Information Operations
Newsletter
Compiled by: Mr. Jeff Harley US Army Strategic Command G3 Plans, Information Operations Branch
Table of Contents ARSTRAT IO Page on Intelink-U
The articles and information appearing herein are intended for educational and non-commercial purposes to promote discussion of research in the public interest. The views, opinions, and/or findings and recommendations contained in this summary are those of the original authors and should not be construed as an official position, policy, or decision of the United States Government, U.S. Department of the Army, or U.S. Army Strategic Command.
Page ii Table of Contents
Vol. 7, no. 16 (7 – 31 May 2007)
1. "Fighting the War of Ideas Like a Real War" (blog) 2. A Cyber-Riot 3. U.S. Army: Enemy Posting How-To Manuals Online 4. The Strategic Corporal vs. The Strategic Cameraman (blog) 5. Hamas 'Mickey Mouse' wants Islam takeover 6. The Mouse Stays, Says Hamas 7. Estonia Urges Firm EU, NATO Response To New Form Of Warfare: Cyber-Attacks 8. Manipulation of RAND Reports by Extremist Propagandists 9. Russia Accused of Unleashing Cyberwar to Disable Estonia 10. Government Warned Of Harm in Blocking Blog Spots 11. Barksdale-Based Command Now Controls Air Force Information Operations Center 12. Experts Doubt Russian Government Launched DDoS Attacks 13. e-Stonia Under Attack 14. Internet Law - Should We Go To War Over A Massive Cyber-Attack? 15. China Crafts Cyberweapons 16. 'Hacktavists' Attack Tiny Estonia 17. New Wars Require New Weapons 18. China Makes Viruses For Cyberwar First-Strike 19. Counter-Insurgency and "The Single Narrative" 20. New Paradigms for 21st Century Conflict
ARSTRAT IO Page on Intelink-U
Page iii "Fighting the War of Ideas Like a Real War" (blog) Posted By Grim at Blackfive.net, 7 May 2007 That is the title of a new book by Dr. J. Michael Waller of the Institute of World Politics in Washington D.C. (Dr. Waller has a fairly interesting background that space won't allow me to cover -- you're welcome to Google the gentleman.) His Institute describes the book's intent as being a set of "right now" solutions for America's serious problems in the information war, "an immediate- term strategy that requires no bureaucratic reorganization or major budgetary changes." The idea is that you can enact these changes right now, without the impossible turf-fights and interagency fights and fights between Congress and the Executive and... right. That suggests a strategy that is less ambitious than Waller's actually is. He is proposing nothing less than stripping the State Department of its leadership role in speaking for America. His reforms would make that leadership the job of the Department of Defense. A review of his ideas and suggested program follows. At 148 pages, Waller's piece is lean to have as much to say as it does. He begins by defining the relevant types of communications that the American Federal Government does: public diplomacy, public affairs (led in the military by Public Affairs Officers, "PAO"), information operations ("IO," including psychological operations, "PSYOP"), all of which is gathered under the general heading of "Strategic Communications." The goal of Strategic Communications is to understand the attitudes of foreign populations, and manipulate those attitudes in beneficial ways. The State Department says there are three main goals: I. To offer people a vision of America that showcases our culture's message of hope and opportunity, freedom and respect for all under the law. II. To isolate and marginalize extremists, while working to undercut their message that America and Islam conflict. III. To foster a sense that America and good people everywhere have common interests and values. Nice goals, but we have a serious problem: an enemy that is much faster on its feet than the American government can be. That enemy also has a strategic communications plan, one that is constantly at work -- one that is, in fact, its main weapon in its war with America. They are wholly focused on this goal, and they are faster than we are. So far, they are therefore successful in undermining every aspect of our 'three goals.' As Waller notes, every act of the terrorist groups is more about scaring the people who remain than it is about achieving whatever the particular act was. Where a conventional military captures a city (say) because it needs to secure its supply lines (say), a terrorist organization carries out its particular act -- perhaps a bombing -- not to destroy the thing bombed, but to convey a message. In order to combat the enemy's strategic communications, Waller says, we need two things: we need to be faster, and we need to start thinking of these communications as a battlefield. We've got messages; the enemy has countermessages. They have messages; we have to counter those. We need communicators who are trained as warriors, who see the need to respond at once, and to keep hitting the enemy's message until it collapses. This is not the mindset of diplomats. It is the mindset of warriors. Waller says: That means that the war of ideas cannot be run out of the State Department. State has vital roles to play, and its public diplomacy and public affairs roles are crucial. However, diplomats by their purpose and training are not warriors and should not be expected to become warriors. At the same time, since public diplomacy so dominates the U.S. message-making system and public expectations are so high, the State Department must become far more visionary, innovative, agile and adaptive in delivery of messages to the world. Public diplomacy must be a fundamental part of a counterinsurgency and counterterrorism strategy. The Department of Defense has taken the lead in transforming the nation’s strategic communication with the world. It too has critical roles to play
Page 1 in crafting and delivering America’s messages, both of military and non-military natures. The military services have the warfighting mentality that creative and effective message-making requires. This point, not made explicit until the conclusion, is hinted at throughout the piece. Public diplomacy -- though important -- is too slow to be useful. Information Operations "is... strictly a military term," which is a subtle but powerful criticism of State's leadership in crafting America's message. "The U.S. must be unashamed of using strategic influence," Waller says. "Within the broad field of strategic influence, the U.S. must be equally unashamed about waging ideological warfare against the enemy." Waller says there are three major changes needed in how we approach the information war. (1) We need a new focus on neutralizing and defeating the enemy's ideas (breaking their myths, I normally call this); (2) We need to work to control anti-American sentiment, and reverse it where we can; (3) we need to engage the private sector, not only companies and NGOs but individuals, so we too can have access to fast-moving information warriors, whose good ideas can be enacted without the heavy weight of bureaucracy. (I would be remiss, at this point, not to mention MilBlogger Cannoneer No. 4, who has long been calling for civilian 'irregular information militia' to fight for America in areas where law or bureaucracy kept the government from doing so itself.) There are five chapters in which Waller explains how he thinks we can do so, right now. All of them contain key insights that are worth your time and consideration. In the interest of brevity I will touch only on a few of particular interest to me. Religion & Ideology: One of his central points is that the kind of radical Islam we are fighting is an ideology, not a religion. "Therefore the U.S. can combat radical Islamism freely without being concerned about fighting a religious battle." A great deal hinges on this assertion, which is thoroughly argued -- and yet. It seems to me that, in radical Islam, we have a thing which is both an ideology and a religion; I do not agree that we can fight radical Islam without engaging, and indeed taking sides in, a religious battle. There are two ways we can do this. We can set ourselves up against Islam; or we can enlist in a civil war on the side of the Muslims opposed to the radicals for reasons of their own. For all that we've heard about the propriety of keeping out of civil wars, I think the latter is the right choice. We need to be helping the parts of the Islam religious establishment that are not at war with us to win control over the minds of Muslims. Waller is entirely right, however, to suggest that sometimes we can't do this directly. "There are many other issues that people will support," he says, "as long as the United States is not the messenger." This is right. In many parts of the war of ideas, people who are not our enemies will still have to distance themselves from America (through hostile rhetoric, perhaps) to increase their credibility with others who dislike America. We have to learn to recognize the people who are doing this, and differentiate them from those who are trying to wage war with us. Then, we have to build them up. We can't do this by offering our support, as it's not our support they need to be credible. What they need is the image of being a successful counterweight to America. In "The Gravity Well," this was described thus: We can offer gifts -- not just physical gifts, like aid, but the gift of recognizing the organization as important and taking the trouble to respond to it. If the organization is seen as being able to influence America, its gravity well will grow in power. The other way we can influence its power is to reinforce its stories. We should pay attention to its claims and, insofar as we may, help them to come true. When we get a Muslim organization that is trying to show its flock that it can restrain America without violence, we should take some trouble to respond to it. We should show we think they're important. We should help lend some credence to their myth, so that those who hate America's influence in their lives -- that is, the group of people who are the terrorists' recruiting pool -- will be drawn toward the better organization instead.
Page 2 Self-Imposed Limits: The Smith/Mundt Act Waller rightly recognizes that this -- a law that forbids us from carrying out information warfare operations when they might also have an effect on US citizens -- is a self-imposed limitation that we need to throw off. What I think he glosses over is that the law is not merely a relic of the FDR administration, but a principle that has been restated time and again in American law. Most recently, it was restated by the Reagan Administration in Executive Order 12333, whose limitations are built into our basic military instruction (See FM 3-05.30 / MCRP 3-40.6). Therefore, it's not just a change in the law that's needed -- we'll need to retrain, at least on this point, our entire IO/PAO establishment. MilBlogger Mike Lawhorn, a PAO, objected to Waller on this point also. "However, I don't believe that many IO proposed abroad are 'shut down' by PAOs afraid that the effects may unintentionally reach Arabic speaking US citizens, thus violating Smith-Mundt." Without casting blame on the PAOs of the world, it is fair to say that this point of law and training has a powerful chilling effect. One thinks of the Lincoln Group's placement of (entirely true) positive stories in the Iraqi press, without labeling them as paid for by the US military. The possibility of those stories being translated or otherwise getting back to the American citizenry without their provenence being known was one of the charges leveled by those who objected to Lincoln's activities. The resulting furor led to top-down reviews of an obviously wise tactic. This self-imposed limitation is a serious problem, as Waller rightly recognizes. It needs to be reconsidered. The Power of Ridicule: Chapter Five is devoted to the virtues of ridiculing the Islamist enemy. This is an outstanding point, and one that deserves a great deal of attention. Waller rightly says that we often offer our enemies a distinction they don't deserve: by speaking of them as threats 'to America,' we allow them to inflate their stature in the eyes of the Islamic world. They could not be threats to something as powerful as America if they were not also great; they thus appear to be far closer to equals than they are. What is needed is ridicule. Ridicule is dangerous, because it can make enemies where there were no enemies before. But it can also be useful, in that it can keep people from joining your enemies who might otherwise have done so. No one -- and especially no one from an honor/shame society like Islam -- wishes to be laughed at. We should do a great more laughing at these "terrorists." Such ridicule has to be carefully targeted. It needs to aim, not at Islam, but at the terrorist and his radical ideology. Done carefully, Waller notes, "Ridicule raises morale at home; [it] strips the enemy/adversary of his mystique and prestige... erodes the enemy's claim to justice... deprives the enemy of his ability to terrorize... eliminates [his] image of invincibility; and [d]irected properly at an enemy, ridicule can be a fate worse than death." The number one thing we need to do is break the enemy's myths. He wishes to be seen as a great warrior, holy even in the eyes of God, a bringer of Divine wrath, a dispenser of justice. We should show him as he is: a killer of the weak, unable to hold a town or a bridge against a platoon of Marines, a hider in holes, a coward and a murderer -- chiefly of fellow Muslims. Ridicule works. It "sticks," as Waller says, because "the target can't refute it." Conclusion: This is an excellent work, one that deserves to receive serious attention from military officers and others interested in the current conflict. Waller demonstrates a firm grasp of the subject, which is to be expected, but seasons it with information that shows he is a well-educated gentleman: anecdotes from Greek history, American military history, the Torah, and other similar topics enliven the monograph. It is an impressive piece. It will not, however, achieve his institute's stated aim -- there is no hope that these reforms can be enacted without a huge turf battle. The State Department will recognize that this paper, if taken to heart, would eliminate them as the central voice of America to the world. That they may deserve
Page 3 to be eliminated from that role, which they have filled since the days of Benjamin Franklin, is not a thing they will consider. Yet they do. Waller is perfectly correct that they have failed to adapt, and cannot adapt in the necessary ways without adopting a warrior's rather than a diplomat's mentality. The best diplomats are also warriors, are warriors first -- the pen achieves its goals more readily if the sword is resting in plain sight. [Note: Book posted on the ARSTRAT IO Intelink page.] Table of Contents
A Cyber-Riot From The Economist, May 10th 2007 Estonia has faced down Russian rioters. But its websites are still under attack. For a small, high-tech country such as Estonia, the internet is vital. But for the past two weeks Estonia's state websites (and some private ones) have been hit by “denial of service” attacks, in which a target site is bombarded with so many bogus requests for information that it crashes. The internet warfare broke out on April 27th, amid a furious row between Estonia and Russia over the removal of a Soviet war monument from the centre of the capital, Tallinn, to a military cemetery (pictured below). The move sparked rioting and looting by several thousand protesters from Estonia's large population of ethnic Russians, who tend to see the statue as a cherished memorial to wartime sacrifice. Estonians mostly see it rather as a symbol of a hated foreign occupation. The unrest, Estonia says, was orchestrated by Russia, which termed the relocation “blasphemy” and called for the government's resignation. In Moscow, a Kremlin-run youth movement sealed off and attacked Estonia's embassy, prompting protests from America, NATO and the European Union. Perhaps taken aback by the belated but firm Western support for Estonia, Russia has backpedalled. Following a deal brokered by Germany, Estonia's ambassador left for a “holiday” and the blockade ended as abruptly as it began. But the internet attacks have continued. Some have involved defacing Estonian websites, replacing the pages with Russian propaganda or bogus apologies. Most have concentrated on shutting them down. The attacks are intensifying. The number on May 9th—the day when Russia and its allies commemorate Hitler's defeat in Europe—was the biggest yet, says Hillar Aarelaid, who runs Estonia's cyber-warfare defences. At least six sites were all but inaccessible, including those of the foreign and justice ministries. Such stunts happen at the murkier end of internet commerce: for instance, to extort money from an online casino. But no country has experienced anything on this scale. The alarm is sounding well beyond Estonia. NATO has been paying special attention. “If a member state's communications centre is attacked with a missile, you call it an act of war. So what do you call it if the same installation is disabled with a cyber-attack?” asks a senior official in Brussels. Estonia's defence ministry goes further: a spokesman compares the attacks to those launched against America on September 11th 2001. Two of NATO's top specialists in internet warfare, plus an American colleague, have hurried to Tallinn to observe the onslaught. But international law is of little help, complains Rein Lang, Estonia's justice minister. The crudest attacks come with the culprit's electronic fingerprints. The Estonians say that some of the earliest salvoes came from computers linked to the Russian government. But most of them come from many thousands of ordinary computers, all over the world. Some of these are run by private citizens angry with Estonia. Anonymously posted instructions on how to launch denial-of- service attacks have been sprouting on Russian-language internet sites. Many others come from “botnets”—chains of computers that have been hijacked by viruses to take part in such raids without their owners knowing. Such botnets can be created, or simply rented from cyber-criminals.
