Showing posts with label Crime Mitigation. Show all posts
Showing posts with label Crime Mitigation. Show all posts

Monday, September 2, 2019

OPINION: The Problem With The Questions We Ask After Every Active Shooter Incident


Another active shooter and I feel like I'm having the same discussions over and over again. Oh, that's right - because I am. In the course of each shooting, a variety of reactions happen. Some of them are helpful to constructive discourse and some are not. Let's list some of my least favorite reactions and why:
  • "We need to do something, now!" Ugh. I hate "something" for a few reasons. First, "something" is rarely anything specific and is merely a reaction to the status quo. As a security professional who works at mitigating these kinds of threats, I often feel like "something" means "anything" which works contrary to mitigation which does protect us. Finally, "something" is often a veiled attempt at prompting to discuss political solutions which are normally, not multi-pronged nor appreciative or comprehensive of the entirety of the threat. In other words, "something" is almost certainly, a "nothing"-burger.
  • "Why can't we do what XYZ European country does with guns?" Well, for one, we're not XYZ and while they may have had a problem with gun violence, their causality is likely different than ours. XYZ also does not have our proliferation problem. Guns in the United States are everywhere and the means to manufacture and supply them is not difficult. The science to make firearms and their ammunition is not difficult nor is it restricted. We banned machine guns and someone made "bump guns". Our supply chain with guns is likely different than XYZ as well. In XYZ, the government had a monopoly on firearms but in the US, the citizenry has a monopoly on firearms with zero demand diminished.
  • "It's so simple to solve this." Nope. Not quite as simple as you think. First, taking care of the tool does NOTHING to fix what drives people to murder. In fact, the demand for the tool will likely increase. You won't like where mass murderers go for alternatives either. Also, see what I said about proliferation in #2. Legislating your way out of this gets even tougher because America isn't as monolithic as people on social media would like us to believe which means the political landscape in this country is also more diverse and obfuscated than we appreciate.

    This thinking also blinds us to unintended, collateral damage. For example, modern gun control was done as a means to restrict gun possession by extremist groups. As the laws took shape, over the decades, these laws were meant to further limit access to firearms by convicted felons who may have been involved in ongoing criminal behavior. Their access to firearms would only mean further violence. With crime becoming sensationalized as an "epidemic" almost daily by the media and politicians, a "war on crime" was waged and more laws and police officers were ordered to the streets. These laws incentivized police departments to make more contacts with potential criminals or those who they suspected were criminals. How? Every good war needs soldiers and you can't recruit soldiers without a war. More contacts with an armed public meant lower crime rates. It also meant more police officers involved in more contacts. The problem isn't that contacts were happening but they were disproportionately happening with demographics who were often under-represented and owned far less guns than the majority demographic. I don't have to tell you the rest, do I?
  • "Why won't they release the shooter's name?" Glad you asked. It could be for a few really good reasons.
    • The investigation is still ongoing and releasing the name too soon could reveal a great deal to potential co-conspirators.
    • The shooter may belong to a demographic who could suffer collateral damage from vigilantes seeking revenge in a hostile socioeconomic climate.
    • They're following established FBI and scholarly recommendations to not give the shooter any undue notoriety. Why? The police could be concerned about copycats and the potential for harmful distractions to their case.
        • "The hallmark of contagion is seeing events unusually bunched together in time. The details of our analysis, where we fit a mathematical model of contagion to the data to quantify the level of contagion, are quite technical. But really, what it essentially amounts to is seeing if there are unusual groupings of events. In mass killings (four or more people killed), where the tragedies usually get national or international media attention, we saw significant evidence of this kind of unusual bunching. In mass shootings — with less than four people killed, but at least three people shot — we didn't see any evidence of unusual bunching. Interestingly, those events are so common in the U.S., happening once every few days, that they don't even make it past the local news. Because we saw evidence of contagion in high-profile events, and no evidence of contagion in events that mostly just got local news, we hypothesize that media attention may be the driver of the patterns we see. This kind of contagion has been suspected for a long time; our study is the first to quantify it."  
      Various pictures of Christchurch shooter's firearms used in shooting

      • The contagion theory looks especially prescient when we look at the Christchurch shooting where the shooter wrote the names of various other shooters on his weapons he used during the shooting and wrote in his manifesto how they motivated him. How many shooters have mentioned or idolized other mass shooters? How many shooters are glorified and celebrated on various forums where they congregate? Don't we see the same with terrorist groups like ISIS? How many "soldiers of the Islamic State" were "inspired" by the acts of other "soldiers"? I'm not saying these events were caused by other shooters going first but for many shooters, I'm certain it showed how it could be done with minimal effort and little exposure during the planning and execution phase. As I always caution, "the secret sauce is out in the wild."

