Facing the Online Terrorist Threat in 2024
In 2024, the tech sector will be facing several challenges as terrorist and violent extremists remain determined to exploit their platforms. Here is...
3 min read
Tech Against Terrorism Jul 2, 2026 10:14:00 AM
Tech Against Terrorism today publishes the Counter-Terrorism AI (CT-AI) Benchmark, the first test of artificial intelligence built specifically for terrorist and violent-extremist misuse. Built independently and self-funded, it finds that across 27 leading models, around a third of responses gave a would-be attacker usable uplift, and that open models stripped of their safety controls complied with almost every request.
Adam Hadley CBE, Executive Director of Tech Against Terrorism, said:
“Until now, there was no AI benchmark focused specifically on terrorism, so we built one. With nothing more than simple, single-shot questions, many of the models we tested handed over meaningful help towards making a bomb or planning a mass-casualty attack. This is not acceptable.”
“This is a control problem as much as a safety one. The real risk is that AI developers are inadvertently creating models they cannot control. The next phase of the AI race will not be won by speed of deployment, but by whoever can prove they have solved control. We are not arguing for a ban on open models; the proportionate intervention is at the distribution and evaluation layers. We stand ready to work with developers to build these safeguards in from the start, rather than retrofitting them after harm has been done.”
New York, 01 July 2026 - Launched at the United Nations during Counter-Terrorism Week, the benchmark lands as governments move to vet frontier AI for national-security risk:
Terrorist and violent extremist exploitation of AI is no longer hypothetical. Tech Against Terrorism’s incident tracker documents more than 30 public cases in which AI acted as an operational assistant in terrorism, violent extremism or mass violence, across at least 11 different AI tools, and linked to more than 70 deaths.
Western governments are now pressing AI developers to submit frontier models for pre-release security review, but those reviews primarily target cyber, chemical, biological and nuclear risks, with terrorism treated as a secondary concern.
Free, publicly available tools can strip the safety controls from an openly released model, and such models cannot be recalled once they are in circulation.
What the Benchmark Found
Tech Against Terrorism tested 27 leading AI models against almost 2,500 single-shot prompts drawn from real terrorist use cases:
Full refusals were 57% of responses. Hedged compliance, a response that opens with a refusal, then supplies the content anyway, was 15%, the largest non-refusal category.
Two open models with their safety stripped out, a process called abliteration, complied with 89% and 100% of requests. These models cannot be recalled.
Reframing an identical request as “research” raised compliance from 17% to 42%, with no change to the technical content.
Anthropic's Claude and Falcon3 ranked safest, with China's MiniMax close behind. The two abliterated builds and the two Mistral models ranked lowest. Open versus closed was not the dividing line.
Coverage was uneven: explosives were refused around 80% of the time, but edged weapons, improvised chemical weapons and firearms acquisition were only about a third.
Why It Matters
A refusal rate is not a safety rating. What matters is the severity of the assistance a model gives, not how often it declines.
Terrorist groups do not need to develop their own AI systems: they can take existing open models, strip away safety features, and run them offline entirely outside any monitoring or control
General-purpose safety testing misses most of this because it is not built around how terrorists actually operate.
This first release is a deliberately conservative floor: single-shot questions, English only, and 26 of 151 use cases. The real-world risk is higher.
What Must Happen Now
For AI developers
Treat terrorist and violent extremist misuse as a distinct safety category, tested before release, not caught as a by-product of general safety work.
Test models for changes in stated intent, which currently defeat many guardrails.
Extend refusal training beyond the most recognisable threats.
Tech Against Terrorism is willing to work directly with developers to embed its taxonomy into pre-release testing and red teaming, so safety is designed in from the outset.
For government
Treat the circulation of de-restricted, abliterated open models as a major national-security concern, tracking their distribution and planning for it.
About Tech Against Terrorism
Tech Against Terrorism is a not-for-profit organisation dedicated to saving lives by disrupting terrorist activity online. Based in London and operating globally, it runs the Terrorist Content Analytics Platform (TCAP) and supports the tech sector and governments in detecting and responding to terrorist exploitation of the internet. The CT-AI Benchmark is the first AI-safety benchmark built specifically for terrorist and violent extremist misuse.
For media enquiries, contact:
Communications Team, Tech Against Terrorism
Email: contact@techagainstterrorism.org
In 2024, the tech sector will be facing several challenges as terrorist and violent extremists remain determined to exploit their platforms. Here is...
Tech Against Terrorism (TAT) is pleased to announce its partnership with the Centre for National Training and Research Excellence in Understanding...