The IACSP’s Counter-Terrorism Journal V24N3

Page 1

Crypto Currencies: Following-The-Money Just Got A Whole Lot More Difficult

The Violent Targeting Of Faith-Based Organizations China’s Campaign To Steal America’s Trade Secrets How An Internet Platform

Galvanized Galvanized The The Alt-Right/Neo-Nazi Alt-Right/Neo-Nazi Movement Movement In In America America

Counter-Sniping Response

To To The The Terrifying Terrifying Nature Nature Of Of Sniper Sniper And And Active Active Shooter Shooter Ambushes, Ambushes, Part Part 22

Homeland Security Bookshelf

Vol. 24 No. 3 2018 Printed in the U.S.A. IACSP.COM


Get certified in the Carver methodology BY security Management International

WASHINGTON, DC

www.smiconsultancy.com/carver )* ( %( * . ( *

$ ".) ) $ +"$ ( " *.

)) ))# $* ( $ $ %+() % ( . +( *. $ # $* $* ($ * %$ " $ " ($ * ) # * $ '+ ) +) . * $* "" $ $ & " & ( * %$) %##+$ * ) *% &(%* * ( * " $ ( )*(+ *+( $ ! . )) *) % *% --- )# %$)+"* $ . %# (, (

%( *( $ $ * ) $ "% * %$)

%, ($# $* ) %+$*) , " "

Journal of Counterterrorism & Homeland Security International

Vol. 24, No.3


Join the ranks of security and public safety professionals worldwide that have achieved the Certified Anti-Terrorism Officer (cATO™) credential as recognition of their unique expertise in the field of managing terrorism-related risk.

The Certified Anti-Terrorism Officer (cATO™) credential is the global benchmark for recognizing career achievement and knowledge in the protection of facilities, organizations, and the public against acts of terrorism. The Certified Anti-Terrorism Officer designation is awarded to a candidate who has met eligibility requirements and passed the cATO™ Certification Examination in accordance with the standards set forth by the Certifying Board of The International Association for Counterterrorism and Security Professionals (IACSP). Becoming board certified as a Certified Anti-Terrorism Officer distinguishes you in the security and public safety profession by demonstrating your expertise in the specialized field of managing terrorism-related risk and commitment to the safety and welfare of your community. Learn more and apply online:

www.catocertification.org


Vol. 24, No. 3 Fall 2018 Publisher Steven J. Fustero

Page 20

Senior Editor N. J. Florence

Assessing the Violent Targeting of Faith-Based Organizations

Contributing Writers Jim Weiss Mickey Davis Paul Davis Thomas B. Hunter Joshua Sinai

by Dr. Joshua Sinai

Book Review Editor Jack Plaxe Research Director Gerry Keenan Conference Director John Dew

Page 16

Communications Director Craig O. Thompson

Chinese Spies, Thieves and Hackers: China’s Campaign to Steal America’s Trade Secrets-

Art Director Scott Dube, MAD4ART International Psychological CT Advisors Cherie Castellano, MA, CSW, LPC Counterintelligence Advisor Stanley I. White

by Paul Davis

South America Advisor Edward J. Maggio Homeland Security Advisor Col. David Gavigan Personal Security Advisor Thomas J. Patire

Page 6

SITREP, Terrorism Trends & Forecasts

Page 8

Crypto Currencies: Following-the-Money Just Got a Whole Lot More

Tactical Advisor Robert Taubert

Difficult, by David Gewirtz Page 12 An IACSP Q&A with Christopher Merendino, by Paul Davis Page 16 Chinese Spies, Thieves and Hackers: China’s Campaign to Steal America’s Trade Secrets, by Paul Davis

Page 20 Assessing the Violent Targeting of Faith-Based Organizations, by Dr.

Joshua Sinai

Page 26 Discord: How an Internet Platform Galvanized the Alt-Right/Neo-Nazi Movement in America, by Edward Maggio

Emergency Management Advisor Clark L. Staten

Hazmat Advisor Bob Jaffin Security Driver Advisor Anthony Ricci, ADSI Cyberwarfare Advisor David Gewirtz Cell Phone Forensics Advisor Dr. Eamon P. Doherty IACSP Advisory Board John M. Peterson III John Dew Thomas Patire Cherie Castellano, MA, CSW, LPC Robert E. Thorn

Page 32 Counter-Sniping Response To The Terrifying Nature Of Sniper And

Southeast Asia Correspondent Dr. Thomas A. Marks

Active Shooter Ambushes, Part 2, by Jim Weiss, Bob O’Brien, and

European Correspondent Elisabeth Peruci

Mickey Davis

Middle East Correspondent Ali Koknar

Page 38 IACSP Review: CARVERCON 2018, by Luke Bencie and Sam Araboghli Page 42 Security Driver: Lessons from Mom, by Anthony Ricci Page 44

IACSP Homeland Security Bookshelf, reviews by Dr. Joshua Sinai

THE JOURNAL OF COUNTERTERRORISM & HOMELAND SECURITY INT’L is published by SecureWorldnet, Ltd., PO Box 100688, Arlington, VA 22210, USA, (ISSN#1552-5155) in cooperation with the International Association for Counterterrorism & Security Professionals and Counterterrorism & Security Education and Research Foundation. Copyright © 2018. All rights reserved. No part of this publication may be reproduced without written permission from the publisher. The opinions expressed herein are the responsibility of the authors and are not necessarily those of the editors or publisher. Editorial correspondence should be addressed to: The Journal of Counterterrorism & Homeland Security International, PO Box 100688, Arlington, VA 22210, USA, (571) 216-8205, FAX: (202) 315-3459 . Membership $65/year, add $10 for overseas memberships. Postmaster: send address changes to: The Journal of Counterterrorism & Homeland Security International, PO Box 100688, Arlington, VA 22210, USA. Web site: www.iacsp.com

PHOTO CREDITS: Reuters, Army.mil, Navy.mil, shutterstock.com and authors where applicable.

Journal of Counterterrorism & Homeland Security International

Vol. 24, No.3

CTSERF Research Professor David Gewirtz, M.Ed



SITREP

TERRORISM TRENDS & FORECASTS Global Overview 2018 4th Quarter Last month, Yemen’s brutal war continued to threaten its people with famine, while talks offer a glimmer of hope for reprieve. Boko Haram’s insurgency in north east Nigeria gained intensity, as suspected jihadist groups stepped up attacks in Burkina Faso’s north and east and across the border in south west Niger, and in Mozambique’s far north. In Somalia, Al-Shabaab upped its campaign of violence, while territorial clashes flared between the country’s semi-autonomous Puntland region and Somaliland. In the Central African Republic, fighting between armed groups and violence targeting civilians and peacekeepers surged, and clashes erupted in northern Chad. Fears grew over possible violence around upcoming elections in DR Congo, and troops from neighbouring Burundi attacked a Congo-based Burundian rebel group. Protests turned violent in Haiti and Guinea, while in Bangladesh, election-related violence could increase in coming weeks. In Europe, relations deteriorated

6

between Kosovo and Serbia, while further east tensions spiked following an incident involving Russian and Ukrainian naval vessels in the Azov Sea. Details Jihadist groups stepped up attacks in multiple theatres across Africa. In Nigeria’s north east, the Boko Haram faction calling itself Islamic State West Africa Province upped its raids on security forces, taxing an already over-stretched military ahead of the February 2019 polls. In the Sahel, jihadist attacks continued to rise in Burkina Faso’s north and east and a new hot spot emerged across the border in south-western Niger. Al-Shabaab in Somalia intensified attacks in Mogadishu and elsewhere, while separately, forces from Somalia’s semi-autonomous Puntland fought a new bout with those of Somaliland over contested territory. Further down the coast in northern Mozambique, suspected Islamist militants renewed their brutal targeting of civilians.

In the Central African Republic, violence once again surged, especially in the north and centre, as factions of the former rebel Seleka coalition that temporarily took power in 2013 fought anti-balaka community-based militias. Armed groups also targeted civilians, UN peacekeepers and humanitarian facilities. Meanwhile, the rivalry between Russian and African Union-led mediation processes continued to stymie progress toward a political settlement. A new front opened in Chad’s north as a local defence force formed to resist army operations which it believes are aimed at taking control of the area’s gold mines. In an atmosphere of political acrimony and mistrust, fears grew over the potential for violence around Bangladesh’s general elections on 30 December. Clashes continued between police and supporters of the opposition, whose call to postpone the polls by a month, and create a caretaker government to oversee

Journal of Counterterrorism & Homeland Security International

Vol. 24, No.3

them, the government rejected. At least nine people were killed in a renewed wave of violence in Haiti as anti-corruption protests gripped the country. Relations between Kosovo and Serbia took a turn for the worse as Kosovo introduced a 100 per cent tariff on imports from Bosnia and Serbia, which it said was retaliation for their “negative behaviour” and diplomatic efforts to undermine Kosovo’s international position. The tariff also raised tensions within Kosovo as ethnic Serbs expressed their anger at the move. A confrontation involving Russian and Ukrainian naval vessels in the Azov Sea resulted in the Russian capture of three Ukrainian vessels and 24 servicemen, in what is believed to constitute Russia’s first overt and uncontested use of force against Ukraine since its 2014 annexation of Crimea; both sides accused each other of provocation. Source: CrisisWatch


New Report From State Department Outlaw Regime: A Chronicle of Iran’s Destructive Activities This report covers Iran’s support for terrorism, its missile program, illicit financial activities, threats to maritime security and cybersecurity, human rights abuses, as well as environmental exploitation. To download complete pdf report please visit: https://www.state.gov/documents/ organization/286410.pdf

Squad X Improves Situational Awareness, Coordination for Dismounted Units The first test of DARPA’s Squad X Experimentation program successfully demonstrated the ability to extend and enhance the situational awareness of small, dismounted units. In a weeklong test series at Twentynine Palms, California, U.S. Marine squads improved their ability to synchronize maneuvers, employing autonomous air and ground vehicles to detect threats from multiple domains – physical, electromagnetic, and cyber – providing critical intelligence as the squad moved

through scenarios. Squad X provides Army and Marine dismounted units with autonomous systems equipped with off-the-shelf technologies and novel sensing tools developed via DARPA’s Squad X Core Technologies program. The technologies aim to increase squads’ situational awareness and lethality, allowing enemy engagement with greater tempo and from longer ranges. Experiment 2 is currently targeted for early 2019. Source: Darpa.mil

Iran’s European Hit Men It is just before dusk when gunshots sound on a quiet, residential street in November 2017. A man falls to the sidewalk. A dark BMW races off, into the growing darkness of the night. The victim, Ahmad Mola Nissi, dies that night of his wounds – including several shots to the head Those who know Nissi know who he is: the founder of the Arab Struggle Movement for the Liberation of Ahvaz (ASMLA), an Iranian separatist group which seeks independence for the Arab people of the Iranian province of Ahwazi, or Khuzestan. Iran calls it a terrorist group. Yet this murder occurred not in Iran, but in Europe, in the Netherlands, where Nissi has lived since 2006; and although a year later the killer still has not been found, Dutch authorities were quick to pinpoint the

Ahmad Mola Nissi

one who was responsible: the Iranian regime. It was also not the first time an Iranian dissident was murdered in the Netherlands. In 2015, Reza Kolahi, was killed in Almere. Kolahi was a member of the People’s Mojahedin Organization of Iran, or MEK, considered the regime’s largest opposition group. Iran and Iraq both list the MEK as a terrorist group, though Europe, Canada, and the United States all had dropped that designation by 2012. Despite these atrocities, European leaders, even those quick to condemn Saudi Arabia for the brutal murder of journalist Jamal Khashoggi, have been reluctant to take action against Iran. Only Denmark has called for reimposing sanctions following the assassination plot there. Source: www.investigativeproject.org/

Indonesia Expects Terrorism To Be Main Security Issue in 2019 Jakarta - National Police has predicted terrorism and radicalism issues still potentially become the main disturbance to the public security and order in 2019. General Tito Karnavian, National Police Chief, said terrorism remained as a threat because the Islamic State of Iraq and Syria (ISIS) continuously made a move in the international level despite being suppressed, and so its movement influenced terrorism networks in Indonesia. “As long as they [ISIS] are not completely done, they will strive to operate their network abroad to together carry out terror acts in a bid to divert public concern, such as in Europe, America, and Southeast Asia.

However, the police have obtained a strong legal instrument; Law No. 5 of 2018 concerning the Eradication of Criminal Acts of Terrorism. The regulation noted that the police could arrest a person or an organization allegedly involved in terrorism without waiting for a terror act to occur. “Despite that potential threats exist, with our stronger skills and policy, we can deal with them [terrorists],” Tito asserted. After the issuance of the Terrorism Law, the anti-terror squad Densus 88 have arrested 396 suspected terrorists throughout May up to December 2018. Other than terrorism issues, the police have also identified numbers of potential threats in 2019, including armed criminal groups, social conflicts, cyber crimes, and narcotics. Source: https://en.tempo.co/ read/1159346/police-predict-terrorism-likely-remain-as-main-turmoilin-2019/full&view=ok

IACSP News Many of our members are not receiving our new monthly CTS Enews (electronic security report) because we either do not have your email address, or you are using a .gov or .mil email address for your membership record. If you would like to receive our CTS Enews, please send me an email with the email address you would like us to use. Also include your current address. Please send the information to my attention to my personal email address: iacsp1@aol.com Until next time, as always, be vigilant and safe. Thank you. Steven J. Fustero, Dir. Of Operations/IACSP


Imitation gold bars are seen displayed at a vendor’s booth on the floor of the Consensus 2018 blockchain technology conference in New York City, New York, U.S., May 16, 2018. REUTERS/Mike Segar

Crypto Currencies: Following-the-Money Just Got a Whole Lot More Difficult By David Gewirtz

D 8

id you ever wonder how it is that you can go to a fast food joint, hand over a little slip of paper, and get a burger and fries in return? After all, the burger and fries have to go through a massive supply chain and production process, not to mention the investment in cooking equipment and employees at your local junk food junction. But wait, you say. Who uses paper money anymore? Fair enough. Did you ever wonder … blah, blah, blah … swipe a small piece of plastic through a machine and … blah, blah, blah… eat burger?

