cyber terrorism essay research paper

Cyber Terrorism: Research Review: Research Report of the Australian National University Cybercrime Observatory for the Korean Institute of Criminology

129 Pages Posted: 12 Jun 2017 Last revised: 4 Jul 2017

Roderic Broadhurst

School of Regulation & Global Governance (RegNet); Australian National University (ANU) - Cybercrime Observatory

Hannah Woodford-Smith

Anu cybercrime observatory, donald maxim.

(ANU) - Cybercrime Observatory

Bianca Sabol

Stephanie orlando.

(ANU) - Cybercrime Observatory ; Australian National University (ANU), Students

Ben Chapman-Schmidt

Australian National University (ANU) - School of Social Sciences

Mamoun Alazab

Cyber Security

Date Written: June 30, 2017

This review of cyber-terrorism outlines the main trends and challenges presented by the convergence of the exceptional reach, speed and scale of the Internet and the political ambitions of violent extremists. Chapters on cyber weapons, critical infrastructure, attribution, Internet of Things, recruitment and propaganda, financing, legislation and counter measures, and cyberwar. Each chapter provides a brief summary of a key aspect of the cyber terror phenomenon, an analysis of emerging trends or perspectives, and other relevant information or examples identified during the research. At the end of each chapter a brief annotated bibliography is included to assist future research and give readers more information about the sources used. The report has drawn on a broad range of sources including government documents (e.g. law enforcement and security agencies), web/blog posts, academic articles, information security websites and online news articles about cyber terrorism. The final chapter concludes with a discussion on the likelihood of a cyber terrorist attack. At present a sophisticated large-scale cyber terrorist attack with a kinetic element appears to be unlikely. However, this may change in the next five years because of the increasing capacity of many nation states (including proxy actors) to undertake offensive measures in the cyber domain. Moreover, one notes the increasing risk that sophisticated weaponised software may enter the ‘wild’ and into the criminal underworld, and potentially into the hands of capable violent extremists. A serious cyber terrorist kinetic event (for example, the interruption of power supply or transport services with death or injury as one of the outcomes) is therefore currently unlikely, but high volume/low value or impact events are on the rise (e.g. the routine use of ransomware to finance a terrorist group, the distribution of deceptive or ‘fake’ news, and the mounting of distributed denial of service [DDoS] attacks to undermine confidence in e-commerce). The risk of a cyber terrorism attack should therefore not be understated as an emerging threat, and consequently, preventative and response capabilities should be maintained and advanced. Contemporary society, in short, is coming to realise that violent extremism, albeit relatively rare, is the ‘new normal’. Though it may be difficult to predict each specific event, we can be reasonably certain that at some future point, they will occur.

Keywords: cyber terrorism, cybercrime, cyber warfare, critical infrastructure, terrorist recruitment

Suggested Citation: Suggested Citation

Roderic Broadhurst (Contact Author)

School of regulation & global governance (regnet) ( email ).

Canberra, Australian Capital Territory 0200 Australia

Australian National University (ANU) - Cybercrime Observatory ( email )

Anu cybercrime observatory ( email ).

Canberra, Australian Capital Territory 2601 Australia

(ANU) - Cybercrime Observatory ( email )

Acton, ACT 2601 Australia

Australian National University (ANU), Students ( email )

Canberra Australia

Australian National University (ANU) - School of Social Sciences ( email )

Cyber security ( email ).

HOME PAGE: http://https://sites.google.com/view/alazabm

Do you have a job opening that you would like to promote on SSRN?

Paper statistics, related ejournals, innovation law & policy ejournal.

Subscribe to this fee journal for more curated articles on this topic

Types of Offending eJournal

Conflict studies: terrorism ejournal.

An official website of the United States government

The .gov means it’s official. Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

The site is secure. The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Publications
Account settings

Preview improvements coming to the PMC website in October 2024. Learn More or Try it out now .

Advanced Search
Journal List
PeerJ Comput Sci
PMC10803091

Cyberterrorism as a global threat: a review on repercussions and countermeasures

Saman iftikhar.

Faculty of Computer Studies, Arab Open University, Riyadh, Saudi Arabia

Associated Data

The following information was supplied regarding data availability:

This is a literature review.

An act of cyberterrorism involves using the internet and other forms of information and communication technology to threaten or cause bodily harm to gain political or ideological power through threat or intimidation. Data theft, data manipulation, and disruption of essential services are all forms of cyberattacks. As digital infrastructure becomes more critical and entry barriers for malicious actors decrease, cyberterrorism has become a growing concern. Detecting, responding, and preventing this crime presents unique challenges for law enforcement and governments, which require a multifaceted approach. Cyberterrorism can have devastating effects on a wide range of people and organizations. A country’s reputation and stability can be damaged, financial losses can occur, and in some cases, even lives can be lost. As a result of cyberattacks, critical infrastructure, such as power grids, hospitals, and transportation systems, can also be disrupted, leading to widespread disruptions and distress. The past ten years have seen several cyber-attacks around the globe including WannaCry attack (2017), Yahoo data breaches (2013–2014), OPM data breach (2015), SolarWinds supply chain attack (2020) etc . This study covers some of the cyberterrorism events that have happened in the past ten years, their target countries, their devastating effects, their impacts on nation’s economy, political instability, and measures adopted to counter them over the passage of time. Our survey-based research on cyberterrorism will complement existing literature by providing valuable empirical data, understanding of perceptions and awareness, and insights into targeted populations. It can contribute to the development of better measurement tools, strategies, and policies for countering cyberterrorism.

Introduction

Cyberterrorism refers to the utilization of internet, information mediums and communication platforms to conduct terrorist attacks or to promote terrorist causes. These attacks can take many forms, such as disseminating propaganda, stealing or manipulation of data, or disrupting critical infrastructure. It is also possible to refer to it as an act of unauthorized attacks and threat-making against computers, networks, and the data they house and disseminate ( Theohary & Rollins, 2015 ). To achieve a political or social goal, this is done through intimidating or threatening a government or its citizens. High intensity cyberattacks can also inflict violence against persons or property, or at the very least enough damage to inspire fear. Most of the time, cyberterrorism can result in death or physical harm, an explosion, a plane accident, water pollution, or a major economic or political loss. If it has a large effect, cyberterrorism may be conducted against essential infrastructure. Attacks that interfere with unnecessary services or are merely a nuisance do not need to be reported. Cyberterrorism is the deliberate use of cyber capabilities, often by non-state actors, with the primary intention of causing widespread fear, panic, or disruption in a population, government, or organization. Acts of cyberterrorism typically involve politically, ideologically, or socially motivated attacks that target critical infrastructure, result in significant harm, or pose a grave threat to national security. What distinguishes cyberterrorism from other cyberattacks, such as cybercrime or hacktivism, is the explicit intent to incite terror or destabilize societies, often in pursuit of political or ideological goals, rather than purely financial gain or the pursuit of social or ethical objectives. Cyberterrorism seeks to create fear, chaos, and mistrust on a larger scale, often with the potential for real-world harm or destruction.

This idea is not sufficiently understood. Recent attempts to broaden the definition of cyberterrorism to encompass hacktivism and the use of the Internet by terrorists to further conventional terrorism is primarily to blame for the uncertainty around the term. The biggest online threat posed by a non-state terrorist group comes from their capacity to use the Internet for purposes other than cyber-terrorism, such as fund-raising, target research, and supporter recruitment. Although cyber-terrorism may arise in the future, online crime, hacktivism, and cyber-warfare pose more immediate threats ( Kenney, 2015 ). A striking feature of our understanding of cybercrime is the variety of terms used to describe it. Despite the wide range of terminology used, there is one common thread that stands out. In earlier ways of thinking about misuse of information technology, this was called ‘crime by computer.’ Pre-Internet, computers were the primary target of crime, so this seemed like an appropriate name. Even though networked computing became widespread in the 1990s, this term has continued to be used. Until 2000, it was the most used term for crimes related to information technology. Other words, such as e-crime, online crime, digital crime, net crime, techno-crime, Internet crime, or even hi-tech crime, have all been used at various points in time. In the past, the phrase used to characterize the crime was computer crime. Academic literature on cybercrime contains two times as many references to this term. However, by 2018, the situation had significantly changed. In scholarly sources between 2001 and 2018, there were twice as many references to cybercrime as to ‘computer crime’, making cybercrime the preferred term of choice ( Kapto, 2013 ). There has been a cybercrime problem for more than three decades in various forms. As technology has become more widely used and its criminal potential has become more widely recognized, some forms of cyber-attack reported by industry seem to have been increasing in scale and breadth. Public awareness has also increased, as has recognition by governments, businesses, and legal systems. It has been difficult to accurately measure cyber-crime scale and trends (not just attacks), or assess the harms and impacts caused by successful attacks ( Furnell & Dowling, 2019 ). Cyberwarfare is the umbrella word for attacks on and defenses against computer networks, as well as unique technological activities. Cyberwarfare is the term used to describe when a country utilizes digital attacks, such as computer viruses and hacking, to damage, kill, and destroy another country’s critical computer systems. In the future, hackers will fight alongside traditional weaponry like guns and missiles, attacking an adversary’s infrastructure using computer code. Cyberwarfare has emerged as a regular and deadly facet of international conflict in a world still filled with spies, hackers, and top-secret digital weapons programs. However, now there is a genuine risk of situations quickly spiraling out of control due to the continuous weapons competition in cyberwarfare and the absence of defined guidelines governing online combat ( Ranger, 2018 ).

Cyberterrorism is a growing concern because of the increasing reliance on information technology in many aspects of society and the potential for significant disruption or harm caused by cyber-attacks. It had a significant impact globally and continues to threaten the various aspects of a nation’s stability. One of the biggest effects of cyberattacks is the interruption of vital infrastructure, such as transportation networks, power grids, and banking networks. Directed attacks on these systems can have widespread consequences including blackouts, transportation delays, and financial losses ( Caplan, 2013 ). In addition, cyberterrorism has been used to spread propaganda and manipulate public opinion, as well as to steal sensitive information, such as intellectual property or personal data. The fear of cyberterrorism has also led to increased spending on cybersecurity measures by governments and private companies. The world has been affected in several ways by the act of cyber-attacks including infrastructural damage, monetary crisis, economic crisis, the spread of propaganda or misinformation, loss of sensitive information, and privacy invasion etc. Cyberterrorism can lead to significant financial losses for businesses and governments, as well as damage to a country’s reputation and economic stability. It can be used to spread propaganda and manipulate public opinion, which can lead to social and political instability. Cyber-attacks can result in the theft of sensitive information, such as intellectual property or personal data, which can have profound consequences for individuals and organizations. The fear of getting engaged in the vicious act of cyber-invasion has led to increased spending on cybersecurity measures by governments and private companies. Cyberattacks can result in the loss of privacy, as personal data is stolen or made public ( Foltz, 2004 ). Overall, cyberterrorism can cause significant disruption and harm, both to individuals and society. This survey paper is intended for a wide range of audiences, including businesses, companies, government bodies and individuals to get a varied awareness about all these threats to them.

Our survey-based research on cyberterrorism will make unique contributions to the existing literature in several ways. It will provide a structured means of collecting empirical data on various aspects of cyberterrorism. This data can offer insights into the prevalence, patterns, and motivations of cyberterrorist activities, which may not be as readily available through other research methods. Moreover, public or expert perceptions and awareness of cyberterrorism can help assess how different groups perceive the threat, its severity, and the measures they believe are necessary to counter it. It will develop and refine measurement tools and metrics specific to cyberterrorism. This can lead to more accurate assessments of its impact and effectiveness in different contexts. Researchers can target specific populations or groups, such as cybersecurity professionals, government officials, or the public. This targeted approach can provide valuable insights into the views and experiences of these groups regarding cyberterrorism. They can also conduct comparative analyses by collecting data from multiple sources or over time. This can help track changes in attitudes, awareness, and perceptions related to cyberterrorism. This research can reveal vulnerabilities and preparedness levels among organizations, governments, or individuals. This information can be crucial for developing effective strategies to counter cyberterrorism. In addition to quantitative data, surveys can include open-ended questions, which provide qualitative insights into the nuanced perspectives and experiences related to cyberterrorism. These results can inform the development of policy recommendations and strategies for governments, organizations, and other stakeholders in their efforts to prevent and respond to cyberterrorism. In Addition, risk assessment can be done by examining the perceived and actual risks associated with cyberterrorism. This can help prioritize resources and responses. Finally, public opinion can be revealed on issues related to cyberterrorism, which can influence political will and shape government policies and actions in response to the threat.

Motivation behind survey

Lack of comprehensive, actual-world case studies is one gap in the cyberterrorism literature and study, currently in existence. While several studies have examined the general trends and patterns of cyberattacks, in-depth examination of occurrences is lacking. This makes it challenging to completely comprehend the complexity of various cyberattacks and the unique difficulties that governments and businesses have in reacting to them. The inadequate attention paid to the effects of cyberterrorism is another flaw in the literature and study that has already been done. Less study has been done on the long-term impacts of cyberattacks on people, organizations, and society, even though there is a lot of literature on many types of cyberattacks that have been conducted and the countermeasures that have been used. This encompasses the effects of cyberterrorism on the economy, the mind, and society. It is critical to comprehend these effects to create effective defenses and evaluate the overall effect of cyberattacks. The amount of research on the countermeasures used by nations is equally limited, necessitating more thorough analyses of their efficacy.

To ensure a comprehensive and unbiased analysis of the topic of cyberterrorism, the literature and studies used in this paper were selected from a variety of reputable sources, including academic journals, government reports, and news articles. The sources were carefully chosen to ensure that they covered a wide range of perspectives and viewpoints on the topic. Additionally, the literature review and case studies were selected based on their relevance to the research question and their availability of detailed information. The literature review was performed by considering studies from different regions (Middle East, East Asia, USA, Russia, France) and covering different periods (last 10 to 15 years). Furthermore, an effort was made to ensure that the countermeasures adopted by various countries were evaluated in a neutral manner, considering the effectiveness of the measures and not the political background of the countries. All sources were critically evaluated to ensure that they were credible and unbiased.

Survey methodology

The survey methodology used in this paper consisted of a thorough review of literature on the topic of cyberterrorism and its repercussions, as well as countermeasures adopted by various nations, regions, states, and countries. The literature review covered a range of sources, including academic journals, latest survey papers, government reports, and news articles. The focus of the literature review was on instances of cyberterrorism that have occurred in the Middle East, East Asia, USA, Russia, and France over the past 10-15 years. The literature review aimed to identify the key trends and patterns in terms of the types of cyberattacks that have been carried out, the sectors that have been targeted, and the repercussions of these attacks. In addition to the literature review, the study also included a qualitative analysis of case studies of specific cyberterrorism incidents that have occurred in the mentioned regions and around the globe. The studies, papers, articles, and other sources considered for this article were selected based on their relevance to the research question and their availability of detailed information and were analyzed in terms of the types of attacks, the sectors targeted, the repercussions, and the countermeasures that were adopted. Finally, the study also included a review of the countermeasures adopted by various countries against future cyber-attacks. The review of countermeasures looked at the various organizations, sectors, agencies, strategies, and technologies that have been created, developed, and implemented by countries in the mentioned regions and around the world to protect against cyberattacks. The review aimed to identify the most effective countermeasures and to identify any gaps in the existing strategies. Overall, the survey methodology used in this paper aimed to provide a comprehensive and in-depth understanding of the topic of cyberterrorism, its repercussions, and the countermeasures adopted by various countries. The combination of literature review, case studies, and review of countermeasures provided a holistic view of the topic, highlighting the key trends, patterns, and gaps in the existing research. Figure 1 . shows some of the methods through which cyberterrorists carry out the vicious act of cyberterrorism. Some of the common methods through which cyberterrorism is carried out include:

An external file that holds a picture, illustration, etc.
Object name is peerj-cs-10-1772-g001.jpg

Malware: Malicious software, such as viruses, worms, Trojans, and ransomware, can be used to compromise computer systems and steal sensitive information, disrupt critical infrastructure, or create chaos. Cyberterrorists may develop or deploy malware to achieve their objectives.

Phishing: Phishing attacks involve the use of deceptive emails, websites, or messages to trick individuals into revealing sensitive information like login credentials, financial details, or personal data. These tactics can be used to gather intelligence or access critical systems.

Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks: DoS and DDoS attacks involve overwhelming a target’s computer systems or network with excessive traffic, causing them to become unavailable. Cyberterrorists may use these attacks to disrupt the operation of critical infrastructure or services.

Social engineering: Social engineering techniques involve manipulating individuals into revealing confidential information or performing actions that may compromise security. Cyberterrorists may impersonate trusted individuals or entities to gain access to sensitive data or systems.

SQL injection: SQL injection attacks target vulnerabilities in web applications that use SQL databases. Cyberterrorists can exploit these vulnerabilities to access, manipulate, or exfiltrate data from databases, potentially causing significant damage.

Man-in-the-Middle (MITM) attacks: MITM attacks intercept and alter communications between two parties, often without their knowledge. Cyberterrorists can use MITM attacks to eavesdrop on sensitive information, manipulate messages, or compromise the security of communication channels.

Ransomware: Ransomware is a type of malware that encrypts a victim’s data, making it inaccessible until a ransom is paid. Cyberterrorists may deploy ransomware to disrupt critical systems or extort money from targeted organizations.

Insider threats: Insider threats involve individuals within an organization who intentionally or unintentionally aid cyberterrorists in their activities. These individuals may have access to critical information or systems.

Stuxnet-Like attacks: Stuxnet is a famous example of a targeted cyberattack that specifically aimed at disrupting industrial control systems, such as those used in nuclear facilities. Cyberterrorists might target critical infrastructure systems to cause physical harm or destruction.

Zero-Day exploits: Cyberterrorists may employ unknown vulnerabilities in software or hardware systems known as zero-day exploits to gain unauthorized access or control over systems. These vulnerabilities are typically undisclosed to the software vendor or the public.

Cyberterrorists often use a combination of these methods to achieve their goals, and their motivations can vary widely, including political, ideological, financial, or simply causing chaos and disruption. It is crucial for individuals, organizations, and governments to implement strong cybersecurity measures to defend against cyberterrorism and its various tactics.

The selection of cyberterrorism events involves a multifaceted approach that combines methods such as incident reporting, threat intelligence, attribution analysis, open-source information, government reports, academic studies, international collaboration, legal frameworks, classification tools, expert consultations, historical analysis, and government threat assessments. These methods collectively aid in identifying and categorizing events that align with specific criteria, including significance, intent, targeting, and impact. However, event selection may entail a degree of subjectivity and interpretation, depending on the research objectives and the availability of data and resources. The selection criteria for cyberterrorism events encompass attributes such as the event’s significance in terms of damage or threat, clear attribution to a cyberterrorist entity, a political or ideological motive, targeted critical infrastructure or national security interests, specific methodologies like malware or DDoS attacks, the intent to cause fear or panic, coordinated efforts by a group, the scope and scale of impact, geopolitical context, adherence to legal definitions, and the potential for interpreting the actors’ intent based on available evidence. However, the selection process is hindered by challenges including attribution difficulties, subjective motive interpretation, underreporting, discrepancies in event classification, the evolving nature of cyberterrorism tactics, and potential bias or political influence.

Impact of cyberterrorism on nation’s economy

Cyber-attacks can have a significant impact on a country’s economy. Some of the ways in which cyber-attacks can impact a country’s economy include direct financial losses, decreased productivity, increased budget for installing security measures against invasion, financial theft, and damaged reputation in front of the entire world. Cyber-attacks can result in direct financial losses for businesses and governments, as well as damage to a country’s reputation and economic stability. These invasions can disrupt the operation of businesses and organizations, leading to decreased productivity and lost revenue. Governments and businesses may need to spend more on cybersecurity measures to protect themselves from future attacks. The theft of sensitive information, such as intellectual property or trade secrets, can harm a country’s economy by giving competitors an advantage. can damage a country’s reputation, leading to a loss of trust and confidence in its businesses and institutions ( Hua & Bapna, 2013 ). This may affect the nation’s capacity to draw foreign investment and travelers. In general, cyber-attacks can have major effects on a nation’s economy, hence it is crucial for governments and corporations to take precautions against these risks. Most significantly, when a nation is a victim of a significant cyberattack, its reputation suffers, which causes people to lose faith in its institutions and companies. This can impact the country’s ability to attract investment, which is an important source of revenue for many countries. There have been several instances in which cyber-attacks have contributed to economic crises. In 2017, the NotPetya ransomware attack ( Fayi, 2018 ) affected businesses and government agencies in Ukraine and other countries, leading to direct financial losses and decreased productivity. The attack was estimated to have cost businesses billions of dollars. In 2017, the WannaCry ransomware attack ( Mohurle & Patil, 2017 ) affected businesses and government agencies in more than 150 countries, leading to direct financial losses and decreased productivity. The attack was estimated to have cost businesses billions of dollars. SolarWinds, a significant supplier of IT monitoring software, was found to have been infiltrated ( Wolff, Growley & Gruden, 2021 ) in 2020, allowing a group of hacker’s access to the networks of SolarWinds’ clients. Numerous companies and government entities in the US and worldwide were impacted by the attack, which resulted in immediate financial losses and lost productivity. The historical nature of cybercrime in Pakistan ( Akram, Mir & Rehman, 2023 ) reveals two main types of cyberattacks: low-level attacks from individual Indian hackers and attacks from both local and international hackers seeking financial gains. One significant incident involved the hacking of Meezan Bank, resulting in the exposure of 69,189 card details for sale and causing approximately $3.5 million in data loss for the bank. Additionally, K-electric experienced a security breach, with hackers demanding a $3.5 million ransom. However, the ransom doubled to $7 million after a week, but K-electric did not comply, leading to the leaked online sale of stolen information, including sensitive customer data such as names, addresses, CNIC, and bank account details. Despite the severity of the situation, K-electric did not pay the ransom nor take sufficient measures to improve their cybersecurity, ultimately resulting in the hacker leaking 8.5 GB of data. These incidents highlight the urgent need for better cybersecurity measures in Pakistan to protect against such threats and safeguard sensitive information.

