For years, the international community has grappled with the threat of chemical, biological, radiological, and nuclear terrorism. And although al Qaeda and the Islamic State (ISIS) have demonstrated interest in and some capability to develop and use such weapons, there have been no successful mass casualty terrorist attacks involving them. Attempted attacks involving radiological dispersal devices or chemical and biological means have either failed or had a very limited impact. Experts such as John Parachini, Jeffrey Bale and Gary Ackerman, Adam Dolnik, and Rajesh Basrur and Mallika Joseph argue that the reason is terrorists’ inability to weaponize chemical, biological, radiological, or nuclear material. Others, including Brian Michael Jenkins, believe that the lack of mass causality attacks also has to do with self-restraint: perpetrators might not be able to control the consequences of such an attack. It could end up harming the members of the communities that the terrorists are purportedly fighting for and could therefore be counterproductive.
The recent WannaCry ransomware attack, however, could force the expert community to rethink such positions. Although available information suggests that North Korean hackers were behind these attacks, in which hackers took control of about 300,000 computers in over 150 countries and held the victims hostage in exchange for a payment of $300 in bitcoin, there is reason to believe that terrorist groups such as al Qaeda and ISIS could copy the tactic. In doing so, they would cause as much damage (loss of data and equipment) and chaos (in hospitals and other public utilities) as possible, comparable to the chaos and panic that could be caused by a chemical or biological attack.