Journal of Counterterrorism & Homeland Security International

Vol. 24, No.3


In fact, while there are huge supply and production chains responsible for creating the goods and services (not to mention curly fries) we buy, there’s also a huge supply chain that went into creating your paper money and credit cards. But even so, it takes a lot of production to cut down a tree, slice it, pulp it, treat it, turn it into paper, embed special markers and use special ink on the path to creating a George ($1 bill), Abe ($5 bill), Alex ($10 bill), Andy ($20 bill), or Ben ($100 bill). Even with all that work, why is it we’re willing to trade a five dollar bill for a double beef with cheese gut punch? Credit cards also have huge infrastructures. They’re even weirder, because they’re not national currencies. They’re just little bits of plastic that can either scrape a bit of snow off your windshield, buy you tickets to Hamilton, or get you a nice juicy steak after the show. So what is it? What makes this stuff have value? Some of you might say the dollar is backed by US gold reserves, and you’d be right… but only sort of. Others might say that the credit card you use is backed by a credit rating and you don’t get your tasty appetizer unless some big computer in the side of a mountain says you do. And you’d be right… but only sort of. Push away all the infrastructure. Push away all the trappings of a modern transactional society. Let’s get to the core of it. And here it is: money works because we all agree it works. Money is not real. It’s a commonly-accepted stand-in for a predictable value in trade. That hundred dollar bill uses just about the same amount of paper pulp and ink as a single dollar bill, but one has one hundred times the value solely because we all agree it does. It’s not the material it’s made from. It’s the agreement we all have between ourselves that makes us trade and accept currency. Fundamentally, then, money is nothing more than an agreement among a large body of participating traders. That awareness is how we got from gold and silver coins to paper money, to accepting paper checks, and to using credit cards. Society’s use of monetary instruments is fungible. Society’s use of monetary instruments is also not necessarily determined by a central government. When the US was founded,

Money is not real. It’s a commonlyaccepted stand-in for a predictable value in trade. That hundred dollar bill uses just about the same amount of paper pulp and ink as a single dollar bill, but one has one hundred times the value solely because we all agree it does. It’s not the material it’s made from. It’s the agreement we all have between ourselves that makes us trade and accept currency.

most states issued their own money. At some point, the inconsistencies of value, combined with the desire for more federal control, resulted in the issuance of Continental currency (issued by the Continental Congress), and then, the Constitution limited the states from issuing bills of credit. Checks go all the way back to ancient times, when the Romans issued “praescriptiones” back before the Year 1. Credit cards go back to the early 20th century, when the Charge-Plate was developed to record a purchase. This was expanded by the airlines in the 30s to use a card to identify a flyer, and later in the 50s when Diners Club and American Express were created. The idea of revolving credit came later, in the late 50s with BankAmericard and Master Charge. And now, we all owe a ton of credit card debt, and while there’s been some limited and late government involvement to prevent consumers from being totally ripped off, these “currencies” and even your credit rating (and therefore, your ability to buy a car or a house) are almost totally controlled outside of government authority. All of that brings us to the digital elephant in the virtual room: cryptocurrencies. Even if you’re not exactly sure how a cryptocurrency works, you’ve probably heard of both Bitcoin and blockchain. These are two very different beasts. Cryptocurrencies have brands, just like credit cards do. With credit cards, we have Mastercard and Visa. With cryptocurrencies, we have Bitcoin, Litecoin, Ethereum, Zcash, Monero, and more. Visa and MasterCard have different infrastructures, owners, and features, but they work generally the same way. Likewise, many of the cryptocurrencies have different infrastructures, but are similar in nature. Speaking of infrastructure, that’s where blockchain comes in. Blockchain is a computing structure (i.e., something in software) that allows for secure, authenticated, decentralized transaction management, often without any central authority. Keep that lack of central authority in mind as we move forward. Basically, Bitcoin and all the other cryptocurrencies are essentially bits of data. They have no intrinsic value. Their value, instead, is based on the agreed-upon value of all the


people who are trading in a given currency. For a while, everyone was super-excited about Bitcoin and its value skyrocketed. Recently, interest has been more subdued and its value has dropped. You may have heard of Bitcoin mining. Each Bitcoin has a very complex digital signature. Creating that signature (which is, essentially, the digital coin) requires an ever-increasing amount of computing power. While that’s terrible for the planet, it’s an agreed-upon method to apply friction to the creation of the currency, which, in turn, creates the agreed value across all those trading in the currency. One thing that makes cryptocurrencies very interesting to those using them is that they offer a level of anonymity. If you pay for something somewhere that accepts Bitcoin, for example, your name and personal identifying information don’t accompany that transaction. Some VPN (virtual private networking) service providers accept payments in Bitcoin, so those who want to obscure their digital tracks can pay anonymously. This level of anonymity has become a concern to government regulators, federal securities organizations, and law enforcement. Bitcoin and other cryptocurrencies are tailor made for criminals, terrorists, and others who want to make it harder to “follow the money.” But here’s the thing with Bitcoin: it’s not entirely anonymous. A bundle of Bitcoin is normally stored in a digital wallet. The person who controls the wallet owns the Bitcoin in it. The anonymity comes into play because the wallet contains no identifying information about the owner.

Zcash implements a zero-knowledge algorithm in how its blockchain works. That’s because Zcash’s blockchain does not link older transactions to currently trading coins. This removes the ability to link previous purchases or sales to a given Zcash “coin.”

While the actual digital coin for legal tender exchange rate may fluctuate wildly, the intrinsic value of cryptocurrencies to enemy actors is not the exchange rate, but the existence of these new types of borderless currencies that have no allegiance to or oversight by any official government entity.

But here’s the rub. Every single transaction that ever occurs in Bitcoin is directly traceable to a given wallet. So if law enforcement can connect a single Bitcoin-based transaction to a perpetrator, and then connect that perpetrator to a wallet, everything ever purchased or sold through that wallet is instantly available. This is digital forensics, so you don’t even have to be geographically near the perpetrator to dig through the wallet to identify transactions. The bad guys (and some folks who legitimately need privacy) aren’t particularly thrilled with the traceability and permanent record of all the Bitcoin transactions. But Bitcoin is far from the only cryptocurrency. In fact, there are thousands of them, many with their own quirks, benefits, and internal software architecture. For the purpose of our discussion about how cryptocurrency relates to counterterrorism, we’ll discuss two relatively popular alternative cryptocurrencies, Zcash and Monero.

10

Journal of Counterterrorism & Homeland Security International

Monero goes even further. While Zcash allows transactions to be anonymous, that’s not the currency’s default behavior. In Monero’s case, all transactions are anonymous by default. Monero’s algorithms were built with intrinsic mechanisms designed to enforce anonymity for all transacting parties — as well as preserve the anonymity of the digital coins themselves. Monero mixes keys and identities, so it’s not really possible to connect any individual transaction or coin to any other, or any participant in any of the transactions. This, as you might imagine, is ideal for criminals and terrorists who need to launder or hide money, or who need to transfer value across national boundary lines without being caught. Likewise, this is where cryptocurrencies become a problem for counterterrorism professionals. As long as the participants in a currency agree to its value, it can be used to transact business. The reason these digital currencies have taken off is that they don’t require a central authority to prevent fraud. They are zero-trust financial instruments, secure in their value, secure in their individuality of entity existence, and secure from government oversight. They don’t require any participant to be agreed upon to be honest. They just exist — and therefore, they can be traded safely by criminals who might otherwise be completely distrusted and untrustworthy. While the actual digital coin for legal tender exchange rate may fluctuate wildly, the intrinsic value of cryptocurrencies to enemy actors is not the exchange rate, but the existence of these new types of borderless currencies that have no allegiance to or oversight by any official government entity. So there you go. Another thing to keep you up at night. Follow-the-money just became a whole lot harder.

Oh, joy.

About the Author CTSERF Research Professor David Gewirtz, M.Ed. is Director of the U.S. Strategic Perspective Institute, Distinguished Lecturer for CBS Interactive, Cyberwarfare Advisor for the International Association of Counterterrorism and Security Professionals, IT Advisor to the Florida Public Health Association and an instructor at the UC Berkeley extension.http://www.zdnet.com/ blog/diy-it/

Vol. 24, No.3


18105 IACSP Homeland Security Ad v1_Layout 1 12/10/13 9:28 AM Page 1

Online Undergraduate, Graduate & Certificate Studies in

Public Safety & Homeland Security Meeting the professional advancement needs of those committed to protecting the public. Earn your career credentials without job interruption through Fairleigh Dickinson University’s respected online degree and certificate offerings. Established in 1942, FDU is New Jersey’s largest private university with 12,000 students worldwide. Degree Offerings

• Master of Administrative Science • Master of Science in Homeland Security • Bachelor of Arts in Individualized Studies Certificate Studies Career-relevant programs are available at the graduate and undergraduate level in such areas as terrorism, forensics, global security, disaster and emergency management, transit safety, homeland security, and more. Credits earned can be applied toward the appropriate degree program. • FDU is proud to participate in the Yellow Ribbon G.I. Education Advancement program enabling eligible veterans to attend FDU at no charge. • FDU accepts Federal Tuition Assistance (FTA) for undergraduate and graduate courses (restrictions apply). • No entrance exams required.

For More Information

Undergraduate Programs JoAnna Steiner 201-692-7357 online@fdu.edu

Graduate Programs Ronald E. Calissi 201-692-6522 calissi@fdu.edu

fdu.edu/mas

ALSO AVAILABLE: MASTER OF SPORTS ADMINISTRATION


ICE HSI Photo

An IACSP Q&A with Christopher Merendino Homeland Security Investigations (HSI) Assistant Special Agent in Charge of the Miami Office.

M

S-13, or Mara Salvatrucha, is a violent transnational gang whose credo is Mata, roba, viola, controlla, which translates to Kill, steal, rape and control. The HSI-led criminal investigation targeted a local chapter of the MS-13 street gang known as 20th Street MS. The 20th Street MS gang included more than 100 active members, mostly foreign nationals from Central America, with many verified as being present in the United States illegally. The

20th Street MS clique was a criminal enterprise participating in a variety of criminal activities including murder, attempted murder, extortion, drug distribution, illegal sales of firearms, burglary, robbery, assaults on rival gang members, and vehicle theft.

12

Journal of Counterterrorism & Homeland Security International

Vol. 24, No.3


(Editor’s Note: Christopher Merendino was the lead special agent of Operation Devil Horns (2004-2008), an investigation of MS-13 gang activity in San Francisco, California. As a result of Operation Devils Horns, many acts of violence and crimes committed in the San Francisco area were resolved. HSI’s investigation led to a major disruption of a long-entrenched MS-13 clique in San Francisco.

20th Street was comprised at the time when the case started in

Christopher Merendino began his federal career in the U.S. Border Patrol in 1997. He has served in federal law enforcement for 22 years. After Operation Devil Horns, he was transferred to HSI headquarters’ National Gang Unit, which oversees Operation Community Shield. He was later sent to Miami.

2004 of approximately 100 gang

Christopher Merendino, a native of Bensonhurst, Brooklyn, New York, has a master’s degree in Criminal Justice from John Jay College in Manhattan and as a result of Operation Devil Horns, he received the Director’s Award and the Attorney General’s Award.

on the street at any given time,

Christopher Merendino was interviewed by Paul Davis, a contributing editor to the Journal.)

back. They were part of the

IACSP: Can you tell us about Operation Devil Horns, which

took down a group of MS-13 criminals in San Francisco in 2008?

Merendino: I formally worked in San Francisco and was the

primary case agent on Operation Devil Horns. Operation Devil Horns was a nearly five-year investigation of an MS-13 clique in San Francisco, known as the 20th Street MS-13 Clique. 20th Street was comprised at the time when the case started in 2004 of approximately 100 gang members. I would say that there were probably maybe 40 or so on the street at any given time, those being in and out of jail and/or being deported and coming back. They were part of the larger transnational organization MS-13 that we hear about a lot in the news today. The gang primarily engaged in smaller entrepreneurial endeavors like small time drug dealing and theft, but the thing they mostly engaged in was violence. The gang engaged in violence to gain territory in the area they claimed in the Mission District in San Francisco and to gain respect from rival gangs.

members. I would say that there were probably maybe 40 or so those being in and out of jail and/ or being deported and coming larger transnational organization MS-13 that we hear about a lot in the news today. The gang primarily engaged in smaller entrepreneurial endeavors like small time drug dealing and theft, but the thing they mostly engaged in was violence.

IACSP: Was there a particular reason that you targeted this group? Merendino: Yes. On a previous case I had started to develop a rapport with the Gang Task Force with the San Francisco Police Department. I regularly worked with them on some other gangenforcement endeavors and ultimately through conversations with those gang cops, I determined that MS-13 was the largest problem for state and local law enforcement authorities in the city and I decided that I wanted to tackle that gang. IACSP: Why was Devil Horns chosen as the name of the operation?

Merendino: Devil Horns was chosen as the operation name because the main gang symbol they use is called “la gara,” which is basically the devil horns insignia. It is the same devil horns

ICE HSI Photo


insignia that was very popular in the 1970s and 1980s with heavy metal artists. When the gang first formed in the 1980s, the founding members were heavy metal enthusiasts and they kind of stole that sign from the music world and used it for the street gang.

IACSP: What was your role in the op-

MS-13 is unique in that they don’t engage in acts

eration and the takedown?

of violence for

Merendino: I was the case agent dur-

entrepreneur

ing the course of the investigation, so from start to finish, I was the primary case agent. I pretty much managed the entire case from a small operation to a very huge, almost full office and national participation takedown of the gang after about four and a half years.

Merendino: Yes, I think it is. MS-13 is unique in that they don’t engage in acts of violence for entrepreneur reasons, like to sell drugs and other things, although you do see a tendency there to earn money by illicit means. The gang engages in violence primarily to gain respect, power and territory. Other gangs usually engage in acts of violence to pursue larger entrepreneur endeavors, like to sell larger quantities of drugs or to kill rivals who are selling drugs in the same area. MS-13 engages in violent acts to gain respect.

reasons, like to sell drugs and other things, although you do see a tendency there to earn money

Merendino: I would describe them as a

by illicit means. The

transnational criminal organization that is very organized and run by gang leaders in El Salvador. These gang leaders manage the gang throughout the United States and in Central America.

gang engages in

IACSP: What makes MS-13 stand out?

power and territory.

violence primarily to gain respect, Other gangs usually engage in acts of violence to pursue larger entrepreneur endeavors, like to sell larger quantities of drugs or to kill rivals who are selling drugs in the same area. MS-13 engages in violent acts to gain respect.

FBI Photo MS-13

14

Journal of Counterterrorism & Homeland Security International

well as a gun, right?

Merendino: A lot of their culture is

IACSP: How would you describe MS-13?

Is it their propensity for violence?

IACSP: And they will use a machete as

from Central America and they have what is called a ritualistic tendency where they claim to worship the Devil. They often claim when they engage in criminal activities that they are doing it for “The Beast.”

IACSP: Would you consider MS-13 to be a threat to national security? Merendino: I would in the sense that, first off, the gang is comprised primarily of foreign nationals who are in the country illegally. That’s a national security issue on its own. But the gang in its more modern form also works for larger criminal organizations, like cartels in Mexico, assisting in moving drugs and humans across borders. So, I think that there is definitely a national security risk there. IACSP: Why was it more effective for

HSI to take the lead in Operation Devil Horns than say the FBI, DEA or some other federal law enforcement agency?

Merendino: Primarily because we have

specialized authorities. Our Title 8 immigration authority in conjunction with our criminal authority gives us a unique power to address transnational threats. I think for that reason we are suited very well to take on a threat such as MS-13. We have more tools in our tool box to deal with the criminal organization than the other agencies you mentioned

IACSP: You noted that many MS-13 members were illegal immigrants, so ICE and HSI can deport them, right? Vol. 24, No.3


IACSP: What was the outcome of the operation?

The SFPD was heavily involved, although in the early stages of the case, not overtly, because they were hindered by their sanctuary polices in the city. They didn’t US Marshal Service MS13 Arrest

have the ability to overtly work with us,

Merendino: Absolutely. We can deport them, we can use immigration enforcement as leverage with informants, and we can use our vast criminal authority as well to charge most of the federal crimes that the FBI would. So, I think our unique authority really gives us the edge in combating national gangs.

but over time, we

IACSP: Did the San Francisco Police, the FBI and the alphabet soup of federal law enforcement assist in the operation?

with sanctuary laws

Merendino: The SFPD was heavily involved, although in the early stages of the case, not overtly, because they were hindered by their sanctuary polices in the city. They didn’t have the ability to overtly work with us, but over time, we developed enough rapport that we were able to overcome issues associated with sanctuary laws and they worked with us together. The DEA worked with us on the drug aspects of the case. We did target some of the drug dealers in the gang and the DEA worked with us and engaged in operations associated with the drug network. The FBI was minimally involved. The FBI had a joint investigation, targeting some outlier MS-13 members. I worked with ATF with some of the gun stuff as well. The biggest issue was the sanctuary policy stuff. The higher ups in San Francisco were not OK with us engaging in immigration enforcement.

us together. The DEA

developed enough rapport that we were able to overcome issues associated and they worked with worked with us on the drug aspects of the case. We did target some of the drug dealers in the gang and the DEA worked with us and engaged in operations

Merendino: In October of 2008 we did what I believe is still today one of the largest enforcement operations that our agency has ever engaged in. We brought about 150 agents in from around the country. Seven of our special response teams went to San Francisco and along with our state and local counterparts, we engaged in a massive enforcement operation. We did over 20 search and arrest warrants and we arrested about 42 gang members, most of them on federal RICO racketeering charges. It was a very successful takedown. Luckily, no one was injured, and we arrested all of our primary targets. In the grand scheme of things, I think we put away close to 35 of the targets. At least seven of those were given life in prison for murder in aid of racketeering. IACSP: What is the primary role of an HSI special agent? Merendino: Like any other federal agency, we have priorities. HSI is the criminal investigative arm of the U.S. Immigration and Customs Enforcement (ICE). We are the largest investigative agency in the Department of Homeland Security and we generally investigate transnational crime. Problematic areas that we focus on range widely from ID document fraud, money laundering, human smuggling, human trafficking, export violations, counter-proliferation investigations, transnational gang investigations, any custom violations, not to mention all of the immigration enforcement we do, be it worksite enforcement. Cybercrime, child pornography and the exploitation of children, and sex tourism. HIS is the lead on this. We are also members of the FBI led Joint Terrorism Task Force, so we assist in counterterrorism as well. We have a vast array of areas we focus on in the criminal realm.

associated with the

IACSP: So, you’re not bored?

drug network.

Merendino: No, we’re not bored. IACSP: Thank you for speak-

ing to us.


Chinese Spies, Thieves and Hackers:

US Air Force Photo B-2 Spirit Bomber

Two Cases Expose China’s Campaign To Steal America’s Trade Secrets

W By Paul Davis

hy spend millions of dollars and thousands of manhours on research and development of a product, when for a fraction of the cost you can simply spy on and steal what another company has produced? And that is what the theft of trade secrets and economic espionage is all about. On October 12, 2018, the U.S. Justice Department announced that a Chinese Ministry of State Security

(MSS) intelligence officer, Yanjun Xu, aka Qu Hui, and aka Zhang Hui, was arrested and charged with a four-count indictment of conspiring and attempting to commit economic espionage and theft of trade secrets from several aviation and aerospace companies.

16

Journal of Counterterrorism & Homeland Security International

Vol. 24, No.3


According to the Justice Department, Yanjun Xu is a Deputy Division Director with the MSS’s Jiangsu State Security Department, Sixth Bureau. MSS, the intelligence and security agency for China, is responsible for counter-intelligence, foreign intelligence and political security. The Justice Department explained to reporters that MSS has broad powers in China to conduct espionage both domestically and abroad. Xu was arrested in Belgium on April 1st and then indicted by a federal grand jury in the Southern District of Ohio. The federal government unsealed the charges on October 12th after he was extradited to the United States on October 11th. The charges were announced by Assistant Attorney General for National Security John C. Demers, U.S. Attorney for the Southern District of Ohio Benjamin C. Glassman, Assistant Director Bill Priestap of the FBI’s Counterintelligence Division, and Special Agent in Charge Angela L. Byers of the FBI’s Cincinnati Division. “This indictment alleges that a Chinese intelligence officer sought to steal trade secrets and other sensitive information from an American company that leads the way in aerospace,” said Assistant Attorney General Demers. “This case is not an isolated incident. It is part of an overall economic policy of developing China at American expense. We cannot tolerate a nation’s stealing our firepower and the fruits of our brainpower. We will not tolerate a nation that reaps what it does not sow.” Assistant FBI Director Priestap added that the unprecedented extradition of a Chinese intelli-

This indictment alleges that a Chinese intelligence officer sought to steal trade secrets and other sensitive information from an American company that leads the way in aerospace,” said Assistant Attorney General Demers. “This case is not an isolated incident. It is part of an overall economic policy of developing China at American expense. We cannot tolerate a nation’s stealing our firepower and the fruits of our brainpower. We will not tolerate a nation that reaps what it does not sow.”

Yanjun Xu MSS

John Demers DOJ

gence officer exposed the Chinese government’s direct oversight of economic espionage against the United States. “Innovation in aviation has been a hallmark of life and industry in the United States since the Wright brothers first designed gliders in Dayton more than a century ago,” said U.S. Attorney Glassman. “U.S. aerospace companies invest decades of time and billions of dollars in research. This is the American way. In contrast, according to the indictment, a Chinese intelligence officer tried to acquire that same, hard-earned innovation through theft. This case shows that federal law enforcement authorities can not only detect and disrupt such espionage, but can also catch its perpetrators. The defendant will now face trial in federal court in Cincinnati.” According to the indictment, beginning around December 2013 and continuing until his arrest, Xu targeted certain companies inside and outside the United States that are recognized as leaders in the aviation field, including GE Aviation. According to the GE Aviation, the company is a leading provider of jet, turboprop and turboshaft engines, components and integrated systems for commercial, military, business and general aviation aircraft. One of GE Aviation’s customers is the Untied States Air Force. GE Aviation supplies the engine for the B-2 Spirit, a multi-role bomber that is capable of delivering both a conventional and nuclear payload. According to the Air Force, the B-2 Spirit is a dramatic leap forward in technology and the bomber represents a major milestone in the American bomber moderation program. “The B-2 Spirit brings massive firepower to bear, in a short time, anywhere on the globe through previ-


ously impenetrable defenses,” the

Air Force announced.

Xu identified experts who worked for these companies and recruited them to travel to China, often initially under the guise of asking them to deliver a university presentation. Xu and others paid the experts’ travel costs and provided stipends. China’s Foreign ministry spokesman Lu Kang responded to the arrest of Xu by telling reporters that China was calling on the U.S. to deal with the matter fairly in accordance with law. He added that the U.S. must ensure Xu’s legitimate rights and interests. “The U.S. accusation is something made out of thin air,” Lu said to reporters. According to the Justice Department, the investigation was conducted by the FBI’s Cincinnati Division, with substantial support provided by the FBI Legal Attaché’s Office in Brussels. The Justice Department’s Office of International Affairs provided significant assistance in obtaining and coordinating the extradition of Xu, and Belgian authorities provided significant assistance in securing the arrest and facilitating the surrender of Xu from Belgium. Assistant Attorney General Demers and U.S. Attorney Glassman both commended the FBI and the assistance of the Belgian authorities in the arrest and extradition of Xu. Demers and Glassman also commended the cooperation of GE Aviation throughout the investigation. In a related case, the Justice Department announced on October 30, 2018 that Chinese intelligence officers, hackers and co-opted company insiders conducted or otherwise enabled repeated intrusions into private companies’ computer systems in the United States and abroad for more than five years.

“State-sponsored hacking is a direct threat to our national security. This action is yet another example of criminal efforts by the MSS to facilitate the theft of private data for China’s commercial gain,” said U.S. Attorney Adam Braverman. “The concerted effort to steal, rather than simply purchase, commercially available products should offend every company that invests talent, energy, and shareholder money into the development of products.”

According to the Justice Department the goal was to steal intellectual property and confidential business information, including information related to a turbofan engine used in commercial airliners.

18

The Justice Department stated that members of the conspiracy, assisted and enabled by JSSD-recruited insiders Gu Gen and Tian Xi, hacked the French aerospace manufacturer. The hackers also conducted intrusions into other companies that manufactured parts for the turbofan jet engine, including aerospace companies based in Arizona, Massachusetts and Oregon. At the time of the intrusions, a Chinese state-owned aerospace company was working to develop a comparable engine for use in commercial aircraft manufactured in China and elsewhere. “State-sponsored hacking is a direct threat to our national security. This action is yet another example of criminal efforts by the MSS to facilitate the theft of private data for China’s commercial gain,” said U.S. Attorney Adam Braverman. “The concerted effort to steal, rather than simply purchase, commercially available products should offend every company that invests talent, energy, and shareholder money into the development of products.” The FBI’s San Diego Field Office led the investigation. John Brown, the FBI Special Agent in Charge of the San Diego field office, stated that the threat posed by Chinese governmentsponsored hacking is real and relentless. “The Federal Bureau of Investigation, with the assistance of our private sector, international and U.S. government partners, is sending a strong message to the Chinese government and other foreign governments involved in hacking activities. We are working together to vigorously investigate and hold hackers accountable regardless of their attempts to hide their illicit activities and identities.” Assistant Attorney General John C. Demers stated that the U.S. Justice Department’s National Security Division and its U.S. Attorney partners were working to stop Chinese intelligence officers from stealing American intellectual property.

The charged intelligence officers, Zha Rong and Chai Meng, and other co-conspirators, worked for the Jiangsu Province Ministry of State Security (“JSSD”), headquartered in Nanjing, which is a provincial foreign intelligence arm of China’s MSS. The Justice Department stated that from January 2010 to May 2015, JSSD intelligence officers and their team of hackers, including Zhang Zhang-Gui, Liu Chunliang, Gao Hong Kun, Zhuang Xiaowei, and Ma Zhiqi, focused on the

theft of technology underlying a turbofan engine used in U.S. and European commercial airliners. This engine was being developed through a partnership between a French aerospace manufacturer with an office in Suzhou, Jiangsu province, China, and a company based in the United States.

“This is just the beginning,” Demers said. “Together with our federal partners, we will redouble our efforts to safeguard America’s ingenuity and investment.”

About the Author MSS Emblem

Journal of Counterterrorism & Homeland Security International

Paul Davis is a frequent contributing editor to the Journal of Counterterrorism & Homeland Security Int’l.

Vol. 24, No.3



Assessing the Violent

A SWAT police officer and other first responders respond after a gunman opened fire at the Tree of Life synagogue in Pittsburgh, Pennsylvania, U.S., October 27, 2018. REUTERS/John Altdorfer

Targeting of Faith-Based Organizations

K

By Dr. Joshua Sinai

nown as faith-based organizations (FBOs), religious institutions are intended to serve as physical and spiritual sanctuaries and places of peaceful inner reflection from “all the evil� that occurs in the outside world. But for many reasons, however, such as their unwanted role as provocative religious symbols in highly contentious and polarizing political conflicts and vulnerabilities such as minimal security defenses against potential violent assailants, FBOs have recently become major targets for conducting mass killings by three types of attackers: ideologically driven terrorists, psychologically driven active shooters, as well as, on occasion, workplace violence-related attackers.

20

Journal of Counterterrorism & Homeland Security International

Vol. 24, No.3


Violence against FBO facilities and their congregants has long been rampant around the world, particularly in highconflict regions such as South Asia (particularly Iraq and Pakistan) and the Middle East (particularly in Egypt, Lebanon and Syria). While such high frequency attacks against FBO have not reached America, recent high visibility attacks against FBOs in Charlottesville, SC, on June 17, 2015 (9 killed, one wounded), in Sutherland Spring, TX, on November 5, 2017 (26 killed, 20 wounded), and Pittsburgh, PA, on October 27, 2018 (11 killed, six wounded), demonstrate the severity of the escalating threat in America, as well. In response to such escalating threats against FBOs in America, their officials have been upgrading their security systems, personnel, and procedures, although areas of vulnerability remain. This was demonstrated in the Pittsburgh attack, where the targeted Tree of Life synagogue lacked any security in place at the time of the attack because its officials had underestimated the severity of the threat situation, believing that heightened security was only required at significant religious events (such as Yom Kippur services) but not “every-day” worship services, even though, to the assailant, this was an especially polarized political period that “required” him to attack that particular synagogue because of the highly negative symbolism it had represented to him, including the presence of a pro-immigration non-governmental organization (NGO) in its premises. This article will analyze these issues as they affect the security of FBOs in the United States by defining FBOs, the demographic size of FBOs in the U.S., the motivations for attacking them, significant incidents, types of perpetrators, types of weapons used, and the types of security measures being implemented to safeguard such facilities and their congregants.

place of worship, a regular congregation, holds regular religious services, and an organization of ordained ministers.

While such high frequency attacks against FBO have not reached America, recent high visibility

In addition to providing religious services, many FBOs are also defined by their provision of religiously-based educational schools for students from pre-kindergarten through 12th grade, in addition to offering after-school programs to various groups.

Size of FBOs in the United States

5, 2017 (26 killed,

In the 2010 U.S. census, it was estimated that there were approximately 345,000 religious congregations, consisting of about 150 million members. These FBOs comprised more than 230 different denominational groups, whether Christian, Jewish, Muslim, Sikh or other congregations. The sizes of congregations vary, depending on whether they are located in rural or urban areas. In rural areas, congregations are generally small (100 members), while in large metropolitan areas and suburbs, they can exceed 10,000 members.

20 wounded), and

Vulnerabilities for Attack

attacks against FBOs in Charlottesville, SC, on June 17, 2015 (9 killed, one wounded), in Sutherland Spring, TX, on November

Pittsburgh, PA, on October 27, 2018 (11 killed, six wounded), demonstrate the severity of the escalating threat in America, as well.

One of the key vulnerabilities for targeting FBOs by their violent adversaries is their large gathering of people of a particular faith in a single location at specified times that is publicly known. This predictability of known schedules when members gather for worship makes them vulnerable, during the pre-incident period to adversarial surveillance, and then to choosing the moment to attack when the targeted population is present for its religious service.

Defining FBOs

A second vulnerability is the perception by potential adversaries that religious facilities are “soft targets” because they have little security in place because of the conventional belief that a violent attack “can’t happen here,” and that people in general, including criminals, view FBO’s as sacred places to be respected and out-of- bounds for an attack or criminal activity.

A faith-based organization (FBO) is defined by the U.S. Government, particularly the Internal Revenue Service (IRS), as a “religious entity” if it meets the following criteria: a distinct legal existence and religious history, a recognized creed and form of worship, has an established

A third vulnerability is the FBOs open access for all visitors based on their role as a welcoming environment for worshippers and those seeking religious counsel, including those who may be psychologically troubled for various reasons whose future violence may not be anticipated at the time.


A final vulnerability, which likely is being addressed following the catastrophic mass shooting at the Pittsburgh synagogue, is their limited security budgets, with many religious houses of worship lacking the appropriate financial resources to implement comprehensive security measures.

Significant Incidents In order to assess the nature and magnitude of the violent threats against FBOs, this section presents an overview of significant mass casualty attacks against FBOs since the early 2000s. The incidents highlighted below consist of violent attacks or attack plots, but note that a larger set of incidents include arson, vandalism, or threats, whether via telephone or ones that are posted in social media. • 2002: Leo Felton and Erica Chase, a boyfriend and girlfriend White Supremacists plotted to attack African American and Jewish American targets. These included the United States Holocaust Memorial Museum in Washington, DC, and the New England Holocaust Memorial in Boston, MA. • May 21, 2006: Anthony Bell, aged 25, an estranged husband, stormed into the service at the Ministry of Jesus Christ Church, in Baton Rouge, Louisiana, fatally wounding four people. After abducting his wife, he then killed her at another location. The pastor was among those critically wounded. Bell was arrested. • July 28, 2006: Naveed Afzal Haq, aged 30, shot six women, one fatally, at the Jewish Federation of Greater Seattle building in the Belltown neighborhood of Seattle, Washington. • December 9, 2007: Matthew J. Murray, aged 24, used a firearm to attack the New Life Church in Colorado Springs, CO, killing two people, and wounding three others. This followed his earlier killing of two people and wounding two others at the Youth With a Mission (YWAM) training center, in Arvada, CO. The shooter was killed by the church’s safety team. He had been expelled from the Christian YWAM missionary training school several years previously and had been sending it hate mail in the weeks leading up to the shooting spree. • May 20, 2009: Four men were arrested in connection with a plot to shoot down military airplanes flying out of an Air National Guard base in Newburgh, New York, and blow up two synagogues in the Riverdale community of the Bronx, New York City. • June 10, 2009: James Wenneker von Brunn, aged 88, a White Supremacist, was arrested for carrying out shooting at

22

December 9, 2007: Matthew J. Murray, aged 24, used a firearm to attack the

New Life Church in Colorado Springs, CO, killing two people, and wounding three others. This followed his earlier

killing of two people and wounding two others at the Youth With a Mission

(YWAM) training center, in Arvada, CO. The shooter was killed by the

church’s safety team. He had been expelled from the Christian YWAM

missionary training school several years previously and had been sending it hate mail in

the weeks leading up to the shooting spree.

