Small Wars Journal

The Role Al Qaeda Plays in Cyberterrorism

Sun, 08/12/2018 - 12:24am

The Role Al Qaeda Plays in Cyberterrorism


Lyda Tesauro


According to the United States Department of State, Al Qaeda is a Foreign Terrorist Organization under section 219 of the Immigration and Nationality Act; this group emerged in the 1980s out of the anti-Soviet jihad in Afghanistan and officially made the terrorist list in October 1999 because of their heinous activities, brutality, militant ways, and radical Islamic ideology (U.S. Department of State, 2018 and Byman, 2016). Other Al Qaeda affiliations such as Al Qaeda in the Islamic Maghreb (AQIM), Al Qaeda in the Arabian Peninsula (AQAP), and Al Qaeda in the Indian Subcontinent are also considered Foreign Terrorist Organizations in the Unites States (U.S. Department of State, 2018). Although Al Qaeda is better known for their savagery and physical terror attacks than their cyber presence, this terrorist organization does practice cyberterrorism—even though that is not their strong suit—and does utilize the internet as well as social media to spread their global jihad message. Since Al Qaeda has a distinct hatred for the Western world, including the United States, the American people should be concerned about Al Qaeda’s interest in utilizing cyberterrorism—regardless of whether or not they actually have the capability to follow through with their threats at this time (Knake, 2010). Some targets that Al Qaeda has hinted at attacking in the future are the United States economy (e.g. financial institutions, Wall Street, stock market, etc.) and American public utilities (e.g. water, electric, sewage, gas, natural gas, telephone, and transportation), so the potential threat that they pose to the U.S. should be taken seriously (Knake, 2010). With the huge impact Al Qaeda has on social media and the internet, it is only a matter of time before more technologically savy, radical Muslim Al Qaeda identifiers start utilizing the full spectrum of cyberterrorism to validate their existence and further their agenda. Throughout this paper, I will help readers better understand the role Al Qaeda plays in cyberterrorism; I will do this by discussing how the terrorist organization utilizes the internet to indoctrinate as well as recruit likeminded extremist individuals, by delving into how Al Qaeda uses the internet to conduct cyberterrorism, by shedding some insight into how this particular terrorist organization’s activities effect the larger topic of cybersecurity, and by touching on what the future of Al Qaeda could be in the cyber realm.


How Al Qaeda Uses the Internet to Further Their Agenda/Ideology


With the rise of the internet and social media platforms, Al Qaeda has been able to expand their global initiative and recruit more radical jihad extremists. Al Qaeda utilizes internet-based websites to publish jihadist literature (e.g. The Encyclopedia of Jihad and The Encyclopedia of Hacking the Zionist and Crusader Websites) and accept donations online to fund their campaigns (Holt, T. J., Bossler, A. M., & Seigfried-Spellar, K.C., 2015). The terrorist group also utilizes social media and other media platforms (e.g. cell phone video cameras, web cams, YouTube, video games, music, magazines, etc.) to give radical preachers as well as militants a place to spew their propaganda, publish their jihadist literature, incite violence, tell people who to assassinate, engage in psychological warfare by threatening specific communities/societies, deliver virtual military training/logistics to carry out violent jihad like a loyal terrorist (e.g. those tactics include education on urban and gang warfare, how to conceal as well as make explosives/weapons, how to execute ambushes, arrests, and explosions), coordinate terrorist attacks, glorify martyrdom, provide advice on computer security as well as instruct faithful members on how to hack into computer networks, record their brutality, and/or recruit new members (Holt, T. J., Bossler, A. M., & Seigfried-Spellar, K.C., 2015 and Rudner, 2017). While it may seem like Al Qaeda’s activities on the internet are exaggerated, there are plenty of examples to validate the claims.


