In this Special Edition Annual Review, which marks the 20th anniversary of 9/11, Ed Butler CBE, DSO, Chief Resilience Officer at Pool Re, explains how two decades of disruption has shaped todays’ fight against terrorism and extremism.
This timely review looks at the world’s response to terrorism since 9/11 and how it might be improved, identifies outdated solutions and hierarchical structures, and examines the current threat landscape. In the year that saw the US and other forces withdraw from Afghanistan, it also looks at the long-term consequences of this, as well as other sources of concern such as terrorist use of biological weapons in the post pandemic era, the continual growth of right wing extremism, and how climate change is influencing the drivers of terrorism.
It feels appropriate, a couple of months after the twentieth anniversary of 9/11, to pause and consider whether the world is more, or less, secure from terrorism than in the latter part of the previous century. I fear not. We are living in unprecedented times, in a new paradigm where ‘Cold War’ has been replaced by ‘Hot Peace’. A paradigm where we have gone from a bi-polar world to one of multiple asymmetric conflicts and threats, where war is now indistinguishable from peace. Where the distinction between acts of war, hybrid war, terrorism, and serious organised crime, in particular in the cyber domain, is becoming increasingly blurred. The build-up of Russian forces on the Ukrainian border, coupled with destablisation operations by Belarus, could well see the first outbreak of a global ‘conventional confrontation’ in the 21st Century. Tensions over Taiwan, and the Iranian pursuit of a nuclear weapon add to global uncertainty and unpredictability.
We inhabit a world where traditional terrorist threats, which tended to be localised and focused on the destruction of property and killing servicemen, policemen and public figures, feel somewhat primitive. Our new world is populated by Jihadis and extremists who buy ‘one-way tickets’ on route to martyrdom and mass casualty events. The new world is characterised by remarkable digital and information sharing advances, where information (good and bad) can pass at the speed of photons and is largely ‘unseen’, hidden in a virtual cloud. Concerns over ‘bedroom radicalisation’ continue to grow.
At the time of 9/11, we had technological superiority over terrorists, through the use of Global Positioning Systems (GPS), Night Vision Systems (NVS), Unmanned Aerial Vehicles (UAVs), and precision strike weapons and across most, if not all, IT networks. Now, Daesh, Al Qaeda (AQ) and most, if not all, threat actors use state of the art GPS, NVS, drones, the dark web and encrypted messaging to plan and execute their attacks. The latter is of significant concern for our intelligence and security services and, to quote a former Director of the FBI, we are going ‘dark and dumb’ at just the wrong time.
The growing capabilities of terrorists raises concerns around the ability and capacity of our military, security and intelligence services to continually deliver success against a rapidly evolving spectrum of threats. Can our counterterrorism operations keep pace with the rapid technological changes? The diversity of threat actors? New, dynamic threats, especially in the information domain? And lastly the evolution of the ‘digital terrorist’?
Outdated solutions and hierarchical structures
If we are to believe terrorism has entered a new dimension with growing sophisticated capabilities, this is likely to have a significant impact on businesses and our infrastructure, especially those which operate in complex environments. Therefore, we will almost certainly need greater collaboration between the public and private sector in order to improve our economic and societal resilience to terrorism.
We have seen how threat actors, be they traditional terrorists, radical extremists, militias, hybrid fighters, serious organised and/or narco or cyber criminals, use any means to harm, attack and avoid us. My concern is that we are using outdated methods. Our capabilities and corporate security solutions are configured in traditional hierarchical structures, and conventionally equipped, often led by too many people who still think and operate in a classical, [Western] conventional way. In my view, we need to re- think, plan, operate, lead, and deliver terrorism security and risk solutions. As TE Lawrence described it, while fighting the Ottomans, asymmetric operations are ‘like eating soup with a knife’. We need to eat more soup with knives and try and ‘synchronise this asymmetry’.
Before looking at how we might better prepare and mitigate against all forms of extremism and violent action, I’d like to review our current situation. We are both recovering from, and adjusting to, the global pandemic. In the light of a global pandemic we are slowly waking up to the increased threat of terrorist use of Chemical, Biological and Radiological (CBR) weapons. We are dealing with the ‘forever consequences’ of the humiliating withdrawal from Afghanistan, and the increasing radicalisation and disaffection across our communities, coupled with the consequences of climate change influencing and fuelling the drivers of terrorism. It is a bleak landscape.
What has been our response and how do we improve it?