Journal of Counterterrorism & Homeland Security International

Vol. 24, No.3

the United States Holocaust Memorial Museum, in Washington, DC, in which Museum Special Police Officer Stephen Tyrone Johns was shot, and later died from his injuries. October 2010: Al Qaida in the Arabian Peninsula (AQAP) sent from Yemen explosiveladen packages on U.S.-bound UPS and FedEx cargo flights, which were addressed to Chicago-area synagogues. The parcels were discovered, respectively, in London and in Dubai en route to the U.S. December 28, 2010: Steven Scott Cantrell, aged 26, vandalized the Faith in Christ Church, in Crane, TX, with “racist and threatening graffiti” and then firebombed it. Cantrell’s motivation was reportedly his attempt to join the Aryan Brotherhood of Texas. He was arrested, found guilty, and sentenced to 37 years in prison. May 12, 2011: Ahmed Ferhani, aged 26, of Queens, NY, and Mohammad Mamdouh, aged 20, a Moroccan immigrant, were arrested in an NYPD undercover operation for plotting to attack a synagogue in New York City. August 5, 2012: Wade Michael Page, aged 40, fatally shot 6 people and wounded 4 others at the “gurdwara” (Sikh temple), in Oak Creed, WI. October 24, 2012: Floyd Palmer, aged 52, a former employee of the World Changers Church International, in College Park, GA, walked into the church and shot Greg McDowell, aged 39, a member of the megachurch’s production department. December 9, 2012: Kelvin Adams, aged 56, shot his ex-girlfriend two times as she exited a morning service at Faith Center Church in Sunrise, Florida. He then used the gun to commit suicide. The victim survived. April 13, 2014: Frazier Glenn Miller, Jr., aged 73, of Aurora, Missouri, carried out a pair of shootings at the Jewish Community Center of Greater Kansas City and Village Shalom, a Jewish retirement community, both located in Overland Park, KS. Three people were killed, two at the community center and one who was shot at the retirement community. The gunman, originally from North Carolina, a Neo-Nazi activist, was arrested, convicted of murder and other crimes, and sentenced to death. June 11, 2014: Gary Michael Moran, aged 54, in an attempted robbery, shot two priests at the Mater Misericordiae (Mother of Mercy) Mission in Phoenix, AZ, killing one of the priests and wounding the other. Moran was arrested following the shooting. December 4, 2014: Andres “Andy” Avalos, aged 33, killed his wife and another woman, then headed to the Bayshore Baptist Church, in Bradenton, FL, where his wife and the other victim had worked, and fatally shot the pastor.


A memorial outside the Tree of Life Congregation Synagogue in Pittsburgh is seen during the visit of POTUS and the First Lady, to remember the victims of Saturday’s mass shooting. (Official White House Photo by Andrea Hanks)

• June 17, 2015: Dylann Roof, aged 21, shot and killed 9 people and wounded one person during a prayer service at the Emanuel African Methodist Episcopal Church in downtown Charleston, SC • June 24, 2015: An arsonist started a threealarm fire, causing more than $250,000 in damages at the African American Briar Creek Baptist Church in Charlotte, North Carolina. • August 2016: Oscar Morel, aged 36, used a handgun to kill Imam Maulama Akonjee and Thara Uddin, his assistant, outside of their Al-Furqan Jame Mosque in Ozone Park, Queens, New York, after they had left prayer service. On March 24, 2018, Morel was convicted and sentenced to life without parole. • September 12, 2016: An arsonist set fire to the Islamic Center of Fort Pierce, FL, the mosque where Pulse nightclub mass shooter Omar Mateen occasionally worshiped. • December 2016: In an apparent hate crime, suspects allegedly confronted and then stabbed a Muslim worshipper near a mosque in Simi Valley, California. Marco de la Cruz, aged 26, and Marco Anthony Delacruz, aged 27, were arrested for the stabbing, with both convicted and sentenced to prison. • December 2016: The Islamic State (ISIS) published the names and addresses of thousands of churches in the United States and called on its adherents to attack them during the holiday season, according to a message posted in the group’s “Secrets of Jihadis” social media group. In this message, “a user going by the name of ‘Abu Marya al-Iraqi’ posted an Arabic-language message calling ‘for bloody celebrations in the Christian New Year” and announced the group’s plans to utilize its network of lone wolf attackers to ‘turn the Christian New

October 27, 2018: At around 9:54 am, just as the morning Sabbath service had begun at the Tree of Life synagogue in Squirrel Hill, Pittsburgh, PA, Robert Bowers, aged 54, carried out a shooting rampage, killing 11 and wounding seven others. He used an AR-15 style semi-automatic rifle and three Glock .357 sig handguns. Bowers, a neoNazi White Supremacist, was apprehended when he gave himself up to the responding police at 10:08 am (after wounding 4 police officers).

Year into a bloody horror movie.’” • November 5, 2017: At around 11:20 am, Devin Patrick Kelley, aged 26, conducted a mass shooting at the First Baptist Church in Sutherland Springs, Texas, 26, killing 26 persons and wounding 20 others while they were attending regular Sunday service. Kelley, who lived with his parents in nearby New Braunfels, Texas, had reportedly targeted the church because his estranged wife and her parents had worshipped there. Kelley’s firearm was a Ruger AR-556 semi-automatic. Following his escape and a high-speed chase for about 10 miles, he lost control of his vehicle, crashing it. Kelley was then found dead of a self-inflicted gunshot to his head. • October 27, 2018: At around 9:54 am, just as the morning Sabbath service had begun at the Tree of Life synagogue in Squirrel Hill, Pittsburgh, PA, Robert Bowers, aged 54, carried out a shooting rampage, killing 11 and wounding seven others. He used an AR-15 style semi-automatic rifle and three Glock .357 sig handguns. Bowers, a neoNazi White Supremacist, was apprehended when he gave himself up to the responding police at 10:08 am (after wounding 4 police officers).

Motivations for Targeting FBOs As demonstrated by these incidents, a spectrum of motivations drives groups and individuals to single out FBOs for attack. First, certain FBOs are targeted because of their attackers’ racist motivations. This was the case with Dylan Roof, who attacked the Black Baptist Church in Charleston, SC, in June 2015, in furtherance of his anti-Black White Supremacist racism. Anti-Sikh racial hatred also drove Wade Michael Page to attack the “gurdwara” (Sikh temple), in Oak Creed, WI in August 2012. Similarly,


Robert Bowers, the October 2018 Pittsburgh synagogue attacker, he was a neo-Nazi anti-Semite who deliberately targeted a prominent Jewish house of worship in a Jewish majority Pittsburgh neighborhood. Second, violent adversaries target certain FBOs, who, despite their best intentions, embody wider inflammatory and polarizing issues involving their specific religion. This was reportedly the case with Robert Bowers, who had also targeted the Pittsburgh synagogue because it housed a branch of HIAS, a pro-immigrant humanitarian assistance NGO, which he had signaled out for attack in his social media postings. Such violent adversaries, therefore, target specific FBOs, usually in their immediate geographical regions, to further the extremist ideological or theological objectives of their extremist groups or movements. Third, certain religious houses of worship, or, in some instances, museums that are associated with a specific religion, that are considered national icons, might serve as motivations for their targeting, with such attacks thereby generating worldwide publicity for their extremist causes. This was the case with James Wenneker von Brunn who had carried out a shooting attack outside the Holocaust Memorial Museum, in Washington, DC, was attacked in June 2009. Although no such attacks had taken place as of late 2018, iconic houses of worship such as the Washington National Cathedral or St. Patrick’s Cathedral in New York and others might be targeted by their extremist adversaries. For this reason, it is likely that their security postures are hardened by their security departments, in cooperation with local law enforcement. Fourth, some FBOs are perceived as iconic physical targets in their local communities. As expressions of their religions’ sacred architecture, religious buildings are highly prominent and visible in local communities. Thus, for example, anti-Muslim and anti-Jewish sentiments have motivated their extremist adversaries to target their minaret or “Star-of-David” facilities for attack, particularly in the form of bombing arson and various types of vandalism. Finally, certain religious pastoral leaders are at heightened risk for personal attack because they work in a dynamic and charismatic environment, in which some people’s emotions are especially heightened and intense, which could escalate into threatening situations against them. Although such attacks have not occurred, it is possible for especially psychologically troubled worshippers to become obsessed with their pasto-

24

ral leaders to an extreme extent that would escalate into attempting to target them for attack, which would be comparable to assassinating charismatic rock singers, such as John Lennon.

Perpetrator Types

Second, violent adversaries target certain FBOs, who, despite their best intentions, embody wider inflammatory and polarizing issues involving their specific religion. This was reportedly the case with Robert Bowers, who had also targeted the Pittsburgh synagogue because it housed a branch of HIAS, a proimmigrant humanitarian assistance NGO, which he had signaled out for attack in his social media postings.

As demonstrated by the incidents listed earlier, three categories of perpetrator actors target FBOs. These include in the first category, domestic and international terrorists (including their lone actor adherents), particularly those who engage in hate crimes against their adversaries. These include the attacks against the U.S. Holocaust Memorial Museum in Washington, DC (June 2009); the “gurdwara” (Sikh temple), in Oak Creed, WI (August 2012), the Jewish Community Center of Greater Kansas City and Village Shalom, in Overland Park, KS (April 2014); the Emanuel African Methodist Episcopal Church in downtown Charleston, SC; the Emanuel African Methodist Episcopal Church in downtown Charleston, SC (June 2015); and the Jewish synagogue in Pittsburgh, PA (October 2018). The second category consists of psychologically-driven active shooters. These include the First Baptist Church in Sutherland Springs, TX (November 2017), whose attacker was primarily motivated by psychological disorder factors. The third category is workplace violence-related, with four types of violence against FBOs. Examples of the first type, “criminal-on-employee” includes the shooting robbery of two priests at the Mater Misericordiae (Mother of Mercy) Mission in Phoenix, AZ (June 2014). The second type, “patient/customer-on-worker,” includes the shooting rampage at the new Life Church in Colorado Springs, CO, and the Youth With a Mission (YWAM) training center in Arvada, CO (December 2007). The third type, “employeeon-employee” (including “former” employee) includes the attack against the World Changers Church International, in College Park, GA (October 2012). Finally, attacks in the fourth type, “personal relationship,” include the attacks at the Ministry of Jesus Christ Church, in Baton Rouge, LA (May 2006) and at the Bayshore Baptist Church, in Bradenton, FL (December 2014).

POTUS meets and thanks law enforcement officers Tuesday, Oct. 30, 2018, at the University of Pittsburgh Medical Center Presbyterian Hospital. (Official White House Photo by Shealah Craighead)

Journal of Counterterrorism & Homeland Security International

Vol. 24, No.3

It is possible that some attackers against FBOs may exhibit more than one of these categories of perpetrators. For instance, in some cases the attackers were both ideologically and psychologically driven to carry out their mass killings. It is also possible that in future attacks, an employee may be radicalized into violent extremism and decide to attack his fellow em-


ployees for extremist ideological reasons, thus combining workplace violence with terrorism.

Types of Weapons Used in Attacking FBOs A variety of weapons are used in attacking FBOs. These include firearms, automatic weapons, edged weapons, such as knives, and flammable materials (e.g., gasoline) in arson attacks.

Conclusion Officials at houses of worship are especially concerned about maintaining the reputation of their religious institution as sanctuaries of peace and safety, so considerable resources need to be expended to protect such reputation against potential acts of violence. Reputation is thus an important FBO asset and failing to protect it can result in reputational and financial disasters ranging from loss of confidence in their institution by having fewer congregants to financial ruin in case of lawsuits for failing to follow due diligence in their emergency preparedness and response programs. In general, to protect themselves against the three categories of potential violent threats, FBOs officials implement a suite of security

measures. A useful first step is to contact local law enforcement agencies to request a vulnerability assessment at their site. This assessment is intended to provide recommendations to upgrade their defensive measures, especially security systems, security personnel, as well as securing their involvement in holding active shooter prevention exercises and drills, which also spills over into upgrading crime prevention measures. Local law enforcement agencies can then help determine the resources that need to be expended for facility security, as well as crowd control and traffic control during especially high-attendance events. Some houses of worship contract professional security guards and pay a fee to their local police departments to deploy police officers to maintain an outside security presence. As part of the cooperation with local law enforcement, it is also advisable to inform them of the scheduling of regular and significant religious holiday meetings and religious services. Moreover, while houses of worship need to safeguard their institutions under every-day and significant religious holidays’ activities which draw large crowds, they need to resolve the built-in tension of instituting appropriate security measures while maintaining a religious and open atmosphere at their institutions, thus

YOU ARE DRIVEN TO

LEAD

WE ARE DRIVEN TO HELP YOU GET THERE. At American Military University, we understand where you’ve been, what you’ve done and what you’d like your team to achieve. Choose from more than 90 career-relevant online degrees — respected by the intelligence community — which can help your squad advance their careers while serving their country. Your team will join a network of professionals gaining relevant skills than can be put into practice the same day. Take the next step, and learn from the leader.

To learn more visit, www.PublicSafetyatAMU.com/IACSP

security needs to be robust yet as low-key and unobtrusive as possible. Finally, these security issues are crucially important because whether or not a targeted attack against an FBO results in casualties, the aftermath’s disruption could significantly erode the confidence of their congregants’ willingness to return to the facility. As demonstrated by the attack against the Pittsburgh synagogue, it also had a cascading impact nation-wide, with concern that such an attack could occur everywhere that a particular religious denomination congregates, dealing a significant psychological and financial blows to that congregation nationally and locally. In the aftermath of a violent incident, such as the Pittsburgh attack, FBOs, therefore, need to conduct due diligence emergency response planning, as well as planning for all the taskings involved in the aftermath of an attack, because the lack of such comprehensive security accountability can lead to costly insurance liability and legal proceedings for the affected religious institutions.

About the Author Dr. Joshua Sinai is a Senior Analyst at Kiernan Group Holdings (KGH), in Alexandria, VA. He can be reached at joshua. sinai@comcast.net.


DISCORD:

How an Internet Platform Galvanized the Alt-Right/Neo-Nazi Movement in America

Christopher Cantwell (C) and other white nationalists participate in a torch-lit march on the grounds of the University of Virginia ahead of the Unite the Right Rally in Charlottesville, Virginia on August 11, 2017. Picture taken August 11, 2017. REUTERS/Stephanie Keith

By Edward Maggio

I

t has been more than a year since the tragic events of the Unite the Right rally in Charlottesville, Virginia. Members of the Alt-Right and NeoNazi movement who participated in the violence had descended on Charlottesville from all regions of the United States. These participants represented different political, religious, and socio-economic backgrounds. Although unified in their racist and anti-Semitic views, they had originated with varied and sometimes conflicting agendas. Groups who participated in the rally were led by infamous leaders such as Richard Spencer and Jason Kessler while others are still remaining unknown in the shadows to this day. Investigations are still ongoing to understand how the participants were able to successfully organize in a manner that unified them into a violent force of hatred.

