Yesterday, the New York City Police Department released a report from its SHIELD initiative about the Kenya mall shooting/terrorist attack. It was a pretty damning report to say the least. Before we talk about the report, let’s talk about SHIELD is and why that’s important to understand in the context of this report. SHIELD is the NYPD’s homegrown information-sharing component with private sector security. It provides analysis on current and future threats. I’ve previously read some of SHIELD’s reports. Some were good and some were typical of fusion center reports – some meat and some potatoes but not a full meal. This report was driven, in part, to go over what NYPD and private security could learn about what happened in Nairobi. There was plenty.There were some startling revelations:Kenyan police were VASTLY outgunned. The report states, “The typical Uniformed Kenyan Police Officer is not as well equipped as their western counterparts, typically only carrying a long gun, most commonly an AK-47 style rifle with a folding stock, loaded with a single 30 round magazine. They do not carry handguns, wear body armor, gun belts or have portable radios to communicate.” Each of the terrorist were carrying 250 rounds of 7.62 mm ammunition. Lack of body armor and radios to communicate resulted in fratricide. More on that later.Responding plainclothes officers were also outgunned and had no visible identification. Remember what I said about fratricide? From the report: “Very few of any of the plainclothes law enforcement first responders displayed any visible law enforcement identification such as a badge, arm band, ID card or a raid jacket, making identification as “friend or foe” extremely difficult for other armed first responders.”Realizing the police were outgunned, Kenya made the incident response a military matter. That’s as bad as it sounds. The report says, “Kenyan government officials decide to transfer the handling of this incident from the police to the military. A squad of Kenya Defense Forces KDF soldiers enters the mall and shortly afterwards, in a case of mistaken identity, the troops fired on the GSU-RC Tactical Team.They kill one police officer and wounding the tactical team commander. In the ensuing confusion both the police and military personnel pull out of the mall to tend to the casualties and re-group.”Responding military forces used an RPG-7 as a room clearing tool. I kid you not. And the destruction was insane. “It is reported that at some point during the day the Kenya Defense Forces decided to fire a high explosive anti-tank rocket (possibly a RPG-7 or an 84mm Recoilless Rifle) as part of their operation to neutralize the terrorists in the Nakumatt Super Market.The end result of this operation was a large fire and the partial collapse of the rear rooftop parking lot and two floors within the Nakumatt Super Market into the basement parking.”It is possible the terrorists escaped in part because the Kenyan security forces failed to secure a perimeter. It is rather elementary for the very first thing Western police do in these scenarios is to lock down the perimeter. No one comes in or out unless they can be positively identified as a “friendly”. This credentialing occurs by checking IDs and only first admitting law enforcement and first responders to exit upon verification.The mall employed unarmed officers who performed unsatisfactory “wand searches”. This is irritating to say the least. Why? Unarmed officers are appropriate for certain environments and are the way to go in most environments. However, in high value targets, such as mass gathering locations in places like Kenya, I would have used an armed component. Armed officers are not only armed but can be equipped with radios and are usually uniformed. This makes identifying them for law enforcement somewhat easier. Also, armed officers can do things unarmed officers can’t due to safety concerns such as locking down perimeters and evacuating victims.Wand searches are weak. I dislike them with a passion. Why? Officers get tricked into believing a search was “good” because the wand didn’t annunciate. This is all kinds of bad. A search should be thorough in high value targets. If you’re going to employ officers and have them search, have them be thorough and do it without a wand. I would use the wand only in environments where I had other search mitigators in place such as backscatters or X-ray search devices.So what does this attack teach us in the West?The desire of terrorist groups to attack mass gathering locations is still very alive.Places like malls should consider Kenya to be a warning. If you’re in mall security, I highly suggest going over your active shooter plan and rehearsing it on a fairly regular basis with local police departments and simulated shooters. In these exercise, test not just your ability to minimize casualties but to also test your security apparatus under stress. This is best accomplished by “killing” responders, taking hostages, attempting escape, and causing confusion among responders. Get your people used to chaos in these scenarios.Never do wand searches at high value targets and test your people regularly. I’ve gone over why I think wand searches are bad. So let’s examine why you should test and train your searchers regularly. Searching is one of the most important yet often neglected security components. We usually pick rookies and the “lowest common denominator” to do this function because it’s “easy”. Doing good and thorough searches that you can go to sleep easy with at night are not easy. Searchers should be trained on subject “tells”, physical characteristics of forbidden items by touch, sound, smell, and sight, the tools they can use to do searches better, etc. They should also be regularly “red-teamed” which is to say you should have a non-attributable person walk through security and see what they can get through. When they’re done, they should report to management their findings.Here’s a video I did on how I would search bags:CCTV and analytics are EXTREMELY important to an active shooter scenario. There are several takeaways from what we learned about CCTV and the lack of analytics in Nairobi. First, CCTV coverage was spotty in some areas. Also, the CCTV coverage was easily identified and avoided by the terrorists. We also know while they had remote viewing capability, it was five miles away and more than likely not cross-fed into the police. While a CCTV monitor can’t identify every threat, video analytics can alert them to suspicious activity. At the very least, consider it an option.Garages and parking lots should be regularly patrolled. While there was a guard posted at the entrance of the garage, had a response element been closer by, they could have locked the exterior doors to the mall.Train your employees on how to sound the alarm and IMMEDIATELY lock down their storefronts and secure customers. I would consider including them as a part of your active shooter training as well. Make that mandatory training for all storefront management and their trusted employees. I would include it in a leasing agreement if I had to.Have a HIGHLY accessible public address system to sound the alarm.Train local non-law enforcement responders on the need to “shoot, move, and communicate”. Seriously, I can’t stress this enough. There is a huge debate in the US surrounding concealed carry permit holders as responders. I’m okay with them responding, though I prefer they receive some training on the need to identify themselves to law enforcement prior to responding via a phone call if time and circumstance permit.Equip every security person and law enforcement officer with a radio. If you want to avoid wasting your time clearing rooms that have already been cleared or fratricide, then you HAVE TO equip your responders with radios and share your frequencies with them.Train your personnel on reporting formats like SALUTE. We’ve covered this before so I won’t bore you with the details.Train your security management personnel on casualty collection points, IED mitigation, cordons, perimeter searches, and periodic vulnerability assessments. These things can’t be overstated in training. Trust me. You’ll thank me for this later.
