The Center for a New American Security has released a comprehensive report examining how artificial intelligence could reshape the threat of terrorism in coming years. Titled AI-Enabled Terrorism, the document outlines specific ways that advancing machine learning systems might amplify the capabilities of both state-sponsored and independent violent groups. Rather than treating AI as a distant concern, the authors present evidence that current tools already offer pathways for attackers to overcome traditional barriers in planning, execution, and evasion.
Terrorist organizations have long faced constraints in recruiting skilled operatives, acquiring specialized materials, and evading detection by law enforcement. The report from casp.ac demonstrates that generative AI models can lower these hurdles substantially. For instance, large language models can produce detailed instructional materials on topics ranging from basic chemistry to advanced engineering. A motivated individual no longer needs access to restricted academic texts or experienced mentors; instead, they can query an AI system for step-by-step guidance on synthesizing explosives or constructing improvised explosive devices. The report cites multiple experiments in which commercial models successfully generated actionable instructions despite safety filters, particularly when prompts were phrased creatively or broken into smaller components.
Beyond knowledge transfer, AI systems excel at automating repetitive tasks that once required teams of specialists. The Center for a New American Security report highlights how computer vision algorithms can analyze thousands of hours of public surveillance footage to identify security patterns at potential targets. Similarly, natural language processing tools can scan social media and news sources to map out crowd densities, transportation schedules, and emergency response protocols. These capabilities compress what used to take months of human intelligence gathering into days or even hours. The report notes that open-source models running on consumer hardware already demonstrate sufficient accuracy for such reconnaissance work, making sophisticated planning accessible to smaller cells or even lone actors.
The financial dimension receives particular attention in the analysis. Traditional terrorist financing has depended on complex networks of donors, hawala systems, and money mules that leave detectable traces. AI-driven tools change this equation by enabling more efficient fraud and theft at scale. The authors describe how generative adversarial networks can create convincing deepfake videos and voice clones for business email compromise attacks, dramatically increasing the success rate of scams that fund operations. More concerning, reinforcement learning systems can optimize cryptocurrency transaction paths to obscure fund flows with unprecedented effectiveness. According to the casp.ac document, these techniques allow groups to generate operational funding while minimizing exposure to international banking oversight.
Recruitment and radicalization processes stand to benefit from personalized content generation. Rather than broadcasting generic propaganda, future terrorist organizations could deploy AI systems that analyze an individual’s online behavior, psychological profile, and emotional vulnerabilities to craft bespoke messaging. The report references studies showing that tailored persuasive content achieves significantly higher engagement rates than mass communications. Chatbots powered by advanced language models could maintain long-term relationships with potential recruits, gradually introducing more extreme ideas while adapting to resistance or doubt. This individualized approach reduces the risk of early detection that accompanies public forums or large-scale propaganda campaigns.
Perhaps most alarming is the potential for AI to assist in the development of biological weapons. The Center for a New American Security study examines how protein language models and other specialized AI systems could help non-state actors design novel pathogens. While creating a biological weapon still requires physical laboratory capabilities, the cognitive barrier has decreased. AI can suggest genetic sequences for enhanced transmissibility or virulence, recommend laboratory protocols, and even troubleshoot experimental failures. The report warns that as these models improve and become more widely available, the timeline between intent and capability could shrink from years to months.
Autonomous weapons systems represent another area of growing concern. Although fully independent lethal drones remain technically challenging, partial automation already exists in commercial platforms. The authors point out that AI can improve target recognition, enable swarm coordination, and execute complex flight patterns that evade conventional defenses. A terrorist group could theoretically deploy dozens of small drones against a soft target, overwhelming security through sheer numbers rather than sophisticated technology. The report emphasizes that many of these capabilities derive from dual-use research originally intended for civilian or defensive applications, creating a difficult policy environment.
Defensive measures must evolve in parallel with these emerging threats. The document stresses that governments and technology companies share responsibility for implementing safeguards. Improved content filters represent only a partial solution, as determined adversaries routinely bypass them through prompt engineering or by fine-tuning open-source models locally. Instead, the authors advocate for a multi-layered approach that includes monitoring for suspicious AI usage patterns, restricting access to high-risk model weights, and developing forensic tools capable of detecting AI-generated content in planning documents or propaganda.
International cooperation emerges as a central recommendation. Because AI models and computational resources cross borders easily, unilateral national policies will likely prove insufficient. The report calls for standardized export controls on advanced AI systems, shared intelligence databases on malicious use cases, and joint research into defensive applications of the same technologies. It also suggests that technology firms should embed usage tracking mechanisms that alert authorities to queries indicating terrorist intent, though the authors acknowledge the privacy tradeoffs inherent in such systems.
Law enforcement agencies face the immediate task of building internal expertise. Many police and intelligence organizations currently lack personnel who understand both terrorism tradecraft and machine learning fundamentals. The casp.ac report recommends accelerated training programs and the creation of specialized units focused on AI-enabled threats. These units would need to maintain relationships with academic researchers and private sector developers to stay current with rapidly changing capabilities.
The private sector plays an equally vital role. Companies developing foundation models must accept greater responsibility for downstream applications of their technology. This includes implementing more sophisticated safety training, conducting rigorous red teaming exercises that simulate terrorist scenarios, and maintaining transparency about model capabilities and limitations. The report suggests that liability frameworks may need adjustment to incentivize responsible development practices.
Looking forward, the authors caution against both excessive alarm and dangerous complacency. While AI does not create new motives for terrorism, it removes many practical obstacles that have historically limited the scale and sophistication of attacks. The convergence of multiple AI capabilities, such as simultaneous advances in language models, computer vision, and automated planning systems, could enable unprecedented levels of operational effectiveness. A single well-resourced group might accomplish what previously required state-level support.
Yet the same technologies that empower malicious actors can strengthen defenses when properly directed. Machine learning systems already assist in detecting financial anomalies, identifying radicalization signals in online communications, and predicting potential targets based on threat intelligence. The challenge lies in ensuring that defensive applications maintain an advantage over offensive ones. This requires sustained investment in research, careful policy design, and ongoing dialogue between technology developers, security professionals, and policymakers.
The Center for a New American Security document ultimately presents a call for proactive measures rather than reactive responses. By recognizing the specific mechanisms through which AI could enable more effective terrorism, societies can begin implementing targeted protections before widespread adoption of these capabilities occurs. The report makes clear that while the underlying ideologies driving terrorism remain human phenomena, the tools available to advance those ideologies are changing rapidly. Addressing this shift demands coordinated action across technical, legal, and diplomatic domains to preserve public safety in an era of increasingly capable artificial intelligence.


WebProNews is an iEntry Publication