Terrorism, the Internet, and the Islamic State’s Defeat: It’s Over, But It’s Not Over
The military campaign against the self-declared Islamic State group has all but ended its control of territory. This achievement has destroyed one thing that distinguished it from previous extremist groups—its commitment to seize, defend, and govern territory. The military progress has also damaged another defining feature of this group—its exploitation of the internet, especially social media, to advance its ideology, wage war, and strengthen a self-proclaimed caliphate. With its territory gone and internet activities disrupted [PDF] policymakers must determine what threats the Islamic State will now present. This inflection point raises questions about how it and other terrorist groups will use the internet and whether policies used to thwart the Islamic State online will work in this new context.
Policy on terrorism and the internet prior to the Islamic State’s emergence focused predominantly on counter-intelligence, which included expanding electronic surveillance after the 9/11 attacks. Experts also worried about terrorists launching cyberattacks against internet-dependent critical infrastructure, a threat that supported reducing vulnerabilities through better cyber defenses. Work on reducing terrorist content on the internet and disseminating alternative narratives online to prevent radicalization was underway, but these activities did not have the prominence counter-intelligence and counter-vulnerability approaches did.
Terrorism and Counterterrorism
The Islamic State’s online offensive, launched as it gained territory in Iraq and Syria, changed the policy terrain for countering terrorist use of the internet. The group’s use of social media was open rather than clandestine, which meant a counter-intelligence emphasis was of limited use. The Islamic State invested in exploiting social media rather than building cyber weapons, making counter-vulnerability approaches unresponsive to the dangers being created. Instead, policymakers had to elevate counter-content and counter-narrative strategies, but this shift proved difficult, controversial, and of hotly debated effectiveness. Another strategy emerged as part of the armed conflict with the Islamic State—offensive military cyber operations against the group’s online capabilities. However, media reports and former Secretary of Defense Ash Carter indicated U.S. cyber operations against the Islamic State’s online ambitions and actions proved disappointing.
With military defeat, the internet becomes, in many ways, more important to the Islamic State. However, the manner in which this group exploits cyberspace changed as it lost territory and the legitimacy its ideology placed on governing a “real space” caliphate. These changes are markers for what extremists will attempt online in the foreseeable future. In terms of means, the Islamic State has shifted from emphasizing Western-based social media to prioritizing encrypted applications, such as Telegram, and use of the deep and dark webs. This shift shrinks the visibility, scale, and intensity of its online activities but makes them harder to track, assess, and counter.
In terms of ends, the Islamic State has transitioned from using the internet to support war-fighting and state-building in defending, expanding, and governing its caliphate to (1) sustaining an ability to fight an insurgency; and (2) directing, enabling, and inspiring terrorist attacks in hostile nations, including European countries and the United States. This change means the Islamic State has lost what distinguished its online efforts from those of other extremist groups mounting insurgencies and engaging in conventional terrorism against adversaries.
These changes disrupt policy approaches developed for what the Islamic State did online as it burst onto the global scene in 2014. With the Islamic State going “underground” by moving to encrypted, less open digital communications, counter-intelligence becomes more important but increasingly difficult and controversial. The shift to using the internet to facilitate conventional terrorist attacks keeps the need for counter-content efforts urgent, but finding and removing extremist content online will become more difficult as Western social media becomes less important. Similarly, counter-narrative activities will find it harder to understand extremist messages online and harder to reach persons vulnerable to such messages. Gauging the effectiveness of counter-narrative initiatives was already difficult; the new context might make it nearly impossible to assess their impact. The utility of counter-capability actions will also become more questionable. Targets for military cyber operations shrink, disperse, and hide, which increases the difficulty of determining the impact of such operations. Speculation that the post-caliphate Islamic State might turn to cyber terrorist attacks exists, but the Islamic State does not now seem well-positioned to invest in developing cyber weapons to launch against adversaries.
Despite these emerging challenges, use of the internet by the Islamic State and other terrorist groups might receive less attention than it deserves. The military defeat of the Islamic State could reduce the urgency seen in efforts to counter online extremism over the past three years. In addition, other cyber crises now dominate policy discussions, including information operations by states, online political advertising, and the fake news problem. The Islamic State’s “social media moment” might be over, but this inflection point presents challenges we have not begun to assess let alone prepare to handle.
Terrorism and Counterterrorism