fear-mongering or fact: the construction of 'cyber

Fear-mongering or fact: The construction of ‘cyber-terrorism’

in U.S., U.K, and Canadian news media

A paper presented at Safety and Security in a Networked World:

Balancing Cyber-Rights and Responsibilities sponsored by the Oxford Internet Institute

8-10 September, 2005 Oxford, England

Susan Keith, Ph.D. Assistant professor

Department of Journalism and Media Studies School of Communication, Information and Library Studies

Rutgers, the State University of New Jersey 4 Huntington Street

New Brunswick, New Jersey 08901, USA [email protected] (732) 932-7500, ext. 8235

Fear-mongering or fact 1

Introduction

The term “cyber-terrorism” continues to be a source of conflict for Internet

researchers, policy-makers, scholars of cyberlaw, and Internet security firms. Coined in the

1980s by Barry Collin, a senior research fellow at the Institute for Security and Intelligence

in California (Conway, 2002), and formed by the union of the words “cyberspace” and

“terrorism,” “cyberterrorism” would seem to refer, simply enough, to terrorism that occurs

online. Things become more complex, however, when one considers that “terrorism” has, as

one author observed nearly 20 years ago, “different meaning for different people” (Perlstein,

1986, p. 187) and that the cyberworld is still so young that meanings of all the words used to

describe it are evolving rapidly (Weimann, 2004).

As a result, some scholars, government officials, members of the military

establishment, and security firms argue that cyberterrorism attacks – alone or in conjunction

with physical attacks – are a serious and/or imminent threat (Hinde, 2001; Sofaer &

Goodman, 2001; Subcommittee on Cybersecurity, Science, and Research and Development,

2004; PITAC, 2005; Vatis, 2001; Verton, 2003). Meanwhile, other scholars counter that fears

of cyberterrorism are overblown (Giacomello, 2004; Ingles le-Noble, 1999), that serious

cyberterrorism is at least some years from being a reality (Denning, 2000), or that

cyberterrorism discussions tend not to provide a true picture of how the Internet is being used

by so-called “terrorist” groups (Kramer, 2003). Yet governments regularly issue reports on

cyberterrorism and newspapers run headlines like this one: “Cyberterrorism: Is your cash

safe from a nightmare on the net?” (Don, 2004).

Part of the reason for the struggle around terms used to describe cybercrimes, some

authors have asserted (Debrix, 2001; Embar-Seddon, 2002; Schell, 2002; Schell & Martin,


2004), is their misuse by the news media. A few studies have attempted to document use of

cyber terms in the news media (e.g., Vegh, 2003), but little if any research has explored in

depth what meanings the media are building for the word “cyberterrorism” in the minds of

news consumers. This paper reports on research investigating how use of the term “cyber-

terrorism” has constructed meanings for audiences in the United Kingdom, the United States,

and Canada. It is based on a quantitative tracking of the use of “cyberterrorism” and a

qualitative content analysis of explicit and implicit definitions of “cyberterrorism” in news

magazine and newspaper stories published from 2001 through 2004.

The purpose of this study is not to take sides in the battle over whether cyberterrorism

is an immediate problem, a future threat, or an overhyped concept. Instead, this paper aims to

define the discourses around these concepts that are being built for citizens and policymakers

by the news media. This work is important because, for better or worse, “the mass media and

popular culture have altered how most Americans [and people of other nationalities] learn

about the world and how the world is run” (Altheide, 2004, p. 304). By laying out how one

portion of the mass media is defining cyberterrorism, this study provides an initial step

toward establishing a typology of terms that could help create a clearer picture of global

cyber crime. Because of legal and cultural differences among nations, it is already difficult

enough to respond to attacks on cyberspace. Disagreement on what is being targeted only

makes the problem more difficult. In addition, this study should provide information on

journalistic use of contested terms that could be of use to both scholars of media literacy and

journalism educators.


Background: A definitional muddle

One difficulty with the term “cyberterrorism” is rooted in semantic struggles around

“terrorism.” The older word, believed to have been derived from the Latin terrere, “to

tremble” or “to frighten,” and given the French suffix “ism,” came into English as a

descriptor for the regime of bloodshed in the French revolution (Tuman, 2003, p. 2). Since

then, “terrorism” has been used to describe so many situations in which violence was used

for political ends in violation of social norms that “even the simple act of agreeing on a

definition has been politicized” (Ballard et al., 2002, p. 990).

This politicization was particularly evident in journalistic circles in the wake of the

attacks of September 11, 2001, when the Reuters news agency confirmed its longstanding

policy to “avoid the use of emotive terms” (Reuters, 2004, ¶5), including “terrorist,” except

in direct quotations and the BBC asserted that “terrorist” should be employed cautiously.

(Similar concerns have risen again since the July 7, 2005, London bombings.) Some in the

news media have criticized the policies – which would seem to owe more to the traditionally

U.S. journalistic ideal of objectivity (Schudson, 2003, pp. 84-85) than to the British tradition

of an at least somewhat partisan press – saying that they imply too much consideration for

promulgators of violence (LaRocque, 2001; Shying away, 2005; Worthington, 2005).

Reuters, however, has defended its policy as being necessary to protect journalists working

for an operation that reports on all sides of many conflicts (Campbell, 2001; Grande, 2002)

and even asked newspapers in the Canadian CanWest Global Communications group to

remove reporters’ bylines from Reuters stories into which CanWest editors had inserted the

word “terrorist” (Austen, 2004).


