POOL REINSURANCE

Monthly Threat Update February 2021

Threat Overview

There were no significant terrorist attacks in the UK or Europe in February. Despite a recent decline in terrorist activity and the reduction of the UK threat level to ‘SUBSTANTIAL’ from ‘SEVERE’, the threat of a terrorist attack occurring remains likely.

 

February witnessed the UK’s youngest terrorist conviction and the deployment of increasingly sophisticated cyber and drone capabilities, evidenced by recent attacks in the US and Saudi Arabia. Both attacks showcased the growing intent and capability of violent groups to weaponise and utilise novel technologies to execute their attacks.

New methodologies were also the subject of recent warnings from Ben Wallace, the UK Defence Secretary, who warned of the growing threat of international chemical and biological attacks. On the domestic front, following the release of the government roadmap on the lifting of COVID-19 restrictions, opportunities for mass casualty attacks will increase and planned attacks, deferred due to the pandemic, may now materialise. Further afield, an attack in the Democratic Republic of the Congo on a United Nations convoy which killed the Italian Ambassador to the DRC, was condemned as a ‘terrorist attack’ by the DRC president Felix Tshisekedi

  • Threat Level 50% 50%
  • Threat Level 30% 30%
  • Threat Level 85% 85%
  • Threat Level 50% 50%

Cyber-attack in Florida highlights vulnerability of Critical National Infrastructure

 

On 5 February, unidentified hackers remotely accessed a water treatment plan in Oldsmar, Florida, and changed the levels of lye in the drinking water. Lye is often used in the treatment process of water to adjust the pH value and can be dangerous in large quantities. The levels were altered from 100 to 11,100 parts per million. A worker noticed the attack before it could cause harm to the public. The hackers allegedly gained access to the computer architecture through a remote access tool that workers used to troubleshoot problems from other locations. Whilst it is unlikely that a terrorist group was behind this attack, it illustrates the potential vulnerabilities of critical national infrastructure to cyber-attacks. Had the plant’s systems been completely automated, it is possible the attack would have gone unnoticed and caused a localised public health crisis. 

Furthermore, as an increasing number of CNI facilities now utilise remote access tools as a response to work from home orders due to the coronavirus pandemic, a potentially large number of CNI facilities may be vulnerable to cyber-attacks. Oldsmar, Florida, USA. 9th Feb, 2021.

The Bruce T. Haddock Water Treatment Plant. Local and federal authorities are investigating after an attempt Friday to poison the city of Oldsmar’s water supply. Photo: Chris Urso/Tampa Bay Times/ZUMA Wire/Alamy Live News Certain CNI installations, such as nuclear and power plants, are obligated to have sophisticated cyber-security systems. However, water treatment plants, sewerage treatment, and similar infrastructure may not have such robust systems, processes and procedures in place. As a result of the pandemic, these vulnerabilities may be more acute as industries often prioritise business continuity, for example by relying on vulnerable remote access software, at the expense of cyber-security, thus increasing the risk of cyber-attack. In further cyber news Conrad Prince, Senior Cyber Advisor to Pool Re, examined cyber supply chain security challenges in a blog in February 2021, which can be read here.

Italian Ambassador killed in potential terrorist attack in DR Congo

 

 

At 08:39 on Monday, 22 February, the Italian Ambassador to the Democratic Republic of Congo and two of his security staff were killed in an ambush outside of the city of Goma in the east of the country, whilst travelling as part of a World Food Programme convoy. The Ambassador was shot during an attempted kidnapping, according to local sources. This attack marks the first murder of a sitting Western ambassador since the murder of The coffins containing the bodies of the Italian ambassador Luca Attanasio and his bodyguard Vittorio Iacovacci, who were killed in an attack in the Democratic Republic of Congo. Photo: REUTERS/Yara Nardi. Italian Ambassador killed in potential terrorist attack in DR Congo Christopher Stevens in Benghazi, Libya, in 2012.

 

No group has claimed responsibility for the attack yet, although the Congolese authorities have blamed the Democratic Forces of the Liberation of Rwanda (FLDR), a Hutu militia. The FLDR has denied responsibility. It is possible the Allied Democratic Forces (ADF), a rebel group affiliated with Daesh’s Central Africa Province, was behind the attack. Even if it was not the perpetrator, there is a chance that Daesh may claim responsibility, given the high-profile nature of the murder. Other potential perpetrators include various Mai-Mai rebel groups, who have previously attacked NGOs in the region. The murder of the Ambassador highlights the strategic importance placed on Western diplomatic staff and interests to armed groups in the more restive regions of the world. Western interests abroad will likely remain a target for Daesh and other Islamist groups in the coming months. Local employees of Western businesses operating in more volatile emerging markets are also vulnerable, particularly to Kidnap for Ransom.

