Two men dressed in suits and ties walked into the Max Brenner cafe on June 8 in Tel Aviv's upscale Sarona market, sat down and ordered dessert. A few minutes later, they stood up and opened fire on other patrons of the cafe, killing four and wounding another seven before one of the men's homemade submachine guns malfunctioned. Four days later, early on the morning of June 12, a gunman forced his way into the Pulse nightclub in Orlando, Florida, armed with a rifle and a pistol, killing 49 people and wounding another 53. On June 13, an attacker stabbed a police captain to death outside his home in a Paris suburb before taking his partner, whom the assailant later killed, and their 3-year-old son hostage. Broadcasting his crime on Facebook, the attacker declared his allegiance to the Islamic State and noted that he was responding to a call from the group's spokesman for grassroots jihadists to carry out attacks in the United States and Europe.
Although these three incidents differed in several ways, they share one critical trait: They were all directed at soft targets.
A New Normal
Attacks against soft targets, such as nightclubs, restaurants, malls and schools, have become the new normal. And it makes sense. Since terrorism is generally a tool that weak actors use to strike militarily stronger opponents, it is natural that its practitioners strike where their opponents are weakest. As once-popular targets add security measures, or harden, terrorists shift their focus to softer attack sites. Where embassies might once have made attractive options, assailants strike hotels instead. Meanwhile, as terrorism evolves, so does security. Even the targets that we consider hard today have not always been so fortified.
At the dawn of modern terrorism in the 1960s, few places had the level of security required to protect against a terrorist attack. In the 1970s, the Weather Underground Organization, an American Marxist group, attacked Washington's Capitol, Pentagon and State Department buildings — the very heart of the U.S. government — simply by walking into the buildings and leaving bombs inside. Diplomatic facilities, too, were quite vulnerable. Throughout the 1970s, militant groups seized control of embassies in several cities, including Khartoum, Stockholm, Kuala Lumpur and The Hague. The decade ended with attacks on the U.S. embassies in Tehran and Islamabad in 1979, and the 1980s saw major strikes against U.S. diplomatic posts in Beirut and Kuwait.
The rash of devastating attacks prompted security improvements. But as diplomatic facilities in the Middle East hardened, transnational terrorists began to look elsewhere for softer embassy targets. During the 1991 Gulf War, Iraqi agents attempted to conduct terrorist attacks on U.S. diplomatic facilities in Manila, Jakarta, Bangkok and Beijing — far from the Middle East. In August 1998, al Qaeda attacked U.S. embassies in Nairobi and Dar es Salaam. Hezbollah attacked the Israeli Embassy in Buenos Aires in 1992, and in 2013, the group attacked an employee of the Israeli Embassy in New Delhi beyond the reach of embassy security, a tactic also used in the 2002 murder of American diplomat Laurence Foley in Amman.
The Race to Secure Air Travel
Embassies and government buildings are not the only institutions to adopt greater security measures in the wake of attacks. The prevalence of commercial airline hijackings in the 1960s and 1970s — by terrorists, political dissidents or extortionists — led to enhanced airline security in the United States and Europe. Even so, hijackings continued, especially on flights from airports with less robust security, including those in Bangkok and Karachi. Eventually, high-profile hijackings such as TWA Flight 847, which members of Hezbollah and Islamic Jihad commandeered as it flew from Athens to Rome in 1985, led to greater and more widespread improvements to aviation security worldwide.
Once hijackings became more difficult, terrorists directed their attention to aircraft bombings. The deadly bombing of Pan Am Flight 103 in 1988 and similar incidents gave rise to even more stringent security. But terrorists were unfazed; innovative bombmakers such as Palestinian militant leader Abu Ibrahim, the so-called grandfather of all bombmakers, responded by contriving ever-more elaborate ways to disguise bombs.
Abu Ibrahim was not alone in his innovation. In December 1994, Philippine Airlines Flight 434 was damaged after an improvised explosive device detonated, killing one passenger. Before the explosion, an assailant had carried the bomb aboard in separate components, assembled it in the lavatory and then left it on board when he deplaned at an intermediate stop on the flight's course. The bombing was a dry run for a more complex strike against multiple airlines called Operation Bojinka, whose orchestrator, Khalid Sheikh Mohammed, went on to plan the 9/11 attacks. When security measures changed in the 1990s to defend against Bojinka-style attacks, terrorists adapted in kind. The perpetrators of the 9/11 attacks used permissible carry-on items to hijack planes and turn them into human-guided cruise missiles.
Just as terrorists adjusted for heightened security at embassies by targeting diplomats outside them, attackers have found ways to attack airline passengers beyond the security hardline.
In response to post-9/11 security crackdowns, jihadists resorted to onboard suicide attacks with improvised explosive devices hidden in their shoes. Security officers began screening shoes routinely, leading aspiring airline bombers to instead fill camouflaged containers with liquid explosives. The U.S. Transportation Security Administration subsequently introduced restrictions on the quantity of liquids that passengers could bring aboard an aircraft, and, in turn, a jihadist attempted an attack with a device, free of metal components, that was sewn into his underwear. Once security measures had been amended to address the threat of underwear bombs, al Qaeda in the Arabian Peninsula turned to cargo aircraft, hiding improvised explosive devices in printer cartridges bound for the United States. And the trend continues. In November 2015, a bomb made it onto an airliner in Sharm el-Sheikh, Egypt, concealed in a soda can. Three months later, another one, disguised in a laptop, was smuggled aboard an aircraft in Mogadishu, Somalia.
And not all attacks on aviation involve hijacking or bombing. Just as terrorists adjusted for heightened security at embassies by targeting diplomats outside them, attackers have found ways to attack airline passengers beyond the security hardline. Back in the mid-1980s, the Abu Nidal Organization attacked crowds of El Al airline passengers beyond the confines of airport security at ticket counters in Rome and Vienna. In November 2002, al Qaeda operatives attempted to attack an Israeli airliner in Mombasa, Kenya, with an SA-7 man portable air defense system. A 2011 attack at Moscow's Domodedovo airport took advantage of the facility's soft areas, as did the March 2016 suicide bombing attack at Brussels' Zaventem airport.
A Vast Array of Soft Targets
Now that the jihadist threat has devolved from professional terrorist cadres to grassroots operatives, the trend of hitting soft targets is becoming all the more apparent in the United States and Europe. Because grassroots operatives have fewer resources at their disposal and less sophisticated terrorist tradecraft than professional terrorists do, jihadist propagandists encourage simple attacks using readily available weapons. In addition, grassroots jihadists tend to attack familiar targets close to where they live, putting a vast array of potential soft targets at risk of attack. In the United States, attacks have occurred in cities as unassuming and geographically distant as Little Rock, Chattanooga, Columbus, San Bernardino and now Orlando.
With such a broad selection of viable targets, anyone bent on conducting an attack will be able to find a suitably vulnerable venue. No government or private security apparatus is physically capable of protecting every possible target, and it is often true that when you try to protect everything, you end up protecting nothing. The only solution is to recognize the threat and adapt accordingly.
However brutal and terrifying terrorism may be, it can be understood. Part of understanding it is recognizing the discernable planning cycle that terrorists follow and the points in that cycle where they are most susceptible to detection. Having grasped this, people can practice good situational awareness to detect attackers and take action to avoid or mitigate potential threats. People must accept that the government cannot protect them from every danger and that, ultimately, they are responsible for their own security. In a world full of soft targets, people can — and must — take steps to make themselves and their families harder targets.