Page 4 To remain open to local users, Estonia has had to cut access to its sites from abroad. That is potentially more damaging to the country's economy than the limited Russian sanctions announced so far, such as cutting passenger rail services between Tallinn and St Petersburg. It certainly hampers Estonia's efforts to counter Russian propaganda that portrays the country as a fascist hellhole. “We are back to the stone age, telling the world what is going on with phone and fax,” says an Estonian internet expert. Mikko Hyppönen of F-Secure, a Finnish internet security company that has been monitoring the attacks, says the best defence is to have strong networks of servers in many countries. That is not yet NATO's job. But it may be soon. Table of Contents
U.S. Army: Enemy Posting How-To Manuals Online By Mark A. Kellner, Defense News, 11 April 2007 Al–Qaida and other terrorist organizations have created “more than 5,000 Web sites” that both spread jihadist messages and contain detailed instructions about how to attack targets in the Middle East and elsewhere, Lt. Gen. Steven Boutelle, the U.S. Army’s chief information officer, told the Association of the United States Army’s Institute of Land Warfare breakfast on April 11. “Al-Qaida is the first terrorist movement to go from physical space to cyberspace” in its warfare, said Boutelle, who retires from the Army in August. He noted that one report said there was “a notebook computer under the arm of every second” member of the group, headed by Saudi-born terrorist Osama bin Laden, as it fled Afghanistan during the 2001 American invasion. “Instead of [each member] carrying incriminating information, it’s all online,” Boutelle said. Such Internet-enabled terrorism is “probably the greatest threat to this nation since the Civil War.” Moreover, he added, suggestions that the Army move to somehow block Internet Web sites such as “Jihad Unspun”, which posts, among other items, videos of attacks on coalition forces “in theater,” may be unrealistic. “How can you block what your enemy does?” he asked. Instead, Boutelle suggested mining the data available from such sites and other sources. At the same time, he conceded, “we’ve got systems that are gathering a terabyte of information a day — how do you sort [all of] it?” He said a terabyte is equal to “one-sixteenth” of the contents of the Library of Congress, and that the Army is at a “20 percent to 30 percent level” of effectiveness in mining that incoming information, versus what he said is a 75 percent to 80 percent effectiveness rate in building out the service’s networks. After his presentation, Boutelle said the Army is not — despite contrary media reports — mulling the creation of a new major command for cyberwarfare that would parallel the November designation of the Eighth U.S. Air Force wing as that service’s “cybercommand.” For the Army, the Network Enterprise Technology Command, NETCOM, under the direction of Brig. Gen. Carroll Pollett, also commanding general of the Ninth Army Signal Corps, “does our role,” Boutelle said. “We have it, we are now engaged [in cyberspace], it is a separate major command,” Boutelle said. While the Army has its mechanisms in place, Boutelle told the AUSA breakfast audience, “we need to get our head in this ballgame of instant messaging, SMS [short message service] and Web sites,” since “everything has changed because of the network world.” He cited the rise of such Web sites as “IslamicYouTube” as well as general social networking sites including Second Life, as items which the military needs to be aware of: “You owe it to yourself to see what is being said about you, and it is being put out to billions of people” online. “We’ve got to understand how this world is driven,” he said. Part of gaining that understanding, Boutelle said, is his office’s creation of an “Enabling Battle Command Workshop,” a two-day seminar program being given to all Army general officers as well
Page 5 as other senior leaders. Asked if industry personnel could participate in that course, Boutelle said that since “it involves a lot of the three-letter agencies, the answer is probably no.” At the same time, Boutelle asserted, the Army should move towards more collaborative means of online working, since “all of us are smarter than any of us.” He said Army officers — who are still taking notes during joint training sessions while their European colleagues are collaborating over the Internet and using Skype to stream seminars back home — are learning to work collaboratively, in part via seminars Boutelle is teaching at the U.S. Military Academy at West Point, N.Y. Boutelle’s successor, Lt. Gen. Jeffrey Sorenson, most recently deputy for acquisition and systems management in the Office of the Assistant Secretary of the Army for Acquisition, Logistics and Technology, said that while his “biggest concern” is over systems architecture issues, to “make sure we can synchronize” data, cyberwarfare will be an area he plans to deal with. “I was in military intelligence,” Sorenson noted, including a post as the Army’s program executive officer for tactical missiles. Table of Contents
The Strategic Corporal vs. The Strategic Cameraman (blog) By Josh Manchester, Small War Journals blog, 8 May 2007 Consider for a moment the differences in informational-warfare responsbilities of junior leaders in the Marine Corps -- corporals -- and the propagandists in insurgent and terror cells -- cameramen. Infantry squad leaders -- often, corporals -- know (or should) that the behavior of their Marines sends signals to those always watching them in an insurgency: the people and the insurgents. When the Marines are comfortable with their weapons; seemingly unafraid to interact with the locals; understanding of native customs and mores; and treat the populace with dignity and respect, then the sum of all of these attitudes conveys a certain perception to both the people and terrorists who watch them: it hastens cooperation from the populace and hard-targets them from insurgent attacks. This is the basic informational component of a strategic corporal in Iraq. Consider now a strategic cameraman. Numerous attacks in Iraq and elsewhere are filmed for propaganda purposes. The classic case is that of the IED or VBIED. Numerous IED videos circulate throughout cyberspace for recruiting or fundraising purposes. From an informational standpoint, the area immediately affected by a corporal with a squad of Marines is local and physically located. The area immediately affected by a cameraman posting attack videos online is global and virtual. If our enemies can manage to squeeze virtual and global effects out of tactical and local actions, why can't we? The Origins of The Strategic Corporal In 1999, Commandant of the Marine Corps General Charles Krulak coined the term "strategic corporal" to reflect the devolution of greater responsibility onto the small-unit levels of military leadership. In many cases, the individual Marine will be the most conspicuous symbol of American foreign policy and will potentially influence not only the immediate tactical situation, but the operational and strategic levels as well. His actions, therefore, will directly impact the outcome of the larger operation; and he will become, as the title of this article suggests -- the Strategic Corporal. In its very first definition, Gen Krulak alluded to the informational component of the "strategic corporal," noting that individual Marines are "conspicuous symbols" of American foreign policy. But how eagerly does the Marine Corps institutionally embrace this informational aspect of a strategic corporal? When first conceived, it conjured notions of NCOs capable of doing far more than their predecessors had been -- allowing them to influence conflicts at the operational and even strategic
Page 6 level. This is certainly the case today with the training of an infantry squad leader. Some even go so far to argue that the corporals of today have the same skill sets as captains of 1980. But what of the term "strategic corporal" itself? As an institution, it seems the Marine Corps today only invokes this term when admonishing leaders to watch out for the press. For example, if your Marine screws up and CNN is present, then he'll become a strategic corporal. The soldiers at Abu Ghraib became inadvertent strategic corporals. Pay attention the next time someone uses this term and note two things: the context usually involves the media; and the connotation is almost always negative. This is not the way it's supposed to be. Taken in this way, the strategic corporal becomes a condition meant to be avoided. Who wants their Marines screwing up on national TV? Moreover, it reduces the concept to something akin to "being on one's best behavior all the time." This is certainly a good way to think of one's conduct, but it results in ceding the virtual informational battlespace to any enemy who is not afraid of media. In fact, the strategic corporal can mean a whole lot more for US operations -- specifically with regard to the media -- and can even help us win conflicts. Information Operations at the Lowest Levels Two trends vex information operations. The first is the globalization of electronic media. The military has traditionally divided perception management into two areas and skillsets: public affairs and psychological operations. In brief, public affairs is usually handled like the old-fashioned PR machines of large companies, featuring photo-ops, interviews, press releases and the like. The target audience is generally the US public and public affairs is usually imbued with the notion of telling things as they are, or getting stories out. Psychological operations are targeted toward an enemy, or a given neutral populace, and are meant to make them think a certain way. These two communities have traditionally been taught to never associate with one another due to the differing needs governing their roles. The problem lies at the intersection of the warfighter's need for deception and the public's need for transparency. Today though, the globalization of all forms of media means that it is more and more difficult to segregate media products for a given audience. With regard to Iraq, this means that any given story, video, interview, or announcement that is accessible via the internet can potentially have four audiences, all of whom will have a tendency to view it differently: a) Iraqis b) Muslims elsewhere c) Americans d) the rest of the world. There is much further segmentation within these groups as well. The point is that electronic media can no longer be carefully segregated as to who will view, read, or listen to it. This may still be possible for types of information that is not digitized, such as announcements via a loudspeaker system, or handbills and leaflets. For anything that can be sent by email though, the walls have come down. The second trend is a growing distrust in traditionally manufactured "information." Corporate press releases, press conferences, advertising, and the like are more and more seen as possessing suspect and murky agendas. Sometimes, though not always, new media -- such as blogs, podcasts, and YouTube videos -- overcome these suspicions, possessing as they do a less-polished feel to them. Ultimately many consumers of information mitigate their suspicions by developing something like a personal relationship and trust with the source, whether it is an institution or an individual. These trends make for a bewildering environment in which to operate. Consider two recent phenomena:
Page 7 In March, Multi-National Forces-Iraq created its own YouTube channel [see more here.] On the homepage for the channel, MNF-I states that Multi-National Force - Iraq established this YouTube channel to give viewers around the world a "boots on the ground" perspective of Operation Iraqi Freedom from those who are fighting it. Video clips document action as it appeared to personnel on the ground and in the air as it was shot. We will only edit video clips for time, security reasons, and/or overly disturbing or offensive images. What you will see on this channel in the coming months: - Combat action - Interesting, eye-catching footage - Interaction between Coalition troops and the Iraqi populace. - Teamwork between Coalition and Iraqi troops in the fight against terror. In other words, the MNF-Iraq has decentralized its public affairs to some extent, allowing videos submitted by troops to reach a very wide audience. At the same time, a controversy recently erupted about the Army's new guidance for posting on message boards, blogging, emailing, sending letters home, or creating a resume. The controversy was due to the fact that the going perception of the new policy was that it was intended to shut down personal blogs by Army members. Apparently this was not the case. Nevertheless, the fact is that within two months of each other, one military agency -- MNF-Iraq -- sought to decentralize its informational goals, while another -- the Army -- sought to put added restrictions or layers of oversight on the informational capabilities of its soldiers. What is to be done? In such a confusing media environment, how might the Marine Corps enable its small-unit leaders to become as effective in the informational domain as the strategic cameraman described above? Here are three possible solutions: 1) A Media Intent: Marines are used to operating within a commander's intent. Why not have an intent for electronic media, at even the lowest levels? Such guidance would serve to lay down some clear expectations and endstates for the production and distribution of electronic media in a war zone. Rather than simple censorship, a media intent statement might allow Marines to focus their own electronic efforts toward the commander's endstate. Such a statement might sound like this: Reporting indicates that insurgent leaders in the area are attempting to spread the rumor that the Coalition is fabricating evidence that it finds when conducting home searches in our AO. I want to produce footage showing that every arrest we make after searching a home is tied to concrete evidence found at the site. An intent could be a very valuable guide. The same Marine squad might be in a firefight in the morning and eat lunch at a community leader's home in the afternoon. They might have footage of both. But an intent could guide which video is put on a blog and which is put on a hard drive for reminiscing after returning home. Instead of "This is me getting hit by an IED," videos like "This is me rebuilding a school" or "This is me meeting a sheik" might come to dominate. 2) Selective Magnification: Alternately, a commander might designate that everything his unit does is recorded by Marines within it. He could then designate an information cell to cull through the footage to find what he needs for the effects he desires. Such footage might also serve a training and adaptation role, by helping Marines see their own behaviors and tweak them accordingly. 3) Information Specialists: Major Daniel Greenwood recently authored a paper entitled Combined Action Counterinsurgency Concepts: A Proposed Framework for Future Counterinsurgency Operations. Among many other ideas, he argues that:
Page 8 Future "information specialists" should be recruited and selected for employment at the Company/Platoon level to undermine local insurgent propaganda efforts. Maj Greenwood goes on to elaborate in a footnote: The Marine Corps Recruiting Command employs E-5 Sergeant Marketing/Public Affairs (MPA) specialists at all 48 recruiting stations throughout the nation. Arguably one of the most valuable members of the command, these junior Marines combine their initial public affairs training with imagination, initiative and hard work to interact with the local population, schools and the media, telling the Marine Corps story. This same approach should be employed at the tactical level within the COIN [counterinsurgency] environment. Conclusion There's no reason for "strategic corporal" to refer only to some sort of "gotcha" moment. In his article Counterinsurgency Redux, David Kilcullen argued that one feature of counterinsurgency today is the importance of energizing one's base: In modern counterinsurgency, the side may win which best mobilizes and energizes its global, regional, and local support base -- and prevents its adversaries doing likewise. This should be the goal of information operations -- to help energize the counterinsurgent's bases of support. The current generation of Americans in their teens and twenties loves to make media. Those who join the Marine Corps are no exception. Harnessing their technical skill and imagination can help build trust with the populace in a counterinsurgency and fortify the will of the public at home -- allowing positive strategic effects from junior Marines Table of Contents
Hamas 'Mickey Mouse' wants Islam takeover By Diaa Hadid, Associated Press; May 8, 2007 Hamas militants have enlisted the iconic Mickey Mouse to broadcast their message of Islamic dominion and armed resistance to their most impressionable audience — little kids. A giant black-and-white rodent — named "Farfour," or "butterfly," but unmistakably a Mickey ripoff — does his high-pitched preaching against the U.S. and Israel on a children's show run each Friday on Al-Aqsa TV, a station run by Hamas. The militant group, sworn to Israel's destruction, shares power in the Palestinian government. "You and I are laying the foundation for a world led by Islamists," Farfour squeaked on a recent episode of the show, which is titled, "Tomorrow's Pioneers." "We will return the Islamic community to its former greatness, and liberate Jerusalem, God willing, liberate Iraq, God willing, and liberate all the countries of the Muslims invaded by the murderers." Children call in to the show, many singing Hamas anthems about fighting Israel. Israel has long complained that the Palestinian airwaves are filled with incitement. An Israeli organization that monitors Palestinian media, Palestinian Media Watch, said the Mickey Mouse lookalike takes "every opportunity to indoctrinate young viewers with teachings of Islamic supremacy, hatred of Israel and the U.S., and support of 'resistance,' the Palestinian euphemism for terror." The television station would not comment. A spokeswoman from Walt Disney Co.'s headquarters in Burbank, Calif., did not immediately return messages asking for comment about the use of a Disney-like character. Yehia Moussa, a Hamas leader in the movement's Gaza Strip base, denied inciting children against Jews. "Our problem is not with the Jews. Our problem is with the (Israeli) occupation and the occupiers," Moussa said.
