Critical infrastructure comprises facilities and assets that are essential for the normal functioning of day-to-day life within a country and range from energy and transportation to agriculture and public health.
Extremists tend to view critical infrastructure as an attractive target to create chaos, and induce panic, fear, or terror in society as a pretext for gaining further support for their cause. Terrorist attacks and other malicious acts often target public spaces and other unguarded areas (soft targets), like city centres, pedestrian precincts, transport hubs, shopping malls, parks, bars and restaurants. Due to their open nature, public spaces are characterized by large public attendance and may become an easy target for not particularly sophisticated or costly methods.
Attacks against public spaces constitute a violent assault on our daily lives, resulting in loss of human life, negative impact on the local economy, loss of confidence by the public towards established democratic institutions and longer-term consequences on the very functioning of our society.
The 2008 Mumbai attacks, when ten terrorists assaulted six ‘soft’ sites across the city for a total of 60 hours, killing 164 people and wounding another 300, provide a striking example of how Web 2.0 enabled a new type of global jihadist tactic. This became known as a marauding attack, where numerous targets in a city are hit simultaneously to cause maximum casualties and media exposure while stretching response teams. The attacks highlighted the effectiveness of coordinated, but comparatively less planned, attacks against soft targets by terrorists with relatively basic weapons who were able to communicate in real time, and were willing to die.
On 16 January 2013, heavily armed terrorists stormed the isolated Tiguentourine gas facility at In Amenas, Algeria, which lies deep in the Sahara desert. Thirty-eight hostages were killed during the four-day siege and ensuing rescue operation.
Rising critical infrastructure attacks in the US
In the United States, critical infrastructure, or “assets, systems, and networks, whether physical or virtual, [that] are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof,” are prime targets in violent extremist attack plots.
The storming of the United States Capitol was a riot and violent attack against the 117th United States Congress at the United States Capitol on January 6, 2021. Part of wider protests, it was carried out by a mob of supporters of Donald Trump, the 45th president of the United States, in a failed attempt to overturn his defeat in the 2020 presidential election. Many of the crowd at the Capitol, some of whom had gathered earlier, breached police perimeters and stormed the building. These rioters occupied, vandalized, and looted parts of the building for several hours.
Many became violent, assaulting Capitol Police officers and reporters, erecting a gallows on the Capitol grounds, and attempting to locate lawmakers to take hostage and harm. Five people died from the event, while dozens more were injured. The Capitol was placed under lockdown while lawmakers were evacuated. Two pipe bombs, planted the previous night around 8 p.m., were found within a few blocks of the Capitol. The FBI says multiple law enforcement agencies receive reports of a suspected pipe bomb at the headquarters of the Republican National Committee. Fifteen minutes later, there are reports of a similar device at the Democratic National Committee headquarters.
Salafi-jihadist and white supremacist attack planners attempted to target different critical infrastructure sectors, with the former focusing on the commercial facilities, government facilities, and emergency services sectors, and the latter predominantly focusing on the energy sector. Since 2019, white supremacist attacks plots against critical infrastructure systems have distinctly increased. Between 2016 and 2022, white supremacist plots targeting energy systems dramatically increased in frequency. 13 individuals associated with the movement were arrested and charged in federal court with planning attacks on the energy sector; 11 of these attack planners were charged after 2020.
In June 2022, the U.S. Department of Homeland Security National Terrorism Advisory System
(NTAS) Bulletin warned of a heightened risk of terrorist attacks against public facilities, private
institutions, and critical infrastructure.
The alert also assessed that these risks significantly expanded during the past five years, as domestic extremists developed specific plots against the energy sector. The recent June 2022 bulletin adds to a steady drumbeat warnings from DHS in the past year about the potential for terrorist attacks on critical infrastructure. For instance, a January 2022 memo warned energy stakeholders of potential physical damage to energy infrastructure, explaining that domestic extremists feel more capable of attacking the energy sector without being detained due to the infrastructure’s widely dispersed state.
