In the wake of any tragedy, it should be enough to grieve and stand in solidarity with those who mourn. With a massive toll – about 250 dead, according to revised government figures – it feels disrespectful to the people of Sri Lanka to be dissecting what went wrong even as the dead are being buried.
But the reality is that most, if not all, of these lives need not have been taken. We owe it to them and their loved ones to make sense of what happened and work towards doing all that can be done to ensure it does not happen again.
The Easter attacks represent one of the most lethal and serious terrorist operations since the September 11 attacks in the US, outside of attacks within active conflict zones. And this in a now peaceful country, which for all its history of civil war and ethno-nationalist terrorism in decades past has never had a problem with jihadi radical Islamist terrorism.
The long-anticipated claim of responsibility for the attacks was made by the Islamic State (IS) on Tuesday night. This could help explain how one local cell based around a single extended family circle of hateful extremists not previously known for terrorism could execute such a massive attack. It was larger even than IS’s previous truck-bomb attacks in Syria, Iraq and Afghanistan.
The attacks follow a familiar, if now rarely seen, IS operandi of coordinated suicide bombings. The targeting of Catholic churches, which made little sense initially in the context of the domestic social issues at the heart of the country’s recent civil war, fit an all-too-familiar pattern of IS attacks on Christians, along with fellow Muslims.
Who are Sri Lanka’s Christians?
The fact that 40 or more Sri Lankans travelled to Syria to fight with IS could help explain how the terror network was able to build vital personal links in the very small community of Sri Lankan Islamist extremists so it could subcontract its attack plans to them. At this point, the precise involvement of returnees from Syria and foreign IS supporters in the bombings remains under investigation.
The Easter weekend attacks more resemble the al-Qaeda attacks of the 2000s than they do recent attacks of IS. Like the 2000 attack of the USS Cole in Yemen, the September attacks in New York and Washington, the 2002 bombings in Bali, the 2003 truck bombs in Istanbul, the 2004 train bombings in Madrid, the 2005 tube and bus bombings in London, the Sri Lanka bombings involved multiple attackers acting in concert. With the exception of September 11, all of these also involved improvised explosive devices (IEDs).
The Sri Lanka bombings exceeded all but the September 11 attacks in sophistication and deadliness, despite the fact the perpetrators were previously known only for acts of hateful vandalism.
Over the past decade, al-Qaeda has been unable to carry out significant attacks outside of conflict zones. It has also become increasingly focused on “reputation management” and has tended to avoid indiscriminate mass killings, all the whilst growing its global network of affiliates.
The emergence of IS saw the tempo and scale of terrorist attacks transformed. Most attacks took place in conflict zones (Syria, Iraq, Libya, Yemen, Afghanistan, Pakistan, southern Philippines).
A number of significant attacks were conducted well beyond the battlefield. There were at least four such attacks in 2014, 16 in 2015, 22 in 2016, 18 in 2017, and 10 in 2018. The vast majority of these attacks were conducted by lone actors.
Why was it that, outside of conflict zones, not just al-Qaeda but even IS at the height of its powers focused largely on lone-actor attacks?
It is probably not for want of trying. The reason is that most larger, more ambitious plots were tripped-up by intelligence intercepts. This is especially the case in stable democracies, including our neighbours Indonesia and Malaysia.
The other big question is how one of the deadliest terrorist attacks ever was able to be executed in Sri Lanka?
Sri Lanka was a soft target. Having successfully defeated the Tamil Tiger rebel group a decade ago through military might, Sri Lanka has become complacent. It has not seen a pressing need to develop police and non-military intelligence capacity to counter terrorism.
At the same time, it has struggled with good governance and political stability. Just six months ago, it faced a major constitutional crisis when President Maithripala Sirisena sacked his deputy, Prime Minister Ranil Wickremesinghe, and attempted to replace him with the former prime minister and president Mahinda Rajapaksa.
The attempt failed, but in the stand-off that ensued, Wickremesinghe, and ministers loyal to him, were excluded from intelligence briefings. In particular, they say that they were left unaware of the multiple warnings issued by the Indian intelligence service, RAW, to the authorities in Colombo about the extremist figures who played a key role in the Easter attacks.
