Skip to main content
Log in

Crouching tiger or phantom dragon? Examining the discourse on global cyber-terror

  • Original Article
  • Published:
Security Journal Aims and scope Submit manuscript

Abstract

Known cases of cyber-attacks on sovereign powers are rare, thus examination of cyber-terror remains somewhat anecdotal. Terrorism discourse itself remains mired in ambiguity as little agreement exists as to thresholds that would make unambiguous distinctions between criminal and terror attacks. In this article, we examine a composite of cyber-terror that highlights symbolism and public sentiment and delineates between real and perceived threats. An objective analysis of historical incidents would indicate that first-world powers’ adaptive technologies and sophistication have provided adequate protection against ‘cybergeddon’. However, this reality must be juxtaposed with the mythos that popular media has conjured regarding digital doomsday. In examining this dichotomy between real and perceived threats, we visit the idea that the current direction of cyber-legislation risks heightening international inequality. As the world evolves toward more cyber-dependent relations, dominant economic powers have the ability to be more inclusive as they work toward global law enforcement legislation. This article appeals for attentiveness to social justice in the attempt to alleviate national anxieties associated with cyber-threats.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

Notes

  1. Cyber-based resources are being utilized instrumentally not just by businesses and states, but also by mass publics for purposes of protest. Such developments have already begun to stoke concerns about 1st Amendment protections of speech and association, matters the United States trumpets to less democratically inclined regimes throughout the world. The Wikileaks release of diplomatic cables and subsequent organized hacker response to the arrest and threatened extradition to Sweden of Wikileaks founder, Julian Assange, are suggestive of the medium's utility as a tool of mass protest. Similarly, in Egypt, recent mass demonstrations against the government of Hosni Mubarak were broadcast via the Internet throughout the world and appear to have been instrumental in galvanizing support for the protest movement in countries throughout the Middle East. That states view this emergent form of protest with substantial concern is evidenced by the fact that the Egyptian government moved swiftly to shutter internet-based communications in an ultimately unsuccessful bid to curb the influence of restive crowds. We note that the power of the internet as a means of mass protest has not been lost on legislators in the United States, since at the time of this writing the US Congress is considering legislation that would establish an internet ‘kill-switch’ (Swartz, 2011) to manage cyber-based communications in the event of domestic civil unrest.

  2. Media reports that US systems were the target of cyber-attacks over the 4 July 2009 weekend appear to have overstated the nature and effects of the attacks. A report from the Online Journal from 12 July 2009 indicates that the purported attack … ‘itself turns out to have been fairly innocuous – a run of the mill DDOS (distributed denial of service) attack’ (Corbett, 2009). This type of internet-based interference is becoming an increasingly familiar mode of attack in the years since the Estonia DDOS attacks reported in the main text of this article but, as is noted in the referenced text above, the technology is dated and therefore the form of attack at this point appears more nuisance, most likely breaching the border into crime, but less than a true and serious threat to existing internet-based communications and state regulatory controls. Since this attack numerous other similar DDOS type attacks have taken place against various systems throughout the world. But as we emphasize in the main body of this article, none of these appear to qualify as acts of terror consistent with conceptual developments in the rapidly expanding cyber-terror literature.

  3. We note that cyber threats are not limited to federal level and public targets. Possible additional targets that are of concern to practitioners include but are certainly not limited to power plants, air traffic control systems, subway systems and even stock exchanges. In addition to these, information management and resource distribution systems that support delivery of local and regional services would seem to present a range of very real threats due to the fragmented nature of these systems and the political units they serve (Dondossola et al, 2008).

  4. Weimann (2004) notes that success in the war on terror may increase the allure of cyber-attacks, as motivated terrorists are likely to turn to unconventional approaches when avenues for more conventional attacks have been closed off. Such a potential should not be ignored, as the emergence of a generation of computer-savvy terrorists would seem to set the stage for an increasing focus on this type of attack. Recent reports also cite NATO Deputy Defense Secretary William J. Lynn III as stating that the United States must keep up with cyber-terror and its evolution (Garamone, 2011).

