Entries Tagged "terrorism"

Page 33 of 80

Imagining Threats

A couple of years ago, the Department of Homeland Security hired a bunch of science fiction writers to come in for a day and think of ways terrorists could attack America. If our inability to prevent 9/11 marked a failure of imagination, as some said at the time, then who better than science fiction writers to inject a little imagination into counterterrorism planning?

I discounted the exercise at the time, calling it “embarrassing.” I never thought that 9/11 was a failure of imagination. I thought, and still think, that 9/11 was primarily a confluence of three things: the dual failure of centralized coordination and local control within the FBI, and some lucky breaks on the part of the attackers. More imagination leads to more movie-plot threats—which contributes to overall fear and overestimation of the risks. And that doesn’t help keep us safe at all.

Recently, I read a paper by Magne Jørgensen that provides some insight into why this is so. Titled More Risk Analysis Can Lead to Increased Over-Optimism and Over-Confidence, the paper isn’t about terrorism at all. It’s about software projects.

Most software development project plans are overly optimistic, and most planners are overconfident about their overoptimistic plans. Jørgensen studied how risk analysis affected this. He conducted four separate experiments on software engineers, and concluded (though there are lots of caveats in the paper, and more research needs to be done) that performing more risk analysis can make engineers more overoptimistic instead of more realistic.

Potential explanations all come from behavioral economics: cognitive biases that affect how we think and make decisions. (I’ve written about some of these biases and how they affect security decisions, and there’s a great book on the topic as well.)

First, there’s a control bias. We tend to underestimate risks in situations where we are in control, and overestimate risks in situations when we are not in control. Driving versus flying is a common example. This bias becomes stronger with familiarity, involvement and a desire to experience control, all of which increase with increased risk analysis. So the more risk analysis, the greater the control bias, and the greater the underestimation of risk.

The second explanation is the availability heuristic. Basically, we judge the importance or likelihood of something happening by the ease of bringing instances of that thing to mind. So we tend to overestimate the probability of a rare risk that is seen in a news headline, because it is so easy to imagine. Likewise, we underestimate the probability of things occurring that don’t happen to be in the news.

A corollary of this phenomenon is that, if we’re asked to think about a series of things, we overestimate the probability of the last thing thought about because it’s more easily remembered.

According to Jørgensen’s reasoning, people tend to do software risk analysis by thinking of the severe risks first, and then the more manageable risks. So the more risk analysis that’s done, the less severe the last risk imagined, and thus the greater the underestimation of the total risk.

The third explanation is similar: the peak end rule. When thinking about a total experience, people tend to place too much weight on the last part of the experience. In one experiment, people had to hold their hands under cold water for one minute. Then, they had to hold their hands under cold water for one minute again, then keep their hands in the water for an additional 30 seconds while the temperature was gradually raised. When asked about it afterwards, most people preferred the second option to the first, even though the second had more total discomfort. (An intrusive medical device was redesigned along these lines, resulting in a longer period of discomfort but a relatively comfortable final few seconds. People liked it a lot better.) This means, like the second explanation, that the least severe last risk imagined gets greater weight than it deserves.

Fascinating stuff. But the biases produce the reverse effect when it comes to movie-plot threats. The more you think about far-fetched terrorism possibilities, the more outlandish and scary they become, and the less control you think you have. This causes us to overestimate the risks.

Think about this in the context of terrorism. If you’re asked to come up with threats, you’ll think of the significant ones first. If you’re pushed to find more, if you hire science-fiction writers to dream them up, you’ll quickly get into the low-probability movie plot threats. But since they’re the last ones generated, they’re more available. (They’re also more vivid—science fiction writers are good at that—which also leads us to overestimate their probability.) They also suggest we’re even less in control of the situation than we believed. Spending too much time imagining disaster scenarios leads people to overestimate the risks of disaster.

