Developing Statistical Information
Consistent with its statutory mission to serve as the United States government's knowledge bank on international terrorism, the National Counterterrorism Center (NCTC) is providing the Department of State with required statistical information to assist in the satisfaction of its reporting requirements under Section 2656f of title 22 of the US Code (USC). The statistical information included in this Annex to the 2008 Country Reports on Terrorism is drawn from the data NCTC maintains on the www.nctc.gov website.
Section 2656f(b) of Title 22 of the USC requires the State Department to include in its annual report on terrorism "to the extent practicable, complete statistical information on the number of individuals, including United States citizens and dual nationals, killed, injured, or kidnapped by each terrorist group during the preceding calendar year." While NCTC keeps statistics on the annual number of incidents of "terrorism," its ability to track the specific groups responsible for each incident involving killings, kidnappings, and injuries is significantly limited by the availability of reliable open source information, particularly for events involving small numbers of casualties. Moreover, specific details about victims, damage, perpetrators, and other incident elements are frequently not fully reported in open source information.
Considerations for Interpreting the Data
Tracking and analyzing terrorist incidents can help us understand some important characteristics about terrorism, including the geographic distribution of attacks and information about the perpetrators, their victims, and other details. Year-to-year changes in the gross number of attacks across the globe, however, may tell us little about the international community's effectiveness either for preventing these incidents, or for reducing the capacity of terrorists to advance their agenda through violence against the innocent. NCTC cautions against placing too much emphasis on the use of attack data to gauge success or failure against the forces of terrorism. Furthermore, NCTC does not believe that a simple comparison of the total number of attacks from year to year provides a meaningful measure.Methodology Utilized to Compile NCTC’s Database of Terrorist Incidents
The data provided in WITS consists of incidents that meet the statutory criteria for terrorism as defined in Title 22 of the US Code § 2656f(d)(2) which states terrorism is “premeditated, politically motivated violence perpetrated against noncombatant targets by subnational groups or clandestine agents. Determination of what constitutes a terrorist act, however, can be complex: information is often incomplete, fact patterns may be open to interpretation, and perpetrators' intent is rarely clear. Moreover, information may become available over time, changing initial judgments about attacks. Users of this database should therefore recognize that reasonable people may differ on whether a particular attack actually constitutes terrorism or some other form of political violence. NCTC has made every effort to limit the degree of subjectivity involved in the judgments and, in the interests of transparency, has adopted a set of counting rules that are delineated below. Terrorists must have initiated and executed the attack for it to be included in the database; failed or foiled attacks, as well as hoaxes, are not included in the database. Additionally, consistent with reports from previous years, spontaneous hate crimes without intent to cause mass casualties and genocidal events are not included in the database. Determining when perpetrators have targeted noncombatants can also be difficult. Military personnel and assets outside war zones and war-like settings pose one challenge to the noncombatant provision of the definition, while police under military command and control, and organized groups of armed civilians inside war zones and war-like settings pose another challenge. NCTC developed a combatant matrix which details the various areas of war-like settings, and the common actors such as military police, militias, soldiers, and other combatant-like actors. The analysts use the matrix in complex cases to determine when an act targeting combatant-like actors should be included in WITS. The combatant matrix is adjusted as the circumstances in world conflicts change or evolve. The distinction between terrorism and insurgency in Iraq was especially challenging in previous years, as Iraqis participated in both the Sunni terrorist networks as well as the former-regime-elements insurgency, targeting both civilians and combatants and often affecting both populaces. Therefore, combatants may be included as victims in some attacks when their presence was incidental to an attack aimed at noncombatants, and some attacks may be deemed terrorism when it recklessly affects combatants. The WITS database contains a field that allows analysts to categorize an incident by "event type." Event types are coded in the database as the following: armed attack, arson/firebombing, assassination, assault, barricade/hostage, bombing, CBRN, crime, firebombing, hijacking, hoax, kidnapping, near