Role of cyberterrorism in political instability

Cyberterrorism can also have a significant impact on politics in several ways including disruption of elections, spread of misinformation, propaganda, invasion of state secrets and privacy eruption. Cyberattacks on election systems or campaigns can sabotage the electoral process and erode public trust in the fairness of elections. Cyber terrorists may use the internet and social media to spread propaganda and manipulate public opinion, which can influence political events and shape public policy. Cyber-attacks on communication systems, such as email or phone networks, can hinder the ability of political leaders and organizations to communicate with each other and with the public. Cyber-attacks that result in the loss of privacy can undermine trust in political leaders and institutions ( Weimann, 2005 ). Overall, cyberterrorism can have profound consequences for the political landscape of a country and can contribute to social and political instability. If the purpose of attackers is to disrupt elections, attacks on voting systems or infrastructure can disrupt the voting process and prevent people from casting their ballots. The culprits may spread misinformation or propaganda through social media and other online platforms to influence the outcome of elections. Attacks on political campaigns can disrupt campaign operations and compromise sensitive campaign data. Invasion of election systems or campaigns can undermine trust in the electoral process and lead to a loss of confidence in the integrity of elections. Cyber terrorists may use the internet and social media to spread propaganda and manipulate public opinion, which can lead to social and political instability and potentially the collapse of a government ( Golase, 2022 ). They can result in the loss of privacy or sensitive information thus undermining trust in a government and can potentially lead to its collapse. It is difficult to say with certainty whether any government has fallen solely because of cyberterrorism, as most major events have multiple causes. However, there have been several instances in which cyber-attacks have played a role in social and political instability and the downfall of governments. In 2011 ( Rahimi, 2011 ), a series of protests and uprisings swept across the Middle East and North Africa, leading to the overthrow of several governments. The use of social media to organize and disseminate information played a significant role in the Arab Spring, and some experts believe that cyber-attacks on government communication systems may have contributed to the instability. During the 2016 US presidential election ( Berghel, 2017 ), Russian hackers were found to have targeted the campaign of Hillary Clinton and hacked the email accounts of Democratic Party officials, leading to the release of sensitive information through WikiLeaks. Some experts believe that these attacks may have influenced the outcome of the election. In 2020 ( Voltz, 2021 ), it was discovered that a group of hackers had compromised the software of SolarWinds, a major provider of IT management software, to gain access to the networks of SolarWinds’ customers. The attack affected several government agencies in the United States, leading to concerns about the integrity of the US government’s systems and the potential for further damage. The concept of cyberterrorism can be traced back to the 1990s ( Baldassarre, 2023a ), when the rise of the Internet and discussions on the “information society” raised concerns about potential risks for the highly networked US. This notion of cyberterrorism evoked psychological fear, combining apprehension of random violence with distrust of computer technology. After the 9/11 attacks, cyberterrorism gained prominence in security and terrorism discourse, and debates over national security attracted political actors with broader agendas. The media played a role in sensationalizing cyberterrorism, leading to misuses of the term and overblown reactions to incidents, which muddled the understanding of the actual threat posed by cyberterrorism.

The post-9/11 era ( Bastug, Onat & Guler, 2023 ) saw an emergence of a lucrative industry dedicated to countering cyberterrorism, with think tanks, experts, and private companies actively addressing the issue. Government investment and public concern heightened, with warnings from high-level officials and media coverage further fueling anxiety. However, this climate of heightened attention has led to instances of labeling hacking and cybercrimes as “cyberterrorism” without a precise definition. To better grasp the true danger of cyberterrorism, it is essential to define the term accurately and distinguish between actual threats and broader concerns about cybersecurity. In summary, the concept of cyberterrorism emerged in the 1990s, evoking psychological fear and becoming a focal point after the 9/11 attacks. The subsequent years witnessed both political and economic investments in countering cyberterrorism, along with media sensationalism that muddled the understanding of the actual threat. A clear and precise definition is crucial to differentiate genuine cyberterrorism incidents from cybersecurity concerns.

Cyberterrorism: how it affected the Middle East

Cyberterrorism has recently had a significant negative impact on the Middle East. A variety of cyberattacks have been launched against the area, including assaults on vital infrastructure, the dissemination of propaganda on social media and other online platforms, and the interruption of communication networks. In addition, the region has also been the source of several cyber-attacks, with a few state-sponsored hacking groups operating in the region ( Venkatachary, Prasad & Samikannu, 2018 ). The impact of these attacks has been significant, causing disruption and harm to individuals and societies in the region. The impact of cyber-attacks has been varying depending on a few factors as well the location and infrastructure of countries. However, some countries in the the Middle East region have been the target of many cyber-attacks and have experienced significant disruption as a result. Iran ( Rudner, 2013 ) has been the subject of several cyberattacks, including the Stuxnet worm that disrupted the nation’s nuclear program and the Shamoon malware that erased data from tens of thousands of computers at Saudi Arabia’s Aramco and Qatar’s RasGas. Several cyberattacks have also targeted Saudi Arabia ( Elnaim, 2013 ), notably the Shamoon virus and the “Cutting Sword of Justice” breach, which were directed at the nation’s infrastructure to produce natural gas and oil. Tens of thousands of computers at the Qatari natural gas business RasGas and the Saudi Arabian oil major Aramco had their data destroyed by the Shamoon malware. The attack was believed to have been carried out by Iranian hackers while a group calling itself the “Cutting Sword of Justice” hacked into the computer systems of Saudi Arabian oil and natural gas company Saudi Aramco and released sensitive data online. The group claimed to be protesting Saudi Arabia’s foreign policy and human rights record.

The United Arab Emirates has also been the target of several cyber-attacks, including the “Hack the UAE” campaign ( Shires, 2020 ), which targeted government websites, and the “Sea Turtle” campaign, which targeted several organizations in the country. In 2017, it was discovered that a group of hackers known as “Sea Turtle” had been conducting cyber espionage campaigns against several organizations in the UAE and other countries in the Middle East. The group was believed to be state sponsored ( Neagu & Savu, 2019 ). In 2017, the UAE was targeted by the advanced persistent threat group belonging to DarkHotel, which was believed to be operating out of North Korea. The group targeted a few organizations in the UAE with malware ( Alrawi et al., 2021 ). On 29 December 2022, a hacker downloaded private code repositories using limited swiped employee tokens, however neither Slack’s main codebase nor any client data were contained in the repositories. Slack is one of the most popular workplace communication applications as a result. The hack may have been carried out by an external threat actor, as the owning authority said there was no impact on its code or service as they immediately invalidated those stolen tokens and that the unauthorized access did not stem from a weakness intrinsic to the business. On December 4th, 2023, a data gathering sale including more than 200 million Twitter profiles began. A 59 GB RAR bundle containing the stolen material was made public. The scrapers utilizing earlier data collections were able to compromise the vulnerable API. Microsoft Azure services were susceptible to server-side request forgery (SSRF) attacks on January 17, 2023, due to four vulnerabilities. Azure Functions, Azure Machine Learning, and Azure Digital Twins were among the services offered. If these SSRF flaws had gone unpatched, they might have had a big effect on Microsoft Azure Services. These vulnerabilities were mitigated because of Microsoft’s quick response, which was done before they could do any significant harm ( Onat et al., 2022 ).

cyberterrorism: how it affected the East Asia

Eastern Asia is one of those regions that have been heavily affected by Cyberterrorism. As a result of inter-regional and intra-regional competition, the prominent countries of East Asia have been indulged in a few cyber-attacks. There have been several cyber-attacks on China in recent years. A wave of cyberattacks known as “Titan Rain” in the middle of the 2000s attacked various American government and military institutions ( Taddeo, 2017 ) as well as businesses in a few other nations. The attacks were believed to have been carried out by hackers based in China. In 2009, it was discovered that a group of hackers had compromised the computer systems of a few organizations in China, including government agencies and embassies. The group, known as “GhostNet” was believed to be based in China ( Ghose et al., 2019 ). It was uncovered in 2015 that China has been launching massive denial-of-service assaults against websites in other nations using a device known as the “Great Cannon”. It was thought that the attacks were a retaliation for criticism of China’s human rights record. Overall, these examples show that China has been the target as well as the base for a few cyber-attacks. Japan has also been the target of cyber warfare over the passage of years. Several Japanese websites, including the government website, were subjected to a series of denial-of-service assaults in 2014 by a gang of hackers going by the name of “Lizard Squad” ( Lunsford & Boahn, 2015 ). In 2015, a group of hackers launched the “OpJapan” campaign, targeting several Japanese websites and organizations. The organization asserted that they were in opposition to Japan’s participation in the Trans-Pacific Partnership trade deal. In 2017, the “WannaCry” ransomware attack affected businesses and government agencies in more than 150 countries, including Japan. The attack was estimated to have cost businesses billions of dollars ( Chow, Yau & Li, 2015 ).

Korea has had some instances of its own when it comes to falling under the radar of cyberterrorism. In 2013, a series of cyber-attacks known as “Dark Seoul” targeted the computer systems of banks and media organizations in South Korea ( Marpaung & Lee, 2013 ). The attacks were believed to be the work of North Korean hackers. The Sony Pictures Entertainment computer systems were breached in 2014 ( Afful-Dadzie et al., 2016 ), which resulted in the disclosure of confidential information and the postponement of the release of the film “The Interview,” which was critical of North Korean leader Kim Jong-un. The incident was attributed to North Korea by the US authorities. In 2017, the “WannaCry” ransomware attack ( Kao & Hsiao, 2018 ) affected businesses and government agencies in more than 150 countries, including South Korea. The attack was estimated to have cost businesses billions of dollars. Some prominent instances of cyberterrorism in Hong Kong include the “GhostNet” attacks, Operation Aurora, and Tibetan Sun. In 2009, it was discovered that a group of hackers had compromised the computer systems of several organizations in Hong Kong, including government agencies and embassies. The group, known as “GhostNet,” was believed to be based in China. In 2010, a series of cyber-attacks known as “Operation Aurora” ( Kim, Kim & Park, 2014 ) targeted several companies in Hong Kong and other countries, including Google. The attacks were believed to be the work of hackers based in China. In 2018, it was discovered that a group of hackers had compromised the computer systems of the Tibetan government-in-exile and other Tibetan organizations. The group, known as “Tibetan Sun,” was believed to be based in China ( McVey, 2015 ). Therefore, it can be observed that just like the Middle East, East Asia has also been the victim of many cyberterrorisms acts over the years and these threats continue to rise in the future as well.

Cyberterrorism: a global cyber-massacre

As this study discussed in the previous sections about the role and impact of cyberterrorism on Middle East and East Asia, the rest of the world has also fallen prey to this vicious act many a times that makes cyberterrorism a global massacre. USA, one the strongest economic and defense states fell victim to cyber-invasion on several occasions. In 1998, a hacker named “Lozano” launched a series of cyber-attacks on several US government websites, including the websites of the Department of Defense and the US Air Force. In 1999, a series of cyber-attacks known as “Moonlight Maze” targeted several US government agencies, as well as universities and research institutions. The attacks were believed to be the work of Russian hackers ( Dawson, 2015 ). In 2016, Russian hackers were found to have targeted the campaign of Hillary Clinton and hacked the email accounts of Democratic Party officials, leading to the release of sensitive information through WikiLeaks ( Nakashima, 2016 ). Some experts believe that these attacks may have influenced the outcome of the election. In 2020, it was discovered that a group of hackers had compromised the software of SolarWinds, a major provider of IT management software, to gain access to the networks of SolarWinds’ customers. The attack affected several government agencies in the United States, leading to concerns about the integrity of the US government’s systems and the potential for further damage.

The United Kingdom has had its share of numerous cyber incidents. In 2007, a series of cyber-attacks targeted the computer systems of Estonian government agencies, banks, and media outlets. The attacks were believed to be the work of Russian hackers. In 2012, a group of hackers known as “Darkleech” targeted the websites of a few UK businesses, including the Daily Mail and the BBC. The group was believed to be based in Russia ( Radhakrishnan, Menon & Nath, 2019 ). In 2018, the UK government accused Russia of carrying out a cyber-attack on the country’s foreign office and other government agencies. Russia has been always in the news whenever any incident of cyberterrorism is reported anywhere in the world. The reason for this is the involvement of Russian hackers and terrorists behind some of the major cyber-attacks that have happened around the globe. Russian hackers were thought to have carried both the Moonlight Maze assaults in 1999 and the Estonia cyberattacks in 2007. In 2018, the UK government accused Russia of carrying out a cyber-attack on the country’s foreign office and other government agencies ( Lam, 2018 ). Australia has also been dealing with this act along with other nations. In 2018, the Australian Cyber Security Centre was targeted by a cyber-attack. The attack was believed to be the work of a foreign state-sponsored group. In 2015, a group of hackers launched the “OpAustralia” campaign, targeting several Australian websites and organizations. The group claimed to be protesting the Australian government’s proposed data retention laws ( Hardy & Williams, 2014 ). Some of the vulnerabilities were discovered and patched relatively quickly, while others remained unpatched for a longer period, leaving systems and devices at risk. Zero Day was a Chrome browser zero-day vulnerability. It was found in 2022 and gave hackers the ability to run arbitrary code on a user’s computer by tricking them into visiting a malicious website. Although the flaw was fixed in a subsequent version of Chrome, many users remained at risk until they updated.

Peeking from the conclusions and instances discussed in the previous sections, it can be deduced that Cyberterrorism is a global problem for several reasons. First, the internet is a global network that allows hackers to target individuals and organizations around the world. This means that cyber-attacks can have a global impact, even if they are launched from an individual location. Second, the global nature of the internet makes it difficult to track the origins of cyber-attacks. Hackers can use a variety of techniques to obscure their identity and location, making it difficult to identify the perpetrators of cyber-attacks and hold them accountable. The increasing reliance on the internet and digital technologies has made businesses and governments around the world more vulnerable to cyber-attacks. As increasingly critical systems and infrastructure are connected to the internet, the potential for harm from cyber-attacks increases. Overall, the global nature of the internet and the increasing reliance on digital technologies make cyberterrorism a global problem that requires international cooperation to be addressed. As it intersects with various value systems in various nations, combating cyberterrorism presents a challenging problem. One country’s definition of cyberterrorism may differ from another’s definition of resistance or war. Based on geopolitical factors, historical conflicts, and ideological differences, different contexts are understood differently by cyberterrorism ( Tehrani, Manap & Taji, 2013 ). For instance, in the ongoing conflict in Ukraine, a cyberterrorist aiming for the United States might be viewed as a soldier defending their interests in Russia. It is challenging to develop a consistent, global strategy for addressing cyberterrorism because of the various perspectives and interpretations of this problem. Additionally, there are significant difficulties in combating cyberterrorism related to cross-border enforcement. Because cyberspace has no borders, cyberterrorists can operate from one country while carrying out attacks in another. The speed and anonymity offered by the digital world are difficult for traditional legal systems and jurisdictional boundaries to keep up with. To identify, investigate, and prosecute cyberterrorists, international cooperation becomes crucial. However, ineffective cross-border enforcement efforts are hampered by disparities in legal systems, political unrest, and contrasting priorities. To effectively combat cyberterrorism and hold perpetrators accountable, it is essential to close these gaps and build strong international partnerships. The section below provides an overview of some of the cyberattacks that happened in recent years across the globe. Figure 2 gives a quick look of these cyberattacks.

An external file that holds a picture, illustration, etc.
Object name is peerj-cs-10-1772-g002.jpg

Code Red and Nimda Worms (2001): Code Red and Nimda were two significant worms that targeted Microsoft IIS web servers in 2001. Code Red exploited a vulnerability to deface websites, while Nimda was a multi-vector worm that spread through various means, causing widespread disruptions ( Sharma, 2011 ).

MyDoom (2004): MyDoom was a widespread email-based worm that carried a payload designed to launch DDoS attacks against various websites. It was one of the fastest-spreading worms at the time ( Chau, 2007 ).

Sasser Worm (2004): Sasser was a computer worm that exploited a vulnerability in Windows operating systems. It caused widespread infections and system instability ( Labir, 2004 ).

Stuxnet (2010): Stuxnet was a highly sophisticated worm designed to target industrial control systems, particularly those used in Iran’s nuclear facilities. It was the first known worm specifically developed for cyber-espionage and sabotage. The primary target was Iran’s nuclear program, with a specific focus on centrifuge controls. It caused physical damage to Iran’s nuclear infrastructure and demonstrated the potential for cyberterrorism to have real-world, destructive consequences. It marked a significant shift in the landscape of cyber threats ( Collins & McCombie, 2012 ).

Yahoo data breaches (2013 and 2014): Yahoo experienced two massive data breaches that exposed the personal information of billions of users. The breaches were disclosed years later, leading to significant consequences for the company ( Whitler & Farris, 2017 ).

Sony pictures hack (2014): Sony Pictures Entertainment was the target of a cyberattack by a group calling themselves the “Guardians of Peace.” The attack resulted in the leakage of sensitive corporate data and unreleased films, causing significant damage to the company. The primary target was Sony Pictures Entertainment. The attack had severe consequences for the company, including financial losses, reputational damage, and legal implications. It also raised concerns about the impact of cyberterrorism on the entertainment industry ( Ismail, 2017 ).

WannaCry ransomware (2017): WannaCry was a global ransomware attack that exploited a Windows vulnerability. It infected hundreds of thousands of computers in over 150 countries, encrypting data and demanding a ransom for decryption ( Mohurle & Patil, 2017 ).

NotPetya (2017): NotPetya was a destructive ransomware attack that initially masqueraded as a ransomware campaign but had a much broader impact. It exploited a vulnerability in a tax software widely used in Ukraine, spreading through software updates to organizations around the world. It primarily targeted Ukraine, affecting government agencies, financial institutions, and critical infrastructure. However, it quickly spread globally, impacting companies like Maersk, FedEx, and Merck. The attack caused widespread disruption and financial losses, particularly for affected multinational companies. It also raised concerns about the potential for cyberterrorism to cause physical harm, given its impact on critical infrastructure ( Fayi, 2018 ).

Equifax data breach (2017): Equifax, one of the major credit reporting agencies in the United States, suffered a massive data breach that exposed the personal information of millions of individuals. It had significant implications for affected individuals’ financial security ( Primoff & Kess, 2017 ).

SolarWinds supply chain attack (2020): A sophisticated supply chain attack compromised SolarWinds’ software update mechanism, allowing attackers to distribute malware to thousands of SolarWinds customers. The primary targets were US government agencies, including the Department of Homeland Security and the Pentagon, as well as private sector organizations. The attack exposed sensitive government and corporate data, raising concerns about the potential for cyberterrorism to compromise national security and critical infrastructure. It prompted a significant cybersecurity response and diplomatic efforts ( Wolff, Growley & Gruden, 2021 ).

Colonial Pipeline ransomware (2021): Colonial Pipeline, a major US fuel pipeline operator, was targeted by a ransomware attack. DarkSide, a cybercriminal group, was responsible for the attack, which involved encrypting the company’s systems and demanding a ransom for decryption. The attack directly affected Colonial Pipeline, disrupting fuel supplies along the East Coast of the United States. The attack led to fuel shortages, panic buying, and significant economic disruption. Colonial Pipeline paid a substantial ransom to regain control of its systems ( Dudley & Golden, 2021 ; Leu et al., 2023 ).

These are just a few examples of recent high-profile cyberattacks and data breaches. Cybersecurity threats continue to evolve, and organizations and governments are constantly working to enhance their security measures to defend against these and future attacks. It’s important to stay informed about cybersecurity developments and best practices to protect against such threats.

The attribution and prosecution of cyberterrorism incidents pose several challenges, primarily due to the anonymous and cross-border nature of cyber activities. For example, cyberterrorists often operate under pseudonyms or with a high degree of anonymity, making it challenging to identify the actual individuals or groups responsible for the attacks. Malicious actors can deliberately mislead investigators by attributing their attacks to others, complicating accurate attribution. Cyberterrorism incidents can span multiple countries, which raises jurisdictional issues and complexities in coordinating international investigations and prosecutions. Cyberterrorists may compromise and use the infrastructure of third-party entities, making it difficult to trace the source of the attack back to the actual perpetrators. Advanced Persistent Threats (APTs) groups maintain persistent access to systems and cover their tracks, making detection and attribution more challenging. The use of encryption and anonymization tools can obfuscate communications and hide the origin of attacks. Some cyberterrorism incidents may be linked to nation-states, which can complicate the attribution process due to diplomatic and geopolitical considerations. In some cases, countries may be reluctant to share evidence or collaborate in cyberterrorism investigations, hindering the attribution process. The political implications of attributing cyberterrorism to specific state or non-state actors can affect the willingness to prosecute or take punitive actions. Developing and maintaining strong digital forensics capabilities is essential for attribution, but not all countries or organizations have the required expertise and resources. Balancing the need for effective cybersecurity with privacy and civil liberties concerns can be challenging, especially in cases involving surveillance and data collection. Meeting the legal burden of proof in court, especially when attributing an attack to specific individuals or groups, can be demanding and may require substantial evidence. Despite these challenges, efforts are ongoing to improve attribution and prosecution of cyberterrorism incidents. This includes enhancing international cooperation, sharing threat intelligence, developing more sophisticated forensic techniques, and strengthening cybersecurity laws and regulations. Addressing these challenges is crucial for deterring cyberterrorist activities and holding malicious actors accountable ( Tehrani, Manap & Taji, 2013 ).