  5. A recent Google Scholar search of the phrase ‘defining terrorism’ returned 112 000 hits. The evolving character of the definitional enterprise is reflected in a similar search of the phrase ‘defining cyber-terrorism’, which produced 13 700 hits.

  6. The foregoing discussion of the terrorism concept highlights the deeply problematic nature of the discourse to date. It would be surprising to find that a concept such as cyber-terrorism, which arises from the terrorism discourse, would exhibit a higher degree of coherence than the underlying components. Indeed, as our analysis reveals, the concept cyber-terror suffers from the same lack of general coherence as that exhibited in the debate over the term terrorism.

  7. Tilly (March 2004) asserts that evidence on intent or motivations generally does not become available in cases involving collective violence and therefore, too often, motives producing the events are inferred rather than directly known.

  8. This distinction between intent-based and effects-based acts is reminiscent of the legal requirement in criminal cases of establishing criminal intent. The state must prove beyond a reasonable doubt actus reus (that the act occurred) and mens rea (the mental or motive state of the defendant at the time of the act). The analytic distinction made in the present context is not currently understood as being linked to criminal legal discourse but may at some point benefit from these long-established principles in the criminal law. We note as an aside that successful state prosecution of any attempted or completed act of cyber-terrorism, notwithstanding complications over jurisdiction, would need to meet established standards of criminal procedure.

  9. Some may question the idea of computer-based attacks as acts of violence to create fear and/or compliant behavior in a victim and/or audience. We note the strong tendency to infer characteristics of one-on-one crimes (Rieman, 2006) to acts committed against technical systems. This should not deter discussion of how attacks on these technical systems pose threats in the form of disruptions to communications and economic and financial exchange while also delegitimizing the state. Max Weber (in Bendix, 1962) highlighted the key issue of state control, arguing that its essence rests on its monopoly over the use of coercion (in the modern sense, we might substitute ‘monopoly of control over key regulatory systems’). Loss of that monopoly is equivalent with failure of the state itself. In this sense, conceptualization of cyber-terror attacks as violence to create fear may indeed be appropriate imagery.

  10. Kilburn et al (2011) focus on the concept hyper-vigilance, noting the state's tendency to lean strongly in the direction of acting on false positives. In their words, ‘A false positive involves a defined police action aggressively taken to prevent an alleged act of terror where no such threat exists’ (Kilburn et al, 2011, p. 26). Hyper-vigilance and associated over-aggressive policing strategies and policies can potentially stifle high-tech terrorism opportunities, and, not surprisingly, such policies are favored by many. But the economic costs are potentially substantial as well and civil liberties are placed at risk, as these authors note (see Kilburn et al, 2011, pp. 32–34 for a discussion of these themes). In addition, these authors note that lower tech terrorism opportunities may be little affected by the high cost hyper-vigilance strategies. As we note in the text of this article, knowing more about the nature of the cyber-terrorist threat can assist states in rationally allocating scarce intelligence and threat response resources.

  11. The notion of symbolic threat parallels insights regarding physical terror attacks as sources of physical insecurity. The threat of cyber-based attacks introduces the specter of terror and the associated loss of personal security. We note in this context Primoratz's (1990) attempt to articulate a cohesive concept of cyber-terror. He asks the rhetorical question: Does mere infliction of terror qualify as terrorism, so that we can speak of non-violent terrorism? This might be analogous with donning a mask. His question highlights that terror is in part organized around anticipated responses to threatened or actual events. The effect alluded to in Primoratz's discussion would seem consistent with an emphasis on terrorism's symbolic aspects.

  12. The literature on corporate espionage is extensive and highlights the extreme priority of secrecy to protect proprietary information linked to corporate performance. Although this is a critical issue for most large corporations, we note that this should be distinguished from the vulnerability to cyber-terrorist attacks discussed at this point in this article. Corporations in strategic locations with regard to state security are by definition at risk of becoming targets of cyber-terrorist attacks. Any breach with potential to delegitimize the state is a state concern. Not all corporate protective measures would be characterized as protections against cyber-terrorism from this standpoint as not all corporate activities are critical to the functioning of the state. These breaches, which are the focus of concern for most corporate detection systems, would logically fall into the arena of cyber-crime, a topic we address later in the article.