miss/non-attack, other, theft, unknown, and vandalism. While some incidents can clearly be coded using this taxonomy, other kinds of attacks are more difficult to define. When it can be determined, incidents that involve multiple types of attacks are coded with multiple event types. Incidents involving mortars, rocket-propelled grenades, and missiles generally fall under armed attack, although improvised explosive devices (IED) fall under bombing including vehicle-borne IEDs (VBIED). VBIEDs include any IED built into or made a part of a vehicle including cars, trucks, bicycles, and motorcycles. Suicide events are also captured, but the perpetrator must have died in the attack for the event type “suicide” to be included. The WITS database categorizes victims of an incident. Civilians, business, students, military, and police are some of the several dozen victims types captured in WITS. Additionally, the nationalities are recorded in WITS where open source reports such information. The methodology presumes most victims to be local nationals unless otherwise reported in the press. In the cases of Iraq and Afghanistan, it is particularly difficult to gather comprehensive information about all attacks and to distinguish terrorism from the numerous other forms of violence, including crime and sectarian violence. During the past twelve months, analysts have noted a decline in open source reporting in some provinces in Afghanistan that have deteriorating security. Thus, WITS has limited attack information for these provinces. We note, however, that because of the difficulty in gathering data on Iraq and Afghanistan, the dataset undoubtedly undercounts the number of attacks in these two countries. In an effort to provide greater granularity and analytic service, in 2007 NCTC introduced to the database the concept of "targeting characteristics." The purpose was to capture, where possible, the underlying motivating factors for attacks. Victims and facilities are coded, so as to enable searching for violence against specific targets-Westerners, Christians, and other groups targeted because of their cultural, ethnic, or religious identities. The intent of this field is not to identify all victims who happened to be Muslims, Christians, etc., but rather to identify victims who appeared to be targeted because they were Muslims, Christians, etc. Traditionally, NCTC only attributed attacks to perpetrators when a claim of responsibility was made or if reporting indicated a belief that a particular perpetrator was responsible. Fundamentally, only those groups that have already been designated as foreign terrorist organizations by the State Department; that have themselves claimed responsibility for terrorist actions or status as a terrorist group; or that have been repeatedly and reliably suspected of involvement in specific terrorist activities are included in WITS. As noted, we often get neither piece of information, and as a result many of the attacks list an unknown perpetrator; for instance in 2007 over 60 percent of all attacks were listed as unknown perpetrators. Where we had information, we provided a confidence level of likely, plausible or unlikely. In an effort to improve analytic capability, and at the request of a panel of outside academics, NCTC added a new confidence level in the 2008 data that is associated with perpetrators to assist researchers. The new value is “Inferred.” In instances where available information provides neither a claim of responsibility nor a belief that a particular perpetrator was responsible, NCTC may now infer a perpetrator. Such inferences are based on an evaluation of the characteristics of the attack and other factors, such as whether only one group is active in a particular region. In cases where the attack characteristics match the modus operandi of a single group, or a group is known to be the only one operating in the region, for example, an inference is made that associates a group with the attack. If desired, these inferences may be filtered out of the result set by excluding the confidence level of “Inferred” in the Advanced Search facility of WITS as shown below.Thus far, this data value is being utilized largely for the inference of “Sunni extremist” attacks in some countries and only applies to the 2008 data. Such an inference is based upon specific parts of the country in which the attack occurred, the attack method used, or both factors.
NOTE: Users must be aware that such an analytic reference has not been applied to earlier years and as such queries must be carefully constructed to avoid fallacious conclusions about the change in the number of attack conducted by Sunni extremists. If users do not wish to use this additional analytic reference they can maintain consistency across time-series data by filtering out the value as described above. Moreover, perpetrator characteristics may change over time. For instance, the Chechen rebels were previously categorized as secular/political, but are now categorized Sunni extremists because they declared themselves to be the Islamic Emirate of the Caucuses in October of 2007 and claimed attacks under this name.