Back in the 80s and 90s, it was very much a long-term game. There were relatively few active members of the Irish Republican Army (IRA), we knew who they were, where they lived, and we had extensive data bases on them and their networks. We undertook intensive surveillance operations, through active and passive means and relied heavily on human sources and technology to provide us with the edge. We took down the hierarchy – difficult with today’s Islamist terrorists which operate on a decentralised approach – disrupted their supply chains and focused on their finances and supporters.
In the 1990s radical Islam, and the growth of Al Qaeda (AQ), was not seen as a problem facing the UK. I think it’s important to make the distinction here between our understanding and response to the threat of radical Islam pre and post 9/11, when the scale of the potential threat became clear. The French intelligence services did warn us of the growing threat and coined the term ‘Londonistan’ because of the presence of a large number of radical Islamists, mostly from Algeria and some who had served in Bosnia, who were living in London. But these individuals did not pose a direct threat to the UK where PIRA was still considered the primary terrorist threat. But even in 2001, the threat of Islamic terrorism against the UK was still seen as low, and it remained so until the first successful attack in 2005 (although there had been a ricin plot interdicted in Wood Green, with the Islamist perpetrators intending to attack the London Underground in 2003).
CT operations became more challenging and more global in the late 90s and early 2000s, as opposed to localised campaigns, primarily because of the safe havens in Afghanistan and Iraq (although international terrorism, vide Palestinian terrorism, had always been global.) There were a large number of suspects, with only a small handful known to the authorities. We lacked the necessary ‘human sources’, and AQ was more alert to our surveillance techniques and methodologies. They went ‘off-grid’ and were able to plan catastrophic attacks, in the late 90s, such as the USS Cole, the US embassy in Dar Es Salaam and, of course, 9/11.
In 1993, MI5 had only 2000 staff and 70 per cent of its efforts were focussed on terrorism, much of it targeted towards the activities of the IRA and domestic terrorism. 25 per cent was devoted to counter-espionage and counter-proliferation - the latter against the growing threat from ‘weapons of mass destruction . . . nuclear, chemical and biological.”
MI6 was still coming out of the shadows of fighting the Cold War and, despite having more overseas stations than it does today, Islamist terrorism was not seen as a threat. The CT agencies – MI5, MI6, GCHQ, DIS and Special Forces (SF) - were also very stove-piped and we did not share intelligence and knowledge about the threat. MI5 now has 4000+ staff and is funded as part of the Single Intelligence Account (£3.02 billion in 2017–2018 financial year, which includes the budget for GCHQ).
There is a now national network of MI5 agents, with a significant proportion focussed on Islamist terrorism, based out of the Counter Terrorism Units (CTUs), but still with a reasonable proportion leading the efforts against Northern Ireland related terrorism. More significantly, our domestic and international CT policy and operations are combined, taking into account the global, physical and virtual nature of the threat.
9/11 was a huge wake up call for our CT agencies, and the start of a more coordinated international collaboration across the 5 Eyes community (UK, US, Australia, New Zealand, and Canada). Although the challenge of sharing timely and accurate intelligence still existed, and our US partners were in the early years, in my opinion, determined to win the War on Terror on their own terms and often under their own steam. The major challenge in the aftermath of 9/11 was that the so called ‘war on terror’, which was the political cover for regime change in Iraq, became conflated and confused with a ‘neocon’ political agenda. Notwithstanding, collaboration across the UK CT communities improved, albeit slowly. This was enhanced with the implementation of CONTEST, and the four pillars of Prevent, Pursue, Protect and Prepare. This was the first CT policy of its kind, and it endures, with little change, today.
The game changer, in my view, was the creation of the CTUs and (then a network of CT Intelligence Units - CTIUs) in London, Manchester, Birmingham and Leeds that fused Police, MI5, MI6, GCHQ and SF Liaison Officers) under the direction of Assistant Commissioner Special Operations (ACSO) and the oversight of Association of Chief Police Offices Terrorism and Allied Matters (ACPO TAM) with a new 鶹 Office department, the Office of Security and Counter Terrorism (OSCT, now named the 鶹land Security Group), to provide the policy lead. The attacks in London in July 2005, ‘7/7’ and ‘7/21’, created another strategic shock. This saw the coming of age of the Joint Terrorism Analysis Centre (JTAC), formed in 2003, which brought all the CT agencies together, fusing all source intelligence and full inter-agency cooperation. JTAC is an exemplar organisation, envied by our European partners and has done much to keep the threat of terrorism to the level it is.