  13. This draws on the requirements in any criminal investigation to establish means, motive and opportunity. It draws as well on further requirements in some but not all criminal cases that criminal acts be tied to an intended result and that the act be shown to be the cause of a particular harm (Samaha, 2006). We note that these additional considerations may remain partially or fully unrealized in any attempted cyber-attack but from the standpoint of criminal law prosecution on these points would be potentially relevant in obtaining a conviction.

  14. The increasing use of the internet as a tool in mass protest movements today challenges us to consider not just matters of criminal versus terrorist intent but also the aspiration of people everywhere to have their voices heard. It is apparent that governments and legal scholars will increasingly be compelled by rapidly unfolding events to forge pathways through this largely unsettled terrain.

  15. Denning (2001) notes that to her knowledge cyber-skills-based activities are not taught in terrorist camps. Denning's report is somewhat dated and therefore may not reflect current training experiences in these camps. Our research did not locate any more recent evidence on this important issue, unfortunately.

  16. We note here a behavioral model explicating dynamics of expropriation crimes developed by Cohen and Machalek (1995, pp. 157–179). Their research conceptualized a dynamic process involving producers and criminal expropriators that is much akin to the dynamics that would seem to operate in the world of cyber-crime as discussed by Lewis (2002). Among their many insights, they emphasize that the incidence of social parasitism (in this case cyber-criminal attacks) depends not only on individual traits and characteristics but on what others in the population are doing and the frequency and competence with which they do it (Cohen and Machalek, 1995, p. 157). Producers of internet software and services must continually counter behavioral incursions ranging from nuisance to serious attack threats. Their success in confronting such incursions may close off current opportunities but the model emphasizes the ongoing nature of these exchanges so that successful defense may spur subsequent evolutionary development on the part of the class of criminal expropriators.

  17. We note in this context that terrorists’ interests are potentially served through terror incidents as their interests often, but certainly not always, align with the minority or under-served groups. We also note again Gibbss (1989) discussion of terrorism as social control and refer the reader to Gibbs's insightful discussion.

  18. A recent Computerworld report (Keizer, 2010) explicates the difficulties in planning and executing a cyber-terror attack, casting doubt on the abilities of individuals or even poorly funded groups to accomplish such an act. The report cites an expert asserting ‘There are so many different types of execution needs that it's clear this is a team of people with varied backgrounds, from the rootkit side to the database side to writing exploits.’ The report continues: ‘the malware, which weighed in at nearly half a megabyte … an astounding size … was written in multiple languages, including C, C++ and other object-oriented languages …’. According to the report potential attackers would need the actual physical hardware for testing, and to know how specific applications work. The report appears to reiterate an informed speculation pointing to likely state government sponsorship in the form of direct funding and material support for the team tasked with planning and executing this vastly complex project.

  19. Sofaer (2000) exemplifies this development in the policy literature.

References

  • Aaviksoo, J. (2007) Cyber-terrorism: Real threats from the imaginary world, Speech to the Statemen's Forum of the Center for Strategic and International Studies (CSIS), 28 November, http://www.irl.ee/en/Media/Articles/335/real-threats-of-the-imaginary-world, accessed 10 November 2009.

  • Aeilts, T. (2005) Defending against cybercrime and terrorism: A new role for universities. FBI Law Enforcement Bulletin, pp. 14–20, http://findarticles.com/p/articles/mi_m2194/is_1_74/ai_n13653977/pg_2/?tag=content;col1, accessed 24 May 2010.

  • Agnew, R. (2010) A general strain theory of terrorism. Theoretical Criminology 14 (2): 131–153.

    Article  Google Scholar 

  • Albini, J.L. (2001) Dealing with the modern terrorist: The need for changes in strategies and tactics in the new war on terrorism. Criminal Justice Policy Review 12 (4): 255–281.

    Google Scholar 

  • Arntfield, M. (2006) The aesthetic calculus: Sex appeal, circuitry, and invisibility. Bulletin of Science, Technology Society 27 (1): 37–47.

