Report: Cyberterror Not a Credible Threat

A new report by a Washington policy think tank dismisses out of hand the idea that terrorist groups are currently launching cyber attacks and says that the recent attacks against U.S. and South Korean networks were not damaging enough to be considered serious incidents.

A new report by a Washington policy think tank dismisses out of hand the idea that terrorist groups are currently launching cyber attacks and says that the recent attacks against U.S. and South Korean networks were not damaging enough to be considered serious incidents.The report, written by James Lewis of the Center for Strategic and International Studies, looks at cyberwar through the prism of the Korean attacks, which many commentators have speculated originated in North Korea. However, there has been little in the way of proof offered for this assessment, and Lewis doesn’t go down that road. Instead, he focuses on whether the attacks constituted an act of war and whether they could have been the work of a terrorist group.

The answer is no on both counts.

“The July event was not a serious attack. It was more like a noisy demonstration. The attackers used basic technologies and did no real damage. To date, we have not seen a serious cyber attack. That is only because the political circumstances that would justify such attacks by other militaries have not yet occurred and because most non-state actors have not yet acquired the necessary capabilities. As an aside, this last point undermines the notion of cyber terrorism. The alternative to the conclusion that terrorist groups currently lack the capabilities to launch a cyber attack is that they have these capabilities but have chosen not to use them. This alternative is nonsensical,” Lewis writes.

But that’s not to say that terrorist groups won’t one day be capable of launching such attacks. Just the opposite, in fact. There’s no reason to believe that organized, well-financed terrorist groups won’t soon acquire the ability to launch sophisticated attacks, Lewis concludes.

“A very rough estimate would say that there is a lag of three and eight years between the capabilities developed by advanced intelligence agencies and the capabilities available for purchase or rental in the cybercrime black market. The evidence for this is partial and anecdotal, but the trend has been consistent for more [than] two decades. This suggests that in less than a decade, perhaps much less, a terrorist group could enter the cybercrime black market and acquire the capabilities needed for a serious cyber attack,” he writes.

“The implications for the United States are troubling. We have, at best, a few years to get our defenses in order, to build robustness and resiliency into networks and critical infrastructure, and to modernize our laws to allow for adequate security. Our current defenses are inadequate to repel the attacks of a sophisticated opponent.”

The report, titled “The ‘Korean’ Cyber Attacks and Their Implications for Cyber Conflicts,” also discusses at length the limiting factors that currently are preventing foreign countries and organized criminal groups from attacking the U.S. Those deterrents, which include political constraints and the possibility of a physical retaliatory strike, have been of use so far, but may not continue to be for much longer. The difficulty of attributing an attack to any specific person or group makes these deterrents far less effective than they might otherwise be.

And the U.S. dependence on digital technology makes it somewhat more vulnerable to cyber attacks than other nations, Lews writes.

“In the Cold War, there was symmetry in vulnerabilities – each side had cities and populations that the other could hold hostage. That symmetry no longer exists. The United States is far more dependent on digital networks than its opponents and this asymmetric vulnerability means that the United States would come out worse in any cyber exchange,” Lewis writes.

Suggested articles


  • Anonymous on

    Seems to me that the title of this article should have been:

    Report: Cyberterror Not a Credible Threat ..... Yet

    I'm no luddite - I love my computer and the internet - but are we, (by we, I mean, for want of a better term, "the west") in our never-ending quest for technology-driven financial gain, (and surely that's what the internet has, sadly, largely become) leaving ourselves wide open?

  • Anonymous on

    What right do they have to say:

    "'The alternative to the conclusion that terrorist groups currently lack the capabilities to launch a cyber attack is that they have these capabilities but have chosen not to use them. This alternative is nonsensical,' Lewis writes."

    That cyberattack proved one thing: with outdated tech(what the gov't says they have) they still managed to break in. I'm sorry but the U.S. doesn't own every intelligent, computer-savvy person in the world. Many of the best coders and hackers are self taught.

    So the equation: Muslim or other anti-American group wants to cripple us in order to stage a larger, more physical attack. Do you think they wouldn't have the will to become skilled enough to make it happen? Our gov't is blind to this in my opinion. Yes, there probably is mroe information that other government agencies have that might back up their opinion, but until I see it I will not believe it.

  • Tamas Feher from Hungary on

    The article appears flawed. It talks about e-terrorism and then accuses Nort Korea. However, covert attack by another state party is not terrorism, it is "diversionary activity", a form of warfare, like the WWII allied commando raids on the nazi heavy water factory and the night capture of a nazi mobile radar station on the occupied french coast.

