July 7 ISC Report and Home Office Official Account Released

The UK Intelligence and Security Committee Report on the London Terrorist Attacks on 7 July 2005 has been released. The headlines in relation this report are focusing on the findings that additional intelligence resources could (perhaps) have helped to prevent the attacks, and that several of the bombers were under surveillance as part of other investigations, as well as the differences in interpretation coming from UK security experts. The official UK Government response to ISC Report can be read here.

Note that the ISC Report is NOT the same as the UK Home Office Official Account of the July 7 bombings, which was also released to day and is available here. We will have a synopsis and analysis of this report available in the next few days. I highly recommend downloading and skimming through each report; the relative importance given to certain findings by the media differs from that given by the authors, and it is interesting to see what the 'official position' on the documents is.

Below are some items of interest from the Intelligence and Security Committee Report on the London Terrorist Attacks on 7 July 2005 (note that these points are in addition to the summaries of the report available from BBC, the Guardian, and in section 7 of the document itself):

• The preamble of the report notes that it does not contain all available information, so as not to prejudice ongoing judicial proceedings, indicated by large stars in the text. Additionally, sections of the report are redacted with ‘***’ for reasons of intelligence secrecy. For example, page 4 of the report states that “We record that *** terrorist plots in the UK have been thwarted by the intelligence and secrity agencies since 11 September 2001.”
• The report focuses on the events of and leading up to the July 7 bombings, the July 21 attempted bombings, and the investigations related to these events. The July 22 shooting of Jean Charles De Menezes, while directly related to the July 21 event, is not mentioned in this report.
• In writing the report, the ISC has drawn on the findings of reports produced by a number of other British security and intelligence agencies.
• The report focuses on answering several specific questions:
  
