This paper examines the intelligence failures that preceded the September 11, 2001 terrorist attacks, focusing specifically on the breakdown in information sharing among federal agencies. It documents the July 5, 2001 interagency meeting where threat information was not effectively disseminated, and analyzes the chasm between domestic and foreign intelligence operations. The paper then evaluates post-9/11 reforms, including the FBI's shift to a threat-based, intelligence-led counterterrorism model and the establishment of organizational structures like the National Security Branch and Field Intelligence Groups. It discusses technology solutions such as CORE and DIVS that support information sharing, and concludes by assessing the effectiveness of integrated models at both national and international levels, with reference to gaps exposed by more recent terrorist attacks in Paris.
Many press reports and, to some extent, the 9/11 Commission Report identified the failure to share information as a key reason the United States was unable to prevent the terrorist attacks of September 11, 2001. Just days after the terrorist attacks in Paris by self-professed operatives of Al-Qaeda in Yemen, this discussion became strikingly timely and pertinent. Once again, the pivotal significance of integrated counterterrorism intelligence—coupled with the inescapable issue of the scope and magnitude inherent in antiterrorism operations—was made tragically evident.
After six months of escalating terrorist chatter, a meeting was held on July 5, 2001, at which representatives from the Immigration and Naturalization Service (INS), the FAA, the Coast Guard, the Secret Service, Customs, the CIA, and the FBI met with Clarke to discuss the current threat. However, attendees recall being told not to disseminate the threat information disclosed at the meeting ("Blinking Red," 2004). One notable exception was a National Security Council (NSC) official, who interpreted the cautionary statement differently: attendees were asked to take the information back to their home agencies and "do what you can" with it, subject to classification and distribution restrictions ("Blinking Red," 2004). Moreover, even after explicitly requesting a summary of the information presented at the meeting that could be shared with field officers, an INS representative reported that no such document was ever provided ("Blinking Red," 2004).
The severity and number of threat reports that the intelligence community received during the summer of 2001 were "unprecedented," yet an enormous chasm had widened between domestic and foreign threats—and it was into this chasm that the September 11 attacks would fall ("Blinking Red," 2004). While foreign intelligence agencies focused on threats to U.S. interests in international locations, domestic intelligence agencies focused on threats from sleeper cells. In an infamous failure of imagination noted by the 9/11 Commission, intelligence agencies were by and large not conceptualizing threats from foreign operatives who had recently infiltrated the United States ("Blinking Red," 2004).
Clarke's retrospective account of the July 5th meeting differed markedly from that of many attendees. He summarized the steps taken to alert domestic agencies, including the FAA, to the possibility of an attack on the United States in an email sent to Rice on September 15, 2001. Yet the FAA did not mandate any new security measures. In briefings on CD-ROM presented to airport authorities and air carriers, the FAA noted that suicide hijackings were possible but stated that "fortunately, we have no indication that any group is currently thinking in that direction" ("Blinking Red," 2004).
Following 9/11, the FBI belatedly adopted a much-needed new paradigm that moved the agency from counterintelligence focused on particular cases to threat-based, intelligence-led counterterrorism (Mueller, 2011). If any single attribute of this shift stands out, it is the elevated focus on information sharing (Mueller, 2011). Changes have been felt across all facets of the Federal Bureau of Investigation, and these changes have transformed the Bureau into a national security organization that fuses traditional law enforcement and intelligence missions (Mueller, 2011).
The national security organization model that the FBI crafted after 9/11 is driven by threat, a shift that fosters prioritization of intelligence collection and enables a broader definition of threat. The Bureau's model is based on interconnectivity through joint operational initiatives, greater overseas presence, and the adoption of information-sharing technology systems. Within one year, two thousand additional agents were added to national security programs. Control and management of counterterrorism operations were centralized and augmented at headquarters to avoid the segregation of information across 56 individual national field offices—a situation further improved through the creation of a Field Intelligence Group (FIG) at each field office. The National Security Branch (NSB) was established in 2005 to combine the missions, capabilities, and resources of all national security components of the Bureau: counterterrorism, counterintelligence, intelligence, and weapons of mass destruction.
