“Top Secret” Homeland Security by The Washington Post

A comprehensive investigative report by Washington Post reporters Dana Priest and William M. Arkin on U.S Homeland Security is worth reviewing by investigative and security professionals.

Below are some of the findings of a two-year investigation by The Washington Post that discovered “what amounts to an alternative geography of the United States, a Top Secret America hidden from public view and lacking in thorough oversight. After nine years of unprecedented spending and growth, the result is that the system put in place to keep the United States safe is so massive that its effectiveness is impossible to determine.” The investigation's other findings include:

 

-  Some 1,271 government organizations and 1,931 private companies work on programs related to counterterrorism, homeland security and intelligence in about 10,000 locations across the United States.

- An estimated 854,000 people, nearly 1.5 times as many people as live in Washington, D.C., hold top-secret security clearances.

-  In Washington and the surrounding area, 33 building complexes for top-secret intelligence work are under construction or have been built since September 2001. Together they occupy the equivalent of almost three Pentagons or 22 U.S. Capitol buildings - about 17 million squa* Many security and intelligence agencies do the same work, creating redundancy and waste. For example, 51 federal organizations and military commands, operating in 15 U.S. cities, track the flow of money to and from terrorist networks.

- Analysts who make sense of documents and conversations obtained by foreign and domestic spying share their judgment by publishing 50,000 intelligence reports each year - a volume so large that many are routinely ignored.

- These are not academic issues; lack of focus, not lack of resources, was at the heart of the Fort Hood shooting that left 13 dead, as well as the Christmas Day bomb attempt thwarted not by the thousands of analysts employed to find lone terrorists but by an alert airline passenger who saw smoke coming from his seatmate.

- They are also issues that greatly concern some of the people in charge of the nation's security.

For more information, visit:http://link.email.washingtonpost.com/r/HXJVEI/1B1KU/4ZCZDZ/0X7XP9/9QUWL/4O/t

A Primer on Situational Awareness

Scott Stewart – Stratfor Global Intelligence – June 10, 2010

The world is a wonderful place, but it can also be a dangerous one. In almost every corner of the globe militants of some political persuasion are plotting terror attacks undefined and these attacks can happen in London or New York, not just in Peshawar or Baghdad. Meanwhile, criminals operate wherever there are people, seeking to steal, rape, kidnap or kill.

Regardless of the threat, it is very important to recognize that criminal and terrorist attacks do not materialize out of thin air. In fact, quite the opposite is true. Criminals and terrorists follow a process when planning their actions, and this process has several distinct steps. This process has traditionally been referred to as the “terrorist attack cycle,” but if one looks at the issue thoughtfully, it becomes apparent that the same steps apply to nearly all crimes. Of course, there will be more time between steps in a complex crime like a kidnapping or car bombing than there will be between steps in a simple crime such as purse-snatching or shoplifting, where the steps can be completed quite rapidly. Nevertheless, the same steps are usually followed.

People who practice situational awareness can often spot this planning process as it unfolds and then take appropriate steps to avoid the dangerous situation or prevent it from happening altogether. Because of this, situational awareness is one of the key building blocks of effective personal security undefined and when exercised by large numbers of people, it can also be an important facet of national security. Since situational awareness is so important, and because we discuss situational awareness so frequently in our analyses, we thought it would be helpful to discuss the subject in detail and provide a primer that can be used by people in all sorts of situations.

Foundations

First and foremost, it needs to be noted that being aware of one’s surroundings and identifying potential threats and dangerous situations is more of a mindset than a hard skill. Because of this, situational awareness is not something that can be practiced only by highly trained government agents or specialized corporate security countersurveillance teams. Indeed, it can be exercised by anyone with the will and the discipline to do so.

An important element of the proper mindset is to first recognize that threats exist. Ignorance or denial of a threat undefined or completely tuning out one’s surroundings while in a public place undefined makes a person’s chances of quickly recognizing the threat and avoiding it slim to none. This is why apathy, denial and complacency can be (and often are) deadly. A second important element is understanding the need to take responsibility for one’s own security. The resources of any government are finite and the authorities simply cannot be everywhere and cannot stop every criminal action. The same principle applies to private security at businesses or other institutions, like places of worship. Therefore, people need to look out for themselves and their neighbors.

Another important facet of this mindset is learning to trust your “gut” or intuition. Many times a person’s subconscious can notice subtle signs of danger that the conscious mind has difficulty quantifying or articulating. Many people who are victimized frequently experience such feelings of danger prior to an incident, but choose to ignore them. Even a potentially threatening person not making an immediate move undefined or even if the person wanders off quickly after a moment of eye contact undefined does not mean there was no threat.

Levels of Awareness

People typically operate on five distinct levels of awareness. There are many ways to describe these levels (“Cooper’s colors,” for example, which is a system frequently used in law enforcement and military training), but perhaps the most effective way to illustrate the differences between the levels is to compare them to the different degrees of attention we practice while driving. For our purposes here we will refer to the five levels as “tuned out;” “relaxed awareness;” “focused awareness;” “high alert” and “comatose.”

The first level, tuned out, is like when you are driving in a very familiar environment or are engrossed in thought, a daydream, a song on the radio or even by the kids fighting in the backseat. Increasingly, cell phone calls and texting are also causing people to tune out while they drive. Have you ever gotten into the car and arrived somewhere without even really thinking about your drive there? If so, then you’ve experienced being tuned out.

The second level of awareness, relaxed awareness, is like defensive driving. This is a state in which you are relaxed but you are also watching the other cars on the road and are looking well ahead for potential road hazards. If another driver looks like he may not stop at the intersection ahead, you tap your brakes to slow your car in case he does not. Defensive driving does not make you weary, and you can drive this way for a long time if you have the discipline to keep yourself at this level, but it is very easy to slip into tuned-out mode. If you are practicing defensive driving you can still enjoy the trip, look at the scenery and listen to the radio, but you cannot allow yourself to get so engrossed in those distractions that they exclude everything else. You are relaxed and enjoying your drive, but you are still watching for road hazards, maintaining a safe following distance and keeping an eye on the behavior of the drivers around you.

The next level of awareness, focused awareness, is like driving in hazardous road conditions. You need to practice this level of awareness when you are driving on icy or slushy roads undefined or the roads infested with potholes and erratic drivers that exist in many third-world countries. When you are driving in such an environment, you need to keep two hands on the wheel at all times and have your attention totally focused on the road and the other drivers. You don’t dare take your eyes off the road or let your attention wander. There is no time for cell phone calls or other distractions. The level of concentration required for this type of driving makes it extremely tiring and stressful. A drive that you normally would not think twice about will totally exhaust you under these conditions because it demands your prolonged and total concentration.

The fourth level of awareness is high alert. This is the level that induces an adrenaline rush, a prayer and a gasp for air all at the same time undefined “Watch out! There’s a deer in the road! Hit the brakes!” This also happens when that car you are watching doesn’t stop at the stop sign and pulls out right in front of you. High alert can be scary, but at this level you are still able to function. You can hit your brakes and keep your car under control. In fact, the adrenalin rush you get at this stage can sometimes even aid your reflexes. But, the human body can tolerate only short periods of high alert before becoming physically and mentally exhausted.

The last level of awareness, comatose, is what happens when you literally freeze at the wheel and cannot respond to stimuli, either because you have fallen asleep, or, at the other end of the spectrum, because you are petrified from panic. It is this panic-induced paralysis that concerns us most in relation to situational awareness. The comatose level of awareness (or perhaps more accurately, lack of awareness) is where you go into shock, your brain ceases to process information and you simply cannot react to the reality of the situation. Many times when this happens, a person can go into denial, believing that “this can’t be happening to me,” or the person can feel as though he or she is observing, rather than actually participating in, the event. Often, the passage of time will seem to grind to a halt. Crime victims frequently report experiencing this sensation and being unable to act during an unfolding crime.

Finding the Right Level

Now that we’ve discussed the different levels of awareness, let’s focus on identifying what level is ideal at a given time. The body and mind both require rest, so we have to spend several hours each day at the comatose level while asleep. When we are sitting at our homes watching a movie or reading a book, it is perfectly fine to operate in the tuned-out mode. However, some people will attempt to maintain the tuned-out mode in decidedly inappropriate environments (e.g., when they are out on the street at night in a third-world barrio), or they will maintain a mindset wherein they deny that they can be victimized by criminals. “That couldn’t happen to me, so there’s no need to watch for it.” They are tuned out.

Some people are so tuned out as they go through life that they miss even blatant signs of pending criminal activity directed specifically at them. In 1992, an American executive living in the Philippines was kidnapped by a Marxist kidnapping gang in Manila known as the “Red Scorpion Group.” When the man was debriefed following his rescue, he described in detail how the kidnappers had blocked off his car in traffic and abducted him. Then, to the surprise of the debriefing team, he said that on the day before he was abducted, the same group of guys had attempted to kidnap him at the exact same location, at the very same time of day and driving the same vehicle. The attackers had failed to adequately box his car in, however, and his driver was able to pull around the blocking vehicle and proceed to the office.

Since the executive did not consider himself to be a kidnapping target, he had just assumed that the incident the day before his abduction was “just another close call in crazy Manila traffic.” The executive and his driver had both been tuned out. Unfortunately, the executive paid for this lack of situational awareness by having to withstand an extremely traumatic kidnapping, which included almost being killed in the dramatic Philippine National Police operation that rescued him.

If you are tuned out while you are driving and something happens undefined say, a child runs out into the road or a car stops quickly in front of you undefined you will not see the problem coming. This usually means that you either do not see the hazard in time to avoid it and you hit it, or you totally panic and cannot react to it undefined neither is good. These reactions (or lack of reaction) occur because it is very difficult to change mental states quickly, especially when the adjustment requires moving several steps, say, from tuned out to high alert. It is like trying to shift your car directly from first gear into fifth and it shudders and stalls. Many times, when people are forced to make this mental jump and they panic (and stall), they go into shock and will actually freeze and be unable to take any action undefined they go comatose. This happens not only when driving but also when a criminal catches someone totally unaware and unprepared. While training does help people move up and down the alertness continuum, it is difficult for even highly trained individuals to transition from tuned out to high alert. This is why police officers, federal agents and military personnel receive so much training on situational awareness.