Page 9 Israeli officials denounced the program. David Baker, an official in Prime Minister Ehud Olmert's office, said, "There is nothing comic about inciting young generations of Palestinians to hate Israelis." Foreign Ministry spokesman Mark Regev called the program "outrageous" and charged that the Palestinians have not carried out their commitments to stop incitement of hatred toward Israel. "Children are taught that killing Jews is a good thing," he said. "Children are taught to hate Jews and to hate nonbelievers." In strife-ridden Gaza, however, dreams of Islamic dominion and animosity toward the U.S. and Israel are widespread. A Gaza-based psychologist said the program proved that the culture of glorifying violence had penetrated Palestinian society. "It's the fault of both (Israel and the Palestinians)," said Samir Zakkout, from the Gaza Community Mental Health Program. "If Palestinians had peace, children wouldn't learn violence." Children have been traumatized by bloodshed in the course of Israeli attacks and Palestinian infighting, he said. "There's been a collapse of values," he said. "If I can kill my enemy, I can kill my brother." Basem Abu Sumaya, head of the Palestinian Broadcasting Corp., said such programming was inappropriate. "I don't think it's professional or even humane to use children in such harsh political programs," Abu Sumaya said. "Children's nationalist spirit must be developed differently." The Palestinian Broadcasting Corp. is controlled by Hamas' political rival, the Fatah movement of Palestinian President Mahmoud Abbas.. Hamas loyalists launched the Al Aqsa satellite channel last year. Bearded young men read the news, often offering live news broadcasts. Islamic music is layered over footage of masked militants firing rockets into Israel. But the channel also broadcasts talk shows, programs about the disabled and cartoons. Hamas loyalists also run at least five news Web sites, one newspaper — launched just last week — and a radio station. [UPDATE – On 9 May the AP reported that Hamas suspended the program. Information Minister Mustafa Barghouti said the character — a giant black-and-white rodent with a high-pitched voice — represented a "mistaken approach" to the Palestinian struggle against Israeli occupation. He said that the program was pulled from Hamas-affiliated Al Aqsa TV at his ministry's request and "placed under review”.] Table of contents
The Mouse Stays, Says Hamas By Sakher Abu El Oun, Sunday Times (South Africa), 11 May 2007 GAZA CITY - A Hamas-run television station defied Israel and the Palestinian government on Thursday by refusing to axe a controversial children’s cartoon in which a Mickey Mouse lookalike calls for resistance. "Al-Aqsa TV refuses this pressure and refuses to cull its program or alter any of its content," said Fathi Hamad, chairman of the Al-Aqsa Television board in Gaza City, lashing out at Israeli and Western "interference". "This campaign of criticism is part of a plan orchestrated by the West and the occupying power to attack Islam on the one hand and the Palestinian cause on the other," he said. "We have our own ways to educate our children and any criticism of this approach is shocking interference in our internal affairs," said Hamad. The cartoon - called "Tomorrow’s Pioneers" - seeks to educate Palestinian children to stand up for their nation and their rights, especially the right of return, said Hamad, slamming a "violation on freedom of journalism".
Page 10 In the program, the Mickey Mouse lookalike named Farfur and a little girl urge resistance against Israel and the United States - along with stressing the importance of daily prayers and drinking milk. A senior official working for Al-Aqsa said the cartoon would air as normal this Friday in defiance of a request from information minister Mustafa Barghuti to shelve the program. "The program will continue and it will be broadcast tomorrow at 4:00 pm (1300 GMT). Mustafa Barghuti misunderstood the issue," said the official on condition of anonymity. Earlier, the information ministry in the West Bank city of Ramallah had said the "politically oriented children’s television program" was withdrawn by Al-Aqsa following a request to do so by the ministry. Barghuti said the program adopted a "mistaken approach" to the Palestinian struggle against Israeli occupation and that it was wrong to use children’s programs to convey political messages. The program drew strong protests from Israel and Jewish groups. "Hamas television is producing and broadcasting a children’s program in which a Mickey Mouse lookalike character indoctrinates Palestinian children to violence, hatred and murder," Israel’s foreign ministry said. "The Hamas-led Palestinian Authority has deliberately created a culture of hatred that encourages Palestinian children to take an active role in violent activities," it added. The US-based Anti-Defamation League similarly accused the station of promoting a message of radical Islam, anti-Semitism and hatred of the West. "When you take a Mickey Mouse-like character and deliberately use it to promote an ideology of hatred, obviously it’s going to have an impact on children and their thinking," said Abraham Foxman, ADL national director. "For all of their attempts to appear more moderate, Hamas is still willing to indoctrinate children into their culture of hate," added Foxman. Hamas is the senior partner in the Palestinian national unity government and blacklisted as a terrorist organisation in the West. The Islamist movement controls a television and radio network both called Al-Aqsa, the Arabic name for Jerusalem, and it has also just launched a newspaper. Table of Contents
Estonia Urges Firm EU, NATO Response To New Form Of Warfare: Cyber-Attacks By Anneli Reigas, Agence France Presse, 15 May 2007 Estonia has urged its allies in the European Union and NATO to take firm action against a new mode of warfare that has been unleashed on the Baltic state in a bitter row with Russia over a Soviet war memorial: cyber-attacks. "Taking into account what has been going on in Estonian cyber-space, both the EU and NATO clearly need to take a much stronger approach and cooperate closely to develop practical ways of combatting cyber-attacks," Estonian Defence Minister Jaak Aaviksoo told AFP Tuesday. "Considering the scale of damage and the way these cyber-attacks have been organised, we can compare them to terrorist activities," Aaviksoo said a day after raising the new mode of warfare at talks with his fellow EU defence ministers in Brussels. Estonian institutional websites have been under regular cyber-attack since the end of last month, when a row blew up with Russia over the removal from central Tallinn of a memorial to Soviet Red Army soldiers.
Page 11 Officials in Estonia, including Prime Minister Andrus Ansip, have claimed that some of the cyber- attacks, which forced the authorities in the Baltic state to temporarily shut down websites, came from Russian government computers, including in the office of President Vladimir Putin. "The cyber-attacks against government websites have come in waves: they start and end, and then start again after a few days' break," said Hillar Aarelaid, head of the Computer Emergency Response Team (CERT), which was set up last year to tackle "security incidents" in Estonia's .ee Internet domain. "Last Friday, we hoped it was all over but the new massive attack against one of the biggest banks on Tuesday showed we were too optimistic. "Cyber-attacks also have been launched against banks, newspapers, schools and many other institutions," Aarelaid told AFP. Estonia's second-biggest bank, Swedish-owned SEB Eesti Uhispank, was forced Tuesday to block access from abroad to its online banking service after it came under "massive cyber-attack", a spokesman for the bank, Silver Vohu, said. Hansapank, the biggest bank in Estonia, came under attack last week. The first wave of cyber-attacks against official websites fizzled out after Estonian Foreign Minister Urmas Paet publicly declared that many of the attacks had originated from Russian government computers. The new wave of attacks was coming from "around the world," Aarelaid said. "Even computers as far away as Vietnam have been involved in cyber-attacks against Estonia. The attackers try to restrict access to Estonian websites and in some cases have tried to change the information on the website they have attacked," Aarelaid said. The attacks might originate in computers around the world, but they still have Russian roots, he said. "The net has been full of Russian language instructions on how to inflict damage on Estonian cyber- space," Aarelaid said. Cyber-attacks are such a new phenomenon that there are no universal rules available on how to strike back at them. "We haven't yet defined what can be considered to be a cyber-attack, or what are the rights of member states and the obligations of EU and NATO in the event such attacks are launched," Aaviksoo said. "The EU and NATO need to work out a common legal basis to deal with cyber attacks. For example, we have to agree on how to tackle different levels of criminal cyber-activities, depending on whether what we are dealing with is vandalism, cyber-terror or cyber-war," he said. Aarelaid agreed: "The unprecedented cyber-attacks against Estonia have clearly indicated we need much stronger regulations in this area. "You could compare this with what our great-grandparents faced when cars first started to appear on the streets. Eventually, there were so many of them that new, strict rules needed to be implemented." The cyber-attacks against Estonia were launched after the authorities here moved a monument to Soviet soldiers who fought fascism in World War II, from the city block where it stood in central Tallinn to a military cemetery in a quiet neighbourhood of the capital. Russians see the monument as a sacred memorial to the millions of Soviet soldiers who died in the war, while to Estonians it is a reminder of 50 years of Soviet occupation. The removal of the monument drew the ire of Moscow and triggered riots in Tallinn by members of Estonia's ethnic Russian minority that makes up around one-quarter of the Baltic republic's population of 1.34 million.
