Thursday, September 22, 2011

Lone-Wolf Attacks

There is an interesting article over at about lone wolf terrorists. The author, Scott Stewart, does a very good job of looking the historical context of lone wolf attacks in this country and the reasons for the recent rise in calls for lone-wolf attacks from leaders of a number of different types of terrorist organizations.

Pros and Cons of Isolation

He makes two important points and conflicting points about the potential for these types of attacks. The main reason that these types of attacks have been getting so much attention from the security politicians and the mainstream press is that they are inherently more difficult to detect prior to their attack taking place. Since there is no group to infiltrate or communications to intercept the law enforcement and intelligence communities has to work much harder to detect this threat in order to pre-empt an attack.

The second point is that the individual with no or very little contact with a terrorist training and motivational group is going to find it very difficult to plan and execute a successful attack. Even the basic needs for target selection and surveillance require a modicum of training. There is some basic training on these techniques available anonymously over the internet, but the effectiveness is questionable. More advanced techniques like explosives manufacturing or IED preparation absolutely require hands-on supervised training or you have a very-high loss-rate for newby attackers.

Insider Attacks

The one area that Scott failed to address in his artilce is the problem of insider attacks by lone wolfs. Again the lone wolf has an advantage in this situation; that lacking membership in an infiltratable organization or participation at an observable training camp, it is difficult for background checks to pick up these individuals. Even when individuals espouse radical causes, as we saw in the Hasan case, there is a tendency to avoid believing that these individuals are actually a threat.

Again, the lack of training in target selection and planning, and the long time that it takes to work into a place in the organization where the most damage can be done limits the potential effectiveness of these attackers. However, where relatively simple attacks (gun fire for example) can have a large secondary effect (certainly possible at many types of chemical storage facilities) this drawback is much less of hindrance to conducting a successful attack.

The biggest problem for facilities trying to detect and prevent insider attacks is establishing the internal procedures to identify individuals that are potential threats. Excessive care is required to ensure that a simple politically-incorrect comment is not made the basis for deciding that an individual is a possible lone-wolf attacker.

It is typically much more effective to set up procedures that limit the ability of any one individual from having the unrestricted or unaccompanied access to critical systems and areas that would be necessary for executing a successful attack lone wolf attack. Preventing anyone from bringing weapons on site is easier to justify than limiting freedom of expression. Procedures limiting access to critical systems and strict implementation of management of change rules for control systems are easier to effect than evaluating political and psychological stability.

Mitigation More Cost Effective

Scott also made the point in his article that the number of incidents of insider attacks has been very small, even if you count the relatively ineffective attacks. This means that the risk for any particular facility or organization experiencing such an attack, lacking a major change in the threat picture, is relatively low.

The low risk of attack makes it harder to justify the cost and inconvenience of really extensive security systems. Since it is practically impossible to absolutely prevent all determined, trained and supported attacks; particularly insider lone-wolf attacks, some cost-benefit tradeoffs will have to be made by all facilities.

One thing that can be done to reduce the need for security processes to prevent an attack is to reduce the potential consequences of a successful attack. While much recent discussion has been centered on pros and cons of inherently safer technology and replacing very hazardous chemicals with less hazardous alternatives (certainly effective mitigation measures if possible), other mitigation techniques may also be used to reduce the effects of such attacks, particularly for release chemicals of interest. Such measures could include:

• Fire suppression systems;
• Additional containment systems;
• Neutralization systems; and
• Chemical knock-down systems.

What’s more important is that in many cases these same mitigation techniques make the facilities safer to work in and make them less susceptible to the negative effects of accidental or weather related releases in addition to protecting against the effects of deliberate attacks. Either would make it easier to justify the cost of the mitigation measure and potentially reduce the need for protective security measures.

No comments:

/* Use this with templates/template-twocol.html */