Details about the man who attacked the British Parliament on March 22, identified by London police as British national Khalid Masood, are still emerging. With four victims confirmed dead, the attack is the worst in London since the July 7, 2005 bombings on the London transport system.
A day after the attack, the Islamic State media organization Amaq released a statement claiming responsibility. The statement read: “The attacker yesterday in front of the British Parliament was a soldier of the Islamic state.”
The language of the statement can help us understand the nature of not just this attack, but the nature of jihadist attacks in the West. Based on 10 years of research on the topic, I have identified three categories into which this attack is likely to fall.
The first and least probable scenario is that the attack in London was planned and directed by individuals within the IS hierarchy. In such a situation, the attacker would be part of a wider IS network.
Those types of attacks, such as the ones conducted by IS in Paris and Brussels (the anniversary of which was also on the same day as the London attack) in 2015 and 2016, respectively, are usually deadlier and more sophisticated than what we saw in London. The crude nature of the killings, in which Masood used a car as a battering ram before rushing police officers with knife, suggests that this act falls into one of the two following categories.
This may have been a so-called “inspired” attack. This refers to a terrorist act undertaken by someone with no known ties to IS or other jihadist groups. These individuals see themselves as part of the wider global jihad movement after consuming jihadist propaganda and interacting with like-minded individuals online. They plan the attack alone, with no input from a terrorist organization.
The last such “inspired” incident in London was the killing of British Army soldier Lee Rigby in May 2013. The attackers, Michael Adebolajo and Michael Adebowale, were inspired by al-Qaida and used a similar tactic to that seen in the Parliament attack, ramming their target with a car before stabbing him repeatedly.
Amaq’s announcement is instructive when it states that the attacker was acting “in response to calls to target citizens of coalition nations.” This is likely a reference to the repeated announcements by IS members, most notably the group’s now deceased former spokesperson Abu Mohammad al-Adnani, for Western IS sympathizers to use any means at their disposal to conduct terror operation in their home nations. In addition, IS usually refers to such individuals as its “soldiers” only when the group had no direct role in the attack.
These inspired acts are often referred to as lone-wolf attacks. While the term is widely used, recent research shows that few attacks in Europe are genuinely conducted by lone actors. For example, one study found that out of 38 IS-linked plots in Europe between 2014 and 2016, only six “were based on inspiration only.” However, even then the authors of the study concede that the plotters “usually had contacts in extremist circles, albeit not IS-related.” Such findings suggest that true lone-wolf attacks are in fact much rarer than many assume.
The final possible category of attack the London incident falls into is “remote-controlled.” This represents something of a hybrid of the two other forms of jihadist terrorism in the West. This occurs when a radicalized Westerner receives encouragement, and often direct instruction, from an IS member over the internet. These individuals, who my colleague Seamus Hughes and I refer to as “virtual entrepreneurs,” in a recent report are often based in IS-held territory and have built up respected reputations within the IS online milieus.
As IS has spread its influence over social media, and its virtual entrepreneurs have made use of a wide range of encrypted messaging apps such as Telegram, Surespot and WhatsApp, this has become one of the main ways the group plans attacks in the West. In the same study cited above, researchers found that 50 percent of the 38 IS-linked plots in Europe between 2014 and 2016 were found to have involved “online instruction from members of IS’ networks.”
This phenomenon is also apparent in the United States.
My colleague and I discovered that out of 38 IS-inspired plots and attacks in the United States between March 1, 2014, and March 1, 2017, eight involved digital communication with virtual entrepreneurs. This includes the attempted shooting in Garland, Texas in May 2015. One of the attackers, Elton Simpson, was receiving encouragement and direction via encrypted chats with Junaid Hussain, a British IS member based in Syria. Virtual entrepreneurs have also been involved in at least six other terrorism-related cases, including helping Americans intending to travel to join the Islamic State. This brings the total number of U.S. terrorism cases linked to IS virtual entrepreneurs to 14.
Based on what we know so far, and after analyzing recent trends and the latest research, it is likely that the man who killed three people in London was acting either in the name of IS without any direct links, or was in possible contact with a virtual entrepreneur.
Unfortunately, the only certainty is that this will not be the last such attack in the West. As IS loses ground in Iraq and Syria, it will do all it can to retain an ability to strike in the West. While their key aim is to inspire attacks like those in Paris and Brussels, they will be increasingly difficult to conduct. This is due both to its dwindling resources and the increasing readiness of European security agencies who will be learning from recent attacks.
Lone actors, while rare, will continue offer IS a cost-free method of attack. Meanwhile, virtual entrepreneurs will be doing all they can to help their Western contacts plot and execute mass killings from afar.