Menu Close
Armed police on St Thomas Street, London, near the scene of the terrorist incident at Borough Market. PA images

The security services need to get a handle on ‘low level’ terror threats … and fast

The UK’s security services are under the spotlight as the country still reels from major terror attacks in Manchester and London. But MI5 and Parliament’s Intelligence and Security Committee have been in a period of limbo while the country was waiting for a government to be formed following the snap election. There is now a desperate need to review the security failings that led to these shocking attacks. It is impossible to stop all terrorists – but the first thing that needs to be assessed is how so-called “low level” threats managed to fall through the cracks and then re-emerge carrying bombs and knives.

Khuram Butt, Rachid Redouane and Youssef Zaghba killed eight people and injured 48 others in an attack on London Bridge and Borough Market. Butt was already on MI5’s radar, having links to al-Muhajiroun, a banned extremist group. Information that Zaghba was watched by Italian security sources was reportedly forwarded to Britain – a claim denied by MI5 – while Redouane was not known to the security services.

Khuram Shazad Butt, Rachid Redouane and Youssef Zaghba who have been named as the London Bridge terrorists. PA Images

The pattern now seems familiar. In May, 22-year-old Salman Abedi killed 22 people at the Manchester Arena. Like Butt, Abedi was investigated by MI5. One security source was reported to have said of Abedi: “Nothing came of this investigation and, tragically, he slipped down the pecking order.” Westminster Bridge attacker, 52-year-old Khalid Masood, also had links to “violent extremism” but was judged not to pose an imminent threat.

Security guarantees are ‘impossible’

All this prompts criticism. Just before the general election, foreign secretary Boris Johnson put pressure on MI5 believing the service “must answer questions” over Butt’s monitoring while Theresa May said MI5 would try to learn lessons from the London attacks.

Dominic Grieve, who was the Conservative chair of the Parliamentary Intelligence and Security Committee (ISC) until parliament broke for the election, said “100 per cent guarantees of security” were impossible. He’s right. Intelligence can never provide certainty. To quote Lord Butler’s 2004 review of intelligence, it “seldom acquires the full story”. Yet lessons still need to be learnt.

In the wake of the Manchester attack, MI5 announced a review of its procedures, while similar commitments were made following the London attacks. But internal reviews aren’t enough.

Westminster attacker Khalid Masood. PA/Met Police

Parliament’s Intelligence and Security Committee – established by the 1994 Intelligence Services Act to oversee the policy, management and funding of Britain’s spy agencies – needs to conduct its own review. Previously, the ISC has provided oversight on past “failures”. In the area of UK counter-terrorism, the ISC conducted reviews of the 2005 London bombings in 2006 and 2009. A review of intelligence and the killing of Fusilier Lee Rigby was completed in 2014.

An ‘unattended’ watchdog

The work of parliament’s ISC is currently suspended following the snap general election. As a result, a report on diversity and inclusion in the intelligence community by Fiona Mactaggert was held back. Grieve said of the situation: “It is not in the public interest for oversight of the intelligence community to be left unattended for any period of time.”

One priority needs to be the ISC’s reorganisation. Several former members are no longer in parliament. MI5’s own internal reviews are necessary but an ISC review would be welcomed, possibly helping to restore confidence in the security services.

Previous reports acknowledge the problems of monitoring those linked to radical groups. In 2009, the ISC reported that, before the 7/7 attacks, MI5 was in a position to provide only “a reasonable level of coverage” in just six percent of cases. In 60 percent there was “inadequate” or no information.

The ISC’s review into the killing of Lee Rigby also highlighted problems. The committee noted a serious delay in MI5’s investigation into one of the killers, Michael Adebowale. It said there was “insufficient co-ordination” between the police and MI5. The ISC noted MI5’s lack of strategy for dealing with “low level” subjects of interest (SoI) who appear peripheral to investigations.

Michael Adebolajo, the second killer, was linked to extremist groups, arrested in Kenya supposedly trying to join the group Al-Shabaab and involved in drug dealing – but MI5 concluded he didn’t pose a significant risk at the time.

The ‘low level’ problem

The ISC’s 2013 report lays bare the problem. In 2007, MI5 and the police launched Programme AMAZON, aiming to highlight individuals known to have been involved in extremist groups who could potentially pose a risk.

Individuals included were “assessed through regular reviews of police and MI5 databases” for new intelligence and ranked in one of four categories. Category 1 (individual “poses a threat to life/property in the UK”) to Category 4 (“further work” was needed to establish extremist links). AMAZON ended in 2010 because of the “volume of suspects”. Other projects – Programme BELAYA and Programme CONGO – tried to deal with similar issues, ending in 2012. By late 2013, yet another initiative – Programme DANUBE – was set up, taking a “more holistic view”. Few details, or differences to earlier programmes were provided.

The ISC itself was sceptical, stating:

Previous attempts … have failed: we have not yet seen any evidence that the new programme, established in late 2013, will be any better.

The committee promised to keep a “close interest”. Yet it remains to be seen whether the ISC scrutinised DANUBE or any similar programmes.

What is clear is that Programme DANUBE, like those before it, has failed to tackle the problem of “low level” suspects carrying out terrorist activity. Butt, Abedi and Masood – three recent attackers – were marginal, yet carried out attacks.

I am not trying to attack the security services here. They face an “unparalleled threat” – a list of up to 3,000 home-grown extremists – and have disrupted five plots in recent months. DANUBE, AMAZON and others may be trying to do the impossible. But the ISC needs to review the security services’ methods for dealing with “low level” subjects of interest … and fast.

Now, read this: Media reporting of Finsbury Park attack explained

Want to write?

Write an article and join a growing community of more than 184,200 academics and researchers from 4,969 institutions.

Register now