Infiltration insiders and terrorism
In his 2004 treatise “The Management of Savagery” Abu Baku Naji (the jihadist ideologue) advocated the infiltration of “the police forces, the armies, the different political parties, the newspapers, the Islamic groups, the petroleum companies, private security companies, sensitive civil institutions etc.”
In a new wave of radicalisation, driven by events in the Middle East and elsewhere, we would do well to consider this specific aspect of terrorism – the use of insiders.
The concept of infiltrating the enemy is nothing new. Terrorists have used this to their advantage since time began. There are well- documented cases of Irish Republican groups using the tactic to target and murder (see Eamon Collins “Killing Rage”), or the case of Rajib Karim, who used his position in British Airways to plan a terrorist attack. Having a person inside a target organisation is self-evidently a good tactic from a terrorist perspective. Apart from mounting a terrorist attack, they can, by virtue of their access, carry out a whole range of activities useful to terrorists, such as gathering intelligence or assessing targets.
What do we mean by the term “insiders”?
It gets bandied around and used to mean different things to different people. Perhaps the most useful definition refers to trust: “an insider is someone who betrays trust by behaving in potentially harmful ways”. This definition is helpful as it encompasses anyone that has been granted access and is trusted – staff, contractors or those in the supply chain, – and it covers a wide scope of activity.
They can abuse their position of trust to cause damage. Terrorists will sometimes try to infiltrate a target organisations; in other cases individuals will become insiders after they have joined. This is important to bear in mind when thinking about defending against insiders. Some controls and barriers will be more useful than others.
There are a wide range of hostile actors and terrorist groups who have been energised by recent events. We should keep an open mind when considering the complex terrorist landscape and precisely when and where the threat may manifest itself – but it’s certainly true that:
- terrorists will often try to recruit accomplices to assist them in the planning and execution of their schemes
- the number of hostile states who use terrorist groups as proxies is greater than ever.
- recent revelations about Extreme Right Wing (ERW) activities in the police and armed forces in the context of resurgent right-wing movements in Europe also need to be included in our thinking.
A word of caution about motivation?
Thinking about terrorism and insiders can lead to an understandable tendency to become fixated on the issue of motivation – why have they done what they have done? This can be unhelpful for a number of reasons.
Firstly, some insiders, if they do ever discuss their activity, may not even know themselves why they have done what they have done, or they may lie about it. Secondly, motivation is often not just one thing – often it will be a cocktail of different reasons. As security professionals we should avoid the temptation to get diverted into overthinking about motivation. Better to think about understanding and managing the terrorist threat and its impact.
What controls will help defend against such threats?
So what is the right way to think about and tackle insiders in the terrorist context? Well, it’s the same as how to manage all insider risks. That is, by taking a holistic approach which joins the personnel, physical and cyber security disciplines. This really is a team effort. It’s not rocket science, but it does need a group of like-minded people who understand the risk to work collaboratively (and in many cases outside their silos). Too often, with the wisdom of hindsight, its apparent that there were warning signs – “red flags” – that might have helped manage the risk if they had been identified and escalated.
In short you need to ensure that you have:
- A shared understanding of the risk amongst the key stakeholders
- An executive accountable for the risk (if someone is accountable, something will get done)
- An effective communication strategy to cover internal communication and deterrence communications
- An appetite to learn from cases, both your own and others, and to communicate those lessons
- An advertised and trusted speak up channel (there are too many cases where because trust is broken, staff don’t feel safe to raise important issues). The best detectors that “something isn’t quite right” are other people, so ensuring they have trusted channels they will use to raise issues is vital
- Great line managers who know their people and know when something isn’t “right” and how to raise concerns
- Proportionate interventions – many concerns raised may relate to staff health and well-being issues. Handing them in a sensible and supportive fashion will do wonders for the trust in the organisation and the willingness to speak up
- An eye on the risk environment in which you operate. Risks are dynamic. The world continues to change and organisations are finding that unlike before, they can be deemed “guilty by association” by activists and terrorists, even if they have no direct an obvious link to the issue
Richard Mackintosh, Director Quince Group
Sarah Austerberry, Director Quince Group and Vice Chair of The Security Institute
