Author Archives: Gordon Woo

About Gordon Woo

Catastrophist, RMS
Gordon is a catastrophe-risk expert, with 30 years’ experience in catastrophe science, covering both natural and man-made hazards. Gordon is the chief architect of the RMS terrorism risk model, which he started work on a year after joining RMS in December 2000. For his thought leadership in terrorism risk modeling, he was named by Treasury & Risk magazine as one of the 100 most influential people in finance in 2004. He has since lectured on terrorism at the NATO Center of Excellence for the Defense against Terrorism, and testified before the U.S. Congress on terrorism-risk modeling. As an acknowledged, international expert on catastrophes, Gordon is the author of two acclaimed books: “The Mathematics of Natural Catastrophes” (1999) and “Calculating Catastrophe” (2011). Dr. Woo graduated as the best mathematician of his year at Cambridge University and he completed his doctorate at MIT as a Kennedy Scholar and was a member of the Harvard Society of Fellows. He also has an Master of Science in computer science from Cambridge University.

Terror in Manhattan

After Faizal Shahzad was arrested on May 1, 2010, for attempting to detonate a vehicle bomb in Times Square, Mayor Bloomberg commented, “It’s been said that when you find a terrorist, he’ll have a map of New York City in his back pocket.” A few blocks from Times Square is the Port Authority Bus Terminal, where a pipe bomb explosion occurred at 7.20 a.m. local time on Monday, December 11, 2017, in an underground passage, about 200 feet (60 meters) from the bus terminal.

Continue reading

Reimagining the WannaCry Cyberattack

On Thursday April 6, 2017, President Trump ordered a Tomahawk missile attack on a Syrian military airfield. This was a direct response to President Assad’s use of sarin gas to attack Syrian dissidents. Just two days later, the password to an encrypted archive of cyber weapons (stolen from the U.S. National Security Agency) was posted by the so-called Shadow Brokers cyber group. This hacking group is thought to have connections with Russia, which is the leading supporter of the Assad regime. They were angered by President Trump’s action.

An immediate beneficiary of this password release was the Lazarus Group, linked with North Korea, which had been launching ransomware attacks at targets over the previous several months. What they lacked was an effective tool to propagate their ransomware from computer to computer. This missing tool, a Microsoft Windows bug called “EternalBlue”, they now were gifted thanks to Shadow Brokers.

Continue reading

Forecasting Terrorist Attacks

At the start of the RMS Exceedance conference in New Orleans in March this year, I was interviewed for A.M. Best TV on terrorism risk, and specifically asked what I was envisaging for future terrorist attacks.

I replied that terrorists have been thwarted in their ability to produce large explosives for vehicle bombs, and are likely to use vehicles for ramming groups of people. Less than a day later, on March 22, 2017, such an attack took place on Westminster Bridge, London. Over the summer, several other terrorist vehicle ramming attacks have occurred in London, and one in Barcelona.

Continue reading

Reimagining History – Counterfactual Risk Analysis

Just under ten years ago, as the global financial crisis was unfolding, the book The Black Swan emerged as the most quoted critique of the financial modeling for rare events. The author, Nassim Taleb — the poster boy of sceptics — asserted that these could not be imagined, let alone predicted. Over the past decade, whenever an unmodeled catastrophe has occurred, such as the magnitude 9 earthquake and tsunami that struck Tohoku, Japan on March 11, 2011, catastrophe risk modelers have been reminded of these elusive “black swans”.

Ever since the publication of The Black Swan, I have challenged myself to develop a framework within which such events might be imagined. The solution lies in reimagining history. Since Copernicus, we no longer perceive the Earth as being specially located in the universe. Yet, the anthropocentric viewpoint has maintained that the historical past is somehow special, rather than being just one realization of what might have happened. Most events have either happened before, almost happened before, or might have happened before.

Continue reading

Recent Attacks Illustrate the Principles of Terrorism Risk Modeling

Some fifteen years after terrorism risk modeling began after 9/11, it is still suggested that the vagaries of human behavior render terrorism risk modeling an impossible challenge, but still the core principles underlying terrorism risk modeling are not widely appreciated. Terrorism risk modeling, as it has developed and evolved from an RMS perspective is unique in being based on solid principles, which are as crucial as the laws of physics are to natural hazard modeling.  The recent high-profile terrorist attacks in London, Stockholm, and Paris adhere to many of these principles.