Although no similar journalistic debate appears to have arisen around the word

“cyberterrorism,” neither has a consistent definition of that word emerged. Instead, Ballard et

al. (2002) write, the term generally has been conceptualized in one of three ways: vaguely, as

terrorism that occurs in cyberspace; legally, as those attacks against computers, networks, or

systems that governments have made unlawful; and specifically, incorporating accounts of

specific actions deemed to constitute cyberterrorism. There are several reasons, the authors

state, for this lack of consistency:

First, the operation definition of cyberterrorism changes over time. A generation in human terms may be 25 years, but in technological time, it may be only 3 years. The challenge … is not the same for general terrorism studies, in which for years, the most common tactic has been bombings … . Second, the choices of what will be included in the definitions, or even in the typology, are usually based on the personal perspectives of researchers. For example, if the author of a typology is an expert on hacking, the work he or she promotes will generally focus on varieties of this activity. (p. 993) Such explanations make the lack of a consistent definition of “cyberterrorism”

understandable, but they do not make it efficient – at least for those who believe that

cyberterrorism is an immediate threat that must be countered. As Debrix (2001) notes, unless

there is at least general agreement on what cyberterrorism is, there can be no effective

counter-cyberterrorism effort. This consideration would seem to be particularly important

because, as many scholars have pointed out, there is a communicative aspect to the politically

motivated violence commonly labeled “terrorism.” People who engage in such acts not only

seek to kill, maim, or disrupt; they also seek to let the world know that they have done so.

Research by media and peace studies scholars has demonstrated the efficacy of such tactics,

showing generally that media coverage of politically motivated violence can affect public

opinion about it perpetrators and can have an “agenda setting” function. (See, for example,

Weimann, 1990, 2000; Wanta & Hu, 1993.)


Perhaps just as important, news media use of a hazy or overly broad definition of a

societal problem like cyberterrorism can contribute to the problem by feeding public fears of

the unknown. Debrix (2001) maintains that the media:

[T]errorize the public by shoving in their face images and discourses that hammer in the presence of an uncertain danger and the need to take desperate emergency measures. Perversely, the media use against the public the same type of cyberterrorist weapons they claim to be condemning: data swarming, information overload, security conspiracies on the Internet … Faced with such a regime of mediatic terror, there is only one thing the population can and is encouraged to do: be afraid, be very afraid. (p. 164)

Although most working journalists and some media scholars probably would say that Debrix

overstates the case, it is not unreasonable to assert that in news media coverage of a public

menace, imprecision in terms may tend to aggravate the public’s apprehension. Such fear,

Altheide has found, “plays an important role in the social construction of terrorism” (2004, p.

294), as do definitional issues. After researching mass media coverage of the September 11,

2001, attacks, Altheide concluded that “powerful news definitions and meanings of context

can be consequential if they are pervasive, constant, and, above all, not contradicted by

systematic discussion and debate” (p. 304).

Little work, however, has looked at how “cyberterrorism” has been conceptualized in

the media. The closest research has been a dissertation study (Vegh, 2003) of how the cyber

term “hacker” was used in 627 news articles published in The New York Times, The Wall

Street Journal, The Washington Post, USA Today, and the San Jose (California) Mercury

News between March 2001 and March 2002. Because the September 11, 2001, attacks

occurred in the middle of data collection for that study, the author concentrated on

differences found before and after that point, noting that the number of articles that

conceptualized hacking as an online security issue generally increased somewhat after the


attacks (p. 257) but that the very small number of hacker stories that dealt with terrorism was

little changed (p. 270).

Research questions

Because of the lack of literature on the use of “cyberterrorism” in the news media,

three research questions were posed:

RQ1: How, if at all, has the frequency of use of “cyberterrorism” changed in the

mainstream U.S., UK, and Canadian print media?

RQ2: Do the mainstream U.S., UK, and Canadian print news media explicitly define

“cyberterrorism” for their audiences? If so, how?

RQ3: What implicit definitions of “cyberterrorism” are constructed by the contextual

use of the term by the mainstream U.S., UK, and Canadian print news media?

Method

This paper is based on a combination of quantitative and qualitative analyses of

articles published in mainstream U.S., UK, and Canadian English-language newspapers and

newsmagazines. First, to offer some evidence of how attention to “cyberterrorism” in the

news media has evolved, the frequency of usage of the word was traced, using the Lexis

Nexis Academic database. Then, a qualitative content analysis was conducted of uses of the

word “cyberterrorism” in 146 articles that appeared from 2001 through 2004 in sixty

mainstream, English-language U.S., U.K., and Canadian newspapers and newsmagazines.1

1 Publications from England, Scotland, Wales and Northern Ireland: Belfast News Letter, Belfast Telegraph, Birmingham Post, Bristol Evening Record, Financial Times, The Guardian, The Independent, Irish News, The (Newcastle) Journal, New Statesman, The Observer, Scotland on Sunday, The Scotsman, Sunday Herald (Glasgow), Sunday Times, Western Mail (Cardiff); U.S. publications: Atlanta Journal-Constitution, Boston Globe, Boston Herald, Chicago Sun-Times, Columbus (Ohio) Dispatch, Denver Post, Houston Chronicle, Milwaukee Journal-Sentinel, New York Daily News, The New York Times, Newsweek, Oregonian (Portland, Oregon), Pittsburgh (Pennsylvania) Post-Gazette, Rocky Mountain News (Denver, Colorado), Sacramento (California) Bee, San Antonio (Texas) Express-News, San Diego (California) Union-Tribune, San Francisco Chronicle, St. Louis (Missouri) Post-Dispatch, St. Petersburg (Florida) Times, Minneapolis


The articles – all those containing “cyberterrorism,” or “cyber-terrorism,” or “cyber

terrorism” in their headlines, titles, or lead paragraphs2 – were located using the “guided

news search” function of the Lexis Nexis Academic electronic database.3 Searches for the

terms were first done in the general news/major papers and general news/journals and

magazines categories. Then, to increase the number of articles from United Kingdom and

Canadian publications obtained, a similar search was conducted among the world

news/European sources and world news/North American-South American sources. Entries

from publications published outside the United States, the United Kingdom, and Canada

were discarded, as were articles from non-news magazines and entries that consisted only of

photo captions, letters to the editor, corrections, or lists of events. Both news and opinion

articles, however, were included in the final sample.

