With the gradual popularization and application of Internet technology, the influence and harm of cyber terrorism are also increasing. After the advent of the era of big data, the manifestations of cyber terrorism have undergone major changes, from the initial simple use of the Internet to communicate with each other, to the use of encrypted digital currencies and advanced encrypted communications to transmit funds and information, and the frequency of cyber terrorist attacks is also increasing. At the same time, this series of changes has also made various types of terrorism merge with each other under the influence of the network, and the decentralization trend of terrorist organizations in this process is also very obvious, and these changes have increased the harm of cyber terrorism. Therefore, the mainland should intensify the regulation of cyber terrorism, improve the content of relevant criminal legislation and counter-terrorism laws, and improve the degree of coordination between different laws and regulations, so as to form a unified and perfect legal system against cyber terrorism.
1. Overview of the development of cyberterrorism
(1) The current situation of cyber terrorism
1. Scope of cyber terrorism
With the emergence of the Internet, the development of terrorism also began to use the Internet, and cyber terrorism began with this. As far as terrorism is concerned, due to the differences in the political stances of various countries and many other issues, the definition of terrorism has not yet been unified, so it is difficult to reach a definitive definition of cyber terrorism as a concept of terrorism. As far as the mainland is concerned, most scholars believe that terrorism is a criminal activity with a distinct political character, and that the direct target of the harm is the safety of the lives and property of ordinary people, and that it has a more serious social harm than ordinary illegal and criminal acts.
As far as cyberterrorism is concerned, in the mid-80s of the 20th century, Barry Klin, a senior researcher at the California Institute for Security and Intelligence, first proposed the term "cyber terrorism" and defined it as "the fusion of control and terrorism". In 2001, U.S. experts in the field of information security defined cyberterrorism as "attacks or threats of attacks on computers, networks, and information stored in them in order to intimidate, coerce, or coerce governments and citizens to achieve their specific political or social goals" Since then, similar definitions have been adopted in official documents of the United States, but it cannot be ignored that this definition equates cyber terrorism with cyber terrorist attacks, that is, targeted cyber terrorism, but ignores the widespread existence of terrorist activities using the Internet as a tool, and at the same time, the goals specified in this definition include both political and social purposes and other purposes, and this definition also includes cyber radicalism and extremism, which expands the scope of cyber terrorism and is also somewhat unreasonable。
As far as cyber terrorism is concerned, it can be divided into two main forms: the use of the network as a channel for the spread of terrorism and the use of the network as the target of attacks, and in some cases a combination of both. The main difference between cyber terrorism and traditional terrorism lies in the different means of attack or the target of attack, for instrumental cyber terrorism, the network may act as a variety of different forms in the terrorist crime, such as collecting information, contacting terrorist activities, and disseminating terrorist information through the Internet; for targeted cyber terrorism, its behavior mode is usually to achieve the purpose of creating social panic by attacking or controlling network targets with greater influence. In some cases, cyberterrorism may have the characteristics of both types of cyberterrorism. At the same time, the network must play an important role in the terrorist activity in order for the terrorist activity to be recognized as a cyber terrorist activity, and the terrorist activity that simply uses the network to communicate should not be included in the scope of the crime of cyber terrorism.
2. Manifestations of cyberterrorism
At present, there is a gradual increase in the overall number of cyber terrorism on the mainland, but there are obvious differences in the types, and there are mainly the following typical forms of cyber terrorism on the mainland:
The first is cyber terrorist attacks, which are mainly aimed at influential computer systems, often financial systems, government official websites or network systems related to important infrastructure, and these systems become the targets of cyber attacks mainly because the damage or suspension of these systems often leads to panic in the society, causing greater social impact, which is conducive to the realization of the goals of terrorist organizations. At present, there have been no large-scale cyber terrorist attacks on the mainland, or there have been no successful cases of large-scale cyber terrorist attacks against the mainland, so cyber terrorist attacks are not the main manifestation of cyber terrorism on the mainland.
The second is the use of the Internet to disseminate terrorist ideas and information for certain terrorism-related purposes. Among them, terrorist and extremist organizations use the Internet to disseminate terrorist and extremist ideas, and compared with the traditional mode of communication, the dissemination through the Internet greatly eliminates the barriers of time and space, and the dissemination of these ideas can easily break through national boundaries and achieve large-scale dissemination in a short period of time. In addition, terrorism can also use the influence of network communication to recruit members of terrorist organizations, so as to realize the development of terrorism from online to offline. According to relevant statistics, foreign terrorist activities are also rapidly infiltrating the mainland through online channels, and more than 70% of terrorist information is released or comes from outside the country and is transmitted to the mainland through the Internet, which is highly concealed and more harmful.