Then, in February 2022, DHS reemphasized domestic extremists’ renewed focus on targeting electric and communications infrastructure, “including by spreading false or misleading narratives about 5G cellular technology” through Telegram and other media channels. In addition to the increased tactical and operational capacity of white supremacists, law enforcement has recorded numerous Salafi-jihadist-inspired plots targeting infrastructure, including an attack against the U.S. Military Academy at West Point as recently as 2021.
Technological advancements and their applications are increasingly complex and integrated into everyday processes. As cities grow larger and density increases across people, buildings, and infrastructure, a potential increase in the frequency or severity of targeted attacks from foreign and domestic terrorism is a legitimate concern. A targeted attack refers to a type of threat in which threat actors actively pursue and compromise a target entity’s infrastructure. These attackers have a certain level of expertise and have sufficient resources to conduct their schemes over a long-term period. They can adapt, adjust, or improve their attacks to counter their victim’s defenses.
Attacks by international terrorists are more likely to involve the use of improvised explosive devices, of which the three main types are personborne (suicide devices on the person), vehicleborne (which may be suicide or non-suicide devices) or hand-delivered (non-suicide devices initiated typically by timer or remote control). Improvised explosive devices (IEDs) range in size from person-borne small containers, rucksacks and suitcases to larger devices, such as those that are vehicle-borne. The latter may be borne by a variety of vehicles, ranging from bicycles and motorcycles through to large goods vehicles (LGVs). When suicide tactics are employed they allow terrorists to deploy their device (person or vehicle-borne) at the optimum time and place to maximise the impact in locations where a nonsuicide device might be discovered.
An explosion is normally the sudden and violent release of energy caused by an extremely rapid chemical reaction which turns a substance (usually a solid or liquid) into a large quantity of gas (generally at high pressure and temperature). This reaction is typically measured in microseconds. The expanding gas is produced rapidly and pushes the surrounding air out in front of it creating a blast wave. When an explosion occurs at ground level there are several effects created that cause damage and injury. The effects will be dependant on the power, quality, quantity and location of the explosive material deployed.
The six basic effects of an explosion are:
• blast wave: the blast wave is a very fast moving high pressure wave created by the rapidly expanding gas of the explosion. The pressure gradually diminishes with distance but can reflect and diffract around structures;
• fire ball: the fire ball is created as part of the explosion process and is local to the seat of the explosion. It is generally associated with high explosives;
• brisance: this is the shattering effect, is very local to the seat of the explosion and is generally associated with high explosives;
• primary fragments: these are parts of the device or its container (including the vehicle if vehicle-borne) which have been shattered
by the brisance effect and are propelled at high velocity over great distances;
• secondary fragments: these are fragments that have been created by the blast wave. Typical secondary fragments include glass,
roof slates, timber and metal. These can travel considerable distances; and
• ground shock: this is produced by the brisance effect of the explosion shattering the ground local to the seat of the explosion, i.e. creating a crater. The shock wave resulting from the crater’s creation then continues through the ground.
The main causes of fatalities, injuries and damage as a result of an IED are:
• direct weapon effects including primary fragments, lung blast damage, thermal burns and ear drum rupture;
• secondary fragments such as glass, spall (flakes of material that are broken off a larger solid body) and other objects thrown by the blast;
• collapse causing crush injuries; and
• post-event falling debris (including glazing, façade, internal walls etc) damaged equipment and damaged infrastructure which can hinder the speedy evacuation of buildings.
But terrorists are innovative and their methodology can be expected to change over time. Other means of terrorist attack (such as chemical, biological, radiological, or firearms) are also possible and protective security measures can help make a difference. The issues arising from chemical, biological and radiological (CBR) materials are various and complex. However, in essence, the potential problem will be less onerous the more the threat can be excluded from a facility. Key mitigation involves good access control into critical facilities and the protection of air intakes within buildings and its distribution thereafter.