One specific example of how Al Qaeda uses the internet to further their agenda is through an English-written online magazine called Inspire—which is run by Al Qaeda in the Arabian Peninsula (AQAP); the online magazine is decently followed, provides information on Al Qaeda’s viewpoints as well as the jihadist movement, and commentates on the group’s kill list (Holt, T. J., Bossler, A. M., & Seigfried-Spellar, K.C., 2015). Because Al Qaeda’s Inspire does a great job at publishing content that resonates with likeminded individuals, they are victorious in “spreading the call for jihad” online (Rudner, 2017). Another example of Al Qaeda’s success in the cyber realm is how effectively the terrorist organization reaches its target audience through film and on-the-ground reporting (Holt, T. J., Bossler, A. M., & Seigfried-Spellar, K.C., 2015). By recording their experiences at Arab Spring protests, videoing beheading executions (such as Jewish journalist Daniel Pearl’s death), and releasing several video games (targeted to the youths) that place the player in the role of a jihadist fighting against Jews, Westerners, and the U.S. military, Al Qaeda makes themselves more relatable, gives themselves some relevance, shows people that they are a force to be reckoned with, and attempts to normalize or justify their behavior—which is beneficial to the terrorist group’s survival (Holt, T. J., Bossler, A. M., & Seigfried-Spellar, K.C., 2015). With their success at luring people online (especially the “homegrown” terrorists in Western societies) to accept as well as follow their radical jihadist views, Al Qaeda has become one of the poster children for not using the internet as simply an attack vehicle to fulfill their agendas (Holt, T. J., Bossler, A. M., & Seigfried-Spellar, K.C., 2015 and Rudner, 2017). In fact, Al Qaeda does not necessarily need to be the best at cyberattacks when their unregulated presence on the internet alone plays such a significant role in fostering violent Islamic extremism—more so than prisons, universities, and places of worship (Rudner, 2017). Instead of primarily using the internet to implement cyberterrorist attacks, this terrorist group tends to use cyberspace more for communicating/spreading their jihadist agenda globally, cultivating support for their initiatives through social media or web forums, offering theological justification for actions of terror on online platforms, providing technical instructions and operational guidelines on the internet for their terrorist attacks, inciting violence through their media forums, engaging in online fundraising activities to support their cause, and web defacing their so-called enemies’ websites (Holt, T. J., Bossler, A. M., & Seigfried-Spellar, K.C., 2015 and Rudner, 2017). Because of the terrorist organization’s limited cyber capabilities and the many ways Al Qaeda uses the cyber realm to further their ideology, criminologists such as Marjie Britz have had to create a more expansive definition for cyberterror to encompass the many ways organizations like Al Qaeda utilize technology to further their missions (Holt, T. J., Bossler, A. M., & Seigfried-Spellar, K.C., 2015). According to her, cyberterror is “the premeditated, methodological, ideologically motivated dissemination of information, facilitation of communication, or attack against physical targets, digital information, computer systems, and/or computer programs which is intended to cause social, financial, physical, or psychological harm to noncombatant targets and audiences for the purpose of affecting ideological, political, or social change; or any utilization of digital communication or information which facilitates such actions directly or indirectly” (Holt, T. J., Bossler, A. M., & Seigfried-Spellar, K.C., 2015). With this definition, scrappy cyberattacks and social media incitements can still be acts of cyberterror, which makes Al Qaeda fall under not only the terrorist organization category, but also the cyberterrorist category.


The E-Jihadists and Electronic Attacks by Al Qaeda


Considering the fact that cyber warriors generally hail from the class of the disaffected, educated, and relatively-well-off radicals (which is typically the demographic of Al Qaeda members), Al Qaeda should have advanced cyber warfare and cyberterrorism capabilities to hurt the West; however, Al Qaeda really does not have the tools or skill set worthy of their savage reputation (Liu, 2015). According to Holt, Bossler, Seigfried-Spellar, and Liu, the most prominent—yet still mediocre—e-jihadists or hacker groups that represent Al Qaeda are: the Al-Qaeda Alliance Online (an offshoot of the hacker group GForce Pakistan), Youni Tsoulis (an e-jihadist), and the Al Qaeda Electronic (a hacking group affiliated with Al Qaeda) (Holt, T. J., Bossler, A. M., & Seigfried-Spellar, K.C., 2015 and Liu, 2015). Reports indicate that Al-Qaeda Alliance Online is the hacking group that defaced a web server operated by the National Oceanic and Atmospheric Administration (NOAA) on October 17, 2001; Youni Tsoulis is the e-jihadist who developed multiple web forums, created hidden links to propaganda web forums/sites that supported Al Qaeda, promoted hacking, and made tutorials on hacker sites “with substantial detail on methods of attack and tactics to compromise websites;” and lastly, the Al Qaeda Electronic (AQE) is a hacking group that has limited, rudimentary capabilities and focuses on web defacement (mostly), DoS/DDoS attacks, and data breaches (Holt, T. J., Bossler, A. M., & Seigfried-Spellar, K.C., 2015 and Liu, 2015). Unfortunately, most of the cyberattacks orchestrated by these groups or individuals have not been successful. Some examples of their failures are: the attempted and unsuccessful DoS attack against the Vatican website after Pope Benedict’s controversial comments about the Prophet Mohammad and Islam, the planned cyberattacks against U.S. financial institutions, the stock exchange, and SCADA systems that ultimately failed, and the unsuccessful November 11, 2017 campaign that attempted to conduct DDoS attacks against several Western websites (Holt, T. J., Bossler, A. M., & Seigfried-Spellar, K.C., 2015, and Liu, 2015). It is also important to note that Al Qaeda is notorious for acquiring assistance when conducting their “cyberattacks” and at times exaggerates the success of their operations/attacks; this can be found in AQE’s alleged Operation Black Summer (Liu, 2015).


