The IT Law Wiki



A terrorist is an individual who seek to destroy, incapacitate, or exploit critical infrastructures to threaten national security, cause mass casualties, weaken the economy, and damage public morale and confidence.

Use of technology[]

Technology has important implications for the terrorist threat. Infrastructure technologies provide attractive targets for terrorists who can apply a range of rudimentary and advanced attack techniques to disrupt or undermine confidence in a range of systems. Key elements of the national infrastructure, such as transportation, telecommunications, energy, banking, public health, and water supply are becoming increasingly dependent on computerized systems and linkages.


These systems provide targeting opportunities for adversaries who possess even limited technological capabilities, and who have the ability to identify critical infrastructure choke points. Terrorists can apply computer-generated attacks or more traditional means such as bombs or physical destruction to cause system-wide malfunctions. Interdependencies of systems, such as power and transportation, exacerbate this vulnerability. Significant disruption of power grids can have a devastating impact on air traffic control, railway operations, port operations, and emergency services such as fire and/or rescue and police. Attacks such as power outages also impact a wide segment of the population, command significant media attention and consequently provide an effective means for the terrorist to reach a "captive" audience.

A range of commercially available technologies can dramatically enhance terrorist operational capability. These include communications equipment, encryption capabilities, surveillance equipment, weapons, a range of computer and information management technologies, weapons components, and the Internet. The ability to acquire or adapt technologies can give terrorists an edge in choosing targets and conducting attacks as well as significantly expanding their range of attack options.


Traditional terrorist adversaries of the United States are less developed in their computer network capabilities than other adversaries. Terrorists likely pose a limited cyber threat. The CIA believes terrorists will stay focused on traditional attack methods, but it anticipates growing cyber threats as a more technically competent generation enters the ranks.

Hacking could be used by terrorist groups to harvest information for planning physical or cyber attacks. Audit logs from websites, infrastructure owners, and national laboratories have recorded extensive, systematic information gathering originating from countries that serve as home bases for terrorist groups. Terrorist groups also are using the Internet for covert communications, and sympathetic hacker groups have launched various “e-jihads,” consisting primarily of web page defacements and DoS attacks.

Terrorist groups are known to have included not only engineers, computer scientists, and business people with backgrounds in computers, networks, and computer-based systems but also people with access to hardware and software producers. Terrorist groups have even sold computer products, which could in principle include malicious software. One known terrorist group is notable because it assembles and sells computer systems. Although law enforcement has not uncovered information pointing to subversion of software products, the potential for such activity exists. The evidence indicates that terrorist groups now have or can acquire the necessary expertise for identifying targets and conducting cyberattacks with serious or catastrophic consequences.

See also[]