Thus, despite several discoveries earlier this year of large amounts of explosives stored in remote rural locations on the island, and multiple warnings from the Indians, including final alerts just hours before Sunday’s attacks, the government and security community were left distracted and caught off-guard.
Between “fighting the last war” and fighting each other, they deluded themselves that there was no imminent terrorist threat.
If the massive attacks in Sri Lanka over Easter serve to remind us that IS is very far from being a spent force, the question is where this energetic and well-resourced network will strike next.
For all that it achieved in Sri Lanka, IS is unlikely to be able to build an enduring presence there. So long as the Sri Lankan government and people emerge from this trauma with renewed commitment to unity – and with elections at the end of the year, this is far from certain – the “perfect storm” conditions exploited by IS are unlikely to be repeated.
So where else is IS likely to find opportunity? India and Bangladesh continue to present opportunities, as does much of Central Asia. In our region, it is Malaysia, Thailand and the Philippines that we should be most worried about.
Malaysia has emerged stronger and more stable from its swing-back to democracy but continues to be worryingly in denial about the extent to which it is vulnerable to terrorist attacks, downplaying the very good work done over many years by the Special Branch of the Royal National Malaysian Police.
Thailand and the Philippines remain less politically stable, and rather more brittle than they care too acknowledge. And both tend to delude themselves into thinking that the problems of their southern extremes will never manifest in a terror attack in Bangkok or Manila, respectively.
The people of Sri Lanka have paid far too high price for the lessons of the Easter weekend attacks to be ignored or forgotten.
Sri Lanka has long been subject to extremist violence. Easter Sunday’s coordinated bomb blasts, which killed almost 300 and injured hundreds more, are the latest in a long history of ethno-religious tragedies.
While no one has yet claimed responsibility for the attacks, 24 people have been arrested. Three police were killed in their capture.
The Sri Lankan government has blamed the attacks on the National Thowheeth Jama’ath (NTJ), a radical Islamist group known for vandalising Buddhist statues.
These attacks are different from previous ethno-religious violence in Sri Lanka. By fomenting generalised religious hatred, they appear to have more in common with Al-Qaeda, which has sought specific political change.
Who are Sri Lanka’s Christians?
For many, the bomb blasts immediately recalled Sri Lanka’s ethnic civil war. The war was fought between the Liberation Tigers of Tamil Eelam (Tamil Tigers) and the Sri Lanka government from 1983 until 2009.
In its final weeks, around 40,000 mostly Tamil civilians were killed, bringing the war’s total toll to more than 100,000 from a population of around 20 million.
The Tamil Tigers were completely destroyed in 2009. Many Tigers, including their leader, were summarily executed. There remains much bitterness among Tamils towards the ethnic majority Sinhalese, but there is no appetite for renewing a war that ended so disastrously.
Ethnic tensions in Sri Lanka were high prior to independence in 1948, and stoked by the 1956 election of the Sri Lanka Freedom Party under Prime Minister Solomon Bandaranaike.
Bandaranaike proclaimed himself “defender of the besieged Sinhalese culture”, and oversaw the introduction of the Sinhala Only Act. The act privileged the country’s majority Sinhalese population and their religion of Buddhism over the minority Hindu and Muslim Tamils. The fallout from this legislation forced Bandaranaike to backtrack, but he was assassinated in 1959 by an extremist Buddhist monk for doing so.
Inter-ethnic tensions continued with outbursts of mob violence. In 1962, there was an attempted military coup, and in 1964, around 600,000 third and fourth generation “Indian” Tamils were forcibly removed to India.
In 1972, and again in 1987, the predominantly Sinhalese Marxist Janatha Vimukthi Peramuna party (JVP) launched insurrections that were bloodily suppressed. Clashes between Sinhalese and Tamils in 1983 led to an attack on a Sri Lankan army convoy. This sparked the “Black July” Sinhalese rampage against ethnic Tamils, leaving at least 3,000 dead and marking the start of the inter-ethnic civil war.