It is critical to stress here that situational awareness does not mean being paranoid or obsessively concerned about your security. It does not mean living with the irrational expectation that there is a dangerous criminal lurking behind every bush. In fact, people simply cannot operate in a state of focused awareness for extended periods, and high alert can be maintained only for very brief periods before exhaustion sets in. The “flight or fight” response can be very helpful if it can be controlled. When it gets out of control, however, a constant stream of adrenaline and stress is simply not healthy for the body or the mind. When people are constantly paranoid, they become mentally and physically burned out. Not only is this dangerous to physical and mental health, but security also suffers because it is very hard to be aware of your surroundings when you are a complete basket case. Therefore, operating constantly in a state of high alert is not the answer, nor is operating for prolonged periods in a state of focused alert, which can also be overly demanding and completely enervating. This is the process that results in alert fatigue. The human body was simply not designed to operate under constant stress. People (even highly skilled operators) require time to rest and recover.

Because of this, the basic level of situational awareness that should be practiced most of the time is relaxed awareness, a state of mind that can be maintained indefinitely without all the stress and fatigue associated with focused awareness or high alert. Relaxed awareness is not tiring, and it allows you to enjoy life while rewarding you with an effective level of personal security. When you are in an area where there is potential danger (which, by definition, is almost anywhere), you should go through most of your day in a state of relaxed awareness. Then if you spot something out of the ordinary that could be a potential threat, you can “dial yourself up” to a state of focused awareness and take a careful look at that potential threat (and also look for others in the area).

If the potential threat proves innocuous, or is simply a false alarm, you can dial yourself back down into relaxed awareness and continue on your merry way. If, on the other hand, you look and determine that the potential threat is a probable threat, seeing it in advance allows you to take actions to avoid it. You may never need to elevate to high alert, since you have avoided the problem at an early stage. However, once you are in a state of focused awareness you are far better prepared to handle the jump to high alert if the threat does change from potential to actual undefined if the three guys lurking on the corner do start coming toward you and look as if they are reaching for weapons. The chances of you going comatose are far less if you jump from focused awareness to high alert than if you are caught by surprise and “forced” to go into high alert from tuned out. An illustration of this would be the difference between a car making a sudden stop in front of a person when the driver is practicing defensive driving, compared to a car that makes a sudden stop in front of person when the driver is sending a text message.

Of course, if you know that you must go into an area that is very dangerous, you should dial yourself up to focused awareness when you are in that area. For example, if there is a specific section of highway where a lot of improvised explosive devices detonate and ambushes occur, or if there is a part of a city that is controlled (and patrolled) by criminal gangs undefined and you cannot avoid these danger areas for whatever reason undefined it would be prudent to heighten your level of awareness when you are in those areas. An increased level of awareness is also prudent when engaging in common or everyday tasks, such as visiting an ATM or walking to the car in a dark parking lot. The seemingly trivial nature of these common tasks can make it all too easy to go on “autopilot” and thus expose yourself to threats. When the time of potential danger has passed, you can then go back to a state of relaxed awareness.

This process also demonstrates the importance of being familiar with your environment and the dangers that are present there. Such awareness allows you to avoid many threats and to be on the alert when you must venture into a dangerous area.

Clearly, few of us are living in the type of intense threat environment currently found in places like Mogadishu, Juarez or Kandahar. Nonetheless, average citizens all over the world face many different kinds of threats on a daily basis undefined from common thieves and assailants to criminals and mentally disturbed individuals aiming to conduct violent acts to militants wanting to carry out large-scale attacks against subways and aircraft.

Many of the steps required to conduct these attacks must be accomplished in a manner that makes the actions visible to the potential victim and outside observers. It is at these junctures that people practicing situational awareness can detect these attack steps, avoid the danger and alert the authorities. When people practice situational awareness they not only can keep themselves safer but they can also help keep others safe. And when groups of people practice situational awareness together they can help keep their schools, houses of worship, workplaces and cities safe from danger.

And as we’ve discussed many times before, as the terrorist threat continues to devolve into one almost as diffuse as the criminal threat, ordinary citizens are also becoming an increasingly important national security resource.

ISPLA gratefully acknowledges this report is republished with the permission of STRATFOR. www.stratfor.com

Security Legislation News – New York

From: Bruce Hulme, ISPLA Director of Government Affairs

To: Contract Security Industry and Stakeholders

 

We have been advised that the legislation offered below is at the request of SEIU, 32 BJ. Note provisions concerning NYS contracts for security services over $500K; OJT provisions increased to 40 hours within 90 days following employment; which shall cover observation, detection and reporting skills, coordination with local police, fire and emergency services skills, in working with advanced security technology including surveillance and access control procedures, and at least 3 hours of training devoted to terrorism awareness. The entity employing the security guard shall compensate security guard for all hours while in attendance at his or her regular hourly wage or, if applicable, overtime rate. Violation of provisions may result in revocation or suspension of license or fine not exceeding $10,000 per violation or occurrence, or reprimand or denial of license renewal.

ISPLA is a singularly focused voice protecting our profession by proactively working with members of state and federal legislators, regulators, and other governmental agencies.  Its dues are used for the administration of its political action committee with the specific purpose of lobbying on legislative and regulatory issues – nothing else. Fighting ill-conceived legislation and regulation is our only mission! We invite you to join us. Go to: www.ISPLA.org

April 9, 2010

* * *

A10554 Text:

                           S T A T E   O F   N E W   Y O R K

       ________________________________________________________________________

                                        10554

                                 I N  A S S E M B L Y

                                     April 7, 2010

                                      ___________

       Introduced by M. of A. LENTOL -- read once and referred to the Committee on Economic Development, Job Creation, Commerce and Industry

       AN  ACT  to amend the state finance law and the general business law, in relation to the purchase of security services

         THE PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND  ASSEMBLY, DO ENACT AS FOLLOWS:

    1    Section 1. Section 165 of the state finance law is amended by adding a

    2  new subdivision 9 to read as follows:

    3    9. SPECIAL PROVISIONS REGARDING THE PURCHASING OF SECURITY SERVICES.

    4    A. WHENEVER THE STATE OR ANY GOVERNMENTAL AGENCY OR POLITICAL SUBDIVI-

    5  SION  OR  PUBLIC BENEFIT CORPORATION OF THE STATE ENTERS INTO A CONTRACT

    6  IN EXCESS OF FIVE HUNDRED THOUSAND DOLLARS TO PURCHASE SECURITY SERVICES

    7  FROM ANY PRIVATE INVESTIGATOR, OR WATCH,  GUARD  OR  PATROL  AGENCY,  OR

    8  SECURITY  GUARD  COMPANY,  THE  CONTRACT  SHALL  PROVIDE THAT THE ENTITY

    9  PROVIDING THE SECURITY SERVICES SHALL ENSURE THAT  EACH  SECURITY  GUARD

   10  WHO  PERFORMS  SERVICES  UNDER THE CONTRACT COMPLETES A TRAINING PROGRAM

   11  CERTIFIED BY THE DEPARTMENT OF HOMELAND SECURITY PURSUANT  TO  PARAGRAPH

   12  (R)  OF  SUBDIVISION  TWO OF SECTION SEVEN HUNDRED NINE OF THE EXECUTIVE

   13  LAW WITHIN NINETY WORKING  DAYS  FOLLOWING  EMPLOYMENT,  AND  THAT  SUCH

   14  TRAINING SHALL BE PROVIDED AT NO COST TO THE SECURITY GUARDS.

   15    B. EXCEPT IN THE CASE OF CONTRACTS IN THE AMOUNT OF FIVE HUNDRED THOU-

   16  SAND DOLLARS OR LESS, EVERY BID, PROPOSAL, OR OTHER RESPONSE TO A SOLIC-

   17  ITATION  FOR BID OR PROPOSAL FOR SECURITY SERVICES TO BE PROVIDED TO THE

   18  STATE OR ANY GOVERNMENTAL AGENCY  OR  POLITICAL  SUBDIVISION  OR  PUBLIC

   19  BENEFIT  CORPORATION  OF THE STATE SHALL BE DEEMED NON-RESPONSIVE UNLESS

   20  THE PERSON OR ENTITY SUBMITTING THE BID  ESTABLISHES  THAT  IT  HAS  THE

   21  CAPACITY  TO  PROVIDE  THE  NECESSARY  TRAINING TO EACH SECURITY OFFICER

   22  PERFORMING SERVICES UNDER THE CONTRACT.

   23    C. WHENEVER THE STATE OR ANY GOVERNMENTAL AGENCY OR POLITICAL SUBDIVI-

   24  SION OR PUBLIC BENEFIT CORPORATION OF THE STATE ENTERS INTO  A  CONTRACT

   25  IN EXCESS OF FIVE HUNDRED THOUSAND DOLLARS TO PURCHASE SECURITY SERVICES

   26  FROM  ANY  PRIVATE  INVESTIGATOR,  OR  WATCH, GUARD OR PATROL AGENCY, OR

   27  SECURITY GUARD COMPANY, THE  CONTRACT  SHALL  PROVIDE  THAT  THE  ENTITY

   28  PROVIDING  THE  SECURITY  SERVICES  SHALL  FURNISH  A  PERFORMANCE  BOND

        EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets

                             [ ] is old law to be omitted.

                                                                  LBD16779-02-0

       A. 10554                            2

    1  EXECUTED BY A SURETY AUTHORIZED TO DO BUSINESS  IN  THE  STATE,  OR  THE

    2  EQUIVALENT  IN CASH. THE PERFORMANCE BOND SHALL BE IN AN AMOUNT ADEQUATE

    3  TO ENSURE THE PROTECTION OF THE GOVERNMENT, BUT SHALL BE  NO  LESS  THAN

    4  FIFTY PERCENT OF THE AMOUNT PAYABLE UNDER THE CONTRACT.

    5    S  2.  The  opening  paragraph  of  subdivision 1 of section 79 of the

    6  general business law, as amended by chapter 336 of the laws of 1992,  is

    7  amended to read as follows:

    8    The  department of state shall have the power to revoke or suspend any

    9  license, or in lieu thereof to impose a fine  not  exceeding  [one]  TEN

   10  thousand  dollars  PER VIOLATION OR OCCURRENCE payable to the department

   11  of state, or reprimand any licensee or deny an application for a license

   12  or renewal thereof upon proof:

   13    S 3. Paragraph b of subdivision 1 of section 89-n of the general busi-

   14  ness law, as amended by chapter 634 of the laws of 1994, is  amended  to

   15  read as follows:

   16    b. an on-the-job training course to be completed within ninety working

   17  days following employment, consisting of a minimum of [sixteen hours and

   18  a  maximum  of]  forty  hours,  [as determined by the council, generally

   19  relating to the security guard's specific duties, the nature of the work

   20  place and the requirements of the security guard  company]  WHICH  SHALL

   21  COVER  OBSERVATION,  DETECTION  AND  REPORTING SKILLS; COORDINATION WITH

   22  LOCAL POLICE, FIRE  AND  EMERGENCY  SERVICES  SKILLS;  IN  WORKING  WITH

   23  ADVANCED  SECURITY  TECHNOLOGY INCLUDING SURVEILLANCE AND ACCESS CONTROL

   24  PROCEDURES; AND AT LEAST THREE HOURS OF TRAINING  DEVOTED  TO  TERRORISM

   25  AWARENESS.  THE ENTITY EMPLOYING THE SECURITY GUARD SHALL COMPENSATE THE

   26  SECURITY GUARD FOR ALL HOURS OF ATTENDANCE AT THE TRAINING COURSE AT  NO

   27  LESS  THAN  THE  SECURITY  GUARD'S  REGULAR HOURLY WAGE, OR THE OVERTIME

   28  RATE, IF APPLICABLE;

   29    S 4. This act shall take effect immediately.

Widespread Data Breaches Uncovered by FTC Probe

FTC Warns of Improper Release of Sensitive Consumer Data on P2P File-Sharing Networks

Feb. 23, 2010 – The Washington Post reports security experts say the Federal Trade Commission’s investigation is the broadest of its kind by the agency and comes amid recent outrage over missteps by Google on how it handled users' data in its recent launch of a new social-networking application, Buzz. Facebook faced similar criticism in December when changes to its privacy policy caused confusion among users and left some of their information more widely available to the public.

