Connect with us

Intelligence

Declassifying “Lone-Wolf” terrorism: Formulating a “Counter-Terror” strategy

Anant Mishra

Published

on

After “extensively” analysing and assessing global nation’s counter terrorism response towards lone wolf terror attacks along with the challenges faced by domestic and external security and intelligence agencies, numerous “viable” pragmatic counter-terror strategies were drafted by military and strategic experts throughout the world. Actions carried by “Lone-Wolf” terrorists are “virtually invisible” to “identify and separate”, hindering domestic and intelligence agencies to formulate an “accurate response”. The traditional “profiling” in law enforcement is no longer a viable strategy, particularly towards identifying the “lone-wolf” actor, however, the actor’s “operational mechanism” in the form of an “individualistic response” leaves numerous clues which law enforcement departments particularly hailing from domestic and intelligence groups can use to formulate an effective and efficient strategy.

Moreover, roughly every lone wolf attacker has showcased his/her commitment towards a cause, an alignment or a connection with active“terrorist factions”, pointing towards “increasing presence of radicalised youth” separating them from “potential sympathetic individuals and supporters”. In the light of “aggravating attacks” from “lone wolf terrorists”followed by the rise of “aggressive right-wing factions” (such as A.B. Breivik), law enforcement officers continue to face enormous challenges, especially when it comes to formulating a “viable” applicable strategyto identify lone wolf attackers, who continues to “hide in plain sight”, fearlessly.

Introduction

After the aggressive violence induced by radical Islamic terrorists against Charlie Hebdo on January 7th, 2015, the threat induced by lone wolf attackers have become a “top” priority for law enforcement officers particularly those hailing from domestic and external intelligence agencies. The law enforcement and intelligence agencies in Parisfaced with two prominent questions:

  • Was there any intelligence input prior to the attack?
  • Was there any way to prevent tragic loss of lives?
  • What should be the strategy to identify perpetrators and their plots?
  • Can we prevent future attacks from happening?

All the aforementioned questions are difficult to address. The Directorate General for External Security (DGSE) continues to simulate multiple “responses”, whereas the General Directorate for Internal Security has started “counter-terrorism liaison program” with Directorate of Military Intelligence (DRM) along with Directorate for Defence Protection and Security (DPSD) in an effort to “strengthen, cooperate and coordinate” a response against future attacks. There is no absolute way to provide a suitable answer for the fourth aforementioned question, rather than stating the fact that, it is absolutely “difficult” for security and intelligence agencies to forecast and prevent future possible attacks. No intelligence agency would talk the responsibility to answer, however, drawing a strategic response in an effort to forecast and prevent an attack in the future would be “difficult”. The objective of the article is to evaluate and assess viable pragmatic counter-terror approachesagainst the threat posed by lone wolf terrorismwhile especially emphasising on strategies to counter “Charlie Hebdo” styled attacks. To begin with strategic viable solutions, it is imperative for policy makers to first define lone wolf terrorism.

The definition

The term “lone wolf” was first introduced by US law enforcement agencies towards individuals carrying out attacks outside a designated command structure.Operation Lone Wolf was carried by Federal Bureau of Investigation (FBI)to “apprehend” Alex Curtis who instigated “right-wing factions” to participate in “lone-wolf” activism. Since then, numerous terminologies have been introduced by various strategic and intelligence experts, some calling it asan “individual resistance”, “self-indoctrinated terrorism tactics”and “self-sponsored terrorism”.

The article does not lean to a particular definition rather encourages law enforcement agencies and security, intelligence establishment to collect all “available definitions under an umbrella” in an effort to formulate an effective strategy. Traditional Counter-terrorism centred think tanksdefine Lone wolf as “an individual who acts on his/her own will outside a traditional organizing structure or a group”. Moreover, the Federal Bureau of Investigation (FBI) taking the definition to an extent, separates the definition with sleeper agents pointing towards the “dormant” nature of the sleeper agent who is “purposefully” tasked to infiltrate an organization and only reveals himself only on the command of a group or an organization. On the contrary, “A lone wolf is an “individual” operative without a “command and control” structurewho on his free will initiatives an attack”. Although,many counter-terrorism agencies ignore the “ideological” connection of the individual with other “active groups”, which the lone wolf could have been interacting either through “intra-personal interaction” or by “accessing internet”.

Throughout the article the focus will remain on “Operational mechanism” of lone wolf attackers. Although, a significant percentage of lone wolf attackers have been found “influenced” with radical Islamic militant organizations, such as the Islamic State or Al-Qaeda, the “decision, operational planning and carrying out procedure” has largely been “self”, instead of following “traditional commands” from the organizational leaders. Moreover, it is imperative for policy makers to include those “individuals that are inspired/self-indoctrinated by violent radical religion-centric terror organization” within the brackets lone wolf terrorism definition. They could have maintained “links” with the radical religion-centric organization, but the structure of the organization could not be “traditional”.

