U.S. and German officials fear terrorists are in
the advanced planning stages of an attack against U.S. military personnel or
tourists in Germany, ABC News reported May 11. The report followed the
issuance of a Warden Message by the U.S. Embassy in Berlin on April 20
announcing that U.S. diplomatic and consular facilities in Germany were
increasing their security posture in response to a heightened threat
situation. The message, which remains in effect, also encouraged Americans in
Germany to increase their vigilance and take appropriate steps to bolster
their own personal security. Continuing chatter from a number of sources
indicates the threat is real.

The warning comes as no surprise. Like
much of Europe, Germany has a large Muslim population, and within that
population is a small but dedicated radical element. It was in Germany where
a diverse group of Muslim students from various countries was radicalized and
later organized into the "Hamburg Cell." Members of the cell, including
Mohamed Atta and Ramzi Binalshibh, would go on to attend al Qaeda training
camps in Afghanistan, where they were selected to form the nucleus for al
Qaeda's 9/11 operation. Even after the Hamburg Cell was dismantled, the
jihadist network in Germany has remained active

in publishing Internet propaganda and recruiting and sending young Muslim men
to fight in places like Iraq.

Additionally, jihadists left two timed
incendiary devices on trains

in the German towns of Dortmund and Koblenz on July 31, 2006. The group
allegedly responsible for the attack comprised mainly Lebanese Muslims living
in Germany, who reportedly had been incensed over the Prophet Mohammed cartooncontroversy

German prosecutors have alleged that the men charged in
connection with the attack were also radicalized after arriving in Germany.
In many ways, then, Germany is facing the same tactical
realities
as the United Kingdom and other countries in that it faces a
threat from homegrown militants as well as from professional al Qaeda
operatives.

The warning in Germany, however, does provide an
opportunity to draw back the curtain on the U.S. terrorism warning process --
to examine what drives it, why it sometimes works and why it sometimes does
not.

Reasons for Warnings

The U.S. government issues
public warnings for a number of reasons. One of these, of course, is genuine
concern for the welfare of U.S. citizens. A second reason (although perhaps
not the second in priority for some officials) is simple bureaucratic
butt-covering. The last thing a government official wants to do is to end up
before a congressional committee or a governmental accountability review
board and answer pointed questions about why he or she had threat information
that was not shared with the American public.

Indeed, following the
bombing of Pan American flight 103, an investigation conducted by the
President's Commission on Aviation Security and Terrorism discovered that the
U.S. Embassy in Helsinki, Finland, received a threat Dec. 5, 1988, stating
that "sometime within the next two weeks" a bomb would be placed on a Pan
American flight flying from Frankfurt to the United States. The committee
found that this threat information had been selectively distributed by the
Federal Aviation Administration and the U.S. Department of State, giving rise
to the charge of a double standard in the authorities' choice to warn
traveling government employees but not the general public.

Upon
receiving the commission's report, the U.S. Congress passed The Aviation
Security Improvement Act of 1990, which said civil aviation threats could not
be passed along only to selected travelers unless the threat applied only to
those travelers. The Bush administration expanded on that legal precedent to
include the dissemination of all threat information, establishing what
is now commonly referred to in the counterterrorism community as the "no
double-standard policy." This policy requires that threats be disseminated to
the public in addition to government employees.

The "no
double-standard" policy was intended to be applied to timely, credible,
corroborated and specific threats. Over time, however, it has been applied to
almost any and every threat. Bureaucratic butt-covering inevitably leads to
this type of overreaction because nobody wants to be caught not sharing
information after the fact, or being accused of making a bad analytical
assessment of the threat. Therefore, nearly everything is reported,
regardless of its veracity. Obviously, this type of overreaction leads to the
release of many more alerts -- many of which are not well-founded. This leads
to alert
fatigue.


Warnings also can be issued in an effort to pre-empt an
attack. In cases in which authorities have intelligence that a plot is in the
works, but the information is insufficient to identify the plotters or make
arrests, announcing that a plot has been uncovered and security has been
increased is seen as a way to discourage a planned attack. In practical
applications, however, this does not always work.

Although it might
seem logical that militants would abort an operation in the works once a
warning is issued, history has shown otherwise. In the Dec. 6, 2005, attack
against the U.S. Consulate in Jeddah, Saudi Arabia, for example, the
perpetrators not only continued their operation despite the issuance of a
warning, but also despite a government operation that resulted in the disruption

of a second cell that was supposed to participate in the attack. Several
other attacks also were preceded by warnings or security alerts, including
the failed July
21, 2005,
BR>London subway attack, which occurred while the city remained
under a heightened alert following the bombings

two weeks earlier.

Sources of Warnings

The intelligence
that leads to a warning can come from a variety of places. Sometimes the
warning is spawned by good, hard intelligence from a technical or human
source. Other times it can be a tidbit picked up after the arrest of a
suspect, such as the warnings in 2004 of the plot to attack financial targets
in the United States that followed the arrest of Mohammad
Naeem Noor Khan
in Pakistan.

Threat intelligence also often
results from interrogating captured militant operatives, as was seen in the
raft of warnings that followed the September 2002 arrest and interrogation of
al Qaeda operational planner Khalid
Sheikh Mohammed.
Threat information can even come from a previously
unknown source who walks into an agency and volunteers
information.


The intelligence services of other countries also
will share information they have obtained with their U.S. counterparts --
though without direct access to the source, the U.S. agencies might find it
difficult to determine whether the information is credible and to obtain
additional information. Additionally, there are times when foreign liaison
services pass "threat" information as part of a political agenda, perhaps to
get a local insurgent group listed on the U.S. terrorism list -- or merely to
jerk the Americans around.

