30 December 2015

Terrorism in 2016

https://www.thecipherbrief.com/article/terrorism-2016
December 27, 2015 | Matthew Olsen
Former Director, National Counterterrorism Center
As the Director of the National Counterterrorism Center, Matthew Olsen oversaw the integration and analysis of all intelligence related to terrorism. As he looks ahead to 2016, Olsen told The Cipher Brief the West faces the difficult challenge of countering terrorist plots more in line with the attacks that recently took place in Paris and San Bernardino.

TCB: Where do you see the threat from homegrown terrorism heading in 2016?
Matthew Olsen: There is every reason to expect that the threat of terrorism here in the U.S. will increase in 2016. The year 2015 is, by many measures, a record year in terms of the number of terror plots and terror suspects who have been identified. This year around 50 people have been arrested for their connection to ISIS – the most that we’ve had since 9/11. That trend, given ISIS’s continued focus on the West as demonstrated in Paris and in San Bernardino, is likely to continue into the next year. That’s obviously posing a huge challenge to our counterterrorism community going forward.

TCB: Do you expect the focus to be more on soft targets or do you think ISIS has the aspiration to conduct a big event like a 9/11?
MO: My sense is that ISIS has adapted, like other terrorist groups have adapted, to our increased capabilities. Since 9/11, we’ve invested in intelligence and hardening of our infrastructure. We are much better at identifying and disrupting major plots along the lines of a 9/11. What we’ve seen is that terrorist groups, like ISIS, have adapted their tactics to look at smaller scale plots targeting more vulnerable locations. That really was one of the takeaways from Paris, where they targeted restaurants and bars. The expectation should be that those are going to be the types of terrorist attacks we’ll see in the next year.

TCB: How can the U.S.-led coalition combat ISIS more effectively and thwart the group’s expansion?

MO: We are facing a very determined and capable adversary in ISIS, which is able to exploit its sanctuary in Syria and Iraq. We need to adopt a strategy that takes into account all of the advantages that ISIS has in its safe haven.

First, the military effort needs to be intensified. We’ve heard that recently from the President as well as from presidential candidates. We’ll see an increased use of Special Forces and an intensification of airstrikes. And we’ll continue the hard work of building a coalition that can gain and hold territory on the ground. All of those things are going to have to be part of the military strategy.

There are other things that we also need to be doing. We need to improve our intelligence collection in the region. We’ve seen indications that that has happened over the last year, both from a human intelligence and signals intelligence perspective. That’s going to give us better insight – not only about what’s happening on the ground in those locations – but also to give us a better chance of identifying and disrupting plots before they are carried out in the West.

The final point that I would make is that the diplomatic effort needs to continue, because ultimately, we’re going to need a transition of the regime in Syria to really solve this problem.

TCB: Can ISIS be defeated without boots on the ground?

MO: The short answer is no – ISIS can’t be defeated without putting boots on the ground. The questions are, what forces are going to be there, how many, and how long it’s going to take? The answer is that this is going to require indigenous forces, whether it’s Kurds, Iraqis, Syrians, and other nations in the region, with increased support from the United States and from our allies, particularly with respect to air power. But we need to have the capability as a coalition to not just move ISIS, but to actually hold territory once we gain that territory. And that’s going to require boots on the ground.

TCB: What can the U.S.-led coalition do to counter ISIS’s use of social media to recruit fighters and promote attacks?

MO: The whole idea of ISIS’s use of social media is a growing problem that the U.S., and our allies need to do more to counter. First and foremost, we need to build the relationships between the government and our technology community that will engender the trust that’s necessary so that those two communities, the government and the technology companies, can really work together on this problem.

We know that companies like Twitter are being used by terrorists to recruit online. Some of these platforms are also being used to actually operationalize activity and to discuss plotting. There needs to be an increased effort by these companies, whose digital sites are the platforms of choice for terrorists, and the government to work together and identify the ways in which we can more quickly see or detect terrorist use of the internet, and devise strategies for blocking that use of the internet. Much of this activity is not protected. It’s not protected because it violates the terms of service that these companies have in place, and much of it is not protected as free speech.