Absence of a “traditional individualistic behaviour”

Numerous terror attacks carried by “lone-wolves”in Germany, France, Italy, Spain, Australia, in particular to the attack by Barend Strydom, an African national, whoshot and killed a dozen people while wounding many, at the Strijdom Square in Pretoria, South Africa; In La Défense, a man stabbed and mortally wounded a soldier Cédric Cordier. The soldier was later declared “out of danger”. The attacker was identified as Alexandre Dhaussy, a French national who converted to Islam; Another Islamist Mohammed Merah killed over seven people in the city of Toulouse while taking numerous hostage. He was later killed during a 32-hour standoff; In one of the first deadliest attack in Germany, Arid Ukashot and killed two US soldiers while mortally wounding many others at Frankfort Airport; On October 22nd, 2014, a Canadian national Michael Zehaf-Bibeau shot a soldier on-guard at the National War Memorial. The suspect then ran towards the Parliament of Canada and was engaged in a gun-battle with the forces. Additionally,subsequent attempts were made to bomb Seaside Park, New Jersey, lower Manhattan, New York; and New Jersey. Injuring over thirty civilians, the perpetrator Ahmad Khan Rahami was apprehended from Linden, New Jersey, after he open fired injuring three responding officers.

Policy makers must note that, the mastermind” individuals of some aforementioned examples of deadly violence and attacks, vary particularly with respect to their operational mechanism and “target locations”, along with ideological and political inclined groups. Moreover, the common element in these attacks point towards a particular indoctrination or “religion induced”. All the lone wolf attackers were strongly “believers of faith”.

It is important to note that, there is absolutely no “traditional” framework of a lone wolf attacker. However, in the light of their religion centric “differences” and “ideological” mindset coupled with the element of “faith in religion”, makes it easy for security and intelligence agencies to “classify or rule out lone wolf terror attack”. Additionally, there are certain characteristics which possess “significant similarities” among all lone wolf attackers. The fact that continues to challenge security and intelligence agencies is the presence of “few lone wolf attacks which were carried by individuals without any connection to a terror faction”. According to a research conducted by the Organization for Security and Co-operation in Europe(OSCE) jointly with INTERPOL, less than 1.34percent out of 78 lone wolf attacks in US, Germany, Canada, Australia were “individualistic” in nature. This numerical value further complicates the investigation carried by security and law enforcement agencies of lone wolf attacks, seriously hindering their ability to formulate a viable counter-terrorism strategy. Besides all agreements considered, the lone wolf attacks continue to accelerate phenomenally.

Identifying “motivating factors” of lone wolf elements

It will not be incorrect to state that, the radical religion-centric lone wolf “modus operandi” hosts similar characteristics of traditional “right-wing” lone wolf attacks. Throughout the 1990s, Tom Metzger and AlexCurtis openly instigated their followers to commit violent acts of crime. Furthermore,“radical-white” advocator Louis Beam, who was a former member of the notorious Ku Klux Klan, drew the “early strategy on how to carry out a leaderless revolution”. He drafted a scenario where “individuals could carry out attacks without responding to a centralised organization or a leader established headquarters”.

Although, experts have not directly linked the modus operandi used by “radical Islamic centred”lone wolf extremists with that of traditional “right-wing” attackers,however there is striking similarity ofsmall-scale attacks. In 2003, Osama-Bin Laden, through his supporters distributed “instructions” asking his followers not to wait for any instructions in “carrying out attacks”. He further asked his followers “to use whatever means available”. In the late 2004, Abu Musab al-Suri, a Spanish-Syrian national, who was an active member of the “closed circle” group of Bin Laden, published his narrative of Islamic Jihad through a paper titled “Call for Worldwide Islamic Resistance,”. In this roughly seventeen hundred “doctrine”, he mentioned a “new form of jihad”, highlighting the acts of terror carried by “small groups”, which he titled them as “leader-less resistance”. Individuals irrespective of their nationality or age, will wage war on allfronts-“fighting the West in the West”. Two years later, Abu Jihad al-Masri, a prominent figure in Al-Qaeda, published his narrative titled “How to fight alone”which was massively downloaded from Jihadi-centric websites.

Challenges faced by security and intelligence agencies

Lone wolf terrorist attacks are one of the most “unpredictable and difficult to diagnose” events. It will not be incorrect to state that, lone wolf terror attacks bring “nightmare” to intelligence agencies, domestic security institutions, national and regional law enforcement organizationsas they are extremely “sensitive” and “revolve around multiple possible scenarios”.

To begin with, lone wolf elements possess “individualistic” characterises, who live “shadowing intelligence agencies” in “plain clothes”. The attacker may be someone’s relative, friend, husband, brother, or neighbour living next door. Intelligence agencies cannot come to a inclusion simply by studying the perpetrators visual appearance or “daily routines”. The individual avoids “absolute outside contact” making his/her actions discreet. This further increases the difficulty for security and intelligence agencies to “identify and apprehend” a lone wolf attacker. While comparing the individual’s actions to “traditional/conventional terrorist factions”or “centralised command centred” terror actors, “individual” actors have the benefit to maintain a “low-life” and avoiding “all forms of attraction/suspicion” before and post-attack.