26

Journal of Counterterrorism & Homeland Security International

Vol. 24, No.3


The answer to that question comes in the form of the gaming platform known as “Discord”. Without addressing the liability of internet platforms or internet service providers when it comes to monitoring content and responding to threats of violence; this article serves to illustrate how gaming technology can be used for nefarious purposes by terrorist organizations. For the sake of expediency and to avoid a debate on how terrorism is defined; this article works under the premise that the horrific events of the rally were in fact a planned terrorist event. Furthermore as this article will show, the violent events that unfolded during the rally, including the use of a car to cause a mass casualty event was not unforeseeable. The use of gaming platforms in planning terrorist activity has been previously investigated by law enforcement and counter-terrorism professionals. In July 2018, the Jakarta Globe reported that terror organizations could use World of Warcraft and Clash of Clans to communicate covertly for purposes of planning attacks. The Indonesian National Cyber and Encryption Agency (BSSN) reported that there were evidentiary signs that the terrorists who carried out the November 13th 2017 attack in Paris used PlayStation 4 consoles to communicate and coordinate their planned violence. In the case of the Unite the Right rally, the violence that occurred could not have been planned and carried out without the Discord gaming platform.

What is Discord? Discord is a proprietary freeware VoIP application and digital distribution platform designed for video gaming communities that specializes in text, image, video and audio communication between users in a chat channel. Discord runs on Windows, macOS, Android, iOS, Linux, and in web browsers. As of May 2018, there are 130 million unique users of the software. Originally developed as a messaging platform for group “game play,” Discord is set up as a series of private, invite-only servers, each providing a space for real-time group discussion. Each server is organized into “channels,” indicated by a “#” before the name. Participants in the chat use “handles” or nicknames to identify themselves. Participants can request to be “tagged” as a member of a group.

Discord is a proprietary freeware VoIP application and digital distribution platform designed for video gaming communities that specializes in text, image, video and audio communication between users in a chat channel. Discord runs on Windows, macOS, Android, iOS, Linux, and in web browsers. As of May 2018, there are 130 million unique users of the software . In January 2017, likeminded Alt-Right/ Neo-Nazi members began chatting and hosting their own communication servers on a much larger scale.

Discord gained popularity with the AltRight/Neo-Nazi movment due to the platform features which offer anonymity and privacy. Analyst Keegan Hankes from the Southern Poverty Law Center said “It’s pretty unavoidable to be a leader in this [alt-right] movement without participating in Discord” The ability for a lay person to immediately setup their own community server with full communication abilities and user friendly interface made Discord immediately popular with the gaming community. Unfortunately, it also attracted another section of the population. Discord also differs from other online gaming platforms in one key way: The chatrooms provided on the platform are entirely opt-in, meaning the potential for unsolicited public awareness is significantly lower. This feature of the gaming platform was essential for the growth of the Alt-Right/Neo-Nazi hate movement since general public scrutiny and response was significantly lowered compared to apps such as Twitter or Facebook.

Where Hate Comes to Meet (A Timeline): On October 22nd 2016, a Discord chat server called “/pol/Nation” emerged on the platform. The name was based on the controversial 4chan image board — where more than 3,000 users participated in a rolling multimedia chat extravaganza of Hitler memes, white nationalist revisionist history, and computer game strategy. By Election Night two weeks later it had grown into a thriving online community area on the Discord platform with more than 1,000 simultaneous users from around the world celebrating Donald Trump’s victory. In January 2017, like-minded Alt-Right/ Neo-Nazi members began chatting and hosting their own communication servers on a much larger scale. Discord’s CEO Jason Citron acknowledged in a January interview of the growing problem with Alt-Right and Neo-Nazi groups using this platform. He informed BuzzFeed News that “We’re very focused on making an amazing communication product for gamers…I had a hunch that it would be used outside of gaming, but it wasn’t anything we thought specifically about.”


Despite Discord having Terms of Service and Community Guidelines prohibiting hate filled violent content, the AltRight/Neo-Nazi participants continued to grow in size in terms of sheer numbers using the platform. By February 2017, Over 25 million users had flocked to Discord. Despite the company raising at least 30 million in venture capital funding, the company had only five “customer experience” personnel and no moderators on its staff at that time. With a high enough volume of Alt-Right/ Neo-Nazi members using Discord, the “/ pol/Nation” chat server took on another nefarious purpose. Links to other servers, including Muslim and LGBT online communities would be posted in a room called ‘Raids’. This was done with the purpose of facilitating the 1000+ Alt-Right/NeoNazi members to engage vulnerable or unsuspecting online communities on a large scale. Their main goal; To harass, humiliate, and threaten people online. The success of these activities only emboldened hate groups to move their activities from the cyber world to the real world.

Origins of Unite the Right: In June 2017, a “Charlottesville 2.0” Discord server was established as an online location for group discussions. This server was moderated by Jason Kessler and Eli Mosley. The group was “invite only” and not open to the public. One user explained that Discord was “for closed, top supersecret communications intended for the elite inner circle of the alt-right.” AltRight/Neo-Nazi members used this server on Discord as a tool to promote, coordinate, and organize the Unite the Right “rally,” and as a means to communicate and coordinate violent and illegal activities “in secret” during the actual events of that rally weekend. On July 11, 2017, Eli Mosley reminded all Discord participants that publicly sharing information not approved by the organizers would result in the immediate banning of the individual from all future Alt-Right events. This strict insistence on silence outside of the community helped the participants plan and communicate without any hindrances. The Alt-Right/Neo-Nazi members began expanding their use Discord to organize

28

the logistics and operational aspects of the Charlottesville rally. Within the platform, the organizers assigned tasks to specific members and appointed “state organizers” to coordinate travel and logistics with members in specific states and regions. There were at least 43 separate server channels set up in the “Charlottesville 2.0” chatroom for the purpose of planning and sharing information regarding the Rally. Those channels included: #announcements #news #dixie-lyrics #safety_planning #mod_help #alex_jones_chat #confirmed_participants #midwest_region #shuttle_service_information #beltway_bigots #code_of_conduct #voice_chat #self_promotion #friday-night #flags_banners_signs #sunday-night #promotion_and_cyberstrike #chants#gear_and_attire #virginia_laws #antifa_watch #lodging #demonstration_tactics #lodging_wanted #sponsors_only #lodging_available #i_need_a_sponsor #carpool_wanted #pictures_and_video #ma_ct_ri #vt_nh_me #ky_tn #great_lakes_region #tx_ok #florida #georgia #california_pacific_nw #carolinas #carpool_available #ny_nj #pennsylvania #dc_va_md

These channels provided the skeleton framework from which to launch their operations. One of the group’s moderators also set up private, organization-specific channels so members in each group could coordinate and plan for the Rally. The organizers would hold periodic “Leadership Meetings” where each Alt-Right organization was encouraged to have at least one representative present for the call. The listed groups and participants included Identity Evropa Traditionalist Worker Party, Vanguard America, and League of the South. In addition to Jason Kessler and Eli Mosley, other contributors to the “Charlottesville 2.0” Discord chats included Christopher Cantwell, Mathew Heimbach, Invictus, David Mathew Parrot, and Richard Spencer.

Warning to Discord: By June 2017, Discord was the unofficial online location for organizing the planning details of the Unite the Right rally. New York Times reporter Kevin Roose placed himself online within the Alt-Right/Neo-

Journal of Counterterrorism & Homeland Security International

Nazi community on Discord to understand their level of activities. He reported: “For two months before the Charlottesville rally, I embedded with a large group of white nationalists on Discord, a group chat app that was popular among far-right activists. I lurked silently and saw these activists organize themselves into a cohesive coalition, and interviewed a number of moderators and members about how they used the service to craft and propagate their messages.” Roose brought this activity directly to the attention of the senior management at Discord. As noted in his article, it was a problem that Discord was not prepared to solve with any type of cohesive plan. As Rouse noted, “I also asked Discord executives what, if anything, they planned to do about the white nationalists and neo-Nazis who had set up shop on their platform and were using it to spread their ideology. Several said they were aware of the issue, but had no concrete plans to crack down on any extremist groups.” By the end of June 2017, the group finalized an operational document titled “General Orders” to provide a consistent overall plan to be followed by rally participants. The General Orders were deliberately edited to serve as a layer of protection for the Rally’s organizers and were not indicative of the group’s communications in the months leading up to the Rally. The organizers appointed a team that was responsible for providing “security” at the Rally. The individuals assigned to lead the security team were Anthony Overway and Brian Brathovd. On July 7, 2017, Anthony Overway circulated a document entitled “Shields and Shield Tactics Primer” to the leaders of the various Alt-Right organizations. In preparations for counter-protestors, the purpose of the primer was to instruct Alt-Right members on how to effectively use shields and “shield walls” during the Charlottesville Rally. Similar to a Roman phalanx, the document envisioned two lines of men: the first serving as a defensive wall and the second as the offensive component using polearms and other “longer weapons” to push back people as the group advances.

Vol. 24, No.3


16 August 2017 Tim Kaine inspects a makeshift memorial to Heather Heyer at the site of her killing. PHOTO Office of Senator Time Kaine

As Discord moderator, Eli Mosley stated: “I run this [the Unite the Right “rally”] as a military operation . . . I was in the army.” On July 16 2017, Jason Kessler posted in the Discord channel #demonstration tactics a general call for people to assist with general security and to become a “party of a highly organized defense”. On the remaining Discord channels, participants repeatedly advocated violence and encouraged attendees to bring weapons to the rally. For the sake of brevity, many of the discussions that occurred repeatedly on Discord concerned how to carry out violence and address the legal consequences for such activity. Discord was also filled with instructions on how to construct flag poles and shields so that they could be used as weapons. Members were all told to dress to intimidate, including wearing military gear, shields, uniforms, flags, and signs decorated with Nazi iconography that would instill fear along racial and religious lines to any potential counter-protestor.

The Foreseen Car Attack The idea of using a vehicle to hurt protestors did not originate on the Discord site. The term “Run Them Over” has been continually used for years as a counterculture response to the Black Lives Matter movement. Thus it was only a matter of

America and the world at large would see Tiki torches paraded through the night by Discord participants while they shouted racist and antiSemitic chants. Alt-Right/ Neo-Nazi participants brought their shields and weapons which were used to assault people. By the time the rally was over, 34 people would be injured, two state troopers killed in a horrific helicopter crash, and James Fields would drive his Dodge Challenger into a crowd of peaceful protesters killing Heather Heyer and injuring others.

time before Alt-Right/Neo-Nazi participants also began posting offensive meme pictures to Discord with discussions on running over protestors. One posting in particular featured a scene from Dawn of the Dead, in which the protagonists of the film ram buses through hordes of zombies. On the Discord site, user “AltCelt” noted his approval of such violence and provided a “crying laughing” emoji in the discussion thread. In reference to running over people, he wrote “This will be us.” With months of planning and discussions on how to engage and conduct violence, the participants of the Alt-Right/Neo-Nazi movement caused one of the worst incidents in recent U.S. history. As a result of the Unite the Right rally, America and the world at large would see Tiki torches paraded through the night by Discord participants while they shouted racist and anti-Semitic chants. Alt-Right/Neo-Nazi participants brought their shields and weapons which were used to assault people. By the time the rally was over, 34 people would be injured, two state troopers killed in a horrific helicopter crash, and James Fields would drive his Dodge Challenger into a crowd of peaceful protesters killing Heather Heyer and injuring others. On the Monday following the tragic events of the rally, Discord officials finally took


action to address the use of their gaming platform by the Alt-Right/Neo-Nazi participants. They initiated a sweep to ban several of the largest Alt-Right/Neo-Nazi communities and helped to end their movement’s online headquarters. By February 2018, Discord began to enforce its Terms of Service (ToS) and Community Guidelines. A Discord representative stated in reference to the terms and guidelines that. “These specifically prohibit harassment, threatening messages, or calls to

An article published days before the rally on the Daily Stormer (A Neo-Nazi themed website) also explained that the

would be a protest of the removal of the General Robert E. Lee monument. The discussions on Discord however reveal that the participants also intended that the rally’s purpose would be to instill fear and terror in Charlottesville’s minority population. They wanted to use the events of the rally weekend to intimidate the broader civilian population and recruit more followers to their own groups through a demonstration of power and presence. In simplistic terms, the rally became focused on demonstrating that Alt-Right/Neo-Nazi participants would be the new emerging political and social power. They would show the world that

purpose of the “rally” had shifted from being “in support of the Lee Monument, which the Jew Mayor and his Negroid Deputy have marked for destruction” to “something much bigger than that . . . violence. Though we do not read people’s private messages, we do investigate and take immediate appropriate action against any reported ToS violation by a server or user. There were a handful of servers that violated these ToS recently and were swiftly removed from the platform.” Free-Speech advocates note that the hateful speech posted online by the Alt-Right/ Neo-Nazi community on Discord does not equal criminal or civil responsibility among all the participants for the violence that ensued at the rally. That would be true if the conversations and meetings held on Discord only contained racist and anti-Semitic comments. Instead, the use of Discord allowed a transition among participants from sharing their hateful viewpoints towards the actual planning and execution of violence at an operational level. The original application for the Unite the Right permit submitted by Jason Kessler claimed that the event

30

It is now an historic rally, which will serve as a rallying point and battle cry for the rising Alt-Right movement.”

Journal of Counterterrorism & Homeland Security International

they would be willing to engage in violence on anyone that opposed their actions. An article published days before the rally on the Daily Stormer (A Neo-Nazi themed website) also explained that the purpose of the “rally” had shifted from being “in support of the Lee Monument, which the Jew Mayor and his Negroid Deputy have marked for destruction” to “something much bigger than that . . . . It is now an historic rally, which will serve as a rallying point and battle cry for the rising Alt-Right movement.” Alt-Right and Neo-Nazi participants in the rally and their online supporters conspired to incite violence and to threaten, intimidate, and harass the civilian population of Charlottesville, in particular, individuals of a racial, ethnic or religious minority, and to commit other unlawful acts. At no time did any of the Alt-Right/Neo-Nazi chat moderators on Discord take measures to remove participants that advocated violence or ban them

Vol. 24, No.3


from attending the Unite the Right rally. They also coordinated with numerous named and unnamed supporters, many of whom investigators are still trying to uncover and shed light on their identities.

Researchers have noted that the current state of the Alt-Right/Neo-Nazi movement has been crushed through the efforts of law enforcement, the court system and

Researchers have noted that the current state of the Alt-Right/Neo-Nazi movement has been crushed through the efforts of law enforcement, the court system and communities at large. However the potential still

remains for such evil forces to reorganize again through another mode of technology. Even with Alt-Right/Neo-Nazi leaders facing the reality that companies are cutting off their access to the U.S. financial system and their own bank accounts, such groups are using cryptocurrency and blockchain technologies to continue funding their organizations. This conflict is far from over. The potential still remains for Alt-Right/Neo-Nazis to gather again in mass for another tragic incident. As the old maxim tell us, a conflict is over when your enemy decides to stop fighting**.

communities at large. However the potential still remains for such evil forces to reorganize again through another mode of technology.

People gather for a vigil in response to the death of a counter-demonstrator at the “Unite the Right” rally in Charlottesville, outside the White House in Washington, U.S. August 13, 2017. REUTERS/ Jonathan Ernst TPX IMAGES OF THE DAY

References 1. 2. 3. 4. 5.

