STC/MT (01) 3
NATO Parliamentary Assembly
SUB-COMMITTEE ON THE PROLIFERATION
OF MILITARY TECHNOLOGY
Michael MATES (United Kingdom)
International Secretariat April 2001
* Until this document has been approved by the Science and Technology Committee, it represents only the views of the Rapporteur.
is changing in ways that may make it more dangerous and difficult to
combat. Despite the fall of the
communist bloc, which once provided support to left-wing terrorists, and the
resulting reduction in the number of states supporting terrorism, incidents
reported around the world have not decreased.
Moreover, terrorist attacks are becoming more lethal: according to a
recent report to the US Congress, in the 1990s a terrorist incident was almost
20% more likely to result in death than an incident two decades ago. Although significant, this is not the only
change occurring in international terrorism.
Terrorist groups have
now different motivations,
organisation, structures , and tools.
2. Times and political environment have always shaped the definition of terrorism. It is significant to note that, so far, most definitions adopted by governments and international bodies include three basic characteristics: terrorism (1) is aimed at non-combatants; (2) uses violence to exact revenge, influence or intimidate an audience; and (3) is premeditated and politically motivated. The most recent definitions do not limit motives only to the political sphere but include “religious, or other ideological objectives”.
Most terrorist groups in
the 1970s and 1980s had concrete political agendas, such as social‑revolutionary
or nationalist-separatist programmes.
Although these groups have not completely disappeared, “new” terrorists
have emerged having different motives unrelated to clear political goals,
including religious and ethnic fanaticism, millenarian and apocalyptic cults,
white supremacism, and environmental ultra-radicalism. The trend toward higher lethality in part reflects the
changing motives of today’s terrorists.
Traditional political terrorists generally calibrated their attacks to
produce just enough violence to get attention for their cause, but not so much
as to alienate public support.
Religiously motivated terrorists, such as Osama bin Laden’s al‑Qaida, representing a growing
trend toward hatred of the West - and the United States in particular -
have few goals other than to “punish” their enemies and kill
as many of them as possible.
Changes in motives have
produced changes in the organisation and structure of terrorist groups. While state-sponsored political terrorists
usually have rigid hierarchical structures, new political or religious groups
rely on looser affiliations and organisations among like-minded people, often
from different countries. An
organisational figure that appears to apply to many terrorist organisations is
the Segmentary, Polycentric, Ideologically Integrated Network (SPIN), a
definition originally coined for 1960s'
movements. Of course, leaders still
exist, but rather than “military” commanders they are more likely to be
charismatic figures offering political and ideological guidance.
These more loosely affiliated,
transnational terrorist groups usually rely on various means for funding and
logistical support, as well as on self-financing criminal activities. Their networks of support include legitimate
businesses, associations and non-governmental organisations. Computers, satellite phones
and other modern technologies offer these terrorists very effective
organisational and communication tools.
They use them to co-ordinate and support their activities, collect money , spread
information and propaganda.
terrorists still prefer guns and conventional weapons. However, evidence suggests that some of the
“new” terrorist groups may be willing to inflict mass casualties for a variety
of motives other than political goals.
The famed Aum Shinrikyo sarin gas attack on the Tokyo subway in 1995,
already analysed by your Rapporteur in 1999 [Biological Weapons: the Threat of the New Century, AS 287 STC/MT (99) 8], has attracted
attention on the possible terrorist use of weapons of
mass destruction (WMD). The emergence
of a new breed of terrorists less constrained by traditional ethics or
political pressures, coupled with the diffusion of know-how about nuclear,
biological and chemical weapons, may increase the probability of a major WMD
terrorist incident. In the next section
will try to give a brief assessment of this threat.
with IT (and the examples offered by hackers and criminals) make it
increasingly possible that they resort to cyberattacks or other forms of
to information systems, thus exploiting our
societies’ reliance on computers and networked information systems. Some terrorist (or cyberterrorist) groups
are becoming increasingly sophisticated in the use of these technologies and there is evidence
that they could inflict serious damage to our information systems. Another section will be devoted to
terrorists using highly sophisticated technology, and to the specific area of the so-called
Many analysts have
defined the emergence in the 1990s of these new non‑traditional threats
with the term: “asymmetric threats”.
These are threats that do not present the menace of a major conventional
war but do present equal dangers to Western populations and governments.