I’m sure there’s also an anchoring effect in operation. This is another cognitive bias, where people’s numerical estimates of things are affected by numbers they’ve most recently thought about, even random ones. People who are given a list of three risks will think the total number of risks are lower than people who are given a list of 12 risks. So if the science fiction writers come up with 137 risks, people will believe that the number of risks is higher than they otherwise would—even if they recognize the 137 number is absurd.

Jørgensen does not believe risk analysis is useless in software projects, and I don’t believe scenario brainstorming is useless in counterterrorism. Both can lead to new insights and, as a result, a more intelligent analysis of both specific risks and general risk. But an over-reliance on either can be detrimental.

Last month, at the 2009 Homeland Security Science & Technology Stakeholders Conference in Washington D.C., science fiction writers helped the attendees think differently about security. This seems like a far better use of their talents than imagining some of the zillions of ways terrorists can attack America.

This essay originally appeared on Wired.com.

Posted on June 19, 2009 at 6:49 AMView Comments

Second SHB Workshop Liveblogging (9)

The eighth, and final, session of the SHB09 was optimistically titled “How Do We Fix the World?” I moderated, which meant that my liveblogging was more spotty, especially in the discussion section.

David Mandel, Defense Research and Development Canada (suggested reading: Applied Behavioral Science in Support of Intelligence Analysis, Radicalization: What does it mean?; The Role of Instigators in Radicalization to Violent Extremism), is part of the Thinking, Risk, and Intelligence Group at DRDC Toronto. His first observation: “Be wary of purported world-fixers.” His second observation: when you claim that something is broken, it is important to specify the respects in which it’s broken and what fixed looks like. His third observation: it is also important to analyze the consequences of any potential fix. An analysis of the way things are is perceptually based, but an analysis of the way things should be is value-based. He also presented data showing that predictions made by intelligence analysts (at least in one Canadian organization) were pretty good.

Ross Anderson, Cambridge University (suggested reading: Database State; book chapters on psychology and terror), asked “Where’s the equilibrium?” Both privacy and security are moving targets, but he expects that someday soon there will be a societal equilibrium. Incentives to price discriminate go up, and the cost to do so goes down. He gave several examples of database systems that reached very different equilibrium points, depending on corporate lobbying, political realities, public outrage, etc. He believes that privacy will be regulated, the only question being when and how. “Where will the privacy boundary end up, and why? How can we nudge it one way or another?”

Alma Whitten, Google (suggested reading: Why Johnny can’t encrypt: A usability evaluation of PGP 5.0), presented a set of ideals about privacy (very European like) and some of the engineering challenges they present. “Engineering challenge #1: How to support access and control to personal data that isn’t authenticated? Engineering challenge #2: How to inform users about both authenticated and unauthenticated data? Engineering challenge #3: How to balance giving users control over data collection versus detecting and stopping abuse? Engineering challenge #4: How to give users fine-grained control over their data without overwhelming them with options? Engineering challenge #5: How to link sequential actions while preventing them from being linkable to a person? Engineering challenge #6: How to make the benefits of aggregate data analysis apparent to users? Engineering challenge #7: How to avoid or detect inadvertent recording of data that can be linked to an individual?” (Note that Alma requested not to be recorded.)

John Mueller, Ohio State University (suggested reading: Reacting to Terrorism: Probabilities, Consequences, and the Persistence of Fear; Evaluating Measures to Protect the Homeland from Terrorism; Terrorphobia: Our False Sense of Insecurity), talked about terrorism and the Department of Homeland Security. Terrorism isn’t a threat; it’s a problem and a concern, certainly, but the word “threat” is still extreme. Al Qaeda isn’t a threat, and they’re the most serious potential attacker against the U.S. and Western Europe. And terrorists are overwhelmingly stupid. Meanwhile, the terrorism issue “has become a self-licking ice cream cone.” In other words, it’s now an ever-perpetuating government bureaucracy. There are virtually an infinite number of targets; the odds of any one target being targeted is effectively zero; terrorists pick targets largely at random; if you protect target, it makes other targets less safe; most targets are vulnerable in the physical sense, but invulnerable in the sense that they can be rebuilt relatively cheaply (even something like the Pentagon); some targets simply can’t be protected; if you’re going to protect some targets, you need to determine if they should really be protected. (I recommend his book, Overblown.)