Finally, other types of cyber-based terrorist activities also have a significant impact on the mainland's cyber security and national security. The Internet plays a key role in collecting information and raising funds for these terrorist crimes, and the secrecy and breadth of information on the Internet allow terrorists to use the Internet to disclose information and collect information and funds needed for terrorist activities. At the same time, the purpose of some terrorist activities using the Internet as a tool is often not to directly carry out terrorist activities, but to attract some people to develop extremist or terrorist thoughts, and to promote these people to become an indirect force in social groups that support terrorism.
(2) The development of cyber terrorism
The development of cyber terrorism is also gradual, and due to the continuous updating and development of Internet technology, the level and form of terrorist use of the network are also constantly updated. Generally speaking, the use of the Internet as a tool of terrorist activism originated earlier and has occupied a major position for a long time, but with the development of Internet technology and the maturity of the use of Internet technology by terrorist organizations, the number of targeted cyber terrorist activities is also increasing rapidly.
1. The development of instrumental cyberterrorism
In the 80s and 90s of the 20th century, the Internet gradually became popular, because the Internet technology still has certain limitations at this time, and the general public has less understanding of Internet technology, and terrorist organizations are often active in mountainous areas for a long time and the location is relatively unfixed, so at this time the application of the Internet by terrorist organizations is less. At the end of the 90s of the 20th century, Al Qaeda began to transmit information and export terrorist ideas to branches or peripheral organizations in other countries and regions through Internet mail and other means of information transmission, so as to strengthen its control and influence over these organizations.
In the case of terrorist activities using the Internet as a tool, the Internet often transmits not only simple terrorist ideas, but also the criminal methods of terrorist activities. In the traditional model, it is necessary for trainers to enter the mainland or send mainland personnel to overseas for training and then return to carry out relevant terrorist activities, but the cross-border flow of personnel under this model is affected by many factors and may fail in the middle of the process. The secrecy and timeliness of the Internet allow terrorists to conduct training across borders, and terrorists can log on to relevant websites to learn the skills and methods needed to carry out terrorist activities, and can also communicate and exchange through the Internet to ensure the quality of training.
In addition to using websites to disseminate information, terrorist organizations often recruit people through the Internet. Compared with traditional channels, terrorist organizations can find people who have made extreme remarks based on the information retained in the network as the key targets of absorption, and at the same time, the Internet can help terrorist organizations find potential targets with specific skills required by terrorist organizations, which greatly improves the efficiency of recruitment and has become an important channel for terrorist organizations to recruit members.
With the development of Internet technology and the use of Internet technology by terrorist organizations, new forms of use of the Internet by terrorist organizations have emerged, and these forms have also increased the difficulty of combating terrorist activities. Terrorist activities rely on funds to a high degree, and a large amount of money is required in the training of personnel and the purchase of equipment, so raising funds is an important prerequisite for terrorist organizations to carry out their activities, and terrorist organizations are currently using the Internet to raise funds extensively. The first is to accept donations of encrypted digital currency through online channels, terrorist organizations publish fundraising announcements on the Internet, donors donate in the form of encrypted digital currency, and terrorist organizations will also release videos or pictures to prove that they have received donations or even funds have been invested in terrorist activities, which uses the concealment of encrypted digital currency to make it more difficult for anti-terrorist agencies to detect. In addition, compared with the traditional mode of communication, the emerging strong encrypted communication technology also has a great attraction for terrorist organizations, which enhances the confidentiality of communication through the form of non-replication or read-and-destroy form, and also makes it much more difficult for anti-terrorist agencies to detect.
2. The development of targeted cyberterrorism
Compared with instrumental terrorism, targeted cyber terrorism (or offensive cyber terrorism) has higher requirements for cyber technology, so this form originated relatively late. Terrorist organizations achieve their goals by targeting government websites or other critical network systems in order to create widespread social panic. This approach requires a high quality and quantity of cyber technical personnel, so it requires a high level of scale and strength for terrorist organizations, and in some cases requires cross-organizational cooperation. In addition, there are now widespread channels for selling attack programs and system vulnerabilities on the Internet, so this has also greatly reduced the cost and threshold for the implementation of targeted cyber terrorism, and the number of targeted cyber terrorism acts has a tendency to increase rapidly.
