Randall Blake joined the Intelligence Community in 1986 where he served 35 years in a variety of leadership, analysis, and policy positions dealing with national security issues focused on terrorism, transnational organized crime, and the foreign illicit drug threat to the United States. He led analytic support to senior policy makers in supervisory and senior analyst positions in the Office of the Director of National Intelligence and the Defense Department, including the last seven years on the National Intelligence Council serving as the National Intelligence Officer for Transnational Threats.

Mr. Blake earned a bachelor’s degree in Political Science and a Certificate in International Relations from the University of Utah and a master’s degree in International Management from the American Graduate School of International Management (Thunderbird) in Phoenix, Arizona.

CTC: At the end of last year, you retired after more than three decades of service to the U.S. government, and over the course of your career, you served in a variety of key analytical and leadership roles, with primary emphasis placed on terrorism and counterterrorism for more than two of those decades. You played an important strategic behind-the-scenes role in helping the government to understand the terrorism threat and other related threats. Could you provide a brief overview of the trajectory of your career?

Blake: It’s actually 35 years serving in a variety of leadership, analytic, and policy positions almost totally focused on CT support in some manner. I served under seven presidents, from Reagan to Biden; each brought a different perspective to dealing with the issue of terrorism. My career divides almost equally into two halves. The first half was spent in the Department of Defense: the service, command, and national level. I started out with Naval Criminal Investigative Service, spent three and a half years over at EUCOM at the Joint Analysis Center in Molesworth, England, and then back here at the Defense Intelligence Agency, including six years at the Pentagon.

The second half of my career [was] in the Office of the Director of National Intelligence (ODNI). And that involved work in a couple of different roles: one at the National Counterterrorism Center, as a senior manager focused on al-Qa`ida, and most recently, at the National Intelligence Council as the National Intelligence Officer for Transnational Threats. During that period at ODNI, I had two details that were formative assignments in shaping the latter part of my career. One, I went on assignment to the Brookings Institution as a Federal Executive Fellow in 2011, and then during 2012 and 2013, I served at the National Security Council as President Obama’s Special Assistant and Senior Director for Counterterrorism. In a couple of these positions, at the National Intelligence Council and at the NSC, I also had an expanded focus on the threat from transnational organized crime and foreign illicit drugs.

CTC: On the morning of 9/11, you were serving as the DIA’s intelligence terrorism chief, and prior to that, in the mid-1990s, you served as chief of the terrorism analysis shop at U.S. European Command’s Joint Analysis Center in Molesworth, England. What are the key things that surprised you about how the counterterrorism fight has evolved over the past couple of decades?

Blake: I think I’d prefer to talk about observations rather than surprises. Surprises were not welcome things in my career. I was already 15 years into my career on 9/11. So, for me, the attack was part of an escalating al-Qa`ida threat continuum rather than a singular event. That said, I recognized immediately that the magnitude of al-Qa`ida’s tactical success on 9/11 meant everything was about to change. We went through organizational upheavals, a multi-fold increase in resources and scrutiny. One observation is that CT became an exemplar for other national security issues. By that I mean, if you look at the importance of the whole of government approach, it’s an often overused term but not in the CT context. It involves military, intelligence, law enforcement, homeland security, diplomacy, education, international aid, public-private partnerships, and so on. Allies and partners involved in large coalitions, local and regional configurations, and bilateral arrangements have been critical to maintaining the counterterrorism fight over long periods and also in multiple conflicts zones.

Another observation is the remarkable evolution of military and intelligence integration. It changed those organizations, transformed the CT battlefield, and led to many of our greatest successes. But it is important to point out that large-scale military interventions and targeted killings have been necessary, but not sufficient. Counterterrorism has bought us time and space, reduced terrorist capabilities, but hasn’t eliminated terrorism.

We’ve had to simultaneously deal with three types of terrorist threat trajectory—emerging, resurgence, and sustained.

Emerging: In 2003, we were quickly forced to deal with Abu Musab al-Zarqawi and his lead role in furthering the insurgency in Iraq. In 2009, Nasir al-Wuhayshi combined the Saudi and Yemeni branches of al-Qa`ida into al-Qa`ida in the Arabian Peninsula, the affiliate that would pose the greatest threat to the U.S. homeland over the next few years.

