Professor Gabriel Weimann spoke to a Fathom Forum about his book Terrorism in Cyberspace: The Next Generation. The following is an edited summary of his remarks.
The use of the internet by terrorists has grown exponentially. In 1998 we found 12 websites of terrorist groups, including Al-Qaeda. Today, we are dealing with just over 9,800 terrorist websites. In addition to this traditional online presence there is now extensive use of social media. Given this progress, preparing ourselves for future terrorism online is the key to winning the battle. In this vein, the subtitle of my new book Terrorism in Cyberspace is ‘the next generation’. It focusses on the emerging trends, the future threats and how we can respond to them.
Lone Wolves and Virtual Packs
One new trend is lone wolf terrorism. In the last few years, no terrorist attacks in the West were conducted as 9/11 was, by a large group of 19 people. They are conducted instead by , individuals acting alone – so called ‘lone wolves’. The murder of Lee Rigby in London, the incident with the two shooters in Texas, the Breivik assault in Norway and the Boston marathon bombers all illustrate this point. Each appeared to have been undertaken by operators who had not been to a training camp and were not part of a terrorist group. However, as in nature, lone wolves do not survive. Wolves always attack in packs and this happens online too, only it is a virtual pack of wolves. Part of my research has focused on tracking lone wolves online and we found that all the attackers had a virtual pack behind them, one that we could track and identify. We could see their emails, the websites, the videos they downloaded or uploaded, their postings on Facebook and their tweets – we could see just about everything. All were radicalised, recruited, instructed, trained – and sometimes the attacks were even launched – online. And some terror attacks have been prevented because counter-terrorism agencies monitored the net.
While Anwar al-Awlaki, the online preacher for Al-Qaeda, was killed in an American drone strike in Yemen, he is still ‘alive’ on the internet. My research has shown that almost all of the lone wolves, in one way or another, were connected to him. By downloading his videos and sending messages to the network, they were able to interact. Radicals can even learn terrorist techniques on the internet. Indeed, Inspire magazine – an online publication launched by Al-Qaeda in English – even contained a chapter entitled ‘how to build a bomb in your mother’s kitchen.’ The two Tsarnaev brothers, who attacked the Boston Marathon, used an explosive device they had built from a pressure cooker, using these instructions. An entire terrorist infrastructure – open source jihad – exists on the internet.
This is a huge challenge for security and intelligence services. Nevertheless, if there is a virtual pack, and you know how to follow the tracks, it is still possible to interdict the terrorists.
Narrow Casting
A second emerging trend is the concept of ‘narrow casting’ which terrorists learnt from marketing, advertising and political communications. Narrow casting is the opposite of broadcasting. Broadcasting means that you have one message for all – one website and one language. And indeed that is how the terrorists started their online presence. But today, advertisers segment their target audience into different categories (gender, age, location, motivation) in order to target each sub-population with specific messages, specific appeals and specific rewards.
30,000 foreigners have joined ISIS. No other terrorist group in history managed to recruit 30,000 foreigners. They have achieved this mainly through online strategies. In fact, most of them are known to us by name because they appear online and are used for additional recruitment purposes. The threat to Europe from ‘returning jihadists’ has already materialised in the attack on the Jewish Museum in Brussels.
The interesting thing is that the terrorists themselves know that they have to use different appeals for different sub-populations when recruiting. Narrow casting has even been used to recruit children, often very young children, and women as future terrorists. The exploitation of feelings of marginalisation is also an effective recruitment mechanism. The whole process starts not with violence but with social bonding.
Using new media
Three stages of online terrorism can be identified. The first stage was characterised by the passive use of unsophisticated websites. Later, in the early 2000s, terrorists moved to a more interactive platforms – this was the second stage. They did not abandon the use of websites, but they added chat rooms and forums. The new, third stage is the use of social media. ISIS immediately entered at the third stage of online terrorism.
It is very important to note that terrorists have never advanced or developed new internet technology themselves, but they are very quick to adopt the newest technologies of the West, in order to attack the West. Platforms like Twitter and YouTube provided them with access to huge audiences for their audio-visual materials, on a platform that was very hard to censor. These platforms also fed the traditional media – there is a two-step flow of communication. In the past when videos were sent to international news broadcasters, the editors had control over both the content and the viewership. Online, there are no gatekeepers: you can watch the execution of Daniel Pearl by Al-Qaeda, the beheadings in Syria by ISIS, the burning of the Jordanian pilot and nobody can stop you. So the terrorists reach not just their intended audiences, but the mainstream media as well, as a buzz online forces the traditional media to broadcast the materials put there by terrorists.
