Defuse® is heavily featured in this article published in ASIS Security Management magazine.
The machete was purchased. The plan was made to attack West Lancashire Labour Member of Parliament (MP) Rosie Cooper. Plans to lure the second victim, a police officer, to the scene were ready to be set in motion.
But as the day of action drew nearer in 2018, one member of National Action—the right-wing extremist and Neo-Nazi terrorist group planning to murder Cooper—began to have second thoughts. He decided to share the group’s plans with the charity Hope Not Hate, triggering a response that prevented Cooper and the police officer from being placed in harm’s way and resulted in the arrest of everyone involved in the plot.
Key to that response was a methodology based on behavioral and linguistic indicators developed in the aftermath of the 2016 murder of MP Jo Cox, says Philip Grindell, a former detective with London’s Metropolitan Police Service who led the effort.
“We were able to stop an attack on a British politician by using that methodology,” he says. “It really was a case of looking at this person’s behavior, this person’s leakage about their behavior because he’d leaked the information online of what he was going to do, he was identifying with a white supremacist terrorist organization, and he was definitely moving on this pathway to violence.”
The work that Grindell and his colleagues did has become increasingly important as high-profile individuals—celebrities, executives, and politicians—appear to be facing more frequent online harassment, verbal attacks, and physical assaults, and close protection (or executive protection) practitioners work to assess who is a real threat and how to keep their charge out of harm’s way.
Building a Methodology
Great Britain had a very tumultuous and toxic 2016, with reported crimes up nearly 80 percent during that year at one point, according to Grindell. It was also Cox’s second year as an MP in the House of Commons, and by then she was a recognizable politician and member of the Labour Party.
In June 2016, Cox was campaigning for the United Kingdom to remain a member of the European Union ahead of the Brexit vote. She set out to meet with constituents—an event called a surgery—at a library in Birstall, England. Before she could arrive, Thomas Mair, 53, shot and stabbed her. Cox died from her injuries, and Mair was arrested and convicted of her murder.
A subsequent police investigation would discover that Mair held extreme right-wing views and had collected a dossier on Cox—seemingly becoming fixated on her and the causes she championed, which were in opposition to his own.
Cox was not protected by a security detail when she was killed, and amidst the police investigation into Mair, the British government created a separate task force to review security protections for MPs.
Hoping to prevent future attacks, Grindell—then a police officer for the Metropolitan Police working on child abuse, homicide, and terrorism cases—was asked to put together a team for Parliament to look at how politicians were being targeted. The team sifted through information and developed relationships with social media companies Facebook and Twitter to learn more about the online abuse politicians were facing.
But the team also dedicated itself to understanding how high-profile people are attacked. This track led them to research conducted in the United States, predominantly by the U.S. Secret Service and the FBI, which focused on assassinations and assassination attempts—and how to stop someone from being targeted, Grindell says.
One major study the team looked at was the U.S. Secret Service’s Preventing Assassination: Exceptional Case Study Project, written by Robert A. Fein, Ph.D., and Secret Service Assistant Special Agent in Charge Bryan Vossekuil, published in 1997 as part of a research project by the National Institute of Justice. The study was an assessment of assassinations and potential assassinations of U.S. political figures during a 50-year period.
“Assassination of political leaders is a rare, but significant, problem in the United States,” the authors explained. “Since 1835, there have been 11 attacks on U.S. presidents (four of them resulting in the death of the president), three attacks on presidential candidates, several assassinations of national political leaders, and more than a dozen instances in which planned attacks on presidents and other political leaders were intercepted before the attacker came within lethal range of his/her target.”
The study was also designed to educate the U.S. Secret Service, which is responsible for providing close protection for current and former U.S. presidents, as well as other key political figures. It assessed that there are two related components of protection—the act of stopping an assault to shield a protectee from physical harm and another, less-visible component.
“Protective Intelligence seeks to prevent lethal access to a protectee,” Fein and Vossekuil said. “Protection is most effective if persons and groups with the intention and capacity to mount an attack on a protectee are identified and stopped before they come near a protectee.”
This means that close protection officers need an intelligence program and system in place to gather information about people who have an inappropriate or unusual interest in a protectee; to investigate these identified individuals; evaluate that information; assess whether the individual poses a risk of violence; and manage that risk to prevent an attack.