Resurgence: [The] predecessor to ISIS in Iraq and Syria resurgence post the U.S. military withdrawal in 2011 was followed by [the] caliphate declaration three years later amidst the arrival of tens of thousands of foreign terrorist fighters, [and fast forward to 2022,] we’re now in a period [where] we have to look at another potential resurgence there. And in the West, racially and ethnically motivated violent extremists [REMVEs] have increased attacks, particularly since 2018.

Sustained: [The] threat that we have been dealing with, in some cases over four decades, includes a variety of groups, but I’ll just focus on some of the key ones: Haqqani network, Iranian state sponsorship of terrorism, Lebanese Hezbollah, Iraqi militants, and ISIS’ global enterprise and the al-Qa`ida affiliates.

A third observation is that this concept of shifting from a U.S.-led, partner-enabled CT approach—in some areas, but not others—to a partner-led, U.S.-enabled approach is an important risk calculus change. It’s one that will put more emphasis on our indications and warning capabilities of emerging threats to U.S. interests, both overseas and here in the United States. Strategic analysis has been at a premium over the last two decades, and it’ll take on an even more important role in this type of CT construct in assessing when a local or regional fight [by terrorist actors] has taken on a greater emphasis focused on U.S. targets and transnational plotting.

Randall Blake

CTC: You have seen and experienced much, as you’ve outlined, over the course of your career, with many positions across several administrations. When it comes to terrorism, what would you say has been the most difficult moment, and conversely, what is the moment perhaps that you are proudest of during the course of your career?

Blake: 9/11 was the most difficult moment. I was serving in the Pentagon as DIA’s Terrorism Warning Division Current Intelligence Chief. I [and my colleagues] carry the heavy burden of having terrorists fly a plane into our building and kill 184 unsuspecting souls, not to mention the horror in lower Manhattan and the heroism by the passengers on the flight that crashed in Shanksville, Pennsylvania. That’s the ultimate mission failure and one that still haunts and motivates me to this day.

The proudest moments—and for me, they’re not just moments—was the work of our global CT enterprise to decimate al-Qa`ida’s leadership after 9/11 and then degrade ISIS core after it declared the caliphate in 2014. And any small contribution that I made to those CT successes were career highlights.

CTC: You played a key role at the National Counterterrorism Center (NCTC). How would you characterize the evolution of NCTC?

Blake: I was there at the start up in 2004, so I’ve been able to see the Center mature from the inside and as a customer when I was down at the NSC in 2012 and 2013, and then as a collaborator while I was at the National Intelligence Council. As a startup, NCTC was challenged by the high-threat environment in which it immediately found itself in, but the fact that we were able to bring together people from multiple agencies, particularly from CIA and FBI, became a real strength. The mission evolved [and] expanded over time. Of course, you have implementation of the recommendations of the 9/11 Commission, the additional recommendations out of the WMD Commission, and further mission expansion after the failed 2009 Christmas airliner bombing. NCTC continues to innovate and build upon itself. From my perspective, it has become an indispensable part of the CT enterprise and a success story, but one in which there are more chapters yet to be written.

CTC: What is the legacy of the United States’ war on terrorism? In your view, what does the score card look like?

Blake: The 9/11 Commission called for a broad political-military strategy that rested on a firm tripod of policies: to attack terrorists and their organizations, prevent the continued growth of Islamist terrorism, and protect against and prepare for terrorist attacks. So, from that standpoint, I would say the scorecard is mixed.

On the positive side, our multilayered homeland defense approach has proven durable for two decades in thwarting large-scale, directed attacks from foreign terrorist organizations. That was unimaginable on September 12th of 2001. We and our allies and partners have decimated successive organizational leadership cadres [and] reduced operating space in key areas while greatly increasing the sophistication and effectiveness of our CT toolkit. 9/11 remains a statistical outlier, and terrorism is not an existential threat to the U.S.

But—and there’s always a ‘but’— war terminology like ‘defeat’ doesn’t work. Enemies decide when they’re defeated by surrendering or ceasing to contest. And describing the threat today as ‘less acute,’ ‘geographically diffuse,’ and ‘ideologically diverse’ does not fit in a nation-state war terminology or a declaration of victory.

And look at the enemies’ resilience; there [are] more radicalized individuals over a broader geographic span today than at any point in recent history. They represent a wide array of ideologies that build on and reinforce themselves through their own set of grievances at every level—individual, local, regional, and transnational. Endemic capacity shortfalls by some of our partners, combined with instability and conflict, equate to sufficient operating space [for terrorist actors] to exploit in some of the same parts of the world where we’ve been engaged for the last 20 years.

