First responders must remain vigilant and be up to date on terrorist threats and the emerging trends in the realm of terrorist attacks. As we have observed through the years, terrorists are always looking for new ways to draw attention to their causes and inflict the greatest amount of harm possible with their brutal attacks.
Cyberthreats and Cyberterrorism
An emerging category of threats that needs to be addressed is cyberthreat/cyberterrorism. Many of us may be sick and tired of being bombarded with information about how Russia interfered with our recent presidential elections, but this intrusion should be of tremendous concern to all of us as a nation. Russia is not the only noted state actor to participate in cyberattacks. The U.S. Intelligence Community has reported that state actors such as China have the ability to launch cyberattacks that can temporarily disrupt for days or weeks localized critical infrastructure such as natural gas pipelines. As the years have gone by, our society has become more and more reliant on technology and has placed our faith in electronic safeguards such as pressure regulation on transmission pipelines and safety device management at manufacturing plants and refineries.
RELATED
Terrorism and Weapons of Mass Destruction Refresher
Protests, Violence, Terrorism, and Firefighting
Hazmat Survival Tips: Terrorism, Sabotage, and Accidents — Is There a Difference?
Russia and China are not the only threats in the cyber realm. Other actors that have been identified include Iran, North Korea, and nonstate actors such as terrorist organizations. The question we need to ask ourselves is, if an entity such as Russia could influence our elections through the cyberrealm, what else are it and others capable of?
![Members of the multiagency response team perform equipment prechecks prior to the start of a large-scale joint terrorism response exercise. <em>[Photos by Jason Rhodes, courtesy of Overland Park (KS) Fire Department.]](/wp-content/uploads/2020/04/2004FE_Angermuller-p01.jpg)
(1) Members of the multiagency response team perform equipment prechecks prior to the start of a large-scale joint terrorism response exercise. [Photos by Jason Rhodes, courtesy of Overland Park (KS) Fire Department.]
(2) Members of the agencies participating in the exercise attend a preentry briefing.
Cyberattack
In 2018, there was a documented cyberattack on a petrol chemical facility in Saudi Arabia. The cyberattack was designed to cause the safety controllers at the plant to fail and precipitate a catastrophic explosion. This cyberattack was detected when specific equipment at the plant started shutting down during normal working hours. During an investigation, malware specifically designed to interfere with the Safety Instrumentation System (SIS) was detected at the facility. It appears that the intent of the malware was to cause the equipment to operate outside of its normal operating parameters until there was a catastrophic failure. Fortunately, fail-safes were built into the system that caused the equipment to shut down instead of operate outside of its designed safety parameters.
During the course of the investigation, it was determined that the writers of the malware had made a crucial mistake in the code that caused the attack to fail. As responders, there is one important question to ask about this cyberattack: Could this type of attack occur in your jurisdiction? The answer is that it certainly can and quite possibly could.
Ransomware
Ransomware is another form of cyberthreat. This type of attack takes over parts of private or municipal computer networks. The attackers demand the payment of a ransom or threaten to delete all data or operating systems. The Baltimore (MD) Communications Center suffered one such attack in March 2018; it caused the CAD system for 911 and 311 to shut down for two days. The perpetrators of this attack demanded 13 bitcoins (equal to $103,000) in exchange for access to their information.
In the past 24 months, there were 184 documented cyberattacks on public safety agencies and local governments across the country. Of these attacks, 23 percent were focused on emergency communication centers. These are notable attacks in that we are relying more heavily on technology for our responses with the use of mobile data terminals and real-time electronic information exchange from our communications centers. These attacks can interfere with or slow down our information-exchange processes. There has been an alarming increase in these ransomware attacks nationally.
(3) Members of the multiagency joint entry team perform a recon of a potential terrorist incident during a large-scale joint terrorism response exercise.
Weapons of Mass Destruction
The Internet has made it possible for anyone to access information on how to plan and initiate a chemical or biological attack, including how to develop the associated product. We must stay current with the changing trends when it comes to chemical and biological weapons.
Among the newest threats are fourth-generation agents known as Novichoks or A-series nerve agents. These agents are unique in that they are more persistent than other nerve agents, they are as toxic as VX, and it could take up to three days before they are detected and symptoms develop. This delay prevents our knowing if a similar attack had also occurred elsewhere, which will have to be determined once we encounter patients who have been exposed to these agents.
