Law Enforcement Training Division
This log is for the benefit of those who serve in Protective Services, Security, Law Enforcement, EMS and the U.S. Military. We will collect and disseminate information, articles and links that may be of interest to the above personnel! Your comments regarding the articles will be greatly appreciated!!! Also you can now visit the Sykes Group on MySpace & Sykes Group on Facebook
Read here how prone subjects can be deadly in an instant.
Group of scientists re-enact the most dangerous gunfire scenarios police face! http://watch.discoverychannel.ca/daily-planet/march-2010/daily-planet---march-11-2010/#clip275641
It's always good to see deserving folks get the surprise of a lifetime!
By Fred Burton and Ben West
In the evening of March 4, as U.S. Department of Defense workers were wrapping up their day, a man wearing a suit and displaying what guards later referred to as a “nervous intensity” approached the entrance to the Pentagon. As he walked up to the guard booth, he reached into his pocket and took out a semi-automatic 9 mm pistol and began firing at the two security personnel stationed at the entrance. The guards retreated behind ballistic glass and returned fire at the man, who rushed the entrance. Seconds later, a third guard armed with a .40-caliber submachine gun confronted and shot the gunman, delivering a fatal head wound that ended the incident.
The gunman in this case was John Patrick Bedell, a native Californian who had driven from California to Washington to carry out his one-man attack on the Pentagon. Given the available details (e.g., a cross-country trek, business attire), it appears that Bedell had planned his attack well ahead of time. He had a history of mental illness as well as minor criminal offenses, such as growing marijuana and resisting arrest. More notable, though, is a series of recordings and writings he posted on the Internet in November 2006 in which he criticized the federal government and said the 9/11 attacks were a government-led conspiracy.
The March 4 shooting came right on the heels of another attack against the U.S. government, this one in Austin, Texas, where software engineer and pilot Joseph Stack crashed his single-engine Piper Cherokee into a building Feb. 18 that housed offices of the Internal Revenue Service. In another previous attack, Maj. Nidal Malik Hasan, a U.S. Army psychiatrist, opened fire at a troop processing facility at Fort Hood, Texas, killing 13 people. While many government officials are denying that these incidents were terrorist acts, we at STRATFOR disagree. Arguments used to not classify these attacks as terrorism include the failure to generate large numbers of casualties, a lack of foreign ties and the absence of a larger conspiracy. This dismissal of terrorism as a factor in these attacks ultimately has a long-term impact on past and future investigations, and it also seems to ignore the legal definition, as set out in Title VIII, Section 802 of the USA PATRIOT Act:
[An] act of terrorism means any activity that (A) involves a violent act or an act dangerous to human life that is a violation of the criminal laws of the United States or any State, or that would be a criminal violation if committed within the jurisdiction of the United States or of any State; and (B) appears to be intended (i) to intimidate or coerce a civilian population; (ii) to influence the policy of a government by intimidation or coercion; or (iii) to affect the conduct of a government by assassination or kidnapping.
It is important to note that this definition does not include the magnitude of the violence involved in the attack — it does not have to be a catastrophic event. The word “terrorism” has taken on a lot of inflated connotations as Islamist militant groups, among others, have used it as a tactic to cause high (often civilian) casualty rates in complex, well-orchestrated attacks. Attacks like 9/11, the 2004 Madrid train bombings, the 2005 London bombings and the 2008 Mumbai siege were all catastrophic in terms of physical damage and loss of human life. But they also became massive media events that ensured that the Islamist extremists behind the attacks remained in the spotlight for months, if not years — an effective way to publicize their ideology and objectives.
But attacks do not have to be huge and catastrophic to be considered acts of terror. Consider the statement from the October 2009 Echo of Battle (11th edition), in which al Qaeda in the Arabian Peninsula leader Nasir al-Wahayshi advocated using simple attacks against a variety of targets. It was significant that al-Wahayshi said this, but it was certainly not a novel idea. Numerous attacks previously considered acts of terrorism had been committed following this small-scale model: Abdulhakim Mujahid Muhammad opened fire on a U.S. Army/Navy career center in Little Rock, Ark., on June 1, 2009, killing one soldier and critically wounding another. The attack was considered an act of terrorism because Muhammad was protesting the presence of U.S. forces in Islamic countries. An even earlier example is the case of Hesham Mohamed Hadayet, an Egyptian who opened fire on the El Al Airlines ticket counter at Los Angeles International Airport in 2002, killing two people before being killed himself. His shooting was ruled an act of terrorism because investigators concluded that he was striking out at Israel on behalf of Palestinians.
Looking back over the last 100 years or so of terrorist attacks in the United States, there are many examples of small, non-catastrophic events. Often these events are no more violent or consequential than a common criminal incident — what sets them apart are the political motivations of their perpetrators. Indeed, catastrophic attacks are the exception to the rule, though the memory of these spectacular incidents is burned indelibly into the public mind.
Terrorist attacks also do not need to have foreign links. Again, the dominant trend over the past decade has been that such attacks are linked to radical Islamist groups based in the Middle East and South Asia. But terrorism does not belong to any set ideology or group. It is a tactic, one that can be used by anyone to pursue any political goal. In fact, looking back over the history of terrorism in the United States, most attacks have been generated and carried out by domestic groups. Militant entities like the Order of the Covenant (a white supremacist group), the Black Liberation Army, the Earth Liberation Front, anarchist groups and anti-abortion groups have more often than not been the perpetrators behind terrorist attacks on U.S. soil. Foreign-based terrorism in the United States is fairly rare, and the most recent extremist Islamist attacks have been “home grown,” with the ideology and perhaps inspiration coming from abroad but with the actual materials being collected and the preparation conducted in the United States.
Finally, in order to be considered terrorism, an attack does not have to be part of a larger conspiracy — it can be carried out by a single individual. The lone-wolf attack is actually the most dangerous because it is not part of a larger conspiracy, which can make a plot more vulnerable to discovery. Often a single individual will carry out a terrorist attack based on a political ideology shared by a larger group, which can blur the lines of what constitutes a lone-wolf attack. Incidents like the 1995 Oklahoma City bombing are consistent with this type of attack. Theodore Kaczynski (aka the “Unabomber”) is the archetypal lone-wolf operative who used violent attacks to publicize a social and political message. Therefore his violent acts qualify as terrorism.
When thinking about Bedell, Stack and Hasan, it is important to view their actions in the context of the longer history of terrorism, not just over the past decade. The attacks these individuals carried out appear to match the conditions specified in the USA PATRIOT Act in that they were violent and appear to be politically motivated. All three perpetrators had exhibited overt disapproval of U.S. government policies in writings and communications prior to their attacks. While this isn’t enough to prove that the attacks were politically motivated, it certainly provides a reason for further investigation.
Instead, authorities have dismissed these cases as criminal acts due to the lack of foreign involvement or outside help. In the Hasan case (which would be the deadliest terrorist attack on U.S. soil since 9/11), the FBI has ceded investigation of the case to the Defense Criminal Investigative Service (DCIS), the Department of Defense’s internal investigative unit. Certainly, the DCIS has jurisdiction over the case because it took place on a military base, but considering that the FBI’s current top priority is protecting the United States from terrorist attacks, its low profile in this case seems to run counter to that mission. As a criminal case, Hasan’s attack is pretty straightforward. It can be easily proved that he shot and killed the 13 people, and this is exactly what the DCIS will do because that is its job. An FBI counterterrorism investigation, however, would provide a more in-depth look at other connections that Hasan may have had that could shed light on other militant activities. For example, what is the significance of reports of Hasan’s correspondence with Anwar al-Awlaki, a U.S.-born imam who is currently living in Yemen recruiting operatives for al Qaeda in the Arabian Peninsula and who is also believed to have ties to Christmas Day bomber Umar Farouk Abdulmutallab? Without conducting a terrorism investigation into his activities, questions like these may go unanswered.
The denial of terrorist links in such cases is similar to denials surrounding the 1990 assassination of Rabbi Meir Kahane in New York by El Sayyid Nosair, an Egyptian with U.S. citizenship. Initially, the FBI denied that the case was terrorism and Nosair was acquitted of the murder charges brought against him. Following the 1993 World Trade Center bombing, the FBI re-labeled the Kahane assassination an act of terrorism and re-charged Nosair after it learned of his relationship to Omar Abdul-Rahman and of his involvement in the World Trade Center attack. Had authorities pursued the terrorism angle following Kahane’s assassination, perhaps more information would have been known about the individuals plotting the 1993 World Trade Center bombing.