For the quantitative part of the analysis, the numbers of articles from each year were

counted and those that contained explicit definitions of “cyberterrorism” were identified.

Then, in the qualitative analysis, individual uses of the word “cyberterrorism” were coded,

(Minnesota) Star-Tribune, U.S. News & World Report, USA Today, The Wall Street Journal, The Washington Post; Canadian publications: Brockville (Ontario) Recorder and Times, Calgary Herald, Daily Miner and News (Kenora, Ontario), Edmonton Journal, Montreal Gazette, Toronto Globe and Mail, The Guardian (Charlottetown, Prince Edward Island), Hamilton (Ontario) Spectator, Leader-Post (Regina, Saskatchewan), London (Ontario) Free Press, Ottawa Citizen, Ottawa Sun, St. John’s Telegram (Newfoundland), The Standard (St. Catherine’s, Ontario), Stratford (Ontario) Beacon Herald, The Toronto Star, Vancouver Province, Vancouver Sun, Windsor (Ontario) Star. 2 Articles that contained “cyberterrorism” in their lead paragraphs, headlines, or titles were considered more likely to actually focus substantively on cyberterrorism than articles that merely used the term somewhere in their text. 3 There are limitations to using electronic databases, such as Lexis Nexis Academic, for obtaining the articles used in a content analysis. First, additions of publications to the database may have occurred during any sampling period, which might skew results for a researcher interested in the frequency with which some particular type of article appeared in the database. In addition, it is impossible to know whether some publications failed to send some content to the database and/or whether articles produced by freelancers were excluded because of U.S. copyright rulings that say such stories cannot be used in electronic databases without the freelancers’ permission (Biskupic & Locy, 2001). In the absence of other free and easily obtainable sources of content, however, electronic databases have become a commonly used tool in content analyses in media studies (e.g., Shah & Nah, 2004).


using the “microanalysis” process described by Strauss and Corbin (1998). “Open” and

“axial” coding and the constant comparative method were used to classify definitions and

usages of the term “cyberterrorism” and its orthographical variants. In keeping with the goals

of qualitative research, the aim of this part of the investigation was not to count or

quantitatively code particular usages of “cyberterrorism” but to locate, describe, and analyze

the discourses around cyberterrorism developed by the news media of the three countries.

Findings and discussion

RQ1: Cyberterrorism in the news A simple tally of the number of articles in mainstream, general-interest, U.S., U.K.,

and Canadian publications that used “cyberterrorism” in headlines or titles or the lead

paragraphs traced a curvelinear pattern. (See chart below.) Frequency rose sharply from

1996, when the Lexis Nexis A

headline, title, or lead

paragraphs of an

“major papers” newspap

index, peaking from 20

2002, then declining. The valu

of this finding is limited

because it is impossible to say how much of the pre-2000 increase in stories focusing o

cyberterrorism is the result not of growth of media coverage of the subject but of growth i

the number of publications contributing to Lexis Nexis Academic, which continues to add

new sources. However, it is useful to note that news media interest in cyberterrorism appea

to have been peaked before the attacks of September 11, 2001. That suggests that important

cademic database first recorded use of “cyberterrorism” in the

article in its

er

00 to

e

n

n

rs

Frequency of "cyberterrorism" articles

01020304050

1994 1996 1998 2000 2002 2004 2006

Year

Freq

uenc

y

Series1


themes in the news media discourse on cyberterrorism were developing before physical

attacks on New York and Washington took place.

RQ2: Explicit definitions of “cyberterrorism”

Frequency of explicit definitions

Of the 146 articles examined, only seven, or about 5 percent, provided an explicit

definiti

d,

,

f

est several things. First, it may be

at mo

These

on of “cyberterrorism.” Definitions were missing even from articles that placed the

term in quotation marks, suggesting it might be a created word (Arthur, 2002), or referred to

its “meaning”: “‘Cyberterrorism has a different meaning now,’ says Ruth Wedgewood of the

School of Advanced International Studies at Johns Hopkins University” (Martin, 2001, p.

9A). Explicit definitions of “cyberterrorism” were more prevalent earlier in the study perio

when fewer news consumers could have been expected to have been exposed to news about

cyberterrorism. Five of the seven definitions found appeared in 2001 articles, all from U.S.

publications, with four of those being published between September 11 and the end of the

year. One definition was found in 2002, in Britain’s Guardian newspaper, and one in 2003

in the London (Ontario) Free Press. One of the seven definitions appeared in an unsigned

opinion editorial; one – the earliest – was written by an intern, a newcomer to the practice o

journalism; and one was included by a freelance writer.

The low number of explicit definitions could sugg

th st journalists did not include formal definitions of “cyberterrorism” because they

believed the word was too common to need defining. Or it could be that most journalists

were unable to concretely define the term and so avoided using formal definitions in their

stories. Finally, it could be that journalists purposively chose not to formally define

“cyberterrorism” because they thought that implicit definitions served readers better.


possibilities will be explored further as the content of explicit and implict definitions are

analyzed.

Content of explicit definitions

f “cyberterrorism” found ranged from the short and

rather v

ion,

E).

d

es a

tion to

gree on what type of action constituted cyberterrorism. For

ts to

er

The seven explicit definitions o

ague phrase “the most insidious type of terrorism” (Wallace, 2001, p. A1), which

demands that the journalist and reader share a definition of “terrorism,” to a formal legal

definition used by the FBI: “a ‘premeditated, politically motivated attack against informat

computer systems, computer programs and data which results in violence against non-

combatant targets by subnational groups of clandestine agents’” (Canton, 2003, p. D11

Only that FBI definition and a definition offered in The Guardian, “using computers to

intimidate others to further political or social objectives” (Butcher, 2002, p. 1), mentione

political motivations, which are normally considered a key part of distinguishing terrorism

occurring outside cyberspace from other crimes. One definition, provided in the Boston

Globe by security consultant Peter Giannacopoulos, suggested that cyberterrorism requir

“hostile person or group” (Jiang, 2001, p. H2), but none of the other four definitions

mentioned characteristics or attitudes that must be possessed by perpetrators for an ac

be considered cyberterrorism.

Nor did the definitions a

The Guardian, it was enough that the cyber action “intimidate” others in a politically or

socially motivated way (Butcher, 2002, p. 1). For the San Diego Union-Tribune, “attemp

cripple critical electronic structures” were enough (Berdik, 2001, p. 6), and the St. Louis

Post-Dispatch required only that the actions be “designed” to “disrupt or disable” comput

networks (Web of Terror, 2001, p. B6). The definition offered by Giannacopoulos in the


Boston Globe required the more active “use” of computers (Jiang, 2001, p. H2), and

Newsweek defined the actions that would constitute cyberterrorism as “assaults” (Now

weapons of mass disruption?, 2001, p. 76).

There was also considerable variation

,

in what the target of such actions would have to

be to co

, p. 6)

or directed

ich, with two

f

xt

nstitute cyberterrorism. Two of the definitions from U.S. publications offered

ethnocentric conceptions: “electronic infrastructure in the United States” (Berdik, 2001

and “the nation’s computer networks” (Web of Terror, 2001, p. B6). Giannacopoulos avoided

that ethnocentrism but focused only on the commercial, “disruption of business or theft of

intellectual property” (Jiang, 2001, p. H2), while Newsweek made the object of

cyberterrorism much more general, defining its target as “anything dependent on

by flows of information” (Now, weapons of mass disruption?, 2001, p. 76).

The clear distinctions among and limitations of these definitions – wh

exceptions,4 were created by journalists – suggest that the most likely reason for a paucity o

definitions of “cyberterrorism” is that the journalists who help shape citizens’ opinions on

cyber policy are not merely divided, as scholars are (Ballard et al., 2002), about what the

term constitutes but unsure or, perhaps, misinformed. This is worrisome because, as the ne

section will demonstrate, even when journalists avoid formal definitions of cyberspace terms,

they nonetheless construct meanings for their audiences through their choices of words and

examples.

4 The FBI definition of “cyberterrorism” cited by The Guardian and the definition offered in direction-quotation style by security consultant Peter Giannacopoulos in the Boston Globe.


RQ3: Making meaning through implicit definitions

Qualitative analysis, using open and axial coding (Strauss & Corbin, 1998) of the

contexts in which “cyberterrorism” was used in the 146 news and opinion articles that

formed the sample for this study, revealed that news accounts of cyberterrorism construct

meaning implicitly in two major ways:

By associating cyberterrorism with or distinguishing it from other real-world

and cyber-world concepts

By locating cyberterrorism along a likelihood-of-occurrence continuum

These methods of meaning construction are explained in the following sections.

The power of association

Links in the articles between the word “cyberterrorism” and other online and offline

concepts created meanings that told two contrasting stories. The first discourse suggested that

cyberterrorism is linked to computer viruses, cybercrime, and “hackers,” a term that

encompasses people ranging from those who enjoy “learning the details of computer systems

and how to stretch their capabilities to a malicious or inquisitive meddler who tries to

discover information by deceptive or illegal means” (Schell & Martin, 2004, p. 1). In some

instances, these associations were open to interpretation. For example, when The Scotsman

reported in 2001 that Britain’s Terrorism Act would target “computer hackers who use

‘cyber-terrorism,’” (Percival, 2001, p. 2) it used a construction that might be read to suggest

that the act was aimed only at hackers who are also cyberterrorists, not also the so-called

“White Hat” hackers, who “maintain that they are motivated by created exploits … including

the quest for knowledge or the need to find intrusion flaws by breaking into a computer

system with authorization” (Schell & Martin, 2004, p. 2).


Other associations were less ambiguous. In 2001, for example, The Guardian used

appositional sentence structure to equate “cyberterrorism” with hacking: “If you believe

Robin Cook, the main threat we face from computers is ‘hacking’. Cyber-terrorism, he

warned his parliamentary colleagues, can ‘cripple Britain faster than a military strike’”

(Sutherland, 2001, 9). The San Antonio (Texas) Express-News set up a similar association

between cyberterrorism and hacking in 2002 when it used the headline “Cyber terrorism:

another grave issue” over an editorial that began, “Attempts to hack into computer systems

on which the Express-News, UTSA [the University of Texas at San Antonio] and other

organizations and agencies rely are common” (p. 2G). That editorial conceded that such

efforts are “usually the work of so-called ‘script kiddies,’ young hackers with too much time

on their keyboard-friendly hands and too much mischief in their computer-savvy heads” (p.

2G) – hardly a description of cyberterrorists. Most bizarrely, perhaps, the Boston Herald

linked cyberterrorism with attacks resulting from an apparent fetish expressed online:

A New York assistant principal who posed as a Boston University coed obsessed with watching young men get tickled must serve six months in a halfway house for cyberterrorism, a federal judge ruled yesterday. David D’Amato, a balding, 40-year-old who begins law school next month at Fordham, stood and apologized in federal court to his parents and to the Internet users whom he attacked online after they refused to provide him with more videos of tickling. (‘Territickle’ gets 6 months, 2001, p. 17.)

