260 likes | 614 Views
Group 03: Ryan McElhenney Terence Ryan Melonas Daniel Muldoon . HOW CAN WE ASSESS THE RISK OF TERRORISM ?. Introduction. Definition of Risk Current Risk Assessment Techniques and Practices Information Sources Risk Assessment Examples Issues in Risk Assessment Differing Opinions
E N D
Group 03: Ryan McElhenney Terence Ryan Melonas Daniel Muldoon HOW CAN WE ASSESS THE RISK OF TERRORISM?
Introduction • Definition of Risk • Current Risk Assessment Techniques and Practices • Information Sources • Risk Assessment Examples • Issues in Risk Assessment • Differing Opinions • Conclusion
Elements of Risk Assessment • Rand Corporation • “Estimating Terrorism Risk” • Stanley Kaplan and B. John Garrick • “The Six Questions of Risk” • Common Assessment • Threat • Vulnerability • Consequences
Threat • “What can happen?” • Measure (Threat) • The probability that a specific target will be attacked in a specific way during a specified time period • Assessing threat • Evaluate specific targets within the realm of protection • Identify possible attacks on these targets • Measure likelihood that a successful attack will occur • Probability • Sources • Henry H. Willis - “Estimating Terrorism Risk” • Stanley Kaplan - “On The Quantitative Definition of Risk”
Vulnerability • “How likely is it to happen?” • Measure (Vulnerability) • The probability that damages (where damages may involve fatalities, injuries, property damage, or other consequences) occur, given a specific attack type, at a specific time, on a given target • Assessing vulnerability • Will this attack be a success? • If this attack occurs, who/what will be harmed • Sources • Henry H. Willis - “Estimating Terrorism Risk” • Stanley Kaplan - “On The Quantitative Definition of Risk”
Consequences • “What are the consequences of the attack?” • Measure (Consequence) • The expected magnitude of damage (deaths, injuries, or property damage), given a specific attack type, at a specific time, that results in damage to a specific target • Assessing consequences • Innocent civilians killed, important buildings destroyed, political unrest • Example • 2004 Madrid train bombings • Political effect • Ties everything together • Sources • Henry H. Willis - “Estimating Terrorism Risk” • Stanley Kaplan - “On The Quantitative Definition of Risk”
The Need for Risk Assessment • Essential to Homeland Security • Used to determine risks to a specific area/asset • Massive overall limitations to assessment • Proper risk assessment is cost effective
How Do We Assess Risk Today? • United States • Homeland Security Advisory System • Netherlands • Terrorist Threat Assessment • United Kingdom • The UK Threat Level
United States • Different levels trigger different authoritative action • U.S. does not explain or reveal the criteria for threat level • GUARDED and LOW never issued nation-wide • DHS • “Raising the threat condition has economic, physical, and psychological effects on the nation”
Current Method - Data Mining • Definition of Data Mining • “The process of extracting hidden patterns from data” • Simple example: • Muslim chemistry graduate student • Takes a low wage job at a farm-supplies store • Just making some extra money? Access to potassium nitrate? • Associates with Arabic names, Wired him money • Flown with one of the men, Separate reservations, Different seats, Paid in cash • Credit card records show purchases of timing devices • Government Initiatives: • “Total Information Awareness” - Pentagon • “ADVISE” - Department of Homeland Security • “TALON” - Pentagon • Funding cut, but they remain active • Is it needed? • “Essential to our national security” • “NSA...says that if today’s systems were in place before the terrorist attacks of September 11th 2001, some of the hijackers would have been identified” • Does it work? • Current software is often modeled on the fraud-detection applications used by financial institutions • Terrorism is much more rare • Terrorists are developing tricks to evade data mining software • Call Phone Sex lines • Is the tradeoff worth it? • Civil Liberties • Privacy vs. Security • Source • “Know-alls: Electronic snooping by the state may safeguard liberty - and also threaten it”-The Economist
Current Method - Identify Failing States • Claim • “The gravest dangers to U.S. and World security are no longer military threats from rival great powers, but rather transnational threats emanating from the world’s most poorly governed countries.” • High risk • Crime, weapons trade, WMDs, terrorism • This concept is utilized by the U.S. to support the current war on terrorism • Condoleezza Rice: Nations incapable of exercising “responsible sovereignty” have a “spillover effect” in the form of terrorism, weapons proliferation, and other dangers. • Bush administration: “America is now threatened less by conquering states than we are by failing ones” • Supporting evidence • University of Maryland Study • Most individual terrorists came from low-income authoritarian countries in conflict • U.S. State department • Terrorists use failing states as their primary bases of operation • Issues • Not all failing states are affected by terrorism • Terrorism in failing states is not transnational • Localized political dissent • Terrorists prefer weak, but functional governments over collapsed, lawless states • Financial, Infrastructure, Communications Infrastructure • Pakistan and Kenya, not Somalia or Liberia • Terrorist groups are now decentralized • No single base of operations • Conclusions • Failing states are useful, but not central to terrorists’ operation • U.S. must alter current policy • Source • “Weak States and Global threats: Fact or Fiction” - Stewart Patrick
