Countering the Effects of New Age Terrorism on Business and Travel

Businesses must expand their abilities in countering the effects of ‘new age’ terrorism to ensure that their assets remain available and effective to succeed in today’s rapidly expanding global marketplace. The growing frequency of terror-related events and their resulting effects are due in part to the threat’s ability to rapidly change targets and methodologies. Terror organizations now leverage everyday media tools to enhance the motivation and capabilities of their followers while the security industry lumbers behind in mitigating this asymmetrical threat with conventional measures. Although the definition as to what constitutes terrorism are many, the ability to use violence to alter the behavior of those they oppose is typically considered a core attribute. For example, in 2015, MarketWatch identified the impact of increasing acts of violence eliminated a potential $8.2 billion for the travel industry. Last year, Travel Wire Asia posted a study that polled 605 business travelers and 270 corporate travel executives, finding that 67 percent of travelers stated travel to an unsafe region had a negative effect on them. These findings demonstrate that ‘new age’ terrorism is achieving the desired effect with increasing efficiency.

What is ‘new age’ terrorism? In a paper addressing changes in terrorism, Dr. Arvind Adityaraj states: “…the magnitude of violence, lethality and the extensive use of technology to disseminate ideology, indoctrinate, and mold the mind of the youth in their fold…[with] business-like network structures clearly point towards the significant departure of old terrorism.” This is reinforced in research by RAND Corporation, finding: “At one time…terrorists wanted a lot of people watching, not a lot of people dead…but…headlines demanded higher body counts; [with]…hatred and…fanaticism replacing political agendas.” These major shifts highlight that terrorists have evolved from a suite of predictable attack scenarios into highly innovative networks operating in an asymmetrical environment. This ability to change course quickly is the primary obstacle to businesses being as agile as the threat. To effectively counter terror’s macroevolution, businesses must expand their capabilities beyond previous norms. Without establishing and continuously monitoring their operational risk profile, businesses will continue to rely on ad hoc mitigation while enduring the equivalent of “Death by a Thousand Cuts.”

Characteristics, Trends and the Rise of Low-Tech Attacks

A principal characteristic of ‘new age’ terrorism is the ability to capitalize on the significant risk found in a number of areas originating from the increase of social dysfunction in conjunction with technological advances. The RAND Corporation’s Networks and Netwars reports: “…terrorists are on the cutting edge of organizational networking and gaining significantly from the information revolution. They harness technology to enable less hierarchical, more networked designs – enhancing flexibility, responsiveness and resilience to improve offensive operational capabilities for the war of ideas as well as…violent acts.” These capabilities are demonstrated by capitalizing on the large numbers of discontent unemployed or underemployed youth via social media as networked terror groups have created and maintain a level of conflict just short of all-out war. Using this new methodology, terrorists are conducting integrated operations via dispersed nodes without the formalized structure or operational oversight of the past.

Also unlike the past, terror has become a globalized industry. In Dr. Adityaraj’s paper, he asserts: “…The world is witnessing an organized global insurgency of non-state actors aimed at the overthrow of values, cultures or societies on a global level to establish a new world order. With new age technology and an ability to move in open societies, a virtual nation has risen which possesses informational, military and economic instruments of power.” Terrorists are developing clusters of organized networks to achieve their strategic objectives. No longer limited to fixed geographical points, terror has evolved to a scale that can impact large metropolitan areas up to and including global events. Furthermore, fanaticism has surpassed sociopolitical and socioeconomic interests as terror’s primary motivation. Noted historian Walter Laqueur submits that any survey of terror-related casualties reveal not only a growing fanaticism, but also an indiscriminate lust for killing and power. With the advent of dispersed operational nodes, vis-à-vis an inherent need for infamy, ‘new age’ terrorists are operating largely unrestrained.

After almost two decades of conflict, we now face a threat that has the capability to motivate those with shared ideologies to act independently in facilitating terror objectives. The effectiveness of ‘new age’ terror on social media has spawned a persistent threat supplemented by well-trained operatives. These successes fuel the rise of low-tech attacks by at-risk or unstable actors with just enough ability to use everyday items to commit acts of terror. This affirms public and business traveler anxieties while reinforcing decision-maker uncertainties. Just as companies form alliances and networks to provide complex services with common objectives, so have the terrorists. Their small and decentralized teams also increase the likelihood of convergence. This requires improved monitoring as convergence has the potential to exponentially increase threat variations as well as shifts in target selection and attack methodologies.

