The Right-Wing Extremist Threat in Context: External Extremist Actors

Originally published at: https://worldview.stratfor.com/article/right-wing-extremist-threat-in-context-external-extremist-actors

HIGHLIGHTS

• Due to a long history of law enforcement penetration and disruption, right-wing extremist groups in the United States and Europe adopted the leaderless resistance model of terrorism in the 1980s. 
• In recent years we have seen right-wing extremists adopt social media strategies pioneered by jihadist groups, particularly the Islamic State.
• Right-wing extremists remain constrained by the attack cycle and are vulnerable to detection as they progress through that cycle. 
• Focusing on behaviors associated with the attack cycle can help prevent attacks by right-wing extremists.

Editor's Note: This is part one in a two-part series. The first part will discuss outside right-wing extremist actors, while the second will focus on insider extremists. 

Last week I had the opportunity to speak with someone in the process of setting up a protective intelligence program at a large corporation. During our conversation about various concerns and threats, the topic of the current wave of right-wing extremist attacks arose. We discussed how that threat manifested itself differently when the actor was an outsider versus an insider, as well as steps the company could take to protect itself against these threats. After thinking about that conversation for some days, it occurred to me that there might be broader interest in the topic, and that it might be worth writing on it to place the threat posed by right-wing extremism into context. With that in mind, I have decided to address external right-wing extremist actors and insider extremists.

A History of Right-Wing Violence

As I've discussed elsewhere, the threat of violence from white supremacists, white nationalists and other right-wing extremists is not new. Indeed, as evidenced by the sacking of Lawrence, Kansas, in 1856 and the birth of the Ku Klux Klan in 1865, the threat predates the advent of modern terrorism in the Victorian era. Since then, there have been a number of waves of right-wing extremism in the United States and Europe, including the second rise of the KKK in the United States and the rise of Nazism in Germany and Fascism in Italy in the 1920s, and the rise of George Lincoln Rockwell's American Nazi Party and the third rise of the KKK in the 1960s.

Because of this long history, law enforcement in the United States — and in the West in general — has a great deal of experience investigating and disrupting right-wing extremist groups. For demographic and linguistic reasons, police forces in the West have had a far easier time infiltrating such groups than they've had infiltrating jihadist groups. A watershed event for the movement in the United States was a 1988 federal trial in Fort Smith, Arkansas, in which 14 white supremacist leaders were charged with seditious conspiracy. Those charged included members of domestic terrorist groups The Order and the Covenant Sword and Arm of the Lord, along with KKK Leader Louis Beam, National Alliance leader William Pierce and Aryan Nations leader Richard Butler.

Although the white supremacist leaders were ultimately acquitted, testimony in the Fort Smith trial revealed how thoroughly the white supremacist movement had been penetrated by law enforcement officers and informants. As a result, leaders like Beam, Pierce and Richard Kelly Hoskins began to widely promote the leaderless resistance model of terrorism for right-wing extremists. 

This change was perhaps most visible in the fiction written by Pierce under the pen name Andrew Macdonald. In 1978, he wrote a book called The Turner Diaries, with the intent of providing a blueprint for conducting terrorist operations as an underground organization. Not coincidentally, the organization in The Turner Diaries was named "The Order," a name later adopted by a real-world domestic terrorist group. But in 1989, following the Fort Smith trial, Pierce put forth a different operational blueprint in a book called Hunter that promoted the leaderless resistance model. Pierce dedicated Hunter to Joseph Paul Franklin, a lone terrorist who conducted a yearslong series of killings, robberies and arsons spanning several states in an attempt to spark a race war. 

While there have been a number of membership groups dedicated to right-wing extremism, including skinhead, Klan and neo-Nazi groups, overall, the movement has become extremely fragmented. None of these groups is very large, and the leaders of groups normally encourage members who want to commit acts of violence to leave the group to avoid legal and law enforcement consequences. Even the newer crop of extremist groups that openly advocate violence, such as Atomwaffen or The Base, urge their followers to adopt the leaderless resistance model. There are some exceptions to the leaderless resistance model. For example, in Ukraine groups like the Azov Battalion provide white supremacists with a structured organization. They also provide a place where right-wing extremists from other countries can travel to receive military training and combat experience in much the same way jihadist foreign fighters have done over the past few decades. 

In general, however, the threat from right-wing extremists in the United States and elsewhere in the West (including Australia and New Zealand) stems from practitioners of this leaderless resistance model who operate as lone attackers or in small cells. They are generally radicalized and operationalized via the internet, and there are in fact many similarities between them and grassroots jihadists in the West. While jihadists borrowed the concept of leaderless resistance from right-wing extremists who embraced it decades earlier, we have conversely seen right-wing groups copying social media strategies from jihadists. For example, edgy and aggressive calls for violence used by the Islamic State were later copied by groups such as Atomwaffen, while "The Base'' is the literal English translation of al Qaeda. Additionally, jihadist attackers such as those responsible for the 2012 attacks in Toulouse, France, and the 2014 attack on a Jewish museum in Belgium wore video cameras to document their attacks. We saw this tactic later aped by right-wing attackers in 2019 in New Zealand and California. 