Current Threat Landscape
Since 9/11 we have witnessed a huge amount of chaos and uncertainty and the current terrorist threat landscape continues to evolve, remaining complex and confusing, recently highlighted by still unexplained motivations of the perpetrator who, based on what we know, tried to attack the Liverpool Women’s Hospital. The threat from all terrorist constituencies is arguably more dangerous and diverse than in 2000. This concern was recently highlighted by Richard Moore, the new head of the Secret Intelligence Service (MI6), who stated that countering international terrorism is now one of the ‘Big Four’ priorities for MI6.
The emergence of the ‘self-initiated terrorist’, i.e. one who acts relatively alone and is informed and radicalised via the internet, appears to be the main threat to the UK. This has changed over the last five to six years when terrorist attacks were a combination of those directed from abroad, frustrated ‘travellers’ who could not get out to the so-called Caliphate and those who simply acted on their own.
The continuing rise of Right Wing extremism is increasingly of concern. This trend is well recognised but during 2021 it certainly saw no sign of slowing, especially in Europe and North America – as illustrated by the riots in Washington in January 2021. Previously confined to the US and Europe it now poses a more transnational and global threat. Right Wing extremism used to be characterised, by some, as ‘hapless and hopeless’. Now a more cellular structure, often portrayed as a political movement with a clear vision and mission, Right Wing extremists have more connectivity and coordination than they did 5 years ago, and, as with Islamist extremism, they have shifted ‘online’ with access to the same suite of highly effective ‘virtual’ tools and resources at their disposal.
However, the chaotic threat landscape does not necessarily mean we are likely to face more frequent or sophisticated attacks, it may simply lead to a broader range of attacks. Experience tells us that terrorists are persistent, and they will continue to plan for mass casualty attacks using the full spectrum of technologies and methodologies available – be they sophisticated devices or those which are more readily to hand and off the shelf.
I would argue that we need to deal with terrorism end to end, looking at both the drivers of terrorism as well as its consequences. The involvement of businesses and the private sector is crucial to our success. As Neil Basu, senior lead for CT in the UK, commented at a Pool Re conference in 2019, ‘there can be no prosperity without security and that every business needed to be a counter terrorism business’. The forthcoming Protect Duty legislation will put more requirements on businesses, especially those operating in publicly accessible locations to protect their customers and the public from terrorist attacks.
Post Pandemic and biological weapons?
The Covid-19 pandemic impacted (and continues to do so) on all societies and economies, exacerbating many of the divisions which are exploited by extremist groups. Many commentators and CT professionals predicted a post pandemic surge of terrorist attacks as the country came out of lockdown. This is yet to manifest itself at scale, as witnessed in 2017, but the murder of Sir David Amess and the failed attack on the women’s hospital in Liverpool, both within a month of each other, may herald the start of a series of further incidents.
The consequences of the pandemic on terrorism are still unfolding, but early signs indicate increased levels of radicalisation. Of significant concern is the impact on CT (and related) budgets. The pandemic has left a serious economic scar on the global economy. Will we face further cuts, and budget reviews? How will this affect the international CT infrastructure and our preparedness to prevent or minimise the effects of an attack? We have already witnessed many countries scaling back on their international commitments (for example the withdrawal of troops from Afghanistan) which is already reducing the pressure on a wide range of terrorist groups.
The pandemic has also demonstrated the potency and scope a biological attack could pose. We now need to consider to what extent terrorists are likely to invest time and effort in exploring this as a serious means of destruction. It is generally believed that a sophisticated weaponised virus would be difficult to produce and deploy successfully, not least because when released it becomes so difficult to control and is indiscriminate in its effect. Covid-19 will most likely have resurrected terrorist interest in developing biological and chemical weapons. Five years of experimentation of novel weapons, in particular chemical IEDs, in Iraq and Syria during the time of the so-called Caliphate, will have contributed to their knowledge of using them. They will be well versed in the psychological impact of ‘terror’ weapons. Whether they have the appetite and means to deploy a biological weapon is not something to be ignored, especially when the 2021 UK Integrated Review warned of a successful chemical, biological or radiological device being used by a terrorist group before 2030.
