>> From the Library of Congress in Washington D.C. ^E00:00:03 ^B00:00:18 >> Hello. I'm Gail Shirazi of the Israel and Judaica section here at the library. Welcome to today's program, a presentation by Professor Gabriel Weimann. Terrorism in Cyberspace, the Dark Future, question mark. Cosponsored by the Science, Technology and Business Division here at the library, the Hebrew Language Table here at the Library, in cooperation with The Woodrow Wilson International Center for Scholars. I would like to thank the Wilson Center, Lawrence Marcus and the staff of the Sci Tech and Business Division, our Public Affairs Office and Galina Teverovsky of the IJ section for all their support and help. And I would also personally and professionally like to thank Gabi Weimann. Before I introduce a speaker I would like just to take a few minutes to announce our next program that's in the planning. The screening of the award-winning films Zamani about a ten year old girl, Ethiopian girl who survives her life-threatening condition because of the help of an American doctor that was sent by the Joint Distribution Committee to Ethiopia. That'll be August 12th at 12:00 at the theater. Professor Weimann is a full professor of communications at the University of Haifa in Israel. This is Gabi's third lecture at the library. His previous lectures have been webcast and are accessible through the LC web homepage. His research includes, his research interests include the study of media effects, political campaigns, new media technologies and their social impact, persuasion and influence, media, public opinion, modern terrorism and the mass media. He's published extensively in all these areas. His new book Terrorism in Cyberspace the Next Generation was just published by the Woodrow Wilson Center Press and Columbia University Press, and we have copies for sale outside the door. He's received numerous grants, awards from international foundations, was a visiting professor at several universities and institutions, including the University of Pennsylvania, Stanford. He was at the Wilson Center, USIP, there's just too much to give him a real good, give you a real good description of his work. So I advise you to go to Google and search for yourself. And this event couldn't have happened at a better time, given the situation with cyberterrorism just these past couple weeks. Before we start, I'd like you to turn off your phones please, and I want to tell you we're being webcast. So if anybody does not want to be possibly filmed, please don't ask a question. That's the place where they'll zoom in on you. Now I'd like to turn the floor over to Gabi. Thank you all for coming. ^E00:03:27 ^B00:03:34 >> Hi. Thank you. It's nice to be again here, and I ask myself why actually am I again here. And so often, third time. Well the answer is simple. For the, in the last 18 years, I've been studying terrorists. They are not nice people, especially those that I deal with. They are ruthless, aggressive, violent, but I manage to deal with it. But there is no way I could say no to Gail Shirazi. I can deal with terrorists. I can't say no to Gail Shirazi. So this is why I'm here. Before we start, there will be time for questions and answers. By the way, there are seats here, these two that I see for people who are standing. There will be, it will be about 40 minutes. It won't be a lecture. It will be a presentation. It will be like show and tell. I will take you into the world of terrorism online. I will not promote my book, but I will highlight at least some of the main findings presented in the book. So let's start actually with speaking about last week, about the relevancy of my study. And let's start with OPM. I bet you heard about it that OPM was breached. Four million US government employees is I guess, including Library of Congress employees, were targeted by cyber breach. Chinese hackers, maybe other hackers. So are we really protected against cyberterrorism? As this lecture will later reveal, when I wrote my last book ten years ago, nine years ago, terrorism on the internet, there was a chapter about cyberterrorism. And I wrote there in 2006 that cyberterrorism is like a cloud. The cloud somewhere on the horizon. It may come here. But it's still far. We don't know when it will come. Now let me tell you the dark cloud is here. E Street, OPM. Another event last week, all related to my lecture, all related to my presentation today. A Boston man who planned to behead Boston police officers was stopped and killed by police last Tuesday. This is the guy. He was related to ISIS. But he never went to ISIS, was never recruited to ISIS. He never attended any camp or any mosque. All was done online. His radicalization. His seduction, recruitment, activation, and even launching, was all done online. And if you go and check his record the way we did online, you'll find postings like that in his Facebook. A coffin, open coffin, with the quote from the Quran, everyone shall taste the death. So let me just for a second take you to a video, a very short video. Again, relative to this event and to my lecture today. ^E00:06:58 ^B00:07:02 How do we get it smaller? Okay. Sound. We have sound? >> Federal investigators saying that they believe that the two Boston terrorist suspects were likely radicalized online by ISIS, a move becoming a trend. And we're continuing to see this in other plots as well. And during a hearing yesterday, counterterrorism officials warned that the use of social media by ISIS is unprecedented. >> ISIL has been able to quickly reach a global audience and encourage acts of violence inspiring US citizens to travel to Syria to recruit and radicalize. >> Its social media presence is more widespread than any other terrorist group. ISIL has often shaped its media contents to amplify the effect of its violent operations and activities. They do so in an attempt to project an image of power and intimidation. >> [Inaudible] Republican Congresswoman Martha McSally is a member of the Homeland Security Committee, and she was at that hearing. Congresswoman, welcome. Good to have you here this morning. >> Thanks. Good to be here. >> You know you see what happened in Boston obviously, and it makes you extremely concerned I know about how active these online recruiting efforts are. And there are so many vulnerable young men and women as you point out who for some reason are succumbing to this. >> Absolutely I just came from a classified update on this and the other terror threats abroad and at home, and what we're seeing is this sophisticated social media campaign. Over 200,000 ISIS-related tweets a day. Think about that. And they're using it to recruit individuals to come to the fight, get training, join the fight over in Iraq and Syria. And then maybe flow back. But they're also using it to try and inspire individuals, wherever they are, to radicalize them and to take action in their own communities. So Boston is just another example. It looks like individuals, they just wanted to take action. They're an action-oriented terrorist organization. Great work by federal and local law enforcement. They were tracking this guy. >> Okay. This was just an example. Let's go back. ^M00:09:18 The book that I published recently by Columbia University Press and Wilson Center, Terrorism in Cyberspace is looking at the future. The emerging trends and the future threats. This is why I called it, subtitled it, the next generation. Just to get you, and it'll take me only one minute, what is the book all about? The main chapters are part one, actually