Page 12 It also set off the cyber-attacks, which have drawn condemnation from the European Union, individual EU member states, the United States and NATO. NATO defence ministers will discuss cyber defence at a meeting in Brussels in June. Table of Contents
Manipulation of RAND Reports by Extremist Propagandists From Center for International Issues Research, 15 May 2007 Two recent reports from the RAND Corporation, a U.S. think tank, have been widely discussed in online militant radical Islamic (MRI) forums and used as evidence for the USG’s intentions in the Muslim world. Throughout the MRI online community, RAND is depicted as an evil puppet-master, developing strategies to undermine Islam and promote USG imperial interests. Although MRI conspiracy theories and demonization of U.S. entities is common, the latest wave of attacks on RAND illustrates important aspects of the USG’s challenge in confronting MRI information operations. The MRI reaction to and manipulation of these reports demonstrate how documents intended to encourage communication and debate can become weapons used by extremists to attack USG attitudes and policies toward the Middle East. In November 2006, RAND released a two-part study entitled “Beyond Al-Qaeda,” which “call[ed] on the [USG] to try to sever the links between the local and global jihadist groups, in part by emphasizing the differences between the groups.”1 Though the RAND report was discussed on MRI online forums at the time of its publication, it has taken on added significance recently as infighting among insurgent groups in Iraq and their online supporters has reached a fever pitch. Particularly, more “local” insurgent groups such as the Islamic Army in Iraq (IAI) have begun attacking Al-Qaida in Iraq and its affiliates, a dispute which has spilled over into the MRI online community.2 MRI forum participants have frequently depicted RAND as secretly instigating these intra-insurgency divisions, citing the November 2006 report’s promotion of this sort of discord between “local” and “global” jihadist groups. One widely circulated summary and critique of the report, initially posted on the MRI forum Muslm.net on 22 February 2007, attempted to tie the report’s recommendations to developments that indicate that the USG is carrying them out. These allegedly include a vicious attack on Al- Qaida in the Muslm.net forum, the initiation of the Baghdad security plan, and the efforts of the “collaborator” Mishaan Al-Juburi to spread discord by attacking Al-Qaida.3 The author scolded his fellow forum contributors for criticizing Al-Qaida, and for writing their postings “according to the prescriptions of U.S. intelligence services, like this latest prescription [from RAND].” He then selectively quoted and paraphrased parts of the report that promote breaking ties between local and global jihadist groups. 4
1 “RAND Study Says U.S. Should Greatly Expand Efforts to Undermine Support for Terrorism.” Rand.org 16 November 2006, 9 May 2007
Page 13 As intra-insurgency strife escalated in April, attacks against critics of Al-Qaida became commonplace in MRI online forums. A representative 12 April 2007 posting on Muslm.net harshly chastised forum participants for spreading discord and bickering: Seriously, I don’t know how the cunning of your enemy and his plot to divide the mujahideen can be hidden from you. The American RAND Corporation advised the Crusader government of the necessity of dividing the mujahideen and the foundation of jihad on the basis of ideological and theological differences and it announced that publicly. Where are your minds!! Your enemy belittles you to such an extent that he announces his plans for you; he shows you the hole that he dug for you, then you walk toward the hole and throw yourselves into it obediently!!5 Other postings also used the RAND report as a weapon against their critics, refusing to tolerate disagreement or criticism of Al-Qaida which ostensibly serves USG interests.6 A 15 April 2007 posting on the MRI forum Tajdeed.org.uk presented a detailed analysis of the flaws in RAND’s report and why RAND’s alleged plans to divide the “mujahideen” in Iraq would fail.7 A participant on the MRI forum Al-faloja.com posted an article entitled, “The Wicked RANDian Sect: Its Religion, its Custodians, and its Protocols,” which warned of the power of think tanks in the “so-called War of Ideas.”8 The MRI community became so familiar with RAND’s supposed role of spreading discord in Iraq and among the mujahideen that only passing reference to the original report itself was required when attributing particular instances of discord to RAND.9 One participant posted a graphic on Tajdeed.org.uk superimposing the RAND name and logo onto a screenshot of an Al-Jazeera anchor (Figure 1) with a text bubble which read: “We present you a news report from the RAND Channel for Broadcasting Lies and Discord.” An arrow points to the crawl at the bottom of the screen which describes a rift within the Iraqi insurgent group Ansar Al-Sunna.10 The graphic seeks to undermine Al-Jazeera’s credibility and reporting on the Iraqi insurgency by depicting it as an agent doing RAND’s bidding. A more recent RAND report has been used by the online MRI community to further reinforce claims about RAND’s promotion of hostile policies toward the Muslim world. The March 2007 study “Building Moderate Muslim Networks” encouraged the USG to support moderate Muslims to combat violent extremism akin to “U.S. efforts during the Cold War to foster networks of people committed to free and democratic ideas.” In particular, the report’s definition of “moderate Islam” and its list of “characteristics of moderate Muslims” to be used to identify possible partners in combating radical Islam struck a nerve among MRI commentators. These characteristics include support for democracy, belief in the right to change one’s religion, respect for women’s and minority rights, and acceptance of legal systems not based on the complete application of Islamic law, or Shari’a.11 On 9 April 2007, Islamonline.net published a highly biased and selective summary and scathing critique of the 2007 RAND report, which was widely distributed in online MRI forums. The author, Muhammad Jamal ‘Urfa, declared that the report “contained some very dangerous issues,” and
”.(Message from Hussein Bin Mahmoud to his Brothers in the Forums) ىىىىى ىى ىىىى ىى ىىىىى “ ىىى 5ىىىىىى ىى ىىىىىىىىى Muslm. net 12 April 2007, 16 April 2007
Page 14 requested that his critique be posted on other websites so that “we may know that these people are working day and night, both publicly and secretly, to wage war on [Islam] and are trying to plant a new Islam with American specifications.” ‘Urfa continued, In the current report, it appears that the goal is to change Islam itself and Muslims as a whole, after it became clear, based on their past experiences, that there is no distinction between “moderate” and “extremist” and that all [Muslims] believe in the benefit of Shari’a in the life of a Muslim, and thus the matter requires “playing with thought and belief themselves [sic].”12 ‘Urfa contends that the groups promoted by RAND are not true Muslims, and by encouraging them, RAND’s true goal is to eradicate Islam overall.13 Other articles on MRI sites contain similar accusations, including one that characterized the RAND report as “a plan that targets Islamic thought at its roots and foundations…and defines the characteristics of the principal ideas that it is going to work to implant.”14 The reaction to, and manipulation of, the RAND reports by the online MRI community illustrate challenges faced by the USG in communicating with the Muslim world. Because the reports’ recommendations are directed to the USG, and RAND has a close association with the USG, the MRI propagandists provide the impression that the Rand reports represent official USG policy directives. This is reinforced by the fact that in many countries, institutions with RAND’s stature would not release such reports without implicit government approval. As a result, MRI propagandists appear to be leveraging the significance of their content to portray them as representations of USG intentions. 15 Thus, the same MRI propagandists present official USG public diplomacy efforts as suspect and disingenuous. These postings serve as a reminder of the increasing ability of USG adversaries to portray a twisted image of the USG, and demonstrate their resourcefulness in selectively manipulating parts of U.S. public documents to support their arguments. Table of Contents
Russia Accused of Unleashing Cyberwar to Disable Estonia By Ian Traynor, The Guardian, May 17, 2007 A three-week wave of massive cyber-attacks on the small Baltic country of Estonia, the first known incidence of such an assault on a state, is causing alarm across the western alliance, with Nato urgently examining the offensive and its implications. While Russia and Estonia are embroiled in their worst dispute since the collapse of the Soviet Union, a row that erupted at the end of last month over the Estonians' removal of the Bronze Soldier Soviet war memorial in central Tallinn, the country has been subjected to a barrage of cyber warfare, disabling the websites of government ministries, political parties, newspapers, banks, and companies. Nato has dispatched some of its top cyber-terrorism experts to Tallinn to investigate and to help the Estonians beef up their electronic defences. "This is an operational security issue, something we're taking very seriously," said an official at Nato headquarters in Brussels. "It goes to the heart of the alliance's modus operandi."
12 This phrase does not appear in the original RAND report, but ‘Urfa quotes it as if it does. ”.(?’Why is America Building Secular ‘Moderate Muslim Networks) ىىىىى ىىىى ىىىىىى “ "ىىىىى 13ىىىىى ىىىىىى" ىىىىىىى Islamonline.net 9 April 2007, 8 May 2007
Page 15 Alarm over the unprecedented scale of cyber-warfare is to be raised tomorrow at a summit between Russian and European leaders outside Samara on the Volga. While planning to raise the issue with the Russian authorities, EU and Nato officials have been careful not to accuse the Russians directly. If it were established that Russia is behind the attacks, it would be the first known case of one state targeting another by cyber-warfare. Relations between the Kremlin and the west are at their worst for years, with Russia engaged in bitter disputes not only with Estonia, but with Poland, Lithuania, the Czech Republic, and Georgia - all former parts of the Soviet Union or ex-members of the Warsaw Pact. The electronic offensive is making matters much worse. "Frankly it is clear that what happened in Estonia in the cyber-attacks is not acceptable and a very serious disturbance," said a senior EU official. Estonia's president, foreign minister, and defence minister have all raised the emergency with their counterparts in Europe and with Nato. "At present, Nato does not define cyber-attacks as a clear military action. This means that the provisions of Article V of the North Atlantic Treaty, or, in other words collective self-defence, will not automatically be extended to the attacked country," said the Estonian defence minister, Jaak Aaviksoo. "Not a single Nato defence minister would define a cyber-attack as a clear military action at present. However, this matter needs to be resolved in the near future." Estonia, a country of 1.4 million people, including a large ethnic Russian minority, is one of the most wired societies in Europe and a pioneer in the development of "e-government". Being highly dependent on computers, it is also highly vulnerable to cyber-attack. The main targets have been the websites of: · The Estonian presidency and its parliament · Almost all of the country's government ministries · Political parties · Three of the country's six big news organisations · Two of the biggest banks; and firms specializing in communications It is not clear how great the damage has been. With their reputation for electronic prowess, the Estonians have been quick to marshal their defences, mainly by closing down the sites under attack to foreign internet addresses, in order to try to keep them accessible to domestic users. The cyber-attacks were clearly prompted by the Estonians' relocation of the Soviet second world war memorial on April 27. Ethnic Russians staged protests against the removal, during which 1,300 people were arrested, 100 people were injured, and one person was killed. The crisis unleashed a wave of so-called DDoS, or Distributed Denial of Service, attacks, where websites are suddenly swamped by tens of thousands of visits, jamming and disabling them by overcrowding the bandwidths for the servers running the sites. The attacks have been pouring in from all over the world, but Estonian officials and computer security experts say that, particularly in the early phase, some attackers were identified by their internet addresses - many of which were Russian, and some of which were from Russian state institutions. "The cyber-attacks are from Russia. There is no question. It's political," said Merit Kopli, editor of Postimees, one of the two main newspapers in Estonia, whose website has been targeted and has been inaccessible to international visitors for a week. It was still unavailable last night. "If you are implying [the attacks] came from Russia or the Russian government, it's a serious allegation that has to be substantiated. Cyber-space is everywhere," Russia's ambassador in
Page 16 Brussels, Vladimir Chizhov, said in reply to a question from the Guardian. He added: "I don't support such behaviour, but one has to look at where they [the attacks] came from and why." Without naming Russia, the Nato official said: "I won't point fingers. But these were not things done by a few individuals. "This clearly bore the hallmarks of something concerted. The Estonians are not alone with this problem. It really is a serious issue for the alliance as a whole." Mr Chizhov went on to accuse the EU of hypocrisy in its support for Estonia, an EU and Nato member. "There is a smell of double standards." He also accused Poland of holding the EU hostage in its dealings with Russia, and further accused Estonia and other east European countries previously in Russia's orbit of being in thrall to "phantom pains of the past, historic grievances against the Soviet union and the Russian empire of the 19th century." In Tallinn, Ms Kopli said: "This is the first time this has happened, and it is very important that we've had this type of attack. We've been able to learn from it." "We have been lucky to survive this," said Mikko Maddis, Estonia's defence ministry spokesman. "People started to fight a cyber-war against it right away. Ways were found to eliminate the attacker." The attacks have come in three waves: from April 27, when the Bronze Soldier riots erupted, peaking around May 3; then on May 8 and 9 - a couple of the most celebrated dates in the Russian calendar, when the country marks Victory Day over Nazi Germany, and when President Vladimir Putin delivered another hostile speech attacking Estonia and indirectly likening the Bush administration to the Hitler regime; and again this week. Estonian officials say that one of the masterminds of the cyber-campaign, identified from his online name, is connected to the Russian security service. A 19-year-old was arrested in Tallinn at the weekend for his alleged involvement. Expert opinion is divided on whether the identity of the cyber-warriors can be ascertained properly. Experts from Nato member states and from the alliance's NCSA unit - "Nato's first line of defence against cyber-terrorism", set up five years ago - were meeting in Seattle in the US when the crisis erupted. A couple of them were rushed to Tallinn. Another Nato official familiar with the experts' work said it was easy for them, with other organisations and internet providers, to track, trace, and identify the attackers. But Mikko Hyppoenen, a Finnish expert, told the Helsingin Sanomat newspaper that it would be difficult to prove the Russian state's responsibility, and that the Kremlin could inflict much more serious cyber-damage if it chose to. Table of Contents
Government Warned Of Harm in Blocking Blog Spots From the Fiji Times, May 17, 2007 THE military it seems has been successful in blocking one of the anti-military regime's blog spots. The spot resistfrankscoup can no longer be accessed but a few other blog spots have since come to the fore and are more damaging to many of Fiji's prominent people, including senior military officers. But the military's attempt to stop the free flow of information has been met with concern. A University of the South Pacific Library System Manager has warned the interim government stands to gain little or nothing from blocking access to Fiji's anonymous anti-military blogs. Chris Hammond-Thrasher says apart from curtailing the free flow of information on the Internet, it is a big mistake. ''Blocking thses blogs may actually harm the interim government,'' Mr Hammond-Thrasher said.
