Last November, senior military leaders in the United States took the unusual measure of briefing the president on “a severe and widespread electronic attack on Defense Department computers.” According to a Los Angeles Times’ report, the attack, which was believed to be originating from Russia, targeted combat zone computers and the US central command overseeing operations in Iraq and Afghanistan. Nevertheless, the security services’ primary concern was whether its non-state enemies could acquire the capability to conduct cyber attacks against Western targets.
More than two years earlier, US authorities warned there was a threat, posted on a website affiliated with Al Qaeda, to attack the stock market and banking services online. The threat was apparently issued as revenge for the detentions in Guantanamo Bay. The US Homeland Security Department called it an “aspirational threat”.
The magnitude and consequences of such attacks are best comprehended when the Internet economy’s size is taken into consideration. Internet dealings and transactions today are a vital part of Western economies. According to a University of Texas at Austin study, the Internet economy “supported an additional 650,000 jobs in 1999 as revenues soared to $523.9 billion” in the US alone. The same study, conducted just under a decade ago, noted that even then the Internet economy “directly support[ed] 2.48 million workers, more than the insurance, communications and public utilities industries and twice as many as the airline, chemical and allied products, legal, and real estate industries.” This growth has prompted the Organization for Economic Co-operation and Development (OECD) to ask in a 2008 report, “has the economy become an Internet economy?” The OECD also stated, “increasingly, the largest productivity gains for businesses come from using online networks in some form.”
The online economy is growing to the extent that hacking a single company’s website for a day costs millions of dollars. For instance, BBC news reported in 2004, “three- quarters of UK companies have been hit by security breaches in their computer systems over the past year, costing billions to industry.” It was noted in the same report that “the average computer incident costs large companies $165,000 a time.”
The US warning against Al Qaeda cyber attacks in 2006 held some credibility as the Internet played an increasingly significant role in its operations. The new threat cyberspace poses was also shown when U.K. based extremists used the Internet to recruit other members, including teenagers. Through password protected web forums and chat rooms, they indoctrinated and prepared those recruits to launch suicide operations. Even the explosives used were home prepared according to “recipes” widely distributed on Al Qaeda web forums.
The militants’ success in exploiting the Internet was most apparent in last year’s failed Exeter bombing. Nicky Reilly, a 22-year-old of Irish background, entered the Giraffe restaurant’s toilet in Exeter to assemble his bomb before detonating himself. A slight mistake in his “internet bomb recipe” prompted an early explosion inside the lavatory, which left him with facial injuries. According to the police investigation, militants situated on the Pakistan-Afghanistan border area “groomed” Reilly through online chat rooms to become a suicide bomber. Sitting on his computer for long hours everyday, he watched more than 2,000 Al Qaeda videos, researched possible targets and then downloaded a bomb recipe.
In that same year, the trial of Aabid Hussein Khan’s Bradford terrorist cell exposed the Internet’s extended or unconventional use. This cell, which was plotting to attack the Queen and members of the royal family, not only compiled detailed information about different targets from the Internet, thus lessening the need to physically survey the area, the cell members also allegedly sought recruitment and training from the World Wide Web.
This British online terror saga started right after the Afghanistan and Iraq invasions, with the case of a young Moroccan immigrant named Younis Tsouli — whose online alias was Irhabi 007 — who dazzled the Western intelligence agencies for years before his capture in a tiny West London flat. For two years, Western intelligence services chased the 22 year-old Internet hacker, trying to uncover his real identity. Irhabi 007’s Internet activities involved propaganda, distributing training manuals, instigating others to commit acts of violence, hacking websites and distributing a hacking manual online. He was dubbed “the master” of online attacks, hacking, programming, and digital media design.
According to some reports, Irhabi 007 was making “explosive new use of the Internet,” specifically through websites and password protected forums that “cater for would be Jihadists.” Tsouli disseminated training manuals and propaganda material online, and then began helping radicalized youth to perpetrate attacks.
So far, Internet staged and planned attacks have failed to achieve their goals, but will 2009 be the year cyber terrorism makes its mark?
Mohanad Hage Ali is political editor at