301.519.9237 exdirector@nesaus.org
The U.S. Secret Service National Threat Assessment Center recently published a report designed to delve deeper into the motivation of mass attackers to identify commonalities between them.

Recent Secret Service report reveals commonalities between attackers, experts discuss implications for security

Over the past two weeks, mass shootings in Gilroy, Calif., El Paso, Texas, and Dayton, Ohio, have left more than 30 people dead and nearly 70 others injured.

Of course, there’s been the familiar refrain from politicians and pundits alike, starting with unanimous condemnations of the shootings themselves followed by calls for gun control on the left and expanding mental health services on the right side. You know the drill: wash-rinse-repeat. Meanwhile, law enforcement and security professionals will try to take the lessons learned from these tragedies and apply them moving forward to at least mitigate the damage of future active shooters.

The investigations into these respective shootings remain fluid, but what is known so far about the gunmen is that at least two of them, Santino William Legan (Gilroy) and Patrick Crusius (El Paso) had posted about or expressed extremists views on social media respectively, while writings of Conner Betts (Dayton) show he had an interest in killing people.  And though authorities will undoubtedly uncover more information about the motives that drove these killers in the days and weeks ahead, one of the most haunting questions that will linger over these shootings is whether or not they could have been prevented.

The U.S. Secret Service National Threat Assessment Center recently published a report designed to get to the heart of this question and delve deeper into the motivation of mass attackers to identify commonalities between them. The findings of the report, “Mass Attacks in Public Spaces – 2018,” which examined 27 attacks that occurred between January and December of last year, will shock few seasoned security professionals or law enforcement officers. They include:

  • Most of the attackers utilized firearms, and half departed the site on their own or committed suicide;
  • Half were motivated by a grievance related to a domestic situation, workplace, or other personal issue;
  • Two-thirds had histories of mental health symptoms, including depressive, suicidal, and psychotic symptoms;
  • Nearly all had at least one significant stressor within the last five years, and over half had indications of financial instability in that timeframe;
  • Nearly all made threatening or concerning communications and more than three-quarters elicited concern from others prior to carrying out their attacks;
  • And, more than half of the attacks ended within five minutes from when the incident was initiated.

According to Ben Joelson, Senior Director at security consulting firm The Chertoff Group and a former Security Forces Officer in the U.S. Air Force, the quick duration of most attacks as evidenced in the Secret Service report shows that organizations can’t simply pin their hopes on law enforcement to respond and take out a shooter. “That’s not really a viable strategy in itself,” Joelson explains. “You have to take steps to prepare, to train your employees.”

For example, Joelson says that training should go beyond just teaching people how to respond (Run, Hide, Fight, etc.) but also how to detect “anomalous behaviors” from their co-workers and establish a system within the company and their HR department that enables them to report those behaviors without fear of penalty to them or the employee in question.

“It creates a mechanism and a culture where there is a family environment,” he adds. “If you’re coworker is always bright and upbeat and then one day you see a downturn in their behavior and they’re starting to act really depressed or maybe post things on social media that are disturbing, conduct some training and create the corresponding mechanism where that employee can talk to HR and they can involve supervisors. In today’s day and age, people put out a lot of digital dust – social media, what they’re tweeting – and then there is just how they’re behaving in their daily lives in the office.”

Dr. John Byrnes, Founder and CEO of the Center for Aggression Management, questions the value of the Secret Service report in helping security or law enforcement officials prevent the next mass shooting given the broadness of the predictive stressors discussed.

“They give us five different elements that they believe are germane to someone committing these mass murders. The first one, to give you an example, is family/romantic relationships and they chronicle death of a loved one, divorce, broken engagements or physical or emotional abuse. So let’s take the death of a loved one, which was prominent in the 27 attacks in 2018 and 31 attacks in 2017,” Byrnes says. “If we take all of the individuals who have lost a loved one in the U.S. alone and we ask ourselves how many of these people who have lost a loved one have subsequently gone out and committed mass murder? The answer is probably less than one percent. So, how do you get from less than one percent to this is our next shooter. You can’t!”

Byrnes says the same goes for the rest of the “significant stressors” identified by the report, which include trouble at work or school; contact with law enforcement that did not result in arrests or charges; personal issues; and financial instability.

“Financial instability, for God’s sake, go across the country and ask everyone who has been financially unstable how many of them have gone out and committed mass murder,” Byrnes adds. “Let’s take three of these (stressors) and let’s say it is three percent (who are affected), are we going take all of those individuals and put them in asylums to protect ourselves from the less than one percent that will commit a mass murder? The answer is of course not. So, what practical insight do we get from this report? Not much.”

