- The potential threat posed by cyberterrorism has provoked considerable alarm. Numerous security experts, politicians, and others have publicized the danger of cyberterrorists hacking into government and private computer systems and crippling the military, financial, and service sectors of advanced economies.
- The potential threat is, indeed, very alarming. And yet, despite all the gloomy predictions, no single instance of real cyberterrorism has been recorded. This raises the question: just how real is the threat?
- Psychological, political, and economic forces have combined to promote the fear of cyberterrorism. From a psychological perspective, two of the greatest fears of modern time are combined in the term "cyberterrorism." The fear of random, violent victimization blends well with the distrust and outright fear of computer technology.
- Even before 9/11, a number of exercises identified apparent vulnerabilities in the computer networks of the U.S. military and energy sectors. After 9/11, the security and terrorism discourse soon featured cyberterrorism prominently, promoted by interested actors from the political, business, and security circles.
- Cyberterrorism is, to be sure, an attractive option for modern terrorists, who value its anonymity, its potential to inflict massive damage, its psychological impact, and its media appeal.
- Cyberfears have, however, been exaggerated. Cyberattacks on critical components of the national infrastructure are not uncommon, but they have not been conducted by terrorists and have not sought to inflict the kind of damage that would qualify as cyberterrorism.
- Nuclear weapons and other sensitive military systems, as well as the computer systems of the CIA and FBI, are "air-gapped," making them inaccessible to outside hackers. Systems in the private sector tend to be less well protected, but they are far from defenseless, and nightmarish tales of their vulnerability tend to be largely apocryphal.
- But although the fear of cyberterrorism may be manipulated and exaggerated, we can neither deny nor ignore it. Paradoxically, success in the "war on terror" is likely to make terrorists turn increasingly to unconventional weapons, such as cyberterrorism. And as a new, more computer-savvy generation of terrorists comes of age, the danger seems set to increase.
About the Report
The threat posed by cyberterrorism has grabbed headlines and the attention of politicians, security experts, and the public. But just how real is the threat? Could terrorists cripple critical military, financial, and service computer systems? This report charts the rise of cyberangst and examines the evidence cited by those who predict imminent catastrophe. Many of these fears, the report contends, are exaggerated: not a single case of cyberterrorism has yet been recorded, hackers are regularly mistaken for terrorists, and cyberdefenses are more robust than is commonly supposed. Even so, the potential threat is undeniable and seems likely to increase, making it all the more important to address the danger without inflating or manipulating it.
Gabriel Weimann is a senior fellow at the United States Institute of Peace and professor of communication at the University of Haifa, Israel. He has written widely on modern terrorism, political campaigns, and the mass media. This report complements a previous report, www.terror.net, issued in March 2004, which examined the variety of uses to which terrorists routinely put the Internet. Both reports distill some of the findings from an ongoing, six-year study of terrorism and the Internet. A book based on that larger study is to be published in 2006.
The views expressed in this report do not necessarily reflect views of the United States Institute of Peace, which does not advocate specific policy positions.