Cyberterrorism Hype v. Fact

Director of National Intelligence Dennis Blair caught the media’s attention recently with two major headlines when he presented this year’s Annual Threat Assessment (PDF) of the U.S. Intelligence Community. The first was his statement that the United States is “severely threatened” by cyberattacks of “extraordinary sophistication.” The second was that al-Qaeda is intent on striking within the United States in the next six months. Both sections of the assessment are chilling, but they are unrelated.

Blair said that the United States faces challenges in cyberspace from nation states, terrorist networks, organized criminal groups, individuals, and other cyberactors. He went on to say, “Terrorist groups and their sympathizers have expressed interest in using cybermeans to target the United States and its citizens.” Fortunately, interest does not equal capability. After raising the specter of cyberterrorism, Blair never mentioned the cyberthreat from al-Qaeda anywhere in the five pages he devoted to their plans to strike the United States. Here’s why.

While the United States’ critical infrastructure, from the electric grid to the financial sector, is vulnerable to attack through cyberspace, al-Qaeda lacks the capability and motivation to exploit these vulnerabilities. To penetrate, map, and damage the networks that control the industrial base requires a large team of experienced hackers, a lot of time, and advanced infrastructure. Only a handful of groups, mostly nation state actors, possess this level of capability, and al-Qaeda is not one of them.

In the last ten years, according to the National Counterterrorism Center’s Worldwide Incidents Tracking Database, there have been 63,192 incidents of terrorism. Not one was an incident of cyberterrorism. As Irving Lachow at NDU has pointed out, the jihadist community heavily relied on one London-based hacker known by the moniker Irhabi 007, who at best had moderate ability. Since his arrest in 2005, indications are that al-Qaeda’s cybercapabilities have only eroded. While continuing to rely on petty crime to fund many plots, al-Qaeda has been unable to capitalize on the explosion of cybercrime, lacking the technical capability to do so.

Posted on February 1st, 2010 under Cyber Terrorism, News From The Cyber Front • Tags: Criminal Groups, Critical Infrastructure, Cyberattacks, Cyberterrorism, Dennis Blair, Director Of National Intelligence, Electric Grid, Financial Sector, Intelligence Community, Last Ten Years, Moderate Ability, Moniker, Nation State, Nation States, National Counterterrorism Center, Ndu, State Actors, Sympathizers, Terrorist Groups, Threat Assessment. • RSS 2.0 feed • Leave a response, or trackback