Terrorism has always been with us and no doubt always will. Regardless of the specific motives, the act of creating carnage as a means of resistance, protest or purely for personal reasons is an evil we can never hope to eradicate. Our only option is to understand its evolution and to evolve our detection methods and defences accordingly.
The modern terrorist has evolved to take advantage of the modern world. They do their research online, pick their targets with care, plan meticulously, hit with devastating results, and then use the very same online technologies to publicise themselves and their acts. They also use those technologies for building communities and recruitment. And therein lies a weakness that the security and anti-terrorism community can infiltrate for intelligence gathering.
However, while organised group terrorism has these inherent vulnerabilities, the same cannot always be said of the lone operator who, by definition is insular, private and much harder to detect.
Again, lone operators are nothing new. From Michael Ryan to Thomas Hamilton, to Anders Breivik, they can be just as devastating in their actions as a dedicated terrorist cell, but in many cases are highly unpredictable. Without links or lines of communication to an organisation that might already be under the scrutiny of the security services, they are often near invisible. And their ‘cause’ might be so personal as to be known only to themselves. This gives them a distinct advantage.
In the absence of any obvious signs of radicalisation towards religious or political terrorism, or without any public expression of a personal agenda, the lone operator can usually only be detected during preparation for an attack. Without the support network of a terrorist organisation or cell, planning, gaining access to arms, ammunition, explosives and other weapons is a particular challenge. This is when the best opportunity for detection arises, certainly in Europe and particularly in the UK where access to weaponry is now heavily restricted.
Anders Breivik’s surprise attacks of 2011 left 77 people dead, yet as a classic example of a lone operator, his preparation offered clear opportunities for detection. Breivik himself admits in his diary that he felt vulnerable to detection as he sought to acquire weapons, especially the chemicals needed to build the explosive device that killed eight people outside government buildings in Oslo.
Breivik’s behaviour and actions in preparation were highly unusual for him. As somebody who worked in customer services and described by colleagues as ‘kind to everyone’, it was out of character for him to rent a farm – a cover for purchasing large quantity of ammonium nitrate fertilizer. He also exposed himself to potential detection when he travelled to Prague in an attempt to purchase weapons. If he had succeeded he would also have been vulnerable as he smuggled the weapons back into Norway. Breivik was also vulnerable as he conducted surveillance on his target. Unfortunately, none of this untypical behaviour was picked up.
The key to identifying lone operators like Breivik and others lies with the wider security community, whereby local authorities, business and the private sector security industry can more closely liaise, share information, and ultimately amplify the power of on-the-ground monitoring of suspicious behaviour that can betray the potential terrorist. An excellent example of this approach can be found in the Project Griffin initiative. In this way, while dedicated anti-terrorism agencies focus on highly organised terrorism, the rest of us can stay vigilant and bring our own skills, abilities and opportunities to bear and hopefully to identify and apprehend lone operators before they have the chance to wreak their devastation.