Since the 1990s and the end of the Cold War, Africa has experienced a strong upward trend in ICT capabilities and technological advancement. Due to Africa’s young population, many global stakeholders and investors saw Africa as an investment destination. According to Oladipo David’s and Wynand Grobler’s research, this has led Africa to undergo a mobile telecommunication revolution for the development of mobile communications in both the public and private sectors. According to the International Telecommunication Union database, total mobile penetration – individuals using mobile phones with internet connectivity – has more than doubled in Africa since 2000, with Nigeria, South Africa, Uganda, DRC and Cote d’Ivoire having more mobile connections than fixed telephone lines. Yet, as digitalisation on the continent increases, so too does the potential for cyberattacks and, by extension, cyberterrorism. The increased ease of access enabled by increased mobile penetration in Africa has enabled almost any connected fanatic or violent extremist group or individual to more easily orchestrate and coordinate what can be labelled as a cyberattack or online criminal activity in order to promote a specific political, religious or ideological agenda.
Terrorism in Africa is no new phenomenon, and the study of the various ways in which media are used in Africa is also no new field of study. However, when merging these fields, something interesting arises. According to various researchers, including van der Veer, terrorists, regardless of where in the world they are located, will always use the latest and best technology and means at their disposal; this basic concept begs the question of whether that justifies a completely new concept in specifically African security research.
This Insight aims to provide an overview of the use of ICT in Africa, specifically looking at how easily the term ‘cyber’ is used or misused in the African context. This Insight also gives way to a critical discussion on how best to understand and eventually combat the potential threat of cyberterrorism. When taking into consideration the already contested term ‘terrorism’, adding another contested prefix – ‘cyber’ – makes the challenge of defining, analysing and conceptualisation more profound.
Cyberterrorism, as an academic and political concept, has been historically called into question, particularly in the African context. Indeed, terrorism as a concept is itself highly contested, as no accepted definition exists among academics and practitioners. Almost any form of modern threat in the current age can be studied with an added ‘cyber-’ element. This raises a number of strategic questions in terms of combating cyberterrorism in various global contexts. How do these approaches differ from ‘traditional’ counterterrorism measures, and where is a line drawn in the proverbial sand between terrorism, cyberterrorism, crime and cybercrime?
In an effort to demarcate the scope and labelling of attacks as cyberterrorism and not just cybercrime, academics have added the element of political motivation and fear to the nascent and already contested definition of cyberterrorism. This definition would mean that one of the only aspects differentiating cyberterrorism from terrorism is the use of information technology. The African element comes into play when one asks the question of how connected Africa really is in relation to the rest of the world. When looking at the expounded definition of cyberterrorism, it needs to be noted while both cyberattacks and terrorist attacks are common, there have been no recorded cyberterrorism attacks in Africa.
Information and Communication Technology (ICT)
Before the concept of cyberterrorism in Africa can be directly addressed, I will first provide context about the rise of Information and Communication Technology (ICT). Traditionally ICT is seen as a synonym for Information Technology (IT), which serves as an umbrella term for communication and the integration of telecommunication, computers, software, and audio- and visual systems that enable users to gain access to, store, send and receive information. Still, the value and requirements of effective ICT differ from sector to sector. In the long term, it indicates the importance of cybersecurity. It offers a view on the growth of the understanding of cyberterrorism and research that can assist in understanding various conceptualisations of ICT.
The minimum requirements of ICT or even cybersecurity will differ for different actors. For governments, ICT is a beneficial tool for governance. Activists who want to bring about ideological change will see ICT as a convenient instrument for mobilisation, but will still attach value to anonymity and privacy. Cybercriminals may conceptualise it as a way to spread a certain view or want vulnerable audiences to have access. At the same time, law enforcers of an oppressive regime will prefer fewer citizens to have access, so that they cannot use ICT to challenge the government.
Scholars, researchers and policymakers need to apply caution when it comes to the correlation between Africa’s acceptance and advancement of technology on the continent and actual instances of cyberterrorism. Again, no actual cyberterrorist attack has been recorded to date, not in first-world countries where technological advancement is commonplace, nor in Africa where security lapses and loopholes in technological infrastructure might more easily be found and exploited.