Concerns about Internet privacy also have intensified as broadband and other technologies become more widespread. Consumer advocates, for example, are leery of advertisers using global-positioning satellite technology to track cell phone users. Law enforcement officials routinely ask companies with cloud computing applications, such as Microsoft and Yahoo, for information about users, yet there are no clear rules dictating how federal regulators should address those and other issues.

"Everything is coming to a head here and the FTC is acting effectively and prudently in trying to grapple with this very fast moving marketplace," said Jeffrey Chester, executive director of the Center for Digital Democracy.

The FTC has notified almost 100 organizations (some with only 8 employees) that personal information, including sensitive data about customers and/or employees, has been shared from the organizations’ computer networks and is available on peer-to-peer (P2P) file-sharing networks to any users of those networks, who could use it to commit identity theft or fraud. The agency also has opened non-public investigations of other companies whose customer or employee information has been exposed on P2P networks. To help businesses manage the security risks presented by file-sharing software, the FTC is releasing new education materials that present the risks and recommend ways to manage them.

Peer-to-peer technology can be used in many ways, such as to play games, make online telephone calls, and, through P2P file-sharing software, share music, video, and documents. But when P2P file-sharing software is not configured properly, files not intended for sharing may be accessible to anyone on the P2P network.

“Unfortunately, companies and institutions of all sizes are vulnerable to serious P2P-related breaches, placing consumers’ sensitive information at risk. For example, we found health-related information, financial records, and drivers’ license and social security numbers--the kind of information that could lead to identity theft,” said FTC Chairman Jon Leibowitz. “Companies should take a hard look at their systems to ensure that there are no unauthorized P2P file-sharing programs and that authorized programs are properly configured and secure. Just as important, companies that distribute P2P programs, for their part, should ensure that their software design does not contribute to inadvertent file sharing.”

As the nation’s consumer protection agency, the FTC enforces laws that require companies in various industries to take reasonable and appropriate security measures to protect sensitive personal information, including the Gramm-Leach-Bliley Act and Section 5 of the FTC Act. Failure to prevent such information from being shared to a P2P network may violate such laws. Information about the FTC’s privacy and data security enforcement actions can be found at www.ftc.gov/privacy/privacyinitiatives/ promises_enf.html.

The notices went to both private and public entities, including schools and local governments, and the entities contacted ranged in size from businesses with as few as eight employees to publicly held corporations employing tens of thousands. In the notification letters, the FTC urged the entities to review their security practices and, if appropriate, the practices of contractors and vendors, to ensure that they are reasonable, appropriate, and in compliance with the law. The letters state, “It is your responsibility to protect such information from unauthorized access, including taking steps to control the use of P2P software on your own networks and those of your service providers.”

The FTC also recommended that the entities identify affected customers and employees and consider whether to notify them that their information is available on P2P networks. Many states and federal regulatory agencies have laws or guidelines about businesses’ notification responsibilities in these circumstances.

Samples of the notification letters can be found at: http://www.ftc.gov/os/2010/02/100222sampleletter-a.pdf, http://www.ftc.gov/os/2010/02/100222sampleletter-b.pdf, http://www.ftc.gov/os/2010/02/100222sampleletter-c.pdf.

The fact that a company received a letter does not mean that the company necessarily violated any law enforced by the Commission. Letters went to companies under FTC jurisdiction, as well as entities such as banks and public agencies over which the agency does not have jurisdiction.

Assisting the FTC were the Department of Health and Human Services, the Securities and Exchange Commission, the Federal Reserve Board, the Federal Deposit Insurance Corporation, the Office of Thrift Supervision, and the Office of Comptroller of the Currency.

The new business education brochure – titled Peer-to-Peer File Sharing: A Guide for Business – is designed to assist businesses and others as they consider whether to allow file-sharing technologies on their networks, and explain how to safeguard sensitive information on their systems, and other security recommendations. This information is available at www.ftc.gov/bcp/edu/pubs/business/idtheft/bus46.shtm. Tips for consumers about computer security and P2P can be found at www.onguardonline.gov/topics/p2p-security.aspx.

ISPLA has been closely following a number of security breach bills in the House and Senate, along with monitoring the activities of the FTC.

Anti-Money Laundering: Senate Investigations Subcommittee Holds Hearing on Keeping Foreign Corruption Out of the United States: Four Case Histories

ISPLA, as part of its mission to keep our profession informed, is providing the information below for your evaluation and review.

Corrupt foreign officials and their relatives have used gaps in U.S. law and the assistance of U.S. professionals to funnel millions of dollars in illicit money into the United States, an investigation by the Senate’s Permanent Subcommittee on Investigations has found.

“For the United States, which has so much riding on global stability, corruption is a direct threat to our national interest,” said Sen. Carl Levin, [D-MI] subcommittee chairman.  “That’s why the United States is engaged in a relentless, worldwide battle to stop the flow of illegal money into and within places like Iraq and Afghanistan.  Laundered money is used to train and provide support for terrorists and terrorism.  If we want to credibly lead efforts to stop illegal money abroad, we’ve got to stop it here at home as well.”

A 330-page bipartisan report released by Levin and subcommittee ranking member Sen. Tom Coburn, [R-OK], for the hearing shows that politically powerful foreign officials, and those close to them, have found ways to use the U.S. financial system to protect and enhance their ill-gotten gains.  The report exposes how those powerful individuals – known internationally as “politically exposed persons” or PEPs – have used the services of U.S. lawyers, lobbyists, real estate and escrow agents, and other professionals who currently have no obligation under U.S. regulations to establish anti-money laundering (“AML”) programs, know their customers, or evaluate the source of funds transferred into the United States.  Banks, in contrast, are subject to AML obligations and for the most part have honored them.  But glaring gaps have undermined the overall effectiveness of U.S. AML laws.

Four Case Histories.  The report presents four case histories, each with multiple stories exposing the tactics being used by PEPs to use our financial system to protect and enhance their illicit funds.  They include the following:

·       $110 Million.  Teodoro Obiang, the 40-year old son of the President of Equatorial Guinea, is currently under investigation by the Justice Department for corruption and other misconduct.  Between 2004 and 2008, Mr. Obiang used U.S. lawyers, bankers, and real estate and escrow agents to move more than $110 million in suspect funds through U.S. bank accounts, including $30 million to purchase a residence in Malibu and $38.5 million to purchase an aircraft.   

·       Third Party Accounts.  Mr. Obiang used shell company, attorney-client, and law office accounts controlled by his attorneys to bring suspect funds into the United States and conduct transactions through U.S. banks without their knowing of his activity, including at banks that had made it clear they did not want his business.

·       Lost Escrow Business.  An escrow agent who refused to complete the purchase of a $38.5 million Gulfstream jet without information on the source of the funds being supplied by Mr. Obiang, lost out to a competitor willing to complete the transaction with no questions asked.

·       $18 Million Through Lobbyist Account.  Omar Bongo, President of Gabon for 41 years until his death last year, and his eldest son, Ali Bongo, Minister of Defense until he took his father’s place as President of the country, amassed substantial wealth while in office, amid the extreme poverty of its citizens.  In 2006, $18 million in funds from Gabon were wired to the U.S. corporate bank accounts of a U.S. lobbyist who then distributed the funds within the United States and across the globe as directed by President Bongo in connection with two projects to support his regime, buying U.S.-made armored cars and C-130 military cargo planes.  Among the funds the lobbyist distributed was $9.2 million which he wire transferred to an account for President Omar Bongo – not in Gabon – but in the country of Malta.

·       $1 Million Shrink Wrapped.  In 2007, President Omar Bongo brought $1 million in shrink-wrapped $100 bills into the United States under cover of diplomatic immunity without declaring the cash to U.S. authorities as required by law.  His daughter, who told her bank that she was an unemployed student, deposited the cash in a U.S. safe deposit box and later into her bank account.

·       U.S. Trust Accounts.  President Ali Bongo’s wife formed a U.S. trust under her maiden name, and used the trust to open U.S. bank and securities accounts in California.

·       Offshore Wire Transfers.  Jennifer Douglas, a U.S. citizen and the fourth wife of Atiku Abubakar, former Vice President and former presidential candidate in Nigeria, helped her husband bring more than $40 million in suspect funds into the United States from 2000 to 2008, through wire transfers from offshore corporations.  The Securities and Exchange Commission has alleged in a 2008 civil complaint that Ms. Douglas received $2.8 million in bribe payments from a German conglomerate, Siemens AG, which has acknowledged making the payments.

·       Arms Dealer.  Pierre Falcone, a notorious Angolan arms dealer with a history of run-ins with the law and who is currently serving a 6-year prison sentence, had open access to more than 30 U.S. bank accounts in Arizona for 18 years.

·       Central Banker.  Aguinaldo Jaime, former head of the Central Bank of Angola, tried twice to transfer $50 million in Angolan government funds to a private account in the United States, only to have the transfers reversed by U.S. financial institutions who became suspicious.  The corruption concerns raised by his actions caused Citibank to close all accounts for Angolan government agencies and to close down its office in Angola.

·       Private Angolan Bank.  Banco Africano Investimentos (“BAI”), a $7 billion private Angolan bank which caters to PEPs, gained access to the U.S. financial system through HSBC in New York, despite troubling information about its ownership and failure to provide a copy of its anti-money laundering policies and procedures.

