A Different Kind Of Disaster
Bombs are just a little different than most types of disasters. One of the main differences is that they are never accidents. That fact alone can cause them to have an impact on the people involved much longer than other more 'natural' disasters. Hurricanes, tornadoes, floods and fires each cause more deaths, injuries and damage than bombs do every year. The photographs that you see below show the result of a relatively 'small' bomb detonating as a person opened it while standing next to their desk. It is a police crime scene photograph, and most people wouldn't want to look at the rest of the pictures that were taken at the scene.
This leads us to yet another way in which criminal bombings are just a little different than other types of disasters. When there is a bomb, whether it detonates or not, you are faced with dealing with a crime scene. This can cause some interesting problems of its own. As an example, when a tornado passes by, once it is gone, you can immediately begin to get your life back to normal. This is also true with floods, hurricanes and many other disasters. With a crime scene you can't just start picking things up and trying to get them back to normal. There is probably evidence there that will need to be recovered as law enforcement begins to attempt to solve the crime. This takes a whole lot more time than it took for the bomb to cause the initial disaster.
When I experienced my first explosion 30 years ago, I saw it, felt it and heard it all at the same time. It happened so fast that I wasn't sure which of my senses reacted first. This was not a bomb. It was one stick of military dynamite, and I was standing in a large field where we would spend the next few weeks learning all about bombs, booby traps and explosives. We were being trained for a trip to Vietnam where we would (among other things) be the demolition teams for combat infantry divisions. Being a paratrooper, I was assigned to the 101st Airborne Division. It would prove to be the most interesting and emotion filled year of my life.
In combat, you expect to see things that you wouldn't see anywhere else. Things like bombs and bullets were made for combat. You don't expect to see them at home when you get back. That surprised me, and I have been keeping an eye on it for the past 30 years. I was surprised to see books on all of these subjects in the hands of my non-military friends. The same Army field manuals that we had used in combat were being read by anyone who wanted to read them.
There was nothing wrong with people reading these books, and as far as I knew, it wasn't illegal to possess them. The fact that I had just returned from a year of seeing what these things could do to people and property made me feel a little uneasy in seeing this information in the hands of untrained people. I don't know the statistics of how many bombs there were in America that year, but I did know that things were changing.
The rate of change was starting to pick up considerably as personal computers started to be purchased for use at home. I was one of the first kids on the block to get one and it was really powerful. Mine was a TRS-80 model III with a whopping 16 kilobytes (not megabytes) of ram. It had no hard drives, and modems (110 baud) were still very rare in homes.
The Internet existed, but it was mainly a university and government network of networks and we mere mortals were not yet very involved with it. Almost another ten years would pass before the Internet would become a useful tool for the masses. Those small home computers were beginning to be connected to bulletin boards using BBS software packages. Files and programs were beginning to be transferred from computer to computer over these local BBS's. Some of these BBS's were starting to contain files describing all kinds of bombs, explosives and other interesting information formerly found only in written form. The information age was beginning to let more people get to more information much more quickly, including information on how to make bombs!
By 1988, the Internet was beginning to become known as a good way of communicating with other companies, universities and associations very quickly and inexpensively. I can remember our needing an obscure part for an old DEC PDP-11/40 mini computer and not knowing where to find it. We posted a request to a news group on the Internet and had the part located in Europe the next day. What a great communication tool.
This was also the year that the famous Internet Worm brought the entire Net to its knees when someone exploited a security hole in one of the common programs used on the net.
This was also the year when someone had a notebook computer stolen from his car (they were called laptop computers way back then). Laptop computers were still somewhat rare just 10 years ago. This one was a 286-12 Megahertz with 640 Kilobytes of memory and a 20 Megabyte hard drive. It was recovered about a year later by his local police department along with some other stolen property. When he got it back, he was asked if everything that he had on the system was still there. It appeared to be just as it was when it was stolen, except for one thing. In the Root directory of the drive there were about a dozen files that were placed there by someone during the year that the computer was in the wrong hands. These files were very accurate descriptions of how to make bombs, explosives, booby traps and other devices.
