Hotel Attacks

ISIS’ Leaderless Revolution and the Sri Lanka Attacks: hotel attack overview included

Video evidence suggests would-be Taj Samudra hotel bomber might have had two IEDs and prepped for a “double tap” bombing

An analysis of six minutes and 28 seconds of CCTV video (posted by several outlets such as the Daily Mail) from the Taj Samudra hotel suggests Sri Lanka Easter bomber, Abdul Lathief Jameel Mohamed, may have had two bombs with him at the hotel. His suicide backpack bomb failed to detonate, however, so he changed targets either on his own or by instruction from his cell’s control. The possible scheme of attack for the Taj Samudra may have been as follows: The attacker brought into the hotel a bomb contained in roller luggage on 20 April, which was to be placed in the hotel lobby on Easter, 21 April; The attacker then brought in his backpack bomb hidden in yet another piece of roller luggage the morning of the attack, Easter, 21 April; The bomber likely planned to detonate his suicide backpack bomb at the hotel’s breakfast … Continue reading

Draft data points on Sri Lanka’s Easter hotel and church bombings, 21 April 2019

Reporting from the BBC, Reuters, and scores of other outlets said at least 11 terrorist bombs exploded in Sri Lanka on 21 April, hitting multiple targets. Seven of these were direct attacks against specific targets – three churches, and four hotels – and three appeared to be from law enforcement operations aimed at apprehending suspects or blowing in place bombs that authorities had discovered. The situation in Sri Lanka is highly fluid with new, highly significant data points developing every 12-24 hours. This is likely to continue for at least one more week, and possibly longer. No analyses presented here, then, should be considered definitive, but the information is, nevertheless, quality enough to be acted on for near term risk reduction. Muir Analytics will update its reporting at the appropriate juncture. Main details of the bombings Reuters said the direct attacks were carried … Continue reading

Precise data point summary regarding covert, hostile surveillance in 30 South Korean hotels, 21 March 2019

Most of the following data points come from the well done and succinct CNN article, “Hundreds of motel guests were secretly filmed and live-streamed online,” 21 March 2019, by Sophie Jeong and James Griffiths. In security/military terms, the gang that set up covert cameras to record 1,600 people in 42 rooms in 30 hotels in 10 South Korean cities constitutes covert, hostile surveillance. Under US law, this would be considered invasion of privacy such as in the Erin Andrews case against a Marriott hotel in Nashville, as described by Deadline.com. The four-person gang that set up these devices (“ultra mini cameras with a 1-millimeter lens,” reports the Korea Herald), showed considerable surveillance tradecraft skills (“spy expertise”) that constituted checking into 30 hotels and expertly installing at least 42 secret cameras in hotel appliances. Statistically, this is four gang members each penetrating and setting up cameras in 7.5 hotels … Continue reading

Muir Analytics’ exclusive interview with private security first responder, Serge Medic, during the 15 January 2019 Dusit attack in Nairobi, Kenya

As five al Shabaab fighters raided and occupied the Dusit hotel and office compound in Nairobi, Kenya, on 15 January 2019, a slew of civilians, some armed and some unarmed, immediately descended on the scene as first responders. Serge Medic was one of them. Here is his riveting and highly informative story. Bio:  Serge Medic, age 56, Tambuka Holdings LTD, Swiss national currently based in Nairobi. Serge has over 28 years of experience in management of international projects and programs, security, investigations, audits, administration, and facilities. Most of his career was in the telecommunications sector. Muir Analytics: What were you doing at the time of the initiation of the attack, what drove you to descend upon the Dusit compound? Medic: At approximately 15:35, I was in a taxi (Uber, so I have the receipt which provides the time of the trip) on Waiyaki Way 200 meters from the … Continue reading