We rightfully focus on deterring attacks on U.S. interests and U.S. homeland attacks as measures of success, but it’s good to remember that these terrorist organizations and networks—al-Qa`ida and ISIS in particular—are also involved in insurgency, criminal enterprises, in some cases even humanitarian efforts and governance responsibilities at local and regional levels. Their intent to strike U.S. interests and the U.S. homeland has not changed, but its place on their priority list is calibrated by multiple goals and objectives, often closer to home.

Instead, we’re more consistently dealing with a homeland violent extremist threat that has shifted since 9/11 from primarily in-person interaction to online inspiration and peer-to-peer contacts with extremists sometimes thousands of miles away. In an era of shifting priorities, CT partnerships, and risk tolerance, progress is going to remain fragile. Agility and adaptations will be required. Some of the key variables that are going to shape this landscape are the levels of CT pressure that degrades capabilities, homeland defense that mitigates threats, and effective governance that reduces terrorists’ operating space. If you gave me just six words for the scorecard, I would say: incredible tactical successes, stubborn strategic stalemate.

CTC: Over the past two decades, the United States has developed innovative ways to leverage and operationalize large amounts of data. Indeed, transformations in how the United States has stored, shared, analyzed, and made use of data have been either a key factor or driver in many counterterrorism successes. From your vantage point, what does the next chapter of data-related advancements, through broader experimentation and adoption of machine-learning and artificial intelligence tools, look like?

Blake: I just spent 35 years in an intelligence community in which there was no question in my mind and my colleagues’ that we were global leaders in our craft. If we don’t get this right, the day may come when that may no longer be the case. So I think my first point is just how important it is that we operate in this space in a way that keeps us right at the forefront of where technology is taking us. With world data doubling every two years, we can’t possibly employ enough humans to deal with it. In 2017, the then Director of NGA [National Geospatial-Intelligence Agency] drove home this point when he estimated that we would need eight million imagery analysts by 2037 to process all imagery data.1 Instead, we’ve got to be able to mirror and learn from and improve on the innovations in the tech world and to work with them in that way.

The National Intelligence Council puts out a Global Trends report every four years, timed with new administrations or second terms. There’s some CT language in last year’s report acknowledging the criticality of this issue where we talked about [the fact] that governments are likely to continue to dramatically expand the amounts and types of information they collect as well as the tools to sort and organize that data. [We] talked about advances in biometric identification, data mining, full-motion video analysis, and metadata analysis [which] can provide governments with improved capabilities to identify terrorists and plotting.

CTC: How do you view the value of open-source information, intelligence, data, and how the intelligence and national security communities have been utilizing it or can utilize it in different ways? Some like Dr. Amy Zegart have described a need for the U.S. government to create an open-source agency2 given the growing importance of open-source data. What is your view on this issue, having an open-source agency, and the relevance specifically of open-source data to the future of U.S. CT?

Blake: It’s been interesting over my career to watch open-source data become more and more part of our work. The idea of analysts going into work and spending their entire day poring over intelligence reporting [is] just not [the] reality today. The pendulum swing to increasingly valuing open-source data collection and analysis as a part of analysts’ toolkit is coinciding with the exponential growth of open-source data and CT’s increased competition with other national security issues for resources. We have to recognize that there’s the important guardrails question when we’re talking about privacy and civil liberties, so there are challenges there but ones that have to be judiciously worked through.

At the National Intelligence Council, we used open-source data extensively in our strategic analysis. For example, the Director of National Intelligence provides an unclassified annual threat assessment report to the Senate and House intelligence committees. I already mentioned the Quadrennial Global Trends report, which relies on open-source data. In October [2021], we published an unclassified National Intelligence Estimate on climate change3 and an intelligence assessment on COVID-19’s origins.4

In relation to your question on establishing an open-source agency, I offer a few cautions from my experience of NCTC as a startup organization. I’m not talking about whether we should or should not create an open-source agency, but just that one must recognize that in the government and the intelligence community, you will have to have a degree of humility and patience in dealing with growing pains and even some sharp elbows. Realistic benchmarks for assessing the relevancy of your work with your policy customers will be important as well as presidential and congressional support that endures well beyond the ribbon-cutting ceremony.