Continue reading

Terrorism Insurance Under a Trump Presidency

It is likely that very few of the 60 million U.S. citizens who voted for Donald Trump would have done so because of his stance on terrorism insurance. Only because terrorism insurance is too arcane an issue to have come up in the presidential debates. However, many of the nation’s wavering voters may have been swayed by his pledge to make America safer from the scourge of terrorism. Under his presidency, border security will surely be tightened – even if no frontier wall is ever built and changes made to entry decisions for Syrian Muslim refugees into the United States.

Reauthorization of TRIA – Talks Start in 2018

On January 12, 2015, the Terrorism Risk Insurance Program Reauthorization Act of 2015 was signed into law by President Obama. This third extension of the original 2002 Terrorism Risk Insurance Act (TRIA) will sunset at the end of 2020, coinciding with the end of the first term of the Trump presidency. In the drafting of the 2015 reauthorization bill, detailed consideration was given by the House Financial Services Committee to alternative wordings that would have reduced the coverage provided by the U.S. government insurance backstop. One such alternative would have focused U.S. government involvement in the terrorism insurance market on covering terrorism losses from extreme attacks using weapons of mass destruction. When the future of terrorism risk insurance is raised once more on Capitol Hill in 2018, the Republican White House and Congress are likely to seek to further extend the private terrorism insurance market. Though I consider this to be contingent on President Trump keeping his pledge to keep America safe until then.

Balancing Civil Liberties in the Face of Reducing Terrorism Risk

In the democracies of the western alliance, the balance of keeping people safe from terrorism and preserving civil liberty is much debated issue. After the July 2005 London Transport bombings, the head of the British security service, MI5, warned that ‘there needs to be a debate on whether some erosion of civil liberties may be necessary to improve the chances of our citizens not being blown apart as they go about their daily lives’. On a national scale across America, a similar debate was prevalent during the 2016 U.S. presidential election. It may seem that in this instance, the champion of civil liberties, minority rights, and political correctness lost to the conservative advocate of oppressive counter-terrorism action and profiling of terrorist suspects.

Regardless of who occupies the White House, however, terrorist plots against the U.S. will persist and terrorists must be stopped before they move to their attack targets. Success in interdicting these plots depends crucially on intelligence gathered from electronic surveillance. It is well-documented that more intrusive surveillance can successfully increase the chances of lone wolf plots being stopped. And President-elect Trump has already affirmed his readiness to authorize more surveillance. He can claim a public mandate for this: for America to be great again, it has to be safe again – even from lone wolf terrorist plots. After the Orlando nightclub attack on June 12, 2016, perpetrated by the radicalized son of an Afghan immigrant, Donald Trump said that ‘we cannot afford to be politically correct anymore’. And in fighting global Islamist extremism vigorously, he may be able to count on President Putin’s support. While the two world leaders differ on geopolitics, their mutual respect as a President may be maintained through abrasive counter-terrorism action.

When Michael Chertoff was appointed Secretary of Homeland Security, President George W. Bush told him not to let 9/11 happen again – and he didn’t. President-elect Trump will expect a similarly impressive clean sheet. On a more personal level he also has a special interest in increased security against terrorist attacks. His own real estate empire includes some notable potential terrorist targets, including high-profile landmark buildings bearing his name. While the New York Stock Exchange has too tight security to be attacked, in contrast, the Trump Building on Wall Street has easy public access. There are numerous opportunities for terrorist target substitution.

Launching a New Journal for Terrorism and Cyber Insurance

Natural hazard science is commonly studied at college, and to some level in the insurance industry’s further education and training courses. But this is not the case with terrorism risk. Even if insurance professionals learn about terrorism in the course of their daily business, as they move into other positions, their successors may begin with hardly any technical familiarity with terrorism risk. It is not surprising therefore that, even fifteen years after 9/11, knowledge and understanding of terrorism insurance risk modeling across the industry is still relatively low.

There is no shortage of literature on terrorism, but much has a qualitative geopolitical and international relations focus, and little is directly relevant to terrorism insurance underwriting or risk management.

As a step towards redressing the imbalance in available terrorism literature, a new online journal, The Journal of Terrorism and Cyber Insurance, has been established; its launch is to coincide with the fifteenth anniversary of 9/11. The journal has been welcomed and supported by global terrorism insurance pools, and its launch will be publicized at the annual terrorism pools congress in Canberra, Australia, on October 7, 2016.

