The attempted bombing of Northwest flight 253 on Christmas Day was no success for al-Qa`ida, but it was no success for U.S. counterterrorism authorities either. The United States’ Intelligence Community (IC) and counterterrorism agencies had at least two opportunities to deny Umar Farouk Abdulmutallab from succeeding, his U.S. visa could have been revoked or he could have been stopped at the boarding gate by being placed on the Transportation Security Administration’s No-Fly watchlist; instead, it was pure, dumb luck that almost 300 people were not killed on Christmas day. Luckily, Abdulmutallab was an inept operative and the detonator was of such miserable quality that it failed to work properly. The planners and bomb-makers of al-Qa`ida are not idiots. They operate much like military planners do around the world. If an operation is not executed properly they go back to the drawing board, learn from their mistakes, implement the necessary changes, and go at it again. There is no shortage of shuhadaa willing to martyr themselves for the cause and eventually they will catch us off-guard, just like Abdulmutallab did, and then we might not be so lucky.
Why did the Christmas attack fail?
Al-Qa`ida’s traditional method of attack includes complex, simultaneous attacks. They do this for two reasons. One, it ensures one or more attacks succeed. We cannot guard everything, everywhere and, just like drug trafficking organizations, they play the percentage game where for everyone one or two that get caught, three or four succeed. Second, the more attacks that succeed simultaneously, the more we have to stretch our response assets, thus eliminating any redundant response systems we might have in place and straining the entire system. That was not the case in the Christmas attack. Why? More than likely it was because Abdulmutallab’s handlers in Yemen are not as sophisticated as other al-Qa`ida planners such as Khalid Sheikh Mohammed, Abu Zubaydah, or Muhammad Atef. However, the Christmas attempt could also have been simply to test airport security or the effectiveness of the device in defeating airport screening. According to media reports, Abdulmutallab has told investigators there are many others just like him ready to carry out attacks against the United States or its interests. It is possible Abdulmutallab was conducting a reconnaissance of airport security and was prepared to exploit any deficiencies he found, which he almost succeeded in doing. CNN reported on Friday there appears to be a “palpable level of angst” among intelligence officials and that those officials believe “there are a lot of” other potential bombers out there with the training needed to carry out another attack.
Why did we fail?
Today’s al-Qa`ida is not the same al-Qa`ida we faced on September 10, 2001. Today we face a multifarious, geographically diverse enemy, beholden to an ideology and not to a person issuing commands from a cave in the Hindu Kush. As a result, the operators and planners we face are as varied as their locations, presenting a heterogeneous organism that evolves and adapts faster than we can imagine, or at least faster than we can react. It is for that reason that the single most important aspect of national security we have at our disposal is information sharing.
John Brennan, the Deputy Assistant to the President and Deputy National Security Adviser for Homeland Security and Counterterrorism, led a preliminary review of the Christmas Day attack. The findings of that review were published last week and outlined nine shortcomings that, together, nearly led to the single deadliest attack on American soil since 9/11. The premise of these findings is that, while there was enough information within the IC and it was properly shared to identify and watchlist Abdulmutallab so that he could not have boarded a flight to the U.S., the analysts responsible for doing so failed to “connect the dots.” Most importantly though, the only agencies listed in the findings are CIA and NCTC; one whose mission lies outside America’s borders and the other who was created to help the Director of National Intelligence (DNI) coordinate information between agencies, not to act as an operational component of the IC, which is what it has effectively become. Though the report states there was not an information sharing problem, the one department created and charged with homeland security, DHS, is not even mentioned because they were not part of the equation, thus clearly demonstrating a lack of information sharing. How can you have a cabinet-level department whose singular mission is to protect the homeland and not even mention it in the report unless the information was never shared with it to begin with?
This is not the first time the IC’s lack of information sharing has resulted in an attack. We saw Major Nidal Hassan succeed in killing fellow Soldiers at Ft. Hood because information gleaned by FBI and DOD was deemed inconsequent and not shared with the experts on extremism and radicalization at DHS. These agencies, lacking experts in the fields of extremism and radicalization, viewed Hasan’s activities from a law enforcement perspective; “was he committing a crime?”
Similarly, Carlos Leon Bledsoe, the Muslim convert who shot and killed U.S. Soldiers in front of a recruiting office in Little Rock, AR in June last year had been under FBI investigation since he returned from Yemen, allegedly for being in Yemen and his arrest there for possessing a Somali passport. Everyone today understands how critical Yemen is in the fight against al-Qa`ida’s ideology and the fact this individual was there and possessed a Somali passport—Somalia has not had a government since the early 1990s and any Somali passport being used today is going to be outdated and/or fictitious—would raise “red flags” with extremism and radicalization experts who have known about Yemen and Somalia since the 1990s. But again, that information was never shared outside FBI channels, who were simply looking for criminal activity. Unfortunately, they got their criminal activity, at the cost of two Soldiers shot, one of whom died.
