Exploring the Subculture of Ideologically Motivated Cyber-Attackers

• DOI: 10.1177/1043986217699100
• Author: Joshua D. Freilich,Thomas J. Holt,Steven M. Chermak
• Date: 01 August 2017
• Published date: 01 August 2017
• Subject Matter: Articles

https://doi.org/10.1177/1043986217699100

Journal of Contemporary Criminal Justice

2017, Vol. 33(3) 212 –233

© The Author(s) 2017

Reprints and permissions:

sagepub.com/journalsPermissions.nav

DOI: 10.1177/1043986217699100

journals.sagepub.com/home/ccj

Article

Exploring the Subculture

of Ideologically Motivated

Cyber-Attackers

Thomas J. Holt1, Joshua D. Freilich2,

and Steven M. Chermak1

Abstract

Research on physical, that is, violent, terror attacks and extremism has increased

dramatically over the last decade. The growth of the Internet and computer

technology has also led to concern over the use of cyberattacks by ideologically

motivated offenders to cause harm and further their political and social agendas. There

is, however, a lack of empirical research on cyber-attackers limiting our knowledge of

the factors that affect their behavior. This study addresses this empirical gap through

a qualitative analysis of 10 interviews conducted with ideologically motivated Turkish

computer hackers. The findings demonstrated that Turkish hackers motivated by an

ideological agenda reflected the larger values of the hacker subculture, though the

targets for their attacks were shaped directly by religious or political beliefs. We

conclude by discussing in depth our findings and implications for counterterror and

cybersecurity policy and practice.

Keywords

cybercrime, cyberterror, computer hacking, hacktivism, extremism

Research on terrorism has increased dramatically following 9/11, with a substantive

focus on the pathways that lead individuals to accept a radical ideology and engage in

acts of physical violence (Bakker, 2006; Borum, 2011a, 2011b; Brenner, 2009;

Freilich, Chermak, Belli, Gruenewald, & Parkin, 2014; Hamm, 2007; Kunkle, 2012;

McCauley & Moskalenko, 2011; Monahan, 2012; Sageman, 2004; Silber, 2011; Simi

1Michigan State University, East Lansing, MI, USA

2John Jay College of Criminal Justice, New York, NY, USA

Corresponding Author:

Thomas J. Holt, School of Criminal Justice, Michigan State University, East Lansing, MI, USA.

Email: holtt@msu.edu

699100CCJXXX10.1177/1043986217699100Journal of Contemporary Criminal JusticeHolt et al.

research-article2017

Holt et al. 213

& Futrell, 2010; Stern, 2003). There is, however, far less research on the issue of ideo-

logically motivated attacks in cyberspace, and their perceptions of the skills and strate-

gies necessary for building a capacity to carry out these attacks (Denning, 2010; Holt,

2012; Holt & Kilger, 2012).

The growth of the Internet, mobile phones, and inexpensive computing devices

affords more than just communications capabilities, as virtually all aspects of finance,

power, water, and sewer grid management as well as government and military opera-

tions depend on the Internet to function (Andress & Winterfeld, 2013; Holt & Bossler,

2016). All these resources are susceptible to compromise through various forms of

cyber-attack, such as the distribution of malicious software to affect the functionality

of computer systems. Alternatively, techniques like denial of service (DOS) attacks

can be used to knock systems offline, rendering them useless to others which then

causes inconvenience and economic harm (Andress & Winterfeld, 2013). Even simple

web defacements, where the primary content of a website is replaced by images and

text selected by the attacker, serve as a venue for political and ideological expression

(Brenner, 2009; Holt & Kilger, 2012; Woo, Kim, & Dominick, 2004).

There have been few empirical investigations of cyberattacks by extremist groups

and ideologically driven actors (for exceptions, see Holt & Bolden, 2014; Holt &

Kilger, 2012; Holt, Kilger, Chiang, & Yang, 2017; Torres-Soriano, 2016), leading to

difficulty in developing counterterror policy and prevention strategies related to ideo-

logically motivated cyber-attackers (Brenner, 2009; Denning, 2010). One reason for

the empirical gap on cyber-terror, and ideologically motivated online crimes generally,

is the narrow focus of most terrorism definitions developed by researchers and nations

alike. Definitions of terrorism have changed over time, leading to a range of frame-

works with different inclusion criteria (Hoffman, 1998; Weinberg, Pedhazur, &

Hirsch-Hoefler, 2004). Importantly though, almost all definitions require terrorist acts

to be ideologically motivated crimes committed by nonstate actors that use “force or

violence” (Freilich, Chermak, & Simone, 2009; Hoffman, 1998).

As an attack against computer systems via the Internet usually does not involve

force or violence as traditionally recognized in physical acts of terrorism, they are

excluded from definitions of terror. The United States does not have a federal legal

definition for cyber-terror in existing criminal codes, but instead folds incidents under

existing laws pertaining to cybercrime (Holt, Bossler, & Seigfried-Spellar, 2015). The

same is true with respect to terrorism databases and studies which normally exclude

financial or cybercrimes and Internet-related crimes committed by extremists even if

they are ideologically motivated simply because they are nonviolent offenses (e.g.

LaFree & Dugan, 2007). Similarly, ideologically motivated cyberattacks are largely

kept out of the popular press as organizations tend to conceal that they have experi-

enced a breach or hack until months or years after the fact (Andress & Winterfeld,

2013; Holt & Bossler, 2016).

Although physical violence is largely absent from cyberattacks, they have the poten-

tial to cause substantial economic harm especially if an attack prevents consumers from

accessing financial systems or businesses from engaging in commerce (Holt & Bossler,

2016). Similarly, the disruptive power of a cyber-attack against a major target, such as