reviews the history of terrorism online. How terrorists started using the internet. And they started in the late '90s. And we were there already 18 years ago, monitoring terrorist presence online. Al-Qaeda was there. [Inaudible] was there. ISIS was not there of course. ISIS were not existed then. So the first part is a short review of the history of online terrorism. ^M00:10:15 The second part looks at emerging trends. What are the new trends in online terrorism? Some of them we actually witness every day to-date. The first one is called narrowcasting. I will not discuss it today, but I will mention it. Narrowcasting means the terrorism moved from one website to all to numerous platforms, targeting subpopulations. So instead of one message directed to all, they are very wise and very sophisticated about slicing down the target audiences into small groups. And narrowcasting means that they have special platforms and websites and forums and chatrooms and videos targeting children, women, overseas communities, immigrants and so on. So that's narrowcasting. And it's well related to the second topic, which I will discuss now, lone wolves in cyberspace. All cases of terrorist attacks, recent attacks in the US and in Europe, all of them seem to be lone wolves. People acting by themselves. Not a type of group action like we saw in 9/11. Are there really lone wolves? And I will argue that we should look for the virtual pack behind them. And we can find the virtual pack. So I discuss it later today. E-marketing. E-marketing reflects the new trend of online marketing. Now terrorists, as this chapter reveals, learned how to use marketing techniques when appealing recruited, seducing, radicalizing and activating the people. Fourth issue, which I don't have the time to discuss today, but's all in the book, is debates online. Terrorists not only use online platforms to recruit, to seduce, to spread propaganda, to frighten us with all those executions and so on. But they also debate online. Which gives us an interesting opening, or window if you want, to the inner debates among terrorist groups, between groups, within groups and so on. Online fatwas. Radical Islam is often challenged by questions, should we kill innocent people? How about killing our own brothers? Is it legitimate to kill children and women? And as you will see, very often all of these are solved by fatwas, by religious loves. Only those fatwas today are spread online. So we have online fatwas issued by I would say significant persons in the extremists world and published online. And finally, an issue we will discuss today, terror on social media. So these are the emerging trends of the last years. But I also look at future trends. And some of them will be discussed today. The issue of cyberterrorism, OPM was just an example. And not the most frightening one as I will discuss later. Counterterrorism. How can we fight back terrorism online? I will discuss some of it today. The war of narratives, launching counter complaints, fighting against the terrorist narratives and so on. And the need to balance the war of terrorism with the need to preserve and protect our civil liberties. So what is the golden pass? The ideal compromise between national security and civil liberties? How can we achieve that? So that, all of it is discussed in the book. If you're interested, the books are out there. But first let me know take you to the world on online terrorism. Some illustrative examples. This is a new type of, if you want, terrorist setup. Terrorists and computers. These are Chechen rebels, with a laptop in front of them. These is a [inaudible] rebel, [inaudible], yeah, rifle and a computer. Usbeki Jihadist leader [inaudible] and a computer. This is the so-called spokesperson in English for Al Qaeda, Adam Yahiye Gadahn, half Jewish by the way. Converted to Islam. Joined Al Qaeda and became the spokesperson in English. Well as you can see, two computers. Does this look like a computer lab or a terrorist camp? Well this is actually Hezbollah bunker captured in 2006. You don't see weapons there, but you see a lot of computers. ISIS as we know it today. And of course the recent examples that we witnessed executions online, crucifications [phonetic] online, mass shootings, executions by burning a pile of beheadings and so on. All of it videotaped, high definition, edited and posted online. And gaining I would say huge exposure worldwide. So how do we get all this data? And I'm glad to say I have [Inaudible] where are you? Just raise your point. I even have an ex-research assistant involved in this project, now PhD candidate at the University of Pennsylvania. Nice to have you here again. The study started in 1998. At that time I had one student, [inaudible] who was interested in the topic. And we, both of us monitored terrorism presence online. We had only 12 websites. It was easy. Most of them one language only. Very stable. Not very sophisticated and not well protected. Today we are dealing with over 9,800, almost 10,000 websites on top of that, all the social platform, okay. Instagram, YouTube, Twitter, Facebook, and so on. What we do is actually like librarians, we first download the material and archive it. And then we code it so we can search it, we can analyze it, we can look for any type of information for various studies. We download everything, visual as well as textual, music, videos, books, manuals, whatever they have. The research, this study was funded by several grants from academic institutions, USAB [phonetic] including, National Institute of Justice and IJ in the states. Woodrow Wilson Center, and recently the European Community, EU, which is funding our current research online on radicalization. All our findings are reported in books like the one you see outside of the previous books. You see some of them here. Special Reports, and so on. This book was the last one I published in 2006. Now replaced by the new book, 2015, that looks at what happened since then and at the near future. Let me argue that there were three stages in terrorists' presence online. The first one, the early one, starting in the late 90s, was websites only. Each terrorist group first 12, then 20, today all of them, had websites. Websites in which they presented propaganda, the leadership, some information about how to join them and so on. The second stage started later in the early 2000s when they were looking for interacting ways. Not just one way website. But they wanted to interact with the audiences to seduce, to convince, to recruit. They needed interactive platforms. So they added in the second state, interactive platforms like forums and chatrooms. And the third stage, which is currently the hottest platform, are the social media, meaning YouTube, Facebook, Twitter, Instagram and so on. Now what are the emerging threats? I won't be able to discuss all of them, but let me focus on at least three of them. And I leave some time for questions. Lone wolves in cyberspace. The migration to social media. And the future threat, or the current threat actually, of cyberterrorism. As I said, the dark cloud already came to us. Well lone wolves. The term lone wolves is wrong and misleading. It gives us the idea that these are individuals working by themselves, operating by themselves. Well like in nature, the real wolves never hunt alone. A lone wolf in nature will die. They need a pack in order to hunt effectively. And the same applies to terrorism. We may see the lone operator, the lone attacker, the guy who has the knife, the guy who has