The forever consequences of the withdrawal from Afghanistan
Much has already been written about the calamitous withdrawal of US and other forces from Afghanistan - what Presidents Trump and Biden called the ‘forever war.’ Afghanistan continues to spiral into a humanitarian, economic, security and political crisis, exacerbated by splits between the Taliban movement, which is likely to lead to a civil war and further chaos which will be exploited by state, non-state, and terrorist groups. The withdrawal of US and coalition troops cannot be discussed as either the right or wrong decision, rather an unnecessary and poorly timed one, with massive and forever consequences. The mass exodus of Afghans from their homeland will add to further pressures of a migrant population in Europe and the UK which, will in turn, increase tensions within some elements of society. This is likely to be exploited by both Islamists and the Far Right. What is certain is that the Taliban victory in Afghanistan has provided a major morale boost for Jihadist groups around the world, which will no doubt be of benefit to AQ and its affiliates. The West will be less safe, with increased probability of another 9/11 style attack being planned and prepared from Afghanistan.
A counter narrative to the negative consequences of the withdrawal from Afghanistan is the potential for this decision to lead to an inflexion point in the ‘war on terror’. Whilst random and seemingly isolated incidents and self-initiated terrorists will continue to be a problem, the fundamental rationale for the Islamist extremists’ call to arms, namely our presence in Iraq and Afghanistan, has now disappeared. No longer can the West be blamed for interfering in Muslims’ lives as both countries are now being run by Islamic governments albeit with very different political and religious hues. The call to arms expressed so successfully by AQ and then by Daesh was predicated on Western interference in Iraq and Afghanistan will be much more difficult to substantiate and justify. What we may see instead is a struggle for power and control between various Islamic groups in Iraq, Afghanistan, Syria, and the Sahel, with less focus on fermenting extremism and launching attacks in the West.
Sadly, the attraction of the so-called Caliphate spreading to western Europe will likely continue. The narrative will resonate amongst some of the many disenfranchised and disillusioned young men and women in the disaffected and economically depressed areas of the UK, France, the Low Countries and across much of the sub-Sahara and Sahel.
Time will tell.
Climate change
Despite climate change starting to inform the political dialogue in 2001, very few experts could have foreseen the serious consequences climate change would have on the impact of the drivers of terrorism. Clear evidence is now emerging that climate change is becoming an indirect contributor to terrorism as opposed to just a security concern (for example, inter- and intra-regional disputes over water). Climate change is viewed as a threat multiplier, exacerbating existing problems, causing massive social dislocation and migration, be it in the Sahel or Afghanistan, which provides opportunities for terrorists to coerce or recruit foot soldiers amongst disgruntled or displaced people. More often than not this has the effect of solidifying support around local issues as much as ideological ones. In some instances, climate change rhetoric may be adopted as the primary ideology of a terrorist group or the embracing of terrorist tactics by environmental extremists and Left-wing groups as societies become more vulnerable to radicalisation and extremist mobilisation.
Protect Duty: A response to new and changing threats
More recently, the findings of the 2021 Manchester Arena Enquiry have paved the way for the forthcoming Protect Duty legislation which emanated from Martyn’s Law and is expected to come into effect in the latter part of 2022. The legislation is intended to provide clear guidance on a range of requirements as well as placing legal expectation on businesses and organisations who own property or operate in publicly accessible places, such as arenas, shopping centres and the high street. Protect Duty will be the single biggest change to the UK terrorism risk landscape for a generation and is likely to affect at least 650,000 (鶹 Office estimate) businesses in the UK, many of which will never have considered the risk of terrorism to their people or property. This will no doubt be challenging for all but the largest and more sophisticated businesses, with business owners and operators facing the largest change to their terrorism liability cover for both Employers’ Liability and Public Liability.
What does the future hold?
Having reflected on my early days patrolling the streets of West Belfast, through to leading and conducting high intensity CT operations, then into the quagmires of Iraq and Afghanistan, and now in the post (so-called) Caliphate era, let me share a few thoughts for the future of countering terrorism.
• In my view, we will never again fight an enemy who tries to fight against our own strengths. The last person to do this was Saddam Hussein in 1991 when he laid out the Iraqi Army in drill like formations on the desert plains. Therefore, we need to combine technological advantage, cunning, and boldness into a winning combination that can defeat an opposition who are comfortable with asymmetry and exploit the flow of technological change as opposed to being constrained by it. It is also possible that state sponsored actors
will conduct asymmetric attacks rather than a state engaging in open warfare.
• The major groups such as Daesh AQ, Al Shabaab, Hezbollah and Boko Haram are still very much alive. They have adapted their tactics and business models to changing circumstances. These actors are also having an impact in emerging and frontier markets, threatening many of the West’s global supply chains within the ‘Global Village’.
• The humiliating withdrawal of Western forces from Afghanistan has increased the threat of terrorism to Europe and the UK. The possibility of another 9/11 being planned and prepared from Afghanistan cannot be discounted.
