Policy Brief - Belfer Center for Science and International Affairs, Harvard Kennedy School

Preventing Terrorist Attacks: Challenging the Conventional Wisdom

| May 5, 2008

Why do terrorist attacks frequently succeed, even though later investigations almost always show that warnings had been available but were either misunderstood or ignored?  Conventional wisdom, as seen in the 9/11 Commission Report, holds that disasters such as the 9/11 attacks have been caused by failures of analytical imagination, a lack of long-term strategic intelligence on the threat, and organizational limitations that prevent the U.S. intelligence community from being able to “connect the dots” of the existing intelligence. 

The conventional wisdom is reassuring, because it suggests that if we can fix these problems, the American intelligence community (IC) will be more likely to connect the dots next time and prevent the next major terrorist attack.  But the conventional wisdom is wrong, and this reassurance is misplaced.  The history of American efforts to prevent terrorist attacks suggests that more imagination, better strategic intelligence, and intelligence reorganization will not prevent future disasters. 

In order for intelligence to be most useful in preventing attacks, it must be actionable, combining precise, tactical level warning with decision makers who are receptive to it. The history of unsuccessful terrorist attacks against Americans—plots that have been foiled—tells us that this sort of actionable intelligence is most likely to come from on-the-ground, local and domestic intelligence gathering.  In other words, we need to refocus on on-the-ground intelligence gathering. This has two key implications:

  • Our current focus on bureaucratic strategy—how to set up the Office of the Director of National Intelligence—is misplaced.
  • We need to have a serious national debate on domestic intelligence-gathering and the appropriate balance between civil liberties and national security. 

The conventional wisdom 

Investigations after major terrorist attacks such as 9/11 and the bombing of U.S. embassies in East Africa in 1998 have almost always concluded that intelligence warnings had been available, but they weren’t listened to.  Intelligence expert James Wirtz has called this the “first law of intelligence failure”—that after a surprise attack, intelligence is always found to have been in the pipeline. [1]  Not all analysts agree on why such warnings go unheeded—why the dots are not connected—but the view of the 9/11 Commission and of scholars such as Amy Zegart has become widely enough accepted to be considered the conventional wisdom.  According to this view, there are three primary reasons why intelligence fails:

  • A lack of imagination.  Prior to 9/11 a number of analysts and blue-ribbon commissions had described the growing threat from international terrorism, and some had even proposed the possibility of a suicide airliner hijacking.  But the 9/11 Report found that most intelligence officials and policymakers had been unable to imagine just how dangerous the threat was, and thus they were unwilling to take the actions that might have prevented disaster.      
  •  Too much focus on tactical intelligence.  A number of studies and scholars have argued that the U.S. intelligence community before the 9/11 attacks was too focused down in the “weeds” of current and tactical intelligence, and failed to pay enough attention to the big picture of strategic intelligence.  A study sponsored by the CIA argued: “A major weakness of the IC is its difficulty in providing strategic intelligence—the comprehensive overviews that put disparate events and the fragmentary snapshots provided by different intelligence sources into a contextual framework that makes it meaningful for the intelligence consumer.”[2] 
  • Organizational and bureaucratic limitations.  According to the conventional view, the biggest problem was that intelligence and national security organizations have been prevented by their structures and bureaucratic cultures from adapting to new threats and sharing vital information with other agencies.  In the words of Amy Zegart, “While individuals made mistakes, organizational deficiencies were the root cause of 11 September.”[3] 

Much of the effort at reforming the U.S. intelligence community over the past several years has been directed at fixing these problems.  New analytical techniques and methodologies, such as the increased use of “red teams” that try to think like the enemy, are intended to encourage the use of imagination.  New organizations have been formed to focus on long-term, strategic intelligence collection and analysis.  And the major organizational changes to the intelligence community, such as the establishment of the office of the Director of National Intelligence and the National Counterterrorism Center, are a direct response to the belief that organizational problems were at the root of the intelligence failure leading up to 9/11.  All of these changes may be useful as the intelligence community changes from an organization designed to fight the Cold War to one focused on the long-term threat from terrorist groups such as al Qaeda.  But none of these changes is likely to help prevent terrorist attacks in the short term, because they are based on an incomplete understanding of what makes for intelligence success. 