When “conventional” terror group members operate, the risk of “detection” from security and intelligence agencies remains high.

Furthermore, in the light of growing “right-wing” political activism followed by frequent protests by anti-government groups, it is very difficult for law enforcement agencies to differentiate between a political activist or a terrorist. This poses a grave threat to security and intelligence officers especially when they are forced to swing between their “gut” and “individual actions”, failing repeatedly to identify perpetrator while reassessing the individual’s operational mechanism, choice of targetor activities or propaganda. The epitome of lone wolf is “idiosyncratic”. They are individuals with motivated by “numerous ideologies and factors”: from radical Islamic fundamental or Wahhabi ideology to “extreme-right wing”, while suffering from “suicidal, obsessive compulsive behavioural disorder” which then fuels psychopathy. This “diverse” behaviour induces certain “vision”, which forces them make hateful comments/accusations on the internet, to disruptive activities which later concurs their quest of “violent actions”, which does not give away anything “unusual” characteristics forecasting the individual’s actions to be “violent”, alerting security and intelligence agencies only when the attack has occurred.

Policy makers must note that, it is literally impossible to differentiate between the lone wolves who carry violent attacks and radical fundamentalists who simply advocate their beliefs. In European Union member nations, and in US specifically, the “freedom of speech is absolute” which limits the investigation of intelligence and security agencies to only “active violent actions”. Although all terrorists are “radicals”but not every radical is a terrorist, which makes it a phenomenally difficult task for security agencies to rule out the “lone wolf”who is going to initiate an attack before the concerned agencies apprehend, particularly in the light of digital age and rapidly evolving “technical tools” used in intelligence.Policy makers must note that, the “original” lone wolves could have “seemingly popularity” which could result in the rise of “copiers”and instigate the youths in carrying attacks using “similar techniques”.

It is important to remember that, lone wolf attackers suffer from necessary skills, technical training, and“organizational support”of violent terror factions, their “attacks”,in the form of Charlie Hebdo shooting and the 32-hour hostage crisis in Sydney, can be lethal.

Drafting an effective Counter-terror policy

How should the intelligence and security agencies deal with the“phenomenally” growing threat of lone wolf terror attackswhile facing enormous challenges of identifying and arresting them, without raising suspicions? This question remains “unanswered” especially in an inclusive society which continues to debate on “human rights” and police brutality. Although, the fact remains unchanged: security and intelligence agencies are facing an enormous challenge,especially when it comes to lone wolves carrying out attacks “using all means available”.

However, the aforementioned statements and shortcomings highlight significant factors which could be utilised by policy makers to formulate an effective counter-terror strategy.

To begin with, the approach agency uses to track “radical elements” entering and exiting a country, plays a vital role. Formulating the strategy which focusses more on “how an attack” could take place rather than “the identity of the attacker” creates a big difference. Furthermore, it is imperative for security and intelligence agencies to extensively study on “how does an individual radicalises”, the entire procedure. Such “aggressive” and “out-of-the box” strategy could effectively reinforce the state’scounter-terror policywhich could, if “effectively and efficiently planned”, could put an end to a possible lone wolf attack.

It is imperative for security and intelligence agencies to understand the modus operandi of a lone wolf,while formulating carefully a “detection trap”unavoidable even by the “careful” individuals while reinforced with “every tactical manoeuvre”used in counter-terror planning. Counter-terror training should be extensive throughout law enforcement units, while training in “signal avoidance”, “isolation and individualism” should be provided at all levels, in an effort to apprehend a perpetrator “isolating” himself before an attack. This not only requires real time data inputsbut also requires an “effective and efficient flow of information and its management”. The union between the intelligence analysts and field operation staff makes the difference.

Furthermore, intelligence agencies should bring their attention to the essential “common feature” that might be link one lone wolf with another, separating the individual from “community” while indicating an “irrational behaviour”. At this point, security and intelligence agencies must “coordinate and cooperate” with relevant agencies before “making an arrest”. Also, it is important for security and intelligence agencies to strengthen their grip on community, which can be achieved by hosting confidence building mechanisms within the community, after all the masses are the true “eyes and ears”.

Policy makers must note that, lone wolf operators, although acting alone, at some point of time, receive inspiration from an ideology or violent actors, it is imperative for security and intelligence agencies to disrupt presence of any such materials or “hidden societies”. It the state’s responsibility to condemn any, all such acts, ideologies which promotes violence.

Since, lone wolves act outside the framework of an organization, their acts are ignited by a local incident. State must initiate awareness talks, community development “de-radicalisation” centric program inviting students, teachers, community leaders, parents and all stakeholders, while maintaining an “healthy” atmosphere rather than panic.

The formulation of an effective counter-terror program begins with “communicating” with certain section of communities. Alternatively, this should be carried out without “providing their acts a stage and an audience”. Countering lone wolves is a priority but not at the stake of “publicising” them in a way that incites others to “take the same route”.

