Cyber-Terrorism: E-WWIII? (1 of 8)

POST 1: CYBER TERRORISM

What Cyber-Terrorism Is

“Cyber-terrorism is the convergence of terrorism and cyberspace.”[1] Beyond this very broad description, leaders in the field tend to disagree on what does and does not constitute acts of terrorism. For example, some describe it as ‘hacking’ with a body count,[2] while the Federal Bureau of Investigation requires the act in question to be both premeditated and politically motivated.[3] Regardless of whose definition we look to, there are a few basic elements which must be accounted for: real world physical violence and chaos, accomplished through the use of a computer, and motivated by the desire to influence a government to conform to a particular agenda—whether that agenda be political, social or ideological in nature.[4]

What Cyber-Terrorism is Not

That being said, many acts that are financially motivated or perpetuated by individuals do not qualify as cyber-terrorism. For instance, since many financial crimes are carried out in cyberspace the agencies investigating these crimes may attempt misrepresent it at as cyber-attack. This distinction is important as we look to possible penalties and ways in which the justice department may combat these crimes, or inappropriately employ the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act (PATRIOT Act) in order to apprehend those responsible for the crime. For example, software flaws can fetch a pretty penny for any online criminal enterprise and custom written Trojans designed to steal credit card data can be had for $75,000.[5] However, simply because these thefts are being perpetuated through the use of online technologies is no reason to institute the enhanced penalties called for when dealing with cyber-terrorists.

Legal Questions which Arise in the Cyber-Terrorism Context

This 8 part blog series will discuss these emerging legal concerns that arise in the digital age as we attempt to combat these cyber-attacks while recognizing the limits which must be placed in order to preserve our privacy and basic principles underlying the justice system. These principles seem to be all but eroded when any crime can be labeled as some form of “terrorism.” In addition to Fourth Amendment privacy concerns, cyber-terrorism carries with it the weight of foreign policy questions as many countries combat cyber threats with the creation of organized electronic infantries.

Topics this Blog Will Cover

This blog will attempt to cover these emerging issues by discussing some recent domestic attacks, foreign threats and the future of Cyber-Warfare, how we can defend against cyber-terrorists, the aptly named “Kill Switch Bill,” the use and implications of Information Warfare, and cyber-attacks used as social protests. The final post will discuss the next generation of potential cyber terrorists who have blurred the line between human and computer super soldier through Cybernetic Enhancements.


[1] Clive Walker, Cyber-Terrorism: Legal Principle and Law in the United Kingdom, 110 Penn St. L. Rev. 625, 633-34 (2006).

[2] Mohammad Iqbal, Defining Cyberterrorism, 22 J. Marshall J. Computer & Info. L. 397 (2004).

[3] Ruwantissa Abeyratne, Cyberterrorism: The Next Great Threat to Aviation, Air & Space Law., 2011, at 4.

[4] Mudawi M. Elmusharaf, Cyber Terrorism: The New Kind of Terror, COMPUTER CRIME RESEARCH CTR. (Apr. 8, 2004), available at http://www.crime-research.org/articles/Cyber_Terrorism_new_kind_Terrorism.

[5] Jon Brodkin, Government-sponsored cyberattacks on the rise, McAfee says, NetworkWorld (Nov. 29, 2007), available at http://www.networkworld.com/news/2007/112907-government-cyberattacks.html. This 2007 article, which equated malware to a Russian backed cyber-attack against Estonia, depicts the early misunderstandings and fear surrounding cyber-terrorism.


3 Responses to “Cyber-Terrorism: E-WWIII? (1 of 8)”

  1. I look forward to the rest of these blog posts!

    If cyber terrorism is defined as you did in the first paragraph, the biggest difference between traditional terrorism and cyber terrorism seems to be the extent to which the motivation is political in nature. What comes to mind for me are terrorist groups that just seem to wreak havoc on particular groups of people, often motivated by extreme forms of ideologies. If these groups started using computers to attack the bank accounts of the people groups they dislike, would that be considered cyber-terrorism, even though it’s not aimed at a particular government? At first, the thought that came to my mind was, “why does it even matter what you call it?” But the rest of your post does a good job of answering just that: because cyber “terrorism” has its own body of governing law while purely cyber financial crimes has a different set of laws. This should be an interesting blog series.

  2. You point out very nicely that the terms cyber attack and cyber terrorism can be manipulated to apply in instances where the terminology is not appropriate. If I may add, the manipulation can sometimes have political over tones. This is a dangerous practice because over use of the “terrorism” terminology can cause a dilution in the public’s perception of the seriousness of an event in the future. If everything is terrorism and yet does not impact our lives on a daily basis, will we stay vigilant to the real terrorism? Looking forward to the upcoming posts.

  3. I agree. Recently I came across this “e-bulletin” which discussed a 2004 charge against a Lousiana man for “violating the cyberterrorism provisions of the USA Patriot Act after he allegedly created a virus that caused MSN TV equipment to dial 911 instead of connecting to the Internet when users tried to go online.” 2004 WL 547511 (ANEBUSLB), 1. Although the bulletin did not reveal the man’s motives or intentions, which as we have seen are necessary in order to identify terrorism v. simple hacking, presumably e-mailing a virus to 18 people on a server would fall outside of that definition. It is concerning that the man was charged with violating both the Patriot Act and the CFAA. The CFAA should have been sufficient to address the conduct and violations of the man. It is my skeptical opinion that including a violation of the Patriot Act may have been a tactical maneuver to increase sentencing or even his willingness to cooperate.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: