Getting Inside the Terrorist Mind

In fighting any war, it helps to "get inside the enemy's mind." In the past, that meant understanding the motivations of a monolithic state enemy like the Soviet Union. But doing that today in combating terrorism is far more challenging, because, in battling al Qaeda and other groups, the United States is dealing with amorphous, ever-changing terrorist organizations.

Putting ourselves in the terrorists' shoes could help us answer a number of questions: When we put in place technological defenses against terrorists, what do they do to get around them? When terrorists seek to develop new technologies, how do they work with other terrorist groups to share information and technologies? And when terrorists target the United States, what guides their preferences?

Three new RAND Corporation studies seek to help answer these three questions, relying on a case study approach of al Qaeda and other terrorist groups to draw out some applicable lessons for policy planning.

Measure-Countermeasure: Defending Against Terrorist Attacks

Nations employ five basic types of defensive technologies to protect their citizens from terrorism by discovering and frustrating the plans of terrorists: information acquisition and management, preventive action, denial, response, and investigation.

But as nations use defensive measures, terrorists use countermeasures in response. Relying on case studies of four terrorist groups, researchers showed that terrorists (1) change how they carry out activities or design operations; (2) modify their own technologies, acquire new ones, or substitute different technologies for the ones they currently use; (3) avoid the defensive technology; or (4) destroy or damage the defensive technology.

Given that terrorists have been successful in using such countermeasures, the analysis suggests that, in designing protective measures, the United States should not immediately assume that the newest and most advanced technologies—the highest wall, the most sensitive surveillance—will best protect nations from terrorist attacks. Relying on a "fortress"—formidable but static defensive measures—is a limiting strategy. Assuming instead that adversaries are adaptive, it makes more sense to rely on a defensive model—a variety of security measures that can be adjusted and redeployed as terrorists discover their vulnerable points.

Disrupting Terrorist Technology- and Knowledge-Sharing

The attacks on al Qaeda after September 11, 2001, have changed the nature of the terrorist threat the United States is facing, leading some terrorist groups that lack the global reach of a pre-9/11 al Qaeda to form regional alliances and to share knowledge and technologies. Relying on case studies of 11 terrorist groups in three regions, researchers sought to understand what made for successful knowledge and technology exchanges as a way of determining vulnerabilities in these technology exchanges. Analysis pointed to three key conclusions.

Threat Assessments Must Focus on Intergroup Dynamics. This includes technology exchange. Terrorist groups thought potential gains or costs in operational capabilities more important than ideological similarities when deciding whether to participate in technological exchanges; thus, threat assessments should focus on operational as well as strategic motivations for alliances. Threat assessments should monitor individuals not just with chemical, biological, radiological, or nuclear expertise, but also those with expertise in conventional attack modes, such as remote-detonation technologies, rockets and missiles, improvised explosive devices, and converted field ordnance.

Terrorists' Innovation Processes Should Be Disrupted. This will reduce the potential for a successful technology exchange. For example, governments have provided safe havens as incentives to get terrorists to participate in peace negotiations, but such safe havens facilitate technology transfers. Tightening porous borders can also help disrupt technology exchanges.

Policies Should Disrupt Trust Among Terrorist Groups. Policies such as blocking payment transfers can affect a terrorist group's cost-benefit analysis of getting involved in technology exchanges.

Prioritizing Targets of Terrorist Attacks

Al Qaeda seeks a restored Caliphate free of Western influence. Clearly, it uses terror as its means. But how does terrorism serve al Qaeda's ends? Understanding how al Qaeda's leadership thinks terrorism gets it closer to the Caliphate might suggest what U.S. targets it may seek to strike and why.

This research posits four hypotheses to link means and ends. The coercion hypothesis suggests that terrorists seek to cause pain, notably casualties, to frighten the United States into pursuing favorable policies (e.g., withdrawing from the Islamic world). The damage hypothesis argues that terrorists want to damage the U.S. economy to weaken its ability to intervene in the Islamic world. The rally hypothesis holds that terrorism in the United States is meant to attract the attention of potential recruits and supporters. Conversely, the franchise hypothesis argues that today's jihadist terrorists pursue their own, often local, agendas, with, at most, support and encouragement from al Qaeda itself. RAND researchers examined each hypothesis by analyzing 14 major terrorist attacks (shown in the figure) and al Qaeda's own statements, as well as by surveying terrorism experts.

Such research suggests that the coercion and damage hypotheses are most consistent with prior attack patterns, expert opinion, and al Qaeda's statements. Although the franchise hypothesis fits most of the post-9/11 attacks, unless franchises are active in the United States, that fact may not indicate what the next attack in the United States might look like.

Indeed, given al Qaeda's current resource limitations, such an attack may well favor using suicide bombers and could focus on soft (poorly defended) targets. Attacks on the food industry, particularly the agricultural sector, and the use of radiological dispersion devices merit attention.