II. New Characteristics of Cyber Terrorism in the Era of Big Data
(1) The rapid convergence of terrorism in cyberspace in the era of big data
The rapid development of the international community's cooperation in cyber regulation has led to extensive exchanges and integration of various terrorist forces in cyberspace, and the integration of different terrorist forces with religion, extremism, nationalism, or anarchy and anti-government as the core value pursuit has accelerated under the impetus of the Internet. Through the fast and convenient exchange of information on the Internet, these terrorist ideas converge and cooperate in the organization of terrorist activities. The Internet has become a platform and tool for communication and cooperation between different types of terrorism. In addition, emerging forms of terrorism are also using the Internet to achieve their goals. In the era of big data, cyber terrorism is not only an independent form of terrorism, but also integrates with most traditional forms of terrorism and becomes one of the means to achieve its goals. To sum up, in the context of big data, the development of international regulatory cooperation in the Internet field is backward, which makes various terrorist organizations with different core values to exchange and cooperate, and at the same time, various forms of terrorism are integrating and developing with cyber terrorism, which is a distinctive feature of cyber terrorism in the context of big data.
(2) In the era of big data, the decentralization trend of terrorism is obvious
The personnel structure of traditional terrorist organizations presents an obvious pyramid shape, this structure is ordered to upload and issue, and the trend of centralization is obvious, but the efficiency of information transmission is low, the speed of personnel expansion is relatively slow, and it is difficult to carry out more extensive and continuous terrorist activities in a short period of time, but in the era of big data, the efficiency of terrorist activities has also been significantly improved. Some terrorist organizations are directly selected and trained by central institutions or core figures to directly carry out terrorist activities through the Internet, and the inculcation of terrorist ideas and the training of methods for carrying out terrorist activities are directly and quickly completed through the Internet, and the proportion of terrorist attacks that are "lone wolf" in the form of expression has risen rapidly. Compared with the traditional model, the Internet can establish a direct connection between the central organization and the personnel directly responsible for terrorist activities abroad, which greatly improves the efficiency of terrorist ideological indoctrination and will also lead to a rapid increase in the overall number of terrorist activities. If this model is widely used, it can change the personnel management structure of traditional terrorist organizations, and change the "pyramid-shaped" structural model to a flat "network structure", which makes the central organ of the terrorist organization have a more direct impact on the grassroots personnel, and the distribution scope of terrorist activities will be more extensive. To sum up, the development of Internet technology has made the decentralization trend of terrorist organizations obvious, and will also change the personnel structure of traditional terrorist organizations, under the new structure, information transmission will be more secret and fast, the efficiency of planning and organizing terrorist activities will also be improved, and the threat of terrorist activities will also increase.
3. Legislative regimes of various countries on cyber terrorism
(1) The U.S. Legislative Regime for Cyber Terrorism
As the birthplace of Internet technology, the United States has developed network technology and is highly dependent on the Internet, and it is also the main target of cyber terrorism, so the United States has long attached great importance to the legislative regulation of cyber terrorism. First of all, in the formulation of high-level strategies and policies, the United States has formulated a special cyber security and cyber counter-terrorism system, which is constantly revised and improved according to the actual situation.
The U.S. Patriot Act (also known as the Liberty Act) uses the term cyberterrorism and defines it as "an act that compromises the integrity and validity of data, programs, systems, and information related to U.S. commerce and communications" This is the first time that the United States has clearly stipulated cyber terrorism in the law, but the provision is mainly aimed at cyber terrorism, not cyber terrorism in the broad sense as it is now believed, and the scope of the provision basically covers all illegal hacking acts launched against the United States, and has been expanded to a certain extent, but the law has important practical significance for the regulation of cyber terrorism. The provisions of the Act have greatly expanded the counter-terrorism authorities' new detection methods for cyber terrorism, including direct surveillance of terrorist communications and obtaining the required information through telecommunications operators or computer service providers, as well as traditional detection methods, including the right to detain terrorists for seven days before they are deported, allowing the exchange of information between different agencies on criminal suspects, and criminalizing harbouring terrorists. The Act also allows the U.S. Secret Service to establish an Electronic Cybercrime Task Force for electronic cybercrime, which is dedicated to preventing and detecting all forms of electronic cybercrime.
In addition, the Homeland Security Act adds provisions for monitoring information in cyberspace, as well as special provisions for the law against hacking, and gives the federal government the power to regulate cyberspace (mainly against illegal activities in cyberspace), which together form the legal basis for the United States to combat cyberterrorism, and also enhance the status of national security factors in the field of information networks. The United States has also successively promulgated corresponding supporting regulations and policies, detailed the implementation rules for the protection of network infrastructure and the crackdown on other related cybercrimes, and formed a relatively complete legal system against cyberterrorism.