Recommendations.  To combat the abuses, the report makes several recommendations, including:

• World Bank PEP Controls.  Implementing stronger controls on PEP accounts as laid out in a recent World Bank report, including by requiring banks to use reliable databases to screen clients for PEPs, requiring beneficial ownership forms for bank accounts so hidden PEPs are exposed, and conducting annual reviews of PEP accounts to detect suspicious activity.
• Beneficial Owners.  Requiring U.S. corporations to identify their beneficial owners, in order to thwart the use of shell companies with hidden PEP owners.
• Ending Exemptions.  Ending the exemptions Treasury granted in 2002 to the Patriot Act’s anti-money laundering requirements, so that real estate and escrow agents will have to know their customers, evaluate the source of their funds, and turn away suspect clients.  Also requiring Treasury to instruct banks to subject attorney-client and law office accounts to greater oversight and stop their use to shield PEPs from scrutiny.
• Immigration and Visa Criteria.  Toughening immigration and visa rules to make foreign corruption a legal basis for barring entry into the United States and for removing PEPs already here.  Increasing law enforcement support for Presidential Proclamation 7750 to identify corrupt foreign officials who should be barred from the United States.
• Stronger FATF Recommendations.  Encouraging U.S. professional organizations to issue anti-money laundering and anti-corruption guidance to their members.

“Stopping the flow of illegal money is critical, because foreign corruption damages civil society, undermines the rule of law, and threatens our security,” said Levin. 

ISPLA is continually reviewing proposed legislation, government reports, media releases, and hearing testimony in its ongoing government affairs program on behalf of investigative and security professionals.

Bruce Hulme, ISPLA Director of Government Affairs

- Providing Timely Important Information to Investigative and Security Professionals -

STATEMENT BY RICHARD HOROWITZ

Seminar on Human Rights and Terrorism co-sponsored by the Council of Europe, the Spanish Ministry of Foreign Affairs, the Club of Madrid, and the Valsaín Foundation - Malaga, Spain, October 8, 2009

Let me begin by saying that we all want the same thing, which is to save lives without departing from our values in the process.  As the opening speaker of the second session though I paid close attention to the deliberations of the first session and recognized that no one mentioned terrorism.

The topic of our seminar is not human rights; it is human rights and terrorism, and since no one spoke about the terrorism this morning I’ll compensate for that.  After all, the name of this session is “Current Counter-Terrorist Framework at the National and International Level.”  How can we discuss a counter-terrorist framework if we do not talk about the terrorist threat we face?

As such, I wish to make the following points.

First, I disagree with the name of this morning’s session: “Human Rights at the Core of Counter-Terrorism.”  It is not.  At the core of counter-terrorism is keeping people alive and safe; human rights is one of numerous considerations in carrying out this policy but it is not its core.

An American court, in my opinion, displayed a similarly mistaken view in 1997: 

The PFLP [Popular Front for the Liberation of Palestine] is an international organization with ties to Palestine, and which the district court concluded is engaged in a wide range of lawful activities, including the provision of "education, day care, health care, and social security, as well as cultural activities, publications, and political organizing." The government avers that the PFLP is an international terrorist and communist organization, but does not dispute the district court's finding that the organization conducts lawful activities.

Is the PFLP a social welfare organization with a military wing or a terrorist organization that takes care of the social welfare of its people?  This sort of question is not new - its nature can be traced backed to Plato and Aristotle - essence versus characteristics.  Is terrorism the essence of the PFLP or one of its characteristics?  Many people will disagree along political and ideological lines in analyzing a specific group but I think on reflection one should agree that saving lives that is at the core of counterterrorism.

Second, the main threat we face, that of Islamic terrorism, is also not new.  Extreme statements made by Islamic terrorists last month are no different than statements made by their ideological predecessors last millennium.  The world did not change on 9/11 as is often said; rather, people unaccustomed to thinking about this threat were now confronted with an aspect of the world they heretofore neglected. You all have the article I published in 1999 entitled The International Problem of Islamic Terrorism.  It was simply a compilation of news items from the world press from January to June, 1999.  I was not the only one who recognized this problem before 9/11.

This is the name hearing before the U.S. House Subcommittee on Europe and the Middle East: Islamic Fundamentalism and Islamic Radicalism.  When – July 1985.

An important news item from the BBC –

The 16-hour siege on a Pan Am jet in Pakistan has come to a bloody end, with at least 17 people dead.

Four gunmen, who boarded the Bombay to New York flight at Karachi Airport disguised as security guards, opened fire on the 390 hostages at 2130 local time.

Some passengers were able to escape the carnage down one of the plane's emergency chutes, but it is thought to have been at least 10 minutes before Pakistani commandos reached the jet.

Businessman Mohammed Amin said he heard one hijacker tell another: "The moment of the Last Jihad has arrived. If we are all killed we will all be martyrs."

This BBC report is dated September 5, 1986.

Third, to understand the threat we have to recognize that Islamic and Arab terrorism are the only real forms of international terrorism.  Other situations commonly referred to as international terrorism are in reality domestic terrorism occurring in a foreign country.  The Shining Path in Peru, the IRA in North Ireland, the ETA in Spain, the Tamil Tigers in Sri Lanka, the FARC in Colombia, Baader-Meinhof in Germany, and so on – do not plan or execute attacks in foreign countries, unrelated to the conflict, or in the international arena.  Examples otherwise are the exception that proves the rule.

It can be argued that international terrorism began with Arab hijacking of international flights in the 1960s.  And, the U.S. State Department’s Office of the Historian published a history of its Office for Combattng Terrorism, dated March 1984, explaining that the “historical antecedent” to this office was that “on September 25, 1972, 20 days after the terrorist attack on Olympic athletes at Munich, President Nixon established the Cabinet Committee to Combat Terrorism.” 

Moreover, U.S. law for example defines international terrorism as follows: “The term ‘international terrorism’ means terrorism involving citizens or the territory of more than one country,”[1] the definition used by the State Department in its well-known Country Reports and Patterns of Global Terrorism.  This definition can hardly distinguish between true international terrorism and a domestic attack in a foreign country where citizens of another country happened to be killed.

International hijackings, the Munich Olympics attack, and the attacks in recent years by Islamic terrorists in, for example, New York, London, Madrid, Mumbai, Delhi, Bali, Mombasa, Algiers, Djerba, Kenya and Tanzania, Riyadh, Jakarta, Casablanca, Istanbul, Glasgow, and Amman, the murder of Theo van Gogh in Amsterdam and the fatwa calling for the death of Salman Rushdie; foiled attacks, for example, in Paris, Toronto, Rome, Manila, Germany; the NATO base plot, the Shoe Bomber, the Millennium Bomber, Australia’s Operation Pendennis, Operation Bojinka in 1995 and the Trans-Atlantic plot in 2006, clearly indicate a different objective, strategy, and mind-set than the aforementioned terrorist groups from various countries. 

Fourth, concern and hesitancy about using the phrase “Islamic terrorism” hampers an understanding of the threat.  No one hesitates using the world mujahidin, yet this word which is the plural of the word mujahid, contains the letters “j,” “h,” and “d.”  It and the word jihad have the same root.  The letter “m” as a prefix indicates “he who does” – a mujahid is he who does jihad, or a Jihadi in English.  Similarly, a mufti is he who makes a fatwa. The world islam has the same root, “s,” “l,” and “m” as the word silm which means submission.  A muslim is he who submits (to the will of Allah).

We refer to Hamas, Hezballah, and al-Qaeda because those are the names in Arabic that these groups call themselves.  We call the group the Islamic Jihad because it is the translation of what they call themselves – al-Jihad al-Islami. 

Is there a Western prejudice against Muslims, a conviction that Muslim morality is so feeble that using the wrong language may push them towards radicalism, which would then be our fault?  If radical Muslims use the words Jihad and Islam to describe themselves, why the concern that our doing so will radicalize mainstream Muslims?

Fifth, to a great extent it is the West’s conviction to liberal, democratic values that fuels Islamic terrorists, who are on  a mission to insure that the world runs according to Allah’s will.  Islamic terrorists cannot and do not reconcile Allah’s will with Western liberty and freedom.

In his 2003 State of the Union speech President Bush said “Americans are a free people, who know that freedom is the right of every person and the future of every nation.  The liberty we prize is not America’s gift to the world, it is God’s gift to humanity.”  From the President Bush’s 2006 State of the Union speech: “Liberty is the future of every nation in the Middle East, because liberty is the right and hope of all humanity.”

A Western leader invoking God to support liberty in the Middle East, claiming it to be “God’s gift to humanity”? 

President Bush is not alone.  From John F. Kennedy’s inaugural address in 1961:

[The] same revolutionary beliefs for which our forebears fought are still at issue around the globeundefinedthe belief that the rights of man come not from the generosity of the state, but from the hand of God . . . Let every nation know, whether it wishes us well or ill, that we shall pay any price, bear any burden, meet any hardship, support any friend, oppose any foe, in order to assure the survival and the success of liberty.

And so, my fellow Americans: ask not what your country can do for youundefinedask what you can do for your country. My fellow citizens of the world: ask not what America will do for you, but what together we can do for the freedom of man.

Finally, whether you are citizens of America or citizens of the world, ask of us the same high standards of strength and sacrifice which we ask of you . . .. let us go forth to lead the land we love, asking His blessing and His help, but knowing that here on earth God's work must truly be our own.

A conservative republican and a liberal democratic president, 40 years apart, publicly proclaim that the United States is on a mission from God to spread liberty and freedom – a direct challenge to whether the liberal West or radical Islam will rule the world. 

Even without these statements from Western leaders, it is the West’s practice itself of liberty and democratic values that Islamic terrorists want to eradicate. There is no paucity of statements attesting to this from these extremists themselves.

Sixth, human rights, the protection of which is the Council of Europe’s mission, is not a universally agreed-upon concept.  Read Sayyid Qutb’s Social Justice in Islam for example, first published in Arabic in 1949, for an understanding of human rights and social justice different than our Western understanding.

Excerpts from the 1990 Cairo Declaration on Human Rights in Islam:

Wishing to contribute to the efforts of mankind to assert human rights, to protect man from exploitation and persecution, and to affirm his freedom and right to a dignified life in accordance with the Islamic Shari’ah;

Article 2
(a) Life is a God-given gift and the right to life is guaranteed to every human being.  It is the duty of individuals, societies and states to protect this right from any violation, and it is prohibited to take away life except for a Shari’ah-prescribed reason.

(d) Safety from bodily harm is a guaranteed right.  It is the duty of the state to safeguard it, and it is prohibited to breach it without a Shari’ah-prescribed reason.