These same files were available on the Internet if you knew where to find them and how to download them. Something was coming that would make that a whole lot easier. The World Wide Web would soon come into existence.
Five Years Ago
More technical growth has happened during the past five years than in all previous years of my life combined. (I just happened to be born in the same year as the computer, 1946.) Just five years ago, few people had even heard of this new thing called the 'World Wide Web'. It would quickly become a tool for all of us which would change our world forever. It provides almost instant access to a lot of information on just about any subject imaginable. I guess we shouldn't be surprised to find that bomb making information made its way to the web as well.
Things have also changed as to the types of bombs being used by criminals during the past five years. Several major bombings occurred which wound up on the front pages of many newspapers and magazines. Companies were forced to put their disaster recovery plans to the ultimate test under near combat conditions. For the first time, data related disasters become the most costly and sometimes most difficult to recover from. Data lost in an explosion was lost forever if there was no off-site copy available to restore onto the new hardware when it arrived. For the first time in history, we are at a place where everything that is important to a company probably resides on a computer database somewhere. Things will never be the same.
Bomb Incident Plans
My experience has been that most companies do not have a bomb incident plan. Many of the companies that I have spoken with who have a plan aren't really sure that it is up to date and well thought out. Things keep changing, and your bomb incident plans need to be updated to react to these changes.
Here's a quick example. Let's say that your bomb incident plan calls for everyone in your company to go to a staging area a safe distance away if a bomb detonates in your building.
Over the past few years, we have seen several national news making bombings where secondary explosions took place. These were bombs outside of the building which detonated a short time after the initial bomb inside the building detonated. There were probably no people near that second bomb until the building was evacuated. These were secondary explosions. You might want to be sure that your bomb incident plans address searching all staging areas prior to sending people to them.
Even your building evacuation routes should be considered in your plan. You might not always be able to leave the building through the most convenient exit. Always have as many contingency plans for evacuation as possible. Knowing the current criminal bombing profiles (from compiled information on many bombings) will help you to be sure that your plans address searches in all areas where bombs are most likely to be. There are many other issues that your plan should address. I just wanted to throw out a few thoughts to get you thinking about what should be in your plan.
Why do all of this? Well, there are several good reasons. As I said earlier, criminal bombings are different in many ways than any other type of disaster. One of the biggest differences is that there is normally no warning prior to a bomb detonating (the most recent profile shows that only about 7% of all criminal bombings are preceded by a phone call or other warning.) The lack of warning and the noise, smoke, possible fire and screaming may all contribute the most contagious of all human emotions quickly spreading throughout your company - PANIC! Whatever it takes, you want to do all that you can to avoid this. The ability to safely control your workforce will be greatly hampered if panic begins to spread. This will make a very difficult situation even more of a problem for all of you.
Can a good plan guarantee that you won't have an incident? Of course not. Even a well thought out search plan can't guarantee that there will never be an incident. However, a well thought out plan will do several good things for you. It will make you and everyone else in your company feel much more prepared to deal with an incident should you ever be faced with one, it will also go a long way towards showing 'Due Diligence' in trying to prevent an incident and all of the things that happen immediate following an incident. Read on.
Criminal bombings bring with them even more problems long after the smoke clears away, and the crime scene is returned to normal (if it can ever be normal again.) Several articles that I have read over the years have addressed the legal problems that often follow a criminal bombing. I'm not an attorney, but I have had several conversations concerning due diligence with my good friend Mr. John Copenhaver, whom many of you know. He is an attorney, and has written several articles for the DRJ on legal issues associated with disasters. ( He is also the current FEMA Director for the Southeastern United States.) We both agree that companies would be wise to consider whether or not they feel that due diligence is being met in the way that they have prepared for a disaster. This is especially true for a disaster such as a criminal bombing which is never accidental, or an act of nature.
