'Soft Targets' Remain Vulnerable to Terrorist Attacks


Once the drama in Boston is over, attention will inevitably turn to how to prevent another terrorist attack on an event with limited security.

These so-called soft targets–places like malls and movie theaters, as well as sporting events–have always been vulnerable to terrorist attack, especially given how much harder it is to attack aircraft since 9/11. But until Monday’s deadly bombings, it wasn’t a fear for many people.

After the Sept. 11 attacks, security was boosted for airports, government offices, and other high-profile "hard" targets as well as nuclear and chemical plants. And while local authorities were given technologies and resources to respond to an attack--more paramedics and mobile command centers--their ability to prevent attacks on soft targets remains limited--whether it's a crowded mall during the holiday shopping season or an outdoor summer concert.

“You have to combine the ability to allow people to go in and out and do what they want to do on a normal basis, and separating those who are intent on doing bad things,” said Bob Liscouski, who served as assistant secretary for infrastructure at the Homeland Security Department from 2003 to 2005.

The idea of placing a metal detector in every mall in the U.S., Liscouski said, is not realistic. So, what’s stopping a terrorist from going to a department store or a sporting event and causing mass casualties? 

In all reality, the only real limits for terrorists to attack these locations comes down to their desire to carry out the attack and their accessibility to the types of materials they need for the attack—whether it’s for a bomb of some sort or another high-impact weapon. It’s a low-cost task with a high impact.

One encouraging note, say experts, is that the kinds of things that help prevent attacks on hard targets will help at least a bit with soft ones--border security, surveillance cameras, confidential informants, and so on. Those safeguards probably wouldn't have helped prevent the Boston Marathon bombings, but they could conceivably forestall other attacks on targets, hard or soft.

The idea is to prevent those who could do harm long before they load up a pressure cooker with an improvised explosive device. Experts also point to the importance of making sure that mental-health services are available and to encourage mental-health professionals to come forward if they think their patients are a danger to themselves and others. No system of attack prevention is flawless, of course. But a quilt of different solutions can help. Unfortunately, while there are expensive but relatively simple solutions for preventing hijackers from ramming a plane into a building--more security guards, hardened cockpit doors, air marshals--the idea of distinguishing a troubled adolescent from a troubled adolescent killer can't be solved by hiring a few more TSA agents.

“The government can never guarantee 100 percent security,” said Rick Nelson, a senior affiliate at the Center for Strategic and International Studies. “And even if they could, we wouldn’t want to pay the cost both in terms of dollars and in the erosion of civil liberties.”

Where local authorities can make the most difference happens right after an attack takes places, using surveillance technology, social media monitoring, or even license plate readers to catch suspects.

“Not everything is a technology solution, but there is a lot of great technology can be applied that can give you a better sense of situational awareness,” Liscouski said. “You may not be able to prevent the incident, but you can certainly enhance the response rate to limit the amount of damage.”

But for many locations, the resources aren’t there. A security officer at a mall being paid $10 per hour cannot properly respond to a terrorist attack. The burden of the cost of boosting security for these soft targets falls on the owners of the locations, whether it's a stadium or a movie theatre. For example, the real estate group that owns a mall would have to invest heavily in security. And until there’s a mall bombing at a mall, the likelihood this investment would take place across the country is remote.

At its root, one way to detect and stop an attack, Nelson explains, is simple and for those in Washington well-known: If you see something, say something. Homeland Security officials consistently say that everyday Americans should continue to stay vigilant and aware of their surroundings.

“Every individual, every American has a role in this, a responsibility,” Nelson said. “If you are aware of suspicious packages or know first aid, those type of skills are critically important to building a developing a resilient society that can overcome these kinds of events more quickly.”

The news surrounding the Boston bombings will fade, and Liscouski warns this will be the time when an attack will be most likely.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Sponsored by G Suite

    Cross-Agency Teamwork, Anytime and Anywhere

    Dan McCrae, director of IT service delivery division, National Oceanic and Atmospheric Administration (NOAA)

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Sponsored by One Identity

    One Nation Under Guard: Securing User Identities Across State and Local Government

    In 2016, the government can expect even more sophisticated threats on the horizon, making it all the more imperative that agencies enforce proper identity and access management (IAM) practices. In order to better measure the current state of IAM at the state and local level, Government Business Council (GBC) conducted an in-depth research study of state and local employees.

  • Sponsored by Aquilent

    The Next Federal Evolution of Cloud

    This GBC report explains the evolution of cloud computing in federal government, and provides an outlook for the future of the cloud in government IT.

  • Sponsored by LTC Partners, administrators of the Federal Long Term Care Insurance Program

    Approaching the Brink of Federal Retirement

    Approximately 10,000 baby boomers are reaching retirement age per day, and a growing number of federal employees are preparing themselves for the next chapter of their lives. Learn how to tackle the challenges that today's workforce faces in laying the groundwork for a smooth and secure retirement.

  • Sponsored by Hewlett Packard Enterprise

    Cyber Defense 101: Arming the Next Generation of Government Employees

    Read this issue brief to learn about the sector's most potent challenges in the new cyber landscape and how government organizations are building a robust, threat-aware infrastructure

  • Sponsored by Aquilent

    GBC Issue Brief: Cultivating Digital Services in the Federal Landscape

    Read this GBC issue brief to learn more about the current state of digital services in the government, and how key players are pushing enhancements towards a user-centric approach.


When you download a report, your information may be shared with the underwriters of that document.