Page 17 He gave reasons why the interim government should reconsider asking FINTEL to block access to anonymous anti-military blogs. ''The perception of government tampering in FINTEL (Fiji's pivotal Internet Service Provider through which nearly all Internet traffic flows) would dampen high-tech investment in Fiji. Off- shore service centres rely on the perception of data communications security in order to assure their customers that the confidentiality of their data will not be compromised,'' he said. Censoring blogs, he added, may cost the interim government more than it gains. ''Information warfare theory, a popular topic in military and policy circles, seeks to describe conflicts where one or more combatants vie not for physical superiority but for the hearts, minds, and cultures of the people. Put another way, information warfare is a battle for the superiority of ideas,'' Mr Hammond-Thrasher said. He said blocking blogspot.com or a handful of offending blogspot sites will simply not be effective. ''Anonymous bloggers and their readers will simply shift their activities to other available Internet resources,'' he said. Table of Contents
Barksdale-Based Command Now Controls Air Force Information Operations Center By John Andrew Prime, Shreveport Times, May 13, 2007 The Air Force recently announced a reorganization of its intelligence systems, one effect of which is placing a key office under control of the 8th Air Force at Barksdale Air Force Base. The Air Force Information Operations Center at Lackland Air Force Base, Texas, was reassigned to the numbered air force commanded by Lt. Gen. Robert J. Elder Jr., effective May 1, a release from the Air Force says. The service restructured its Air Intelligence Agency at Lackland as the Air Force Intelligence, Surveillance and Reconnaissance Agency, which became effective Monday. Elder also is commander of the Air Force Cyberspace Command, which now has its headquarters at Barksdale as well, and the change in command responsibility is meant to emphasize the importance of cyberspace as an Air Force operating domain, the service says. "The Air Force Information Operations Center has been a key partner with the Air Force Network Operations Command since it stood up at 8th Air Force in July 2006," Elder said. "We are excited to have them on the 8th Air Force team; they will play a key role as we stand up the Air Force Cyber Command." Brig. Gen. Jan-Marc Jouas, vice commander of the AIA, said the restructuring into what the service calls "ISR" will allow operations based on needs and capabilities "rather than focus on ownership or myriad unconnected budget lines." Gen. T. Michael Moseley, Air Force chief of staff, earlier this year noted the importance of streamlining this intelligence stream. "Because ISR capabilities are at the core of determining these desired (warfighting) effects, ISR has never been more important during our 60 years as an independent service, "ISR has become the foundation of global vigilance, reach and power," Moseley said. "The ISR transformation initiatives we are beginning will further enhance our ability to fly and fight as America's Air Force." The Air Force has appointed a deputy chief of staff to oversee ISR, Lt. Gen. David Deptula. Its force structure includes the 70th Intelligence Wing and the Air Force Cryptologic Office at Fort George G. Meade, Md.; the National Air and Space Intelligence Center at Wright-Patterson Air Force Base, Ohio, and the Air Force Technical Applications Center at Patrick Air Force Base, Fla. Table of Contents
Page 18 Experts Doubt Russian Government Launched DDoS Attacks By Bill Brenner, SecuritySearch.com, 18 May 2007 Some experts are dismissing speculation earlier this week that hackers sponsored by the Russian government were behind a series of blistering distributed denial-of-service (DDoS) attacks in the Baltic country of Estonia. The attacks left Web sites for Estonia's prime minister, banks and schools in disarray and some observers pointed fingers at Russia, given its apparent anger over Estonia's decision to remove a bronze statue of a Soviet-era soldier that was part of a World War II memorial. But information security experts now say it's very unlikely this was a case of one government launching a coordinated cyberattack against another. It was more likely the work of smaller organized groups in control of hijacked computers from around the world, they said. "Attributing a distributed denial-of-service attack like this to a government is hard," Johannes Ullrich, chief research officer of the Bethesda, Md.-based SANS Internet Storm Center (ISC), said in an email exchange. "It may as well be a group of bot herders showing 'patriotism,' kind of like what we had with Web defacements during the US-China spy-plane crisis [in 2001]." Hillar Aarelaid, chief security officer for Estonia's Computer Emergency Response Team (CERT), said in published reports Thursday that most of the affected Web sites have been restored to normal service. He also expressed skepticism that the attacks were from the Russian government, noting that Estonians were also divided on whether it was right to remove the statue. And since the attacks began, investigators have found evidence that while Russian hackers may be involved, malicious activity also originated from computers in the U.S., Brazil, Canada and Vietnam. "I think it is extremely unlikely that the attacks are being sponsored by the Russian government," Graham Cluley, senior technology consultant for UK-based security software company Sophos, said in an email exchange. "The fact that DDoS attacks may be coming from Russian authority computers does not necessarily mean that the Russian authorities have endorsed the attacks. Indeed, it's quite possible that these are PCs which have been taken over by remote hackers." There have been many instances in the past where hackers have gained access to poorly-defended government and military computers in order to cause mischief, Cluley added. "If you were the Russian government and wanted to launch an attack against Estonian authority Web sites -- knowing that the world would take a keen interest -- would you really use your own PCs to do it?" Cluley said. "It is quite possible that this is a small group of politically motivated hackers who have a grievance against the Estonian authorities who have taken remote control of PCs to attack Estonian Web sites." While that may be the case, industry experts said the incident is yet another example of what can happen if governments don't do more to secure their IT infrastructure. The U.S., for example, has come under scrutiny for not doing more to harden its systems. When a White House ID theft task force released recommendations to better protect people from online fraud last month, for example, the Cyber Security Industry Alliance (CSIA) said the document was short on guidelines to help federal agencies address their own security shortcomings. The U.S. government learned how vulnerable its systems can be two years ago when it learned of ongoing attacks that were eventually dubbed Titan Rain. In those attacks, Chinese Web sites targeted computer networks in the Defense Department and other U.S. agencies, compromising hundreds of unclassified networks. Though classified information wasn't taken, officials worried that even small, seemingly insignificant bits of information can paint a valuable picture of an adversary's strengths and weaknesses when pulled together. Ullrich doesn't believe government networks are being defended well enough, given the steady stream of news reports about compromised networks. But, he added, defending against the kind of attack Estonia suffered is no easy task.
Page 19 "Defending against a DDoS is very hard if you are running a large government network across globally-shared media," he said. "The best defense against a DDoS is a contingency plan. [Governments] have to plan for widespread network disruption. Once the attack is under way, critical records such as phone lists may no longer be reachable." Any good disaster recovery plan should cover these scenarios, he said. John LaCour, a CISSP and director of product management for San Francisco-based security firm MarkMonitor Inc., said it's equally important for private enterprises to prepare for these kinds of attacks. After all, he said, companies remain a bigger target than government systems. "Virtually all American businesses are connected to the Internet so there's an endless opportunity to go after private companies," he said. "But while the government is on the Internet, classified systems are more restricted and guarded. Often, cyberattacks are initiated by political groups who are not necessarily state sponsored. As part of their method of operation, it's about targeting the commercial interests." Should there be escalating cyberattacks against first-world countries, he said, attacks against commercial entities will also be more prevalent. Therefore, enterprises need to have a response plan. "Often, organizations won't be able to defend against it on their own so they should have a coordinated battle plan with their ISPs and others," LaCour said. "The big problem with DDoS attacks is the potential for collateral damage beyond the prime target." Table of Contents e-Stonia Under Attack By Anne Applebaum, Slate Magazine, May 22, 2007 And now for a quick quiz: A European country—a member in good standing of NATO and the European Union—has recently suffered multiple hostile attacks on its institutions. Can you a) name the country; b) describe the attacks; and c) explain what NATO is doing about it? If you can't, don't worry: NATO itself doesn't quite know what it is doing about it, despite the alliance's treaty, which declares an armed attack on one of its members "an attack against them all." For the country is Estonia—a very small, very new member of NATO—the attacks are taking place in cyberspace, and while the perpetrators aren't exactly unknown, their existence can't be proved, either. Which creates a dilemma—several, in fact: Is this an "armed attack"? Is the NATO alliance obliged to respond? And if so, how? None of these questions have clear answers: Welcome to the 21st century. And if you thought that terrorists headquartered in ungovernable bits of the undeveloped world were our worst problem, think again. To add an extra layer of complication to this story, it's important to explain that its origins lie not in the high-tech cyberfuture but in a Cold War-era argument over the past. Several weeks ago, the Estonian government decided to move a bronze statue of a Soviet soldier from its place in the center of Tallinn, the capital, to a cemetery outside town, together with the remains of the Soviet soldiers who had been buried beneath it. That might not sound like a casus belli, but to the Russian minority in Estonia, most of whose families arrived in the country after the Red Army drove the Germans out in 1945, that statue had become a rallying point as well as a justification of their right to remain in Estonia. To the Estonians, one in 10 of whom was deported to Siberia after 1945, the statue had become a symbol of half a century's worth of Soviet occupation and oppression. A riot ensued; a Russian protester was killed; hooligans attacked the Estonian ambassador in Moscow; and, a few days later, Estonian government, bank, and newspaper Web sites began to go down one by one. Elsewhere, this might not have mattered quite so much. A defense information specialist from another newish NATO member state told me, somewhat ruefully, that his country wouldn't be vulnerable to a cyberattack because so little of its infrastructure is sophisticated enough to use the
Page 20 Internet. But Estonia—"e-Stonia" to its fans—practices forms of e-government advanced even by Western European standards. Estonians pay taxes online, vote online, bank online. Their national ID cards contain electronic chips. When the country's Cabinet meets, everyone brings their laptop. When denial-of-service attacks start taking down Estonian Web sites, it matters. Of course, as is the way of these things, their precise origin cannot be determined: Unlike classic terrorism, the essence of modern cyberwarfare is its anonymity. Though some of the attacks did appear to come from PCs belonging to the Russian presidential administration, others came from as far afield as Brazil and Vietnam. As a result, even the Estonian government's experts have backed away from directly accusing the Russian government. After all, angry hackers can organize a "botnet"—a group of computers that have been remotely hacked and forced, unwittingly, to send out spam or viruses—anywhere. Indeed, "patriotic" Chinese hackers have made a specialty out of this sort of thing, launching cyberattacks at moments of high tension against both Japanese and U.S. government Web sites, using computers based all over the world. Both the anonymity and the novelty may turn out to be part of the appeal, particularly if, as some in NATO now believe, the attacks are Russian "tests," both of the West's preparedness for cyberwarfare in general and of NATO's commitment to its newest, weakest members in particular. Some believe the Russian government is now playing with different tactics, trying to see which forms of harassment work best: the verbal attacks on Estonia, the Russian oil pipeline to Lithuania that mysteriously turns out to need repairs, or the embargos on Polish meat products and Georgian wine. If that is the case, then surely the lesson of the last three weeks is that cyberwarfare has a lot going for it: It creates no uproar, results in no tit-for-tat economic sanctions, doesn't seem like a "real" form of warfare, and doesn't get anyone worried about Europe's long-term energy needs. NATO did, in the end, quietly send a few specialists to Estonia, as (even more quietly) did the Pentagon. A few Europeans complained a bit at a summit over the weekend, too. But there the affair will end—until the attacked Estonian government in cyberspace comes back online, better armed for the next battle. Table of Contents
Internet Law - Should We Go To War Over A Massive Cyber-Attack? By Maricelle Ruiz, Internet Business Law Service, May 23, 2007 Estonia is doing it again. The tiny Eastern European nation - holder of the first Internet election - is pushing the boundaries to set another legal precedent. But this time around, a change in the law could entail serious international consequences. It all started a few weeks ago. Weary of Russian attempts to reportedly meddle in its internal affairs, the former Soviet satellite state decided to relocate a Soviet war memorial from the center of its capital Tallinn to a cemetery. The action angered Russians living in Estonia and beyond. Among the actions taken against Estonia was a massive cyber-attack, lasting weeks, which Estonian public officials and business executives claim originated at the top levels of the Russian government. Estonia may be small in territorial size, but when it comes to its former handlers, it's ready to display a big attitude. The country's top public officials went straight to the European Union and the North Atlantic Treaty Organization (NATO) to report the attacks, which disabled the sites of ministries and political parties, as well as of some of the largest newspapers, banks and businesses in the country. "Attacking one member state means an attack against the entire European Union," Estonian Prime Minister Andrus Ansip alleged. "We have turned to the European Union and we ask them to take immediate action." Prime Minister Ansip and other Estonian public officials alluded to Article V of the NATO Treaty, which states that an attack on one of its members shall be considered an attack against all and
Page 21 enables these nations to exercise the right of self-defense recognized by Article 51 of the Charter of the United Nations. Most EU member states - including Estonia - also belong to NATO. Estonian Defense Minister Jaak Aaviksoo, meanwhile, discussed the situation with NATO officials and later stated the following during an interview with British newspaper The Guardian: "At present, NATO does not define cyber-attacks as a clear military action. This means that the provisions of Article V of the North Atlantic Treaty, or, in other words collective self-defense, will not automatically be extended to the attacked country. Not a single NATO defense minister would define a cyber-attack as a clear military action at present. However, this matter needs to be resolved in the near future." NATO cyber-terrorism experts have traveled to the country to assist Estonians in determining the source of the attack and boosting the country's electronic defenses. The attack has been described as a distributed denial of service attack. A denial of service attack is defined as an attack against a computer or network that attempts to limit access to the Internet by flooding it with requests for a webpage or emails. A more sophisticated variant of this attack is said to be the distributed denial of service attack, where hackers rely on viruses to take over multiple computers to engage in the attack, thus increasing the amount of malicious traffic and decreasing the ability of the owners of the victim machine or network to defend themselves. In the Estonian case, the IT experts prevented foreign Internet addresses from accessing the sites under attack until the situation was under control. The President of the European Council, German Chancellor Angela Merkel and Commission President José Manuel Barroso, meanwhile, were scheduled to discuss the cyber-attack issue during a recent EU summit with Russia, which judging by their grave faces during the final press conference, did not seem to yield positive results. In the past, Russia and China have been linked to electronic espionage. Now, it may be wise to admit that governments must evaluate measures to effectively handle countries that decide to engage in this novel type of warfare. Table of Contents