About the Author Edward Maggio is an attorney and researcher with The Miller Group, LLC in Orange Virginia that specializes in Terrorism Mass Tort Litigation on behalf of victims of terrorism. He is a graduate of Virginia Tech, New York Law School and Oxford University. He also holds a professional certification in Homeland Security from New York University. **Many of the individuals named in this article are currently facing criminal and/or civil litigation along with further investigations. All parties are presumed innocent until found guilty or liable in a court of law.

6. 7. 8. 9. 10.

11. 12. 13. 14.

Rahman, Mohammed Falzal Bin Abdul, (July 27th 2018). “Countering Smart Terrorists Who Use Online Gaming Platforms.” International Policy Digest. See Id. Grunin, Lori (May 15, 2018). “Discord celebrates its birthday with 130 million users”. CNET. Retrieved November 5, 2018. Sines v. Kessler (3:17-cv-00072) District Court, W.D. Virginia. Roose, Kevin (August 15, 2017). “This Was the AltRight’s Favorite Chat App. Then Came Charlottesville”. The New York Times. Archived from the original on August 19, 2017. Retrieved November 5th, 2018. Bernstein, Joseph (January 23rd 2017). “A Thriving Chat Startup, Braces for the Alt-Right.”. BuzzFeed News. Retrieved November 5th 2018. Id. Id. Id. Menegus, Bryan. (February 6th 2017). “How a Video Game Chat Client Became the Web’s New Cesspool of Abuse.” Gizmodo. Retrieved on November 6th 2018. Id. Supra note iv, Paragraph 69 Supra note iv, Paragraph 70 Id.

15. 16. 17. 18. 19. 20. 21. 22. 23. 24. 25. 26. 27. 28. 29. 30. 31. 32. 33. 34. 35.

Id. Id. Id. Supra note iv, Paragraph 73 Supra note iv, Paragraph 69 Id. Id. Supra note V. Id. Supra note iv, Paragraph 72 Id. Supra note iv, Paragraph 177 Id Supra note iv, Paragraph 223 Supra note iv, Paragraph 100-111 Supra note iv, Paragraph 107 Supra note iv, Paragraph 111 Supra note iv, Paragraph 218 Supra note iv, Paragraph 219 Supra note V Alexander, Julia. (February 28th 2018). “Discord is Purging Alt-Right, White Nationalist and Hateful Servers.” Polygon. Retrieved on November 6th 2018. 36. Supra note iv, Paragraph 111 37. Supra note iv, Paragraph 62. 38. Ebner, Julia. (January 24th 2018). “The currency of the far-right: Why Neo-Nazis love Bitcoin.” The Guardian. Retired on November 8th 2018.


Counter-Sniper Response

to the Terrifying Nature of Sniper and Active Shooter Ambushes

S

Reverse bull’seye, Texas Tower seen through a bullet hole in a store’s plate glass window. Sniper Whitman reportedly fired at anyone who moved. Photo Courtesy of The Austin American-Statesman

Austin, Texas Report 2

By Jim Weiss, Bob O’Brien and Mickey Davis niper ambush attacks are technically classified as active shooters/killers. However, while all sniper ambush attacks are active shooter incidents, not all active shooter attacks are sniper-attack related. Sniper ambushes by their very nature include the characteristics of superior tactical position, precision skill and weaponry, etc. They are terrifying because effective tactics can’t be employed until the shooter’s location is known.

This article will cover the University of Texas Tower Shooting in 1966. The criminal in this event was a sniper who, as a quasi-terrorist, utilized and caused terror to meet his criminal ends.

32

Journal of Counterterrorism & Homeland Security International

Vol. 24, No.3


In the opinions and reports of police officers who were at this long-lasting shootout with a well-armed opponent there were differences; later sources jostle somewhat with news accounts of that time. Harsh lessons were learned.

Austin, Texas 1966

Charles Whitman, age 25, stabbed

Charles Whitman, age 25, stabbed his wife and mother to death in their respective homes. The next morning at about 11:35 a.m., dressed as a maintenance worker and pulling a guns-and-ammo footlocker on a dolly, he worked his way to the top of the Clock Tower at the University of Texas at Austin. Using a shotgun along the way, he left a trail of wounded, dead, and dying, including killing a woman and her two children. From a distance away, her husband saw his family wiped out.

his wife and mother

Whitman worked his way up to the 28th floor observation deck with its superior, elevated tactical position. Using the deck’s drain spouts for concealment, he aimed and shot at people below using a bolt action, 6 mm Remington 700 ADL (plain rifle stock with a blind spot magazine), mounted with a Leupold four-power scope.

and pulling a guns-

His terrifying killing spree lasted about 90 minutes, although the reported time period varied due to confusion because people often did not immediately know they were being shot at.

at the University of

Whitman’s killing and sniping resulted in 14 dead and 32 wounded or injured, although, again, there are variations in the numbers because some people wounded by Whitman died years later.

way, he left a trail

According to Austin Police Department (APD) Major Herbert, the approximate distance from which the shots were fired was 335 feet above street level. The farthest fatal shot was approximately 400 yards and the distance of his farthest injury shot was 500 yards away. However, more important than the distances was the fact that with his scoped rifle, he hit his victims with great accuracy. According to APD Sgt. Hinkle, any attempt to reach the injured and rescue the wounded could not take place due to the sniper’s gunfire. Hinkle met with an armored car

to death in their respective homes. The next morning at about 11:35 a.m., dressed as a maintenance worker

commandeered to pick up the wounded and transport them to waiting ambulances. (Today, when possible, there are counter snipers in most of the mission-appropriate, high buildings to provide tactical advantage and security protection for those rescuing the injured.) Included during Charles Whitman’s massacre was APD Officer Billy Paul Speed who was hit through a cleft-like opening in the masonry that he was using as cover. Whitman was a university student with issues that included poor grades. As a student, he had also raised psychological concerns. He was a former Eagle Scout who had grown up with guns and shooting from an early age. As a Marine serving from 1959 to 1960 stateside and at Guantanamo Bay, Cuba, he reportedly knew tactics and qualified as a sharpshooter. He was an expert shot, and early on he basically out-performed the responding police.

and-ammo footlocker on a dolly, he worked his way to the top of the Clock Tower Texas at Austin. Using a shotgun along the of wounded, dead, and dying, including killing a woman and her two children. From a distance away, her husband saw his family wiped out. Austin Police Officer Patrolman Ramiro Martinez took part in the removal of the sniper threat on the Texas Tower observation deck. Photo Courtesy of The Austin American-Statesman


Upon the initial reports of the shootings, all on-duty Austin P.D. police officers were dispatched; other law enforcement agencies also responded, including deputies and troopers from the Texas Highway Patrol and University of Texas Police, as well as responding armed volunteer civilians--including riflearmed students and military veterans. They engaged the sniper’s location with suppressive gunfire. This discouraging firepower caused Whitman to move about, evasively taking cover from various positions around the four sides of the observation deck. On film, this rifle fire can be seen as white smoke as bullets struck the limestone masonry of the observation deck. One news source inaccurately described the smoke as coming from the sniper’s rifle. Later, at 1:24 p.m., the police and volunteer suppressive gunfire contributed to the success of two elements of Austin police officers as they moved through the tower and worked their way up to the top.

McCoy and APD officers Conner and Moe worked their way into a bottom floor of the Tower through a tunnel. Then a University Texas employee took the group up to the floor below the tower’s observation deck. McCoy chambered one of

According to police officer Shepard (who was with three other officers): “Halfway between the 27th floor and the upper level, we found four persons on a small landing, dead or wounded, laying in approximately two inches of blood. A white male was shot in his left shoulder and was lying on his mother who seemed semi-conscious but alive; he told us he had been there about two hours and could not move. Two other subjects, a male approximately 12 and a female approximately 48, appeared dead.”

four double ought

Some police officers going up in the tower were told to attend to the wounded, while other officers responded to the sound of the sniper’s gunfire, which indicated about where he was located. (Whether to first treat the wounded, or first try to catch the bad guy(s) by going directly to the sound of gunfire was an issue that was to be debated, glossed over, and set aside in law enforcement agencies for decades, capstoning in the aftermath of the Columbine High School Massacre in 1999.)

conferred with the

buck shots into his shotgun. He said that while wading through blood and bodies of the dead and wounded, he other officers. The dilemma? Whether to remove the wounded or try for the sniper first.

In the tower, the sniper-hunting element of Ramiro Martinez and Houston McCoy

34

was able to engage Whitman and kill him. Officer Martinez claimed credit for killing Whitman. According to Officer Conner, who had been following Officers Martinez and McCoy, he heard an exchange of shots and a few seconds later Officer Martinez came through the door saying “I got him.” Officers Shepard and Conner also heard Martinez say this. And Officer Moe reported that Martinez told them he had shot the sniper.

Journal of Counterterrorism & Homeland Security International

Setting the Record Straight: This is the way the event was recorded two years later when Officer McCoy left the department. In an effort to correct history, McCoy contacted an attorney and submitted a summary of activities involving himself at the Texas Tower Sniper Attack. In effect, he stated that after arriving with his shotgun and going up three stories in a building south of the tower, he looked down and saw his friend Officer Billy Speed get shot in the right shoulder. McCoy was in the company of a 30-30 rife-armed civilian who had volunteered to help. McCoy told him to keep shooting while he got some ammunition from another volunteer, a student armed with a 30-30 rifle. McCoy and APD officers Conner and Moe worked their way into a bottom floor of the Tower through a tunnel. Then a University Texas employee took the group up to the floor below the tower’s observation deck. McCoy chambered one of four double ought buck shots into his shotgun. He said that while wading through blood and bodies of the dead and wounded, he conferred with the other officers. The dilemma? Whether to remove the wounded or try for the sniper first. The resulting plan was to remove the wounded first. Officer McCoy and Officer Day, who was also up in tower, would provide cover. At this point they learned that a civilian and Officer Martinez were up in the observation deck area, and Martinez had just entered the observation deck itself. McCoy followed behind Officer Martinez. Martinez began firing his revolver rapidly one-handed. Officer McCoy jumped out near the outer wall to the

Vol. 24, No.3



right of Martinez, and in a low crouch, aimed and fired his shotgun at the white band around the sniper’s head. The sniper ’s head jerked violently, telling McCoy he had hit him. Instantly McCoy pumped another round of buckshot, then straightened up and fired once more at the head of the sniper. It jerked violently again. McCoy knew that the second shot had not been necessary because the first shot hit Whitman in the face; his second shot hit the left side of the sniper’s head. McCoy jacked a third shot into his shotgun’s chamber and began searching. According, again to McCoy, Martinez

it is now. For example, for handguns, training involved just right- and lefthanded shooting. Two-handed stances such as the Weaver stance were not commonly taught and the Isosceles stance had not yet been developed. In addition, only a few big cities had a tactical unit.

In the aftermath of the Texas Tower Sniper Attack, police tactics evolved and specially-trained tactical units-Special Weapons and Tactics (SWAT)-were formed; the first was created by the Los Angeles Police Department. Other new SWAT units followed suit

A collection of Whitman’s firearms.

nationwide with specially equipped

jumped up, threw his revolver on the floor, and grabbed McCoy’s shotgun. He then ran to the sniper’s body, put the muzzle a few inches from it and fired. Martinez then threw McCoy’s shotgun to the floor and shouted, “I got him!” over and over. Due to his Army training, McCoy has regretted that he had let Martinez take his shotgun. In McCoy’s police report he did not state that Whitman was already dead, just that Martinez had fired McCoy’s shotgun.

vehicles, armored rescue vehicles, body armor, weapons and gear, and trained police counter snipers.

At a press conference, as instructed, McCoy and the other officers did not say much, with the exception of Martinez. Lessons Learned: In 1966, many American law enforcement agencies did not have specially trained police counter snipers. In fact, firearms training for street cops was very different from what

36

Journal of Counterterrorism & Homeland Security International

In the aftermath of the Texas Tower Sniper Attack, police tactics evolved and specially-trained tactical units--Special Weapons and Tactics (SWAT)--were formed; the first was created by the Los Angeles Police Department. Other new SWAT units followed suit nationwide with specially equipped vehicles, armored rescue vehicles, body armor, weapons and gear, and trained police counter snipers. Marine Sniper Training at the Time: Dave Swaffield served as Marine, and then Police Officer (retired). During his career, he was trained at the Ohio Police Officer Training Academy as a counter sniper under Marine Gunnery Sergeant (retired) Carlos Hathcock, and served as a SWAT sniper with the Cleveland, Ohio, Police Department. According to Swaffield when discussing the Texas Tower Incident: “All Marines are trained to shoot well, but Whitman could not have been specifically trained as a Marine sniper under Captain Edward James Land or GySgt Hathcock. Affiliated Vietnam War-era Marine sniper training was taught after Whitman served as a Marine.”

Austin Police Department SWAT today: Learning from the Texas Tower Sniper Attack Austin Police Lieutenant Katrina Pruitt, with input from the SWAT team members, told us that APD SWAT views the Tower Sniper Attack as a catalyst for the creation of tactical teams nationwide. “In our Basic SWAT School, we teach a block of instruction on SWAT history, both national and local; the Tower Sniper is a large part of the class, especially noting the inadequacies in tactics, training, and equipment of the time. “I don’t know many specifics of the time in between the Tower Sniper and

Vol. 24, No.3


the creation of APD’s Special Missions Team (early SWAT). I would imagine the incident, and the loss of Officer Speed led to more hazardous situation response training for officers as well as better equipment for officers--body armor, shotguns, etc. “With our current Team, training, tactics, and equipment, we would have a much different response to an active sniper or active elevated shooter situation than was seen at the Tower Sniper. First, we have a full-time SWAT Team that regularly trains for the response to hazardous situations, from armed/barricaded suspects to active shooters to hostage situations. The Team is on call and can be deployed relatively quickly, with 15 to 30 minutes average on-call team response to a developing or ongoing situation where patrol officers might need tactical support. We also have armored vehicles that are deployed with every SWAT callout to help provide cover for our Team, as well as to conduct an Officer/Citizen rescue. “Furthermore, the Team’s equipment is different from what an average Officer deployed with in 1966. We now wear rifle caliber-rated plated vests on all deployments as well as pistol caliberrated helmets. The average SWAT Officer deploys with an AR-15 style rifle, a pistol, a breaching shotgun, and a Taser. All of our SWAT Snipers are equipped with .308 bolt action rifles with magnified optics. Our snipers are capable of precision as well as distance shooting with their weapon systems. “If a situation similar to the Tower Sniper incident occurred today, the SWAT Team would be deployed immediately to support patrol to safely end the situation. I believe that a three-pronged approach would be used to neutralize the shooter. “First, a reactionary/assault element would enter the structure as soon as possible to locate, put pressure on, and attempt to neutralize the shooter. As our snipers arrived on scene, they would deploy out in order to neutralize the shooter from the exterior. The SWAT snipers would attempt to engage the shooter while he was in his shooting position. The Snipers would use concealment/

Sniper in University of Texas Tower Fortress Shot After 90 Minutes of Terror. Photo Courtesy of The Austin American-Statesman

stealth to get into position to view the shooter and engage him. The third prong would be to rescue the victims that had already been injured. We would use our armored vehicles to get to any victims in the open, treat them, and transport them to a medical staging area out of the line of fire.”

lieutenant from the Brook Park (OH) Police Department. He has written and co-written hundreds of articles for law enforcement and safety forces magazines, most notably Law and Order. Tactical World, Knives Illustrated, Tactical Response, Police Fleet Manager, Florida Trooper, and Counter Terrorism.

