Terror from afar: how ISIS inspires and directs attacks remotely
On Wednesday, four people were killed in a terrorist attack in London, England.
The attacker used a car to plow into pedestrians on the Westminster Bridge before crashing the vehicle and then stabbing a police officer to death as he ran toward the British Houses of Parliament. The assailant was then shot and also killed.
The attacker has been identified as British citizen Khalid Masood, and police are still trying to determine if he acted alone. But within 24 hours of the attack, ISIS had claimed responsibility.
The London attack follows a string of other violent incidents by native-born residents in Western countries, often referred to as lone wolf attacks.
But according to Rukmini Callimachi, these types of attacks are often better described as "remote controlled" attacks.
Callimachi covers ISIS in her role as a foreign correspondent with The New York Times.
As she tells Day 6 host Brent Bambury, in many cases the violence is either inspired by or actively guided from afar by ISIS operatives who steer the would-be attacker over the Internet.
Callimachi says there is not enough evidence to indicate that this week's attacks in London were directly steered by ISIS.
But in many previous cases, the militant group has been known to wield unseen influence over the actions of the assailant, typically through encrypted online communication.
"The data that's emerged in the wake of these [previous] attacks points to that," she explains.
The illusion of the lone wolf
Callimachi recalls an incident involving a young man on a train near Wuerzburg-Heidingsfeld, Germany in July of 2016. He boarded a passenger train and stabbed four people before being shot and killed by a special police unit nearby.
This is a person that is being what I call 'remote controlled' by ISIS from Iraq and Syria.- Rukmini Callimachi, New York Times
"It was immediately described as the work of a lone wolf, of a deranged young man, and it wasn't until perhaps a few weeks later that the content of his chats on his cellphone emerged," explains Callimachi.
The phone chats showed that the attacker had been in direct contact with an ISIS handler who was encouraging the attack. Callimachi says the chats finished the moment the attacker boarded the train.
"There couldn't have been a closer link," she says. "This is a person that is being what I call 'remote controlled' by ISIS from Iraq and Syria."
Callimachi says ISIS operators' influence from afar can be as basic as acting as a therapist, trying to coax would-be attackers into acts of violence. At the next level of influence, ISIS operators provide the attacker with targets and strategies.
At the most direct level of control, they will guide a would-be attacker through the process of creating a cell and coach them through specific acts of violence.
The terror cell in Hyderabad
In June of 2016, officials arrested members of a terror cell in Hyderabad, India. According to Callimachi, their ties to ISIS were at the most direct level.
They walked them through every single step; from creating a cell, to pledging allegiance, to actually arranging the weapons drops.- Rukmini Callimachi, New York Times
The men in the cell had tried to reach Syria but could not get visas to travel to the country. So the ISIS handler with whom they were in contact told them they could serve the Islamic State from Hyderabad.
"And from that moment on, they walked them through every single step; from creating a cell, to pledging allegiance, to actually arranging the weapons drops," says Callimachi.
"They sent them GPS coordinates and told them to show up at different locations at different times on different days."
She says one shipment of guns was left hanging from a bag in a tree.
How attacks are defined
Callimachi says counterintelligence officials now say there are three broad categories of attacks.
One category is an attack carried by ISIS personnel, such as the attacks in Paris in 2015, where the attackers trained in Syria and returned to the city to carry out the acts of violence.
The lone wolf attack is on the other extreme, where the person imbibes ISIS propaganda online but does not have any direct link with an ISIS member.
Callimachi says that the majority of attacks are now in the middle category, where the person has not travelled to Syria but reaches out online and is coached virtually by ISIS.
"There's a misperception out there that the inspired attack is not ISIS," says Callimachi.
She explains how, in 2010, a senior member of al-Qaeda suggested that they use their propaganda to train people from afar.
"[He said] 'we can teach people that they can act in our name with nothing more than the tools that are at their disposition'," says Callimachi. "And they literally talk about using a car, a knife, using poison … and this is where ISIS comes in."
She says with its younger members, who are tuned in digitally, ISIS has been able to create propaganda that is "viscerally" exciting.
"Through that propaganda they've been able to reach out into communities, really, all over the world. And this is part of their core strategy."
In Callimachi's opinion, ISIS puts as much effort into its digital propaganda as it does into the planning of its attacks.
She is still watching to see whether evidence emerges of any ties or coaching the London attacker may have had with ISIS or an ISIS mentor.
"What we're waiting for now is to see what's on the perpetrator's phone. It's in their communication that we will find the answer."
What ISIS knows about the virtual students
Callimachi says would-be attackers know little to nothing about the ISIS members that serve as their online mentors. All that may be known is the person's screen name. There may not even be a picture.
"You have none of the human touches that usually were employed in the past to get somebody to move from intention to violence."
According to Callimachi, the online coaching is going undetected because of encryption tools. In the Hyderabad case, she says, the ISIS handler instructed the cell to use approximately six different encryption tools.
The operations and instruction are usually very sophisticated, says Callimachi.
"But then, it's usually the most rookie mistake of all that gets them caught."
She says few of the online recruits have military experience, so they often struggle with weapons, or with creating explosives.
"I think it's important to note that law enforcement officials have foiled dozens and dozens of attacks," says Callimachi.
While the number of people being surveilled is increasing, law enforcement officials are becoming overwhelmed. But Callimachi says there is something to be learned from the U.K. experience.
"ISIS has been threatening them since 2015, at least, if not longer. And yet they've managed to not have a successful attack until now," says Callimachi. "What are they doing differently from France, which has had numerous attacks in that time?"
To hear Brent Bambury's conversation with Rukmini Callimachi, download our podcast or click the 'Listen' button at the top of this page.