The building, the essential services that maintain the building as an effective environment, the contents of the building and the people who inhabit it may all be the targets of an attack. The spectrum of attacks may range from theft, minor vandalism or serious damage, assaults on staff and arson to the use of direct or indirect fire weapons and bombs containing a variety of payloads. Motives for such attacks may include financial advantage, revenge or even wanton destruction. The building and its occupancy may be directly targeted, a random target or, as is often the case, an indirect target effected because of its close proximity to the primary target.
The most effective means of protecting buildings from attack is by employing layered 'firewalls' utilizing information, technological, structural and procedural barriers to provide protection in depth. The type of threat a building is exposed to depends on the activity conducted in or from the building and the aim of the individual or organization targeting it. A competitor, for example, may be seeking the competitive edge by either gaining privileged information or in extremis by neutralizing the competition's physical ability to compete whereas an extortionist may aim to contaminate a single item on a supermarket shelf. Threats include:
- Breaking and Entering
It is an unfortunate truism that categories of hostile action mounted against buildings by individuals or organizations that do not have a legitimate association with the building are also undertaken by those that do. The most obvious and common threat is theft but all forms of attack have been mounted from within, frequently with external assistance or encouragement. In sophisticated attacks individuals or groups may be infiltrated into a workforce expressly to facilitate or mount the attack.
Countering the Threat
The threat against a building will be influenced by:
- A hostile individual or organisation's possession of intent, capability (expertise and resources) and opportunity;
- The occupancy of the building - by whom and for what purpose;
- Security measures;
- The construction of the building;
- Proximity to other buildings that may be targets; and
- The views and sympathies of employees.
Information and Intelligence
To effectively prevent the realization of hostile intent or to mitigate an attack's effect, it is essential to identify the potential threat and the impact such an attack will have on a building, its occupants and contents. Open source information and advice is readily available, but for those who lack the time or knowledge to undertake a detailed threat/risk assessment specialist consultants are a sound investment.
Intelligence is processed information that has a high degree of credibility and will usually be provided by a government agency often with strict caveats imposed. It may be general, identifying the increased probability of a particular type of attack occurring in a geographic area within a particular time frame, perhaps running to weeks. Alternatively it may be specific in terms of both location and time.
The viability of perimeter security will be dependant on a number of factors including the building's occupancy, 'public image' and location. However, when it is appropriate the use of perimeter security - ideally a combination of CCTV, detectors and fences - provides standoff protection from large explosive devices and additional response time if the perimeter is breached. Should the risk assessment indicate a credible threat from direct and indirect fire weapons, it may also be appropriate to cover possible firing and mortar base-plate positions with CCTV.
Unauthorized entry is minimized by a strict access control regime. The activity undertaken in the building will influence control measure implementation. Even those premises to which the public must have constant access will benefit from control measures. Where perimeter security is in place the first line of access control will be at the entry point, the second at the entrance to the building and others at the entrance to restricted access areas within a building. Health and safety requirements may influence the latter as much as security needs. To be effective, control measures must be extended to include all possible access points, not just the designated ones, but without compromising the integrity of emergency escape routes. A frequent weakness is focusing control effort on public access points but ignoring service and delivery areas. Control measure considerations, whether manual or technological, should include vehicles, goods, mail, services (tunnels and pipelines) and exit as well as entry.
Should perimeter security and access control be breached it is important to know where the perpetrator is within the building. This may be achieved with CCTV or an intruder alarm. Fire alarms and sprinkler systems, as well as meeting the needs of accidental outbreaks of fire, will reduce the impact of the arsonist and terrorist incendiary attacks.
Building Design and Construction
The majority of modern buildings are designed and constructed with cost and visual image as the primary considerations. The ability to withstand a vigorous attack as a factor is more usually confined to those buildings occupied by government departments, the armed forces and financial institutions. Yet, it is often the design and construction that either makes a building an attractive target or contributes to the degree of destruction when an attack is mounted. There is little doubt, for example, that building design and construction methods contributed to the extent of destruction caused by the Oklahoma Bomb.
Whenever a bomb explodes in a city centre the extensive use of glass not only affords little protection to those inside but also causes significant numbers of casualties on the streets. Key services also need protection or backup. If the functioning of a building is disrupted by the attacking of services such as water, waste-water or power, it can be as effective as an attack against the building itself. In the case of a chemical or biological attack, air conditioning systems may spread the agent without the device having to be infiltrated inside. There are few better illustrations of this than the effects of teargas, used by police outside on the delegates of the Nice EU Summit in December 2000.
Even in those buildings that have not had protection incorporated as a design or construction feature, it is possible to mitigate the effect of weapon or bomb attacks by retro fitting protective materials and, where space allows, creating a stand-off. Armoured glass, screens, blast curtains, blast and ballistic cladding will all reduce the impact of an attack. It may be appropriate to line areas that are the most likely points of bomb egress with blast resistant cladding, places such as mailrooms, delivery points and left luggage facilities. Bomb bins to contain suspect devices and effect-reducing litterbins and post boxes will assist in minimizing potential casualties. Reinforced internal areas that act as strongholds will provide protection to the building's occupants when evacuation is inappropriate because it will increase exposure to an externally sited threat. Bomb walls provide both blast and ballistic protection and create stand-off between large vehicle borne bombs and the target. Buildings may also be hardened against chemical and biological attack by the use of pressurized systems, air- locks and air and water filters.
To be effective, security personnel need to be well trained, highly motivated and equipped with the appropriate equipment and procedures. While it may be argued that any security presence will provide a level of deterrence it will only be high quality service that will deter the most committed adversary. It is not only security personnel who can participate in the security of a building and its contents. All staff have a contribution to make, a contribution that may facilitate the survival of customers, their fellow workers, themselves and the organization or company on which their livelihood depends.
Buildings, their essential services, occupants and contents may become the target of attack for a variety of reasons. The activities which take place inside a building will influence the measures that may be implemented without compromising its functionality and may prevent making a building impregnable to all forms of attack. Even so, by implementing information, technological, structural and procedural 'firewalls' most attackers will be deterred and those who are not will have the impact of their attack significantly mitigated.