Originally conceived as a journal of terrorism insurance, coverage has been extended to include cyber risk, recognizing the increasing insurance industry concerns over cyber terrorism and the burgeoning insurance market in cyber risk. The aim of the open access journal is to raise the industry’s level of knowledge and understanding of terrorism risk. By increasing information transparency for this subject the editorial board hopes to facilitate the growth of the terrorism insurance market, which serves the risk management requirements of the wider international community. The first issue is a solid step in this direction, and will include articles on the ISIS attacks in Paris in November 2015; terrorism insurance in France and Australia; parametric terrorism insurance triggers; non-conventional threats; the clean-up costs of anthrax, and the terrorist use of drones.

The four founding editors of the journal have extensive knowledge of the field. The managing editor is Rachel Anne Carter, who has terrorism insurance administrative experience with both OECD and U.K. Pool Re. Dr. Raveem Ismail, specialty terrorism underwriter at Ariel Re, brings to the editorial board detailed direct terrorism and political risk underwriting knowledge. Padraig Belton is a writer with extensive political risk expertise, having served as a correspondent in the Middle East and Pakistan. As chief architect of the RMS terrorism model, I will bring terrorism risk modeling expertise to the team and have the responsibility and pleasure to review all article submissions. I look forward to sharing insights from the journal with subscribers to this blog.

The Orlando Shootings – and What They Tell Us About the Evolving Threat from Islamic State

This month saw what the President of the United States described as “the most deadly shooting in American history” with the killing of 49 innocent people at an Orlando nightclub, carried out by a man suspected of having leanings towards radical Islamist ideology.

Although information is still emerging, there are some clear threads and patterns, which link this attack to the increasing activity surrounding so-called Islamic State (IS).

1. Assaults Using an Automatic Rifle Becoming More Common

For somebody committed to terrorizing the population, there appears to be a growing tendency to use automatic weapons. Off-the-shelf military weapons are inherently more reliable than improvised explosive devices. In contrast to the atrocity in Orlando, a 2007 plot against the Tiger Tiger nightclub in London failed because the IED (improvised explosive device) failed to detonate.

2. The Increase in “Lone Wolf” Attacks as a Response to Surveillance

A “lone wolf” attack has been defined as a single individual or a group of two to three people driven to hateful actions based on a particular set of beliefs without a larger group’s knowledge or support. The FBI believes that most U.S. domestic attacks are carried out by lone actors to promote their own grievances and agendas.

Militants involved in such attacks are home-grown “self-starters” that are inspired by the jihadi movement, but may have little or no actual connection to these groups. Instead, many use the internet and social networking tools to find propaganda and research attack methods.

Mass interception of communications (as revealed by Edward Snowden’s leaks of National Security Agency files), particularly in North America, has raised the chances of terrorist conspiracies being detected. This has led to a move away from plots involving multiple attackers. There has been a corresponding rise in the United States in the risk of lone-actor attacks, which have a comparatively small chance of being found out and stopped.

3. Attacks Inspired by Islamic State

The Orlando terrorist contacted police via cellphone around the time of the attack to announce his allegiance to IS. There are strong indications that he has been deeply influenced by the group even if he had no contact with it. As IS concedes territory it controls in Iraq and Syria it is looking to organize or inspire atrocities overseas. There are two likely reasons for this. Firstly, striking on foreign soil helps to divert attention from its losses in the Middle East in order to retain credibility and an aura of potency. Second, the jihadi operations overseas are designed to deter further attacks by Western forces in IS strongholds in Iraq and Syria.

4. Targeting of Venues Which Extremists Claim Symbolize Values They Decry

Bars and nightclubs may feature in the attack plans of terrorist organizations because there are high concentrations of people in a public, accessible venue. Such locations are also targets for such extremists who may view them as representing Western lifestyles of which they disapprove.

5. Increased Attacks over Ramadan

The murders in Orlando happened a week after the start of the holy month of Ramadan. Radical Islamic militants tend to increase their operations during this period.  A recording released online from IS spokesman Abu Mohammed al-Adnani has claimed any martyrdom operation during the festival of Ramadan will bring more “rewards.” An increase in the tempo of Islamist terrorist activity would thus not be unexpected.

The increasing proliferation of extremism and global attacks is concerning. Our modeling team closely monitors the evolving risk landscape. By examining all attacks to capture greater insight into the workings and thinking of the terrorist groups, including targeting preferences and weapon selection, we can continue to offer terrorism models that enable our clients to deepen their understanding of terrorism risk and strengthen their terrorism risk management.

This post was co-authored by Weimeng Yeo and Gordon Woo. 

