Activism, Hacktivism, and Cyberterrorism:
The Internet as a Tool for Influencing Foreign Policy

Dorothy E. Denning
Georgetown University

Internet and International Systems:
Information Technology and American Foreign Policy Decision-making Workshop

Nautilus Institute, San Francisco, December 10, 1999

The conflict over Kosovo has been characterized as the first war on the Internet. Government and non-government actors alike used the Net to disseminate information, spread propaganda, demonize opponents, and solicit support for their positions. Hackers used it to voice their objections to both Yugoslav and NATO aggression by disrupting service on government computers and taking over their Web sites. Individuals used it to tell their stories of fear and horror inside the conflict zone, while activists exploited it to amplify their voices and reach a wide, international audience. And people everywhere used it to discuss the issues and share text, images, and video clips that were not available through other media. In April, the Los Angeles Times wrote that the Kosovo conflict was "turning cyberspace into an ethereal war zone where the battle for the hearts and minds is being waged through the use of electronic images, online discussion group postings, and hacking attacks."1 Anthony Pratkanis, professor of psychology at the University of California, Santa Cruz, and author of Age of Propaganda: The Everyday Use and Abuse of Persuasion, observed, "What you're seeing now is just the first round of what will become an important, highly sophisticated tool in the age-old tradition of wartime propaganda.... The war strategists should be worried about it, if they aren't yet."

Just how much impact did the Internet have on foreign policy decisions relating the war? It clearly had a part in the political discoursetaking place, and it was exploited by activists seeking to alter foreign policy decisions. It also impacted military decisions. While NATO targeted Serb media outlets carrying Milosovic's propaganda, it intentionally did not bomb Internet service providers or shut down the satellite links bringing the Internet to Yugoslavia. Policy instead was to keep the Internet open. James P. Rubin, spokesman for the U.S. State Department, said "Full and open access to the Internet can only help the Serbian people know the ugly truth about the atrocities and crimes against humanity being perpetrated in Kosovo by the Milosevic regime."2 Indirectly, the Internet may have also affected public support for the war, which in turn might have affected policy decisions made during the course of the conflict.

The purpose of this paper is to explore how the Internet is altering the landscape of political discourse and advocacy, with particular emphasis on how it is used by those wishing to influence foreign policy. Emphasis is on actions taken by nonstate actors, including both individuals and organizations, but state actions are discussed where they reflect foreign policy decisions triggered by the Internet. The primary sources used in the analysis are news reports of incidents and events. These are augmented with interviews and survey data where available. A more scientific study would be useful.

The paper is organized around three broad classes of activity: activism, hacktivism, and cyberterrorism. The first category, activism, refers to normal, non-disruptive use of the Internet in support of an agenda or cause. Operations in this area includes browsing the Web for information, constructing Web sites and posting materials on them, transmitting electronic publications and letters through e-mail, and using the Net to discuss issues, form coalitions, and plan and coordinate activities. The second category, hacktivism, refers to the marriage of hacking and activism. It covers operations that use hacking techniques against a target=s Internet site with the intent of disrupting normal operations but not causing serious damage. Examples are Web sit-ins and virtual blockades, automated e-mail bombs, Web hacks, computer break-ins, and computer viruses and worms. The final category, cyberterrorism, refers to the convergence of cyberspace and terrorism. It covers politically motivated hacking operations intended to cause grave harm such as loss of life or severe economic damage. An example would be penetrating an air traffic control system and causing two planes to collide. There is a general progression toward greater damage and disruption from the first to the third category, although that does not imply an increase of political effectiveness. An electronic petition with a million signatures may influence policy more than an attack that disrupts emergency 911 services.

Although the three categories of activity are treated separately, the boundaries between them are somewhat fuzzy. For example, an e-mail bomb may be considered hacktivism by some and cyberterrorism by others. Also, any given actor may conduct operations across the spectrum. For example, a terrorist might launch viruses as part of a larger campaign of cyberterrorism, all the while using the Internet to collect information about targets, coordinate action with fellow conspirators, and publish propaganda on Web sites. Thus, while the paper distinguishes activists, hacktivists, and terrorists, an individual can play all three roles.

The following sections discuss and give examples of activity in each of these three areas. The examples are drawn from the Kosovo conflict, cryptography policy, human rights in China, support for the Mexican Zapatistas, and other areas of conflict. The examples are by no means exhaustive of all activity in any of these areas, but intended only to be illustrative. Nevertheless, they represent a wide range of players, targets, and geographical regions.

The main conclusion of the paper is that the Internet can be an effective tool for activism, especially when it is combined with other communications media, including broadcast and print media and face-to-face meetings with policy makers. It can benefit individuals and small groups with few resources as well as organizations and coalitions that are large or well-funded. It facilitates activities such as educating the public and media, raising money, forming coalitions across geographical boundaries, distributing petitions and action alerts, and planning and coordinating events on a regional or international level. It allows activists in politically repressive states to evade government censors and monitors.

With respect to hacktivism and cyberterrorism, those who engage in such activity are less likely to accomplish their foreign policy objectives than those who do not employ disruptive and destructive techniques. They may feel a sense of empowerment, because they can control government computers and get media attention, but that does not mean they will succeed in changing policy. The main effect is likely to be a strengthening of cyberdefense policies, both nationally and internationally, rather than accommodation to the demands of the actors.


The Internet offers a powerful tool for communicating and coordinating action. It is inexpensive to use and increasingly pervasive, with an estimated 201 million on-line as of September 1999.3 Groups of any size, from two to millions, can reach each other and use the Net to promote an agenda. Their members and followers can come from any geographical region on the Net, and they can attempt to influence foreign policy anywhere in the world. This section describes five modes of using the Internet: collection, publication, dialogue, coordination of action, and direct lobbying of decision makers. While treated separately, the modes are frequently used together and many of the examples described here illustrate multiple modes.


One way of viewing the Internet is as a vast digital library. The World Wide Web alone offers about a billion pages of information, and much of the information is free. Activists may be able to locate legislative documents, official policy statements, analyses and discussions about issues, and other items related to their mission. They may be able to find names and contact information for key decision makers inside the government or governments they ultimately hope to influence. They may be able to identify other groups and individuals with similar interests, and gather contact information for potential supporters and collaborators. There are numerous tools that help with collection, including search engines, e-mail distribution lists, and chat and discussion groups. Many Web sites offer their own search tools for extracting information from databases on their sites.

One advantage of the Internet over other media is that it tends to break down barriers erected by government censors. For example, after Jordanian officials removed an article from 40 print copies of the Economist on sale in Jordan, a subscriber found a copy on-line, made photocopies, and faxed it to 1,000 Jordanians. According to Daoud Kuttab, head of the Arabic Media Internal Network (AMIA), the government would have been better off leaving the print version intact. "We found this very exciting," he said. "For the first time the traditional censorship that exists within national borders was bypassed." Kuttab said AMIA opened Jordanian journalists to the non-Arab world and use of the Web as a research tool. "In the Jordanian media, we have been able to detect a much more open outlook to the world as well as to Arab issues," he said.4

The Internet itself is not free of government censorship. According to Reporters Sans Frontiers, 45 countries restrict their citizens' access to the Internet, typically by forcing them to subscribe to a state-run Internet service provider, which may filter out objectionable sites.5 Authoritarian regimes recognize the benefits of the Internet to economic growth, but at the same time feel threatened by the unprecedented degree of freedom of speech.

Chinese authorities block access to Web sites that are considered subversive to government objectives. This has been only partially effective, however, and Chinese activists have found ways of slipping information past the controls. For example, the editors of VIP Reference, a Washington-based electronic magazine with articles and essays about democratic and economic evolution inside China, e-mails their electronic newsletter directly to addresses inside mainland China. The e-mail is sent from a different address every day to get past e-mail blocks. It is also delivered to random addresses, compiled from commercial and public lists, so that recipients can deny having deliberately subscribed. As of January, about 250,000 people received the pro-democracy publication, including people inside the government who did not want it. Chinese officials were not, however, complacent. When 30-year-old Shanghai software entrepreneur Lin Hai sold 30,000 e-mail addresses to VIP Reference, he was arrested and later sentenced to two years in prison. In addition, authorities fined him 10,000 yuan (HK$9,300) and confiscated his computer equipment and telephone. Lin was said to be the first person convicted in China for subversive use of the Internet. He claimed he was only trying to drum up business and was not politically active.6

During the Kosovo conflict, people in Yugoslavia had full access to the Internet, including Western news sites. The Washington Post reported that according to U.S. and British officials, the government controlled all four Internet access providers in Yugoslavia and kept them open for the purpose of spreading disinformation and propaganda. The Post also said that Belgrade, with a population of 1.5 million, had about 100,000 Internet connections in mid-April.7 Individuals without their own connections could get access at Internet cafes.

Even though Serbs had access to Western news reports, both through the Internet and through satellite and cable television, many did not believe what they saw and heard from Western media. They considered coverage on Western television stations such as CNN and Sky News to be as biased as that on the Yugoslav state-run station, citing instances when Western reports of Serbian atrocities turned out to be wrong. Alex Todorovic, a Serbian-American who spent time in Belgrade during the conflict observed, "By and large, Serbs mistrust the rest of the world=s media. CNN, for example, is considered the official voice of Washington."8 Some Yugoslav surfers did not even bother looking at Western news sites on the Internet. When asked if she visited Web sites of Western news stations, one 22-year-old student replied, "No, I don=t believe in their information, so why should I upset myself?"9 Thus, it is not clear that the decision on the part of either Milosovic or NATO to keep the Internet open in Yugoslavia undermined Milosovic=s objectives. Further, given that people living in Yugoslavia personally witnessed and felt the effects of the NATO bombing and either disbelieved reports or heard little about Serb atrocities against the ethnic Albanians in Kosovo, it is not surprising that an anti-NATO discourse ran throughout Belgrade. As one pharmacist observed, "I have two children. The people who are bombing my kids are my only enemy right now."10

In addition to information relating to a particular policy issue, the Web offers cyberactivists various information that can help them use the Net effectively. For example, NetAction offers a training guide for the virtual activist. The guide provides information on the use of e-mail for outreach, organizing, and advocacy; Web-based outreach and advocacy tools; membership and fundraising; netiquette and policy issues; and various resources.11


The Internet offers several channels whereby advocacy groups and individuals can publish information (and disinformation) to further policy objectives. They can send it through e-mail and post it to newsgroups. They can create their own electronic publications or contribute articles and essays to those of others. They can put up Web pages with documents, images, audio and video clips, and other types of information. The Web sites can serve as a gathering place and source of information for supporters, potential supporters, and onlookers.

One reason the Internet is popular among activists is its cost advantage over traditional mass media. It is easier and cheaper to post a message to a public forum or put up a Web site than it is to operate a radio or television station or print a newspaper. Practically anyone can afford to be a publisher. In addition, the reach of the Internet is global. A message can potentially reach millions of people at no additional cost to the originator. Further, activists can control their presentation to the world. They decide what is said and how. They do not have to rely on the mass media to take notice and tell their story "right."

