A new report from the Center for Strategic and International Studies (CSIS) in Washington, DC, casts further doubt on ‘cyberterrorism’ as a phenomenon with which states should be deeply concerned. I agree.
We usually understand ‘cyberterrorism’ as attacks by non-state actors against computer networks and data. These attacks are often presumed to result in civilian casualties and deaths, either as first-order effects ― plane crashes, industrial explosions ― or second-order consequences ― critical systems degradation, emergency service disruption. Despite the continued attempts of a variety of actors to disrupt the assets of government, industry and individuals in this way, we have yet to witness a single death or major deleterious event as a result.
That we have not is in part due to the vigilance and sophistication of national and industrial defensive systems. On the other hand, there are few indications that terrorists―howsoever we choose to construct that term―have managed to harness simultaneously the skill-sets and the intent to commit acts of this kind.
The CSIS report, and my upcoming op-ed in Congressional Quarterly Global Researcher, both point out that states should not be going off half-cocked about cyberterrorism. The problem lies as much with the discourse, which often presents possibilities as reality: cyberterrorism as clear-and-present danger. This does not mean that terrorists might not in future attempt directed assaults on critical infrastructures in this way, just that we need to be more careful about what terms we apply to phenomena, as this affects the ways we choose to respond.
If anyone doubts this―and hawkish commentators certainly do―we have abundant historical occurrences that might serve to illustrate this. One egregious example is the political discourse immediately following 9/11, of which Adam Hodges and Chad Nilep wrote both ‘formulates the questions and frames the responses’. History will judge whether subsequent actions by the US and its allies were constructive but the prognostication is not good, I’m afraid. Of course, ‘getting tough’ on cyberterrorism is unlikely to have the same international effect as the Global War on Terror but it may be even more thankless a task―particularly if it doesn’t really exist in the way politicians and lobbyists would have us believe.