But getting the FBI involved in cases like those of Hasan, Stack or Bedell sends the clear signal that the federal government suspects terrorism, and sending that signal is politically inexpedient right now. Suggesting that an act is terrorism automatically draws more attention to the incident, causing more fear among the population and giving the actors and their political messages more publicity. Moreover, the political sensitivity surrounding the investigation of Muslims (especially those serving in the U.S. military) means that avoiding the issue is politically less risky. The FBI was given the responsibility of preventing terrorism because it was one of the only existing agencies after 9/11 that had the resources and manpower to address it. However, the FBI has a stronger background in, and institutional culture based on, investigating criminal cases (especially organized crime) and traditionally has not been focused on counterterrorism. Moreover, given the boom-and-bust cycle in funding counterterrorism operations, those involved in the field don’t view it as being necessarily good for their national security careers.
According to the definition of terrorism laid out in the USA PATRIOT Act, the cases of Hasan and Stack clearly fit the label of terrorism and Bedell’s is certainly looking that way. But not examining the possibility of terrorism in the first place risks overlooking important pieces of information that could prove useful in preventing the next attack, or fully understanding the last one.
"This report is republished with permission of STRATFOR"
By Scott Stewart
On Feb. 18, 2010, Joseph Andrew Stack flew his single-engine airplane into a seven-story office building in northwest Austin, Texas. The building housed an office of the Internal Revenue Service (IRS), along with several other tenants. According to a statement he posted to the Internet before taking off on his suicide flight, Stack intentionally targeted the IRS due to a long history of problems he had had with the agency. In the statement, Stack said he hoped that his action would cause “American zombies to wake up and revolt” against the government. Stack also expressed his hope that his message of violence would be one the government could not ignore.
Stack’s use of violence to attempt to foster an uprising against the government and to alter government policy means that his attack against the IRS building was an act of domestic terrorism. (Terrorism is defined by the intent of the actor, not the effectiveness of the attack, a topic we will discuss in more detail at another time.) While Stack’s terrorist attack ultimately will fail to attain either of his stated goals, he did succeed in killing himself and one victim and injuring some 13 other people. The fire resulting from the crash also caused extensive damage to the building. We have received credible reports that Stack had removed some of the seats from his aircraft and loaded a drum of aviation fuel inside the passenger compartment of his plane. This extra fuel may account for the extensive fire damage at the scene. According to STRATFOR analysts present at the scene, it appears that Stack’s plane struck the concrete slab between floors. Had the aircraft not struck the slab head-on, it may have been able to penetrate the building more deeply, and this deeper penetration could have resulted in even more damage and a higher casualty count.
For many years now, STRATFOR has discussed the security vulnerability posed by general aviation and cargo aircraft. Stack’s attack against the IRS building using his private plane provides a vivid reminder of this vulnerability.
As we have previously noted, jihadists, including al Qaeda’s central core, have long had a fixation on attacks involving aircraft. This focus on aviation-related attacks includes not only attacks designed to take down passenger aircraft, like Operation Bojinka, the 2001 shoe bomb plot and the Heathrow liquid explosives plot, but also attacks that use aircraft as weapons, as evidenced by the 9/11 strikes and in the thwarted Library Tower plot, among others — aircraft as human-guided cruise missiles, if you will. These aviation-focused plots are not just something from the past, or something confined just to the al Qaeda core leadership. The Christmas Day attempt to destroy Northwest Airlines Flight 253 demonstrated that the threat is current, and that at least some al Qaeda franchise groups (al Qaeda in the Arabian Peninsula, or AQAP, in this case) are also interested in aviation-focused plots.
Jihadists are not the only ones interested. Over the past several decades, a number of other actors have also conducted attacks against aviation-related targets, including such diverse actors as Palestinian, Lebanese, Japanese and Sikh militant groups, Colombian cartels, and the Libyan and North Korean intelligence services. Stack and people like Theodore Kaczynski, the “Unabomber,” demonstrate that domestic terrorists can also view aviation as a target and a weapon. (UNABOM is an FBI acronym that stood for university and airline bomber, the targets Kaczynski initially focused on.)
The long history of airline hijackings and attacks has resulted in increased screening of airline passengers and an increase in the security measures afforded to the commercial aviation sector. These security measures have largely been reactive, and in spite of them, serious gaps in airline security persist.
Now, while some security vulnerabilities do exist, it is our belief that any future plans involving aircraft as weapons will be less likely to incorporate highly fueled commercial airliners, like those used on 9/11. In addition to newer federal security measures, such as expansion of the air marshal program, hardened cockpits and programs to allow pilots to carry firearms, there has also been a substantial psychological shift among airline crews and the traveling public. As Flight 93 demonstrated on Sept. 11, 2001, the new “let’s roll” mentality of passengers and aircrews will make it more difficult for malefactors to gain control of a passenger aircraft without a fight. Before 9/11, crews (and even law enforcement officers traveling while armed) were taught to comply with hijackers’ demands and not to openly confront them. The expectation was that a hijacked aircraft and passengers would be held hostage, not used as a weapon killing all aboard. The do-not-resist paradigm is long gone, and most attacks involving aircraft since 9/11 have focused on destroying aircraft in flight rather than on commandeering aircraft for use as weapons.
This change in the security paradigm has altered the ability of jihadists and other militants to plan certain types of terrorist attacks, but that is just one half of the repetitive cycle. As security measures change, those planning attacks come up with new and innovative ways to counter the changes, whether they involve physical security measures or security procedures. Then when the new attack methods are revealed, security adjusts accordingly. For example, the shoe bomb attempt resulted in the screening of footwear. AQAP shifted the attack paradigm by concealing explosives in an operative’s underwear. In the case of planners wanting to use aircraft as human-guided cruise missiles, one way the attack paradigm can be shifted is by turning their efforts away from passenger aircraft toward general aviation and cargo aircraft.
Most security upgrades in the aviation security realm have been focused on commercial air travel. While some general aviation terminals (referred to as FBOs, short for fixed base operators) have increased security in the post 9/11 world, like the Signature FBO at Boston’s Logan Airport, which has walk-through metal detectors for crews and passengers and uses X-ray machines to screen luggage, many FBOs have very little security. Some smaller airports like the one used by Stack have little or no staffing at all, and pilots and visitors can come and go as they please. There are no security checks and the pilot only has to make a radio call before taking off.
This difference in FBO security stems from the fact that FBOs are owned by a wide variety of operators. Some are owned by private for-profit companies, while others are run by a city or county authority and some are even operated by the state government. The bottom line is that it is very easy for someone who is a pilot to show up at an airport and rent an aircraft. All he or she has to do is fill out a few forms, present a license and logbook and go for a check ride. Mohamed Atta, the commander of the 9/11 operation, was a pilot, and one of the great mysteries after his death was the reason behind some of his general aviation activity. It is known that he rented small aircraft in cities like Miami and Atlanta, but it is not known what he did while aloft in them. It is possible that he was just honing his skills as a pilot, but there are concerns that he may also have been conducting aerial surveillance of potential targets.
But general aviation doesn’t just encompass small, single-engine airplanes like the ones owned by Stack and rented by Atta. Anyone with the money can charter a private passenger aircraft from a company such as NetJets or Flexjet, or even a private cargo aircraft. The size of these aircraft can vary from small Learjets to large Boeing Business Jets (a modified 737) and 747 cargo aircraft. In many places it is even possible for passengers to board a charter flight with no security checks of themselves or their baggage. In such a scenario, it would not be difficult for individuals such as Atta and his colleagues to take control of an aircraft from the crew — especially if the crew is unarmed.
As seen on 9/11, or even in the Stack case, there is very little that can be done to stop an airplane flown by a suicidal pilot. The North American Aerospace Defense Command launched two F-16 fighters in response to the Stack incident, but they were not dispatched until after the incident was over. Only in the case where there is restricted airspace that is constantly patrolled is there much hope of military aircraft responding in time to stop such an attack. The 1994 incident in which an unemployed Maryland truck driver crashed a stolen Cessna into the South Lawn of the White House highlighted how there is very little that can be done to protect a building from this type of threat — and the level of security at the White House in 1994 was far greater than the security afforded to almost any other building today. The difficulty of protecting buildings from aerial attack demonstrates the need to secure aircraft so they cannot be used in such a manner.
The bottom line, however, is that it would be prohibitively expensive to totally lock down all airports and aircraft nationwide in an effort to prevent them from being used in attacks like the one conducted by Stack. In the face of this reality, the best that can be hoped for is to keep the largest (and therefore most destructive) aircraft safe from this sort of misuse.