CTC: In 2012, you described the Afghanistan-Pakistan area as the “most dangerous neighborhood on the planet, still.”5 In the September 2021 issue of CTC Sentinel, former acting CIA Director Michael Morell assessed that following the Taliban takeover of Afghanistan, “the reconstruction of al-Qa`ida’s homeland attack capability will happen quickly, in less than a year, if the U.S. does not collect the intelligence and take the military action to prevent it.”6 In light of the U.S. withdrawal from Afghanistan, what is your assessment of the terrorism threat environment in that region, the capabilities of key groups like al-Qa`ida and Islamic State Khorasan, and how long it might take those groups to pose more of a threat to the United States? Or are you more concerned about the trajectory of terror threats in other locations in the world?

Blake: For me, there’s a bottom line: Terrorists now have increased operating space in one of the most combustible regions in the world, where CT reach has been dramatically reduced. So, if you start with that premise, everything follows. There are lots of extremist groups there right now; there have been for decades. But for the ones that we’re talking about and focusing on here, my assessment is their transnational capability outside of South Asia doesn’t match their outsized intent and aspirations right now. There’s a much larger global geographic expanse of terrorist operating areas than there was on 9/11 when Afghanistan was the epicenter of global jihad. Al-Qa`ida affiliates in other places are in a stronger position and, along with ISIS branches, networks, and portfolios elsewhere, represent a broader terrorism universe from where terrorists could be deployed to attempt to direct or enable U.S. homeland plotting.

Al-Qa`ida starts from a position of weakness, and its affiliate, al-Qa`ida in the Indian Subcontinent, is the weakest of al-Qa`ida’s affiliates today. Al-Qa`ida could use the increased operating space in Afghanistan to enhance global interconnectivity, but they’re going to want to do it while maintaining positive Taliban public relations. Al-Qa`ida’s rebuilding efforts will almost certainly come with conditions and attempted oversight from the Taliban that did not exist pre-9/11.

ISIS-Khorasan is one of the most capable of ISIS’ branches, but [it] has to contend with the victorious Taliban at its strongest point since its inception. The Taliban is the key variable in any discussion about ISIS-Khorasan bolstering its current capabilities. The Taliban regime freed from 20 years of fighting the U.S.-led coalition and the former Afghan national security forces almost certainly will continue to disregard human rights and international norms. It almost certainly is going to deploy the same ruthless approach—and we’ve already seen some examples—in attempting to degrade its ideological rival, ISIS-Khorasan.

So, I think it’s important to step back and take a strategic view in calibrating the threat. I’m not talking about inspiring people here in United States to conduct attacks or even some online discussions that enable others in some way, [but] if we’re talking about directed, successful homeland attacks of any significance, al-Qa`ida and ISIS have not been able to do that since 9/11. However the threat emanating from Afghanistan develops, our terrorist enemies start with some of the same challenges they have not been able to overcome elsewhere during the last 20 years.

CTC: Shortly after the recent fall of Kabul, President Biden said, “We’ve developed counterterrorism over-the-horizon capability that will allow us to keep our eyes firmly fixed on any direct threats to the United States in the region and to act quickly and decisively if needed.”7 Others have taken a different view. For example, former National Security Advisor Lieutenant General H.R. McMaster, speaking to us at CTC Sentinel, said “You can’t keep your eyes firmly fixed with only technical [means], without augmenting those technical means for surveillance capabilities and without a physical presence and a partner on the ground that allows you to maintain even sustained technical intelligence collection … the logistics difficulties associated now with the distances, having given up the air bases in Afghanistan preclude the ‘firmly fixed’ part of that statement” from the president.8 Is the international terror threat landscape in Afghanistan now a dangerous blind spot for the United States?

Blake: Our starting point is 20 years of captured battlefield material, hundreds of meaningful Afghan relationships, and deep knowledge of the enemy. Our CT approach will be challenging, and it will by necessity look different than what we’ve been doing for the last 20 years. I look at it on three levels: strategic overview, tactical targeting, and indications and warning of plot development and progression. Strategically, enemy intent is clear. The challenge will be in identifying meaningful changes in how al-Qa`ida or ISIS operate in and from Afghanistan that result in capability enhancements that increase the threat to the West. Tactically, look at the find, fix, finish, exploit, analyze, and disseminate model. That’s going to require even more creativity and innovation than has marked the CT successes during the last two decades. We’re going to need [to] exploit technological advances and nurture new and enhanced relationships, including transactional ones with former enemies, and greater reliance on others. Indications and warning of plot development and progression will be challenging, and is going to be dependent, in part, on terrorism developments outside of Afghanistan.