Attacks still likely despite lower threat level

 

On Monday, 8 February, the Joint Terrorism Analysis Centre (JTAC) lowered the UK threat level from international terrorism from ‘SEVERE’ to ‘SUBSTANTIAL’. This change indicates that an attack is likely, rather than highly likely to occur. The lowering of the threat level reflects a reduction in the momentum of attacks in Europe. The threat level had been increased to ‘SEVERE’ following an increase in the tempo of attacks in France and Austria between September and November 2020.

Although the threat level has changed, the corresponding Government response level remains the same, at ‘HEIGHTENED’. A ‘HEIGHTENED’ response level suggests implementing “additional and sustainable protective security measures reflecting the broad nature of the threat combined with specific business and geographical vulnerabilities and judgements on acceptable risk.” The recent change in the national threat level to ‘SUBSTANTIAL’ does not indicate that the threat has dissipated, but instead suggests that the pace and scope of attack planning has slackened, and that the UK is better prepared to respond to threats. For more on the threat level change, see here

Recently Published

Are you Protect Duty prepared?
Articles by Type - Commentary Blog Protect Duty

Are you Protect Duty prepared?

Monthly Threat Update May 2022
Articles by Type - Reports Cyber Terrorism Far-Right Extremism Monthly Update

Monthly Threat Update May 2022

Cyber Terrorism: Far-right extremists’ use of social media – an explainer
Articles by Topic - Commentary Blog Cyber Terrorism

Cyber Terrorism: Far-right extremists’ use of social media – an explainer

Monthly Threat Update April 2022
Articles by Type - Reports Cyber Terrorism Far-Right Extremism Islamist Extremism Monthly Update

Monthly Threat Update April 2022

Cyber Terrorism: Islamic State’s effective exploitation of social media
Articles by Topic - Commentary Blog Cyber Terrorism

Cyber Terrorism: Islamic State’s effective exploitation of social media

Cyber Terrorism: Understanding online radicalisation
Articles by Topic - Commentary Blog Cyber Terrorism

Cyber Terrorism: Understanding online radicalisation

Monthly Threat Update March 2022
Articles by Type - Reports Far-Right Extremism Islamist Extremism Monthly Update

Monthly Threat Update March 2022

UK Cyber Security: A New Approach?
Articles by Topic - Commentary Blog Cyber Terrorism

UK Cyber Security: A New Approach?

Monthly Threat Update February 2022
Articles by Type - Reports Far-Right Extremism Islamist Extremism Monthly Update

Monthly Threat Update February 2022

Monthly Threat Update January 2022
Articles by Type - Reports Environmental Extremism Islamist Extremism Monthly Update Tactics

Monthly Threat Update January 2022

Review of the Home Office Protect Duty Consultation Report January 2022
Articles by Topic - Reports Assessment Protect Duty

Review of the Home Office Protect Duty Consultation Report January 2022

Monthly Threat Update December 2021
Articles by Type - Reports Cyber Terrorism Far-Right Extremism Monthly Update Tactics

Monthly Threat Update December 2021

Solutions Annual Review 2021
Annual Update Articles by Type - Reports

Solutions Annual Review 2021

Monthly Threat Update November 2021
Articles by Type - Reports Monthly Update

Monthly Threat Update November 2021

Hospitality & High Streets – short guide to festive terrorism risk management planning
Articles by Type - Commentary Blog Threat Landscape

Hospitality & High Streets – short guide to festive terrorism risk management planning

Liverpool Women’s Hospital Taxi Explosion: Terrorism Post-Incident Report
Articles by Topic - Reports Islamist Extremism

Liverpool Women’s Hospital Taxi Explosion: Terrorism Post-Incident Report

Monthly Threat Update October 2021
Articles by Type - Reports Monthly Update

Monthly Threat Update October 2021

Murder of Sir David Amess MP: Terrorism Post-Incident Report
Articles by Topic - Reports Assessment Islamist Extremism

Murder of Sir David Amess MP: Terrorism Post-Incident Report

Monthly Threat Update September 2021
Articles by Type - Reports Monthly Update

Monthly Threat Update September 2021

9.11 Two Decades of Disruption docufilm
Articles by Topic - Commentary Islamist Extremism Webinar

9.11 Two Decades of Disruption docufilm