During the Kosovo conflict, organizations and individuals throughout the world used their Web sites to publish information related to the conflict and, in some cases, to solicit support. Non-government organizations with Kosovo-related Web pages included the press, human rights groups, humanitarian relief organizations, churches, and women=s groups.

Government Web sites on Kosovo tended to feature propaganda and materials that supported their official policies. An exception was the U.S. Information Agency Web site, which presented a survey of news stories from around the world, some of which were critical of NATO actions.12 Jonathan Spalter, USIA Chief Information Officer, commented that "The measure of our success is the extent to which we are perceived not as propaganda but anti-propaganda."13

The British government's Foreign Office used their Web site, in part, to counter Serb propaganda. Concerned that the Yugoslav public was getting a highly distorted view of the war, Foreign Secretary Robin Cook posted a message on their Web site intended for the Serbs. The message said that Britain has nothing against the Serbs, but was forced to act by the scale of Yugoslav President Slobodan Milosevic's brutality.14 British Defense Secretary George Robertson said the Ministry of Defence (MoD) had translated its Web site into Serbian to counter censorship by Belgrade of the news.15

The Yugoslav media was controlled by the Serbian government and served to promote Milosevic's policies. Yugoslavia had an independent, pro-democracy radio station, B92, but it was raided by the police in the early days of the Kosovo conflict and turned over to a government-appointed station manager.16 B92 had had a run-in with the government earlier in late 1996 when government jammers tried to keep it from airing news broadcasts. At that time, however, B92 prevailed, in part by encoding their news bulletins in RealAudio format and posting them on a Web site in Amsterdam. Radio Free Europe acquired tapes of the news programs and rebroadcasted them back to the Serbs, circumventing the jammers, who then gave up.17 But when the government took over B92's facility in 1999, B92's then-managers ceded to the government and also discontinued posting materials on their Web site, which had offered viewers a reliable source of information about the conflict. This was considered a great loss to Yugoslavia's pro-democracy movement and general public, which had rallied behind Belgrade's top-rated news station.

A few individuals inside Yugoslavia posted to the Internet first-hand accounts of events as they were being witnessed or shortly thereafter. Their stories told of fear and devastation, the latter caused not only by the Serb military, but also by NATO bombs. By all accounts, the situation inside Yugoslavia was horrible for citizens everywhere, whether Serbian or ethnic Albanian. The stories may have inspired activists and influenced public opinion, but it is not clear what if any impact they had on government decision making.

New-media artists used to the Web to voice their opinions on the Balkans conflict. In late March, artist and high-school teacher Reiner Strasser put up a site called Weak Blood, which featured works of visual poetry, kinetic imagery, and interactive art, all making an anti-violence statement. Strasser vowed to add one or two pieces a day "as long as bombs are falling and humans are massacred" in the region.18

Some Serbs with Internet access sent e-mails to American news organizations calling for an end to the NATO bombing. Many of the messages contained heated rhetoric that was anti-NATO and anti-U.S. One letter directed to the Associated Press ended, "To be a Serb now is to be helpless ... to listen to the euphemistic and hypocritic phrases as 'peace-making mission,' moral imperative." Other messages contained human stories about how their lives were affected. Tom Reid, London correspondent to the Washington Post, said he received 30-50 messages a day from professors at universities and activists all over Yugoslavia. The general tenor of the messages was all the same, "'Please remember there are human beings under your bombs,'" he said.19 The Serbs used e-mail distribution lists to reach tens of thousands of users, mostly in the United States, with messages attacking the NATO bombing campaign. One message read AIn the last nine days, NATO barbarians have bombed our schools, hospitals, bridges, killed our people but that was not enough for them now they have started to destroy our culture monuments which represents the core of existence of our nation.@ Most recipients were annoyed by this unwanted "spam," which the Wall Street Journal dubbed AYugospam.@20

Dennis Longley, a professor in the Information Security Research Centre at Australia's Queensland University of Technology, said they received a suspicious e-mail from Serbia. The message had two paragraphs. The first was the usual friendly greetings, while the second was a rant about NATO that read like pure propaganda, characterizing NATO as a "terrorist organization" that "brought nothing but a gigantic humanitarian disaster to Kosovo," while attributing the cause of the problem to "albanian terrorist and separatist actions, not the repression by the government security forces." The second paragraph exhibited a style unlike the first and a standard of English well below that of the sender, leading them to speculate that Serb authorities had modified the e-mail.21 If that is so, one is left wondering how much other anti-NATO talk hitting the Net was the work of the government.

Of course, not all of the messages coming out of the Balkans were anti-NATO. Shortly after the Kosovo conflict began, I found myself on a list called "kcc-news," operated by the Kosova [sic] Crisis Center from the Internet domain "" The messages included Human Rights Flashes from Human Rights Watch, Action Alerts from the Kosova Task Force,22 and other appeals for support in the war against the Serbs. One message contained a flier calling for "sustained air strikes until total Serb withdrawal" and "ground troops to STOP GENOCIDE now." The flier included links to Web pages that documented Serb atrocities and aggression.

Even though the Yugoslav government did not prohibit Internet activity, fear of government reprisals led some to post their messages through anonymous remailers so they could not be identified. This allowed for a freer discourse on Internet discussion groups and contributed to the spread of information about the situation inside Belgrade and Kosovo. Microsoft Corp. initiated a section called "Secret Dispatches from Belgrade" on the Web site of their online magazine Slate. An anonymous correspondent gives daily reports of both alleged Serb atrocities and civilian suffering inflicted by NATO bombs.23

After human rights organizations expressed concern that the Yugoslav government might be monitoring Internet activity and cracking down on anyone expressing dissenting views, Anonymizer Inc., a provider of anonymous Web browsing and e-mail services, launched the Kosovo Privacy Project Web site. The site, which went on-line in April, offered surfers anonymous e-mail and instant, anonymous access to Voice of America, Radio Free Europe, and about 20 other Web sites. According to Federal Computer Week, Anonymizer planned to add NATO and other Western government information sites to the Kosovo list, and to launch similar projects for human rights situations in other parts of the world, for example, China.24 However, the effectiveness of the Kosovo project was never established. In August, USA Today reported that activists said the project was little noticed inside Kosovo, where traditional media seemed unaware while the fighting knocked out Internet trunk lines in short order.25

The Internet has raised numerous policy issues in such areas as privacy, encryption, censorship, electronic commerce, international trade, intellectual property protection, taxation, Internet governance, cybercrime, and information warfare, all of which have a foreign policy dimension. As the issues surfaced and took on some urgency, existing industry and public-interest groups began to address them. In addition, both national and international advocacy groups sprung up specifically devoted to Internet issues. They all operate Web sites, where they publish policy papers and information about issues, events, and membership. Many also send out e-mail newsletters and alerts.

In the area of encryption policy, for example, the major players include Americans for Computer Privacy (ACP), the Center for Democracy and Technology (CDT), Cyber-Rights & Cyber Liberties, the Electronic Frontier Foundation (EFF), the Electronic Privacy Information Center (EPIC), the Global Internet Liberty Campaign (GILC), and the Internet Privacy Coalition. The ACP has perhaps the largest group of constituents, being composed of 40 trade associations, over 100 companies, and more than 3,000 individual members.26 GILC is one of the most global, with member organizations from Europe, North America, Australia, and Asia.

In July 1999, nine leading U.S.-based Internet companies joined forces to become the voice of the Internet on issues such as privacy, consumer protection, and international trade. The industry group, called, includes America Online,, eBay, Lycos, Yahoo!, DoubleClick, Excite@Home, Inktomi, and The companies represent 7 of the top 10 Internet sites and more than 90% of the world=s Internet users visit one of the sites at least once a month. The group plans to focus on 150 Internet-related bills that were introduced in Congress.27

The Internet is used extensively as a publication medium by hackers (including hacktivists) and terrorists. Hackers publish electronic magazines and put up Web sites with software tools and information about hacking, including details about vulnerabilities in popular systems (e.g., Microsoft Windows) and how they can be exploited, programs for cracking passwords, software packages for writing computer viruses, and scripts for disabling or breaking into computer networks and Web sites. In March 1997, an article in the New York Times reported that there were an estimated 1,900 Web sites purveying hacking tips and tools, and 30 hacker publications.28

Terrorist groups use the Internet to spread propaganda. Back in February 1998, Hizbullah was operating three Web sites: one for the central press office (, another to describe its attacks on Israeli targets (, and the third for news and information ( That month, Clark Staten, executive director of the Emergency Response & Research Institute (ERRI) in Chicago, testified before a U.S. Senate subcommittee that "even small terrorist groups are now using the Internet to broadcast their message and misdirect/misinform the general population in multiple nations simultaneously." He gave the subcommittee copies of both domestic and international messages containing anti-American and anti-Israeli propaganda and threats, including a widely distributed extremist call for Ajihad@ (holy war) against America and Great Britain.30 In June 1998, U.S. News & World Report noted that 12 of the 30 groups on the U.S. State Department=s list of terrorist organizations are on the Web. As of August 1999, it appears that virtually every terrorist group is on the Web, along with a mishmash of freedom fighters, crusaders, propagandists, and mercenaries.31 Forcing them off the Web is impossible, because they can set up their sites in countries with free-speech laws. The government of Sri Lanka, for example, banned the separatist Liberation Tigers of Tamil Eelam, but they have not even attempted to take down their London-based Web site.32


The Internet offers several venues for dialogue and debate on policy issues. These include e-mail, newsgroups, Web forums, and chat. Discussions can be confined to closed groups, for example through e-mail, as well as open to the public. Some media sites offer Web surfers the opportunity to comment on the latest stories and current issues and events. Government officials and domain experts may be brought in to serve as catalysts for discussion, debate issues, or answer questions. Discussion can even take place on Web sites that themselves lack such facilities. Using Gooey software from the Israeli company Hypernix, for example, visitors to a Web site can chat with other Gooey users currently at the site.33

Internet discussion forums are frequently used to debate, blast, and maybe even attempt to influence government policies. Encryption policy, for example, is discussed on the e-mail lists "cypherpunks" and "ukcrypto" and on several newsgroups, including alt.privacy and sci.crypt.

The ukcrypto list created was created in early 1996 by two academics, Ross Anderson (Cambridge) and Paul Leyland (Oxford), and one person then in government, Brian Gladman (NATO SHAPE), who was acting outside his official capacity. Motivated by a concern that a lack of public discussion and debate in the United Kingdom on cryptography issues was allowing the government to set policies that they believed were not in interests of the United Kingdom and its citizens, they formed the list with the objective of impacting cryptography policy. They were concerned both with domestic policy, particularly proposals to restrict the use of cryptography by U.K. citizens, and on foreign policy, particularly export controls. As of May 1999, the list has 300 subscribers, including government officials responsible for U.K.policy and persons in other countries, including the United States. Many of the key contributors held influential positions in other policy making fora. Focus is on U.K. policy issues, but items of international interest are also discussed, including export controls adopted under the Wassenaar Arrangement (31 countries participate); policy changes adopted by France, the United States, and other countries; policy statements from the European Union and other organizations; and some technical issues.34

Gladman believes the list has made four contributions: 1) educating many about the policy issues and encouraging journalists and writers to write about them; 2) bringing individual and industry views closer together and allowing U.K. industry to see more clearly that agreeing with their government may not be a good thing if private citizens do not support government policy; 3) encouraging the more progressive voices in government to speak out and argue from within government that their views represent those of the public; and 4) bringing groups together that were previously campaigning separately. "The most significant contribution of ukcrypto is not direct," Gladman said. "It is the contribution that it has made in promoting an educated community of commentators and a forum for the review of what government is doing that is fully open."