There’s more we can do, but we need to have that trust. Some of that trust has been eroded over the last couple of years in the aftermath of the leaks of NSA (National Security Agency) information. There needs to be a real concerted effort for those two communities to come together and work on this problem.

TCB: How concerned are you that terrorist organizations will develop the capabilities to conduct cyber attacks, particularly targeting infrastructure?

MO: There’s reason to be concerned about terrorist cyber attacks, and we need to be monitoring it. What we’ve seen is that it is an aspirational goal of groups like al-Qaeda and ISIS, but not one where they’ve developed a substantial amount of capability. But the reason that we should be concerned is that cyber attack tools are becoming increasingly available and cheaper. One can buy malicious code on the internet for two thousand dollars. The availability to carry out these kind of attacks is becoming more accessible to groups that seek to use them to do harm.

We’ve seen recently the convergence of terrorism and cyber in a case out of Malaysia. The Department of Justice has indicted an individual who allegedly hacked into a U.S. military website, stole the names, addresses, and other personally identifying information of government officials and members of the military, and then sold that information to ISIS, which then put it out on social media as part of a hit-list. Here you have cyber attacks being used to advance a terrorist agenda. So we see those two types of threats coming together in one case.

TCB: Some have claimed that core al-Qaeda is regrouping while ISIS is taking all of the West's focus and firepower. Could we see a reemergence of al-Qaeda in 2016?

MO: What is most likely is that offshoots of al-Qaeda, particularly al-Qaeda in the Arabian Peninsula (AQAP) and some of the al-Qaeda elements in Syria, will continue to look for opportunities to carry out external attacks, because they’re benefitting from the lack of security in those locations. We have this arc of instability that extends from the Middle East across North Africa, and any of these countries, whether its Libya or Yemen or Syria – where there is so little governance and security – any of these locations are places where al-Qaeda or other terrorist elements can find a space to plot, train, and recruit. It’s imperative that our counterterrorism officials, while understandably focused on ISIS, also maintain their focus on those al-Qaeda offshoots and affiliated groups that continue to hold out as a goal to carry out an attack in the West. This threat has metastasized, complicating the challenge facing our counterterrorism officials.

TCB: Are there any specific trends or additional groups that are concerning?

MO: The types of threats we continue to see from ISIS are what we saw in San Bernardino—threats that appear to be inspired by ISIS propaganda as opposed to directed by ISIS. But there is the fear and real concern that ISIS could try to carry out an attack along the lines of what we saw in Paris, which apparently was actually directed by ISIS and was more lethal.

When thinking about what we need to do, a few things come to mind. First, we need to continue to build up our intelligence capabilities. We need to—while balancing privacy and civil liberties—also understand that the only way we are going to stop these attacks is to learn about them before they occur, and that’s going to require really good intelligence.

Second, we need to close the loophole around the gun laws that allow people who are on the no-fly list to buy guns. When I was director of NCTC, this was a concern I had, that there was no legal way to bar people who I saw on the no-fly list from purchasing a weapon. Someone could be denied the ability to board a plane at Dulles International Airport, turn around, drive down the street, and buy a military assault weapon. That seemed to me to be something that we ought to be able to stop.

Third, we need to earn the trust of Muslim American communities around the country so that they feel comfortable and confident working with local law enforcement and the FBI when they see signs of someone becoming radicalized in their own neighborhoods and communities. All of those ways are our best hope at actually being able to stop an ISIS inspired or directed attack here in the U.S.


The Author is Matthew Olsen


Matthew Olsen is President for Consulting for IronNet Cybersecurity. Olsen spent over twenty years working for the U.S. government, most recently as the Director of the National Counterterrorism Center (NCTC). Prior to his appointment to NCTC, Olsen served as the General Counsel for the National Security Agency and Special Counsel to the Director of the Federal Bureau of Investigation.

No comments: