Terrorism Organizational and Communication
first line of defense against terrorism. Through use of intelligence, law
enforcement and military operations can be designed to disrupt terrorist
organizations and preempt their operations. Prior to September 11, 2001, most
state and local law enforcement agencies viewed intelligence gathering on global
terrorist groups as the purview of the federal government. Except for large
cities like Los Angeles and New York, if state or local agencies gathered
intelligence it tended to be on domestic subversive groups. We have since
realized that some terrorist organizations have a global reach, and that state
and local law enforcement officials must broaden their view.
While it is not
likely that your
agency will send someone to participate in an intelligence operation against the
Manuel Rodriguez Patriotic Front in Chile or the Revolutionary Nuclei in Greece,
it is likely that you will read and act upon distilled intelligence. In other
words, you are very likely to receive an intelligence report that gives you
information and there is an expectation that you act. By knowing some of the
methods by which terrorists organize and communicate, you may be in a better
position to judge that information and plan for your community. Moreover, while
our focus is on international terrorist organizations, there are many domestic
groups that use similar methods of organizing and communicating. Understanding
some of their organization and communication methods may help you see evidence,
information and intelligence you might have otherwise overlooked.
Single Celled Organisms
Terrorist organizations are often described
and constructed using the biological analogy of a cell. Biologically, a cell is
the basic unit of life. While most of the organisms with which we are familiar
are multi-cell units, there are many single cell organisms. In the realm of
terrorism, the single celled organism is referred to as the Lone Wolf
terrorist or leaderless resistance. This can be a critical concept in
understanding the development of terrorist organizations. The Lone Wolf
terrorist does not receive direct instructions from a central organization.
Rather, he or she receive inspiration from an idea or perhaps a remote
subversive political figure.
terrorists have included Timothy McViegh (Oklahoma City Bomber), Eric Rudolph
(Olympic Park Bomber) and Buford Furrow (firearm attack on a Jewish Daycare
center in Los Angeles and murder of a Postal Carrier). Internationally, there
is strong evidence to suggest that some terrorist acts attributed to Al Qaeda
were not committed by the group so much as inspired by the group. Furthermore,
domestic terrorist groups such as the Earth Liberation Front (ELF) are probably
best categorized as leaderless resistance rather than a cellular
organization. This means that small cells or individual terrorists are
motivated by the groups overarching goals but not coordinated by nor in direct
communication with the larger group itself.
Single celled or
cellular groups have the benefit of maximum operational security because
communication is limited or non-existent. There are few, if any, opportunities
for an intelligence service to intercept communications or penetrate the group.
On the other hand, single celled or disconnected cellular groups are also
limited in their ability to carry out operations. While McViegh, Rudolf and
Furrow were able to commit horrendous acts of terrorism, their status as Lone
Wolves meant they left a long trail of evidence because they had to make all
purchases, conduct all reconnaissance, prepare all the equipment and conduct the
operation. Like any mass murder or serial killer, these terrorists did not have
the benefit of cellular specialization to mask their trail. Moreover, Lone
Wolves are limited in their ability to sustain long-term terrorist campaigns
because the evidence they leave will ultimately lead to their arrest. It takes
a much more complex organization to continue terrorist operations over the
long-term. In the instance of Lone Wolves, state and local law enforcement
officials should be aware of purchase of certain materials, suspicious actions
of individuals and devise ways to share seemingly low-level suspicious
activities with other jurisdictions.
As biological organizations
become more complex, their cells tend to specialize. As an example, we have
nerve cells, muscle cells and bone cells. Each of these cells has developed a
particular specialization so that the larger organism can be more efficient.
However, for these specialized cells to work together in the larger organism
they must communicate. With terrorist organizations, the purpose of a true
cellular organization is to increase the operational security of the larger
group and to capitalize on specialization.
It is a mistake
to believe that
one member of the cell necessarily leads to other cells. Rather, operational
security is enhanced because most of the members of the cell do not know anyone
in the organization outside of the cell. This lack of knowledge of the larger
organization is like the cellular membrane that defines and protects the cell.
If the cell is compromised through member arrest or intelligence penetration,
only the cell is damaged and not the larger organization. . For maximum
operational security there may be only blind communication between cells. In
other words, the leader of the cell may simply receive instructions through some
blind form of communications and not in any face to face meeting.
In cellular terrorist
organizations there tend to be two types of cells operational and support. An
operational cell is a self-contained, often single mission entity designed to
carry out an operation and then likely be killed or captured. The 9/11
terrorist were a single-mission operational cell.
Many terrorist organizations also have
support cells. These cells are designed to support long-term, sustained,
terrorist operations. A homicide bomber who is part of a larger, sustained
terror campaign can be supported by many types of support cells. For a homicide
bomber there could be a recruitment cell, minder cell, reconnaissance cell,
bomb-making cell and a delivery cell. Additionally, there are likely planning
and coordination cells assisting the other supportive cells. Sustained terror
campaigns like those conducted in the Middle East require this type of
specialization. Consider that bomb makers are a terrorist resource that is not
easy to replace. Because they are so difficult to replace, the bomb maker is
often insulated from operations in their own, tightly control support cell.
Bomb makers rarely deliver or detonate their own devices. They don't recruit
the bomber, survey the target nor take on the role of a minder (the person(s)
who monitor the bomber between the period of recruitment and employment). Bomb
makers may not even procure their own components.
Complexity and Chatter
As a terrorist
becomes more specialized and cellular, its communications scheme becomes more
complex. Think about a law enforcement operation that was planned in advance.
Perhaps a major convention was coming to your community. Six months prior to
the event there were telephone calls, memos and meetings to begin the planning
process. As the convention neared, the communications between participants
likely increased in their frequency and intensity. Then, the communication
likely peaked the day or so before and operational communications began. There
was a natural build-up, peak and then operational drop in communications.
of an increase in chatter are reflecting the same build-up, peak and then
drop. In the intelligence world this is referred to as signals intelligence
or SIGNIT. Because of the natural cycle of pre-operational communications,
SIGNIT does not necessarily have to understand the signals. As a predictor,
SIGNIT doesn't necessarily have to know what is being said; only that a
predictable pattern of communications is increasing. Moreover, because the
location of likely command and control, support, and operational cells is known
or can be presumed, the increasing cycle and the flow of communications between
geographic regions provides additional evidence that a terrorist operation is
They Know What We Know
Like many complex,
organisms, terrorist organizations are learning organizations. Indeed, to
survive over the long-term they must adapt their methods and there is some
evidence to suggest that they modify their message as they age and change. As
learning organizations, they know about the predictive value of chatter and are
likely developing new methods of communication that reduces the raw SIGNIT
value. One way to reduce the susceptibility of their communications to
interception and interpretation is to disguise their communications.
In the last few
years there has
been talk about the use of Stenography as a means of disguising communications.
Stenography is the hiding of a message, particularly an image, within another
message or image. In the digital world a photograph is transmitted by reducing
it to a computer code. You have seen this computer code files of photographs
JPEG, GIF, etc. At its simplest, inside those files there is room to insert
other lines of code which could contain a message. However, to-date, there have
been no public reports of terrorists using this technique.
are well-aware of
the United States capability to intercept cellular telephone traffic. In
addition to reducing their use of this mode of communications, they are likely
taking advantage of pre-paid cellular telephones. This allows greater anonymity
and the flexibility to change cellular numbers and service providers easily.
While there have been no confirmed reports of terrorist using pre-paid cellular,
there is significant information to suggest that other criminal organizations,
like gangs and narcotics traffickers are taking advantage of this technology.
Law enforcement officials should be sensitive to any reports of suspicious or
large purchases of pre-paid cellular telephones.
interesting place to see how terrorists are using the Internet is the Search for
International Terrorist Entities, or the
This organization monitors terrorist websites and communications.
The Internet has
and instantaneous communications. There has been quite a bit of news about how
the government can monitor Internet communications. If you sent an email with
certain key words you could expect the message to be flagged for human review.
Indeed, it is very likely that if you sent an email from certain geographic
regions, through certain Internet Service Providers and it contained certain key
words it would be monitored.
tried to mask or
disguise their use of email by having relatively anonymous accounts provided
free by various services. But, any message you send over the email account is
susceptible to interception. Terrorists devised a way to minimize detection by
using anonymous email accounts not for transmission, but as holding files. As
an example, Terrorist A wants to send a message to Terrorist Cell B. Terrorist
A logs onto an email account, drafts a message and saves it as a draft.
Terrorist Cell B is told through some other means that an email account will be
established and the password. Terrorist Cell B periodically logs onto the same
account and reads the drafts and changes them with a confirmation message. The
draft is saved and never sent. This logging on and drafting prevents
interception because the message is never sent. It remains one of millions of
technology to communicate it is likely that they are mostly relying on
time-tested spy tradecraft like dead drops. A dead drop is a pre-determined
location where messages or material are left so that cell members do not have to
meet face to face. Or, in areas where there is significant social support for
their movements, face-to-face meetings. Whatever their means of communication,
as the complexity of their cellular structure grows, so does the complexity of
their communication schemes and the likelihood of interception. As learning
organizations we can expect terrorist cellular groups to learn how law
enforcement discovers them and then devise new means of covert, secure