The war was noted for its bitterness, with the Tamil Tigers using suicide bombing as a tactical weapon, as well as for targeted political assassinations. India intervened in the war in 1987. In retribution, a Tamil Tiger suicide bomber assassinated former Indian Prime Minister Rajiv Gandhi in 1991.
Sri Lanka’s Muslims are predominantly ethnic Tamils and make up about 10% of the population. They have been at the margins of these more recent conflicts – excluded as Tamil speakers, but at odds with the more numerous Hindu Tamils. However, they also have long been subject to Sinhalese persecution, with anti-Muslim riots dating back at least as far as the early 20th century.
As the Tamil Tiger war progressed, Sinhalese Buddhism became more radicalised. Some Sinhalese claimed that all of Sri Lanka should be exclusively Buddhist. With the Tamil Tigers defeated, Sri Lanka’s non-Buddhist communities were again persecuted. This culminated in 2013 with a Buddhist attack on a mosque. Anti-Muslim riots in 2014 resulted in a ten day state of emergency. Last year, there were more anti-Muslim riots. Buddhist monks have also disrupted Christian church services.
Sri Lanka’s history of extremist violence, then, is far from new. Sinhalese Buddhist chauvinism has been the driver of much of this conflict. It may be that the Colombo East bombings are a reaction to recent ethnic persecution.
But if so, this raises the question of why Christian churches and upmarket hotels were bombed, rather than symbols of the Sinhalese Buddhist community. One can speculate about the logic of radicalisation and its possible manifestations. It is possible that, if Islamist-inspired, the bombings were not a direct retaliation for last year’s anti-Muslim riots, but part of a wider jihadi agenda.
It is instructive that, when the suspected terrorists were arrested and weapons found, three police were shot dead. Clearly, whoever was responsible was well trained, and there have been suggestions of international links. This contributes to speculation of returned Islamic State fighters having joined NTJ.
The Sri Lankan government was slow to release details of those believed responsible, as it knows ethnic and religious tensions are easy to spark. Identification of responsibility could well provide fuel for another round of inter-ethnic bloodletting.
If NTJ links are proven, or if the more radical elements of the Buddhist community are persuaded by wider speculation, it is likely Sri Lanka’s Tamil Muslims will bear the brunt of their reprisals. It is in this manner that Sri Lanka’s wheel of ethno-religious conflict turns.
Debates about cyber security in Australia over the past few weeks have largely centred around the passing of the government’s controversial Assistance and Access bill. But while government access to encrypted messages is an important subject, protecting Australia from threat could depend more on the task of developing a solid and robust cyber security response plan.
Australia released its first Cyber Incident Management Arrangements (CIMA) for state, territory and federal governments on December 12. It’s a commendable move towards a comprehensive national civil defence strategy for cyber space.
Coming at least a decade after the need was first foreshadowed by the government, this is just the initial step on a path that demands much more development. Beyond CIMA, the government needs to better explain to the public the unique threats posed by large scale cyber incidents and, on that basis, engage the private sector and a wider community of experts on addressing those unique threats.
The aim of the new cyber incident arrangements is to reduce the scope, impact and severity of a “national cyber incident”.
A national cyber incident is defined as being of potential national importance, but less severe than a “crisis” that would trigger the government’s Australian Government Crisis Management Framework (AGCMF).
Wannacry severely disrupted the UK’s National Health Service, at a cost of A$160 million. NotPetya shut down the world’s largest shipping container company, Maersk, for several weeks, costing it A$500 million.
When costs for random cyber attacks are so high, it’s vital that all Australian governments have coordinated response plans to high-threat incidents. The CIMA sets out inter-jurisdictional coordination arrangements, roles and responsibilities, and principles for cooperation.
A higher-level cyber crisis that would trigger the AGCMF (a process that itself looks somewhat under-prepared) is one that:
… results in sustained disruption to essential services, severe economic damage, a threat to national security or loss of life.