Former US President Bill Clinton well defined these threats in a 1998 address
to the US Naval Academy: “our security”, he stated, “is challenged increasingly by non-traditional threats from
adversaries, both old and new, not only hostile regimes, but also international
criminals and terrorists who cannot defeat us in traditional theatres of
battle, but search instead for new ways to attack by exploiting new
technologies and the world’s increasing openness”. This report will try to outline precisely how technologies may
enable new and extremely dangerous forms of terrorism. Current strategies to counter these threats
will then be briefly assessed. Finally,
your Rapporteur will offer a few suggestions to improve our public safety
through a better use of new technologies ,
The possibility that
terrorists use WMD to conduct mass casualty attacks has become a serious
national security concern for the United States. Since the mid-1990s
, the US government has steadily
increased funding to programmes to counter and combat WMD terrorism: according
to the Monterey Center for Nonproliferation Studies, Washington spends about $5
billion per year in this area. As a
debate in the West has sparked between those who believe
the expenses are justified, because the threat is indeed real, and those
convinced that risks are exaggerated by defence officials and think-tanks in
order to draw out resources from the political system. The general terms of this debate were
already outlined by your Rapporteur in the cited 1999 report on biological
weapons. However, the rich recent
literature on the subject allows for a deeper analysis that would take into account also chemical
and radiological agents, and nuclear devices.
The historical record
includes very few terrorist incidents in which chemical and biological agents
were used and no cases involving radiological agents or nuclear weapons
(although there have been episodes of smuggling of fissile material). The main explanation seems to be that this
form of terrorism requires not only the motive to employ such weapons but also the
technical skills to produce and deliver them effectively. The number of terrorists possessing the
are therefore limited. As Jessica Stern’s study The Ultimate Terrorists indicated,
politically motivated, state‑sponsored groups are the most technically
proficient but “likely to avoid large-scale use of WMD, for fear of alienating
their constituents or evoking harsh reactions from authorities”. On the other hand , loners,
schizophrenics and sociopaths may well want to inflict mass killings , but
are less likely to overcome the technical obstacles.
11. Why would terrorists decide to use WMD? One reason might be to attract attention: apart from the actual casualties, WMD – especially biological and chemical agents – may produce an enormous psychological impact because of the sheer fear they inspire. Terrorists might desire to impress their target audiences demonstrating their technological prowess with the use of “unusual” weapons. More specifically, biological weapons might be appealing to religious fanatics because they want to emulate God and produce devastating outbreaks. Right-wing extremists and neo-nazis might be drawn toward the use of nerve gas or other chemicals out of a highly perverse admiration for the methods employed by the Nazis. Finally, considering the recent level of attention for WMD and the number of countermeasures adopted by some governments, terrorists might just want to prove their superiority by overcoming such measures.
In sum, past experience
and analyses of the current situation suggest that probably few terrorists are
capable of surmounting the motivational, technical, political, moral
and organisational obstacles to the use of WMD. However, many experts agree that the greatest danger of WMD
terrorism lies with two specific groups: religious extremists (both religious
fundamentalists and millenarian cults) and right-wing extremists organised as
Islamists, whose origins can be traced to the West-sponsored insurgency against
the Soviet occupation of Afghanistan, have consistently justified inflicting
mass casualties in their “holy war” against the United States, seen as the main
enemy of the Muslim world. Osama bin
Laden, the Saudi-born terrorist charged with masterminding the bombings of two
US embassies in Africa and the deadly attack against US destroyer Cole in Yemen, has declared
that his mission (and that of his terrorist group Al Qaeda, the Base) is to drive US forces out of Saudi Arabia and
the Middle East by targeting US civilians, possibly with mass casualties
casualties weapons. “We
don’t consider it a crime if we tried to have nuclear, chemical, biological
weapons.” Declared bin Laden to a Western newspaper in 1999, “We have the right
to defend ourselves and to liberate our holy land.” Similarly, many millenarian cults or new religion extremists
perceive themselves in a struggle for survival against a demonised enemy that
must be destroyed by any possible means, including mass-casualty weapons.
groups seek to preserve the status and privileges of a “dominant” ethnicity or
race. Generally anti-Semitic and
anti-government, these groups are particularly active in the United States and
increasingly recognise themselves
in a pseudo-religion , or Christian
Identity , which combines traditional elements
of fundamentalist Protestantism with persecutory ideologies. These groups have developed a political
agenda that justifies violent aggression (and even mass casualties) against Jews,
non-whites and the US federal government.