    Article  Google Scholar 

  • Arntfield, M. (2008) Wikisurveillance: A genealogy of cooperative watching in the west. Bulletin of Science, Technology & Society 28 (1): 37–47.

    Article  Google Scholar 

  • Barletta, W. (2008) Cyberwar or cyberterrorism: The attack on Estonia. Ragaini (eds.) International Seminar on Nuclear War and Planetary Emergencies 38th Session. Hackensack, NJ: World Scientific Publishing Company.

    Google Scholar 

  • Bendix, R. (1962) Max Weber: An Intellectual Portrait. New York: Double Day.

    Google Scholar 

  • Bridis, T. (2000) Virus gives ‘love’ a bad name. The Wall Street Journal 5 May 2011: B1.

  • Broadhurst, R. (2006) Developments in the global law enforcement of cyber-crime. Policing: An International Journal of Police Strategies & Management 29 (3): 408–433.

    Article  Google Scholar 

  • Brown, I. and Korff, D. (2009) Terrorism and the proportionality of internet surveillance. European Journal of Criminology 6: 119.

    Article  Google Scholar 

  • Cavelty, M.D. (2007) Cyber-terrorism – Looming threat or phantom menace? The framing of the US cyber-threat debate. Journal of Information Technology & Politics 4: 19–31.

    Article  Google Scholar 

  • Cohen, J. and Machalek, J. (1995) Behavioral strategy: A neglected element in criminological research. In: H. Barlow (ed.) Crime and Public Policy: Putting Theory to Work. Boulder, CO: Westview Press, pp. 157–179.

    Google Scholar 

  • Corbett, J. (2009) Recent cyberattacks provide pretext for sweeping new internet snooping powers by the government, http://onlinejournal.com/artman/publish/article_4898.shtml, accessed 11 July 2009.

  • Costanza, S.E. and Kilburn Jr, J.C. (2005) Symbolic security, moral panic and public sentiment: Toward a sociology of counterterrorism. Journal of Social and EcologicalBoundaries 1 (2): 106–124.

    Google Scholar 

  • Costanza, S.E., Kilburn Jr, J.C. and Helms, R. (2008) Chapter 5: Counterterrorism. In: K. Borgeson and R. Valeri (eds.) Terrorism in America. Sudbury, MA: Jones and Bartlett.

    Google Scholar 

  • Denning, D.E. (2001) Is cyber terror next? http://www.ssrc.org/sept11/essays/denning.htm, accessed 9 June 2010.

  • Dondossola, G., Szanto, J., Masera, M. and Fovino, I.N. (2008) Effects of intentional threats to power substation control systems. International Journal of Critical Infrastructures 4: 1–2.

    Article  Google Scholar 

  • Eriksson, J. and Giacomello, G. (2006) The information revolution, security, and international relations: (IR)relevant theory? International Political Science Review 27 (3): 221–244.

    Article  Google Scholar 

  • Federal Emergency Management Agency Home Page. (2010) General information about terrorism. U.S. Department of Homeland Security, http://www.fema.gov/hazard/terrorism/info.shtm, accessed 11 June 2010.

  • Fischer, P., Postmes, T., Koeppl, J., Conway, L. and Fredriksson, T. (2010) The meaning of collective terrorist threat: Understanding the subjective causes of terrorism reduces its negative psychological impact. Journal of Interpersonal Violence, published online June 2010.

  • Forno, R. (2002) Quotes on ‘Electronic Pearl Harbor’, http://www.soci.niu.edu/~crypt/other/harbor.htm, accessed 21 December 2010.

  • Garamone, J. (2011) Lynn: NATO must get ahead of cyber threat, http://www.defense.gov/news/newsarticle.aspx?id=62572, accessed 21 January 2011.

  • Gibbs, J. (1989) Conceptualization of terrorism. American Sociological Review 54 (3): 329–340.

    Article  Google Scholar 

  • Glenny, M. (2008) McMafia: A Journey through the Global Criminal Underworld. New York: Knopf Publishing Group.