On the downside, some postings on ukcrypto may alienate the very government officials the authors hope to influence. According to Gladman, Adiscussions on the list can become slinging matches that quickly put those in government on the defensive and hence inclined to discount what is being said. It would be more effective if we had a way of focusing on the issues and not the personalities.@35 But Andrew Brown gave ukcrypto high marks, crediting it with most of the thought and co-ordination behind the successful campaign to keep strong cryptography legal and widely available. "There, for the past two years, the civil servants responsible for policy have actually been available, more or less, to the people who disagree with them," he wrote in New Statesman. "They have had to justify their actions, not to the public, but to a small group of geographically dispersed experts ... It's a kind of updated version of Lions v Christians."36

Nigel Hickson, one of the principal players in the policy debates from the U.K. Department of Trade and Industry, agrees the Internet and ukcrypto in particular have played a role in shaping U.K. cryptography policy.37 But he was also critical of the list: "Whilst ukcyrpto has undoubtedly had an influence on the development of UK encryption policy, it has tended to polarise the debate into extremes. This may be because there tends to be a large silent majority on the list who do not directly contribute because o f commercial or policy reasons."38 Besides participating in ukcrypto, the DTI has published draft consultation documents on the Web for comment. Many of the comments they receive arrive through electronic mail. DTI has also met with industry groups and participated in non-Internet forums such as conferences and seminars. These have also helped shape policy decisions.

There are Usenet newsgroups and other interactive forums that focus on practically every conceivable topic relating to foreign (and domestic) policy. Whether these are effective or not in terms of influencing policy is another matter. After studying the impact of the Net on the American political system, Richard Davis, a political science professor at Brigham Young University and author of The Web of Politics, observed that "In Usenet political discussions, people talk past one another, when they are not verbally attacking each other. The emphasis is not problem solving, but discussion dominance."39 Davis also found interactivity on the Internet to be primarily an illusion: "Interest groups, party organizations, and legislators seek to use the Web for information dissemination, but they are rarely interested in allowing their sites to become forums for the opinions of others."40

Coordination of Action

Advocacy groups can use the Internet to coordinate action among members and with other organizations and individuals. Action plans can be distributed by e-mail or posted on Web sites. Services are cheaper than phone and fax (although these services can also be delivered through the Internet), and faster than physical delivery (assuming Internet services are operating properly, which is not always the case). The Internet lets people all over the world coordinate action without regard to constraints of geography or time. They can form partnerships and coalitions or operate independently.

One Web site was created to help activists worldwide coordinate and locate information about protests and meetings. According to statements on Protest.Net, the Web site serves "to help progressive activists by providing a central place where the times and locations of protests and meetings can be posted." The site=s creator said he hoped it would "help resolve logistical problems that activists face in organizing events with limited resources and access to mass media."41 The site features news as well as action alerts and information about events.

The power of the Internet to mobilize activists is illustrated by the arrest of Kurdish rebel leader Abdullah Ocalan. According to Michael Dartnell, a political science professor at Concordia University, when Turkish forces arrested Ocalan, Kurds around the world responded with demonstrations within a matter of hours. He attributed the swift action in part to the Internet and Web. "They responded more quickly than governments did to his arrest," he said. Dartnell contends the Internet and advanced communication tools were changing the way people around the world play politics. Anti-government groups are establishing alliances and coalitions that might not have existed before the technology was introduced.42

The force of the Internet is further illustrated by the day of protest against business that took place on June 18, 1999. The protests, which were set up to coincide with a meeting of the G8 in Cologne, Germany, was coordinated by a group called J18 from a Web site inviting people to plan individual actions focusing on disrupting "financial centres, banking districts and multinational corporate power bases." Suggested activity included marches, rallies, and hacking. In London, up to 2,000 anti-capitalists coursed through the city shouting slogans and spray-painting buildings.43 According to the Sunday Times, teams of hackers from Indonesia, Israel, Germany, and Canada attacked the computers of at least 20 companies, including the Stock Exchange and Barclays. More than 10,000 attacks were launched over a 5-hour period.44

During the Kosovo conflict, the Kosova Task Force used the Internet to distribute action plans to Muslims and supporters of Kosovo. A March 31 Action Alert, for example, asked people to organize rallies in solidarity with Kosovo at local federal buildings and city halls on April 3 at 11:00 AM; organize public funeral prayers; make and encourage others to make daily calls or send e-mail to the White House asking for Kosovo independence, sustained air strikes until total Serb withdrawal from Kosovo, and arming of ethnic Albanians in Kosovo; and make and encourage others to make calls to their Representatives and Senators. An April 18 alert asked every community in the U.S. to establish a Kosova Room for action and information. Each room was to be equipped with a bank of phones for making 1,000 calls to the White House and Congress in support of resolution #HCR 9, calling for independence of Kosovo.

The International Campaign to Ban Landmines (ICBL), a loose coalition of over 1,300 groups from more than 75 countries, has made extensive use of the Internet in their efforts to stop the use, production, stockpiling, and transfer of antipersonnel landmines, and to increase international resources for humanitarian mine clearance and victim assistance. According to ICBL=s Liz Bernstein, the Net has been the dominant form of communication since 1996.45 It has been used to coordinate events and committee functions, distribute petitions and action alerts, raise money, and educate the public and media. Although most direct lobbying is done through face-to-face meetings and letters, e-mail has facilitated communications with government policy makers. Bernstein said the Net Ahas helped the nature of the campaign as a loose coalition, each campaign setting their own agenda yet with common information and communication.@46 Ken Rutherford, co-founder of Land Mine Survivors Network, noted that the Internet also helped establish bridges from North America and Europe to Asia and Africa, and helped enable quick adoption of the 1997 landmine treaty.47 It became international law on March 1, 1999 and, as of September 16,1999, has been signed by 135 countries and ratified by 86. In 1997, the Nobel Peach Prize was awarded to the ICBL and its then coordinator, Jody Williams.48

Human rights workers increasingly use the Internet to coordinate their actions against repressive governments. One tool that has become important in their battles is encryption, as it allows activists to protect communications and stored information from government interception. Human rights activists in Guatemala, for example, credited their use of Pretty Good Privacy (PGP) with saving the lives of witnesses to military abuses.49 Encryption is not the ultimate solution, however, as governments can outlaw its use and arrest those who do not comply.

PGP was originally developed by a Colorado engineer and activist, Phil Zimmermann, who wanted to make strong encryption available to the public for privacy protection against government eavesdroppers. Although the software was export-controlled, someone (not Zimmermann) quickly posted it on a foreign Internet site where it could be downloaded by anyone, anywhere, despite export regulations. Since then, other encryption tools have been posted on Internet sites all over the world, and the argument is frequently made that the availability of such tools demonstrates the futility of export controls. This is one factor driving export policy towards increased liberalization, but other factors have also contributed, including the role of encryption in electronic commerce and a concern that export controls harm the competitiveness of industry. That drive is countered, however, by a concern that the widespread availability of encryption will make it harder for law enforcement and intelligence agencies to gather intelligence from communications intercepts.

Indeed, terrorists also use the Internet to communicate and coordinate their activities. Back in 1996, the headquarters of terrorist financier bin Laden in Afghanistan was equipped with computers and communications equipment. Egyptian "Afghan" computer experts were said to have helped devise a communication network that used the Web, e-mail, and electronic bulletin boards.50 Hamas activists have been said to use chat rooms and e-mail to plan operations and coordinate activities, making it difficult for Israeli security officials to trace their messages and decode their contents.51

The U.S. government's program to establish an Advanced Encryption Standard (AES) illustrates how government can use the Internet to invite and coordinate participation in a decision-making process of international significance. The Department of Commerce National Institute of Standards and Technology (NIST) set up a Web site with information about the AES program and AES conferences, a schedule of events, candidate encryption algorithms (more than half from outside the United States), documentation and test values, and links to public analysis efforts all over the world. The site contains an electronic discussion forum and Federal Register call for comments. Public comments are posted on the site and NIST representatives contribute to the on-line discussions and answer questions.52 Because the AES will offer a foundation for secure electronic commerce and privacy internationally, involving the international community from the beginning will help ensure its success and widespread adoption. Cryptographers from all over in the world have been participating.

NIST's use of the Internet to aid a decision process seems to be unusual. While most government sites provide an e-mail address for making contact, they do not support discussion forums or even actively solicit comments on specific pending policy decisions. However, to the extent that government agencies invite or welcome e-mail messages and input through electronic discussion groups, the Internet can serve the democratic process. Because it is easier to post or send a message on the Internet than to send a written letter, professionals and others with busy schedules may be more inclined to participate in a public consultation process or attempt to influence policy when policy makers are readily accessible through the Internet.

Lobbying Decision Makers

Whether or not government agencies solicit their input, activists can use the Internet to lobby decision makers. One of the methods suggested by the Kosova Task Force for contacting the White House, for example, was e-mail. Similarly, a Canadian Web site with the headline "Stop the NATO Bombing of Yugoslavia Now!" urged Canadians and others interested in stopping the war to send e-mails and/or faxes to the Canadian Prime Minister, Jean Chretien, and all members of the Canadian Parliament. A sample letter was included. The letter concluded with an appeal to Astop aggression against Yugoslavia and seek a peaceful means to resolve the Kosovo problem.@53

E-mail has been credited with halting a U.S. banking plan aimed to combat money laundering. Under the "Know Your Customer" policy, banks would have been required to monitor customer's banking patterns and report inconsistencies to federal regulators. Recognizing the value of the Internet to its deliberations, the Federal Deposit Insurance Corporation (FDIC) put up a Web site, published an e-mail address for comments, and printed out and tabulated each message. By the time the proposal was withdrawn, they had received 257,000 comments, 205,000 (80%) of which arrived through e-mail. All but 50 of the letters opposed the plan. FDIC=s chair, Donna Tanoue, said it was the huge volume of e-mail that drove the decision to withdraw the proposal. "It was the nature and the volume [of the comments]," she said. "When consumers can get excited about an esoteric bank regulation, we have to pay attention."54

Most of the e-mail was driven by an on-line advocacy campaign sponsored by the Libertarian Party. About 171,000 (83%) of the e-mail messages were sent through the party's Web site. The party advertised its advocacy campaign in talk radio interviews and by sending a notice to its e-mail membership list.55 One could argue that the results were due more to the efforts of a large non-government organization than to a grassroots response from the citizens.