    Similarly if your own population does something nasty, it is not terrorism, it is "sabotage", like the intentional wrecking of industrial infrastructure by workers in nazi-occupied Europe during WWII.

    USA is vulnerable to all of terrorism, diversion and sabotage, even in the e-sphere. The nation is easy to enter under false papers or outright illegally and there are a lot of non-yet-assimilated arab, muslim or chinese immigrant citizens, who could do e-sabotage. It is stupid to underestimate the dangers, because USA may be 3-8 years ahead in hardware, but the rest of the world has much better programmers. Asians and slavs are excellent at maths and they are hero programmers. They have already stolen all of the digital assets of USA and only their lag in hardware advances prevents them from  using that trove to further their own aims.

  • Anonymous on

    It seems you're agreeing with the article even if you don't realise it.

    The article says the attack was succesful, but not significant. A point you don't seem to oppose.

    The point of the quote is that IF a terrorist organization was able to launch an actually crippling attack, they would have. Since they haven't, odds are they can't.

    If you read on a little bit, he clearly states that this CAN change. But, for the time being, the abscence of a crippling attack is evidence that terrorists are not yet able to execute a such.

  • Anonymous on

    Basically, it boils down to time-sensitive vulnerabilities (aka zero-day).


    Only can only be used a very few times or once (before someone discovers it and covers it up).


    This threat has been already been an ongoing and recurring events (that the author apparently has totally overlooked) and repeatedly pointed out by may research papers.

    No, the author apparently did NOT sufficiently research this topic and I'm claiming he did not research AT ALL.


  • Anonymous on

    Experts: Cyberstrikes originated from Britain, not North Korea:

    According to security researchers in Vietnam, the source of last week's string of attacks by the Mydoom virus - which overwhelmed systems belonging to the US Treasury and the office of the South Korean president Lee Myung-Bak - can be traced to the UK.


  • John on

    What I find interesting about the synopsis provided in this article was what was left out, "...other trends suggest that terrorist use of advanced cyber weapons (if current trends remain unchanged) is inevitable."  Also, while the synopsis does identify the lag time of 3 to 8 years between advanced intelligence agency development and availability on the black market, it doesn't indicate when the sought after technologies were developed. By this, one might assume that the clock has already been ticking for multiple years on some technologies that could be highly damaging. I do however agree with some of the earlier posters that if the terrorists had the capability, they would use it. How long until they do have the capability though?

  • gd on

    Thank constraint article says. Opinions about this article that read my writing when I see fit. I watched it first before video izle. Later I joined the facebook group. I wish to continue this kind of writing. Good day.

  • Tom on

    It is said that "absence of evidence is not evidence of absence".  In other words, just because there hasn't been a MAJOR cyber-attack is not evidence that they could not perform one.  What if they were just holding back to prevent their real power from being shown?  What if the Koreans or whomever performed the last break-in just did it on a bigger scale next time, with more programmers using more computers?  The point is they did it already using antequated computers (according to the US gov't), so it's not a large leap that if full war broke out, that they weren't already poised to do something big.  There are reports that China is already in such a stance.  To believe that the US isn't vulnerable is just living in a fairy tale.

  • charlesbrooks on

    Comments – latest trend Having been a part of the Online Universal Work Marketing team for 4 months now, I’m thankful for my fellow team members who have patiently shown me the ropes along the way and made me feel welcome
  • somaie on

    Make Money With Affiliate Programs How To Make money with affiliate programs Today. Affiliate marketing is the easier and probably the most effective method to make money from the internet. It is basically, a kind of selling technique where potential buyers from your website are directed to the websites of sellers. For every click, the website owner gets a small commission.

  • coetsee on

    Affiliate Marketing is a performance based sales technique used by companies to expand their reach into the internet at low costs. This commission based program allows affiliate marketers to place ads on their websites or other advertising efforts such as email distribution in exchange for payment of a small commission when a sale results.
  • Jason on

    I like this report! Good ideas for writing a paper in university.

  • Suvaan on

    Cyber terror is not a small problem accoridng to my opinion,now we can't take it lightly.Because the world is going to face many problems from it,so steps should be taken now to control night vision goggles

  • rick on

    I think it doesn't goes as far as the mac data recovery though.

  • jani on

    U.S. dependence on digital technology makes it somewhat more vulnerable to cyber attacks than other nations based on the resume studies.

  • Jani on

    United States of America's dependence on new technology makes it somewhat more vulnerable to cyber attacks compared to other countries based on different and research studies.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.