April 2017 Digital Edition
March 2017 Digital Edition
Feb. 2017 Digital Edition
January 2017 Digital Edition
Nov/Dec 2016 Digital Edition
Oct 2016 Digital Edition
Why forecasting terrorist warfare is important
Dr. Joshua Sinai
It is possible to forecast the types of warfare that one’s terrorist adversary is likely to conduct, whether as an organized group or as “lone wolf” operatives. Such a forecasting capability is especially crucial when complete information about one’s terrorist adversary is lacking. This is important because several recent high visibility terrorist attacks could have been pre-empted and thwarted if the intelligence and law enforcement agencies that were tracking these groups and operatives had possessed such a forecasting capability.
Examples of such missed opportunities for intervention where the “dots were not connected” prior to terrorist attacks include 9/11, the April 2013 Boston Marathon bombing and the May London Woolwich killing of a British soldier. In each of these plots at least some of the perpetrators were known to counterterrorism authorities, but they were not at the time expected to “go operational.”
In such situations, where information may be incomplete about a suspect’s potential violent activities, forecasting methodologies and techniques are especially crucial because they outline and map the agendas, intentions, activities and phases that terrorists are likely to undertake to carry out their operations.
Methodologies that are valuable in forecasting terrorism include (but are not limited to):
Geo-spatial analysis which applies statistical analysis and other informational techniques to predict the geographic location and frequency of future terrorist attacks by accumulating such data on a group’s previous operations. One drawback of this methodology is that it may have a higher predictive value in regions where terrorist incidents are frequent, such as Afghanistan or Iraq, than in regions where they are rare, such as Boston.
Data mining surveillance forecasts terrorism by “mining” large volumes of data in government and private sector databases. It attempts to uncover anomalies and potentially suspicious behaviors and transactions that might indicate progression towards possible terrorist activity by individuals, whether operating as “lone wolves” or with associates who might be part of such plots.
Project management approaches a terrorist operation as a project management model, consisting of estimated tasks that need to be completed (whether in sequence or in parallel with each other), precedent relations between tasks, and task schedules. These tasks are operationalized through PERT and Gantt charts, with Monte Carlo sampling and Bayesian probability formulas to estimate the state (or schedule) of a potential terrorist operation and the intervention points to thwart it.
Social network analysis (SNA), a next generation version of link analysis, extracts, correlates and then visualizes sets of data about different types of relationships between individuals who might form terrorist networks, whether as networked clusters (region-based), hubs (group-based), or nodes (cell-based). Although they may not have attained such a capability at present, eventually SNA tools are expected to incorporate biographic, psychological, demographic, religio-ethnic, and other relevant social data in order to map more complete dynamic relationships and profiles of individuals who might comprise a terrorist network.
Analysis of competing hypotheses (ACH), the fifth forecasting technique, is primarily an analytical methodology and is not yet fully developed as a software application. It attempts to generate the best available information about a terrorist adversary’s potential warfare based on uncertain or incomplete data by using a matrix to identify at least three alternative potential hypotheses, against each of which data is collected to validate or disprove them.
Additional forecasting techniques include scenario analysis, a methodology to analyze possible future terrorist operations by considering, like ACH, alternative possible outcomes (or "alternative worlds"), and red teaming (also known as war gaming), in which a red cell plays the role of a terrorist adversary in order to understand its operational perspective.
While each of these techniques are valuable on their own, a comprehensive forecasting capability can be attained by integrating them (as well as others) into a mega suite of tools -- a sort of “TurboTax” for forecasting -- in which each technique will support each other. This can be achieved by formulating a standardized set of forecasting indicators and then overlaying them onto these tools.
For example, a four-phased forecasting model can be developed, based on the phases of group formation, planning an operation, developing a warfare capability and executing an operation, with each of these phases further broken down into their component early warning indicators. The first phase would include indicators such as types of groups, nature of their leadership, strategy, propaganda, funding, areas of operation, foreign group linkages, and activities on the Internet. Indicators such as nature of their recruitment and training would constitute the second phase. The third phase would include the indicators of acquisition of precursors and material, development/production, weaponization and storage facilities. While the fourth phase would include indicators dealing with tactics, logistics, targeting, as well as triggers and internal and external hurdles that might constrain their operations during the pre-incident phases.
While such techniques are capable of forecasting a terrorist adversary’s likely general warfare, predicting the specific dates, targeting and locations of their attacks is more difficult, although still possible. As an example of how future attacks can be predicted, it is known that terrorist groups regard certain historical dates as especially significant, which makes them likely to attack their adversaries on those dates, as an Al Qaeda affiliate did on September 11, 2012, when they attacked the American consulate in Benghazi, Libya, for which an effective predictive/forecasting methodology might have raised early warning flags for pre-incident intervention.
A forecaster also needs to deal with randomness, rare events and surprises in terrorist warfare. A terrorist group that is confident in its warfare capability might decide to carry out infrequent, but catastrophic attacks, while one that is weak may feel forced to carry out frequent, but low-casualty attacks to demonstrate its continued relevance.
Similarly, a group that has difficulty deploying its operatives on overseas missions due to the hardening of borders by its adversaries, might decide to call on its adherents in those countries to carry out attacks on their own, even if they may be less capable. This may be one of the reasons that Al Qaeda’s Inspire magazine has called on its followers to conduct operations in their home countries, thereby leading to Boston Marathon and London Woolwich type attacks.
Dr. Joshua Sinai is a Washington, DC-based consultant on counterterrorism. He can be reached at: