Keeping it simple: how technology shapes the terror threat
- July 5, 2022
- Suzanne Raine
Evolving technology consistently introduces new possibilities for both the attacker and defender. The more inventive terrorists became, the more defensive measures needed to be put in place. As new countermeasures were introduced, terrorists became increasingly inventive to evade them.
In late 1857, the Italian nationalist Felice Orsini visited England and asked a Birmingham-based engineer called Joseph Taylor to manufacture six copies of a bomb he had designed. The bomb used fulminate of mercury and was designed to explode on impact. Orsini tested the bomb in Sheffield and Devon with the aid of Simon Bernard, a French radical. Once they knew it worked, Orsini travelled to Paris, intending to kill Emperor Napoleon III. On the evening of 14 January 1858, Orsini and his accomplices threw three bombs at the carriage carrying the emperor and his wife. They were unharmed, but eight people were killed and 156 wounded; Orsini was executed by guillotine two months later. There followed a brief swelling of anti-British sentiment in France because the bombs had been made and tested in Britain.
What became known as the Orsini bomb was an important step in the development of terrorist capabilities. It was a percussion-triggered, shrapnel-scattering IED and became synonymous with terrorism and insurgency even after the invention of dynamite in 1866. Among others, Orsini bombs were used by Garibaldi in Italy in the 1860s and the Paris Communards in 1871; they were thrown at Isma’il Pasha, the Khedive of Egypt, in 1866, killed at least 30 in Barcelona in 1893, and in 1908 were used by anti-colonial insurgents in an attempt to derail a train in Calcutta. There were elements of Orsini’s design in the bomb which killed Tsar Alexander II.
Critical to the Orsini bomb’s success was not only how effective it was, but how easy it was to operate. It was easy to get the component parts, it was easy to construct and use, it worked well enough, and it could be carried in your pocket. The technique was an enabler; it could challenge the state monopoly on violence. Karl Heinzen, the German revolutionary, had argued in 1853 that radicals needed to ‘devise some sort of missile which one man can throw into a group of a few hundred, killing them all’, which would give ‘a few lone individuals the terrifying power to threaten the safety of whole masses of barbarians’. Now they had it.
Creativity and invention have always been the key elements of a successful terrorist attack. There is no clear correlation between cost and effectiveness, or between complexity and effectiveness. The cheapest and simplest attacks can be just as deadly as those which take time, expertise and money. That was demonstrated, for example, by the attack in Nice on Bastille Day 2016, when a 19-tonne truck was driven into the crowds, killing 86 and wounding 450. It could also be argued that 9/11, the most audacious terrorist attack of all, was devastatingly simple in technical terms.
As new technology developed throughout the twentieth century, terrorists tested how it might be useful to them. Evolving technology consistently introduces new possibilities for both attacker and defender. The more inventive terrorists became, the more defensive measures needed to be put in place. As new countermeasures were introduced, terrorists became increasingly inventive to evade them. The development of defensive measures needed to avoid becoming draconian and paranoid, but also to be as imaginative as the terrorists, particularly since the damning conclusion that the failure to prevent 9/11 had been down to a ‘failure of imagination’. Alongside this escalatory technical competition, there was also a rush to block access to materiel, or enable it to be better tracked, or to introduce comprehensive surveillance capabilities such as CCTV. Thus, in part the story of terrorism since the Orsini bomb has been a race of invention and counter-invention, a race to identify and plug vulnerabilities.
Hijacking has been a tactic since planes first came into regular use; the first recorded hijack took place in 1931 in Peru, when armed revolutionaries approached the pilot on the ground and demanded, unsuccessfully, to be flown to their destination. The first in-air hijack is said to have been in 1942, when two New Zealanders, a South African and a British man overpowered their captors in an Italian seaplane which was taking them to a prisoner-of-war camp. Hijacking of commercial airliners for political reasons grew in the 1940s and 50s, but really took off in the 60s and 70s. As this danger became clear, the US Federal Aviation Administration (FAA) issued a directive in 1961 which prohibited unauthorised personnel from carrying concealed firearms and interfering with the crew. From 1968 to 1972, there were 326 hijackings, mostly in the United States, and this obviously prompted action. In 1970, President Nixon introduced a directive to promote security at airports and electronic surveillance, and in 1972 the FAA issued emergency rules requiring all passengers and their carry-on baggage to be screened. These measures came into effect in 1973, and most of the architecture of modern airports – X-ray machines and walk-through detectors – was installed. Hijackers of the 1970s went to increasingly elaborate lengths to evade X-ray machines, although this sometimes just involved going around rather than through them. The hijackers of the Air France Airbus in 1976 which landed in Entebbe boarded during a stopover in Athens, where there had been no strict control of passengers in transit from other aircraft.
