FAS

Intelligence Lessons from the 2009 Fort Hood Shooting

10.09.15 | 4 min read | Text by Steven Aftergood

In 2010, then-Director of National Intelligence Dennis C. Blair convened a panel to review the November 2009 Fort Hood shooting committed by Army Maj. Nidal Hasan and the Christmas Day bombing attempt by Umar Farouk Abdulmutallab aboard Northwest Flight 253.

A redacted version of the resulting panel report was finally declassified and released this week. See Report to the Director of National Intelligence on the Fort Hood and Northwest Flight 253 Incidents, Intelligence Community Review Panel, 15 April 2010.  The panel was led by former Acting DCI John E. McLaughlin.

In a nutshell, the report found, “There were several missed opportunities that could have increased the odds of detecting Abdulmutallab or Hasan. The causes of the missteps ranged from human error to inadequate information technology, inefficient processes, unclear roles and responsibilities, and an occasional lack of individual inquisitiveness.”

Beyond a detailed recounting of what was known by U.S. intelligence about the perpetrators, much of which has been withheld, the report fills a gap in the literature of intelligence reform with a look at systemic issues such as the state of information technology in the intelligence community (as of 2011), the process of watch-listing, and disagreements over the handling of U.S. person information.

“Inadequate information technology runs through both the Fort Hood and the NW Flight 253 narratives, particularly the inability of IT systems to help analysts locate relevant reporting in a sea of fragmentary data or to correct for seemingly minor human errors.”

“NCTC [National Counterterrorism Center] analysts, for example, have access to more than 28 separate databases and systems, each of which, for the most part, has a separate log-on. This means analysts have to search each database separately before trying to identify connections among their results.”

The existing search capacity “is intolerant of even simple mistakes in the queries and does not enable questions like: list everyone that is potentially affiliated with AQAP and has a passport or visa that would permit entry to the United States or UK.”

But the problem is not purely one of technology, the report said. “The Community cannot realize the potential of information technology to assist the counterterrorism mission without clarifying… procedures for sharing information on US persons.”

The report reflects a view that restrictions on collecting and disseminating US person information had become onerous and counterproductive.

“Many of the people we interviewed assessed that policy on handling US Persons data… was limiting the Intelligence Community’s ability to aggregate and exploit available data, especially information pertaining to critical domestic-foreign nexus issues.”

“We noticed a strong belief among collectors and analysts that restrictions on collecting, disseminating, accessing, and analyzing data on US Persons impede mission performance…. We also saw a surprising level of disagreement — even among experienced practitioners — on whether current US Person authorities allow intelligence officers to accomplish their missions, or whether new legal authorities are needed.”

(“Sharing US Person information with foreign partners, and tasking them to collect on US Persons appeared at various points,” the report says at the start of an otherwise redacted paragraph.)

“We see a need to simplify, harmonize, update, and modify the Community’s procedures relating to US persons,” the McLaughlin panel wrote.

What exactly this might mean in practice was not spelled out, but it didn’t seem to entail tightening, narrowing or curtailing the use of US person information, or increasing oversight of it.

“The report’s finding on the Intelligence Community’s ‘caution’ and ‘risk aversion’ in the collection of US persons information is particularly notable,” said Christian Beckner, Deputy Director, GW Center for Cyber & Homeland Security, “leading the review group to worry that ‘the next terrorist surprise could be the result of confusion or excessive caution about how to manage this issue.’  This finding is in striking contrast to much of the public dialogue following the Snowden leaks about intelligence activities related to US persons.”

The panel report also includes various incidental observations of interest.

“The panel is concerned that the overlap between CTC [the CIA Counterterrorism Center} and NCTC [the National Counterterrorism Center] extends beyond healthy competition and that the turf battles, duplications, and clashes are a drain on the resources and creative energy of both organizations.”

Furthermore, “It appears that much of the tension between the two organizations centers on issues related to the President’s Daily Brief (PDB) — everything from who takes the lead to what is said in the articles.”

The report cites inaccuracies in news media coverage of the Fort Hood shootings and Christmas Day bombing “that have skewed the discussions.” For example, contrary to some accounts, “There is no evidence indicating that [Anwar al] Aulaqi directed Hasan.”

The report also presents a previously unreleased 2010 DNI directive on “lanes in the road” (included as Appendix D to the report) that “establishes the responsibilities and accountability of leaders of major organizations with counterterrorism analytic missions.” In other words, it assigned specific counterterrorism roles to each of the relevant intelligence agencies.

“Each organization within the IC with a significant counterterrorism analytic effort is expected to work seamlessly with its counterparts, drawing on the specific strengths and advantages of partners, but is also expected to place particular emphasis on those missions they are uniquely positioned to conduct,” wrote DNI Dennis C. Blair in the April 7, 2010 memorandum.

publications
See all publications