Article 7

(b) Parents and those in such like capacity have the right to choose the type of education they desire for their children, provided they take into consideration the interest and future of the children in accordance with ethical values and the principles of the Shari’ah.

Article 16
Everyone shall have the right to enjoy the fruits of his scientific, literary, artistic or technical production and the right to protect the moral and material interests stemming therefrom, provided that such production is not contrary to the principles of Shari’ah.

Article 19

(d) There shall be no crime or punishment except as provided for in the Shari’ah.

Article 22
(a) Everyone shall have the right to express his opinion freely in such manner as would not be contrary to the principles of the Shari’ah.

Article 24
All the rights and freedoms stipulated in this Declaration are subject to the Islamic Shari'ah.

Article 25
The Islamic Shari'ah is the only source of reference for the explanation or clarification to any of the articles of this Declaration.

When comparing the 1990 Cairo Declaration on Human Rights and the 1950 European Convention on Human Rights, it is not difficult to see that the Cairo Declaration’s provisions that are subject to Sharia parallel the European Conventions’ provisions that are “subject only to such limitations as are prescribed by law” or similar language. 

I do not know what the drafters of the Cairo Declaration had in mind when they referred to Sharia but I do know what today’s Islamic terrorists consider a Sharia dominated world to be, and there is no need to emphasize the difference between their world view and that of the West.

An April 19, 2009 New York Times article entitled “Secure Enough to Sin, Baghdad Returns to Its Old Ways” begins with the sentence “Vice is making a comeback in this city once famous for 1,001 varieties of it.”  Since the fall of the Taliban, men in Kabul can shave their beards, girls have gone back to school, and people can buy music and DVDs, all prohibited under Taliban rule.

And so we see that Bin Laden and the Taliban are correct; the spread of Western liberal culture and values are a threat to their interpretation and application of Islam, and they believe they are on a mission from Allah to fight to the death to stop it. 

This is the terrorist threat we face; one that affects international security with transnational consequences.  It certainly deserves appropriate analysis and discussion, particularly in the context of human rights.

Jihadism in 2010: The Threat Continues

Stratfor Global Intelligence Report – January 6, 2010 - By Scott Stewart

For the past several years, STRATFOR has published an annual forecast on al Qaeda and the jihadist movement. Since our first jihadist forecast in January 2006, we have focused heavily on the devolution of jihadism from a phenomenon primarily involving the core al Qaeda group to one based mainly on the wider jihadist movement and the devolving, decentralized threat it poses.

The central theme of last year’s forecast was that al Qaeda was an important force on the ideological battlefield, but that the efforts of the United States and its allies had marginalized the group on the physical battlefield and kept it bottled up in a limited geographic area. Because of this, we forecast that the most significant threat in terms of physical attacks stemmed from regional jihadist franchises and grassroots operatives and not the al Qaeda core. We also wrote that we believed the threat posed by such attacks would remain tactical and not rise to the level of a strategic threat. To reflect this reality, we even dropped al Qaeda from the title of our annual forecast and simply named it Jihadism in 2009: The Trends Continue.

The past year proved to be very busy in terms of attacks and thwarted plots emanating from jihadist actors. But, as forecast, the primary militants involved in carrying out these terrorist plots were almost exclusively from regional jihadist groups and grassroots operatives, and not militants dispatched by the al Qaeda core. We anticipate that this dynamic will continue, and if anything, the trend will be for some regional franchise groups to become even more involved in transnational attacks, thus further usurping the position of al Qaeda prime at the vanguard of jihadism on the physical battlefield.

A Note on ‘Al Qaeda’

As a quick reminder, STRATFOR views what most people refer to as “al Qaeda” as a global jihadist network rather than a monolithic entity. This network consists of three distinct entities. The first is a core vanguard organization, which we frequently refer to as al Qaeda prime or the al Qaeda core. The al Qaeda core is comprised of Osama bin Laden and his small circle of close, trusted associates, such as Ayman al-Zawahiri. Due to intense pressure by the U.S. government and its allies, this core group has been reduced in size since 9/11 and remains relatively small because of operational security concerns. This insular group is laying low in Pakistan near the Afghan border and comprises only a small portion of the larger jihadist universe.

The second layer of the network is composed of local or regional terrorist or insurgent groups that have adopted jihadist ideology. Some of these groups have publicly claimed allegiance to bin Laden and the al Qaeda core and become what we refer to as franchise groups, like al Qaeda in the Islamic Maghreb (AQIM) or al Qaeda in the Arabian Peninsula (AQAP). Other groups may adopt some or all of al Qaeda’s jihadist ideology and cooperate with the core group, but they will maintain their independence for a variety of reasons. Such groups include the Tehrik-i-Taliban Pakistan (TTP), Lashkar-e-Taiba (LeT) and Harkat-ul-Jihad e-Islami (HUJI). Indeed, in the case of some larger organizations such as LeT, some of the group’s factions may actually oppose close cooperation with al Qaeda.

The third and broadest layer of the network is the grassroots jihadist movement, that is, people inspired by the al Qaeda core and the franchise groups but who may have little or no actual connection to these groups.

As we move down this hierarchy, we also move down in operational capability and expertise in what we call terrorist tradecraft undefined the set of skills required to conduct a terrorist attack. The operatives belonging to the al Qaeda core are generally better trained than their regional counterparts, and both of these layers tend to be far better trained than the grassroots operatives. Indeed, many grassroots operatives travel to places like Pakistan and Yemen in order to seek training from these other groups.

The Internet has long proved to be an important tool for these groups to reach out to potential grassroots operatives. Jihadist chat rooms and Web sites provide indoctrination in jihadist ideology and also serve as a means for aspiring jihadists to make contact with like-minded individuals and even the jihadist groups themselves.

2009 Forecast Review

Overall, our 2009 forecast was fairly accurate. As noted above, we wrote that the United States would continue its operations to decapitate the al Qaeda core and that this would cause the group to be marginalized from the physical jihad, and that has happened.

While we missed forecasting the resurgence of jihadist militant groups in Yemen and Somalia in 2008, in our 2009 forecast we covered these two countries carefully. We wrote that the al Qaeda franchises in Yemen had taken a hit in 2008 but that they could recover in 2009 given the opportunity. Indeed, the groups received a significant boost when they merged into a single group that also incorporated the remnants of al Qaeda in Saudi Arabia, which had been forced by Saudi security to flee the country. We closely followed this new group, which named itself al Qaeda in the Arabian Peninsula (AQAP), and STRATFOR was the first organization we know of to discuss the threat AQAP posed to civil aviation when we raised this subject on Sept. 2 and elaborated on it Sept. 16, in an analysis titled Convergence: The Challenge of Aviation Security. That threat manifested itself in the attempt to destroy an airliner traveling from Amsterdam to Detroit on Christmas Day 2009 undefined an operation that very nearly succeeded.

Regarding Somalia, we have also been closely following al Shabaab and the other jihadist groups there, such as Hizbul Islam. Al Shabaab publicly pledged allegiance to Osama bin Laden in September 2009 and therefore has formally joined the ranks of al Qaeda’s regional franchise groups. However, as we forecast last January, while the instability present in Somalia provides al Shabaab the opportunity to flourish, the factionalization of the country (including the jihadist groups operating there) has also served to keep al Shabaab from dominating the other actors and assuming control of the country.

We also forecast that, while Iraq had been relatively quiet in 2008, the level of violence there could surge in 2009 due to the Awakening Councils being taken off the U.S. payroll and having their control transferred to the Shiite-dominated Iraqi government, which might not pay them and integrate them into the armed forces. Indeed, since August, we have seen three waves of major coordinated attacks against Iraqi ministry buildings in Baghdad linked to the al Qaeda affiliate in Iraq, the Islamic State of Iraq. Since this violence is tied to the political situation in Iraq, and there is a clear correlation between the funds being cut to the Awakening Councils and these attacks, we anticipate that this violence will continue through the parliamentary elections in March. The attacks could even continue after that, if the Sunni powers in Iraq deem that their interests are not being addressed appropriately.

As in 2008, we paid close attention in 2009 to the situation in Pakistan. This not only was because Pakistan is the home of the al Qaeda core’s leadership but also because of the threat that the TTP and the other jihadist groups in the country posed to the stability of the nuclear-armed state. As we watched Pakistan for signs that it was becoming a failed state, we noted that the government was actually making considerable headway in its fight against its jihadist insurgency. Indeed, by late in the year, the Pakistanis had launched not only a successful offensive in Swat and the adjacent districts but also an offensive into South Waziristan, the heart of the TTP’s territory.

We also forecast that the bulk of the attacks worldwide in 2009 would be conducted by regional jihadist franchise groups and, to a lesser extent, grassroots jihadists, rather than the al Qaeda core, which was correct.

In relation to attacks against the United States, we wrote that we did not see a strategic threat to the United States from the jihadists, but that the threat of simple attacks against soft targets remained in 2009. We said we had been surprised that there were no such attacks in 2008 but that, given the vulnerabilities that existed and the ease with which such attacks could be conducted, we believed they were certainly possible. During 2009, we did see simple attacks by grassroots operatives in Little Rock, Arkansas, and at Fort Hood, Texas, along with several other grassroots plots thwarted by authorities.

Forecast for 2010

In the coming year we believe that, globally, we will see many of the trends continue from last year. We believe that the al Qaeda core will continue to be marginalized on the physical battlefield and struggle to remain relevant on the ideological battlefield. The regional jihadist franchise groups will continue to be at the vanguard of the physical battle, and the grassroots operatives will remain a persistent, though lower-level, threat.

One thing we noticed in recent months was that the regional groups were becoming more transnational in their attacks, with AQAP involved in the attack on Saudi Deputy Interior Minister Prince Mohammed bin Nayef in Saudi Arabia as well as the trans-Atlantic airliner bombing plot on Christmas Day. Additionally, we saw HUJI planning an attack against the Jyllands-Posten newspaper and cartoonist Kurt Westergaard in Denmark, and on Jan. 1, 2010, a Somali man reportedly associated with al Shabaab broke into Westergaard’s home armed with an axe and knife and allegedly tried to kill him. We believe that in 2010 we will see more examples of regional groups like al Shabaab and AQAP reaching out to become more transnational, perhaps even conducting attacks in the United States and Europe.

We also believe that, due to the open nature of the U.S. and European societies and the ease of conducting attacks against them, we will see more grassroots plots, if not successful attacks, in the United States and Europe in the coming year. The concept behind AQAP leader Nasir al-Wahayshi’s article calling for jihadists to conduct simple attacks against a variety of targets may be gaining popularity among grassroots jihadists. Certainly, the above-mentioned attack in Denmark involving an axe and knife was simple in nature. It could also have been deadly had the cartoonist not had a panic room within his residence. We will be watching for more simple attacks.

