Liverpool Women’s Hospital Taxi Explosion: Terrorism Post-Incident Report
Authored by Pool Re
When: 10:59, 14 November 2021
Where: Liverpool, UK
Who: Emad al Swealmeen; ideology unconfirmed
What: Improvised Explosive Device (IED) (prematurely detonated)
Deaths: 0 (excluding the perpetrator)
Type: Attempted person-borne IED attack
We have been the UK’s leading terrorism reinsurer for over a quarter of a century. In that time we have developed a great deal of trust as globally renowned specialists in our field. Our team of experts combine their knowledge and experience with that of Government agencies, academia, risk professionals and the insurance industry – we call this our SOLUTIONS division.
On Sunday 14 November, an explosion occurred in a taxi outside the reception entrance of Liverpool Women’s Hospital. Emad al Swealmeen, the bomber, was the only fatality. The driver of the taxi, who escaped the vehicle immediately after the detonation, suffered minor injuries and was the only other casualty. There was no reported damage to the hospital.
The incident was confirmed as terrorism by Counter-Terrorism Police (CTP), who are investigating the incident in coordination with Merseyside Police. The UK’s national threat level was raised to SEVERE following the attack, meaning the Joint Terrorism Analysis Centre (JTAC) considers further attacks ‘highly likely’.
Al Swealmeen was an Iraqi-born asylum seeker who arrived in the UK at least seven years ago. His asylum claim was rejected in 2014 but he was not deported from the UK. Despite being sectioned under the Mental Health Act around that time, Al Swealmeen was not known to CTP or MI5 prior to the attack and is not known to have had any earlier involvement in terrorism.
Police are yet to confirm a motive for the attack, and the composition of the IED employed remains unclear. Items of significance were found by police and four individuals were arrested at addresses in Liverpool in connection with the attack. However, all four were subsequently released. Investigators are also probing the possibility that Al Swealmeen carried out reconnaissance at the hospital prior to the attack after staff raised concerns about a car seen outside the hospital on 13 November. CCTV indicates the car pulled up outside and stayed for approximately five minutes. No one is reported to have got out of the vehicle. Police investigations are ongoing.
Attacks involving explosives in Great Britain from 1999-2021
Source: PReS data analysis
Al Swealmeen reportedly requested a taxi to drive him to Liverpool Women’s Hospital, indicating this was likely the intended target of the attack. However, there was some speculation that Al Swealmeen intended to attack a Remembrance Service at the nearby Liverpool Cathedral. The true target remains unconfirmed.
Regardless of the target, it is highly likely that the IED detonated before reaching the intended target. Whether this detonation was deliberate, due to the volatility of the device, or an accidental detonation by the attacker is unclear, although the latter seems most likely. This attack is the first terrorist incident in the UK involving explosives since the Parsons Green attack in September 2017 and the Manchester Arena attack in May 2017.
The precise composition of the device is unknown. However, footage of the blast suggests a partial detonation, or the use of low-power blasting agents, like Ammonium Nitrate Fuel Oil (ANFO), in lieu of common homemade primary explosives like Triacetone Triperoxide (TATP). The white smoke generated by the explosion is consistent with the use of ANFO, while the full detonation of an IED constructed using TATP would likely have generated a greater blast wave than was observed.
Over the last few years, TATP has been the favoured explosive for constructing IEDs by UK-based terrorists, most likely because it can be manufactured using common household goods. However, it is highly volatile and difficult to make in large quantities. For this reason, Al Swealmeen may have elected to construct his device using other materials like flash powder from fireworks in combination with fertiliser-based blasting agents like ANFO. Both of these are commercially available and much less volatile than TATP, albeit less powerful.
The device was reportedly constructed with ball bearings and other improvised shrapnel, indicating the intent to cause large numbers of casualties, rather than damage to physical infrastructure against which such fragmentation devices are of limited effectiveness.
Al Swealmeen reportedly acquired the precursor materials for his bomb over several months prior to the attack, most likely to evade detection. While the security services have made efforts, in the aftermath of previous incidents involving explosives, to limit the ability of terrorists to legally purchase materials for use in bomb-manufacturing, the ubiquitous nature of many precursors means it is not possible to entirely control or monitor their use. However, purchasing these kinds of materials in large quantities is much more likely to raise suspicions. It is therefore likely that Al Swealmeen deliberately controlled his purchases of precursors, spreading them across retailers over a lengthy period to avoid drawing attention to his plan.
Such behaviour would reflect a relatively strong understanding of operational security and terrorist tradecraft. This would be consistent with Al Swealmeen’s ability to construct an IED and plan the attack without being detected by the authorities. It also reflects the difficulty CTP and MI5 face interdicting plots conducted by individuals acting independently, as appears to be the case with Al Swealmeen. All those arrested in the wake of the attack were released, and no further suspects have been detained.
Whilst it is likely Al Swealmeen acted alone rather than with accomplices, there is a realistic possibility that he drew on extremist literature, widely available online, which can include detailed guidance on bomb-making. Police are still establishing whether there was a digital component to the plot (as with almost all recent UK-based terror plots).
Al Swealmeen may also have been radicalised online, however the police are yet to confirm a political or religious motive for the attack. The rejection of his asylum application may have played a role, as might his brief detention as a result of a public order incident which led to him being sectioned. The attack would not be the first launched by an asylum seeker in the UK. The 2017 Parsons Green attacker, Ahmed Hassan, is an Iraqi asylum seeker and Munir Mohammed, arrested for a bomb plot in 2018, is a Sudanese asylum seeker. These incidents are likely to lead to greater scrutiny of the security aspects of the UK’s current asylum regime.
The apparent intent to target a hospital will also have reinforced longstanding concerns about the vulnerability of healthcare infrastructure to terrorist attacks, particularly in the aftermath of the COVID-19 pandemic.
Hospitals are considered Critical National Infrastructure (CNI) but are often seen as ‘soft-targets’ for terrorists attacks. Hospitals usually have limited security, and being Publicly Accessible Locations (PALs), are likely to be vulnerable to terrorism attacks. The forthcoming Protect Duty legislation is likely to pay particular attention to the protection of PALs by owners, managers, and/or operators. The targeting of hospitals has been advocated in Islamist extremist literature, and overseas terrorist groups have previously conducted such attacks. In May 2021 Islamic State attacked the Dasht-e-Barchi maternity hospital in Kabul, Afghanistan, in an attack assessed as a deliberate assault with the intent to kill mothers and babies. These attacks are intended to cause widespread outrage by targeting the highly vulnerable, and thereby attract greater media attention and increase social tensions.
The Liverpool attack was the second in Great Britain in the last month, following the murder of Sir David Ames MP at a constituency surgery in Southend-on-Sea on 15 October. Given the increased tempo of attacks, an escalation in the national threat level, announced on 15 November, is unsurprising. The decision to update the threat level probably reflects concerns about an increasingly volatile and uncertain threat landscape, rather than in response to particular intelligence relating to a forthcoming attack.
The counter-terrorism community remains concerned about ‘bedroom radicals’ – those people radicalised on-line whilst isolated during the COVID-19 pandemic, who may now be undertaking on-line research and plotting to carry out attacks. The Christmas period in particular represents a heightened threat environment due to the symbolic nature of the festivities and the increased public activity. Copycat attacks in the wake of the Liverpool bombing are a realistic possibility, although low complexity methodologies like vehicular-impact or bladed weapon attack are much more likely.
Some lessons identified from this attack
It appears that Al Swealmeen was able to purchase precursor materials both on-line and in retail stores in the quantities needed to build a functioning device. Despite measures being put in place to limit terrorists’ abilities to purchase this material, by spreading these purchases over extended periods of time, and purchasing small quantities at a time, it is likely he avoided detection. Whilst many of the materials used in explosives devices do have legal uses, further advice to the public should be provided by the CTP and MI5 so that retailers better understand the threat posed by extremists who may want to use these for nefarious purposes.
Although the device was not detonated inside the hospital, it is likely this was the intended location for the device. Any owner, operator or manager of Publicly Accessible Locations (PALs) should review their security and Operational Resilience plans to ensure these places are prepared for similar incidents in the future. This will likely include such measures as improving procedures, plans and training protocols. It is also important for owners, managers, and/or operators of these PALs to ensure they have the appropriate insurance cover in place, covering a full spectrum of potential terrorism scenarios. The forthcoming Protect Duty legislation will provide further direction on what standards and procedures are required in and around PALs.
Police indicated that it is possible Al Swealmeen carried out reconnaissance prior to his attack. Employers should encourage their staff to undertake ACT training, which highlights how to identify and respond to suspicious activity, but also how to respond post incident should an attack take place. ACT training can also be undertaken by members of the public, something which has been encouraged by the CTP. This could help landlords understand what to look out for at their properties, and help neighbours to identify any suspicious activity, including activity at unusual times or suspicious odours coming from a property. This can then be reported to police and acted on where necessary.
About Pool Re
Pool Re’s purpose is to enable the UK insurance market to offer terrorism cover to any commercial property that requires it. Central to this is the integration of Pool Re’s cover with the underlying property policy which ensures that there is no gap in the cover provided.
Pool Re was designed to insulate the taxpayer from potential financial losses arising from acts of terrorism. It has achieved this effectively, to date paying £635m in respect of 13 claims arising from certified terrorism events in the UK since our establishment. It has never called on the Government’s guarantee.
By providing foundational stability at a reinsurance level, Pool Re has created an environment for the commercial market to re-establish itself, following the market failure in 1992. This stability creates and sustains access, liquidity and confidence to generate the conditions for the private market to gradually write a growing portion of terrorism risk.
Helping UK businesses build resilience against terrorism risk is a priority for Pool Re who have developed SOLUTIONS an in-house centre of excellence created to support Members and policyholders better understand risk awareness, modelling, and management. They have also invested in a range of initiatives with Government security and intelligence agencies to provide tools such as an information sharing platform.
- 19 May 2022
- 16 May 2022
- 9 May 2022
- 5 May 2022
- 3 May 2022
- 19 Apr 2022
- 7 Apr 2022
- 24 Mar 2022
- 21 Mar 2022
- 21 Mar 2022