Cyber terrorism: research report of the Australian National University Cybercrime Observatory for the Korean Institute of Criminology

Author/editor: Broadhurst, R, Woodford-Smith, H, Maxim, D, Sabol, B, Orlando, S, Chapman-Schmidt,B & Alazab, M.

Published in (Monograph or Journal): The Social Science Research Network

Year published: 2017

Abstract

This review of cyber-terrorism outlines the main trends and challenges presented by the convergence of the exceptional reach, speed and scale of the Internet and the political ambitions of violent extremists. Chapters on cyber weapons, critical infrastructure, attribution, Internet of Things, recruitment and propaganda, financing, legislation and counter measures, and cyberwar.
Each chapter provides a brief summary of a key aspect of the cyber terror phenomenon, an analysis of emerging trends or perspectives, and other relevant information or examples identified during the research. At the end of each chapter a brief annotated bibliography is included to assist future research and give readers more information about the sources used. The report has drawn on a broad range of sources including government documents (e.g. law enforcement and security agencies), web/blog posts, academic articles, information security websites and online news articles about cyber terrorism.
The final chapter concludes with a discussion on the likelihood of a cyber terrorist attack. At present a sophisticated large-scale cyber terrorist attack with a kinetic element appears to be unlikely. However, this may change in the next five years because of the increasing capacity of many nation states (including proxy actors) to undertake offensive measures in the cyber domain. Moreover, one notes the increasing risk that sophisticated weaponised software may enter the ‘wild’ and into the criminal underworld, and potentially into the hands of capable violent extremists. A serious cyber terrorist kinetic event (for example, the interruption of power supply or transport services with death or injury as one of the outcomes) is therefore currently unlikely, but high volume/low value or impact events are on the rise (e.g. the routine use of ransomware to finance a terrorist group, the distribution of deceptive or ‘fake’ news, and the mounting of distributed denial of service [DDoS] attacks to undermine confidence in e-commerce). The risk of a cyber terrorism attack should therefore not be understated as an emerging threat, and consequently, preventative and response capabilities should be maintained and advanced. Contemporary society, in short, is coming to realise that violent extremism, albeit relatively rare, is the ‘new normal’. Though it may be difficult to predict each specific event, we can be reasonably certain that at some future point, they will occur.

DOI or Web link

https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2984101