Less than 20 minutes before the El Paso, Texas massacre began, the shooter is believed to have posted a racist, anti-immigrant screed to the dark website 4chan, popular within white supremacy circles. The screed also cited, as inspiration, the March 2019 mass shooting in Christchurch, New Zealand, that killed dozens of Muslim residents of that country.

Many claim that the incident is a symptom of a much larger problem. “A deeply concerning issue in the U.S. is the rise of white supremacist extremism. The white supremacist groups are emulating and using the same tactics that ISIS and al-Qaeda used to reach the younger population and radicalize people,” says Paul Goldenberg, a highly decorated law enforcement and national security professional. Through his work as a member of the U.S. Department of Homeland Security Advisory Council (HSAC), he has played a key role in setting domestic and international policy for the legislation and investigation of hate crimes, insider threat, countering violent extremism and information sharing. Goldenberg is also a Senior Fellow with the Rutgers University Miller Center for Community Protection and Resilience, Distinguished Visiting Fellow for Global Security for the University of Ottawa and former head of Office for Security and Cooperation in Europe (OSCE) transnational policing program.

“This radicalization process does not happen overnight. These extremist groups reach the young and disenchanted from around the country and across Europe to carry messages of hate,” Goldenberg notes.

How have social media and the Internet provided extremist and radical groups the means to spread their ideologies? And what are the challenges with identifying and countering these groups and what threat assessment tools are available that may aid in detecting radicalized individuals?

A Breeding Ground

According to Goldenberg, extremist groups are leveraging social media and the Internet to radicalize people. “As wonderful and as useful as the Internet is, it has become a ‘breeding ground’ for those who are seeking to further their messages of hatred, bigotry and violence,” he adds. “Many of the recent mass shootings in the U.S. took place in mosques, synagogues and churches. All of the perpetrators involved in these mass shootings clearly shared their manifestos and their intentions on websites such as The Daily Stormer, Stormfront and 4chan. Even more concerning, during the actual massacres, they videotaped or livestreamed their actions to further leverage the web to reach a wider audience,” he says.

The Internet has and continues to transform many aspects of radicalization, says Daniil Davydoff, who leads the intelligence service line at AT-RISK International. Davydoff’s team is charged with conducting open-source intelligence (OSINT) investigation, analyzing global trends, developing and staffing intelligence programs and delivering on-demand consulting projects pertaining to security and risk issues.

“The Internet is an easy-to-access source of information for anyone interested in extremist ideas,” he says, “and a place in which communication and collaboration between radicalized individuals from around the world – both likeminded and not – can take place without much effort.” Davydoff adds that in conducting research on “incel” message boards about a year ago, he saw a very friendly conversation between a person who believed in extreme right-wing ideas and a supporter of radical Islamic tenets. “This kind of odd-pairing and exchange is less and less unusual.”

Challenges with Extremism

Many of the trends associated with virtualization of extremist ideologies create difficulties for security professionals, claims Davydoff. “Identifying ideologies and their tactics has become tougher because they are now fluid,” he says. “Ecofascism, for instance, is a hodgepodge of ideas that were not actively paid attention to until after the 2019 Christchurch mosque shooting in New Zealand. The rapid growth in extremist online material generally makes detection difficult.”

Identifying individuals and tracking conversations has also become challenging as supporters of extremism are increasingly careful with their online privacy and many use systems of code and lingo that require serious study to spot, he says. “The mainstream social media platforms have tried to keep up by booting extremist individuals and groups off their systems, but it is an uphill battle. What is more, there is now an universe of alternative online and messaging platforms as well as the dark web, which are utilized for conversing and crowdfunding. In many cases, dialogue in these virtual meeting spaces is restricted to members and is hard to access for security professionals,” he adds.

These challenges become particularly acute when it comes to countering planned attacks, he says. “Extremists now tend to borrow tactics from each other, meaning that attack types are harder to predict and can range from the low-tech (vehicle ramming) to the high-tech (cyberattacks). There may also be less of a warning than before. Some recent attacks were preceded by an online announcement minutes before they occurred,” he adds.

Goldenberg says the “If You See Something, Say Something®” campaign needs to be much better conveyed and embedded within the American workforce and those in the security industry, particularly individuals who are responsible for large security enterprises. “There needs to be infrastructure in place to train and teach people to immediately report or share concerns or information with others when they feel that their co-workers are becoming radicalized.”

“Enterprise security has the opportunity to now train their workforces, constituents and employees with tabletop scenarios,” he says. “What we need to do is very much like a virus – immunize our population against viral hatred and provide them with the tools and resources to empower themselves to understand how they can prevent violent acts.”