OPINION: Why Crime Prevention Fails
I have a pet-peeve with the current spate of “anti-theft” apps for mobile devices. My problem doesn’t lie with their technology. Nope, my issue is with their marketing. There are a plethora of these apps that are being called “crime prevention tools”. I know what you’re thinking, “But if someone takes my cell phone, this app will use the GPS to track my phone and send me an email so I can tell the police where to get my phone.” True, but answer this question – What crime did it stop? Seriously, what crime did your app stop? And therein lies the problem with the app and with how we view crime prevention.
Part of the reason we have such a high rate of crime in this country resides mostly in our definition of “crime prevention”. Many times, we mistakenly believe “prevention” relies on the response to the crime. A faster recovery means we’ve sent a message to the bad guys that they can’t take our stuff without the cops coming to get them. Stop laughing. That’s the message the creative marketing teams behind these apps and other products will have you believe. Remember Nancy Reagan’s “just say no” campaign and the “war on drugs/crime”. Those sent a clear message to the bad guys – we have no clue how to stop you.
Stopping crime is a noble objective but no crime is totally preventable. As a matter of fact, it’s a safe bet that at some point in your life, you will be a victim of a crime. After 10 years of doing law enforcement in the military and my current job, I have an idea as to why this is. Simply put, the reason you will be a victim of crime at some point in your life rests in two places and neither of which needs the other for the crime to take place.
The first place where the crime onset takes place is with the criminal. Remember what I said a few posts ago about how the attacker will ultimately attack you regardless of what you do? The same idea applies here. You can’t control what an attacker will do. If he/she is motivated and skilled enough, which are two things you can’t always plan on, there is very little you can do beforehand to stop them. That’s not a defeatist attitude. This is me directing you to the second place where the crime onset occurs – the victim.
Victims, typically, do a lot of things good before an attack occurs but they also do some things terribly wrong. Where things go wrong for them is in their attitude – “I never thought it would happen to me…..But I lock my doors….Why me?” There are loads of reasons you were selected to be a victim. None of which you may have had any control over. It is for this reason I think we need a new crime strategy – crime mitigation.
As we’ve discussed before, your attitude towards crime mitigation has to be proactive. You have to be thinking about the best way to lower your chances of being a victim and lessening the damage from an attack. Whether you purchase a smart phone or sports car, you should have a proactive attitude towards engaging the threat. Buying an alarm or an app won’t stop theft but planning on it to happen at some point may not only mitigate the damage but provide more creative solutions to prevent the loss from happening in the first place.
Terrorism and Intelligence Legislation You Should Know About But Don’t
Now that this NSA story has spawned the insane amount of nonsensical and baseless conjecture on my Twitter feed, I thought I’d take a moment and educate everyone on intelligence and terrorism legislation they should already know about but don’t for various reasons.
