Ft. Hood and Active Shooters

On Wednesday, April 2, 2014, Specialist Ivan Lopez, United States Army, kills three and wounds sixteen at Ft. Hood Army base in Killeen, Texas.  Lopez used a personally owned .45 caliber handgun, and took his own life when confronted by a U. S. Army military policeman. 

Reporters gather outside one of the entrances to Fort Hood military base near Killeen, Texas. Spc. Ivan Lopez killed three fellow soldiers there before committing suicide Wednesday.(Photo: ASHLEY LANDIS, EPA)
Reporters gather outside one of the entrances to Fort Hood military base near Killeen, Texas. Spc. Ivan Lopez killed three fellow soldiers there before committing suicide Wednesday.(Photo: ASHLEY LANDIS, EPA)

By all accounts, SPC Lopez was a troubled young man.  Twenty-four hours news coverage provides ample speculation, blame and conjecture about what could have been done, what should have been done, and what should be done in the future to prevent these tragedies. 

Rather than classify this as a military problem, it may be more appropriate to look at it as a workplace violence problem.  Workplace Violence occurs in the government work environment, the public work force, and in private industry.  The term “going Postal” was coined by the seemingly inordinate number of workplace shootings that occurred in the U. S. Postal Service, starting with Patrick Sherrill gunning down fourteen of his co-workers in Edmond, OK in 1986. In 1999, two deranged individuals murdered twelve of their fellow students at Columbine High School, and there have been several school shootings throughout the country since then.  Now, the spotlight is on the military, which  just had their fourth high profile mass shooting in a relatively short period of time. 

Are postal facilities, schools, and military bases any less safe than your average business , town, or public facility?  Statics say no.  Because mass shootings are relatively rare, occur in a highly public places, and have the added tragedy of the randomness of the victims, they lead to hyped news coverage.  And we search in vain for an answer as to why.  Often, that answer is known only to the perpetrator.  What is known from research in past mass shootings is that mental illness is a prevailing factor, and the killers generally target places and/or people they consider responsible for their perceived unresolved grievances.  Another factor to consider are “copycats”.  A postal worker, student, military personnel, or other deranged worker sees the spotlight given to previous killers in their specific environment and decides that is the solution to drawing attention to their issues, however misguided that thought process is. 

According to the FBI, there is no demographic profile of an active shooter.  Many active shooters display observable pre-attack behaviors, which, if recognized, can lead to the disruption of the planned attack.  The pathway to targeted violence typically involves an unresolved real or perceived grievance and an ideation of a violent resolution that eventually moves from thought to research, planning, and preparation.  While not every active shooter can be identified and thwarted prior to attacking, many potential active shooters who appear to be on a trajectory toward violence can be stopped.[i] 

Based on initial reports, this appears to be the case of SPC Lopez.  He was reported to have been suffering from depression and anxiety, was involved in a dispute or altercation at his place of work, left the scene and returned later with a handgun which had been recently purchased.   Whether this tragedy could have been prevented will be the subject of debate for the foreseeable future.    Knowing the warning signs of violent behavior, having a viable and enforceable threat / violence policy, and having a straightforward, workable grievance solution process are all steps to reducing violence in the workplace. 

Simpson Security and Investigative Advisory Group, LLC has extensive experience in dealing with workplace violence issues.  Please contact us for workplace violence investigations, mitigation strategies, and training.  


 

[i] FBI Law Enforcement Bulletin, May 2013, Addressing the Problem of the Active Shooter, Katherine W. Schweit, J.D.

 

http://leb.fbi.gov/2013/may/addressing-the-problem-of-the-active-shooter

 

Importance of Evidence, by Dennis Simpson

Among the recent news about the war in Afghanistan is one making the talk show circuit about Afghanistan getting ready to release 65 high level terrorists.  Earlier this year, the U. S. turned over control of the Detention Facility in Parwan (DFIP) to the Afghans.  This was our primary holding center for captured combatants.  I had a sorry sense of déjà vu upon hearing this.  I was in Afghanistan in 2012 when I received news that the Iraqis were releasing Ali Musa Daqduq.  Daqduq was one of the most dangerous and ruthless terrorist captured in Iraq.  He was a senior Hezbollah commander responsible for countless U.S. deaths.  In January of 2007, Daqduq was responsible for the kidnapping of five U. S. soldiers during a raid on the Karbla Joint Provincial Coordination Center.  Those five U. S. soldiers were summarily executed by Daqduq and his gang.  The recovered bodies showed signs of severe torture before execution. 

