September 10 2001 was just another Monday at the time but in 9/11 commemoration month its ordinariness has come to fascinate people as a gateway to a lost world. It will be forever stuck in some people’s minds as the day beyond which ‘the world was never the same’.
Whatever the editorials say, the world’s wider concerns that day are pretty much the same as they are now – the economy, geo-politics, the role of the US in world affairs - but what has perhaps changed are the way they are prioritised and the language of risk and fear itself.
In 2001, cybercrime was a low-grade fever and cyberterrorism at best a topic for the conference circuit; the Internet was a hyped space but for most people most of the time just a quick way to buy a few books and send emails. That modest world is gone too.
Exactly who coined the term 'cyberterrorism' is in some dispute but it is likely that it emerged in the work of one or more US security researchers in the mid-1990s who saw the potential for politically-motivated attackers to disrupt the suddenly-global phenomenon of the Internet.
The appeal of attacking things on the Internet was clear – it stretched to every corner of the globe and despite the control US organisations had over its root structure, it was non-hierarchical. This offered the asymmetric warriors with a bent for tech the chance to fight on a level battlefield where a small group could, for the first time ever, muster the resources to attack even the largest organisation.
People nodded their heads when informed of this threat but few listened that attentively, even in Washington.
That changed abruptly after 9/11 as did everything else on the theme of security, starting with a whole new US department, Homeland Security, being handed the job of worrying about it using the all-encompassing Patriot Act. Suddenly from being a remote possibility it became an assumed certainty and arguments about the acceptable online surveillance of citizens skewed.
Just as extremists had used simple airliner technology to attack the US so they would migrate to the easy and equally undefended Western targets on the Net of which seemed countless in number.
Anyone that came near these resources probably regretted it badly as DIY bedsit hacker Gary McKinnon can attest after years being pursued by the US as hacker enemy number one for some ill-advised riffling around on military and NASA servers in October 2001. Hackers were no longer quaint pests.
The punchline is that contrary to predictions made in the years immediately after 2001, the Internet hasn’t been a great weapon for terrorists at all and has flourished instead as a gigantic forum for unpoliced and usually unrecorded crime, fraud and scamming on a previously unimagined scale. Today to that must be added the influence of DIY hacktivism and what amounts to a sort of disingenuous e-War between competing states.
The state, meanwhile, has made itself felt with arrests and e-crime departments that have swelled massively in numbers, influence and budget.
Cyber didn’t go ‘terrorist’ at all in the last decade so much as ‘geo’, with countries pretending they have nothing to do with the ever more complex and targeted hacks that just so happen to invade the control systems for nuclear power stations a la Stuxnet. We all know they do it and we also know that everyone is at it.
Terrorists could have done some of this but they helpfully restricted themselves to - yes - using the Internet as somewhere to buy a few (extremist) books, post some videos and exchange encrypted emails. As we discovered after Bin Laden’s killing in May, he was a big user of USB sticks and Windows Notepad; the extremists have turned out to be are the ones still stuck in 2001, not the West.
The long-term appeal and success of cyberterrorism may be too soon to call - it remains a latent threat not to be underestimated - but so far the world of 2011 still looks remarkably like an teched-up version of 2001 no matter how we insist on seeing it.
What has changed is the rhetoric and the growing power of what might be called, for want of a better term, the cyberstate. We still have nothing to fear except terror itself.