27 February 2019, Hackers execute ransomware attack on hotel in Lucknow, India

The Times of India on 11 March reported that hackers attacked a hotel in Lucknow, India, with ransomware. Police say it is the first such attack on a hotel in the city’s history. At 11:45 pm on 27 February 2019, hackers breached the computer system of The Piccadily Lucknow, a five star hotel. Prateek Dubey, a cyber security specialist, said the hackers used a phishing tactic to gain access to the hotel’s computer system. Then they installed malware that encrypted the hotel’s computer data, which also blocked staff from accessing it. As hotel staff tried to figure out what was wrong, a ransom message popped up on their computer screen, which said, “Oops, your important files are encrypted.” Staff ignored the message and rebooted their computer system, which then crashed. Ideal News says the next day, unknown persons from London called the hotel four … Continue reading

Nine takeaways from the 15 January 2019 al Shabaab attack on the dusitD2 hotel and office complex

These takeaways come from Muir Analytics’ full report on the dusitD2 hotel and business compound attack posted here. First, the hotel was the focal point of the attack. The terrorists applied considerable violence against the hotel’s guests and staff. They inflicted enough damage to cause the hotel to close for four and a half months to repair and renovate, plus rebrand its food and beverage venues. The attackers had a considerable amount of weaponry cached in the hotel, and their hotel room was the site of their final stand. Second, tactically, the attack was effective. Al Shabaab had adequate intelligence on the target, and it sent enough fighters carrying the right weaponry to facilitate the temporary takeover of portions of the hotel and office complex and inflict high casualties. This is to be expected, however, from such a highly experienced and successful insurgent … Continue reading

28 February 2019, Raid with car bomb in Mogadishu, Somalia

Quick overview and short takeaways: Reuters and scores of other outlets are reporting on this ongoing attack: 1) Al Shabaab exploded a massive car bomb outside the Hotel Maka Al-Mukarama in Mogadishu the evening of 28 Feb 2019. Its fighters then occupied the building next door, and Somalian forces are fighting to dislodge them as of 1 Mar. 2) So far, casualties are estimated at 30 killed and 80 wounded. 3) Al Shabaab, an Islamist jihadist insurgent group, has increased operations as of late in light of military pressure applied by the US, Kenya, and other regional militaries. 4) Al Shabaab on 15 Jan raided the 5 star Dusit hotel and business complex in Nairobi, Kenya, killing 21 and wounding scores. 5) Al Shabaab specializes in hotel attacks, and hotel companies around the world should readily understand its tactics. 6) Muir Analytics’ SecureHotel … Continue reading

Executive Summary: Interim Analysis of the 15 January 2019 Al Shabaab Attack on the Dusit Hotel and Office Complex, Nairobi, Kenya

Below is an executive summary of the 15 January 2019 dusitD2 hotel and business complex attack sequence as of 15 February 2019. It comes from an extensively researched and sourced briefing by Muir Analytics’ SecureHotel Threat Portal team posted here. It is hotel-centric, and details on the violence that occurred in the office buildings are heavily redacted in order to focus on what happened at the dusitD2. Statements by the Kenyan government and the actions of the terrorists clearly indicate the hotel was the focal point of the attack. This briefing is based on open sources. A final report on the attack has not been issued by the Kenyan government. As a result, there are information gaps, and several issues need confirmation. As more data becomes available, Muir Analytics will update this brief. Muir’s SecureHotel Threat Portal team will also publish a set … Continue reading

Interim Analysis of the 15 January 2019 Al Shabaab Attack on the Dusit Hotel and Office Complex, Nairobi, Kenya

Note: This sequence of events is hotel-centric. Details on the office buildings that were attacked are redacted in order to focus on what happened at the dusitD2 hotel. This is not to minimize the tragedy and sacrifice of those who perished and showed valor at the businesses that came under attack. Statements by the Kenyan government and the actions of the terrorists clearly indicate the hotel was the focal point of the attack. The terrorists applied a great deal of violence against the hotel, its staff, and guests, and a hotel room is where the terrorists made their final stand. This briefing is based on open sources such as news articles, photographs, and video of the event. As the final report on the attack has not been issued by the Kenyan government or international agencies, there are multiple information gaps, and several issues … Continue reading