Terrorism & Healthcare by John Currie

In this, our third article for the TPSO magazine, we discuss the subject of Terrorism and Healthcare

Years ago, we would never have believed a Hospital would be the target of a terrorist attack as Hospitals were previously thought to be a ‘no go’ area, however, in recent years terrorists have struck at these ‘soft’ targets in Afghanistan, Iraq, Israel, Thailand and Pakistan.

These attacks involved specifically placed devices, suicide bombings, and car bombings, resulting in multiple casualties. The changes in the global
terrorism picture along with our understanding of the threat profile have required all Security professionals to adapt and change longstanding and established protocols.

Many Terrorist organisations are now very tech savvy, they have mastered the power of the internet and use social media to spread their messages, hence there is an increasing need to ensure the cyber security safeguards also include this aspect of risk. Even if the hospital is not the main focus of the attack it may become involved due to its proximity to the ‘real’ target or as an aftermath when dealing with injured persons – Project Argus Health, a Counter Terrorism training package, provides a perfect example.

There has always been an underlying requirement to make a hospital a safe place for all patients, staff and visitors but the threat from terrorism has required all Healthcare Security professionals to adjust and broaden their thinking. The National Counter Terrorism CONTEST Strategy and in particular the CPNI Crowded Places work has highlighted the vulnerabilities to our Healthcare establishments. It should be noted that
since NHS Protect were disbanded in 2017, formerly known as the Security
Management Service, no central regulatory or advisory body formally oversees the provision of security within our vital National Health Service.

This is clearly a risk, as we are relying on the Accredited NHS Security Management Specialist (LSMS) at each NHS Trust or where no accredited specialist is in place, the Security Manager to implement the strategies, recognise risk and mitigate all Security risks where practicable. The NAHS Executive and NAHS Chair are lobbying NHS England, NHS Improvement and the Department of Health for this to be addressed without any further delay.

In 2009 NHS Protect updated their initial Lockdown guidance for Healthcare. For completeness, it should be noted that the source document has been removed from the internet as no department or central body has assumed responsibility for the guidance going forward; however, NAHS can provide copies upon request. It was the responsibility of the Security Management Specialist (LSMS) working alongside Emergency Planning and Preparedness and Business Continuity colleagues, the Police and others to create a workable policy and operational plan that allows the organisation to lockdown the Hospital, part of a hospital or department for example
to counter a physical threat and reduce the risk. The Lockdown process has been utilised following incidents of gang crime as this allows an Emergency Department (ED) to be secured and for Security staff to control access and staff to work safely.

More recently, Guys and St Thomas’ Hospital was placed in Lockdown during the Westminster Bridge and London Bridge attacks. This procedure was implemented immediately on both occasions but on the day of the Westminster Bridge attack, staff reported seeing the vehicle mount the pavement and mow down pedestrians and then heard gunshots.

The speed of the Lockdown undoubtedly saved lives as this action stopped the public from leaving the hospital and entering the scene of the incident. The hospital was then part of the ‘hot zone’. It is noted that a Trust’s Lockdown policy and operational plan should be carefully practiced and exercised but, in my view, the policy and procedures should not be made publicly available. Responsibility for implementing the security arrangements and emergency Lockdown security procedures lies with the hospital and aligns to NaCTSO guidance.(1)

As Healthcare Security professionals, it is our responsibility to ensure the physical environment is adequately protected, however, as the terrorist is well and truly online and although I would not recommend any of our readers try to seek out or search for such content, terrorist material, videos and propaganda are all available online. The grooming of potential subjects and the indoctrination of vulnerable persons is addressed by the PREVENT strategy,(2) however, as we have all seen from a number of recent cases, impressionable teenagers and vulnerable persons have accessed, viewed and acted upon viewing this online material. Access to such information, videos and propaganda is closely monitored and various news sources recently published details of how Facebook was addressing the use of its site and sharing prohibited material.

Healthcare professionals are heavily involved in the PREVENT strategy with many of us, including me, trained to deliver WRAP (PREVENT). Healthcare professionals see, treat and interact with vulnerable people every day and so, awareness of PREVENT and the CONTEST strategy (3) is essential. The ability to spot unusual behaviours, habits, changes in a person’s behaviour, attitude as well as their online activity is an essential skill.