When encountering patients, use the acronym SLUDGE (Salivation, Lacrimation, Urination, Defecation, Gastrointestinal upset, and Emesis) to identify potential exposure to these agents. Personnel are most likely to encounter these agents in liquid form. Keep in mind that the agents have a high risk of cross-contamination. The most likely route of exposure is through direct contact with the skin. The A-series agents are environmentally persistent and can be difficult to decontaminate; multiple applications of standard decontamination solutions are often required.
They can be detected using the M8 papers predominantly used by the military, the Proengin AP4C flame spectrophotometer, and the MX908 from 908 Devices. The U.S. Department of Health and Human Services has published a quick reference sheet and medical management guidelines first responders can use. These references are available at https://chemm.nlm.nih.gov/nerveagents/FGA.htm.
Al-Qaeda, ISIS, and Violent Extremists
Many people believe that ISIS and Al-Qaeda no longer pose a threat to our nation and allies. This is incorrect; they are still actively recruiting and looking to stage large-scale incidents like the attacks on September 11, 2001. We need to look at what is occurring overseas and plan on how to respond to these types of incidents here. Multiple attacks that are causing a tremendous loss of life are occurring against our allies.
Al-Qaeda is aggressively recruiting through the Internet and various terrorist organization publications. One of those publications published a photo of the World Trade Center on fire from the 9/11 attacks with the caption, “Some Things Are Too Beautiful To Be Forgotten. Will We Ever Experience Such a Sight Once More?” Through these recruitment measures, Al-Qaeda has been strengthening its global command structure and encouraging attacks on the United States and its allies. The Intelligence Community has documented that although their attacks have been small in nature lately, they still pose a significant threat for us and our allies.
Understanding Islamic Terrorism
An All-Hazards Approach to Terrorism
Bioterrorism Response: Does the Way Forward Lie in Our Past?
ISIS still has a strong presence with thousands of fighters dispersed around the world. As a result of its dispersed membership, ISIS has been able to conduct more aggressive coordinated attacks across the world. As an example, they recently launched a coordinated attack on April 23, 2019, in which multiple bombings were conducted on churches and hotels in Sri Lanka; 321 people were killed. The ideology of ISIS is affecting not only people overseas; homegrown violent extremists (HVEs) in the United States are being recruited as well.
Homegrown Violent Extremists
The following event demonstrates why we need to be vigilant. The Maricopa County Sheriff’s Office substation in Fountain Hills, Arizona, received a 911 call from a young male on January 7, 2019, who requested to talk to a deputy. During the call to dispatch, the caller pledged his allegiance to ISIS. When the deputy arrived, the young male approached the deputy, began throwing rocks, and then pulled a knife on him. The deputy gave him fair warning to drop the knife and comply with his directions; the young man did not comply. The deputy ultimately shot him.
This incident should be an eye-opener to all responders, who are targets for these types of attacks. We must remain vigilant and maintain a high level of situational awareness while out in public and plan for the worst-case scenario.
We must also have an understanding of the HVEs and the lone-wolf aspect associated with them. Typically, these individuals are self-motivated and find information on the Internet from other sources and decide that they want to be associated with that cause and draw attention to it through violence. This was evident in the attack that occurred in El Paso, Texas, that left 22 people dead and 26 injured. This incident is being investigated as a hate crime because of a four-page white nationalist document published online that included racist antiimmigrant remarks. This was the perpetrator’s attempt to draw attention to what he perceived as his cause. When planning for the worst-case scenario, be aware of these types of groups that may be within your response area or in your state. The El Paso shooter drove across the state to conduct his attack. The emergency response agency must be proactive and work with its law enforcement counterparts.
Another alarming aspect of the terrorists’ agenda is the aggressive recruitment of minors in the United States and across the world through the Internet to execute various attacks to communicate their support for their cause. Young teens are vulnerable to the recruitment messages; they are looking to fulfill the basic psychological need of belonging and are seeking attention thorough rebelling.