CTC: In 2012, you remarked that “in the ongoing next chapter of global jihad, the increasing democratization of science and technology down to the individual level has emerging implications for the have-later terrorist.”9 Looking back, given the rise of the Islamic State and its ability to get supporters to act and conduct acts of terrorism in their home countries in a remote or more independent type way, that statement was prescient. When you look forward, what concerns do you have about open-source terrorism and/or DIY terrorism?

Blake: DIY has constituted the primary homeland threat for years. One of the things that’s remarkable is that as virtual operating space has expanded in our digitized world, it is now feasible for radicalization to occur in weeks rather than months or years. ISIS taught us the importance of peer-to-peer contacts on encrypted apps with an individual on the battlefield to coach, train, and transfer knowledge. That resulted in an upswing in attacks in West by DIYers during ISIS’ apex in 2014-15.

If you look at the ISIS 2017 Australia plotting, you had a brother in Syria introduce his brothers in Australia to an operative in Syria who shipped component parts back to Australia for an airline improvised explosive device to be put in a meat grinder and then provided instructions on how to make hydrogen sulfide. Brothers with no battlefield experience were being guided by someone they never met thousands of miles away.

There’s also the ideological reinforcement and copycat aspect to DIY terrorism where tactics do not have to be sophisticated to be effective and repeatable. So if you look at REMVEs, they are diffuse with no central global leadership, most value the concept of leaderless resistance, even as many draw inspiration across the globe, where attack manifestos build upon attack manifestos, and attacks are live streamed.

In October 2019, during Yom Kippur, a 27-year-old REMVE in Germany live streamed his DIY attack that killed two people outside a synagogue with a firearm he constructed with components from a 3D printer.10

We had the case in New York on Halloween 2017 where an Uber driver rented a flatbed truck and proceeded down the West Side Highway, swerved into a bike path, killed eight people and injured 11. What was remarkable about that tactic was how unremarkable it had become, such a simple tactic, where with ISIS’ encouragement, it was then the 15th vehicle-ramming attack in three short years.

One of the things that concerns me going forward is the potential for more creative and sophisticated inspired and enabled homeland plots than individuals simply employing small arms, improvised explosives, or ramming tactics. Generation Z is the first generation to have grown up exclusively in the internet age and is increasingly adept at using technologies, including disruptive technologies, in a way that can translate into increased lethality.

CTC: In your last position in government, you served as the national intelligence officer at ODNI for transnational threats. What near-term or over-the-horizon threats are you most concerned about? Where does the threat or potential threat of bioterrorism factor on that list?

Blake: I [will] offer thoughts in five different areas. One is this question of technology that we’ve touched on already. While technological advances have consistently led to CT successes, the technological advantage held by governments is being challenged by the ways in which our terrorist adversaries’ use of technology is expanding. We’re already seeing the use of unmanned systems [by terror groups] to film propaganda videos, conduct attacks, and publicize [their operational] successes. I think about the impact of advances in battery technology on terrorist tactics and capabilities, in allowing unmanned systems to travel farther, faster, and longer with bigger payloads, enabling greater standoff distance from the target, be they humans or critical infrastructure. New technologies create detection challenges. The blockchain eliminates the middleman in digital transactions, which makes detection much more difficult, and then [there’s] the-end-to-end encryption challenge that we’ve been dealing with for years. Terrorists are likely to adapt and then exploit emerging technologies unavailable today that become more advanced and then widely available.

A second area is the chemical and biological terrorism threat. It’s 27 years since Aum Shinrikyo released sarin gas in the Tokyo subway system. It seems like a lifetime ago. More recently, we had ISIS’ repeated battlefield use of toxic industrial chemicals like chlorine, more traditional chemical warfare agents, sulfur mustard, and even the thwarted plan to use hydrogen sulfide in a chemical attack in Australia.11 The COVID-19 pandemic has opened eyes to how a virus can disrupt society and its potential utility as a bioterrorism weapon, and vaccine development has increased focus on synthetic biology, which is a force for good, but I think it’s worth noting that every technology can be as useful to bad actors as good actors. If people say, ‘this will change the world,’ we have to assume it will change it for bad as well as good.

