Exploring the Subculture of Ideologically Motivated Cyber-Attackers

Date01 August 2017
Published date01 August 2017
Subject MatterArticles
Journal of Contemporary Criminal Justice
2017, Vol. 33(3) 212 –233
© The Author(s) 2017
Reprints and permissions:
DOI: 10.1177/1043986217699100
Exploring the Subculture
of Ideologically Motivated
Thomas J. Holt1, Joshua D. Freilich2,
and Steven M. Chermak1
Research on physical, that is, violent, terror attacks and extremism has increased
dramatically over the last decade. The growth of the Internet and computer
technology has also led to concern over the use of cyberattacks by ideologically
motivated offenders to cause harm and further their political and social agendas. There
is, however, a lack of empirical research on cyber-attackers limiting our knowledge of
the factors that affect their behavior. This study addresses this empirical gap through
a qualitative analysis of 10 interviews conducted with ideologically motivated Turkish
computer hackers. The findings demonstrated that Turkish hackers motivated by an
ideological agenda reflected the larger values of the hacker subculture, though the
targets for their attacks were shaped directly by religious or political beliefs. We
conclude by discussing in depth our findings and implications for counterterror and
cybersecurity policy and practice.
cybercrime, cyberterror, computer hacking, hacktivism, extremism
Research on terrorism has increased dramatically following 9/11, with a substantive
focus on the pathways that lead individuals to accept a radical ideology and engage in
acts of physical violence (Bakker, 2006; Borum, 2011a, 2011b; Brenner, 2009;
Freilich, Chermak, Belli, Gruenewald, & Parkin, 2014; Hamm, 2007; Kunkle, 2012;
McCauley & Moskalenko, 2011; Monahan, 2012; Sageman, 2004; Silber, 2011; Simi
1Michigan State University, East Lansing, MI, USA
2John Jay College of Criminal Justice, New York, NY, USA
Corresponding Author:
Thomas J. Holt, School of Criminal Justice, Michigan State University, East Lansing, MI, USA.
Email: holtt@msu.edu
699100CCJXXX10.1177/1043986217699100Journal of Contemporary Criminal JusticeHolt et al.
Holt et al. 213
& Futrell, 2010; Stern, 2003). There is, however, far less research on the issue of ideo-
logically motivated attacks in cyberspace, and their perceptions of the skills and strate-
gies necessary for building a capacity to carry out these attacks (Denning, 2010; Holt,
2012; Holt & Kilger, 2012).
The growth of the Internet, mobile phones, and inexpensive computing devices
affords more than just communications capabilities, as virtually all aspects of finance,
power, water, and sewer grid management as well as government and military opera-
tions depend on the Internet to function (Andress & Winterfeld, 2013; Holt & Bossler,
2016). All these resources are susceptible to compromise through various forms of
cyber-attack, such as the distribution of malicious software to affect the functionality
of computer systems. Alternatively, techniques like denial of service (DOS) attacks
can be used to knock systems offline, rendering them useless to others which then
causes inconvenience and economic harm (Andress & Winterfeld, 2013). Even simple
web defacements, where the primary content of a website is replaced by images and
text selected by the attacker, serve as a venue for political and ideological expression
(Brenner, 2009; Holt & Kilger, 2012; Woo, Kim, & Dominick, 2004).
There have been few empirical investigations of cyberattacks by extremist groups
and ideologically driven actors (for exceptions, see Holt & Bolden, 2014; Holt &
Kilger, 2012; Holt, Kilger, Chiang, & Yang, 2017; Torres-Soriano, 2016), leading to
difficulty in developing counterterror policy and prevention strategies related to ideo-
logically motivated cyber-attackers (Brenner, 2009; Denning, 2010). One reason for
the empirical gap on cyber-terror, and ideologically motivated online crimes generally,
is the narrow focus of most terrorism definitions developed by researchers and nations
alike. Definitions of terrorism have changed over time, leading to a range of frame-
works with different inclusion criteria (Hoffman, 1998; Weinberg, Pedhazur, &
Hirsch-Hoefler, 2004). Importantly though, almost all definitions require terrorist acts
to be ideologically motivated crimes committed by nonstate actors that use “force or
violence” (Freilich, Chermak, & Simone, 2009; Hoffman, 1998).
As an attack against computer systems via the Internet usually does not involve
force or violence as traditionally recognized in physical acts of terrorism, they are
excluded from definitions of terror. The United States does not have a federal legal
definition for cyber-terror in existing criminal codes, but instead folds incidents under
existing laws pertaining to cybercrime (Holt, Bossler, & Seigfried-Spellar, 2015). The
same is true with respect to terrorism databases and studies which normally exclude
financial or cybercrimes and Internet-related crimes committed by extremists even if
they are ideologically motivated simply because they are nonviolent offenses (e.g.
LaFree & Dugan, 2007). Similarly, ideologically motivated cyberattacks are largely
kept out of the popular press as organizations tend to conceal that they have experi-
enced a breach or hack until months or years after the fact (Andress & Winterfeld,
2013; Holt & Bossler, 2016).
Although physical violence is largely absent from cyberattacks, they have the poten-
tial to cause substantial economic harm especially if an attack prevents consumers from
accessing financial systems or businesses from engaging in commerce (Holt & Bossler,
2016). Similarly, the disruptive power of a cyber-attack against a major target, such as

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT