Sudden access to technology does not in and of itself enable radicalized individuals to become cyber terrorists. There is a technical skills barrier that, to date, has forestalled an explosion of terrorist-hackers. But we anticipate that this barrier will become less significant as the spread of connectivity and low-cost devices reaches remote places like the Afghanistan-Pakistan border region, the African Sahel and Latin America’s tri-border area (Paraguay, Argentina and Brazil). Hackers in developed countries are typically self-taught, and because we can assume that the distribution of young people with technical aptitude is equivalent everywhere, this means that with time and connectivity, potential hackers will acquire the necessary information to hone their skills. One outcome will be an emergent class of virtual soldiers ripe for recruitment.

Whereas today we hear of middle-class Muslims living in Europe going to Afghanistan for terror-camp training, we may see the reverse in the future. Afghans and Pakistanis will go to Europe to learn how to be cyber terrorists. Unlike training camps with rifle ranges, monkey bars and obstacle courses, engineering boot camps could be as nondescript as a few rooms with some laptops, run by a set of technically skilled and disaffected graduate students in London or Paris. Terrorist training camps today can often be identified by satellite; cyber boot camps would be indistinguishable from Internet cafés.

Terrorist groups and governments alike will try to recruit engineers and hackers to fight for their side. Recognizing how a cadre of technically skilled strategists enhances their destructive capacity, they will increasingly target engineers, students, programmers and computer scientists at universities and companies, building out the next generation of cyber jihadists. It is hard to persuade someone to become a terrorist, given the physical and legal consequences, so surely ideology, money and blackmail will continue to play a large role in the recruitment process. Unlike governments, terrorist groups can play the antiestablishment card, which may strengthen their case among some young and disaffected hacker types. Of course, the decision to become a cyber terrorist is almost always less consequential to one’s personal health than signing up for suicide martyrdom.

Culture will play an important role in where these pockets of cyber terrorism develop in the world. Deeply religious populations with distinct radicalized elements have traditionally been the most fertile ground for terrorist recruitment, and that will hold true for cyber-terrorist recruitment as well, especially as the largely disconnected parts of the world come online. To a large extent, the web experience of users is highly determined by their existing networks and immediate environment. We do not expect radical social change simply from the advent of connectivity. What we’ll see instead are more communication channels, more participation and more rogue identities developing online.

And, of course, there are state sponsors of terrorism who will seek to conduct untraceable attacks. Today, Iran is one of the world’s most notorious sponsors of terror groups, funneling weapons, money and supplies to groups like Hezbollah, Hamas, Palestinian Islamic Jihad, the al-Aqsa Martyrs Brigades and various militant groups in Iraq. But as cyber-terrorist efforts begin to look more fruitful, Iran will work to develop the virtual capacity of its proxies in equal measure. This means sending computer and network equipment, security packages and relevant software, but it also could mean in-person training. Iran’s technical universities may well begin hosting Lebanese Shia programmers with the specific aim of integrating them into Hezbollah’s emergent cyber army. Perhaps they will send them the most expensive encryption tools and hardware. Or Iran could fund technical madrassas in Hezbollah strongholds like Dahieh, Baalbek and the south of Lebanon, creating incubators where promising engineers are trained to launch cyber attacks against Israel. Perhaps instead of giving cash to Shia businessmen in Brazil to start businesses (a known tactic of the Iranian government), the regime will provide them with tablets and mobile devices carrying specialized software.

But any regime or terrorist group that recruits these hackers will assume a certain risk. While not all recruits will be young, a decent percentage will be, and not just for demographic reasons: Social scientists have long believed that certain developmental factors make young people uniquely susceptible to radicalization. (There is considerable discussion about what, precisely, those factors are, however; some believe it has to do with brain chemistry, while others argue that sociological elements in society are the driving cause.) So not only will recruiters be faced with organizing hackers, who thus far have shown a distinct resistance to formal organization, but they’ll also have to deal with teenagers. As we’ll discuss below, participation in a virtual-terrorism network will require inordinate discipline, not the trait most frequently associated with teenagers. Most young people are attracted to and tempted by the same things—attention, adventure, affirmation, belonging and status. Yet one mistake, or one casual boast online from a teenager hacker (or someone he knows), could unravel his entire terrorist network.

Just as counterterrorism operations today depend on intelligence sharing and military cooperation—such as that between the United States and its allies in South Asia—in the future, that bilateral support will necessarily include a virtual component. Given that many of the most radicalized countries will be among the latest arrivals to the Internet, they will need foreign support to learn how to track down terrorists online and how to use the tools newly available to them. Today, large contractors make a fortune benefiting from foreign military assistance; as bilateral efforts increasingly come to include cyber-security elements, a range of new and established computer-security firms will benefit accordingly.

Military policies too will change in response to the threat cyber terrorists pose. Today, most of the terrorists the military chases down are in failed states or ungoverned regions. In the future, these physical safe havens will also be connected, allowing terrorists to engage in nefarious virtual acts without any fear of law enforcement. When intelligence reveals known cyber terrorists planning something dangerous, extreme measures like drone strikes will come under consideration.

Western governments will try to attract skilled hackers to their side as well. In fact, hackers and government agencies in the United States work together already, at least in matters of cybersecurity. For years, agencies like the Pentagon’s Defense Advanced Research Projects Agency (DARPA) and the National Security Agency (NSA) have recruited talented individuals at venues like the computer-security conference series Black Hat and the hacker convention Def Con. In 2011, DARPA announced a new program called Cyber Fast Track (CFT), created by a former hacker turned DARPA project manager, which aimed to accelerate and streamline the cooperation between these communities. Through CFT, DARPA began awarding short-term contracts to individuals and small companies to focus on targeted network-security projects. This initiative was distinguished by its focus on smaller players and lone actors rather than big companies, and its ability to green-light grants quickly. DARPA approved eight contracts in the first two months of the program—in other words, at lightning speed compared with the normal pace of government contracting. This process allowed groups with considerable skill who would otherwise not work with or for the government to contribute to the important work of improving cybersecurity, easily and in a time frame that reflects the immediate nature of the work. CFT was part of a shift in the agency toward “democratized, crowd-sourced innovation” championed by Regina Dugan.