Terror on the Internet: Questions and Answers

What are the key elements of terrorism?
Acts of terrorism are premeditated, politically motivated, and directed at civilians and are perpetrated by subnational groups rather than by the army of a state. Terrorism is a form of psychological warfare that seeks to spread fear, mistrust, and helplessness among the ordinary citizens of a society. Modern terrorists rely heavily on the mass media and use a constant stream of broadcasting (radio, television, video, and the Internet) to achieve the fullest psychological impact on their targets.

How was the Internet used for the 9/11 attacks?
The al Qaeda operatives used the Internet to collect information such as flight times; to communicate reliably and in real time among themselves and with terrorist cells; and to share information and coordinate their attacks. Two of the hijackers (who relied heavily on their laptops) would not check into a Florida hotel unless they were provided with around-the-clock Internet access in their room. The terrorists used the Internet to purchase airline tickets, steal Social Security numbers, and obtain fake drivers’ licenses. The leader of the 9/11 attacks, Mohamed Atta, went online from Hamburg, Germany, to research U.S. flight schools. Astoundingly, the terrorists used the Internet in public places and sent messages via public e-mail.

How did the 9/11 terrorists’ Internet use go undetected? 
The 9/11 attackers communicated openly and disseminated information using prearranged code words. For instance, the “faculty of urban planning” meant the World Trade Center, and the Pentagon was referred to as the “faculty of fine arts.” Mohammed Atta’s final message to the eighteen other terrorists who conducted the 9/11 attacks read, in code: “The semester begins in three more weeks. We’ve obtained 19 confirmations for studies in the faculty of law, the faculty of urban planning, the faculty of fine arts, and the faculty of engineering.”

In what other ways can terrorists disguise their plans on the Internet? 
Another method used by terrorists to avoid the detection of compromising information issteganography, which involves hiding messages inside graphic files. This type of code can be in the form of maps, photographs, directions, and technical details. Messages are hidden on web pages with access limited to users who have the right password. A digital image of a sailboat, for example, might hold a communiqué or a map. A digital song file might contain blueprints of a targeted building.

What sorts of methods are used by the authorities to monitor terrorist Internet activity?
The “Puzzle Palace” is the nickname for the world’s most powerful and sophisticated electronic eavesdropping and antiterrorism system. It allows supercomputers to monitor and investigate millions of online and telephone messages every day.

Another surveillance system is called Total Information Awareness. It’s designed to search and identify suspicious messages from potential terrorists among the everyday traffic of millions of Internet users. Capturing traffic over the Net is called “sniffing,” with the sniffer being the software that searches the traffic to find those items it is programmed to find. One sniffer, “Carnivore,” had been in use before 9/11 and was officially unveiled by the FBI afterward. It operates like a telephone wiretap applied to the Internet.

Encryption is software that locks computerized information to keep it private; only those with an “electronic key” can decode the information. One of the latest eavesdropping systems, codenamed “Magic Lantern,” is a program that, once installed on a suspect’s computer, records every keystroke typed.

What is cyberterrorism?
The term “cyberterrorism” has traditionally been used to refer to the use of computers to sabotage critical national infrastructures (such as energy and transportation networks, or government operations). As modern infrastructure systems have become more dependent on computerized networks, new vulnerabilities have emerged, creating “a massive electronic Achilles’ heel.”

How real is the threat of cyberterrorism? 
It is important to realize that there has been no actual instance of cyberterrorism recorded to date. U.S. defense and intelligence computer systems are “air-gapped”—not physically connected to the Internet. Individual businesses actively protect their computer systems through the use of firewalls and so forth.

But because the West is a wired society, with most critical infrastructure networked through computers, the potential threat of cyberterrorism is real. Our dependence on information technology has created a new form of vulnerability, giving terrorists the opportunity to approach targets that would otherwise be utterly unassailable, such as air traffic systems, utility systems, dams, federal reservoirs, chemical plants, and power plants. In the United States alone there are 104 nuclear plants. As the technological sophistication of terrorists grows, so too will the potential for cyberterrorism.

What is the appeal of cyberterrorism for terrorists? 
It is cheaper, easier, and more anonymous than traditional terrorist methods of attack. All that is needed is access to a computer server with an online connection. Attacks can be launched from a distance, a feature that is especially appealing to terrorists. And cyberterrorist attacks have the potential to harm a larger number of people than could be killed and injured by traditional terrorist methods—a dreadful fact that generates greater media coverage, which is the ultimate objective of all acts of terrorism.


The views expressed in this publication are those of the author(s).

PUBLICATION TYPE: Analysis