In my last article, I discussed the Fifth Wave of Terrorism being the disenfranchised, ill-prepared and unemployed youth born into some of the world’s most vulnerable and hostile environments. However, last night, in talking with some customers from Italy, we raised the topic that the shift towards low-tech attacks against public spaces has stretched traditional concepts of duty-of-care and operational disruption. In addition, the overlap between workplace violence incidents and threats involving radicalized employee insiders creates a more complex threat environment for companies and their employees, making risk mitigation far more complex. There is no one-size-fits-all recommended intervention approach. Since we work and support companies who work in hostile or less than desirable areas, these insider threats are becoming more and more relevant.
There is a need for a multi-disciplinary approach to insider threat assessment and management from a corporate perspective, and what we talk about is a mature and effective insider threat program aiming to identify, prevent, deter and neutralize these threats. As in today’s world a complex underlying issue pertaining to perceived harassment, as well as rights to privacy and religious expression in the workplace, require close collaboration between leadership from security, external companies like ICESERVE24, legal firms, human resources and information technology. A well trained and closely coordinated threat management team with representation from across these business functions as well as external team enables an organization to maximize its potential to initially identify emerging situations of concern, evaluate the totality of circumstances and devise a tailored threat-mitigation plan.
Right and left-wing surge
Okay so the global terrorist threat if we look at the overall number of terrorist incidents worldwide, as well as the number of estimated casualties has declined in 2017 compared with 2016, based upon figures collected by ICESERVE24. The reality is that the decrease was wide-ranging but very uneven, and multiple countries experienced increased terrorist activity because of shifting conflict and militant group dynamics. A fluid geo-strategical situation that seems chaotic but does indeed follow a pattern.
In our world we tend to put such an emphasis on the high-impact acts of terror carried out by Islamist extremists in Western cities, notably Islamic State (IS), which has moved attention from other ideological actors, like the right- and left-wing extremists. We have found that the convergence of ideological and personal motivations in violent attacks remains among the most challenging aspects of the evolving terrorism threat environment. We find that it is easier to identify group motivator and triggers, but it is far more challenging to assess the same on an individual level.
Recent ideological extremist attacks also indicate an increasingly diverse portfolio of tactics, techniques and procedures. This has been extensively documented among Islamist extremists, who have adopted low-tech, low-cost tactics such as knife assaults and vehicle-ramming and are being mimicked by other groups worldwide. Such attacks are more frequently executed successfully than those involving more complex tactics, even if the impacts are more localized and often smaller scale. As a result, they increased to nearly half of known plots and attacks in Western countries in 2017.
Over the last five years we have seen that the dominant tactic for both right- and left-wing extremists, arson (including both Molotov cocktails and timed incendiary devices). Beyond arson, and in line with their differential target sets, right-wing extremists have tended to favor violent assaults and firearm attacks, while left-wing extremists emphasize sabotage and vandalism.
However, left-wing extremists have indicated renewed interest in improvised explosive device (IED) attacks. Right-wing extremists, meanwhile, indicate persistent interest in explosive attacks, even if these tend to exceed their limited capabilities.
Fortunately, corporate responses, including insider threat programs and workforce active assailant training, are relatively agnostic: they work regardless of the ideological motivation of extremists. However, the challenge for organizations continues to be finding all the dots and connecting them within the constraints of business ethics and the law.
ICESERVE24’s ABI program supports companies with a well-developed mitigation program better able to support an organization to better detect any behaviors that could indicate escalation towards a potential attack. Our program supports the customer base and enhances the safety and security of executives, employees, facilities and assets. We are able to take on even greater insight in the workplace, unlike casual and occasional observation by acquaintances, well-developed insider threat program creates systematic and routine opportunities for recognition and reporting of pre-attack planning or preparation-related behaviors that might not otherwise be detected. We support in identifying security, political and economic risks as well as critical incident alerting, identification of insider/outsider threats, acquisition of public local sentiment, and a proactive identification of exploits, vulnerabilities or potential brand damage.
We have seen at its best: social media has given a voice to the disenfranchised. But also at its worst: it has become a weapon of mass reputation destructive behaviors. When using ICESERVE24's ABI program, we do not see this digital space as black or white. We process content ranging from social media, forums, print/broadcast media, and the dark web in order to source high-value discoveries, including persons, locations, topics or competitors of interest. They may provide a key behavioral indicator that an individual of concern may be progressing toward an attack, or mismanaging the wealth of information they have access. By being aware of these early indicators, corporations can prevent attacks while they are still on the planning stage, long before they pose an actual threat to the well-being of employees, visitors, and the public.