Just the opposite story – that cyberterrorism is distinct from hacking and other kinds

of cybercrime – was also told. Often, these distinctions were subtle, as when the Calgary

(Alberta) Herald described a program to “combat the threat of cyberterrorism and other

cybercrime” (Gray, 2002, p. B5), The Washington Post wrote that an alert system would be

“a clearinghouse of information on hacking, viruses, worms and cyberterrorism” (Krim &

Musgrove, 2004, p. E5), and The Birmingham (England) Post noted that “the threat of cyber-


terrorism [was] being added rapidly to the increasing impact of email viruses and hacker

intrusions” (E-business, 2003, p. 23). By mentioning each of these cyber problems separately

in a list that did not make any of the words appositives of or subordinate to another, the

newspapers emphasized the distinctions among the meanings of the words, rather than the

associations of the concepts. Other constructions, however, made the distinction even plainer,

as when a Minneapolis Star-Tribune reporter wrote, “what the world has seen instead of

cyberterrorism is a continuation of cybervandalism by hackers” (Alexander, 2003, p. 1D), a

phrase that separated the cybercrime of cyberterrorism from the cybermisdemeanor of

vandalism.

It is interesting to note that although discourses that emphasized distinctions among

cybercrime concepts were present in each of the years studied, associations between the word

“cyberterrorism” and “hackers” were not present in the twenty-two articles analyzed from

2004. This may indicate that journalists’ understandings of “cyberterrorism” are shifting to

see it as distinct from other types of cybercrime or online mischief making.

Likelihood-of-occurrence continuum

Authors of the articles analyzed also created implicit definitions of “cyberterrorism”

by giving readers four distinct types of cues about how likely cyberterrorism was to occur.

These could be arranged along what might be called a likelihood-of-occurrence continuum.

At what might be conceptualized as the far left-hand side of the continuum, some articles

asserted the existence of acts of cyberterrorism. For example, The Guardian reported in 2001

that 32 percent of senior personnel in the Communications Management Association

“admitted being the victim of cyber-terrorism” (Hopkins, p. 1), and The Gazette of Montreal

invited readers to “enter the world of cyberterrorism. And if you think it exists only in


Hollywood or virtual reality, that by hitting the ‘off’ switch on your computer you can get rid

of it, think again” (Sevunts, 2002, p. C1).

The discourse of cyberterrorism existing in the past or present was far less

representative, however, of the discussion overall than the discourse built around the next

point on the likelihood-of-occurrence continuum: the notion that cyberterrorism was an

imminent or growing threat. Articles throughout this collection echoed the idea, saying that

cyberterrorism was “a growing threat” (Kosseff, 2001, p. C01) or “realistic possibility”

(Harnden, 2002, p. A9) “that could reach any company” (Sherman, 2001, p. 68C),

represented “potential devastation” (Gast, 2001, p. 7P), made the United States “highly

vulnerable” (Toner, 2001, 4A), had been “upgraded from a Hollywood-type futuristic

scenario to a real concern” (Sevunts, 2002, p. C1). It would “bring the Internet down for at

least a day or two in the coming year” (Jamieson, 2002, p. A82), “might prove attractive to

[Iraqi] extremist groups” (Rojas, 2003, p. 27), and could be “aimed at networks that control

energy, water and other critical services (Krim, 2004, p. E02).

This litany of possible threats created an implicit definition of “cyberterrorism” for

readers as something that, though not already among us, was so likely that fear was

warranted. In fact, the “cyber attack-as-imminent threat” discourse may have created a

scarier definition of “cyberterrorism” than was implicit in articles that suggested that

cyberterrorism had already occurred. Language used in connection with defining

cyberterrorism as a growing but not yet real threat – “devastating,” “aimed,” “vulnerable” –

may have left a more frightening impression than would have the suggestion that

cyberterrorism, though already a fact, is survivable.


Moving further right on the cyberterrorism-occurrence continuum, one encountered a

discourse that defined “cyberterrorism” as something that has not (yet) occurred. Generally,

this discourse asserted that there had been no verifiable cyberterrorist attacks but left open

some possibility that such attacks might occur. For example, Alexander (2003) noted in the

Minneapolis Star-Tribune that “Symantec Corp., a computer security firm, won’t rule out

cyberterrorism, but say they’ve never seen anything remotely like it” (p. 1D).

At the far right of the likelihood-of-occurrence continuum was discourse that

suggested that not only had cyberterrorism not occurred but that concerns about it also had

been overhyped. Somewhat surprisingly, this line of thought was evident even before and

immediately after the physical attacks of September 11, 2001. In the 2001 articles analyzed,

however, assertions that concerns over cyberterrorism were overblown were always

attributed to experts, as in this sentence from the Denver Post: “ ‘All the hype in the media

about cyberterrorism and viruses is distracting network executives away from the real threat,

which is their own employees,’ said Bob Forbes, vice president at Authentor Systems Inc., a

security software firm in Denver” (Beauprez, 2001, p. E-01).

In 2002 through 2004, however, assertions that cyberterrorism fears may have been

overplayed moved into parts of articles that were not direct quotations from sources. For

example, the lead paragraph of a 2002 San Francisco Chronicle article asserted that many

experts were “skeptical about the overall menace of cyber-terrorism” (Wallace, 2002, p.

A11) – even though the author of the article had called cyberterrorism “the most insidious

type of terrorism” (Wallace, 2001, p. A1) less than a year earlier. A 2003 Globe and Mail

column went further, stating as fact – without reference to an expert source – that “there were

only 10 documented cyberattacks on U.S. and British targets on Feb. 17 [2003], the day of


massive worldwide anti-war protests that many security people warned would also be a nice

day for cyberterrorism” (Kapica, 2003).

