Analysts in Homeland Security’s intelligence division spotted threats leading up to last year’s mass intrusion of Trump supporters at the U.S. Capitol, but the department did not send out any alerts until two days after the mayhem, an inspector general said in a new report Tuesday.
Analysts scouring “open source” information spotted the threats, including online tallies of who was bringing weapons to the protests, and some participants vowing to “sacrifice themselves” in the violence, the inspector general said.
But the analysts did not produce any intelligence documents that would lead law enforcement to take action, the audit found.
“Overall, open-source collectors explained to us that they did not think storming the U.S. Capitol was possible, and, therefore, they dismissed this specific type of threat as hyperbole,” the inspector general said.
Analysts also indicated they were reluctant to raise flags after the Intelligence & Analysis (I&A) division was blasted by critics who said they were overzealous in tracking potential threats in racial justice protests in Portland, Oregon, in the summer of 2020.
Homeland Security officials did email contacts in police departments in the Washington metropolitan region with some information, the audit said. But a majority of those contacts involved disseminating another agency’s information.
SEE ALSO: First trial for Capitol rioter ends with conviction by jurors
And the emails fell short of the intelligence documents that should have been produced, the inspector general concluded.
“Despite the numerous threats I&A encountered in the weeks preceding January 6, I&A did not produce any intelligence products about the information before the U.S. Capitol breach,” the audit concluded.
Homeland Security, in its official response to the audit, said it has moved to update its training and is working to better disseminate its data in the wake of the day’s events.
The department said it has set up a domestic terrorism branch within the intelligence division and placed a new emphasis on preparedness grants dealing with domestic violent extremism.
Homeland Security officials also pointed to Secretary Alejandro Mayorkas’ request for more grant money for nonprofit organizations to bolster their defenses.
“All of the department’s efforts to combat all forms of terrorism and targeted violence are conducted in ways that protect privacy, civil rights, and civil liberties, and adhere to applicable laws,” a spokesman said.
SEE ALSO: Proud Boys leader charged with conspiracy in Capitol riot
Hundreds of people have been charged with breaching the Capitol during mass protests that disrupted Congress’ count of Electoral College votes on Jan. 6. Vice President Mike Pence and members of Congress fled from the mob, which battled for hours with Capitol Police officers and caused considerable damage inside the building.
Some protesters have indicated they planned to storm the Capitol no matter what, while others said they were swept up by the momentum of the crowd.
The culpability of then-President Trump has been heatedly debated. He, meanwhile, has said congressional officials are to blame for not preparing better to defend against his supporters.
Tuesday’s 54-page report was heavily redacted, with some of the most specific threats blacked out from the public release. But communications between analysts show they were taking the threats seriously prior to Jan. 6.
“I feel like people are actually going to try and hurt politicians,” one analyst wrote to colleagues on Jan. 2 after finding a map of the Capitol’s entrances and exits posted in open-source material.
Another analyst mentioned seeing online posts of “people talking about hanging Democrats from ropes.” A colleague responded: “They’d need alot [sic] of rope, I think DC is pretty much all democrat haha.”
Some analysts even said they were going to stay home on Jan. 6 to avoid violence.
Still, the analysts figured none of those messages rose to the threshold of needing to be reported — though one said he “could be proven wrong” by events.
The audit suggested inexperience played a role.
Of 21 open-source information collectors, 16 had less than a year’s experience. Moving to a 24-hour schedule with three shifts in 2019 led more experienced collectors to leave the job, the audit said. Training was also done “informally,” with new collectors assigned to work alongside more experienced ones to try to soak up lessons.
Employees said they were still confused even after more formal training was attempted in the wake of the criticisms over the Portland protest.
An internal review faulted the division for flagging open-source information related to the city that higher-ups later said shouldn’t have been collected. The analysts said the division then saw a “pendulum swing” toward caution, with employees “fearful to report information related to January 6 events.”
The department’s acting deputy undersecretary told investigators they went “too far” in the wrong direction after Portland, according to the audit.
The one time an open-source alert was drafted, on Jan. 5, supervisors held onto the information until Jan. 8 — “rendering it useless for the purposes of advanced warning,” the inspector general said.
• Stephen Dinan can be reached at sdinan@washingtontimes.com.
Please read our comment policy before commenting.