According to the Al Qaeda Electronic group, AQE partnered with the Tunisian Cyber Army (TCA) and “penetrated a number of prominent websites, several of which belonged to U.S. government agencies and multinational corporations, between February and May” (Liu, 2015). After further inspection from the National Cybersecurity and Communications Integration Center, the NCCIC believes that Al Qaeda’s involvement was non-existent—contrary to AQE’s statements (Liu, 2015). Because Al Qaeda is a terrorist organization, encourages its members to “spread rumors,” and is not exactly trustworthy, it is safe to say that the “operation” was meant to be propaganda—regardless of whether or not anything actually happened (Rudner, 2017). The sad part though is that the terrorist organization’s members and maybe even some civilians think that Al Qaeda was behind this “operation.” Because some individuals still hold this belief, the strength of Al Qaeda was validated—which means that the act or non-act was still a success for the radical jihadist group.


In order for Al Qaeda to keep its credibility as a cyber threat and keep their followers invested, the terrorist organization needs to stick to their signature and mostly successful website defacement campaigns against relatively low-value targets until they sharpen their technical skills (Liu, 2015). Al Qaeda will also need to make a multi-year investment in developing offensive cyber capabilities, they will need to find a secure facility, and they will need an advanced test bed if they want to make a statement in cyberspace (Knake, 2010). Once they are more proficient in the cyber realm, do not have to rely heavily on automated vulnerability scanners to find points of penetration, and can properly invest in their cyber terror program, then Al Qaeda will be able to orchestrate more effective cyberterrorist attacks (Liu, 2015).


Insight into How These Activities Effect the Larger Topic of Cybersecurity


Because many terrorist organizations do not have the capabilities to orchestrate a serious cyberterrorist attack, they are actively trying to gain the technical skills to conduct such a catastrophic attack; Al Qaeda seems to be one of those terrorist organizations. According to Defense Department CIO Terry Halvorsen, cyberterror is a perfect avenue for terrorist groups like Al Qaeda because exploiting an opponent’s cyber weakness(es) tends to be fairly quick and cost-effective while the financial damage and time invested in recovering from a cyber attack like that is vast (Pomerleau, 2015). With hackers and terrorists alike already sharing/providing information on vulnerabilities present in organizations’ as well as governments’ software and hardware of systems across the world, it would be in Al Qaeda’s and other terrorist organization’s best interest to try and exploit those flaws in the system (Holt, T. J., Bossler, A. M., & Seigfried-Spellar, K.C., 2015). In order to effectively do that though, Al Qaeda would need to penetrate, map, and damage the networks that control the industrial base; that would require a large team of experienced hackers, a lot of time/resources, and advanced infrastructure—which Al Qaeda does not have right now (Knake, 2010).


Unfortunately for the United States though, Al Qaeda and other terrorist organizations are becoming enthralled with the idea of cyberterrorism as well as cyberwarfare and are making plans to launch formidable attacks once they are able (Clarke, Arquilla, Lewis, Hamre, Skroch, & Dick, 2003). In order to properly mitigate their risks so that they can avoid these types of attacks, the United States “needs to make real investments to bolster the security of its critical infrastructure;” this includes government systems, military systems, and private sector systems (e.g. water, electric, sewage, gas, natural gas, telephone, and transportation) (Knake, 2010). The United States also needs to disconnect the internet from any infrastructure that can be turned into a weapon regardless of the number of safeguards in place to protect it (Knake, 2010). Lastly, the United States needs to continue to raise its defense to ensure that no amount of cyberterrorist capabilities will be enough to harm its critical infrastructures (Knake, 2010).