        What about our own history with a public mob mentality towards "give us a name"?

          A man lynched from a tree. (Library of Congress; 1925)
The simple and painful truth is we may never see the end of mass violence in the United States. That doesn't mean workable and viable solutions are not probable. I believe they are. However; as we examine these events, perhaps it's time we ask how much of our reactions have done less to mitigate these threats and do more to provide us "security". The latter is about addressing what makes us "feel" safe versus doing what protect us by critically going over the data, having constructive discourse within the subject matter experts, and determining what are our most viable, sustainable, and effective solutions.

There is one question we should be asking but we don't. Its absence from  the discourse makes me believe we care less about the victims of these crimes and more about the political solutions we can employ. Few people are asking "why" because they confuse methodology with motive. The problem shouldn't be how these murders are committed but why. Until we ask that question, we'll continue to have discourse which does little except provide cover for murderers and aid and abet political ambitions counter-intuitive to our collective survival.

    Saturday, August 18, 2018

    The Tale of a Very Bad Gun Safe

    So this is terrible. Like super duper bad. I LOVE me some Harbor Freight but this gun safe sucks.

    This dude hits the lock so many ways that it seems unfair. Seriously. It's a very bad gun safe.
    1. You can do it without leaving any discernible forensic trace. Tool marks might be found on the interior and may some small nicks on the front. That's if you're sloppy.
    2. The entire security of the safe rests in the PIN code and a reset button. Both of which are easily bypassed.
    3. The front door of the safe has a gap large enough to allow any thing tool access to the reset button and the release.
    4. The top peels off and exposes a hole for access to the interior.
    5. There are holes along the sides which allow access to the reset button.
    Thankfully, it's been recalled by Harbor Freight. It's bad. Have a watch. (h/t @DeviantOllam)

    Deviant Ollam Is Thinking About Doing A Smartphone App

    Update: It looks like a Twitter user brought up, Haven - The Guardian Project's physical security app developed by Edward Snowden.

    Welp, it looks like @DeviantOllam, the physical security penetration tester and trainer, is looking to do a hotel room security app. If he can check off all the boxes and can provide some more features, I'd be all in.
    What would I be looking for in a physical security smartphone app?

    1. Various ways to notify users of an event. Push alerts to my other devices would be great, as well as home AI integration with Alexa or Google Home.
    2. Motion sensor sensitivity and detection range settings that are user-friendly. Other apps do this but they don't walk you through these settings.
    3. The ability to choose between cloud storage or phone storage.
    4. The ability to use a tilt sensor for drawer openings.
    5. Noise detection.
    6. Customized annunciation. I like customized audio messages for various intrusion-related alerts.
    7. Integration with a door stop physical device. When bumped by a door, it would set off an alert. Great for closets in hotels.
    8. The use of your phone's flash as a strobe when an intrusion has been detected.
    9. Using a combination of alerts to determine the nature of your alert. I may want to know if the maid came into my room but I'd really be interested to know if they entered that closet I placed the door stop at.
    10. Remote SMS alarm disarm.
    What would you want to see?

    Saturday, April 26, 2014

    OPINION: Why Does It Suck To Think Like A Good Guy In Security



    Day after day, on social media and elsewhere on the Internet, there are lots of folks who are seemingly shocked every time a bad guy shows up and acts like a bad guy. Seriously, how many times have you read or seen "I can't believe Suspect A was able to murder all of those people" or "If only they (security) did XYZ like I thought of during a conversation with my veterinarian who may have been in the military, that bad thing wouldn't have happened"? I see it quite a bit and frankly, I've decided it may be time to finally add my .02 about it.