EMP and HPM attacks
Electromagnetic pulse (EMP) device devices are intended to disrupt or destroy the functioning of the power grid and any electrical devices within a particular area. While EMP threats to critical infrastructure are more frequently associated with state actors as opposed to violent non-state actors, at various times during the past twenty years policymakers have been concerned about the potential for violent extremists to harness EMP technology to disrupt U.S. infrastructure. Perhaps the most-discussed scenario for EMP terrorist attacks is the potential for extremists to construct, using fissile material, a nuclear weapon that could be detonated in the earth’s atmosphere to produce a blast of electromagnetic radiation, disabling all electrical devices within a particular radius from the blast.
However, some sources also discuss the construction of a highpower microwave (HPM) device, which uses more easily-accessible components including chemicals and batteries to manufacture a small-scale device. In the latter scenario, a violent extremist group would theoretically be able to more easily conduct an EMP attack, but the disruption to critical infrastructure would be far more limited.
Physical protection of Infrastructure
There is a need to strengthen efforts to improve security and protection of particularly vulnerable targets, such as infrastructure and public places, against terrorist attacks. Public spaces are innumerable and come in many different forms depending on their purpose, their location and their set-up within the urban landscape. Their protection poses great challenges to local law enforcement units, urban authorities and operators, in both technical and logistic terms. An important feature of the protection of public places is achieving the right balance between effective protection and people’s individual and collective fundamental rights. Protecting our public spaces does not mean turning our cities into fortresses, but rather incorporating seamlessly, wherever possible, the measures of protection within the aesthetics of the urban landscape.
To develop public spaces in a security by design framework, potential malicious attack scenarios and the project’s vulnerabilities have to be assessed and addressed from the very onset of the planning and design process, hand in hand with considerations of aesthetics, liveability, use, safety, management etc. Expert advice on appropriate mitigation measures based on assessments of the risk (built up from assessments of threat, vulnerability and impact) will provide enhancements that are appropriate in terms of the risk, cost, aesthetics and usability.
The physical protection of critical infrastructure is a complex process that needs to encompass the entire cycle of a possible terrorist attack. It requires cooperation domestically and across borders. A useful component of a comprehensive strategy to protect critical infrastructure is the capacity to minimize the impact of terrorist attacks thorough adaptation -impact reduction, responses to emergencies, and recovery. The physical protection of the target also involves reduction of the impact in the event that the attack takes place.
In general terms, physical protection of critical infrastructure usually leads to target-hardening, which is intended to make it harder for terrorists to strike against selected targets. A fundamental problem in this context is that terrorists adapt their behaviour to changes in the security landscape.
Physical measures are effective in helping to prevent unscreened vehicles from getting close proximity to a site in need of protection. The physical measures can be localised to the site or encompass a wider area and be combined with other public realm aspirations, such as environmental enhancements, pedestrian, cycle and/or public transport priority. The more that a potential Improvised Explosive Device (IED) can be separated from a building, the less critical the building’s form and fabric becomes.
Security measures are incorporated in the overall urban design project and they are less likely to conflict with existing services and utilities (e.g. gas, water, electricity, telecommunication lines). Costly and time consuming diversions are avoided. To achieve the integration of security into public spaces, architects, engineers, urban planners and security advisers have to work together during all phases of the planning and design process of a public space project.
The implementation of the security by design concept and the development of an appropriate protective strategy call for a vulnerability assessment of the site as well as analysis of potential attack scenarios and their consequences if executed. A scenario-based approach at potential targets serves to channel the complexity of the vulnerability assessment process. A site survey is important to pinpoint existing vulnerabilities and viable attack routes
Planners need to consider multi-hazard approaches, assess potential attack scenarios and adopt the concepts of resilience and robustness especially for building structures. Of course, the probability of occurrence of a terrorist attack is difficult to be calculated as it is also dependent on temporal circumstances (high profile events, attendance, religious or political motivations of the aggressors, momentary state of mind of the attacker etc.) and, in many cases, it is of opportunistic character. Indeed, decision makers will have to accept a certain level of risk as providing protection against all possible threats is not feasible in both economic and practical terms. The definition of the acceptable risk is an important part of the security assessment procedures.
