Cyber capabilities of extremist movements

Featured in Sectra Newsletter, October 2020

Extremist movements have focused their cyber capabilities on protecting their own activities and promoting propaganda. Both political extremists and terrorist organisations make effective use of  the cyberspace to spread their ideology and protect internal communications from government intelligence. Thus, cyber operations play a supporting role in the core business, and there are currently no observations of significant development of offensive capabilities. Although the threat of large-scale cyber-terrorism is not likely at present, its possibility cannot be ruled out.

The motives of extremist movements can be political, religious, or otherwise based on some ideology. Extremist movements often oppose and seek to destabilize social system and parliamentary democracy. Extremist movements can endanger the internal security of the state through illegal activities, such as destruction, rioting and political violence. Sometimes extremist movements can also target individuals or groups, often referred to as hate crime. Extremist movements also often include terrorism itself, which is intended to spread fear and panic and to wreak havoc rather than to bring about social change. In contrast, activist movements such as the Anonymous Group are not classified as an extremist movement because their motivations range from resisting terrorists to disrupting government action.

Cyberspace offers excellent opportunities for extremist communication and membership procurement. Through public communication, extremist movements strengthen their own motives and, above all, reach potential members from the general public. Extremist movements’ public communication strategy includes creating one’s own communication machinery, creating fear and uncertainty with false information, denying any kind of criticism, and reinforcing their message through social media. In addition, freedom of speech is easily appealed to when public communication approximates hate speech or otherwise reprehensible communication. Communication campaigns have often been carried out quite skillfully, taking advantage of current phenomena and the reactions they evoke from the general public. Extremist movements’ public websites and the use of disinformation are constantly in a gray area and often cross the line between freedom of speech and hate speech. In addition, their various methods of communication also include manifestos, in which a violent attacks have been announced in advance, for example on social media, just as the attacks are about to take place.

If state supported hacker groups are excluded from the analysis, then the cyber capabilities and resources of extremists are moderate at best. Terrorist organisations have the greatest resources. For example, United Cyber ​​Caliphate, part of the ISIS organisation, or the Fallaga Team from Tunisia are more tightly organised IT organisations supporting terrorist activities, with members ranging from a handful to a few dozen. The activities of such organisations focus mainly on the protection of actual terrorist activities, the publication of propaganda material and the most eye-catching but simple cyber-attacks, such as hacking public administration websites and replacing content with propaganda.

Protecting one’s own activities, the so-called OPSEC, is one of the core tasks of extremist cyber operations. Communication between members takes place in closed networks that are often also encrypted. The Telegram communications application has become famous as an encrypted communications platform for several terrorist groups and extremists. In addition, the Darknet has numerous closed forums for extremists, where it is possible to exchange opinions belonging to one’s own ideology more freely and to prepare for illegal activities.

Key takeaways

  • Extremist movements use cyberspace primarily to spread their ideology and gain followers. Communication strategies are carefully planned and often skillfully implemented.
  • Actual terrorist organisations have the greatest resources out of all extremist movements and a higher level of cyber expertise. There are no signs of the active development of offensive cyber capabilities.
  • Operational security, or OPSEC, is at the heart of extremist cyber operations. Highly innovative methods can be used to implement OPSEC.
  • The most prominent activity of extremist movements is causing physical harm as well as violence. Cyber action plays a supporting role in these. The likelihood of actual cyberterrorism is low, but it cannot be ruled out.

Featured in Sectra Newsletter, October 2020

Related products and services