    Those of us in security who have spent some time studying "the threat" (insert whatever scary bad guy you're dealing with) understand what few who haven't studied it don't. No matter how awesome your protective measures are, they do little to mitigate (and certainly not "prevent") the attacker unless you start thinking a bit like they do. Herein lies the fatal flaw of most "white hats" and even some "grey hats".
    1. You think of attacks in ways that you would conduct them. No offense but if you're protecting yourself against robbers but know relatively little of them, you may be looking to deploy solutions which don't work against that threat. One of the most painful things any security professional can hear when doing a site survey with a client from the client is "If I were the bad guy, this is how I would do it." More often than not, it is not how the bad guys would attack. Think security cameras in homes. Most people will deploy a camera at home with the thought the camera provides an extra layer of protection when in fact it doesn't. I have known several victims of home invasions who either had cameras installed or had an alarm sign out front. These are two commonly deployed deterrence tools that we know don't work. Instead, focus on the problem as if the bad guy would ignore the deterrence measures (because he will because we have little proof he won't) and proceed with the attack and use things like cameras as after-incident mitigation tools to catch the perpetrator later.
    2. You think of your threat as one-dimensional. Most good guys see their threat based on commonly accepted precepts of what the threat is and how he has attacked in the past. Just because the bad guy only hit you or the other guy using one vector doesn't mean he won't try something different later. A great example of this is 9/11. Prior to the second World Trade Center attack, there were common beliefs that terrorists were only capable of performing certain kinds of attacks. What no factored in was changing realistic threat capabilities. In other words, we assumed the threat wasn't evolutionary in his tactics. Seriously, who could've imagine having to protect a building against two near-simultaneous aircraft crashes? Perhaps we could have had we accepted the idea that as we change so does the threat.
    3. You think the threat is omnipotent and omnipresent. It's easy to get caught up in the hype of a threat. I do it sometimes. This is a natural defense mechanism after an attack has occurred. Why? No one likes to have their vulnerabilities exposed. After every mass shooting or act of violence that makes the news, we assume every venue that is like the one that was attacked is also vulnerable and being selected as the "next" target for another perpetrator.

      I remember fondly working on 9/11 on a small Air Force base on a perimeter patrol. What I recall the most are the initial attitudes people had of al Qaeda. We believed this one attack displayed a level of sophistication unseen by them before on US soil could be replicated on a massive scale. Every Muslim, ignorantly, was assumed to be a sleeper agent waiting for cues from "Muslim HQ" to attack us wherever and however they chose. The months and years ahead showed how far from the truth that was. Imagine how many countless resources were expended before we realized the fallacy behind this assumption.
    4. You think your attacker "chose" you for a variety of reasons he didn't. People almost always assume an attacker chose to attack them or others for reasons they didn't. Rape is commonly thought to be a crime of lust because good people believe sex is the only reason you rape because it's the end-result. However, most criminologists and psychologists would agree rape is a crime of power. I would argue the majority of crime takes place for this very reason. Terrorism occurs because of this as does murder (what's more powerful than ridding yourself of someone permanently), drug dealing, fraud, and a host of other crimes. You're either fighting to obtain it (i.e. steal it from someone else) or committing crime to become more powerful. This confusion could possibly explain why most crime "prevention" measures based on policy fail at alarming rates - we're clueless on what truly motivates people to attack us.
    5. You assume because you haven't seen the threat, he must not exist. Whether we see the threat or not, we should never assume he does not exist. While the threat can't be everywhere every time, the threat can still be very much. Never assume the absence of threat means he or she isn't going to show. You still need to adequately protect your assets as if today is the day you're going to be attacked. Remember, the attacker chooses the time of attack. You choose how well-prepared you'll be when it happens.
    I'm not proposing anyone go out and hire a red team. I firmly believe one of the reasons we, often, fail so miserably at security sometimes is due to our natural inclination to think the bad guy thinks like we do when they don't. So how can we fix this?
    1. Study your adversary. Seriously, pour over any open source intelligence you can on your threat. Read the paper and look for crime stories. Pick up a police report or two on similar venues like yours. I'll leave how you conduct your research to you. Just do it. Stop assuming blindly how the attack will go down or even who your adversary is.
    2. Consider hiring folks who can think like attackers. I'm not saying you hire criminals but red teams hire specialists who can mimic attackers. Choose folks from a variety of backgrounds to round out your security team. By the way, by "background", I'm not talking education. I mean pick a team with a variety of specialists.
    3. Test your systems with exercises. The only way you're going to learn is by testing how well your security program holds up against an actual attack. Consider doing this with little to no notice and have an after-action or "hot-wash" debriefing with your red team and affected staff right away. Finally, fix the vulnerabilities as soon as possible.
    4. Reward outside the box thinking. When I was a young boy, I recall my fondest memories were playing games like "hide-and-go-seek" with my friends. The guys who were the most creative were the best at this game. Why? Because they were unpredictable. I'll leave how you choose to reward these folks on your own. Just do it.