Cyber terrorism
Terrorists are not only using the internet for propaganda and recruitment, but also to attack the internet itself. They notice that our infrastructure is now online and controlled by computers. They try to exploit our dependency by attacking the computers. The motivation is there – all they need now are the experts and they can find them.
Our Response
First – and this has already been done by governments, counter-terrorism agencies and security forces – we must recognise the fact that we are fighting a new war. This is not the war of the 1970s against terrorists groups. The online arena is a new one, which requires new armies, new weapons, new training and international co-operation. In cyberspace, there are no borders, no control, no police and no passports. If you block them in one country they can always access it from another country. There must be wide international co-operation to combine the forces of the public and the private sectors. At the moment, however, this is uncoordinated and ineffective.
Second, we must balance civil liberties and security. While judicial authorisation is required by the police in democratic countries to enter a home, there is little oversight of technological intrusion. While we should extensively monitor the online space, there needs to be rigorous regulation because we don’t want the price of fighting terrorism to be higher than the price of terrorism itself. We should regulate who is allowed to store information and who is allowed to have access to the stored information. We have to protect our civil liberties, just as we protect ourselves from terrorism. It will never be ideal, but we must look for Shvil Hazahav (Rambam), the ‘golden path’, the ideal compromise.
Third, we need to be more activist in our approach to tackling terrorism. The terrorists have been appropriating our technology from Facebook to free satellite services on Google Earth. So far our strategy has been to respond to their use of our new technology. They also react to our responses. You can find online terrorist guidebooks on how to avoid being identified on Twitter and YouTube, for example. It is a dialectic and ongoing exchange of blows. We should be more pre-emptive. Let’s design the future technology in a way that will be terrorist safe, or that will at least minimise the potential of abuse by terrorists.
Fourth, to win this new type of war we also need new types of weapons. For example, sophisticated commercial campaigning techniques are needed to launch counter-radicalisation campaigns and counter-narratives to target the same populations which the terrorists target. Right now, we leave the stage to them; they find the alienated, frustrated minorities and try to recruit them. We are still at a very early pioneering stage, but the potential is certainly there. Counter campaigning is not always about targeting the individual, but also their family members. One such study revealed that most of the people that joined ISIS had previously revealed the secret to one member of the family. Therefore, there are reasonable grounds to focus the campaigns on these family members as well.
Cyber Terrorism – The balance between Civil Liberty and Security
The major difficulty with fighting terrorism is that its aim is to provoke a disproportionate response. Centralised states can marshall huge forces suited to countering similar huge forces. They have the claws and bite of a lion that can battle another lion.
Terrorism, however, is more like a micro-biological pathogen, that demands a microscopic immune system response. But immune system over-reaction can be deadly. Flu pandemics (such as that of 1918-19) killed young adults because their immune responses were too strong. The terrorists know they cannot win by direct assault, but hope we will destroy ourselves.
The problem is compounded when the terrorist enemy seeks power to impose his totalitarian ideology. He sees that the measures we put in place to try to subdue him will be invaluable to him if he achieves power.
In order that the price of fighting terrorism not be higher than the price of terrorism itself, I would recommend additional precautions, lest emergency measures become the “acceptable” norm, and the “mission” creeps into less justifiable areas.
It should be recognised that the window of efficacy of mass internet surveillance, for example, will be brief. The obvious counter is end-to-end encryption, and VPN proxy-servers. Ordinary citizens, already concerned about privacy and the overbearing state, will soon be using it routinely. The professional terrorists probably already do so.
All counter-terrorism measures that compromise civil liberty should have an annual sunset and require full legislature scrutiny for re-authorisation. If the emergency has passed or the measure has been effectively nullified by the terrorists, the measure should be allowed to lapse.
Mission-creep use of the legislation should be prosecuted as treason, because it undermines the security purpose. The McCarthy Communist witch-hunt is rightly condemned. What is forgotten is that after McCarthy was discredited, the backlash against the witch-hunt inhibited dealing with the left-wing infiltration of government posts and academia from the mid-1950s to the 1970s.
The Jihadi sympathisers recognise the McCarthy backlash effect, and routinely hurl the “Islamophobia” accusation. All it would take is one high-profile innocent martyr to host-society paranoia, for the charge to stick. And then many genuine Jihadi threats will be allowed to slip through, for fear of another error.
This is mostly a war of ideology. It can only be won by our exercising manifest moral propriety which demonstrates the bankruptcy of the Jihadi creed and the benefits of the liberal respect for individual justice.