A prominent feature of many terrorist attacks in recent months in Israel and around the world by Islamic radicals is their independent, spontaneous, unplanned nature – sometimes called the work of lone wolves. Unlike the familiar phenomenon of suicide bombings, spontaneous terrorists operate without logistical, intelligence, or operational support, and without the help of an organizational infrastructure. Therefore the phenomenon presents a serious challenge to the security establishments in the nations where there has been a rise in the scope of spontaneous attacks, the West in general and Israel in particular.

The preventive doctrine developed by the General Security Services in Israel, which focused on suicide attacks, required comprehensive, invasive intelligence capabilities based on the assumption that most attacks are carried out with the help of some guiding hand. In most cases, there existed a supporting operational and logistical chain enhancing the conditions for a successful attack. These include: providing the attacker with intelligence about the target, constructing the explosives or other weapons required for the attack, briefing the attacker, transporting the attacker to the destination, and promising aid to the attacker’s family to convince him/her that they will be provided for after the act. This logistical and operational setup provided the security services with the opportunity to gather intelligence in advance, assess the threat, and then foil the attack via a range of operational measures, including the security fence. The measures to foil attacks contributed significantly to the fact that in recent years, suicide attacks became increasingly less frequent.

By contrast, one of the key features of spontaneous attacks, such as the hit-and-run car attacks that occurred in the summer of 2014 in Jerusalem and Gush Etzion, the axe attack on New York City policemen in October, or the attack on the cafe in Sydney, Australia in December, was the lack of external direction and any connection to an organizational infrastructure. The perpetrators of these attacks all operated on the basis of independent motivation, apparently inspired by attacks carried out by organized cells but without their guidance or any direct connection to them. Confronting this type of attack requires adapting the existing preventive doctrine and constructing updated intelligence and operational tools. A critical review of the spontaneous attacks and some of the perpetrators caught indicates the existence of two key characteristics that could help formulate a current doctrine of preventing attacks.

The first is the basic profile of the attacker. We see profound identification of the attackers with fundamentalist Islamic ideology, often manifested in the discourse taking place in the new media between the attackers and in their social connections. An investigation of these connections shows that it is possible to identify the attackers’ growing extremist jihadist tendencies, which would allow the security establishment to score potential attackers as security risks of various degrees and prioritize follow-up intelligence gathering as necessary.

Read the article in full at INSS.