There is currently no one authority, like the Transportation Safety Commission, that controls security at all the small airports and FBOs. In the absence of any policy or regulations tightening the security at these facilities and requiring the screening of charter aircraft passengers, the best defense against the threat posed by this vulnerability will be to educate those in the FBO and charter aircraft business and encourage them to exercise a heightened state of situational awareness.
"This report is republished with permission of STRATFOR"
By George Friedman
The apparent Israeli assassination of a Hamas operative in the United Arab Emirates turned into a bizarre event replete with numerous fraudulent passports, alleged Israeli operatives caught on videotape and international outrage (much of it feigned), more over the use of fraudulent passports than over the operative’s death. If we are to believe the media, it took nearly 20 people and an international incident to kill him.
STRATFOR has written on the details of the killing as we have learned of them, but we see this as an occasion to address a broader question: the role of assassination in international politics.
We should begin by defining what we mean by assassination. It is the killing of a particular individual for political purposes. It differs from the killing of a spouse’s lover because it is political. It differs from the killing of a soldier on the battlefield in that the soldier is anonymous and is not killed because of who he is but because of the army he is serving in.
The question of assassination, in the current jargon “targeted killing,” raises the issue of its purpose. Apart from malice and revenge, as in Abraham Lincoln’s assassination, the purpose of assassination is to achieve a particular political end by weakening an enemy in some way. Thus, the killing of Adm. Isoroku Yamamoto by the Americans in World War II was a targeted killing, an assassination. His movements were known, and the Americans had the opportunity to kill him. Killing an incompetent commander would be counterproductive, but Yamamoto was a superb strategist, without peer in the Japanese navy. Killing him would weaken Japan’s war effort, or at least have a reasonable chance of doing so. With all the others dying around him in the midst of war, the moral choice did not seem complex then, nor does it seem complex now.
Such occasions rarely occur on the battlefield. There are few commanders who could not readily be replaced, and perhaps even replaced by someone more able. In any event, it is difficult to locate enemy commanders, meaning the opportunity to kill them rarely arises. And as commanders ask their troops to risk their lives, they have no moral claim to immunity from danger.
Now, take another case. Assume that the leader of a country were singular and irreplaceable, something very few are. But think of Fidel Castro, whose central role in the Cuban government was undeniable. Assume that he is the enemy of another country like the United States. It is an unofficial hostility — no war has been declared — but a very real one nonetheless. Is it illegitimate to try to kill such a leader in a bid to destroy his regime? Let’s move that question to Adolph Hitler, the gold standard of evil. Would it be inappropriate to have sought to kill him in 1938 based on the type of regime he had created and what he said that he would do with it?
If the position is that killing Hitler would have been immoral, then we have a serious question about the moral standards being used. The more complex case is Castro. He is certainly no Hitler, but neither is he the romantic democratic revolutionary some have painted him as being. But if it is legitimate to kill Castro, then where is the line drawn? Who is it not legitimate to kill?
As with Yamamoto, the number of instances in which killing a political leader would make a difference in policy or in the regime’s strength is extremely limited. In most cases, the argument against assassination is not moral but practical: It would make no difference if the target in question lives or dies. But where it would make a difference, the moral argument becomes difficult. If we establish that Hitler was a legitimate target, then we have established that there is not an absolute ban on political assassination. The question is what the threshold must be.
All of this is a preface to the killing in the United Arab Emirates, because that represents a third case. Since the rise of the modern intelligence apparatus, covert arms have frequently been attached to them. The nation-states of the 20th century all had intelligence organizations. These organizations carried out a range of clandestine operations beyond collecting intelligence, from supplying weapons to friendly political groups in foreign countries to overthrowing regimes to underwriting terrorist operations.
During the latter half of the century, nonstate-based covert organizations were developed. As European empires collapsed, political movements wishing to take control created covert warfare apparatuses to force the Europeans out or defeat political competitors. Israel’s state-based intelligence system emerged from one created before the Jewish state’s independence. The various Palestinian factions created their own. Beyond this, of course, groups like al Qaeda created their own covert capabilities, against which the United States has arrayed its own massive covert capability.
The contemporary reality is not a battlefield on which a Yamamoto might be singled out or a charismatic political leader whose death might destroy his regime. Rather, a great deal of contemporary international politics and warfare is built around these covert capabilities. In the case of Hamas, the mission of these covert operations is to secure the resources necessary for Hamas to engage Israeli forces on terms favorable to them, from terror to rocket attacks. For Israel, covert operations exist to shut off resources to Hamas (and other groups), leaving them unable to engage or resist Israel.
Expressed this way, covert warfare makes sense, particularly for the Israelis when they engage the clandestine efforts of Hamas. Hamas is moving covertly to secure resources. Its game is to evade the Israelis. The Israeli goal is to identify and eliminate the covert capability. Hamas is the hunted, Israel the hunter here. Apparently the hunter and hunted met in the United Arab Emirates, and the hunted was killed.
But there are complexities here. First, in warfare, the goal is to render the enemy incapable of resisting. Killing just any group of enemy soldiers is not the point. Indeed, diverting resources to engage the enemy on the margins, leaving the center of gravity of the enemy force untouched, harms far more than it helps. Covert warfare is different from conventional warfare, but the essential question stands: Is the target you are destroying essential to the enemy’s ability to fight? And even more important, as the end of all war is political, does defeating this enemy bring you closer to your political goals?
Covert organizations, like armies, are designed to survive attrition. It is expected that operatives will be detected and killed; the system is designed to survive that. The goal of covert warfare is either to penetrate the enemy so deeply, or destroy one or more people so essential to the operation of the group, that the covert organization stops functioning. All covert organizations are designed to stop this from happening.
They achieve this through redundancy and regeneration. After the massacre at the Munich Olympics in 1972, the Israelis mounted an intense covert operation to identify, penetrate and destroy the movement — called Black September — that mounted the attack. Black September was not simply a separate movement but a front for various Palestinian factions. Killing those involved with Munich would not paralyze Black September, and destroying Black September did not destroy the Palestinian movement. That movement had redundancy — the ability to shift new capable people into the roles of those killed — and therefore could regenerate, training and deploying fresh operatives.
The mission was successfully carried out, but the mission was poorly designed. Like a general using overwhelming force to destroy a marginal element of the enemy army, the Israelis focused their covert capability to destroy elements whose destruction would not give the Israelis what they wanted — the destruction of the various Palestinian covert capabilities. It might have been politically necessary for the Israeli public, it might have been emotionally satisfying, but the Israeli’s enemies weren’t broken. Consider that Entebbe occurred in 1976. If Israel’s goal in targeting Black September was the suppression of terrorism by Palestinian groups, the assault on one group did not end the threat from other groups.
Therefore, the political ends the Israelis sought were not achieved. The Palestinians did not become weaker. The year 1972 was not the high point of the Palestinian movement politically. It became stronger over time, gaining substantial international legitimacy. If the mission was to break the Palestinian covert apparatus to weaken the Palestinian capability and weaken its political power, the covert war of eliminating specific individuals identified as enemy operatives failed. The operatives very often were killed, but the operation did not yield the desired outcome.
And here lies the real dilemma of assassination. It is extraordinarily rare to identify a person whose death would materially weaken a substantial political movement in some definitive sense — i.e., where if the person died, then the movement would be finished. This is particularly true for nationalist movements that can draw on a very large pool of people and talent. It is equally hard to reduce a movement quickly enough to destroy the organization’s redundancy and regenerative capability. Doing so requires extraordinary intelligence penetration as well as a massive covert effort, so such an effort quickly reveals the penetration and identifies your own operatives.
A single swift, global blow is what is dreamt of. Covert war actually works as a battle of attrition, involving the slow accumulation of intelligence, the organization of the strike, the assassination. At that point, one man is dead, a man whose replacement is undoubtedly already trained. Others are killed, but the critical mass is never reached, and there is no one target who if killed would cause everything to change.
In war there is a terrible tension between the emotions of the public and the cold logic that must drive the general. In covert warfare, there is tremendous emotional satisfaction to the country when it is revealed that someone it regards as not only an enemy, but someone responsible for the deaths of their countryman, has been killed. But the generals or directors of intelligence can’t afford this satisfaction. They have limited resources, which must be devoted to achieving their country’s political goals and assuring its safety. Those resources have to be used effectively.
