Tech Against Terrorism today set out four public policy recommendations for the UK government in response to the terrorist attack in Golders Green on 29 April, in which two Jewish men were stabbed in north London. The attack has been claimed by Harakat Ashab al-Yamin al-Islamia (HAYI), a group already associated with a sustained campaign of arson and sabotage against London's Jewish community.
Tech Against Terrorism is calling on the UK government to take the following immediate steps.
-
Emergency removal of primary HAYI incitement channels on Telegram
The principal channels distributing HAYI material must be taken offline as a matter of public safety. Geo-blocking is not sufficient. These channels are now demonstrably linked to terrorist violence and constitute a direct threat to life.
-
Rapid public clarification on the nature of the Golders Green attack
The government should move quickly to make public what is known, and not known, about whether the attack was directed by HAYI or carried out by an inspired individual. Sustained ambiguity amplifies the threat actor's perceived capability and public anxiety. A clear, evidence-based statement at the earliest opportunity will reduce both.
-
Direct public attribution of hostile state hybrid activity
The UK has been consistently too cautious in publicly attributing hostile state hybrid activity. Where the evidence supports it, attribution must be made openly and at the ministerial level. Diplomatic discomfort cannot continue to take precedence over public understanding of the threat.
-
A properly resourced Hybrid Threat Taskforce, structured as a public-private partnership
Existing structures are not working. The current response to hybrid threats is fragmented, under-resourced, and lacks the open-source intelligence capacity required to address state-linked terrorist activity at the scale we are now seeing. A new, properly resourced Hybrid Threat Taskforce should be established with a unified command structure across counter-terrorism and counter-state-threats functions. OSINT capability cannot sit solely within government. The taskforce should be designed as a formal public-private partnership, integrating civil society bodies with the operational capability that the state cannot replicate at speed.
London, 30 April 2026 - The internet has become the primary vector for both radicalisation and hostile state hybrid operations. UK resource allocation does not yet reflect this. Open source intelligence, in particular, remains substantially under-resourced relative to the scale of the threat. What we are seeing is a deliberate adversarial shift in which hostile nation-states and terrorist actors are adapting their tactics, techniques, and procedures towards areas of less focus, exploiting capability gaps. The HAYI campaign is a clear example of that shift.
The intelligence gaps are significant. Where HAYI may or may not have directed activity, there is little detailed understanding of how they have recruited individuals, on which platforms, in what way, who they have targeted, what their proxies may look like, or how operatives have been paid. Closing these gaps is fundamental to disrupting what comes next.
Adam Hadley, Executive Director of Tech Against Terrorism, said:
"Yesterday's attack is a critical inflexion point and should be treated as a national emergency. Until now, the campaign against London's Jewish community has consisted of arson and sabotage. A stabbing of individuals is something fundamentally different. HAYI has claimed it, but we should be sceptical of that attribution. What is more likely is that this is an inspired attack. That is precisely why it is so dangerous, because the threat is potentially breaking out from a contained campaign into something far harder to stop."
Call for information:
Tech Against Terrorism is asking those with relevant insight to come forward. Hadley added:
"This is a monumental asymmetric challenge, and we want to understand more. If anyone has insight into which platforms have been used, how they have been exploited, how individuals are being targeted or recruited, or how this material is being engaged with and shared, we would urge them to reach out to us. The risk is that yesterday's attack marks the point at which this breaks out into a wider phase of inspired violence, potentially unrelated to anything HAYI has actually directed."
"Our adversaries, whether hostile nation states, terrorist groups, or a combination of the two, are using the internet to incite violence, recruit individuals, pay operatives, and direct attacks. At present, they appear able to do so with impunity."
Notes to editors:
Tech Against Terrorism is a London-based organisation, supported by the United Nations Counter-Terrorism Executive Directorate, that disrupts terrorist use of the internet through open source technology and works with governments, law enforcement, and technology platforms.