Musa_Daqduq

I was in Iraq assisting the military in the prosecution of captured terrorists in 2011.  During that time, the U.S. turned over all of Camp Cropper to the Iraqis.  Camp Cropper at one time was the primary detention facility in Iraq.  In keeping with the Status of Forces Agreement (SOFA), Camp Cropper, and its prisoners were turned over to the Iraqis in phases.  By 2011, the U. S. only controlled a small portion of that prison that housed the most dangerous terrorists, Daqduq included.   These were the baddest of the bad, and ones that the U.S. held on to until the last possible moment.  The problem?  We needed evidence to give to the Iraqis so the Iraqis could justify holding them and subsequently prosecuting them through their legal system. 

Many of these bad guys had been captured on the battlefield years earlier.  Soldiers and Marines were not concerned at that time with preserving “evidence” that would hold up in a civilian court at a later date.  In addition, a lot of the evidence against these terrorists was classified and not releasable to a foreign nation. 

Needless to say, the prisoners were turned over to the Iraqis with what little evidence we had.  Most were subsequently released.  Corruption, politics, and religious affiliations certainly played a starring role in Iraq and Afghanistan.  Putting the politics of Iraq and Afghanistan aside, it is evidence that will hold up in a court of law that is necessary to obtain a conviction and a sentence.  Merely saying that a person is “bad” without evidence to back it up will not hold in any legitimate court. 

The same is true in the United States.  Any law enforcement officer or agent can make an arrest.  That is the easy part.  It is the evidence gathered by that officer and the investigators that enables a conviction and withstands the scrutiny of a judge, jury, and a good defense attorney.  Credible evidence, proper documentation, accurate report writing, and clear and truthful testimony are keys to obtaining a conviction.  Sloppy or lazy investigative work, taking shortcuts, and questionable statements or testimony on behalf of the prosecution team will almost certainly lead to an acquittal.   Same is true on the other side of the coin – sloppy or half-hearted work on the part of a defense team can lead to the conviction of an innocent party.  We are extremely fortunate that in the United States,  our rights as citizens to a fair trial is guaranteed by the first ten amendments to the U. S. Constitution, otherwise known as the “Bill of Rights”.

Active Shooter Statisics

Workplace Violence is a legitimate concern to business owners, employees, and law enforcement.  Simpson Security and Investigative Advisory Group, LLC can assist businesses with Workplace Violence prevention strategies and training as well as interventions and investigations. 

The January 2014 issue of the FBI Law Enforcement Bulletin contains some interesting facts on Active Shooter incidents between 2000 and 2012.  An “Active Shooter” is commonly defined as:  An individual actively engaged in killing or attempting to kill people in a confined and populated area. 

[Below is excerpted from FBI Law Enforcement Bulletin, January 2014; “Active Shooter Events from 2000 to 2012” by J. Pete Blair, Ph.D., M. Hunter Martaindale, M.S., and Terry Nichols, M.S.] 

Frequency of Attacks:    There has been a definite increase over the past 12 years.  The number of events drastically increased following 2008. The rate at which these events occurred went from approximately 1 every other month between 2000 and 2008 (5 per year) to more than 1 per month between 2009 and 2012 (almost 16 per year).  There were 72 people shot and 39 killed in 2013. 

Location:  Business locales (e.g., retail stores, office buildings, and factories/warehouses) were the most frequently attacked locations. Schools, both K-12 and institutions of higher education, were the second-most attacked locations at 29 percent. Approximately 1 out of 5 ASEs [Active Shooter Events] occurred in outdoor environments.   Eighteen percent of the attackers went mobile during their attacks; that is, the perpetrator started at one location and then moved to another while still actively attacking. 