In the early 1990s, four members of one of these groups, calling
themselves the Minnesota Christian Patriots and conspiring to kill local and
federal law enforcement officials, were convicted and sentenced to prison for
acquiring ricin, a deadly protein toxin derived from castor beans.
15. As this last case showed, certain biological or chemical agents are relatively easy to acquire or produce: a single person with the right expertise could do it. However, the studies of all the known incidents involving these weapons collected in the book Toxic Terror indicate that terrorists have seldom used chemical agents, and biological agents more rarely still. Technical constraints are considerable and involve not so much acquiring and producing the agent as disseminating it. Using radiological agents or detonating a nuclear device present even more binding technical constraints. According to Stern, “the US military found that disseminating gamma-emitting radiological agents in air involved enormous difficulties because of the heat generated by the material and the problem of dissipation.” Finally, as the same expert points out, “detonation of a nuclear device is the least likely form of terrorism involving WMD”, and only the most sophisticated groups would be likely to consider it because of the enormous technical obstacles.
In conclusion, we cannot
say that WMD terrorism is on the rise.
In fact, many of the most important terrorist groups are unlikely to
consider mass casualties useful or desirable.
However, something new is happening.
According to Brad Roberts, one of the leading experts on WMD terrorism,
“even the strongest critics of the hype in current policy acknowledge that
there is a problem there, and one that deserves serious attention and some
remedies”. Terrorism, as we have
indicated in the opening section, is changing its tactics, structures,
capabilities , and intentions. Moreover, some of the most serious moral
constraints to terrorist use of WMD are easing, with the increasing prominence
of religious fundamentalists, millenarian cults, and right-wing
extremists. Technology, as we will see
in the next section, could play a role in making this kind of terrorism even
17. Imagining how the world might change in the years ahead could help us understand the possible future developments of the terrorist threat. One area on which experts have focused their attention is that of biotechnology and genetic engineering. Scientific advances in these fields will enhance our capabilities to make specific calculated changes to the operation of living systems. This will give mankind enormous new potential for beneficial medicine, but also for abuse in weapon systems. In the very long term, the unregulated growth and diffusion of the new biotechnologies could open up a wide array of new potential threats. Malcolm R. Dando of the University of Bradford (United Kingdom) has singled out three examples of potential misuse of modern biotechnology and genetic engineering: the enhancement of bacterial and viral virulence, heterologous gene expression and protein engineering of toxins, and genetic weapons. The third area raises particular concern since the completion in 2000 of the human genome sequence. Information from genetic research could be considered for the design of weapons targeted against specific ethnic or racial groups.
At the moment, the
production of such weapons ‑ and their use by terrorists ‑ is only
a theoretical possibility. Several
developments, however, indicate that in a not-too-distant future the gap
between possibility and reality may close.
While our societies are strengthening their protective measures against
standard biological agents, as Dando indicates, “terrorists might consider
using known biological weapons in unexpected ways, or move to the use of new
types of biological weapons”. During
the next few decades, the biotechnology revolution is likely to have an
enormous impact on our way of life.
Given the amount of government support and massive corporate investment
that genomics enjoy, scientific and technological developments will spread
rapidly around the world. Therefore
context in which terrorists operate will be completely different, making common
what now seems startlingly new.
Another area of concern
in the near future is that of agroterrorism.
In 2001, the US Department of Agriculture (USDA) has allocated almost $
s against livestock and the food chain
are much easier and less
risky to carry out than those aimed at humans.
Terrorists could create biological pathogens to destroy agricultural
livestock with less difficulty than assembling weapons directed against
humans. Moreover, as the recent
outbreak of foot-and-mouth disease demonstrated, livestock has become more
Some experts contend
that this can
21. An additional area of concern might come to the fore in the next decade. The event of a regional war between Western allies and a WMD-armed state of concern can lead to the possible use of chemical or biological weapons in terrorist-type attacks. According to Brad Roberts, such asymmetric conflicts “may see a blurring of the distinction between war and terrorism”, and regional aggressors may utilise covert attacks against Western civilians to weaken public support for the war or influence the body politic.
In recent years
NATO countries have dedicated their efforts to improving protection against WMD
terrorist attacks. At the military
level, a set of defence measures and response capabilities to maintain the
operational level of an armed force after a nuclear, biological or chemical
attack has been developed by most NATO members. Active and passive measures are the two main components of these
defences. An active defence consists,
for instance, in using missiles to prevent aircraft or
missiles carrying WMD weapons from reaching their target . Whereas a
passive defence consists in being able to assess the threat, detect, warn,
protect, decontaminate and carry out medical countermeasures.