  -whether any intelligence which may have helped prevent the attacks was missed or overlooked;
  -why the threat level to the UK was lowered prior to the attacks and what impact this had; and
  -what lessons were learned on the back of the attacks and how these are being applied, in particular:
  – what reassessments of the threat have been made; and
  – what is being done to increase coverage of the threat.
• The UK counter-terrorism strategy is known as CONTEST, and has been operating since 2002. This strategy aims to “reduce the risk from international terrorism so that people can go about their business freely and with confidence.” The strategy focuses on active prevention and mitigation. Preparedness and protection are also focal points. JTAC is the body within the UK intelligence sector responsible for the compilation and analysis of intelligence on the ‘Islamist threat.’ The report describes personnel resource allocation in relation to threats and activities, although specific information is redacted.
• From the report: “In 2001, at around the time of 9/11, the Security Service knew of approximately 250 primary investigative targets in the UK.8 By July 2004 this had risen to over 500, of which only about *** could be investigated, and only *** intensively. By July 2005 the number of primary investigative targets in the UK had risen to around 800, only about *** % of which the Service was able to cover. Even then the degree of coverage on the most essential subjects was far from complete.”
• Pre-July 2005, the Security Service categorized targets into ‘essential,’ ‘desirable,’ and ‘other’ aggregate categories, in order to maximize resources on priority targets. Note that this implies a structural commitment to risk-based analysis and response.
• In describing the threat environment in the UK prior to July 2005, the report cites a number of official speeches and texts, which – as with Canadian discourses – describe imminent but non-specific threats. The ‘not a matter of if, but when’ line is mentioned.
• The focus of the report does not touch on the background of the July 7 bombers, the process(es) through which they became radicalized, or how they planned the attacks; rather, it deals with the actions of intelligence agencies in relation to the events. The report notes that the Home Office Official Account will touch on these areas.
• Some specifics about the July 7 bombings and investigation:
• The fourth bomber, Hasib Hussein (who detonated his bomb on a bus), stopped to purchase batteries before carrying through with the attack.
• The report finds that the date – July 7 – was of no particular significance, nor was the then-ongoing G8 summit a factor in the timing of the attack.
• Despite the claims of responsibility for the attacks made by al Qaeda representatives, the real extent of external involvement (if any) is still under investigation.
• From the report (p. 13): “We have been assured by the Agencies that there was no prior warning of the attacks that took place from any source, including from foreign intelligence services.We have looked in detail into claims that the Saudi Arabian authorities warned the British Agencies about the attacks. We found that some information was passed to the Agencies about possible terrorist planning for an attack in the UK. It was examined by the Agencies who concluded that the plan was not credible. That information has been given to us: it is materially different from what actually occurred on 7 July and clearly not relevant to these attacks.”
• A number of the July 7 attackers were ‘known’ to intelligence and security agencies, and had come up in relation to previous investigations. See p. 16 of the report for more on this.
• Reports from unspecified “detainees (from outside the UK)” referred to one of the bombers as having trained with al Qaeda in Pakistan in 2003; following the bombings, one of these ‘detainees’ identified bomber Siddeque Khan from a photograph.
• A significant section of the report is dedicated to explaining the lowering of the UK threat level prior to the July bombings, and whether and to what extent this facilitated the attacks. In May 2005 the threat level was reduced from ‘SEVERE GENERAL’ to ‘SUBSTANTIAL.’ Note that, prior to the bombings, the UK threat level system had two focal points: a general ‘country threat level’ status, and a ‘Critical National Infrastructure’ status. The system was more varied than the US alert system, and included seven levels, ranging from Negligible to Critical. The UK threat level system is not to be confused with the UK threat alert system, which issues BLACK, BLACK SPECIAL, AMBER, and RED alerts based on different government departments’ needs.
• The report concludes that the lowering of the country threat level in May 2005 is unlikely to have altered the alertness or responders or to have affected the chances of preventing the attacks. This being said, it also concludes that the threat level system is confusing to both the public and security intelligence operatives. If changes can be made to threat levels without producing effects in preparedness and alertness, then, the report argues, the usefulness of the system is questionable. The UK threat level system is currently under review.
• From the report (p. 22): “Practitioners have to take and justify difficult risk-based decisions about security measures and the use of resources on the back of threat assessments. It is arguable that a system which reflects only the ‘worst case’ threat scenario because of fears of the unknown would be of little use to them.”
• Of note, the report highlights the serious problems associated with the communication of threat information to the public, particularly in differentiating between different categories of threat. Because the public at large does not understand the differences between different threat categories, they tend to focus on the fact that a threat level reduction or increase has taken place, rather than the implications of the new threat level.
• British intelligence officials were concerned about ‘homegrown’ terrorism prior to the July 2005 attacks. This area increased in priority status between 2001 and 2005. The targeting of transportation infrastructure was also a recognized area of concern for intelligence officials – although it took some time for agencies to consider ‘soft’ targets to be priorities after September 11, 2001, which was interpreted as an indication that al Qaeda had shifted its focus towards ‘spectacular’ ‘hard’ targets. In fact, considerable effort was directed towards the investigation of ‘tier one’ targets and the possibilities of ‘another 9/11.’ Still, by July 2005, UK authorities were already speculating that attacks could likely emerge from homegrown terrorists, on soft targets such as the London underground, and with limited connection to al Qaeda.
• In terms of post-July 7 changes in priority and focus:
• The role of suicide terrorism is being considered more seriously than before.
• The speed with which individuals can become radicalized has been acknowledged in post-July 7 counter-terrorism strategies, and there is now a focus on ‘identifying individuals being groomed for terrorism (and those doing the grooming) at an early stage.’ It has also been acknowledged that ‘there is no simple Islamist extremist profile in the UK.’
• The target priorities used before July 7, 2005 – ‘Essential’ and ‘Desirable,’ have been replaced with ‘***’ and ‘***.’ It is unclear as to why the names of these new categories were redacted.
• An enigmatic paragraph in the report: “The potential value of *** and *** as a means for identifying new threats has been highlighted to the Committee. The fact that the 7 July group was in contact with others under Security Service investigation has emphasised the potential for new threats to be identified through the examination of information and contact networks relating to existing targets. Greater capacity to *** to generate new leads is being developed within the Security Service.” This is another situation where it would be nice to know what the *** sections mean.
• The report acknowledges that the July attacks ‘acted as a catalyst for change within the intelligence and security Agencies.’
• It also notes that the need to maintain a balance between security and civil liberties presents challenges in relation to counter-terrorism, particularly as increased intelligence capacity would likely means ‘some increase in intrusive activity.’
• For a succinct summary of the key points mentioned in the report, see section 7, starting on page 41. Even better, check out the same list of key points and recommendations with the official UK Government responses here.
  
  - Mike L