Cyberterrorism: preventions and countermeasures

The consequences of a cyber-attack can be severe, so it is important to take measures to fight cyberterrorism since cyberattacks can have severe consequences. There is a potential of economic loss, damage to a country’s reputation and stability, and even the loss of life due to cyberterrorism. There can also be widespread disruptions and chaos when critical infrastructure, such as power grids and hospitals, are disrupted. The security and reliability of technology can also be undermined by cyberattacks, making people uncertain about the security and reliability of their systems ( Leu et al., 2023 ). Taking preventative measures and mitigating the potential consequences of a cyberattack are two of the most important measures individuals and organizations can take to reduce their risks of being victimized by a cyberattack. Here we will discuss the preventive measures in the form of sections.

Role of network and system security against cyberterrorism

Security of networks and systems is a critical component of protecting yourself from cyberterrorism. Cyberattacks are often directed at networks and systems to gain access to sensitive information or disrupt operations, which is often the goal of cyberattacks. Organizations can reduce the risk of these types of attacks by implementing effective security measures and reducing the consequences of these attacks by implementing these measures. Security of networks and systems can only be achieved by combining technical controls, such as firewalls and antivirus software, with non-technical controls, such as employee training and incident response plans. Technical controls assist in preventing unauthorized access to networks and systems, whilst non-technical controls serve to guarantee that staff are aware of the importance of cybersecurity and are informed of what to do in the case of an attack ( Leu et al., 2023 ). To ensure that their security measures remain effective against the changing threats landscape, it is imperative that organizations regularly review and update their security measures. The measures taken to address these vulnerabilities may include implementing innovative technology, such as intrusion detection systems and network monitoring tools, and conducting regular security assessments to identify and address potential vulnerabilities.

It is also important for organizations to have a plan in place for responding to a cyberattack, which should include identifying key personnel and establishing clear channels of communication in the event of a cyberattack. There are several network and system security measures ( Klein, 2015 ) that can be adopted to prevent cyberterrorism such as, ensuring the use of strong, unique passwords and enabling two-factor authentication, keeping all the software and security system up to date with latest security patches, using authenticated and strict firewalls, implementing intrusion systems that may alert administration of the potential breach, utilizing a trusted antivirus software, conducting regular security assessments to identify network and system vulnerabilities, implementing access control mechanisms to limit the access of unauthorized users towards sensitive data, having a plan in place in case of a cyber-attack, making sure that employees are educated about cybersecurity best practices, such as not sharing passwords and not clicking on suspicious links etc.

Cyberterrorism: legal explication and procedures

Global legal systems have been significantly impacted by cyberterrorism. The exploitation of information and communications technologies (ICT) by terrorists, especially the Internet and new technologies that allow for anonymous communication, is a growing worry. An all-encompassing cybersecurity strategy is being developed by the UN Office of Counterterrorism. While some nations have passed national anti-cyberterrorism legislation ( e.g. , Kenya’s Section 33 of the Computer Misuse and Cybercrimes Act of 2018 and Pakistan’s Section 10 of the Prevention of Electronic Crimes Act of 2016), cyberterrorism is not expressly forbidden by international law. The concept of cyberterrorism has permeated China’s expansive national security agenda, which aims to thoroughly manage, regulate, securitize, and monitor its cyber sovereignty, as demonstrated by Chinese legislation, policies, and judicial practice. This indicates that China has adopted a comprehensive strategy to manage and govern its cyberspace to safeguard its interests in national security ( Khater, 2023 ). Cyberterrorism has a wide range of effects on the US legal system, including those on the criminal justice system, national security, the economy, and civil liberties. The threat that cyberterrorism poses to conventional investigation techniques is one of the most important effects it has on the US legal system. It can be challenging to identify and apprehend those responsible for cyberattacks since they frequently come from people or organizations spread throughout the globe. The investigation and prosecution process are further complicated by the fact that cyberattacks can be launched from any location with an internet connection. As a result, the legal system has had to create fresh approaches to investigating and trying cases of cyberterrorism. To prevent cyberterrorism, the United States has implemented a few legal measures and laws. For instance, the Computer Fraud and Abuse Act (CFAA) of 1986 makes several computer-related offences, like hacking and unauthorized access to computer systems, illegal. Following the 9/11 attacks, Congress passed the Patriot Act, which increased government surveillance capabilities and permitted the gathering of electronic communications data ( Wei, 2022 ).

To address cybersecurity and cybercrime, Russia has implemented several laws. The “Yarovaya Law,” which mandates communication carriers to preserve user data for up to three years and give the FSB access to this data, was passed by the State Duma (Russia’s lower house of parliament) in 2016. The law’s opponents claim that it infringes users’ privacy and gives the government excessive authority to track and regulate online activities. Russia has also entered into alliances and agreements of cooperation with other nations. To increase cooperation in avoiding cyberattacks and fostering the development of global norms and regulations in cyberspace, Russia and China issued a joint statement on cooperation in the field of international information security in 2020. Cyberterrorism has been criminalized internationally through a variety of legal means, including legislative, regulatory, and law enforcement activities. The creation of international legal frameworks that offer direction on the prevention and prosecution of cybercrimes has been a significant undertaking. As an illustration, the Council of Europe Convention on Cybercrime, adopted in 2001, offers a framework for harmonizing national legislation on cybercrime and promotes international collaboration in the prevention and prosecution of cybercrime. many nations have created their own laws and rules. The CFAA and the Patriot Act, for instance, give the US government the legal authority to investigate and prosecute cybercrimes, and the NIST has created a framework for enhancing the cybersecurity of critical infrastructure ( Baldassarre, 2023 ). Given that cyberattacks frequently come from outside national borders, international collaboration is also essential in the fight against cyberterrorism. To encourage data exchange and collaborative research, many nations have formed alliances and agreements. For instance, to encourage cooperation on cybersecurity and cybercrime issues, the US and the UK joined the US-UK Cybersecurity Dialogue. In conclusion, a variety of international legal measures have been taken to combat cyberterrorism, including the creation of international legal frameworks, the development of national legislation and regulations, the establishment of specialized units to combat cybercrime, and the encouragement of global cooperation and partnerships. It is expected that nations will continue to develop and adapt legal measures and policies to handle this expanding threat as cyberterrorism develops. Figure 3 . shows some of the mainstream countermeasures that a state must adopt to face off the cyberterrorism challenge. These countermeasures can enhance a state’s cybersecurity posture and help protect against cyber threats. Here is a more detailed breakdown of each countermeasure:

An external file that holds a picture, illustration, etc.
Object name is peerj-cs-10-1772-g003.jpg

Education and awareness: Promoting cybersecurity education and awareness among the public, government employees, and critical infrastructure operators is essential to ensure that individuals and organizations are aware of potential threats and how to mitigate them.

Robust cyber defense: Developing and maintaining strong cybersecurity measures, including firewalls, intrusion detection systems, and antivirus software, is crucial to prevent and respond to cyberattacks effectively.

International cooperation: Collaboration with other countries and international organizations is essential to share threat intelligence, investigate cyber incidents, and develop a coordinated global response to cyberterrorism.

Research and development: Investment in cybersecurity research and development is necessary to stay ahead of emerging threats and develop innovative technologies and strategies to protect against cyberterrorism.

Cyber incident response: Establishing a well-defined incident response plan helps in effectively managing and mitigating the impact of cyber incidents when they occur.

Strong legal framework: Implementing and enforcing cybersecurity laws and regulations provides a legal basis for prosecuting cybercriminals and deterring malicious actors.

International agreements and norms: Participating in and promoting international agreements, norms, and treaties related to cyberspace can help establish rules of behavior and cooperation in the digital domain.

Continuous monitoring and intelligence: Continuous monitoring of networks and systems, along with intelligence gathering and analysis, allows for early detection of cyber threats and better decision-making in response to those threats.

Collaboration with the private sector: Collaboration with private sector organizations, which often own and operate critical infrastructure, is vital. Public–private partnerships can improve information sharing and enhance cybersecurity measures.

By implementing these countermeasures, states can significantly improve their resilience against cyberterrorism and other cyber threats. It is important to adapt and evolve these measures to address the evolving nature of cyber threats and to stay proactive in safeguarding national security and critical infrastructure.

Analysis of impact—economic, social, and political

The economic, social, and political consequences of cyberattacks, including cyberterrorism, are far-reaching and profound:

Economic consequences

Cyberattacks resulted in significant financial losses for affected organizations due to theft, fraud, or business disruption with substantial recovery costs, including cybersecurity investments. When customer data is compromised, or services are disrupted, businesses may experience reputational damage that can lead to a loss of customer trust and reduced revenue. Rising cyber insurance premiums and deductibles have burdened businesses, impacting their operational costs. Cyberattacks on critical infrastructure have disrupted supply chains, affecting production, delivery, and the overall economy.

Social consequences

Data breaches have led to the exposure of sensitive personal information, eroding individuals’ privacy and potentially leading to identity theft or fraud. The fear and anxiety generated by cyberterrorism attacks have a psychological impact on individuals and society, eroding feelings of security and trust. In some cases, particularly when critical services are disrupted, social unrest has occurred as people became frustrated with the inability to access essential services.

Political consequences

Cyberattacks on government institutions, defense systems, or critical infrastructure posed a significant national security threat, potentially compromising a nation’s ability to defend itself. State-sponsored cyberattacks or cyber espionage escalated international tensions and strained diplomatic relations between countries. High-profile cyberattacks have led to policy changes, new regulations, and increased government involvement in cybersecurity, which has affected businesses and individuals. Failures to protect against cyberattacks eroded public trust in government and its ability to ensure national security and infrastructure resilience.

Countering cyberterrorism: global policies and procedures

The threat must be countered no matter how critical it is. Therefore, with the ever-growing threat of cyberterrorism, various global policies and countermeasures have been put in place. As part of China’s efforts to counter the threat of cyberterrorism within its borders, there have been several steps taken ( Yagya & Ashurova, 2023 ). As part of the State Council’s cybersecurity plan released last year, the country outlined measures to strengthen the country’s cyber defenses, such as improving the country’s ability to detect and respond to cyber threats as well as enhancing critical infrastructure protection from cyber-attacks. To protect itself against cyberattacks, China has implemented several technical measures in addition to these efforts. To secure networks and systems, firewalls, intrusion detection systems, and other technologies are used. China has also passed a few cybersecurity rules and laws, such as the People’s Republic of China’s Cyber Security Law, which took effect in 2017. This law’s goals are to safeguard the confidential information of the nation’s residents, as well as the key infrastructure of the federal government and the nation’s overall cybersecurity. Additionally, China has established several cybersecurity agencies and organizations for the purpose of coordinating efforts to combat cyber threats. The National Computer Network Emergency Response Technical Team Coordination Center (CNCERT), which coordinates the response to cyber emergencies, and the Cyberspace Administration of China, which oversees managing the nation’s cybersecurity policy, are two of the organizations in charge of doing so.

Several agencies and organizations within the United States have been charged with addressing the threat of cyberterrorism and protecting against cyberattacks to counter it. Among the responsibilities of the Department of Homeland Security (DHS) is the protection of the nation’s critical infrastructure against cyber threats, as well as the coordination of efforts to combat cyberattacks. Information sharing and incident response are handled by the National Cyber Security and Communications Integration Center (NCCIC), a division of the DHS. Investigations and prosecutions of cybercrimes, including cyberterrorism, are the responsibility of the Federal Bureau of Investigation (FBI) ( Qi, Shao & Zheng, 2018 ). To protect military systems and networks from cyberattacks, the Department of Defense (DOD) has implemented a few cybersecurity initiatives. Several laws and regulations have also been implemented by the United States to address cybersecurity. Among them are the Cybersecurity Act of 2015 ( Cunningham, 2021 ; Tran, 2016 ) and the Cybersecurity and Infrastructure Security Agency Act of 2018. They establish a framework for sharing information and responding to incidents, as well as strengthening critical infrastructure’s cybersecurity. Russia’s Federal Security Service (FSB) is responsible for investigating and prosecuting cybercrimes, as well as protecting against cyber threats. Russia’s Federal Protective Service (FSO) protects the government’s communications and information systems from cyberattacks ( Fischer, 2017 ). The Federal Service for Technical and Export Control (FSTEC), which oversees cybersecurity, regulates Russia’s key infrastructure industries. Russia has enacted a few laws and regulations that address cybersecurity, in addition to the Federal Law on Information, Information Technologies, and the Protection of Information. Also, it describes how government agencies and companies should respond to cyber threats and how personal information should be secured. [Cyber] risks are described in detail.

Saudi Arabia has established National Cyber Security Center (NCSC) responsible for coordinating efforts to protect against cyber threats and promoting cybersecurity in Saudi Arabia ( Hindocha, 2020 ). Under the National Cybersecurity Authority (NCA), cybersecurity measures are implemented in the country and regulations are complied with. Among other things, Saudi Arabia has a cybercrime law that criminalizes cyberterrorism as well. Individuals and organizations involved in cybercrimes can be investigated and prosecuted under this law. The Saudi Arabian National Cybersecurity Regulations and the Saudi Arabian National Cybersecurity Strategy address cybersecurity. The regulations aim to strengthen the cybersecurity of critical infrastructure and establish a framework for sharing information and responding to incidents. Two of the institutions and organizations that have been formed by Saudi Arabia to combat the effects of cybercrime are the Saudi Arabian Monetary Authority (SAMA) and the Saudi Arabian General Investment Authority (SAGIA), respectively ( Alshammari & Singh, 2018 ; Alzubaidi, 2021 ). UAE’s National Electronic Security Authority (NESA) oversees cybersecurity measures and protects the nation from cyber threats ( Al Mazari et al., 2018 ; Younies & Na, 2020 ). Several cyber security agencies and organizations have been established to address cyber threats, including the National Crisis and Disaster Management Authority (NCEMA) and National Computer Emergency Response Team (aeCERT) ( Grzegorzewski, 2020 ). In Iran, the National Cyberspace Center (NCC) is responsible for coordinating efforts to protect against cyber threats and promote cybersecurity ( Makarova, 2021 ). Several cybersecurity agencies and organizations have been established in Iran to coordinate efforts to address cyber threats, such as the Center for Strategic Studies on Cyberspace (CSSC) and the National Computer Emergency Response Team (MAHER) ( Solgi, Khodaverdi & Poustinchi, 2022 ).

Similarly, countries like France ( Vitel & Bliddal, 2015 ), Turkey ( Atalay & Sanci, 2015 ), Germany ( Lapotnikova, 2019 ), England ( Loveday, 2018 ), Japan ( Christou & Nitta, 2018 ), Hong Kong ( Chang, 2020 ), Korea ( Park, 2021 ), Belgium ( Chang, 2020 ), Malaysia ( Chang, 2020 ), Indonesia, India ( Chang, 2020 ), Pakistan ( Munir & Gondal, 2017 ), and other countries around the globe have their own dedicated Agencies and institutions that specifically look for any kind of intrusion or invasion from an external source and look to counter it on the spot. Furthermore, all the nations have their own set of rules, mechanisms, laws, and procedures to prevent any kind of inter-regional or intraregional cyberterrorism activity. These preventive measures help in reduction of cyberterrorism up to a massive extent it but, with the passage of time, the technology is getting advanced, and attackers are finding innovative ways of breaching into the security. That is why it is essential to keep monitoring the effects of latest cyber-attacks and proposed countermeasures against them. Table S1 shows an overview of some of the literature works that covered the concept, worldwide causes and countermeasures of cyberterrorism that we have discussed in the previous sections.

Evolving nature of cyberterrorism—a forward-looking perspective

The evolving nature of cyberterrorism is marked by ever-changing tactics, new attack vectors, and shifting motivations. Current trends, emerging threats, and potential future scenarios highlight the need for continuous vigilance and adaptation in the realm of cyberterrorism. Nation-states are increasingly involved in cyberterrorism, using advanced tools and techniques to further their political and geopolitical goals. These state-sponsored cyberterrorist acts could include attacks on critical infrastructure, espionage, and disruption of services. The convergence of cyber and physical domains opens the door to more destructive cyberterrorist attacks. Future scenarios may involve targeted attacks on Industrial Control Systems (ICS) and Internet of Things (IoT) devices, potentially causing real-world harm and physical destruction. Cyberterrorist groups are adopting Advanced Persistent Threats (APT)-like tactics, techniques, and procedures to maintain long-term access to systems and stealthily conduct espionage or disruptive activities. Cyberterrorism increasingly involves information warfare, disinformation campaigns, and intellectual property theft. Future scenarios may see the use of deepfake technologies to manipulate information and sow confusion. The threat from insiders who have access to critical systems and sensitive data remains a significant concern. Insiders can facilitate cyberterrorism efforts or engage in malicious acts on their own. Ransomware attacks may become more destructive, with cyberterrorist groups employing encryption methods and demanding larger ransoms. Critical infrastructure could be targeted, causing widespread disruption and potential loss of life. As technologies like 5G, quantum computing, and AI continue to advance, cyberterrorists will exploit these developments to launch more sophisticated and hard-to-detect attacks. The globalization of cyberterrorism means that groups can launch attacks from anywhere in the world, making it challenging to attribute and counter their actions. The motives behind cyberterrorism may continue to diversify, including ideological, political, financial, and even environmental factors. Future scenarios may see eco-terrorism involving cyberattacks on energy infrastructure. Cyberterrorism may extend beyond national borders into the realm of international conflict, with attacks serving as a tool in broader geopolitical disputes ( Lim, 0000 ; Sharma, 2023 ; Brooks, 2023 ; Kaspersky, 2023 ).

Addressing these evolving threats requires a forward-looking perspective, focusing on robust cybersecurity measures, information sharing, international cooperation, the development of effective response strategies, and ongoing investment in cybersecurity research and development. Furthermore, public awareness and preparedness are crucial elements in mitigating the evolving nature of cyberterrorism and its potential consequences.

Policy recommendations

Enhancing cybersecurity and countering cyberterrorism effectively requires a comprehensive approach that involves governments and organizations. Governments should establish a national cybersecurity strategy that outlines clear objectives, roles, and responsibilities. To strengthen their legal frameworks, they should enact and enforce strong cybersecurity laws and regulations to hold malicious actors accountable. Additionally, cyberterrorism-related offenses should be defined and classified. They should implement protective measures for critical infrastructure, such as energy, transportation, and healthcare systems and conduct regular security assessments and audits. Moreover, governments should collaborate with other countries to share threat intelligence, investigate cross-border cybercrime and participate in international agreements and norms to promote responsible behavior in cyberspace. Similarly, they should work closely with the private sector to improve information sharing, develop best practices, and enhance collective defense. Meanwhile, they should invest in cybersecurity education and training programs to address the shortage of skilled cybersecurity professionals and promote cybersecurity awareness and best practices among the public. They should establish national incident response teams, conduct regular drills to prepare for cyber incidents and develop a clear chain of command for incident response. Finally, sharing of advanced threat intelligence among government agencies, private organizations, and international partners should be encouraged.

As far as organizations are concerned, they should educate employees about cybersecurity best practices, such as strong password management, recognizing phishing attempts and implement regular security awareness training programs. Then, they should implement strong access control mechanisms, grant employees the least privilege necessary for their roles, monitor and audit user activities, enable multi-factor authentication (MFA) for all critical systems and applications to enhance authentication security. Additionally, they should maintain up-to-date software, apply security patches promptly to address vulnerabilities, create a patch management process to ensure timely updates and segment networks to limit lateral movement for attackers and contain potential breaches. Moreover, Security Information and Event Management (SIEM) solutions should be developed to monitor and analyze network activity for early threat detection and incident response. Cyber insurance policies should be purchased to mitigate financial risks associated with cyber incidents. Data encryption and backup techniques should be used to encrypt sensitive data at rest and in transit and to regularly back up data and ensure that backup systems are secure and accessible. Finally, organizations should assess and monitor the cybersecurity posture of third-party vendors and suppliers who have access to your systems or data. For that develop and test an incident response plan that includes steps for containment, eradication, and recovery ( IETF, 2007 ; ISO, 2009 ).

By following these policy recommendations and implementing these practical steps, governments and organizations can significantly enhance their cybersecurity and resilience against cyberterrorism and other cyber threats. A proactive and collaborative approach is crucial in the ever-evolving landscape of cyberspace.

Legal and ethical aspects

Legal and ethical considerations surrounding cyberterrorism are critical in addressing the complex challenges posed by acts of cyberterrorism. The international legal framework and national laws and regulations play a central role in defining, prosecuting, and preventing cyberterrorism. For example, the United Nations (UN) has been at the forefront of addressing cyberterrorism through its General Assembly resolutions, which encourage member states to cooperate and develop norms for responsible state behavior in cyberspace ( Henderson, 2021 ). The Tallinn Manual, a non-binding document developed by experts, provides interpretations of existing international law applicable to cyberspace, offering guidance on the legal framework surrounding cyber operations ( Pipyros et al., 2018 ). The Budapest Convention on Cybercrime, also known as the Council of Europe Convention on Cybercrime, is a multilateral treaty aimed at harmonizing laws and enhancing international cooperation in combating cybercrime, which includes provisions related to cyberterrorism ( Wicki-Birchler, 2020 ).

Many countries have established specific laws and regulations related to cyberterrorism, outlining offenses, penalties, and prosecutorial authorities. These laws vary from one jurisdiction to another, but common elements include defining cyberterrorism-related offenses, such as hacking, data breaches, or DDoS attacks, and specifying punishments. Laws often address issues related to jurisdiction, attribution, and extradition, as cyberterrorism can involve actors and activities across borders. Determining the intent and attribution in cyberterrorism cases can be challenging, as it requires clear evidence to establish motive and identify the responsible actors. Balancing security and civil liberties, including privacy and freedom of expression, is an ongoing ethical concern. Measures taken to counter cyberterrorism must be proportionate and respectful of individual rights. Prosecution of cyberterrorists involves legal processes that need to account for digital evidence, chain of custody, and international cooperation. Ensuring accountability for state-sponsored cyberterrorism can be complex, as it may involve diplomatic negotiations, international law, and political considerations. Preventing cyberterrorism involves addressing root causes and vulnerabilities, such as improving cybersecurity, countering radicalization, and promoting international cooperation to deter malicious actors. Upholding human rights is essential in the context of cybersecurity and countering cyberterrorism, as overly broad or invasive measures can infringe on individual freedoms. In summary, the legal and ethical considerations surrounding cyberterrorism involve a complex interplay of international legal frameworks, national laws, and ethical dilemmas. The pursuit of a balance between security and individual rights, as well as the development of effective legal mechanisms for prosecution and prevention, remains a challenge in addressing the evolving nature of cyberterrorism ( Tehrani, 2017 ).

