Cyberterrorism – The Paradigm of Deterring, Detecting, and Defending

August 9, 2023
Nikola Maack  —  CEP Research Intern

As a highly complex construct, what is referred to as cyberspace includes the World Wide Web, social media platforms, and intranets as well as other networks such as telephone networks, satellite communication networks, the Global Positioning System (GPS), and emergency systems. Since the rise of the modern Internet, more and more of the infrastructure and processes that define modern civilization have moved to an online world. This has resulted in efficiencies and conveniences, but it has also created challenges that are ripe for exploitation by bad actors, including terrorists and extremists.

Being a vital modern junction of private and public processes, cyberspace is also vulnerable to schemes and other threats designed to disturb and disrupt daily life. Indeed, the threat of cyberattacks has been increasing. For example, 68 percent of chief information security officers around the world expect a serious cyberattack within the next 12 months.Proofpoint, “Voice of the CISO 2023,” page 5,

Governments, as a matter of necessity, have begun to develop cybersecurity strategies and have established national agencies. For instance, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) developed a strategic plan designed to ensure the defense and resilience of cyberspace and to reduce risks for America’s critical infrastructure by 2025. In March 2022, U.S. President Joe Biden demanded that domestic cybersecurity be beefed-up due to the  danger of cyberattacks from Russia as part of its invasion of Ukraine.

In Germany, the Federal Office for Information Security (BSI) operates as the federal cybersecurity authority. Through the passage of the IT-Security-Act 2.0, the BSI received greater competencies for detecting and defending against cyberattacks and can set minimum standards regarding cybersecurity at federal agencies.

Both the U.S. and Germany agree that “cyber threats cross borders and oceans” and that the “internationalization of cybercrime needs an internationalization of the response.”

By passing the Cyber Resilience Act, the NIS 2 Directive, and the Regulation on ENISA (the European Union Agency for Cybersecurity), the EU has developed a supranational approach to cybersecurity.

On a global level, following the request to support states in building their capacity to detect and defeat terrorism arising from new technologies,  the United Nation’s Office of Counter-Terrorism launched—among other things—the Cybersecurity and New Technology Program.

These strategic plans and pieces of national legislation are designed to deter and defend against attacks. They recognize that cyberspace, while making modern life more convenient and efficient, is also an attractive place for criminals, hackers, and terrorists.

Numerous incidents have shown the effect of and damage caused by cyberattacks: A virus nicknamed “the love bug” shut down computer systems around the world at the beginning of the millennium; the 2015 attack on the Ukrainian power grid by suspected Russian hackers led to outages for more than 200,000 people; and a 2021 ransomware attack on Colonial Pipeline, which carries refined gasoline and jet fuel from Texas to New York, caused major disruptions to one of the U.S.’s largest pipelines.

Cybercrime, hacking, and hacktivism have evolved into regular events. Thousands to millions of cyberattacks occur each day, targeting infrastructure, intelligence, and other government agencies as well as the private sector. Cyberattacks are even used by countries involved in conflicts in an attempt to weaken an opponent militarily or financially.

Even though cyberterrorism is feared by national governments, surprisingly, reports of cyberterrorist attacks are thus far rare. Is this due to current strategies for detecting and defeating such attacks working well or another reason?

First, applying the criteria of the definition of terrorism as a non-state actor using violence to pursue a political end or to intimidate a government or civilians, cyberattacks often lack a violent component.

Second, “conventional” terrorist methods aim to seriously destabilize or destroy the political, economic, or social structures of a country. Even though cyberattacks can cause great damage and disruption of daily life and might weaken or even destabilize a system, they can hardly result in the abolition of existing power relations, eliminate ruling elites, or establish a radical alternative the same way physical attacks can.

Third, politically or religiously motivated terrorists often believe that those who sacrifice their lives ascend into paradise. Launching cyberattacks does not necessarily require self-sacrifice, nor is it as dramatic as other types of terrorist acts.

Given the seriousness of threats in cyberspace for modern societies, cybersecurity remains rightfully a priority. While cyberterrorism so far only plays a minor role, it should not be assumed that all cyberterrorism is being deterred. There is no reason to assume that terrorists will not eventually be sophisticated enough to exploit the same vulnerabilities exposed by other hackers and criminals. Instead, governments should continue to focus on detecting and defeating cyberattacks, continue to tighten and improve their national strategies, and work diligently with others and “lock their digital doors” all around the world.

Daily Dose

Extremists: Their Words. Their Actions.


On May 8, 2019, Taliban insurgents detonated an explosive-laden vehicle and then broke into American NGO Counterpart International’s offices in Kabul. At least seven people were killed and 24 were injured.

View Archive