    Google Scholar 

  • Goold, B., Loader, I. and Thumala, A. (2010) Consuming security? Tools for a sociology of security consumption. Theoretical Criminology 14 (1): 3–30.

    Article  Google Scholar 

  • Gorman, S. (2010) U.S. plans cybershield for utilities, companies. Wall Street Journal 8 July.

  • Haimes, Y.Y. (2002) Risk of terrorism to cyber-physical and organizational-societal infrastructures. Public Works Management & Policy 6 (4): 231–240.

    Article  Google Scholar 

  • Hawkins, D.F., Myers, S.L. and Stone, R.N. (2003) Crime Control and Social Justice: The Delicate Balance. Santa Barbra, CA: Praeger Publishers.

    Google Scholar 

  • Hills, J. (2006) What's new? War, censorship and global transmission: From the telegraph to the internet. International Communication Gazette 68: 195–198.

    Article  Google Scholar 

  • Hsu, J. (2009) U.S. cyber command now fully online, and seeking a few good geeks, POPSCI, 5 October, http://www.popsci.com/military-aviation-amp-space/article/2009-10/us-cyber-command-now-online-and-seeking-few-good-geeks, accessed 10 October 2009.

  • Johnson, P.W. and Feldman, P.B. (1992) Personality types and terrorism: Self-psychology perspectives. Forensic Reports 5 (4): 293–303.

    Google Scholar 

  • Keizer, G. (2010) Is Stuxnet the ‘best’ malware ever? http://www.computerworld.com/s/article/9185919/Is_Stuxnet_the_best_malware_ever_?taxonomyId=85&pageNumber=1, accessed 12 February 2011.

  • Kerner, M. (2011) Inside Stuxnet: Why it works and why the U.S. shouldn’t worry, http://www.esecurityplanet.com/trends/article.php/3921041/article.htm, accessed 18 January 2011.

  • Kilburn Jr, J.C., Costanza, S.E., Metchik, E. and Borgeson, K. (2011) Policing terror threats and false positives: Employing a signal detection model to examine changes in national and local policing strategy between 2001 and 2007. Security Journal 24: 19–36.

    Article  Google Scholar 

  • Levi, M. (2006) White-collar, organised and cyber crimes in the media: Some contrasts and similarities. Crime, Law and Social Change 49 (5): 365–377.

    Article  Google Scholar 

  • Lewis, J.A. (2002) Assessing the risks of cyber-terrorism, cyber war and other cyber threats. Center for Strategic & International Studies, http://www.google.com/url?q=http://csis.org/files/media/csis/pubs/021101_risks_of_cyberterror, accessed 11 December 2010.

  • Miller, L. (2006) The terrorist mind: I. A psychological and political analysis. The International Journal of Offender Therapy and Comparative Criminology 50 (2): 121–138.

    Article  Google Scholar 

  • Mueller III, R.S. (2007) The FBI: Stopping real enemies at the virtual gates, Speech at Penn State Forum Speaker Series, State College, Pennsylvania, 6 November, http://www.fbi.gov/news/speeches/the-fbi-stopping-real-enemies-at-the-virtual-gates, accessed 10 March 2010.

  • Munro, N. (2007) Zombie nets. National Journal 39 (28): 46–47.

    Google Scholar 

  • Primoratz, I. (1990) What is terrorism? Journal of Applied Philosophy 7 (2): 129–138.

    Article  Google Scholar 

  • Rieman, J. (2006) The Rich Get Richer and the Poor Get Prison: Ideology, Crime, and Criminal Justice. Boston, MA: Allyn & Bacon.

    Google Scholar 

  • Rollins, J. and Wilson, C. (2005) Terrorist Capabilities for Cyberattack: Overview and Policy Issues: A Report of the Congressional Research Service, http://www.fas.org/sgp/crs/terror/RL33123.pdf, accessed 13 April 2010.

  • Samaha, J. (2005) Criminal Law, 8th edn. New York: Wadsworth Publishing Company.

    Google Scholar 

  • Samaha, J. (2006) Criminal Justice, 7th edn. New York: Wadsworth Publishing Company.