As far as targets, we believe that they will remain largely the same for 2010. Soft targets such as hotels will continue to be popular, since most jihadists lack the ability to attack hard targets outside of conflict zones. However, jihadists have demonstrated a continuing fixation on attacking commercial aviation targets, and we can anticipate additional plots and attacks focusing on aircraft.

Regionally, we will be watching for the following:

• Pakistan: Can the United States find and kill the al Qaeda core’s leadership? A Pakistani official told the Chinese Xinhua news agency on Jan. 4 that terrorism will come to an end in Pakistan in 2010, but we are not nearly so optimistic. Even though the military has made good progress in its South Waziristan offensive, most of the militants moved to other areas of Pakistan rather than engage in frontal combat with Pakistan’s army. The area along the border with Pakistan is rugged and has proved hard to pacify for hundreds of years. We don’t think the Pakistanis will be able to bring the area under control in only one year. Clearly, the Pakistanis have made progress, but they are not out of the woods. The TTP has launched a number of attacks in the Punjabi core of Pakistan (including Karachi) and we see no end to this violence in 2010.
• Afghanistan: We will continue to closely monitor jihadist actors in this war-torn country. Our forecast for this conflict is included in our Annual Forecast 2010, published on Jan. 4.
• Yemen: We will be watching closely to see if AQAP will follow the normal jihadist group lifespan of making a big splash, coming to the notice of the world and then being hit heavily by the host government with U.S. support. This pattern was exhibited a few years back by AQAP’s Saudi al Qaeda brethren, and judging by the operations in Yemen over the past month, it looks like 2010 might be a tough year for the group. It is important to note that the strikes against the group on Dec. 17 and Dec. 24 predated the Christmas bombing attempt, and the pressure on them will undoubtedly be ratcheted up considerably in the wake of that attack. Even as the memory of the Christmas Day attack begins to fade in the media and political circles, the focus on Yemen will continue in the counterterrorism community.
• Indonesia: Can Tanzim Qaedat al-Jihad find an effective leader to guide it back from the edge of destruction after the death of Noordin Mohammad Top and the deaths or captures of several of his top lieutenants? Or will the Indonesians be able to enjoy further success against the group’s surviving members?
• North Africa: Will AQIM continue to shy away from the al Qaeda core’s targeting philosophy and essentially function as the Salafist Group for Preaching and Combat with a different name in Algeria? Or will AQIM shift back toward al Qaeda’s philosophy of attacking the far enemy and using suicide bombers and large vehicle bombs? In Mauritania, Niger and Mali, will the AQIM-affiliated cells there be able to progress beyond amateurish attacks and petty banditry to become a credible militant organization?
• Somalia: We believe the factionalism in Somalia and within the jihadist community there will continue to hamper al Shabaab. The questions we will be looking to answer are: Will al Shabaab be able to gain significant control of areas of the country that can be used to harbor and train foreign militants? And, will the group decide to use its contacts within the Somali diaspora to conduct attacks in East Africa, South Africa, Australia, Europe and the United States? We believe that al Shabaab is on its way to becoming a transnational player and that 2010 may well be the year that it breaks out and then draws international attention like AQAP has done in recent months.
• India: We anticipate that Kashmiri jihadist groups will continue to plan attacks against India in an effort to stir-up communal violence in that country and stoke tensions between India and Pakistan undefined and provide a breather to the jihadist groups being pressured by the government of Pakistan.

As long as the ideology of jihadism survives, the jihadists will be able to recruit new militants and their war against the world will continue. The battle will oscillate between periods of high and low intensity as regional groups rise in power and are taken down. We don’t believe jihadists pose a strategic geopolitical threat on a global, or even regional, scale, but they will certainly continue to launch attacks and kill people in 2010.

Note - ISPLA appreciates the excellent work of Stratfor Global Intelligence.  This report is republished with the permission of Stratfor: www.STRATFOR.com

The Christmas Day Airliner Attack and the Intelligence Process

By George Friedman-Stratfor Global Intelligence – January 4, 2010

As is well known, a Nigerian national named Umar Farouk Abdulmutallab attempted to destroy a passenger aircraft traveling from Amsterdam to Detroit on Dec. 25, 2009. Metal detectors cannot pinpoint the chemical in the device he sought to detonate, PETN. The PETN was strapped to his groin. Since a detonator could have been detected, the attacker chose undefined or had chosen for him undefined a syringe filled with acid for use as an improvised alternative means to initiate the detonation. In the event, the device failed to detonate, but it did cause a fire in a highly sensitive area of the attacker’s body. An alert passenger put out the fire. The plane landed safely. It later emerged that the attacker’s father, a prominent banker in Nigeria, had gone to the U.S. Embassy in Nigeria to warn embassy officials of his concerns that his son might be involved with jihadists.

The incident drove home a number of points. First, while al Qaeda prime undefined the organization that had planned and executed 9/11 undefined might be in shambles, other groups in other countries using the al Qaeda brand name and following al Qaeda prime’s ideology remain operational and capable of mounting attacks. Second, like other recent attacks, this attack was relatively feeble: It involved a single aircraft, and the explosive device was not well-conceived. Third, it remained and still remains possible for a terrorist to bring explosives on board an aircraft. Fourth, intelligence available in Nigeria, London and elsewhere had not moved through the system with sufficient speed to block the terrorist from boarding the flight.

An Enduring Threat

From this three things emerge. First, although the capabilities of jihadist terrorists have declined, their organizations remain functional, and there is no guarantee that these organizations won’t increase in sophistication and effectiveness. Second, the militants remain focused on the global air transport system. Third, the defensive mechanisms devised since 2001 remain ineffective to some degree.

The purpose of terrorism in its purest form is to create a sense of insecurity among a public. It succeeds when fear moves a system to the point where it can no longer function. This magnifies the strength of the terrorist by causing the public to see the failure of the system as the result of the power of the terrorist. Terror networks are necessarily sparse. The greater the number of persons involved, the more likely a security breach becomes. Thus, there are necessarily few people in a terror network. An ideal terror network is global, able to strike anywhere and in multiple places at once. The extent of the terror network is unknown, partly because of its security systems and partly because it is so sparse that finding a terrorist is like finding a needle in a haystack. It is the fact that the size and intentions of the terror network are unknown that generates the sense of terror and empowers the terrorist.

The global aspect is also important. That attacks can originate in many places and that attackers can belong to many ethnic groups increases the desired sense of insecurity. All Muslims are not members of al Qaeda, but all members of al Qaeda are Muslims, and any Muslim might be a member of al Qaeda. This logic is beneficial to radical Islamists, who want to increase the sense of confrontation between Islam and the rest of the world. This not only increases the sense of insecurity and vulnerability in the rest of the world, it also increases hostility toward Muslims, strengthening al Qaeda’s argument to Muslims that they are in an unavoidable state of war with the rest of the world. Equally important is the transmission of the idea that if al Qaeda is destroyed in one place, it will spring up elsewhere.

This terror attack made another point, intended or not. U.S. President Barack Obama recently decided to increase forces in Afghanistan. A large part of his reasoning was that Afghanistan was the origin of 9/11, and the Taliban hosted al Qaeda. Therefore, he reasoned the United States should focus its military operations in Afghanistan and neighboring Pakistan, since that was the origin of al Qaeda. But the Christmas Day terror attempt originated in Yemen, a place where the United States has been fighting a covert war with limited military resources. It therefore raises the question of why Obama is focusing on Afghanistan when the threat from al Qaeda spinoffs can originate anywhere.

From the terrorist perspective, the Yemen attack was a low-cost, low-risk operation. If it succeeded in bringing down a U.S. airliner over Detroit, the psychological impact would be massive. If it failed to do so, it would certainly increase a sense of anxiety, cause the U.S. and other governments to institute new and expensive security measures, and potentially force the United States into expensive deployments of forces insufficient to dominate a given country but sufficient to generate an insurgency. If just some of these things happened, the attack would have been well worth the effort.

The Strategic Challenge

The West’s problem can be identified this way: There is no strategic solution to low-level terrorism, i.e., terrorism carried out by a sparse, global network at unpredictable times and places. Strategy involves identifying and destroying the center of gravity of an enemy force. By nature, jihadist terrorism fails to present a single center of gravity, or a strong point or enabler that if destroyed would destroy the organization. There is no organization properly understood, and the destruction of one organization does not preclude the generation of another organization.

There are two possible solutions. The first is to accept that Islamist terrorism cannot be defeated permanently but can be kept below a certain threshold. As it operates now, it can inflict occasional painful blows on the United States and other countries undefined including Muslim countries undefined but it cannot threaten the survival of the nation (though it might force regime change in some Muslim countries).

In this strategy, there are two goals. The first is preventing the creation of a jihadist regime in any part of the Muslim world. As we saw when the Taliban provided al Qaeda with sanctuary, access to a state apparatus increases the level of threat to the United States and other countries; displacing the Taliban government reduced the level of threat. The second goal is preventing terrorists from accessing weapons of mass destruction that, while they might not threaten the survival of a country, would certainly raise the pain level to an unacceptable point. In other words, the United States and other countries should focus on reducing the level of terrorist capabilities, not on trying to eliminate the terrorist threat as a whole.

To a great extent, this is the American strategy. The United States has created a system for screening airline passengers. No one expects it to block a serious attempt to commit terrorism on an airliner, nor does this effort have any effect on other forms of terrorism. Instead, it is there to reassure the public that something is being done, to catch some careless attackers and to deter others. But in general, it is a system whose inconvenience is meant to reassure.

The Challenge of Identifying Potential Terrorists

To the extent to which there is a center of gravity to the problem, it is in identifying potential terrorists. In both the Fort Hood attack and the Detroit incident, information was in the system that could have allowed authorities to identify and stop the attackers, but in both cases, this information didn’t flow to the places where action could have been taken. There is thus a chasm between the acquisition of information and the person who has the authority to do something about it. The system “knew” about both attackers, but systems don’t actually think or know anything. The person with authority to stop a Nigerian from boarding the plane or who could relieve the Fort Hood killer from duty lacked one or more of the following: intelligence, real authority and motivation.

The information gathered in Nigeria had to be widely distributed to be useful. It was unknown where Abdulmutallab was going to go or what he was going to do. The number of people who needed to know about him was enormous, from British security to Amsterdam ticket agents checking passports. Without distributing the intelligence widely, it became useless. A net can’t have holes that are too big, and the failure to distribute intelligence to all points creates holes.

