The Internet’s global emergence has long produced worries about terrorism in cyberspace. In the USA, President Bill Clinton feared terrorist cyberattacks against critical infrastructure in the late 1990s,1 and, reacting to the San Bernardino shootings in December 2015, politicians demanded action against terrorist exploitation of social media.2 Despite two decades of concerns, states have not developed much international law addressing terrorism in cyberspace. New developments, such as anxieties about terrorist use of encryption3 and military cyberattacks against terrorist online capabilities,4 are unlikely to generate new international law. Explaining this reality requires understanding that certain terrorist uses of information and communication technologies (ICTs) have not materialised, while others confound states in ways that produce little consensus about how to respond.
This article analyzes the international legal landscape of terrorism in cyberspace in order to explain how it emerged, what it includes and whether changing international law in this context is appropriate and feasible. After considering preliminary issues for international law in the relationship between terrorism and cyberspace (Section 2), the article examines international law in connection with terrorists launching cyberattacks (Section 3). It then explores the international legal implications of cyber-enabled terrorist activities, such as spreading propaganda and radicalisation (Section 4). What emerges is a conundrum—prospects for international law are least apparent where terrorism in cyberspace has become a global crisis.