Adam Shostack, Microsoft (his blog), pointed out that even the problem of figuring out what part of the problem to work on first is difficult. One of the issues is shame. We don’t want to talk about what’s wrong, so we can’t use that information to determine where we want to go. We make excuses—customers will flee, people will sue, stock prices will go down—even though we know that those excuses have been demonstrated to be false.

During the discussion, there was a lot of talk about the choice between informing users and bombarding them with information they can’t understand. And lots more that I couldn’t transcribe.

And that’s it. SHB09 was a fantastic workshop, filled with interesting people and interesting discussion. Next year in the other Cambridge.

Adam Shostack’s liveblogging is here. Ross Anderson’s liveblogging is in his blog post’s comments. Matt Blaze’s audio is here.

Posted on June 12, 2009 at 4:55 PMView Comments

Second SHB Workshop Liveblogging (7)

Session Six—”Terror”—chaired by Stuart Schechter.

Bill Burns, Decision Research (suggested reading: The Diffusion of Fear: Modeling Community Response to a Terrorist Strike), studies social reaction to risk. He discussed his theoretical model of how people react to fear events, and data from the 9/11 attacks, the 7/7 bombings in the UK, and the 2008 financial collapse. Basically, we can’t remain fearful. No matter what happens, fear spikes immediately after and recovers 45 or so days afterwards. He believes that the greatest mistake we made after 9/11 was labeling the event as terrorism instead of an international crime.

Chris Cocking, London Metropolitan University (suggested reading: Effects of social identity on responses to emergency mass evacuation), looks at the group behavior of people responding to emergencies. Traditionally, most emergency planning is based on the panic model: people in crowds are prone to irrational behavior and panic. There’s also a social attachment model that predicts that social norms don’t break down in groups. He prefers a self-categorization approach: disasters create a common identity, which results in orderly and altruistic behavior among strangers. The greater the threat, the greater the common identity, and spontaneous resilience can occur. He displayed a photograph of “panic” in New York on 9/11 and showed how it wasn’t panic at all. Panic seems to be more a myth than a reality. This has policy implications during an event: provide people with information, and people are more likely to underreact than overreact, if there is overreaction, it’s because people are acting as individuals rather than groups, so those in authority should encourage a sense of collective identity. “Crowds can be part of the solution rather than part of the problem.”

Richard John, University of Southern California (suggested reading: Decision Analysis by Proxy for the Rational Terrorist), talked about the process of social amplification of risk (with respect to terrorism). Events result in relatively small losses; it’s the changes in behavior following an event that result in much greater losses. There’s a dynamic of risk perception, and it’s very contextual. He uses vignettes to study how risk perception changes over time, and discussed some of the studies he’s conducting and ideas for future studies.

Mark Stewart, University of Newcastle, Australia (suggested reading: A risk and cost-benefit assessment of United States aviation security measures; Risk and Cost-Benefit Assessment of Counter-Terrorism Protective Measures to Infrastructure), examines infrastructure security and whether the costs exceed the benefits. He talked about cost/benefit trade-off, and how to apply probabilistic terrorism risk assessment; then, he tried to apply this model to the U.S. Federal Air Marshal Service. His result: they’re not worth it. You can quibble with his data, but the real value is a transparent process. During the discussion, I said that it is important to realize that risks can’t be taken in isolation, that anyone making a security trade-off is balancing several risks: terrorism risks, political risks, the personal risks to his career, etc.

John Adams, University College London (suggested reading: Deus e Brasileiro?; Can Science Beat Terrorism?; Bicycle bombs: a further inquiry), applies his risk thermostat model to terrorism. He presented a series of amusing photographs of overreactions to risk, most of them not really about risk aversion but more about liability aversion. He talked about bureaucratic paranoia, as well as bureaucratic incitements to paranoia, and how this is beginning to backfire. People treat risks differently, depending on whether they are voluntary, impersonal, or imposed, and whether people have total control, diminished control, or no control.