Assessing Risk • Current U.S. Systems are well-intentioned, but flawed • Proposed Method • “Forecasting Terrorism: Indicators and Proven Analytic Techniques” - Sundri K. Khalsa • 01 - Analysis, Rather Than Collection, Is the Most Effective Way to Improve Warning • Is additional information needed? • USA PATRIOT act? • 02 - Hiring Smart People Does Not Necessarily Lead to Good Analysis • “Frequently groups of smart, well-motivated people...agree...on the wrong solution...They didn’t fail because they were stupid. They failed because they followed a poor process in arriving at their decisions.” • Groupthink • 03 - A Systematic Process Is the Most Effective Way to Facilitate Good Analysis • Non-structured approach is the norm in the Intelligence Community • Not binary - Utilize both structured and intuitive analysis • Many risk assessment mythologies already exist (bridges, cyber security, power plants) • Why is there no unified methodology for to assess the risk of terrorism?
Information Sources • Risk assessment is based on incomplete information • Source of information must be assessed • “Assessing the competence and credibility of human sources of intelligence evidence: contributions from law and probability” - David Schum and Jon Morris • How do we value Human Intelligence (HUMINT)? • MACE - Method for Assessing the Credibility of Evidence • Set of 25 questions • Used by the CIA - Analysis of all information sources • MACE Criteria: • Competence • Is the source qualified to provide the information? • Veracity • Does the source believe what he/she is saying? • Objectivity • Was the source’s belief based on the evidence obtained by the source? • Observational Sensitivity • How good was the evidence obtained by the source? • Lesson • Source analysis is a complex task
MACE Criteria • Competence (or is the source qualified to provide the information?) • 01 - Did this source actually make the observation being claimed or have access to the information reported? • 02 - Does this source have an understanding of what was observed or any knowledge or expertise regarding this observation? • 03 - Is this source generally a capable observer? • 04 - Has this source been consistent in his/her motivation to provide us with information? • 05 - Has this source been responsive to inquiries we have made of him/her? • Veracity (or does the source believe what he/she is saying?) • 06 - Has the source told us anything that is inconsistent with what this source has just reported to us? • 07 - Is this source subject to any outside influences? • 08 - Could this source have been exploited in any way in this report to us? • 09 - Is there any other evidence from other sources that contradicts or conflicts with what this source has just reported? • 10 - Is there any evidence from other sources that corroborates or confirms with what this source has just reported? • 11 - What evidence do we have about this source’s character and honesty? • 12 - What does this source’s reporting track record show about the source’s honesty in reporting to us? • 13 - Is there evidence that this source tailored this report in a way that this source believes will capture our attention? • 14 - Are there collateral details in this report that reflect the possibility of this source’s dishonesty? • 15 - Evidence regarding the demeanor and bearing of this source during the interview? • Objectivity (or was the source’s belief based on the evidence obtained by the source?) • 16 - Is there evidence about what this source expected to observe during the reported observation? • 17 - Is there evidence about what this source wished to observe during the reported observation? • 18 - Was this source concerned about the consequences of what this source believed during the observation? • 19 - Is there any evidence concerning possible defects in the source’s memory? Also, how long ago did this source’s observation take place? • 20 - Is there any other evidence from other sources that contradicts or conflicts with what this source has just reported? • Observational Sensitivity (or how good was the evidence obtained by the source?) • 21 - The source’s sensory capacity at the time of observation? • 22 - The conditions under which the observation took place? • 23 - The source’s track record of accuracy in previous reports? • 24 - Is there any other evidence from other sources that contradicts or conflicts with what this source has just reported? • 25 - Are there collateral details in this report that reflect the possibility of this source’s inaccuracy?