The third area I would point out is operating space. There will always be insurgencies and conflict zones, but it’s the ones with vulnerable populations that terrorists have successfully exploited that have produced our biggest CT challenges. Insurgencies, conflict, instability, often combined with weak governance, injustice, and corruption will continue to serve as incubators for terrorists to exploit. I like to compare the experience of an Afghan or an Iraqi born after 1979 to our own history of conflict on American soil. In the 200-plus years since the War of 1812, there [have been] fewer than 1,500 days of war in the continental United States, almost all during the Civil War, which ended 157 years ago. Afghans and Iraqis born after 1979 have seen more than 15,000 days of war and conflict in their lifetime. It should not be surprising that the operating space that conflicts in those two countries provided extremists played an outsized role for al-Qa`ida and ISIS.

The fourth area is Africa. A decade ago, there were a handful of jihadist terrorist groups [with] an ongoing presence in just a few African countries. Today, more than 20 jihadist groups are active on that vast continent. The ISIS physical caliphate, at its height in Syria and Iraq, covered an area roughly the equivalent of my own state of Virginia. The countries where jihadists are operating in Africa today could easily encompass the continental United States. The groups are led by Africans, some of whom have been involved in local conflicts for decades but have calculated the benefits of rebranding under the al-Qa`ida or ISIS flag. Relying more on local partners is asking a lot in some of those African countries.

The fifth area would be the question of global discontent. It’s on the rise. There are wider audiences embracing more ideologies, and we’re seeing a blurring of ideologies. When I began my career, it was a bipolar Cold War world with multiple, active state sponsors [of terrorism], an array of nationalist and separatist terrorist groups and Iran’s revolutionary zeal, and its principal export Lebanese Hezbollah. Yet, I ended up spending the vast majority of my career dealing with what was then an emerging threat from global jihadists. The only constant is change; we have to consider what might come next.

CTC: You’ve had 35 years of experience in the counterterrorism enterprise. There are young counterterrorism professionals embarking on careers now who are going to be spending the next 35 years perhaps focusing on this and other issues. What is your message for them, the new generation of analysts coming in, to help them on their way?

Blake: The enemy gets a vote on where terrorism fits in our crowded national security priorities list. In the last 42 years, there have been key developments in just a few weeks or days during 1979, 2001, and 2014-15 that have had outsized implications for the threat we faced and our CT approach. You will almost certainly deal with similar rapid disruptions that will recalibrate your work during your career.

The nature of the enemy you will face over your career will likely change. It did during mine. Terrorists espousing a wide array of adaptable ideologies will increasingly exploit the rise of global discontent and grievance culture, and levels of political instability at rates we have not seen since the breakup of the Soviet Union. Changes in terrorist leadership models, organizational constructs, primary conflict zones and operating space (virtual and physical), and propaganda and recruitment methods will likely reflect, and be influenced by, broader geopolitical and societal trends, and technological innovations. Your analytic judgments will be most useful to policy makers if they incorporate that same broad-based approach.

CT is a team sport that is part of broader foreign policy objectives in which U.S. actions are not the answer to every question. Terrorism will not solve itself, so it is your job to give policy makers your unvarnished assessments of where our actions or inactions are contributing to making it better or worse.

Technological advances are going to transform the way you engage the enemy, and collect, analyze, and work with your policy customer. Push your bureaucracy to be agile and early adapters of technologies that allow you to keep a step ahead and excel in all those areas.

CTC: On the al-Qa`ida question, you’re an expert on the group, you’ve tracked it for a very long time, if you had to pick one mystery or one misunderstood aspect about AQ, what would that be? What is the al-Qa`ida terror plot that never happened that you were most concerned about and why? And besides bin Ladin, who in your view is the most significant AQ member that’s been removed from the battlefield since 9/11?

Blake: One misunderstood [aspect] is continuing to equate today’s al-Qa`ida network too closely with Usama bin Ladin’s original model. He was the architect of the far-enemy attack strategy. There were others who opposed it before and after 9/11. One of the things that was remarkable was how soon after his demise that his approach lost some of its strategic currency. If you look at Ayman al-Zawahiri’s 8 June [2011] eulogy, you start to see a shift in focus to what I’ve termed a near-enemy-plus approach—one that prioritized local and regional objectives and attacks against non-U.S. targets, which bin Ladin already viewed as a waste of limited resources that did little to advance long-term goals.

