The Challenge of Post-Organisational Violent Extremism and Terrorism

8th December 2021

This Dispatch explains the concept of ‘post-organisational’ violent extremism and terrorism, and why tech companies, counter-terrorism practitioners and policymakers face challenges in how to respond to it.


In recent years terrorism and violent extremism across the ideological spectrum has been marked by a ‘post-organisational’ trend. Membership of and support for particular groups has become more ambiguous, with online activity facilitating the growth of more fluid transnational movements. Attacks are committed by individuals with no, or very loose, connection to specific organisations, and violent extremists instead draw on a shared culture and ideology.

This post-organisational phenomenon is not new. The notions of ‘leaderless resistance’ and ‘leaderless jihad’ [1] were first discussed decades ago by extremist ideologues such as white supremacist Louis Beam Jr and the al-Qaeda-linked Abu Musab al-Suri. However, recent high profile terrorist attacks in New Zealand, the US, Germany and Norway have shone a light on self-radicalising, logistically autonomous individuals with little or no relationship with proscribed terrorist groups, but rather connections to loose transnational extremist networks largely operating online. As Colin Clarke and Bruce Hoffman have noted in the US domestic violent extremism context, organisational structure is becoming less relevant as “a confluence of ideological affinities is [becoming] more powerful in inspiring and provoking violence than the hierarchical terrorist organizational structures of the past”.

Despite the fracturing and franchising of violent extremist movements and the proliferation of decentralised online extremist spaces, responses to terrorist content online are still hampered by rigid organisational conceptions of the challenge.

In particular, post-organisational dynamics strain responses which focus solely on the proscription of specific organizations. Moves have been welcomed to proscribe extreme right wing groups as terrorist organisations in national contexts, such as National Action in the UK and Blood & Honour in Canada, as well as the US’ listing of its first ‘Racially and Ethnically Motivated’ foreign terrorist organisation –  the Russian Imperial Movement. But the result has been that groups are banned in some countries but not others, even if, like Combat 18, they have transnational membership.

Furthermore, when groups appear they are often relatively short-lived, with new movements springing up drawing inspiration from similar core texts and ideologies. For example, in 2020 the UK proscribed the neo-Nazi group Feuerkrieg Division after it had officially disbanded.

This rapid evolution of groups and movements means that proscription-based approaches follow a ‘whack-a-mole’ dynamic, constantly re-calibrating to address the latest iteration of a movement rather than addressing its roots. Accordingly, relatively slow moving proscription based responses to terrorism are not effectively equipped to deal with the current dynamic nature of terrorist mobilisation.

While tech companies have been developing their own internal guidelines and terms of service around ‘hateful’ and ‘dangerous’ groups, specific policies around violent extremism and terrorism are partly hamstrung by the limitations of international lists of proscribed terrorist groups, such as the UN Designated Terror Groups list, which are focused almost exclusively on ISIS and al-Qaeda related threats. Structurally, international counter-terrorism efforts are therefore still geared towards combating an organised Islamist threat. This has had a knock-on effect on the scope and definitional framework lying behind the combined efforts of tech companies through the Global Internet Forum to Counter Terrorism (GIFCT), in particular its hash sharing database.

The hash sharing database provides unique digital fingerprints, or ‘hashes’ of known violent terrorist imagery or recruitment videos. This tool has increased cross-industry cooperation on the detection and possible removal of illegal terrorist content. The GIFCT’s July 2020 transparency report reveals the sort of content currently covered by the tool. This includes public postings which represent an imminent, credible threat of violence; depictions of graphic violence against defenceless people; glorification of terrorist acts; material that seeks to recruit individuals or give them operational guidance; and content from specific attacks (those in Christchurch, Halle, and Glendale).

However, such tools have not been designed to tackle the increasingly diffuse, ‘post-organisational’ threat emerging from extremism across the ideological spectrum. This briefing will seek to answer the question of how we develop policy frameworks that move beyond a group-centred approach to understanding the threat from violent extremist groups, whilst ensuring approaches remain robust, transparent and protective of fundamental freedoms.


[1] While al-Suri drove the development of strategic thinking along these lines a salafi-jihadist context, the term ‘leaderless jihad’ originated in: Sageman, Marc. Leaderless jihad: Terror networks in the twenty-first century. University of Pennsylvania Press, 2011.


This article an excerpt from a new ISD briefing paper, ‘A Taxonomy for the Classification of post-Organisational Violent Extremism and Terrorist Content’, which was was originally funded by and produced for the Global Internet Forum to Counter Terrorism (GIFCT).

False and unverified claims proliferate online following Trump assassination attempt

Unverified claims about the attempted assassination of former President Donald Trump proliferated across social media in the 24 hours following the incident and continue to spread in the absence of more detailed factual information about the shooter. ISD identified the main false claims being promoted and how they mutated and spread across platforms.