Most would agree that globalization, fed by technological advances in the information system and telecommunications realms, has overwhelmingly been a "good thing". Our world is connected like never before, and those formerly isolated are now part of the landscape, able to access critical medical information, tap educational resources and answer almost any question in two clicks.
Unfortunately, terrorists are similarly thrilled with globalization. They, too, can answer any question in two clicks, including how to build a PETN bomb like the one that nearly exploded on an airliner over Detroit on Christmas Day. They use Google Earth to indentify targets and landmarks, as shown in an al Qaeda terrorist attack against a U.S. military recruitment office last year. Somali terrorists used Facebook pages to liaise with recruits in Minneapolis, and insurgents on the battlefield have satellite phones and use Twitter to communicate.
In fact, terrorists are now able to directly engage you through your home computer...or your child through his/her web enabled device...to spread their radical ideology.
The Enemy Defined
The most widely accepted definition of terrorism is the unlawful use of force or violence against persons or property to intimidate or coerce a government and the civilian population in furtherance of political, social or religious objectives. A terrorist is one who causes fear, and seeks to dominate or coerce. Terrorist can work in large groups, small cells, or as lone wolves. Organizations have franchised, and a single leader, approval for missions or standardized training is no longer required.
Terrorists have always employed asymmetric tactics to achieve their goals; they often strike in unanticipated ways to maximize results. Never has asymmetric warfare been more prevalent than in the last decade-- from the use of airplanes as missiles on 9/11 in the United States, to the seaborne staged attack on Mumbai, India in 2008.
It is important to understand that religious terrorists are the most dangerous. Not only do they disregard the rule of law, they have no moral restraint, believing their faith imparts authority to kill innocent victims in extraordinary ways, and use any means to advance their agenda. The religious ideology is not confined to nation state boundaries, making it harder to engage and penetrate. Finally, religious terrorists have an apocalyptic agenda, which could ultimately lead to the employment of a weapon of mass destruction.
At its very core, terrorism is nothing but an elaborate marketing campaign. The main product is fear, however byproducts include recruitment, empathy seeking and fund raising. Like all marketing operations, terrorism is meant to shift the public center of gravity through use of symbolism or themes, and their techniques can be overt or covert. We must also remember this is a long campaign; the enemy is patient and thinks in terms of millennia, not years. Our children's children may be struggling with the same issues we are today.
Bruce Hoffman, a noted terrorism expert, believes al-Qaeda (and its affiliates) is increasingly focused on overwhelming, distracting and exhausting us, if not by airline bomb on Christmas Day in the US, perhaps through financial destruction in a long protracted war. If not pulling the trigger, by fronting threats that may not exist (such as suitcase nuclear bombs), which force us to spend billions on countermeasures and incite fear in the populace.
Similarly, rather than engaging in standard cyberwarfare by deliberately targeting our systems to deny service or corrupt, terrorists appear to instead be leveraging technology to wage societal warfare.
My first task in the morning is to scan 22 websites in an open source intelligence collection activity that supports my university teaching and journal writing efforts. In the spirit of "know thy enemy", an axiom of the great war strategist Sun Tzu, I also access various Jihadi sites and the pages of domestic and ethno-separatist terror groups. Often it is just the same rhetoric, but I have sensed a shift from outright violent, physical threats to a more subtle, understated threat.
For instance, I have seen a shift to the use of webcasts by seemingly benign, friendly organizations to facilitate understanding and discussion of the Muslim religion. Having joined telecasts (anonymously), I find the session is not moderated by respected clerics, but radical Imams or even worse, those who believe they somehow have special dispensation to interpret the Koran in ways not accepted by the mainstream religious body.
Also, groups such as Hamas and Hezbollah are masters at using the web to achieve social objectives and goals for their communities. They use foundations, with ever changing names and websites, to raise funds for widows and those orphaned by their operations, and also seek donations to build schools and hospitals. Naturally this community building activity creates good will (and safe harbor) and furthers recruiting goals. Many citizens have donated money without realizing it is funding activities of internationally designated terrorist groups.
There are many other ways terrorists are infiltrating society through the cyber realm - the use of the web for blogging, by posting videos on You Tube, interacting in virtual worlds...the list goes on.
How This Happened...and Ways to Engage
A few contributing factors led to the use of Cyberspace for societal warfare:
- Cyberspace is virtually "un-patrollable". We have a weak set of international laws, and no overarching governing body for enforcement.
- Sovereign nations that believe in freedom of speech and expression may monitor the web through their law enforcement agencies, but do not actively infiltrate and disable sites.
- In the rush to get cutting edge products to market, there was no pause to think about what I call "the 1%" - the terrorists and criminals that will exploit the technology. It is much easier and more comfortable to focus instead on the predictable 99%, customers without nefarious intentions.
Finally, on many fronts in this "war", we've vastly underestimated the sophistication of terrorists. Not only do they use the same technology that we do on a daily basis, their financial assets may be growing exponentially. It has recently come to light in the counterterrorism community that groups like al Qaeda are now engaged in the narcotics trade in South America and the Western Coast of Africa. This obviously will expose them to large sums of money - the kind needed to get the right people on the payroll such as scientists, engineers and technical experts.
Therefore, we've created an environment ripe for infiltration by terrorists who are sophisticated, have vast resources and are patient. As such, the following assumptions must be made in the cyber realm:
1) Every new application will be exploited.
2) Every technological solution will be defeated.
3) Your operation will be targeted through system probes or even basic human collection using your employees.
This can be very disheartening - or very enlightening. Just understanding the enemy will go a long way toward protecting our infrastructure. During my military career, where knowing the enemy was a critical part of every endeavor, I worked on various application development projects. We never developed a product or fielded a new piece of equipment without the "enemy" in mind. From initial brainstorming sessions to every stage of development, we "baked in" countermeasures. The 1% was equally, if not more important than the 99%. And similar to for-profit companies, we were also in a rush to field technology since soldier's lives and our nation's defense were at stake. By first acknowledging the existence of an enemy, then keeping him in mind every step of the way, you may prevent your product from being used in ways never before dreamed and for devastating outcomes.
I am neither an IT or Cyberwarfare expert, but I know the mind of a terrorist. I understand how terrorist groups seek to turn the switch from "off" to "on" in the human brain and recruit those who will carry out the most heinous of missions, sacrificing their own life in the process. The radical jihadist ideology is like a poison to the mind, especially to the hopeless and downtrodden who would rather die in a spectacular blast than as a hungry beggar on the streets.
Using Cyberspace as a way of conducting societal warfare, in your community and mine, is a fresh, new front we must engage in the war against terror. And just being aware of its existence is a great first step.
Jenni Hesterman is a retired Air Force colonel. She is a senior analyst for The MASY Group, a Global Intelligence and Risk Management firm, and is a full professor at American Military University and contributing editor to The Counter Terrorist magazine. Access her blog at www.counterterrorforum.com.