Pros and Cons of Leaderless Resistance

The leaderless resistance model of terrorism provides increased operational security, and makes it tougher for law enforcement and security services to identify lone attackers or small cells than a hierarchical group model of terrorism. Indeed, heavy and relentless law enforcement pressure is precisely why the model has been adopted. However, the model also comes with significant disadvantages. For this reason, I have long argued that the adoption of leaderless resistance is a sign of weakness rather than of strength. 

Perhaps the greatest weakness of the leaderless resistance model is its reliance on untrained grassroots operatives to conduct attacks rather than trained, professional terrorist cadres. These grassroots operatives often possess very little in the way of terrorist tradecraft. This places serious constraints upon their ability to plan and conduct attacks. As a result, they will often attempt to reach out to others to obtain the capability to conduct a sophisticated attack, which can often land them in a law enforcement sting. This happened in January 2020 when law enforcement took down a cell of The Base in Georgia as it planned an assassination.

If would-be attackers don't seek outside assistance, they will normally be limited to very simple attacks, but as we saw in the armed assault attack against the Tree of Life synagogue in Pittsburgh in October 2018 in which a white supremacist killed 11 people, even simple attacks can prove deadly. 

Protecting Your Company or Organization

As noted above, the terrorist tradecraft possessed by lone attackers and members of small cells is often quite limited. This means that they are often vulnerable to detection as they progress through the terrorist attack cycle. And make no mistake, grassroots attackers are constrained by the demands of the attack cycle. They still need to select a target, surveil their target, acquire their weapons, and plan and launch the attack. While sophisticated terrorist organizations will be able to use different cells or individuals to accomplish these steps, a lone attacker must accomplish them all himself, increasing his chances of being detected. A small cell provides a bit more manpower and maybe expertise, but the cell will still be bound to the steps in the attack cycle, as evidenced by a January 2020 case involving members of The Base working together in a cell.

I believe that detecting the surveillance conducted during different phases of the attack cycle provides the best chance for a company or organization being targeted to interrupt the attack cycle and prevent an attack. Make no mistake, even professional terrorists have struggled with surveillance tradecraft, and amateur grassroots operatives possess even less in the way of surveillance capability. They are ordinarily not difficult to detect — but only if someone is looking for them. 

From interviews of right-wing extremists involved in past attacks, from their writings, and from CCTV footage and sting operations, we know that they conduct extensive surveillance of their potential targets. These sources have also provided many examples of attackers directing their attack plans away from potential targets with good security toward those deemed easier to attack. For example, the 1999 Los Angeles Jewish Community Center shooter surveilled a number of Jewish institutions before deciding to attack the one he deemed easiest to attack. More recently, the killer who attacked a synagogue in Halle, Germany, in October 2019 surveilled a number of targets, including a mosque and a cultural center associated with the antifa movement, before deciding to attack the synagogue. 

Detecting the attack cycle in process and preventing an attack is always better than reacting to an attack. Prevention is the first part of my strategy for protecting companies and organizations against mass public attacks: prevent, deny, defend. 

The Halle attack also provides a good example of how adequate access control can help defend against such attacks by denying access to the facility and the people inside it. In this case, the murderer was unable to gain entrance to the worshippers sheltered inside the building, and in frustration, killed a woman on the street and then a man in a kebob shop. The March 2018 shooting at YouTube headquarters in San Bruno, California, is another good example of how access control can prevent a shooter from gaining access to vulnerable victims, the deny element of prevent, deny, defend.

As seen in an incident at a church in White Settlement, Texas, in December 2019, armed security can often be very effective in the defend portion of this strategy. But it is not always legal or possible to have armed security, or armed responders simply may not be close by at the time of an attack. Because of this, potential victims must be prepared to go on the offensive to defend themselves if necessary. In August 2015, a number of passengers, including three American tourists, disarmed an attacker aboard a French train, and in April 2018 a patron took a rifle away from a gunman in an attack on a Waffle House in Antioch, Tennessee. In June 2017, patrons at pub in London forced an attacker armed with a knife to leave after pelting him with pint glasses, beer bottles and barstools, and in February 2016, a jihadist with a machete attacking customers at a Mediterranean restaurant in Columbus, Ohio, stopped his assault after an employee wielding a baseball bat and a patron throwing chairs pursued him. 

 For more on how a robust protective intelligence program can help equip and empower company and organization employees to spot and report potential threats and respond to actual threats, please read this.