Leading not lagging: How can counter terrorism keep pace with tech-driven threats?

Two decades have passed since the launch of CONTEST, the government’s Counter Terrorism Strategy, which has transformed how the UK uncovers and prevents terrorism. Yet the world it was initially designed for no longer exists. Today’s risk environment is more fast-moving and technology-enabled than ever before – which raises urgent questions about whether our capabilities, ways of working, and workforce are keeping pace.

Generative-AI deepfakes, encrypted messaging apps, cryptocurrencies and commercial drones are increasingly exploited by hostile actors to recruit, radicalise, finance and plan attacks. Take an example: an online computer game allows players to virtually reenact the 2019 Christchurch terror attack. This is just one horrific illustration of how connected technologies and AI are radically changing the pace and variety of threats.

The risk is whether the counter terror system can evolve quickly enough to stay ahead. No single action will mitigate this risk. But resilience can be built. In particular, by experimenting early with new tech, pooling expertise, and understanding novel technologies before they are abused.

Early experimentation and training

The lines between terrorism, state activity, and serious and organised crime are continuing to blur, which means our training environments must reflect the new reality – mirroring the hybrid tactics, dual-use technologies and cross-domain threats now routinely observed.

Recent conflicts show how quickly battlefield innovation can move into terrorists’ hands. For instance, the tactical use of lowcost, commercially available drones, widely adapted by both the Russian and Ukrainian military, was later mirrored by Hamas during the October 2023 attack.

As a priority, counter terror practitioners must therefore train against scenarios involving emerging capabilities – including low-cost precision drones, electronic-warfare tools, commercially available cyber capabilities, and encrypted communications.

Early experimentation is more important than ever, but training must also become much more routine. Major multi-agency training exercises in the UK tend to be set-piece events held annually or every six months at best. That tempo is becoming out of step with the speed at which new threats and technologies are emerging. By contrast, US agencies are investing heavily in a culture of continuous, scenario-based training that keeps teams sharp and adaptable year-round.

Pooling expertise

Naturally, the question is: how can UK counter terror achieve this while balancing the intense day-to-day operational workload? It calls for a more flexible and collaborative approach to exercising, where industry, academia and other partners are brought into the training system much earlier.

We cannot underestimate the value of pooling joint expertise, as counter terrorism agencies must quickly understand new technologies to counter their impact. Joint exercises, experimental wargaming, and red-team testing with technologists, engineers and digital-native innovators are essential to get a handle on fast-moving risks. Industry expertise can provide invaluable support for designing and running realistic scenarios.

In this respect, strong relationships with technology vendors, from crypto currency brokers to messaging-platform providers, are key. That also has a dual positive effect of creating a second line of defence in the private sector. Take the recent Poison Act changes: working closely with industry, the Home Office created a new duty for online retailers to flag suspicious precursor-chemical purchases, helping spot danger sooner.

Tech Against Terrorism, launched by the UN in 2016, has also made good progress. Its cross-disciplinary team has built a Knowledge Sharing Platform that offers counter-terror tools and guidance to tech firms. In its first year of operation, its Terrorist Content Analytics Platform sent over 11,000 alerts to 65 tech companies, achieving a 94% removal rate of terrorist content. Ultimately, counter terror and tech firms need to work as genuine partners – not distant observers – to outpace tech-enabled threats.

Spotting novel technologies

Beyond stronger industry relationships and training, counter terror organisations need to keep a constant watch for emerging technologies. Almost all novel tech is driven by the private sector. This is often fuelled by US investment and built by an ecosystem of fast-growing start-ups, many of whom – either by accident or design – may not consider how their products can be misused.

Given the speed of technological change, commissioning a traditional R&D or research project into a single technology simply won’t cut it. Counter terror organisations must build dedicated tech horizon-scanning capabilities that can continually scan the market, map new tools as they appear, and spot risks before they mature.

The most effective models will pair counterterrorism specialists with academic partners or market research organisations, ensuring analysis is grounded in real-world threat vectors rather than generic commentary about ‘emerging tech.’

Investing in ‘techcraft’

Clearly, strategic understanding of novel technology – and the ability to train with it, test it, and manipulate it confidently – is mission-critical. We’ve been talking about digital skills for 15 years, but ‘techcraft’ is something different entirely, and it is new territory for UK counter terror.

First championed by the US Army and only recently adopted in the UK, ‘techcraft’ has evolved from a niche capability confined to specialist technical corps into a decisive skillset for the whole workforce. The Chief of the General Staff calls it ‘the marriage of fieldcraft and technology’ – a recognition that modern operations demand fluency in both.

This cultural shift is essential. Staying ahead of threat innovation and avoiding strategic surprise requires teams who are technologically fluent and instinctively curious about how emerging tools might be exploited.

Crucially, techcraft should not be reduced to a narrow set of digital skills or technical qualifications. Rather, UK counter terror must adopt it as a core operational capability: a blend of knowledge, hands‑on proficiency and a culture of curiosity that enables teams to maintain advantage.

Rapid technological change is now a permanent feature of counter terrorism. By deepening understanding, strengthening partnerships, experimenting early and often, and building the culture needed to navigate new technologies, the UK can create a system resilient enough to stay ahead. But above all, success depends on organisations designed to adapt constantly in a landscape defined by perpetual change.

This article was first published in Security Journal UK.