The [al-Qa`ida] network moved away from a central leadership model that wasn’t feasible. The shift coincided with the rise of the affiliates and their independent mindsets, beginning with Abu Musab al-Zarqawi in 2003. I would argue that his extreme independent streak created a roadmap for Abu Bakr al-Baghdadi to follow [with] the final severing of ties with al-Qa`ida and declaring himself caliph a decade later in Mosul’s Great Mosque of al-Nuri. The [al-Qa`ida] affiliates lease the brand name while maintaining target prioritization and decision-making independence. Yet the [al-Qa`ida] network has maintained some level of cohesion in the face of ISIS’ rise and global competition.

It is noteworthy that [the al-Qa`ida network] has failed to repeat a 9/11-style airline success in the United States. You look at the efforts: They were poised right after 9/11, Khalid Sheikh Mohammed’s planning for a second wave attack on the West Coast; the shoe bomber Richard Reid in December of 2001, in 2006, the U.K. aviation plot; al-Qa`ida in the Arabian Peninsula in 2009 and 2010, in 2014, the Khorasan group in Syria; 2016, there’s a laptop detonated on a flight leaving Mogadishu by al-Shabaab, and [in 2020, it is announced that] one of their own Cholo Abdi Abdullah [has been] indicted for pilot training in the Philippines.12 None of these efforts succeeded. The focus on aviation has continued but, at least with respect to al-Qa`ida, with no success.

To your question about the most significant al-Qa`ida member, I’m actually going to give you three, but for different reasons. The first two I mention for their creativity and tenacity. The first is Khalid Sheikh Mohammed for 9/11, his complex operational skills. The second is Abu Musab al-Zarqawi, a thug who was arrested 37 times as a young man before he went on [to] lead an insurgency and form a competing organization that we are still dealing with today. And then third, American-born Anwar al-Awlaki, not just because of his leadership role in al-Qa`ida in the Arabian Peninsula when he went to Yemen, but also because of his enduring appeal to U.S. homegrown violent extremists, which still shows up in arrest affidavits more than a decade after his death. All three had repeatable and replaceable skill sets, yet no one of their caliber has since emerged in al-Qa`ida’s stratosphere.     CTC

[1] Editor’s Note: Remarks from Director Robert Cardillo at 31st Annual Small Satellite Conference, Utah, August 7, 2017.

[2] Don Rassler and Brian Fishman, “A View from the CT Foxhole: Amy Zegart, Senior Fellow at the Hoover Institution and Freeman Spogli Institute for International Studies, Stanford University,” CTC Sentinel 15:1 (2022).

[3] Editor’s Note: “Climate Change and International responses Increasing Challenges to US National Security Through 2040: National Intelligence Estimate,” Office of the Director of National Intelligence, October 21, 2021.

[4] Editor’s Note: “Declassified Assessment on COVID-19 Origins: Intelligence Community Assessment,” Office of the Director of National Intelligence, October 29, 2021.

[5] Randall Blake, “The Next Chapter of Global Jihad,” Brookings, May 1, 2012.

[6] Paul Cruickshank, Don Rassler, and Kristina Hummel, “Twenty Years After 9/11: Reflections from Michael Morell, Former Acting Director of the CIA,” CTC Sentinel 14:7 (2021).

[7] “Remarks by President Biden on Afghanistan,” The White House, August 16, 2021.

[8] Sean Morrow, “A View from the CT Foxhole: Lieutenant General (Ret) H.R. McMaster, Former National Security Advisor,” CTC Sentinel14:8 (2021).

[9] Randall A. Blake, “The Next Chapter of Global Terrorism: New Realities Transcending Old 9/11 Paradigms,” Foreign Policy at Brookings, December 2012, p. 26.

[10] Editor’s Note: For more on this attack, see Daniel Koehler, “The Halle, Germany, Synagogue Attack and the Evolution of the Far-Right Terror Threat,” CTC Sentinel 12:11 (2019).

[11] Editor’s Note: For more on this plot, see Andrew Zammit, “New Developments in the Islamic State’s External Operations: The 2017 Sydney Plane Plot,” CTC Sentinel 10:9 (2017); Andrew Zammit, “Operation Silves: Inside the 2017 Islamic State Sydney Plane Plot,” CTC Sentinel 13:4 (2020).

[12] Editor’s Note: “Kenyan National Indicted for Conspiring to Hijack Aircraft on Behalf of the Al Qaeda-Affiliated Terrorist Organization Al Shabaab,” U.S. Department of Justice, December 16, 2020.

Stay Informed

Sign up to receive updates from CTC.

Sign up