Indeed, many e-mail campaigns have been driven by non-government organizations. The organizations send e-mail alerts on issues to electronic mailing lists, offer sample letters to send members of Congress and other decision making bodies, and, in some cases, set up e-mailboxes or Web sites to gather signatures for petitions. The petition process can be automated, making it possible to gather huge volumes of signatures across a wide geographic area with little effort and cost. One Web site, e-The People, offers hundreds of petitions to choose from and 170,000 e-mail addresses of government officials.56

Computer Professionals for Social Responsibility (CPSR) organized an Internet petition campaign in early 1994 to protest the U.S. government's proposal to adopt the Clipper encryption chip as a standard.57 The chip offered strong encryption, but would have given law enforcement agencies the capability to decrypt a subject's messages when conducting a court-ordered wiretap against the subject. Despite numerous safeguards to ensure government agencies could not violate the privacy of users of the chip,58 Clipper was strongly opposed for privacy (and other) reasons, and the general sentiment expressed on Internet newsgroups and e-mail discussion lists was strongly anti-Clipper. CPSR announced their petition through e-mail and set up an e-mail address whereby people could sign on. They collected tens of thousands of signatures, but it is not clear the petition had much impact. The government moved forward with the standard anyway.59

Although Clipper was to be a U.S. standard, it was tied in with the government=s foreign encryption policy. Because of its back door, it was to be generally exportable, unlike other encryption products with comparable cryptographic strength. Also, the Administration urged other governments to adopt a similar approach. However, after extensive lobbying efforts by industry and civil liberties groups, Clipper met its death. The government moved instead toward a more flexible and liberal approach to encryption export controls.

Because of the low cost of operation, individuals can run their own advocacy campaigns. For example, during the heart of the impeachment process against President Clinton, Joan Blades and Wes Boyd, a husband and wife team in Berkeley, founded and put up a Web site inviting citizens to sign a one-sentence petition: "The Congress must immediately censure President Clinton and move on to pressing issues facing the country." In just four months, the petition gathered a half-million signatures. Another petition that read "In the Year 2000 election, I will work to elect candidates who courageously address key national issues and who reject the politics of division and personal destruction" was sent to every member of the House and Senate. received pledges of $13 million and more than 650,000 volunteer hours for congressional candidates in the 2000 election who supported their position.60 It is difficult to assess the impact of the site on the impeachment process, but it may have amplified public opinion polls, which showed the American public supported Clinton and wanted Congress to turn to other issues.

While activists can attempt to influence policy makers through e-mail, it is not clear most policy makers listen (the FDIC, which asked for comments, was an exception). Richard Davis found that "the Internet has not lived up to its promise as a forum for public expression to elected officials. In fact, while publicly encouraging e-mail, members are becoming increasingly disenchanted with it. If the most idealistic members originally envisioned e-mail as the impetus for intelligent communication with constituents, they have seen e-mail deteriorate into a mass mailing tool for political activists." Davis concluded that "members may even discount e-mail communication."61 According to the Wall Street Journal, Senator Charles Schumer's office gives first priority to old-fashioned letters. Persons sending an e-mail to his account get back an automatic response telling them to submit a letter if they want a personal reply.62

The most successful advocacy groups are likely to be those that use the Internet to augment traditional lobbying methods, including personal visits to decision makers and use of broadcast media to reach the public. These operations can be time consuming and expensive, favoring groups that are well-funded. They also require a network of long-term and trusted relationships with policy makers, sponsors, and voters. This supports Davis's conclusion that the promise of the Internet as a forum for participatory democracy is unlikely to be realized. Davis found that existing dominant players in American politics -- the media, interest groups, candidates, and policy makers -- are adapting to the Internet to retain preeminence; and that the Internet is not an adequate tool for public political movement.63


Hacktivism is the convergence of hacking with activism, where "hacking" is used here to refer to operations that exploit computers in ways that are unusual and often illegal, typically with the help of special software ("hacking tools"). Hacktivism includes electronic civil disobedience, which brings methods of civil disobedience to cyberspace. This section explores four types of operations: virtual sit-ins and blockades; automated e-mail bombs; Web hacks and computer break-ins; and computer viruses and worms. Because hacking incidents are often reported in the media, operations in this category can generate considerable publicity for both the activists and their causes.

Virtual Sit-Ins and Blockades

A virtual sit-in or blockade is the cyberspace rendition of a physical sit-in or blockade. The goal in both cases is to call attention to the protestors and their cause by disrupting normal operations and blocking access to facilities.

With a sit-in, activists visit a Web site and attempt to generate so much traffic against the site that other users cannot reach it. A group calling itself Strano Network conducted one of the first such demonstrations as a protest against French government policies on nuclear and social issues. On December 21, 1995, they launched a one-hour Net-Strike attack against the Web sites operated by various government agencies. At the appointed hour, participants from all over the world were instructed to point their browsers to the government Web sites. According to reports, at least some of the sites were effectively knocked out for the period.64

In 1998, the Electronic Disturbance Theater (EDT) took the concept of electronic civil disobedience a step further. They organized a series of Web sit-ins, first against Mexican President Zedillo=s Web site and later against President Clinton=s White House Web site, the Pentagon, the School of the Americas, the Frankfurt Stock Exchange, and the Mexican Stock Exchange. The purpose was to demonstrate solidarity with the Mexican Zapatistas.65 According to EDT=s Brett Stalbaum, the Pentagon was chosen because Awe believe that the U.S. military trained the soldiers carrying out the human rights abuses.@ For a similar reason, the School of the America=s was selected.66 The Frankfurt Stock Exchange was targeted, Stalbaum said, "because it represented capitalism's role in globalization utilizing the techniques of genocide and ethinic cleansing, which is at the root of the Chiapas' problems. The people of Chiapas should play a key role in determining their own fate, instead of having it pushed on them through their forced relocation (at gunpoint), which is currently financed by western capital."67

To facilitate the strikes, the organizers set up special Web sites with automated software. All participants had to do was visit one of the FloodNet sites. When they did, their browser would download the software (a Java Applet), which would access the target site every few seconds. In addition, the software let protesters leave a personal statement on the targeted server=s error log. For example, if they pointed their browsers to a non-existent file such as "human_rights" on the target server, the server would return and log the message "human_rights not found on this server." Stalbaum, who wrote the software, characterized FloodNet as "conceptual net art that empowers people through active/artistic expression."68

EDT estimated that 10,000 people from all over the world participated in the sit-in on September 9 against the sites of President Zedillo, the Pentagon, and the Frankfurt Stock Exchange, delivering 600,000 hits per minute to each. The Pentagon, however, did not sit by idly. It struck back. When their server sensed an attack from the FloodNet servers, they launched a counter-offensive against the users= browsers, redirecting them to a page with an Applet program called "HostileApplet." Once there, the Applet was downloaded to their browsers, where it endlessly tied up their machines trying to reload a document until the machines were rebooted. President Zedillo=s site did not strike back on this occasion, but at a June sit-in, they used software that caused the protestors= browsers to open window after window until their computers crashed. The Frankfurt Stock Exchange reported that they were aware of the protest, but believed it had not affected their services. They said that they normally got about 6 million hits a day. Overall, EDT considered the attack a success. "Our interest is to help the people of Chiapas to keep receiving the international recognition that they need to keep them alive," said Stalbaum.69

When asked about the impact of their Web strikes, EDT's Ricardo Dominguez responded, "Digital Zapatismo is and has been one of the most politically effective uses of the Internet that we know of since January 1, 1994. It has created a distribution network of information with about 100 or more autonomous nodes of support. This has enabled the EZLN (Zapatista National Liberation Army) to speak to the world without having to pass through any dominant media filter. The Zapatistas were chosen by Wired as one of the twenty-five most important people on-line in 1998. ... The Zapatista network has, also, held back a massive force of men and the latest Drug War technologies from annihilating the EZLN in a few days." Regarding FloodNet specifically, he said the main purpose of the Electronic Disturbance Theatre's Zapatista FloodNet performance "is to bring the situation in Chiapas to foreground as often as possible. The gesture has created enough ripples with the Pentagon and the Mexican government that they have had to respond using both on-line and off-line tactics. Thus, these virtual sit-ins have captured a large amount of traditional media attention. You would not be interviewing us if this gesture had not been effective in getting attention to the issues on a global scale."70

EDT has used their FloodNet software against the White House Web site to express opposition to U.S. military strikes and economic sanctions against Iraq. In their "Call for FloodNet Action for Peace in the Middle East," EDT articulated their philosophy. "We do not believe that only nation-states have the legitimate authority to engage in war and aggression. And we see cyberspace as a means for non-state political actors to enter present and future arenas of conflict, and to do so across international borders."71 Animal right=s activists have also used the FoodNet software to protest the treatment of animals. Over 800 protestors from more than 12 countries joined a January 1999 sit-in against Web sites in Sweden.72 And on June 18, FloodNet was one of the tools used in the anti-capitalist attack coordinated by J18.73

Whether Web sit-ins are legal is not clear. Mark Rasch, former head of the Department of Justice=s computer crime unit, said that such attacks run the risk of violating federal laws, which make it a crime to distribute a program, software code, or command with the intent to cause damage to another's site. AIt may be an electronic sit-in, but people get arrested at sit-ins,@ he said.74 A related question is the legality of using a denial-of-service counter-offensive. In the case of the Pentagon, their response most likely would be considered lawful, as it is permissible for a nation to take "proportional" actions to defend against an attack that threatens its security.

There are a variety of methods whereby an individual, acting alone, can disrupt or disable Internet servers. These frequently involve using attack software that floods the server with network packets. During the Kosovo conflict, Belgrade hackers were credited with conducting such attacks against NATO servers. They bombarded NATO=s Web server with Aping@ commands, which test whether a server is running and connected to the Internet. The effect of the attacks was to cause line saturation of the targeted servers.75

When large numbers of individuals simultaneously attack a designated site, such as with the ECD Web sit-ins, the operation is sometimes referred to as "swarming." Swarming can amplify other types of attack, for example, a ping attack or an e-mail bombing (discussed next).

E-Mail Bombs

It is one thing to send one or two messages to government policy makers, even on a daily basis. But it is quite another to bombard them with thousands of messages at once, distributed with the aid of automated tools. The effect can be to completely jam a recipient=s incoming e-mail box, making it impossible for legitimate e-mail to get through. Thus, an e-mail bomb is also a form of virtual blockade. Although e-mail bombs are often used as a means of revenge or harassment, they have also been used to protest government policies.

In what some U.S. intelligence authorities characterized as the first known attack by terrorists against a country's computer systems, ethnic Tamil guerrillas were said to have swamped Sri Lankan embassies with thousands of electronic mail messages. The messages read "We are the Internet Black Tigers and we=re doing this to disrupt your communications."76 An offshoot of the Liberation Tigers of Tamil Eelam, which had been fighting for an independent homeland for minority Tamils, was credited with the 1998 incident.77

The e-mail bombing consisted of about 800 e-mails a day for about two weeks. William Church, editor for the Centre for Infrastructural Warfare Studies (CIWARS), observed that "the Liberation Tigers of Tamil are desperate for publicity and they got exactly what they wanted ... considering the routinely deadly attacks committed by the Tigers, if this type of activity distracts them from bombing and killing then CIWARS would like to encourage them, in the name of peace, to do more of this type of "terrorist activity."78 The attack, however, was said to have had the desired effect of generating fear in the embassies.

