With the continued integration of technology, and especially internet-based technologies, into everyday life, the threat of cyberterrorism becomes more and more of a concern, as the potential for exponentially devastating effects increases alongside reliance on these emerging technologies. However, combating cyberterrorism is not as simple as one might think (or hope), because even the definition of the word itself remains under discussion. Nonetheless, after examining some of the more common definitions of cyberterrorism as well as the most obvious and evolving cyberterrorist threats, it becomes clear that much of the official preparation and response to cyberterrorism tends to focus on red herrings, missing the areas with the greatest potential for harm while focusing on far less likely doomsday scenarios. Realizing this fact ultimately offers some better ideas for stopping current and future cyberterrorists.
The first hurdle to understanding and combating cyberterrorism is the fact that there is no singularly agreed-upon definition of what it is. Most broadly:
While there is not a standardized definition of cyberterrorism, the general theme among the many proposed definitions is that cyberterrorism is a premeditated criminal act by subnational groups or clandestine agents, for political, religious, or social purposes, against an entity's computer, data, or information systems, to entice fear and results in physical violence (Sharp Parker, 2010, p. 159).
This represents a fairly common formulation of cyberterrorism that "combines the United States Department of State's definition of terrorism as politically motivated acts of violence against non-combatants with a definition of cyberspace as the computers, networks, programs and data which make up the information infrastructure" (Pollitt, 1998, p. 8). However, "cyberterror" is also frequently used to describe those acts which fulfill most of the descriptions above but which are not designed to entice fear or result in physical violence, further blurring the line between what is considered legitimate protest (also known as "hacktivism") and "terrorism" (Vegh, 2003, p. 821). For example, some groups contend that Denial-of-Service attacks, in which a website is overloaded with numerous simultaneous connections, is a legitimate form of protest, while other have gone so far as to label it terrorism (Anonymous, 2001, p. 272). The Naval Postgraduate school defines cyberterrorism "as the unlawful destruction or disruption of digital property to intimidate or coerce people," acknowledging terrorism's psychological aspect without including physical violence as a condition for cyberterrorism (Thomas, 2003, p. 112).
Thus, while using the definition of cyberterrorism which includes physical violence or destruction as a result means that there are no recorded instances of a cyberterrorist attack outside of the Stuxnet worm which affected the Iranian nuclear refinement program (likely a result of United States and Israeli cooperation), using the broader definition which does not include physical destruction as an identifying feature means that many more activities may be labeled cyberterrorism, and many different groups of people may subsequently be considered "terrorists." Adding to this relative confusion over the precise meaning of the word, a number of illegal activities may fall under the dual rubrics of cyberterrorism and cybercrime, with the only distinction being whether money or ideology was the most prominent motivating factor, with cybercrime sometimes financing physical terrorism (Baldwin, 2004, p. 128). Finally, cyberterrorism is occasionally used to describe the online activities of established terrorist groups, with a particular focus on the planning of attacks and dissemination of information, although the distinction between "cyberplanning" (itself a somewhat useless phrase) and cyberterrorism is noted (Thomas, 2003, 112).
Despite the variability in potential definitions, some key factors do stand out which allow one to chart the development of cyberterrorism as a concept (using a broader definition of the term) over the course of the last few years. Although the potential for cyberterrorism appeared once the first computers were connected to each other remotely, the threat of cyberterrorism did not enter the public consciousness until somewhat later, with the first inclinations that the fear of cyberterrorism was growing beyond the reality coming in the later 1990s. This fear is of course legitimate, considering that "cyberterrorism combines two of the most prominent developments of the last twenty years: the increasing reliance on the internet's infrastructure, and the threat of international terrorism committed by non-state actors," but one must temper the awareness of that reality with the knowledge that dramatic, massive attacks like the ones seen in movies or on September 11th are far less common than the media might make it seem (Lentz, 2010, p. 799).
However, the tendency for the United States' national security apparatus to blow things out of proportion led to things like this 1997 paper arguing that:
A CyberTerrorist could remotely access the processing control systems of a cereal manufacturer to sicken and kill the children of a nation. A CyberTerrorist could place computerized bombs around a city, all simultaneously transmitting unique numeric patterns, each bomb receiving each other's pattern, so if one bomb stops transmitting, all bombs detonate simultaneously. A CyberTerrorist could disrupt international financial transactions, undermine air traffic control systems, alter the formulas of medication at pharmaceutical manufacturers, and sabotage utility systems (Collin, 1997, p. 15).
While there is some outside chance of these kinds attacks occurring, there are far simpler, and arguably far more disruptive, methods available to the terrorist wishing to make his or her point via the internet, and lumping convoluted plans to poison children and "computerized bombs" in with far more realistic threats to outdated infrastructures risks focusing on the dramatic at the expense of the realistic. That, is fearing the "digital Pearl Harbor" instead of the far more likely covert intrusions and security breaches (Stohl, 2006, p. 224).
This back and forth between those warning against dramatic, catastrophic attacks (who incidentally often stand to benefit from this increased fear due to their roles as counter-terrorism "experts" and consultants) and those advocating for a more reasoned approach to genuine threats has continued more or less to this day, with journalists and computer science researchers constantly working to refute "the latest in a wave of hype that misrepresents the problem of computer security" (Kaiser, 1999, p. 139). Quite content to use this disagreement to their advantage, current cyberterrorist groups that pose the most threat to stability and safety are not even targeting governments and military or security infrastructures, but rather private corporations and the massive stores of data they hold. "The real security concern is civilian networks […] because they are much easier to crack than military ones" and because these networks hold far more personal data regarding individual's than most government networks (Kaiser, 1999, p. 139). When there is a data leak from the United States government, such as the case with the diplomatic cables released by Wikileaks, the information largely harms those in power by revealing hypocrisy. While there are undoubtedly clandestine groups seeking to steal military information, currently the biggest threat of cyberterrorism (even if it is cyberterrorism supported by governments such as China, Russia, and the United States) comes from smaller attacks on corporations, and specifically those which deal with communication and surveillance.
Stopping cyberterrorists remains difficult for a number of inherent problems coupled with structural or political hindrances that only serve to exacerbate the problem. Firstly, identifying any particular person across the internet remains difficult, even with advances in tracking and surveillance, and the asymmetrical nature of cyberterrorism means that governments and corporations must spend lots of money combating activities that can be performed for exponentially smaller sums. Structurally, the fact that there remains much confusion over the distinctions between cyberterrorism, cybercrime, and hacktivism has led to the law remaining far behind the reality of contemporary society, such that prosecutors must find ways to convict cyberterrorists using legislation written before the internet, and indeed developed society, existed in the way it is considered now. Thirdly, the fact that warning against dramatic, over-the-top cyber doomsdays brings in far…