23. At the 1999 Washington Summit, NATO launched a WMD Initiative to improve political and military efforts in this area. This resulted, among other initiatives, in the creation of a specific WMD Centre at NATO Headquarters in Brussels to improve co-ordination of all WMD-related activities. The WMD Centre should improve the quality and quantity of intelligence and information-sharing; support the development of a public information strategy; enhance existing Allied military readiness to operate in a WMD environment and to counter WMD threats; and enhance the possibilities for Allies to assist one another in the protection of their civil populations
against WMD terrorism are generally putting the emphasis on prevention. For instance, the US Presidential Decision
Directive (PDD) 39, issued in 1995, addressed in particular nuclear, chemical,
and biological (NBC) terrorism and provided guidelines for US counter
International efforts to
reduce and safeguard
former-Soviet Union WMD arsenals and the
related military and scientific complex are extremely important in the global
strategy to combat WMD terrorism. In
particular, the US programmes to improve security at weapons sites in Russia
and other Newly Independent States (NIS) and increase export and border
controls have significantly reduced the risk of illegal trafficking of nuclear material,
chemical and biological agents.
strategies, vulnerability is still acute in the case of a low‑technology
chemical or biological attack targeting the civilian population. As we have seen, terrorists are more likely
to use industrial chemical poisons or biological agents than nuclear
devices. Some of these weapons are so
easy to make that prevention is unlikely to be
fully successful. Appropriate defences against these kinds of
attack have to be based on improved civil emergency planning and public health
surveillance and response.
Our societies have
become totally dependent on information technology. As a consequence, attacks upon computer systems, both public and
private, have become the norm: cyber criminals conduct fraudulent transactions
, steal personal
data and trade secrets; crackers (criminal hackers) break into computer systems,
disrupt service, sabotage data, launch viruses and worms, and harass
individuals and companies. Many of
these attacks are serious and produce severe economic loss and damage. They are facilitated by increasingly
powerful and user-friendly software tools, mostly available for free from
thousands of websites on the Internet.
This Committee’s General
Rapporteur, Vernon J. Ehlers, has already analysed attacks upon information
systems in his 1999 report “Information Warfare and International Security” [AS 285 STC (99)
8]. In this section
, we will
therefore concentrate on the relationship between information technology and
terrorism, or cyberterrorism. We shall
define cyberterrorism as any act of terrorism (already defined in par. 2) that
uses information systems or computer technology either as a weapon or a target. It is important to
stress the distinction between cyberterrorism
and cyber , panic among civilians,
or at disrupting military and civilian assets.
Further, two different components of cyberterrorism can be singled out:
(1) terrorist use of computers as a facilitator of their activities; and (2)
terrorism involving computer technology as a weapon or target.
29. Terrorist groups currently use computer technology to facilitate traditional forms of subversive activity. Quite simply, they are exploiting modern tools to perform common terrorist actions such as internal communication and co-ordination, propaganda and misinformation, recruitment and financing, information and intelligence gathering. The use of the Internet for propaganda purposes is particularly popular. Radical opposition groups such as Hezbollah and Zapatistas use it regularly to communicate their revolutionary programmes. Various neo-nazi and white supremacist groups in the United States also use the World Wide Web to recruit supporters and collect finance.
The activities of
transnational terrorist groups are greatly enhanced by the use of the Internet,
which eliminates physical distance and national borders. Bin Laden’s Islamist terrorist group rel
y heavily on
computers and other modern communication tools. At the beginning of February 2001, Islamist terrorists were
claimed to use sport chat rooms, pornographic sites and other Web venues to
disguise map and
photographs of their targets, together with instructions for their
activities. According to the US
officials that have discovered them, the messages were scrambled using free
encryption programmes set up by Internet privacy groups. Images were created through a series of
dots, inside which were strings of letters and numbers that computers could
read to recreate the images.
Intelligence and information
Some experts are
reluctant to label as cyberterrorism the simple use of computer networks and
the Internet by terrorist groups.
According to Dorothy E. Denning, a Computer Science professor at
Georgetown University (United States), the fact that terrorists use computers
is not in itself a proof “that they are pursuing cyberterrorism, either alone
or in conjunction with acts of physical violence”.