At just seven pages in length, in glossy brochure format, the CIMA does not outline specific operational incident management protocols.
This will be up to state and territory governments to negotiate with the Commonwealth. That means the protocols developed may be subject to competing budget priorities, political appetite, divergent levels of cyber maturity, and, most importantly, staffing requirements.
Australia has a serious crisis in the availability of skilled cyber personnel in general. This is particularly the case in specialist areas required for the management of complex cyber incidents.
Government agencies struggle to compete with major corporations, such as the major banks, for the top-level recruits.
The skills crisis is exacerbated by the lack of high quality education and training programs in Australia for this specialist task. Our universities, for the most part, do not teach – or even research – complex cyber incidents on a scale that could begin to service the national need.
The federal government must move quickly to strengthen and formalise arrangements for collaboration with key non-governmental partners – particularly the business sector, but also researchers and large non-profit entities.
Critical infrastructure providers, such as electricity companies, should be among the first businesses targeted for collaboration due to the scale of potential fallout if they came under attack.
To help achieve this, CIMA outlines plans to institutionalise, for the first time, regular cyber incident exercises that address nationwide needs.
While these moves are a good start, there are three longer term tasks that need attention.
First, the government needs to construct a consistent, credible and durable public narrative around the purpose of its cyber incident policies, and associated exercise programs.
Former Cyber Security Minister Dan Tehan has spoken of a single cyber storm, former Prime Minister Malcolm Turnbull spoke of a perfect cyber storm (several storms together), and Cyber Coordinator Alastair McGibbon spoke of a cyber catastrophe as the only existential threat Australia faced.
But there is little articulation in the public domain of what these ideas actually mean.
The new cyber incident management arrangements are meant to operate below the level of national cyber crisis. But the country is in dire need of a civil defence strategy for cyber space that addresses both levels of attack. There is no significant mention of cyber threats in the website of the Australian Disaster Resilience Knowledge Hub.
This is a completely new form of civil defence, and it may need a new form of organisation to carry it forward. A new, dedicated arm of a existing agency, such as the State Emergency Services (SES), is another potential solution.
One of us (Greg Austin) proposed in 2016 the creation of a new “cyber civil corps”. This would be a disciplined service relying on part-time commitments from the people best trained to respond to national cyber emergencies. A cyber civil corps could also help to define training needs and contribute to national training packages.
The second task falls to private business, who face potentially crippling costs in random cyber attacks.
They will need to build their own body of expertise in cyber simulations and exercise. Contracting out such responsibilities to consulting companies, or one-off reports, would produce scattershot results. Any “lessons learnt” within firms about contingency management could fail to be consolidated and shared with the wider business community.
The third task of all stakeholders is to mobilise an expanding knowledge community led by researchers from academia, government and the private sector.
What exists at the moment is minimalist, and appears hostage to the preferences of a handful of senior officials in Australian Cyber Security Centre (ACSC) and the Department of Home Affairs who may not be in post within several years.
Cyber civil defence is the responsibility of the entire community. Australia needs a national standing committee for cyber security emergency management and resilience that is an equal partnership between government, business, and academic specialists.
Former Greens leader Bob Brown accused Lee Rhiannon of “perfidious behaviour”, as the defiant Greens senator fought back against united condemnation from her parliamentary colleagues.
The other nine parliamentary Greens, including eight senators and lower house member Adam Bandt, have written to the party’s national council complaining about Rhiannon who, when the Greens were negotiating with the government on the schools bill, authorised a leaflet urging people to lobby senators to block the legislation.
Brown, a long-time critic of Rhiannon, repeated his previous description of her as “the Greens’ version of Tony Abbott”, and his call for the NSW Greens to replace her at the election with someone more popular and constructive.
He said that while he did not disagree with the Greens ultimately voting against the legislation – because Education Minister Simon Birmingham had done a special deal with the Catholics – the Greens in their negotiations had obtained $A5 billion in extra money.
Education was not Rhiannon’s portfolio – and for her to advocate against the Greens leader Richard Di Natale and its education spokesperson, Sarah Hanson-Young, was “untenable”, Brown said.