In the end, the most effective way to counter lone wolf attacks rests in “understanding their operational mechanism”. In recent violent incidents, all the perpetrators where masculine and used licensed firearms to commit acts of crime.This “selective individuals” who carries licenced arms and significant ammunition needs to be isolated and carefully assessed by security and intelligence agencies. This can be done by “strengthening gun licensing policy along with strict background checks”.

Conclusion

As explained in the aforementioned arguments, security and intelligence agencies face an enormous challenge in countering lone wolf attackswhile any “formidable” counter terror strategy would have limited impact. Similar to all acts of terrorism,there is no way to guarantee absolute elimination of this threat. With this said, the road to counter lone wolf terrorism is “rough and long”. The answers for the question on “factors responsible for radicalisation of lone wolf terror actors” are in its premature stage,needs to be assessed thoroughly. In the light of increasing lone wolf terror attacks, new question repeatedly emerges, particularly highlighting the role of internet along with “narcissistic sadistic” comments made by “right wing” factions against minority communities. With few “radical Islamic” lone wolf actors, the question of “an individual’s sudden change of course to commit acts of terror” makes it difficult for security agencies to respond. Thus, through “extensive cooperation and coordination” between inter and intra domestic and intelligence agencies along with timely sharing of ideas, experience and assessment of lone wolf terror attacks,policy makers will be able to create viable counter-terror response against lone wolf acts of terrorism.

Continue Reading
Comments

Intelligence

Information challenges in security agencies

Sajad Abedi

Published

on

An effort to maintain information security is the responsibility of each individual. This person can be a normal user, technical expert, system administrator, network leader and manager of a system or network in the organization. Paying attention to the importance of information security makes it necessary to ensure the necessary protection of systems and the use of an effective set of security policies is an important step in ensuring this.

In most cases, computers and information will be protected from unauthorized access, and the information can be exchanged securely on the network with others. Information security in electronic organizations, especially municipalities, has been emphasized as one of the basic infrastructures and requirements, because their databases contain confidential information from citizens or customers.

Adopting appropriate security policies and implementing them reduces the risk of sudden loss of information, makes it much more difficult to access the system and provides security tools for detecting attacks and fixing security breaches. To maintain confidential information and to help integrate programs and information stored, a combination of policy making and implementation should be undertaken. This paper covers various components of effective security policies for e-organizations, especially municipal organizations.

In small organizations, the information security requirements can easily be met, and everyone is responsible for their computers and their files.

However, for larger groups such as organizations dealing with business transactions or groups that hold confidential data from citizens or customers (such as municipalities), the need for more formal security policies and procedures becomes more important.

When managers and employees consider the issue of information security, they will always face similar issues. As a result, attention to the role of information as a valuable commodity in today’s trade and the need to protect it is necessary.

Each group needs a certain level of security for its information and clear procedures for implementation by employees, the ability to create and maintain awareness of the needs of customers, and an understanding of how security policies are implemented in an operational environment.

Managers must pay close attention to information security policies in order to achieve their goals. Also, understanding the cost of implementing effective security policies is very important. Technologies Security procedures are a kind of investment and should be evaluated against the cost of likely losses.

Information is like blood in the veins of the organization and without the information of the board of directors (the company’s brain) cannot make key decisions, and the purchasing and financial resources (mouth, heart, etc.) cannot obtain the resources they need to survive the organization’s life.

The role of data and information is crucial in the management of organizations, the more the information system of an organization is more accurate, coherent and systematic, the better the organization can achieve its goals.

Regarding the importance of information, it can be said that the discussion of access to information and, on the other hand, the security and protection of information on the national level have been raised for rulers and managers since ancient times. Access to information can lead to the destruction of the organization. The possibility of data loss due to physical factors and threats to the information of the organization exists. But with the development of information technology and the use of information as a commercial tool and profitable capital, the issue of information security is a new dimension. In today’s trade, information plays the role of capital of a company, and the protection of information in the organization is one of the key pillars of its survival. In this way, categorizing and valuing and protecting information resources is very important and important.

In today’s world, the more we go into machining; the other face-to-face relationships and old solutions cannot answer our problems. In today’s cities, we are faced with increasing levels of traffic and, consequently, increasing urban traffic. Previous paperwork can no longer be an appropriate method for addressing the administrative work of citizens. Of these important organizations, such as the municipalities in the big cities, which are somehow the heart of the city, we must abandon the previous methods and enter the world of information technology and the e-government world.

This is where the Municipal Electronic and Information Technology (IT) have a crucial role in most municipal organizations. After the implementation of the electronic program of municipal services, citizens through their international networks or the Internet can provide their services, such as paying tolls, repairs, fees, and application fees, electronic referrals, and circular letters in various stages Receive in the municipality without a face-to-face visit to the municipality.

Nowadays, IT infrastructure is in an environment that is increasingly being added to the number of enemies and attackers who are not interested in continuous, reliable, and useful computer systems. A world where activities are much faster and more reliable and do not require population density in the physical world. We have to think about ways to reduce urban traffic, the cost of doing work, confrontations, mental ill-health, corruption, etc. that we face every day in municipal organizations, and it is the best solution to create an active and dynamic security framework for each organization.

Implementation and deployment of information security in organizations may be reviewed based on the efficiency, ease of use, and communication with other departments and organizations. Since public procurement is not generally a question of profitability, there is a controlling budget, which limits the ability of the organization to provide the latest hardware and software security. At the same time, municipalities should focus on data protection, as their databases contain sensitive information about individuals; information such as personal and medical records, and taxes.

Unfortunately, even in state-owned organizations of the country, it is difficult to protect information, and it suffers from obsolete systems, inappropriate investments, and employees of the disabled who lack the necessary information security dimension.

However, there are tensions between managerial levels. Without a general plan to create a secure environment for information technology, each episode may develop a solution to the security of information that comes from the missions, goals, and operational intentions of the same section, and may be as good as it is for a particular part. Other parts are not used too much. These different strategies may cause information security in some areas to be over-needed or less than the required level, while the presence of supervision on the part of the high-level management will ensure that security experiences are set in such a way that the organization can functionedits better.

In addition to securing its own intelligence resources, an organization must commit itself to set up a set of policies to safeguard its organization’s information. These policies play an important role in information security, but there is still a contradiction in the fact that the policy framework of the organization should be able to increase the level of security. Methods of dealing with insecurity are identified through crisis identification and insecurity and limitation of insecurity as well as its control tools.

There are sufficient information and adequate systems for the use of information as well as appropriate programs for preventing and, in the event of occurrence, controlling the crisis (proper urban programs) of the main components needed to maintain and develop information security.

Continue Reading

Intelligence

Islamic State after ISIS: Colonies without Metropole or Cyber Activism?

Published

on

With the world constantly following the events in the Middle East, much now depends on the shape, form and ‘policy’ Islamic State is going to take. What form will the IS take? What role will cryptocurrencies play in funding terrorists? How can Russia and the US cooperate in fighting mutual security threats? RIAC expert Tatyana Kanunnikova discusses these issues with Dr. Joseph Fitsanakis, Associate Professor of Political Science in the Intelligence and National Security Studies program at Coastal Carolina University.

Islamic State is perceived as an international threat. In which regions is it losing ground and in which ones is it on the rise? Could you please describe IS geography today?

Groups like the Islamic State are mobile. They tend to move and redeploy across international borders with relative ease, and are truly global in both outlook and reach. It is worth noting that, from a very early stage in its existence, the Islamic State incorporated into its administrative structure the so-called vilayets, namely semi-autonomous overseas provinces or possessions. These included parts of Libya, Afghanistan, Somalia, the Philippines, Nigeria, and of course Egypt’s Sinai Peninsula. By the first week of 2018, the Islamic State had all but eclipsed from its traditional base of the Levant. How has the loss of its administrative centers affected the organization’s strategy?

Dr. Joseph Fitsanakis

There are two competing answers to this question. The first possible answer is that ISIS’ plan is similar to that of the Great Britain in 1940, when the government of Winston Churchill was facing the prospect of invasion by the forces of the German Reich. London’s plan at the time was to use its overseas colonies as bases from which to continue to fight following a possible German takeover of the Britain. It is possible that ISIS’ strategy revolves around a similar plan —in which case we may see concerted flare-ups of insurgent activity in Egypt, Southeast Asia, Afghanistan, Somalia, Kenya, and elsewhere. The second possible answer to the question of ISIS’ strategy is that the group may be entering a period of relative dormancy, during which it will concentrate on cyber activism and online outreach aimed at young and disaffected youth in Western Europe, the Caucasus, and North America. According to this scenario, ISIS will use its formidable online dexterity to establish new communities of Millennial and Generation Z members, and renegotiate its strategy in light of the loss of physical lands in the Levant. This scenario envisages an online geography for the Islamic State, which may eventually lead to the emergence of a new model of activity. The latter will probably resemble al-Qaeda’s decentralized, cell-based model that focuses on sharp, decisive strikes at foreign targets.

Commenting for an article in Asia Times, you said that ISIS returnees are extremely valuables sources of intelligence. How can they be effectively identified in the flow of migrants? How exactly can security services exploit the experience of these militants?