What the Future of Al Qaeda Could be in the Cyber Realm


As previously mentioned, the future of Al Qaeda in the cyber realm is promising; however, Al Qaeda needs to make some changes if they want to achieve the results they are looking to attain. According to Richard Clarke, a former Presidential Advisor for Cyberspace Security, members of Al Qaeda outside the United States are doing reconnaissance on America’s critical infrastructures and a number of Al Qaeda’s new members have technical backgrounds as well as advanced hacking skills (Clarke, Arquilla, Lewis, Hamre, Skroch, & Dick, 2003). In fact, a University of Oxford study of Islamic radicals parallels Richard Clarke’s statement; the study claims that militant jihadist groups—like Al Qaeda—have been recruiting more intelligent, college graduated computer science and information technology majors (Rudner, 2017). The study also mentions that computer engineers are “highly over-represented” in many terrorist organizations—including in Al Qaeda (Rudner, 2017). Because Al Qaeda’s members are becoming more interested in cyberterrorism/cyberwarfare, they are becoming more educated on cyber issues, and they are enhancing their technical skills, I believe that this seemingly new direction for Al Qaeda needs to be monitored by the U.S. so that America is not blindsided by an attack of this nature (Clarke, Arquilla, Lewis, Hamre, Skroch, & Dick, 2003). With President Trump’s recent decision to recognize Jerusalem as the capital of Israel, Al Qaeda’s increased technical skills, Al Qaeda’s projected culmination of their jihadist plan for global supremacy in 2020, and Al Qaeda leader Zawahiri’s threats on December 8, 2017 in response to the President’s announcement, I think it is quite possible to see a larger scaled cyberterrorist attack directed at the United States in the near future (Counter Extremism Project, 2017 and Rudner, 2017). Hopefully, the United States systems are secure enough to handle the attack and would receive minimal or no damage from it.




As outlined in this report, I chose a specific terrorist organization, Al Qaeda, and analyzed the role that they played in cyberterrorism. Throughout the paper, I discussed how the terrorist organization utilized the internet to indoctrinate as well as recruit likeminded extremist individuals, delved into how Al Qaeda used the internet to conduct cyberterrorism, included some insight into how this particular terrorist organization’s activities effect the larger topic of cybersecurity, and touched on what the future of Al Qaeda could be in the cyber realm. Hopefully, after reading this paper, people will not dismiss Al Qaeda’s cyberterrorist capabilities or underestimate them while they are probably in the process of refining their credibility in cyberspace.




Byman, D. L. (2016, July 28). Comparing Al Qaeda and ISIS: Different goals, different targets.

Retrieved July 16, 2018, from


Clarke, R., Arquilla, J., Lewis, J., Hamre, J., Skroch, M., & Dick, R. (2003, April 24). What are

Al Qaeda's Capabilities? Retrieved July 16, 2018, from


Counter Extremism Project. (2017, December 22). Al Qaeda. Retrieved July 16, 2018, from


Holt, T. J., Bossler, A. M., & Seigfried-Spellar, K.C. (2015). Cybercrime and digital forensics:

An introduction. New York, NY: Routledge, Taylor & Francis Group.


Knake, R. K. (2010, February 12). Cyberterrorism Hype v. Fact. Retrieved July 16, 2018, from


Liu, E. (2015, December). Al Qaeda Electronic: A Sleeping Dog? Retrieved July 16, 2018, from


Pomerleau, M. (2015, December 10). Terrorist groups looking to refine chops in cyberspace.

Retrieved July 21, 2018, from


Rudner, M. (2017, June). “Electronic Jihad”: The Internet as Al Qaedas Catalyst ... Retrieved

July 16, 2018, from,5499.1


U.S. Department of State. (2018). Foreign Terrorist Organizations. Retrieved July 16, 2018, from


Categories: terrorism - Al Qaeda

About the Author(s)

Lyda Tesauro is currently working in the legal field (criminal law) while pursuing her M.S. degree in Information Security and Assurance at Norwich University. She graduated from the University of Dallas in May of 2017 with a B.A. in Business and a concentration in Legal Studies. While attending undergrad, Lyda was a collegiate athlete, studied abroad for a semester in Italy, and was involved in various clubs on campus. She now enjoys researching information security issues and hopes to educate others on the importance of this field.