Blog Archives

What do we really know about terrorism in the U.S. and what the hell do we need analysts for, anyway?


I just finished reading two recent papers on terrorist activity in the U.S. that, unintentionally it appears, complement each other quite well and have some very interesting things to say with regards to preconceived notions about terrorism here in the U.S.

The first is “The Plots That Failed: Intelligence Lessons Learned from Unsuccessful Terrorist Attacks against the United States.” Rather than looking at successful attacks to figure out where things went all pear-shaped, Erik Dahl looks at unsuccessful attacks to see what went right.

The second document was Building on Clues: Examining Successes and Failures in Detecting U.S. Terrorist Plots, 1999-2009. (Hereafter referred to as the IHSS piece since it was written under the umbrella of the Institute of Homeland Security Solutions) The authors looked at a broader scope of terrorist activity, including both failed and successful attacks over a ten year period to identify indicators and successful techniques for disrupting terrorist attacks.

Both are worth a read but I want to talk about a few of the mutual findings here.

The biggest find (in my opinion) was this gem (from the Dahl piece):

Most plots are disrupted not when a highly skilled analyst detects subtle clues that link otherwise insignificant bits of data, but when intelligence and law enforcement agencies obtain very precise information about specific plots being planned by specific groups.

The IHSS piece finds that:

Although the media is filled with exhortations that he U.S. intelligence and law enforcement agencies need to do a better job of “connecting the dots”…our analysis suggests that this ability has been useful in foiling only a few terrorist plots (3 cases, 4%).

I think this is worthwhile considering for a bit since it seems to me that the idea of analysts ‘connecting the dots’ as the essential work of intelligence units and fusion centers around the country.  If that’s not, in fact, what disrupts terrorist attacks then maybe we’ve been barking up the wrong tree for the past ten years.

So, am I saying that analysts are useless or irrelevant to homeland security?

No.  Just that we might be expecting something from them they are unlikely to be able to deliver AND that they may be better used at other tasks.  This line of thought deserves its own post and so I’ll leave it here but keep it in mind as we move on.

Very common among the general population (and even among the law enforcement/homeland security community) is the notion that terrorism = al-Qaida (or at least Muslims).  That simply gets blown out of the water by both papers.

Although AQAM [al-Qaida and allied movements – TwShiloh] and AQAM-inspired plots were responsible for a plurality of attacks in our study…white supremacist and militia/anti-government groups were also responsible for a significant number of attacks. [IHSS]

Even though the Dahl piece used a significantly different dataset he found a significant number of right wing/anti-government plots as well, making a focus primarily on al-Qaida unwise.

One of the interesting things I found in both studies was the parameters they used in determining what sort of events they’d include.  In both cases, violence against persons was one of the key factors.  The IHSS report addressed this directly:

During our initial search for incidents, we uncovered a significant number of small-scale attacks against property, almost all of which were conducted by animal rights and environmental groups…

For several reasons such attacks were discarded.  Likewise, in the Dahl piece, such attacks seem to be discarded for both practical reasons (no one really tracks foiled, small scale events like vandalism or graffiti) and, I suspect, theoretical ones (can keying an SUV at a car dealership really be lumped together with a bombing campaign?).

That raises the question of whether the term ‘terrorism’ is really adequate to our needs today.  Can it contain an al-Qaida and a person writing ‘meat is murder’ on the bathroom mirror of a McDonalds?  If it can, is the term so broad that it has lost its usefulness?  And does it say anything when those studying terrorism routinely discard a subset of activity that legally fits within its definition?

Again…questions to be addressed later.

Another interesting tidbit:

…the vast majority of attacks were by single actors and small groups…”lone wolves” have also been more successful in executing attacks…compared to…small and large groups. [IHSS]

It’s difficult to assess this statement fully since the IHSS report made the judgement (erroneous, in my opinion) of considering ALF as a ‘large group’ similar to al-Qaida.  I think there simply isn’t much evidence to support such a claim and I’d be interested to see the results if ALF attacks were considered ‘lone wolf’ or ‘small group’ attacks.

Another important point in the IHSS report (which seems to be buried) is that more than half of the terrorist attacks that were successfully executed had NO initial clues reported.  That means that even if everything works right, we can still expect attacks to get through.

So, the idea of ‘zero tolerance’ is not worth pursuing and we should be getting the population used to that idea.

Both are worth checking out and raise a host of interesting questions.

Advertisements