Terrorist Use of ICT in Africa
Terrorists and violent extremists in Africa make frequent use of information technology for various purposes to advance ideological causes. These include the spread of propaganda, radicalisation, the gathering of information, networking, recruitment, communication and coordination. According to the previously discussed definitions, the use of technology and cyberspace does not equate to cyberterrorism. These examples are all known uses of communication technology that have been employed by traditional forms of terrorism for decades.
Many researchers have conducted studies on the impact of online extremist content on the radicalisation process and terrorist behaviour. The high and increasing levels of internet access and the easy production and dissemination of violent content may have radicalising effects, but as Scriven and Gaudette describe, online radicalisation does not happen in a vacuum. In the African context, with a cultural reliance on community and kinship, it is important to note that although mobile connection has increased over the last few decades, word-of-mouth and social influences on radicalisation and recruitment cannot be overlooked.
The issue of categorising cybercrime, cyberterrorism and terrorism remains a central one; instances of terrorists using the internet and other ICT networks could be categorised as cybercrime. This classification is based on the fact that the act is malicious, conducted online, and even has a political motive, but might not disrupt essential or critical infrastructure within the states in which these groups operate. Thus, should the contested definitions of cyberterrorism have a certain ‘checkbox’ process, where would one draw this unclear line between cybercrime, cyberterrorism and traditional terrorism?
The same criminals who would gain financially by targeting critical infrastructure in African countries may have financial but not political motivations, and as such would not be labelled cyberterrorists. If other criminals or terrorists then use the same software or systems to target the same critical infrastructure but with the added political or ideological motivation, the label of cyberterrorist would in that case be applied.
There is an ongoing debate within cyberterrorism research regarding whether cyberterrorism which results in offline consequences should be regarded as cyberterrorism. This connects to the ‘politics of fear’; Dorothy Denning states that a narrower conceptualisation of cyberterrorism specifies that an attack must be “sufficiently destructive or disruptive to generate fear comparable to that from physical acts of terrorism”. The destructiveness noted in this definition would refer to harm in the physical world, outside of cyberspace, inflicted upon intended or unintended targets. The other side of the cyberterrorism debate is argued by researchers maintaining that the online impact of cyberterrorism is enough to generate fear and intimidation similar to a physical attack. Holt, in this case, argues that the “economic hardship produced by a cyberattack, coupled with fear of the likelihood that it may occur again, could be equal to a physical attack”.
Keeping in mind that all of these definitions (as well as contestations regarding definitions and debates) are hypothetical and speculative, expansive definitions are still employed by African states. These states are hardly capable of addressing the traditional terrorism threat and are now expected to adapt, advance and employ counter-measures to a threat that is not yet understood by even the most developed countries. Without proper differentiation and international consensus regarding what exactly the threat is that these nations are facing, creating effective countermeasures would be a nearly impossible task. There is little distinction between cyberterrorism, cybercrime and terrorists’ use of the Internet; in this respect, cyberterrorism as a concept loses meaning and lacks the rigour to qualify for intense and in-depth academic study.
In the 21st century, the exponential growth in internet accessibility has irreversibly transformed society and the nature of modern communication. The internet has become part of our daily lives, and it also plays a growing part in the actions of extremists. Extremist individuals misuse the internet as a means for advertising, recruiting, propaganda, training and communication. Consequently, it becomes increasingly important to study and understand the factors that influence and fuel violent extremist activities. If the internet can exacerbate the process of radicalisation and promote the spread of extremist activities, it becomes essential for academics, state role players and policymakers to have globally-reaching knowledge of these processes.
In the African context, the role of word-of-mouth recruitment, communal values and the use of traditional forms of communication like shortwave radios, community forums and religious meetings will remain valuable, trustworthy and affordable means of promoting and pursuing and promoting political and ideological goals. ICT and cybersecurity have a set of requirements and guidelines to adhere to, and that is precisely what makes systematic research and understanding difficult. ICT can simultaneously be the mediator and challenger of safety and good governance in Africa.
Dr. Alta Grobbelaar is a lecturer and researcher in Political Studies and Governance at the University of the Free State in Bloemfontein, South Africa. Her research focuses on terrorism and its various manifestations in Africa.