The Greens letter said: “We were astounded that senator Rhiannon was engaged with [the leaflet] production and distribution without informing party room at a time when we were under enormous pressure from all sides as we considered our position on the bill”.
It said the leaflet had the potential to damage the negotiations that Di Natale and Hanson-Young were having with the government about billions in extra funding for underfunded public schools.
The Greens’ parliamentary partyroom will consider Rhiannon’s action.
Despite prolonged negotiations with the Greens, the government finally concluded a deal with ten of the other crossbench senators to pass the bill. But the Greens had done much of the heavy lifting to obtain a series of amendments. This included the additional money, which takes the planned total extra federal government spending on Australian schools to $23.5 billion over a decade.
In a statement on Sunday Rhiannon said she rejected allegations she had derailed negotiations and breached “faith of the party and partyroom”.
“I am proud the Greens partyroom decided to vote against the Turnbull government’s school funding legislation. It’s clear that public schools would have been better off under the existing Commonweath-state agreements than they will be under the Turnbull package.”
She said that at all times her actions on education had been faithful to the party’s policy and process, and her work had not impacted on the negotiations.
She defended the leaflets she authorised, saying they were “a good initiative of Greens local groups.
“They highlighted the negative impact the Turnbull funding plan would have on their local public schools.
“Producing such materials are a regular feature of Greens campaigns. These leaflets urged people to lobby all senators to oppose the bill.
“I was proud to stand with branches of the Australian Education Union, particularly as the Turnbull school funding plan favoured private schools,” she said.
Two key questions to consider are:
How likely are you to fall victim to terrorism?
What increases or decreases that likelihood?
Our natural way of thinking about the first question should be similar to considering crime (murder or robbery, for instance), mortality (infant mortality at birth, or cancer), car accidents, or other threats. And the salient point is not so much the total number of murders in a large country, but rather the total number in relation to the size of the population.
Put simply, we should consider the number of affected people on a per-capita basis – that is, murder rates, or mortality rates.
For example, from a policy perspective, it makes sense that ten murders in a populous country like China (which has 1,371,000,000 citizens) would be much less significant than ten murders in a tiny country like Liechtenstein, with its 37,000 citizens.
However, when it comes to terrorism, almost all the knowledge that drives policy decisions comes from studies analysing the total number of terror casualties in a given country and year.
India is a good example. It ranks fourth on the list of terror-prone countries since 1970, with 408 deaths from terrorism in an average year.
But the average Indian need not be particularly worried about terrorism. The country is home to 1.27 billion people, and terrorism kills only one in 2,500,000 people – or 0.0000004% of the population – per year, once we translate total terror deaths to terror deaths per capita. The likelihood of dying from crime or in a road accident is far higher.
India ranks only 82nd in the world when we compare terrorism victims per capita.
So, although India has a relatively high number of terrorist attacks, an individual’s likelihood of dying in such an attack is minimal – because India has such a large population.
Once we switch from focusing on total terror deaths (or attacks) per country to terror deaths per capita, relevant conclusions about what drives terrorism change dramatically. And thus potential policy reactions also change when focusing on terror deaths per capita.
A somewhat baffling conclusion from a long list of research articles states that terrorism is more likely to emerge in democracies, rather than non-democracies. This idea is difficult to reconcile with our intuition of democracy giving people political (and usually religious) freedom – so why should we see terrorism in such free countries?
It turns out that once we analyse terror per capita, democratic nations are less likely to witness terrorism. Again, take India, a large democracy that, at first glance, suffers a lot from terrorism. But, in per-capita terms, terrorism becomes less important.
Another popular belief states that countries with a sizeable Muslim population – such as Pakistan, Indonesia, Bangladesh or Nigeria – are experiencing more terrorism than non-Muslim countries. This is true when looking at the total numbers of deaths.
But that result is also overturned once we consider terror per capita. A larger share of Muslims in a given country relates to marginally less terrorism. Pakistan (202 million people), Indonesia (258 million), Bangladesh (156 million) and Nigeria (186 million) all feature exceptionally large populations.