Monitoring the Threat

All too frequently, when monitoring threats or performing an analysis, no distinction is made between the different stakeholders the output is intended to support and the process’s contribution to business goals. As a result, analysts resourced to monitor the environment inaccurately portray what assets are at risk or how the threat can exploit them. In most cases, terror threats originate from more than one group using different strategies and tactics. Once the who, why, what and how have been analyzed, each threat is prioritized by considering their presence, previous activity and current capabilities to determine the level of risk each represent. At this point, threat motivations and capabilities are monitored for change with decision-makers understanding the absence of indicators should never be presumed as the absence of threats.

Also essential is the understanding that the time and location of every activity presents a unique blend of threats to be monitored. To assist in this effort, it can be helpful to establish an Event Profile of the threat modes, duration, effects and conditions. Another way to aid threat monitoring is through the use of Suspicious Activity Reports. However, one of the most often overlooked resources is establishing relationships and communications with governments, law enforcement and other location-relevant organizations.

Communications are paramount in effectively monitoring the threat and alerting personnel of changes in its intensity. Leadership’s common response to increasing risk is to inform everyone to be vigilant and heighten their situational awareness. Unfortunately, what is routinely missing from this advice is training in how to go about it. Without training, this communication creates the dangerous illusion that risk has been sufficiently addressed while unknowingly creating an opportunity for significant peril.

Reducing Expat/Traveler Risk

It is well known that it is the state’s responsibility to proactively reduce risk to the public and maintain the ability to mount an effective response based on intelligence resources. Also widely acknowledged is that duty of care requires businesses to take all reasonable steps necessary to ensure their employee’s wellbeing. Given the ease of identifying expats and the shared vulnerabilities of travelers in transit, the most effective means to reduce expatriate and traveler risk is for them to learn how to manage their risk profile based on prediction versus response. There are several automated risk management tools available to assist in this effort. Regrettably, this assistance often leads to an abdication of ownership for one’s personal safety by transferring unwarranted levels of reliance onto these technologies. As advanced as many of these tools are, there remains a need to offset the overconfidence in their capabilities. In addressing this offset, regardless of position, it is wise to invest in developing risk management competencies to ensure that every leader and employee understands what to protect, what to protect it from and what to protect it with. In order to leverage these competencies and further reduce the risks in today’s entropic environment, risk management must be treated as a formal business process.

One of the risks for expats and travelers that benefits terrorism is the terrorist’s ability to reach targets with relative ease. Among the factors that contribute to this are loose border controls and the development of transient infrastructure which unwittingly aid and support terror recruitment, fundraising and other logistical functions. As events trending on social media can push unstable actors on the fringe to act, it is important for everyone to know how to quickly recognize and respond to changes in their risk profile. Adding this capability to a business’s duty of care efforts will ensure a requisite level of employee preparedness, enhance and expand risk monitoring and forgo accepting crisis management as the only viable response.

The battle for society’s hearts and minds rages as societal fear and government fragility permit the terrorists to pursue their apocalyptic vision unabated. Although numerous businesses operate within this environment, there remains a resistance to develop and manage their operational risk profile beyond a cursory level. Given terrorism’s effectiveness in exploiting social dysfunction and the resulting consequences of terror-related events on society at large, the evidence is overwhelming that businesses and travelers must expand their abilities to counter the effects of ‘new age’ terrorism; otherwise, brace for impact.

Ransomware and the propulsion of the extortion economy has rapidly eclipsed into a national priority. Recently, we observed the catastrophic impact of a widescale ransomware attack impacting gas pipelines and raising national gas prices overnight.

Organizations rely on application innovation, particularly API-driven applications, to fuel their business transformation and growth. Attackers know this and are constantly looking for ways to find the unfindable and break the unbreakable. They’ve got tools, motivation, and time on their side.