But other analysts argue that computer
technology has not only enhanced terrorist activities but created new and more
dangerous form of terrorism. In fact,
according to a study from Michael Stohl and Peter Flemming of Purdue
University, Indiana (USA), terrorists that utilise computers
“are now able to operate beyond the purview of traditional counter
Terrorist groups have
used computer technology to threaten or attack national infrastructures,
including national security
ones, and commercial firms. These attacks have reportedly generated
actual damage only in the form of temporary disruption of services, public
inconveniences, or financial loss. So
far, no attack has led to violence, either physical or psychological, against
civilians, or to major disruption.
Probably the first politically motivated cyberattack was conducted by
ethnic Tamil guerrillas, who in 1998 swamped Sri Lankan embassies with hundreds
of e-mails over a two-week time. The
attacks upon NATO computer systems during the Kosovo campaign in 1999 (see
Ehlers’ report) could also be defined as cyberterrorism, although they were
presumably not conducted by terrorists but
by individual hackers protesting against the Alliance’s bombings.
34. In 1999, a report by the Center for the Study of Terrorism and Irregular Warfare (CSTIW) at the Naval Postgraduate School in Monterey, California, tried to assess the prospects of terrorist organisations pursuing cyberterrorism. The study defined three levels of cyber terror capability:
· Simple or unstructured: basic attacks against individual systems using tools created by someone else and conducted by an organisation that possesses little target analysis, command and control, or learning capabilities;
· Advanced or structured: more sophisticated attacks against multiple systems or networks using modified or created basic hacking tools, conducted by an organisation that possesses elementary target analysis, command and control, and learning capabilities;
Complex or co-ordinated: attacks capable of causing mass
-disruption against integrated,
complex defences (including cryptography) using sophisticated and originally
created hacking tools, conducted by an organisation that possesses high target
analysis, command and control, and learning capabilities.
The CSTIW report also
estimated that it would take a group starting from scratch
2 to 4 years to reach the
advanced level and 6 to 10 years to reach the
complex one, although some groups might make it in less time by either turning
outsourcing or sponsorship
to expand their capabilities.
36. The most sceptical analysts, such as Denning, are convinced that “there is little concrete evidence of terrorists preparing to use the Internet as a venue for inflicting grave harm”. Most experts, however, admit that the threat, although likely to be a few years into the future, is indeed real and must be addressed.
Yet another threat seems
more imminent. As Ehlers indicated in
his report, computer systems and all electronic devices can be seriously
damaged by weapons producing electro-magnetic pulses (EMP). High Power Microwaves (HPM) or EMP bombs and
High Energy Radio Frequency (HERF) guns can radiate intense pulses of
electro-magnetic energy capable of severely damaging computers, radar and all
electronic equipment. They can even destroy circuits,
microprocessors and other components.
These weapons are well-known in Russia, where extensive studies were
conducted during the Cold War. US Air Force used
EMP and HERF weapons successfully in 1991 against Iraqi radar installations,
and in 1999
, against Yugoslav electronic
The possibility of
terrorists using EMP weapons has been raising alarm for at least a decade among
defence analysts. According to Winn
Schwartau, an information warfare specialist, rudimentary EMP devices have been
assembled by US Department of Defense consultants within two weeks at the cost
, and cars, could be placed in to
a van or even reduced to fit into a suitcase.
Criminal organisations in Russia have been accused of using EMP devices
to bypass alarm systems. According to
the Russian armed
rebels might have used similar technology to disrupt Russian electronic
39. In his book Cybershock, Schwartau considers some possible effects of a well-orchestrated EMP attack upon Western infrastructure:
· Wall Street or other banking systems can be attacked causing repetitive failures resulting in financial losses. Also past records can be wiped out by onslaughts of electromagnetic pulses;
and guidance systems can be overloaded by targeted HERF, causing potentially
· medical equipment can fail under the attack of intense energy spikes, putting human lives in danger;
· communication nodes can be burned out by intense microwave radiation;
· municipal emergency services can be made inoperable by debilitating wide-band microwave jamming;
· power lines and transformers may serve as efficient conductors to transmit huge current to victim businesses and sub-stations, causing regional black-outs.
The ability to build EMP
weapons is apparently quite
diffuse, yet there are no international
controls over the import and export of the related technologies. Defensive techniques, although in some cases
expensive, have been partially deployed in the public sector (especially to
protect military assets), but remain extremely rare in the private sector.
it was the case
for WMD, it is important to understand which groups are more likely to turn to
cyberterrorism. The CSTIW report examined
five terrorist group types: right-wing extremists, left-wing revolutionaries,
ethno-nationalists, millenarian cults, and religious extremists. The conclusions indicated that only the
religious groups are likely to seek the most damaging capability level, which
is consistent with their indiscriminate application of violence. Some millenarian cults might try to inflict
damage with sophisticated computer attacks.