Of course, all intelligence can be
problematic. For one thing, there is the problem of fabricators,

human sources who concoct stories to sell to intelligence agencies for
financial gain. Quite often these fabricators base their stories on a thread
of truth that makes them appear genuine. During the early 1990s the U.S.
Embassy in Beirut was closed on several occasions due to the bogus and
exceedingly dire threat reports of a clever fabricator who milked the FBI for
tens of thousands of dollars.

Secondly, there is the problem of
disinformation, or information purposefully leaked by an organization to
mislead or confuse analysts. In retrospect, the great number of warnings of
pending attacks against U.S. and Israeli interests overseas before the 9/11
attacks -- during what the 9/11 Commission Report calls "The Summer of
Threat" -- might have been part of an al Qaeda disinformation plot to
distract U.S. attention from the group's real plans. Disinformation also can
be provided by terrorist suspects during their interrogations in an effort to
create red herrings and protect real operations that are under way. Such
disinformation attempts by militants also can be useful for pinging the system

in order to judge U.S. responses to threats. This also can
serve to help induce alert fatigue.

Another problem in intelligence
is misinterpretation. That is, receiving intelligence and indicators and then
drawing the wrong conclusions from them, or even misinterpreting an innocuous
item to be a critical item of intelligence. In a 2003 case, for instance, the
U.S. national threat level was raised from yellow to orange during the
holidays after a CIA analyst mistakenly claimed to have discovered a cache of
secret al Qaeda messages imbedded in the moving text at the bottom of the Al
Jazeera news channel. Though some have scoffed at the CIA over the case, the
potential blowback for not taking possible indicators seriously has caused
the intelligence community to err strongly on the side of caution in issuing
such alerts.

The Warning Track Record

Because of the
problems inherent in intelligence work, and the amount of bureaucratic
butt-covering going on because of the political environment, the historical
track record of warning messages has been mixed. Though the vast majority of
warnings have proven to be false alarms, at times and in some specific places
the warnings have been quite accurate. For example, on Feb. 15, 2006, the
U.S. Embassy in Manama, Bahrain, issued a Warden Message concerning the
threat of al Qaeda attacks in the region. The Australians issued a similar
warning six days later. On Feb. 24, al Qaeda's Saudi node attacked the Abqaiq

oil processing facility near Bahrain. In fact, there was a clearly
discernable pattern

in Saudi Arabia in 2004 in which a warning would be issued and then followed
shortly by an attack or raid that resulted in the arrest of militant
suspects.

Another example is the
Bali
suicide attacks in October 2005. The U.S. Embassy in Jakarta had been
warning about attacks against foreigners at soft targets in Indonesia since
spring 2005, and on Sept. 30, the day before the attacks, issued a Warden
Message warning against possible attacks in "? places where Americans and
other Westerners live, congregate, shop or visit, including hotels, clubs,
restaurants, shopping centers ?" The Oct. 1 attacks targeted restaurants.


The Israelis also have had good intelligence on jihadist threats in
the Sinai. In fact they issued a warning to Israeli citizens to avoid the
area prior to the October 2004 attack against the
Hilton
hotel in Taba.

This kind of intelligence penetration of al Qaeda
has occurred far more frequently at the local or regional level. It has been
far harder to penetrate the central core. Moreover, after certain
intelligence methods have been disclosed to the public -- such as monitoring
the satellite phone conversations of al Qaeda leaders -- those intelligence
sources that had provided insight into the activities of the core group have
dried up.

This intelligence penetration on the tactical level is
frequently short-lived because the type of access that provides the timely
and accurate intelligence needed to predict threats often is then used to
dismantle the organization. Jemaah Islamiyah in Indonesia, al Qaeda in the
Arabian Peninsula and the jihadists linked to al Qaeda in the Sinai --
regional nodes that were subjects of accurate threat reporting over the past
few years -- were all hammered hard by local security forces. Afterward,
though, the quality of the threat information dropped noticeably, with an
increasing spike in the number of false alarms.

For example, after
highly accurate threat reporting in Saudi Arabia in 2004 (and a string of
successful actions against al Qaeda by the Saudi government), a
rash
of warnings in Saudi Arabia in 2005 about pending attacks against U.S.
government and commercial targets proved to be unfounded. The U.S. Embassy in
Riyadh was even closed for two days in August 2005 because of a threat that
did not materialize. A similar pattern was seen in Indonesia and the Sinai.


As long as there are attackers -- and bureaucrats concerned about
being grilled by Congress -- there will be terrorism threat warnings. The
difficulty will be deciphering which are bogus and which are based on timely,
accurate and specific intelligence.

Contact Us

Analysis Comments - analysis@stratfor.com

Customer Service, Access, Account Issues - service@stratfor.com

Was this forwarded to you? Sign up to start receiving your own copy – it’s always thought-provoking, insightful and free.  

Go to https://www.stratfor.com/subscriptions/free-weekly-intelligence-reports.php to register

The Q2/2007 Quarterly Forecast has been released.

Covering the entire world, the Q2/2007 Forecast gives you the chance to take stock of global developments in the second quarter and put everything into perspective so that you are not surprised by trends and issues emerging during the coming months.

Get your copy of this affordable analysis now and find out what Stratfor analysts predict for the coming months. Click here to read the report today.

Distribution and Reprints

This report may be distributed or republished with attribution to Strategic Forecasting, Inc. at www.stratfor.com. For media requests, partnership opportunities, or commercial distribution or republication, please contact pr@stratfor.com.