In June 2007, hours after their failed VBIED attack outside Tiger Tiger nightclub in Haymarket, London, Doctor Bilal Abdulla, age 27, who worked at a Hospital in Scotland and 28-year-old engineer Kafeel Ahmed, who was born in India and grew up in Saudi Arabia drove Abdulla’s 4×4 Jeep Cherokee loaded with gas cylinders into Glasgow Airport building. The vehicle was halted short of the building itself by a concrete bollard (Hostile Vehicle Mitigation – HVM).

However, when the vehicle failed to explode, Abdulla threw petrol bombs from the passenger seat and Ahmed doused himself in petrol and set it alight. Abdulla then, got out of the vehicle and attacked a Police officer but was tackled by a taxi driver who had just dropped off his fare. Ahmed later died from the injuries and burns sustained in the attack while Abdulla was jailed for two life sentences and ordered to serve a minimum of 32 years.

This alongside all other ‘home grown’ terrorist ‘lone actors’ who have lived amongst us for years and who in many cases, led a ‘normal life’ on the face of it, however, this only reinforces the need for us all to be aware of the signs of radicalisation and the need to report any suspicious activity or behaviours.

I turn now to the question of whether or not you can Target Harden a Hospital? In short, the answer is clearly yes, but I would suggest doing it sensitively. Healthcare organisations should not look like prisons and with the exception of Acute Psychiatric Intensive Care Units and Forensic (Secure) Mental Health services, there is most likely not even a boundary fence or lockable gates at the entrances. Many hospitals still do not close down their entrances at night as patients and visitors access the hospital wards 24 hours a day, especially the smokers. The challenge of defining
an appropriate level of security was helped by the Secured by Design(4), Hospitals guidance issued in 2005. This is clearly a good starting point however, as you can see, this document is over 14 years old which is why NAHS have been working with Secured by Design colleagues in drafting new guidance but rather than it be Hospital centric, the new document will be applicable to all Healthcare locations and services. I mentioned HVM earlier and as we all know, these installations are now part of our landscape but rather than utilising the metal barriers and heavy vehicle
protection in place along Westminster Bridge and surrounding the Houses of Parliament, Hospital can utilise some of the more esthetical pleasing and less obvious installations such as heavy concrete or stone seats and planters.

Having seen these tested by the Home Office and CPNI I can happily state that they make excellent HVM which would not look out of place at a Hospital. As a 24-hour service, access to our Ambulance entrances and the ED form the main areas of risk, however, through careful design and placement of road furniture and appropriate HVM, the risk can be reduced and these areas made safe.

NAHS members have access to the members area and repository on the website where they can reach out to their peers, participate in discussion forums and access a combined NHS Security Management experience of a good few hundred years!

As part of my research for this article, I came across a paper written by two academics, Charles Hancock and Chris. W. Johnson. Their paper entitled Thinking the Unthinkable:

Exposing the Vulnerabilities in the NHS Response to Coordinated Terrorist Actions(5) discusses a fictional co-ordinated terrorist attack and Major
Incident and is certainly worth a read as this is the sort of exercise organisations need to run so that our responses to such an incident become automatic and our knowledge and understanding of our operational plans is second to none.

A terrorist will most likely have visited their target location, possibly photographed the vulnerable and protected areas and may have even practiced their attack sequence with a walk through. They will have observed the Security team in action and may even activate the fire alarm to establish the sort of response and identify the muster points as these are routinely used for a secondary device or attack.

There was previously a suggestion that Al-Qaeda planned on using an Ambulance to attack a Hospital, copying tactics used elsewhere in the world however, our active Ambulance fleets are tracked and secured through some incredible technical equipment and so the risk from this method of attack was reduced. It did not however, remove or reduce the risk of a motivated individual purchasing an old Ambulance, re-applying the livery
and utilising the vehicle to attack an establishment.