Ethno-nationalists and left-wing groups are likely to adopt simple
hacking or cracking techniques.
Right-wing extremists seem the least interested to cyber terror, which
does not offer the cathartic effects that are central to their psychology.
42. These findings are extremely interesting when confronted with the indications about terrorists likely to use WMD (see p. 3). It is probably not a coincidence that religious groups (such as bin Laden’s) and millenarian cults (such as Aum Shinrikyo) demonstrated interest in - or have indeed used - both strategies, although in different circumstances. Moreover, as highlighted by a report of the US National Commission on Terrorism, “a conventional terrorist attack along with a coordinated cyberattack could exponentially compound the damage”.
The threat posed by
cyberattacks has been generally recognised by governments and international
organisations. Several NATO nations
have adopted protective measures for their critical infrastructures relying on
information technology and
adopted specific laws of varying
effectiveness dealing with computer-related crimes and cyberattacks.
With its high reliance
on technology networks and systems, the United States has become the most
vulnerable target for cyberattacks. The
cornerstone of the US strategy is PDD 63, issued in May 1998 by the then
President Bill Clinton, and aimed at protecting infrastructures from
intentional acts that would diminish the ability of the Federal and local
governments to perform essential national security missions, to deliver minimum
essential services and to ensure the general public health and safety. One of the main goals of this strategy is to
build an information‑
ce, Energy, Transportation, the
Intelligence Community and the private sector, provides such a forum.
45. The Clinton Administration has also proposed several initiatives, not all implemented because of financing problems or opposition in Congress, to defend the nation’s computer systems, such as:
· increasing federal R&D investments in computer security;
· designing a Federal Intrusion Detection Network (FIDNET) to protect vital systems in federal civilian agencies;
· establishing an Institute for Information Infrastructure Protection that will combine federal and private efforts to fill the gaps in critical research;
· establishing a Federal Cyber Service Training and Education initiative, which will fund scholarships to students who develop new programmes in computer security and agree to work in this field for the government for at least two years.
A number of governments
are following the US example and formulating Critical Infrastructure Protection
(CIP) policies. In late 1999
the United Kingdom established the National Infrastructure Security
Co-ordination Centre and supported the creation of the Information Assurance
Advisory Council, a private-public co-operation forum. Other NATO members, such as France and
Germany, are setting up CIP strategies.
analysts have criticised the US government’s efforts because of their focus on
“infrastructure protection”. John
The New Republic, argues that such an
attention on infrastructure protection “misunderstands the cyber war
threat”. As a result, the government
has constructed “a kind of Maginot line”, based on the assumption that it is
possible to wall off safe areas.
Instead, he proposes countermeasures such as electronic camouflage for
files or strong encryption. Further,
according to experienced hackers, US policy does not address the weakest link
in the computer security chain: human failures, which make most computer
intrusions possible. Major investments
in human resources would probably be more productive.
Other critics observe
that the continuous development of new software makes passive defences, such as
CIP, easier to defeat. Moreover, as
previously isolated elements of large networks are linked together, new avenues
of attack emerge. Reliance
over passive defences is
therefore limited. A better approach
would be to combine passive with active defence measures, such as actions to
discourage attacks, or disable or destroy the equipment used to attack. However, such strategies require effective
technical methods to track attackers, organisational structures to support
them, and internationally agreed standards of legal attribution.
More generally, two
major problems have emerged in the various national strategies against
cyberattacks. First, the confusion
between cyberterrorism and cyber
50. Indeed, most domestic laws define terrorism as requiring violence or the threat to or taking human life for political or ideological ends. As we have seen, most information attacks that can be defined as cyberterrorism would mainly result in large-scale financial losses, massive disruption of essential public services, eventually generating panic and chaos, or destruction of information databases.
In a partial effort to
address this problem, the British Parliament passed a bill in
February 2001, the Terrorism Act 2000, which broadens the definition of
terrorist organisations. Such a
who plans violent acts in the United Kingdom, even if they are staged
abroad. The goal is to prevent
dissident political groups from using the UK as a base for terrorism. But the Act’s definition of terrorism also
includes actions that “seriously interfere with or seriously disrupt an
electronic system”. This appears as a step in the
right direction, although concerns have been raised about the vagueness of the
law concerning activism conducted on the Internet (or “hacktivism”). It will be up to police investigators to
decide whether an action is to be considered terrorism.
