The Internet has changed the world of criminal activity. Access to computers and Internet access are the only barriers to illegal cyber enterprises. In addition, any perpetrator of cyber crime can have a global presence as well as the ability to victimise targets anywhere in the world. The cyber world has seen an exponential increase in terrorist organisations making their presence known on the global platform of the web. They use the forum to train, incite, and recruit.
The international community has responded to both situations with two classes of regulations: cyber crime and cyber terrorism. Both are aimed at controlling the information community’s technologies explosion of cyber criminal activity, but each approaches the problem from a different definition.
This paper provides a brief review of cyber crime and cyber terrorism in order to demonstrate the complex problem these two definitions have created for both the state Government and law enforcement and the opportunity it offers the terrorist community as it exploits the ambiguity that exists because of these definitions.
Furthermore, as Internet access is part of the everyday lives of so many people, criminals have learned to exploit that access and the constraints law enforcement must outnumber as it works to detect, deter, and eliminate this criminal behaviour. As such, the purpose of this paper is to analyse the current categories of cyberspace criminal activity and to demonstrate, through a case study using al-Qaeda in the Islamic Maghreb (AQIM), the empirical problems these definitions bring to an environment where law enforcement may be difficult, at best, to accomplish. Changes are needed; changes that permit enforcement to anticipate changes and incorporate a capability to advance as the crimes advance.
Definitions of cyber crime and cyber terrorism
In 2007, Professor David Wall of Durham University (2) coined the phrase ‘cyber crime’ to capture the extent of this technology’s power to reach into almost anywhere, anytime – unseen and unchecked.(3) Terrorists exploit this “cloak of invisibility” characteristic when they use the Internet and its information communication technologies for criminal purposes. But while we may be tempted to categorise these activities as terrorism, we have to recognise that a terrorist who hacks into a personal bank account to steal credit card information is not a cyber terrorist, even if the funds gained are used to support terrorism. This is simply a case of hacking, or cyber crime committed by a terrorist. The term cyber terrorism juxtaposes cyberspace and terrorism, so that we focus on terrorism as it is carried out through the information communication technologies (ICT). Professor Dorothy Denning of the Institute of Cyber Analysis at the Post-Graduate Naval School in the United States supports that cyber terrorism is the convergence of cyberspace and terrorism.(4) Professor Gabriel Weimann narrows that juxtaposition by defining cyber terrorism as “the use of computer network tools to harm or shut down critical national infrastructures (such as energy, transportation, Government operations).” However, this expansive definition does not permit us to distinguish cyber terror from a general cyber attack or profit-based cyber crime or any of the other many possibilities.
Consequence of world’s evolution
Criminals have long leveraged the advances of new and evolving technology for their own profit, and then exploited the ambiguities of lagging laws to avoid prosecution. The perpetrators of Internet crime using information communication technologies are no different. As early as the 1960s, the definition of computer crime (as it was deemed then) was debated. State Governments and businesses dependent on their software and hardware became increasingly concerned about the vulnerable position a dependence on computers placed on their sensitive data. This dependence only increased as the benefits of technology advancements appeared to outweigh the security compromises they brought. In the 1990s, as computers became a household/personal communication tool, the security disadvantages that accompanied them took on more notice. The terminology changed with it, and the cyber perspective was emphasised to focus on the network space perspective, not the computer itself.(5)
This evolution in crime designation suggests the fluidity that emanates from this criminal activity. As in the past, law enforcement definitions of this category of crime lag behind the current situation. This lag is particularly evident in the environment limitations that beset law enforcement when the crimes originate in failed state territories. These states are severely hampered by almost non-existent financial resources, limited advanced technology and, often, graft and corruption. This context often encourages the free flow of nefarious groups and questionable activities. This area is home to a burgeoning cyber growth market and one of the world’s largest perpetrators of cyber crime. Current standards and regulations enforced in other parts of the world are non-existent in this section.
Incorporating hacking or other financial cyber crime elements into its anti-West strategy creates a tremendous opportunity to inflict significant damage on the United States (US) and its allies without investing in many of the resources required for a ground or aircraft event like 11 September 2001 (9/11). It extends the period of anonymity that is critical for a successful event and reduces the number of individuals needed to execute a successful attack. In addition, executing such a plan complies with the fatwa issued by Anwar al-Awlaki that directs jihadists to use whatever form of stealing is necessary to take money from the West to pay for attacks on the East.(6)
Incorporating the Internet into AQIM’s repertoire of weapons against the West reduces its attack footprint. Adding this new weapon, terrorists still achieve their goals and objectives. But they do not redefine the cyber crime committed and make it cyber terrorism; rather cyber crime becomes a tool in the arsenal employed to achieve the terrorist goals. Each act against an individual or financial institution would still represent a crime against state law. Just as AQIM appears to have reconciled the crime of kidnapping with its terrorist philosophy of eliminating the West, the organisation can easily apply that same reconciliation process to the cyber world obtaining the same philosophical result.