In March 2018, a 16-year-old ISIS supporter in Saint George, Utah, tried to detonate a homemade improvised explosive device with shrapnel in a backpack during lunch in his high-school cafeteria. No one was injured in this attack; however, when he was apprehended, he stated that his goal was to kill as many students as possible. During the investigation, it was learned that he had watched ISIS videos online, made social media posts supporting ISIS, and claimed to be an ISIS supporter. This incident is just one of many documented examples of minors being indirectly inspired or enabled to conduct an attack by a terrorist organization.
The Unknowns
Human nature dictates that when an incident occurs, we need to understand why the person committed the crime. Lately, there have been two notable mass shootings that left us asking that very question. A prime example is the mass shooting that occurred in Las Vegas, Nevada, on October 1, 2017, in which 58 people were killed and more than 700 were injured. This was the deadliest mass shooting in modern U.S. history. During the course of the investigation, no clear motive for the shooting was revealed. The perpetrator left no evidence indicating why he committed the crime. Local and federal law enforcement exhausted all resources trying to discover a motive. This event had a tremendous psychological impact on all involved as well as people across the country.
Preparedness
The question that arises after reviewing this information is, how do I prepare my organization for attacks like those mentioned above? The best thing you can do is work on your preparedness. Undertake an adequate risk assessment of your community to determine the hard and soft targets. Hard targets are fortified and difficult to penetrate; examples are military bases and high-level security areas. Hard targets lower the risk for attacks, as the facilities are harder to access. Soft targets are places like outdoor sporting events, festivals, churches, and shopping malls. They are easier to gain access to and cause greater harm to the people present; they have a greater psychological impact on the country. Develop a response plan and work with local law enforcement to determine ways to lower the risks in the soft and vulnerable areas.
Strengthen your relationship with the police/sheriff’s department. An alarming number of fire departments do not train or work together with their local law enforcement agencies. You are failing to prepare your organization if your preparedness exercises do not include local law enforcement. Take advantage of the resources available from state and federal agencies including the Federal Bureau of Investigation (FBI) Technical Hazards Response Unit, FBI WMD coordinators, State Regional Hazardous Materials Response Teams, and the National Guard Civil Support Teams.
Multiple publications are available from the U.S. Intelligence Community pertaining to terrorist attacks and emerging threats across the world. Public safety agencies should make sure that they review the documents published and communicate the emerging issues to their personnel. One of these documents is the Worldwide Threat Assessment of the US Intelligence Community, which is published annually. In addition, every public safety agency has a designated person who works with the state fusion center to obtain and disseminate the information that has been deemed critical for your state and your response district.
Bibliography
Chemical Hazards Emergency Medical Management. (2019). Retrieved from U.S. Department of Health and Human Services: https://chemm.nlm.nih.gov/nerveagents/FGA.htm.
Coats, DR. (2019, January 29). Office of the Director of National Intelligence. Retrieved from Statement For The Record: 2019 Worldwide Threat Assessment Of The U.S. Intelligence Community: https://www.odni.gov/index.php/newsroom/congressional-testimonies/item/1947-statement-for-the-record-worldwide-threat-assessment-of-the-us-intelligence-community.
Krauss, NP. (2018, March 15). Retrieved from The New York Times: https://www.nytimes.com/2018/03/15/technology/saudi-arabia-hacks-cyberattacks.html.
Reuters. (2018, March 28). Retrieved from NBC News: https://www.nbcnews.com/news/us-news/baltimore-s-911-emergency-system-hit-cyberattack-n860876.
Schuppe, J. (2018, April 3). Retrieved from NBC News: https://www.nbcnews.com/news/us-news/hackers-have-taken-dpwn-dozens-911-centers-why-is-so-n862206.
The National Counterterrorism Center. (2018, November 29). First Responder Toolbox. Retrieved from Office of the Director of National Intelligence: https://www.dni.gov/index.php/nctc-how-we-work/joint-ct-assessment-team/first-responder-toolbox.
CHRIS ANGERMULLER is a 25-year veteran of the fire service and the deputy chief of operations for the Grand Junction (CO) Fire Department. Previously, he was the assistant chief of the Kingman (AZ)Fire Department, where he fulfilled the role of terrorism liaison officer among his other duties. He has a master’s degree in public administration from the University of Kansas and is a Commission on Professional Credentialing Chief Fire Officer and Chief Training Officer through the Center for Public Safety Excellence. He is a sitting member of the International Association of Fire Chiefs Hazardous Materials Committee.