To implement the new functions and emphases enabled by the restructuring, the Bureau created a tool using balanced scorecard methodology—the Strategy Management System (SMS). In addition to gauging the progress of the Bureau's transformation, the SMS communicates FBI strategy, the priority of initiatives, and the role of each component in pursuit of that strategy. The intelligence cycle is the core of FBI strategy. By 2007, the Bureau established a Strategic Execution Team (SET) in response to recognition that intelligence was not yet well integrated into FBI operations. SET identified two barriers to the transformation of the Bureau: first, the integration of intelligence into field operations, and second, enhancing intelligence capabilities through building human capital. In response, the Bureau dedicated resources to recruiting, training, and elevating specialists with language and analytical skills necessary to carry out the intelligence cycle's critical functions.
Moreover, the FIGs underwent standardization designed to increase collaboration between operations and intelligence and to provide accountability for intelligence collection, analysis, use, and production (Mitchell, 2011). To further embed intelligence personnel in operational divisions, SET standardized the role of intelligence by establishing the Central Strategic Coordinating Components (CSCCs). To further promote intelligence sharing and to regularly underscore the Bureau's priorities of "comprehensive domain awareness and network disruptions," headquarters conducted Strategy Performance Sessions (SPS) with field offices by secure video teleconference (Mitchell, 2011).
Overall, the strategic shifts in the Bureau are characterized by increased coordination, enhanced communication, improved leadership, clearer prioritization, increases in the number and training of human capital resources, and improved collection of intelligence (Mitchell, 2011). A key role of the FIGs is to integrate, analyze, exploit, disseminate, and share intelligence collection (Mitchell, 2011). The Joint Terrorism Task Forces (JTTFs) enable integration of domestic counterterrorism operations with law enforcement at the tribal, local, state, and federal levels (Mitchell, 2011). Similar structures have been established in other countries. For instance, the National Intelligence Model, developed by the Crime Committee of the Association of Chief Police Officers and the National Criminal Intelligence Service in the United Kingdom, is an integrated system of best practices in intelligence-led policing and law enforcement (Mitchell, 2011). These models use a multi-level system that addresses crime at the local level, cross-border issues, and serious and organized crime. These models are important because they demonstrate the link between law enforcement and agencies with strong intelligence-gathering emphasis.
Intelligence contained in the FBI's intelligence information reports (IIRs) is disseminated through an information technology solution known as the Collection Operations and Requirements Environment (CORE) (Mitchell, 2011). Through CORE, FBI intelligence reporting is standardized and integrated, and synchronization occurs between field intelligence operations and the requirements of the intelligence community (Mitchell, 2011). The standardized production and tracking of intelligence information reports is streamlined through the IIR Dissemination System (Mitchell, 2011). A marked increase in dissemination of IIRs since 2004 by the FBI has boosted the provision of critical information to policymakers and the intelligence and law enforcement communities (Mitchell, 2011).
An additional information technology system is designed to reduce the amount of time that intelligence analysts spend searching for relevant information, rather than connecting data points and analyzing the steady stream of information characteristic of modern intelligence gathering (Mitchell, 2011). The Data Integration and Visualization System (DIVS) consolidates data and increases the breadth of information that can be searched and accessed (Mitchell, 2011). The single DIVS interface provides FBI intelligence, criminal investigative information, and data from other missions—and maintains all applicable regulatory requirements for each data type (Mitchell, 2011). Records from the eleven FBI agencies and critical counterterrorism mission information from other government agency sources are housed in the DIVS (Mitchell, 2011). Development of the DIVS is ongoing as functionality is increased and additional datasets are integrated and tools are made to articulate with the platform (Mitchell, 2011). Since the DIVS is not a legacy platform, it will continue to provide opportunities for tool integration through the Bureau, partners in the intelligence community, and private industry (Mitchell, 2011).
"Integrated models and international intelligence gaps in contemporary attacks"
You’re 80% through this paper. Sign up to read the remaining 1 section.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.