The terrorist attacks in Paris were a grim reminder of terrorism’s deadly reach into people’s lives. That reach is also extending into people’s digital lives. Terrorist organisations, such as the so-called Islamic State, are waging information terrorism through the Internet and various information communication technologies (ICTs). As our governments, industries, and personal and professional lives become increasingly dependent upon the Internet and ICTs, information terrorism is likely to grow.

Information terrorism, or cyberterrorism, involves attacking, or attempting attacks on, political, financial, military, and civilian information infrastructures for catastrophic effects on the real world. The Federal Bureau of Investigation in the US defines cyberterrorism as a “premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by subnational groups of clandestine agents”.

According to US President Barack Obama, cyberterrorism is perhaps one of the greatest threats currently confronting both the US and the world. Other high-ranking American officials warn of a possible “electronic Pearl Harbour” to describe the prospect of terrorists using the Internet and ICTs to launch digital attacks.

The aim of information terrorism is to conduct digital attacks, with a keyboard stroke or a touch on a smart screen, in order to provoke terror and cause death and destruction in the real world. There are disturbing parallels between the real world and digital realm in regards to such cyberterrorism turning deadly. Similar to soft targets in the real world, like Parisian cafes and concert halls, there are vulnerable targets in the digital realm.

As we increasingly automate and interconnect our lives, industries, and world, there are more digital opportunities for terrorists to reach into our lives and access and use our most sensitive information for mayhem. For example, the expanding Internet-of-Things, in which much of the physical world is becoming connected to the Internet, presents many vulnerabilities for potential terrorist attacks.

The Islamic State, for instance, has a specialised digital terror unit, the Islamic State Hacking Division, that is developing increasingly sophisticated cyber terror capabilities. It has already targeted and hacked into the American Pentagon, stealing sensitive military information and confidential personal data of military personnel. It has also successfully targeted other industries, most notably power companies including nuclear power plants. It continually threatens the US, saying: “We are in your emails and computer systems, watching and recording your every move, we have your names and addresses, we are in your emails and social media accounts, we are extracting confidential data and passing on your personal information to the soldiers of the khilafah, who soon with the permission of Allah will strike at your necks in your own lands!”

The Islamic State uses every kind of ICT, information sharing apps, and other modes of communications and messaging to recruit fighters, threaten enemies, and spread propaganda. According to the New York Times:

“ISIS is online jihad 3.0. Dozens of Twitter accounts spread its message, and it has posted some major speeches in seven languages. Its videos borrow from Madison Avenue and Hollywood, from combat video games and cable television dramas, and its sensational dispatches are echoed and amplified on social media.

“When its accounts are blocked, new ones appear immediately. It also uses services like JustPaste to publish battle summaries, SoundCloud to release audio reports, Instagram to share images and WhatsApp to spread graphics and videos.”

Indeed, if its extreme bigotry, warped religious fanaticism and beheadings seem to come from a distant barbaric century, its use of the Internet, ICTs, and information are perversely up to and of the modern moment.

Information warfare, however, is a difficult, indeed slippery, digital activity to predict or prevent. To begin, it does not necessarily occur within or near the same place as its targets. The Internet does not stop at national borders. ICTs moreover provide diverse ways to communicate and share information, without significant spatial or temporal constraints, using both distributed and compromised systems in several different regions to conceal whereabouts or hide trails.

As we increasingly automate and interconnect our lives, industries, and world, there are more digital opportunities for terrorists to reach into our lives

The Internet and ICTs have therefore enabled terrorist groups to continue their operations and share information even as airstrikes and other counterterror efforts degrade or deprive them of physical geographic spaces. Terrorists can thus attack transnationally without having to travel to, or be in, the targeted country or location.

Second, terrorists tend to use the Internet and ICTs in much the same way as ordinary users. They derive the same kind of value, and require the same kind of services, from the Internet and ICTs as the rest of us, namely reliable connections, efficient services, easy terms, and virtual anonymity. For instance, the Afghanistan Taliban ran a terror website, celebrating attacks against American troops, hosted by an American technology company for only $70 a month payable by an anonymised credit card. The company was unaware that this account, amongst millions it hosted, propagated terrorism until it was contacted by U.S. authorities to delete it.

Third, the Internet and ICTs help terrorists gather, share, and use information in ways they could only dream about only a couple of decades ago. No terrorist organisation, currently, has the financial or infrastructural resources to afford or build a spy satellite to scope and monitor targets from above with precision; however, cheap and open services, like Google Earth, provide such capabilities. For example, the Pakistani-based terrorist group Lashkar-e-Taiba used Google Earth to help plan its attacks on Mumbai in 2008.

A further difficulty in trying to predict or prevent information terrorism is the possible threat of inside collaborators. An insider could compromise significant amounts and kinds of information by stealing or sharing it with terrorists. An insider could also divulge confidential details of a targeted system, or inject malware into the system itself. Thus, a terrorist organisation does not necessarily need to develop its own cyber capabilities when it can either buy them or acquire inside information.

But some of information terrorism’s tactics can work against terrorists since counterterrorism and intelligence agencies can similarly use the Internet and employ ICTs to monitor, disrupt, and disable them. Some security experts argue that, instead of trying to shutdown websites of and sever services to terrorists, it can be useful to take advantage of their online activities.

Security analyst Martin Libicki said: “You can learn a lot from the enemy by watching them chat online.”

In other words, while the Internet and ICTs allow terrorists to share information, they also permit defenders to access, view, and track that information.

There has thankfully not been any major cyberterrorist attack resulting in widespread death and destruction.

Most terrorist organisations presently use the Internet and ICTs how everyone else does: to cheaply, quickly, andefficiently create, gather, and share information across great distances with relative ease.

They also use these information flows to help inform and improve their physical, offline activities, like coordinating the recent attacks on Paris, to inflict harm and panic on peoples’ lives.

Nevertheless, terrorists are trying to develop and/or acquire cyber capabilities to enact information terrorism to achieve real-world effects.

It is likely that, at some point, either by skill or chance, a terrorist organisation will be able to conduct some kind of serious cyberterrorist attack that actually kills people, causes damage, and produces panic.

Perhaps because it might seem like a new development in terrorism, such an attack will probably generate significant attention, thereby victimising many people vicariously and creating widespread fear that is, arguably, disproportionate to the actual threat.

It is therefore vital to separate terror from terrorism in both the real world and digital realm. Like the brave and inspirational Parisians, we need to adopt resilient postures by not permitting terrorists or terrorism to terrorize us, whether with bombs, guns, or information.

We can instead rob terrorists of their meaningless power through such resilience and by continuing to defend, uphold, and celebrate liberty, equality, and fraternity.

Marc Kosciejew is head of department and lecturer in the Department of Library, Information, and Archive Sciences at the University of Malta.

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.