During the Kosovo conflict, protestors on both sides e-mail bombed government sites. According to PA News, Nato spokesman Jamie Shea said their server had been saturated at the end of March by one individual who was sending them 2,000 messages a day.79 Fox News reported that when California resident Richard Clark heard of attacks against NATO=s Web site by Belgrade hackers, he retaliated by sending an e-mail bomb to the Yugoslav government=s site. Clark said that a few days and 500,000 e-mails into the siege, the site went down. He did not claim full responsibility, but said he "played a part." That part did not go unrecognized. His Internet service provider, Pacific Bell, cut off his service, saying his actions violated their spamming policy.80

An e-mail bombing was conducted against the San Francisco-based Internet service provider Institute for Global Communications (IGC) in 1997 for hosting the Web pages of the Euskal Herria Journal, a controversial publication edited by a New York group supporting independence of the mountainous Basque provinces of northern Spain and southwestern France. Protestors claimed IGC "supports terrorism" because a section on the Web pages contained materials on the terrorist group Fatherland and Liberty, or ETA, which was responsible for killing over 800 during its nearly 30-year struggle for an independent Basque state. The attack against IGC began after members of the ETA assassinated a popular town councilor in northern Spain.81

The protestor's objective was censorship. They wanted the site pulled. To get their way, they bombarded IGC with thousands of bogus messages routed through hundreds of different mail relays. As a result, mail was tied up and undeliverable to IGC's e-mail users, and support lines were tied up with people who couldn't get their mail. The attackers also spammed IGC staff and member accounts, clogged their Web page with bogus credit card orders, and threatened to employ the same tactics against organizations using IGC services. The only way IGC could stop the attack was by blocking access from all of the relay servers.82

IGC pulled the site on July 18, but not before archiving a copy so that others could put up mirrors. Within days of the shutdown, mirror sites appeared on half a dozen servers on three continents. Chris Ellison, a spokesman for the Internet Freedom Campaign, an English group that was hosting one of the mirrors, said they believe "the Net should prove an opportunity to read about and discuss controversial ideas." The New York-based journal maintained their objective was to publish "Ainformation often ignored by the international media, and to build communication bridges for a better understanding of the conflict."83 An article by Yves Eudes in the French newspaper Le Monde said the e-mail bomb attack against the IGC site represented an "unprecedented conflict@ that Ahas opened up a new era of censorship, imposed by direct action from anonymous hackers."84

About a month after IGC threw the controversial Basque journal Euskal Herria Journal off its servers, Scotland Yard=s Anti-Terrorist Squad shut down Internet Freedom's U.K. Web site for hosting the journal. According to a press release from Internet Freedom, the squad claimed to be acting against terrorism. Internet Freedom said it would move its news operations to its U.S. site.85

The case involving Euskal Herria Journal illustrates the power of hacktivists on the Internet. Despite IGC's desire to host the controversial site, they simply could not sustain the attack and remain in business. They could have ignored a few e-mail messages demanding that the site be pulled, but they could not ignore an e-mail bombing. The case also illustrates the power of the Internet as a tool for free speech. Because Internet venues for publication are rich and dispersed throughout the world, it is extremely difficult for governments and hacktivists alike to keep content completely off the Internet. It would require extensive international cooperation and, even then, a site could operate out of a safe haven that did not sign on to international agreements.

Web Hacks and Computer Break-Ins

The media is filled with stories of hackers gaining access to Web sites and replacing some of the content with their own. Frequently, the messages are political, as when a group of Portuguese hackers modified the sites of 40 Indonesian servers in September 1998 to display the slogan "Free East Timor" in large black letters. According to the New York Times, the hackers also added links to Web sites describing Indonesian human rights abuses in the former Portuguese Colony.86 Then in August 1999, Jose Ramos Horta, the Sydney-based Nobel laureate who represents the East Timor independence movement outside Indonesia, warned that a global network of hackers planned to bring Indonesia to a standstill if Jakarta sabotaged the ballot on the future of East Timor. He told the Sydney Morning Herald that more than 100 hackers, mostly teenagers in Europe and the United States, had been preparing the plan.87

In June 1998, a group of international hackers calling themselves Milw0rm hacked the Web site of India's Bhabha Atomic Research Center (BARC) and put up a spoofed Web page showing a mushroom cloud and the text "If a nuclear war does start, you will be the first to scream ...". The hackers were protesting India=s recent nuclear weapons tests, although they admitted they did it mostly for thrills. They said that they also downloaded several thousand pages of e-mail and research documents, including messages between India's nuclear scientists and Israeli government officials, and had erased data on two of BARC's servers. The six hackers, whose ages range from 15 to 18, hailed from the United States, England, the Netherlands, and New Zealand.88

Another way in which hacktivists alter what viewers see when they go to a Web site is by tampering with the Domain Name Service so that the site=s domain name resolves to the IP address of some other site. When users point their browsers to the target site, they are redirected to the alternative site.

In what might have been one of the largest mass home page takeovers, the antinuclear Milw0rm hackers were joined by Ashtray Lumberjacks hackers in an attack that affected more than 300 Web sites in July 1998. According to reports, the hackers broke into the British Internet service provider EasySpace, which hosted the sites. They altered the ISP=s database so that users attempting to access the sites were redirected to a Milw0rm site, where they were greeted with a message protesting the nuclear arms race. The message concluded with "... use your power to keep the world in a state of PEACE and put a stop to this nuclear bullshit." John Vranesevich, who runs the hacker news site AntiOnline, said, "They're the equivalent to the World Trade Center bombings; [they] want to get their story told and bring attention to themselves."89'

Several Web sites were hacked during the Kosovo conflict. According to Fox News, the Boston Globe reported that an American hacking group called Team Spl0it broke into government Web sites and posted statements such as "Tell your governments to stop the war." Fox also said that the Kosovo Hackers Group, a coalition of European and Albanian hackers, had replaced at least five sites with black and red "Free Kosovo" banners.90 The Bosnian Serb news agency SRNA reported that the Serb Black Hand hackers group had deleted all data on a U.S. Navy computer, according to the Belgrade newspaper Blic. Members of the Black Hand group and Serbian Angel planned daily actions that would block and disrupt military computer operated by NATO countries, Blic wrote.91 Black Hand had earlier claimed responsibility for crashing a Kosovo Albanian Web site. "We shall continue to remove (ethnic) Albanian lies from the Internet," a member of the group told Blic.92

In the wake of NATO's accidental bombing of China=s Belgrade embassy in May, angry Chinese allegedly hacked several U.S. government sites. Newsbytes reported that the slogan Adown with barbarians@ was placed in Chinese on the home page of the U.S. Embassy in Beijing, while the Department of Interior Web site showed images of the three journalists killed during the bombing, crowds protesting the attack in Beijing, and a fluttering Chinese flag.93 According to the Washington Post, Interior spokesman Tim Ahearn said their computer experts had traced their hacker back to China. The newspaper also reported that the Department of Energy's home page read:

"Protest U.S.A.=s Nazi action! Protest NATO=s brutal action! We are Chinese hackers who take no cares about politics. But we can not stand by seeing our Chinese reporters been killed which you might have know. Whatever the purpose is, NATO led by U.S.A. must take absolute responsibility. You have owed Chinese people a bloody debt which you must pay for. We won=t stop attacking until the war stops!"94

NATO did not, of course, declare an end to the war because of the hacking. The impact on foreign policy decisions, if any at all, likely paled in comparison to the bombing itself. Following the accident, China suspended high-level military contacts with the United States.95

Acting in the name of democracy and human rights, hackers have targeted Chinese government computers. One group, called the Hong Kong Blondes, allegedly infiltrated police and security networks in an effort to monitor China=s intelligence activities and warn political targets of imminent arrests.96 According to OXblood Ruffin, "foreign minister" of the Cult of the Dead Cow, the Blondes are an underground group of Chinese dissidents who aim to destabilize the Chinese government. They have threatened to attack both Chinese state-owned organizations and Western companies investing in the country.97

The Los Angeles Times reported that a California computer science student who calls himself Bronc Buster and his partner Zyklon cracked the Chinese network, defacing a government-run Web site on human rights and interfering with censorship. The hacker said they came across about 20 firewall servers blocking everything from to, and that they disabled the blocking on five of the servers. He said they did not destroy any data, but only moved files.98

Bronc Buster belonged to a group of 24 hackers known as the Legion of the Underground (LoU). In a press conference on Internet Relay Chat (IRC) in late December 1998, an LoU member declared cyberwar on the information infrastructures of China and Iraq. He cited civil rights abuses and said LoU called for the complete destruction of all computer systems in China and Iraq.99

The declaration of cyberwar prompted a coalition of other hacking groups to lash out against the campaign. A letter co-signed by 2600, the Chaos Computer Club, the Cult of the Dead Cow (CDC), !Hispahak, L0pht Heavy Industries, Phrack, Pulhas, and several members of the Dutch hacking community denounced the cyberwar, saying "Declaring war against a country is the most irresponsible thing a hacker group could do. This has nothing to do with hacktivism or hacker ethics and is nothing a hacker could be proud of." Reid Fleming of the CDC said "One cannot legitimately hope to improve a nation=s free access to information by working to disable its data networks."100

By the time the letter went out, LoU had already issued a statement saying that the declaration of war on IRC did not represent the position of the group. "The LoU does not support the damaging of other nations computers, networks or systems in any way, nor will the LoU use their skills, abilities or connections to take any actions against the systems, networks or computers in China or Iraq which may damage or hinder in any way their operations."101 Bronc Buster said the IRC declaration was issued by a member before he left and never came back.102

In August 1999, a cyberwar erupted between hackers in China and Taiwan. Chinese hackers defaced several Taiwanese and government Web sites with pro-China messages saying Taiwan was and would always be an inseparable part of China. "Only one China exists and only one China is needed," read a message posted on the Web site of Taiwan=s highest watchdog agency.103 Taiwanese hackers retaliated and planted a red and blue Taiwanese national flag and an anti-Communist slogan: "Reconquer, Reconquer, Reconquer the Mainland," on a Chinese high-tech Internet site. The cyberwar followed an angry exchange by Chinese and Taiwanese in response to Taiwan's President Lee Teng-hui's statement that China must deal with Taiwan on a "state-to-state" basis.104

One of the consequences of hacking is that victims might falsely attribute an assault to a foreign government rather than the small group of activists that actually conducted it. This could strain foreign relations or lead to a more serious conflict.

The Chinese government has been accused of attacking a U.S. Web site devoted to the Falun Gong meditation sect, which Chinese authorities outlawed in July 1999. Bob McWee, a sect practitioner in Middleton, Maryland, said his site had been under a persistent electronic assault. In addition to a continuous denial-of-service attack, someone had tried breaking into his server. He said he was able to trace the penetration attempt to the Internet Monitoring Bureau of China's Public Security Ministry.105 If the attack did indeed originate with the Chinese police, this would have major foreign policy implications. It would suggest that the Chinese government views Web sites operating on foreign soil as legitimate targets of aggression when those sites support activities prohibited on home soil.