This conventional wisdom on preventing terrorist attacks is wrong because most studies of intelligence and terrorism focus, not surprisingly, on cases in which intelligence fails and terrorist attacks are successful.  These studies, such as the 9/11 Report, help us understand some of the many reasons why intelligence can fail—but they do little to tell us how intelligence can win in the fight against terrorism.  A better answer to the problem of preventing terrorist attacks can be found by examining why some plots fail, while others succeed.  By comparing successful terrorist plots with those that were foiled, we find that much of the recent effort at reforming the American intelligence community is aimed at fixing the wrong problems, and may do little to prevent another 9/11.   

The need to understand intelligence success 

We cannot know with any certainty how disasters such as the 9/11 attacks and the East Africa embassy bombings of 1998 could have been prevented.  Hindsight can only illuminate opportunities that were missed—it cannot tell us whether different actions and decisions would actually have prevented those attacks.  There is one approach, however, that might help us understand how to prevent attacks: studying terrorist plots that have been unsuccessful.  But studying cases of failed terrorist attacks is difficult.  Intelligence successes are less well publicized than failures, and several of the most widely available public databases of terrorism incidents don’t include foiled attacks.  As terrorism expert Brian Jenkins puts it, “We have thwarted a number of terrorist attacks; exactly how many is hard to say.  It is difficult counting events that don’t occur.” [4] 

The U.S. intelligence community doesn’t like to talk about the plots it has thwarted, because revealing successful intelligence operations could provide useful information to our nation’s enemies.  But failed plots are already a part of the national discourse on terrorism, even though we don’t know very much about them.  The administration frequently cites failed plots as evidence that the terrorist threat is real and its counterterrorism programs are effective.  For example, in his State of the Union address in January 2007, President Bush described several prevented attacks, and said that “Our success in this war is often measured by the things that did not happen.” [5] In October 2005 the White House released a list of ten “serious al-Qaida terrorist plots” that had been disrupted since September 11, 2001, and five additional efforts by al Qaeda to case targets in the U.S. or infiltrate operatives into the country.[6] 

Administration critics, on the other hand, argue that the cases cited by the government amount to little more than a molehill.  And some scholars believe that the absence of successful terrorist attacks since 9/11 indicates there are few terrorists in the United States and the threat of international terrorist attacks against the U.S. is very low. [7] 

Examples of unsuccessful attacks 

Despite the difficulty of studying unsuccessful terrorist attacks, reliable information is available on enough cases to suggest that terrorist plots fail more often than many might realize.  They fail for many reasons, including errors by the plotters and chance encounters with alert law enforcement officials.  But a number of the more complex plots have been disrupted as a result of careful, lengthy investigations by intelligence and security officials, and it is these cases that tell us the most about what does and doesn’t work in preventing terrorist attacks.  Three of these cases are described here. 

  • The New York City “Day of Terror” Plot.  This plot, which was disrupted soon after the first World Trade Center bombing in 1993, is still one of the most important thwarted attacks in American history, but it is little remembered today.  A group of Islamist extremists planned to bomb a number of New York City landmarks including the UN Headquarters, the Manhattan Federal Building, and the Lincoln and Holland Tunnels.  The FBI had an informant among the plotters, and the men were arrested at a safehouse in Queens while they were mixing fuel and fertilizer in 55-gallon steel drums. 
  • The Lackawanna Six.  The case of these Yemeni-Americans, who traveled to Afghanistan in the Spring of 2001 to attend an al Qaeda training camp and met with Osama bin Laden, has been described by many observers as an example of government overkill.  Most of the men appear to have turned away from violence after 9/11, and they were not actively plotting any attacks when they were arrested.  But the group had clear links to senior al Qaeda leaders, and the case is instructive as an example of how a wide range of intelligence sources can be useful to authorities: the group first came to the attention of the FBI through an anonymous tip, and later information came from intercepted emails and from a detainee captured in Afghanistan  
  • The Fort Dix Plot.  This more recent case typifies the sort of plots being seen today and the variety of methods authorities are using to disrupt them.  Six men described as Islamic militants were arrested in May 2007 and charged with plotting to attack the Fort Dix Army base in New Jersey and “kill as many soldiers as possible.”  The men took part in paramilitary training together and conducted surveillance of Fort Dix and other military installations, but authorities were tipped off by a store clerk who became concerned when they brought in a video to be converted to DVD—and on the video they could be seen firing weapons while calling for jihad.  The FBI eventually placed two different informants in the group, and watched for 15 months before arresting them when they attempted to buy AK-47 and M-16 machine guns. 