With regard to the
second problem, governments have asked for more effective international co‑operation
on the issue of transnational cyberattacks. Currently, few international
efforts have been undertaken with the specific goal of controlling information
terrorism. In December 1998, the United
Nations General Assembly,
at the initiative of the Russian Federation,
adopted Resolution 53/70 Developments in
the Field of Information and Telecommunications in the Context of International
Security. The document invited
member states to inform the UN Secretary-General of their views and assessments
on (1) the issues of cyber crime and terrorism; (2) definition of basic notions
related to information security; and (3) advisability of developing
international principles that would enhance the global information and
telecommunication systems and help combat information terrorism and crime.
The Council of Europe
has implemented a draft convention that is so far the only existing project for
multilateral agreement on cybercrime.
accomplishes some progress by providing for the
criminalisation of conduct against the confidentiality, integrity and
availability of computer systems; by empowering domestic law enforcement with
procedural authorities; and by developing mechanisms for international legal
assistance in investigation and prosecution.
The document, drafted with the active contribution of observers from the
United States and Japan, tries also to ensure a proper balance
between the interests of law enforcement and respect for fundamental human
The European Commission
is also trying to develop a harmonised policy to combat computer crime without
affecting citizens’ fundamental rights to privacy. At the end of January 2001 it presented its proposals to combat
computer-related crime, which include legislative as well as non‑legislative
proposals. The former include
harmonising member states’ laws, including strengthening criminal laws in areas
such as hacking and denial of service attacks.
The latter include the establishment of a EU Forum that will bring together
actors involved in the matter.
55. It seems clear from the above analysis that the terrorist threat, because of its changing nature and means, is increasingly dangerous and difficult to oppose. Countering this threat requires deterring and preventing as much as preparing public and private capabilities to respond to actual attacks. Both WMD and cyberterrorism are giving rise to the most pressing needs for new strategic thinking on preparedness and response. In this conclusion, we would like to offer a few indications as how to shape international and national strategies against these new kinds of terrorism.
A few basic
recommendations can be useful
to shap e a general
Strengthen intelligence to prevent terrorist attacks. Recruiting informants with access to terrorists’ plans should be
encouraged. The selective and
authorised use of electronic surveillance and physical searches should be
· Bring terrorists to justice for their crimes, without making any concessions or striking deals.
Isolate and apply pressure
on states sponsoring terrorism to force them diplomatically to
change their behaviour. Efforts should be devoted as well to
stop or disrupt non-state sources of support for international terrorism.
57. In the area of WMD terrorism, as terrorists are more likely to use chemical or biological agents than nuclear devices, strategies for minimising loss of life are more likely to be effective:
Train and equip “first responders” (fire-fighters, police, public
Prepare hospitals to respond. Public
health authorities may not realise immediately there has been a biological
agent attack. For this reason
they must be trained to respond to their earliest suspicions once victims begin
· Increase government surveillance of diseases of public health importance in humans, animals and plants.
· Prepare public service announcements to inform the public about the nature of the attack, how to minimise exposure, and where to seek treatment and counselling. This may also prevent the public from panicking and attempting to flee, thus exposing others to contagion.
· Increase funding for R&D to detect, disable, and mitigate the effects of WMD. If new technologies have made terrorism more lethal, they can also make it easier to combat. To counter chemical and biological attacks, requirements include the development of better detection devices and pharmaceuticals.
Improve international sharing of intelligence. To help
intelligence and law enforcement agencies, we suggest the creation of a continuously
updated database of terrorist groups and incidents (especially involving WMD)
. Enhancing the
capabilities of the World Health Organisation (WHO) to monitor global
infectious disease trends and unusual outbreaks.
58. WMD terrorism should be fought also by updating and strengthening international and national laws and arms control strategies:
· Strengthen the Biological Weapons Convention (BWC) by the adoption of a legally binding protocol setting mechanisms for inspections. Such protocol should also provide a system for investigating unusual outbreaks of disease in humans, animals and plants. Exports of dual-use chemical and biological equipment should be controlled and export laws harmonised. Also increase diplomatic efforts to convince all countries to sign and ratify the BWC and the Chemical Weapons Convention.
Sustain and enlarge non-proliferation programmes aimed at the former Soviet Union’s WMD complex,
particularly with regard to combating illegal traffic
of nuclear weapons
technology and chemical/biological agents.
