A fatal targeted attack on the CEO of United Healthcare has reignited the conversation about the threat of a grievance-driven targeted attack.
There are two types of violence: affective violence and targeted (predatory) violence.
Affective violence is emotional and consists of a purposeful and goal-directed attack, sometimes driven by the perception of an external threat. This type of violence is seen in pub fights, road rage, and, in some cases, workplace violence.
Targeted, often referred to as predatory, violence is a purposeful and goal-directed attack devoid of emotional stimulus. It is not reactive; it is cold, calculated, and planned.
The fatal attack on the CEO of United Healthcare has all the hallmarks of a targeted, planned attack.
Targeted attacks are often motivated by a grievance and can develop into a fixation. Attackers can become fixated on a person, ideology, or cause.
This is where CEOs, public, and political figures become the subject of a targeted attack. They represent the ideology or cause the attacker is fixated on and with which they have a grievance.
Over the past 25 years, four of the five attacks on UK Politicians have been subject to grievance-driven attacks. On each occasion, the attacker fixated on a cause, and the politician was attacked as a representative of the UK government who was held responsible for that grievance.
A grievance is driven by at least one of the following four emotions:
- Blame
- Loss
- Anger
- Humiliation
When an attacker’s grievance is unresolved or, in their mind, unresolvable, they move towards the attack with the ideation of violence being the solution. This is a significant step on the Pathway to Violence.
After a potential attacker moves from grievance to violent ideation, the next step is conducting research and the attack planning phase.
From the prospect of a potential target, a public figure, a politician or a CEO, this is a critical phase in which they and their security can influence.
The ability of the attacker to source information about their target is a critical factor in their success. The attacker will want to identify as much information as possible about their target. This information of interest will include the target’s movements, planned attendance at a specific location at a time and date, what vehicles they use, images of the target and their family, and other personal identification information (PII) that may include their names, addresses, emails and phone numbers.
One solution that is often considered but provides a false sense of security is a review or audit of what information is publicly available. This can be known as a Digital Audit or Vulnerability Assessment. This service is important because it provides a snapshot of what is publicly available on the Internet, the deep and dark web, social media, and forums. The problem with this process and any due diligence or vetting process is that it is just a snapshot in time.
If such processes are conducted, they can quickly be redundant as new information can be available almost immediately. Data brokers, hackers, advisories and friends can circulate new data and images anytime. This presents a problem that can only be solved by a constant monitoring process.
Starving an attacker of such information creates a challenge when planning their attack. Without knowing where their target is going to be at a specific time, they cannot make an approach and attack.
Understanding the value of physical or protective security is another critical layer in a security plan.
Appropriate security is required at both the place of work and at the home of the target.
A security plan must be layered, with the target in the centre. Too often, CCTV is considered a vital element of this plan, and yet, at least concerning the prevention of a violent attack, it has very little, if any, preventative value. CCTV will do very little to stop an attack; it will record it.
The recent attack on the CEO Brian Thompson was recorded on CCTV; its presence did nothing to prevent the attack but has proven to be a valuable investigative aid.
To contradict this point, CCTV can prove helpful if the attacker’s identity is known and an image has been obtained. This image can be loaded into facial recognition software or used by those monitoring CCTV to direct an immediate response.
The target’s home requires a security review by a specialist with an understanding of how such an attack may occur. The critical factor is preventing the attacker from gaining entry, providing a deterrence until law enforcement or security can arrive. As such, the focus should be on the use of properly designed doors, windows, locks and an alarm system that is monitored and has a response when activated.
An alarm system without a response will ring, eventually having the potential to upset the neighbour sufficiently for them to look out of the window and potentially report the alarm to the police.
Inside the home, a room with a further secure door to which the target and their family can retreat with access to appropriate resources, which include a separate phone line, fireproofing, first aid kit, and, depending on the circumstances, ballistic protection
As a final element, there will, of course, be times when the attendance of a public figure, politician or celebrity will be known in advance. In these cases, the options include personal protection. However, this isn’t the panacea some consider it to be.
This was perhaps most evident in the attempted assassination of US Prime Minister Ronald Reagan, where, despite the presence of a heavily armed, expertly trained US Secret Service close protection team, John Hinckley Jr. managed to fire six shots.
Hotels and conference venues are regularly attended by those targeted.
As a former Counterterrorist Security Coordinator (CT SecCO), I was tasked with protecting many events held in such locations. The security plans for such events required a detailed understanding of the attack methodology and specific training to deliver a coordinated plan that enabled the events to be delivered safely.
Mindful that preventing terrorist attacks requires a more detailed plan that will, in most cases, be more than that required to prevent a targeted attack on a prominent figure, many protocols remain that can be of value. The key element is minimizing the time the ‘target’ is exposed and vulnerable outside the venue. Event organisers must recognise that their responsibilities lie beyond their perimeter, and they will benefit from employing those trained to prevent targeted attacks.
For such advice, please contact me directly at Defuse Global – [email protected]