    Google Scholar 

  • Sedita, S. and Subramanian, R. (2006) Trends and issues in global information security – A comparison of US and EU cybercrime laws, http://www.iima.org/CIIMA/7%20CIIMA%206-1%2039-50%20Subramanian.pdf, accessed 26 April 2009.

  • Seger, K.A. (2003) Deterring terrorists. In: A. Silke (ed.) Terrorist Victims and Society: Psychological Perspectives on Terrorism and Its Consequences. Chichester, UK: Wiley Press.

    Google Scholar 

  • Silke, A. (2008) Holy warriors: Exploring the psychological processes of jihadi radicalization. European Journal of Criminology 5 (99): 100–123.

    Google Scholar 

  • Sofaer, A.D. (2000) A proposal for an international convention on cyber crime and terrorism, http://www.iwar.org.uk/law/resources/cybercrime/stanford/cisac-draft.htm, accessed 12 January 2009.

  • Solansky, S.T. and Beck, T. (2009) Enhancing Community Safety and Security through Understanding Inter-Agency Collaboration in Cyber-Terrorism Exercises. Administration & Society 40 (8): 852–875.

    Article  Google Scholar 

  • Speer, D.L. (2000) Redefining borders: The challenges of cybercrime. Crime, Law & Social Change 34: 259–273.

    Article  Google Scholar 

  • Staples, W.G. (2000) Everyday Surveillance: Vigilance and Visibility in Postmodern Life. Lanham, MD: Rowman & Littlefield.

    Google Scholar 

  • Stohl, M. (2006) Cyber-terrorism: A clear and present danger, the sum of all fears, breaking point or patriot games? Crime, Law & Social Change 46: 223–238.

    Article  Google Scholar 

  • Swartz, J. (2011) ‘Kill switch’ internet bill alarms privacy experts, http://www.usatoday.com/tech/news/internetprivacy/2011-02-15-kill-switch_N.htm, accessed 15 February 2011.

  • Teves, O. (2000) Suspect in love bug virus found after Philippine raid. Las Vegas Sun 8 May: 1A, 8A.

  • Tilly, C. (2004) Terror, terrorism, terrorists. Sociological Theory 22 (1): 5–13.

    Article  Google Scholar 

  • Turk, A. (2004) Sociology of terrorism. Annual Review of Sociology 30: 271–286.

    Article  Google Scholar 

  • U.S. Department of the Navy. (2001) Patterns of Global Terrorism (2001 report), http://www.history.navy.mil/library/guides/terrorism.htm, accessed 10 October 2010.

  • Weimann, G. (2004) Cyberterrorism: How Real is the Threat? United States Institute of Peace Special Report No. 119, http://www.usip.org/publications/cyberterrorism-how-real-threat, accessed 31 March 2011.

  • Weimann, G. (2008) Cyber-terrorism: Are we barking at the wrong tree? In: K. Von Knop, H. Neisser, A. Salnikov and B. Ganor (eds.) Security, Terrorism and Privacy in Information Society. Bielfeld, Germany: W. Bertelsmann Verlag.

    Google Scholar 

  • Weinberg, L., Pedahzur, A. and Hirsch-Hoefler, S. (2004) The challenges of conceptualizing terrorism. Terrorism and Political Violence 16 (4): 777–794.

    Article  Google Scholar 

  • Zetter, K. (2010) Pentagon: Let us secure your network or face the ‘wild wild west’ internet alone, http://www.wired.com/threatlevel/2010/05/einstein-on-private-networks&hash, accessed 1 February 2011.

Download references

Acknowledgements

The authors express their appreciation to the journal editor and manuscript reviewers for their helpful recommendations in response to an earlier draft of this article. We also acknowledge Nicholas Johnson for his original insightful contributions to the development of this research.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Ronald Helms.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Helms, R., Costanza, S. & Johnson, N. Crouching tiger or phantom dragon? Examining the discourse on global cyber-terror. Secur J 25, 57–75 (2012). https://doi.org/10.1057/sj.2011.6

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1057/sj.2011.6

Keywords

Navigation