Terrorism and the Internet: Finding a Profile of the Islamic “Cyber Terrorist”
Total Page:16
File Type:pdf, Size:1020Kb
Countering Terrorism, Preventing Radicalization and Protecting Cultural Heritage 103 A. Niglia et al. (Eds.) IOS Press, 2017 © 2017 The authors and IOS Press. All rights reserved. doi:10.3233/978-1-61499-755-9-103 Terrorism and the Internet: Finding a Profile of the Islamic “Cyber Terrorist” 1 Dr. Stefano MELE Director of “Information Warfare and Emerging Technologies” Observatory, Italian Institute of Strategic Studies “Niccolò Machiavelli” Abstract. The number of terrorist attacks that have brought about bloodshed and left a mark on recent history have spotlighted once again the need to stem the at- tempts by terrorist organizations to conduct attacks within the EU, forestalling the intentions of the martyrs-to-be. The Islamic State of Iraq and Syria (ISIS) is un- doubtedly the terrorist group that, more than others, has taken advantage of Internet, not only as a tactical means of coordination, but also as a tool to carry out proselyt- ism, recruitment, propaganda, and fundraising. As one could imagine, constantly monitoring the Internet for these activities is an extremely complex and time-con- suming activity, requiring a huge amount of money and manpower, and resulting in very poor – and only temporary – outcomes. To stem this rapidly spreading phe- nomenon, it can be useful to focus the attention of decision-makers, intelligence and law enforcement on a possible profile of a “cyber terrorist”. This paper aims at tracing the identikit of a possible “cyber terrorist” that is as broad and consistent as possible. Keywords. Al-Qaeda, cyber terrorist, Internet, ISIS, Islamic State, profiling, prop- aganda, proselytism, recruiting, terrorist organizations 1. Introduction The number of terrorist attacks that have brought about bloodshed and left a mark on recent history have spotlighted once again the issue never settled about the need to stem attempts by terrorist organizations to conduct attacks within the EU, forestalling the in- tentions of the martyrs-to-be. Even though official data are not yet available on the level of such a threat in 2016, the latest Europol “European Union Terrorism Situation and Trend Report 2016” 1 Stefano Mele is “Of Counsel” to the Italian Carnelutti Law Firm, where he is in charge of the Technology, Privacy, Cybersecurity and Intelligence Legal Department. He holds a PhD from the University of Foggia, and cooperates with the Department of Legal Informatics at the Faculty of Law of the University of Milan. He is the co-founder and Partner of the Moire Consulting Group. He is the President of the “Cyber Security Working Group” of the American Chamber of Commerce in Italy (AMCHAM), and member of the “Cyber Security Roundtable” of Regione Lombardia and of the “Advisory Board on Cyber Security” of Assolombarda. He is Director of the “InfoWarfare and Emerging Technologies” Observatory of the Italian Institute of Strategic Studies ‘Niccolò Machiavelli’, and co-founder and President of the CyberPARCO non-profit Organization. Stefano is also a lecturer for several universities and military research institutions of the Italian MoD and NATO, and he authored several academic papers and articles, and provided legal and strategic insights on specialized magazines and websites on cyber security, cyber intelligence, cyber terrorism and cyber warfare topics. In 2014, his name appeared in the list of NATO Key Opinion Leaders for Cyberspace Security. In 2014, the business magazine Forbes listed Stefano as one of the world’s best 20 Cyber Policy Experts to follow online. 104 S. Mele / Terrorism and the Internet: Finding a Profile of the Islamic “Cyber Terrorist” stresses the fact that in 2015 no less than 211 terrorist attacks took place within the Eu- ropean Union, all in the same six Member States: Denmark (2 attacks), France (73 at- tacks, 15 of which were jihadist attacks), Greece (4 attacks), Italy (4 attacks), United Kingdom (103 attacks) and Spain (25 attacks). Such attacks have caused 151 fatalities and over 360 injured. Meanwhile, still in 2015, 1,077 individuals were arrested for terrorism-related crimes, 687 of whom were charged with conducting religiously-inspired terrorist activi- ties. The highest concentrations of arrests was in France (424 arrests, 377 of which for jihadist affiliation), Spain (187 arrests, 75 of which for jihadist affiliation), Belgium (61 arrests, 60 of which for jihadist affiliation), United Kingdom (134 arrests for non-speci- fied reasons), while 40 individuals were arrested in Italy, all of whom were presumably ISIS members. Almost two thirds of those arrested (63%) proved to be European citizens, 58% by birth. Figure 1. Europol “European Union Terrorism Situation and Trend Report 2016”. Figure 2. Europol “European Union Terrorism Situation and Trend Report 2016”. S. Mele / Terrorism and the Internet: Finding a Profile of the Islamic “Cyber Terrorist” 105 2. The Use of Internet for Terrorist Purposes by ISIS Due to the ever-increasing number of European citizens involved in terrorist acts, experts have focused greater attention on the methods used by terrorists to radicalize and shape the thoughts of European shahid-to-be, despite being so close to Western principles both by birth and culture, and also distant from religious radicalization areas. The Internet is one of the most popular and effective means to this end. Indeed, it is through the Internet that ISIS has cheated geographic distance to gain supporters world- wide, fostering their emotional involvement and adhesion to the principles of jihad and martyrdom. Despite being considered by the media as capable of conducting significant com- puter attacks, i.e. attacks to national critical infrastructures, or the creation of cyber weap- ons on its own, this terrorist organization has never actually raised the bar. The four main groups supporting the Islamic State – the Cyber Caliphate, the Elite Islamic State Hackers, the Islamic Cyber Arm, and the Islamic State Hacking Division have shown poor capabilities in computer attacks. They have simply carried out Distrib- uted Denial of Service attacks (using very basic software, like the “Caliphate Cannon” DDoS tool), defaced websites and social network accounts, and disclosed personal data of government personnel, obtained through basic social engineering techniques. Instead, what the Islamic State is more focused on is finding the most secure means of communication possible. Using the Internet to recruit new supporters is a double-edged sword; in some cases, ISIS members spreading jihadi propaganda online have been identified, geolocated, and even killed due to the high levels of exposure. This is the case with Junaid Hussain, also known as Abu Hussain al-Britani, born in Birmingham and leading member of the Cyber Caliphate. Al-Britani was located and killed by an American drone in Raqqa last August, as a result of the “traces” left of his on-line activity. Although ISIS propaganda, and subsequently the media, depict ISIS as capable of developing software for secure – as in the recent case with the mobile app called Alrawi – there is actually no trace on the Internet of such software, nor of the Alrawi app. On the contrary, most evidence suggests that ISIS primarily uses popular mobile chat applica- tions like Conversations, Telegram, Threema, and Signal. All the rest is merely propa- ganda. In this context, in order to deeply understand the role actually played by the Internet and the reasons behind its massive use for terrorist purposes, the “ease” this tool offers must be highlighted. The benefits it offers are obvious: • the opportunity to create long-distance networks of individuals almost effort- lessly, and at a low cost; • the ability to act totally anonymously; • the opportunity to create cost-free, real-time information sharing; • the ability to access shared information worldwide; • the ability to easily reactivate accounts linked to existing “social networks”, in order to prevent a website blackout or removal from jeopardizing the stability of the active network. In addition, terrorist organizations’ broader internet strategy also needs to be inves- tigated. In this regard, it is useful to consider that the use of the Internet: 106 S. Mele / Terrorism and the Internet: Finding a Profile of the Islamic “Cyber Terrorist” • makes it easier for new recruits to join a terrorist organization; • assures that the organization can communicate with the remotest extremist cells; • allows extremists to easily strengthen their messages and terrorist acts, backing them with videos, sounds and images; • creates a new “social context” where the terrorist-to-be realizes that even the least socially-acceptable and most disgusting ideas are actually considered “nor- mal” and desirable. Hence, by simply analyzing the above elements, it is undeniable that the Internet has acquired quite a significant role in this field, encouraging, increasing, and accelerating the usual process of propaganda and radicalization. Still, mere propaganda and proselytism activities are not the only benefits arising from the use of Internet and technology by terrorist groups, even if they certainly repre- sent the main ones. Further possible activities are to be included in the threat spectrum, such as: • recruit, radicalize and incite toward terrorist acts; • train terrorists-to-be via videos and instructions released on online forums, sites, or direct-messaging platforms; • finance terrorist acts by directly calling for donations, using e-commerce plat- forms, and online payments or even by creating fake