How do we fix the system?
Any recommendations on addressing the identified problems need to focus on the failure to share information and any effort to truly secure the homeland must not only include DHS, but must put it first, otherwise, we are no better off than we were on September 10, 2001.
There is no one solution to securing the nation; there are multiple layers of security that must be coordinated effectively and that have to change their posture on an irregular basis so as not to establish a pattern that al-Qa`ida can identify and exploit. There are many so-called experts and a plethora of politicians that think they know better than the real experts; those men and women that are out there everyday implementing the rules and procedures that have thus far, except in a few instances, kept al-Qa`ida from executing another 9/11-style attack. The best thing Congress can do is to allow the departments and agencies implementing our national security the flexibility to do their jobs. One thing we definitely do not need is more oversight.
I am sure there will be no shortage of individuals attacking my assessments and recommendations. I will simply preface my recommendations with this: all plans and solutions look good on paper; it is how they actually work when implemented that matters. The assessments below are based either on personal experience or on interviews conducted with individuals who actually work in these departments and agencies and intimately understand how they work on a day-to-day basis.
First, DHS must be the lead federal agency when it comes to homeland security. While the FBI has the legal authority to investigate all terrorism-related incidents, DHS must have the legal authority to conduct all intelligence-related operations. Only when the intelligence points to an active plan to carry out an attack should the FBI become involved. Currently, if FBI decides someone is a terrorist or has terrorist connections they open an investigation, essentially eschewing intelligence as a tool. Once they open that investigation they severely limit with whom that information can then be shared, which was the key failure behind 9/11 and the primary reason DHS was created. This even includes state and local law enforcement officials who may have critical intelligence related to the individual in question or who would benefit from simply having situational awareness. I am not sure if FBI is still wrapped in the institutional mindset that they are the premier law enforcement agency, like they were before 9/11, or if it is just the idea that they want all the glory, but due to privacy concerns and civil liberty issues, the law enforcement aspect and terrorism intelligence piece of FBI need to be completely separated. DHS should operate the only domestic terrorism intelligence agency.
Of course, the argument will be made that there are DHS and state and local law enforcement liaison officers assigned to NCTC and that this is where the information is shared. Unfortunately, the majority of the information is restricted to only those liaison officers; in most cases they are not allowed to pass the information back to their parent departments or agencies. The liaison officers are just that, liaisons, not necessarily the subject matter experts. The experts reside with the parent departments or agencies and do not receive the information. The creation of NCTC as an analytic, operational component of the IC basically created another stovepipe where information is gathered and never shared, at least not in a timely fashion.
Second, the DNI, through NCTC, needs to assert his power over the IC, demanding that information sharing not only be uppermost in everyone’s mission statement, but also in their daily activities. NCTC needs to stop trying to become an operational component of the IC and focus on coordinating products and missions between other members of the IC. As it stands right now NCTC acts as if it is simply a new component of the IC; the manpower of NCTC is way over its original authorization. Instead of developing their own studies and products, they should concentrate on ensuring the departments and agencies responsible for various topics are tasked with the development of the necessary products or provide the required answers. When there is a challenging problem, they should focus on bringing the subject matter experts from around the IC together to work on them. Unfortunately, many IC agencies are understaffed because they are providing personnel to NCTC and DNI. Once the project has been completed those experts should be released back to their parent organizations. And finally, while they are working at NCTC, these analysts should be authorized to share the information with their home agencies and not be hamstrung behind soundproof walls. As Jean-Louis Bruguiere, France’s leading magistrate investigating terrorism from 1981 to 2007 wrote in a New York Times Op-Ed last week, “Often, it is the small, apparently trivial sign lost in the avalanche of data that forewarns of a coming threat. The more trained eyes there are on information, the more likely that sign is to be read.”
There is an old saying that “knowledge is power.” And information is knowledge. Inside the Washington, DC beltway information is the “holy grail.” The person with the most wins. While the leaders of our intelligence and counterterrorism departments and agencies are professionals, they are also political appointees and are always looking for the edge. The further we get from 9/11, the more these departments and agencies will begin to revert to their old ways. If more emphasis is not placed on removing the barriers to sharing information and certain departments and agencies are allowed to re-build their pre-9/11 fiefdoms, the more vulnerabilities will be created that will allow those multifaceted, al-Qa`ida associates of Umar Farouk Abdulmutallab to exploit our individualistic system and execute an operation. And unless we learn from this most recent intelligence failure, al-Qa`ida will eventually succeed.