China Crafts Cyberweapons By Sumner Lemon, IDG News Service, May 28, 2007 The People's Liberation Army (PLA) continues to build cyberwarfare units and develop viruses to attack enemy computer systems as part of its information-warfare strategy, the U.S. Department of Defense (DOD) warned in a report released on Friday. "The PLA has established information warfare units to develop viruses to attack enemy computer systems and networks," the annual DOD report on China's military warned. At the same, Chinese armed forces are developing ways to protect its own systems from an enemy attack, it said, echoing similar warnings made in previous years. These capabilities are part of China's ongoing military modernization efforts, which have seen the country add dozens of high-tech fighters and ballistic missiles to its arsenal. China isn't alone in building the capability to attack an enemy's computer systems. The U.S. and other countries have developed similar abilities. The PLA's virus-writing efforts have been underway for years, reflecting the importance that China apparently attaches to information warfare. As early as 2000, the DOD warned, "China has the capability to penetrate poorly protected U.S. computer systems and potentially could use CNA [computer network attacks] to attack specific U.S. civilian and military infrastructures." In recent years, the PLA has begun training more seriously for computer attacks, including them as part of larger military exercises in 2005. The main focus of China's military modernization efforts are Taiwan, an island nation that China views as a renegade province. The two separated in 1949 after a civil war between the Communist and Nationalist armies, with the Nationalist forces retreating to Taiwan. China has long threatened
Page 22 to attack Taiwan if the island formally declares independence, and the expansion of China's military capabilities are largely geared towards a possible attack against Taiwan. "A limited military campaign could include computer network attacks against Taiwan’s political, military, and economic infrastructure to undermine the Taiwan population’s confidence in its leadership," the report said. But the U.S., which would likely intervene in a Chinese attack on Taiwan, is also a potential target, it said. Table of Contents
'Hacktavists' Attack Tiny Estonia By Mark Landler and John Markoff, The New York Times, 29 May 2007 TALLINN, Estonia (May 29, 2007) When Estonian authorities began removing a bronze statue of a Second World War-era Soviet soldier from a park in this bustling Baltic seaport last month, they expected violent street protests by Estonians of Russian descent. They also knew from experience that "if there are fights on the street, there are going to be fights on the Internet," said Hillar Aarelaid, the director of Estonia's Computer Emergency Response Team. After all, for people here the Internet is almost as vital as running water; it is used routinely to vote, file their taxes and, with their cellphones, to shop or pay for parking. What followed was what some here describe as the first war in cyberspace, a month-long campaign that has forced Estonian authorities to defend their pint-size Baltic nation from a data flood that they say was set off by orders from Russia or ethnic Russian sources in retaliation for the removal of the statue. The Estonians assert that an Internet address involved in the attacks belonged to an official who works in the administration of Russia's president, Vladimir V. Putin. The Russian government has denied any involvement in the attacks, which came close to shutting down the country's digital infrastructure, clogging the websites of the president, the prime minister, Parliament and other government agencies, staggering Estonia's biggest bank and overwhelming the sites of several daily newspapers. "It turned out to be a national security situation," said Estonia's Defence Minister Jaak Aaviksoo. "It can effectively be compared to when your ports are shut to the sea." Computer security experts from NATO, the European Union, the United States and Israel have since converged on Tallinn to offer help and to learn what they can about cyberwar in the digital age. "This may well turn out to be a watershed in terms of widespread awareness of the vulnerability of modern society," said Linton Wells II, the principal deputy assistant secretary of defence for networks and information integration at the Pentagon. "It has gotten the attention of a lot of people." When the first digital intruders slipped into Estonian cyberspace at 10 p.m. April 26, Aarelaid figured he was ready. He had erected firewalls around government websites, set up extra computer servers and put his staff on call for a busy week. The authorities anticipated there would be a backlash to the removal of the statue, which had become a rallying point for Estonia's large Russian-speaking minority, particularly as it was moved to a less accessible military graveyard. By April 29, Tallinn's streets were calm again after two nights of riots caused by the statue's removal, but Estonia's electronic Maginot Line was crumbling. In one of the first strikes, a flood of junk messages was thrown at the e-mail server of the Parliament, shutting it down. In another, hackers broke into the website of the Reform Party, posting a fake letter of apology from the prime minister, Andrus Ansip, for ordering the removal of the highly symbolic statue.
Page 23 By the end of the first week, the Estonians, with the help of authorities in other countries, had become reasonably adept at filtering out malicious data. Still, Aarelaid knew the worst was yet to come. The Russian holiday, Victory Day, was May 9. It's the date that marks the Soviet Union's defeat of Nazi Germany and honours fallen Red Army soldiers. The Internet was rife with plans to mark the occasion by taking down Estonia's network. Aarelaid huddled with security chiefs at the banks, urging them to keep their services running. He was also under orders to protect an important government briefing site. Other sites, such as that of the Estonian president, were sacrificed as low priorities. The attackers used a giant network of bots -- perhaps as many as one million computers in places as far away as the United States and Vietnam -- to amplify the impact of their assault. In a sign of their financial resources, there is evidence that they rented time on other so-called botnets. "When you combine very, very large packets of information with thousands of machines, you've got the recipe for very damaging denial-of-service attacks," said Jose Nazario, an expert on bots at Arbor Networks, an Internet security firm in Ann Arbor, Mich. In the early hours of May 9, traffic spiked to thousands of times the normal flow. It was heavier May 10, forcing Estonia's biggest bank to shut down its online service for more than an hour. Even now, the bank, Hansabank, is under assault and continues to block access to 300 suspect Internet addresses. It has had losses of at least $1 million US. Finally, on May 10, the attackers' time on the rented servers expired, and the botnet attacks fell off abruptly. All told, Arbor Networks measured dozens of attacks. The 10 largest assaults blasted streams of 90 megabits of data a second at Estonia's networks, lasting up to 10 hours each. That is a data load equivalent to downloading the entire Windows XP operating system every six seconds for 10 hours. "Hillar and his guys are good," said Bill Woodcock, a U.S. Internet security expert who was also on hand to observe the response. "There aren't a lot of other countries that could combat that on his level of calm professionalism." Estonia's defence was not flawless. To block hostile data, it had to close off large parts of its network to people outside the country. "It is really a shame that an Estonian businessman travelling abroad does not have access to his bank account," said Linnar Viik, a computer science professor and leader in Estonia's high-tech industry. "For members of the Estonian Parliament, it meant four days without e-mail." Still, Viik said the episode would serve as a learning experience. The use of botnets, for example, illustrates how a cyberattack on a single country can ensnare many other countries. In recent years, cyberattacks have been associated with Middle East and Serbian-Croatian conflicts. But computer systems at the Pentagon, NASA, universities and research labs have been compromised in the past. Scientists and researchers convened by the National Academy of Sciences this year heard testimony from military strategy experts indicating that both China and Russia have offensive information-warfare programs. The United States is also said to have begun a cyberwarfare effort. Though Estonia cannot be sure of the attackers' identities, their plans were posted on the Internet even before the attack began. On Russian-language forums and chat groups, the investigators found detailed instructions on how to send disruptive messages, and which Estonian websites to use as targets. "We were watching them being set up in real time," said Aarelaid. For NATO, the attack may lead to a discussion of whether it needs to modify its commitment to collective defence, enshrined in Article V of the North Atlantic Treaty. Aarelaid said NATO's Internet security experts said little but took copious notes during their visit. Because of the murkiness of the Internet -- where attackers can mask their identities by using the Internet addresses of others, or remotely program distant computers to send data without their
Page 24 owners even knowing it -- several experts said the attackers would probably never be caught. U.S. government officials said that the nature of the attacks suggested they were initiated by "hacktivists," technical experts who act independently from governments. "At the present time, we are not able to prove direct state links," Aaviksoo, Estonia's defence minister, said. "All we can say is that a server in our president's office got a query from an IP address in the Russian administration," he added, using the abbreviation for Internet protocol. Moscow had offered no help in tracking down people who the Estonian government believes may be involved. A spokesperson for the Kremlin denied Russian involvement and added, "The Estonia side has to be extremely careful when making accusations." The police here arrested and then released a 19-year-old Estonian man of Russian descent whom they suspected of helping to organize the attacks. Meanwhile, Estonia's foreign ministry has circulated a document that lists several Internet addresses inside the Russian government that it said took part in the attacks. "I don't think it was Russia, but who can tell?" said Gadi Evron, a computer security expert from Israel who spent four days in Tallinn writing a post-mortem on the response for the Estonians. "The Internet is perfect for plausible deniability." Evron, an executive at an Internet security firm called Beyond Security, is a veteran of this kind of warfare. He set up the Computer Emergency Response Team, or CERT, in Israel. Websites in Israel are regularly subjected to attacks by Palestinians or others sympathetic to their cause. "Whenever there is political tension, there is a cyber aftermath," Evron said, noting that sites in Denmark became targets after a newspaper published satirical cartoons depicting the prophet Muhammad. The attacks on Estonia's systems are not over, but they have dropped off in volume and intensity, and are aimed mainly at the banks. The last major wave of attacks was on May 18. Now that the onslaught has ebbed, Aarelaid is mopping up. A few days ago, he managed to get to the sauna with Jaan Priisalu, the head of computer security at Hansabank, and other friends from Estonia's Internet security fraternity. "I'm a simple IT guy," he said, gazing at a flickering computer screen. "I know a lot about bits and packets of data; I don't know about the bigger questions. But somebody orchestrated this thing." Table of Contents
New Wars Require New Weapons By Andrei Kislyakov, RIA, 24 May 2007 MOSCOW. (RIA Novosti political commentator Andrei Kislyakov) - Military dictionaries say that what distinguishes war from peace is the massive use of weapons. But today this interpretation is desperately obsolete. The goal of a war of the future will not be to seize enemy territory but to deal surgical strikes against sensitive targets. International borders are not violated, large-scale use of ground troops and armor is becoming a thing of the past, and the role of strategic aviation is diminished. The traditional nuclear triad is being replaced with non-nuclear high-accuracy weapons with different basing modes. In turn, this implies the presence of numerous satellite-based reconnaissance, warning and targeting systems that themselves require protection. This factor alone makes the development of space weapons inevitable. This series of articles deals with work on orbital combat systems, modernization of strategic arms and development of entirely new types of weapons.
Page 25 Space weapons These are weapons and auxiliary systems designed for deployment and use in space. They consist of different types, principles of action and designations. It is necessary to divide them into active and passive elements. The latter include satellite systems for reconnaissance, communications, and target indication that have been used by many countries for a long time. The more dangerous type, however, is the active elements, which can be used for anti-ballistic missile (ABM) defense, radio-electronic warfare, orbital bombing of any territory with nuclear and non-nuclear warheads, and anti-satellite weapons. The main types of space-based assault weapons are: 1. Intercontinental ballistic missiles (ICBMs). Their warheads are put into what is called the "staging orbit." In the event of a crisis and a command to destroy targets, the multiple-warhead- dispensing mechanism comes into action. This basing mode was suggested for the American MX ICBM when Soviet-U.S. tensions reached their peak in the early 1980s. 2. Ground-, air- and space-launched anti-satellite missiles. 3. Directed energy weapons, including chemical and X-ray lasers and beams. 4. Electronic weapons: pulse generators of powerful radio waves for radio-electronic warfare and magnetic-field-generated and plasma compression pulses. The main point is that space-based weapons allow comprehensive control over the Earth's surface. The appearance of permanent manned military stations in near-Earth orbit is only a matter of time. Nonetheless, such stations will not be developed in the near future, but automatic systems will. They will be equipped with weapons based on new physical principles. Moreover, there is evidence that a system has already been sent into space equipped with missiles and lasers capable of destroying satellites in low, medium and stationary orbits. The military rivalry in space between the Soviet Union and the United States in the late 1950s took two forms: anti-missile defense and action against a potential enemy's space-based systems. In the United States, work in both areas saw mixed success but without any obvious conflicts between the people involved, whereas in the Soviet Union it was dominated by good old-fashioned behind-the-scenes clan struggle. Table of Contents
China Makes Viruses For Cyberwar First-Strike By Gregg Keizer, Computerworld, 29 May 2007 May 29, 2007 (IDG News Service) China's military has developed cyberwarfare first-strike capabilities that include units charged with developing viruses to attack enemy computer networks, a Department of Defense (DoD) report warned last Friday. "The PLA [People's Liberation Army] has established information warfare units to develop viruses to attack enemy computer systems and networks, and tactics and measures to protect friendly computer systems and networks," the Pentagon's annual report to Congress on China's military power said. "In 2005, the PLA began to incorporate offensive CNO [computer network operations] into its exercises, primarily in first strikes against enemy networks." This newest report shows how the Chinese military's thinking on information warfare has changed in recent years, said Andrew Macpherson, director of the technical analysis group at the University of New Hampshire's Justiceworks and a research assistant professor of justice studies. Macpherson, a cybercrime and cyberwar researcher whose group debuted a Cyber Threat Calculator in January at a DoD cybercrime conference, noted that as recently as two years ago, other editions of the report stressed China's investments in defensive measures. "The Chinese were a lot more concerned about our viruses because they were using off-the-shelf [Western] software," Macpherson said. "Now there's no mention of that, and much more of the discussion is about first-strike capabilities."
