TINKERING NETWORKS AND DIY ROCKETS

The history of the dominant technologies of 21st Century warfare won't spend much time on the complex and expensive systems developed by US defense contractors. Instead, the focus will be on the innovations that are derived from open tinkering networks of amateur inventors. The reasons for this include:

• Higher levels novelty production. Diverse and open networks of amateur hackers, tinkerers, and inventors can pursue more paths of discovery and development simultaneously than large, expensive, and linear development efforts. The importance of this will increase as Moore's Law, which measures the level of computing power available to the average user, increasingly shifts to the vertical (remember, this is an exponential curve). See open decision making for more.

• More platform leverage. Open development has access to all the global platform has to offer from services to systems to knowledge. In short, the more open and globally networked you are, the better you can take advantage of this leverage.

• Faster adoption. The delta between development and widespread adoption of innovations that work will increasingly shrink due to widespread sharing. This is in contrast to the closed and tightly controlled process of deployment seen in traditional defense systems acquisition.

DIY ROCKETS

We can see an early example of this trend in weapons development with the IED (improvised explosive device) which has migrated from a tactical device to an operational (operational art is between tactics and strategy) weapon. Another weapon that may follow a similar path of development is the DIY (do it yourself) rocket. Although it is early days, the writing is on the wall. DIY rockets are inexpensive ($500 to $2000 currently). Easy to store and quick to launch (they require less set-up time than IEDs). In terms of effects, they convey the message (despite the current inaccuracy) that no place is safe for civilian supporters of a war effort. It can also be used to destroy economic activity in affected areas. For example, the Israeli town of Sderot, which has suffered an increasing number of DIY Rocket attacks over the last seven years:

About 4000 of the town's 23,500 people have moved out in the past two years, according to municipal figures. Many more say they would leave if they could... Home prices have fallen by 50 per cent... 20-30 per cent of businesses in Sderot and surrounding areas have shut down... Overall sales at the stores that remain open have dropped by nearly 50 per cent...

Given this example, it's clear that DIY Rockets can make wars with global guerrillas disastrous under the requirement (set by the highly competitive global marketplace) that these wars should be fought during peacetime. Further, if they combined with a defensive hedgehog, it forces conventional forces to make relatively ineffectual and harried strikes on fleeting targets, which creates the collateral damage so useful to an insurgency.

We can expect these DIY efforts to get steadily better as new amateur tech (tinkering networks) adds increasing levels of sophistication (from range to accuracy). Here's a great example of low cost design software from RocketSim. Basic avionics. Here's a nice system that adds telemetry and inertial/GPS measurement. As a capper, here's potentially a platform play in open source avionics for rockets. The last step, a control system connected to servo based vanes is all that is needed to enable it to hit specific buildings. That's hard, but well within the capabilities we see emerging in the tinkering space.

NOTE: Of course, I should point out (and was encouraged to do so by quite a few people), that a much simpler solution in the short term is to use small drones to do the same thing (essentially, a V1 solution). Further, this area is much farther along the development path, as you can see on Chris Anderson's DIYDrones site.

JOURNAL: Vulnerability to Systempunkts

When the entire country of Georgia was cut off from natural gas supply for weeks through the destruction of two collocated pipelines (a couple of hours of work), the assumption of many in the West is that our more complex system would prevent that level of vulnerability. This is a bad assumption. While it is true that Western countries do maintain more of a reserve capacity (up to 45 days in LNG storage depots, although this depletes over the winter) than Georgia (1 day), the vulnerability of centralized routing still exists. Most US natural gas is transported via pipeline from the New Orleans area or Canada. The vulnerability of this "long supply line" can be seen in this example of open source research put together by John Young of Cryptome: Washington DC area natural gas system. Europe has similar vulnerabilities.

THE GUERRILLA BAZAAR: Lessons from Phishing Networks

Christopher Abad, a research scientist at Cloudmark (a spam filtering company) has done some amazing analysis on the phishing marketplace. Phishing is a method of identity theft that uses fake e-mails and bogus websites to entice unwary consumers to disclose financial information (account details, credit card numbers, personal data). This data is captured and used in financial fraud. It is a big business. To deconstruct a phishing network Christopher used an automated data collection system that monitored chat rooms and activity on compromised servers. He found that the network consisted of loosely affiliated groups with lots of horizontal specialization rather than vertically integrated gangs. He proposed the following structure for the phishing micro-economy (see diagram for more detail):

• Automated unregulated chat rooms. This network, often controlled by bots (code that automates activities and allows remote management), provides the basis for marketplace. It provides an efficient and secure method for discovering information and conducting transactions.
• Specialists: Mass e-mailers. Those individuals that specialize in sending large volumes of e-mail (sometimes through worm enabled bot networks). These e-mails initiate contact with the consumer. Template providers. Design specialists in creating the look and feel of financial institution e-mails and websites. Server managers. Individuals that can compromise Web servers and operate them remotely without detection. These servers collect information from consumers.
• Cashers. Buyers of financial information that can use it to generate bogus ATM cards and other financial frauds.