The Secret Service study helped the task force understand that there are some common denominators among people who try to carry out attacks against high-profile and political figures.
For instance, Fein and Vossekuil found that “assassination is the end result of an understandable, and discernible, process of thinking and behavior,” not the result of a sudden or impulsive act. Perpetrators engage in “attack-related” behaviors prior to attacks and are likely to communicate their intentions to others or keep a journal about their activities.
“It’s a process. They don’t snap,” Grindell says. “It’s a slow, thought out, researched attack plan that they go through.”
Fein and Vossekuil also determined that attackers and “near-lethal approachers” do not fit a single profile or demographic; past incidents were carried out by male and female subjects, across multiple ages, and from varied backgrounds—including employment, marital status, education, and more.
Almost all the attackers or near-lethal approachers had a history of grievances and resentments; developed interest in assassination; considered more than one target for an attack; communicated their intentions; traveled to find their intended targets; and behaved rationally when planning and mounting attacks or encounters with their target.
Surprisingly, the study revealed that none of these attackers communicated a direct threat about their target to their target or to law enforcement beforehand.
“This finding does not suggest that investigators should ignore threats that are sent or spoken to or about public officials or public figures,” Fein and Vossekuil wrote. “Many persons have been prevented, or deterred, from taking action because of a prompt response to their threatening communications. The finding that attackers do not communicate direct threats to their targets does suggest, however, that attention should be directed toward identifying, investigating, and assessing persons whose behavior indicates that they might pose threats of violence, whether or not they communicate direct threats to their targets or to authorities.”
Fein and Vossekuil also concluded that if an investigator approaches his or her work in a thorough manner with “healthy skepticism, and common sense,” he or she can determine who does and does not pose a risk of violence against a target.
One aspect of Fein and Vossekuil’s research that stood out and was reinforced by looking at data on attacks of individuals in the United Kingdom was the communication of a threat from an attacker to his or her target. Grindell says that in his examination, less than 5 percent of attacks involved a direct threat communicated between the person attacking and their target.
“Most people that are attacked, there have not been any previous threats between the person attacking and their intended target,” he adds.
After evaluating the study and collecting other relevant information, including from forensic psychologist Dr. Reid Meloy, Grindell and the task force went to work adapting their findings to the United Kingdom. This meant looking primarily at how some individuals may fixate on a specific person, such as an MP, and begin harassing or stalking that person.
Using this approach, the task force crafted a methodology based on eight identified proximal indicators: fixation, pathway to violence, identification, novel aggression, energy burst, last resort, leakage, and directly communicated threats.
For instance, attackers often hold grievances—real or perceived—and will become fixated on a person they associate with that grievance, such as a political figure who opposed Brexit reforms. Attackers may also display linguistic indicators—such as using “last resort language” where an individual with a grievance then moves into the attack planning phase, Grindell says.
Aspiring attackers may also research other successful assaults, which can influence the planned attack. One infamous example was Mark David Chapman who had a copy of The Catcher in the Rye in his possession when he shot and killed John Lennon in New York City in 1980. Some subsequent attackers have also had a copy of this book in their possession when carrying out their crimes, Grindell says.
In the prevention of the Cooper attack, a National Action member was upset that the police were investigating him for allegedly downloading child pornography. The member created a plan to kidnap Cooper, hold her hostage, summon the police officer investigating the charges, kill both individuals, and then commit suicide by cop.
Some of those details were shared with a third party, which ultimately passed them on to law enforcement and to the task force. From there, the task force applied its methodology to determine that the potential attacker posed a real threat to Cooper.
“Once I was satisfied that those threats might be genuine, they investigated properly, arrested him after finding he had bought weapons, had plans in place, and was a member of a prescribed organization [National Action],” Grindell says. “It was looking at that information that we determined ‘this guy is serious.’”
That assessment allowed authorities to intervene before Cooper’s safety was jeopardized or where a protection detail needed to use force to protect her.
Instead, close protection work often adheres to the philosophy championed in Preventing Assassination and also by Grindell: use risk assessments and planning to create a protection scenario where firearms are not drawn and avoid placing protectees in harm’s way to begin with.
