Title: Assessing Terrorist Motivations for Attacking Critical Infrastructure

Certain types of infrastructure--critical infrastructure (CI)--play vital roles in underpinning our economy, security and way of life. These complex and often interconnected systems have become so ubiquitous and essential to day-to-day life that they are easily taken for granted. Often it is only when the important services provided by such infrastructure are interrupted--when we lose easy access to electricity, health care, telecommunications, transportation or water, for example--that we are conscious of our great dependence on these networks and of the vulnerabilities that stem from such dependence. Unfortunately, it must be assumed that many terrorists are all too aware that CI facilities pose high-value targets that, if successfully attacked, have the potential to dramatically disrupt the normal rhythm of society, cause public fear and intimidation, and generate significant publicity. Indeed, revelations emerging at the time of this writing about Al Qaida's efforts to prepare for possible attacks on major financial facilities in New York, New Jersey, and the District of Columbia remind us just how real and immediate such threats to CI may be. Simply being aware that our nation's critical infrastructure presents terrorists with a plethora of targets, however, does little to mitigate the dangers of CI attacks. In order to prevent and preempt such terrorist acts, better understanding of the threats and vulnerabilities relating to critical infrastructure is required. The Center for Nonproliferation Studies (CNS) presents this document as both a contribution to the understanding of such threats and an initial effort at ''operationalizing'' its findings for use by analysts who work on issues of critical infrastructure protection. Specifically, this study focuses on a subsidiary aspect of CI threat assessment that has thus far remained largely unaddressed by contemporary terrorism research: the motivations and related factors that determine whether a terrorist organization will attack critical infrastructure. In other words, this research investigates: (1) why terrorists choose to attack critical infrastructure rather than other targets; (2) how groups make such decisions; (3) what, if any, types of groups are most inclined to attack critical infrastructure targets; and (4) which types of critical infrastructure terrorists prefer to attack and why. In an effort to address the above questions as comprehensively as possible, the project team employed four discrete investigative approaches in its research design. These include: (1) a review of existing terrorism and threat assessment literature to glean expert consensus regarding terrorist target selection, as well as to identify theoretical approaches that might be valuable to analysts and decision-makers who are seeking to understand such terrorist group decision-making processes; (2) the preparation of several concise case studies to help identify internal group factors and contextual influences that have played significant roles in leading some terrorist groups to attack critical infrastructure; (3) the creation of a new database--the Critical Infrastructure Terrorist Incident Catalog (CrITC)--to capture a large sample of empirical CI attack data that might be used to illuminate the nature of such attacks to date; and (4) the development of a new analytical framework--the Determinants Effecting Critical Infrastructure Decisions (DECIDe) Framework--designed to make the factors and dynamics identified by the study more ''usable'' in any future efforts to assess terrorist intentions to target critical infrastructure. Although each is addressed separately in the following chapters, none of the four aspects of this study were developed in isolation. Rather, all the constituent elements of the project informed--and were informed by--the others. For example, the review of the available literature on terrorist target selection made possible the identification of several target selection factors that were both important in the development of the analytical framework and subsequently validated by the case studies. Similarly, statistical analysis of the CrITIC data yielded measurable evidence that supported hypotheses derived from the framework, the case studies, and the writings of various experts. Besides providing an important mechanism of self-reinforcement and validation, the project's multifaceted nature made it possible to discern aspects of CI attack motivations that would likely have been missed if any single approach had been adopted.