the bomb, those guys with the pressure cooker in the marathon in Boston. But trust me, behind each one of them there's a virtual back. There's a pack that recruited them, that radicalized them, that taught them, trained them, and launched them. They are never alone. The only thing is that all of these virtual packs are to be found online. And this is the new trend, because most of recent terrorist attacks, and I guess those in the future, will not be the old form of Al Qaeda like a huge group attacking but will be as they are now, a lone wolf attacking. ^M00:20:18 A lone wolf backed, supported, directed by a virtual pack. And all of this is done online. So all we have to do is actually go into cyberspace and look for the footprints. And you find the footprints, the virtual footprints in the cyberspace, leading, revealing the pack behind them. Let's look at the Boston Marathon that took place in 2013, two years ago. Those two guys, the two brothers that you see here, the Tsarnaev brothers, never attended any terrorist camp. They never went to any recruitment process. And they didn't know anything about bombing a marathon. But they knew, because they learned. They were recruited, seduced, and I would say trained online. The tracks they left online, and there are so many of them. You can find easily if you searched their track on social platforms. You find Twitter postings, tweets. You find Facebook postings. You'll find the pages that they downloaded, including one that you see here on the right. ^E00:21:33 ^B00:21:39 That one. Open Source Jihad. Okay, what's that? That's a manual, online manual for terrorists. They can form a magazine called Inspire published in English online. And one of the elements there is if you can see it, make a bomb in the kitchen of your mom. If you open that page, you're very likely to see this. Instructions how to build a bomb from pressure cooker. By the way, I erased the lines, so I don't want to teach you. I bet some of you have pressure cookers at home, and some of you have, well, targets in mind. So, but they certainly downloaded it. Because they followed it. They did exactly what is shown there. And they followed the advice from Open Source Jihad. As did so many other lone wolves. Remember the last month's attack in Texas and the people who were involved. Elton Simpson and Nadir Soofi. Lone wolves. Really? Well here's the other footprints in the snow if you want. In the cyber snow. They left tracks behind. And you can easily see which kind of websites. The one that I highlight here in the top is the website of al-Awlaki, the preacher of Al Qaeda. Even after his death, he's still popular, and he will be mentioned today several times. So they went to his website, and they downloaded is preaching, his suggestions, ideas. But they also left messages on Facebook and tweeted. And as you see, may Allah accept us as [inaudible]. That was just the day they planned to attack. And who was the recruiter of those two lone wolves? We can find him too. As in the Hebdo attack in France, Charlie Hebdo cartoons, the [inaudible] cartoons attack. This guy nicknamed [Inaudible], and we know who he is, suggested to those two guys in Texas that you should do the own path as it was done in France. So you can reveal the recruiters that seduce the launching and so on. All of these guys are lone wolves. None of them was really a lone wolf. And just to show you that if we look at in a graphical way, who are they linked to? Forget the colors and the names and so on, but you can see one thing in common. Most of the lines, in terms of who are they [inaudible] to? Which websites they went to? Which contents or videos they downloaded? You'll find that almost all of them are leading to one guy, in the center, Anwar al-Awlaki, the preacher in the middle, almost all of them are linked to him. So let me move to the next new trend, and this is the issue of new media. The migration to new media. ISIS for example, was born into the third stage. ISIS was born into a stage where the social media became available, relevant, efficient and I would say very free and open to terrorists like ISIS. Terrorists today are using all social platform, including Facebook, Flickr, YouTube, Twitter, Second Life if you know the game, Instagram, and Google Earth. I'm quite sure that you're aware of Google Earth, but try to think for a second as terrorists. Isn't it nice to have Google Earth as a terrorist? Free satellite services. Free of charge. Are they using it? Of course they do. The Mumbai attack in India, I'll come to that in a second. The terrorists that attacked Mumbai, several, in the same day, several targets at the same time. It was coffee shop, hotel, train station and the [inaudible] synagogue, killing the rabbi and his family. All of them came with cellular phones that had Google Earth maps, satellite maps directing them how to get to the location of the target and the timing. This difference in timing and so on. So isn't it nice to have such services? Now why are the social media so relevant for them? First of all, because they're interactive. It's a two-way chat. They can talk to people. They can convince people. They can seduce people. They can recruit people. Now ISIS recruited 30,000 warriors, thousands of them from western societies. Europe, North Americans, so on. And it was all done online. Because they can use it to talk to people, to target people, to convince, to seduce, and when we speak about narrowcasting, it means it's not one appeal to it. ISIS is successful because ISIS knows how to direct different appeals to different populations. And they can recruit people who are thrill seekers, or people who are socially, I would say alienated, frustrated, hopeless. They can use the social bonding motive. Come to us brother, not for terrorism, not for suicide, not for killing, just be part of us. We'll provide you with a community, with brotherhood. Terrorism, suicide, action will come later. Different appeals, narrowcasting, very efficient social media. This is why so many platforms. And remember the number, 200,000 tweets by ISIS in day. They tweet all over. And they use the new recruits to recruit the others. So French ISIS recruits will speak French to French populations. Germans will do it, English, Canadian-Americans. So now social media also very trendy, very popular, especially among young audiences. And if you want, it's not waiting for you to come to us to visit our website. It's us coming to you and knocking on your door using social media. So it's more like a push strategy in marketing than instead of the pull. I'm not waiting for you. I'm coming to you. I'm going to come talk to you using those social media. And only recently months ago, FBI's director James Comey says that social media are the biggest threat in terms of future terrorism. And I fully agree. Now how do they use it? Well YouTube, They tube. You can even see that they manage to have their own YouTube calling it Jihad Tube. See on the bottom. Broadcast your holy war. Jihad Tube using the logo of YouTube. Why YouTube? Because YouTube is visual, attractive, very easy to find, appealing very much to young people. And can be downloaded. People can download it to the telephones, to the CDS, watch it at home, show it to others and so on. Now let me give you just one example of few examples. How YouTube is used. If you just know access YouTube, go to the search engine and put the word Hamas. You'll find that there are 9,890 videos of Hamas online right now. If you put the Hamas Islamic resistance