As hijacking became harder, terrorists turned to blowing up the aircraft instead. Pan Am flight 103 from Frankfurt to Detroit via New York was blown up over Lockerbie in Scotland by a bomb onboard, killing all 243 passengers and 16 crew and 11 local residents on the ground in December 1988. The Semtex bomb was believed to have been hidden inside a Toshiba radio cassette player, inside a Samsonite suitcase, and detonated by a barometric sensor triggered by altitude. Semtex is a plastic explosive first manufactured in Czechoslovakia in the late 1950s for military use and commercial blasting, but it was widely exported and was soon favoured by Iranian — and Libyan-sponsored terrorist organisations, as well as the IRA, because it was plastic and odourless and difficult to detect. It became closely associated with terrorist attacks, and rules governing its exportation were progressively tightened. But the critical change was a simple scientific one: in the 1990s, a detection taggant was added which gave Semtex a scent, producing a distinctive vapour signature. Batches of Semtex made before 1990, however, are still untagged, although it is not known how much of this untagged Semtex still exists. The manufacturer states that even this untagged Semtex can now be detected.
The ban on liquids and the requirement for laptops and other electronic items to be screened separately were again a response to the development by terrorists of new techniques to evade screening. In 2006, the British-Pakistani Rashid Rauf devised what has become known as the ‘liquid bomb plot’, planning to use concentrated hydrogen peroxide in ordinary sports drinks bottles to blow up flights from Heathrow to the US and Canada. Rauf’s analysis had been that it was very difficult for airport security measures to detect liquid explosives. The plot was detected before he had a chance to try it. The lasting legacy is that all liquids taken on to flights must be 100ml or less and contained in a single, one-litre capacity transparent bag, measuring 20cm by 20cm. This bag must be sealed and placed in the security tray, separately from the cabin bag. Similarly, the requirement for electronics larger than a mobile phone to be screened separately stems from the discovery in 2017 that terrorists had developed a new concealment method.
On 27 October 2010, a woman dropped off two packages at the FedEx and UPS offices in Sana’a, Yemen, to be sent to addresses in Chicago. Inside were Hewlett-Packard Laserjet printers packed with explosives. The Saudi Minister of Interior, Muhammad bin Nayef, provided the US and UK with tracking numbers of the parcels. One was intercepted in Dubai, and the other at East Midlands airport. In the UK, the printer was subjected to explosives tests, sniffer dogs, X-rays and chemical swabs, and no explosives were detected. They concluded that there was no bomb in the printer. But reports from Dubai made them look again. It had been so hard to find because of the sophistication of the concealment inside the toner cartridge, and the fact that the cartridges were filled with pentaerythritol tetranitrate (PETN), an odourless military-grade white powder plastic explosive, of an extremely high concentration. The bombs had probably been made by Ibrahim al-Assiri, master bomb-maker of Al-Qaeda in the Arabian Peninsula (AQAP). They would be triggered by a mobile phone alarm, activated by the battery, which would send power through a filament and ignite an initiator, causing the PETN to detonate. The device was wired such that the printer would continue to work and the bomb would not show up in an X-ray. Al-Assiri experimented with the construction of non-metallic bombs, and is also thought to have made the bomb carried by Umar Farouk Abdulmutallab, a Nigerian who attempted to ignite chemical explosives sewn into his underwear on a plane between Amsterdam and Detroit on Christmas Day 2009.