Police Response Time:  The median response time was 3 minutes—fast by law enforcement standards.  

Number Shot:   The median number of people shot per event was five. 

Realtionship Between Shooter and Victims:  The shooter did not have any apparent connection (such as being a current or former student/employee) with the attack location in 45 percent of events.  In 55 percent of the incidents, the shooter did have a connection with the attack location. 

Shooter Equipment:   In about 60 percent of the attacks the most powerful weapon used was a pistol. In 8 percent it was a shotgun, and the most powerful weapon used was a rifle in about 25 percent of the cases. Shooters brought multiple weapons in about one-third of the attacks. Perpetrators brought improvised explosive devices (IEDs) to the attack site in 3 percent of the cases and wore body armor in 5 percent. 

Conclusion of All Incidents:  Approximately half of the events (49 percent) ended before law enforcement arrived on scene. This points to the phenomenal speed with which these incidents occur. 

Civilians Trained to React:  The five highest casualty events since 2000 happened despite police arriving on scene in about 3 minutes.  Important are the actions that civilians take to protect themselves during the 3 or more minutes that it takes the police to arrive. Civilians need to be trained about what to do if one of these attacks occurs. 

(The complete article can be found at http://leb.fbi.gov/2014/january/active-shooter-events-from-2000-to-2012) 

No Clear Profile for Homegrown Terrorist

Retired FBI special agent Jeff Lanza says that improved surveillance and cooperation techniques help law enforcement prevent terrorist attacks, but homegrown terrorists continue to threaten U.S. security. But Lanza says there is no consistent profile to help agents detect homegrown terrorists, especially those who are self-radicalized.  “Sometimes their motives are separate and distinct,” Lanza observes. “If there is a common thread, they are unhappy with their lives. They want to express their unhappiness against someone and ignite some sort of revenge.” Of the 71 terrorist plots detected since 9/11, seven involved self-radicalized or “lone wolf” terrorists. However, some experts say the “lone wolf” is a misnomer because even self-radicalized extremists are motivated by existing militant groups and do reach out to terrorists via online forums. “This idea that these people all across America are acting alone fundamentally misunderstands the terrorist threat,” argues U.S. Rep. Mike Pompeo (R-Kan.).   Lanza agrees.  “If I’m a homegrown terrorist and decide to take out some revenge on the United States, it’s much easier to do that today under the radar than prior to the Internet and social media sites, he says.”

IT Security

Field Guide: Types of People Behind Today’s Corporate Security Threats

ZDNet (12/02/13) Detwiler, Bill 

ZDNet has created a field guide to help corporations identify and defend against security threats. The field guide notes that employees are often a company’s greatest security threat. These threats can come about through deliberate actions by employees or through a mistake made by a well-meaning individual. To avoid having employees become threats, it is important that companies have good governance, set and enforce policies, offer education for employees, and take steps to know their employees. Though not typically behind attacks, CEOs and small business owners face the same attack vectors as other employees, such as phishing, social engineering, and infected USB drives. But higher-level employees can pose greater security risks because they are bigger targets, have greater access to corporate networks, and are often exempt from normal security policies. Though the same security techniques used for other employees can help protect CEOs, IT needs to be aware of the political implications of dealing with high-level employees and how to maintain security in instances where they cannot say no to a demand from management. Organized criminals are also a threat, as their attacks have become more sophisticated, and often involve skilled programmers and rented networks for launching distributed denial-of-service (DDoS) attacks and spamming campaigns. Companies can take steps to protect themselves from organized criminals by securing devices and networks, educating employees about IT security, and by establishing and enforcing strong security policies.

Identity-Theft

November 14, 2013, StL Today:  Lake Saint Louis, MO: Lake Saint Louis police say that as many as 300 victims, including about 60 Lake Saint Louis residents, may have had their credit card information stolen.  Investigators haven’t figured out a common location or thread as to where the thieves may be getting the information. They may have put skimming devices on area ATMs or hacked a computer database.  

November 13, 2013, Bloomberg Business Week:  Ireland:  They signed up to receive discounts on vacation travel and other perks. Instead, more than 1.5 million Europeans who had enrolled in customer-loyalty programs learned this week that their personal data, including credit-card details in some instances, had been stolen in a cyber-attack on an Irish company they’d never heard of.  

