Does Heightened Security Really Matter After Terrorists Strike?
By: Scott Stewart | Stratfor.comApril 21, 2016

Brian Michael Jenkins and his team at the RAND Corp. recently released the results of a statistical analysis of terrorist attacks. Designed to determine whether terrorist attacks occur in clusters, the study examined terrorist activity in the United States and Western Europe from 1970 to 2013. 

In conducting their analysis, Jenkins and his team divided data on attacks from the Global Terrorism Database into three eras: 1970-1993, 1994-2002, and 2003-2013. The statistics showed that in the first two time periods, additional attacks were more likely to follow in the wake of a "triggering event" such as a significant attack. During these eras, the study found that domestic terrorist organizations in the United Kingdom (Provisional Irish Republican Army) and Spain (Basque ETA) accounted for 75 percent of the clustering. In the most recent era, however, there was no evidence of clustering. 

The study's conclusion has serious implications for authorities and citizens. Although clustering was not detected in the 2003-2013 period, the researchers noted that the incidence of terrorist attacks in the United States and Western Europe has dramatically fallen since 9/11 because of increased security. And even though Jenkins and his team noted that their findings do not imply that locally increased security is unwarranted after an attack, this is the conclusion many have drawn. It's dangerous to base security policy merely on historical statistics — especially if one attempts to apply it universally.

The Limits of the Study

Universal conclusions should not be drawn from the study because it accounts only for terrorist attacks in the United States and Western Europe. Despite an increase in the number of terrorist attacks worldwide, attacks in the United States and Western Europe have declined.

The nature of jihadist terrorism often requires transnational groups to send operatives from abroad to attack hostile territory. Conducting terrorist attacks from a distance is cumbersome for operations security purposes, and the attack cycle for long-range attacks can be quite protracted. For example, both the 9/11 and 2008 Mumbai hotel attacks took years to plan and execute. Coordinating consecutive long-range, long-distance attacks can be all the more difficult because a cell's logistical channels are often discovered and cut off after the first incident. Al Qaeda's failure to conduct its oft-threatened follow-up attack to 9/11 is good evidence of this complication. Jihadist groups have therefore shifted their operational model to include leaderless resistance initiatives for equipping grassroots operatives. Groups such as al Qaeda in the Arabian Peninsula adopted a strategy to attack the United States by targeting American aircraft with bombs sent from abroad.

To conduct attacks from a distance requires a model different from that used by domestic or regional terrorist groups such as the Provisional Irish Republican Army or jihadists in Libya or Pakistan. Operating in or near areas where they have significant support, such groups are often able to employ a much quicker attack cycle or even manage several attacks in different stages of the attack cycle concurrently. For example, because Kurdish militants and the Marxist Revolutionary People's Liberation Party-Front both work from their home turf in Turkey, near the jihadist theater in Syria and Iraq, it is little wonder we are seeing clusters of attacks there.

Accordingly, people must not interpret the RAND study to mean that terrorist attacks never cluster anywhere or that elevating security after an attack is unnecessary in every location. When authorities see an attack that could trigger a broader campaign, such as the terrorist offensive in Turkey or the "knife intifada" in Israel, increasing security is prudent. But this does not apply only in places outside of Europe and the United States.

Application in the U.S. and Europe

It is important to recognize that the RAND study is based only on statistics, and those statistics count attacks only. Since I have not seen RAND's raw data, I am unsure, for example, whether they included the failed copycat plot in London on July 21, 2005, as a clustered attack. Coming two weeks after the deadly July 7 bombings in London, the July 21 attacks defy the study's statistical trend.

Moreover, RAND's focus on clustered attacks in a single city may be misleading in today's threat environment. The jihadist terrorist threat is transnational, and so are its campaigns. Recent attacks by al Qaeda in the Islamic Maghreb (AQIM) in Bamako, Mali; Ouagadougou, Burkina Faso; and Grand-Bassam, Ivory Coast, represent a cluster of related attacks, but they were spread across several nations. Though AQIM's attacks occurred outside the areas examined in the study, we have seen similar transnational clusters inside Europe. Though they happened in different countries, the Paris and Brussels attacks were clearly related, having been planned and executed by the same transnational cell.

Furthermore, law enforcement operations in the wake of the attacks disrupted other plots that were near the end of the attack planning cycle. If security had not been increased and if aggressive investigations had not resulted in more leads and raids, more attacks would have followed in both cities. In fact, reports indicate that investigative leads from the Brussels and Paris attacks helped thwart attacks in other parts of Europe.

Some may argue that the large, complex network behind the Paris and Brussels attacks is a product of Europe's location and historical links to the Muslim world, and I would agree. But the jihadist threat is more widespread, and the emergence of the leaderless resistance phenomenon has turned the traditional understanding of the terrorist attack planning cycle and operational tempo on its head.

Unlike a hierarchical group that has to plan operations with the resources at its disposal — a factor that can affect the tempo of its operational cycle — leaderless resistance enables several individuals orsmall cells to concurrently and independently plan operations using the resources available to each actor. Such attacks tend to be smaller than those conducted by professional terrorists. But as the unprecedented rash of jihadist leaderless resistance attacks in late 2014 and early 2015 illustrated, even small attacks can generate a great deal of publicity. And again, even though those attacks occurred across a range of locations, from Canada to Australia, they were clustered.

And leaderless resistance is intentionally amorphous. Anyone can become radicalized and decide to act as a lone assailant or cooperate with friends and relatives to form a small operational cell. This means actors who present a threat can be widely spread, or even live in the same area unbeknownst to each other. This seems to have been the case with the 7/7 and 7/21 London cells. The second cell appears to have been unconnected to the first one. Inspired by first attack, the second cell dispatched the same number of suicide bombers armed with bombs of similar size, but, fortunately, it lacked a competent bombmaker. If the devices had detonated as designed, the 7/21 attack could have been every bit as deadly as its inspiration.

Certainly, I have long been critical of authorities who, in the wake of an attack, engage in "security theater." Highly visible, knee-jerk measures targeting the methods and tactics used in a previous attack have little ability to prevent attacks using different techniques. This included the practice of making passengers remove their shoes for security screenings before allowing them to board a commercial airliner.

At the same time, not every security increase has to be smoke and mirrors. Balanced, sensible and cost-effective security measures can and should be instituted. Such measures will not only go further to assure the public that government security services are competent, but they can also help ensure that attacks are isolated rather than clustered. Notwithstanding RAND's statistics, there is an argument for heightening prudent and logical security measures following a terrorist attack — and not only in the targeted locale.

This article originally appeared on

© 2018
Watch Listen Read Shop