There are few Hitlers whose death is morally demanded and might have a practical effect. Most such killings are both morally and practically ambiguous. In covert warfare, even if you concede every moral point about the wickedness of your enemy, you must raise the question as to whether all of your efforts are having any real effect on the enemy in the long run. If they can simply replace the man you killed, while training ten more operatives in the meantime, you have achieved little. If the enemy keeps becoming politically more successful, then the strategy must be re-examined.
We are not writing this as pacifists; we do not believe the killing of enemies is to be avoided. And we certainly do not believe that the morally incoherent strictures of what is called international law should guide any country in protecting itself. What we are addressing here is the effectiveness of assassination in waging covert warfare. Too frequently, it does not, in our mind, represent a successful solution to the military and political threat posed by covert organizations. It might bring an enemy to justice, and it might well disrupt an organization for a while or even render a specific organization untenable. But in the covert wars of the 20th century, the occasions when covert operations — including assassinations — achieved the political ends being pursued were rare. That does not mean they never did. It does mean that the utility of assassination as a main part of covert warfare needs to be considered carefully. Assassination is not without cost, and in war, all actions must be evaluated rigorously in terms of cost versus benefit.
"This report is republished with permission of STRATFOR"
This has instructional value for protective service personnel, shows how intricate surveillance of your client can be!
By Scott Stewart
In an interview aired Feb. 7 on CNN, U.S. Secretary of State Hillary Clinton said she considers weapons of mass destruction (WMD) in the hands of an international terrorist group to be the largest threat faced by the United States today, even bigger than the threat posed by a nuclear-armed Iran. “The biggest nightmare that many of us have is that one of these terrorist member organizations within this syndicate of terror will get their hands on a weapon of mass destruction,” Clinton said. In referring to the al Qaeda network, Clinton noted that it is “unfortunately a very committed, clever, diabolical group of terrorists who are always looking for weaknesses and openings.”
Clinton’s comments came on the heels of a presentation by U.S. Director of National Intelligence Dennis Blair to the Senate Select Committee on Intelligence. In his Annual Threat Assessment of the U.S. Intelligence Community on Feb. 2, Blair noted that, although counterterrorism actions have dealt a significant blow to al Qaeda’s near-term efforts to develop a sophisticated chemical, biological, radiological and nuclear (CBRN) attack capability, the U.S. intelligence community judges that the group is still intent on acquiring the capability. Blair also stated the obvious when he said that if al Qaeda were able to develop CBRN weapons and had the operatives to use them it would do so.
All this talk about al Qaeda and WMD has caused a number of STRATFOR clients, readers and even friends and family members to ask for our assessment of this very worrisome issue. So, we thought it would be an opportune time to update our readers on the topic.
To begin a discussion of jihadists and WMD, it is first important to briefly re-cap STRATFOR’s assessment of al Qaeda and the broader jihadist movement. It is our assessment that the first layer of the jihadist movement, the al Qaeda core group, has been hit heavily by the efforts of the United States and its allies in the aftermath of 9/11. Due to the military, financial, diplomatic, intelligence and law enforcement operations conducted against the core group, it is now a far smaller and more insular organization than it once was and is largely confined geographically to the Afghan-Pakistani border. Having lost much of its operational ability, the al Qaeda core is now involved primarily in the ideological struggle (which it seems to be losing at the present time).
The second layer in the jihadist realm consists of regional terrorist or insurgent groups that have adopted the jihadist ideology. Some of these have taken up the al Qaeda banner, such as al Qaeda in the Islamic Maghreb (AQIM) and al Qaeda in the Arabian Peninsula (AQAP), and we refer to them as al Qaeda franchise groups. Other groups may adopt some or all of al Qaeda’s jihadist ideology and cooperate with the core group, but they will maintain their independence for a variety of reasons. In recent years, these groups have assumed the mantle of leadership for the jihadist movement on the physical battlefield.
The third (and broadest) component of the jihadist movement is composed of grassroots jihadists. These are individuals or small groups of people located across the globe who are inspired by the al Qaeda core and the franchise groups but who may have little or no actual connection to these groups. By their very nature, the grassroots jihadists are the hardest of these three components to identify and target and, as a result, are able to move with more freedom than members of the al Qaeda core or the regional franchises.
As long as the ideology of jihadism exists, and jihadists at any of these three layers embrace the philosophy of attacking the “far enemy,” there will be a threat of attacks by jihadists against the United States. The types of attacks they are capable of conducting, however, depend on their intent and capability. Generally speaking, the capability of the operatives associated with the al Qaeda core is the highest and the capability of grassroots operatives is the lowest. Certainly, many grassroots operatives think big and would love to conduct a large, devastating attack, but their grandiose plans often come to naught for lack of experience and terrorist tradecraft.
Although the American public has long anticipated a follow-on attack to 9/11, most of the attacks directed against the United States since 9/11 have failed. In addition to incompetence and poor tradecraft, one of the contributing factors to these failures is the nature of the targets. Many strategic targets are large and well-constructed, and therefore hard to destroy. In other words, just because a strategic target is attacked does not mean the attack has succeeded. Indeed, many such attacks have failed. Even when a plot against a strategic target is successfully executed, it might not produce the desired results and would therefore be considered a failure. For example, the detonation of a massive truck bomb in a parking garage of the World Trade Center in 1993 failed to achieve the jihadists’ aims of toppling the two towers and producing mass casualties, or of causing a major U.S. foreign policy shift.
Many strategic targets, such as embassies, are well protected against conventional attacks. Their large standoff distances and physical security measures (like substantial perimeter walls) protect them from vehicle-borne improvised explosive devices (VBIEDs), while these and other security measures make it difficult to cause significant damage to them using smaller IEDs or small arms.
To overcome these obstacles, jihadists have been forced to look at alternate means of attack. Al Qaeda’s use of large, fully fueled passenger aircraft as guided missiles is a great example of this, though it must be noted that once that tactic became known, it ceased to be viable (as United Airlines Flight 93 demonstrated). Today, there is little chance that a flight crew and passengers of an aircraft would allow it to be seized by a small group of hijackers.
Al Qaeda has long plotted ways to overcome security measures and launch strategic strikes with CBRN weapons. In addition to the many public pronouncements the group has made about its desire to obtain and use such weapons, we know al Qaeda has developed crude methods for producing chemical and biological weapons and included such tactics in its encyclopedia of jihad and terrorist training courses.
However, as STRATFOR has repeatedly pointed out, chemical and biological weapons are expensive and difficult to use and have proved to be largely ineffective in real-world applications. A comparison of the Aum Shinrikyo chemical and biological attacks in Tokyo with the March 2004 jihadist attacks in Madrid clearly demonstrates that explosives are far cheaper, easier to use and more effective in killing people. The failure by jihadists in Iraq to use chlorine effectively in their attacks also underscores the problem of using improvised chemical weapons. These problems were also apparent to the al Qaeda leadership, which scrapped a plot to use improvised chemical weapons in the New York subway system due to concerns that the weapons would be ineffective. The pressure jihadist groups are under would also make it very difficult for them to develop a chemical or biological weapons facility, even if they possessed the financial and human resources required to launch such a program.
Of course, it is not unimaginable for al Qaeda or other jihadists to think outside the box and attack a chemical storage site or tanker car, or use such bulk chemicals to attack another target — much as the 9/11 hijackers used passenger- and fuel-laden aircraft to attack their targets. However, while an attack using deadly bulk chemicals could kill many people, most would be evacuated before they could receive a lethal dose, as past industrial accidents have demonstrated. Therefore, such an attack would be messy but would be more likely to cause mass panic and evacuations than mass casualties. Still, it would be a far more substantial attack than the previous subway plot using improvised chemical weapons.
A similar case can be made against the effectiveness of an attack involving a radiological dispersion device (RDD), sometimes called a “dirty bomb.” While RDDs are easy to deploy — so simple that we are surprised one has not already been used within the United States — it is very difficult to immediately administer a lethal dose of radiation to victims. Therefore, the “bomb” part of a dirty bomb would likely kill more people than the device’s “dirty,” or radiological, component. However, use of an RDD would result in mass panic and evacuations and could require a lengthy and expensive decontamination process. Because of this, we refer to RDDs as “weapons of mass disruption” rather than weapons of mass destruction.
