December 7, 2015
TSG IntelBrief: Recalibrating the Terror Threat Radar
The December 2, 2015 terrorist attack in San Bernardino, California, in which Syed Rizwan Farook and Tashfeen Malik murdered 14 people and wounded 21 others, is a counterterrorism (CT) nightmare. The married couple was able to radicalize, prepare, and execute the worst terrorist attack in the United States since September 11, 2001, without detection or disruption. While much more will be uncovered in the investigation, the personal clues that emerge will likely only have been visible through hindsight. Current CT efforts collect massive amounts of data, but are not always able to promptly analyze and assess that data, let alone predict action. The couple appears to have stayed under the threshold of detection—the terror threat radar—that the United States and other countries have created to address network-based international threats. In his December 6 Oval Office address, U.S. President Barack Obama talked about the full-spectrum fight against extremism, with little new offered in terms of the approach, given that there are few new tools to fight such small-scale cells.
In the last 18 months, the FBI has arrested 66 people on various charges related to the so-called Islamic State. Many of these people have come to the FBI’s attention via social media; suspects are radicalizing in real-time and in plain view in cyberspace. While much has been made of the negative impact of extremist use of social media, the upside for law enforcement and intelligence services has been an invaluable roadmap of radicalization; suspects boast of their intentions long before they act upon them. As more violent extremists avoid the pitfalls of celebrating terrorism on social media before conducting acts of terror, the task of law enforcement will grow more difficult as the threats grow more numerous. In hindsight, the last few years of open social media extremism will seem a golden age of disruption.
The most worrisome aspect of the two-fold terror threat of 9/11-scale aspirations and Paris-style executions is that current and near-term CT capabilities can only address the large-scale network-based attacks. The CT gaps revealed in the San Bernardino attack will produce voluminous calls for remedy, only some of which are practical. The attack was likely the result of a two-person cell that, absent traceable communications with known networks, is almost impossible to detect. That the couple was married makes detection of the plot before execution even more difficult. Monitoring financial wire transfers and international communications will remain crucial tools of the modern CT approach, but inspired terrorists will avoid CT radar detection by flying low and silent before popping up to kill.
Calls for more data collection without sufficient analysis will only produce more accurate investigations, in hindsight of attacks. There is no computer program that can detect and predict violent radicalization at the granular level of two individuals. For relatively small-scale attacks that result in large-scale responses—the 'New Terror Spectacular'—the ability to deter and detect is exactly the same as it is for any crime; the odds are in the criminals' favor if they keep quiet and act quickly.
This is the true threat of groups such as the Islamic State, and the ideology of bin Ladinism that drives them. Driving the Islamic State out of its strongholds in Syria and Iraq is vital to diminishing the group, as it will puncture its appeal as an inevitable and unconquerable foe. Yet its narrative of hatred and violence will continue to resonate with disaffected and maladjusted people across the globe. Demonstrably toppling the so-called caliphate is a required step in the fight against the Islamic State, but the battles are now taking place in Paris and in San Bernardino. As impossible as it is to eradicate violent crime, it is impossible to eradicate terrorism, especially attacks planned under-the-radar. There are lessons to be learned from the San Bernardino attack, and one of them might be that there will be more such attacks in the future, despite our best efforts.
For tailored research and analysis, please contact: firstname.lastname@example.org