German security authorities have long warned of the dangers of radicalization on the internet, even before the Solingen attack took place. In April, counter-terrorism officers arrested four teenagers, aged 15 and 16, from North Rhine-Westphalia and Baden-Württemberg. They are suspected of planning an Islamist-motivated attack. According to investigators, the teenagers allegedly radicalized online and exchanged information about building bombs in chat groups. North Rhine-Westphalia’s Interior Minister, Herbert Reul, warned during the presentation of the Islamism Situation Report earlier this year: “The internet is increasingly becoming a high-performance engine for radicalization.”
It is not yet clear how the Solingen attacker may have radicalized. The fact that Issa al-H. had not previously come to the attention of the police or the domestic intelligence service before his bloody attack in Solingen leads authorities to suspect that he may have radicalized online as a lone actor. The Federal Ministry of the Interior also warned after the Solingen attack that Islamist terror groups are pursuing the strategy of “radicalizing individuals through propaganda and, in some cases, through guidance via chat groups to incite them to terrorist acts of violence and support them in preparing such acts.” This creates a challenging situation for investigators because social media platforms and messaging services like Telegram are particularly difficult for German authorities to monitor.
In the past, mosques were often hubs for Islamist networking
At the height of ISIS, about a decade ago, when the terror group established its reign of terror over parts of Syria and Iraq, it also had followers in Germany. Back then, many of them, like the future Breitscheidplatz attacker Anis Amri, frequented mosques where known hate preachers operated or met ISIS intermediaries in person—meetings that could be observed by domestic intelligence and police. Nowadays, insiders say things are different. Most individuals who eventually develop attack plans now radicalize through social networks and chats. In principle, security authorities are active in these areas too; they can infiltrate extremist chat groups incognito and, in specific cases, monitor private conversations and emails. However, this is often not enough to identify potential attackers in time.
It is still unclear whether the suspected Solingen attacker, Issa al-H., had communicated with anyone about his intentions via chat or phone. Investigators have not yet found a mobile phone that could be linked to him. However, they believe that videos of a masked man that ISIS released via its media outlet Amaq after the attack likely show the suspect. If true, he must have sent them before the attack. To detect individuals making contact with terrorist sponsors, security agencies would need to comprehensively monitor the telecommunications channels of ISIS and its affiliates.
German intelligence services often rely on tips from foreign agencies. For example, in November of last year, when two teenagers planned an attack on a Christmas market in Leverkusen via a chat group, it was noticed by the Austrian intelligence service DSN. More frequently, tips come from U.S. services, which employ extensive surveillance measures and filter vast amounts of internet communications using specific search terms—on a much larger scale and with fewer legal restrictions than the Federal Intelligence Service (BND). A German security official, who wishes to remain anonymous, points to additional tools that could aid his agency in tracking down terrorists: mandatory retention periods for IP addresses, for instance, which Federal Interior Minister Nancy Faeser also supports. Sometimes investigators come across suspicious chats but are unable to link them to specific individuals.
Telecommunications providers delete such connection data after just a few days due to the lack of mandatory retention requirements. Additionally, security authorities are pushing for fewer restrictions on the use of spyware. Since 2021, domestic intelligence agencies have been allowed to secretly install so-called state trojans on mobile phones to monitor chats in real time as part of “source telecommunications surveillance.” However, each case must be approved by a special committee, and there must be concrete evidence that the person in question is planning a serious crime, such as an attack. In espionage investigations, this tool has been helpful, such as in the case of the two German-Russians arrested in Bayreuth in April, who were suspected of spying and sabotaging on behalf of Moscow. Investigators are calling for greater freedom, but the Free Democratic Party (FDP) in the ruling coalition remains opposed to expanding such measures.
The Federal Ministry of the Interior has indicated that there may be progress in ongoing discussions. A spokesperson said that the ministry would “introduce proposals for modern investigative tools for federal security authorities into the consultations.” The government is currently in discussions about measures to combat Islamism, expedite deportations, and tighten gun laws. Pressure is also mounting within the federal government to take more action. “Time and again, we observe that the internet plays a crucial role in the radicalization of perpetrators, whether Islamist or far-right extremists, prior to terrorist acts,” says Konstantin von Notz of the Green Party. The rule of law must respond “very decisively” to this, he demands.
This also applies to social networks. “Terrorist propaganda must finally be tackled with a completely different level of determination,” says von Notz. “Hatred, incitement, and other clearly criminal expressions of opinion continue to run rampant online.” Supporters are being actively recruited. Security authorities must enforce existing laws more effectively.
All publishing rights and copyrights reserved to MENA Research Center.