To be of more analytic service, the database also enables greater granularity with respect to the impact of attacks. Killed, wounded, and kidnapped figures are provided. Kidnapped victims who were later killed are counted as killed; and kidnapped victims either liberated or still in captivity are counted as kidnapped. Any attack hitting a facility is now coded with a damage estimate of Light ($1 to $500 thousand), Moderate ($500 thousand to $20 million), or Heavy (over $20 million). While it is inherently difficult to make damage assessments for attacks in different countries with different economic circumstances, these estimates allow users to garner a general sense of the overall level of attacks. Because terrorism is a tactic, used on many fronts, by diverse perpetrators in different circumstances and with different aims, NCTC cautions against using attack data alone to gauge success against the forces of terrorism. NCTC does not believe that a simple comparison of the total number of attacks from year to year provides a meaningful metric, for the following reasons: * We continue to refine our counting rules as the study of terrorism evolves. Interaction with academics and outside terrorism experts convinces us that there will never be a "bright red line" around terrorist attacks, but instead the definition of terrorism will always be a point of thoughtful debate. This evolution in our methodology for counting attacks is reflected in WITS and means that some types of year to year comparisons may be misleading. * A quarter of the attacks in the database actually involve no loss of life whatsoever; while an attack against a pipeline and a VBIED attack that kills 100 civilians each count as one attack in the database, such a comparison hardly seems meaningful. * The nature of this exercise necessarily involves incomplete and ambiguous information. The motivation behind attacks, particularly those that do not involve mass casualties can be particularly difficult to discern. * As additional sources of information are found and as more information becomes available from remote parts of the globe we will continue to enrich the database. In the case of 2005, for example, incidents in Nepal grew dramatically; this data can't be meaningfully compared to 2004 because it is clear that attacks on civilians were occurring at a substantially higher rate than was reflected in previous years' accounting. * Finally, the very approach to counting attacks could skew results; for instance, in the morning of 17 August 2005 there were about 450 small bomb attacks in Bangladesh.[2] WITS counted these as one incident because we judged the individual attacks to all be part of a larger coordinated attack; an argument could be made that these were 450 separate attacks.In summary, tracking attacks against civilians and noncombatants can help us understand important trends related to the nature of the attacks, where they are occurring, victims, and perpetrators. However, year-to-year changes in the gross number of attacks across the globe may tell us nothing about the effectiveness of the international community in preventing attacks, reducing the capacity of extremists to wage war, or preventing extremists from advancing their agenda through violence against the innocent.
Incidents of Terrorism Worldwide*
2005 | 2006 | 2007 | 2008 | |
Attacks worldwide | 11,157 | 14,545 | 14,506 | 11,770 |
Attacks resulting in death, injury, or kidnapping of at least 1 person | 8,025 | 11,311 | 11,123 | 8.438 |
Attacks resulting in the death of at least one individual | 5,127 | 7,428 | 7,255 | 5,067 |
Attacks resulting in the death of zero individuals | 6,030 | 7,117 | 7,251 | 6,703 |
Attacks resulting in the death of only one individual | 2,880 | 4,139 | 3,994 | 2,889 |
Attacks resulting in the death of at least 10 individuals | 226 | 293 | 353 | 235 |
Attacks resulting in the injury of at least one individual | 3,842 | 5,796 | 6,256 | 4,888 |
Attacks resulting in the kidnapping of at least one individual | 1,475 | 1,733 | 1,459 | 1,125 |
People killed, injured or kidnapped as a result of terrorism | 74,280 | 74,709 | 71,608 | 54,747 |
People worldwide killed as a result of terrorism | 14,560 | 20,468 | 22,508 | 15,765 |
People worldwide injured as a result of terrorism | 24,875 | 38,386 | 44,118 | 34,124 |
People worldwide kidnapped as a result of terrorism | 34,845 | 15,855 | 4,982 | 4,858 |
Incidents of Terrorism in Iraq and Afghanistan*
2005 | 2006 | 2007 | 2008 | |
Terrorist attacks in Iraq | 3,467 | 6,631 | 6,210 | 3,258 |
Attacks resulting in at least 1 death, injury, or kidnapping | 2,837 | 6,028 | 5,573 | 2,902 |
People killed, injured, or kidnapped as a result of terrorism | 20,722 | 38,878 | 44,012 | 19,083 |
People killed, injured or kidnapped as a result of terrorism | 74,280 | 74,709 | 71,608 | 54,747 |
People worldwide killed as a result of terrorism | 14,560 | 20,468 | 22,508 | 15,765 |
People worldwide injured as a result of terrorism | 24,875 | 38,386 | 44,118 | 34,124 |
People worldwide kidnapped as a result of terrorism | 34,845 | 15,855 | 4,982 | 4,858 |