The lessons from unsuccessful attacks 

What can we learn from these cases?  All of these plots, and a number of others foiled in recent years, were broken up because officials had precise, tactical-level intelligence on what the plotters were up to.  Although imaginative law enforcement and intelligence officials were undoubtedly involved, it wasn’t imagination that prevented attacks—it was the use of informants, tips from the public, and surveillance through electronic and other means.  These cases also suggest that organizational fixes are not the answer to preventing terrorist attacks.  The 1993 Day of Terror plot was foiled by the same intelligence and law enforcement agencies that only a few months earlier had failed to prevent the attack on the World Trade Center.  The difference was that the World Trade Center attack served as a focusing event, pushing law enforcement to look for other extremist groups that might be planning similar attacks and encouraging senior decision makers to listen to the intelligence they developed. 

There is good news in that none of the plots that have been disrupted recently represent al Qaeda’s “first team.”  These would-be terrorists are mostly home-grown, and appear unlikely to have been able to carry out the sort of mass destruction that experts believe al Qaeda still hopes to inflict upon America.  But we should remember that even amateur terrorists, such as those who carried out the first World Trade Center attack, can cause great damage and suffering. 

The bad news is that the history of foiled terrorist plots in America suggests the threat of terrorism within the U.S. remains high, and additional terrorist cells and plots are probably active today.  The American people should be careful about becoming too complacent, and should be skeptical about the conventional wisdom that the key to preventing future attacks is reorganization and reform of the intelligence and national security communities.  The history of unsuccessful terrorist attacks suggests that the intelligence needed to prevent the next terrorist attack is not out there already, waiting to be understood once the intelligence community gets its act together.  The necessary intelligence has probably not yet been collected, and it is most likely to be obtained through aggressive domestic intelligence efforts—just the sort of efforts that raise questions about the proper balance between civil liberties and national security.   

What should be done? 

  • Get past the conventional wisdom.  We need to recognize that many commonly held beliefs about preventing terrorist attacks are mistaken, and that the next major terrorist attack against Americans is unlikely to be prevented by organizational reforms and efforts to increase imagination. 
  • Focus on local and domestic intelligence.  The record of failed terrorist plots tells us that the most effective intelligence is gathered close to home, as a result of local, on-the-ground domestic intelligence efforts. 
  • Shift the debate on intelligence reform.  Most of the national discussion about intelligence reform concerns top-level organizational issues, but the more important debate is a lower-level one.  As we turn our focus toward domestic intelligence, we must have a serious, informed debate over domestic intelligence gathering and how to balance civil liberties while still obtaining the intelligence needed to prevent future attacks.

[1] James J. Wirtz, “Responding to Surprise,” Annual Review of Political Science 9 (2006), p. 51. 

[2] Central Intelligence Agency, Center for the Study of Intelligence, Intelligence for a New Era in American Foreign Policy (Washington, D.C.: January 2004), p. 3, available at http://www.fas.org/irp/cia/product/newera.pdf.  

[3] Amy B. Zegart, “‘CNN with Secrets’: 9/11, the CIA, and the Organizational Roots of Failure,” International Journal of Intelligence and CounterIntelligence 20/1 (March 2007), p. 43. 

[4] Brian Jenkins, “Lessons for Intelligence,” Vanguard (Canada), March 1, 2006.  Available at http://www.rand.org/commentary/030106VC.html.  

[5] State of the Union Address, January 23, 2007, transcript as provided by the New York Times, January 24, 2007.  http://www.nytimes.com/2007/01/23/washington/23bush-transcript.html.  

[6] The White House, “Fact Sheet: Plots, Casings, and Infiltrations Referenced in President Bush’s Remarks on the War on Terror,” October 6, 2005.  Available at http://www.whitehouse.gov/news/releases/2005/10/20051006-7.html.  

[7] See for example, John Mueller, “Is There Still a Terrorist Threat?” Foreign Affairs, September/October 2006, and his Overblown: How Politicians and the Terrorism Industry Inflate National Security Threats, and Why We Believe Them (New York: Free Press, 2006).       

For more information on this publication: Please contact International Security
For Academic Citation: Dahl, Erik J.. “Preventing Terrorist Attacks: Challenging the Conventional Wisdom.” Policy Brief, Belfer Center for Science and International Affairs, Harvard Kennedy School, May 5, 2008.