In the aftermath of horrific events such as the recent terrorist attacks in Paris, Nice, Manchester, Kabul and London or anywhere else, many of us often have a knee jerk reaction and demand answers; how could such a thing happen, again? Critical experts, popping up in the media, suggest what could have been done to prevent it and which committees or bodies should be established, sooner rather than later to help in the fight against terror. Wherever possible, they point the finger at those who are to blame for not intercepting the terrorists before they struck. Most of the time, however, no single entity can be blamed and no party can take sole responsibility for the failure to prevent the attack.
The majority of the public sees acts of terrorism as proof that the interconnected law and security enforcement agencies and organisations fighting (serious) crime and terrorism – the ‘grid’ – have failed in one way or another. It is also a fact that many people tend to quietly criticise and blame existing systems or their (political) representatives for neither functioning effectively nor being properly organised. It is human nature to try to make sense of horrific events, to classify them as either right or wrong and attach the blame to something or someone. At the same time the average citizen sees but a fraction of the vast number of countermeasures continuously taken by the grid.
The grid’s weaknesses
The crucial components of the existing grid are not just the capacity, competence and commitment of the members and partners, but also the measures implemented to detect suspicious behaviour or actions, and the feeling of appropriate responsibility of each and every individual within the grid. On paper the grid should be capable of monitoring, managing and disrupting any kind of terrorist act anywhere in the world, but the level of integration (size), defined or mandated tasks and outreach (complexity) are its own worst enemy. The size, defined tasks and complexity of our security systems make them so vulnerable that determined hostile organisations, groups or even individuals – the lone wolves – can always find a way to outwit any measures taken. And this has been proven: Some have successfully infiltrated our grid with dire consequences.
In order to tackle the issues we face, we must continuously improve and fine-tune the cohesion and clear lines of responsibility in our grid. The purpose of the grid needs to be clear to all, so that all affiliates stand for a common cause. Each and every person in the chain should be accountable for their part in safeguarding the grid and for fulfilling its purpose: to provide safety and security for all. In other words, the network is in place, but we need to continuously calibrate it and, more importantly, utilise it properly and to its full potential so that it operates at an optimal level.
Unfortunately, too often one of the conclusions is that intelligence was available, but either not shared with the relevant focal points in the grid or worse still, that the value of the information received was not recognised nor processed by the appropriate link in the chain. Often the error is committed when incoming information is interpreted. The general public and the media need to analyse the aftermath of a terrorist attack and find a scapegoat. Unfortunately, the ‘culprit’ is often unfairly blamed as the information they needed to carry out their job effectively never reached them.
To get to the essence of the issue, we need to look at what is at the foundation of all this: organisational communication. According to Wikipedia, human communication, or anthroposemiotics is: the elementary field dedicated to understanding how humans communicate. Human communication is grounded in cooperative and shared intentions. […] Humans communicate to request help, to inform others. Organisational communication is a subfield of the larger discipline of (human) communication studies and can be defined as: ‘the consideration, analysis and criticism of the role of communication in organisational contexts.’
Whether you are talking about intra- or interpersonal, cross-cultural or -border, organisational or group communication (not forgetting body language as an important and influential, but seriously undervalued factor), it all comes down to the interaction between human beings. There is a risk of distortion ranging from trivial to major at every level.
We all experience distortions on a daily basis. For example, you mishear a message or don’t actively listen to what someone is saying, and you consequently fill in the gaps. You then take decisions based on incomplete or incorrect information, sometimes with far-reaching consequences. Distortion occurs all the time and everywhere; in the safe environment of your families and friends as well as in the corporate environment at work. It also applies to the human interpretation, the subjective factor; how something is communicated by the sender and how it is interpreted and valued by the receiver.
A very simple example is email. We all have our own experiences with miscommunication via email, for example when we misconstrue the ‘tone’ of an email, or the underlying thought process and end up misunderstanding the message or become upset or offended when this was not the intention of the sender. Lea Winerman writes about this: ‘Email communication has been widely researched and interestingly roughly 75% of communicators believe they communicate clearly, 90% of the receivers believe they interpret the message correctly, while in fact only 55% of people do.’ Allow these statistics to sink in. This means that more than four out of ten email messages sent are subject to misreading and/or misinterpretation. And this is just emails. Imagine the potential impact of such an error ratio in the field of law enforcement when intelligence or sensitive information is shared.
The human factor
That said, the importance of communication and mitigating the risk of distortion in extremely sensitive communication exchanges, is a primary concern in the grid. We have seen with past terrorist attacks that crucial information was available prior to these attacks, but not passed to the right people or relevant part of the grid in order to prevent those attacks from happening. A striking example is the news that surfaced that crucial intelligence about the ‘Zaventem terrorists’ was available two years prior to the attacks, but not handled correctly at that time. When it goes wrong, the error can often be traced back to the interpretation stage, the part of the process whereby an incorrect interpretation of the data can result in the information being passed to the wrong link in the chain or in a failure to take any action at all, completely halting the data flow.
