, it is still in his early days to be considered a group holding catastrophic potential. Nevertheless, it is necessary for nations, experts, people to be aware of the potential threat the Internet might pose at this stage and be cautious while surfing the net. The possibility of cyber space to fall victim of terrorism actions was predictable long time before the CentCom hacking. The time has come for those who were sceptic about the ISIS strategies and communication capabilities to face the challenging threat this jihadist group is posing to the International system. The cyber reality has destroyed physicalborders and ISIS knows it way too well: everything is possible online, even to start a war, an invisible kind of war.
For now a cyber terrorist attack won’t have the same physical consequences as those experienced during the 9/11 attacks, but it might cause some difficulties to the entire society due to the deep reliance on the information system. Cyberterrorism is a more realistic option than it was ten years ago and, it is about the time to establish more sophisticated and flexible cyber security measures to ensure western security.
The war against ISIS is a total war, fought not only on the battlefield or throughout the intelligence, it is carried out in the digital arena too. If this total dimension of war was unthinkable for any terrorist group before 2014, ISIS has so far demonstrated the capacity to make best use of the fifth estate.
AGNESE CARLINI
Master’s degree in Diplomacy and Collective Security, International Relations (University of Perugia)