For instance, security teams can refrain from sharing details about a protectee’s location and itinerary to minimize exposure. Close protection teams also can incorporate threat intelligence, such as information from social media, and vet individuals who might need to come into close contact with the protectee. Teams might also utilize decoy vehicles and other measures to obscure the movements of a particularly high-profile client who may be at a higher risk of physical threat.
For example, recent terror attacks in London have involved knives and vehicles because they are easy to legally acquire and provide less of a trail for investigators to follow. In-depth planning that requires an attacker to get a firearm or similar weapon provides security professionals with more indicators before an attack occurs. But for a knife or vehicle attack, “you can just walk into a hardware store or rent a car and achieve something dramatic on the news,”
Additionally, close protection practitioners should try to sit down with the principal to level-set about the risks they face and convey how they want to work together as a team.
The Threat Today
It was supposed to be a routine surgery. MP Sir David Amess had arrived for a conversation with his constituents at Belfairs Methodist Church in Leigh-on-Sea on 15 October 2021, where he met a young man who said he was a National Health Service employee moving to the area.
But then, the meeting took a tragic turn. The young man, Ali Harbi Ali, 26, said he wanted to speak to Amess about foreign policy, but instead pulled a knife out of his pocket and lashed out against Amess—stabbing him repeatedly. The police responded quickly, arresting Ali in the church and obtaining his weapon before he could inflict further harm. Amess, however, died from his injuries. Ali was convicted and received a whole-life sentence in April 2022 for committing murder and engaging in conduct in preparation of terrorist acts.
The trial investigation revealed that Ali was targeting MPs for voting for airstrikes in Syria and had displayed some characteristics identified in the methodology created by Grindell and his task force.
Ali had researched and planned to carry out attacks on MPs and the Houses of Parliament—including traveling to MP Mike Freer’s surgery and MP Michael Gove’s home before carrying out the attack on Amess. Ali also left notes on his phone about why he was carrying out the attack, along with planning details, before traveling to attack Amess.
“On [Ali’s] home computer, there were multiple searches and webpage results relating to MPs and their surgeries,” according to a press release by the Crown Prosecution Service. “Investigations showed that Ali undertook reconnaissance near Mike Freer’s surgery on 17 September 2021 and Michael Gove’s home address on four occasions in March and June 2021. A staff member at one of Mike Freer’s surgeries identified a man who matched Ali’s description as staring into the building. CCTV footage also captured Ali performing reconnaissance of the area around the Houses of Parliament on 16, 20, and 22 September 2021.”
This was an instance where security and the methodology developed after Cox’s murder were not able to prevent Amess’s death. The Scottish Parliament initiated a review afterwards, and it is implementing further changes to improve security for MPs—including providing £2,500 ($3,090) for security upgrades to their homes, software to address threatening social media posts, and “lone working devices” that enable MPs and their staff to send alerts to police or employers about an emergency, according to the BBC.
Amess’s murder also prompted reflection on the escalation of abuse towards politicians, and a change of motivations for attacks around current affairs, Grindell says.
“Brexit was a driving force for a lot of abuse. And before that, we were looking at issues in Afghanistan,” adds Grindell, who co-founded Defuse, a consultancy to protect individuals from lone actors, fixated people, and stalkers, after he left the police force. “Whatever is going on in the news tends to have a major impact on what’s happening.”
For instance, future attacks might involve individuals with a grievance related to the war in Ukraine and want to hold someone they associate with Russia accountable. Grindell also adds that in the United Kingdom there has been a “huge rise” of white supremacist national threats, but that the Islamic threat has not gone away—as demonstrated by the attack on Amess.
Grindell has also noticed increased fixation, abuse, and targeted attacks by former hostile employees who were fired and are looking to hold a former boss or executive responsible for the dismissal. This has led to an increase on private audits, Grindell adds, which assess what private information is out there about the former employer—where they live, what they drive, who their family members are—to make it more difficult for them to be targeted.
And when threat intelligence analysts identify someone who might be fixated on a client, Grindell says they will sometimes take steps to try to halt their progress on the path to violence and prevent a potential attack by setting up a meeting to allow the individual to air his or her grievance.
“We never mislead them. We’re trying to resolve their issue, their grievance,” Grindell says, adding that the client is not part of these meetings and that fact is clearly communicated. “We never, ever lie to them because you’re trying to build trust and relationships.”