movement, okay, you'll find 1,460, 80, videos posted. Remember Awlaki, the preacher, the vicious one? The one that was connected to so many lone wolves, even after his death, his videos are still powerful. Access by those people who are committing those lone wolves attacks. ^M00:30:15 So put tribute, just the word, the sentence tribute to al-Awlaki on YouTube, American platform, okay. How many anti-American videos you'll find, 4,580 videos off a dead preacher who's still alive if you want online. Facebook. Again, I'm using Awlaki because he's so important even after his death. He is interacting with his audience on Facebook. Somebody presents his messages, his pictures. Somebody answers messages sent to him. And the messages are always very vicious, very aggressive, very violent. And I just gave you some examples like from Facebook generation Awlaki, if you're just going Facebook and search it, you'll see what's posted there. And it will scare you. And it's all up there. Twitter, those short messages. Well I used Twitter, not me actually, it's ISIS that took the logo of Twitter and combined it with their messages. Remember the attack in Kenya in Nairobi in 2013, September, by a group related, al Shabaab, related to Al Qaeda, a branch of Al Qaeda, an affiliate of Al Qaeda, who attacked. They are from Somalia, but they attacked the mall in Nairobi, the Westgate Mall. Now the world didn't know much about that attack, but they were fed constantly by tweets postings by that group, al Shabaab. And you see that the way they reported each, and I have just some of the messages for you, selected some of the messages. HSM Press Office was actually the PR service online on Twitter by this group. Constantly telling the people in the world what's happening in the mall, how many people are killed, updating the media. And the world media were dependent on the feeding, on those feeds, coming on Twitter from a terrorist group. Al Qaeda is on Twitter, and ISIS is on Twitter using video to post and direct people to watch the videos on mass executions. I'm not going to show you any of those gruesome videos, but you know them, and you saw them. All of it is not just posted online, but promoted on social platforms. Prisoners crucified by ISIS. And the recent example, again, just weeks ago, a tweet called Londonattack calling, May 11, calling to attack London. And believe it or not, one of those postings include a list of Jewish targets in London, synagogues, officials, embassy people, their addresses, and so on. So let's move to the last one, the third threat. And maybe the most dangerous one, cyberterrorism. Now what's the difference? Instead of using the internet, instead of using those platforms, we are looking at attacking the platforms. Attacking the internet. Attacking computer networks. Now we rely heavily on computers. Everything that we do from banking to education, from our work to our transportation. From infrastructure. From transportation. Everything is controlled by computers. Now instead of hijacking planes, why don't they damage the control systems? Now cyberterrorism is usually the combination of cyber and terrorism, using cyber tools, computer networks, to sabotage critical national infrastructures. And of course, it may seem almost impossible if you think about terrorists. I mean you say terrorists, well they know how to use social media. But can they really break into our defended, so-called defended, yeah OPM, so-called defended facilities. We have all those firewalls. We have all those experts protecting us. Can they do it, I mean those simple terrorists? Well let me argue, if they don't know how to do it, they certainly can get support from those people who know it. Statistically speaking, if you recruit 30,000 people, all it takes is one of them would be a hacker. One of those 30,000, possible. Second, they can buy the services of professional hackers. Buy them for money. Buy them or recruit them. Seduce them, ideologically, religiously, whatever. And the third option, which is the scariest one, terrorists very often are backed, supported by states. Iran is supporting several terrorist groups. Syria, now North Korea. Those countries have military units that are specializing in cyberattacks. And the attack on China came from professional hackers, on OPM. Now just imagine that some of those states will provide services to terrorist organizations. The Syrian, what they call, also established a unit called SEA, Syrian electronic army. I'll show you what they did. They attacked already in the states, and very effectively. Now let's say that ISIS feels that it's losing, that it's doomsday for them. [Inaudible] provide organizations like Hezbollah with the services of professional hackers from [inaudible], all but Iran and others. What are, what they, what can they do to us? Well, think about all the systems from government operations, including Library of Congress, or OPM to gas, oil storage, deliver, water facilities, banking, transportation, electric energy, nuclear energy, all of them controlled by computers. Or the issue of, how many of you know the term BotNet? Okay. Good. To those of you who don't know, the idea is quite simple. Let's say that I'm a hacker who wants to attack a computer network. And one of the ways to do it is to plant a virus in computers, in other computers, that is spread virus all over the world in computers. By the way, it's very likely that some of you already having a Bot infection in your computer. Now this is a dormant virus. It won't harm your computer. It won't slow it down. It won't do anything. You won't know it's there. You won't find it. And it won't wake up until one day the operator will send a message to that network of viruses, asking them to send at the same time message, a ping, a target, which will cause a collapse. Now is it a scenario? Is it a dream or nightmare? Oh it happened already. And it happened in several countries. But let me just use FBI statistics. Eighteen bot-infected computers every second, every second, there are eighteen bot-infected. And if you look at the map of countries infected, it's hard to say, but in the US, 14%, 14% of the computers are bot-infected. Most of them dormant. They don't do anything, but they may be activated one day. And this thing about your 4%, 6%, 5% of the computers and so on. Was it used? Well we saw that Estonia cyberattack in 2007, causing the collapse of the entire computer system of the states. From banks to universities. From government to transportation. Everything collapsed due to an attack, type of denial of service attack stemming from Russian hackers. Another example, before the Russians invaded Georgia, the same type of cyberattack. So it's not really just a scenario. It happened, and it happens. Now what does it take for terrorists to do it? The first one is motivation, and the second one is the capability. The knowledge and the skills to do it. Now motivation. How can we study motivation? We look to, we are monitoring terrorist chatter. We are looking at the number of times they write about cyberterrorism, can see the cyberterrorism. Suggest that cyberterrorism. And I have all the indications that this is really appealing to them today more than in the past. And again, try to think like terrorists. After 9/11, what could be more dramatic, more effective, than cyberterrorism? Because 9/11 was really dramatic. I mean killing 3,000 people in one day, targeting and hitting the most important places or symbols of American economy, American military and American politics. What