After the 911 attacks, terrorism has evolved to become more networked, diverse and complex. Cyberspace, which pervades many aspects of our everyday life, both real and imaginary, is in the center of this evolution, increasingly used as a means of terrorism. This new form of terrorism, cyberterrorism, threatens our lives in a variety of ways, attested by multiple cases of cyberterrorist attacks such as DDoS attacks and the Stuxnet worm. Other forms of cyberterrorism are utilization of the Internet to facilitate terrorist activity, which is defined by the UNODC as “use of the Internet for terrorist purposes”. Cyberterrorism is now globally recognized as a fundamental threat to national security. To face this emerging threat of cyberterrorism, this research seeks a more strategic approach to cyberterrorism and considers more systematic and inclusive policies and responses.
This is a joint research lead by Yoon, Hae-sung, with eminent professionals in terrorism, Joshua Freilich, Steven Chermak, Robert G. Morris and Yun, Minwoo as joint researchers.
Yoon, Hae-sung, as the principle researcher, organized the joint research effort, analyzes and discusses conceptualization of cyberterrorism, legal systems of different countries regarding cyberterrorism, South Korea’s penalty code regarding cyberterrorism and the current status of cyberterrorism in South Korea, and sums up joint materials provided by joint researchers to discuss overall proposals on countermeasures against cyberterrorism.
Joint researcher Professor Yun, Minwoo empirically analyzes interviews of professionals on activities of law enforcement and intelligence agencies on use of the Internet for terrorist purposes in the United States and European countries. Also, he tries to suggest solutions on problems regarding cyberterrorist acts by traditional terrorists. Joint researcher Professor Joshua Freilich categorizes cyberterrorist cases after the 911 attacks into a typology, explicates the characteristics of each type of cyberterrorism and discusses their implications, and along with joint researcher Professor Steven Chermak, a research is conducted on enforcement of the law on the use of the Internet for terrorist purposes in the United States. Joint researcher Professor Robert G. Morris’s research proposes counter-cyberterrorist policies based on legal responses and cyberterrorism trends in the United States.
The main aim of this research is to categorize cyberterrorist cases and profile their characteristics by analyzing open information and interviews. To achieve this goal, international joint research with eminent foreign terrorism agencies and professionals is conducted. First, literature review is conducted to analyze existent domestic and overseas legal systems and suggestions for improvement are proposed. Second, a joint research to synthesize theoretical model of counter-cyberterrorist policies is conducted along with foreign specialists. Third, feedback between internal and external joint researchers is exchanged to discuss and propose effective counter-cyberterrorist policies.
With this methodological framework in place, this research mainly focuses on facts and realities by analyzing existent discussions on counter-cyberterrorism and existent cyberterrorism response systems. Along with research materials from foreign joint researchers, consultations with domestic professionals and practitioners are also analyzed as qualitative data. There is also theoretical review on conceptualization and typology of cyberterrorism. A workshop was conducted to collect information on the current status of cyberterrorism, cyberterrorism response systems, countermeasures and their typology, and legal systems. Empirical analysis was also conducted on cyberviolation, by types and categories, mostly by the foreign joint researchers.
With regards to conceptualization of cyberterrorism, it is indicated that the definition of cyberterrorism cannot be fully justified due to the reason that the nature of the cyberterrorist crime being too comprehensive. New methods and technology are constantly emerging through the characteristic of cyberspace. It is recommended to implement a legal measure that accommodates variant forms of cyberterrorism, which is broad and mutating in its nature.
With regards to international cooperation, the necessity of multilateral cooperation is emphasized in consideration to extradition and judicial assistance. To facilitate this process, minimization of administrative procedures and cooperation, both official and unofficial, is recommended. Among various organizations and agencies taking important role in facilitating cooperation at international and national levels, organizations such as CERT and FIRST can serve instrumentally in formal, informal, bilateral and multilateral cooperation. In the field of cybercrime and cyberterrorism, informal activities between the public and private sectors lead to formal cooperation. Therefore, it is recommended to establish organizations or agencies such as a coordination center for cooperation and coordination at every level.
With regards to legislation on cyberterrorism, the UN Security Council Resolution 1368 and 1373 after the 911 attacks urged the Member States to enact counterterrorism laws. To meet the demands of the UN, most of the states modified their policies, including South Korea. Most importantly, amending and consolidating the existing legislation pertaining to cyberterrorism is an international priority. It is recommended to accept counterterrorist legislations, discuss new provisions on cyberterrorism, integrate cyberterrorist response and crisis management systems and diversify operating system software. Also, implementation of a reporting procedure for the private sector is recommended for public-private cooperation and coordination in cyberterrorism prevention and response efforts.
With regards to the use of the Internet for terrorist purposes, results indicate terrorist organizations were using the Internet for various purposes. Accessibility to uncensored information on the Internet has made it more cost-effective and enabled aggregation of dormant members through websites, chat rooms and online discussion sites. In addition, the Internet served as a valuable tool for collecting information on tactics, information about the target victim, and ways to avoid getting arrested. In response, law enforcement agencies bolstered their surveillance capabilities and inter-agency coordination and cooperation. Also, results indicate oppressive management and strategy had the paradoxical effect of augmenting efficacy of terrorist organizations. It is recommended for law enforcement agencies to develop an understanding of the relationship between technology and terrorism, develop investigation techniques, collect information on terrorist organizations, identify potential terrorists, and use technical tools to disrupt terrorist plans.