Web hacks and computer break-ins are extremely common, and targets include commercial and educational computers as well as government ones. The results of the 1999 Information Security Industry Survey showed that the number of companies experiencing penetrations jumped from 12% in 1997 to 23% in 1998 (almost double).106 About 26% of respondents to the ERRI/EmergencyNet News Local/County/State Computer "Hacking" Survey said they thought they had been the victims of an unauthorized intrusion or attack on their computer systems.107 And 30% of respondents to the 1999 CSI/FBI Computer Crime and Security Survey reported intrusions from outsiders.108 Most of the attacks, however, were probably not motivated by politics (hacktivism), but rather thrills, curiosity, ego, revenge, or financial gain. In the area of Web hacks alone, Attrition.Org recorded more than 1,400 cases of vandalism by July 1999 for the year.109

Computer Viruses and Worms

Hacktivists have used computer viruses and worms to spread protest message and damage target computer systems. Both are forms of malicious code that infect computers and propagate over computer networks. The difference is that a worm is an autonomous piece of software that spreads on its own, whereas a virus attaches itself to other files and code segments and spreads through those elements, usually in response to actions taken by users (e.g., opening an e-mail attachment). The boundary between viruses and worms, however, is blurry and not important to the discussion here.

The first protest to use a worm occurred about a decade ago, when anti-nuclear hackers released a worm into the U.S. National Aeronautics and Space Administration SPAN network. On October 16, 1989, scientists logging into computers at NASA's Goddard Space Flight Center in Greenbelt, Maryland, were greeted with a banner from the WANK worm:

 W O R M S    A G A I N S T    N U C L E A R    K I L L E R S
\__  ____________  _____    ________    ____  ____   __  _____/
 \ \ \    /\    / /    / /\ \       | \ \  | |    | | / /    /
  \ \ \  /  \  / /    / /__\ \      | |\ \ | |    | |/ /    /
   \ \ \/ /\ \/ /    / ______ \     | | \ \| |    | |\ \   /
    \_\  /__\  /____/ /______\ \____| |__\ | |____| |_\ \_/
      \                                                 /
       \    Your System Has Been Officically WANKed    /

 You talk of times of peace for all, and then prepare for war.

At the time of the attack, antinuclear protestors were trying to stop the launch of the shuttle that carried the Galileo probe on its initial leg to Jupiter. Galileo's 32,500-pound booster system was fueled with radioactive plutonium. John McMahon, protocol manager with NASA's SPAN office, estimated that the worm cost them up to half a million dollars of wasted time and resources. It did not have its intended effect of stopping the launch. The source of the attack was never identified, but some evidence suggested that it might have come from hackers in Australia.110

Computer viruses have been used to propagate political messages and, in some cases, cause serious damage. In February 1999, the London Sunday Telegraph reported that an Israeli teen had become a national hero after he claimed to have wiped out an Iraqi government Web site. "It contained lies about the United States, Britain and Israel, and many horrible statements against Jews," 14-year-old Nir Zigdon said.111 "I figured that if Israel is afraid of assassinating Saddam Hussein, at least I can try to destroy his site. With the help of some special software I tracked down the site=s server to one of the Gulf states."112 The Tel Aviv hacktivist then sent a computer virus in an e-mail attachment to the site. "In the e-mail message, I claimed I was a Palestinian admirer of Saddam who had produced a virus capable of wiping out Israeli websites," Zigdon said. "That persuaded them to open the message and click on the designated file. Within hours the site had been destroyed. Shortly afterwards I received an e-mail from the site manager, Fayiz, that told me to 'go to hell'."113

During the Kosovo conflict, businesses, public organizations, and academic institutes received virus-laden e-mails from a range of Eastern European countries, according to mi2g, a London-based Internet software company. "The contents of the messages are normally highly politicised attacks on NATO's unfair aggression and defending Serbian rights using poor English language and propaganda cartoons," the press release said. It went on to say "The damage to the addressee is usually incorporated in several viruses contained within an attachment, which may be plain language or anti-NATO cartoon."114 In an earlier press release, mi2g warned that "The real threat of cyber warfare from Serbian hackers is to the economic infrastructure of NATO countries and not to their better prepared military command and control network."115

It is extremely difficult, perhaps impossible, for an organization to prevent all viruses, as users unwittingly open e-mail attachments with viruses and spread documents with viruses to colleagues. Although anti-viral tools can detect and eradicate viruses, the tools must be kept up-to-date across the enterprise, which may have tens of thousands of machines, and they must be installed and used properly. While viruses bearing political messages may not seem to pose a serious problem, an organization hit by one may have to shut down services in order to eradicate it from its network.

The seriousness of viruses is underscored by two recent surveys. The 1999 Information Security Industry survey found that 77% of respondents had experienced a computer virus. This was up from 73% in 1998. More distressing, the ERRI/EmergencyNet News Local/County/State Computer "Hacking" Survey found that almost 83% of respondents had been the victim of a virus. Even a benign virus could significantly impact the ability of governments to provide essential services.

Viruses, especially those carrying destructive payloads, are a potentially potent tool in the hands of cyberterrorists. Other tools of hacktivism, including computer network attacks, could likewise be put to highly destructive ends. This is the topic discussed next. Cyberterrorism

In the 1980s, Barry Collin, a senior research fellow at the Institute for Security and Intelligence in California, coined the term "cyberterrorism" to refer to the convergence of cyberspace and terrorism.116 Mark Pollitt, special agent for the FBI, offers a working definition: "Cyberterrorism is the premeditated, politically motivated attack against information, computer systems, computer programs, and data which result in violence against noncombatant targets by subnational groups or clandestine agents."117 Politically motivated attacks that cause serious harm, such as severe economic hardship or sustained loss of power or water, might also be characterized as cyberterrorism.

This section discusses the extent to which cyberterrorism is a problem today and is likely to be a problem in the near future. It also covers domestic and international initiatives aimed as countering a wide variety of cyberthreats, including cyberterrorism, certain forms of hacktivism, and other non-politically motivated computer network attacks.

The Threat

As discussed in the preceding sections, terrorist groups are using the Internet extensively to spread their message and to communicate and coordinate action. However, there have been few if any computer network attacks that meet the criteria for cyberterrorism. The 1998 e-mail bombing by the Internet Black Tigers against the SRI Lanken embassies was perhaps the closest thing to cyberterrorism that has occurred so far, but the damage cause by the flood of e-mail, for example, pales in comparison to the deaths of 240 people from the physical bombings of the U.S. embassies in Nairobi and Dar es Salaam in August of that year.

Is cyberterrorism the way of the future? For a terrorist, it would have some advantages over physical methods. It could be conducted remotely and anonymously, it would be cheap, and it would not require the handling of explosives or a suicide mission. It would likely garner extensive media coverage, as journalists and the public alike are fascinated by practically any kind of computer attack. One highly acclaimed study of the risks of computer systems began with a paragraph that concludes "Tomorrow's terrorist may be able to do more with a keyboard than with a bomb."118

In a 1997 paper, Collin describes several possible scenarios. In one, a cyberterrorist hacks into the processing control system of a cereal manufacturer and changes the levels of iron supplement. A nation of children get sick and die. In another, a cyberterrorist attacks the next generation of air traffic control systems. Two large civilian aircraft collide. In a third, a cyberterrorist disrupts banks, international financial transactions, and stock exchanges. Economic systems grind to a halt, the public loses confidence, and destabilization is achieved.119

Analyzing the plausibility of Collin's hypothetical attacks, Pollitt concludes that there is sufficient human involvement in the control processes used today that cyberterrorism does not B at present B pose a significant risk in the classical sense. In the cereal contamination scenario, for example, he argues that the quantity of iron (or any other nutritious substance) that would be required to become toxic is so large that assembly line workers would notice. They would run out of iron on the assembly line and the product would taste different and not good. In the air traffic control scenario, humans in the loop would notice the problems and take corrective action. Pilots, he says, are trained to be aware of the situation, to catch errors made by air traffic controllers, and to operate in the absence of any air traffic control at all.120 Pollitt does not imply by his analysis that computers are safe and free from vulnerability. To the contrary, his argument is that despite these vulnerabilities, because humans are in the loop, a cyberattack is unlikely to have such devastating consequences. He concludes that "As we build more and more technology into our civilization, we must ensure that there is sufficient human oversight and intervention to safeguard those whom technology serves."

In a 1997 article titled "How Many Terrorists Fit on a Computer Keyboard?" William Church presents a strong case that the United States does not yet face a compelling threat from terrorists using information warfare techniques to disrupt critical infrastructure. They lack either the motivation, capabilities, or skills to pull off a cyberattack at this time. Church does not rule out a physical attack against the infrastructure, but such a threat is neither new nor matured by U.S. reliance on technology.121

There are drawbacks to terrorists using cyber weapons over physical ones. Because systems are complex, it may be harder to control an attack and achieve a desired level of damage. Unless people are injured, there is also less drama and emotional appeal. Further, terrorists may be disinclined to try new methods unless they see their old ones as inadequate.122

There is little concrete evidence of terrorists preparing to use the Internet as a venue for inflicting grave harm. However, in February 1998, Clark Staten, executive director of the Emergency Response & Research Institute in Chicago, testified that it was believed that "members of some Islamic extremist organizations have been attempting to develop a >hacker network= to support their computer activities and even engage in offensive information warfare attacks in the future."123 And in November, the Detroit News reported that Khalid Ibrahim, who claimed to be a member of the militant Indian separatist group Harkat-ul-Ansar, had tried to buy military software from hackers who had stolen it from U.S. Department of Defense computers they had penetrated. Harkat-ul-Ansar, one of the 30 terrorist organizations on the State Department list, declared war on the United States following the August cruise-missile attack on a suspected terrorist training camp in Afghanistan run by Osama bin Laden, which allegedly killed nine of their members. The attempted purchase was discovered when an 18-year-old hacker calling himself Chameleon attempted to cash a $1,000 check from Ibrahim. Chameleon said he did not have the software and did not give it to Ibrahim, but Ibrahim may have obtained it or other sensitive information from one of the many other hackers he approached.124

Given that there are no instances of cyberterrorism, it is not possible to assess the impact of acts that have taken place. It is equally difficult to assess potential impact, in part because it is hard to predict how a major computer network attack, inflicted for the purpose of affecting national or international policy, would unfold. So far, damages from attacks committed for reasons other than terrorism, for example, to seek revenge against a former employer, have generally been confined to immediate targets. No lives have been lost.


The main impact of cyberthreats on foreign and domestic policy relates to defending against such acts, particularly attacks against critical infrastructures. At the international level, several countries, including the U.S., have been addressing such issues as mutual legal assistance treaties, extradition, the sharing of intelligence, and the need for uniform computer crime laws so that cybercriminals can be successfully investigated and prosecuted even when their crimes cross international borders, as they so often do. This effort is not focused on either cyberterrorism or hacktivism, but rather addresses an array of actions that includes all forms of hacking and computer network attacks, computer and telecommunications fraud, child pornography on the Net, and electronic piracy (software, music, etc.). It also covers state-sponsored cyberwarfare operations that use hacking and computer network attacks as a military weapon.