NCTC Observations Related to Terrorist Incidents Statistical Material
Approximately 11,800 terrorist attacks occurred in various countries during 2008, resulting in over 54,000 deaths, injuries, and kidnappings. Compared to 2007, attacks decreased by 2,700, or 18 percent, in 2008 while deaths due to terrorism decreased by 6,700, or 30 percent. As was the case last year, the largest number of reported terrorist attacks occurred in the Near East, but unlike previous years, South Asia had the greater number of fatalities. These two regions also were the locations for 75 percent of the 235 high-casualty attacks (those that killed 10 or more people) in 2008.Attackers
The perpetrators of over 7,000 attacks, or over 60 percent, in 2008 could not be determined from open source information. Of the remaining incidents, as many as 150 various subnational groups—many of them well-known foreign terrorist organizations—or clandestine agents were connected to an attack in various ways, including as a claimant, as the accused, and as the confirmed perpetrator. In most instances, open source reporting contains little confirmed or corroborating information that identifies the organizations or individuals responsible for a terrorist attack. In many reports, attackers are alleged to be tied to local or well-known terrorist groups but there is little subsequent reporting that verifies these connections. Moreover, pinpointing attackers becomes even more difficult as extremist groups splinter or merge with others, make false claims, or deny allegations.Types of Attacks
As was the case in 2007, most attacks in 2008 were perpetrated by terrorists applying conventional fighting methods such as armed attacks, bombings, and kidnappings. Terrorists continued their practice of coordinated attacks that included secondary attacks on first responders at attack sites, and they continued to reconfigure weapons and other materials to create improvised explosive devices.Victims and Targets of Attacks
As has been the case since 2005, substantial numbers of victims of terrorist attacks in 2008 were Muslim.
An Academic’s Perspective on Open Source Event Data
In the last two decades there have been more than a dozen attempts to build open source event data bases on terrorism. A major drawback of these data collections is that they have traditionally excluded domestic terrorist attacks—even though analysts have long suspected that domestic attacks greatly outnumber international ones. Both the Worldwide Incidents Tracking System (WITS), collected by the National Counterterrorism Center (NCTC), and the Global Terrorism Database (GTD), collected by the National Consortium for the Study of Terrorism and Responses to Terrorism (START) at the University of Maryland, have tackled this problem. Now that we are beginning to have access to more comprehensive terrorism event databases, it is possible to think constructively about ways to further improve their quality. I recommend the following three: validation studies, case control methods, and geo-spatial analysis. First, as event data improves new avenues for validating it become feasible. For example, it is now possible to compare WITS to GTD and other event databases or to examine how media-related measures like newspapers per capita effect open source coverage. In some cases, it is also possible to compare event data to police or court data. Second, a limitation of event databases is that they include attacks that happened but provide no baseline for attacks that could have happened but did not. Advances here could be made by borrowing “case control methods” from medical research. For example, to understand suicide attacks it is useful to have information not only on the specific locations of attacks, but on case controls of similar locations that have not been targeted. And finally, the spatial dimensions of comprehensive event data bases like WITS and GTD have barely been explored. The NCTC should be applauded for substantially improving the government’s publicly available data on terrorism and for seeking feedback from the research community. As psychologist Donald Campbell has pointed out, there is nothing that moves knowledge ahead faster than a “disputatious community of truth seekers.”
—Gary LaFree, University of Maryland
March 18, 2009
The full letter of Dr. LaFree is available in the 2008 NCTC Report on Terrorism, available via the Internet at <www.nctc.gov>.
* In all cases limited to attacks targeting noncombatants. 2005 to 2007 numbers were updated since last year’s publication on the Worldwide Incidents Tracking System at www.nctc.gov.
[1] Ibid., “ICN 200809075.”
[2] Ibid., “ICN 200809446.”
[3] Ibid., “ICN 200809457.”
[4] Ibid., “ICN 200574834.”
[5] “ICN 200574834.” Online posting. Worldwide Incidents Tracking System. Last updated, 12/31/2008. National Counterterrorism Center. 3/20/2009 http://wits.nctc.gov/.
The Office of Electronic Information, Bureau of Public Affairs, manages this site as a portal for information from the U.S. State Department. External links to other Internet sites should not be construed as an endorsement of the views or privacy policies contained therein.