Future work

The future research on cyberterrorism should encompass various critical areas to provide a comprehensive understanding of this evolving threat landscape. Firstly, investigating perceptions and awareness among diverse stakeholders, such as individuals, organizations, and government agencies, will shed light on the level of preparedness and recognition of cyberterrorism risks. Secondly, analyzing the impact of cyberattacks on different sectors, including finance, healthcare, and critical infrastructure, will offer valuable insights into the potential consequences and vulnerabilities that need to be addressed. Additionally, evaluating the effectiveness of existing countermeasures and strategies, along with identifying emerging technological trends, can help inform policymakers and security experts on the best practices to mitigate cyber threats effectively. Another crucial aspect of survey-based research is the examination of international cooperation and collaboration in combating cyberterrorism. As cyberattacks transcend national borders, understanding the extent of information sharing, joint efforts, and international treaties can highlight areas where global cooperation can be strengthened. Furthermore, investigating the legal and policy frameworks of various countries in response to cyberterrorism is essential to identify gaps and inconsistencies, enabling the formulation of harmonized and effective cyber laws. Such research can also delve into public perception and media influence, as understanding how the public perceives cyberterrorism can impact response strategies and public policies.

Moreover, exploring the psychological impact of cyberterrorism on society is critical to understanding the fear and anxiety generated by such threats. Survey-based research can help assess the emotional and psychological responses of individuals and communities, informing strategies to alleviate distress and enhance resilience. Lastly, an essential aspect of this research involves anticipating future threats and trends in cyberterrorism. By analyzing historical patterns and emerging technologies, researchers can contribute to proactive cybersecurity measures and policy development. In conclusion, survey-based research on cyberterrorism should address these multifaceted areas to provide a comprehensive and valuable contribution to the field of cybersecurity and global efforts to combat this complex and rapidly evolving threat.

Conclusions

Cyberterrorism involves the exploitation of computer and internet-based technologies to commit acts of violence. A variety of methods can be used, including hacking into computer systems to steal sensitive information, spreading malware to disrupt operations, and inciting violence or sowing discord on social media. Financial losses, life losses, reputational damage, and loss of stability can all be the results of cyberterrorism. Global efforts are being made to increase cybersecurity and strengthen resilience of critical systems against these attacks, which is a growing concern for governments and businesses. As a part of these efforts, non-technical and technical measures, such as staff training and incident response plans, are being introduced. Examples of technological measures include firewalls and antivirus software. However, despite these efforts, cyberterrorism has continued to be a significant threat. This is due to the ever-changing nature of the internet, as well as the ever-increasing reliance on technology across all facets of society because of the ever-increasing use of technology. Both factors contribute to the continued existence of cyberterrorism. To protect themselves from this threat, individuals and organizations must remain vigilant and update their security measures regularly to protect against it. Our survey analyzing types of cyberattacks, sectors targeted, repercussions, and countermeasures reveals a diverse landscape of threats, with phishing, malware, and DDoS attacks being common, impacting sectors such as finance, healthcare, and government most severely. Our findings also highlight the economic and reputational damage incurred by organizations and governments, as well as the need for robust cybersecurity strategies. However, our limitations include challenges in obtaining comprehensive data due to underreporting, the dynamic nature of cyber threats that evolve rapidly, and potential selection bias based on the sources surveyed. Additionally, measuring the effectiveness of countermeasures remains a complex endeavor, and their adaptation is hindered by resource constraints and evolving attacker tactics. Since cyberterrorism is an ever-evolving issue, future research could focus on finding the impact of certain policies developed by certain countries over cyberterrorism.

Supplemental Information

Supplemental information 1, funding statement.

This work was supported by the Arab Open University Saudi Arabia through research group No. AOUKSA-524008. The funders had no role in study design, data collection and analysis, decision to publish, or preparation of the manuscript.

Additional Information and Declarations

The author declares that she has no competing interests.

Saman Iftikhar conceived and designed the experiments, performed the experiments, analyzed the data, performed the computation work, prepared figures and/or tables, authored or reviewed drafts of the article, and approved the final draft.

Centre for Social Research & Methods

Education & training
Programs & research
Working papers
Methods research papers
COVID-19 publications
Other publications

Related Sites

ANU College of Arts & Social Sciences
Research School of Social Sciences
Australian National Internships Program

Cyber terrorism: research report of the Australian National University Cybercrime Observatory for the Korean Institute of Criminology

Tweets by ‎@WhatAustThinks

There were no tweets found.

Connect with us

Updated: 17 January 2018 / Responsible Officer: Centre Director / Page Contact: CASS Marketing & Communications

Contact ANU
Freedom of Information

+61 2 6125 5111 The Australian National University, Canberra TEQSA Provider ID: PRV12002 (Australian University) CRICOS Provider : 00120C ABN : 52 234 063 906

Search Menu
Sign in through your institution
Editor's Choice
Author Guidelines
Submission Site
Open Access
About Journal of Cybersecurity
Editorial Board
Advertising and Corporate Services
Journals Career Network
Self-Archiving Policy
Journals on Oxford Academic
Books on Oxford Academic

Article Contents

Exposure to cyberattacks and policy attitudes, the mediating role of threat perceptions, experimental method.

< Previous

Cyberattacks, cyber threats, and attitudes toward cybersecurity policies

Article contents
Figures & tables
Supplementary Data

Keren L G Snider, Ryan Shandler, Shay Zandani, Daphna Canetti, Cyberattacks, cyber threats, and attitudes toward cybersecurity policies, Journal of Cybersecurity , Volume 7, Issue 1, 2021, tyab019, https://doi.org/10.1093/cybsec/tyab019

Permissions Icon Permissions

Does exposure to cyberattacks influence public support for intrusive cybersecurity policies? How do perceptions of cyber threats mediate this relationship? While past research has demonstrated how exposure to cyberattacks affects political attitudes, the mediating role played by threat perception has been overlooked. This study employs a controlled randomized survey experiment design to test the effect of exposure to lethal and nonlethal cyberattacks on support for different types of cybersecurity policies. One thousand twenty-two Israeli participants are exposed to scripted and simulated television reports of lethal or nonlethal cyberattacks against national infrastructure. Findings suggest that exposure to cyberattacks leads to greater support for stringent cybersecurity regulations, through a mechanism of threat perception. Results also indicate that different types of exposure relate to heightened support for different types of regulatory policies. People exposed to lethal cyberattacks tend to support cybersecurity policies that compel the government to alert citizens about cyberattacks. People who were exposed to nonlethal attacks, on the other hand, tend to support oversight policies at higher levels. More broadly, our research suggests that peoples’ willingness to accept government cybersecurity policies that limit personal civil liberties and privacy depends on the type of cyberattacks to which they were exposed and the perceptions associated with such exposure.

In recent years, the increase in civilian exposure to cyberattacks has been accompanied by heightened demands for governments to introduce comprehensive cybersecurity policies. These demands peaked in the aftermath of the 2021 Colonial Pipeline and SolarWinds cyberattacks, where the US government's lack of access to cybersecurity information in critical industries wrought havoc on the country's national and economic security. In the aftermath of these attacks, lawmakers and the public exhibited newfound enthusiasm for legislation that would mandate cyberattack reporting by private enterprises—accelerating a regulatory trend that has existed for several years [ 1 ]. In 2020, for example, 40 US states and territories introduced more than 280 cybersecurity related bills and resolutions [ 2 , 3 ]. A similar process has taken place in Europe [ 4 ] and in Israel [ 5 , 6 ].

The public willingness to accept government policies and regulations that limit personal civil liberties and privacy is part of a delicate tradeoff between security and privacy. In some ways, privacy is seen as an adequate cost of enhanced personal and societal security in the face of novel threats. However, the public has grown increasingly sensitive to the importance of online privacy, and is keenly aware of the ethical, political, legal, and rights-based dilemmas that revolve around government monitoring of online activity and communications [ 7 , 8 ].

The debate on digital surveillance centers on how and whether authorities should gain access to encrypted materials, and raise key questions concerning the extent of state interference in civic life, and the protection of civil rights in the context of security. Yet what lies at the heart of this willingness to accept government policies and regulations that limit personal civil liberties and privacy via increasing public demand for government intervention in cybersecurity? Does exposure to different types of cyberattacks lead to heightened support for different types of regulatory policies? And does the public differentiate between interventionist and regulatory forms of cybersecurity policies?

To test these questions, we ran a controlled randomized survey experiment that exposed 1022 Israeli participants to simulated video news reports of lethal and nonlethal cyberattacks. We argue that public support for governmental cybersecurity measures rises as a result of exposure to different forms of cyberattacks, and that perceived threat plays a mediating role in this relationship. More specifically, we propose that exposure to initial media reports about cyberattacks is a key to the exposure effect, since at this time the threat is magnified and the public has minimal information about the identity of the attacker and the type of cyberattack that was conducted. Past events show that in many cases, the public internalizes the details of an attack in its immediate aftermath when media reports are heaviest. While later reports in the days and weeks following an attack will include far more detailed information, the damage by this time has already been done and the public is already scared and alert.

Further to this, we suggest that the literature has erroneously pooled together all cyber regulatory policies under a single banner of cybersecurity. We propose that civilian exposure to different types of cyberattacks leads to increased support for different and specific cybersecurity policies. We therefore differentiate between support for policies that focus on alerting the public in cases of cyberattacks and others that call for oversight of cybersecurity. In examining how exposure to cyberattacks influences support for these specific policy positions, we distinguish between the outcome of cyberattacks—lethal attacks that cause lethal consequences as a first- or second-degree outcome of the attack, versus nonlethal attacks that merely involve financial consequences. This more nuanced breakdown of exposure types and policy options can help officials contend with certain policy debates without the need for a one-size-fits-all policy. For example, reservations expressed by conservative/libertarian scholars who are concerned about government intervention in the commercial marketplace need not disqualify all forms of cybersecurity policy [ 9 ]. Likewise, the reservations of those concerned with individual privacy violations need not lead to the denunciation of all policies [ 10 ].

To ground this analysis of how the public responds following exposure to both lethal and nonlethal cyberattacks, we apply theories associated with the literature on terrorism and political violence. These theories offer sophisticated mechanisms that explain how individual exposure to violence translates into political outcomes—including demands for government intervention and policymaking. This approach is especially applicable in the digital realm as cyberattacks track a middle ground between technological breakthroughs that constitute tactical developments and new strategic weapons [ 11 ]. The consequence of such ambiguity is that civilians who are exposed to digital political threats can only identify the outcomes of the attack—i.e. whether it is a lethal or nonlethal cyberattack—while the motivations and identities of attackers often remain veiled, or at least unsettled. In light of these attributional challenges, and reflecting the fact that the public typically operates in a low-information environment, we refrain from declaring that the cyberattacks that appear in our experimental manipulations are cybercrime, cyberterrorism, cyber-vandalism, or any other type of attack. Rather, we refer to all attacks under the general heading of "cyberattacks," leaving all respondents to react to the attacks in a way that they see as appropriate in light of the severity of the reported outcome.

The most common form of cyberattack is cybercrime. Reports of data breaches resulting from cyberattacks by criminal organizations show a growth of more than threefold between 2011 and 2018 [ 12 ]. In the first half of 2019 alone, the United States Treasury Department announced that there had been 3494 successful cyberattacks against financial institutions resulting in colossal financial losses and the capture of personal information relating to hundreds of millions of people [ 13 ]. Cyberattacks executed by terror organizations are a newer phenomenon, albeit one that has captured the popular imagination. While terror organizations predominantly make use of cyberspace for fundraising, propaganda, and recruitment [ 14 , 15 ], a recent development has been the next-generation capacity of cyber strikes to trigger lethal consequences, be it through first- or second-order effects. 1 We acknowledge that scholars have expressed some skepticism about the likelihood of impending destructive cyberterror incidents [ 16–18 ], yet national security officials have regularly predicted that lethal cyberattacks pose a "critical threat" [ 19 ]. In the last decade, the nature of this threat has evolved from the earlier depictions of an apocalyptic cyber "pearl harbor" that would ravage modern society from the shadows [ 20 ], to a more nuanced understanding that cyberattacks, while still posing a threat to critical infrastructure, are more likely to manifest through targeted strikes. For example, in April 2020, Israel narrowly averted a cyberattack targeting civilian water networks that would have killed scores of civilians by adding chlorine to the water supply [ 19 ]. Other physically destructive cyberattacks have caused explosive damage to critical infrastructure [ 21 ], while researchers have experimentally verified the ability of malicious digital actors to hack pacemakers and insulin pumps [ 22 ]. While the lethal stature of cyberattacks is still developing, these incidents establish the bona fides of this impending threat and the importance of understanding how the public responds to this type of event.

The discussion that follows has four parts. We begin by examining the theory of how exposure to violence translates into policy preferences, with a particular focus on the mediating role of threat perception. Second, we discuss the design of our controlled, randomized experiment that exposes participants to television news reports of lethal and nonlethal cyberattacks. Third, we present our main results and consider various mediation models that pertain to the different regulatory subsets. We conclude by discussing the implications of our findings for the study of cybersecurity and cyber threats more generally.

Civilians who are exposed to political violence often suffer from feelings of trauma, anxiety, and helplessness in the face of threatening external forces [ 23–25 ]. These emotional responses—whether caused by acts of cyber or conventional violence—are known to cause shifts in political attitudes. Research has shown how exposure to conventional terrorism, which targets civilians and disrupts their daily routines, has an impact on individuals’ support for attitudes toward peace and compromise with the other [ 26 ], political conservatism [ 27 ], exclusionism [ 28 ] and intragroup relations [ 29 ].

Despite the sizeable literature dealing with the effects of exposure to violence, few studies directly investigate the effects of exposure to destructive cyberattacks. This is despite the growing recognition that these threats have become a very tangible part of modern life. In a complex scenario described in the Tallinn Manual 2.0 on the International Law Applicable to Cyber Warfare, the authors contemplated how new forms of cyberattacks could be used to “acquire the credentials necessary to access the industrial control system of a nuclear power plant… with the intent of threatening to conduct cyber operations against the system in a manner that will cause significant damage or death…” [ 30 ]. Even more recently, reports have acknowledged how cyberterror attacks could immobilize a country's or region's electrical infrastructure [ 31 ], disable military defense systems [ 32 ], and even imperil nuclear stability [ 33 ]. While there is a difference between capability and intent, and we acknowledge that physically destructive cyber threats have remained scarce until now, understanding how civilians respond to such digital cyberattacks will become particularly important as the threat matures.

Studies that directly investigated exposure to digital political violence found that exposure had significant effects on political behavior and attitudes, akin to exposure to conventional political violence [ 34 , 35 ]. In a series of exploratory studies regarding the phenomena of cyberterrorism, Gross et al . [ 34 , 36 ] sought to empirically measure the effects of exposure to cyberterrorism under controlled experimental conditions. Their key finding was that exposure to cyberterrorism was severe enough to generate significant negative emotions and cognitive reactions (threat perceptions) at equivalent levels to those of conventional terror acts. Canetti et al . [ 37 ] found that victims of cyberattacks react by demanding government protection, with psychological distress explaining the relationship between exposure and the demand for government intervention. In a subsequent biologically focused experiment, Canetti et al . measured cortisol levels to show how participants who are exposed to cyberterror attacks and experience higher levels of stress are more likely to support hardline retaliatory policies [ 38 ].

Building on this foundation, other research has sought to refine a more precise psycho-political mechanism that understands how cyberattacks trigger shifts in political attitudes. Research by Shandler et al . [ 39 , 40 ], e.g. found that only lethal cyberattacks cause political consequences akin to conventional political violence, and that only the emotion of anger explained these shifts.

In the current paper, we aim to add to this emerging body of research by examining the topic of cybersecurity preferences in the aftermath of lethal and nonlethal cyberattacks. While one past study by Cheung-Blunden et al . [ 41 ] examined how emotional responses to cyber incidents sway cybersecurity preferences, no research has yet attempted to analyze how different types of cyberattacks affect different kinds of cybersecurity policies. As such, we add much needed nuance to the literature.

For the purpose of considering the effects of exposure to cyberattacks, this research focuses on the "outcome" of a cyberattack rather than the "identity" of the perpetrator or the "classification" of the attack. This is necessary for several reasons that relate to the specific characteristics of cyberspace. First, as introduced above, a new class of cyberattack exemplified by the ransomware epidemic has exhibited characteristics of both cybercrime and cyberterror operations, impeding the classification of cyber incidents into simple categories. Second, attribution in cyberspace is fraught with difficulty, and an age of manipulated information complicates the determination of provenance [ 42–44 ]. Sophisticated cyber operatives working from anywhere in the world can exploit the principle of anonymity that underlies the Internet infrastructure to hide their identity. Though authorities would be able to quickly identify the identity of an attacker behind any major cyberattack [ 42 ], this is essentially impossible for members of the public who are confronted with both structural and technical obstacles that prevent them from rendering an objective judgement about the attack source. This reality of publicly obscured cyber antagonists can be viewed in the timelines of several famous cyber incidents. It took between six months and three years for authorities and private actors to publicly reveal the actors behind the 2017 WannaCry attacks, the 2016 cyber intrusion into the Democratic National Committee's networks, and the 2016 cyberattack against the Bowman Dam in New York [ 45–47 ]. While each of these incidents were eventually attributed to an attack source, and the authorities may well have known the identity of the attacker from an early date, we can see that from the perspective of the public, there was a time lag of several months or years before a name was attached to any attack. Third, state involvement in cyberattacks—either as a direct attacker or via proxies—can add substantial background noise to the perception of an attack, raising the specter of interstate war. There is an interesting debate in the literature about whether states may be deemed capable of conducting cyberterrorism—or whether this is a label that can only be applied to nonstate actors. While the literature is still unsettled on this point, Macdonald, Jarvis and Nouri [ 48 ] found considerable expert support for the proposition that states can engage in cyberterrorism.

It is for these reasons that we choose to follow the lead of the scholars who are beginning to evaluate responses to cyber threats through the prism that is most readily available for the public—specifically, the outcome variable, or in other words, the lethality of the attack [ 33 ]. This focus on outcome rather than attacker is necessary in order to understand the factors that prompt emotional and political responses in the public. While these information asymmetries explain our focus on the outcome of the attack rather than the identity of the attacker, we acknowledge that the people draw inferences about the identity and motivations of attackers based on prior experiences and political orientation [ 49 ]. Liberman and Skitka's vicarious retribution theory [ 50 , 51 ] demonstrates how the public may impute responsibility to unrelated or symbolically related offenders when the identity of an attacker is unclear. Nonetheless, maintaining the highest standards of ecological validity demands that attribution and attack categorization is absent in initial public reports of cyber incidents.

Under this framework, we hypothesize that:

Hypothesis 1: Exposure to (i) lethal or (ii) nonlethal cyberattacks will lead to greater support for adopting cybersecurity policies compared with people who were not exposed to any cyberattack. In other words, exposure to cyberattacks—lethal (LC) or nonlethal (NLC)—will increase support for adopting cybersecurity policies, as compared with a control group.

Hypothesis 2: People who are exposed to lethal cyberattacks (LC) will exhibit to higher support for adopting cybersecurity policies than people who are exposed to nonlethal cyberattacks (NLC).

Civilians are notoriously weak at accurately assessing security threats—a fact that is amplified in the cyber realm due to low cybersecurity knowledge, general cognitive biases in calculating risk, and the distortion of cyber risks by the media, which focuses predominantly on spectacular yet low-likelihood attacks [ 52–54 ]. Perceived risk is partly reliant on the scope of the attack to which people are exposed. Victims of cybercrimes (identity theft and cyber bullying) report moderate or severe emotional distress such as anger, fear, anxiety, mistrust, and loss of confidence [ 55 ]. The effects of conventional terrorism include post-traumatic stress, depression, and anticipatory anxiety [ 56 , 29 ]. In both of these cases, threat perception is a common predictor of political attitudes and behavior. Indeed, the best predictor of hostile out-group attitudes is the perceived threat that out-group members will harm members of the in-group, whether physically, economically or symbolically [ 28 , 57 , 58 ]. In many of the studies cited above, threat perception was found to mediate the relationship between exposure to violence and support for harsh or restrictive policies, especially in conflict-related contexts [ 27 ]. Extending this empirical and theoretical evidence to digital political violence suggests that individuals are likely to respond similarly to cyber threats by supporting strong cybersecurity policies through the interceding influence of heightened threat perception.

A set of early studies compared the level of threat evoked by exposure to different forms of cyber threats, identifying key differences in the how cybercrime and cyberterrorism influenced attitudes toward government policy [ 34 , 36 ]. These studies concluded that direct exposure to cyberterrorism had no effect on support for hardline cybersecurity policies (increased digital surveillance, the introduction of intrusive new regulations), but threat perceptions relating to cyberterrorism successfully predicted support for these policies. Recognizing therefore that threat perception plays a central role in understanding the response to cyberattacks, we predict that

Hypothesis 3: Cyber threat perception will mediate the relationship between individual exposure to cyberattacks and support for cybersecurity policies.

To test our hypotheses, we conducted a controlled survey experiment that exposed respondents to simulated news reports about major cyberattacks. The experimental manipulation relied on professionally produced original video clips that broadcast feature news reports. The lethal treatment group viewed a feature report discussing several lethal cyberattacks that had taken place against Israeli targets, while the nonlethal treatment group broadcast a collection of stories pertaining to nonlethal cyber incidents (see below for additional details about each manipulation). The control group did not watch any news report.

