Charlie Kirk Assassination: Protective Intelligence Insights on Escalating Threats

Charlie Kirk Assassination: Protective Intelligence Insights on Escalating Threats

By TorchStone VP, Scott Stewart and Senior Analyst, Ben West

Rising Threat Environment

The assassination of conservative commentator Charlie Kirk on September 10 at a Utah university campus triggered a wave of threatening rhetoric online and put a wide array of other high-profile individuals at risk across the ideological spectrum.

As part of our threat monitoring program, we have already identified multiple threats against clients referencing the Charlie Kirk assassination, along with broader threats against others. This attack sparked another cycle of threats echoing the December 2024 murder of UnitedHealthcare CEO Brian Thompson and the arrest of his accused killer. While that case produced limited copycat activity, the current environment may prove different.

Kirk’s Controversial Profile

Charlie Kirk, co-founder of the conservative Turning Point Action media group, has remained a controversial figure in American political discourse in recent years. His profile has attracted threats against him in the past, as we noted in our October 2024 Monthly Executive Protection Report, when police arrested an Arizona woman for threatening Kirk, President Trump, and Donald Trump Jr. following a political rally.

Social Media Amplification

Within hours of the September 10 shooting, social media users were referencing the attack to incite further violence. Even before Kirk’s death was confirmed, social media users turned his name into a verb to describe politically motivated assassinations: lists circulated with calls for others to get “Charlie Kirk’d,” similar to the verbification of “Luigi’d” following the December 2024 assassination of UnitedHealthcare’s CEO. In response, we added Charlie Kirk’s name to our threat search queries to capture coded threats. Over the past several days, we reviewed multiple threats invoking the attack on Charlie Kirk against multiple clients.

We collected dozens of examples of social media users discussing the September 10 assassination of Charlie Kirk to threaten others—supporting the attack, urging more violence against conservative commentators and politicians, and calling for revenge against opposing progressive figures.

A few examples of those threats:

Within a thread of comments about the assassination of Charlie Kirk, one user called for more attacks:

Calls for Retaliation

We also observed calls for retribution by social media users, including some extremist influencers, calling for attacks against progressive politicians and celebrities ideologically opposed to Charlie Kirk, whom they blame for his assassination. While these denunciations remain “calls to action” for now, we are monitoring for doxing and real-world indications of planning and preparation that may signal threat actors progressing through an attack cycle in response to this grievance narrative.

This is Only the First Half

And, of course, these examples only capture public, open-source rhetoric tied to the Kirk assassination. While we do not have any examples yet, we expect political leaders and other high-profile individuals to receive private, threatening communications that reference Charlie Kirk—if they have not already.
Now that the killer is in custody, we are seeing a second wave of threats and veneration of the killer, much like we observed with Luigi Mangione earlier this year.  As Scott wrote in February 2025:

This veneration dovetails into what we refer to as the social media threat continuum, a process by which “extremist influencers” post propaganda on social media platforms containing grievance narratives intended to radicalize adherents and then inspire them to conduct attacks against identified enemies of their extremist ideologies.

On September 14, a man trampled a memorial display for Charlie Kirk outside of Turning Point USA headquarters and was arrested. The man wore a shirt with the same design as the one worn by the killer on the day of the attack. This conscious display of symbolism mirrors how school shooters emulate previous school shooters by wearing the same clothing. While Charlie Kirk’s killer has not yet received the same level of veneration as Luigi Mangione, we anticipate similar displays in the coming weeks and months—and possibly copycat attacks.

Mitigating the Threat

As we emphasized before, attacks against high-profile individuals follow a process of radicalization, target selection, planning, and preparation that professionals can detect when monitoring the right indicators. These indicators involve a cyber element, such as extremist influencers denouncing and doxing specific individuals, as well as physical indicators linked to attack cycle behaviors. Security teams must track both.

Based on over two years of data in our Executive Protection threat database, while the home is the most common target, violent attacks most often occur in public areas, such as the university courtyard, where Charlie Kirk was shot.

Key to Prevention

The key to preventing further attacks is to assess the threat to principals through a dedicated threat intelligence monitoring program that understands how threat actors can utilize online resources to conduct attacks in the physical world. Based on that assessment, security managers should collaborate with professional executive protection agents to determine the appropriate security measures for each event.

Whether or not a potential target is afforded protective security, recognition of the threat is needed, as is increased situational awareness. Principals and security teams alike must stay prepared to act decisively if events suddenly escalate.