    Thursday, April 24, 2014

    PHOTO: Fake Cameras Provide Fake Protection




    I can't even begin to tell you how many times I run into stores that have decoy cameras in lieu of real cameras. I also can't tell you how many countless times these same stores get robbed. Buying a decoy camera, in my opinion, are invitations for criminals. This is not to say most criminals can't tell the difference between fake and real. This is to say that many of these businesses and homes that utilize decoy cameras don't quite get what kind of mitigators they need to adequately protect themselves and their assets.

    The added statistic at the bottom of this photograph is especially troubling because it dupes customers into believing they have added another layer of "security". This is correct in some respects. Remember what I said about "security" being a goal and less of an action? The problem lies in exactly the same place issues of semantics in security are - it relies on data that is either incomplete and more than likely, irrelevant to their protection needs.

    We all know cameras serve a variety of purposes other than video surveillance. We also understand some vendors and property owners either have poor tools or are so under-trained they may as well not have a camera. However, when an incident happens, the last thing property owners want to tell the police and insurance companies (worse yet, a jury in a civil liability trial) is they thought a decoy or non-operative camera offered better protection.

    If you're a property owner and considering one of these decoys, turn around and invest in a camera system you will monitor and maintain. If you're a pro, call these out and the dangers behind using them.

    Thursday, April 10, 2014

    How And Why Mass Violence At Schools Happen


    There's been yet another act of mass violence at a school and, or course, the media has lost its mind. People are wondering how this could have happened and why. As security professionals, these questions are not new and nor is the answer. For those in the field, bear with me, I'm going to over how and why these things happen.

    1. It has nothing to do with WHO at times and more with WHERE. Let me explain. We always assume people target us because we mistakenly believe the target is "special" to the attacker in some sort of way. This is a common theme in our attempts to understand attacker methodology with respect to terrorism. All over electronic punditry, we're saturated with folks who proclaim "they attack us because they hate us." So this has become our mantra for every attack of any variety. What we fail to account for is that it's not entirely exclusive as to who they attack but where. On Twitter, I have been practically shouting when it comes to mass violence, one of the most key ingredients, if not the key ingredient, is the presence of crowds. Nothing is more appetizing to an attacker but to make his attack seem grand and above-average for a swath of reasons I'm not qualified to adequately explain here. Let's just say, you should NEVER EVER be surprised by the actions of mentally disturbed people.

      Crowds are also, normally, not difficult to get large casualty numbers from. Think about the last time you were at baseball game or major sporting event. Ever notice the large crowd at the ticket or embarkation areas. As a security professional, whether you're working or not, this is perhaps one of the most precarious chokepoints to be at. A chokepoint is a place where people have no other choice to be at in order to go some place. Everyone working anything from Secret Service to convoy security will tell you to ALWAYS avoid chokepoints. Why? They offer the presence of crowds, very narrow escapes for victims, and the ability of attackers to conceal themselves in the crowd.
    2. Violence has very little to do with the tools. Think about that for a second. I have made it no secret I enjoys guns. I do. However, I also understand the temptation to want to ban them. I've seen the statistics and the simulated models in whitepapers from folks who have never fired a gun or actually witnessed violence. I have a problem with this overly simplistic conceptualization of the problem. Erroneously, we believe the issue is with the mass proliferation of guns. Unfortunately, the discussion rarely acknowledges the socioeconomic, psychological, political, and cultural issues that drive some violence. More importantly, we ignore what mankind has known for decades - you can ban the tool but violence will always remain and the loss of any life is intolerable. Do you think if mankind had no guns he wouldn't find a better way to commit acts of violence? Think about that for a second. We had no electric chair until Thomas Edison did a proof-of-concept demonstration to show the dangers of electricity. Man will always find ways to commit acts of violence against one another for whatever reason it deems fit. This is not to say we can't have mitigators in place but we can't for one second believe we're getting rid of the problem solely with a ban of the tools or knee-jerk "reforms".
    3. People mistakenly use "mitigation" and "prevention" interchangeably. Security professionals understand the difference between the two. Websters defines "mitigate" as "to make (something) less severe, harmful, or painful". Many people believe we can prevent acts of mass violence "if only we do X,Y, or Z." There's a huge fallacy that we can prevent crime. This comes from a sublime arrogance of humans who believe we can stop our fellow man from acting out against us.