At the initiative of the Russian Federation, the U.N. General Assembly adopted a resolution related to cybercrime, cyberterrorism, and cyberwarfare in December 1998. Resolution 53/70, Developments in the Field of Information and Telecommunications in the Context of International Security, invites member states to inform the Secretary-General of their views and assessments on (a) the issues of information security, (b) definition of basic notions related to information security, and 8 advisability of developing international principles that would enhance the global information and telecommunications systems and help combat information terrorism and criminality.125

The U.S. has taken several steps to better protect its critical infrastructures. In July 1996, President Clinton announced the formation of the President=s Commission on Critical Infrastructure Protection (PCCIP) to study the critical infrastructures that constitute the life support systems of the nation, determine their vulnerabilities to a wide range of threats, and propose a strategy for protecting them in the future. Eight infrastructures were identified: telecommunications, banking and finance, electrical power, oil and gas distribution and storage, water supply, transportation, emergency services, and government services. In their final report, issued in October 1997, the commission reported that the threats to critical infrastructures were real and that, through mutual dependence and interconnectedness, they could be vulnerable in new ways. "Intentional exploitation of these new vulnerabilities could have severe consequences for our economy, security, and way of life."126

The PCCIP noted that cyberthreats have changed the landscape. "In the past we have been protected from hostile attacks on the infrastructures by broad oceans and friendly neighbors. Today, the evolution of cyberthreats has changed the situation dramatically. In cyberspace, national borders are no longer relevant. Electrons don't stop to show passports. Potentially serious cyberattacks can be conceived and planned without detectable logistic preparation. They can be invisibly reconnoitered, clandestinely rehearsed, and then mounted in a matter of minutes or even seconds without revealing the identity and location of the attacker."127

In assessing the threat from both physical and cyberattacks, the PCCIP concluded that "Physical means to exploit physical vulnerabilities probably remain the most worrisome threat to our infrastructures today. But almost every group we met voiced concerns about the new cyber vulnerabilities and threats. They emphasized the importance of developing approaches to protecting our infrastructures against cyberthreats before they materialize and produce major system damage."128 The recommendations of the PCCIP led to Presidential Decision Directive (PDD) 63, which established the National Infrastructure Protection Center (NIPC), the Critical Infrastructure Assurance Office (CIA), the National Infrastructure Assurance Council (NIAC), and private sector Information Sharing and Assessment Centers (ISACs).129 The Department of Defense also established a Joint Task Force - Computer Network Defense (JTF-CND).

That critical systems are potentially vulnerable to cyberattacks was underscored by a June 1997 exercise, code named Eligible Receiver, conducted by the National Security Agency (NSA). The objective was to determine the vulnerability of U.S. military computers and some civilian infrastructures to a cyberattack. According to reports, two-man teams targeted specific pieces of the military infrastructure, including the U.S. Pacific Command in Hawaii, which oversees 100,000 troops in Asia. One person played the role of the attacker, while another observed the activity to ensure that it was conducted as scripted. Using only readily available hacking tools that could easily be obtained from the Internet, the NSA hackers successfully gained privileged access on numerous systems. They concluded that the military infrastructure could be disrupted and possible troop deployments hindered. The exercise also included written scenarios against the power grid and emergency 911 system, with resulting service disruptions. For the latter, they postulated that by sending sufficient e-mails to Internet users telling them the 911 system had a problem, enough curious people would phone 911 at once to overload the system. No actual attacks were made against any civilian infrastructures.130

The vulnerability of commercial systems to cyberattacks is repeatedly demonstrated by survey results such as those mentioned earlier. There is no evidence that non-government systems are any more or less vulnerable than government ones, or that the security posture of either group, as a whole, is generally improving -- despite the availability and use of a growing supply of information security tools.


The Internet is clearly changing the landscape of political discourse and advocacy. It offers new and inexpensive methods for collecting and publishing information, for communicating and coordinating action on a global scale, and for reaching out to policy makers. It supports both open and private communication. Advocacy groups and individuals worldwide are taking advantage of these features in their attempts to influence foreign policy.

Several case studies show that when the Internet is used in normal, non-disruptive ways, it can be an effective tool for activism, especially when it is combined with other media, including broadcast and print media and face-to-face meetings with policy makers. As a technology for empowerment, the Net benefits individuals and small groups with few resources as well as organizations that are large or well-funded. It facilitates activities such as educating the public and media, raising money, forming coalitions across geographical boundaries, distributing petitions and action alerts, and planning and coordinating events on a regional or international level. It allows activists in politically repressive states to evade government censors and monitors.

In the area of hacktivism, which involves the use of hacking tools and techniques of a disruptive nature, the Internet will serve mainly to draw attention to a cause, as such incidents are regularly reported by news media. Whether that attention has the desired effect of changing policy decisions related to the issue at hand is much less certain. Hacktivists may feel a sense of empowerment, because they can control government computers and get media attention, but that does not mean they will succeed in changing policy. So far, anecdotal evidence suggests that for the majority of cases, they will not.

With regards to cyberterrorism, that is, the use of hacking tools and techniques to inflict grave harm such as loss of life, few conclusions can be drawn about its potential impact on foreign policy, as there have been no reported incidents that meet the criteria. What can be said is that the threat of cyberterrorism, combined with hacking threats in general, is influencing policy decisions related to cyberdefense at both a national and international level. If one looks at terrorism in general for insights into the potential impact of cyberterrorism, one finds that the impact of terrorism on the foreign policy issues at hand is similarly difficult to assess, but here again, the threat of terrorism, particularly chem, bio, and nuclear terrorism, is having a significant impact on national defense policy.


I am grateful to Liz Bernstein, Ricardo Dominguez, Ekaterina Drozdova, Peter Ford, Brian Gladman, Sy Goodman, Nigel Hickson, Jason Hunter, Dennis Longley, Diana Owen, David Ronfeldt, Ken Rutherford, Julie Ryan, Brett Stalbaum, and Chuck Weiss for helpful discussions, suggestions, and comments.


1. Ashley Dunn, "Crisis in Yugoslavia -- Battle Spilling Over Onto the Internet," Los Angeles Times, April 3, 1999.

2. David Briscoe, "Kosovo-Propaganda War," Associated Press, May 17, 1999.

3. NUA Internet Surveys, The site is updated regularly with the latest estimate.

4. Alan Docherty, ANet Journalists Outwit Censors," Wired News, March 13, 1999.

5. AThe Twenty Enemies of the Internet,@ Press release, Reporters Sans Frontiers, August 9, 1999.

6. Maggie Farley, ADissidents Hack Holes in China=s New Wall,@ Los Angeles Times, January 4, 1999. Adrian Oosthuizen, ADissidents to Continue E-Mail Activity Despite Court Verdict,@ South China Morning Post, February 2, 1999.

7. Michael Dobbs, AThe War on the Airwaves,@ Washington Post, April 19, 1999.

8. Alex Todorovic, AI=m Watching Two Different Wars,@ Washington Post, April 18, 1999.

9. Ibid, Michael Dobbs.

10. Ibid, Alex Todorovic.

11. ANetAction=s Virtual Activist Training Guide,@


13. David Briscoe, AKosovo-Propaganda War,@ Associated Press, May 17, 1999.

14. AConflict in the Balkans -- Cook Enlists Internet to Send Serbs Message,@ Daily Telegraph, London, April 2, 1999, p. 9.

15. Rebecca Allison, ABelgrade Hackers Bombard MoD Website in >First= Internet War,@ PA News, March 31, 1999.

16. Leander Kahney, AYugoslavia=s B92 Goes Dark,@ Wired News, April 2, 1999.

17. Bob Schmitt, AAn Internet Answer to Repression,@ Washington Post, March 31, 1997, p. A21.

18. Matthew Mirapaul, AKosovo Conflict Inspires Digital Art Projects,@ New York Times (Cybertimes), April 15, 1999.

19. Larry McShane, AYugoslavs Condemn Bombs Over E-mail to U.S. media,@ Nando Times, April 17, 1999,

20. Ellen Joan Pollock and Andrea Petersen, AUnsolicited E-Mail Hits Targets in America in First Cyberwar,@ Wall Street Journal, April 8, 1999.

21. Dennis Longley, personal communication, July 15, 1999.

22. The task force uses the spelling AKosova@ in its name and in all references to Kosovo.

23. Rick Montgomery, AEnemy in Site -- It=s Time to Join the Cyberwar,@ Daily Telegraph, Australia, April 19, 1999.

24. Daniel Verton, ANet Service Shields Web Users in Kosovo,@ Federal Computer Week, April 19, 1999.

25. Will Rodger, AOnline Human-Rights Crusaders,@ USA Today, August 25, 1999.


27. AInternet Heavies Back New Net-Policy Group,@ IDG, July 14, 1999.

28. Steve Lohr, AGo Ahead, Be Paranoid: Hackers Are out to Get You,@ New York Times, March 17, 1997.

29. John Arquilla, David Ronfeldt, and Michele Zanini, ANetworks, Netwar, and Information-Age Terrorism,@ in Countering the New Terrorism, RAND, 1999, p. 66. The authors cite AHizbullah TV Summary 18 February 1998,@ Al-Manar Television World Wide Webcast, FBIS-NES-98-050, February 19, 1998 and ADevelopments in Mideast Media: January-May 1998,@ Foreign Broadcast Information Service (FBIS), May 11, 1998.

30. Clark L. Staten, Testimony before the Subcommittee on Technology, Terrorism and Government Information, U.S. Senate Judiciary Committee, February 24, 1998.

31. Bob Cromwell=s site at Purdue has an excellent collection of links.

32. Kevin Whitelaw, ATerrorists on the Web: Electronic >Safe Haven=,@ U.S. News & World Report, June 22, 1998, p. 46. The State Department=s list of terrorist organizations is at

33. Chris Oaks, AEvery Web Site a Chat Room,@ Wired News, June 14, 1999.

34. Personal correspondence with Brian Gladman, May 4, 1999, augmented by my own observations from subscribing to the list since the beginning.

35. Ibid.

36. Andrew Brown, AEditors Wanted,@ New Statesman, April 26, 1999.

37. Private conversation with Nigel Hickson on April 29, 1999.

38. Nigel Hickson, private communication, July 28, 1999.

39. Richard Davis, The Web of Politics, Oxford University Press, 1999, p. 177.

40. Davis, p. 178.


42. Martin Stone, AProf to Build Archive of Insurgency Groups,@ Newsbytes, March 3, 1999.

43. Edward Harris, AWeb Becomes a Cybertool for Political Activists,@ Wall Street Journal, August 5, 1999, B11; Barbara Adam, AJ18 Hackers Could Target Australian Companies on Friday,@ Australian Associated Press, June 16, 1999.