Example Risk Assessment • Environment • City • Terrorist Group B • Threat • Terrorist Group B wants to attack City A’s major hospital. It is known they possess explosives. What is the probability the hospital will be completely destroyed by explosives within the next year? • Vulnerability • How likely is it that an attack of this magnitude will go undetected? Does the hospital have the proper security personnel to stop it? How many people within the hospital will be harmed? • Consequences • The entire hospital will be destroyed. The attack will kill all inside the hospital. The city will be in fear and panic. • Depending on the assessment, city officials (decision makers) will determine how much money needs to be allocated for further protection.
Assessment: Nuclear Power Plants • Nuclear energy is a vulnerable target for terrorists • Radioactive waste poses economic, environmental, and psychological consequences • Traditional risk assessment does not evaluate interconnectedness • “Any attack on an NPP will likely set off an uncontrolled chain of reaction fueled by the unique psychological impact of all things nuclear on public opinion”
Tangible vs. Intangible Assets • Refining outcomes (losses) from terrorist attack can clarify risk assessment • The non-physical consequences of an attack complicates risk assessment • Tangible • Critical Infrastructures • Nuclear Power Plants • People • Intangible • Fear • Political disruption • Madrid Election • Economic disruption • Stock Market
Black Swans • Black Swan Events • Nassim Taleb’s “Black Swan” Theory • Rare events, beyond the realm of normal expectations, extremely difficult to predict • Impossible to predict? Is analysis a waste of time? • Major impact / high consequence • After appearance, event can be explained in hindsight • Black Swans • 9/11 • Oklahoma City • Stock Market - “Not to me” • Stable vs. Unstable Environment • U.S. - “Black Swans” • No constant, tangible threat of terrorism • Difficult to assess • Israel - “White Swans” • Constant threat • Known, tangible enemy • Example: Terrorism in State College • Where do you start? • Threats? • Vulnerabilities? • Consequences? • How do we deal with Black Swans? • Can’t predict them or prevent them from occurring • Must build robustness, be vigilant • Don’t underestimate outliers
Extreme Opinions • Opinions regarding the overall risk of terrorism vary greatly • Left • Adam Curtis (The Power of Nightmares) • The threat of an Al Qaeda attack has been grossly over exaggerated • Current assessment based on false premise (1998 Embassy Bombings) • Attempt by Bush &co. to gain/maintain power • Right • Dick Cheney (former Vice President of the United States) • The threat of an attack is imminent • “High probability” that terrorists will attempt a catastrophic nuclear or biological attack in coming years...fears the Obama administration’s policies will make it more likely the attempt will succeed • Truth? • Middle! (Somewhere) • Conclusion should be based on sound information and structured analysis • Not the arbitrary beliefs of a political party • Non partisan issue • Avoid political posturing Adam Curtis Dick Cheney
Conclusion • Engage in structured analysis • Assess Threat, Vulnerability, and Consequences • Think critically • Utilize high-quality information sources • Avoid political bias • In some cases, prediction may not be possible • Information is important, but be aware of the tradeoffs