These attacks were Al-Qaeda’s closest aviation near misses since 9/11. In November 2010, AQAP published a detailed account of the planning for the printer cartridge attacks in their online magazine Inspire, the aim being to encourage others to conduct smaller but more frequent operations ‘to bleed the enemy to death’. The report gave the precise costs: two Nokia mobile phones, $150 each; two HP printers, $300 each; plus shipping and transport. These incidents underline the difficulty created by the availability of everything, as exploited in AQAP’s summer 2010 edition of Inspire, which included an article titled ‘Make a bomb in the Kitchen of your Mom’. Rather than stopping terrorists acquiring sophisticated capabilities, the challenge became to stop them acquiring everyday objects which might be used to deadly effect. Triacetone triperoxide (TATP) is a homemade explosive and presents, according to the FBI, a persistent threat to public safety because of readily available and inexpensive precursor materials, coupled with widely available instructions (the three chemical components are acetone, hydrogen peroxide and acid, all of which have legitimate uses). Salman Abedi, the man who attacked the Manchester Arena on 22 May 2017, killing 22, bought the components of his bomb online. His first attempt to get a friend to buy five litres of sulphuric acid from Amazon failed because the friend did not have the £76 it cost. The hydrogen peroxide was also purchased on Amazon — by his younger brother, using a debit card of a friend — at a cost of £185.92. Abedi apparently learned how to construct the bomb by watching videos on YouTube. The bomb was packed with nuts and bolts, all easily purchased. Given that the instructions on how to make TATP are so widely disseminated, and the ingredients are all dual-purpose, prevention has to focus on denial of access to those ingredients. One method is to raise understanding in order to help to identify abnormal purchase amounts. Another would be to increase the amount of unfocused surveillance; to use technology against technology. It might, in theory, be possible to set an algorithm to see everyone who buys quantities of ball bearings online, but it would require unprecedented collaboration between tech companies and the state, and would be classified as unacceptable intrusion.
Every aspect of Salman Abedi’s planning was enabled by the internet. We assume he was radicalised at least in part online. He purchased the components, coordinated those purchases with friends, and researched the bomb-making techniques online. And the day after the attack, Daesh claimed responsibility online, crediting a ‘soldier of the Caliphate’. Thus, the entire cycle of the relatively simple real-world attack was facilitated by technology. It enables terrorist groups to communicate, between each other and with the world. It is the vehicle for the proselytising recruitment myths, for publicising and claiming terrorist attacks, for building followers and glorifying deeds. Al-Qaeda’s Inspire and Daesh’s Dabiq magazine (now the weekly Al-Naba) would not exist were it not for the internet. Al-Qaeda were, in fact, early adopters of closed internet forums, where they built a following and learned how to radicalise. To be a successful global franchise, it is important to be seen. Ayman al-Zawahiri, the leader of Al-Qaeda, has typically eschewed such new-fangled outreach, and it has significantly reduced the impact of the brand. He is, however, as far as we know, still alive.
Access to the internet has become a dependency and a vulnerability: if terrorists are connecting then they can be seen, and can be caught. The effect of all-pervasive electronic surveillance is that they can no longer hold meetings in closed spaces, or use electronic communications. Daesh’s media centre in Raqqa was flattened. If having a mobile phone means it is easier to find you, then don’t carry one. Al-Qaeda learned the dangers of the satellite phone early on, and the lowly position of ‘holder of the satellite phone’ was not one the ambitious aspired to. When Afghanistan fell to the Taliban, President Biden suggested that ‘over-the-horizon technology’ would enable the US to continue countering terrorists. Maybe, but the effect of the technical arms race is to drive terrorists to simpler, improvised, non-technical options. The more technical the world becomes, the more the simple attack is most likely to succeed. The most effective terrorists operate without being detected, which means in this day and age that they need to go off-grid.
And what about the next generation of technologies? There will always be a trade-off between, on the one hand, the accessibility and deployability of technology and, on the other, its effect. Weapons of mass destruction have presented real challenges for terrorist groups because of the difficulty of acquisition and use or dispersal. Daesh experimented for five years in Syria and Iraq with drone swarms and the localised use of chemical weapons, and so has developed a battlefield capability. Drones can be bought easily online, although they can also be fitted with tracking technology. Analysts talk wearily about cyberterrorism, noting that it is difficult to see how to achieve a mass casualty effect. There is something naturally more alarming about the sci-fi-style attack than the low sophistication one, so the question is why the lure and fear of technology is not exploited more by terrorists. The answer may be prosaic: high-tech attacks are not yet as effective, or they are more vulnerable to detection.