The bottom line is that a nuclear device is the only element of the CBRN threat that can be relied upon to create mass casualties and guarantee the success of a strategic strike. However, a nuclear device is also by far the hardest of the CBRN weapons to obtain or manufacture and therefore the least likely to be used. Given the pressure that al Qaeda and its regional franchise groups are under in the post-9/11 world, it is simply not possible for them to begin a weapons program intended to design and build a nuclear device. Unlike countries such as North Korea and Iran, jihadists simply do not have the resources or the secure territory on which to build such facilities. Even with money and secure facilities, it is still a long and difficult endeavor to create a nuclear weapons program — as is evident in the efforts of North Korea and Iran. This means that jihadists would be forced to obtain an entire nuclear device from a country that did have a nuclear weapons program, or fissile material such as highly enriched uranium (enriched to 80 percent or higher of the fissile isotope U-235) that they could use to build a crude, gun-type nuclear weapon.
Indeed, we know from al Qaeda defectors like Jamal al-Fadl that al Qaeda attempted to obtain fissile material as long ago as 1994. The organization was duped by some of the scammers who were roaming the globe attempting to sell bogus material following the collapse of the Soviet Union. Several U.S. government agencies were duped in similar scams.
Black-market sales of military-grade radioactive materials spiked following the collapse of the Soviet Union as criminal elements descended on abandoned Russian nuclear facilities in search of a quick buck. In subsequent years the Russian government, in conjunction with various international agencies and the U.S. government, clamped down on the sale of Soviet-era radioactive materials. U.S. aid to Russia in the form of so-called “nonproliferation assistance” — money paid to destroy or adequately secure such nuclear and radiological material — increased dramatically following 9/11. In 2009, the U.S. Congress authorized around $1.2 billion for U.S. programs that provide nonproliferation and threat reduction assistance to the former Soviet Union. Such programs have resulted in a considerable amount of fissile material being taken off the market and removed from vulnerable storage sites, and have made it far harder to obtain fissile material today than it was in 1990 or even 2000.
Another complication to consider is that jihadists are not the only parties who are in the market for nuclear weapons or fissile material. In addition to counterproliferation programs that offer to pay money for fissile materials, countries like Iran and North Korea would likely be quick to purchase such items, and they have the resources to do so, unlike jihadist groups, which are financially strapped.
Some commentators have said they believe al Qaeda has had nuclear weapons for years but has been waiting to activate them at the “right time.” Others claim these weapons are pre-positioned inside U.S. cities. STRATFOR’s position is that if al Qaeda had such weapons prior to 9/11, it would have used them instead of conducting the airline attack. Even if the group had succeeded in obtaining a nuclear weapon after 9/11, it would have used it by now rather than simply sitting on it and running the risk of it being seized.
There is also the question of state assistance to terrorist groups, but the actions of the jihadist movement since 9/11 have served to steadily turn once quietly supportive (or ambivalent) states against the movement. Saudi Arabia declared war on jihadists in 2003 and countries such as Yemen, Pakistan and Indonesia have recently gone on the offensive. Indeed, in his Feb. 2 presentation to the Senate committee, Blair said: “We do not know of any states deliberately providing CBRN assistance to terrorist groups. Although terrorist groups and individuals have sought out scientists with applicable expertise, we have no corroborated reporting that indicates such experts have advanced terrorist CBRN capability.” Blair also noted that, “We and many in the international community are especially concerned about the potential for terrorists to gain access to WMD-related materials or technology.”
Clearly, any state that considered providing WMD to jihadists would have to worry about blow-back from countries that would be targeted by that material (such as the United States and Russia). With jihadists having declared war on the governments of countries in which they operate, officials in a position to provide CBRN to those jihadists would also have ample reason to be concerned about the materials being used against their own governments.
Efforts to counter the proliferation of nuclear materials and technology will certainly continue for the foreseeable future, especially efforts to ensure that governments with nuclear weapons programs do not provide weapons or fissile material to jihadist groups. While the chance of such a terrorist attack is remote, the devastation one could cause means that it must be carefully guarded against.
"This report is republished with permission of STRATFOR"
Mujahid Abdur-Rahman aka ROCK with Michael D. Janich at the 2009 NY Law Enforcement Expo 2009
Mujahid Abdur-Rahman aka ROCK (rear) graduating from Executive Protection training at the Sykes Group October 2009
Stand & Deliver:
U.S. President Barack Obama outlined a set of new policies Jan. 7 in response to the Dec. 25, 2009 Northwest Airlines bombing attempt, which came the closest to a successful attack on a U.S. flight since Richard Reid’s failed shoe-bombing in December 2001. As in the aftermath of that attempt, a flurry of accusations, excuses and policy prescriptions have emanated from Washington since Christmas Day concerning U.S. airline security. Whatever changes actually result from the most recent bombing attempt, they will likely be more successful at pacifying the public and politicians than preventing future attacks.
At the heart of President Obama’s policy outline were the following key tactics: pursue enhanced screening technology in the transportation sector, review the visa issuance and revocation process, enhance coordination among agencies for counterterrorism (CT) investigations and establish a process to prioritize such investigations. While such measures are certainly important, they will not go far enough, by themselves, to meaningfully address the aviation security challenges the United States still faces almost nine years after 9/11.
For one thing, technology must not be seen as a panacea. It can be a very useful tool for finding explosive devices and weapons concealed on a person or in luggage, but it is predictable and reactive. In terms of aviation security, the federal government has consistently been fighting the last war and continues to do so. Certain practical and effective steps have been taken. Hardening the cockpit door, deploying air marshals and increasing crew and passenger awareness countered the airline hijacking threat after 9/11; requiring passengers to remove their shoes and scanning them prior to boarding followed Reid’s 2001 shoe-bombing attempt; and restrictions on liquids and gels followed the 2006 trans-Atlantic plot. Not enacting these measures would have meant not learning from past mistakes, and they do ensure that unsophisticated “copycat” attackers are not successful. But such measures — even those that are less technological — fail to take into account innovative militants, who are eager and able to exploit inevitable weaknesses in the process.
Even advanced body-imaging systems like the newer backscatter and millimeter-wave systems now being used to screen travelers cannot pick up explosives hidden inside a person’s body using condoms or tampons — a tactic that was initially thought to have been used in the Aug. 28 assassination attempt against Saudi Deputy Interior Minister Prince Mohammed bin Nayef. (It is now believed that the attacker in that case used an underwear bomb like the one used in the Christmas Day attempt.) Moreover, X-ray systems cannot detect explosives cleverly disguised in carry-on baggage or smuggled past security checkpoints — something that drug smugglers routinely do.
Preventing attacks against U.S. airliners would require unrealistically invasive and inconvenient measures that the airline industry and American society are simply not prepared to implement. El Al, Israel’s national airline, is one international carrier that conducts thorough searches of every passenger and every handbag, runs checked luggage through a decompression chamber and has two air marshals on each flight. The airline also refuses to let some people (including many Muslims) on board. While these practices have been successful in preventing terrorist attacks against the airline, they are not in line with American and European culture and President Obama’s insistence that measures remain consistent with privacy rights and civil liberties. It is also economically and politically unfeasible for major U.S. airlines operating hundreds of flights per day from hundreds of different cities to impose measures such as those followed by El Al, an airline with fewer planes and a smaller area of operation.
And as long as U.S. airport security relies on screening techniques that are only moderately invasive, there will be holes that innovative attackers will be able to exploit. While screening technology is advancing, there is nothing in the foreseeable future that would be able to do more screening with less invasiveness. The U.S. prison system grapples with the same problem, and even there, where inmates are searched far more invasively than air travelers, contraband is still able to flow into facilities.
Focusing on the visa issuance and revocation process also leaves holes in the system. The Christmas Day bomber, Umar Farouk Abdulmutallab, had been given a multiple-entry U.S. visa, which allowed him to travel to the United States. When Abdulmutallab’s father expressed concerns to officials at the U.S. Embassy in Abuja, Nigeria, on Nov. 19, 2009, that his son might have been involved with Yemen-based Islamist militants, Abdulmutallab’s name and passport number were sent from the U.S. Embassy in Abuja to Washington and placed in the “Visa Viper” system, which specifically pertains to visas and terrorist suspects. His name and passport number were also logged into the Terrorist Identities Datamart Environment, but not the “no-fly” list.
This standard operating procedure (which does not automatically result in a visa revocation) passed the responsibility from the CIA agents who spoke to Abdulmuttalab’s father on to the U.S. State Department, where agents unfamiliar with the specifics of the case did not, apparently, decide to act on it. In hindsight, the decision not to take the father’s warning more seriously appears to be a glaring mistake, but in context it seems less obvious. The father’s tip was vague, with little indication of what his son was up to or, more important to U.S. CT agents, that he was planning even to travel to the United States, much less attack a U.S. airliner.
The possibility of yet another jihadist suspect emerging in the Middle East does not pose an existential threat to the United States, so this raises the third challenge: prioritizing CT investigations. Vague warnings such as the tip from Abdulmuttalab’s father spring up constantly throughout the world and CT investigators have to prioritize them. Only the most serious cases get assigned to an investigator to follow up on while the rest are filed away for future reference. If the same name pops up again with more information on the threat, then more action is taken. U.S. CT agents are most concerned about specific threats to the United States, and with no actionable intelligence that Abdulmutallab was plotting an attack against the United States, his case was given a lower priority.
Nevertheless, not acting immediately on the father’s vague threat proved to be a near-fatal move. This highlights the danger of the unsophisticated, ill-trained militant, referred to in U.S. CT circles as a “Kramer jihadist” (after the bumbling character in the sitcom “Seinfeld”). By himself, a Kramer jihadist poses a minimal threat, but when combined with a trained operative or group, he can become a formidable weapon. Abdulmutallab had been radicalized, but there is nothing to suggest that he had extensive jihadist training or any tactical expertise. He was simply a willing agent with a visa to the United States. When put in the hands of a competent, well-trained operator (such as those involved with al Qaeda in the Arabian Peninsula), a Kramer jihadist can be outfitted with a device and given a support network that could supply him with transportation and direction to carry out an effective attack. There are simply too many radical Islamists in the world to investigate each one, but immediately revoking visas to keep suspects off U.S. airliners until they can be investigated further is a fairly simple process and would be an effective deterrent.
Finally, the lack of coordination among agencies in CT investigations is an old problem that dates back well before 9/11. This challenge lies in the fact that the U.S. intelligence community is broken up into specific agencies — each with its own specific jurisdiction and incentive to leverage its power in Washington by controlling the flow of information. This system ensures that no single agency becomes too powerful and self-interested, but it also fractures the intelligence community and bureaucratizes intelligence sharing.
In order to investigate a case like Abdulmutallab’s, agents from the CIA must work with agents from the FBI, and the State Department is tasked with coordinating the requests for information from various foreign governments (whose information is not always reliable). For foreign threats specifically aimed at airlines, agents from the Transportation Security Administration, Federal Aviation Administration, Office of Director of National Intelligence, and Immigration and Customs Enforcement must be notified. Rallying and coordinating all the appropriate actors and agencies to respond to a threat requires careful bureaucratic maneuvering and presents numerous opportunities to be bogged down at every step. Certainly, the more overt the threat, the easier it is to move the bureaucracy, but a case as opaque as Abdulmutallab’s would not likely inspire a quick and decisive follow-up.
The U.S. National Counterterrorism Center (NCTC) was created to aggregate threats from various local, state and federal agencies all over the world in order to streamline the threat-identification and investigation process. However, the additional bureaucracy that was generated with the formation of the NCTC has essentially canceled out any benefit that the center might have contributed.
When it comes down to it, modern airliners — full of people and fuel — are extremely vulnerable targets that can produce highly dramatic carnage, characteristics that attract militants and militant groups seeking global notoriety. And Abdulmutallab’s efforts on Christmas Day certainly will not be the last militant attempt to bring an airliner down. As security measures are changed in response to this most recent attempt, terrorist planners will be watching closely and are sure to adapt their tactics accordingly.
"This report is republished with permission of STRATFOR"
By George Friedman and Scott Stewart
As Khalil Abu-Mulal al-Balawi exited the vehicle that brought him onto Forward Operating Base (FOB) Chapman in Khost, Afghanistan, on Dec. 30, 2009, security guards noticed he was behaving strangely. They moved toward al-Balawi and screamed demands that he take his hand out of his pocket, but instead of complying with the officers’ commands, al-Balawi detonated the suicide device he was wearing. The explosion killed al-Balawi, three security contractors, four CIA officers and the Jordanian General Intelligence Department (GID) officer who was al-Balawi’s handler. The vehicle shielded several other CIA officers at the scene from the blast. The CIA officers killed included the chief of the base at Khost and an analyst from headquarters who reportedly was the agency’s foremost expert on al Qaeda. The agency’s second-ranking officer in Afghanistan was allegedly among the officers who survived.
Al-Balawi was a Jordanian doctor from Zarqa (the hometown of deceased al Qaeda in Iraq leader Abu Musab al-Zarqawi). Under the alias Abu Dujanah al-Khurasani, he served as an administrator for Al-Hesbah, a popular Internet discussion forum for jihadists. Jordanian officers arrested him in 2007 because of his involvement with radical online forums, which is illegal in Jordan. The GID subsequently approached al-Balawi while he was in a Jordanian prison and recruited him to work as an intelligence asset.
Al-Balawi was sent to Pakistan less than a year ago as part of a joint GID/CIA mission. Under the cover of going to school to receive advanced medical training, al-Balawi established himself in Pakistan and began to reach out to jihadists in the region. Under his al-Khurasani pseudonym, al-Balawai announced in September 2009 in an interview on a jihadist Internet forum that he had officially joined the Afghan Taliban.
It is unclear if al-Balawi was ever truly repentant. Perhaps he cooperated with the GID at first, but had a change of heart sometime after arriving in Pakistan. Either way, at some point al-Balawi approached the Tehrik-i-Taliban Pakistan (TTP), the main Pakistani Taliban group, and offered to work with it against the CIA and GID. Al-Balawi confirmed this in a video statement recorded with TTP leader Hakeemullah Mehsud and released Jan. 9. This is significant because it means that al-Balawi’s appearance was a lucky break for the TTP, and not part of some larger, intentional intelligence operation orchestrated by the TTP or another jihadist entity like al Qaeda.
The TTP’s luck held when a group of 13 people gathered to meet al-Balawi upon his arrival at FOB Chapman. This allowed him to detonate his suicide device amid the crowd and create maximum carnage before he was able to be searched for weapons.
In the world of espionage, source meetings are almost always a dangerous activity for both the intelligence officer and the source. There are fears the source could be surveilled and followed to the meeting site, or that the meeting could be raided by host country authorities and the parties arrested. In the case of a terrorist source, the meeting site could be attacked and those involved in the meeting killed. Because of this, the CIA and other intelligence agencies exercise great care while conducting source meetings. Normally they will not bring the source into a CIA station or base. Instead, they will conduct the meeting at a secure, low-profile offsite location.
Operating in the wilds of Afghanistan is far different from operating out of an embassy in Vienna or Moscow, however. Khost province is Taliban territory, and it offers no refuge from the watching eyes and gunmen of the Taliban and their jihadist allies. Indeed, the province has few places safe enough even for a CIA base. And this is why the CIA base in Khost is located on a military base, FOB Chapman, named for the first American killed in Afghanistan following the U.S. invasion. Normally, an outer ring of Afghan security around the base searches persons entering FOB Chapman, who the U.S. military then searches again at the outer perimeter of the U.S. portion of the base. Al-Balawi, a high-value CIA asset, was allowed to skip these external layers of security to avoid exposing his identity to Afghan troops and U.S. military personnel. Instead, the team of Xe (the company formerly known as Blackwater) security contractors were to search al-Balawi as he arrived at the CIA’s facility.
Had proper security procedures been followed, the attack should only have killed the security contractors, the vehicle driver and perhaps the Jordanian GID officer. But proper security measures were not followed, and several CIA officers rushed out to greet the unscreened Jordanian source. Reports indicate that the source had alerted his Jordanian handler that he had intelligence pertaining to the location of al Qaeda second-in-command Ayman al-Zawahiri. (There are also reports that al-Balawi had given his handlers highly accurate battle damage assessments on drone strikes in Pakistan, indicating that he had access to high-level jihadist sources.) The prospect of finally receiving such crucial and long-sought information likely explains the presence of the high-profile visitors from CIA headquarters in Langley and the station in Kabul — and their exuberance over receiving such coveted intelligence probably explains their eager rush to meet the source before he had been properly screened.
The attack, the most deadly against CIA personnel since the 1983 Beirut bombing, was clearly avoidable, or at least mitigable. But human intelligence is a risky business, and collecting human intelligence against jihadist groups can be flat-out deadly. The CIA officers in Khost the day of the bombing had grown complacent, and violated a number of security procedures. The attack thus serves as a stark reminder to the rest of the clandestine service of the dangers they face and of the need to adhere to time-tested security procedures.