can top that? Cyberattack. Now the issue of knowhow is more difficult. ^M00:40:06 Because it's not that easy. To upload a video to a website or to YouTube, well every child can do it. To attack infrastructure while protected, you need professionals who can do it. Well they can be bought, or they can be taught. They can be radicalized. They can be recruited, or they can be bought for money. To indicate that they are interested in cyberterrorism, look at ISIS posting. This is one of the recent ones that just pulled out of many examples. ISIS in May, 2015, posted this threat of using cyberterrorism against the West. Now who can be supporting them? As I said, states that have the units, the capacities there, the professionals who can provide them. And again, remember the relationships between some terrorist groups and the states supporting them. Let it be Iran, Syria, and others. They can provide. Second, criminals. Cybercrime. There can be nation of criminals working, criminal hackers working for terrorist groups or bought by terrorist groups. Terrorists themselves that can recruit people who would be converted, who would be seduced to join. Well, I skip that. It certainly looks like a number one threat in the future. And the recent attack on OPM is just an example of what we can face in the future. And it may also indicate to us that if we think that we are so well protected, and we are well guarded by all these firewalls, remember OPM. And let me show you that it doesn't take much in terms of cyberterrorism to create havoc. If you want anarchy, and a collapse of Wall Street. April, 2013, two years ago, SEA. That is the Syria Electronic Army, launched a campaign against American media, American banks and online companies, cyber companies. Now who is the SEA? As I said it's a military unit of hackers working for President Bashar al-Assad, the Syrian President. What he felt in April, 2013, that was a different era, that the Americans are considering hitting Syria because Assad was using gas against his own people, which he probably does today too. But he wanted to, I would say, show the Americans the potential of a cyberattack. So his hackers attacked numerous facilities, including the AP, Associated Press, okay, the news agency. Now let me show you what they did. Very simple. For a few minutes they managed to present you see the bottom left, a message, AP, the Associate Press, they broke into the AP, Twitter, and they posted a message. Breaking news, two explosions in the White House and Barack Obama is injured. Now that was of course false. But for a couple of minutes, it was spread. Now AP has thousands of clients, news organizations, television, radio stations, newspapers and so on, and online. And it was spread all over. What did it cause? Now look at the graph, and you can see up here, this is the time, okay, 1:00. This was released around 1:00. You see the drop here, the collapse of the Dow Jones. And a loss of $136 billion, only for those minutes, few minutes, that SEA managed to spread the false message. So it didn't take much to cause this collapse. Just breaking into the Twitter of AP and posting a false message. Just to show you the potential of cyberattack. So I'm getting close to the conclusion. Just to tell you what I'm doing now by the way, the current project right now is looking at what I call Wikipedia, Wiki-Terror, the Wiki page of terrorism. Looking at what terrorists are doing in terms of storing information online. Not just on the surface of the online platforms but also in what we call the dark web, the dark net, the deep net, things that are not accessible by simple search on search engines like Google and others. And just to show you that they are collected, they are building their own library, okay. Library of terrorism. The Wiki page of terrorism, starting with the Al Qaeda booklet Lone Mujahid Pocketbook. That is a guide for lone wolves, online. Or the recent one, the ISIS Guide published in 2015, just this year, How to Survive in the West. That is guiding people who join ISIS but don't go to fight there but actually here in the West and will be activated one day. Another one, a Brief Guide to the Islamic State 2015. This are all the type of material that we are looking now into filing them, archiving them, analyzing them, trying to see how terrorism is using those online facilities to build their own library of terrorism. So finally, the question that I guess that some of you will be asking, so is it a dark future? Does it mean that we are doomed to see a wave of smarter, more sophisticated, more dangerous terrorism? Now what can we do about it? I think we have to understand that there is a new war. There is a new arena that we fight in for years now. And there are new challenges, but there are also new ways that we should consider in fighting the terrorism. And in my book suggests some of them. Let me just highlight very briefly some points. The first one is that in order to fight online terrorism we need new type of soldiers, new warriors. People who are equipped with a different knowledge, new weapons and new defenses. That's clear. But it also is related to my claim that the war on terrorism should be regulated. It's not regulated right now. It's a wild, wild west that goes there. There are no regulations whatsoever, who's allowed to do what to whom and how. Now we need to regulate it because as I said in the beginning, we must find the balance, the optimal balance, between the compromise, the ideal compromise between civil liberties, sacrificing some of our liberties, some liberties and national security. We can't have both 100%. But the way we should look at the war on terrorism online, we must find a way to regulate it so that the damage in terms of freedom of speech, in terms of privacy, will be minimized. The third one, and this is a very important notion in my book. I would even argue that if you look for one important sentence in this book, I guess there are more than one, but the most important sentence is this one. Preemptive. What we do so far in terms of fighting online terrorism is reacting to what they do to us. That is we look one day and say oh, they have websites. How can we remove them? How can we block them? How they went on Twitter or they use our Facebook. Or they post videos on YouTube, or pictures in Instagram. Now how can we react to that? And we come up with some ideas like how can we use Facebook in order to identify them? The next day the terrorists post on Facebook, a guidebook, How to Avoid Being Identified on Facebook. So we react to that manual. And it's a cat and a mouse chase, a never ending game. A dialectic game. What I suggest is that we should look for emerging platforms, for the next Twitter. For the next Facebook. For the next YouTube, and design them in a way that will be safer, or at least minimizing the potential of terrorist abuse. The people who devised and produced and promoted and developed social media did not consider terrorism. And now it's too late. But we can certainly look at future platform. And the book is giving some examples of emerging platforms like Bitcoin. How can we, instead of just responding, try to be preemptive. And the issue of counter campaigns. We should not leave the stage only for them. We can target the same target populations with counter narratives, with counter messages. We should launch our own campaigns. And I sometimes wonder how can this state, the US, which is leading the world in terms of political and commercials campaign so successfully, so sophisticated, how