(2) The UK's legislation on cyber terrorism
The UK is one of the world's leading countries in terms of technology and industrial economy, and it is also an early adopter of cyberterrorism. As early as 2000, article 1, paragraph 2 (e) of the Anti-Terrorism Act defined terrorism as "acts of interfering with or disintegrating electronic systems for political, religious or ideological purposes". In the same year, the Communications Surveillance Act authorized the corresponding law enforcement agencies to retain certain information on the network and conduct corresponding reconnaissance of such information, and the Anti-Terrorism, Crime and Security Act passed in the following year for the first time explicitly listed cyberterrorism as one of the targets of counter-terrorism combat, thus formally establishing the status of cyber terrorism as a legislative activity to regulate terrorism. Later, with the increasing incidence of cyber terrorism in the UK, the Anti-Terrorism Act of 2006 expanded the scope of the fight against terrorist crimes, stipulating indirect incitement and preparatory acts as crimes. In the case of cyberterrorism, the law provides for three types of criminal acts that promote terrorism: (1) the publication of publications containing the content of the crime of encouraging terrorism, (2) the dissemination of the publication of the content of the crime of encouraging terrorism, and (3) the use of the Internet to carry out the first two acts. This provision includes the use of the Internet as a tool for terrorist activities within the scope of legal regulation, which is groundbreaking in British domestic law and also shows a different direction from US legislation.
The London riots of 2011 can be seen as key to the changing attitude of European countries, including the United Kingdom, towards cyberterrorism, which until then was often included under anti-terrorism legislation and did not become a stand-alone element. Since then, the British government has strengthened special legislation on cyber terrorist activities, first of all, through government orders to give the police a higher level of network surveillance power, including the right of the police and intelligence agencies to obtain specific people's relevant network information under certain circumstances, this provision can be regarded as a breakthrough in the UK for the balance between network and social security and citizens' privacy, and has had a certain impact on European countries. In 2014, parliament passed the Data Retention and Investigative Powers Act, which requires internet service providers and telecom operators to retain communications information and information about users of social networking sites for the purpose of providing them to the relevant investigative authorities when necessary, similar to the provisions in mainland China's anti-terrorism law. The Anti-Terrorism and Security Act of 2015 strengthened the fight against cyber-based terrorist activities, strictly controlling and combating the dissemination of terrorist information through the Internet.
As far as the UK is concerned, it has a certain degree of foresight in terms of anti-cyber terrorism legislation, and at the same time, the legislation on cyber terrorism has also been profoundly affected by practice, and the scope of the fight against cyber terrorism has been continuously expanded, but on the whole, the development and practice of legislation against cyber terrorism has been relatively long, and the system is relatively perfect.
(3) Russia's legislation on cyber terrorism
In most cases, Russia places cyberterrorism and traditional terrorism in the same legislative regime, but the two-tiered legislative model adopted by Russia in its counter-terrorism legislation is its own characteristic. First of all, the Russian Constitution clarifies the basic concepts, principles and response mechanisms of terrorist crimes, including cyber terrorism. At the same time, Russia has introduced a special law on combating terrorism (which has expired) and a law on counter-terrorism, which specify terrorism
and, in article 11, paragraph 3, sets out the pattern of terrorist acts involving the dissemination of information and the control of telecommunication channels, which are similar to cyber terrorism. Secondly, in the Criminal Code of the Russian Federation, a number of offences are often used to combat terrorist crimes. In 2014, in order to intensify the fight against cyberterrorism, the new amendment to the Criminal Law provided for criminal sanctions for the use of the Internet to incite terrorist activities, so as to strengthen the fight against instrumental cyber terrorism.
To sum up, Russia's legislative system for cyber terrorism mainly includes two levels, the first is to stipulate the concept and scope of terrorism through the Constitution of the Russian Federation and the Anti-Terrorism Law, and then to formulate strict criminal sanctions through criminal legislation to combat terrorist crimes including cyber terrorism. However, the elevation of terrorism-related elements to the level of constitutional provisions may not be applicable in most constitutional countries.
IV. Suggestions on the mainland's legislation on cyberterrorism in the era of big data
The mainland first adopted the Anti-Terrorism Law as general legislation for anti-terrorism activities, stipulating the concept, scope and general forms of crime of terrorism, and then using the criminal law as a general means of sanctions against terrorism, and the mainland also promulgated the Cybersecurity Law and the Data Security Law to protect the security of the network and data field, but the criminal law sanctions are in a key position in the legislative means of the mainland for the crime of cyberterrorism, and the role of other legal provisions cannot be ignored.
