From terror squads who slip past border controls to the valiant but all-too-improvised emergency response, the backstory of last week’s attacks in Brussels is eerily similar to what happened in the U.S. in the leadup to Sept. 11, 2001.

Virtually every mistake made then by the U.S. national security machine found its analogue in Belgium on March 22. Now Europe’s leaders need to work out their own answers to those challenges while overcoming particularly European obstacles. Until they do, their citizens will remain exposed to the next atrocity.

“Intelligence sharing in Europe today is a lot like what we experienced in the United States before 9/11,” U.S. Senator Angus King, who was on a fact-finding mission in Paris when the bombers struck last week, said in an e-mailed response to questions. “Rivalries and complicated histories are acting as barriers that prevent intelligence agencies across Europe from working together.”

The 28-nation European Union makes peace, not war. It has done that job so well that it won the Nobel Prize in 2012. But the struggle to track the attackers who wreaked havoc in Brussels shows it also needs to beef up its defense apparatus, and that is alien to an EU culture predicated on tearing ramparts down, not putting them up.

When future historians come to render their judgment on the Brussels airport and subway bombings that killed 32, they could work from the independent U.S. report on the 9/11 attacks. In some cases, just the details have changed.

U.S. spy services chased, then lost sight of two al-Qaida operatives in 2000; Belgium and the Netherlands were put on the trail of one of the Brussels suicide bombers in July and let the lead go cold. The U.S. arrested a trainee pilot, later reputed to be the 20th hijacker, in August 2001; Belgian police caught Salah Abdeslam, wanted for November’s murders in Paris, four days before the Brussels bombings.

The U.S. chain of command broke when a belated order to shoot down hijacked airliners failed to reach air force pilots; the Belgian parallel was the 52-minute delay between the airport blasts and the first hesitant thoughts of evacuating the soon-to-be-targeted subway system. New York port authority radios stopped working as the World Trade Center towers crumbled, Belgium’s emergency wireless network was quickly overloaded, forcing first responders onto messaging systems like WhatsApp.

The U.S. report’s conclusion applies to Brussels as well as the two attacks in Paris last year: the assaults “were a shock, but they should not have come as a surprise.”

No one expects European governments to mobilize as rapidly as the U.S. after 9/11 with the bloc already in a defensive crouch. Signature achievements like the 26-nation passport-free travel zone are under threat, Britain is considering leaving the EU and the bloc’s late 20th century faith in trade, travel, communication and finance as a benign force is being shaken to its core by the refugees flooding across its frontiers.

While much has been made of Belgium’s failings — the split between Dutch- and French-speaking subcultures, interlocking layers of government that obscure accountability, the neglect of aggrieved Muslim communities — they are a microcosm of what Europe has to contend with. National security in the EU is just that: a national prerogative.

It comes down to “typical gumshoe detective-type work,” said Colin Clarke, a terrorism researcher at RAND Corp. in Pittsburgh. “European intel services definitively have more suspects that they need to track, monitor and surveil. The sharing within Europe sometimes seems to stop at the border, while terrorists don’t.”

The EU appointed its first anti-terrorism coordinator in 2007, in a bid to step up intelligence efforts in response to the bombings in Madrid in 2004 and London in 2005.

Yet European agencies are still engaged in the turf battles that absorbed CIA and FBI attention in the runup to 9/11. In a March 1 report, the anti-terror coordinator, Belgium’s Gilles de Kerchove, called for “further urgent improvements on information sharing and border security.”

To take one data point: an estimated 5,000 European citizens went on jihadist junkets to join extremist groups like Islamic State in Syria and Iraq, but there are only 2,786 in one database, 1,473 in another, and 90 percent of the names added recently came from only five EU governments.

“Some continental intelligence agencies jealously guard their secrets,” said Sajjan Gohel, international security director for the Asia-Pacific Foundation in London. “Often they have a piece of the puzzle that if they put it together, they form a wider picture of what the network actually looks like. But they need to put it together realtime, not post-incident.”

The potpourri of European watchlists includes Focal Point Travelers and the European Information System, both managed by Europol, the EU’s police-coordinating agency; the Schengen Information System and Visa Information System, used by national police and border patrols; Eurodac, a roster of applicants for political asylum; ECRIS, a repository of criminal records; and a nascent database of air passenger profiles, modeled on the U.S. tracking system.

The air-traveler monitoring system proposal has also been around since 2007, blocked by the European Parliament on personal-privacy grounds until the Paris killing spree in November forced it back onto the agenda. Even now, some EU lawmakers are stalling the measure until more data-protection safeguards can be introduced, in another example of the peacetime priorities prevailing over security concerns.

“In my discussions with security officials in Europe last week, I sensed a growing recognition that they must overcome these barriers” between agencies, said King, a member of the Senate Intelligence Committee . “Hopefully it will not take another attack to begin seeing results.”

(c) 2016, Bloomberg · James G. Neuger