A terrorist is an individual who seek to destroy, incapacitate, or exploit critical infrastructures to threaten national security, cause mass casualties, weaken the economy, and damage public morale and confidence. However, traditional terrorist adversaries of the United States are less developed in their computer network capabilities than other adversaries. Terrorists likely pose a limited cyber threat. The CIA believes terrorists will stay focused on traditional attack methods, but it anticipates growing cyber threats as a more technically competent generation enters the ranks.
Hacking could be used by terrorist groups to harvest information for planning physical or cyber attacks. Audit logs from websites, infrastructure owners, and national laboratories have recorded extensive, systematic information gathering originating from countries that serve as home bases for terrorist groups. Terrorist groups also are using the Internet for covert communications, and sympathetic hacker groups have launched various “e-jihads,” consisting primarily of web page defacements and DoS attacks.
Terrorist groups are known to have included not only engineers, computer scientists, and business people with backgrounds in computers, networks, and computer-based systems but also people with access to hardware and software producers. Terrorist groups have even sold computer products, which could in principle include malicious software. One known terrorist group is notable because it assembles and sells computer systems. Although law enforcement has not uncovered information pointing to subversion of software products, the potential for such activity exists. The evidence indicates that terrorist groups now have or can acquire the necessary expertise for identifying targets and conducting cyberattacks with serious or catastrophic consequences.