(1) Strengthen criminal legislation on cyberterrorism
With regard to the improvement of criminal legislation on cyber terrorism, there is currently a strong call for the addition of "cyber terrorist activities" or corresponding crimes, mainly because the criminal law does not directly stipulate the relevant crimes related to cyber terrorism, which makes the criminal law have many problems in combating such crimes.
As far as the current judicial practice is concerned, the mainland's sanctions for initiating terrorist activities focus on organized crimes, but for cyber terrorism, the degree of concentration between people is low, so it is difficult to identify related terrorist activities However, at the beginning of the formulation of these two crimes, they were mainly aimed at ordinary information network crimes, so there are obvious drawbacks in using this to regulate network terrorist activities: first, it is impossible to distinguish between network terrorism crimes and ordinary information network crimes, and the crimes identified by the two are the same at the time, and the subjective and objective aspects of the crimes themselves are very different, so the appropriateness of the crime determination will be greatly questioned. Second, the statutory penalties for these two crimes are relatively light, which is not conducive to combating cyber terrorism crimes. Since these two crimes were originally formulated for ordinary information network criminal activities, and in most cases their harmful consequences were only to cause property losses, the maximum statutory penalty for these two crimes was only up to three years imprisonment, but for cyber terrorism activities, it directly endangered social order, and in serious cases, it may lead to serious damage to people's lives and safety, and the infringement of legal interests is more serious, so it may eventually lead to the crime of cyber terrorism The crime and punishment cannot be consistent. For the crime of targeted cyber terrorism, which is often referred to as cyber terrorist attack, the more appropriate crime in the Criminal Law for this kind of behavior is the crime of "destroying computer information systems", but this crime is also aimed at ordinary cyber information crimes, although a heavier statutory penalty is provided, but the regulation of targeted cyber terrorism with this crime still cannot highlight the social harm of such acts.
In summary, the mainland's criminal law needs special provisions on the crime of cyberterrorism, and some scholars suggest adding the crime of "committing cyber terrorist activities" to uniformly regulate the crime of terrorist activities using the network as a tool or the target of attack, so as to achieve the unity of criminal justice.
(2) Improve the content of the Counter-Terrorism Law
As the core of the mainland's anti-terrorism legal system, the Anti-Terrorism Law contains little content related to cyber terrorism, and does not pay enough attention to cyber terrorism crimes. The main content of the Counter-Terrorism Law is to stipulate the criteria and conditions for the identification of terrorism and related activities in the mainland, as well as the basic regulatory system, but it ignores the particularity and harmfulness of cyber terrorism, and the content of the law only stipulates the obligation of Internet service providers to supervise the information content, mainly including preventing the dissemination of terrorism-related content, and has specific obligations to keep, delete and report the relevant content, but such provisions are far from sufficient to combat cyber terrorism. Due to the particularity of cyberterrorism, the effectiveness of the response system for terrorist content and information existing in the network should be strengthened when designing the system, and an institutionalized response process should be formed to improve the speed of response, so as to make the crackdown on cyberterrorism more rapid and effective. At the same time, more direct and effective evidence can also be retained in the process to facilitate the investigation of responsibility afterwards.
(3) Enhance coordination between different legislations
The coordination of legislation is not only reflected in the coordination between the Anti-Terrorism Law and the Criminal Law, the Cybersecurity Law, and the Data Security Law, but also in the fight against cyber terrorism, so it is necessary to enhance the coordination between more laws. For example, the U.S. Patriot Act gives the U.S. Secretary of the Treasury the power to control and supervise financial activities related to foreign countries (mainly referring to countries with a high incidence of terrorism), so as to strengthen the crackdown on the financial chain of terrorist organizations, so the fight against terrorism should be comprehensive, not limited to terrorist organizations and direct terrorist acts themselves. Therefore, a comprehensive regulatory and combat system should be formed for the fight against cyberterrorism, but because the regulatory agencies of the financial system and the main institutions for combating terrorism are not unified, how to coordinate between the two determines the quality of the regulatory system, so the formation of a degree of coordination between laws and regulations involving different departments is an important premise. Although great attention is also paid to terrorism-related financial crimes in financial supervision and regulations, in most cases it focuses on money laundering, and the breadth of such supervision is insufficient, and at least it should include a comprehensive regulatory obligation for terrorism-related financial flows, as well as how to cooperate with the competent authorities to combat terrorism, which should be clarified in the relevant laws, and finally form a complete set of legal coordination mechanisms to combat terrorism, which can give full play to the role of various departments in combating terrorist crimes and form an all-round and efficient crackdown mechanism for terrorist activities。