come it never came up with a successful counterterrorism campaign? And finally, the issue of who will do it? And again in my book, one of my chapters discusses the issue of public private partnership. This war is launched, this counterterrorism war, especially when you think about cyberterrorism, should not be launched or conducted only by private sectors, private companies or by the public sector. It should be done by a combination of two, of the two sectors. However, as I present in the book, it's hard to see here, what we have today is not a very coordinated type of cooperation. When public agencies, one-on-one, cooperating with private sectors, what I suggested that we will have a mediating organ. ^M00:50:19 The coordinating organ, that we coordinate all the advantages for both sides and connect the public sector with the private sector when it comes to fighting terrorism. And I think both sides can benefit from this cooperation. And certainly if this cooperation will not be done as it is done today one-on-one, and sometimes in a parallel way. But in a more coordinated way. And of course, international cooperation, because this war is not the war of one state. In cyberspace there is no boundaries, no police, no immigration officers. It's a global war. So we need to broaden the ties between countries and to get international cooperation. That's it. Thank you very much. ^E00:51:09 ^B00:51:18 >> We do have time for questions. And Gabi you have to repeat the question. >> Yeah, I'll do it. >> Anybody have a question? >> I do. >> Yes please. [ Inaudible Question ] ^M00:51:38 >> Repeat the question. >> Yeah, the statistics about BotNet infections are alarming. And as you said, you noted that the highest number was in China. And again, we have to remember that percent in China is a huge amount in terms of the number of computers and the size of the population. So yes, BotNet should be bothering us. We are not aware of the sizes. We can, these are only estimates. But the fact that countries like the US, which is supposed to be connected, has 14% of the computers. Or China is even more than that, is an alarming fact. This is what I'm trying to say. Yes please. ^M00:52:28 [ Inaudible Question ] ^M00:52:38 That's a good question, and I'll repeat it. Okay. I was asked whether I can relate to the Israeli experience in fighting online terrorism, the American experience and so on. Let me first emphasize the need to cooperate. Because boundaries and borders and political identities don't mean anything in cyberspace. You can sit in an internet café in Manila, the Philippines, and attack New York. Or you can sit in New York and attack the Philippines. It's a global war. Now the Israeli experience, but before speaking about the Israeli experience, let me first speak about the European experience. I'm now involved in a multi-Euro project, five years. Twelve European countries, and the title of the project is Radicalization Online. Twelve countries in Europe are terrified, and this is an understatement, terrified from online radicalization. Because they have huge minorities, and they have people who are recruited by ISIS and g to ISIS, or on dormant cells in the countries. Twelve countries cooperating together will provide a better understanding, a better means, of fighting. And we have already practical findings after one year only, from this study. I'll give you later one example. And again, it's not one country. It's 12 countries together challenged by the same, by the same threat. The Israeli experience. Usual, unfortunately, is a target for cyberterrorism, as is other terrorist attacks. The numbers are alarming. I mean there are thousands of attacks every day. So the Israelis did manage to I would say develop some protective measures and also to build this type of public partner cooperation, monitored, regulated, coordinated, by one office only. The Prime Minister's office. Speaking about lessons. One society can teach another. From our project in Europe, the EU project, we found out there was a study in England about all those people, and there are hundreds of them, that went from England to join ISIS. One common finding, all of them, were recruited online. That's known. But all of them revealed the fact that they want to join ISIS to at least one member of the family. One member of the family, spouse, child, parent, knew about its intention. What is the practical lesson from that? Maybe we should target not just the people who are the potential recruits, but towards the family members, to be aware, to be minded and to report any change like that. So speaking about it to national cooperation. Speaking about learning from the experience of one society to the other. There's a growing, I would say interest, in international cooperation. It's far from being ideal or satisfactory at this stage. More questions? Yes please. >> Are there any lessons we can learn from your study of terrorist [inaudible] that would be helpful to women who are being terrorized online by various people? >> Thank you. The question was about women. The one perspective in online terrorism. There's a whole chapter in the book about narrowcasting and targeting women. Women became more and more important targets for extremists. Even extreme Jihadi movements that usually regarded women as somebody who should be at home, raise the family, support the husband and so on, are now targeting women as potential recruits. ISIS is recruiting women. Not just as sex slaves and so on, but recruiting women to join and fight or support the war. I think we should be more alarmed by this new trend of female oriented [inaudible]. And when I speak about lessons that you asked about, and I think that one of the lessons should be counter complaints. We should for example reveal to those western audiences what is really happening with the women that go there? Those women that are promised husband and religious satisfaction or whatever. What really goes on there in Iraq and Syria? I don't think we do enough in terms of counter complaint. They, we studied the narratives they use in order to attract, seduce and recruit women. We can actually give you, and the book is listing some of those narratives. All of those narratives can be countered by a smart, sophisticated counter complaint. Targeting the same populations that they target. I won't say that it will minimize, that it will prevent women from being recruited or seduced or radicalized, but it will minimize the number. That's for sure. Did I answer the question? >> I was thinking more of individuals who are being terrorized by others on the basis of the gender or other characteristics. >> Yeah well, the psychological aspect of terrorism was well know. The word terror comes from fear and France, and it was first used to terrorize the public when people were executed and beheaded in public places, French Revolution. Following the French Revolution terror was, state terrorism using the guillotine to scare others. Today the executions do the same thing. Only that instead of putting it in a public place, they put it on YouTube or Facebook and so on. We do have to consider the psychological impact of terrorism. They are certainly launching a, one of the earliest users of online terrorism was to scare people. Not just propaganda, but psychological warfare. And the idea of presenting people beheaded, march to mass execution and those mass graving, mass graves. The burning of pilots in cages and all that. The beheadings of generally, it's all part of psychological warfare. And that's a