Even though law enforcement does the best job it can in trying to stay ahead of threats, Jeff Spivey, a former President of ASIS International who now serves as President of North Carolina-based Security Risk Management, Inc., says that they’re not necessarily focused on, nor do they really understand prevention and early warning as well as they do active shooter response.

“They try to do it, they try to have crime prevention groups and go out and have talks with neighbors, schools and those types of things but, in general, I don’t think we can rely on law enforcement (for prevention) and I think that goes all the way up to the federal level,” says Spivey, who is also a former police officer. “I don’t think police, with all of the training that they have, are regularly training on prevention and early warning.”

Stopping Future Attacks

Byrnes, who recently authored a three-part series on active shooter behavior precursors identified in a similar report compiled by the FBI, says that that only real way to possibly stop an attack is to identify someone who is on a path to violence and displaying signs of “emerging aggression.” Rather than looking at mere stressors in an individual’s life, Byrnes’ Critical Aggression Prevention System (CAPS) examines primal (adrenaline-driven) and cognitive aggression (intent-driven) exhibited by people and places it on a nine-stage continuum to track their potential to become violent.

“We have to go from probabilities to predictabilities. Probabilities say that within a certain group of people there is a higher probably of a shooter. The problem is it doesn’t specify who the next shooter is,” Byrnes says. “Each stage (of the CAPS continuum) is a precursor to the next, each give us the ability to get out in front of the next and actually prevent it from occurring. What is happening with our government is we consider prevention identifying someone planning or preparing for an attack. That’s too late! That only gives us moments.”

In addition, Byrnes says many of the cues that people are looking for to identify shooters are typically primal or adrenaline-driven behaviors, such as darting eyes, pulse rates, etc., which are more commonly exhibited by those individuals under much duress versus those who are willing to die for a cause as is the case with most mass murderers.

“When any human being on the cognitive side rises to the intention where they are prepared to give up their life for a cause, their body responds to that intention by losing animation,” he explains. “In essence, the body says, ‘I am dead.’”

Spivey says he puts the onus of prevention on executive management within an organization to bring in the people with the proper knowledge and skillset.

“Oftentimes when executive management looks to put a chief security officer in, they reinforce the aforementioned model in that they typically want to get someone who was in law enforcement or someone that understands the police side of it,” he says. “I’m not saying you don’t want those capabilities inside of the business but the right people for security inside of an organization are going to be those that one, have an early warning and prevention perspective and secondly, understand business extremely well.”

Responding to Threats

In many instances, those who have carried out mass shootings also have extensive histories of levying threats against specific organizations or individuals prior to the attack. So, how should organizations go about handling threats knowing that they could one day precede an attack on their own facilities and employees?

Joelson says companies that have been successful in tackling these challenges are the ones that admit that there are issues and get out in front of it before things come to a head. Some of the tactics these organizations have employed, according to Joelson, include peer benchmarking and on-site visits.

“After the YouTube shooting in 2018 in San Francisco, you saw a lot of companies out there really viewing security as a common good and public good and not being so proprietary, visiting each other and their security operation centers and talking about best practices, policies and procedures,” he says. “The companies that are doing well are the ones that are learning from the mistakes of others, sharing information and not putting their heads in the sand and trying to buy insurance and hope their slightly better than the next guy.”

Part of the problem in responding to threats, according to Byrnes, is that people tend to do what is in their best interest and most don’t believe that getting involved in the lives of coworkers by reporting changes in their behavior to management is going to benefit them in the long run. However, when an organization via training is able to help them connect the dots to see that these behaviors could be indicative of a much larger problem that could come back to impact them, they become much more apt to help. “By virtue of that, they now see that they could become a victim and that it would be in their best interest to get involved and they do,” he says.

Analyzing many of these attacks in retrospect, Joelson says there tends to be a trail of breadcrumbs the leads back to initial instances where someone’s behavior started to change or become suspect.

“The headline is unfortunately more of the same and we’re seeing – in the country in general – that these are attacks of limits. They’re limiting in the sense that it is hard for people to plan for mass casualty events… but it is also limiting for law enforcement,” he adds. “If you go back to some of the vehicle-ramming attacks, it is very difficult, you can’t put bollards on every sidewalk, so it’s extremely difficult for law enforcement alone to predict and intervene.”

About the Author:

Joel Griffin is the Editor of SecurityInfoWatch.com and a veteran security journalist. You can reach him at joel@securityinfowatch.com.