On Thursday, June 20th, the city council of Riviera Beach, Florida paid a $600,000 ransom in Bitcoin to hackers after its computer systems were targeted in a cyberattack. This event, the most recent of several so far this year, shows how detrimental a cyberattack can be on a city. Furthermore, it enhances apprehension over the possibility of a cyberterrorist attack, a phenomenon we have largely avoided thus far.
What is cyberterrorism?
The FBI defines cyberterrorism as a “premeditated, politically motivated attack against information, computer systems, computer programs and data which results in violence against non-combatant targets by subnational groups or clandestine agents.”
Cyberattacks can overlap with cyberterrorism, but there are several key differences. Cyberterrorism is not necessarily a response to an action, but rather planned and orchestrated due to a particular political motivation. Similar to terrorism, the goal of cyberterrorism is to gain attention and cause mass panic and fear amongst civilian populations; while terrorists use bombs, cyberterrorists use the internet.
Should we be worried?
The 2019 Worldwide Threat Assessment by the U.S. Intelligence Community highlights the concern that “financially motivated cyber criminals” may target the U.S. within the next few years. They warn that this could “disrupt U.S. critical infrastructure in the health care, financial, government, and emergency service sectors.” Officials are also concerned that terrorists may hack into databases and obtain personal information that could be used to inspire and enable physical attacks.
The threat of cyberterrorism has grown ever more pressing in the past few years. As of 2018, 81% of Americans viewed cyberterrorism as a critical threat—an increase from 73% in 2016. There is bipartisan consensus regarding the danger, as Democrats and Republicans express similar concern. Cyberterrorism is considered the second most critical threat to our country, just behind the development of nuclear weapons by North Korea.
Moreover, American military servicemembers assess cyberterrorism to be the greatest danger to U.S. national security. 89% of service members believe that it is a significant or very significant concern, but the majority thinks the U.S. lacks preparedness for a cyberattack. About a third disapprove of existing policies on combatting cyberterrorism, with many believing the guidelines do not go far enough.
Who is engaging in cyberterrorism?
Although this will likely change in the (near) future, there have been fewer cyberterrorism attacks performed directly by terrorist organizations than the U.S. predicted only a few years ago. This is due to a variety of reasons, including the challenge of finding experienced hackers and the concern that these attacks may not cause the same level of fear and chaos as traditional terrorism.
That’s not to say extremist organizations have avoided cyberterrorism – the groups are slowly incorporating the tactic. In 2015, ISIS’ CyberCaliphate hacked into the U.S. Central Command’s Twitter and YouTube accounts and posted threats and pro-ISIS messages. More recently, Al-Qaeda has been attempting to recruit people with strong computer and hacking skills.
Cyberterrorism by Individuals
Currently in the U.S., the biggest cyberterrorist threat comes from individuals who support terrorist organizations.
One example is Ardit Ferizi, the first person to be convicted of cyberterrorism in the U.S. In 2015, Ferizi knowingly gave ISIS the data of 1,300 U.S. military personnel and federal employees in order to assist the group in targeting attacks. Ferizi stole the data by hacking into a protected computer. He was sentenced to 20 years in prison.
Another case is British teenager Kane Gamble, who targeted CIA, FBI, and Department of Justice databases. In 2017, Gamble impersonated a CIA chief to get confidential information. After obtaining sensitive documents on American military and intelligence operations in Iraq and Afghanistan, Gamble leaked some of the information on the internet for terrorist organizations to access, including details of 20,000 FBI employees. He was convicted of engaging in cyberterrorism against the U.S.
In September 2018, the White House published the first National Cyber Strategy in 15 years, which provides guidelines for how the U.S. should respond to cyberattacks, including cyberterrorism. The document offered a shift towards a more offensive strategy.
In response to the National Cyber Strategy, the U.S. Department of Defense released a 5-point plan on how it could best be executed. The plan includes building a more lethal force, competing and deterring in cyberspace, strengthening alliances and finding new partners, reforming the DOD to become more “cyber fluent” and accountable, and cultivating cyber capabilities talent.
The U.S. Government admits we have been lucky to have not experienced a major cyberterrorism attack, but this is likely to change. As such, we must remain vigilant and enhance our detection capabilities to deter a cyberterrorist attack before it damages American people and property.