The following is an excerpt from Bat Blue’s special report on cyberterrorism, which you can read here.

In the past several years, the world has become fixated on the rise of cyberattacks. Much has been written about the cyber capabilities of state actors, but little is known about the capabilities of terrorist groups.

Terrorist groups use the Internet to spread their message, communicate with supporters, intimidate enemies, and in some cases, raise money or gain intelligence. Like most hackers, members of radical terrorist groups rely on mistakes, vulnerabilities, and simple oversights to gain access to websites and intelligence. In other instances, hackers have gained unauthorized access to networks because of simple passwords and spear-phishing.

Historically, the number of cyberattacks has grown exponentially after a major international event, as they did during the summer 2014 conflict in Gaza and after the terrorist attacks in Paris and Copenhagen in early 2015. Dates also have particular resonance for many of these hacker groups. September 11, Quds Day (Jerusalem Day), Laylat al-Qadr (Night of Destiny), and Ramadan are all events that are correlated with a higher instance of cyberattacks by Islamic groups. Increasingly, experts see a great increase in cyber activity surrounding events of global importance — war, religious holidays, cultural events, and elections. Such a surge in cyber activity can be deemed a ‘cyber-tail’ — the online after-effects of major geopolitical events.

AL QAEDA

Al Qaeda has used the Internet to advance its goals, communicate, and plan terrorist attacks since the 1980’s.

Al Qaeda has fallen behind ISIS in social media sophistication, but retains a strong following using more traditional sources like online magazines and chat forums.

The group has extremely sophisticated encryption and secure communication.

THE ISLAMIC STATE OF IRAQ AND SYRIA

ISIS has revolutionized the way terrorists use social media for propaganda and recruitment. It has a dispersed network of supporters that magnify its voice online.

Many of the tactics ISIS uses are unsophisticated but effective, relying on easily learned skills.

ISIS coordinates with other hacker groups and lone wolves for greater reach.

ISIS members have shown great growth in their cyber capabilities, as evidenced by the attack on French TV5Monde.

ISIS still has official magazines and video channels like Al Qaeda, but relies far more heavily on social media.

BOKO HARAM

Since Boko Haram declared allegiance to ISIS, their propaganda materials have become more sophisticated, suggesting coordination or even that Boko Haram outsources some of its propaganda to ISIS.

The group has also used online scams, known as 419 scams or letter fraud, as a way to fund its activities.

AL SHABAAB

Because of Al Shabaab’s close ties to Al Qaeda, the group uses many of the same online strategies and was also an early adopter of the Internet.

Al Shabaab launched what was probably the first “Twitter war” — an online real-time battle between the group’s official Twitter account and the Kenyan army during the Kenyan military operation in Somalia in 2011.

The group posts online videos and other propaganda material online in English, Somali, and Arabic.

CONCLUSION

Radical terrorist groups have always focused on new technologies as a way to broaden their message and attract young supporters. From Al Qaeda’s early use of “digital technologies” to plan attacks in the 1980’s to the sophisticated use of social media by ISIS, terrorist groups have shown their ability to constantly innovate in their use of technology to communicate, propagandize, recruit, and in some cases, attack. Al Qaeda, ISIS, Boko Haram, and Al Shabaab have all shown their ability to innovate and learn from one another, as well as other radical and anarchist groups, to achieve their goals.

Defenses against terrorist activity online have primarily focused on disabling, blocking, or censoring terrorist content. Twitter, Facebook, and YouTube have each pledged to take down terrorist materials, with each maintaining their own standards for removing content. In the case of Boko Haram and Al Shabaab, who are less sophisticated and rely on official media channels rather than a group of supporters, this might be helpful. However, there are thousands of ISIS-affiliated social media accounts, and they cannot all possibly be removed. Since social media accounts are so decentralized, thousands can be reestablished every day. Social media accounts have also proven to be an effective tool at monitoring terrorist activity. Blocking accounts makes it more likely that terrorist groups will find more private and anonymous ways of communicating.

Today, the greatest threat from terrorist groups online is their astonishing ability to glamorize their cause and recruit disaffected youth from across the world. ISIS and its affiliates have improved upon Al Qaeda’s strategy; rather than providing top-down inspirational materials like videos of leaders’ speeches, online magazines, and Quranic interpretations, ISIS empowers its followers to create social media propaganda themselves, leading to higher quality videos, images, and more followers.

These groups today have largely lacked the sophistication to launch major cyberattacks on critical infrastructure, shut down major networks, or steal closely guarded state secrets. Their danger primarily lies in their propaganda and recruiting ability. However, the sophistication of these groups is growing, and their ability to capitalize on low- skill but high-impact targets has already helped them achieve goals. If combined with recruiting greater technical ability or cooperating with a more sophisticated cyber power — for example, a military or state actor — these groups could achieve much more.

Along with the growing sophistication, it is likely that the importance of cyber-tails will continue to grow. Each new conflict will result in a spike in cyber events launched by — and against — terrorist groups and their supporters. cyber threats are far more sustainable than physical threats; radicalized hackers do not risk their lives and can continue to use online activity with few restrictions. Terrorist groups will continue to evolve and grow more sophisticated in their use of the Internet.