very important ingredient in the terrorist campaign. Yes please. >> Is there anything that, is there anything that your book addresses regarding the news media, that the news media can do in terms of maybe inadvertently popularizing or glamourizing the. >> Yes. Well let me direct you to another book, a much better book, called Theater of Terror, published by Gabriel Weimann some years ago. At that time, that book came out in the 90s, and we looked at, let's call it the old media, the conventional media, radio, television, so on. And the book was called the Theater of Terror, applying the metaphor theater, arguing that terrorist attacks are usually a kind of theater production where the media provide the stage, and the audiences are the real target. That is the people for example, the Israeli athletes in the Munich massacre were not really the target. They provided the blood, the drama, the attraction, the news, the story. The real target are the audiences, and that relates again to the psychological impact, or the political messages sent to audiences. ^M01:00:23 Eight hundred million viewers were watching the Munich Olympic live, the massacre actually, the event. And then we looked at the last chapter in that book, the Theater of Terror, available at the Library of Congress, the last chapter is a question. Must the show go on? Speaking about the theater. And we looked at various regulations and self-guided media. That they adopted some regulation, self-regulation actually, censorship. We tried to analyze whether they really applied, like never ask for a deadline. I don't interview relatives of a hostage while the hostage is still being kept as a hostage. Don't glorify terrorists. Don't present terrorist material without mentioning that it is, was produced by terrorists or it's edited or not edited. And that's the book's conclude. So we have many, many suggested regulations, but in many, many cases the media don't follow. During the hype of a terrorist case, anything will go, including asking terrorists for deadlines, interviewing family members, showing horrible and gruesome videos. But I would argue that today, the Theater of Terror lost its meaning once we have the new media. The uncontrolled stage, the uncensored, the free. This is the beauty of the internet if you want and the weakness. Everybody can access it. There's no big brother. There's no central control. Everybody can post whatever they want. It's good for democracy. It's good for free flow communication. But it is also good for the bad guys. Let them be people who are producing porno material, child porno, selling drugs, cybercrimes if you want, cyberterrorists. Yes please. >> In the years you've been studying, have you seen this [inaudible] of significant political change in the attitudes about the world events thrust upon us whether we want it or not? [Inaudible] political entities that you deal with, have they changed their attitudes about what's happening in the world? >> Which political entities? I will repeat the question once I understand it. >> [Inaudible] your messages to get out in order for media to change presentations. [Inaudible] that there has to be some change in the way that the either social organizations, political organizations understand cyberterrorism and react to it. Have you seen changes in the [inaudible]? ^M01:03:11 >> Okay. Now I understand the question. I was asked whether, do I monitor, do I [inaudible] any changes in terms of political entities, governments, I would say securities agencies and so on. Yes I do. I do find changes. And let me say that some years ago when we started this project, we had a hard time convincing people that terrorists are using online platforms. Because they came to us and said, come on, the internet is a western tool. They come from underdeveloped countries, third world countries. They can't use it, and the audiences are not using it and so on. And then we said well you must understand that they don't use it the same way we have, we are using it. But they have the internet cafes. They have public libraries cafes. And public libraries' access to computers. And an amount of the rate of exposures, higher than you see than just looking at the diffusion of computers into the homes. It took some years, especially after 9/11, that we were more successful in convincing authorities, counterterrorism agencies, governments, and even funding institutions, to support this kind of research. I think that today there's no question. The question is do they recognize the needed steps to fight it? And again, this is a gradual process in which I say we made some progress but not enough. For example, they were very eager, whenever we present these findings and we do go to, and I won't mention them. I'm not allowed to mention the name of those organizations, including in the states. But these are official counterterrorism units. And we present those findings in workshops, in seminars, very often what we are asked is how can we block them? How can we remove them from online platforms? How can we stop them? And the answer that I give is that we may need a more sophisticated approach. Because some of those websites, some of those postings, some of those videos, should be kept alive. Should be kept alive because this is a source of information, of intelligence. Because this is opening a window into the mindset of terrorists that we don't have anything like that. We should also consider keeping those platforms alive, but in the same time, interfere with them. One of the chapters in the book is called Mud, M-U-D. Standing for a model that we suggest, MUD stands for monetary using and destroying, okay. So I actually describe what kind of websites or what kind of online platforms used by terrorists should be only monitored. That's the M at MUD. Used, that's the U. Kept alive, but interfered. That is counter complaints, attacking the authority or the credibility of the sources there. And the third one, which one should be destroyed. So I think we are not there in convincing all those organs, units, of what should be done. But a growing awareness I certainly find. >> I think there's a question here. >> Yes please. >> I don't know if my question will make sense. Media outlets like Facebook, YouTube and Twitter, these are private companies that are profitable. My question is, why the government for example in the US, just talking, forced them to establish filters, especially now that they're really helping in the recruitment, in the messaging, or whatever, for the young people? As a temporary solution and probably more complex. But to force them to really set up filters so these messages don't go through. >> Thank you. This question is addressed in my book. I think if you look at page 185 and on, but it's an issue that is always raised. Why won't, if they're abusing our platforms, why don't we regulate the platforms? We actually control Facebook, Twitter, those companies, and ask them. Stop giving them the access. Remove them. Block them. Hack them and so on. Well the answer is not that simple. First of all, I'm not sure that I would like to have private companies playing the role of political censors. Do we really want YouTube, Facebook, to decide who's a terrorist and what is terrorist material? And what should be censored, and what should be eliminated. Second, even if you want to, and I'm not sure that I want them, private companies, to play this role. Are they able to do that? There are millions of postings on Twitter and Facebook. Who would do the work? Do you expect them to