44. Jon Ungoed-Thomas and Maeve Sheehan, ARiot Organisers Prepare to Launch Cyber War on City, Sunday Times, August 15, 1999.

45. Private communication from Liz Bernstein, October 4, 1999,

46. Ibid.

47. Private communication with Ken Rutherford, October 6, 1999.

48. See also the ICBL Web site at and the Web site of the Land Mine Survivors Network at

49. Alan Boyle, ACrypto Can Save Lives,@ ZDNet, January 26, 1999. PGP provides both file and electronic-mail encryption.

50. John Arquilla, David Ronfeldt, and Michele Zanini, ANetworks, Netwar, and Information-Age Terrorism,@ in Countering the New Terrorism, RAND, 1999, p. 65. The authors cite AAfghanistan, Saudi Arabia: Editor=s Journey to Meet Bin-Laden Described,@ London al-Quds al-=Arabi, FBIS-TOT-97-003-L, November 27, 1996, p. 4, and AArab Afghans Said to Launch Worldwide Terrorist War,@ 1995.

51. Ibid. The authors cite AIsrael: U.S. Hamas Activists Use Internet to Send Attack Threats,@ Tel Aviv IDF Radio, FBIS-TOT-97-001-L, October 13, 1996, and AIsrael: Hamas Using Internet to Relay Operational Messages,@ Tel Aviv Ha=aretz, FBIS-TOT-98-034, February 3, 1998, p. 1.

52. The NIST AES Web site is at


54. Rebecca Fairley Raney, AFlood of E-Mail Credited with Halting U.S. Bank Plan,@ The New York Times (Cybertimes), March 24, 1999.

55. Ibid.

56. Edward Harris, AWeb Becomes a Cybertool for Political Activists,@ Wall Street Journal, August 5, 1999, B11. The Web site is at

57. The persons organizing the campaign went on to form the Electronic Privacy Information Center (EPIC) shortly thereafter.

58. For example, each chip was uniquely keyed and decryption was not possible without getting the keys to the subject=s chip from two separate government agencies.

59. For an interesting discussion of the Internet campaign against Clipper, see Laura J. Gurak, Persuasion and Privacy in Cyberspace, Yale University Press, 1997.

60. Chris Carr, AInternet Anti-Impeachment Drive Yields Big Pledges of Money, Time,@ Washington Post, February 7, 1999. Site is at

61. Davis, p. 135.

62. Edward Harris, AWeb Becomes a Cybertool for Political Activists,@ Wall Street Journal, August 5, 1999, B11.

63. Davis, p. 168.

64. Information provided to the author from Bruce Sterling; Winn Schwartau, Information Warfare, 2nd ed., Thunder=s Mouth Press, 1996, p. 407.

65. For an in-depth analysis of the Zapatista=s Anetwar,@ see David Ronfeldt, John Arquilla, Graham E. Fuller, and Melissa Fuller, The Zapatista ASocial Netwar@ in Mexico, RAND Report MR-994-A, 1998.

66. Niall McKay, APentagon Deflects Web Assault,@ Wired News, September 10, 1998.

67. Brett Stalbaum, private correspondence, July 23, 1999.

68. Brett Stalbaum, AThe Zapatista Tactical FloodNet,@

69. Niall McKay, APentagon Deflects Web Assault,@ Wired News, September 10, 1998; Brett Stalbaum, personal communication, January 30, 1999.

70. Ricardo Dominguez, personal communication, February 2, 1999.


72. ADay of Net Attacking Against Vivisection,@ Communique from the Animal Liberation Front, December 31; 1998. AThe First Ever Animal Liberation Electronic Civil Disobedience Virtual Sit-In on the SMI Lab Web Site in Sweden,@ notice from Tactical Internet Response Network, AECD Report -- SMI Shuts Down Their Computer Network!!!,@, January 15, 1999.

73. Jon Ungoed-Thomas and Maeve Sheehan, ARiot Organisers Prepare to Launch Cyber War on City, Sunday Times, August 15, 1999.

74. Carl Kaplan, AFor Their Civil Disobedience, the >Sit-In= is Virtual,@ the Cyberlaw Journal, New York Times on the Web, May 1, 1998. The law is Title 18 U.S.C. section 1030 (a)(5)(A).

75. Rebecca Allison, ABelgrade Hackers Bombard MoD Website in >First= Internet War,@ PA News, March 31, 1999.

76. AE-Mail Attack on Sri Lanka Computers,@ Computer Security Alert, No. 183, Computer Security Institute, June 1998, p. 8.

77. Jim Wolf, AFirst >Terrorist= Cyber-Attack Reported by U.S.,@ Reuters, May 5, 1998.

78. CIWARS Intelligence Report, May 10, 1998.

79. Rebecca Allison, ABelgrade Hackers Bombard MoD Website in >First= Internet War,@ PA News, March 31, 1999.

80. Patrick Riley, AE-Strikes and Cyber-Sabotage: Civilian Hackers Go Online to Fight,@ Fox News, April 15, 1999.

81. Rebecca Vesely, AControversial Basque Web Site Resurfaces,@ Wired News, August 28, 1997; ATwo More Basque Politicians Get ETA Death Threats,@ Reuters, San Sebastian, Spain, December 16, 1997.

82. AIGC Censored by Mailbombers,@ letter from Maureen Mason and Scott Weikart, IGC, posted on

83. Rebecca Vesely, AControversial Basque Web Site Resurfaces,@ Wired News, August 28, 1997.

84. Yves Eudes, AThe Zorros of the Net,@ Le Monde, November 16, 1997

85. AAnti-Terrorist Squad Orders Political Censorship of the Internet,@ press release from Internet Freedom, September 1997.

86. Amy Harmon, A>Hacktivists= of All Persuasions Take Their Struggle to the Web,@ New York Times, October 31. 1999.

87. Lindsay Murdoch, AComputer Chaos Threat to Jakarta,@ Sydney Morning Herald, August 18, 1999, p. 9.

88. James Glave, ACrackers: We Stole Nuke Data,@ Wired News, June 3, 1998; Janelle Carter, AHackers Hit U.S. Military Computers,@ Associated Press, Washington, June 6, 1998; AHackers Now Setting Their Sights on Pakistan,@ Newsbytes, June 5, 1998.

89. Jim Hu, APolitical Hackers Hit 300 Sites,@ CNET, July 6, 1998. The Milw0rm page is shown at

90. Patrick Riley, AE-Strikes and Cyber-Sabotage: Civilian Hackers Go Online to Fight,@ Fox News, April 15, 1999.

91. ASerb Hackers Reportedly Disrupt U.S. Military Computers,@ Bosnian Serb news agency SRNA, March 28, 1999.

92. ASerb Hackers Declare Computer War,@ Associated Press, October 22, 1998.

93. Martyn Williams, AFederal Web Sites Under Attack After Embassy Bombing,@ Newsbytes, May 10, 1999.

94. Stephen Barr, AAnti-NATO Hackers Sabotage 3 Web Sites,@ Washington Post, May 12, 1999.

95. AChina Suspends Contacts With U.S.,@ Associated Press, Beijing, May 9, 1999.

96. Niall McKay, AChina: The Great Firewall,@ Wired News, December 1, 1998. See also Sarah Elton, AHacking in the Name of Democracy in China,@ The Toronto Star, July 4, 1999.

97. Neil Taylor, ACDC Says Hackers Are Threat,@ IT Daily, August 26, 1999.

98. Maggie Farley, ADissidents Hack Holes in China=s New Wall,@ Los Angeles Times, January 4, 1999.


100. Letter of January 7, 1999.

101. Statement of January 7, 1999.

102. James Glave, AConfusion Over >Cyberwar,= Wired News, January 12, 1999.

103. APro-China Hacker Attacks Taiwan Government Web Sites,@ Reuters, August 9, 1999.

104. Annie Huang, AHackers= War Erupts Between Taiwan, China,@ Associated Press, Taipei, Taiwan, August 9, 1999.

105. ABeijing Tries to Hack U.S. Web Sites,@ Associated Press, July 30, 1999. McWee=s Web site is at


107. Private e-mail from Clark Staten, July 19, 1999.

108. Richard Power, A1999 CSI/FBI Computer Crime and Security Survey,@ Computer Security Issues & Trends, Vol. V, No. 1, Winter 1999.

109. Ted Bridis, AHackers Become An Increasing Threat,@ Associated Press, July 7, 1999.

110. Ibid.

111. Tom Gross, AIsraeli Claims to Have Hacked Saddam Off the Net,@ London Sunday Telegraph, February 7, 1999.

112. Ibid.

113. Ibid.

114. mi2g Cyber Warfare Advisory Number 2, April 17, 1999, M2 Communications, April 19, 1999.

115. M2 Communications, April 8, 1999.

116. Barry Colin, AThe Future of Cyberterrorism,@ Crime and Justice International, March 1997, pp. 15-18.

117. Mark M. Pollitt, ACyberterrorism B Fact or Fancy?@ Proceedings of the 20th National Information Systems Security Conference, October 1997, pp. 285-289.

118. Computers at Risk, National Academy Press, 1991.

119. Barry Colin, AThe Future of Cyberterrorism,@ Crime and Justice International, March 1997, pp. 15-18.

120. Mark M. Pollitt, ACyberterrorism B Fact or Fancy?@ Proceedings of the 20th National Information Systems Security Conference, October 1997, pp. 285-289.

121. William Church, AInformation Warfare Threat Analysis for the United States of America, Part Two: How Many Terrorists Fit on a Computer Keyboard?@ Journal of Infrastructural Warfare, Summer 1997.

122. Kevin Soo Hoo, Seymour Goodman,and Lawrence Greenberg, AInformation Technology and the Terrorist Threat,@ Survival, Vol 39, No. 3, Autumn 1997, pp. 135-155.

123. Clark L. Staten, testimony before the Subcommittee on Technology, Terrorism and Government Information, U.S. Senate Judiciary Committee, February 24, 1998.

124. A>Dangerous= Militant Stalks Internet,@ Detroit News, November 9, 1998.

125. G.A. Res. 53/70, U.N. GAOR, 53rd Sess., U.N. Doc. A/RES/53/70.

126. Critical Foundations: Protecting America=s Infrastructures, The Report of the President=s Commission on Critical Infrastructure Protection, October 1997, Report Summary,

127. Ibid.

128. Ibid.

129. AProtecting America=s Critical Infrastructures: PDD 63,@ The White House, May 22, 1998. See also White Paper AThe Clinton Administration=s Policy on Critical Infrastructure Protection: Presidential Decision Directive 63,@ May 22, 1998, and ANational Infrastructure Assurance Council,@ Executive Order, The White House, July 14, 1999.

130. CIWARS Intelligence Report, Centre for Infrastructural Warfare Studies, June 21, 1998; APentagon Computer Systems Hacked,@ Info Security News, June 1998; Douglas Pasternak and Bruce B. Auster, ATerrorism at the Touch of a Keyboard,@ U.S. News & World Report, July 13, 1998, p. 37.

Info Axioms   Workshop   Authors   Papers   Info Strategy   Related Links