Of course, the number of pieces of intelligence that come into U.S. intelligence collection is enormous. How does the person interviewing the father know whether the father has other reasons to put his son on a list? Novels have been written about father-son relations. The collector must decide whether the report is both reliable and significant, and the vast majority of information coming into the system is neither. The intelligence community has been searching for a deus ex machina in the form of computers able not only to distribute intelligence to the necessary places but also to distinguish reliable from unreliable, significant from insignificant.

Forgetting the interagency rivalries and the tendency to give contracts to corporate behemoths with last-generation technology, no matter how widely and efficiently intelligence is distributed, at each step in the process someone must be given real authority to make decisions. When Janet Napolitano or George Tenet say that the system worked after an incident, they mean not that the outcome was satisfactory, but that the process operated as the process was intended to operate. Of course, being faithful to a process is not the same as being successful, but the U.S. intelligence community’s obsession with process frequently elevates process above success. Certainly, process is needed to operate a vast system, but process also is being used to deny people authority to do what is necessary outside the process, or, just as bad, it allows people to evade responsibility by adhering to the process.

Not only does the process relieve individuals in the system from real authority; it also strips them of motivation. In a system driven by process, the individual motivated to abort the process and improvise is weeded out early. There is no room for “cowboys,” the intelligence community term for people who hope to be successful at the mission rather than faithful to the process. Obviously, we are overstating matters somewhat, but not by as much as one might think. Within the U.S. intelligence and security process, one daily sees good people struggling to do their jobs in the face of processes that can’t possibly anticipate all circumstances.

The distribution of intelligence to the people who need to see it is, of course, indispensable, along with whatever other decision supports can be contrived. But, in the end, unless individuals are expected and motivated to make good decisions, the process is merely the preface to failure. No system can operate without process. At the same time, no process can replace authority, motivation and, ultimately, common sense.

The fear of violating procedures cripples Western efforts to shut down low-level terrorism. But the procedures are themselves flawed. A process that says that in a war against radical Islamists, an elderly visitor from Iceland is as big of a potential threat as a twentysomething from Yemen might satisfy some ideological imperative, but it violates the principle of common sense and blocks the authority and the motivation to act decisively.

It is significant that this is one of the things the Obama administration has changed in response to the attempted bombing.

The U.S. Transportation Security Administration (TSA) announced Jan. 4 that anyone traveling from or through nations regarded as state sponsors of terrorism as well as “other countries of interest” will be required to go through enhanced screening. The TSA said those techniques would include full-body pat downs, carry-on luggage searches, full-body scanning and explosive detection technology. The U.S. State Department lists Cuba, Iran, Sudan and Syria as state sponsors of terrorism. The other countries whose passengers will face enhanced screening include Afghanistan, Algeria, Iraq, Lebanon, Libya, Nigeria, Pakistan, Saudi Arabia, Somalia and Yemen. A rational system of profiling thus appears to be developing.

In all likelihood, no system can eliminate events such as what happened on Christmas, and in all likelihood, the republic would survive an intermittent pattern of such events undefined even successful ones. Focusing on the strategic level makes sense. But given the level of effort and cost involved in terrorist protection throughout the world, successful systems for distributing intelligence and helping identify potentially significant threats are long overdue. The U.S. government has been tackling this since 2001, and it still isn’t working.

But, in the end, creating a process that precludes initiative by penalizing those who do not follow procedures under all circumstances and intimidating those responsible for making quick decisions from risking a mistake is bound to fail.

This report is republished with permission of Stratfor www.stratfor.com

U.S. Circuit Court Ruling on Computer Searches

In a ruling with broad implications for computer privacy, the Ninth U.S. Circuit Court of Appeals in San Francisco ruled that federal investigators went too far when they seized the digital records of a drug testing company and kept the results of confidential drug tests performed on all Major League baseball players during the 2002 season.

According to published reports, 104 players tested positive for performance enhancing drugs. The names of four of them undefined Alex Rodriguez, Manny Ramirez, David Ortiz, and (now retired) Sammy Sosa undefined were leaked to the press by an anonymous source or sources.    
 
The court upheld a ruling by Judge Florence-Marie Cooper of the Central District Court of California that required the government to yield records taken in the investigation. The judges ruled that law-enforcement agents went far beyond the scope of the warrant authorizing a search of the records of 10 ballplayers for whom the government had established probable cause. Government officials said they are considering an appeal to the U.S. Supreme Court. 
 
The court's 9-2 ruling could have a significant impact on future database searches. It sets forth a five-part standard for warrants, reminiscent of the "Miranda warning" established by the U.S. Supreme Court in a 1966 ruling requiring that criminal suspects be fully notified of their rights when placed under arrest. In computer searches, the circuit court ruled, warrants should not be issued unless the government waives reliance upon the plain view exception to the exclusionary rule, which bars evidence seized without authority of a warrant. Under the long-established plain view exception, evidence that is in plain sight during an authorized search may be taken and used in court even when the object or objects seized are not among the things described in the warrant. Officers with a warrant to search a home for stolen merchandise, for example, may also recognize and seize as evidence marijuana in a transparent bag, left in plain sight on a coffee table.

The Ninth Circuit ruling is the latest in a long and winding trail of litigation stemming from a federal investigation of the Bay Area Laboratories Company (BALCO), suspected of providing steroids to professional baseball players. Prosecutors obtained a subpoena from a grand jury in the Northern District Court of California, calling on Comprehensive Drug Testing Inc. of Santa Ana to turn over
all drug testing records and specimens of all the players who had participated in the 2002 testing. The tests were conducted on all Major League players at the time, with the guarantee that the results would be confidential and there would be no penalties for testing positive. The purpose was to determine if five percent or more of the players would test positive, the threshold agreed to by
the Major League Baseball and the Major League Baseball Players Association as grounds for future testing.

The players association and the testing company appealed the subpoena and succeeded in having it quashed. But the government also obtained a warrant from the Central District Court of California to seize and search the records of the 10 players for whom it had probable cause. Both the district and circuit courts ruled, however, that officials exceeded the terms of the warrant they executed against Comprehensive Drug Testing. The warrant instructed the investigators to determine how much of the information about the ten players could be segregated on-site from the rest of the company's records. It also required procedures for segregating the data in any investigation of the files and records that might be conducted in a law-enforcement laboratory.

"Brushing aside an offer by on-site by CDT personnel to provide all information pertaining to the ten identified baseball players," wrote Chief Judge Alex Kozinski, "the government copied from CDT's computer what the parties have called the 'Tracey Directory,' which contained, in Judge Cooper's words 'information and test results involving hundreds of other baseball players and athletes engaged in other professional sports.'"    

Kozinksi dismissed as "too clever by half" the contention that once the agents opened the directory, the disputed records were in plain view. Under that line of reasoning, the judge argued, everything the government wishes to seize would come under the plain view exception.

"Why stop at the list of all baseball players when you can seize the entire Tracey Directory?" Kozinski wrote. "Why just that directory and not the entire hard drive? Why just this computer and not the one in the next room and the next room after that?"
 
The court noted the difficulties inherent in computer searches, since records can be quickly and easily be destroyed, mislabeled or even "booby trapped" to thwart an investigation. Nonetheless it set forth the following rules for judges to follow in issuing warrants:

1. Magistrates should insist that the government waive reliance on the plain view doctrine in digital evidence cases.
2. Segregation and redaction must be either done by specialized personnel or an independent third party. If the segregation is to be done by government computer personnel, it must agree in the warrant application that the computer personnel will not disclose to the investigators any information other than that which is the target of the warrant.
3. Warrants and subpoenas must disclose the actual risks of destruction of information as well as prior efforts to seize that information in other judicial fora.
4. The government's search protocol must be designed to uncover only the information for which it has probable cause, and only that information may be examined by the case agents.
5. The government must destroy or, if the recipient may lawfully possess it, return non-responsive data, keeping the issuing magistrate informed about when it has done so and what ithas kept.

The court's majority opinion acknowledged the difficulty of limiting searches to prescribed bounds when dealing with computer data:

We accept the reality that such over-seizing is an inherent part of the electronic search process and proceed on the assumption that, when it comes to the seizure of electronic records, this will be far more common than in the days of paper records. This calls for greater vigilance on the part of judicial officers in striking the right balance between the government's interest in law enforcement and the right of individuals to be free from unreasonable searches and seizures.

The two dissenting judges argued that it was the court's majority that was overreaching in this case and ignoring it's own precedent, established in a ruling in which the court had denied an appeal to suppress evidence of child pornography found during a computer search for false identity cards. "There is no rule," wrote Judges Consuelo Callahan and Sandra Ikuta, "that evidence turned up while officers are rightfully searching a location under properly issued warrant must be excluded simply because the evidence may support charges for a related crime."

AQAP: Paradigm Shifts and Lessons Learned

Global Security & Intelligence Report (WWW.STRATFOR.COM ) provided this comprehensive report on international terrorism with emphasis on al Qaeda in Arabian Peninsula (AQAP) which ISPLA gratefully acknowledges.

By Scott Stewart - September 2, 2009

On the evening of Aug. 28, Prince Mohammed bin Nayef, the Saudi Deputy Interior Minister, and the man in charge of the kingdom’s counterterrorism efforts, was receiving members of the public in connection with the celebration of Ramadan, the Islamic month of fasting. As part of the Ramadan celebration, it is customary for members of the Saudi royal family to hold public gatherings where citizens can seek to settle disputes or offer Ramadan greetings.

One of the highlights of the Friday gathering was supposed to be the prince’s meeting with Abdullah Hassan Taleh al-Asiri, a Saudi man who was a wanted militant from al Qaeda in the Arabian Peninsula (AQAP). Al-Asiri had allegedly renounced terrorism and had requested to meet the prince in order to repent and then be accepted into the kingdom’s amnesty program. Such surrenders are not unprecedented, and they serve as great press events for the kingdom’s ideological battle against jihadists. Prince Mohammed, who is responsible for the Saudi rehabilitation program for militants, is a key figure in that ideological battle.

In February, a man who appeared with al-Asiri on Saudi Arabia’s list of most-wanted militants, former Guantanamo Bay inmate Mohammed al-Awfi , surrendered in Yemen and was transported to Saudi Arabia where he renounced terrorism and entered into the kingdom’s amnesty program. Al-Awfi, who had appeared in a January 2009 video issued by the newly created AQAP after the merger of the Saudi and Yemeni nodes of the global jihadist network, was a senior AQAP leader, and his renouncement was a major blow against AQAP.

