Home>Security>Cyber Crime>Fighting back
Home>Security>Terrorism>Fighting back

Fighting back

15 April 2017

In the wake of recent terrorist attacks at home and overseas James Kelly looks at some of the most important elements of counter terrorism.

LAST YEAR was a tumultuous one, with severe terror attacks taking place all around the world, from Syria and Iraq to closer to home, in France, Germany and Belgium. As such, the current threat level in the United Kingdom remains at ‘severe’, emphasising the importance of effective counter-terror measures in helping to protect people and infrastructure from the ever-increasing threat of terrorism. This threat level was sadly proved to be correct with the recent terrorist attack on Westminster Bridge in London.

As well as explosives and automatic rifles, terrorists have now begun to use Heavy Goods Vehicles (HGV) to carry out their attacks. Last July, on Bastille Day in Nice, France, a terrorist used a lorry to mow down revellers, killing 84 people and injuring hundreds of others in the deadly rampage. Then, in December last year, a terrorist killed 12 people and injured 49 after crashing a lorry into a crowded Christmas market in Berlin. In both attacks, the HGV was the weapon of attack and caused significant damage. Both events were also hosted in open public spaces, making them more vulnerable to outside threats. Discussing the incidents, senior risk analyst at G4S Risk Consultancy Alan Meyrick explained: “The main focus of such attacks are in public open spaces and during temporary events, such as markets, outdoor music events and festivals. These are all sites that have limited permanent perimeter security and so are considered ‘soft targets’, thus increasing the likelihood of mass casualties.”

He continued: “It may be that, in the future, government offices, businesses, diplomatic embassies and Critical National Infrastructure are targeted, however, many of these sites already have robust Hostile Vehicle Mitigation in place to deal with such an attack, suggesting that vehicle-related terrorism will remain largely aimed at the public.”

In the wrong hands, HGVs can be used for various malign purposes, from vandalism to aggressive attacks; they have even been used as a large explosive device. Such vehicles can be obtained relatively easily; local officials in Nice speculated that the lorry used to carry out the attack there was actually hired from a rental company. Given the unpredictability of such attacks, preventing them requires careful, well thought-out planning relating to physical security barriers and the surrounding streetscape of an event. Hostile Vehicle Mitigation (HVM), in various forms, is – and has been – the initial ‘go to’ approach to stop attacks like  those in Nice and Berlin, as well as Vehicle-Borne Improvised Explosive Devices (VBIED), as used in the attack on Glasgow Airport in 2007. HVM measures include bollards, concrete planters, concrete benches and other physical architecture.

Soft targets

Taking the time to consider the operational requirements of a site at the earliest stages of planning and project design is essential. In the case of ‘soft targets’, such as in Nice, where the area in question was pedestrianised for the Bastille Day celebrations but was ordinarily a busy road, more mobile or temporary forms of HVM may be required.. These include water or sand-filled barriers that are lifted into place to provide some, but not guaranteed, protection. Rudimentary temporary solutions may also include the use of other vehicles – emergency vehicles, potentially – and boulders, concrete blocks, or other heavy objects that can be moved relatively easily at reduced cost.

The primary issues to consider when procuring HVM will be the cost of installation and suitability of the solution; careful selection of the product is therefore imperative. Remedial work post-installation is likely to be extremely costly. Other key considerations include existing infrastructure and utilities, existing hardware and hard landscaping, the proximity to points of egress or access, as well as integration with the existing streetscape and how it impacts pedestrians and vehicular movement. All of these need careful assessment, potentially involving government agencies and discussions with a Counter-Terrorism Security Advisor (CTSA), or a member of the Register of Security Engineers and Specialists (RSES) to ensure compliancy.

Various standards provide a quality benchmark for HVM equipment, and there is also guidance available on the installation of such products. PAS 68:2013 ‘Impact test specifications for vehicle security barrier systems’ acts as a benchmark for HVM equipment and is the specification against which equipment should be tested. Under the standard, barriers are subjected to a single horizontal impact in order to test their performance, with the equipment needing to meet an array of performance criteria to be granted a classification. PAS 69: 2013, ‘Guidance for the selection, installation and use of vehicle security barrier systems’ is also an essential standard relating to the installation of such equipment. 

Ensuring business continuity

Whether it’s protecting a public event, or ensuring the smooth day-to-day running of a business, a key element of counter-terror security is risk management. Effective crisis planning and incident management strategies are an essential form of counter-terrorism. Such planning begins with the risk register; by identifying the daily risks that a business or event faces, key decision-makers are able to determine the most comprehensive response strategies. When developing such strategies, it is vital to look at how an organisation or event operates on a wider level in order to best identify what aspects are essential in allowing the business/event to continue to function in a crisis. 

For example, within a business, ensuring that employees can work securely offsite, if necessary, is crucial in helping to ensure business continuity. Having emergency plans in place is one thing, but making sure everyone is aware of such plans and knows what to do in the case of a crisis is also vital. Some larger businesses may already have dedicated departments that focus on crisis planning. For smaller organisations, however, it can be beneficial to enlist the help of a security consultant to develop effective counter-terror strategies. A reputable security consultant can offer a wide range of services, including risk assessments, due-diligence checks, cyber investigations and security penetration testing. Carrying out a broad security assessment of an organisation, consultants can also help evaluate and improve existing security strategies, policies and plans, and help develop new ones, where necessary. 

A new type of terrorist 

Terror attacks can be manifested in various ways. Some involve attacking infrastructure rather than people. In today’s society, one type of attacker that is becoming increasingly more threatening is the cyber terrorist. Cyber criminals have the ability to infiltrate our networks in various different forms, from malware attacks to phishing scams and Denial-of-Service (DoS) Attacks. As well as affecting our businesses and personal lives, these criminals also have the capabilities to put our national infrastructure at risk. 

In December 2015, Ukraine’s power grid was brought down due to a third party’s illegal entry into computer systems. This resulted in the disconnection of multiple substations and approximately 225,000 customers losing power for several hours. While such an attack has not yet occurred in the UK, it does serve to highlight the very real threat of cyber terror. The Government has taken the importance of cyber security seriously, with Chancellor Philip Hammond announcing last year that the UK will invest £1.9 billion over the next five years in a cyber-security strategy that would help improve protection against attacks. 

It is important that both individuals and businesses are also prioritising cyber security. Ensuring that networks are as robust as possible is essential in protecting against such criminals. As such, it can be worthwhile to work with a security consultant to carry out penetration-testing of your network. Such testing can determine whether or not the protection in place is ‘fit for purpose’ by identifying any weak points and addressing them, where necessary. Consultants can also help develop specific cyber-security policies, covering a range of staff practices, such as remote working, the use of personal devices, removable media and the private use of company equipment. Such policies should be implemented and delivered via effective training sessions to ensure that everyone fully understands their responsibility to defend against cyber-crime. 

Regardless of the type of counter-terror measures chosen – whether it be HVM equipment, or enlisting the help of a security consultant – the most important factor is to deal with a reputable supplier whose products or services meet the relevant British and European standards. Members of the BSIA’s Specialist Services Section are all inspected to rigorous eligibility criteria and offer a professional service. To find out more, visit www.bsia.co.uk/sections/specialist-services.aspx