About the Authors

Mickey (Michele) Davis is an award-winning, California-based writer and author. Her young adult novel, Evangeline Brown and the Cadillac Motel, won the Swiss Prix Chronos for the German translation. Mickey is the wife of a Vietnam War veteran officer and a senior volunteer with her local fire department.

Lieut. Jim Weiss (Retired) is a former Army light infantryman, school-trained Army combat engineer, a former school-trained (regular Army) Army military policeman, former State of Florida Investigator, and a retired police

Bob O’Brien (Retired) Cleveland, Ohio Police Department SWAT Sergeant. CPD SWAT Unit co-founder. Law enforcement consultant, instructor, writer. Vietnam War Army veteran.


Maj. Gen. Ed Leacock discusses the foreign intelligence threat.

IACSP Review:

CARVERCON 2018

The Inaugural CARVER Target Analysis and Vulnerability Assessment Methodology Conference Delivers with Some of the Biggest Names in the Security Industry

O

By Luke Bencie and Sami Araboghli

n November 15th, the first snow fall of the year hit Washington DC. As such, the blustery winter weather meant that canceled flights would prevent some scheduled participants from attending the 2018 inaugural CARVER Target Analysis and Vulnerability Assessment Methodology Conference – aka CARVERCON – the following morning. Fortunately, even the cold weather could not deter the excitement for this first of its kind event. Inside the grand ballroom at the DC Marriott Metro Center, CARVERCON 2018 was burning hot with some

of the biggest names in the security industry. In attendance were individuals representing numerous military, law enforcement and intelligence agencies, private sector consultancies, as well as leading Fortune 500 organizations.

38

Journal of Counterterrorism & Homeland Security International

Vol. 24, No.3


The brainchild of the advisory firm, Security Management International, CARVERCON was designed to be a celebration of the CIA’s CARVER Target Analysis and Vulnerability Assessment Methodology. Legendary CIA officer – and co-founder of the CARVER method – Leo Labaj was on-hand to receive a “Lifetime Achievement Award” for his contributions to critical infrastructure protection. It was also an opportunity to showcase industry experts as they discussed how CARVER could be used to deter, detect, delay, respond and mitigate threats to the U.S. Department of Homeland Security’s 16 Critical Infrastructure Sectors (outlined in PPD-21).

able target (example: Are you leaving yourself and your company exposed?)

Developed during World War II, CARVER (then one letter shorter and known as CARVE) was originally

A recommended methodology for performing assessments by DHS, as well as by the United Nations security teams, CARVER has a long and impressive history in the U.S. Intelligence and Special Operations communities.

used by analysts to

The Origins of CARVER

most effectively drop

Developed during World War II, CARVER (then one letter shorter and known as CARVE) was originally used by analysts to determine where bomber pilots could most effectively drop their munitions on enemy targets. It can be both offensive and defensive, meaning it can be used for identifying your competitors’ weaknesses and for internal auditing. In addition, many security experts consider it the definitive assessment tool for protecting critical assets. It is both a quantitative and qualitative probability tool, which assists the user in justifying his/her findings to an audience.

their munitions on

CARVER is an acronym that stands for: • Criticality: Your ability to Identify critical systems and single points of failure or choke points which may cripple operations (a simple example would be the “flaw in the Death Star”) • Accessibility: Determining the ease of access to critical systems, operations or assets by an adversary (an example might be your competitor’s ease of access to exploitable IP/business intelligence) • Recoverability: Measuring the time and effort taken to recover from an adverse event (this could be the effectiveness of your business continuity plan) • Vulnerability: Your security system effectiveness vs. your adversary’s/competitor’s capability (this might be how well you fight off market competition) • Effect: The scope and magnitude of adverse consequences that would result from malicious actions and responses to them (perhaps the usefulness of your emergency response/crisis communication plan for when all hell breaks loose) • Recognizability: How you evaluate the likelihood that potential adversaries would recognize the assets as a critical or valu-

weaknesses and for

determine where bomber pilots could

enemy targets. It can be both offensive and defensive, meaning it can be used for identifying your competitors’ internal auditing.

To use CARVER whether you’re assessing a public utility, a transportation hub, a military complex, or even an individual — you assign scores from 1 to 5 (with 5 being “most important” or “most severe”) for each of the six criteria above. The sum of the six scores is the total score for whatever you’re assessing. Once you’ve done this multiple times, you can compare the scores. For example, you could use CARVER to compare two potential vulnerabilities within a complex system; whichever one has the higher score is probably the vulnerability which will receive your immediate attention (assisting with budget constraints). One of the beauties of CARVER is the many adaptive ways it may be used in the planning process. Since it utilizes both qualitative and quantitative data, the plan writer is able to use the CARVER method in almost any scenario that is played on the table in a highly organized and logical sequence.

Conference Overview The Godfather of CARVER The master-of-ceremonies for CARVERCON 2018 was U.S. Olympic gold and silver medalist (swim medley and backstroke, respectively), turned law enforcement officer, Tripp Schwenk. Tripp kept the crowd lose with his downhome humor, despite the depth and seriousness of the topics presented. Leo Labaj, who is affectionately known as the “Godfather of CARVER” (due to his 45+ years of continuous military, intelligence, nuclear and private sector security experience), provided an overview of the evolution of the CARVER Methodology. Leo and his team at the CIA’s Special Activities Division helped devise CARVER during the 1970’s, as part of the Agency’s Defense Against Terrorism Survey (DATS) programs. This resulted in Leo and his fellow bomb techs to further share the methodology with the U.S. Special Operations Community, as well as foreign liaison counterterrorism teams. This CARVER origin story was followed by an eye-opening presentation about threats to soft targets by Col. Jennifer Hesterman (USAF retired), who was previously responsible for security at Andrews Air Force Base and for Air Force One. Dr. Hesterman discussed the physical protection concepts outlined in her book, Soft Target Hardening, which was recently awarded as security book of the year.

Leo Labaj and Luke Bencie sign copies of their new CARVER book.

Retired FBI agent and former Head of Crisis Management for the Walt Disney Company, Jerry Savnik, closed the morning session with a detailed strategic plan for how to design an effec-


tive continuity of operations plan, once a comprehensive CARVER assessment has been performed. During the networking lunch, participants mingled and were afforded the opportunity to visit with sponsor displays provided by Tru4orce Camera Systems, Quality of Life Plus (prosthetics for injured service personnel), the International Association of Counterterrorism and Security Professionals and British automaker for James Bond, Aston Martin. The afternoon was equally impressive, beginning with a panel discussion about the future of infrastructure protection, which included three of the leading subject matter experts in the security industry: • Chuck Brooks: Named as one of the “Top 5 Tech People to Follow on LinkedIn”, Chuck Brooks is one of America’s leading cyber security subject matter experts. Appointed by two U.S. presidents to tackle cyber security issues, Chuck is an adjunct professor of Risk Management at Georgetown University, as well as featured contributor to Forbes Magazine. • Major General Edward Leacock: With over 40 years of military service, General Leacock held positions as Mobilization Assistant to the Director of the Defense Intelligence Agency, the Deputy J2 for US AFRICOM, and Deputy Commanding General for U.S. Army Intelligence. • James Maxwell: After 30 years with the FBI as a special agent in charge of foreign counterintelligence, terrorism investigations, and IED bombings, James Maxwell became the VP of Safety and Security for Credit Suisse Bank in New York City.

discussions that took

SOTERIA is a mobile GUI interface that will be used by vulnerability assessment teams at the tactical level, which electronically collects and processes information (via a smartphone) in order to deliver a high-quality report in less time. It utilizes a step-by-step process to perform a CARVER assessment of a commercial and/ or government critical infrastructure facility and is compatible with the U.S. Department of Homeland Security’s 16 Critical Infrastructure Sectors (outlined in PPD-21).

place at CARVERCON

SOTERIA is an acronym which stands for:

One of the most notable presentations/

2018 dealt with the comprehensive threat and vulnerability assessments of critical infrastructure using technology. Nicholas Waugh and Brian Pouliot, from the Huntsville, Alabama defense contractor Intrepid, Inc., gave the crowd a glimpse into the future of assessments and data management with their CARVER mobile security application known as SOTERIA.

These three powerful thought leaders tackled some of the most controversial topics facing the security industry today. The Q&A format was led by Managing Director of Security Management International, Luke Bencie.

40

Of further interest, Soteria was also the Greek goddess of “intelligence” and was the daughter of Zeus.

Keynote Speaker Bob Delaney Inspires CARVERCON Audience If the day’s previous presentations were not enough, CARVERCON 2018 concluded with a humorous – yet deeply though-provoking keynote speech from former undercover NJ state trooper turned NBA referee, Bob Delaney. Bob’s riveting life story of how he brought down the mafia as “Bobby Covert” has been told by HBO’s Real Sports, ESPN, and ABC. A tale similar to the Oscar winning movie, “The Departed,” his critically acclaimed book, Covert: My Years Infiltrating the Mob is also being turned into a Hollywood screenplay. Bob’s passionate message about the need to support those with PTSD was rousing and inspirational. He was the perfect speaker to put an exclamation point on a powerful conference.

Summary It is no illusion to those in the security industry that the world is a very dangerous place. Crime, terrorism, espionage, natural disasters, etc. are all daily realities of the profession. To those tasked with sorting through the risks, vulnerabilities and general chaos that any organization may encounter, a clear process must be implemented. For the leading experts in the security field, that process is the CARVER Methodology.

SOTERIA - The Future of CARVER Assessments and Data Management One of the most notable presentations/discussions that took place at CARVERCON 2018 dealt with the “process” of conducting comprehensive threat and vulnerability assessments of critical infrastructure using technology. Nicholas Waugh and Brian Pouliot, from the Huntsville, Alabama defense contractor Intrepid, Inc., gave the crowd a glimpse into the future of assessments and data management with their CARVER mobile security application known as SOTERIA.

S Security O Operating System T Threats E Emergencies R Risk I Intelligence A Analysis

“process” of conducting

Keynote speaker Bob Delaney discusses PTSD awareness.

Journal of Counterterrorism & Homeland Security International

Despite the winter weather, CARVERCON 2018 was a tremendous success. The conference organizers will certainly have a tough time trying to top the speakers and content at next year’s event. However, for those in attendance at the Washington DC Marriott, there is no doubt that most of them will be back again next year - regardless of the weather.

Vol. 24, No.3


Protective Driving Executive Awareness Security Driver Bodyguard Seminar Protective Security Operations Threat Detection Nanny Driving & Security Awareness High Risk Driving Firearms Programs Corporate Fleet Driver Training Sport Utility Vehicle (SUV) Training

ADSI is an internationally recognized advanced driving school, specializing in training Security Drivers, Executive Protection Teams and hosting many Corporate Fleet Safety Programs. We have the ability to design and implement courses for a wide audience, specializing in Corporate Security, Military and Law Enforcement training.

Advanced Driving & Security Inc.

5 Franklin Rd. Suite 5 East Greenwich, RI 02818 1-401-294-1600 Office Ext 2 Corporate/Private Security / LE / MIL Ext 3 High Performance 1-401-398-7932 Fax info@1adsi.com

www.1adsi.com


Lessons from Mom: “Never get in a car with a stranger�

V By Anthony Ricci

ehicle attacks are nothing new to the Executive Protection and Security industry. Whether you’re a seasoned Security Driver for a large corporation or a person looking to get a start in the Executive Protection field, one of the first things we learn is that most attacks on a Principal (target) happen in/or along the route. If your adversary is committed to your principal for whatever reason then they will also be committed to doing in depth surveillance. In-depth surveillance will allow them to analyze every inch of your daily routine. Depending on the time they spend, and their skill level they just may find the right vulnerabilities in your routes that can afford them a greater chance of success.

42

Journal of Counterterrorism & Homeland Security International

Vol. 24, No.3


We would all agree that is much easier to stop a slow moving vehicle right before a stop sign or around a blind turn perhaps, than it is to risk entering a secure property. Thus the reason it is so important to have some kind of counter surveillance plan in place or at a bare minimum, a trained driver who can recognize something out of the norm. Recognizing patterns that form are important; such as beginning to see a lot more people walking with cameras and/or taking pictures, or the same vehicle that may be reappearing several times along your routes. Let’s take a quick look at a couple of classic case scenarios where the adversaries conducted some in-depth surveillance. One of the most popular historic attack scenarios that comes to top of mind takes us back to November 30, 1989. On that day Alfred Herrhausen, Chairman of the Deutsche Bank, was on route to work. He was sitting in the typical seat for a principal (back right – behind the passenger seat), protected by an armored Mercedes, positioned second in a three car motorcade. The back seat where he was sitting was destroyed by a remotely-controlled car bomb which was planted on a bicycle by the side of the road. The attack was well-planned over a two month period just roughly 500 meters from his own driveway. His adversaries conducted in-depth surveillance of the motorcade, the average speed they traveled, the time of the day the motorcade went by, and the length of the vehicle. Think about the accuracy of just destroying the target in the backseat; remember the driver of this car was not killed. This may have been a coincidence but by doing some basic math a two tenth of a second delay at 40mph would put the blast twelve feet beyond the front of the car, hence, targeting the backseat. This could not be figured without knowing the length of the car and the average speed the motorcade traveled at. Again, a coincidence maybe, we will never know but certainly something to think about. Another classic case scenario where in-depth surveillance was used is the kidnapping of Mr. Sidney Reso on April 29th, 1992, the President of Exxon International. Again we see this attack happening at the end of Mr. Reso’s driveway. He was alone in the vehicle on this particular day and his normal routine was to get his newspaper every morning which was placed at the end of his driveway. While doing this routine task, a van pulled over and swept him away. Surveillance had been done by a two person team over a two-year period. They decided they wanted to kidnap a victim in 1991 and after watching several targets they found Mr. Reso to be the most predictable. In 1992 they decided he was the target which would give them the most success. They then began to watch his patterns more closely conducting

surveillance of his home and decided the point of attack should happen in the morning when he was most predictable.

Think about the accuracy of just destroying the target in the backseat; remember the driver of this car was not killed. This may have been a coincidence but by doing some basic math a two tenth of a second delay at 40mph would put the blast twelve feet beyond the front of the car, hence, targeting the backseat. This could not be figured without knowing the length of the car and the average speed the motorcade traveled at. Again, a coincidence maybe, we will never know but certainly something to think about.

In today’s times more and more Principals are utilizing services such as Lyft and Uber. A team performing in-depth surveillance wouldn’t have to work hard to determine this. Who’s to say that the adversary couldn’t find a way to obtain a Lyft or Uber vehicle, light, or decal or pose as a driver for one of these two companies? Once they obtained access to any of those things, they could position themselves in a location at a time of day when the Principal would normally call upon a Lyft or Uber driver to take them to their destination. Some of these companies have taken precautions to show you the drivers picture, vehicle, license plate, etc. But how many people take the precautions necessary to use the photo and vehicle information provided in the app to ensure that the driver who shows up to pick them up is actually the individual in the car waiting to take them to their destination? When you put it in perspective, we are ordering a stranger from the internet to get in the car with, something mom told us never to do – get in cars with strangers. It could be argued that studying past case scenarios is or isn’t a good learning tool but the important thing to remember is that every situation is somewhat different in that we all have differing habits and schedules; but the selection system and the surveillance, however, is always the first step in any kidnapping or assassination. Whether looking at modern day roadside attacks or looking back to some of the classic corporate attack scenarios like Herrhausen and Reso. We may see that technologies may have changed but methodology seems to remain the same. The terrorist must conduct in-depth surveillance on their target and understand the terrain and time lines better than you do. The Principal and his/ her protection team should usually be able to pick the spot they would be attacked in. By assessing your own route where would you attack yourself? Assessing your own route is not really that advanced, you just need to look at your vulnerable areas and decide if you can minimize risk in these spots. There lies your next problem. Will your Principal listen and minimize his/ her own risk or will the expense outweigh the importance of the problem? The alternative is not as easy as it sounds but we must always try to divert the attack by not being in the soft target selection process.