A model of cyberterrorism coverage

Development of the four discourses lying along the likelihood-of-occurrence

continuum described above – cyberterrorism is a reality, cyberterrorism is likely threat,

cyberterrorism has never happened (yet), or cyberterrorism concerns have been overblown –

was aided, in part, by what might be conceptualized as “supporting actors”: accounts of

specific threats, fears, protections, expertise, and characteristics associated with one of the

conceptions of cyberterrorism. For example, the creation of an implicit definition of

cyberterrorism as a growing and impending threat was aided by descriptions of fears of

cyberterrorism, defenses against cyberterrorism, and the need for experts to study how to

thwart terrorism. Not all of these supporting accounts were available in each article; in fact,

most articles contained only one, two, or a few characteristics associated with the article’s

particular conception of the likelihood of a cyber attack. However, close readings of all 146

articles in the sample together suggested that a model of cyberterrorism coverage (see Table

1) could be developed by looking at how the supporting themes emerging from the articles’

conceptualizations of cyberterrorism related to the larger issue of the likelihood of a cyber

attack.

Table 1 – Cyberterrorism coverage model

Reality Likely threat Never happened Overhyped Fear is expected and justified Terrorists lack the needed tech skills

Defense and protection are key concepts Cyberterrorism is less effective than bombs

Experts are needed Awareness is important Civil liberties should be preserved


On the left side of the model, where one would find articles in which cyberterrorism

is implicitly defined as a reality or a likely threat, it is logical to also place articles that

contain fear appeals, such as descriptions of “growing fears about the threat of

cyberterrorism” (Hopkins, 2001, p. 1). To balance the fear appeals inherent in this discourse,

accounts of defense are important. So coverage includes battlefield language, such as “fight

against terrorism” (Miller, 2002, p. 4E) and “a strategy for combating cyberterrorism”

(Nairn, 2003, p. 10) and accounts of efforts to fight the threat, such as grants to universities

for anti-terrorism research (Spice, 2002, A-1; Argetsinger, 2002, A12).

On the near right side of the continuum, where articles implicitly define

cyberterrorism as something that has not occurred – and, thus, is not of imminent risk – or is

overhyped, there appears to be a need to offer justification for this stance. Two reasons were

most often offered in the articles considered here. First, there may be a “lack of technical

skill in potential terrorist nations” (Alexander, 2003, 1D). Second, cyberterrorism may not

appeal to the aims of those people whom we popularly call terrorists. As the Boston Globe

put it: “[C]yberterrorism lacks a certain something – namely, terror. ‘I know what terrorism

is,’ said Bruce Schneier of Counterpane Internet Security Inc. ‘It’s when a school bus blows

up or an airplane flies into a building. When I can’t get my e-mail, that’s not terrorism’”

(Bray, 2003, B11).

Underlying this two-sided model, but overlapping the division between the

reality/likely threat vs. never happened/overhyped sides, are descriptions from the articles of

about how news consumers should react to cyberterrorism. On the left side is represented the

need, in a threatening situation, to evoke expertise, which helped produce lead paragraphs


like: “A Calgary computer security expert is helping Canadians protect themselves from

cyberterrorism while keeping an eye on electronic privacy” (Gray, 2002, p. B5). Awareness

extends underneath three of the topmost categories because it was invoked as important to

protect computer security whether cyberterrorism was a likely threat (Lessons to be learned,

2001, p. A10; Schwartz, 2002, C1) or only a dim prospect (Mackintosh, 2003, p. 4). As the

small amount of space given to civil liberties in the model indicates, the articles that

considered them (e.g., Butcher, 2002) were not representative of the collection overall.

However, inclusion in some stories of discussion of whether civil liberties might be trampled

in the rush to thwart an over-hyped cyberterrorism threat provides a counterweight to the left

side of the model, where relief from the “threat” of cyberterrorism is sought, in the form of

expert advice.

Because this model was derived from a particular collection of articles, it should not

be expected to be indicative of every group of articles on cyberterrorism, though the model

could very well prove useful in further study of diffusion of contested ideas in the

mainstream news media. It also offers a starting point for looking differently at

cyberterrorism. It suggests that the essential problem with using the word “cyberterrorism” is

bound up in whether cyberterrorism occurs – or occurs “enough” – to be seen as an important

problem.

Conclusions and ideas for future research

This work set out to determine how news media in Canada, the United Kingdom, and

the United States had conceptualized for news consumers and citizens the term

“cyberterrorism,” which is a source of conflict in industry, government, and the academy.

The research showed that definitions of “cyberterrorism,” already being developed in the


news media before September 11, 2001, were rarely explicitly expressed and, when they

were, varied widely. In some ways, this is not surprising, given what Ballard et al. (2002)

pointed out about definitions of “cyberterrorism” among scholars: that they tended to lag

behind developments in the cyber world and reflect scholars’ particular areas of expertise.

Imagine how those factors might be multiplied for journalists. Any given journalist’s

coverage responsibilities may extend so far beyond cyberterrorism that he or she would be

very hard-pressed to notice the developments in a rapidly changing field that even scholars

might miss. Journalists might also find themselves grasping to use in defining

“cyberterrorism” the terms they know, just as scholars who are experts on hacking, Ballard et

al. (2002) say, tend to create typologies of cyberterrorism that are overly focused on hacking.

So the more important question became: How did the news media build implicit

definitions of “cyberterrorism,” those embedded in the contexts in which the term was used?

The answer is that implicit definitions mirrored the disagreement in the academy and

industry. Implicit definitions began by associating with “cyberterrorism” a variety of online

and physical-world concepts that produced oppositional meanings for the word, as either

related to or distinct from other types of cybercrime and cyber mischief. Implied definitions

also owed much to conceptualizations of how likely cyberterrorism was to occur. They took

that crucial area of disagreement, then crafted four conflicting stories about those threats,

weaving in supporting themes of fear, threats, the need for expert advice, calls for awareness,

and calls for the support of civil liberties.

This work shares the limitations of all content analysis: It can tell us what the mass

media appear to have done, but it can only guess at what the effect those choices might have

on audiences. Although there has been considerable research on the effect of media reports of


terrorism on audiences, there has been little, if any, research on how audiences perceive

potential terrorism risks or how they respond to confusion of terminology in the news media.

