Gate 15 Releases a White Paper with an Update to the Hostile Event Attack Cycle

Hostile Event Attack Cycle

I will undoubtedly incorporate the information contained in this white paper into future safety and security discussions at all levels. Rob Yandow, Retired Police Captain, National Sector Chief InfraGard Emergency Services Sector

In early 2016, The Gate 15 Company (Gate 15) consolidated several existing concepts and developed the Hostile Event Attack Cycle (HEAC) model. This was shared amongst information sharing and analytical communities, and other security professionals, and subsequently informed the basis of Gate 15’s hostile events preparedness program (the Hostile Events Preparedness Series [HEPS]). Initially eight phases, this level of understanding about the threat and their planning process provided insight to organizations to potentially counter threat activities and reduce the risk to their organization. However, as more attacks were analyzed, some consolidation to the HEAC has occurred. While the actions within the phases are distinct, there are instances in which actions bleed together and do not necessarily follow a chronological order. Additionally, with the abundance of information available to threat actors online and through social media platforms, threat activities can be expedited and done in conjunction with physical activities.

The purpose of the paper is to provide an understanding of the HEAC, which can help organizations prepare for various threat courses of actions and develop enhanced security measures as necessary to potentially disrupt threat actors’ planning and to enable the organization to be prepared to respond appropriately.

When looking at hostile events, these include active shooter incidents, workplace violence and workplace attacks, lone actor and low-tech terrorism, complex coordinated terrorist attacks, fire as a weapon, weapons of mass destruction, and other related hostile actions. Hostile events can be characterized by several factors, and employed through a variety of means, weapons, and tactics intended to cause physical injury or death. Whether they realize it or not, threat actors go through a cycle for planning and executing an attack. This process is defined as the Hostile Event Attack Cycle, or HEAC, and it is based on a review of various attacks, as well as other articles based on various types of attack processes.

Whether it is a physical attack designed to inflict mass casualties, or an attack on facilities or infrastructure, the HEAC is consistently followed as threat actors plan, prepare, and execute their attacks. Describing each phase and using examples, recent as well as historical, the white paper will arm organizations with an understanding of each phase as well as indicators that may signify potential actions toward hostile activity, as well as some mitigation strategies that can be used for early identification and potentially disruption.

  • Phase 1 – Initial Target Considerations.
  • Phase 2 – Initial Surveillance / Research.
  • Phase 3 – Target Selection.
  • Phase 4 – Planning and Rehearsals (Surveillance).
  • Phase 5 – Pre-Attack Operations.
  • Phase 6 – Attack.
  • Phase 7 – Escape.

Recent incidents, notable attack anniversaries and events, as well as the increased reopenings around the globe, serve as an opportunity for organizations to review the various types of hostile events that they may encounter moving forward. Recently, Police in England issued an important reminder for all organizations to consider as they move forward from the pandemic warning that terrorists’ capabilities and intention to commit attacks “have not changed” during the coronavirus pandemic, as potential targets become more crowded after lockdown, representing increased opportunity. The effects of the pandemic have been seen in many different ways throughout the past year as individuals cope with the stress and impacts of the disease. As we emerge on the other side, impacts and pressures from the past year will likely continue in the immediate, and potentially long term.

To receive a copy of the white paper, please write to heps@gate15.global

Share article on social media or email: