The Terrorism Threat Online

By Matthew Harwood

Leading experts discussed terrorists' growing ability to wage jihad in cyberspace at a forum last Friday on Capitol Hill hosted by the Counterterrorism Foundation.

Along with the threat of cyberattacks on critical infrastructure and use of online chat forums to recruit and radicalize future terrorists, speakers examined emerging threats, like the potential use of virtual worlds to coordinate and finance terrorist violence.

"The Internet isn't just for dirty pictures of Paris Hilton," said Evan Kohlmann, a terrorism expert and operator of, told the crowd that gathered in a conference room in the Rayburn House Office Building.

As infrastructure systems migrate to the Internet en masse, they become vulnerable to cyberattacks, whether from states, terrorist groups, or individuals, said Kenneth Silva, senior vice president and chief technology officer for VeriSign. Infrastructure systems are especially vulnerable because corporations and governments don't spend enough resources to protect them.  Further, the systems' interconnectedness means that failures spread rapidly and unpredictably, as evidenced by last week's power outage in Florida.

More worrisome, cyberattacks aimed at debilitating a country's infrastructure aren't entirely a state-based threat as the events in Estonia last spring prove. There, 20-year old Dmitri Galushkevich used his computer to cripple the Web sites of Estonian banks, schools, and government agencies. One individual recently conducted 1,600 cyberattacks on U.S. infrastructure targets over a six-week period and was never caught, Silva said, noting the threat posed by motivated individuals or terrorist groups.

Virtual worlds, simulated environments where users interact as characters called avatars, may provide a new platform for terrorist activity, some experts worry.  The most popular virtual world today is Second Life.

Two key features of virtual worlds, especially Second Life, may attract terrorists: finance and formlessness, said Roderick Jones, vice president of Concentric Solutions International. Second Life users can purchase items for their avatars using virtual currency that has a real-world exchange rate. Therefore, terrorists could use Second Life to transfer money without creating an audit trail. This would provide a remittance system to finance terrorism, much like the hawala remittance system investigators believe al Qaeda uses to finance its attacks.

Second Life's other alluring characteristic is its Protean nature. Users can interact anonymously in whatever way they choose. One recent scandal, for example, involved Germans paying to have sex with virtual children in Second Life. Therefore, terrorists could ostensibly use its tools— such as Voice over Internet Protocol (VoIP), real time instant messaging, e-learning modules, etc.— to recruit, radicalize, and train followers to carry out terrorist attacks.

But Second Life's most simple and appealing characteristic is its utility as a marketplace of ideas, Jones said. A passive jihadi sympathizer need only join the right (or wrong)  group in Second Life that would radicalize him, and create a pathway into terrorist activity. Also, once a relationship has been established, the conversation can resume offline.

Jones, however, acknowledged that use of  Second Life for terrorist activity is unlikely, because it doesn't let users hide activities behind encryption walls and its interface isn't simple. That, however, doesn't mean virtual worlds will not be used as their popularity grows. Commercial programs already allow establishment of private virtual worlds. "Why not Jihadi World?" Jones speculated.

The most alarming and persistant terrorist threat online is the use of online chat forums, which Kohlmann said has "evolved into a disturbing MySpace-like set of social networking tools for jihad."

The best-known exemplar of this trend was Irhabi, or Terrorist, 007. Otherwise known as Younis Tsouli, the 22-year old Moroccan immigrant to who lived in London's West End was arrested on eight terrorism-related counts in October 2005 and convicted to 10 years in prison. A gifted propagandist, Tsouli operated behind two password protected forums frequented by al Qaeda members. Soon, the Jordanian terrorist Abu Musab al Zarqawi, who led al Qaeda in Iraq, took notice of his talents. Quickly, Tsouli became the "virtual matchmaker between home grown terrorists and Zarqawi's network," Kohlmann said.

Another social networking case involved the so-called Toronto 17, a terrorist cell that met through the the Islamic online forum and had plans to attack targets around Toronto, including Parliament and the Canadian Security and Intelligence Service (CSIS).

Monitoring these online forums is "not an unmanageable problem" for Western intelligence agencies, Kohlmann said, because there are only ten to 15 sites of significance.Yet many of the jihadi Web sites are password-protected and the communications are not in English, making it difficult for intelligence agencies like the CIA to effectively monitor them.

Furthermore, U.S. law has not caught up with Internet technology, he said. Questions remain over which communications are protected when terrorists use online forums created by, and used by, foreign nationals, but are hosted by an Internet service provider based in the United States. Are they protected by American privacy laws?

No one really knows, Kohlmann says, adding that "most national security policies are still attuned to an era that does not exist anymore."



View Recent News (by day)


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.