Ideological cyberterrorist attacks are outpacing physical attacks among far-left groups, according to a new study.
“Little work has been done around the use of the internet as an attack space,” says lead author Thomas Holt, professor of criminal justice at Michigan State University.
“The bottom line is that these attacks are happening and they’re overlooked. If we don’t get a handle understanding them now, we won’t fully understand the scope of the threats today and how to prevent larger mobilization efforts in the future.” Holt’s findings, which appear in Terrorism and Political Violence, underscore his concern for awareness and action.
Online attacks, real-world victims
To understand these attacks, Holt analyzed the scope, growth, and impact of ideological cyberterrorist incidents from far-left groups, such as the Animal Liberation Front, Earth Liberation Front, and the hacker conglomerate group Anonymous.
These groups, Holt explains, don’t necessarily want to physically harm humans; rather, animal and environmental activism motivates them and they feel passionate about attacking companies, organizations, and government entities that go against their beliefs. Unfortunately, everyday consumers get caught in attack aftershocks from data breaches and information loss.
“These kinds of ideologically motivated attacks are devised to have an emotional and economic impact on groups that go against their beliefs,” Holt explains.
“If you visit a company’s website expecting to see one thing and this group has instead hacked the website and posted customers’ personal information, that’s a huge issue for both the company and the consumers.”
Organizations in Holt’s research that have fallen victim to these attacks range from Dow Chemical to the federal government, and in industries ranging from meat production to fashion. He explains that the high-profile nature of the internet—on which these ideological groups can manipulate traffic—is the ideal platform to attack.
“If you’re a consumer and you bought a product from one of the victim companies, these attackers would target your data as being associated with something that goes against their ideological beliefs,” Holt says. “In another case, the group attacked the federal government by releasing passwords for government agencies.”
In his research, Holt examined physical and cyber terror attacks these far-left groups committed between 2000 and 2015 in the United States, United Kingdom, and Canada.
“The number of physical attacks by these groups was steady for the first few years of our study and then declined over time,” Holt says.
“At the time, cyberterrorist incidents began increasing and peaked at nine attacks in 2015. While we can’t speculate as to why physical attacks have declined, we believe that the cyber component increased because these attacks generate an economic and emotional impact, draw attention to their cause from the public, and may be less likely to lead to arrest.”
Holt and his team focused on attacks following four forms of cyber crime:
- denial of service, or taking a certain resource offline;
- web defacements, when criminals remove content of a website and replace it with content of their own;
- data breaches, during which the criminals steal sensitive information about individuals or an organization; and
- doxing, where the criminals acquire personal information about people and release it online to stoke harassment.
Whether acting as a mobilized organization or an individual, ideological cyberterrorists are as dangerous as the violent extremists seen across the globe. In fact, only one of the incidents Holt observed resulted in an arrest, meaning the actors are still at-large. The mask of the internet makes them harder to catch and easier for them to hide, Holt says.
“These groups might strike domestically, but their damage on the web can be widespread and a concurrent risk for companies and consumers alike. It could be even greater,” Holt says.
Next, Holt will examine the radicalization process of online attackers, whether they were cyber-oriented actors first, or whether their ideological beliefs led to cyberattacks. He will also examine attacks attributed to other ideologies, such as jihadist organizations.
Source: Michigan State University