A better process might have prevented some of the deaths, but it would not have solved the fundamental problem: The CIA had an asset who turned out to be a double agent. When he turned is less important than that he was turned into — assuming he had not always been — a double agent. His mission was to gain the confidence of the CIA as to his bona fides, and then create an event in which large numbers of CIA agents were present, especially the top al Qaeda analyst at the CIA. He knew that high-value targets would be present because he had set the stage for the meeting by dangling vital information before the agency. He went to the meeting to carry out his true mission, which was to deliver a blow against the CIA. He succeeded.
In discussing the core weakness in the Afghan strategy U.S. President Barack Obama has chosen, we identified the basic problem as the intelligence war. We argued that establishing an effective Afghan army would be extremely difficult, if not impossible, because the Americans and their NATO allies lacked knowledge and sophistication in distinguishing friend from foe among those being recruited into the army. This problem is compounded by the fact that there are very few written documents in a country like Afghanistan that could corroborate identities. The Taliban would seed the Afghan army with its own operatives and supporters, potentially exposing the army’s operations to al Qaeda.
This case takes the problem a step further. The United States relied on Jordanian intelligence to turn a jihadist operative into a double agent. They were dependent on the Jordanian handler’s skills at debriefing, vetting and testing the now-double agent. It is now reasonable to assume the agent allowed himself to be doubled in an attempt to gain the trust of the handler. The Jordanians offered the source to the Americans, who obviously grabbed him, and the source passed all the tests to which he was undoubtedly subjected. Yet in the end, his contacts with the Taliban were not designed to provide intelligence to the Americans. The intelligence provided to the Americans was designed to win their trust and set up the suicide bombing. It is therefore difficult to avoid the conclusion that al-Balawi was playing the GID all along and that his willingness to reject his jihadist beliefs was simply an opportunistic strategy for surviving and striking.
Even though encountering al-Balawi was a stroke of luck for the TTP, the group’s exploitation of this lucky break was a very sophisticated operation. The TTP had to provide valuable intelligence to allow al-Balawi to build his credibility. It had to create the clustering of CIA agents by promising extraordinarily valuable intelligence. It then had to provide al-Balawi with an effective suicide device needed for the strike. And it had to do this without being detected by the CIA. Al-Balawi had a credible cover for meeting TTP agents; that was his job. But what al-Balawi told his handlers about his meetings with the TTP, and where he went between meetings, clearly did not indicate to the handlers that he was providing fabricated information or posed a threat.
In handling a double agent, it is necessary to track every step he takes. He cannot be trusted because of his history; the suspicion that he is still loyal to his original cause must always be assumed. Therefore, the most valuable moments in evaluating a double agent are provided by intense scrutiny of his patterns and conduct away from his handlers and new friends. Obviously, if this scrutiny was applied, al-Balawi and his TTP handlers were still able to confuse their observers. If it was not applied, then the CIA was setting itself up for disappointment. Again, such scrutiny is far more difficult to conduct in the Pakistani badlands, where resources to surveil a source are very scarce. In such a case, the intuition and judgment of the agent’s handler are critical, and al-Balawi was obviously able to fool his Jordanian handler.
Given his enthusiastic welcome at FOB Chapman, it would seem al-Balawi was regarded not only as extremely valuable but also as extremely reliable. Whatever process might have been used at the meeting, the central problem was that he was regarded as a highly trusted source when he shouldn’t have been. Whether this happened because the CIA relied entirely on the Jordanian GID for evaluation or because American interrogators and counterintelligence specialists did not have the skills needed to pick up the cues can’t be known. What is known is that the TTP ran circles around the CIA in converting al-Balawi to its uses.
The United States cannot hope to reach any satisfactory solution in Afghanistan unless it can win the intelligence war. But the damage done to the CIA in this attack cannot be overestimated. At least one of the agency’s top analysts on al Qaeda was killed. In an intelligence war, this is the equivalent of sinking an aircraft carrier in a naval war. The United States can’t afford this kind of loss. There will now be endless reviews, shifts in personnel and re-evaluations. In the meantime, the Taliban in both Pakistan and Afghanistan will be attempting to exploit the opportunity presented by this disruption.
Casualties happen in war, and casualties are not an argument against war. However, when the center of gravity in a war is intelligence, and an episode like this occurs, the ability to prevail becomes a serious question. We have argued that in any insurgency, the insurgents have a built-in advantage. It is their country and their culture, and they are indistinguishable from everyone else. Keeping them from infiltrating is difficult.
This was a different matter. Al-Balawi was Jordanian; his penetration of the CIA was less like the product of an insurgency than an operation carried out by a national intelligence service. And this is the most troubling aspect of this incident for the United States. The operation was by all accounts a masterful piece of tradecraft beyond the known abilities of a group like the TTP. Even though al-Balawi’s appearance was a lucky break for the TTP, not the result of an intentional, long-term operation, the execution of the operation that arose as a result of that lucky break was skillfully done — and it was good enough to deliver a body blow to the CIA. The Pakistani Taliban would thus appear far more skilled than we would have thought, which is the most important takeaway from this incident, and something to ponder.
"This report is republished with permission of STRATFOR"
By Scott Stewart
A week after he was arrested in Chicago on Oct. 3, David Coleman Headley was charged in a federal criminal complaint with conspiring to commit terrorist attacks outside the United States and providing material support to terrorist organizations. The charges alleged that Headley was involved in a plot to attack a newspaper in Denmark that had published a collection of cartoons satirizing the Prophet Mohammed in September 2005.
Since Headley’s arrest, there have been almost daily disclosures of new information regarding his activities and those of his co-conspirators. These new details have emerged during court proceedings and from leaks by U.S., Indian and Pakistani government officials. On Dec. 7, new federal charges were filed against Headley alleging that he had conducted extensive surveillance against targets in Mumbai that were attacked during the November 2008 armed assault in that city, which resulted in the deaths of some 170 people. Headley reportedly became an informant for the U.S. Drug Enforcement Administration (DEA) after being arrested and charged with smuggling heroin into the United States from Pakistan in 1997. Following the 9/11 attacks, he allegedly worked for the FBI as a terrorism informant. Now, following his arrest on Oct. 3, he is reportedly again cooperating with the U.S. government.
From the information that has emerged so far, it appears that Headley, who was born Daood Gilani in 1960 in Washington, D.C., to a Pakistani father and American mother, worked as a surveillance operative and operational planner for the Pakistan-based militant groups Lashkar-e-Taiba (LeT) and Harkat-ul-Jihad e-Islami (HUJI). In 2006, Headley legally changed his name from Daood Gilani to David Coleman Headley, anglicizing his first name and taking his mother’s maiden surname. He apparently did this to disguise his Pakistani heritage and Muslim faith while traveling to places such as India and Denmark.
Details of this case will continue to emerge as the court proceedings against Headley and his co-conspirators progress, but the information released to date reveals a great deal about Headley and about LeT and HUJI.
First, it is evident that Headley was not merely a low-level cannon fodder-type operative. Most of the men who attend jihadist training camps are taught basic infantry and guerrilla-warfare skills such as hand-to-hand combat and how to fire an AK-47 and throw a hand grenade. A handful of the best and brightest of these students are then selected to attend additional training in advanced combat skills that often include terrorist tradecraft, which is the set of skills required to conduct a terrorist attack. Terrorist tradecraft includes things like surveillance, bombmaking and covert communications and is quite distinct from basic infantry skills.
In his Dec. 7 indictment, we learned that Headley reportedly attended LeT training camps in Pakistan in February and August of 2002 and in April, August and December of 2003. This indicates that Headley progressed far beyond basic militant training, and it is likely that he was taught during his later training sessions the tradecraft required to conduct preoperational surveillance for terrorist attacks and to participate in the operational planning for such attacks.
One element of terrorist tradecraft that was evident in the indictment and the Oct. 11 criminal complaint is Headley’s careful use of language and of multiple methods of communications, including the use of cell phones and using long-distance calling cards, e-mail communication (using a variety of accounts) and face-to-face briefings. For the most sensitive communications and planning activities, Headley traveled to Pakistan to meet in person with LeT and HUJI leaders, a very secure way to communicate. He also had numerous phone and e-mail conversations in which he discussed the status of his work or planned reconnaissance trips. During such conversations, Headley would use terms to disguise the true objective of his work. For example, when referring to attack plans, Headley and his alleged co-conspirators reportedly called them “investment plans” or “business plans,” and when discussing the plot against Jyllands-Posten, the newspaper that published the Mohammed cartoons, Headley and his co-conspirators referred to it as the “Mickey Mouse Project,” the “MMP” or “the Northern Project.”