Page 26 Even though the report's short section on information warfare is necessarily vague, "it's a good window into what our government is seeing from China," Macpherson said. "It's the highest level of unclassified American thought on China's capabilities and how they would use them. These annual reports are helpful [because] they show how China continues to develop it's information warfare strategy." And that development, Macpherson said, includes thinking about using viruses and other cyberwarfare tactics in a first strike. "A lot of [the PLA's] weapons systems are first-strike capable, to give them an advantage in any conflict. They're actively thinking about it. They know they will never catch up [to U.S. military technology], so they need these leapfrog technologies," such as an integrated information warfare capability, he added. Using cyberwarfare in a first strike, however, is another matter, and as in other military-political decisions, rests on whether China's leaders believed that they had an answer to some sort of political question. Most analysts have pointed to Taiwan, the island nation that the People's Republic of China views as a rogue province, as the location of any possible first strike by the PLA, cyberwarfare or otherwise. "Taiwan is their primary national security issue," Macpherson noted. The DoD report put it into perspective: "A limited military campaign could include computer network attacks against Taiwan's political, military and economic infrastructure to undermine the Taiwan population's confidence in its leadership." China's work with viruses dates back at least to the late 1990s, when a PLA exercise featured both network attacks and virus-killing software, said Timothy Thomas, of the Foreign Military Studies Office at Fort Leavenworth, in a paper written in 2000. In that paper, Thomas also spelled out how the information revolution had given new life to Mao Zedong's 70-year-old theories of a people's war. "China clearly has the people to conduct 'take home battle,' a reference to battle conducted with laptops at home that allow thousands of citizens to hack foreign computer systems when needed," Thomas said. He pointed to a 1999 "network battle" fought between Chinese and American hackers after the U.S. bombed the Chinese embassy in Belgrade as an example. After the back-and-forth of site defacings and distributed denial-of-service (DDoS) attacks, the PLA's official newspaper, the Liberation Army Daily, called for training a large number of "network fighters" and using civilian computer hackers to take part in any future information war. If the circumstances were right, Macpherson said, China might strike, viruses and all. "Maybe they would be willing to unplug from the Internet if they saw the advantage to their side was great" by attacking the Web as a whole, he said. But although Macpherson noted that China's strategy relies on "how the inferior can challenge the superior," the communist country needn't strike first to have an impact. "Long-term attacks can work too," he said. "They can get access to intellectual property and publish it. Or taint data so that [one] couldn't be sure that backups were reliable." Yesterday, the PRC's Foreign Ministry blasted the DoD report, but the spokeswoman did not mention cyberwarfare specifically. The U.S., said Jiang Yu in a statement posted to the Ministry of Foreign Affairs' Web site, "continues to spread myth of the 'China Threat' by exaggerating China's military strength and expenses out of ulterior motives. "As a peace-loving country, China steadfastly follows a road of peaceful development, adopting a national defense policy that is defensive in nature," she added. Jiang also reiterated China's policy on Taiwan. "We will never tolerate the 'Taiwan Independence' or any attempt by anyone to separate Taiwan from China by whatever means," Jiang said and called on the U.S. to stop arms sales to Taiwan and end military ties with the island. Table of Contents
Page 27 Counter-Insurgency and "The Single Narrative" By Austin Bay, Strategy Page, May 30, 2007 "Since counterinsurgency is a competition to mobilize popular support, it pays to know how people are mobilized." That candid declaration of common sense appeared last year in IOSPHERE, the publication of the Joint Information Operations Center, in an article written by Dr. David Kilcullen. Kilcullen's article expanded on the sources of motivation. "In most societies," he wrote, "there are opinionmakers: local leaders ... religious figures, media personalities ... who set trends and influence public perceptions. This influence -- including the pernicious influence of the insurgents -- often takes the form of a 'single narrative.' This is a simple, unifying, easily expressed story or explanation that organizes people's experience and provides a framework for understanding events. ... "Iraqi insurgents have one, as do al-Qaida and the Taliban. To undercut their influence, you must exploit an alternative narrative: or better yet, tap into an existing narrative that excludes the insurgents." When it comes to counter-insurgency, Kilcullen has both classic credentials and street cred. He worked for the State Department as chief counter-terrorism strategist. His doctoral dissertation (analyzing the political effects of insurgency and counter-insurgency on traditional Muslim societies) connects academia with the action in the alleys. It involved fieldwork with members of Dar'ul Islam, the forerunner al-Qaida's Southeast Asia offspring, Jema'ah Islamiyah. He's also a former Australian infantry officer who served in East Timor, Bougainville and the Middle East. Kilcullen now works in Baghdad as Gen. David Petraeus' senior counter-insurgency advisor. He is one of the architects of "the surge strategy" -- the nom de guerre for the Iraqi government's and Petraeus' new combined political and military operations. Last week, I spoke with Kilcullen via a press conference call from Baghdad. He has the accent of an Australian wine connoisseur, not a crocodile hunter, though I'm certain he can hunt crocs. In war, the simple is difficult. Given the Internet and the glare of 24-7 news cameras, no war is more complex than contemporary irregular warfare. But motivation ties to the will to persevere in a conflict. After Kilcullen and I briefly discussed his 2006 article, I asked him: "What is the single narrative or alternative narrative in Iraq? Could you give an example of a narrative in a Baghdad neighborhood?" "That's been one of the weaknesses in this business over time," he replied. "I think it is something that is improving now. We have to make certain the story, the message people are getting from Iraqi government institutions is same as the message from U.S. sources." According to Kilcullen, the Iraqi government's central message is the Iraqi people "don't need militias to protect (them) against terrorists. The government can do that. Gain trust in the government to protect you, and move from a dependency on militias." As for an operation designed to reinforce that message, Kilcullen said that in neighborhoods in Baghdad, "there has been a big effort to recruit and employ police in place and demonstrate presence on a 24-hour basis. This is so that they (the people in the neighborhood) feel the change (the improvement in security)." Up until late 2006, Kilcullen suggested, the "single narrative" the United States pursued was "that as they (Iraqis) stand up, we stand down." Unfortunately, "that message is not particularly comforting to Iraqis," he said. "The single big message (the Iraqi government and coalition are sending) now is that we are protecting the population and trying to achieve sustainable stability. We are improving security and doing it to create a sustainable space so Iraqis can do it themselves."
Page 28 In the "message war," actions must align with words -- or the narrative is only so much hot air. The Iraqi government actually has a major advantage over al-Qaida and the "former regime elements" (FRE, Saddam's old supporters). All al-Qaida and the FRE offer is violence. They have no economic program, and their political program is "give power to us." Their power is a negative power. Sectarian militias do offer local protection, but their protection often includes crime and thuggery. The Iraqi government offers prosperity, justice and peace -- the strategic payoff of democracy and integration in the global economic system. That is the strategic "single narrative," and it's appealing. But as Kilcullen said, that process begins with reliable police and local protection. Table of Contents
New Paradigms for 21st Century Conflict By David J. Kilcullen, eJournal USA: Foreign Policy Agenda (US State Dept), Volume 12, Number 5, May 2007 Despite our rather rosy hindsight view of World War II, there was considerable dissent at the time about the war's aims, conduct, and strategy. But virtually no one disagreed that it was indeed a war or that the Axis powers were the enemy/aggressors. Contrast this with the war on terrorism. Some dispute the notion that the conflict can be defined as a war; others question the reality of the threat. Far-left critics blame American industrial interests, while a lunatic fringe sees September 11, 2001, as a massive self-inflicted conspiracy. More seriously, people disagree about the enemy. Is al-Qaida a real threat or a creature of Western paranoia and overreaction? Is it even a real organization? Is al-Qaida a mass movement or simply a philosophy, a state of mind? Is the enemy all terrorism? Is it extremism? Or is Islam itself in some way a threat? Is this primarily a military, political, or civilizational problem? What would "victory" look like? These fundamentals are disputed, as those of previous conflicts (except possibly the Cold War) were not. In truth, the al-Qaida threat is all too real. But ambiguity arises because this conflict breaks existing paradigms—including notions of "warfare," "diplomacy," "intelligence," and even "terrorism." How, for example, do we wage war on nonstate actors who hide in states with which we are at peace? How do we work with allies whose territory provides safe haven for nonstate opponents? How do we defeat enemies who exploit the tools of globalization and open societies, without destroying the very things we seek to protect? A New Paradigm British General Rupert Smith argues that war—defined as industrial, interstate warfare between armies, where the clash of arms decides the outcome—no longer exists, that we are instead in an era of "war amongst the people," where the utility of military forces depends on their ability to adapt to complex political contexts and engage nonstate opponents under the critical gaze of global public opinion.1 Certainly, in complex, multisided, irregular conflicts such as Iraq, conventional warfare has failed to produce decisive outcomes. We have instead adopted policing, nation- building, and counterinsurgency approaches—and developed new interagency tools "on the fly." Similarly, we traditionally conduct state-based diplomacy through engagement with elites of other societies: governments, intelligentsia, and business leaders, among others. The theory is that problems can be resolved when elites agree, cooler heads prevail, and governments negotiate and then enforce agreements. Notions of sovereignty, the nation-state, treaty regimes, and international institutions all build on this paradigm. Yet the enemy organizes at the nonelite level, exploiting discontent and alienation across numerous countries, to aggregate the effects of multiple grassroots actors into a mass movement with global reach. How do elite models of diplomacy address that challenge? This is not a new problem—various programs were established in U.S. embassies in the Cold War to engage with nongovernmental elements of civil societies at risk from Communist subversion. But many such programs lapsed after 1992, and problems of religious extremism or political violence require subtly different approaches.