Future research also might profitably consider a larger number of articles, starting with

earlier dates, to allow for tracing of the development of news media definitions of

“cyberterrorism.”

The research suggests that we are still far from universal agreement on the meaning

of “cyberterrorism,” and so are far from knowing how to respond to it or defend against it.

The limitations of the research tend to suggest that much more study needs to be done before

we know how disjointed the definitions and interpretations are, and thus how much progress

needs to be made toward an effective defense structure.


References

Alexander, S. (2003, February 13). The cyberterror scare. Star Tribune, p. 1D. Altheide, D. (2002). Creating fear: News and the construction of crisis. New Brunswick, NJ:

Transaction. Altheide, D. (2002). Consuming terrorism. Symbolic Interaction 27 (3), 289-308. Argetsinger, A. (2002, May 15). Va. Colleges get funding to help fight cyber-terror; GMU

and JMU awarded $6.5 million U.S. grant. The Washington Post, p. A12. Arthur, C. (2002, December 21). DJ wrote virus that hit 27,000 computers. Financial Times,

no page number. Austen, I. (2004, September 20). Reuters asks a chain to remove its bylines. The New York

Times, p. 9. Ballard, J. D.; Hornik, J. G.; and McKenzie, D. (2002). Technological facilitation of

terrorism. American Behavioral Scientist 45 (6), 989-1016). Beauprez, J. (2001, November 5). Computer threats lurk inside and out; Layoffs raise

hacking fears. Denver Post, p. E-01. Berdik, C. (2001, August 28). Hacktivism: Hackers-activists push their causes using

technology. San Diego Union-Tribune, p. 6. Biskupic, J., & Locy, T. (2001, June 26). High court sides with writers Says publishers must

pay authors for articles put into databases. USA Today, p. 3A. Bray, H. (2003, March 24). Cutting through cyberterror hype. The Boston Globe, p. B11. Butcher, M. (2002, December 5). Online: Cyber hype: Cyberterrorism is giving governments

an opportunity to curb civil liberties, but is it really a lethal weapon? The Guardian, p. 1.

Campbell, K. (2001, September 27). When is ‘terrorist’ a subjective term? Christian Science

Monitor, p. 16. Canton, D. (2003, April 25). Cyber attacks a concern. London (Ontario) Free Press, p. D11E.

Conway, M. (2002, November). Reality bytes: Cyberterrorism and terrorist ‘use’ of the Internet. First Monday 7 (11) Retrieved August 5, 2005, from http://firstmonday.org/issues/issue7_11/conway/index.html

http://firstmonday.org/issues/issue7_11/conway/index.html


Debrix, F. (2001). Cyberterror and media-induced fears: The production of emergency culture. Strategies: Journal of Theory, Culture & Politics 14 (1), 149-168.

Denning, D. E. (2000, May 23). Cyberterrorism: Testimony before the Special Oversight Panel on Terrorism Committee on Armed Services U.S. House of Representatives. Available at http://www.cs.georgetown.edu/~denning/infosec/cyberterror.html

Don, A. (2004, June 6). Cash: Cyberterrorism: Is your cash safe from a nightmare on the net? The Observer, p. 7.

Dunnigan, J. F. (2002). The next war zone: Confronting the global threat of cyberterrorism. New York: Kensington Publishing Corp.

E-business: Wake-up call over online security. (2003, February 4). Birmingham Post, p. 23.

Embar-Seddon, A. (2002). Cyberterrorism: Are we under siege? American Behavioral Scientist 45 (6), 1033-1043.

Gast, S. (2001, November 4). Q&A: As computers proliferate, terrorists find more targets. Atlanta Journal-Constitution, p. 7P.

Giacomello, G. (2004). Bangs for the buck: A cost-benefit analysis of cyberterrorism. Studies in Conflict & Terrorism 27, 387-408.

Grande, C. (2002, September 18). Reuters learns to face its public. Financial Times, p. 15.

Harnden, T. (2002, June 28). Al-Qaeda plans cyber attacks on dams: Terrorists studying switching systems for water, power grids. Ottawa Citizen, p. A9.

Hinde, S. (2001). Incalculable potential for damage by cyber-terrorism. Computers & Security 20, 568-572.

Hopkins, N. (2001, April 3). Cyber terror threatens UK’s biggest companies. The Guardian, p. 1.

Ingles le-Noble, J. J. (1999, October 21). Cyberterrorism hype. Jane’s Intelligence Review. Retrieved August 7, 2005, from http://212.111.49.124/cyberterror/resources/janes/jir0525.htm

Jamieson, J. (2002, December 26). Internet a terror target: Invasion of Iraq would galvanize malicious hackers, expert says. The Vancouver Province, p. A82.

Jiang, J. (2001, December 30). Job explainer: Security consultant. The Boston Globe, p. H2.

Kapica, J. (2003, March 6). Cyberwar, what is it good for? Virtually nuthin’. Globe and Mail, no page number available.

http://www.cs.georgetown.edu/%7Edenning/infosec/cyberterror.html

http://212.111.49.124/cyberterror/resources/janes/jir0525.htm


Kramer, R. (2002/2003). Internet use by terrorists and content analysis of terrorist Websites. Master’s thesis, University College, London).

Kosseff, J. (2001, September 26). Experts raise cyberterrorism awareness. The Oregonian, p. C01.

Krim, J. (2004, April 2). U.S. goals solicited on software security; Task force suggests limited regulation. The Washington Post, p. E02.

Krim, J., and Musgrove, M. (2004, January 29). U.S. takes anti-virus role; Web site to track cyber-attacks, advise consumers. The Washington Post, p. E05.