Dan Gardner, Ottawa Citizen (suggested reading: The Science of Fear: Why We Fear the Things We Shouldn’t—and Put Ourselves in Greater Danger), talked about how the media covers risks, threats, attacks, etc. He talked about the various ways the media screws up, all of which were familiar to everyone. His thesis is not that the media gets things wrong in order to increase readership/viewership and therefore profits, but that the media gets things wrong because reporters are human. Bad news bias is not a result of the media hyping bad news, but the natural human tendency to remember the bad more than the good. The evening news is centered around stories because people—including reporters—respond to stories, and stories with novelty, emotion, and drama are better stories.

Some of the discussion was about the nature of panic: whether and where it exists, and what it looks like. Someone from the audience questioned whether panic was related to proximity to the event; someone else pointed out that people very close to the 7/7 bombings took pictures and made phone calls—and that there was no evidence of panic. Also, on 9/11 pretty much everyone below where the airplanes struck the World Trade Center got out safely; and everyone above couldn’t get out, and died. Angela Sasse pointed out that the previous terrorist attack against the World Trade Center, and the changes made in evacuation procedures afterwards, contributed to the lack of panic on 9/11. Bill Burns said that the purest form of panic is a drowning person. Jean Camp asked whether the recent attacks against women’s health providers should be classified as terrorism, or whether we are better off framing it as crime. There was also talk about sky marshals and their effectiveness. I said that it isn’t sky marshals that are a deterrent, but the idea of sky marshals. Terence Taylor said that increasing uncertainty on the part of the terrorists is, in itself, a security measure. There was also a discussion about how risk-averse terrorists are; they seem to want to believe they have an 80% or 90% change of success before they will launch an attack.

Next, lunch—and two final sessions this afternoon.

Adam Shostack’s liveblogging is here. Ross Anderson’s liveblogging is in his blog post’s comments. Matt Blaze’s audio is here.

Posted on June 12, 2009 at 12:01 PMView Comments

Teaching Children to Spot Terrorists

You can’t make this stuff up:

More than 2,000 10 and 11-year-olds [in the UK] will see a short film, which urges them to tell the police, their parents or a teacher if they hear anyone expressing extremist views.

[…]

A lion explains that terrorists can look like anyone, while a cat tells pupils that [they] should get help if they are being bullied and a toad tells them how to cross the road.

The terrorism message is also illustrated with a re-telling of the story of Guy Fawkes, saying that his strong views began forming when he was at school in York. It has been designed to deliver the message of fighting terrorism in [an] accessible way for children.

I’ve said this before:

If you ask amateurs to act as front-line security personnel, you shouldn’t be surprised when you get amateur security.

Posted on June 9, 2009 at 2:45 PMView Comments

Fear of Aerial Images

Time for some more fear about terrorists using maps and images on the Internet.

But the more striking images come when Portzline clicks on the “bird’s-eye” option offered by the map service. The overhead views, which come chiefly from satellites, are replaced with strikingly clear oblique-angle photos, chiefly shot from aircraft. By clicking another button, he can see the same building from all four sides.

“What we’re seeing here is a guard shack,” Portzline said, pointing to a rooftop structure. “This is a communications device for the nuclear plant.”

He added, “This particular building is the air intake for the control room. And there’s some nasty thing you could do to disable the people in the control room. So this type of information should not be available. I look at this and just say, ‘Wow.’ ”

Terror expert and author Brian Jenkins agreed that the pictures are “extraordinarily impressive.”

“If I were a terrorist planning an attack, I would want that imagery. That would facilitate that mission,” he said. “And given the choice between renting an airplane or trying some other way to get it, versus tapping in some things on my computer, I certainly want to do the latter. (It will) reduce my risk, and the first they’re going to know about my attack is when it takes place.”