This question may well come up at some time, 'Mr./Ms. employer, what did you do to prevent this incident?' You want to have an answer to that question BEFORE anyone ever asks it! The best way to do that is to do everything that you can to continuously add to your list of answers should you ever be asked. Occasional bomb threat assessments of your corporate posture are also valuable (be sure to document everything), additional training for selected personnel and employee awareness training all show good due diligence or as it is sometimes called due care. Did you do what would be considered reasonable to try to prevent an incident? If you can answer yes, then you should be able to sleep pretty well at night. If not, now is the time to get started, and once you start, keep going. I liken due diligence to security preparedness as well as disaster recovery preparedness in that none of them, in my opinion, are ever completely finished. Things change, and we need to look occasionally to see if any of those changes have opened a new vulnerability.
Employee Awareness Training
I believe that employee awareness is the single most effective, and at the same time least expensive countermeasure that a company can employ. That comment is not made without a little bit of experience to back it up. Over the past nine years, I have trained more than 10,000 people in one form of awareness training or another. Several companies have had their entire security posture changed forever by simply having employees trained (usually a one hour session) as to how they can help to keep their companies safe and secure. It is possible in that one hour to include training in computer security, physical security, disaster recovery and bomb recognition to as many people as you can comfortably fit in a class room. (With hands on bomb recognition training, I would recommend no more than 100 students at a time so that you don't exceed one hour for the group session.)
You can create this type of a training session yourself. Please don't think that I'm saying all of this to solicit your business. I'm not. You can contact me at the e-mail address listed in my bio following this article. Over the years, several people have asked me about the bomb recognition training that I often do. The question is often raised about the possibility of someone having had this training thinking that everything that they see from that point on was a bomb. I can understand people wondering about that. I wondered about it myself when I first started using my very realistic training aids. Well, more experience to the rescue. So far, I have trained about 5,000 students about bombs, and to the best of my knowledge, not one of them has ever mistakenly called in a bomb incident. There have been many that have saved packages and boxes for me to show how they mentally went through the profile check list and several profiles had matched. It made them stop and think before opening these packages. I was proud of them. Prior to their training, none of the profiles would have even been noticed.
There is a final reason why I personally train all of our employees. I was at a training session about 100 miles away from the building where the photo of the bomb on page 14 detonated. I know exactly when it happened because we had employees in that building at the time of the explosion. That has been several years ago now, but I continue to feel just a little better every time that I am able to help just a few more people to be able to recognize a possible bomb should they ever come face to face with one.
Bombs In America
Things are changing! Statistics are kept on every criminal bombing in the country. Each year, the data is compiled and looked at a number of different ways. Lists are created detailing the types of bombs found, the locations where they were found and so forth. Most people are surprised when they hear how many criminal bombings there are in this country every year. On an average, there have been about 2,400 criminal bombings (an average of about 200 per month) during the past few yearly reporting periods. Very few of these make the national headlines like the World Trade Center and Oklahoma City, but every one of them was a disaster for somebody to deal with.
Things will continue to change as we leap into the 21st century with all of its new technology. Neither bombs, nor the technology which will allow anyone interested in learning how to build them, are going to go away. There is a lot more that you can do to prevent this type of disaster than there is to react to it.
Here's your chance to come to Orlando a day early and meet me and my training partner Officer Jim Windle. We are going to be offering a special version of our Bomb Threat Analysis & Countermeasures Training Class on Saturday, September 12, 1998 as a pre-conference course at the 10th annual DRJ conference. We'll try our best to make it the most educational, interesting, exciting and unforgettable training day that you have ever experienced.
This full day training class will be offered at a special price of $245. Class size will be limited, so please register early. We'll see you in Orlando!
Mr. Wiles has been involved with bombs and explosives for over 30 years, and has trained over 5,000 students on bomb recognition. He is the Senior Instructor and co-developer of the BTAC Training Course. His association memberships include the International Association of Bomb Technicians & Investigators (IABTI), Contingency Planning Association of the Carolinas (CPAC), High Technology Crime Investigation Association (HTCIA) and the National Speakers Association (NSA). You can contact him by email at: email@example.com.