Enemies innovate, particularly open source networks like ISIS.
That's a given. It's what you do in response to that innovation that matters.
That's where we are at right now. As I've been writing (1, 2, and 3), it appears that ISIS has found a way to solve the biggest problem with networked terrorism. A reliable way to span the gap between online support and physical action that isn't easy to detect. A online zero to terrorist "hero" ritual.
They accomplished this by building a formalized ritual that combines initiation (a self-planned attack) and a public pledge (a formal lifelong, irrevocable pledge of fealty to the Caliph), and acknowledgement (redemption, acceptance, and honor). It appears to work. For example, here's what Omar Mateen said on one of his telephone conversations. Note how important the pledge is to Omar in this public record of the call.
Orlando Police Dispatcher (OD): Emergency 911, this is being recorded.
Shooter (OM): In the name of God the Merciful, the beneficial [in Arabic]
OM: Praise be to God, and prayers as well as peace be upon the prophet of God [in Arabic]. I let you know, I'm in Orlando and I did the shootings.
OD: What's your name?
OM: My name is I pledge of allegiance to Abu Bakr al-Baghdadi of the Islamic State.
OD: Ok, What's your name?
OM: I pledge allegiance to Abu Bakr al-Baghdadi may God protect him [Arabic], on behalf of the Islamic State.
OD: Alright, where are you at?
OM: In Orlando.
OD: Where in Orlando?
[End of call]
The same process was seen a day later outside Paris by an attacker who killed two senior members of the police.
A New Wave of Terrorism?
With this methodology in place, ISIS has the ability to bypass the security procedures that were effective against attacks from the remnants al Qaeda, and strike US and EU targets. Let's dive into the numbers. According to a George Washington Univ study from December 2015 on ISIS:
- 300 active "recruiters" online in the US.
- 250 have been stopped, attempting to leave the US to join ISIS in Syria.
- 900 active investigations into ISIS supporters in the US.
- 71 have been charged, 56 in 2015. Of these 86% were male with an average age of 26.
If ISIS has developed an online ritual that can turn supporters into active attackers without exposing itself to security services (travel, planning, chatter, etc.), how many new attacks might occur?
How bad could this get?
If only 20% of the people who were stopped travelling to join ISIS in Syria to risk their lives as fighters conducted this ritual, we could expect 50 new attacks. A mere fifty percent of people who have already chosen active participation and were willing to put their lives at risk, that would mean 125 new attacks. I suspect we could see many more than that if this takes hold.
Unfortunately, the US government (with the media's support) has been defensive. It is claiming that ISIS was not involved -- mentions of ISIS, Islam and al Baghdadi were redacted from the Orlando transcript It is even making the case that this is merely a run of the mill "postal" (insanity + easy access to guns) attack. The reason for this? The US government doesn't want to admit that the US counterterrorism strategy has been on autopilot for a decade and that it has now failed.
This isn't the answer. There is only one response to an enemy's innovation.