The relentless advance of technology has ushered in a pivotal transformation, redefining warfare in the boundless realm of cyberspace. Terrorists fight their wars on the ground and in cyberspace, however, cyberterrorism can pose a grave threat by terrorists exploiting the vulnerabilities of the World Wide Web. According to Haifa University, Gabriel Weimann, the number of terrorist sites increased exponentially over the last decade—from less than 100 to more than 4,800 two years ago (Kaplan, 2009). Terrorist websites can be seen as the gateway to domestic and international terrorism. The exponential reach provided by the internet can allow terrorists to coordinate attacks, share information, spread propaganda, raise funds, and recruit. Cyberterrorism, as defined by the FBI, involves a premeditated, politically motivated attack against computer systems, computer programs, and data which results in violence against non-combatant targets by sub-national groups or clandestine agents” (Terrorism | North Augusta, SC, 2024). It enables terrorists to generate panic, terror, and physical violence or disruption.  Despite, the absence of a universal definition among foreign nations, the threat of terrorists using the WWW could potentially trigger a new global war on terror.

Introduction

This analytical assessment of the WWW threat provides current research on the control and vulnerabilities of the World Wide Web concerning terrorist use of the Internet. The focus is on identifying key players controlling WWW, their mechanism of control, and potential vulnerabilities that terrorists can exploit. Providing strengths and weaknesses of the current control mechanism will allow for proposed recommendations for intelligence operations. Generally, the WWW has become a continuous problem for policymakers since it became an integral platform for communication, commerce, and information exchange. However, the limited control of its decentralized nature presents challenges for domestic and international security. This paper aims to advise the Director of the National Counterterrorism Center (CTC) with a clear and concise understanding of the key players that control the WWW, how they control it, their ability to control content usage, and potential vulnerabilities that terrorists could exploit.

The use of the WWW remains vulnerable making counterterrorism efforts crucial for several reasons. First, terrorist websites can serve as a virtual training ground, providing videos to create makeshift bombs, firing surface-to-air missiles, shooting at U.S. soldiers, and sneaking into terrorist factions. While including sites that host messages and propaganda videos to help increase recognition and morale. Identifying terrorist websites is often challenging, constantly subdued by cybersecurity measures or even disappearing or shifting to a new address. Both ISIS and Al-Qaeda are known for using various websites to disseminate propaganda, recruit members, and coordinate activities. Social media organizations like Twitter and Facebook have witnessed an influx of terrorist-related posts and accounts. Twitter stated, it “suspended more than 125,000 accounts since mid-2015, ‘for threatening or promoting terroristic acts’” (BBC News, 2016). Are these suspensions enough to mitigate or halt terrorist use of the World Wide Web? In December 2016, policymakers pushed a bill that would force companies like Facebook and Twitter – to report any apparent terrorist activity they find (BBC News, 2016). This is not enough; terrorists are far more sophisticated in utilizing the internet and its communication system. The Dark Web is a forum that terrorist organizations frequently use when public internet services shut them down. Jihadists and dark web forums enable terrorist affiliates to conduct their operations anonymously. Both platforms offer encrypted communication to flow through the WWW, evading detection from federal law enforcement and intelligence agencies.

Brief mention of the historical context of the World Wide Web

Tim Berners-Lee, a British computer scientist, invented the World Wide Web in 1989. It was originally intended to automate information-sharing between scientists and institutes globally. Providing reliable communication through the expansion of computers, data, and virtual networks into an efficient global information system (A Short History of the Web, 2024).

Key Players Controlling the WWW

The WWW consists of an individual’s IP address that is used to connect to websites and communication channels. Each unique address is used for computers to locate each other. To protect the Domain Name System (DNS: Network protocol that translates human-readable domain names into numerical IP addresses (Team, 2023)). A group of 7 key holders holds the actual key to secure and gain control of the assigned names and numbers of the domain network system. ICANN (Internet Corporation for Assigned Names and Numbers) coordinates these unique identifiers, by meeting 4 times a year (twice in the west coast and twice in the east coast). With the lack of oversight and coordination, without ICANN, there won’t be one global internet (What Does ICANN Do? – ICANN, 2012).

(This structure ensures that ICANN operates with a multi-stakeholder model, incorporating diverse perspectives and advice in its decision-making process (Figure 7: Structural Diagram of ICANN Committee Structure)

ICANN was formed in 1998, a few years after the invention of the WWW. It is a non-profit partnership of people all over the world dedicated to keeping the Internet secure, stable, and interoperable (What Does ICANN Do? – ICANN, 2012). Promoting a friendly competitive environment to develop policies on the Internet unique identifiers. There is a total of 14 keyholders, 7 holding the actual key and 7 holding the backup key. Their ceremony requires at least three of them, and their keys, and attend to unlock the equipment that protects DNS (Bort, 2017). Moreover, the ICANN-associated bodies consist of other Internet task forces and the U.S. Department of Commerce. Notably, the creation of the internet and its information-sharing capabilities has led to the emergence of organizations in support of the protection of the Internet’s global reach.

Mechanisms of governance and control

Internet governance is founded upon a system of laws, rules, policies, and practices that dictate how stakeholders manage and oversee the affairs of any Internet-related regulatory body. However, the assumption that major tech companies like Amazon, Facebook, and Google, control the internet is false. But tech companies do represent a small fraction of the organization’s influence over information-sharing and finances on the internet. Some countries have certain internet websites blocked via censorship. Nonetheless, no one person, company organization, or government runs the internet.