We utilized the medium of video news reports for our experimental manipulation since experiments in recent years have shown how broadcast videos and media reports of major attacks arouse strong emotions among viewers, which in turn trigger reevaluations of policy positions and political attitudes related to issues of security [ 35 , 59 , 60 ]. The rationale behind these finding can be partly explained by Terror Management Theory, which explains how even indirect exposure to violent acts triggers potent emotional reactions as people confront threats to their mortality [ 61 , 62 ]. Just as importantly, news reports are a key avenue by which the public learns about major security incidents, and so this method maintains its ecological validity. Each of the groups completed a pre- and post-survey, answering a series of questions about their attitudes to cybersecurity along with relevant sociodemographic information.

Each of the television news reports was presented as an authentic feature story that appeared on Israeli channel 1 television station. The news reports described the global scale of cyber threats facing the public (i.e. two million malicious web sites launch each month and 60 000 new malware programs appear every day at an annual cost to the global economy of 500 billion dollars). The clips were screened in a feature format using on-camera interviews, voiceover and film footage to describe various cyberattacks. To increase the authenticity of the experience, the reports included interviews with well-known Israeli security experts. To mimic the challenges of cyber attribution, the perpetrators of the attacks described in the videos were not identified and were neutrally referred to as cyber operatives. Each video lasted approximately 3 min.

Lethal Cyber Condition—The television news report described various cyberattacks with lethal consequences that had targeted Israel during the previous years. For example, in one of the featured stories, an attack was revealed to have targeted the servers controlling Israel's electric power grid, cutting off electricity to a hospital and causing deaths. In another story, cyber operatives were said to have attacked a military navigation system, altering the course of a missile so that it killed three Israeli soldiers. A third story concerned the use of malware to infect the pacemaker of the Israeli Defense Minister, and a fourth involved the failure of an emergency call to 10 000 military reserve soldiers due to a cyberattack in which foreign agents changed the last digit of the soldiers’ telephone numbers in the military database. The video's interviews with well-known figures from Israel's security sector emphasized the life-threatening danger posed by cyberattacks.

Nonlethal Cyber Condition—The television news report revealed various nonlethal cyberattacks that had targeted Israel during recent years. For example, the broadcast explained how mobile phone users are made vulnerable to attackers by installing new games and applications, potentially introducing malware that can later access data like personal messages or financial details. Another example concerned the dangers posed by the Internet of Things and featured a story in which all the major credit cards companies suspended their customer support after hundreds of thousands of citizens were fraudulently charged for food purchases by their smart refrigerators. The Israeli experts in this video emphasized the potential financial damage from cyberattacks.

Participants

The online survey experiment was administered in Israel during September 2015 via the Midgam Survey Panel. One thousand twenty-two participants were randomly assigned to the three groups (lethal condition: N = 387; nonlethal condition: N = 374; control group: N = 361). The experimental sample represents a random cross-section of the Jewish Israeli population. The sample is largely representative of the wider population, and balance checks reveal that the treatment distribution is acceptable. We note that due to data collection constraints, the sample does not include ultra-orthodox (religious) respondents due to difficulties in accessing this subgroup through online methods. The mean age of the participants was 41 (SD = 14.81), and gender distribution of 49.96% male and 50.04% female. With respect to political orientation, 44.35% of the sample define themself as right-wing ( N = 452), 38.28% themselves as centrist ( N = 390), and 17.37% as left-wing ( N = 177) (this reflects the right-wing slant of the Israeli population that has been apparent in recent elections). The distribution of education and income levels was similar across the three groups (Education: F(2, 1120) = 0.20, P < 0.82; Income: F(2, 1045) = 0.63, P < 0.53). Sociodemographic characteristics of the participants are presented in Appendix A (Supporting Information), together with experimental balance checks.

The experiment incorporated three primary variables: the predictor variable (exposure to cyberattacks), the dependent variable (support for cybersecurity policies), and the mediator variable (threat perception). Sociodemographic measures were also collected.

Predictor variable—exposure to cyberattacks

Exposure to cyberattacks was operationalized by random assignment to one of the three experimental treatments described above—lethal cyberattacks/nonlethal cyberattacks/control condition.

Dependent variable: support for cybersecurity policies

Support for cybersecurity policies was examined using twelve questions taken from two scales developed by McCallister and Graves [ 63 , 64 ]. After separating out one item that reflected a unique form of cybersecurity policy, the remaining items were subjected to a principal component analysis (PCA), which highlighted different aspects of cybersecurity policy. Our criteria for the factor dimension extraction was an eigenvalue greater than one for number of dimensions, and factor loading greater than 0.35, for dimension assignment. We applied the PCA extraction method with the Varimax rotation to construct orthogonal factors [ 65 ]. This procedure gave rise to two clearly distinguishable cyber policy dimensions. Following this process, we combined the two remaining items that were excluded due to poor loadings (loading < 0.35) to create a third policy dimension with a high correlation between the items ( r = 0.617, P < 0.001) (see Appendix B in the Supporting Information for the PCA and complete list of the items used to construct each scale). The final three measures of cybersecurity policies reflected the breadth of available policy options, which emphasized different levels of government intervention and oversight strategies. The first of these is cybersecurity prevention policy (CPP); the second is cybersecurity alert policy (CAP); and the third is cybersecurity oversight policy (COP).

The cybersecurity prevention policy dimension (CPP) captures the idea that the state should mandate commercial companies to implement minimum levels of cybersecurity to prevent damage. Respondents were asked questions such as: “should the state compel business owners to protect themselves against cyberattacks?” Cronbach's α was within an acceptable range at 0.720.

The cybersecurity oversight policy dimension (COP) refers to the notion that the state should directly intervene to offer cyber protection to its citizens and businesses. Relevant questions for this dimension included “should the state protect its citizens from cyberattacks?” Cronbach's α was within an acceptable range at 0.737.

The cybersecurity alert policy dimension (CAP) relates to the state's presumed responsibility to ensure citizens are alerted when a hack of a cyberattack is discovered. For example, a related question would ask: “should the state alert citizens after a successful attack on critical infrastructure?” As opposed to the prevention policy dimension that relates to measures that must be taken before a cyberattack, the alert policy focuses on the measures to be taken after an attack. Cronbach's α was slightly below acceptable range at 0.632. All questions were measured on a scale ranging from 1 (“completely disagree”) to 6 (“completely agree”).

Mediator: perceptions of cybersecurity threats

Threat perception pertaining to cyber threats was gauged using a five-item scale based on studies conducted in the United States [ 66 ]. Respondents were asked how concerned they feel about the possibility of an actual threat to their security. Respondents answered questions including: “To what extent does the idea of a cyberattack on Israel affect your sense of personal security?” and “To what extent does a cyberattack on Israel threaten the country's critical infrastructure?,” and the answers ranged from 1 (“not at all”) to 6 (“to a very great degree”). The internal consistency of this measure was very high (Alpha = 0.913).

Control variables

Control variables collected included political ideology (assessed through a self-reported five-point scale ranging from 1 [very conservative] to 5 [very liberal]), age, gender, marital status, religiosity, education, and income.

We also measured and controlled for participants’ past exposure to cyberattacks. To measure this variable, we adapted a four-item scale used to measure exposure to terrorism and political violence [ 67 , 35 ]. Items included questions that asked the extent to which the respondents, their friends and their family had ever suffered harm or loss from a cyberattack. Similarly to past studies, we did not calculate the internal reliability for past exposure, given that one type of exposure does not necessarily portend another type.

Preliminary analyses

We begin our analysis by testing the variance between the treatment groups regarding attitudes toward cybersecurity policies, to establish that the experimental conditions produce at least minimal levels of differences in the dependent variables. Hence, we conducted a one-way univariate analysis of variance (ANOVA), in which the different cyber policies were the dependent variables. The results indicated differences between the three groups in support for policies regarding cybersecurity alerts (CAP: F(2, 1020) = 4.61, P < 0.010). No differences between groups were found in support for cybersecurity prevention policy or cybersecurity oversight policy (CPP: F(2, 1020) = 1.35, P < 0.259; COP: F(2, 1020) = 0.94, P < 0.39). We followed the CAP ANOVA analysis with pairwise comparisons using Bonferroni corrections, which revealed that the highest level of support for cybersecurity alerts was expressed by the group exposed to lethal cyberattacks on average, while the other two groups showed lower levels of support for this policy. These results support the conclusion that the differences in cybersecurity policy preferences between the three groups derive from the video stimulus, and not from differences in participants’ sociodemographic characteristics (see Appendix C in the Supporting Information for means and standard deviations of study variables, in all three manipulation groups).

In addition, we tested group differences regarding threat perceptions and found significant differences in threat perceptions between the three groups (F(2, 1020) = 21.68, P < 0.001). The follow up pairwise comparisons with Bonferroni corrections, revealed that participants in both experimental groups (LC and NLC) expressed higher levels of threat perceptions in comparison to participants in the control group. These analyses provide sufficient preliminary support to conduct more complex analyses that integrate multiple effects in this triangle of exposure to cyberattacks, cyber threat perception, and support for cybersecurity policies.

Mediation analysis

To test hypothesis 3, we ran a path analysis model, i.e. a structural equation modeling with observed indicators only. In this model, the exposure was divided into lethal vs control and nonlethal vs control. More specifically, with regard to the mediation effect, the model structure included two pathways from the experimental conditions to support for cybersecurity policies: From the lethal vs control, and from nonlethal vs control through threat perceptions. The latter variable was expected to mediate the effect condition effects on cyber policy positions as proposed in the theory section.

In order to further investigate the mediation mechanism, we constructed an integrative path analysis model [ 53 ]. Running this model enables us to identify direct and indirect effects among all the study variables. We provide modeling results in the following Table 1 and an illustration of the path analysis model in Fig. 1 .

Empirical model results—direct effects of exposure to lethal and nonlethal attack groups vs control group. * P < 0.05, ** P < 0.01, *** P < 0.001.

Path: analysis direct effects, standardized estimates

.	Threat (M) .	CAP (Y ) .	COP (Y ) .	CPP (Y ) .
.	Beta (S.E.) [95% CI] .	Beta (S.E.) [95% CI] .	Beta (S.E.) [95% CI] .	Beta (S.E.) [95% CI] .

		0.058***(0.035)[0.088, 0.262]	0.249***(0.030) [0.151, 0.275]	0.273*** (0.032)[0.193, 0.335]
)
	0.163***(0.034)[0.077, 0.221]	–0.070*(0.036)[–0.164, –0.012]	–0.073*(0.036)[–0.168, –0.017]	–0.043(0.037)[0.030, 0.077]
)
	0.207***(0.033)[0.123, 0.258]	–0.140***(0.035)[–0.230, –0.080]	–0.024(0.034)[–0.105, 0.035]	–0.015(0.035)[–0.101, 0.046]

	0.109***(0.031)[0.028, 0.164]	–0.012(0.030)[–0.088, 0.036]	–0.005(0.030)[–0.083, 0.035]	0.016(0.030)[–0.063, 0.064]

	0.200***(0.030)[0.125, 0.254]	0.072*(0.032)[–0.011, 0.126]	0.010(0.031)[–0.070, 0.060]	0.050(0.031)[–0.030, 0.095]

	0.034 (0.031)[–0.051, 0.085]	–0.044(0.036)[–0.137, 0.013]	0.088**(0.031)[0.004, 0.137]	0.015(0.033)[–0.075, 0.066]

	–0.049 (0.032)[–0.131, 0.097]	–0.028(032)[–0.124, –0.028]	–0.027(0.031)[–0.104, 0.022]	–0.033(0.033)[–0.117, 0.017]

	0.035 (0.033)[–0.045, 0.097]	0.050(0.032)[–0.025, 0.106]	0.027(0.033)[–0.063, 0.082]	–0.040(0.033)[–0.127, 0.024]

	0.093***(0.017)	0.047***(0.014)	0.074***(0.015)	0.087***(0.018)

.	Threat (M) .	CAP (Y ) .	COP (Y ) .	CPP (Y ) .
.	Beta (S.E.) [95% CI] .	Beta (S.E.) [95% CI] .	Beta (S.E.) [95% CI] .	Beta (S.E.) [95% CI] .

		0.058***(0.035)[0.088, 0.262]	0.249***(0.030) [0.151, 0.275]	0.273*** (0.032)[0.193, 0.335]
)
	0.163***(0.034)[0.077, 0.221]	–0.070*(0.036)[–0.164, –0.012]	–0.073*(0.036)[–0.168, –0.017]	–0.043(0.037)[0.030, 0.077]
)
	0.207***(0.033)[0.123, 0.258]	–0.140***(0.035)[–0.230, –0.080]	–0.024(0.034)[–0.105, 0.035]	–0.015(0.035)[–0.101, 0.046]

	0.109***(0.031)[0.028, 0.164]	–0.012(0.030)[–0.088, 0.036]	–0.005(0.030)[–0.083, 0.035]	0.016(0.030)[–0.063, 0.064]

	0.200***(0.030)[0.125, 0.254]	0.072*(0.032)[–0.011, 0.126]	0.010(0.031)[–0.070, 0.060]	0.050(0.031)[–0.030, 0.095]

	0.034 (0.031)[–0.051, 0.085]	–0.044(0.036)[–0.137, 0.013]	0.088**(0.031)[0.004, 0.137]	0.015(0.033)[–0.075, 0.066]

	–0.049 (0.032)[–0.131, 0.097]	–0.028(032)[–0.124, –0.028]	–0.027(0.031)[–0.104, 0.022]	–0.033(0.033)[–0.117, 0.017]

	0.035 (0.033)[–0.045, 0.097]	0.050(0.032)[–0.025, 0.106]	0.027(0.033)[–0.063, 0.082]	–0.040(0.033)[–0.127, 0.024]

	0.093***(0.017)	0.047***(0.014)	0.074***(0.015)	0.087***(0.018)

Standard error in parentheses; * P < 0.05, ** P < 0.01, *** P < 0.001. NLC = non-ethal cyberattack; LC = lethal cyberattack.

Direct effects

Table 1 presents the results of the standardized estimates (beta coefficients) of each experimental group vis-à-vis the control group (i.e. NLC vs control, and LC vs control), perceptions of threat, past exposure to cyberattacks and socio demographic variables—gender, religiosity, education and political ideology—with the three dimensions of cybersecurity policies as the dependent variables. In the pairwise comparison of the experimental groups, which compares the lethal and nonlethal conditions to the control group, we find a larger direct effect in the LC (lethal) group compared with the NLC (nonlethal) group in predicting support for CAP.

A follow-up that compared the two regression weights further confirmed the stronger relative effect of the lethal exposure over the nonlethal exposure (H 2 : NLC-LC = −0.21 (0.10), P = 0.047). This demonstrates support for our second hypothesis. People who were exposed to lethal cyberattacks tended to support cybersecurity policies that compel the government and security forces to alert citizens if they have evidence of citizens’ computers being hacked or if an act cyberattack is discovered (CAP) at higher levels than people who were exposed to nonlethal/economic cyberattacks compared with people in the control group.

Interestingly, this trend was reversed for the oversight policies (COP) form of cybersecurity regulation. Here, we identified a significant direct effect wherein exposure to nonlethal cyberattacks led to support for oversight policies (COP) at higher levels than respondents who were exposed to the lethal cyberattacks manipulation or the control group. However, the difference between the two treatment conditions was not significant (NLC-LC = 0.11(0.08), P = 0.16). This indicates that exposure to any kind of cyberattack, lethal or nonlethal, predicts greater support for oversight regulation policies (COP) to the same extent. No direct effect was found between exposure to cyberattacks and support for prevention regulation policies (CPP). By breaking apart this analysis into different dimensions of cybersecurity polices our results reveal how exposure to different forms of cyberattacks contribute to support for distinct types of policy that emphasize oversight or intervention.

Most importantly, results indicate a significant direct effect of threat perceptions on all three dimensions of cybersecurity policy and higher levels of threat perception in the lethal cyber manipulation group compared with the nonlethal cyber manipulation group and the control group.

Mediating effects

Table 2 presents the indirect effects of each of the two treatment conditions in comparison to the control group for the three dimensions of cybersecurity policies—with threat perception as a mediator. The indirect effects are pathways from the independent variable to the policy variables through threat perceptions. In the path analysis model, each dependent variable, i.e. support for particular cybersecurity policies, could have two potential paths, one from the nonlethal condition and the one from the lethal condition. Altogether, six mediation pathways were tested. These indirect outcomes are illustrated in Fig. 1 . In the LC group we see a complete mediation effect of threat perceptions and no significant direct effect of exposure on COP support. This means that for those participants who were exposed to the lethal condition, the actual exposure was not as strong a predictor of policy support as the threat perception associated with the attacks.

Path: analysis mediation effects, standardized estimates

.	Independent .	Mediation .	Outcome .	Indirect effect (coefficient; S.E. [95% CI]) .

Mediation 1	NLC/Control (X )	Threat	CAP	0.026***; 0.008 [0.010, 0.042]
Mediation 2	LC/Control (X )	Threat	CAP	0.033***; 0.009 [0.015, 0.050]

Mediation 3	NLC/Control (X )	Threat	COP	0.041***; 0.010 [0.020, 0.060]
Mediation 4	LC/Control (X )	Threat	COP	0.052***; 0.011 [0.028, 0.071]

Mediation 5	NLC/Control (X )	Threat	CPP	0.045***; 0.011 [0.021. 0.066]
Mediation 6	LC/Control (X )	Threat	CPP	0.056***; 0.011 [0.030, 0.077]

.	Independent .	Mediation .	Outcome .	Indirect effect (coefficient; S.E. [95% CI]) .

Mediation 1	NLC/Control (X )	Threat	CAP	0.026***; 0.008 [0.010, 0.042]
Mediation 2	LC/Control (X )	Threat	CAP	0.033***; 0.009 [0.015, 0.050]

Mediation 3	NLC/Control (X )	Threat	COP	0.041***; 0.010 [0.020, 0.060]
Mediation 4	LC/Control (X )	Threat	COP	0.052***; 0.011 [0.028, 0.071]

Mediation 5	NLC/Control (X )	Threat	CPP	0.045***; 0.011 [0.021. 0.066]
Mediation 6	LC/Control (X )	Threat	CPP	0.056***; 0.011 [0.030, 0.077]

Standard error in parentheses; * P < 0.05, ** P < 0.01, *** P < 0.001. In squared brackets 95% confidence interval with bias correction bootstrapping ( n = 2000).

In our models predicting CAP, we see a partial mediation effect for both treatment groups, in addition to the direct effect that we described above. We see a larger indirect effect in the LC group than in the NLC group and this was confirmed by a test of difference. This indicates that people who were exposed to lethal cyberattacks reported higher levels of cyber threat perception as compared with people who were exposed to the nonlethal condition, and this heightened threat perception in turn led to more support for various cybersecurity polices.

Support for CAP (i.e. cybersecurity policies whereby the government or relevant organizations are expected to alert citizens if they have evidence of citizens’ computers being hacked or an act of cyberattack being detected) was predicted both by a direct effect of level of exposure to cyberattacks (NLC, LC) and by the mediation of threat perceptions.

Yet our models predicting support for oversight polices (COP) showed a different picture. In the NLC group we see a partial mediation of threat perceptions in addition to the direct effect that we found in the models shown in Table 2 . Support for COP (i.e. cybersecurity policies whereby the state should protect the country, organizations, and citizens from cyberattacks through direct government action) was predicted by a direct effect of NLC exposure and by the mediation of threat perceptions in both LC and NLC groups. In the LC group versus the control group, support of COP was predicted only through the mediation perceptions of threat. These results support our third hypothesis regarding the mediating role played by threat perception in predicting COP.

Our models predicting support for prevention policies (CPP) showed a complete mediation effect of threat perception in both experimental treatment groups. No direct effect of exposure on CPP was found, indicating that the mediating mechanism is the best predictor for CPP. Support for CPP (i.e. cybersecurity policies whereby the state compels commercial enterprises to install minimum thresholds of cybersecurity) was predicted by the indirect effect of threat perception.

These results emphasize the central role played by threat perception in predicting support for adopting stringent cybersecurity policies. What is especially noteworthy is that threat perception overrides past experience as the full mediation models indicate. For example, we found that when people are exposed to destructive cyberattacks, the level of perceived threat predicted support for adopting cybersecurity policies that required the state to protect citizens and organizations (COP). Similarly, we found that when it comes to predicting support for prevention policies—threat is the driving force.

In order to complement the indirect effect analyses and test the relative strength of the mediation pathways, we contrasted the indirect effects of the various groups on each policy option. According to the outcome estimates in Table 2 , model 3 has a significantly larger mediation effect compared with model 1 (difference = –0.014; 0.024 P < 0.001) 2 , which indicates that within the NLC group, the mediation model is a stronger predictor of support for COP than CAP. In other words, participants who were exposed to the nonlethal condition were more likely to support oversight polices than alert policies.

Our findings draw on an experimental design that suggests that exposure to different types of cyberattacks intensifies perceptions of cyber threats and shifts political attitudes in support of stringent cybersecurity policies. We find that exposure to lethal cyberattacks affects individual-level political behavior in a manner akin to conventional terrorism [ 68–71 ]. This research was motivated by a desire to better understand what drives individuals to support strong or hardline cybersecurity policies, using Israel as a case study. The findings contribute to this research direction in a number of important ways.