About the Author Anthony Ricci is President of ADSI (http://www.1adsi. com) / Photos: Reso’s Driveway – Yvonne Hemsey for Getty Images, Lyft vehicle – Mike Coppola/Getty Images for Lyft, Herrhausen’s Mercededs: Photo Alliance/DPA


IACSP Homeland Security Bookshelf By Dr. Joshua Sinai

This column is divided into two parts: the first part capsule reviews recent books on counterinsurgency, counterterrorism, corporate loss prevention, and a methodology on root causes that can also be used to uncover the root causes of terrorist conflicts; the second part reviews two books on Israeli national security.

Losing Binh Dinn: The Failure of Pacification and Vietnamization

T

Kevin M. Boylan, 1969-1971 (Lawrence, KS: University Press of Kansas, 2016), 376 pages, $34.95 [Hardcover], ISBN: 978-0-7006-2352-5.

44

his is a highly insightful, interesting, and extensively researched account of whether the overall Vietnam War was winnable in the early 1970s by using the Binh Dinh province as a case study to test the hypothesis of whether the United States-led pacification and Vietnamization had succeeded at such a local level. This subject is particularly relevant in the current period, the author points out, because these challenges are similar to “those confronting US troops confronting population-centric COIN [counterinsurgency] missions today. Therefore, its lessons are, in many cases, directly applicable to ongoing operations in Afghanistan and Iraq and other potential battlegrounds in the ongoing ‘war on terrorism.’” (page 10)

Journal of Counterterrorism & Homeland Security International

Vol. 24, No.3


He concludes that like the current American-led COIN campaigns, “The situation in Vietnam bears disturbing similarities to those currently existing in Iraq and Afghanistan, where the United States is again trying to prop up weak regimes whose legitimacy is widely disputed, and relying on poorly motivated allied militaries whose combat effectiveness remains alarmingly low despite extensive training, material and logistical assistance, and continuing US advisory and air support.” (page 298) This is due to the fact that “only indigenous regimes can pacify the re-taken areas and restore the normal processes of law and order (which would be particularly difficult in Syria, since for all intents and purposes, it has no national government).” (page 299) Such insights generated from the author’s masterful case study of the U.S.-led COIN campaign in Binn Dinh, make this book a valuable contribution to the literature on COIN and our understanding of the challenges presented to COIN campaigns in the current era. The author is an instructor of history at the University of Wisconsin, Oshkosh.

Call Sign Extortion 17: The Shoot-Down of Seal Team Six

Don Brown, [Reprint Edition] (Guilford, CT: Lyons Press, 2018) 304 pages, $19.95 [Paperback], ISBN: 978-1-4930-0949-7. This is a highly detailed and authoritative investigative account of the downing by the Taliban in Afghanistan’s restive Tangi Valley of the United States Army’s CH-47D Chinook helicopter, with the call sign “Extortion 17,” on August 6, 2011—three months after members of Navy SEAL Team Six killed Usama Bin Laden in their daring raid on his Abbottabad compound in Pakistan. The downing of the helicopter was devastating: it killed the Air National guard pilot crew, seven unidentified members of the Afghan military, and seventeen members of the Navy’s elite SEAL Team Six – the members of the same team had killed Usama Bin Laden. In this book, the author, a former U.S. Navy JAG officer who had been stationed at the Pentagon, and a former Special Assistant United States Attorney in Connecticut, recreates in extensive detail the wartime events and life stories of the elite warfighters who had died in the mission, within the larger context of his prosecutorial critique of the official military explanation of the incident contained in the Colt Report, as well as other officials explanations of the incident.

Counter-Terrorism for Emergency Responders [Third Edition] Robert A. Burke, (Boca Raton, FL: CRC Press, 2018) 1094 pages, $135.96 [Hardcover], ISBN: 978-1-4987-5195-7.

This is one of the best, most comprehensive, detailed and up-to-date handbooks published on the threats and types of weaponry and warfare presented by terrorists and active shooters. Although focused primarily on the needs of the emergency responder community for such tailored information, including response measures, it is also highly useful for the general homeland security community, as well. In this handbook’s third edition, which includes new chapters and updated information, the 16 chapters cover topics such as an overview of the components of terrorism and terrorist warfare; the evolution of terrorism and terrorist groups; the threats posed by active shooters; the characteristics of weaponry, ranging from conventional improvised explosive devices to weapons of mass destruction; monitoring and detection equipment for terrorist weapons; personal protective equipment and decontamination for terrorist agents; the elements in responding to terrorist incidents, including case studies; and programmatic resources and training programs on responding to terrorism. Also of special interest is the chapter on successes in preventing terrorism through foiled terrorist plots, and the concluding chapter on the future of terrorism and counter-terrorism. The appendices include a fact sheet on illegal explosive devices, a listing of FEMA urban search and rescue teams, the Burke placard hazard chart, and a glossary. The author is a veteran emergency response management practitioner, including serving as an adjunct instructor at the National Fire Academy in Emmitsburg, MD.


Root Cause Analysis: Improving Performance for Bottom-Line Results

[Fourth Edition]Robert J. Latino, Kenneth C. Latino, and Mark A. Latino, (Boca Raton, FL: CRC Press, 2011), 279 pages, $88.00 [Hardcover], ISBN: 978-1-4398-5092-3. Root cause analysis (RCA) is one of the foundational methodologies to uncover the underlying causes of failure in a spectrum of fields, ranging from engineering, healthcare, homeland security and counterterrorism. This PROACT RCA methodology was originally introduced to the authors, who are brothers, by their late father, who was a pioneer in the field of Reliability Engineering in the late 60’s. This firm was an R&D arm of Allied Chemical corporation, which today is more commonly known as Honeywell. The authors helped transform these methodologies into a leading edge consultancy with agnostic RCA software solutions at their firm, the Reliability Center, Inc (RCI). In this book’s fourth edition, the authors’ further update their PROACT RCA methodology and software, with each identified root cause requiring a corrective solution and metric to track effectiveness in the field. As the authors explain, the roots causing “undesirable outcomes” consist of three areas: physical roots (“the first physical consequences resulting from a human decision error”); human roots (“decision errors or the actions [or inactions] that trigger the physical roots to surface”); and latent roots (“the organizational systems that are flawed” [page 16]). Once an ideal analysis team is assembled to examine the root causes underlying “undesirable outcomes” that need to be corrected, the authors propose a systematic methodology that involves their trademarked PROACT® Logic Tree that consists of breaking down the physical, human, and latent root causes into their components’ hierarchically-ordered hypotheses along with accompanying evidence, developing recommendations to correct them which will be incorporated into a report. This deliverable can be reproduced by their software into a fleshed-out automated, professional report that can be regularly revised and updated. The book’s final chapter applies the RCA software to three real world client cases in which it was used to successfully resolve their initial underlying problems. This book is highly recommended for its presentation of a systematic methodology that is capable of solving root causes of problems that originate not only in engineering and healthcare, but in the fields of homeland security and counterterrorism, as well.

46

Journal of Counterterrorism & Homeland Security International

Vol. 24, No.3

Once an ideal analysis team is assembled to examine the root causes underlying “undesirable outcomes” that need to be corrected, the authors propose a systematic methodology that involves their trademarked PROACT® Logic Tree that consists of breaking down the physical, human, and latent root causes into their components’ hierarchically-ordered hypotheses along with accompanying evidence, developing recommendations to correct them which will be incorporated into a report.


Save on the latest books for Security Professionals from CRC Press SIGN UP for our emails to keep the offers coming!

CRC Press is a premier publisher of books on Counterterrorism and Security Management Visit www.crcpress.com to see our complete selection of titles and use promo code THS18 for a 20% discount www.crcpress.com

Sign up for our emails to get more special savings!


Security and Loss Prevention: An Introduction

[7th Edition] Philip P. Purpura, (Cambridge, MA: Butterworth-Heinemann/Elsevier, 2018), 772 pages, $67.96 [Paperback], ISBN: 978-0-1281-1795-8. This is an excellent and highly useful practitioner-based textbook on the components of the field of security and loss prevention. With security defined in its early stages as “freedom from risk or danger,” the author explains that “Today, with society becoming increasingly complex, various specializations – auditing, safety, fire protection, cyber security, crisis management, resilience, and intelligence, to name a few – are continually being added to the security function. For this reason, many organizations group multiple functions under the single term “loss prevention.” (p. 8). To discuss these issues, this textbook, in its substantially updated and revised 7th edition, consists of three parts. The chapters in Part I, “Introduction to Security and Loss Prevention,” explain the roles of critical thinking and business careers in the evolution of the discipline of security and loss prevention. Part II, “Reducing the Problem of Loss,” covers topics such as the methods, standards and regulations, laws, internal and external threats and countermeasures, safety in the workplace, and emergency management in loss prevention. The chapters in Part III, “Special Problems and Countermeasures,” cover topics such as terrorism and homeland security, the protection of critical, commercial and institutional infrastructures, special topics such as workplace violence and information security, and future trends in security and loss prevention. As a textbook, each chapter begins with bulleted learning objectives and key terms, and is accompanied by boxed scenarios and special topics, case studies to improve analytical and decision-making skills, and references. The author is a veteran certified protection professional, educator and author of numerous books and articles.

Israeli National Security

A Table Against Mine Enemies: Israel on the Lawfare Front

Larry M. Goldstein, ((New York, NY: Gefen Publishing House, 2017) 310 pages, $28.62 [Hardcover], ISBN: 978-9-6522-9896-6. This is an authoritative and well-informed account of the evolution and future trends in the use (and misuse) of legal instruments (i.e., lawfare) by asymmetric warfare actors such as terrorist groups against their more powerful state actors and the legal and other measures that are required in response. While the emphasis is on the use of lawfare against Israel, examples are drawn from the United States and the United Kingdom, as well. The author explains that since terrorists are incapable of winning a physical contest against their state adversary’s military, they employ the instruments of lawfare “to embarrass traditional armies in the eyes of world opinion or to restrict the ability of a nation-state to defense itself.” (page xviii) To examine these issues, the book is divided into two parts. The chapters in Part I, “Fundamental Concepts,” cover topics such as an overview of the use of lawfare in general and in cases against the U.S., the UK, and Israel; the principles of the laws of war in terms of the principles of necessity, distinction, proportionality, and shielding; and the external environment in which lawfare is used by asymmetric actors, particularly their attempts to exploit the International Criminal Court (ICC) by filing what are usually legally superfluous complaints against their state adversaries. The chapters in Part II, “Three Fields of Lawfare: Land, Sea, and Air,” discuss topics such as the use of lawfare by Israel’s Palestinian adversaries over issues such as Israel’s anticipatory self-defense, the security barrier, the naval blockades against pro-Palestinian flotillas sailing towards the Gaza Strip, and future trends in lawfare, such as its use against military drones, robots, and cyber response measures. In the second part’s final chapter, “Summary of Key Points,” the author observes that “It is the confluence of these three trends –

48

Journal of Counterterrorism & Homeland Security International

Vol. 24, No.3


asymmetric war, the globalization of information, and the automation of war – that has created the modern battlefield. Similarly it is the combination of these three trends that has created ‘lawfare,’ which is, in essense, the use of law as a weapon of war” (page 176) by terrorist-type actors against their more powerful state adversaries. The appendices include an analysis of the debate about the “relevance of internal reality to the laws of war,” a glossary, and a bibliography. The author is a patent attorney who is active with Shurat HaDin – Israel Law Center, which is one of Israel’s primary non-governmental legal organizations in countering the use of lawfare against the country in the international area.

Struggling Over Israel’s Soul: An IDF General Speaks of His Controversial Moral Decisions

Elazar Stern [translated into English by Yoram Kislev], (New York, NY: Gefen Publishing House, 2012), 376 pages, $18.00 [Paperback], ISBN: 978-9-6522-9576-7. This is an insightful, frank, and insider’s account by a retired Israel Defense Forces (IDF) Major-General of his efforts while serving in military command positions, especially in the personnel, training and education branches, to strike a balance between Israel’s democratic and pluralistic nature and attempts by right-wing ultra-religious nationalists to expand their influence within the IDF, which is intended to be a politically- and religiously-neutral and all-inclusive conscript organization. What is especially interesting about General Stern is that he is religiously observant and was one of the most prominent religiously observant officers to attain the rank of MajorGeneral in the IDF, which traditionally had been primarily secular in its orientation, so his views on these issues carry significant intellectual weight. Numerous significant controversial issues in Israeli society that affect the IDF are covered, such as his role in rewriting the IDF’s ethical code, including the requirement to differentiate between terrorists and non-combatants, understanding that a “terrorist is still a human being and that IDF soldiers are required to maintain their humanity even in the most difficult circumstances” (page 197); his opposition to calls by fervently right-wing rabbis for their religiously adherent soldiers to disobey their IDF officers’ commands over military operations, such as forcible evacuations from contentious territories, such as the disengagement of Jewish settlements from the Gaza Strip in August 2005; his plan to resolve the problem of granting exemptions from compulsory service to eligible recruits from the ultra-Orthodox community who prefer to retain their government-subsidized status as students at religious institutions; his opposition to establishing segregated platoons in the IDF for religious males and females; and his initiative to establish a fast-track religious conversion program for IDF soldiers of mixed Jewish and non-Jewish parentage. This book is an important contribution to understanding the civil-military and religious-secular challenges facing the IDF and the measures it is still attempting to implement to resolve them. The author is currently a prominent member of the Yesh Atid political party in the Israeli parliament.

About the Reviewer Dr. Joshua Sinai is a Senior Analyst at Kiernan Group Holdings (KGH) (www.kiernan.co), a national security/homeland security consulting firm in Alexandria, VA. Dr. Sinai can be reached at: joshua. sinai@comcast.net.


Journal of Counterterrorism & Homeland Security International

Vol. 24, No.3


Homeland Security graduate programs—100% online Anthony Flammia Graduate, Penn State Class of 2013 Homeland Security

Choose your degree from one of the nation’s most highly respected, comprehensive homeland security portfolios. With courses, options, and graduate certificates covering a broad spectrum of homeland and civil security specialties, you can feel confident in the quality and relevance of your education. The Homeland Security base program offers options in: • Agricultural Biosecurity and Food Defense

• Public Health Preparedness

• Counterterrorism

• Geospatial Intelligence

• Cyber Threat Analytics and Prevention

• Information Security and Forensics

Complete a certificate or graduate degree—completely online!

worldcampus.psu.edu/iacsp U.Ed.OUT 18-WC-0559/gam/smb


BUILD THE SKILLS YOU NEED TO BECOME AN INTELLIGENCE LEADER

AMU ALUM AND VETERAN LINWOOD HARRISON B.A. INTELLIGENCE STUDIES (2013)

At American Military University, we understand what a typical day in the intelligence community involves. The intelligence field is ever-evolving, and that’s why we offer more than 200 informed and career-relevant online degrees and certificates including Intelligence Studies and Intelligence Analysis. Our degree and certificate programs are respected by the intelligence community and taught by experts – many of whom have real-world IC experience. Apply today and join a global network of like-minded peers and professionals all with one goal in mind: success. To learn more, visit www.PublicSafetyatAMU.com/IACSP Journal of Counterterrorism & Homeland Security International

Vol. 24, No.3


Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.