Security measures can be embedded into innovative architectural and artistic concepts. Contextual design can help to integrate protection into the urban landscape. Technological solutions, involving sensors, CCTV’s and artificial intelligence features can give additional security layers that may be also effective against emerging new threats.
Better blast resistance
• external barriers or a strengthened perimeter to prevent a penetrative (ramming) or close proximity (parked or encroachment) attack;
• use of building materials which reduce the risk of fragmentation including blast resistant glazing and structural design which reduces the risk of building collapse; and
• install doors and locks which are better able to withstand entry from armed intruders and provide robust ground floor facade material, which together will help to provide cover for people caught up in a firearms attack.
Better building management facilities
• entrance arrangements which resist hostile entry;
• the separation of general heating, ventilation and air conditioning systems for entrance areas, delivery areas and mailrooms from those occupying the main occupied spaces;
• air intakes that are in a secure area and above first floor level;
• hazardous material stores that are at a safe distance from the building; and
• communications systems (eg public address systems) installed to pass on advice to those caught up in a firearms attack.
Better traffic management and hostile vehicle mitigation measures
• structural measures that prevent access to, or close proximity of, unscreened vehicles to the building or space; and
• measures that reduce the speed of vehicles approaching the site or its defences, like bends or chicanes.
• clear lines of sight around a building;
• absence of recesses on the façade or elevations of a building;
• uncluttered street furniture;
• well maintained and managed litter-free building surrounds that reduce the opportunity for suspicious hidden items and suspect activity to go unnoticed;
• CCTV and security guarding to provide formal oversight;
• orientating the building so that it overlooks public space and neighbouring buildings to support informal oversight by those who use and visit the location; and
• well-managed access points and reception facilities that offer less opportunity for intruders to go undetected and may deter them from taking further action.
• considering counter-terrorism protective security measures at the design stage helps ensure measures work together and do •not displace vulnerabilities elsewhere in a new build;
DHS S&T Announces $36.5M Funding Opportunity for New Center of Excellence
The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) announced a $36.5 million funding opportunity for a new DHS Center of Excellence (COE), Engineering Secure Environments from Targeted Attacks (ESE). Accredited United States colleges and universities are invited to submit proposals as the center lead. ESE will provide academic-led innovation that supports safer, more resilient transportation systems and communities.
“Partnering with universities, S&T delivers practical results by developing multidisciplinary, customer-driven solutions while training the next generation of homeland security experts,” said William Bryan, Acting Under Secretary for Science and Technology. “The challenges we face as a nation are complex. In collaboration with our academic partners, DHS is excited to launch a new COE focused on mitigating long-term threats against our nation’s surface transportation and built environments with novel engineering solutions.”
The ESE COE will research and develop solutions to support DHS counterterrorism and violent extremism operations. The COE will help DHS continue fostering a culture of “security by design” by providing intentional and flexible architecture solutions to thwart an adaptive adversary. ESE will also advance a skilled workforce of scientists, technologists, engineers and mathematicians who focus on homeland security-related issues.
DHS is soliciting proposals from multidisciplinary research and education teams, that will work closely with DHS and other subject-matter experts to develop approaches to strengthen the security of crowded spaces and transportation modalities. The teams will need various combinations of academic disciplines, including engineering, data analytics, and mathematics.
The DHS COEs work closely with DHS operating components to research, develop, and transition mission-relevant science and technology, and educate the next generation of homeland security technical experts. ESE will be required to engage with DHS operational components and fully understand the operational environment to help better identify technical and training gaps. Each DHS COE is led by a U.S. college or university and partners with other federally funded research and development centers, academic institutions, the commercial industry, and other federal, state, and local agencies.