This result is informative for the current policy debate. More caution is needed before classifying certain countries as more prone to terrorism based on their religion.
Another – admittedly simplistic – way of considering the link between Islam and terrorism comes from comparing the share of terror attacks conducted by Muslim groups with the share of the world population identifying as Muslim. If Muslims were more likely to be terrorists, we should expect the latter figure to be lower.
Approximately 23% of the world population identifies as Muslim. But, since September 11, Islamist groups have conducted about 20% of terrorist attacks worldwide. Thus, terrorist attacks are – historically and today – less likely to be conducted by a Muslim than by a non-Muslim group.
Our results suggest it may be time to rethink the way we approach terrorism.
The likelihood of dying at the hands of a terrorist is comparable to the odds of drowning in one’s own bathtub.
This does not mean we should be afraid of bathtubs, nor does it mean terrorism is not among the problems that need to be solved with a high priority.
Rather, in the fight against terrorism, seemingly easy conclusions may be drawn too quickly – and we should not forget other matters that affect people’s lives far more than terrorism does.
It appears to be increasingly common that terrorist attacks not of the lone-wolf variety involve members of the same family.
Some of them, like the San Bernardino attack last December, are committed by married couples or romantic partners.
But quite a few recent terrorist atrocities – the Charlie Hebdo attack, the Boston Marathon bombings and now Tuesday’s Brussels attacks – have been perpetrated by siblings. So is there a link between within-family radicalisation and acts of terrorism? And is terrorism different from any other crime in this respect?
Both genetics and environment are known to influence criminal behaviour. But the exact nature of these influences and their relative importance are still being debated.
It can be expected, therefore, that genes contribute to terrorist behaviour. But it is wrong to conclude that just because two individuals have a common genetic make-up, one will follow the other if the other becomes a terrorist. Instances of only one family member displaying criminal behaviour are very common.
Nevertheless, there may be environmental factors that contribute to and interact with genetics to cause terrorist behaviour. If so, one would expect to find more terrorist acts than other kinds of criminal acts committed by members of the same family. Family members share both genetics and environment to a greater extent than people in general.
Studies of the militant extremist mindset provide clues to why we can expect to find more siblings among terrorist cells. From the three components of this mindset, only one – “nastiness” – is directly linked to other varieties of criminal behaviour.
Violent criminals of any kind tend to strongly advocate harsh punishment of their enemies. For example, they are more likely than most people to approve of physical punishment for insulting one’s honour.
While both genetics and environment may be implicated in “nastiness”, the other two components of the militant mindset – “grudge” and “excuse” – represent environmental influences to a greater extent. These are usually the focus of recruiters.
An important component of radicalisation is a strong feeling that the group one belongs to is under threat from some other group – that is, the person feels a “grudge” of some kind. A common example is the feeling that the West has exploited and hurt “my” people, and this needs to be avenged.
Sometimes grudge is more general and not oriented towards a particular group. The person simply feels that this world is unfair and full of injustices.
“Excuse” is a dressing-up part of extremism. It relies on religious and ideological “higher moral principles” to justify the feelings of nastiness and grudge.
It follows from the nature of the militant extremist mindset that we can expect to find more siblings among terrorists. This is because such attacks tend to be carried out by people who are more ready for action and are prepared to be vicious in dealing with their enemies. This tends to be a shared characteristic of criminal family members.
Being raised together – and therefore being exposed to the same set of stories about the enemies and the same set of moral, ideological and religious reasons justifying their feeling of hate – is likely to contribute significantly to the same tendency.
And then there is a feeling of trust, due to a common upbringing and feelings stronger than typical camaraderie when you are doing something together with somebody who is close to you. Overall, it is likely that there will be more instances of siblings committing terrorist attacks.
From a security point of view, it may be reasonable to ask whether this tendency calls for a different approach to detection. There is currently an emphasis on internet-based radicalisation, rather than on person-to-person contacts. Family interactions diminish the role of the former and point to the need to maintain traditional policing methods.