top of page

Strengthen International Cooperation and Increase Personal Vigilance




Stuart Macdonald is a professor at Swansea University, UK. His research interests are in criminal law, criminal justice, human rights, anti-terrorism, the use of the Internet by terrorists, and cyber terrorism. His recent research results include “Introduction to the Special Issue: Extremism and Terrorism Online—Widening the Research Base”, “The Tech Industry and the Regulation of Online Terrorist Content: What do Law Enforcement Think?”



Stuart Macdonald:Strengthen International Cooperation and Increase Personal Vigilance


In this issue, the center invited Professor Stuart Macdonald to conduct an exclusive interview on the issue of cyber terrorism. Stuart Macdonald is a professor at Swansea University, UK. His research interests are in criminal law, criminal justice, human rights, anti-terrorism, the use of the Internet by terrorists, and cyber terrorism. His recent research results include “Introduction to the Special Issue: Extremism and Terrorism Online—Widening the Research Base”, “The Tech Industry and the Regulation of Online Terrorist Content: What do Law Enforcement Think?”

As we all know, the Beijing 2022 Winter Olympics are only a few months away. Will the Beijing Winter Olympics become the target of "cyber terrorists"? What is "cyber terrorism"? Does cyber terrorism pose a major threat to the Beijing Winter Olympics? Faced with this situation, how should we deal with it? In response to these issues, the center conducted an exclusive interview with Professor Stuart Macdonald, hoping to understand his views on cyber terrorism.


First, the definitional question: what do we mean by cyberterrorism? The difficulties in defining terrorism are well-known. The prefix “cyber” adds another level of complexity. There is general agreement that an attacker can only be described as a cyberterrorist if they had a political or ideological motive and they either employed digital means or had a digital target. So, most would agree that a politically motivated group that hacks into an air traffic control system and causes two passenger aircraft to collide in mid-air should be described as cyberterrorists. However, there is much greater difference of opinion when the attacker’s objective is not to cause physical harm to people or property, but to cause another form of harm, such as economic damage or interference with critical infrastructure. For some, this may accurately be described as cyberterrorism, but for others an act can only qualify as (cyber)terrorism if it resulted in violence against people or property. Another point of contention is whether state-sponsored attacks can constitute cyberterrorism. Whilst some believe that they can, others insist that terrorism is an activity that can only be perpetrated by non-state actors.


Moving on to threat assessment. In 2017, I was part of a team that conducted a global survey of 124 researchers. We asked whether cyberterrorism constitutes a significant threat. Only 14 of the 124 experts that we surveyed said that it does not. They tended to doubt whether terrorist groups have the necessary capacity to be able to commit a cyberterrorist attack. In contrast, two-thirds of those we surveyed said that cyberterrorism does pose a significant threat. They pointed to the growing dependence on cyber (including the Internet of Things) and vulnerabilities in existing systems. Others said that cyberterrorism is a threat but is not a significant one. For these respondents, more traditional forms of terrorism (such as bombings) and other forms of cyber threat (such as cybersabotage) pose a greater threat than cyberterrorism. And there were still others that said that cyberterrorism does not yet pose a significant threat but may do so in the future. Our survey also asked whether a cyberterrorist attack has ever taken place. 65 percent answered yes, whilst 35% answered no. This difference of opinion is perhaps not surprising, given the widely diverging views of what cyberterrorism actually is in the first place. Those who believed that cyberterrorism has occurred offered various different examples, the most common of which were the Stuxnet malware, past attacks on Ukraine and Estonia and the WannaCry ransomware.


Finally, what are the most effective countermeasures against cyberterrorism? By far the most common answer to this question in our survey was target-hardening. The human factor was also widely regarded as important, with training, education, personal responsibility and vigilance, awareness-raising and good cyber hygiene all identified as effective countermeasures. The need for collaboration was emphasised too, with international cooperation, international law and public-private partnership all identified as being important. Other countermeasures included redundant infrastructure, security management procedures, readily available updates, patches and software tools and greater investment in infrastructure. What is interesting about this list is that it does not contain “exceptional” measures. The emphasis is instead on “normal” legislative and governmental activity and the ordinary, everyday work of citizens. Importantly, the suggested countermeasures also provide security not just against cyberterrorism but also other forms of cyberattack too, such as cybercrime. So, whilst specific interest in cyberterrorism is understandable, especially in the build-up to a major global event, in terms of responding to the threat the best approach may be to focus on everyday forms of cyber defence that protect against the full range of malevolent actors in cyberspace.



Interviewer: Hou Yunxi

Interview date: November 19, 2021

Organizer: Yu Zhuohan

Organize date: November 21, 2021

0 views

Comments


bottom of page