Page 29 Likewise, traditional intelligence services are not primarily designed to find out what is happening but to acquire secrets from other nation-states. They are well-adapted to state-based targets but less suited to nonstate actors—where the problem is to acquire information that is unclassified but located in denied, hostile, or inaccessible physical or human terrain. Even against state actors, traditional intelligence cannot tell us what is happening, only what other governments believe is happening. Why, for example, did Western intelligence miss the imminent fall of the Soviet Union in 1992? In part, because we were reading the Soviet leaders' mail—and they themselves failed to understand the depth of grassroots disillusionment with Communism.2 Why did most countries (including those that opposed the Iraq war) believe in 2002 that Saddam Hussein's regime had weapons of mass destruction? Because they were intercepting the regime's communications, and many senior Iraqi regime members believed Iraq had them.3 Long-standing trends underpin this environment. Drivers include globalization and the backlash against it, the rise of nonstate actors with capabilities comparable to some nation-states, U.S. conventional military superiority that forces all opponents to avoid its strengths and migrate toward unconventional approaches, and a global information environment based on the Internet and satellite communications. All these trends would endure even if al-Qaida disappeared tomorrow, and until we demonstrate an ability to defeat this type of threat, any smart adversary will adopt a similar approach. Far from being a one-off challenge, we may look back on al-Qaida as the harbinger of a new era of conflict. Adapting to the New Environment Thus, as former U.S. Counterterrorism Ambassador Hank Crumpton observed, we seem to be on the threshold of a new era of warfare, one that demands an adaptive response. Like dinosaurs outcompeted by smaller, weaker, but more adaptive mammals, in this new era, nation-states are more powerful but less agile and flexible than nonstate opponents. As in all conflict, success will depend on our ability to adapt, evolve new responses, and get ahead of a rapidly changing threat environment. The enemy adapts with great speed. Consider al-Qaida's evolution since the mid-1990s. Early attacks (the East African embassy bombings, the USS Cole, and 9/11 itself) were "expeditionary": Al-Qaida formed a team in Country A, prepared it in Country B, and clandestinely infiltrated it into Country C to attack a target. In response, we improved transportation security, infrastructure protection, and immigration controls. In turn, terrorists developed a "guerrilla" approach where, instead of building a team remotely and inserting it secretly to attack, they grew the team close to the target using nationals of the host country. The Madrid and London bombings, and attacks in Casablanca, Istanbul, and Jeddah, followed this pattern, as did the foiled London airline plot of summer 2006. These attacks are often described as "home grown," yet they were inspired, exploited, and to some extent directed by al-Qaida. For example, Mohammed Siddeque Khan, leader of the July 7, 2005, London attack, flew to Pakistan and probably met al-Qaida representatives for guidance and training well before the bombing.4 But the new approach temporarily invalidated our countermeasures—instead of smuggling 19 people in, the terrorists brought one man out—side- stepping our new security procedures. The terrorists had adapted to our new approach by evolving new techniques of their own. We are now, of course, alert to this "guerrilla" method, as the failure of the August 2006 plots in the United Kingdom and other recent potential attacks showed. But terrorists are undoubtedly already developing new adaptive measures. In counterterrorism, methods that work are almost by definition already obsolete: Our opponents evolve as soon as we master their current approach. There is no "silver bullet." Similar to malaria, terrorism constantly morphs into new mutations that require a continuously updated battery of responses. Five Practical Steps In responding to this counterintuitive form of warfare, the United States has done two basic things so far. First, we improved existing institutions (through processes like intelligence reform, creation
Page 30 of the Department of Homeland Security, and additional capacity for "irregular"—that is, nontraditional—warfare within the Department of Defense). Second, we have begun developing new paradigms to fit the new reality. These are yet to fully emerge, though some—such as the idea of treating the conflict as a very large-scale counterinsurgency problem, requiring primarily nonmilitary responses coupled with measures to protect at-risk populations from enemy influence— have gained traction.5 But in a sense, policy makers today are a little like the "Chateau Generals" of the First World War— confronting a form of conflict that invalidates received wisdom, just as the generals faced the "riddle of the trenches" in 1914-1918. Like them, we face a conflict environment transformed by new technological and social conditions, for which existing organizations and concepts are ill-suited. Like them, we have "work-arounds," but have yet to develop the breakthrough concepts, technologies, and organizations—equivalent to blitzkrieg in the 1930s—that would solve the riddle of this new threat environment. There is no easy answer (if there were, we would have found it by now), but it is possible to suggest a way forward. This involves three conceptual steps to develop new models and, simultaneously, two organizational steps to create a capability for this form of conflict. This is not meant to be prescriptive, but is simply one possible approach. And the ideas put forward are not particularly original—rather, this proposal musters existing ideas and integrates them into a policy approach. 1. Develop a new lexicon: Professor Michael Vlahos has pointed out that the language we use to describe the new threats actively hinders innovative thought.6 Our terms draw on negative formulations; they say what the environment is not, rather than what it is. These terms include descriptors like unconventional, nonstate, nontraditional, unorthodox, and irregular. Terminology undoubtedly influences our ability to think clearly. One reason why planners in Iraq may have treated "major combat operations" (Phase III) as decisive, not realizing that in this case the post- conflict phase would actually be critical, is that Phase III is decisive by definition. Its full doctrinal name is "Phase III—Decisive Operations." To think clearly about new threats, we need a new lexicon based on the actual, observed characteristics of real enemies who: Integrate terrorism, subversion, humanitarian work, and insurgency to support propaganda designed to manipulate the perceptions of local and global audiences Aggregate the effects of a very large number of grassroots actors, scattered across many countries, into a mass movement greater than the sum of its parts, with dispersed leadership and planning functions that deny us detectable targets Exploit the speed and ubiquity of modern communications media to mobilize supporters and sympathizers, at speeds far greater than governments can muster Exploit deep-seated belief systems founded in religious, ethnic, tribal, or cultural identity, to create extremely lethal, nonrational reactions among social groups Exploit safe havens such as ungoverned or undergoverned areas (in physical or cyber space); ideological, religious, or cultural blind spots; or legal loopholes Use high-profile symbolic attacks that provoke nation-states into overreactions that damage their long-term interests Mount numerous, cheap, small-scale challenges to exhaust us by provoking expensive containment, prevention, and response efforts in dozens of remote areas These features of the new environment could generate a lexicon to better describe the threat. Since the new threats are not state-based, the basis for our approach should not be international relations (the study of how nation-states interact in elite state-based frameworks) but anthropology (the study of social roles, groups, status, institutions, and relations within human population groups, in nonelite, nonstate-based frameworks). 2. Get the grand strategy right: If this confrontation is based on long-standing trends, it follows that it may be a protracted, generational, or multigenerational struggle. This means we need both
Page 31 a "long view" and a "broad view"7 that consider how best to interweave all strands of national power, including the private sector and the wider community. Thus we need a grand strategy that can be sustained by the American people, successive U.S. administrations, key allies, and partners worldwide. Formulating such a long-term grand strategy would involve four crucial judgments: Deciding whether our interests are best served by intervening in and trying to mitigate the process of political and religious ferment in the Muslim world, or by seeking instead to contain any spillover of violence or unrest into Western communities. This choice is akin to that between "rollback" and "containment" in the Cold War and is a key element in framing a long- term response. Deciding how to allocate resources among military and nonmilitary elements of national power. Our present spending and effort are predominantly military; by contrast, a "global counterinsurgency" approach would suggest that about 80 percent of effort should go toward political, diplomatic, development, intelligence, and informational activity, and about 20 percent to military activity. Whether this is appropriate depends on our judgment about intervention versus containment. Deciding how much to spend (in resources and lives) on this problem. This will require a risk judgment taking into account the likelihood and consequences of future terrorist attacks. Such a judgment must also consider how much can be spent on security without imposing an unsustainable cost burden on our societies. Deciding how to prioritize effort geographically. At present most effort goes to Iraq, a much smaller portion to Afghanistan, and less again to all other areas. Partly this is because our spending is predominantly military and because we have chosen to intervene in the heart of the Muslim world. Different choices on the military/nonmilitary and intervention/containment judgments might produce significantly different regional priorities over time. Clearly, the specifics of any administration's strategy would vary in response to a developing situation. Indeed, such agility is critical. But achieving a sustainable consensus, nationally and internationally, on the four grand judgments listed above, would provide a long-term basis for policy across successive administrations. 3. Remedy the imbalance in government capability: At present, the U.S. defense budget accounts for approximately half of total global defense spending, while the U.S. armed forces employ about 1.68 million uniformed members.8 By comparison, the State Department employs about 6,000 foreign service officers, while the U.S. Agency for International Development (USAID) has about 2,000.9 In other words, the Department of Defense is about 210 times larger than USAID and State combined—there are substantially more people employed as musicians in Defense bands than in the entire foreign service.10 This is not to criticize Defense—armed services are labor- and capital-intensive and are always larger than diplomatic or aid agencies. But considering the importance, in this form of conflict, of development, diplomacy, and information (the U.S. Information Agency was abolished in 1999 and the State Department figures given include its successor bureau), a clear imbalance exists between military and nonmilitary elements of capacity. This distorts policy and is unusual by global standards. For example, Australia's military is approximately nine times larger than its diplomatic and aid agencies combined: The military arm is larger, but not 210 times larger, than the other elements of national power. To its credit, the Department of Defense recognizes the problems inherent in such an imbalance, and said so in the 2006 Quadrennial Defense Review.11 And the Bush administration has programs in train to increase nonmilitary capacity. But to succeed over the long haul, we need a sustained commitment to build nonmilitary elements of national power. So-called soft powers, such as private-sector economic strength, national reputation, and cultural confidence, are crucial, because military power alone cannot compensate for their loss. These three conceptual steps will take time (which is, incidentally, a good reason to start on them). But in the interim, two organizational steps could prepare the way:
Page 32 4. Identify the new "strategic services": A leading role in the war on terrorism has fallen to Special Operations Forces (SOF) because of their direct action capabilities against targets in remote or denied areas. Meanwhile, Max Boot12 has argued that we again need something like the Office of Strategic Services (OSS) of World War II, which included analysis, intelligence, anthropology, special operations, information, psychological operations, and technology capabilities. Adjectives matter: Special Forces versus Strategic Services. SOF are special. They are defined by internal comparison to the rest of the military—SOF undertake tasks "beyond the capabilities" of general-purpose forces. By contrast, OSS was strategic. It was defined against an external environment and undertook tasks of strategic importance, rapidly acquiring and divesting capabilities as needed. SOF are almost entirely military; OSS was an interagency body with a sizeable civilian component, and almost all its military personnel were emergency war enlistees (talented civilians with strategically relevant skills, enlisted for the duration of the war).13 SOF trace their origin to OSS; yet whereas today's SOF are elite military forces with highly specialized capabilities optimized for seven standard missions,14 OSS was a mixed civil-military organization that took whatever mission the environment demanded, building capabilities as needed. Identifying which capabilities are strategic services today would be a key step in prioritizing interagency efforts. Capabilities for dealing with nonelite, grassroots threats include cultural and ethnographic intelligence, social systems analysis, information operations (see below), early-entry or high-threat humanitarian and governance teams, field negotiation and mediation teams, biometric reconnaissance, and a variety of other strategically relevant capabilities. The relevance of these capabilities changes over time—some that are strategically relevant now would cease to be, while others would emerge. The key is the creation of an interagency capability to rapidly acquire and apply techniques and technologies in a fast-changing situation. 5. Develop a capacity for strategic information warfare: Al-Qaida is highly skilled at exploiting multiple, diverse actions by individuals and groups, by framing them in a propaganda narrative to manipulate local and global audiences. Al-Qaida maintains a network that collects information about the debate in the West and feeds this, along with an assessment of the effectiveness of al-Qaida's propaganda, to its leaders. They use physical operations (bombings, insurgent activity, beheadings) as supporting material for an integrated "armed propaganda" campaign. The "information" side of al-Qaida's operation is primary; the physical is merely the tool to achieve a propaganda result. The Taliban, GSPC (previously, the Salafist Group for Preaching and Combat, now known as al-Qaida in the Islamic Maghreb), and some other al-Qaida-aligned groups, as well as Hezbollah, adopt similar approaches. Contrast this with our approach: We typically design physical operations first, then craft supporting information operations to explain our actions. This is the reverse of al-Qaida's approach. For all our professionalism, compared to the enemy's, our public information is an afterthought. In military terms, for al-Qaida the "main effort" is information; for us, information is a "supporting effort." As noted, there are 1.68 million people in the U.S. military, and what they do speaks louder than what our public information professionals (who number in the hundreds) say. Thus, to combat extremist propaganda, we need a capacity for strategic information warfare—an integrating function that draws together all components of what we say and what we do to send strategic messages that support our overall policy. At present, the military has a well-developed information operations doctrine, but other agencies do not, and they are often rightly wary of military methods. Militarizing information operations would be a severe mistake that would confuse a part (military operations) with the whole (U.S. national strategy) and so undermine our overall policy. Lacking a whole-of-government doctrine and the capability to fight strategic information warfare limits our effectiveness and creates message dissonance, in which different elements of the U.S. government send out different messages or work to differing information agendas. We need an interagency effort, with leadership from the very top in the executive and legislative branches of government, to create capabilities, organizations, and doctrine for a national-level
Page 33 strategic information campaign. Building such a capability is perhaps the most important of our many capability challenges in this new era of information-driven conflict. Tentative Conclusions These notions—a new lexicon, grand strategy, balanced capability, strategic services, and strategic information warfare—are merely speculative ideas that suggest what might emerge from a comprehensive effort to find new paradigms for this new era of conflict. Different ideas may well emerge from such an effort, and, in any case, rapid changes in the environment due to enemy adaptation will demand constant innovation. But it is crystal clear that our traditional paradigms of industrial interstate war, elite-based diplomacy, and state-focused intelligence can no longer explain the environment or provide conceptual keys to overcome today's threats. The Cold War is a limited analogy for today's conflict: There are many differences between today's threats and those of the Cold War era. Yet in at least one dimension, that of time, the enduring trends that drive the current confrontation may mean that the conflict will indeed resemble the Cold War, which lasted in one form or another for the 75 years between the Russian Revolution in 1917 and the collapse of the Soviet Union in December 1991. Many of its consequences—especially the "legacy conflicts" arising from the Soviet-Afghan War—are with us still. Even if this confrontation lasts only half as long as the Cold War, we are at the beginning of a very long road indeed, whether we choose to recognize it or not. The new threats, which invalidate received wisdom on so many issues, may indicate that we are on the brink of a new era of conflict. Finding new, breakthrough ideas to understand and defeat these threats may prove to be the most important challenge we face. The opinions expressed in this article do not necessarily reflect the views or policies of the U.S. government. Endnotes (1)See Rupert Smith, The Utility of Force: The Art of War in the Modern World (New York: Alfred A. Knopf, 2007), especially pp. 3-28 and 269-335. (2)See Gerald K. Haines and Robert E. Leggett, Watching the Bear: Essays on CIA's Analysis of the Soviet Union (Washington, D.C.: Central Intelligence Agency, Center for the Study of Intelligence, 2003), especially chapters VI and VII. (3) See Kevin M. Woods et. al, Iraqi Perspectives Project: A View of Operation Iraqi Freedom from Saddam's Senior Leadership (Joint Forces Command, Joint Center for Operational Analysis), p. 92. (4)Intelligence and Security Committee, Report Into the London Terrorist Attacks on 7 July 2005 (London: The Stationery Office, May 2006), p. 12. (5)See David Kilcullen, "Countering Global Insurgency," Small Wars Journal (November 2004) and available at http://www.smallwarsjournal.com/documents/kilcullen.pdf ; Williamson Murray (ed.), Strategic Challenges for Counterinsurgency and the Global War on Terrorism (Carlisle, PA: Strategic Studies Institute, 2006); and Bruce Hoffman, "From War on Terror to Global Counterinsurgency," Current History (December 2006): pp. 423-429. (6)Professor Michael Vlahos, Johns Hopkins University Applied Physics Laboratory, personal communication, December 2006. (7) I am indebted to Mr. Steve Eames for this conceptual formulation. (8) Compiled from figures in International Institute for Strategic Studies, Military Balance 2007, pp. 15-50. (9) Compiled from U.S. State Department and U.S. Agency for International Development, Congressional Budget Justification 2007, table 9. (10)The U.S. Army alone employs well over 5,000 band musicians, according to a March 2007 job advertisement; see http://bands.army.mil/jobs/default.asp. (11)Department of Defense, Quadrennial Defense Review Report (2 February 2006): pp. 83-91. (12) See Max Boot, Congressional Testimony Before the House Armed Services Committee, 29 June 2006, at http://www.globalsecurity.org/military/library/congress/2006_hr/060629-boot.pdf. (13) See Central Intelligence Agency, The Office of Strategic Services: America's First Intelligence Agency at https://www.cia.gov/cia/publications/oss/index.htm. (14)The seven standard SOF missions are Direct Action (DA), Special Reconnaissance (SR), Unconventional Warfare (UW), Foreign Internal Defence (FID), Counter-Terrorism (CT), Psychological Operations (PSYOP), and Civil Affairs (CA). Table of Contents
Page 34