do the search? They don't. This is why I'm suggesting this kind of public to private corporation in which public companies will be guided by, assisted, by public agencies regarding definitions of what should be removed, what should be kept, how should we, should it be dealt with. And the war on terrorism should be regulated. I agree, but I don't expect it to be done only by the private sector. They are not equipped to do it, and I'm not quite sure that in a democracy would like private companies to play the role of political censors. >> My approach was, when we, when I talk about filters is that the TSA about key words. We're not asking to go after everything, but there are some key words that I can stop the message that they contain. >> Yeah. Well terrorists are more sophisticated than you think. Because speaking about the question was about key words. Search for key words. Terrorists are very smart. They don't put words like bomb, terrorism, suicide, [Inaudible]. They know that this will immediately show up on any blacklist by any search. So just one example by the way. Remember 9/11 attack, 9/11 was coordinated, the whole attack, online. We have all the messages they exchanged among themselves. They were not encrypted. They were not hidden in porno movies as it was suggested. They were all exchanged open in emails. But they were using code words. Now what was the code words they used for the targets? That by the way, to use online communication to coordinate, they bought the tickets online. They checked for the number of passengers on the planes. They tried to find how long it takes to get to a certain point. Everything was done online so the attacks will, probably will hit at the same time. Which they desired and did work for them. ^M01:10:02 But, they never mentioned attacking these targets. You know what was the code name they used for the buildings? Faculty of law, faculty of engineering, faculty of art. So that's not enough to avoid using those code words that could be easily identified by any simple crawler search machine. >> I appreciate what you're saying by the way. I understand. But you did show a lot of emails. >> Right. >> The words of Allah, Jihad, and these are key words, at least a good percentage of them, you can really knock off. >> Try to play the owner of Twitter now and Facebook, and we come to you and say you know, give me the list of people that mentioned Allah in the messages. You'll get billions of postings every hour. Would you be able, as the owner of Facebook, wants to make money as you said, to be engaged in monetary and finding who are these people? What are the messages? Should it be eliminated? Well there must some rewards given to you. This is what I suggest by the public/private corporation. Looking for the mutual advantages in which some of the services will be provided by the public services and some by the private sector. But you can't rely only on the private sector and tell them, you do the work on terrorism for us. >> We have time for two more questions. Gabi. >> Yeah, please. >> Yes, are you optimistic or pessimistic about the future? Do you sleep at night? >> That's a good question. I will tell you when I don't sleep. What makes me really troubled. Well if you live in Israel as I do, you must be optimistic. Surrounded by enemies from outside, and if I may even say, challenged by political election results that are not comforting to say the least when it comes to Israeli politics right now. You certainly need to be optimistic. Otherwise you won't survive. When it comes to the internet and terrorism online, I think we should accept it as a part of our future. That is terrorism will never go away. And terrorism online will never be diminished. All we have to do is to realize that this is one additional arena that we will have to fight. That we will have to fight and find better measures. And that we will have to play with some of our civil liberties. I hope not too much. Now what makes me lose sleep? I'll tell you what, and this is, I didn't show it to you because this is really alarming. It's not the beheadings. And it's not the crucification and those gruesome videos of burning and shooting and so on. Targeting children. When I look at those, and I have a collection, and I'm afraid I can't show it to people. It's shocking. Whatever they do to recruit, radicalize, and I'm speaking about children, not adults and not youth. I'm speaking about children who are three, four, five, six, and using computer games to desensitize them to the use of violence and to killing. And then I see the consequences. And you can see ISIS is operating children as warriors, as executionists. I don't know if you saw the video of children executing hostages and captives and soldiers by ISIS. That is really discomforting because this is the next generation of 9/11. This is the future of terrorism. And this is really scary. I get that they target very young people. Knowing that this is the next generation of fighters, of suicide bombers, of killers, executioners and so on. Well over that I lose sleep. >> Mike, can we get Mike [inaudible]? >> Yes Mike. >> There are several agencies, US government agencies that try counter messaging against these terrorists in sort of the MUD paradigm. But those of us in the general public who can't, who are interested in this subject but can't follow it because we're not cleared, we have no notion of the effectiveness of states, department of states efforts or DOD's efforts or anybody else. What resources should we use to figure out whether this is doing any good or not? >> Thank you. Thank you. That's an excellent questions and a perfect one for the conclusion. The question was what are the sources for us, the public, to learn about counterterrorism measures and their success? The answer, very simple, is people like me. The academia. We can provide the measures. We can be the objective ones. We can look at data. We can look at empirical evidence and so on. You mentioned for example, and I use only one example, the State Department. The State Department launched a counterterrorism campaign that I will label as lousy. As a waste of money. Now why am I saying it? Because we studied it. And we looked at the impact. We know how much money was involved, how many millions was spent there. We looked at the messages. We even looked at the narratives used, compared it to what we thought should be the counter narratives based on our study of terrorist narratives. And we looked at the success in terms of how many people watched it, did it, and it didn't have any effect of reducing recruitment. So this is just one example of how the academic research and think tanks, including the Wilson Center, USIP and other academic institutions in the US, that support studies like that, should be those that provide, I would say, the objective, scientific, unbiased measures of counterterrorism efforts. And more than that, they should also reveal the prices that we pay, which is very important. Because I keep saying, we should always be aware that in order to fight terrorism, we should be very careful not to price, not to pay heavier prices in terms of our civil liberties. We must find the compromise. And again, this should be done. This kind of surveillance, this kind of measurement, should be done by unbiased organizations. That could be think tanks, academic institutions, universities and so on. >> I want to thank Gabi for coming. ^E01:16:46 ^B01:16:56 >> This has been a presentation of the Library of Congress. Visit us as loc.gov. ^E01:17:03