The Limits Of Intelligence Gathering: Kenyan Govt. Warned A Year Before Attack That Terrorists Were Targeting Westgate Mall

from the too-much-data,-too-little-response dept

The narrative in place is that national intelligence agencies need tons of intrusive surveillance programs in order to detect terrorist threats and respond accordingly. Unfortunately, the narrative fails to hold up to scrutiny, prompting these intelligence agencies to ask for some credit to be given for all of their hard work, post-tragedy.

The Boston Marathon bombing is just one example. The head of the NSA, Gen. Alexander, has played up his agency's extraordinary hindsight, which allowed it to rule out the chance of another bombing. This occurred at roughly the same time that the only surviving perp was being taken into custody. Plaudits and such but one would think tapping the backbone of damn near everything would result in more prevention, which Americans would unanimously agree to be the preferable to crystal clear hindsight.

This problem isn't limited to just the NSA. Reports from Kenyan intelligence officials obtained by Al Jazeera (but hosted at Public Intelligence) indicate that government and intelligence agencies had almost a year's advance notice that such an attack would take place.

The documents start with the intelligence agency (NIS - National Intelligence Service) noting it had performed a "security survey" that had identified "key installations and shopping malls" as potential terrorist targets. This was performed in 2011 and the findings passed on to government agencies, along with the security agencies guarding prospective targets. From that point, it details the intelligence it had gathered that indicated an attack was not only imminent, but very specifically targeted.

After detailing the movements of two armed terrorists (and their support personnel shuttling them across borders), the report notes that gathered intelligence suggested more attacks, thanks to recent deterrence efforts by Kenya's military. Following this, the report points out, on Sept. 21, 2012 -- one year exactly before the Westgate Mall attack -- that an attack on that very location was very likely.

Meanwhile, the following suspected Al Shabaab operatives are in Nairobi and are planning to mount suicide attacks on undisclosed date, targeting Westgate Mall and Holy Family Basilica; Sheikh Abdiwelli Mohamed, Sheikh Hussein and Sheikh Hassan. They are believed to be in possession of two suicide vests, twelve (12) hand grenades and two (2) AK 47 rifles, and have already surveyed the two targets. They are being assisted by Sheikh Hassan alias Blackie of Majengo and Omar Ahmed Ali alias Jerry who are currently staying near Mamba Petrol Station and Huruma Mosque along Juja Road.
The report presciently notes (in bold red, no less) that it expects the attack to adhere to the blueprint created by a previous, high-profile terrorist attack.
The envisaged modus operandi include, but is not exclusive to, Mumbai-attack style, where the operatives storm into a building with guns and grenades and probably hold hostages.
Additionally, the report points out that Al Shabaab had deployed two teams of 10 Mandax Jibshe ("head breakers") to attack unspecified targets in Garissa and Nairobi. (Statements from government officials have put the number of perpetrators of the Westgate attack at between 10 and 15.) The report also details a warning sent by Israeli intelligence on Sep. 13, 2013, that also suggested a terrorist attack was imminent.
The Israeli Embassy in Nairobi has raised concern with Ministry of Foreign Affairs of Kenya over possible terrorist attacks on their citizens during the Jewish Holidays period between 4th to 28th September 2013, by Iran and the Hezbollah whom they accused of collecting operational intelligence and open interests in Israeli and Jewish targets around the World including Kenya.
While the Israeli report may have been off on the background of the attackers, the date range was correct. All of this info (more than 25 pages) was turned over to a long list of government officials as it was collected, including the Chief of Defense Forces, the Secretary of Foreign Affairs, Secretary of Defense and Secretary of the Interior.

Granted, Kenya's situation is more tenuous than the USA's in terms of impending terrorist attacks. The report details several suspicious incidents and tries to ascertain the ultimate aim of personnel movements and weapons purchases. The amount of data collected makes it difficult to pinpoint the next terrorist attack, much less allow for any concentration of deterrence to one specific area.

But the report also points out that while warnings were given to various security forces, these seldom resulted in heightened awareness or responsive activity. Scattered throughout the report are discussions of possible targets, many of which would be targeted because of lax security or habitual patterns. The information reported here adds credibility to the claims that the attackers were able to secure space to stow weapons and ammunition in the mall itself before the attack.

So, what good is collecting a ton of intelligence if it's not going to be implemented? The intelligence agency in Kenya may have been stymied by government inaction, but the comprehensive report itself could have easily contributed to this paralysis. With so much potentially harmful activity listed, the unanswerable question may have been, "Where do we start?" With no clear indication given as to what should be prioritized, the info dump almost boils down to pinpointing the next attack to "anywhere, at any time."

The Kenyan government originally blamed the National Intelligence Service for not adequately warning of this attack, although these documents will certainly see those claims walked back. There are also indications the NIS received another warning about the attack one day before its occurrence, but that warning wasn't passed along to the public, either due to a lack of response time, or worse, that issuing the warning would have revealed operational details.

We've discussed before how gathering intelligence rarely prevents terrorist activity, thanks to a number of factors. Collecting too much seems to be roughly as useless as collecting too little. When numerous possible events are detailed with no indication of which might be more likely, the reaction will be haphazard at best.

Intelligence agencies are tasked with providing national security, but seldom seem to know how to actually accomplish this aim. All the information gathering is wasted if there's no focused response plan. Sifting this data through various layers of bureaucracy only results in less focus and delayed responses.

But when confronted with this reality, these agencies seem to feel the real problem is that not enough data is being collected. The evidence suggesting that intelligence agencies had advance notice of the 9/11 attacks has been greeted by FBI Director Robert Mueller as an indication that the agencies' access to data is too limited. As he has opined more than once, the bulk phone metadata collections would have allowed the agency to track one of the hijackers, thus allowing it to "prevent" the attack.

This is post-hoc justification for a controversial program. There are too many variables in place for anyone, much less someone that (should) know the system (including the other government agencies tasked with approving action on such data), to make that claim with any credibility. Likewise, in Kenya's case, the information was there, but any number of factors contributed to the failure to prevent the attack. More data isn't the answer. Better, smarter, focused gathering and responses are.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: intelligence gathering, kenya, surveillance, terrorism, warnings, westgate mall


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    TasMot (profile), 2 Oct 2013 @ 8:19am

    A Threat Assessment

    That document (from the description not my actually reading it) sounds like a "threat assessment", not a prediction of the future. Much as IT folks look at what types of threats could happen to their IT systems, action is only taken on the "most likely" ones. For example, how likely is it really that someone would put a tap on their internet connection. It could happen but is not likely. This report by an intelligence agency is like mapping out the possible moves in a game of chess. If my rook is taken, I'll do this, if my bishop is taken, I'll do that, if my queen is taken, I'll do something else. The next step is for the politicians to make a decision (OK, stop laughing, I'm serious) about which likely threats will develop into reality and put effective countermeasures in place to stop the attack (I said stop laughing at the politicians making decisions).
    The problem seems to be that the 20-20 hindsight of the intelligence agencies reports would be good at tracking down the perpetrators since they "kind of - sort of" identify who most likely did it. But, if the leaders in charge were to "jump" too many times at false alerts it would look bad and so they don't jump at all and instead point fingers at somebody else as not doing their job. If they start "jumping at shadows", then we would just end up with more security theater.
    To be more useful, those intelligence reports would also need to include some predictions into what would need to happen to indicate that something bad is immenent. Like in chess, when a certain set of moves start to happen, then most likely the opponent is trying to implement a certain strategy. As a bad example, "when the nuclear device shows up at the door to the mall, something bad is going to happen soon.
    Unfortunately, the real world is not as open and visible as all the pieces on a chess board. Let's face it, even with perfect visibility of the pieces and moves on a chess board. Somebody always loses (almost-draws are very rare). The rules in chess and the movements of the pieces are all clearly laid out and visible. In real life, the rules are frequently ignored and the movements are hidden. Still, intelligency agencies seem to be able to "see" some of the clues and predict what will happen. But, also accurately forseeing enough clues of the pre-activities to accurately predict what and when would happen in time to stop the "bad thing" is still in the future.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.