In its essence, the Sunni insurgency is a demassified movement. By this I mean that its leaders have never intended for it to become a mass undertaking. The Islamic State, like al-Qaeda before it, does not depend on large numbers of followers. Rather it depends on individual mobilization. Senior Islamic State leaders like Abu Bakr al-Baghdadi, Mohamed Mahmoud, Tarad Muhammad al-Jarba, and others, have no interest in deploying 10,000 fighters who may be reluctant and weak-willed. They are content with 100 fighters who are unswerving in their commitment and prepared to devote everything to the struggle, including their lives. Consider some of the most formidable strikes of the Sunni insurgency against its enemies: the attacks of 9/11 in the United States, the 7/7 bombings in the United Kingdom, the November 2015 strikes in Paris, and the fall of Mosul in 2014. There have been more large-scale strikes on Russian, Lebanese, Afghan, Egyptian, and other targets. What connects all of those is the relatively small number of totally dedicated fighters that carried them out. The fall of Mosul, for example, which brought the Islamic State to the height of its power, was carried out by no more than 1,500 fighters, who took on two divisions of the Iraqi Army, numbering more than 30,000 troops.

The reliance on a small number of dedicated fighters mirrors the recruitment tactics of the Islamic State (and al-Qaeda before it). The latter rested on individual attention paid to selected young men, who are seen as reliable and steadfast. This is precisely the type of emphasis that should be placed by European, American and Russian security agencies on suspected members of terrorist groups that are captured, or are detected within largest groups of migrants. What is required here is individual attention given by security operatives who have an eye for detail and are knowledgeable of the culture, customs and ways of thinking of predominantly Muslim societies. However, most governments have neither the patience nor expertise to implement a truly demassified exploitation campaign that targets individuals with an eye to de-radicalization and — ultimately — exploitation. The experience of the Syrian migrants in countries like Italy and Greece is illustrative of this phenomenon. The two countries — already overwhelmed by domestic political problems and financial uncertainty — were left primarily to their own means by a disinterested and fragmented European Union. Several members of the EU, including Poland, Hungary, and the United Kingdom have for all practical purposes positioned themselves outside of the EU mainstream. At the same time, the United States, which is the main instigator of the current instability in the Middle East, shows no serious interest in de-radicalization and exploitation programs. This has been a consistent trend in Washington under the administrations of Barack Obama and Donald Trump.

In your opinion, will cryptocurrencies become a significant source of terrorism funding? Some experts believe that pressure on traditional methods of financing may facilitate this process.

In the old days of the 1970s and 1980s, most terrorist groups raised funds primarily through extortion, kidnappings, bank robberies and — to a lesser extent — drugs. Things have changed considerably in our century. Today, cryptocurrencies are not in themselves sources of funding — though it can be argued that the frequent rise in the value of many cryptocurrencies generates income for terrorist organizations — but more a method of circulating currency and providing services that generate funds. With the use of cryptocurrencies and the so-called Darknet, terrorist organizations are now able to engage in creative means of generating cash. They include the sale of pirated music, movies and, most of all, videogames. They also engage in the sale of counterfeit products, including clothing, electronics and other hi-tech accessories. Additionally, they sell counterfeit pharmaceutical products and even counterfeit tickets to high-profile sports events and music concerts. Those who buy those products often pay for them using cryptocurrencies, primarily through the Darknet. Looking at the broad picture, it is clear that the use of cryptocurrencies constitutes a form of asymmetric finance that circumvents established financial structures and operates using irregular means that for now remain largely undetected. Few terrorist groups will resist the temptation to employ this new method of unregulated financial transaction.

How can Russian and US intelligence and security services cooperate in combating terrorism? In December 2017, media reported that CIA had helped its Russian counterpart foil a terror attack in St. Petersburg. What should be done to deepen and broaden such kind of cooperation?

Despite friction on the political level, cooperation between Russian and American intelligence agencies in the field of counter-terrorism is far more routine than is generally presumed. Last December’s report of the CIA sharing intelligence with its Russian counterpart was notable in that it was publicly disclosed. Most instances of intelligence cooperation between Washington and Moscow are not publicized. In February 2016, the then CIA director John Brennan stated publicly that the CIA works closely with the Russian intelligence community in counter-terrorism operations directed against Islamist militants. He described the CIA’s relationship with Russian intelligence officials as a “very factual, informative exchange.” He added that “if the CIA gets information about threats to Russian citizens or diplomats, we will share it with the Russians”. And he added: “they do the same with us”. Brennan gave the example of the 2014 Winter Olympics in Sochi, Russia. He said: “We worked very closely with [Russian intelligence agencies]” during the Sochi games to “try to prevent terrorist attacks. And we did so very successfully”. There is no reason to doubt the sincerity of Brennan’s statement.

Professionals are always more likely to find common areas of interest. So, in what areas, apart from combating terrorism, can Russian and US intelligence services cooperate?