• Terrorism is now moving with greater velocity and increasing volatility, exposing our vulnerabilities – be they resource, legal or policy driven. We need to adapt our CT business models in response and make them more dynamic.
• We discussed the rise of Right Wing extremism, often based on white supremacist groups. These groups are now carrying out more attacks in the United States than the jihadists and constitute 20 per cent of cases under investigation by the FBI. Recent statistics for Prevent, the UK government’s counter-extremism programme, showed that for the first time in the programme’s history, referrals made in relation to Right Wing extremism outstripped those for Islamist extremism.
• The trouble is that terrorists and extremists will continue to use tactics, techniques and procedures that exploit gaps and weaknesses in our state and corporate security architecture, as well as divisions in our communities. They will continue to move up the technology curve, and they will succeed until there is an antidote. Part of this solution, as acknowledged by the new Director of MI6, is that his Service is no longer independently capable of staying competitive at a time of rapid technological development. Consequently,
he envisages MI6 working alongside technology companies and other private sector organisations to increase the former’s capabilities presented by newly emerging technologies, including artificial intelligence and advanced computing. Genuine collaboration between the public and private sector is now needed if we are to successfully contain the enduring threat posed by extremism and terrorism.
• Next is the growing number of targets of terrorist violence. It is no longer the state or its representatives in diplomacy, police or the military that are the primary target. Rather any group in society that can be stigmatised, such as Jews, Hispanics, LGBT activists or pro-EU liberals and where hatred can be whipped up by conspiracy theories in the social media, are all potential targets.
• Terrorism is linked to armed conflicts and social breakdown within countries. Domestic violence is running at four times the number of war deaths globally and 75 per cent of terrorist casualties occur in just eight countries. These are among the most violent, such as Afghanistan, Pakistan, Iraq, and Somalia. The macro drivers of climate change, migration, immigration, and population growth are all contributing to a worrying security situation.
• As the definitions of state and state sponsored terrorism, hybrid warfare and terrorism become increasingly blurred it will become progressively harder for CT agencies to counter and constrain physical and virtual attacks against our democratic values, people, and assets. The ambiguity surrounding the definition of terrorism will create further, significant challenges to Pool Re and the broader terrorism (re)insurance market, particularly with resultant protection gap issues.
• In response, we need to be threat actor and peril agnostic in devising security, risk management and resilience plans. In particular, we need to increase the resilience of our physical and virtual supply chains.
• Finally, everyone should acknowledge that there has been a paradigm shift in risk management as a result of Covid-19, and organisations will need to recognise that they have to adapt as they look at implementing new strategies and plans to protect their people, assets, reputation and share value. This includes focussing on strategic tail risk management, as well as the day-to-day risk management activities and asking the question whether they have the appropriate insurance cover in place for the full spectrum of perils out there.
To close
In conclusion, especially after recent events in Afghanistan, I would argue that the threat from global terrorism and extremism to the UK and West is now greater than it was pre 9/11. The threat is now more diverse, persistent, complex, and moves and evolves at a pace not seen before. I strongly believe that in order to prepare for, and become more resilient to terrorism, all sectors of society need to think differently, act differently, and respond differently to the threats facing us today and for the foreseeable future.
I have witnessed a real appetite in the private sector to engage with and level up to these new threats, seeking more frequent collaboration with the CT Police and Security Services. Collaboration across sectors, public and private, is crucial for our safety and security, where all of us have a ‘community responsibility’ for our individual and collective security. Government cannot contain the threat on its own. At the end of the day, this is about looking after our people, duty of care, protecting the bottom line and improving our resilience against extremism and terrorism.
I don’t believe the current situation will improve for some time; we can and should expect more attacks in the UK and further afield. We all have a duty, and I would suggest public responsibility, towards our employees, communities, families and the next generation to better understand the context of today’s uncertain, unstable and asymmetric world. Paraphrasing TE Lawrence again, we need to learn to eat more soup with knives and try and ‘synchronise this asymmetry’, using all ways and means to defeat those who are intent on doing us harm.
About the author
Ed Butler is the Chief Resilience Officer at , the government backed terrorism reinsurance scheme as well a Senior Independent Advisor to the Board of EDF Energy Generation.
He has extensive experience spanning nearly 40 years of international relations, counter terrorism, intelligence, security and risk management much of which was gained during 24 years on front line service with the British Army.
He was privileged to command 22 SAS over 9.11 and was Commander of British Forces Afghanistan in 2006, before retiring as a Brigadier in 2008.