This aspect is well and truly on the radar of the Police and Security Services and all Hospital Security staff are always on the lookout for anything suspicious. The subject and potential methods of attack were even featured in an edition of FHM magazine some years ago, which only goes to show how the media had recognised the increase in risk and the fact that Healthcare and Hospitals in general were seen as a potential target.

The threat from terrorism is not just in the physical form as a well-placed DDoS attack, deployment of Malware or a virus can have catastrophic affect as demonstrated by the Wannacry ransom-ware attack on the NHS in 2017. I do not plan on discussing Cyber Security in any great detail today, however, it is certainly worth noting that all organisations must ensure they have a robust cyber security system, firewall and measures in place and that their systems and data are secure. Seeking specialist advice and even considering your Forensic readiness is something I would certainly advocate but this clearly sits more under the responsibility of the Information Governance and Business Continuity planning teams within the NHS. One area that can often be overlooked is that of staff training and awareness.

If your staff are security aware and know about Phishing, not to use insecure USB sticks, they know not to click any links in an email unless they know and trust the source; the risk is therefore reduced. This awareness only scratches the surface of an extremely specialist, involved and very complex subject and in no way does this reduce the need for or reliance on robust cyber security measures.

We as a society expect the Police, NHS and Fire Service to be there when we need them, however, it should be recognised that each and every person that is ‘touched’ by trauma, whether it be terrorism, violence, cancer or fire for example will have to process those feelings and emotions and so the establishment of a support mechanism and referral pathways along with recognising that post-traumatic stress can impact anyone is absolutely essential.

The recognition of outstanding work and service is always a good step in my book and I wanted to highlight the awards took place in September 2017 when staff working across public services who helped people affected by the terrorist attacks at Westminster and London Bridge, as well as the Grenfell Tower fire, were publicly recognised at NHS Lambeth CCG’s annual
Lammy Awards (6). Awards were presented to representatives of Guy’s and St Thomas’ NHS Foundation Trust, London Fire Brigade, Metropolitan Police, London Ambulance Service, Lambeth Council, and South London and the Maudsley NHS Foundation Trust, to take back to their organisations to say thank you to their staff.

As with any form of criminal behaviour, the effects terrorism can have on an organisation, our staff and our society, is difficult to measure but from personal experience, I am able to say with confidence, the effects can last and be felt for a very long time after the incident itself.

In conclusion, it is the responsibility of every Security professional to work to increase our awareness of the risk from terrorism along with recognising the signs of radicalisation and what to do if anything ‘does not feel right’. I
hope you have enjoyed reading this article but before I sign off, I would like to remember Kirsty Boden, a Senior Staff Nurse in Theatres Recovery at Guy’s Hospital, who sadly lost her life during the London Bridge attack.

References:

  1. https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/478003/NaCTSO_Guidance_
    Note_1_-
    2015-_Dynamic_Lockdown_v1_0.pdf
  2. https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/445977/3799_Revised_Prevent_
    Duty_Guidance__England_Wales_V2-Interactive.pdf
  3. https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/716907/140618_CCS207_
    CCS0218929798-1_CONTEST_3.0_WEB.pdf
  4. https://www.securedbydesign.com/images/downloads/SBD_hospitals_2005.pdf
  5. www.dcs.gla.ac.uk/%7Ejohnson/papers/NHS_terrorism.pdf
  6. https://www.guysandstthomas.nhs.uk/news-and-events/2017-news/september/20170911-response-to-terrorist-attacks-recognised.aspx
John Currie

John is Head of Security and NHS Accredited Local Security Management
Specialist (LSMS) for Lewisham and Greenwich NHS Trust. He was recently voted in as NAHS Executive Director. John is a former Royal Air Force Police Special Investigator who began working with the NHS in 2005 as a Drugs Worker with the Coventry Drugs Intervention Programme. He moved back to the Policing and Security field in 2006, gaining his NHS Security Management LSMS accreditation in 2007.

John has worked across all sectors of the NHS and has a particular interest in Mental Health Acute and Forensic services. He now works closely with two Mental Health Trusts, hosted on his two acute hospital sites. In addition to the ‘day job’, John delivers Lone Worker, Personal Safety skills, PREVENT & Project GRIFFIN Counter Terrorism training