All law enforcement and security organisations work, for good and obvious reasons, on the basis of factual communication: sharing, collecting, reporting and processing information. However, there is always a human factor involved; it is always a person who makes a decision about whether incoming information is eligible and useful to be shared with the next part of the chain. If incoming information is unfiltered, it needs to be prioritised using a set of rules. If it is filtered already, there were obviously thresholds put in place at some point to define this filter. This process is usually subjective and too often relies on either personal circumstances and experiences with others or the sometimes deeply embedded organisational environment, which expects or even dictates certain behaviour. It might be that the person processing the information has a good professional relationship with a certain partner in the chain which influences the decision of where information is sent. It may not be the optimal link in the chain to share the data with, but in the absence of personal knowledge about a more appropriate partner, the information ends up in the wrong place or is checked against the wrong database or dataset. ‘Wrong’ may be out of date or, due to cutbacks, incomplete with far-reaching consequences. Subsequently, the importance of the information may not be realised and will again face the same situation of not being relayed to the next best possible link in the chain. In addition to this, legal or organisational restrictions may prevent someone from choosing a different, possibly more appropriate channel to pass information to.
Having said all this, the grid has seen many success stories too. Numerous terrorist attacks are being prevented worldwide, even as we speak, based on the extremely hard and arduous work done by law enforcement and security services. Good examples of this are cases like Verviers, Belgium and Rotterdam, the Netherlands. These successes are a direct result of correct information sharing. It should be noted that in the aftermath of a successful terrorist attack the grid generally operates at an optimum level because all parties are focused, motivated and determined to find the ones accountable and prevent recurrence or new attacks. But that high level of focus cannot be maintained indefinitely as human beings cannot remain in a constant state of alert. And furthermore, new potential threats, such as the evolving technology of autonomous transportation, should be considered and monitored, right from the beginning.
The butterfly effect
To enable the grid to tackle the information processing issue and stop further successful attacks, the importance of the content of all the messages must be fully understood. How data are shared within the grid, and with whom, has a butterfly effect. The consequences are far-reaching and can often be fatal. Each link in our security chain needs to appreciate how their actions affect the efficiency of the grid.
The local, regional and national grid, as well as third parties, such as research institutes, financial institutions, forensic scientific establishments and database enterprises, should serve as capillaries and partial grids as much as certain organisations need to serve as arteries on a global scale. The various levels of the grid, obviously only a few of many examples, exist based on the understanding of a need for a cross-departmental, -organisational, -border and even -continental communication and exchange grid.
Yet the human factor is still a crucial part in whether the butterfly effect works in either a positive or negative way.
1 Melander, I. and Pennetier, M. (2015). France in shock after Islamist attacks kill 129. Reuters, 14 November [online].
2 Love, B. (2016). France’s Hollande says Nice attack undeniably of ‘terrorist nature’. Reuters, 15 July [online].
3 Holden, M. and Yates, A. (2017). Suicide bomber kills 22, including children, at British concert hall. Reuters, 23 May [online]. http://www.reuters.com/article/britain-security-manchester-idUSL8N1IP4VE
4 Harooni, M. and Hassib, S. (2017). Sewage tanker bomb kills at least 80, wounds hundreds in Afghan capital. Reuters, 31 May [online]. http://www.reuters.com/article/us-afghanistan-blast-idUSKBN18R0DT
5 Sandle, P. and Smout, A. (2017). London Bridge attack: What do we know so far? Reuters, 4 June [online]. http://uk.reuters.com/article/uk-britain-security-londonbridge-factbox-idUKKBN18V05W
6 Human communication. In Wikipedia. Retrieved 15 June 2017, from http://en.wikipedia.org/wiki/Human_communication
7 Organizational communication. In Wikipedia. Retrieved 15 June 2017, from http://en.wikipedia.org/wiki/Organizational_communication
8 Winerman, L. (2006). E-mails and egos. Monitor Staff, Vol.37, No.2, print version pp. 16. http://www.apa.org/monitor/feb06/egos.aspx
9 Paravicini, G. and Cerulus, L. (2017. Belgian police knew since 2014 that Abdeslam brothers planned ‘irreversible act’. Politico, 28 April [online].
10 Traynor, I., Borger, J. and Topping, A. (2015). Two dead in Belgium as police foil ‘grand scale’ terrorist plot. The Guardian, 16 January [online]. http://www.theguardian.com/world/2015/jan/15/three-killed-belgium-counter-terror-raids-reports-verviers
11 NOS (2016). Rotterdamse verdachte Anis B. deel van Zerkani-netwerk. NOS, 28 March [online]. http://nos.nl/artikel/2095777-rotterdamse-verdachte-anis-b-deel-van-zerkani-netwerk.html
12 Butterfly effect. In Wikipedia. Retrieved 15 June 2017, from https://en.wikipedia.org/wiki/Edward_Norton_Lorenz
Lars van Mulligen started his career with the Dutch police in 1998 and joined Europol’s Forgery of Money & Other Means of Payment unit in 2006. With the establishment of the European Cyber Crime Centre (EC3) in 2011 he joined the forensics team responsible for mobile, computer, currency & (secure) document, video and photo forensics as well as the Underground Banking and Crypto Currencies team due to his ‘other means of payment’ background. Lars will join the private sector as a cybercrime specialist in 2017.