Global Guerrilla Economics
The 21st Century criminal economies like the phishing economy seen above demonstrate the same degree of decentralized self-organization we see in the market for IED (improvised explosive devices) manufacture/deployment in Iraq. Both markets aren't controlled by any single gang, or even a collection of gangs. Instead, they consist a large network of individuals (and or small groups) that trade, sell, share, and collaborate to make money and generate desired effects. Additionally, both networks exhibit strikingly high levels of:

• Efficiency. The costs for component services are low and very competitive. Financial information can cost as little as $0.50 a record. Emplacement of an IED can cost $50.
• Innovation. New methods of attack and new target sets are constantly being discovered. Both groups rapidly leverage open Internet information to refine their target set. For example: In the case of phishing, the security community's chatter provides insight into corporate vulnerabilities and exploits. Iraqi guerrillas use Google maps to plot ambushes and IED emplacement.
• Resiliency. Able to resist discovery and network-wide collapse. One major factor in their resilience is their ability to transcend national boundaries and leverage a lack of local organic control (street level enforcement).

What This Means
The arrival of these "black" networks have the following ramifications:

• Network wars. These networks are not a single entitiy. They can go to war. For example: Russian bot farmers recently attacked (denial of service) Chechen web sites in retaliation for terrorist activity against Russian targets.
• Generic networks. Skill sets from one network type can transfer to the other. The same technologies and techniques used for phishing and other criminal networks can be used to improve the efficiency of terrorist networks and provide a means of self funding. Generic networks that combine criminal enterprise and terrorist/guerrilla activity are growing. We see this in Iraq today with the fluid market for hostages.
• Rapid Growth. As global connectivity increases, the Gap increases faster than the Core (or non-state vs. state). A growth of a global community of virtual TAZs (temporary autonomous zones) will use technology to rapidly expand gaps generated transnational barriers to coordination and areas of local chaos. The lowest common denominator applies and these autonomous areas can be rapidly exported globally, including to those areas currently under state control.

MORAL INFLECTION POINTS

The attack on the Palestine hotel in Iraq was more than just an example of how fear management can improve the effects of a terrorist bombing. It was also a very important example of how the open-source insurgency has surmounted the limitations of decentralized management to mount large attacks.

THE IED MARKETPLACE IN IRAQ

This is a horrible story to start the day with: Fourteen marines were killed early today when their troop carrier struck a gigantic roadside bomb in the western town of Haditha, marking one of the single deadliest attacks on American troops since the invasion here in March 2003.

To get a sense of the decentralized, commercial process of the Iraq's open source bazaar, let's take a look at the IED industry in Iraq. Here's a ground breaking article from the current Defense News based on American intelligence:

THE DISRUPTION OF LONDON

Al Qaeda ("The Secret Organization of Al Qaeda in Europe" -- via their Web site that has been shut down) has purportedly claimed an attack on London's transportation system. 4 coordinated attacks -- 3 on the Underground subway's Circle line and 1 on a double decker bus -- has incapacitated the metropolis during the morning rush hour. The selection of the Circle line was likely due to its centrality to the Underground network (a postmortem network analysis will demonstrate the validity of this).

MASSIVELY PARALLEL OPERATIONS

The US Air Force used stealth technology and precision guided munitions to paralyze the Iraqi state during the first Gulf war and for the first part of the second. The planning technique they used was called effects based operations (EBO) -- a method of warfare where the effects caused by the attack are more important than the level of destruction of the target.

EFFECTS BASED OPERATIONS

"Those skilled in war subdue the enemy's army without battle. They capture his cities without assaulting them and over-throw the state without protracted operations." Sun Tzu

The success of the allies during the first Gulf War was due to a new approach to the employment of airpower called Effects Based Operations (EBO). It was formulated to take advantage of the following:

• Precision guided munitions (PGM). Bombs that can hit targets with an extremely high degree of accuracy. This minimized the number of aircraft and sorties needed to eliminate a target. It also allowed for minimal damage to the target site to accomplish set goals.

• Stealth. A set of technologies that prevent the detection of aircraft. These technologies eliminated the need for force protection packages and extensive pre-attack preparation. Stealth was synergistic with precision guided munitions.

• A modern target. Iraq, unlike most of the enemies we had fought since WW2, was a semi-modern nation-state. It had extensive networks that were vulnerable to disruption.

The emergence of EBO

It was apparent to airpower enthusiasts that this combination of factors allowed airpower to become a decisive instrument of conventional warfare -- it moved it beyond ground support and carpet bombing (of dubious value). Due to the influence of Boyd and emerging systems theory, they developed a method that went beyond the simple destruction of enemy forces to the systems approach that emphasized the effects these attacks would create (for a nice overview of EBO, read Brig Gen David Deptula's paper, "Effects-Based Operations"). These effects included:

• Ubiquitous system disruption. Stealth and precision enabled parallel attacks against all systems virtually simultaneously. Systems leverage, available due to Iraq's modern urbanized infrastructure, created the opportunity for cascades of failure -- small attacks had system-wide impact. This also completely eliminated the need for the complete reduction of a target set. If the attack took the system down, only those minimal attacks necessary to maintain the condition were necessary.