There is a virtually endless list of common concerns that ought to and often do bring together American and Russian intelligence agencies. To begin with, there are two major existential threats to the security of both countries and the whole world that demand close cooperation between Washington and Moscow and their respective intelligence agencies. The first threat is the black market in weapons of mass destruction, notably chemical weapons, biological agents, and even radioactive material. In the past 20 years, there have been several cases of individuals or groups trying to sell or trade radioactive substances. The fear of such weapons possibly falling into the hands of non-state insurgents should be sufficient to entice close cooperation between American and Russian intelligence agencies. The second existential threat is that of global warming and its effects on international security. It is no secret that the rise in global temperatures is already having a measurable negative impact on food production, desertification, sea-level rise, and other factors that contribute to the destabilization of the economies of entire regions. Such trends fuel militancy, political extremism, wars, and mass migrations of populations, all of which are serious threats to the stability of the international system. Solving this global problem will require increased and prolonged cooperation on the political, economic, and security/intelligence level between the United States and Russia. The two countries must also work closely on a series of other topics, including standardizing the global regulation of cryptocurrencies, diffusing tensions between the two rival nuclear powers of India and Pakistan, tackling the tensions in the Korean Peninsula, preventing the destabilization of Egypt (the world’s largest Arab country), combating the growth of Sunni militancy in West Africa, and numerous other issues.

Among other things, you are an expert in the Cold War. At present, Russia and the USA are experiencing a period of tensions in their relationship. In your opinion, what should be done in order to overcome these challenges and mend fences?

For those of us who remember the Cold War, and have studied the development of Russia–US relations in the postwar era, the current state of affairs between Washington and Moscow seems comparatively manageable. Despite tensions between Washington and Moscow, we are, thankfully, very far from an emergency of the type of the Berlin Crisis of 1961, the Cuban Missile Crisis, or even the 1984 collision between the US plane carrier Kitty Hawk and the K-314 Soviet submarine in the Sea of Japan. How do we avoid such dangerous escalations? The answer is simple: regularize communications between the two countries on various levels, including executive, political, economic and security-related. Such communications should continue even or, arguably, especially at times of rising tensions between the two nations. The overall context of this approach rests on the indisputable truth that Russia and the United States are the two central pillars on which the idea of world peace can be built for future generations.

First published in our partner RIAC

*Dr. Joseph Fitsanakis is Associate Professor of Political Science in the Intelligence and National Security Studies program at Coastal Carolina University. Prior to joining Coastal, he built the Security and Intelligence Studies program at King University, where he also directed the King Institute for Security and Intelligence Studies. An award-winning professor, Dr. Fitsanakis has lectured, taught and written extensively on subjects such as international security, intelligence, cyberespionage, and transnational crime. He is a syndicated columnist and frequent contributor to news media such as BBC television and radio, ABC Radio, Newsweek, and Sputnik, and his work has been referenced in outlets including The Washington Post, Foreign Policy, Politico, and The Huffington Post. Fitsanakis is also deputy director of the European Intelligence Academy and senior editor at intelNews.org, a scholarly blog that is cataloged through the United States Library of Congress, and a syndicated columnist.

Continue Reading

Intelligence

How security decisions go wrong?

Sajad Abedi

Published

on

Photo by Ryan Young on Unsplash

Information warfare is primarily a construct of a ‘war mindset’. However, the development of information operations from it has meant that the concepts have been transferred from military to civilian affairs. The contemporary involvement between the media, the military, and the media in the contemporary world of the ‘War on Terrorism’ has meant the distinction between war and peace is difficult to make. However, below the application of deception in the military context is described but it must be added that the dividing line is blurred.

The correct control of security often depends on decisions under uncertainty. Using quantified information about risk, one may hope to achieve more precise control by making better decisions.

Security is both a normative and descriptive problem. We would like to normatively how to make correct decisions about security, but also descriptively understand follow where security decisions may go wrong. According to Schneider, security risk is both a subjective feeling and an objective reality, and sometimes those two views are different so that we fail acting correctly. Assuming that people act on perceived rather than actual risks, we will sometimes do things we should avoid, and sometimes fail to act like we should. In security, people may both feel secure when they are not, and feel insecure when they are actually secure. With the recent attempts in security that aim to quantifying security properties, also known as security metrics, I am interested in how to achieve correct metrics that can help a decision-maker control security. But would successful quantification be the end of the story?

The aim of this note is to explore the potential difference between correct and actual security decisions when people are supposed to decide and act based on quantified information about risky options. If there is a gap between correct and actual decisions, how can we begin to model and characterize it? How large is it, and where can someone maybe exploit it? What can be done to fix and close it? As a specific example, this note considers the impact of using risk as security metric for decision-making in security. The motivation to use risk is two-fold. First, risk is a well-established concept that has been applied in numerous ways to understand information security and often assumed as a good metric. Second, I believe that it is currently the only well-developed reasonable candidate that aims to involve two necessary aspects when it comes to the control of operational security: asset value and threat uncertainty. Good information security is often seen as risk management, which will depend on methods to assess those risks correctly. However, this work examines potential threats and shortcomings concerning the usability of correctly quantified risk for security decisions.

I consider a system that a decision-maker needs to protect in an environment with uncertain threats. Furthermore, I also assume that the decision-maker wants to maximize some kind of security utility (the utility of security controls available) when making decisions regarding to different security controls. These different parts of the model vary greatly between different scenarios and little can be done to model detailed security decisions in general. Still, we think that this is an appropriate framework to understand the need of security metrics. One way, maybe often the standard way, to view security as a decision problem is that threats arise in the system and environment, and that the decision-maker needs to take care of those threats with available information, using some appropriate cost-benefit tradeoff. However, this common view overlooks threats with faults that are made by the decision-maker. I believe that many security failures should be seen in the light of limits (or potential faults) of the decision-maker when she, with best intentions, attempts to achieve security goals (maximizing security utility) by deciding between different security options.

