How to Look for Trouble: A STRATFOR Guide to Protective Intelligence How to Live in a Dangerous World: A STRATFOR Guide to Protecting Yourself, Your Family and Your Business By Scott Stewart
The Jan. 24 bombing at Moscow's Domodedovo International Airport
killed 35 people and injured more than 160. The attack occurred at approximately 4:40 p.m. as passengers from several arriving international flights were leaving the airport after clearing immigration and customs. The attacker (or attackers; reports are still conflicting over whether the attack was conducted by a man or a man and a woman together
) entered the international arrivals hall of the airport, a part of the facility that is outside the secure area and that is commonly packed with crowds of relatives and taxi and limo drivers waiting to meet travelers. Once the attacker was in the midst of the waiting crowd and exiting passengers, the improvised explosive device that he (or she) carried was detonated. It is not clear at this point whether the device was command-detonated by the attacker as a traditional suicide bomb or if the device was remotely detonated by another person. The attack was most likely staged by Islamist militants from Russia's Northern Caucasus region who have conducted a long series of attacks in Russia, including the Aug. 24, 2004, suicide bombings that destroyed two Russian airliners
. The Domodedovo attack serves as a striking illustration of several trends we have been following for years now, including the difficulty of preventing attacks against soft targets, the resourcefulness of militants in identifying such targets and the fixation militants have on aviation-related targets.
By definition, soft targets are those targets that are vulnerable to attack due to the absence of adequate security. Adequate security may be absent for a number of reasons, including disregard for the threat and lack of competent forces to conduct security, but most often soft targets are "soft" because of the sheer number of potential targets that exist and the impossibility of protecting them all. Even totalitarian police states have not demonstrated the capability to protect everything, so it is quite understandable that more liberal democratic countries do not possess the ability to provide airtight security for every potential target. Moreover, some measures required to provide airtight security for soft targets are often seen as intrusive by citizens of countries where personal freedom is valued and the financial cost associated with providing such security measures is often seen as excessive. There is an old security truism that states: "If you try to protect everything all the time you will protect nothing." Because of this reality, policymakers must use intelligence gained from militant groups, along with techniques such as risk assessment and risk management, to help them decide how best to allocate their limited security resources. While this will help protect the targets the government deems most sensitive or valuable, it will also ensure that some things remain unprotected or under-protected. Those things become soft targets. While most militants would prefer to attack traditional high-profile targets such as embassies and government buildings, those sites have become far more difficult to attack in the post-9/11 world. At the same time, the relentless pursuit of terrorist operatives by the United States and its allies has resulted in the degradation of the capabilities and reach of groups such as al Qaeda. Today the threat posed to the West stems primarily from grassroots militants and jihadist franchises
rather than the al Qaeda core. While this has broadened the threat, it has also made it shallower, since grassroots operatives are far less capable of spectacular and strategic attacks
than the professional terrorist cadre of the al Qaeda core. The combination of increased security at hard targets and the reduced capabilities of militant operatives has resulted in militant planners shifting their targeting toward softer targets, which are easier to attack. As a result of this shift, targets such as hotels have replaced embassies and other hardened sites
in militant target selection. Generally, militants prefer to attack soft targets where there are large groups of people, that are symbolic and recognizable around the world and that will generate maximum media attention when attacked. Some past examples include the World Trade Center in New York, the Taj Mahal Hotel in Mumbai and the London Underground. The militants' hope is that if the target meets these criteria, terror magnifiers like the media
will help the attackers produce a psychological impact that goes far beyond the immediate attack site — a process we refer to as "creating vicarious victims." The best-case scenario for the attackers is that this psychological impact will also produce an adverse economic impact against the targeted government. Unlike hard targets, which frequently require attackers to use large teams of operatives with elaborate attack plans or very large explosive devices in order to breach defenses, soft targets offer militant planners an advantage in that they can frequently be attacked by a single operative or small team using a simple attack plan. The failed May 1, 2010, attack against New York's Times Square
and the July 7, 2005, London Underground attacks
are prime examples of this, as was the Jan. 24 attack at Domodedovo airport. Such attacks are relatively cheap and easy to conduct and can produce a considerable propaganda return for very little investment.
In Russia, militants from the Northern Caucasus have long attacked soft targets
, including buses, trains, the Moscow Metro, hotels, a hospital, a theater, a rock concert, shopping centers, apartment buildings, a school and now the soft side of Domodedovo airport. In the case of Domodedovo, the past two attacks involving the facility are a clear illustration of the process by which militants shift to softer targets in response to security improvements. In August 2004, Chechen militants were able to exploit lax security on the domestic side of Domodedovo in order to smuggle two suicide devices aboard two targeted aircraft, which they used to blow up the planes. In response to that attack, security at the airport was increased. The Jan. 24 Domodedovo attack seems to have confirmed the effectiveness of these security improvements — the militants apparently believed they could no longer smuggle their suicide device aboard an aircraft. However, they adjusted their targeting and decided to conduct an attack against a vulnerable soft spot — the arrivals hall — located in the midst of the hardened airport target. From a tactical standpoint, the attack at Domodedovo was a logical response to increased security designed to keep explosives off aircraft. This attack also demonstrates, significantly, that the militants behind it maintained the intent to hit aviation-related targets, a fixation we have discussed
for some time now. One reason for this fixation is the impact that aviation-related attacks have on terror magnifiers. This was seen in the international response to the Domodedovo attacks, which was much larger than the response to twin suicide bombings
of the Moscow Metro in March 2010. Even though the Metro bombings produced more fatalities, they did not resonate with the international media as the airport attack did. This media response to the most recent Domodedovo attack was presumably enhanced by the fact that it killed several foreigners. This difference in international reaction is significant, and will certainly be noted by militants planning future terrorist attacks. In all likelihood, it will also serve to solidify their fixation on aviation-related targets and on soft targets such as arrival halls that are located in the midst of harder aviation targets. It must be noted, however, that this concept is not altogether new: Militants have long targeted the soft area outside airports' security hardlines. Ticket desks were attacked by the Abu Nidal Organization in Rome and Vienna
in December 1985, and more recently the El Al ticket desk at Los Angeles International Airport
was attacked by a gunman in July 2002 and an unsuccessful car bomb attack
against the main entrance of the international airport in Glasgow, Scotland, was conducted by a grassroots jihadist in June 2007. In the wake of the Domodedovo attack, security has been increased in the arrival halls of Russian airports — a step that has been instituted elsewhere in order to make the traveling public feel secure. However, such measures are costly and will tie up security personnel who will then be unavailable to protect other sites. Because of this, these measures will likely be short-lived, and airports will return to "normal" in a matter of months. Furthermore, even when security is increased in areas such as arrival halls, the very nature of airports dictates that there will always be areas outside the rings of security where people will congregate — either to meet travelers or as they wait to clear security screening. While the threat can be pushed away from the airport building, in other words, it cannot be completely alleviated. Because of this, there will always be soft areas that are impossible to protect using traditional security measures. However, facilities that employ non-traditional security measures like protective intelligence and countersurveillance
will be able to protect this type of soft area far more effectively than facilities relying solely on physical security measures. The bottom line for travelers and security managers is that plots to attack aviation-related targets will continue and the array of aviation-related soft targets such as ticket desks and arrival halls will remain vulnerable to attack. A persistent, low-level threat to these targets does not mean the sky is falling, but it should prompt travelers to take some simple steps that can help minimize the time spent on the soft side of the airport
. And, as always, travelers should practice an appropriate level of situational awareness
so they can see trouble developing and take measures to avoid it.