      The issue may seem to be one of semantics but I argue that it's not. You can't "prevent" me from speeding. Only I can do that. I used an analogy the other day where I articulated, "Just as Match.com doesn't make marriages, you can't "prevent" crime. You can set conditions with good mitigators but ultimately the decision to move forward or stop is on the principle actor(s)." Think about that for a second. No matter what measures you put in place, whether it's a guard at a school or metal detectors, my ability to accomplish the task of killing a large amount of people at a particular location is solely left to my motivation, intelligence, ability, and imagination.

      I have long argued that we have to move away from the idea that we can "prevent" crime to one where we "mitigate" attacks. A while back, I said people mistakenly believe by locking a door that somehow they have thwarted a burglary without seeing any firsthand information a burglar attacked the door and left because it was locked. Yet, everyday, most of us lock our doors anyway thinking we're doing crime "prevention" when in fact we're doing crime "mitigation". Mass violence occurs many times because we mistakenly believe our mitigators can prevent it.
    4. We rely too heavily on certain mitigation tools. Having an armed guard at a location is a mitigator not a prevention tool. The guard is there to ensure you have the means to adequately respond to acts of violence until police arrive. School administrators have for far too long relied on guards as prevention tools and have stopped doing other things which are more effective in mitigating these acts like deploying good cameras, training personnel on monitoring camera feeds, practicing lockdown procedures with teachers and other staff during non-working hours, talking with local police about their capabilities, training staff on conflict deescalation, and paying attention to warning signs.
    5. We don't train staff on attack methodology and psychology in school. Teachers and other staff are often taught how to respond to these events which is great. However, solely doing this ignores how often teachers and staff are the best sensors we have to students who may be a danger. Many times, they may observe a student doing reconnaissance or testing security and not even know it. Imagine how many lives could be saved if teachers and staff had a threat working group chaired with the school safety official and principal in schools where these incidents have taken place.  
    6. We used to do a really good job of being very proactive with mental health incidents in this country. I'm not advocating going back to asylums. Most were wrought with abuse and shoddy practices. No, what I want is for us to become much more proactive with mental health. We can no longer see mentally ill people as "someone else's problem". Mass violence has taught us we can no longer think of it like this. Yet, we do. When we removed the ability of doctors and other mental health professionals to intervene immediately and possibly treat long-term issues, we placed our citizens at risk. How? When most seriously mentally disturbed people come to the attention of authorities, it is often too late and the nature for how long and where they can be adequately be treated has greatly diminished. In some jurisdictions, the police can only place you on a "mental health hold" at a local mental health facility for 72 hours or less, in many cases. If you don't exhibit the behavior further and can be treated, you're out.

      As a former law enforcement officer, I can tell you the most distressful call to go to is a mental health one. Given that most mental health hospitalizations are never found (either because they can't legally or no measures exists to enable it) on background checks for firearms, the problem grows exponentially worse. Many of those who have committed acts of mass violence had already been diagnosed as being seriously mentally ill but couldn't be put in long-term care because they hadn't been deemed a danger and even if they had, I'm unaware if this would have barred them from having firearms (as discussed previously, I'm not sure a ban for them would have been effective in preventing violence in some instances).
    I understand this list is not all-inclusive but this is how I see the problem in a more condensed manner than I believe can be adequately addressed on a forum such as this. You may have other solutions or know of other ideas. As always, they are greatly appreciated.

    About Us