· Make it illegal to possess chemical and biological agents and diffuse information on how to build and use such weapons (taking into account that the Internet is increasingly used to this purpose). National laws of some countries (such as the United States) should be strengthened.
59. Some indications about how better to counter information terrorism have already been given in the section devoted to it. We summarise the main points:
· Adopt national infrastructure protection policies. The US strategy provides a good example, but improvements are possible, especially by increasing the use of strong encryption and electronic camouflage techniques. Passive defences should be combined with active defences, such as technologies to track attackers, discourage them or disable their equipment.
· Encourage NATO to include defence against IT threats in its activities and envisage some form of co-ordination among members in this area.
· Invest in human resources. Training and education in the field of cyber security should be compulsory in the public sector (and some key private utilities) of all NATO countries.
· Increase international legal co-operation on transnational cyberattacks. The UN should organise an international convention to discuss an agreement or treaty on threats to computer systems. Mechanisms for international investigation and prosecution of these crimes should also be developed.
· Monitor the Internet and share intelligence. To discourage terrorists’ use of the Internet, intelligence agencies should regularly monitor the Web and exchange information. When necessary, active measures, such as counter-attacks to disable or destroy equipment and software should be adopted.
60. Protection against EMP and HERF attacks should also be increased in the context of the above strategy to counter information terrorism. Traditional shielding techniques using iron, copper mesh and other non-magnetic metals have been already adopted to protect sensitive military technology. However, these techniques are extremely expensive, especially for use in the private sector. More research is needed in this area, but alternative technologies may soon be available:
Radiation-resistant microprocessors. The US
Department of Energy’s Sandia National Laboratory has already commissioned
these chips for use in satellites
, and military reconnaissance and
communication equipment. Similar ‑ and
less expensive ‑ technologies should be created for civilian use.
High-speed plasma limiters for sensitive circuits. In this
gases would sense threshold electric fields and, if thresholds are exceeded,
would block the offending signals.
Sections I. and II. relied mainly on: Jessica Stern, The Ultimate Terrorists, Harvard University Press, Cambridge, Mass., 1999; Jonathan B. Tucker (ed.), Toxic Terror, Assessing Terrorist Use of Chemical and Biological Weapons, MIT Press, Cambridge, Mass., 2000; and Brad Roberts (ed.), Hype or Reality? The “New Terrorism” and Mass Casualty Attacks, The Chemical and Biological Arms Control Institute, Alexandria, VA, 2000.
Information in Section II. part A. comes from Malcolm R. Dando, Benefits and threats of developments in biotechnology and genetic engineering, Appendix 13A, Sipri Yearbook 1999, Oxford University Press; and Peter Chalk, “The US agricultural sector: a new target for terrorism?”, Jane’s Intelligence Review, February 2001.
Section III. is based mainly on Peter Flemming and Michael Stohl, Myths and Realities of Cyberterrorism, at http://www.ippu.purdue.edu/info/gsp/cyberterror_intro.html; Dorothy E. Denning, “Cyberterrorism”, Testimony before the Special Oversight Panel on Terrorism, Committee on Armed Services, US House of Representatives, 23 May 2000; Dorothy E. Denning, “Activism, Hacktivism, and Cyberterrorism: The Internet as a Tool for Influencing Foreign Policy”, at http://www.nautilus.org/info-policy/workshop/papers/denning.html ; Gregory D. Grove, Seymour E. Goodman and Stephen J. Lukasik, “Cyber-attacks and International Law”, Survival, Autumn 2000; Andrew Rathmell, “Information operations – coming of age?”, Jane’s Intelligence Review, May 2000; John Arquilla, “Screen saver”, The New Republic, 1 May 2000; Richard W. Aldrich, Cyberterrorism and Computer Crimes: Issues Surrounding The Establishment of an International Regime, Institute for National Security Studies, US Air Force Academy, Colorado Springs, Occasional Paper 32, April 2000; and Part 4, Chapter 3 of Winn Schwartau, CyberShock, Thunder’s Mouth Press, New York, 2000.
For the Conclusions, indications were drawn from all of the above plus Frank J. Ciluffo, Sharon L. Cardash, Gordon N. Lederman, Combating Chemical, Biological, Radiological and Nuclear Terrorism: A Comprehensive Strategy, Center for Strategic and International Studies, Washington DC, December 2000; and Countering the Changing Threat of International Terrorism, Report of the National Commission on Terrorism (Pursuant to Public Law 277, 105th Congress), at http://www.fas.org/threat/commission.html