The academia should also participate in this endeavor with further research. Research thus far has not been able to provide any practical results on what responses work against terrorism, and the fact is that there is no empirical evaluations of counterterrorist strategies on the Internet used thus far. This study indicates only a state-lead response can understand the terrorist use of the Internet and execute countermeasures. Therefore, there should be further research on the terrorist use of the Internet and its future trends, along with further research on related subjects.
As terrorist organizations evolve continuously through constant acquisitions of new technological methods, cyberterrorism is unavoidable and inevitable. The best response to this type of threat is security provisions that continue to change and improve to minimize the cyberterrorist threat. Due to lack of research on this topic, researchers should start from cyberterrorist attitudes, acts, methods and targets and apply innovative research methods to produce new knowledge on cyberterrorism. At the same time, a major finding in this research is that in order to prevent cyberterrorist attacks and bolster cyberspace security, there needs to be innovative and meaningful interaction between the government, the private sector, and the citizens. Therefore, this is where the discussion should start on finding the most optimal approach to respond to cyberterrorism and minimize its impact.
In conclusion, the most pressing matter for South Korea is establishment of safety measures for cyberterrorism and further research on the topic. Furthermore, individuals and private companies should prepare security measures and reporting protocols. Also, with regards to investigations in cyberspace, a cooperative system should be created to promote information exchange between law enforcement agencies and cyberviolation response institutions. Considering the current trend of terrorist using the Internet as a means, it is imperative to establish a cooperation system between law enforcement agencies and internet service providers, and also between public and private sectors, government agencies, and furthermore, an international cooperation system between nations. These cooperation systems should be given priority to prepare a prudent and effective response system against the threat of cyberterrorism.

Table of Contents Executive Summary 13 Chapter 1. Introduction 21 I. Research Purpose 21 II. Research Scope and Content 22 III. Research Method 29 Chapter 2. General Issues of Cyberterrorism 33 I. Definition of Cyberterrorism 33 1. Introduction 33 2. What is Cyberterrorism? 34 3. Definition of Terrorism, Cybercrime and Cyberterrorism 36 4. Typology and Threats of Cyberterrorism 41 5. Case Studies of Cyberterrorist Attacks 50 6. Typology of Cyberterrorism 54 7. Conceptual Overview from an Overall Perspective 58 II. International Cooperation System in Cyberterrorism Response 65 1. International Characteristics of Cyberterrorism 65 2. Rules, Conventions and Laws regarding InternationalCooperation 68 3. International Conventions 75 4. Conclusion 77 III. Analysis of Cyberterrorism Response System of Major Countries 80 1. Cyberterrorism Response System of the United Statesof America 80 2. Cyberterrorism Response System of the United Kingdoms 112 3. Cyberterrorism Response System of the Federal Republic of Germany 114 4. Cyberterrorism Response System of the French Republic 116 5. Cyberterrorism Response System of Japan 118 6. Cyberterrorism Response System of India 122 7. Implications 128 8. Conclusion 132 Chapter 3. Terrorist Use of the Internet and Counterterrorism Measures 137 I. Introduction 137 II. Theoretical Discussions 139 1. Terrorist Use of the Internet and Cyberterrorism 139 2. Physics and Strategic Advantage of Cyberspace 141 3. Threats from Cyberspace and Existential Crisis ofNation-State 145 III. Terrorist Threats though Cyberspace: Terrorist Use of theInternet 147 1. Terrorist Use of the Internet 147 2. Types of Terrorist Use of the Internet 149 3. Terrorist Use of the Internet 156 IV. Transformation of Mode of Warfare: Marriage betweenTerrorism and Cyberspace 158 1. Overview 158 2. Marriage between Terrorism and Cyberspace 160 3. Qualitive Changes on Mode of Warfare 161 4. The Fifth Generational Warfare 163 V. Counterterrorism Measures: C&C(Communication & Cooperation)and Infiltration 168 1. Overview 168 2. Counterterrorism Measures against Terrorist Use of theInternet 169 VI. OSINT(Open Source Intelligence) as a Counterterrorism Measure 172 1. Overview 172 2. The Concept of OSINT 173 3. OSINT practices 174 4. Things to Consider for the Use of OSINT 176 VII. Conclusion 179 Chapter 4. Terrorist Use of the Internet: an Analysis of Strategies, Objectives and Law Responses 183 I. Introduction 183 II. The Strategies Used to Harness the Power of the Internet 187 III. Understanding the Rationale for Using the Internet 196 1. Propaganda 196 2. Recruitment and Radicalization 200 3. Strategic Tactics 204 IV. Law Enforcement Response to Terrorism on the Internet 209 V. Conclusion 216 Chapter 5. Current Status and Legal System of Cyberterrorismin the Republic of Korea 223 I. An Overview of the Republic of Korea's Penal Measure andCases pertaining to Cyberterrorism 223 1. Overview 223 2. Case Study of Cyberterrorism in Korea 224 3. Analysis on Cyberterrorism Penal Measures in Criminal Law 228 4. Analysis on Cyberterrorism Penal Measures in Special Law 232 II. Response System and Conditions on Cyberterrorism in theRepublic of Korea 244 1. Cyberterrorism Cases 244 2. Overview of Response System on Cyberterrorism 249 3. Problems Confronted by Response System on Cyberterrorism 253 III. Countermeasures for Cyberterrorism 257 1. Intelligence 257 2. Expert System and Founding National Digital EvidenceResearch Institute 258 3. Improvement on Cyberterrorism Legislation 258 4. Examination on Cybercrime Investigation Cooperation System 262 Chapter 6. Conclusion 269 Reference 283 Abstract 301