Sources Bajema, Natasha E. “Rethinking threat Assessments for Terrorist Targets: Applying the Lessons of Complex Terrorism” Terrorism and Counter Terrorism: Understanding the New Security Environment. Eds. Howard, Russell D., Reid L. Sawyer, and Natasha E. Bajema. New York: McGraw-Hill, 2009. 88 - 109. Bennett, Clay. “Security Fence.” 2002 Pulitzer Prize Cartoons. 2002. Clay Bennett Cartoons. 25 February 2009. <http://www.claybennett.com/pages/10_29_01.html>. Bush, George W. “Homeland Security Presidential directive 5.” The White House. 28 February 2003. United States. 25 February 2009. <http://www.nimsonline.com/docs/hspd-5.pdf>. “Current threat level for the Netherlands.” National Coordinator for Counterterrorism. 2008. Netherlands. 25 February 2009. <http://english.nctb.nl/what_is_terrorism/Current_threat_level/>. “Current threat level.” Home Office. 2008. United Kingdom. 25 February 2009. <http://www.homeoffice.gov.uk/security/current-threat-level/>. Ganor, Boaz. The Counter-Terrorism Puzzle: A Guide for Decision Makers. Piscataway, New Jersey: Transaction Publishers, 2008. Harris, John F., Mike Allen, and Jim Vandehei. “Cheney Warns of New Attacks.” Politico. 05 February 2009. Capitol News Company, LLC. 25 February 2009. <http://www.politico.com/news/stories/0209/18390.html> “Homeland Security Advisory System: Guidance for Federal Departments and Agencies.” DHS. 28 March 2008. U.S. Department of Homeland Security. 25 February 2009. <http://www.dhs.gov/xinfoshare/programs/gc_1156876241477.shtm>. Jordan, Lara Jakes. “U.S. raises airline threat level to highest level, first time ever, in response to British threat.” Sign On San Diego by the Union Tribune. 10 August 2006. Union-Tribune Publishing Co. 25 February 2009. <http://www.signonsandiego.com/news/nation/terror/20060810-0818-us-terrorplot.html>. Kaplan, Stanley, and B. John Garrick. “On The Quantitative Definition of Risk.” Risk Analysis. 30 May 2006. Society for Risk Analysis. 25 February 2009. <http://www3.interscience.wiley.com/journal/119576327/abstract?CRETRY=1&SRETRY=0>. Khalsa, Sundri K. “Forecasting Terrorism: Indicators and Proven Analytic Techniques.” Lecture Notes in Computer Science, Intelligence and Security Informatics. 25 April 2005. Risk Analysis. 25 February 2009. <http://www.springerlink.com/content/na0blhhe8f20fh05/fulltext.pdf>. “Know-alls: Electronic snooping by the state may safeguard liberty—and also threaten it.” The Economist. 25 September 2008. The Economist Newspaper Limited. 25 February 2009. <http://www.economist.com/world/international/displaystory.cfm?story_id=12295455>. “Part 3: The Shadows in the Cave.” The Power of Nightmares. Dir. Adam Curtis. BBC. BBC Two. 03 November 2004. Patrick, Stuart. “Weak States and Global Threats: Fact of Fiction?” Terrorism and Counter Terrorism: Understanding the New Security Environment. Eds. Howard, Russell D., Reid L. Sawyer, and Natasha E. Bajema. New York: McGraw-Hill, 2009. 88 - 109. Schum, David A. and Jon R. Morris. “Assessing the competence and credibility of human sources of intelligence evidence: contributions from law and probability.” Law, Probability and Risk. 28 August 2007. Oxford University Press. 25 February 2009. <http://dx.doi.org/10.1093/lpr/mgm025>. Taleb, Nassim Nicholas. The Black Swan: The Impact of the Highly Improbable. New York: Random House, Inc, 2007. Willis, Henry H., Andrew R. Morral, Terrence K. Kelly, and Jamison Jo Medby. “Estimating Terrorism Risk.” Center for Terrorism Risk Management Policy. 2005. RAND Corporation. 25 February 2009. <http://www.rand.org/pubs/monographs/2005/RAND_MG388.pdf>.