It is often said that the cell phone in your pocket today has thousands of times more computational power than the entirety of the United States National Aeronautics and Space Agency (NASA) when they first put two astronauts on the moon in 1969. Combined with the proliferation of the Internet and the rapid expansion of information and communication technologies (ICTs) in the past twenty years, the global community has become intertwined in sophisticated ways across a wide variety of domains. This newly developed hyperconnectivity has resulted in massive changes to the economy, social spaces, and industries, bringing otherwise disparate and distinct groups together at blisteringly fast speeds. Through email, the use of public and private forums, and the creation of instant messaging applications, these connections have radically redefined the significance of geospatial distance and the time to establish and develop communication with like-minded others that are hundreds, if not thousands, of miles away. In just one 2018 "internet minute", 187 million emails are sent, 3.7 million Google search queries are initiated, and over 973,000 logins on Facebook.
Unfortunately, there also exist a variety of malicious actors who use these technologies and this interconnectedness for ill. Such actors, from those (individuals and groups) seeking to engage in transnational criminal ventures for profit, to others aiming to bring about political, social, or religious change through violence and coercion, have been observed engaging directly with these technologies. This has even extended to reports that these organizations are capitalizing on the disruptive influence and specific techniques used by their contemporaries, and potentially collaborating in transnational criminal endeavours.
This use of cyber environments for criminal means runs counter to a variety of core values held by the United Nations (UN), which has recognized and expressed grave concern over the connection between Transnational Organized Crime (TOC) and terrorist organizations, both in the General Assembly and the Security Council. Bearing in mind the United Nations 2030 Sustainable Development Goals (SDGs), ensuring the security of integral technologies and preventing their misuse by malicious actors is an important task. As a result, state, regional, and multinational organizations have responded accordingly to bring about these changes.
Taking a step back, it is important to take stock of the character and the role of organized crime and terrorist organizations – and specifically, how they use ICTs independently and collaboratively. TOC is a broad and often complex phenomenon – defined colloquially as the profit-motivated criminal activities with international implications (planning, execution, or profit generation) by organized criminal groups. These groups engage in behaviours from drug and human trafficking, to the trade of firearms, and notably, cybercrime. In recent years, the scope of TOC has expanded to an estimated annual cost of US$870 in 2017. Groups involved in TOC utilize the internet for a variety of profit-generating activities, namely illicit sales and the theft of credit card and other personal identifying information for the purposes of identity theft and fraud. Underground forums provide cyber-criminals with a hub for networking, creating an organized set of criminal relationships from an otherwise disparate population. Beyond providing a space for criminal networking, illicit businesses on dark web services and other environments host a variety of hidden services and marketplaces that sell the tools of the trade for criminals to rent or buy, so to launch cyberattacks. Traditional organized criminal groups may supplement their income, or augment the capabilities by buying or renting hacking tools or by employing hackers (either on individual contracts or through a more comprehensive integration) to be co-opted in more conventional TOC activities such as trafficking.
Violent extremist organizations on the other hand, tend to use the internet for high-speed operational communication, information gathering, planning and preparation of attacks, training, and recruitment of prospective members, with fund-raising being an ancillary goal in most cases. This is not to say that these are the only uses of the internet for these organizations. The United Nations Security Council (UNSC), and others in the international security sphere, have raised concern over the use of the internet as a means of engaging in "cyberterrorism". They specifically focused on the use of computer systems to attack critical infrastructure (e.g.: energy, communications, food and agriculture, defence) in concurrence with, or instead of, or in the wake of a conventional attack.
While there have been few cyber attacks on critical infrastructure worldwide that we know of – with even fewer potentially being attributable to violent extremist organizations – the potential future threat that such attack poses has been magnified by the collaboration between violent extremist organizations and TOC groups. In response to this threat, UNSC Resolution 2195 (2014), Threats to international peace and security, called upon states to better understand and address the nexus between organized crime and terrorism as a threat to security and development. As a result, the United Nations Interregional Crime and Justice Research Initiative (UNICRI) has done just that - assessing the role of TOC as it relates to terrorism and violent extremism. Based upon a study carried out alongside partners at the Thailand Institute of Justice, UNICRI found that in some cases there were overwhelming similarities between TOC groups and terrorist organizations (including the adoption of common tactics). Corroborating this, a panel of experts assembled to address this task through a United Nations Office on Drugs and Crime (UNODC) initiative, suggested that this overlap may take the form of coexistence, cooperation, and even convergence – and can produce mutual cooperation in the form of the transfer of technology, intellectual property, and manufacturing techniques. Not alone in the call to review this nexus of TOC and terrorism, findings from the UN are echoed in reports from the European Union's Counter-Terrorism Monitoring, Reporting and Support Mechanism (CT-MORSE). Highlighting the reciprocal benefits of disruptive actions perpetrated by both TOC groups and terrorist organizations, CT-MORSE suggests that ongoing symbiotic relationships are a clear problem to global stability moving forward. Despite some divergence in overall structure and goals, extending this nexus to the cyber realm has been a solution toward the common needs of these organizations, consistent with their desire to exploit cyber assets and the security of communication and transactions provided by the Dark Web.
Based upon this ongoing work, a number of questions and best practices emerge. First, it is important to ask how violent extremist organizations have continued to make use of the internet in seeking to advance their goals in the present day? Further, it is imperative to examine the nature of these relationships and the development of proprietary cyber assets online generally, as well as on the Dark Web. Just as governments have developed skills and technologies across defence, strategic communication, and security sectors in combating TOC and terrorism, so too are terrorists and TOC groups able to innovate and acquire skills in this area. While recent reports have suggested a limited overall offensive impact by extremist organizations with respect to hacking and cybercrime, clear steps have been demonstrated in seeking the means to expand a "cyber arsenal" and underground markets can serve as a training ground (e.g. tutorials for making bombs, firing missiles remotely, crossing borders illegally etc.). Naturally, this raises concerns surrounding the convergence of activities and possibility of collaboration between violent extremist groups and TOC groups who are often characterized as having distinct operational and strategic capacities and motivations. In light of recent revelations of Bitcoin allegedly used in funding operations of terrorist organizations, it is also important to ask how distributed ledgers like the Blockchain may be monitored for the purposes of disrupting the funding of terrorism and TOC alike. While the intersection of these groups and tactics in online fundraising (extremists) and the commercialization of illicit commodities (TOC) is a particularly hot topic as of late, it does not exist in a vacuum. Other forms of collaboration - such as arms trafficking and human smuggling – have, and continue to be source of concern requiring a more robust understanding.
Based upon the UN and CT-MORSE findings, when possible, the nature of relationships between violent extremists and TOC groups should be assessed before crafting a specific solution. In cases where common conditions for the emergence of such a relationship exist, preventative measures ought to be taken, whereas in the presence of ongoing relationships a more tailored approach to disentangling should be pursued. As this specifically relates to the cyber realm, collaboration with state and regional policing and security forces can inform these decisions and may give insight into the relationships between the respective organizations, cyber assets, and the strategic goals of their use.