But the al-Asiri case ended very differently from the al-Awfi case. Unlike al-Awfi, al-Asiri was not a genuine repentant, he was a human Trojan horse. After al-Asiri entered a small room to speak with Prince Mohammed, he activated a small improvised explosive device (IED) he had been carrying inside his anal cavity. The resulting explosion ripped al-Asiri to shreds but only lightly injured the shocked prince, the target of al-Asiri’s unsuccessful assassination attempt.

While the assassination proved unsuccessful, AQAP had been able to shift the operational paradigm in a manner that allowed them to achieve tactical surprise. The surprise was complete and the Saudis did not see the attack coming, the operation could have succeeded had it been better executed.

The kind of paradigm shift evident in this attack has far-reaching implications from a protective-intelligence standpoint, and security services will have to adapt in order to counter the new tactics employed. The attack also allows some important conclusions to be drawn about AQAP’s ability to operate inside Saudi Arabia.

Paradigm Shifts

Militants conducting terrorist attacks and the security services attempting to guard against such attacks have long engaged in a tactical game of cat and mouse. As militants adopt new tactics, security measures are then implemented to counter those tactics. The security changes then cause the militants to change in response and the cycle begins again. These changes can include using different weapons, employing weapons in a new way or changing the type of targets selected.

Sometimes, militants will implement a new tactic or series of tactics that is so revolutionary that it completely changes the framework of assumptions undefined or the paradigm, under which the security forces operate. Historically, al Qaeda and its jihadist progeny have proved to be very good at understanding the security paradigm and then developing tactics intended to exploit vulnerabilities in that paradigm in order to launch surprise attacks. For example:

•·         Prior to the 9/11 attacks, it was inconceivable that a large passenger aircraft would be used as a manually operated cruise missile. Hence, security screeners allowed box cutters to be carried onto aircraft, which were then used by the hijackers to take over the planes.

•·         The use of faux journalists to assassinate Ahmed Shah Masood with suicide IEDs hidden in their camera gear was also quite inventive.

•·         Had Richard Reid been able to light the fuse on his shoe bomb, we might still be wondering what happened to American Airlines Flight 63.

•·         The boat bomb employed against the USS Cole in October 2000 was another example of a paradigm shift that resulted in tactical surprise.

Once the element of tactical surprise is lost, however, the new tactics can be countered.

•·         When the crew and passengers on United Airlines Flight 93 learned what had happened to the other flights hijacked and flown to New York and Washington on Sept. 11, 2001, they stormed the cockpit and stopped the hijackers from using their aircraft in an attack. Aircraft cockpit doors have also been hardened and other procedural measures have been put in place to make 9/11-style suicide hijackings harder to pull off.

•·         Following the Masood assassination, journalists have been given very close scrutiny before being allowed into the proximity of a VIP.

•·         The traveling public has felt the impact of the Reid shoe-bombing attempt by being forced to remove their shoes every time they pass through airport security. And the thwarted 2006 Heathrow plot has resulted in limits on the size of liquid containers travelers can take aboard aircraft.

•·         The U.S. Navy is now very careful to guard against small craft pulling up alongside its warships.

Let’s now take a look at the paradigm shift marked by the Prince Mohammed assassination attempt.

AQAP’s Tactical Innovations

First, using a repentant militant was a brilliant move, especially when combined with the timing of Ramadan. For Muslims, Ramadan is a time for introspection, sacrifice, reconciliation and repentance, it is a time to exercise self-restraint and practice good deeds. Additionally, as previously mentioned, Ramadan is a time when the Saudi royal family customarily makes itself more accessible to the people than at other times of the year. By using a repentant militant who appears on Saudi Arabia’s list of most-wanted militants, AQAP was playing to the ego of the Saudis, who very much want to crush AQAP, and who also want to use AQAP members who have renounced terrorism and the group as part of their ideological campaign against jihadists. The surrender of an AQAP member offered the Saudi government a prize and a useful tool, it was an attractive offer and, as anticipated, Prince Mohammed took the bait. (Another side benefit of this tactic from the perspective of AQAP is that it will make the Saudis far more careful when they are dealing with surrendered militants in the future.)

The second tactical innovation in this case was the direct targeting of a senior member of the Saudi royal family and the member of the family specifically charged with leading the campaign against AQAP. In the past, jihadist militants in Saudi Arabia have targeted foreign interests and energy infrastructure in the kingdom. While jihadists have long derided and threatened the Saudi royal family in public statements, including AQAP statements released this year, they had not, prior to the Prince Mohammed assassination attempt, ever tried to follow through on any of their threats. Nor has the group staged any successful attack inside the kingdom since the February 2007 attack that killed four French citizens, and it has not attempted a major attack in Saudi Arabia since the failed February 2006 attack against a major oil-processing facility in the city of Abqaiq. Certainly the group had never before attempted a specifically targeted assassination against any member of the very large Saudi royal family, much less a senior member. Therefore the attack against Prince Mohammed came as a complete surprise. There are many less senior members of the royal family who would have been far more vulnerable to attack, but they would not have carried the rank or symbolism that Mohammed does.

But aside from his rank, Mohammed was the logical target to select for this operation because of his office and how he conducts his duties. Mohammed has long served as the primary contact between jihadists and the Saudi government, and he is the person Saudi militants go to in order to surrender. He has literally met with hundreds of repentant jihadists in person and had experienced no known security issues prior to the Aug. 28 incident. This explains why Mohammed personally spoke on the phone with al-Asiri prior to the surrender and why he did not express much concern over meeting with someone who appeared on his government’s list of most-wanted militants. He met with such men regularly.

Since it is well known that Mohammed has made it his personal mission to handle surrendering militants, AQAP didn’t have to do much intelligence work to realize that Mohammed was vulnerable to an attack or to arrange for a booby-trapped al-Asiri to meet with Mohammed. They merely had to adapt their tactics in order to exploit vulnerabilities in the security paradigm.

The third tactical shift is perhaps the most interesting, and that is the use of an IED hidden in the anal cavity of the bomber. Suicide bombers have long been creative when it comes to hiding their devices. In addition to the above-mentioned IED in the camera gear used in the Masood assassination, female suicide bombers with the Liberation Tigers of Tamil Eelam have hidden IEDs inside brassieres, and female suicide bombers with the Kurdistan Workers’ Party have worn IEDs designed to make them look pregnant. However, this is the first instance we are aware of where a suicide bomber has hidden an IED inside a body cavity.

It is fairly common practice around the world for people to smuggle contraband such as drugs inside their body cavities. This is done not only to get items across international borders but also to get contraband into prisons. It is not unusual for people to smuggle narcotics and even cell phones into prisons inside their body cavities (the prison slang for this practice is “keistering”). It is also not at all uncommon for inmates to keister weapons such as knives or improvised stabbing devices known as “shanks.” Such keistered items can be very difficult to detect using standard search methods, especially if they do not contain much metal.

In the case of al-Asiri, he turned himself in to authorities on the afternoon of Aug. 27 and did not meet with Mohammed until the evening of Aug. 28. By the time al-Asiri detonated his explosive device, he had been in custody for some 30 hours and had been subjected to several security searches, though it is unlikely that any of them included a body cavity search. While it is possible that there was some type of internal collusion, it is more likely that the device had been hidden inside of al-Asiri the entire time.

AQAP’s claim of responsibility for the attack included the following statement:
“…Abdullah Hassan Taleh al-Asiri, who was on the list of 85 wanted persons, was able, with the help of God, to enter Nayef’s palace as he was among his guards and detonate an explosive device. No one will be able to know the type of this device or the way it was detonated. Al-Asiri managed to pass all the security checkpoints in Najran and Jeddah airports and was transported on board Mohammed bin Nayef’s private plane.”

AQAP also threatened additional surprise attacks in the “near future,” but now that the type of device al-Asiri used is known, security measures can, and almost certainly will, be implemented to prevent similar attacks in the future.

While keistering an IED is a novel tactic, it does present operational planners with some limitations. For one thing, the amount of explosive material that can be hidden inside a person is far less than the amount that can be placed inside a backpack or is typically used in a suicide belt or vest. For another, the body of the bomber will tend to absorb much of the blast wave and most of any fragmentation from the device. This means that the bomber would have to get in very close proximity to an intended target in order to kill him or her. Such a device would not be very useful for a mass-casualty attack like the July 17 Jakarta hotel bombings and instead would be more useful in assassination attempts against targeted individuals.

We have not been able to determine exactly how the device was triggered, but it likely employed a command-detonated remote device of some kind. Having wires protruding from the bomber’s body would be a sure giveaway. The use of a wireless remote means that the device would be susceptible to radio frequency countermeasures.

One other concern about such a device is that it would likely have a catastrophic result if employed on an aircraft, especially if it were removed from the bomber’s body and placed in a strategic location on board the aircraft. Richard Reid’s shoe IED only contained about four ounces of explosives, an amount that could conceivably be smuggled inside a human.

What the Attack Says About AQAP

While the Aug. 28 attack highlighted AQAP’s operational creativity, it also demonstrated that the group failed to effectively execute the attack after gaining the element of surprise. Quite simply, the bomber detonated his device too far away from the intended target. It is quite likely that the group failed to do adequate testing with the device and did not know what its effective kill radius was. AQAP will almost certainly attempt to remedy that error before it tries to employ such a device again.

In the larger picture, this attempt shows that AQAP does not have the resources inside the kingdom to plan and execute an attack on a figure like Prince Mohammed. That it would try a nuanced and highly targeted strike against Mohammed rather than a more brazen armed assault or vehicle-borne IED attack demonstrates that the group is very weak inside Saudi Arabia. It even needed to rely on operatives and planners who were in Yemen to execute the attack.

When the formation of AQAP was announced in January, STRATFOR noted that it would be important to watch for indications of whether the merger of the Saudi and Yemeni groups was a sign of desperation by a declining group or an indication that it had new blood and was on the rise. AQAP’s assassination attempt on Prince Mohammed has clearly demonstrated that the group is weak and in decline.

AQAP has not given up the struggle, but the group will be hard-pressed to weather the storm that is about to befall it as the Saudis retaliate for the plot. It will be very surprising if it is able to carry through with its threat to attack other members of the Saudi royal family in the near future. Indeed, the very fact that AQAP has threatened more attacks on the royal family likely indicates that the threats are empty; if the group truly did have other plots in the works, it would not want to risk jeopardizing those plots by prompting the Saudis to increase security in response to a threat.

Lacking the strength to conduct large, aggressive attacks, the weakened AQAP will need to continue innovating in order to pose a threat to the Saudi monarchy. But, as seen in the Aug. 28 case, tactical innovation requires more than just a novel idea, militants must also carefully develop and test new concepts before they can use them to effectively conduct a terrorist attack.