First, exposure to lethal cyberattacks heightens perceptions of cyber threat to a greater degree than nonlethal/economic cyberattacks. Second, as a result of exposure to cyberattacks, respondents were willing to forfeit civil liberties and privacy in exchange for more security. Like conventional terrorism, cyberattacks with lethal consequences harden political attitudes, as individuals tend to support more government oversight, greater regulation of cybersecurity among commercial businesses, and the implementation of strategies to increase public awareness following cyberattacks. Third, our data suggest that in some cases the mere exposure to cyberattack, either lethal or nonlethal, affects the level of support for specific types of cybersecurity polices (stronger support of cybersecurity alert policies among participants in the lethal cyberattack manipulation, and stronger support of cybersecurity oversight policy among participants in the nonlethal cyberattack treatment group). In other cases, threat perception, rather than the exposure to the cyber-events themselves, drive the cognitive effects of cyberattacks on attitudes toward policy (A strong support for COP among the LC group was predicted only through the mediating role of threat perception, and support of CPP, in both manipulation groups was predicted only through a mediated pathway). Finally, we observed differences in the way our mediation model works in relation to different cybersecurity policies. The mediation model for the nonlethal condition group participants predicted greater support for cybersecurity policies focusing on oversight rather than policies focusing on alerting the public.

Our study examined public support for three distinct types of cybersecurity policies that we described as prevention policies, alert policies, and oversight policies. Each of these play a role in securing cyberspace, where the uncertainty regarding the form and nature of potential threats calls for a varied array of preventive actions [ 36 , 37 ]. Each of these policies raises questions about the delicate balancing act between privacy and security demands. In reality, policy approaches are likely to combine several of these elements—yet it behooves us to first consider each of them independently since very little is known about the public knowledge and familiarity with different cybersecurity policies. While preliminary research has looked at public support for cybersecurity preferences in general [ 41 ], these have yet to consider the varied approaches to cybersecurity. To that end, in the current paper we tried to simplify the different cybersecurity polices as much as possible based on real-world policies.

Overall, the study provides evidence that exposure to cyberattacks predicts support for cybersecurity policies through the mediating effect of threat perception. Yet our discovery of differential effects depending on the type of cybersecurity policy being proposed adds a new level of nuance that should be probed further in subsequent studies. More so, results indicate that the public worry and concern in the aftermath of cyberattacks leads directly to calls for governmental intervention. This information sheds light on public opinion processes and helps inform our understanding how individuals will likely respond to new cyber threats. It may also help policymakers understand the complex emotions and cognitions evoked by attacks, which can improve policy formulations that respond to the needs of the public.

Future studies should also investigate how fear appeals intervene in this mechanism, and how to motivate people to take cyber threats more seriously in a way that leads to positive behavioral change.

Participants who were exposed to the lethal manipulation supported cybersecurity policies that focus on alerting the public in cases of cyberattacks more than participants in the two other groups. On the other hand, participants who were exposed to the nonlethal manipulation tended to support cybersecurity policies that call for state oversight of cybersecurity. We found no evidence that any type of exposure has a direct effect on support for polices mandating minimum thresholds of cybersecurity in the commercial arena.

One possible explanation for these results is that thus far, cyberattacks have caused economic damage, but lethal cyberattacks that vividly resemble terrorism are a significantly rarer phenomenon. Hence, participants who were exposed to lethal terror cyberattacks supported cybersecurity policies that would alert them and keep them informed about impending cyber threats. Policies that focus on oversight are perceived as less important during violent terror attacks. On the other hand, exposure to nonlethal cyberattacks, which are typically focused on economic gain, is more common. The economic damage caused by cyberattacks is estimated to reach $6 trillion by 2021 [ 72 ]. As such, participants in the nonlethal manipulation may have regarded cyberattacks causing economic damage as more likely and therefore supported polices that will bolster digital protections.

We note a key condition about the temporal nature of these findings. In analyzing the effect of exposure to cyberattacks, this study focuses on people's immediate response following exposure to cyber threats. Assessing people's short-term responses is valuable as the responses speak to the direction of the political and psychological effects. Yet what is missing from this picture (and beyond the scope of our research design), is the longevity of the response, which speaks to the strength of the effect. If the measured distress and political outcomes swiftly dissipate, then the policy relevance of our findings comes into question.

The literature is split on the question of the temporal durability of attitudinal shifts in the aftermath of major attacks. There is one school of thought that holds that most political effects stemming from political violence or terrorism are fleeting, and that the public is broadly desensitized to political violence [ 73–75 ]. Yet a second school of thought suggests that exposure to attacks can trigger prolonged effects and lasting shifts in political and psychological attitudes. Brandon & Silke [ 76 ] assert that while the distress triggered by exposure dissipates over time, this is not an instantaneous process. Several longitudinal studies following the Oklahama bombing and 9/11 found lingering harms, with exposed individuals reporting elevated levels of psychological distress and altered political attitudes for months or years following the event [ 77–79 ].

In applying this to the case of cyberattacks, there is insufficient evidence to positively determine the longevity of the political and psychological effects that we identified in our study. We anticipate that the effects will be more than fleeting, since the novelty of cyber threats means that people have yet to undergo any cognitive or emotional desensitization to cyberattacks [ 80 ]. However, we acknowledge that this this position requires further empirical substantiation in future research.

A central conclusion of this study is that the implementation of cybersecurity regulations should take account of public perception of cyber threats and public exposure to cyberattacks. This position challenges two unspoken yet ubiquitous notions in the field of cybersecurity. First, the formulation of cybersecurity policies—in a manner akin to national security and espionage discussions—has typically taken place without public input due to the perception that it is a question best left to experts with engineering or national security expertise [ 81 ]. Scholars argue that this complete abdication of cybersecurity policy to specialists is a profound mistake, since excluding “the general public from any meaningful voice in cyber policymaking removes citizens from democratic governance in an area where our welfare is deeply implicated” [ 82 ]. Functional cybersecurity relies on good practices by the ordinary public, and the failure of cybersecurity awareness campaigns to effectively change behavior may well be linked to the lack of public input in its regulation [ 81 ]. Our findings indicate that growing civilian exposure to cyberattacks leads to more defined attitudes toward specific cybersecurity regulations through the mechanism of heightened threat perception. Governments will increasingly need to engage the public as one of the stakeholders in effecting new cyber regulations.

A second conceptual dilemma about the role of public exposure and opinion has to do with the question of whether cybersecurity is a public good deserving of government investment and regulation at all. Much of the field of cybersecurity is dominated by private enterprise, with government involvement taking place in limited ways. Support for government intervention in the realm of cybersecurity is premised on the astronomical public costs of cybercrime, the threat of cyberterror attacks, and the claim of a market failure in the provision of cybersecurity whose negative externalities in the absence of government involvement would cause substantial national damage [ 83 ]. A prominent counter-school of thought, resting on a belief that the private market is the most efficient system of allocating economic resources, claims that there is no need for government intervention in the cybersecurity market [ 84 ]. These proponents of private sector cybersecurity suggest that the private sector can more effectively achieve cybersecurity outcomes, an assertion that is backed up by the fact that private spending on cybersecurity in 2018 reached USD $96 billion [ 85 ]. This raises the question of how civilian exposure to cyberattacks and the subsequent support for cybersecurity regulation can translate to real outcomes if the market responds to both public and private interests, which take account of public opinion and civilian threat perception in different ways.

Seeing that cyber threats are continuously evolving, there are opportunities to expand and consolidate this research in future studies. In the current article, we focus on the effect of exposure to lethal and nonlethal cyberattacks on support for different types of cybersecurity policies among Israeli participants. Yet despite this singular geographic focus, the results offer lessons that can be applied widely. Like several other Western countries, Israel has been repeatedly exposed to publicly reported cyberattacks on critical infrastructure. And, similarly to American and some European countries, Israel has high levels of Internet penetration and publicly renowned levels of cybersecurity readiness to deal with such attacks. Past studies that examined public perceptions of cyber threats have replicated the findings across multiple countries. Shandler et al . [ 80 ] found that psychological responses to internalized reports of cyberattacks explains support for military retaliation, and that this mechanism applies similarly in Israel, the United States, and England. Though requiring additional research, the evidence suggests that cyber threats operate via an underlying psycho-political mechanism that transcends national borders. In fact, the effects of cyberattacks may prove weaker in Israel than elsewhere as the constant exposure among Israelis to political violence places digital violence in the context of a political struggle that has, in many ways, fixed and acceptable costs [ 34 ]. Therefore, we believe that an Israeli sample offers major advantages in understanding the effects of cyberattacks among other Western nations. Nonetheless, we encourage future studies to corroborate these findings in different settings.

A second area where our findings could benefit from additional research relates to the nature of the media exposure. In this study, we exposed respondents to "initial" media reports about major cyberattacks where there is minimal information pertaining to the identity of the attacker and the type of attack that was conducted. While this in many ways reflects the reality of media reports about cyberattacks, it does not discount that journalists will sometimes make inferences about the details of an attack, and that later reports in the days and weeks following an attack will include far more detailed information. More so, this article bears implications for a wide literature beyond the political violence discipline. The public discussion regarding digital privacy and surveillance has spurred crucial new research on the dynamics of digital insecurity. In communications and media studies, for example, scientists are focusing on information-age warfare via different social media platforms, and early results show that citizens are as active in correcting disinformation online as they are in spreading disinformation [ 86 , 87 ]. The debate in the field of business management is also developing as it focuses on consumer expectations surrounding information technology and big data, as well as on the roles and responsibilities of public and private actors in securing personal data [ 88 , 89 ].

Cyber threats are a critical and growing component of national security. As this threat continues to grow all over the world, both in its public perception and in the true scope of the threat, the need to implement strong cybersecurity regulations will grow as well. Our findings indicate that particular forms of exposure to cyberattacks can contribute to support for various types of cybersecurity legislation and contribute to their public legitimacy. This is especially important since the introduction of these regulations constitutes a sacrifice of civil liberties, a sacrifice that citizens are prone to support only under particular conditions.

Though a DDoS attack, e.g. may not trigger physical casualties, its crippling of emergency services and telecommunications could catastrophically amplify the second- and third-order damage during a physical attack; for more, see Catherine A. Theohary and John W. Rollins, Cyberwarfare and cyberterrorism: In brief (Washington, DC: Congressional Research Service, 2015).

We also see a marginal significant effect between mediation 1 and 5 and 2 and 6. The differences between mediation 1 and mediation 5 show mediation 5 (NLC/control-threat-CPP) has a marginal significant larger mediation effect compared with mediation 1 (NLC/control-threat-CAP) (difference = –0.035; 0.035 P = 0.073). This means that within the NLC group the mediation model predicts stronger predicting CPP than CAP. In other words, participants who were exposed to the nonlethal (NLC) condition were more likely to support CPP than CAP. We saw that the CAP is stronger in the LC group. Another marginal significant effect was found between mediation 2 and mediation 6. The differences between mediation 2 and mediation 6 show mediation 6 (LC/control-threat-CPP) has a marginal significant larger mediation effect compared with mediation 2 (LC/control-threat-CAP) (difference = −0.044; 0.024 P = 0.062). This means that within the LC group the mediation model predicts stronger predicting CPP than CAP. In other words, participants who were exposed to the lethal (LC) condition were more likely to support CPP than CAP. We saw a direct effect of LC on CAP.

Geller E , Matishak M . A federal government left ‘completely blind’ on cyberattacks looks to force reporting . Politico . 2021 . https://www.politico.com/news/2021/05/15/congress-colonial-pipeline-disclosure-488406 (10 August, 2021, date last accessed) .

Google Scholar

Cybersecurity legislation 2020. NCSL . https://www.ncsl.org/research/telecommunications-and-information-technology/cybersecurity-legislation-2020.aspx (17 October 2020, date last accessed).

US state cybersecurity regulation more than doubled in 2017, while federal regulation waned. BusinessWire . https://www.businesswire.com/news/home/20180129005238/en/State-Cybersecurity-Regulation-Doubled-2017-Federal-Regulation (29 January 2018, last accessed) .

Kasper A . EU cybersecurity governance: stakeholders and normative intentions towards integration . In: Harwood M , Moncada S , Pace R (eds). The Future of the European Union: Demisting the Debate . Msida : Institute for European Studies , 2020 , 166 – 85 .

Google Preview

Israel National Cyber Directorate (INCD) . https://www.gov.il/en/departments/about/newabout (1 February 2021, date last accessed) .

Ochoa CS , Gadinger F , Yildiz T . Surveillance under dispute: conceptualizing narrative legitimation politics . Eur J Int Secur . 2021 ; 6 : 210 – 32 ..‏

Flyverbom M , Deibert R , Matten D . The governance of digital technology, big data, and the internet: new roles and responsibilities for business . Bus Soc . 2019 ; 58 : 3 – 19 ..‏

Rosenzweig P . The alarming trend of cybersecurity breaches and failures in the U.S. government . The Heritage Foundation. https://www.heritage.org/defense/report/the-alarming-trend-cybersecurity-breaches-and-failures-the-us-government-continues (17 April 2020, last accessed) .

Lee JK , Chang Y , Kwon HY et al. Reconciliation of privacy with preventive cybersecurity: the bright internet approach . Inf Syst Front . 2020 ; 22 : 45 – 57 .

Nye JS . Nuclear lessons for cyber security? . Strateg Stud Q . 2011 ; 5 : 18 – 38 .

Annual number of data breaches and exposed records in the United States from 2005 to 2018 (in millions) . Statista . https://www.statista.com/statistics/273550/data-breaches-recorded-in-the-united-states-by-number-of-breaches-and-records-exposed (26 February 2019, last accessed) .

For big banks, it's an endless fight with hackers The Business Times , 30 July 2019 . https://www.businesstimes.com.sg/banking-finance/for-big-banks-it%E2%80%99s-an-endless-fight-with-hackers

Nye JS Jr . Cyber Power . Cambridge : Harvard Kennedy School, Belfer Center for Science and International Affairs , 2010 .

Stohl M . Cyber terrorism: a clear and present danger, the sum of all fears, breaking point or patriot games? . Crime Law Soc Change . 2006 ; 46 : 223 – 38 .

Lawson ST . Cybersecurity Discourse in the United States: Cyber-Doom Rhetoric and Beyond . New York : Routledge , 2019 .

Valeriano B , Maness RC . Cyber War Versus Cyber Realities: Cyber Conflict in the International System . New York : Oxford University Press , 2015 .

Lawson S . Beyond cyber-doom: Assessing the limits of hypothetical scenarios in the framing of cyber-threats . J Inf Technol Polit . 2013 ; 10 : 86 – 103 .

Israeli cyber chief: Major attack on water systems thwarted. Washington Post. https://www.washingtonpost.com/world/middle_east/israeli-cyber-chief-major-attack-on-water-systems-thwarted/2020/05/28/5a923fa0-a0b5-11ea-be06-af5514ee0385_story.html (28 May 2020, last accessed) .

Panetta warns of dire threat of cyberattack on U.S. New York Times. (October 11, 2012). https://www.nytimes.com/2012/10/12/world/panetta-warns-of-dire-threat-of-cyberattack.html

Choi SJ , Johnson ME , Lehmann CU . Data breach remediation efforts and their implications for hospital quality . Health Serv Res . 2019 ; 54 : 971 – 80 .

Zetter K . A cyber attack has caused confirmed physical damage for the second time ever . Wired . 2015 . http://www.wired.com/2015/01/german-steel-mill-hack-destruction . (April 2020, date last accessed) .

Hobfoll SE , Canetti-Nisim D , Johnson RJ . Exposure to terrorism, stress-related mental health symptoms, and defensive coping among Jews and Arabs in Israel . J Consult Clin Psychol . 2006 ; 74 : 207 – 18 .

Halperin E , Canetti-Nisim D , Hirsch-Hoefler S . The central role of group-based hatred as an emotional antecedent of political intolerance: Evidence from Israel . Polit Psychol . 2009 ; 30 : 93 – 123 .

Bar-Tal D , Halperin E , de Rivera J . Collective emotions in conflict situations: societal implications . J Soc Issues . 2007 ; 63 : 441 – 60 .

Hirsch-Hoefler S , Canetti D , Rapaport C et al. Conflict will harden your heart: exposure to violence, psychological distress, and peace barriers in Israel and Palestine . Br J Polit Sci . 2016 ; 46 : 845 – 59 .

Bonanno GA , Jost JT . Conservative shift among high-exposure survivors of the September 11th terrorist attacks . Basic Appl Soc Psychol . 2006 ; 28 : 311 – 23 .

Canetti-Nisim D , Ariely G , Halperin E . Life, pocketbook, or culture: the role of perceived security threats in promoting exclusionist political attitudes toward minorities in Israel . Polit Res Q . 2008 ; 61 : 90 – 103 .

Zeitzoff T . Anger, exposure to violence, and intragroup conflict: a “lab in the field” experiment in southern Israel . Polit Psychol . 2014 ; 35 : 309 – 35 .

Schmitt N . Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations . Cambridge : Cambridge University Press , 2017 .

Russian hackers appear to shift focus to U.S. power grid. The New York Times, 27 July 2018 . 2018 ;

Aucsmith D . Disintermediation, Counterinsurgency, and Cyber Defense . 2016 , Available at SSRN 2836100 . doi: 10.1093/cybsec/tyw018 , (10 August, 2021 last accessed) .

Gartzke E , Lindsay JR . Thermonuclear cyberwar . J Cybersecur . 2017 ; 3 : 37 – 48 .

Gross ML , Canetti D , Vashdi DR . Cyberterrorism: its effects on psychological well-being, public confidence and political attitudes . J Cybersecur . 2017 ; 3 : 49 – 58 .

Backhaus S , Gross ML , Waismel-Manor I et al. A cyberterrorism effect? Emotional reactions to lethal attacks on critical infrastructure . Cyberpsychol Behav Soc Netw . 2020 ; 23 : 595 – 603 ..‏

Gross ML , Canetti D , Vashdi DR . The psychological effects of cyber-terrorism . Bull At Sci . 2016 ; 72 : 284 – 91 .

Canetti D , Gross ML , Waismel-Manor I . Immune from cyber-fire? The psychological & physiological effects of cyberwar . In: Allhoff F , Henschke A , Strawser BJ (eds). Binary Bullets: The Ethics of Cyberwarfare . Oxford : Oxford University Press , 2016 , 157 – 76 .

Canetti D , Gross ML , Waismel-Manor I et al. How cyberattacks terrorize: Cortisol and personal insecurity jump in the wake of cyberattacks . Cyberpsychol Behav Soc Netw . 2017 ; 20 : 72 – 7 .

Shandler R , Gross MG , Backhaus S et al. Cyber terrorism and public support for retaliation: a multi-country survey experiment . Br J Polit Sci . 1 – 19 ., 2021 . DOI: 10.1017/S0007123420000812 .

Rosenzweig P . Cybersecurity and public goods, The public/private ‘partnership’ . In: Berkowitz P (ed). Emerging Threats in National Security and Law . Stanford : Hoover Institution, Stanford University , 2011 , 1 – 36 .

Cheung-Blunden V , Cropper K , Panis A et al. Functional divergence of two threat-induced emotions: fear-based versus anxiety-based cybersecurity preferences . Emotion . 2017 ; 19 : 1353 – 65 .

Jardine E , Porter N . Pick your poison: the attribution paradox in cyberwar. 2020 , https://osf.io/preprints/socarxiv/etb72/ .

Rid T , Buchanan B . Attributing cyber attacks . J Strateg Stud . 2015 ; 38 : 4 – 37 .

Clark DD , Landau S . Untangling attribution . Harvard National Secur J . 2011 ; 2 : 323 – 52 .

Alraddadi W , Sarvotham H . A comprehensive analysis of WannaCry: technical analysis, reverse engineering, and motivation . https://docplayer.net/130787668-A-comprehensive-analysis-of-wannacry-technical-analysis-reverse-engineering-and-motivation.html , (17 April 2020, last accessed).

Romanosky S , Boudreaux B . Private-sector attribution of cyber incidents: benefits and risks to the US government . Int J Intell CounterIntelligence . 2020 ; 0 : 1 – 31 .

Baezner M . Iranian cyber-activities in the context of regional rivalries and international tensions . ETH Zurich . 2019 : 1 – 37 .

Macdonald S , Jarvis L , Nouri L . State cyberterrorism: a contradiction in terms? . J Terrorism Res . 2015 ; 6 : 62 – 75 .

Canetti D , Gubler J , Zeitzoff T . Motives don't matter? Motive attribution and counterterrorism policy . Polit Psychol . 2021 ; 42 : 483 – 99 .

Liberman P , Skitka LJ . Revenge in US public support for war against Iraq . Public Opin Q . 2017 ; 81 : 636 – 60 .

Liberman P , Skitka LJ . Vicarious retribution in US public support for war against Iraq . Secur Stud . 2019 ; 28 : 189 – 215 .

Kostyuk N , Wayne C . The microfoundations of state cybersecurity: cyber risk perceptions and the mass public . J Glob Secur Stud . 2021 ; 6 : ogz077 .

Gomez MA . Past behavior and future judgements: seizing and freezing in response to cyber operations . J Cybersecur . 2019 ; 5 : 1 – 19 .

Gomez MA , Villar EB . Fear, uncertainty, and dread: cognitive heuristics and cyber threats . Polit Gov . 2018 ; 6 : 61 – 72 .

Harrell E , Langton L . The Victims of Identity Theft, 2012 . US Department of Justice, Office of Justice Programs, Bureau of Justice Statistics , 2013 . https://www.bjs.gov/content/pub/pdf/vit12.pdf

Sinclair SJ , Antonius D . The Psychology of Terrorism Fears . Oxford : Oxford University Press , 2012 .

Quillian L . Prejudice as a response to perceived group threat: population composition and anti-immigrant and racial prejudice in Europe . Am Sociol Rev . 1995 ; 60 : 586 – 611 .

Ben-Nun Bloom P , Arikan G , Lahav G . The effect of perceived cultural and material threats on ethnic preferences in immigration attitudes . Ethn Racial Stud . 2015 ; 38 : 1760 – 78 .

Shoshani A , Slone M . The drama of media coverage of terrorism: emotional and attitudinal impact on the audience . Stud Confl Terror . 2008 ; 31 : 627 – 40 ..‏

Huddy L , Smirnov O , Snider KL et al. Anger, anxiety, and selective exposure to terrorist violence . J Confl Resolut . 2021 : 00220027211014937 .‏

Greenberg J , Pyszczynski T , Solomon S . The causes and consequences of a need for self-esteem: a terror management theory . In: Public Self and Private Self . New York, NY : Springer , 1986 , ‏ 212 – 189 .