An expanding threat: Al-Qaeda and AQIM
The concept of violence in terrorism must be reconsidered when introducing the virtual world of cyberspace. Cyberspace expands terrorist organisations’ abilities to inflict damage. The continued reliance on the word ‘violence’ for terrorism must be reconsidered now that the computer has redefined the attack field space. Harm is inflicted on victims, impact can be significant and financial burden may exceed that of the attack of 9/11.
Cyberspace can also eliminate the physical danger that accompanies transport of bomb making materials like triacetone triperioxide (TATP). In the past, these materials required careful transport, clandestine distribution and much danger. But confining the web to training and discussion, advice or media transmission, limits the benefits a cyber terrorist can achieve. Al-Qaeda was one of the first to test this using the Internet when it was a new communication vehicle by introducing websites like www.azzam.org and www.neda.com.(7) Since then, terrorist groups have leveraged this virtual world’s access to unseen millions to deliver propaganda, recruit new members, release online publications and issue directives. Hamas has provided detailed triacetone triperioxide (TATP) bomb making instructions and al-Qaeda moved part of its training camp to the Internet. Al Battar Training Camp opened for business in 2004 as an online publication that featured detailed guidance on using a Kalashnikov rifle and maintaining a high physical fitness level.
Another critical example of the above is AQIM. The group has started in Algeria as the Salafist Group for Preaching and Combat (GSPC), a violent group dedicated to overthrowing the Algerian Government. Over time, the group started to form alliances. The first alliance, with al-Qaeda, brought name recognition and a known ideological image. Other alliances with armed gangs, bandits and groups such as the Colombian FARC brought increased funding: drug trafficking, smuggling and other criminal activities. These last opportunities gave AQIM the chance to leverage its former guerilla terrorism and turn it into a profit-making venture. AQIM also learned how to diversify its market using its core competencies.
AQIM also exploits its Sahel location, the region’s seamless borders, the area’s few security concerns and its even fewer enforced Government regulations. AQIM is now part of the fabric of the area contributing to its instability with terrorist attacks, kidnappings, drug trafficking and weapons sales.
It has also begun to recruit from the nearby countries of Mali, Mauritania, Morocco and Tunisia and to insert itself into the southern neighbours of Nigeria and Niger. In Nigeria, having established a formal relationship with Boko Haram, AQIM now trains its members as well. Proximity and ease of movement between borders increases the potential for contact opportunities with Boko Haram. This Sahel location and AQIM’s presence in countries like Nigeria offer it an opportunity that intelligence analysts recognise as a serious cyber threat.
Nigeria, third in the world for cyber crime perpetrators, offers AQIM unfettered access to perpetrators of electronic fund fraud and other Internet crimes. Nigeria is home to the Yahoo boys, a group known for their preference for Yahoo’s users, its chat rooms and email access. This constancy on the Internet has given terrorist groups a presence in locations where they have no physical resources and has acted as a bridge when transitions were forced upon them. Video messages have been an especially effective tool during these periods. All of these acts have been defined as cyber terrorism, even though criminal acts were executed when the information was transmitted. Thus, training videos featuring instructions on how to build explosive devices and prepare gunpowder have long appeared as standard features in web sites regularly used by militant Islamic groups. These sites also feature tips on money laundering and many other organisational needs. Including a focused cyber crime unit could easily be incorporated.
The rapid growth of the Internet mirrored the same meteoric rise in Internet use by the general population as well. For instance, between 2000 and 2005 the global Internet community grew 126.4%, exceeding 800,000 users.(8) The transition to the virtual world demands a reassessment of the terms terrorism and crime when applied against the cyber sphere.
This reassessment is necessary because cyber activities will continue to expand their reach into our organisational and personal lives, bringing with them the responsibility to mitigate any accompanying potential harm with real world counter-threats measures. The increasingly digital global environment has already transformed how we meet, interact, organise and form alliances. These same digital technologies offer terrorists and terrorist organisations an identical range of opportunities in order to support their campaigns of violence and further their political objectives.(9)
Written by Ioannis Mantzikos (1)
(1) Contact Ioannis Mantzikos through Consultancy Africa Intelligence’s Conflict and Terrorism Unit ( email@example.com).
(2) Wall, D., 2007. Cybercrime: the transformation of crime in the information age. Cambridge: Cambridge University Press.
(3) Denning, D., 2010. Terror’s web: How the Internet Is transforming terrorism. William Publishing: Leicester.
(4) Parker, D.B., 2007. The dark side of computing: SRI international and the study of computer crime. IEEE Annals of the History of Computing, 29(1), pp. 3-15.
(6) ‘Countering the Use of the Internet Terrorist Purposes’, Working Group Report, United Nations Counter-Terrorism Implementation Task Force, 2009.