Role of governments in Internet censorship and control – List of common Internet censorship technologies (The Technology of Information Control | Townsend Center for the Humanities)

• DNS Tampering: In countries where authorities have control over domain name servers, officials can “deregister” a domain that is hosting illicit content.
• IP Blocking: Governments with control over internet service providers can blacklist certain IP addresses of websites they do not like. When an individual requests to access blacklisted sites, requests will be monitored by surveillance computers.
• Keyword filtering: IP address filtering only blocks websites that are explicitly blacklisted.
• Packet filtering: The process of deep packet inspection examines packet contents for banned words.

Vulnerabilities Exploited by Terrorist Use Of WWW

The decentralization of the internet network has created vulnerabilities where terrorist organizations can potentially reach their malicious agendas. The global reach of the internet can be seen as dangerous. The outcome to potentially reach a mass audience can ensue radicalistic ideology, causing to misinform individuals. What constitutes a ‘terrorist website’? Terrorist sites include the official sites that are affiliated with the terrorist organization. Online social media platforms are a key feature in disseminating violent rhetoric to users. In 2016, social media played a role in the radicalization process of nearly 90% of the extremists in the PIRUS data (UMD, 2018). The authorities and social media companies made a great attempt to crack down on terrorist accounts and any type of extremist content that can potentially surface on the dark web. Although, an example of mitigating the crackdown, the Islamic State (IS) responded by continuing to communicate on encrypted messaging applications (Nikita Malik, 2018). The cause of the exploitation is the result of shortened regulation on encrypted messaging applications. These certain encrypted social media platforms increase the growth of U.S. extremists. From 2011-2016, 216 out of 295 (73.2%) of the extremists in the PIRUS – datasheet, use encrypted social media platforms to passively share content (UMD, 2018).

An example of the two forms of common end-to-end encrypted messaging applications would be the Darknet and Telegram. Both platforms are connected to the 2015 Paris attack. The IS sent communicative feeds through the Rich Site Summary (RSS contains news feeds based on the Telegram channel URL) an enabled feature on the Telegram app reaching 20,000 people on that channel. Additionally, the IS advises supporters to communicate via Telegram. Moreover, the Darknet at the time of the Paris attack was the hub of all propaganda broadcasting. A Jihadist forum called Shamikh, posted details on how to reach the website with multiple language translations. The exploitation of encrypted communication applications can be harmful by being exposed to such radicalization. A report published by The Henry Jackson Society found that in more than a third (35%) of the 269 total Islamist-related offenses researched, the internet was cited as a major site for offenders’ engagement with extremism (Nikita Malik, 2018). Recently, ongoing coordination with the FBI and law enforcement authorities across the United States resulted in the fall of ISIS’s critical online infrastructure (FBI, 2024). Those sites were used to showcase terrorist content.

Strengths and Weaknesses of Current Safeguard Mechanisms

Evaluation of ICANN’s Security Protocols –

ICANN is one of the forefronts of overseeing internet security. It plays a crucial role in maintaining the security and stability of the DNS. Its security protocols ensure the integrity of each DNS key along with its backup key. Comparatively, CISA and ICANN mitigation plans are rather similar. ICANN’s DNS Security Threat Mitigation provides a group-sharing platform to improve the clarity of various DNS security threats (DNS Security Threat Mitigation Program – ICANN,). Despite the positive progress in reducing terrorist activity online, technology progresses and so does cyberattacks. The progressiveness of major tech companies can’t outpace the emergence of evolving cyberattacks, making it challenging for ICANN. The WWW and the uncontrolled nature of the internet limit ICANN in the DNS layer of the network. This limitation creates a gap where rules can’t surpass the content carried by the internet providers.

Analysis of the influence of Major tech companies and their security policies –

Major technology companies hold great power in the control of influence in terms of internet infrastructure and data flow. By controlling the vast amount of content, these tech companies can control the way content can be distributed. For example, numerous tech companies provided a feature called “For You” filtering out content that is catered to the user specifically. Mainly, social media platforms, implement features like filtering, data collection measures-agreements, and censorship. However, these may not be as reactive when dealing with an influx of billions of internet users daily. The internet is used by people all over the world and attempting to take down terrorist content might not be easy as it seems. Users can save, share, post, and repeat and can just repost the deleted terrorist content. Including the major influence social media platforms provide to terrorists, it can raise flags on privacy, accountability, and abuse of power concerns.

Assessment of Government censorship and surveillance

Governments, particularly the United States, play a critical role in internet governance when it comes to counterterrorism and terrorism. With the use of third-party services, regulatory bodies, and partnerships with tech companies, the government can monitor and control online content (to some degree) to prevent terrorist content and activities. While government oversight is needed, it poses two challenges the attack on civil liberties and the failure to track down encrypted channels.

Recommendation for Intelligence Operations

• Enhancing collaboration with Social Media Platforms and Internet Service Providers
• The openness of the internet can lead to major flaws in attempting to track down terrorist use of the WWW. Particularly apps that provide encrypted services should monitor and suspend any channels containing terrorist content. A potential consequence would be a violation of privacy, but to balance privacy and counterterrorism efforts it is needed to come to a middle ground when dealing with encrypted applications.
• Expansion of key holders and their roles in governmental positions
• Acquiring expertise from individuals who strive for internet protection can provide a balanced approach to implementing policies regarding internet governance and cyber threats.
• Increase in major internet bodies’ responsibilities
• While ICANN is limited to the DNS layer of the network, tracking down encrypted messages will remain difficult. The growth of automated cyber-attacks and propaganda dissemination will be hard to detect, and enhancing internet units’ capabilities in identifying threats and tracking the IP address can accelerate the process of reducing the content and usage of terrorists on the WWW.