Hall BJ , Hobfoll SE , Canetti D et al. The defensive nature of benefit finding during ongoing terrorism: an examination of a national sample of Israeli Jews . J Soc Clin Psychol . 2009 ; 28 : 993 – 1021 ..‏

Canetti D , Hall BJ , Rapaport C et al. Exposure to political violence and political extremism . Eur Psychol . 2013 ; 18 : 263 – 72 .

McCallister E . Guide to Protecting the Confidentiality of Personally Identifiable Information . Darby : Diane Publishing , 2010 .

Graves J , Acquisti A , Anderson R . Experimental measurement of attitudes regarding cybercrime . In: 13th Annual Workshop on the Economics of Information Security . 2014 ; Pennsylvania State University.‏

Huddy L , Feldman S , Capelos T et al. The consequences of terrorism: disentangling the effects of personal and national threat . Polit Psychol . 2002 ; 23 : 485 – 509 .

Hefetz A , Liberman G . The factor analysis procedure for exploration: a short guide with examples . Cult Educ . 2017 ; 29 : 526 – 62 .

Muthén LK , Muthén BO . MPlus: Statistical Analysis with Latent Variables: User's Guide . Muthén & Muthén , Los Angeles, CA , 2012 .

Galea S , Ahern J , Resnick H et al. Psychological sequelae of the September 11 terrorist attacks in New York City . N Engl J Med . 2002 ; 346 : 982 – 7 .

Canetti-Nisim D , Halperin E , Sharvit K et al. A new stress-based model of political extremism: personal exposure to terrorism, psychological distress, and exclusionist political attitudes . J Confl Res . 2009 ; 53 : 363 – 89 .

Canetti D , Snider KLG , Pedersen A et al. Threatened or threatening? How ideology shapes asylum seekers’ immigration policy attitudes in Israel and Australia . J Refug Stud . 2016 ; 29 : 583 – 606 .

Morgan S . Cybersecurity Ventures predicts cybercrime will cost the world in excess of $6 trillion annually by 2021. Cybercrime Magazine . 2017 ; https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/ (11 May 2020, date last accessed) .

Yakter A , Harsgor L . Long-term change in conflict attitudes: a dynamic approach . ‏ 2021 . http://liran.harsgor.com/wp-content/uploads/2021/07/YakterHarsgor_2021_Long-term-conflict.pdf

Brouard S , Vasilopoulos P , Foucault M . How terrorism affects political attitudes: France in the aftermath of the 2015–2016 attacks . West Eur Polit . 2018 ; 41 : 1073 – 99 .

Castanho Silva B . The (non)impact of the 2015 Paris terrorist attacks on political attitudes . Pers Soc Psychol Bull . 2018 ; 44 : 838 – 50 .

Brandon SE , Silke AP . Near- and long-term psychological effects of exposure to terrorist attacks .‏ In: Bongar B , Brown LM , Beutler LE , al. et (eds). Psychology of Terrorism . Oxford: Oxford University Press 2007 , 175 – 93 .

Pfefferbaum B , Nixon SJ , Krug RS et al. Clinical needs assessment of middle and high school students following the 1995 Oklahoma City bombing . Am J Psychiatry . 1999 ; 156 : 1069 – 74 ..‏

Galea S , Vlahov D , Resnick H et al. Trends of probable post-traumatic stress disorder in New York City after the September 11 terrorist attacks . Am J Epidemiol . 2003 ; 158 : 514 – 24 ..‏

Landau MJ , Solomon S , Greenberg J et al. Deliver us from evil: the effects of mortality salience and reminders of 9/11 on support for President George W. Bush . Pers Soc Psychol Bull . 2004 ; 30 : 1136 – 50 ..‏

Nussio E . Attitudinal and emotional consequences of Islamist terrorism. Evidence from the Berlin attack . Polit Psychol . 2020 ; 41 : 1151 – 71 ..‏

Bada M , Sasse AM , Nurse JRC . Cyber security awareness campaigns: why do they fail to change behaviour? In: International Conference on Cyber Security for Sustainable Society , Global Cyber Security Capacity Centre. 2015 , 1 – 11 .

Shane PM . Cybersecurity policy as if ‘ordinary citizens’ mattered: the case for public participation in cyber policy making . SSRN Electron J . 2012 ; 8 : 433 – 62 .

Shandler R . White paper: Israel as a cyber power . 2019 , DOI: 10.13140/RG.2.2.15936.07681 .

Gartner forecasts worldwide security spending will reach $96 billion in 2018, up 8 percent from 2017. Gartner. https://www.gartner.com/newsroom/id/3836563 (1 August 2019, date last accessed) .

Shandler R , Gross ML , Canetti D . A fragile public preference for using cyber strikes: evidence from survey experiments in the United States, United Kingdom and Israel . Contemp Secur Policy . 2021 ; 42 : 135 – 62 .

Prier J . Commanding the trend: social media as information warfare . Strateg Stud Q . 2017 ; 11 : 50 – 85 ..‏

Golovchenko Y , Hartmann M , Adler-Nissen R . State, media and civil society in the information warfare over Ukraine: citizen curators of digital disinformation . Int Aff . 2018 ; 94 : 975 – 94 ..‏

Belk RW . Extended self in a digital world . J Consum Res . 2013 ; 40 : 477 – 500 .

West SM . Data capitalism: redefining the logics of surveillance and privacy . Bus Soc . 2019 ; 58 : 20 – 41 .

Cahane A . The new Israeli cyber draft bill: a preliminary overview . CSRCL . 2018 . https://csrcl.huji.ac.il/news/new-israeli-cyber-law-draft-bill . (10 August, 2021, date last accessed) .

Supplementary data

Month:	Total Views:
October 2021	1,060
November 2021	1,171
December 2021	742
January 2022	658
February 2022	455
March 2022	444
April 2022	527
May 2022	576
June 2022	512
July 2022	410
August 2022	416
September 2022	556
October 2022	669
November 2022	639
December 2022	443
January 2023	344
February 2023	372
March 2023	482
April 2023	464
May 2023	525
June 2023	375
July 2023	355
August 2023	318
September 2023	658
October 2023	1,190
November 2023	1,584
December 2023	1,169
January 2024	1,232
February 2024	1,266
March 2024	1,357
April 2024	1,519
May 2024	1,447
June 2024	877

Email alerts

Citing articles via, affiliations.

Online ISSN 2057-2093
Print ISSN 2057-2085
Copyright © 2024 Oxford University Press
About Oxford Academic
Publish journals with us
University press partners
What we publish
New features
Open access
Institutional account management
Rights and permissions
Get help with access
Accessibility
Advertising
Media enquiries
Oxford University Press
Oxford Languages
University of Oxford

Oxford University Press is a department of the University of Oxford. It furthers the University's objective of excellence in research, scholarship, and education by publishing worldwide

Copyright © 2024 Oxford University Press
Cookie settings
Cookie policy
Privacy policy
Legal notice

This Feature Is Available To Subscribers Only

This PDF is available to Subscribers Only

For full access to this pdf, sign in to an existing account, or purchase an annual subscription.

Computational techniques to counter terrorism: a systematic survey

Published: 03 June 2023
Volume 83 , pages 1189–1214, ( 2024 )

Cite this article

Jaspal Kaur Saini 1 &
Divya Bansal 2

376 Accesses

2 Citations

Explore all metrics

Terrorist Network Analysis (TNA) is the field of analyzing and defining the scope of terrorism and researching the countermeasures in order to handle exponentially increasing threats due to ever growing terrorist based activities. This field constitutes several sub-domains such as crawling the data about terrorist attacks/groups, classification, behavioral, and predictive analysis. In this paper we present a systematic review of TNA which includes study of different terrorist groups and attack characteristics, use of online social networks, machine learning techniques and data mining tools in order to counter terrorism. Our survey is divided into three sections of TNA: Data Collection, Analysis Approaches and Future Directions. Each section highlights the major research achievements in order to present active use of research methodology to counter terrorism. Furthermore, the metrics used for TNA analysis have been thoroughly studied and identified. The paper has been written with an intent of providing all the necessary background to the researchers who plan to carry out similar studies in this emerging field of TNA. Our contributions to TNA field are with respect to effective utilization of computational techniques of data mining, machine learning, online social networks, and highlighting the research gaps and challenges in various sub domains.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price includes VAT (Russian Federation)

Instant access to the full article PDF.

Rent this article via DeepDyve

Institutional subscriptions

Identifying Prominent Individuals or Groups in Terrorist Network Using Social Network Analysis and Investigative Data Mining

Complex Networks for Terrorist Target Prediction

Social Network Analysis: A Methodology for Studying Terrorism

Abbasi A, Chen H (2005) Analysis to extremist- messages. Intell Syst IEEE 20(5):67–75

Article Google Scholar

Agrawal R, Srikant R (1994) Fast algorithms for mining association rules. Proc 20th int conf very large data bases, VLDB. vol 1215

Allanach J, Tu H, Singh S, Willett P, Pattipati K (2004) Detecting, tracking, and counteracting terrorist networks via hidden markov models. In: IEEE Aerospace Conference, pp 3246–3257

Allister D, Ipung HP, Nugroho SA (2010) Text classification techniques used to faciliate cyber terrorism investigation. In: 2nd International conference on advances in computing, control, and telecommunication technologies

Apollo Social Sensing Toolkit (2020) [Online]. Available: http://apollo2.cs.illinois.edu/index.html

Archetti F, Djordjevic D, Giordani I, Sormani R, Tisato F (2014) A reasoning approach for modelling and predicting terroristic attacks in urban environments. In: Security Technology (ICCST), 2014, pp 1–6

Asongu SA, Orim S-MI, Nting RT (2019) Terrorism and social media: global evidence. J Global Inf Technol Manag 22.3:208–228

Google Scholar

AutoMap: Project — CASOS (2016) [Online]. Available: http://www.casos.cs.cmu.edu/projects/automap/ . [Accessed: 08 May 2016]

Baraldi A, Blonda P (1999) A survey of fuzzy clustering algorithms for pattern recognition. IEEE Trans Syst Man Cybern Part B 29(6):778–785

Berzinji A, Abdullah FS, Kakei AH (2003) Analysis of terrorist groups on facebook. In: 2013 European intelligence and security informatics conference analysis, p 7695

Best DM, Northwest P (2015) Clique: Situational awareness. IT Prof 117(August):66–68

Bhattacharyya S, Jha S, Tharakunnel K, Westland JC (2011) Data mining for credit card fraud: A comparative study. Decis Support Syst 50(3):602–613

BioWar: Project — CASOS (2016) [Online]. Available: http://www.casos.cs.cmu.edu/projects/biowar/ . [Accessed: 08 May 2016]

Brajawidagda U, Reddick CG, Chatfield AT (2016) Social media and urban resilience: A case study of the 2016 Jakarta terror attack. In: Proceedings of the 17th International digital government research conference on digital government research

Brynielsson J, Sharma R (2015) Detectability of low-rate HTTP server DoS attacks using spectral analysis. In: 2015 IEEE/ACM International conference on advances in social networks analysis and mining, pp 954–961

Burke R, Mobasher B, williams C, Bhaumik R (2006) Classification features for attack detection in collaborative recommender systems. In: KDD ’06 Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining, pp 542–547

Cao L, Member S, Zhao Y (2008) Mining Impact-Targeted activity patterns in imbalanced data. IEEE Trans Knowl Data Eng 20(8):1053–1066

Chen J, Li B (2009) Random forest for relational classification with application to terrorist profiling. In: Granular computing, 2009, GRC ’09. IEEE International Conference, pp 630–633

Chen J, Xu J, Chen P, Ding G, Lax RF, Marx BD (2008) Fuzzy clustering and iterative relational classification for terrorist profiling. In: Granular Computing, 2008. GrC 2008. IEEE International Conference on, pp 142–147

Coffman TR, Suite JR, Marcus SE (2004) Dynamic classification of groups through social network analysis and HMMsl. 2. In: IEEE Aerospace conference proceedings dynamic classification of groups through social network analysis and HMMsl.2 Thayne R. Coffman 2 1” Century technologies, Inc. 11675 Jollyville Rd Suite 300 Austin, TX 78759 tcoffman@2 1 technologies.com 5 12-342-00 I , pp 1–9

Dark Web Forums (2016) [Online]. Available: http://www.azsecure-data.org/dark-web-forums.html . [Accessed: 08 May 2016]

Dark Web Project (2016) [Online]. Available: http://www.azsecure-data.org/about.html . [Accessed: 08 Feb 2016]

David Liben-Nowell JK (2013) The link prediction problem for social networks. Int Rev Res Open Distance Learn 14(4):90–103

Desmarais BA, Cranmer SJ, Hill C, Carolina N (2011) Forecasting the locational dynamics of transnational terrorism:, a network analytic approach. In: European intelligence and security informatics conference, pp 171–177

Deylami HA (2015) Link prediction in social networks using hierarchical community detection. In: IKT2015 7th International conference on information and knowledge technology, pp 1–5

Dhote Y, Mishra N (2013) Survey and analysis of temporal link prediction in online social networks. In: International Conference ondvances in Computing, Communications and Informatics (ICACCI), pp 1178–1183

Dickerson JP (2011) Dealing with Lashkar-e-Taiba: A multi-player game-theoretic perspective. In: 2011 European intelligence and security informatics conference, pp 354–359

Dimensions AT (2015) Security QoS profiling against cyber terrorism in airport network systems. In: 2015 International Conference on Cyberspace Governance (CYBER-ABUJA), pp 241–251

Duman E, Ozcelik MH (2011) Expert Systems with Applications Detecting credit card fraud by genetic algorithm and scatter search. Expert Syst Appl 38(10):13057–13063

Duo-yong S (2011). In: Intelligence and Security Informatics (ISI), 2011 IEEE International Conference on, no 70973138, pp 373–378

DyNetML— CASOS (2016) [Online]. Available: http://www.casos.cs.cmu.edu/projects/dynetml/ . [Accessed: 08 May 2016]

Engene JO (2006) The data set Terrorism in Western Europe: Events Data, or TWEED for short, was constructed and collected for the purpose of analysing patterns of terrorism in Western Europe as related to historical and structural preconditions (see Jan Oskar Engene: Eur. [Online]. Available: http://folk.uib.no/sspje/tweed.htm

Fire M, Tenenboim L, Lesser O, Puzis R, Rokach L, Elovici Y (2011) Link prediction in social networks using computationally efficient topological features. Proceedings - 2011 IEEE Int Conf Privacy, Secur Risk Trust IEEE Int Conf Soc Comput PASSAT/SocialCom 2011:73–80

Fu J, Sun D, Chai J (2012) Multi-factor analysis of terrorist activities based on social network. In: 2012 5th International conference on business intelligence and financial engineering multi-factor, pp 476–480

Goldstein BH (2006) Modeling, IEEE Spectr, no September, pp 26–34

Goyal T, Saini JK, Bansal D (2019) Analyzing behavior of ISIS and Al-Qaeda using association rule mining. In: Proceedings of 2nd International conference on communication, computing and networking, Springer, Singapore

Guohui LI, Song LU, Xudong C, Hui Y, Heping Z (2014) Study on correlation factors that influence terrorist attack fatalities using Global Terrorism Database. In: 2014 International symposium on safety science and technology study, pp 698–707

Haglich P, Rouff C (2010) Detecting emergence in social networks. In: IEEE international conference on social computing/IEEE international conference on privacy, security, risk and trust, pp 693–696

Hogan B (2011) Visualizing and interpreting facebook networks

Hsiao H, Lin CS, Chang S (2009) Constructing an ARP attack detection system with SNMP traffic data mining. In: Proceedings of the 11th international conference on electronic commerce. ACM, pp 341–345

Huang Z, Chen H, Yu T, Sheng H, Luo Z (2009) Semantic text mining with linked data. In: 2009 5th International joint conference on INC, IMS and IDC, pp 338–343

Huillier GL, Huillier GL, Alvarez H, Aguiler F, Aguilera F (2010) Topic-based social network analysis for virtual communities of interests in the dark web topic-based social network analysis for virtual communities interests in the dark web. In: ACM SIGKDD Workshop on intelligence and security informatics, p9, pp 66–73

International Terrorism: Attributes of Terrorist Events (ITERATE) (2016) [Online]. Available: http://www.icpsr.umich.edu/icpsrweb/DSDR/studies/07947#datasetsSection . [Accessed: 08 Feb 2016]

JDK (2016) [Online]. Available: http://www.oracle.com/technetwork/java/javase/downloads/index.html . [Accessed: 07 May 2016]

Jan G (2011) Visual investigation of similarities in global terrorism database by means of synthetic social networks. In: Computational Aspects of Social Networks (CASon), 2011 International Conference on, IEEE, 2011, pp 255–260

Jayaweera I, Sajeewa C, Liyanage S, Wijewardane T, Perera I, Wijayasiri A (2015) Crime analytics: Analysis of crimes through newspaper articles. In: 2015 Moratuwa Eng Res Conf, pp 277–282

Jin L, Diego S, Chen Y (2013) Understanding user behavior in online social networks: A survey, no September, pp 144–150

Johnson CW (2005) Applying the lessons of the attack on the world trade center, 11th september 2001, to the design and use of interactive evacuation simulations. In: Proceedings of the SIGCHI conference on Human factors in computing systems. ACM, 2005, pp 651–660

Katipally R, Cui X (2010) Multistage attack detection system for network administrators using data mining, pp 0–3

Kaur A, Saini JK, Bansal D (2019) Detecting radical text over online media using deep learning. arXiv: 1907.12368

Kengpol A, Neungrit P (2014) A decision support methodology with risk assessment on prediction of terrorism insurgency distribution range radius and elapsing time: An empirical case study in Thailand. Comput Ind Eng 75:55–67

Klausen J (2016) The role of social networks in the evolution of Al Qaeda-inspired violent extremism in the United States, 1990-2015 Brandeis University

Krause L, Lehman L, Wheeler A, Drive S (2003) A family of agent based models

Lautenschlager J, Ruvinsky A, Warfield I, Kettler B (2015) Group profiling automation for crime and terrorism (GPACT). Procedia Manuf 3(Ahfe):3933–3940

Liu Z, Xin L, Peng P (2011) Comparison of two mathematical models for predicting the fallout hazard from terrorist nuclear detonations. In: International conference on electronic & mechanical engineering and information technology, pp 4007–4009

Moon I, Carley KM (2007) Modeling and networks in social and Geospatial dimensions

Mannes A, Michael M, Pate A, Sliva A, Subrahmanian VS, Wilkenfeld J (2008) Stochastic opponent modeling agents: A case study with hezbollah, Soc Comput Behav Model Predict no. September 2002, pp 37–45

Mannes A, Shakarian J, Sliva A, Subrahmanian VS (2011) A computationally-enabled analysis of lashkar-e-taiba attacks in jammu & kashmir. In: 2011 European intelligence and security informatics conference, pp 224–229

Mason R, Mcinnis B, Dalal S (2012) Machine learning for the automatic identification of terrorist incidents in worldwide news media, pp 84–89

Mathieu B, Truong P, You W, Labs O (2012) Information-centric networking: A natural design for social network applications, no July, pp 44–51

McKerlich R, Ives C, McGreal R (2013) Uncovering the darkweb: A case study of jihad on theWeb. Int Rev Res Open Distance Learn 14(4):90–103

Miller RR (2002) Viewpoint Information Management in, vol 45, no 9, pp 31–33

Mitchell TM (1997) Machine learning, no 1

NODEXL (2007) [Online]. Available: http://www.smrfoundation.org/tools/

National Consortium for the Study of Terrorism and Responses to Terrorism (START) (2015) GTD Global terrorism database, START. p 63

Ngai EWT, Hu Y, Wong YH, Chen Y, Sun X (2011) The application of data mining techniques in financial fraud detection: A classification framework and an academic review of literature. Decis Support Syst 50(3):559–569

Nguyen LT, Wu P, Chan W, Field M (2012) Predicting collective sentiment dynamics from time-series social media. In: WISDOM ’12 Proceedings of the 1st international workshop on issues of sentiment discovery and opinion mining

ORA-LITE: Software — CASOS (2016) [Online]. Available: http://www.casos.cs.cmu.edu/projects/ora/software.php . [Accessed: 08 May 2016]

Ozgul F, Atzenbeck C, Erdem Z (2011) How much similar are terrorists networks of Istanbul?. In: 2011 International conference on advances in social networks analysis and mining how, pp 468–472

Ozgul F, Erdem Z, Bowerman C (2009) Prediction of past unsolved terrorist attacks, pp 37–42

PHP: Hypertext Preprocessor (2016) [Online]. Available: https://secure.php.net/ . [Accessed: 07 May 2016]

Pagán JV (2010) Improving the classification of terrorist attacks a study on data pre-processing for mining the global terrorism database. In: 2010 2nd International Conference on Software Technology and Engineering(ICSTE) Improving, pp 104–110

Pavel A (2005) Responding to terrorist attacks and natural disasters: a case study using simulation. In: Winter simulation conference, pp 886–894

Projects - Construct — CASOS (2016) [Online]. Available: http://www.casos.cs.cmu.edu/projects/construct/ . [Accessed: 08 May 2016]

Projects - OrgAhead — CASOS (2016) [Online]. Available: http://www.casos.cs.cmu.edu/projects/OrgAhead/ . [Accessed: 08 May 2016]

Python Programming Language (2016) [Online]. Available: https://www.python.org/ . [Accessed: 07 May 2016]

R (2016) The R project for statistical computing. [Online]. Available: https://www.r-project.org/ . [Accessed: 07 May 2016]

R. C., DARPA (2019) RDWTI — RAND [Online]. Available: http://www.rand.org/nsrd/projects/terrorism-incidents.html

Rejaie R, Torkjazi M, Valafar M, Willinger W (2010) Sizing up online social networks. Network, IEEE 24(5):32–37