Gadzooks, people, enough with the movie plots.

Joel Anderson, a member of the California Assembly, has more expansive goals. He has introduced a bill in the state Legislature that would prohibit “virtual globe” services from providing unblurred pictures of schools, churches and government or medical facilities in California. It also would prohibit those services from providing street-view photos of those buildings.

“It struck me that a person in a tent halfway around the world could target an attack like that with a laptop computer,” said Anderson, a Republican legislator who represents San Diego’s East County. Anderson said he doesn’t want to limit technology, but added, “There’s got to be some common sense.”

I wonder why he thinks that “schools, churches and government or medical facilities” are terrorist targets worth protecting, and movie theaters, stadiums, concert halls, restaurants, train stations, shopping malls, Toys-R-Us stores on the day after Thanksgiving, train stations, and theme parks are not. After all, “there’s got to be some common sense.”

Now, both have launched efforts to try to get Internet map services to remove or blur images of sensitive sites, saying the same technology that allows people to see a neighbor’s swimming pool can be used by terrorists to chose targets and plan attacks.

Yes, and the same technology that allows people to call their friends can be used by terrorists to choose targets and plan attacks. And the same technology that allows people to commute to work can be used by terrorists to plan and execute attacks. And the same technology that allows you to read this blog post…repeat until tired.

Of course, this is nothing I haven’t said before:

Criminals have used telephones and mobile phones since they were invented. Drug smugglers use airplanes and boats, radios and satellite phones. Bank robbers have long used cars and motorcycles as getaway vehicles, and horses before then. I haven’t seen it talked about yet, but the Mumbai terrorists used boats as well. They also wore boots. They ate lunch at restaurants, drank bottled water, and breathed the air. Society survives all of this because the good uses of infrastructure far outweigh the bad uses, even though the good uses are—by and large—small and pedestrian and the bad uses are rare and spectacular. And while terrorism turns society’s very infrastructure against itself, we only harm ourselves by dismantling that infrastructure in response—just as we would if we banned cars because bank robbers used them too.

You’re not going to stop terrorism by deliberately degrading our infrastructure. Refuse to be terrorized, everyone.

Posted on June 8, 2009 at 6:15 AMView Comments

Why Is Terrorism so Hard?

I don’t know how I missed this great series from Slate in February. It’s eight essays exploring why there have been no follow-on terrorist attacks in the U.S. since 9/11 (not counting the anthrax mailings, I guess). Some excerpts:

Al-Qaida’s successful elimination of the Twin Towers, part of the Pentagon, four jetliners, and nearly 3,000 innocent lives makes the terror group seem, in hindsight, diabolically brilliant. But when you review how close the terrorists came to being exposed by U.S. intelligence, 9/11 doesn’t look like an ingenious plan that succeeded because of shrewd planning. It looks like a stupid plan that succeeded through sheer dumb luck.

[…]

Even when it isn’t linked directly to terrorism, Muslim radicalism seems more prevalent—and certainly more visible—inside the United Kingdom, and in Western Europe generally, than it is inside the United States.

Why the difference? Economics may be one reason. American Muslims are better-educated and wealthier than the average American.

[…]

According to [one] theory, the 9/11 attacks were so stunning a success that they left al-Qaida’s leadership struggling to conceive and carry out an even more fearsome and destructive plan against the United States. In his 2006 book The One Percent Doctrine, journalist Ron Suskind attributes to the U.S. intelligence community the suspicion that “Al Qaeda wouldn’t want to act unless it could top the World Trade Center and the Pentagon with something even more devastating, creating an upward arc of rising and terrible expectation as to what, then, would follow.”