LaRocque, P. (2001, December). Fighting the word war. Quill magazine, p. 46.

Mackintosh, H. (2003, February 20). Working it out: Dot bomb. The Guardian, 4.

Martin, S. T. (2001, September 23). Searching for terrorists? Check U.S., Canada. St. Petersburg Times, p. 9A.

Nairn, G. (2003, March 12). Seeking safety nets in an unsafe world. Financial Times, p. 10.

Nakashima, E. (2001, July 11). Specialist accuses Bush of ignoring ‘talent drain.’ The Washington Post, p. A17.

National Infrastructure Protection Center. (2001). Cyberprotests: The threat to the U.S. information infrastructure. Retrieved August 5, 2005, from http://permanent.access.gpo.gov/websites/unt/nipc/www.nipc.gov/publications/nipcpub/cyberprotests.html

Now, weapons of mass disruption? (2001, October 29). Newsweek, p. 76.

Percival, J. (2001, February 20). Straw defends extended anti-terror legislation. The Scotsman, p. 2.

Perlstein, G. R. (1986, November). The changing face of terrorism: From regicide to homicide. International Journal of Offender Therapy and Comparative Criminology 30 (3) 187-193.

President’s Information Technology Advisory Committee. (2005) Cybersecurity: A crisis of prioritization. Retrieved August 7, 2005, from http://www.nitrd.gov/pitac/reports/20050301_cybersecurity/cybersecurity.pdf

Reuters. (2004, October). Editorial policy. Retrieved August 15, 2005, from http://about.reuters.com/aboutus/editorial.

Rojas, P. (2003, April 24). Online: The paranoia paid off. The Guardian, p. 27.

http://permanent.access.gpo.gov/websites/unt/nipc/www.nipc.gov/publications/nipcpub/cyberprotests.html

http://permanent.access.gpo.gov/websites/unt/nipc/www.nipc.gov/publications/nipcpub/cyberprotests.html

http://www.nitrd.gov/pitac/reports/20050301_cybersecurity/cybersecurity.pdf

http://about.reuters.com/aboutus/editorial


Schell, B. H. (2002). The hacking of America: Who’s doing it, why, and how. Westport, CT: Quorum.

Schell, B. H., & Martin, C. (2004). Cybercrime: A reference handbook. Santa Barbara, CA: ABC/CLIO.

Schudson, M. (2003). The sociology of news. New York: W.W. Norton.

Sevunts, L. (2002). Cause for concern: experts. The Gazette, p. C1.

Shah, H., & Nah, S. (2004). Long ago and far away. Journalism 5 (3), 259-278.

Sherman, E. (2001, October 15). Terror’s next target? Newsweek, 68C.

Shying away from the ‘T’ word. (2000, July 17). The Boston Herald, p. 22.

Sofaer, A., & Goodman, S. E. (2001). Cybercrime and security: The transnational dimension. In Sofaer, Abraham, & Goodman, Seymour E., Eds., The transnational dimension of cyber crime and terrorism, pp. 1-34. Stanford, CA: Hoover Institution Press.

Spice, B. (2002, October 8). CMU taking a leading role in war against cyberterrorism. Pittsburgh Post-Gazette, p. A-1.

Strauss, A., & Corbin, J. (1998). Basics of qualitative research: Techniques and procedures for developing grounded theory, 2nd ed. Thousand Oaks, CA: Sage.

Subcommittee on Cybersecurity, Science, and Research and Development of the U.S. House of Representatives Select Committee on Homeland Security. (2004, December). Cybersecurity for the homeland.

Sutherland, J. (2001, April 16). Forget pornography and hackers – gambling is the real danger on the net. The Guardian, p. 9.

‘Territickle’ gets 6 months. (2001, July 17). The Boston Herald, p. 17.

Toner, M. (2001, November 4). Cyberterrorism danger lurking. Atlanta Journal-Constitution, p. 4A.

Tuman, J. S. (2003). Communicating terror: The rhetorical dimensions of terrorism. Thousand Oaks, CA: Sage.

Vatis, M. A. (2001, September 22). Cyberattacks during the war on terrorism: A predictive analysis. Report issued by the Institute for Security Technology Studies at Dartmouth College. Retrieved August 7, 2005, from http://www.ists.dartmouth.edu/analysis/cyber_a1.pdf

http://www.ists.dartmouth.edu/analysis/cyber_a1.pdf


Vegh, S. (2003). Hacking for democracy: A study of the Internet as a political force and its representation in the mainstream media. Ph.D. dissertation, University of Maryland.

Verton, D. (2003). Black ice: The invisible threat of cyberterrorism. New York: McGraw-Hill Osborne Media.

Wallace, B. (2001, November 12). Next major attack could be over Net. The San Francisco Chronicle, A1.

Wallace, B. (2002, June 30). Security analysts dismiss fears of terrorist hackers; electricity, water systems hard to damage online. San Francisco Chronicle, p. A11.

Wanta, W., & Hu, Y. (1993). The agenda-setting effects of international news coverage: An examination of differing news frames. International Journal of Public Opinion Research 5 (3), 250-262.

Web of terror. (2001, October 12). St. Louis Post-Dispatch, p. B6.

Weimann, G. (2000). Terrorism as theater: Mass media and redefinition of image. In Hanna Herzog and Eliezer Ben-Rafael, Eds., Language and communication in Israel, pp. 497-515. New Brunswick, NJ: Transaction Publishers.

Weimann, G. (2004, December). Cyberterrorism: How real is the threat? Washington: United States Institute of Peace. Retrieved August 5, 2005, from http://www.usip.org/pubs/specialreports/sr119.html

Worthington, P. (2005, July 25). This is war – so pick sides. The Toronto Star, p. 7.

http://www.usip.org/pubs/specialreports/sr119.html

fear-mongering or fact: the construction of 'cyber

Documents