I loosely think of correct decisions as maximization of utility, in a way to be specified later.

Information security is increasingly seen as not only fulfillment of Confidentiality, Integrity and Availability, but as protecting against a number of threats having by doing correct economic tradeoffs. A growing research into the economics of information security during the last decade aims to understand security problems in terms of economic factors and incentives among agents making decisions about security, typically assumed to aim at maximizing their utility. Such analysis is made by treating economic factors as equally important in explaining security problems as properties inherent in the systems that are to be protected. It is thus natural to view the control of security as a sequence of decisions that have to be made as new information appears about an uncertain threat environment. Seen in the light of this and that obtaining security information usually in it is cost, I think that any usage of security metrics must be related to allowing more rational decisions with respect to security. It is in this way I consider security metrics and decisions in the following.

The basic way to understand any decision-making situation is to consider which kind of information the decision-maker will have available to form the basis of judgments. For people, both the available information, but also potentially the way in which it is framed (presented), may affect how well decisions will be made to ensure goals. One of the common requirements on security metrics is that they should be able to guide decisions and actions to reach security goals. However, it is an open question how to make a security metric usable and ensuring such usage will be correct (with respect to achieving goals) comes with challenges. The idea to use quantified risk as a metric for decisions can be split up into two steps. First do objective risk analysis using both assessment of system vulnerabilities and available threats in order to measure security risk. Second, present these results in a usable way so that the decision-maker can make correct and rational decisions.

While both of these steps present considerable challenges to using good security metrics, I consider why decisions using quantified security risk as a metric may go wrong in the second step. Lacking information about security properties of a system clearly limits the security decisions, but I fear that introducing metrics do not necessarily improve them;this may be due to 1) that information is incorrect or imprecise, or 2) that usage will be incorrect. This work takes the second view and we argue that even with perfect risk assessment, it may not be obvious that security decisions will always improve. I am thus seeking properties in risky decision problems that actually predict the overall goal – maximizing utility – to be, or not to be, fulfilled. More specifically, we need to find properties in quantifications that may put decision-making at risk of going wrong.

The way to understand where security decisions go wrong is by using how people are predicted to act on perceived rather than actual risk. I thus need to use both normative and descriptive models of decision-making under risk. For normative decisions, I use the well-established economic principle of maximizing expected utility. But for the descriptive part, I note that decision faults on risky decisions not only happen in various situations, but have remarkably been shown to happen systematically describe by models from behavioral economics.

I have considered when quantified risk is being used by people making security decisions. An exploration of the parameter space in two simple problems showed that results from behavioral economics may have impact on the usability of quantitative risk methods. The results visualized do not lend themselves to easy and intuitive explanations, but I view my results as a first systematic step towards understanding security problems with quantitative information.

There have been many proposals to quantify risk for information security, mostly in order to allow better security decisions. But a blind belief in quantification itself seems unwise, even if it is made correctly. Behavioral economics shows systematic deviations of weighting when people act on explicit risk. This is likely to threaten security and its goals as security is increasingly seen as the management of economical trade-offs. I think that these findings can be used partially to predict or understand wrong security decisions depending on risk information. Furthermore, this motivates the study how strategic agents may manipulate, or attack, the perception of a risky decision.

Even though any descriptive model of human decision-making is approximate at best, I still believe this work gives a well-articulated argument regarding threats with using explicit risk as security metric. My approach may also be understood in terms of standard system specification and threat models: economic rationality in this case is the specification, and the threat depends on bias for risk information. I also studied a way of correcting the problem with reframing for two simple security decision scenarios, but only got partial predictive support for fixing problems this way. Furthermore, I have not found such numerical examinations in behavioral economics to date.

Further work on this topic needs to empirically confirm or reject these predictions and study to which degree they occur (even though previous work clearly makes the hypothesis clearly plausible at least to some degree) in a security context. Furthermore, I think that similar issues may also arise with several forms of quantified information for security decisions.

These questions may also be extended to consider several self-interested parties. in game-theoretical situations. Another topic is using different utility functions, and where it may be normative to be economically risk-aversive rather than risk-neutral. With respect to the problems outlined, rational decision-making is a natural way to understand and motivate the control of security and requirements on security metrics. But when selecting the format of information, a problem is also partially about usability. Usability faults often turn into security problems, which is also likely for quantified risk. In the end the challenge is to provide users with usable security information, and even more broadly investigate what kind of support is required for decisions. This is clearly a topic for further research since introducing quantified risk is not without problems. Using knowledge from economics and psychology seems necessary to understand the correct control of security.

Continue Reading

Latest

Newsletter

Trending

Copyright © 2018 Modern Diplomacy