November 13, 2013, TimesUnion.com: Albany, New York:  Heng Li, 27, of Brooklyn, who worked at the Golden Town Buffet in Glenmont, pleaded guilty to second-degree criminal possession of a forged instrument and first-degree scheme to defraud before Judge Stephen Herrick.  On Aug. 5, Li was found with a credit card skimming device and a counterfeit Michigan identification card. According to the DA’s office, Li used the device to steal personal identification information from 39 credit cards. 

Identity-Theft is a pervasive problem in today’s highly mobile and technological society.  The Federal Trade Commission (FTC) estimates that identity theft claims more than 10 million victims annually.   As the above news notes, identity thieves know no boundaries and it can be difficult to impossible to fully protect yourself from identity-theft. 

What can an identity thief do with your personal information?  Some of the more common types of identity theft related frauds are: 

  • Credit Card Fraud
  • Phone or utilities fraud
  • Bank fraud
  • Government Benefit Fraud
  • Loan Fraud 

Clues that your identity may have been stolen: 

  • You see withdrawals from your bank account that you can’t explain.
  • You don’t get your bills or other mail.
  • Debt collectors call you about debts that aren’t yours.
  • You find unfamiliar accounts or charges on your credit report.
  • Medical providers bill you for services you didn’t use.
  • The IRS notifies you that more than one tax return was filed in your name, or that you have income from an employer you don’t work for.
  • You get notice that your information was compromised by a data breach at a company where you do business or have an account. 

Here are some basic steps consumers can do to protect themselves from identity theft: 

  • Review your consumer credit reports annually
  • Shred or destroy unwanted documents that contain your personal information
  • Do not carry cards (Social Security Card, Medicare Card, etc.) in your wallet that have your Social Security Number on it.
  • Never give out personal or financial information over the telephone.
  • If conducting financial transactions over the internet, make sure you on a legitimate website.  Look for “https” in the URL address; type in the known website address instead of clicking on a link sent to you by e-mail. 

What to do if you are a victim of identity theft?  If you suspect you are victim of identity theft, it is imperative that you act quickly to prevent further fraud. 

1.  Place an initial fraud alert with one of the three national credit reporting agencies: Equifax, TransUnion, or Experian.  An initial fraud alert can make it harder for an identity thief to open more accounts in your name.  You only need to call one reporting agency.  The company you call must tell the other companies about your alert.  

2.  Order your credit report to review for frauds.  Things to look for include credit cards you did not order, loans you did not make, addresses not related to you. 

3.  Make a police report with your local police and obtain a copy of that report and police report number.  This will be needed later in trying to straighten out your credit. 

4.  Make an identity report with the Federal Trade Commission (www.FTC.gov).  The FTC acts as an identity theft clearing house and is used by local and federal law enforcement agencies to look for trends, suspects, and cases.  Your FTC identity theft report will be needed later to straighten out your credit.  The FTC website has a wealth of information on identity theft.

5.  If you know that a bank account or credit card number has been compromised, notify that bank or credit card issuer immediately. 

Simpson Security and Investigative Advisory Group, LLC has extensive experience investigating and resolving identity theft complaints, and assisting businesses with preventive steps.  Many identity thieves are cyber criminals operating in virtual anonymity in foreign countries, beyond the reach of U. S. law enforcement.   Others can be local criminals like the waitress in the above news article, or even a “friend” or wayward relative who had access to your personal information.  The best defense against identity theft is education and awareness. 

Traveler Warning

Travelers’ laptop scam

Recent analysis from the FBI and other government agencies demonstrates that malicious actors are targeting travelers abroad through pop-up windows while they are establishing an Internet connection in their hotel rooms.

Recently, there have been instances of travelers’ laptops being infected with malicious software while using hotel Internet connections. In these instances, the traveler was attempting to set up the hotel room Internet connection and was presented with a pop-up window notifying the user to update a widely used software product. If the user clicked to accept and install the update, malicious software was installed on the laptop. The pop-up window appeared to be offering a routine update to a legitimate software product for which updates are frequently available.