Risk Assessment

According to Davydoff, there are countless academic and government studies that have identified radicalization or extremist risk factors among individuals. These range from the political, to the socio-economic, to the psychologic. “Study of such research is important for understanding past patterns, but there is no predictive profile,” he notes. “The mix of factors that leads an individual down the path from holding extremist beliefs to committing violence is highly individualized, so security professionals should evaluate on a case-by-case basis. This is where threat assessment can be helpful because it looks in a holistic way at clusters of behaviors, as well as the external environment and context shaping them.”

There are, however, many criteria that professionals can consider when assessing a threat. These include, among others, “a previous history of violence, substance abuse issues, mental health or disorder concerns, and the nature of the grievances and the threats made. There are also observable behaviors that may indicate an individual is getting closer to committing violence,” Davydoff adds. “Such behaviors might be making concrete plans to attack, committing smaller violations in preparation for a more significant act, as well as communicating that violence has become the only option,” he says.

It’s important that none of these criteria should be looked at in isolation, he warns. “The best way to learn how they interact is probably to join the Association of Threat Assessment Professionals (ATAP) – an organization devoted to sharing best practices on making threat determinations. The professionals in that group are experts in deciding whether the threat is just “posed” or real.”

Some other resources available to security professionals that may aid in assessing risk or early detection of radicalization include social media intelligence management platforms, such as Echosec, LifeRaft Navigator and ONTIC, he says. “Intelligence teams can wade through online threats on their own, but these tools make consistent long-term monitoring much easier, especially for enterprises that extremists or others may seek to target.”

On the assessment side, he says, there are tools such as the Terrorist Radicalization Assessment Protocol (TRAP-18), a guide that can help enterprise security evaluate the threat posed by lone wolf actors. “There are also many other assessment protocols for workplace violence and violence risk generally, such as the HCR-20 and WAVR-21,” Davydoff says. Although, he warns, both intelligence and risk assessment tools should be used by trained professionals, as both the language of threats and individual violence risk factors are very easy to misinterpret.

Goldenberg argues that security professionals need to be empowered and better trained to provide them with all the capabilities needed to identify and respond to radical individuals. “Prevention programs need to reside at the local level, but the security professionals should be able to receive information that someone is at risk of being radicalized or is radicalized.”

Numerous studies, he claims, have confirmed that peers with the closes proximity to individuals at risk of radicalization to violent extremism are uniquely positioned to be the ones to detect and further prevent and counter the radicalization process. “Security professionals have the capability to be properly trained to understand this process. They need to leverage all resources available, including training provided by the DHS and the FBI, as they are the first responders and the ones on the front lines.”

COVID-19 and other Threats

Now, particularly, marginalized groups are becoming more engaged and involved in the mainstream, warns Goldenberg. “We’re seeing an increase in these threats, especially during COVID-19 as more people are living in fear about their health, future and the economy. The pandemic has accelerated the conspiracy theorists, so radical and extremist groups are seizing this moment to further spread disinformation with the goal to recruit and grow their constituents,” he says.

COVID-19 is going to change everything, especially for security professionals, Goldenberg says. “Enterprise security will handle post-COVID-19 security concerns or situations, so the security professional needs to ensure they keep up, in real-time, with the data and information, particularly as it appears to be impacting the workforce.”

Those in the industry should be greatly concerned about the adverse effect disinformation has upon our youth as well as the  general  public, he adds. “Nearly 57 million Americans are quarantined, bored and in search of social media sites that they hope will occupy their time. Deprived of the traditional societal support from trusted adults such as teachers, clergy, counselors,  our young  are susceptible to media savvy violent extremists, conspiracy theorists and militias hoping to use the pandemic to further their agendas.”

Finally, while being vigilant regarding violent extremist ideologies is important, says Davydoff, “we should not forget that geopolitical competition with China and its brand of communist ideology is perhaps the greater long-term threat to overall national security.”

Considering this competition — as well as other state-sponsored ideologies — he says, “Enterprise security would do well to remember that ideological motivations can lead not just to violence but to other manifestations of insider threats. The risks of corporate espionage and sabotage, for instance, are especially prevalent and require implementation of proactive initiatives such as technical surveillance countermeasures (TSCM) programs.”

Overall, countering extremism at the community, national or global level is very difficult, says Davydoff. There isn’t a formula, and as a result, there are many ongoing debates about how existing initiatives can be improved. He says that “increasing awareness of extremism, enhancing communication with vulnerable communities, pursuing scientifically sound research, expanding socio-economic development, implementing innovative de-radicalization or de-engagement initiatives, and re-evaluating definitions of extremism are all, to some extent, part of the package.”