Amenas Case Study

by Noel Mullan

On 16th January 2013, a terrorist attack occurred at the In Amenas gas plant. This plant was a joint venture with European (Statoil and BP) and Algerian (Sonatrach) interests. The attack concluded on 19th January with the loss of 40 on site employees, and the death of 29 terrorists. The mastermind behind this attack was an Algerian terrorist, Mokhtar Belmokhtar, with close links to al-Qa`ida (Combating Terrorism Centre, 2023).

The backdrop to this event was political instability in the surrounding regions. From 2011 the regional security situation deteriorated. The civil war and chaos in Libya had a destabalising impact on the wider area. Close by, Northern Mali was known as an area that would offer sanctuary to terrorist groups. The concerns regarding the regional security situation were known to the joint venture group. It seems that investigations into the attack have also revealed concerns that the terrorists ‘benefited from insider knowledge in their planning of the attack’ This was supported by both the Algerian officials and Statoil investigators (Combating Terrorism Centre, 2013).

The exact motive for the attack at In Amenas remains uncertain, however a strong possibility is that it was to take hostages for ransom and increase the coffers of the terrorist group. Aligned to this is competition that existed between various Islamic groups to ‘outbid’ each other and this may have been part of it. It had been suggested that the attack may have been a response to French air strikes in Northern Mali, but it appears that the planning for this attack began months before the air strikes. (Combating Terrorism Centre, 2015).

The sum of outer and inner security measures failed to protect people at the site from the attack on In Amenas on 16th January. The Algerian military were not able to detect and prevent the attackers from reaching the site. Security measures at the site were not constructed to withstand or delay an attack of this scale and relied on military protection working effectively. Physical protective measures were constructed on the assumption that the Algerian military would prevent and protect against an armed assault. This assumption also underpinned their security plans and security risk management (Statoil, 2013). It is evident that there was an over reliance on Algerian military to provide the level of protection needed at the site, however given the size of the area involved there was always the possibility that an attack would get through that first line of defence. Security protection closer to the site was too frail for such an important multinational operation. An investigation commissioned by Statoil made a number of recommendations, including; (1) Security at In Amenas: Improve the joint ventures ability to detect, delay and stop potential attacks by reinforcing electronic and physical protective measures, enhancing its security risk management capability and develop a coherent programme of security training and exercising. (2) Organisation and Capabilities: Develop a clearly defined ambition for the Company’s security capability. Strengthen the total security organization. Ensure an holistic approach to security. (3) Risk Management Systems: develop a security risk management system that is dynamic, fit for purpose and geared towards action (Statoil, 2013).

This investigation and review concluded that there was no evidence discovered indicating that anyone within the joint venture had advance warning of this specific attack, although the report did highlight the need for such ventures to be more aware of the strategic threats that exist and to take actions commensurate with these threats (Statoil, 2013). Whilst it appears that there was no specific intelligence about this attack, the environment at the time should not have made this type of attack unthinkable (Combatting Terrorism Centre, 2023).

The potential for such attacks should have been planned for. In fact, as part of the review Statoil, (2013) suggested that ‘Companies should consider and think through the implications of scenarios where security layers break down’. This level of preparation and planning ties in with FEMA, (2012) who advised that ‘While not intended to be predictive of what the future holds, scenario planning offers a robust structure for thinking about alternative – and plausible – future operating environments.’

During the UK Inquest into the deaths of the 7 Britons who died at the site, the judge was critical of the plants management and their failures to upgrade protection. The judge highlighted the rarity of security drills, no armed guards protecting the living areas and the true nature of dangers in the area were obscured within the risk assessments (The Guardian, 2015).

It is noteworthy that this investigation and the subsequent report were commissioned by Statoil and that one of the key findings within it is that Statoil’s contribution to the overall emergency response was effective and professional and suggested that the Statoil leadership had set clear parameters that the whole organization had mobilized around. And yet despite this, within the actual recommendations of the review, under the heading of, Emergency Preparedness and Response the recommendation was to ‘Coordinate and standardize emergency response planning consistent with the principles of the Incident Command System (ICS) (Statoil 2013). It seems that question marks remained about the overall response approach. When it comes to the ICS, the caution from Rubens, 2023 should be heard, ‘And yet, when it comes to actual incident management, the ICS itself is often the first point of failure’. The operational crisis management system must be simple, everything else can be complex (Rubens, 2023).

Within the review the positive feedback from survivors and next of kin on follow up and support provided by Statoil is referenced. The review team believed that the approach and resources made available after the incident to support those involved should be included as part of the Company’s future processes (Statoil, 2013). Whilst this is positive, it does appear that the immediate emergency response on the ground was uncoordinated and there was no state of preparedness for such an attack. In fact, as the UK Inquest determined that Algerian gendarmes arrived long after the main compound had been seized by terrorists and security training drills were a rarity (Guardian, 2015).

Hindsight tends to make what was once improbable now seem inevitable and to turn weak signals into strong warnings (Statoil, 2013). However, it is worth noting here a warning from Rubens, 2023, that security failures happen when security teams do not think something will happen today. This security failure seems to have been a lack of preparedness for the possibility of such an attack taking place and not being responsive to geopolitical issues that had the real potential to impact the site.

The shortcomings within security protection at In Amenas reveal a regime that was not alive to the issues unfolding in the wider, yet connected regions. This does not appear to have been properly considered as part of the risk management process and consequently did not influence the introduction of a more effective security regime at the site. As proffered by Rubens, 2023, ‘The main reason for a failure in security is because security management was weak.’.

A number of the lessons that emerged from the In Amenas tragedy can translate into good practice recommendations. These include;

  1. ‘Security in Depth’ principles should be applied. The importance of applying greater levels of security in depth cannot be overstated as Martin, 2019 contributes, ‘Each layer of protective security potentially provides opportunities to detect that an attack is underway, delay the attackers and mount a response before the attackers have time to do more harm’. The over reliance on Algerian military to protect the plant from terrorist attack meant that insufficient use of other layered security created a huge risk which was exploited by the terrorists. This would be a vulnerability anywhere in the world and failure to put such layered measures in place exposes entities to higher levels of threat from terrorists globally.
  2. Exercise/Learn/test and validate. The Statoil review did not reference a planned for or implemented evacuation process during this attack, meaning that those at the site had limited guidance on what to do in the event of an attack such as this. They were largely left to their own devices until military/Government/Company responses were put in place. The critical need to exercise and test procedures for effectiveness should be obvious. If these procedures are not run through to improve everyones’ state of readiness, then the overall response will ultimately be substandard. Improve capability development by going live and continue to practice, this should help to create resilience (Rubens, 2023). As part of this test and integrate the JESIP principles into the overall response (JESIP, 2023).
  3. Conduct an effective, site and locality specific risk assessment, which is a living document. There were concerns raised around the scope of the risk assessment for In Amenas. It failed to capture and consider the significance of regional geopolitical events and the potential impact from these on In Amenas (Statoil, 2013). Environmental scanning and being security sensitive to what is happening at the edges of your area of responsibility should become part of the risk assessment process. This should not be a static document but should be living and updated as and when relevant matters arise and should have regular management and corporate level oversight to ensure that any remedial action needed is progressed at the earliest opportunity.

In conclusion, the In Amenas attack should have been better prepared for and despite the review identifying positives within the post event response, there were shortcomings in the levels of protection and overall preparedness at the plant to deter or delay a terrorist attack. There is learning from these events that was outlined within the Statoil review recommendations, but unfortunately despite the passage of time, it is possible that they could still be applied to the next local/National/Global crisis management response. A fair question for some may be, ‘how much learning has there been from previous events?’