START (2005) MAROB. [Online]. Available: http://www.cidcm.umd.edu/mar/mar_data.asp

START (2020) Global Terrorism Database. [Online]. Available: http://www.start.umd.edu/gtd/

Sang J, Deng Z, Lu D, Xu C (2015) Cross-OSN user modeling by homogeneous behavior quantification and local social regularization. IEEE Trans Multimed 17(12):2259–2270

Sardarnia K, Safizadeh R (2019) The internet and its potentials for networking and identity seeking: A study on ISIS. Terror Political Violence 31.6:1266–1283

Scanlon JR, Gerber MS (2014) Automatic detection of cyber-recruitment by violent extremists. Secur Inform 3(1):1–10

Schreck T, Keim D (2013) Visual analysis of social media data, pp 68–75

Serra E, Subrahmanian VS (2014) A survey of quantitative models of terror group behavior and an analysis of strategic disclosure of behavioral models. IEEE Trans Comput Soc Syst 1(1): 66–88

Shen H, Member S, Li Z, Liu J, Grant JE (2015) Knowledge sharing in the online social network of Yahoo! Answers and Its Implications. IEEE Trans Comput 64(6):1715–1728

MathSciNet Google Scholar

Siegrist D (2000) Advanced information technology to counter biological terrorism. ACM SIGBIO Newsletter 20.2:2–7

Skillicorn DB (2015) Empirical assessment of al qaeda, isis, and taliban propaganda. In: Intelligence and Security Informatics (ISI), 2015 IEEE International Conference on, pp 61–66

Skillicorn DB, Spezzano F, Subrahmanian VS (2014) Understanding south asian violent extremist group-group interactions, no Asonam, pp 687–694

South Asia Terrorism Portal (SATP) (2016) [Online]. Available: http://www.satp.org/ . [Accessed: 08 Feb 2016]

Spezzano F, Mannes A (2013) STONE: Shaping terrorist organizational network efficiency. In: 2013 IEEE/ACM International conference on advances in social networks analysis and mining STONE, pp 348–355

Su P, Mao W, Zeng D, Zhao H (2012) Mining actionable behavioral rules. Decis Support Syst 54(1):142–152

Subrahmanian EVS (2012) Handbook of computational approaches to counter terrorism, Springer Science & Business Media

Suicide Attack Database (SAD) (2016) [Online]. Available: https://cpostdata.uchicago.edu/search_new.php . [Accessed: 08 Feb 2016]

Taquechel E, Guard USC (2010) Layered defense: Modeling terrorist transfer threat networks and optimizing network risk reduction, no December, pp 30–35

The crawler4j Open Source Project on Open Hub (2016) [Online]. Available: https://www.openhub.net/p/crawler4j . [Accessed: 07 May 2016]

Thuraisingham B (2004) Data mining for counter-terrorism. Data Mining:, Next Generation Challenges and Future Directions, pp 157–183

UCINET Software (2016) [Online]. Available: https://sites.google.com/site/ucinetsoftware/home . [Accessed: 08 May 2016]

Valenzuela ML, Feng C, Momen F, Rozenblit JW (2010) A non-numerical predictive model for asymmetric analysis

Visualization AW, Lee J (2008) Exploring global terrorism data: A web-based visualization of temporal data, vol 15, no 2, pp 7–14

Wang P (2014) A tale of three social networks, pp 10–15

Wang J (2014) A novel method of centrality in terrorist network, pp 144–149

Wang T, Liao G (2014) A review of link prediction in social networks. In: International conference on management of e-commerce and e-government, pp 149–152

Weil T (2015) Happened to sony happen to us?, no April

Weinstein C, Campbell W, Delaney B, Leary GO, Street W (2009) Modeling and detection techniques for counter-terror social network analysis and intent recognition

Wiil UK, Gniadek J, Memon N (2010) Measuring link importance in terrorist networks. In: 2010 International conference on advances in social networks analysis and mining. IEEE, pp 225–232

Worldwide Incident Tracking System (WITS) (2004) [Online]. Available: https://esoc.princeton.edu/files/global-terrorism-database-worldwide-incident-tracking-system

Xiong H, Wu J, Chen J (2009) K-means clustering versus validation measures: a data-distribution perspective. IEEE Trans Syst, Man, Cybern Part B 39(2):318–331

Xu R, Wunsch D (2005) Survey of clustering algorithms. IEEE Trans Neural Netw 16(3):645–678. [Online]. Available: https://doi.org/10.1109/TNN.2005.845141

Ze L, Duo-yong S, Shu-quan G, Bo L (2014) Detecting Key Individuals in Terrorist Network Based on FANP Model. In: 2014 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM 2014), pp 724–727

Zhou Y, Qin J, Reid E, Lai G, Chen H (2005) Studying the presence of terrorism on the web: A knowledge portal approach. In: Proceedings of the 5th ACM/IEEE-CS joint conference on Digital libraries. ACM, 2005, p 402

(2017). https://www.start.umd.edu/gtd/images/START_GlobalTerrorismDatabase_TerroristAttacksConcentrationIntensityMap_45Years.png [Date Accessed 23 Nov 2017]

Download references

This work was partially supported by Cyber Security Research Centre, Punjab Engineering College (Deemed to be University), Chandigarh, India.The author Jaspal K Saini is grateful to Visvesvaraya PhD scheme for Electronics and IT for funding this research.

Author information

Authors and affiliations.

School of Computing, IIIT Una, Una, Himachal Pradesh, India

Jaspal Kaur Saini

Punjab Engineering College (Deemed To Be University), CSRC, Chandigarh, India

Divya Bansal

You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jaspal Kaur Saini .

Ethics declarations

Conflict of interests.

The authors declare that they have no conflict of interest.

Additional information

Publisher’s note.

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Saini, J.K., Bansal, D. Computational techniques to counter terrorism: a systematic survey. Multimed Tools Appl 83 , 1189–1214 (2024). https://doi.org/10.1007/s11042-023-15545-0

Download citation

Received : 29 October 2021

Revised : 18 November 2022

Accepted : 19 April 2023

Published : 03 June 2023

Issue Date : January 2024

DOI : https://doi.org/10.1007/s11042-023-15545-0

Share this article

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Computational techniques
Data science
Data mining
Machine learning
Online social networks
Terrorist network
Find a journal
Publish with us
Track your research

IEEE Account

Change Username/Password
Update Address

Purchase Details

Payment Options
Order History
View Purchased Documents

Profile Information

Communications Preferences
Profession and Education
Technical Interests
US & Canada: +1 800 678 4333
Worldwide: +1 732 981 0060
Contact & Support
About IEEE Xplore
Accessibility
Terms of Use
Nondiscrimination Policy
Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity. © Copyright 2024 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.

Academia.edu no longer supports Internet Explorer.

To browse Academia.edu and the wider internet faster and more securely, please take a few seconds to upgrade your browser .

Enter the email address you signed up with and we'll email you a reset link.

We're Hiring!
Help Center

Research Paper On Cyber Terrorism-A Global Security Threat

Terrorism, one of the vilest crimes, faced by the human community has posed an immense challenge in the post Cold War period. It has existed since the emergence of human societies endangering innocent lives and jeopardizing human rights and fundamental freedoms. Though the conventional motives have remained the same, the traditional concepts and methods of terrorism have taken new dimensions that are more destructive 1 and deadly in nature. In the age of information technology the terrorists have acquired an expertise to produce the most deadly combination of weapons and technology, which are much more modern and scientific. This phenomenon where the cyber space is used to launch terror attacks is also known as cyber-terrorism. It has the potential to do indeterminable harm not only by paralyzing computer infrastructures but also comprehending the use of the cyberspace to support and organize traditional forms of terrorism, such as bombings and suicide attacks. It also poses a deadly threat on the national security of a state by offering a garb of anonymity to the perpetrators of terror. The increased dependency on information technology has dramatically increased the security risks. This new menace will be a severe challenge to global security unless there are appropriate security measures to help prevention. Hence, to understand cyber terrorism, and find out the ways in which the terrorist organizations are using the advantage of this new technology, a look at its background is necessary. This paper shall make an attempt to discuss the rising incidents of cyber terrorism across the globe, the meaning and concept of the term, the motives and methods behind an attack. It shall also discuss the regional and international mechanisms to prevent cyber terrorism, and recommend what more could be done.

Related Papers

: CONTEMPORARY MACEDONIAN DEFENCE - INTERNATIONAL SCIENTIFIC DEFENCE, SECURITY AND PEACE JOURNAL

Mitko Bogdanoski

It is more than obvious that the way of conducting terrorism with the time is becoming more sophisticated. The cyber terrorism is real threat to fast technology development. Potential targets are systems which control the nation’s defenses and critical infrastructure. The terrorist of the future will win the wars without firing a shot - just by destroying infrastructure that significantly relies on information technology. The fast growth of the Internet users and Internet dependence dramatically increased the security risks, unless there are appropriate security measures to help prevention. To understand cyber terrorism it is important to look at its background, to see how the terrorist organizations or individuals are using the advantage of new technology and what kind of measures governments and international organizations are taking to help the fight against cyber terrorism.

Andrew N Liaropoulos

Sania Arsalan

As the addiction of internet is increasing at a highly increasing rate from our mobile phones to our streets, from our streets to our colleges, from our colleges to our work places, from our work places to our hospitals and from our hospital to everywhere, the risks caused by cyber terrorism has also increased. During the past few decades, the threats posed by cyber terrorism have increased to a deadly rate. It has raised a question mark to the Government's security policies and agendas. This caused Government agencies to revise their security policies. It has raised awareness of the other channels that terrorists might be adopting to accomplish their ambitions. These attacks are planned to cause severe economic damage to someone and even in some cases it harms someone's life. This research is designed for a clear understanding of a layman what cyber terrorism exactly is

Advances in Digital Crime, Forensics, and Cyber Terrorism

Thanks to the internet, the distances between the countries are easily overcome and the communication network rapidly expands. This situation also affects the cyber security of the countries to a great extent. Attacks on critical infrastructures, companies, and public institutions can be magnitude that make great harms. These developments in cyber space bring new problems. One of them is cyber terror. Cyber terror does not have a certain and well-known definition. Cyber terror is the realization of terrorist acts in the field of cyber war. In addition, cyber space is a place of display for terrorist acts. The effects of cyber terror attacks have reached a level to scare all countries. There is not enough information about the definition, characteristics, methods used in cyber terror attacks and cyber terror groups. It is important for national administrators and staff to become conscious and to become informed about cyber terror. In this chapter, information will be presented, endea...

Journal of Social Sciences and Humanities

Zaheema Iqbal

In today’s postmodern world with the latest and top notch internet technologies in the market, if it has become easy and accessible for everyone to communicate with others sitting at the other corner of the world, it has also given rise to the cybercrimes including cyber terro rism which has not only provided grave threats to the whole world but also posed a question of whether with the manipulation of cyber space, cyber terrorists can damage or destroy the physical infrastructure of its target. Owing to easy access to everyone and strong damage done as compared to traditional terrorism, today terrorists are relying on cyber terrorism as well. The Islamic State (IS) has emerged as one of the brutal and violent terrorist organization s which hired cyber experts and manipulated cyber space to the extent that today they are most active and professional cyber users’ terrorist organization of the world. The main focus of the paper is to highlight the basic definition of cyber terrorism, ...

TERRORIST USE OF CYBER TECHNOLOGY

Assoc.Prof.Dr. Serdar Yurtsever

The risk posed by terrorist use of cyber technology and cyber terrorism have been of great concern to politicians, decision makers, security officials. This article studies terrorist use of cyber technology and cyber terrorism along with history of cyber-terrorism. Moreover some concepts such as between cyber-crime, cyber-terrorism, cyber-warfare and hactivism will be analysed. Furthermore, the challenges faced by international organisations in tackling cyber terrorism will be discussed; measures introduced in some countries to address cyber terrorism treats are presented as well as discussions on the present and the future treat posed by cyber terrorism and terrorist use of cyber technology.

Enver Buçaj PhD

International Journal of Sustainable Future for Human Security

Halimin Herjanto

Jasmin Kalac

The tremendous achievements and the development of the leading technology, sophisticaled computer systems opened new " cyberspace " that constantly destroys the old traditional forms of organization, behavior and belief. Cyber information led to cyber revolution and the emergence of the information society, which dominates the race for information and communication technologies, in parallel the global liberalization and free circulation of people, goods and ideas (Stern, Jessica, 1999). Today, thirty years after the introduction of the term, the concept of cybernetics, it inevitably became a primary component of many important terms: cyber society, cyber policy, cyber economy, cyber warefare, cyber terrorism, cyber crime, in which essentially the most precious crown represents cyber information. Cyber terrorism is an important cybersystem of cyber warefare, and is very difficult to detect and counter because it is almost impossible to determine the political affiliation or sponsors of its prepertators.

Loading Preview

Sorry, preview is currently unavailable. You can download the paper by clicking the button above.

Shodhganga : a reservoir of Indian theses @ INFLIBNET

Shodhganga@INFLIBNET
Aligarh Muslim University
Department of Law

Title:	Cyber crime and cyber terrorism in India
Researcher:	Iqbal, Syed Mohd Uzair
Guide(s):
Keywords:	Conceptual Analysis, Cyber Crime, Defamation, Economic Offence, Hacking, Cyber Pornography, Cyber Terrorism
University:	Aligarh Muslim University
Completed Date:	2013
Abstract:	Abstract available newline newline
Pagination:	ix, 330p.
URI:
Appears in Departments:

Description	Size	Format
Attached File	207.14 kB	Adobe PDF
	944.25 kB	Adobe PDF
	151.82 kB	Adobe PDF
	84.24 kB	Adobe PDF
	137.41 kB	Adobe PDF
	119.66 kB	Adobe PDF
	71.23 kB	Adobe PDF
	793.93 kB	Adobe PDF
	2.04 MB	Adobe PDF
	3.06 MB	Adobe PDF
	1.39 MB	Adobe PDF
	1.98 MB	Adobe PDF
	2.5 MB	Adobe PDF
	742.33 kB	Adobe PDF
	3.54 MB	Adobe PDF
	390.62 kB	Adobe PDF

Items in Shodhganga are licensed under Creative Commons Licence Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0).

IMAGES

Cyber terrorism essay research paper. Research Papers About Cyber
(PDF) Cyber Terrorism and Self-Radicalization
Cyber Security Argumentative Essay
Cyber Crime essay in English l Write a Paragraf essay on Cyber crime l Cyber-crime essay English l
Cyber terrorism and Terrorist organizations Essay Example
Cyber-Terrorism and International Interventions

COMMENTS

Research paper A comprehensive review study of cyber-attacks and cyber
In addition, five scenarios can be considered for cyber warfare: (1) Government-sponsored cyber espionage to gather information to plan future cyber-attacks, (2) a cyber-attack aimed at laying the groundwork for any unrest and popular uprising, (3) Cyber-attack aimed at disabling equipment and facilitating physical aggression, (4) Cyber-attack as a complement to physical aggression, and (5 ...
Full article: Too Close for Comfort: Cyber Terrorism and Information
Cyber terrorism is an elusive concept. Most definitions make a distinction between on the one hand politically motivated violent acts, or the threat thereof, using the internet, and on the other hand all the preparatory and supporting activities for terrorism done on or via the internet, such as recruitment, communication and financing.
Cyber Terrorism: Research Review: Research Report of the ...
The report has drawn on a broad range of sources including government documents (e.g. law enforcement and security agencies), web/blog posts, academic articles, information security websites and online news articles about cyber terrorism. The final chapter concludes with a discussion on the likelihood of a cyber terrorist attack.
Cyberterrorism as a global threat: a review on repercussions and
Abstract. An act of cyberterrorism involves using the internet and other forms of information and communication technology to threaten or cause bodily harm to gain political or ideological power through threat or intimidation. Data theft, data manipulation, and disruption of essential services are all forms of cyberattacks.
(PDF) Cyberterrorism
This brings to the forefront a relatively new concept in the area of terrorism: cyberterrorism. This paper will look at the idea of cyberterrorism and analyze the preparedness of 12 North Carolina ...
PDF Cyberwarfare and Cyberterrorism: In Brief
Criminals, terrorists, and spies rely heavily on cyber-based technologies to support organizational objectives. Commonly recognized cyber-aggressors and representative examples of the harm they can inflict include the following: Cyberterrorists are state-sponsored and non-state actors who engage in cyberattacks to pursue their objectives.
Public Opinion and Cyberterrorism
Abstract. Research into cyber-conflict, public opinion, and international security is burgeoning, yet the field suffers from an absence of conceptual agreement about key terms. For instance, every time a cyberattack takes place, a public debate erupts as to whether it constitutes cyberterrorism. This debate bears significant consequences ...
Cyber Terrorism: An Examination of the Critical Issues
This paper examines the critical issues relevant to Cyber terrorism. A review of the literature indicates that incidences of computer crime and cyber terrorism are increasing. The cyber attacks on the U.S.'s critical infrastructure are no longer random, but rather are coordinated and precise. The types of attacks are discussed
Cyberterrorism Definition Patterns and Mitigation Strategies: A
This article reports on a recent survey designed to capture understandings of cyberterrorism across the global research community. Specifically, it explores competing views, and the importance thereof, amongst the 118 respondents on three definitional issues: First, the need for a specific definition of cyberterrorism for either policymakers or researchers; Second, the core characteristics or ...
1081 PDFs
Explore the latest full-text research PDFs, articles, conference papers, preprints and more on CYBER TERRORISM. Find methods information, sources, references or conduct a literature review on ...
PDF United States Institute of Peace Special Report
Hussein would not hesitate to use the cyber tool he has. . . . It is not a question of if but when. The entire United States is the front line," Alexander claimed. (See Ralf Bendrath's article "The American Cyber-Angst and the Real World," published in 2003 in Bombs and Bandwith, edited by Robert Latham.) Whatever the intentions of its ...
Cyber Attacks and Terrorism: A Twenty-First Century Conundrum
Section "Empirical Examination of Terrorism and Cyber Attacks: Insights from Past Research" of the paper draws up information from different empirical studies carried out in the past that explore the conjunction between cyber attacks and terrorism. An empirical model to ascertain the level of risk is also presented based on some recent ...
Cyber terrorism: research report of the Australian National University
This review of cyber-terrorism outlines the main trends and challenges presented by the convergence of the exceptional reach, speed and scale of the Internet and the political ambitions of violent extremists. Chapters on cyber weapons, critical infrastructure, attribution, Internet of Things, recruitment and propaganda, financing, legislation and counter measures, and cyberwar.
PDF Cyberterrorism Within the Broader International Counter- Terrorism
r International Counter-Terrorism Framework Master's thesis, XIII + 58 pp.International law April 2021 The originality of this thesis has been checked in accordance with the University o. Turku quality assurance system using the Turnitin OriginalityCheck service.Terrorism has caused a tremendous amount of direct a.
Cyberattacks, cyber threats, and attitudes toward cybersecurity
Seeing that cyber threats are continuously evolving, there are opportunities to expand and consolidate this research in future studies. In the current article, we focus on the effect of exposure to lethal and nonlethal cyberattacks on support for different types of cybersecurity policies among Israeli participants.
Cyber-attacks and Cyber -terrorism: a Weapon and Latest Threat to
The proposed research of this thesis will highlight what constitutes a cyber-attack and cyber-terrorism. It will further determine cyber-attacks and cyber-terrorism as armed attacks and a threat ...
Computational techniques to counter terrorism: a systematic ...
All papers are classified according to three types of analysis approaches named categorization, behavioural anlaysis and predictive analysis which are identified and studied in detail during pass 2. All papers are evaluated again with intent of identifying research gaps and future scope under the third phase of TNA study entitiled future direction.
A comprehensive review of Cyber Terrorism in the current scenario
In this research paper we have discussed about the phenomenon of Cyber terrorism and its growing impact in the current scenario. We have reviewed the laws and acts in various countries like US, UK, Canada, Australia and in India. We have also tried to review the Cyber terrorism from the aspect of the Indian IT Act 2000. We have carried out a comparative review of the various laws made by these ...
Cyberterrorism Research Papers
Next I will concentrate on cyber-attacks and if they are a method of cyber-terrorism. Then I will focus my attention on some of the examples which appear in academic research as acts of cyber-terrorism. In the next part of my paper I will examine the legal framework and the evolving law on cyber-terrorism in International Law. Finally I will ...
Research Paper On Cyber Terrorism-A Global Security Threat
This paper shall make an attempt to discuss the rising incidents of cyber terrorism across the globe, the meaning and concept of the term, the motives and methods behind an attack. It shall also discuss the regional and international mechanisms to prevent cyber terrorism, and recommend what more could be done.
(PDF) Cyber warfare: Issues and challenges
1. Introduction. Throughout history, mankind has waged war, seeking to further national. agendas in an ever changing in ternational game of power. From the sw ord bat-. tles of the past to the ...
Shodhganga@INFLIBNET: Cyber crime and cyber terrorism in India
The Shodhganga@INFLIBNET Centre provides a platform for research students to deposit their Ph.D. theses and make it available to the entire scholarly community in open access. ... Cyber crime and cyber terrorism in India: Researcher: Iqbal, Syed Mohd Uzair: Guide(s): Ahmad, Shakeel: Keywords: Conceptual Analysis, Cyber Crime, Defamation ...
Cyber Terrorism Essays: Examples, Topics, & Outlines
PAGES 13 WORDS 4455. Cyber Terrorism. The Internet that we know today and use in our everyday lives was founded in the early 1970s. But all through the Cold War, the apprehension of data theft led to the Internet becoming a decentralized system. But it was not until the late 1980s when the Internet, after years and years of research was made ...
Car dealerships hit with second day of massive computer system ...
A second cyber incident at data provider CDK Global, whose software is used at 15,000 auto dealers, continued to slow operations to a near-standstill Thursday at US and Canada dealerships, the ...