Weimeng Yeo

Principal Modeler, Model Development
Weimeng Yeo is a principal modeler on the Model Development team at Risk Management Solutions (RMS), and is a key member of the team responsible for the development of RMS’ terrorism modeling solutions. Prior to his tenure at RMS, Weimeng worked at the International Center for Political Violence and Terrorism Research at the Institute of Defense and Strategic Studies in Singapore. He received his bachelor’s degree in Political Science from Colby College in Maine and a Master’s degree in International Affairs from Georgetown University in Washington DC at the School of Foreign Service.

Learning More About Catastrophe Risk From History

In my invited presentation on October 22, 2015 at the UK Institute and Faculty of Actuaries GIRO conference in Liverpool, I discussed how modeling of extreme events can be smarter, from a counterfactual perspective.

A counterfactual perspective enables you to consider what has not yet happened, but could, would, or might have under differing circumstances. By adopting this approach, the risk community can reassess historical catastrophe events to glean insights into previously unanticipated future catastrophes, and so reduce catastrophe “surprises.”

The statistical foundation of typical disaster risk analysis is actual loss experience. The past cannot be changed and is therefore traditionally treated by insurers as fixed. The general consensus is why consider varying what happened in the past? From a scientific perspective, however, actual history is just one realization of what might have happened, given the randomness and chaotic dynamics of nature. The stochastic analysis of the past, used by catastrophe models, is an exploratory exercise in counterfactual history, considering alternative possible scenarios.

Using a stochastic approach to modeling can reveal major surprises that may be lurking in alternative realizations of historical experience. To quote Philip Roth, the eminent American writer: “History, harmless history, where everything unexpected in its own time is chronicled on the page as inevitable. The terror of the unforeseen is what the science of history hides.”  All manner of unforeseen surprising catastrophes have been close to occurring, but ultimately did not materialize, and hence are completely absent from the historical record.

Examples can be drawn from all natural and man-made hazards, covering insurance risks on land, sea, and air. A new domain of application is cyber risk: new surprise cyber attack scenarios can be envisaged with previous accidental causes of instrumentation failure being substituted by control system hacking.

The past cannot be changed—but I firmly believe that counterfactual disaster analysis can change the future and be a very useful analytical tool for underwriting management. I’d be interested to hear your thoughts on the subject.

Germanwings 9525: Why didn’t this happen before?

On the tenth anniversary of 9/11, I attended a commemorative meeting at the British Academy in London. A professor of international relations recounted how he watched the horrific scenes of destruction of the World Trade Center in the company of his five year-old daughter. She posed this intriguing question: why didn’t this happen before?

Just a few years before she was born, in December 1994, Algerian terrorists attempted to fly a hijacked plane into the Eiffel Tower. Fortunately, French commandos terminated the hijacking when the plane stopped for refueling. This was a near-miss. The American writer of counterfactual fiction, Philip Roth, observed in his book The Plot Against America that: “the terror of the unforeseen is what the science of history hides.” The destruction of the Eiffel Tower is not an event in terrorism history—just one of numerous ambitious plots that were foiled.

With the current state of historical and scientific knowledge, there are very few unknown hazard events that should take catastrophe risk analysts by surprise. Almost all either did happen before in some guise, or, taking a counterfactual view, might well have happened before. Take for example the great Japanese tsunami and magnitude 9 earthquake of four years ago. It is doubtful that this was the strongest historical earthquake to have struck Japan. The Sanriku Earthquake of 869 may merit this status, based on archaeological evidence of widespread tsunami deposits.

Disasters are rare, and preparedness depends crucially on knowledge of the past. Aviation is the safest mode of travel; there are very few crashes. However there are numerous near-misses, where one or more of the key flight parameters is dangerously close to the disaster threshold. There is a valuable learning curve associated with the lessons gained from such operational experience.

The direct action of the co-pilot in the tragic crash of Germanwings Flight 9525 on March 24, 2015 raises again the question: why didn’t this happen before? As recently as November 29, 2013, it did. A Mozambique Airlines plane flying from the Mozambican capital Maputo to Luanda in Angola crashed, killing 27 passengers and its six crew. The pilot locked himself in the cockpit keeping out the co-pilot. He ignored alarm signals and manually changed altitude levels.

Quite apart from this and other historical precedents for fatal crashes caused by direct pilot action, there must be many more near-misses, where timely intervention has inhibited direct action by pilots suffering from some psychological disorder. The reporting of incidents is a crucial part of aviation safety culture, so is advancing the learning curve. Analysis of such data would contribute to accident risk assessment and subsequent risk mitigation measures.