Headley also used a common militant communication method of creating messages and then saving them in the drafts folder of a Web-mail service rather than sending the message. The person creating such a message can then provide a colleague with the user name and password for the Web-mail account, which enables the second person to log on and read the communication in the draft folder without an e-mail having been sent. This procedure is referred to as an “electronic dead drop.”
In addition to facilitating communication, these dead drops can be used to save notes that a terrorist operative does not want to physically carry on his person for fear of being caught with them. In September, we noted that Najibullah Zazi used this method to send his bombmaking notes from a training camp in Pakistan to himself rather than risk physically carrying the notes into the United States, where they could have been found during a search of his belongings.
According to the Oct. 11 criminal complaint, before leaving Pakistan for the United States in December 2008, Headley used this process to save a list of taskings he had received for his surveillance work in Denmark. The list, which was entitled “Mickey Mouse,” included the following entries (presented here as contained in the complaint, verbatim and unedited):
We’ve included all the items listed in the complaint to demonstrate the depth of the surveillance work he was tasked with by his contacts in Pakistan. These responsibilities included determining the best way to get the attack team (“clients”) into the country, finding them a place to stay, procuring weapons (“machinery”) and conducting thorough surveillance of the newspaper and its surroundings. This would have included security in the area, countersurveillance activity and closed-circuit television cameras in place. Headley may also have been tasked with locating the residence of the newspaper’s editor.
According to the Oct. 11 federal complaint, Headley traveled from Chicago to Copenhagen in January 2009 to conduct surveillance of the Jyllands-Posten offices in Copenhagen and Aarhus, Denmark, and to photograph and videotape the surrounding areas. He then traveled to Pakistan, where he met with his co-conspirators to brief them on his surveillance operations and to construct a plan for the attack. Following his return to Chicago, Headley traveled back to Copenhagen in August 2009 to conduct additional surveillance (presumably to address issues that arose during the operational planning session in Pakistan). During this second trip, Headley made some 13 additional videos and took many photos of the potential targets and the areas around them.
In the Dec. 7 indictment, the U.S. government alleges that in order to conduct surveillance for the Mumbai attacks, Headley made five extended trips to Mumbai: one in September 2006, two in February and September of 2007 and two in April and July of 2008. During each of these trips Headley reportedly took pictures and made videos of various targets, including those attacked in November 2008. He also reportedly traveled to Pakistan after each of these trips to brief his co-conspirators there and to provide them with his maps, sketches, photos and videos. In March 2008, Headley and his co-conspirators reportedly discussed potential landing sites for a team of attackers who would arrive by sea in Mumbai, and he was instructed to take boat trips in and around the Mumbai harbor and make videotapes of the area, which he allegedly did during his visit to India in April 2008.
During much of his surveillance activity, Headley identified himself as an employee of the immigration services company First World, but there is no evidence that Headley ever worked for that company. There is also no information in the documents released so far that would explain how Headley paid for his extensive international travel, much less earned money to cover his day-to-day expenses.
Finally, there is the issue of Headley’s alleged work as a DEA and FBI informant (which could help explain at least some of the financial mysteries discussed above). Given the demonstrated — and considerable — nexus between heroin trafficking and terrorism funding for the jihadist groups operating in Pakistan and Afghanistan, such a crossover of an informant from narcotics to terrorism is no surprise — especially following the incredible push by the U.S. government to recruit human intelligence sources with links to the jihadist world following the 9/11 attacks.
If Headley were reporting to the FBI, it could also explain the very specific warnings that the U.S. government gave to the government of India about plans to attack hotels in Mumbai in September 2008. Following the warning, the government of India initially increased security measures at these sites, but the measures were dropped before the attacks were launched in November 2008.
At present, it is very difficult to ascertain if Headley was a double agent who was really reporting to LeT and HUJI the entire time he was ostensibly working for the U.S. government or if he was merely a rogue informant who was playing both ends against the middle for his own personal benefit. Such rogue sources have been seen in jihadist cases before. If Headley was either a double agent or a rogue source, there may be some significant blowback for the U.S. government as further revelations are made about the case.
First of all, this case demonstrates that LeT and HUJI have each developed a sophisticated central-planning apparatus. This is something they needed to do as they drifted out from under the wings of the Pakistani Inter-Services Intelligence (ISI) directorate, though undoubtedly they learned a lot about planning from their long association with the ISI. Second, the Headley case shows that as of October 2009 (almost a year after the Mumbai attacks), LeT and HUJI still enjoyed a great deal of operational freedom in Pakistan. They were able to travel, raise funds, communicate, train and plan operations with seemingly little interference. This is a stark contrast to al Qaeda, which is hunted, on the run and experiencing a great deal of difficulty moving operatives, communicating, raising funds and conducting operations. The links between Headley and his associates to current and former Pakistani military officers and government officials are likely what is affording LeT and HUJI their operational freedom.
As far as targeting, we have seen LeT and HUJI shift away from strictly Indian targets and toward more of a transnational al Qaeda-like target set. Not only did they attack Western interests and a Jewish target in Mumbai, but they were also planning to conduct an attack against a newspaper in Denmark that had absolutely no relation to the cause of Kashmiri independence from India. That said, despite having a highly trained surveillance operative and operational planner living inside the United States, these groups did not appear to task him to use his terrorist tradecraft to conduct target surveillance or plan and conduct attacks inside the United States.
According to court documents, HUJI leader Ilyas Kashmiri appears to have been the force driving the Denmark attack plans, and Headley seems to have been frustrated when his LeT contacts did not want to proceed with the Denmark attack after Kashmiri was reportedly killed in an American unmanned aerial vehicle (UAV) strike in Pakistan. LeT wanted Headley to help them plan another attack in India instead. The report of Kashmiri’s death was ultimately proved false, but the UAV attack apparently caused Kashmiri to go to ground and for Headley and his LeT contacts to lose communication with Kashmiri for a period of time. It is known that Kashmiri is closely affiliated with al Qaeda, and the plans for the Denmark attack are an indication that HUJI has become more closely aligned with the transnational jihadist targeting philosophy as a result of Kashmiri’s contacts with bin Laden and company. It appears that LeT, on the other hand, has retained more of a focus on India. So, while the two organizations continue to cooperate, they do have some differences in targeting philosophy, and it would seem that HUJI is creeping further into the al Qaeda orbit than LeT.
The information released to date in this case also underscores the importance of interpersonal relationships in the jihadist milieu and how these relationships, which are based on family, friendship and trust, often lead to an overlap in which people interact with different groups, and groups such as LeT and HUJI share resources and work together. The jihadist world can be a very murky place and operatives can work with different “companies,” to use Headley’s term.
This case also has some significant protective intelligence implications, and it underscores much of what we have been saying about surveillance and countersurveillance for several years now.
While Headley is a U.S. citizen and changed his name in order to camouflage his heritage and religious affiliation, he conducted an inordinate amount of surveillance activity by himself. Conducting a surveillance operation with only one person is among the most difficult — and risky — activities that any surveillance operative can be tasked to perform. Any time a person conducts surveillance he or she is vulnerable to detection. That vulnerability is mitigated somewhat if the surveillance is conducted by a team of individuals and the team members can take turns exposing themselves to potential countersurveillance. Doing a solo surveillance operation means that the surveillance operative is forced to show his face time and again to anyone watching.
Furthermore, activities such as taking photographs and making video recordings are far riskier than simply observing a target. Having one single surveillance operative visit two offices of the same newspaper and then take dozens of photos and make 13 video recordings of the offices — in a one-week span, no less — is terrible surveillance tradecraft. Had someone been conducting countersurveillance on one of the targets Headley was studying — or, better yet, countersurveillance of more than one of these potential targets — the countersurveillance assets almost certainly would have noticed his abnormal behavior. American tourists may frequently take photos and shoot videos while visiting foreign capitals, but they do not take the time to capture extensive still and video images of newspaper offices.
Even people who have conducted thousands upon thousands of hours of surveillance would have a hard time creating cover for action and status that would justify that much surveillance activity — especially when the surveillant is a foreigner and working alone. The only rational explanation for why Headley was not noticed while conducting his surveillance is that nobody was looking.
The use of an American citizen to conduct surveillance once again illustrates the importance of focusing on the “how” of terrorist attacks and not just the “who.” And when considering the actor, the focus must be placed on his or her behavior, not just nationality or religious creed.
"This report is republished with permission of STRATFOR"
Bravenet Blog 
Blog Community
Get a Free Blog
Manage your Blog
bravenet.com