The FBI recommends that all government, private industry, and academic personnel who travel abroad take extra caution before updating software products through their hotel Internet connection. Checking the author or digital certificate of any prompted update to see if it corresponds to the software vendor may reveal an attempted attack. The FBI also recommends that travelers perform software updates on laptops immediately before traveling and that they download software updates directly from the software vendor’s website if updates are necessary while abroad.

Anyone who believes he or she has been a target of this type of attack should immediately contact a local FBI office and promptly report it to the IC3’s website at www.ic3.gov. The IC3’s complaint database links complaints together to refer them to the appropriate law enforcement agency for case consideration. The complaint information is also used to identify emerging trends and patterns.

Source:  www.fbi.gov;  “Malware Installed on Travelers’ Laptops Through Software Updates on Hotel Internet Connections”, May 21, 2012

Workplace Violence

Occupational and Safety and Health Administration (OSHA) defines workplace violence as:  any act or threat of physical violence, harassment, intimidation, or other threatening disruptive behavior that occurs at the work site. 

It ranges from threats and verbal abuse to physical assaults and even homicide. It can affect and involve employees, clients, customers and visitors. Homicide is currently the fourth-leading cause of fatal occupational injuries in the United States. 

Homicide is currently the fourth-leading cause of fatal occupational injuries in the United States. According to the Bureau of Labor Statistics Census of Fatal Occupational Injuries (CFOI), of the 4,547 fatal workplace injuries that occurred in the United States in 2010, 506 were workplace homicides.[1] 

Bureau of Labor Statistics Census of Fatal Occupational Injuries Summary, 2012:  Overall, 767 workers were killed as a result of violence and other injuries by persons or animals, including 463 homicides and 225 suicides.  Shootings were the most frequent manner of death in both homicides (81 percent) and suicides (48 percent). Of the 338 fatal work injuries involving female workers 29 percent involved homicides.  There were two incidents in 2012 where at least 5 people were killed in workplace shootings; a total of 12 workers died in these two incidents.[2] 

While it is important for companies to have policies in place, flexibility is often the key to avoid escalating difficult workplace situations into violent ones, several experts noted in an American Bar Association program. 

The cost of workplace violence has been pegged at more than $36 billion a year, considering factors from poor morale to court awards and legal fees. Typically, workplace violence is instigated by either individuals criminals not connected to the workplace, customers or others on the premises for legitimate purposes, current or former employees, or someone who has an outside relationship with an employee. 

Edwin G. Foulke Jr., who served as head of the federal Occupational Safety and Health Administration under President George W. Bush, said companies must address problems directly or face consequences. To ignore or neglect threatening behavior, he said, will “escalate the problem rather than defuse the problem.” 

Foulke, a partner in the Atlanta office of Fisher & Phillips LLP and co-chair of the firm’s workplace safety and catastrophe management practice group, said companies should have a post-incident plan for workplace violence that includes securing the premises, safeguarding evidence, cooperating with authorities and completing necessary paperwork or reports. [3] 

Awareness and knowledge of Workplace Violence causes, stressors, and incidents are initial preventive measures companies can take in reducing violence in the workplace.  Do you have a workplace violence policy, and if so, is it viable?  Do you have a violent incident action plan?  What is a credible threat?  What are the causes of violence in the workplace and who are the perpetrators?  What can you do to minimize the chances of a violent incident occurring?  You have had an incident, what should you do? 

Simpson Security and Investigative Advisory Group, LLC has the experience and expertise to assist companies in formulating a viable Workplace Violence plan, setting up Threat Assessment Teams, training supervisors and employees as well as conducting risk assessments and investigations.  Contact us at info@SimpsonAdvisoryGroup.com for more information. 


[1] U. S. Department of Labor, Occupational Safety and Health Administration, OSHA Workplace Violence Fact Sheet 

[2] U. S. Department of Labor, Bureau of Labor Statistics: Illness, Injury, Fatality Program 

[3] American Bar Association:  “Assessing Security and Avoiding Violence in the Workplace” program.