Terrorism:
Biological Weapons Anti-Terrorism Act of 1989Executive Order 12947 signed by President Bill Clinton Jan. 23, 1995, Prohibiting Transactions With Terrorists Who Threaten To Disrupt the Middle East Peace Process, and later expanded to include freezing the assets of Osama bin Laden and others.Omnibus Counterterrorism Act of 1995US Antiterrorism and Effective Death Penalty Act of 1996 (see also the LaGrand case which opposed in 1999-2001 Germany to the US in the International Court of Justice concerning a German citizen convicted of armed robbery and murder, and sentenced to death)Executive Order 13224, signed by President George W. Bush Sept. 23, 2001, among other things, authorizes the seizure of assets of organizations or individuals designated by the Secretary of the Treasury to assist, sponsor, or provide material or financial support or who are otherwise associated with terrorists. 66 Fed. Reg. 49,079 (Sept. 23, 2001).2001 Uniting and Strengthening America by Providing Appropriate Tools for Intercepting and Obstructing Terrorism Act (USA PATRIOT Act)(amended March 2006) (the Financial Anti-Terrorism Act was integrated to it) – I don’t have enough energy to discuss the Patriot Act. All you need to know is that it gives the US government very broad powers in order to combat terrorism.Homeland Security Act of 2002, Pub. L. 107-296.Support Anti-Terrorism by Fostering Effective Technologies Act (SAFETY Act) of 2002REAL ID Act of 2005 – Perhaps one of the most controversial pieces of legislation from the Bush era, it set forth certain requirements for state driver’s licenses and ID cards to be accepted by the federal government for “official purposes”, as defined by the Secretary of Homeland Security. It also outlines the following: Title II of the act establishes new federal standards for state-issued driver licenses and non-driver identification cards.Changing visa limits for temporary workers, nurses, and Australian citizens.Funding some reports and pilot projects related to border security.Introducing rules covering “delivery bonds” (similar to bail bonds but for aliens who have been released pending hearings).Updating and tightening the laws on application for asylum and deportation of aliens for terrorist activity.Waiving laws that interfere with construction of physical barriers at the bordersAnimal Enterprise Terrorism Act of 2006 – The Animal Enterprise Terrorism Act (AETA) prohibits any person from engaging in certain conduct “for the purpose of damaging or interfering with the operations of an animal enterprise.” and extends to any act that either “damages or causes the loss of any real or personal property” or “places a person in reasonable fear” of injury. Military Commissions Act of 2006 – The United States Military Commissions Act of 2006, also known as HR-6166, was an Act of Congress signed by President George W. Bush on October 17, 2006. The Act’s stated purpose was “To authorize trial by military commission for violations of the law of war, and for other purposes.” It was declared unconstitutional by the Supreme Court in 2008 but parts remain in order to use commissions to prosecute war crimes.National Defense Authorization Act of 2012 – The second most controversial piece of legislation from the War on Terror authorizes “the President to use all necessary and appropriate force pursuant to the Authorization for Use of Military Force (Public Law 107-40; 50 U.S.C. 1541 note) includes the authority for the Armed Forces of the United States to detain covered persons (as defined in subsection (b)) pending disposition under the law of war.
(b) Covered Persons- A covered person under this section is any person as follows:
(1) A person who planned, authorized, committed, or aided the terrorist attacks that occurred on September 11, 2001, or harbored those responsible for those attacks.
(2) A person who was a part of or substantially supported al-Qaeda, the Taliban, or associated forces that are engaged in hostilities against the United States or its coalition partners, including any person who has committed a belligerent act or has directly supported such hostilities in aid of such enemy forces.
(c) Disposition Under Law of War- The disposition of a person under the law of war as described in subsection (a) may include the following:
(1) Detention under the law of war without trial until the end of the hostilities authorized by the Authorization for Use of Military Force.
(2) Trial under chapter 47A of title 10, United States Code (as amended by the Military Commissions Act of 2009 (title XVIII of Public Law 111-84)).
(3) Transfer for trial by an alternative court or competent tribunal having lawful jurisdiction.
(4) Transfer to the custody or control of the person’s country of origin, any other foreign country, or any other foreign entity.
(d) Construction- Nothing in this section is intended to limit or expand the authority of the President or the scope of the Authorization for Use of Military Force.
(e) Authorities- Nothing in this section shall be construed to affect existing law or authorities relating to the detention of United States citizens, lawful resident aliens of the United States, or any other persons who are captured or arrested in the United States.
(f) Requirement for Briefings of Congress- The Secretary of Defense shall regularly brief Congress regarding the application of the authority described in this section, including the organizations, entities, and individuals considered to be ‘covered persons’ for purposes of subsection (b)(2).Homeland Security Presidential Directive/HSPD-5 requires all federal and state agencies establish response protocols for critical domestic incidents in line with the National Incident Management System.
Intelligence
Foreign Intelligence Surveillance Act is perhaps the most interesting and secretive of laws we have. It was enacted to combat the threat of foreign intelligence services through surveillance activities abroad and at home. It allows these broad surveillance powers to be used against foreign and domestic agents. In other words, it authorizes our government to spy on its citizens if it believes they present a credible national security threat. FISA warrants are granted by secret courts that exist solely for approving FISA warrants. Note: I said “approving” as in for every warrant the DoJ has ever applied for, they have gotten it. Nowhere else in our judicial system do such powers exist.Intelligence Reform and Terrorism Prevention Act of 2004 enacted several of the 9/11 Commission’s recommendations. It established the the Office of the Director of National Intelligence.18 USC § 798 – Disclosure of classified information – Criminalizes the unauthorized disclosure of classified information.50 USC § 421 – Protection of identities of certain United States undercover intelligence officers, agents, informants, and sources – Think Valerie Plame.