[…]

From a broader policy viewpoint, the Bush administration’s most significant accomplishment, terrorism experts tend to agree, was the 2001 defeat of Afghanistan’s Taliban regime and the destruction of Bin Laden’s training camps. As noted in “The Terrorists-Are-Dumb Theory” and “The Melting Pot Theory,” two-thirds of al-Qaida’s leadership was captured or killed. Journalist Lawrence Wright estimates that nearly 80 percent of al-Qaida’s Afghanistan-based membership was killed in the U.S. invasion, and intelligence estimates suggest al-Qaida’s current membership may be as low as 200 or 300.

[…]

The departing Bush administration’s claim that deposing Saddam Hussein helped prevent acts of terror in the United States has virtually no adherents, except to the extent that it drew some jihadis into Iraq. The Iraq war reduced U.S. standing in the Muslim world, especially when evidence surfaced that U.S. military officials had tortured and humiliated prisoners at the Abu Ghraib prison.

[…]

When Schelling, Abrams, and Sageman argue that terrorists are irrational, what they mean is that terror groups seldom realize their big-picture strategic goals. But Berrebi says you can’t pronounce terrorists irrational until you know what they really want. “We don’t know what are the real goals of each organization,” he says. Any given terror organization is likely to have many competing and perhaps even contradictory goals. Given these groups’ inherently secret nature, outsiders aren’t likely to learn which of these goals is given priority.

Read the whole thing.

Posted on June 3, 2009 at 1:35 PMView Comments

Arming the Boston Police with Assault Rifles

Whose idea is this?

The Boston Police Department is preparing a plan to arm as many as 200 patrol officers with semiautomatic assault rifles, a significant boost in firepower that department leaders believe is necessary to counter terrorist threats, according to law enforcement officials briefed on the plan.

The initiative calls for equipping specialized units, such as the bomb squad and harbor patrol, with the high-powered long-range M16 rifles first, the officials said. The department would then distribute the weapons to patrol officers in neighborhood precincts over the next several months, according to the two law enforcement officials, who spoke on the condition of anonymity because they did not have permission to speak publicly.

Remember, the “terrorist threats” that plague Boston include blinking signs, blinking name badges, and Linux. Would you trust the police there with automatic weapons?

And anyway, how exactly does an police force armed with automatic weapons protect against terrorism? Does it make it harder for the terrorists to plant bombs? To hijack aircraft? Sure, you can invent a movie-plot scenario involving a Mumbai-like attack and have a Bruce Willis-like armed policeman save the day, but—realistically—is this really the best way for us to be spending our counterterrorism dollar?

Luckily, people seem to be coming to their senses.

EDITED TO ADD: These are semi-automatic rifles, not fully automatic. I think the point is more about the militarization of the police than the exact specifications of the weapons in this case.

Posted on June 3, 2009 at 5:57 AMView Comments

Research on Movie-Plot Threats

This could be interesting:

Emerging Threats and Security Planning: How Should We Decide What Hypothetical Threats to Worry About?

Brian A. Jackson, David R. Frelinger

Concerns about how terrorists might attack in the future are central to the design of security efforts to protect both individual targets and the nation overall. In thinking about emerging threats, security planners are confronted by a panoply of possible future scenarios coming from sources ranging from the terrorists themselves to red-team brainstorming efforts to explore ways adversaries might attack in the future. This paper explores an approach to assessing emerging and/or novel threats and deciding whether—or how much—they should concern security planners by asking two questions: (1) Are some of the novel threats “niche threats” that should be addressed within existing security efforts? (2) Which of the remaining threats are attackers most likely to execute successfully and should therefore be of greater concern for security planners? If threats can reasonably be considered niche threats, they can be prudently addressed in the context of existing security activities. If threats are unusual enough, suggest significant new vulnerabilities, or their probability or consequences means they cannot be considered lesser included cases within other threats, prioritizing them based on their ease of execution provides a guide for which threats merit the greatest concern and most security attention. This preserves the opportunity to learn from new threats yet prevents security planners from being pulled in many directions simultaneously by attempting to respond to every threat at once.

Full paper available here.

Posted on June 1, 2009 at 3:29 PMView Comments

Defending Against Movie-Plot Threats with Movie Characters

Excellent:

Seeking to quell fears of terrorists somehow breaking out of America’s top-security prisons and wreaking havoc on the defenseless heartland, President Barack Obama moved quickly to announce an Anti-Terrorist Strike Force headed by veteran counterterrorism agent Jack Bauer and mutant superhero Wolverine. Already dubbed a “dream team,” their appointment is seen by experts as a crucial step in reducing the mounting incidents of national conservatives and congressional Democrats crapping their pants.

“I believe a fictional threat is best met with decisive fictional force,” explained President Obama. “Jack Bauer and Wolverine are among the very best we have when in comes to combating fantasy foes.” Mr. Bauer said, “We’re quite certain that our prisons are secure. Osama bin Laden and his agents wouldn’t dare attempt a break-out, and would fail miserably if they tried. But I love this country. And should Lex Luthor, Magneto or the Loch Ness Monster attack, we’ll be there to stop them.”

Posted on May 26, 2009 at 6:09 AMView Comments

This Week's Terrorism Arrests

Four points. One: There was little danger of an actual terrorist attack:

Authorities said the four men have long been under investigation and there was little danger they could actually have carried out their plan, NBC News’ Pete Williams reported.

[…]

In their efforts to acquire weapons, the defendants dealt with an informant acting under law enforcement supervision, authorities said. The FBI and other agencies monitored the men and provided an inactive missile and inert C-4 to the informant for the defendants, a federal complaint said.

The investigation had been under way for about a year.

“They never got anywhere close to being able to do anything,” one official told NBC News. “Still, it’s good to have guys like this off the street.”

Of course, politicians are using this incident to peddle more fear:

“This was a very serious threat that could have cost many, many lives if it had gone through,” Representative Peter T. King, Republican from Long Island, said in an interview with WPIX-TV. “It would have been a horrible, damaging tragedy. There’s a real threat from homegrown terrorists and also from jailhouse converts.”

Two, they were caught by traditional investigation and intelligence. Not airport security. Not warrantless eavesdropping. But old fashioned investigation and intelligence. This is what works. This is what keeps us safe. Here’s an essay I wrote in 2004 that says exactly that.

The only effective way to deal with terrorists is through old-fashioned police and intelligence work—discovering plans before they’re implemented and then going after the plotters themselves.

Three, they were idiots:

The ringleader of the four-man homegrown terror cell accused of plotting to blow up synagogues in the Bronx and military planes in Newburgh admitted to a judge today that he had smoked pot before his bust last night.

When U.S. Magistrate Judge Lisa M. Smith asked James Cromitie if his judgment was impaired during his appearance in federal court in White Plains, the 55-year-old confessed: “No. I smoke it regularly. I understand everything you are saying.”

Four, an “informant” helped this group a lot:

In April, Mr. Cromitie and the three other men selected the synagogues as their targets, the statement said. The informant soon helped them get the weapons, which were incapable of being fired or detonated, according to the authorities.

The warning the warning I wrote in “Portrait of the Modern Terrorist as an Idiot” is timely again:

Despite the initial press frenzies, the actual details of the cases frequently turn out to be far less damning. Too often it’s unclear whether the defendants are actually guilty, or if the police created a crime where none existed before.

The JFK Airport plotters seem to have been egged on by an informant, a twice-convicted drug dealer. An FBI informant almost certainly pushed the Fort Dix plotters to do things they wouldn’t have ordinarily done. The Miami gang’s Sears Tower plot was suggested by an FBI undercover agent who infiltrated the group. And in 2003, it took an elaborate sting operation involving three countries to arrest an arms dealer for selling a surface-to-air missile to an ostensible Muslim extremist. Entrapment is a very real possibility in all of these cases.

Actually, that whole 2007 essay is timely again. Some things never change.

Posted on May 22, 2009 at 6:11 AMView Comments

1 31 32 33 34 35 80

Sidebar photo of Bruce Schneier by Joe MacInnis.