• Rapid psychological isolation. This worked in two ways. First to isolate the leadership elements of Saddam's government/military to force them into moral collapse. Secondly, to minimize the isolation of the US/allied governments due to the conflict -- speed was essential.

• Minimal collateral damage. Essential to reduce moral outrage (willingness to fight) and manage global public opinion.

The Global Guerrilla Solution

Unfortunately, warfare is a conflict of minds. The opposition learned from the experience of the first Gulf War. This amazing demonstration (who doesn't remember were they were the first night of the attack on Baghdad?) taught the value of systems disruption to both the Iraqi leadership (at ground zero) as well as the entire universe of potential foes. It certainly informed Iraq's strategy for the second Gulf War. Iraq purposely created forces to replicate the USAF's Effects Based Operations with small cells of guerrillas. This has in turn been taught (through a percolation of innovation in Iraq's Bazaar of violence) to other autonomous guerrilla groups. Here's how guerrillas conduct EBO:

• Precision and stealth. Small groups of guerrillas are nearly impossible to detect and neutralize, particularly when they bypass military formations and hard targets to attack systems. Small, precisely aimed/timed attacks by these guerrillas against target systems can drive them into cascades of failure (for example: Iraq's northern oil fields have been nearly inoperative since the end of the conventional war, The attackers have suffered few casualties.).

• Continuous state failure. Iraq's basic services are in a continual state of failure. The state's leadership is in deep isolation due to its inability to deliver political goods to the population.

• An emergence of Primary Loyalties. A primary goal of Iraq's guerrillas is to fragment the country's loyalties -- ethnic, religious, tribal, etc. A hollow, non-functional state that is increasingly reliant on loyalist paramilitaries (Badr Brigades and Peshmerga) is precisely the desired outcome.

NOTE: I've applied the EBO method to a war with Iran (see the brief: Collapsing Iran).

ENERGY: THE FAILURE OF DEFENSE AND RAPID REPAIR

The defense of energy infrastructure against well orchestrated systems sabotage will continue to be ineffective.  Even if plans for sensor grids, UAV (unmanned aerial vehicles) patrols, and dedicated guards are fully realized, it will likely prove insufficient to stop ongoing sabotage.  These defensive systems are extremely vulnerable to feints (false attacks) and counter-measures. Additionally, the very essence of systems sabotage works against effective defense:

• Maneuver.  Small attacks that are both simple and fast.  Prior warning is non-existent.  Existing public transportation infrastructure enable rapid movement to target locations.  See Swarming.
• Indirection.  Systems saboteurs will almost always select targets (in many cases there are tens of thousands of miles of vulnerable infrastructure) that are undefended.
• Leverage.  The network will extend the impact of attacks over great distances.  Cascades of failure can rapidly disable primary infrastructures miles from the site of the attack.  Prior network analysis can reveal the locations that will provide the maximum impact.

Rapid Repair

The only method demonstrated to work reliably over the last several years is rapid repair.  This capability can contain the economic damage and societal dislocation caused by induced infrastructure failures to 20-30% of its potential.  Unfortunately, global guerrillas are finding ways to trump this capability:

• Tactics of Delay.  Time of failure is key to maximizing damage for saboteurs.  A day of delay can mean hundreds of millions in additional damage.  Typical tactics that accomplish delays include anti-vehicle and anti-personnel mines (or remotely triggered IEDs) as well as assaults on the perimeter of an active repair site.  Both of these methods typically result in extensive security delays.
• Team attrition.  Ongoing assaults on repair teams prior to an attack have been successful.   The elimination of key personnel can radically slow repairs and impair team effectiveness.  Team members are particularly vulnerable while in transit to and from work and at home.  Assaults of this type have become commonplace in Iraq.  Additionally, teams on deployment for ongoing maintenance efforts are often extremely vulnerable to attack. 
• Supply interdiction.  Rapid repairs require specialized equipment (as the capability improves, the equipment used will likely become even more specialized).  This equipment is usually stored in centralized storage depots that are vulnerable to assault.  Assaults on this equipment have proven to be effective.

What This Means

The result of these innovations means that the quantity of damage that system saboteurs can accomplish will remain at unacceptable levels.  At the strategic level, this will dictate that:

• Iraqi oil exports will remain below prewar levels.
• Saudi energy systems, with its emphasis on defensive and repair capabilities, will continue to be vulnerable to system saboteurs.
• A shortage of supply will cause oil prices to climb to new heights in response to each future disruption effort.

THE SYSTEMPUNKT

In Blitzkrieg warfare, the point of greatest emphasis is called a schwerpunkt.  It is the point, often identified by lower level commanders, where the enemy line may be pierced by an explosive combination of multiple weapon systems.  Once the line is pierced, armored forces dive deep into enemy territory to disrupt command, control, and logistics systems.  Once these systems are disrupted, the top-heavy military units they support collapse in confusion. 

In global guerrilla warfare (a combination of open source innovation, bazaar transactions, and low tech weapons), the point of greatest emphasis is called a systempunkt.  It is the point point in a system (either an infrastructure or a market), always identified by autonomous groups within the bazaar, where a swarm of small insults will cause a cascade of collapse in the targeted system.  Within infrastructure, this collapse takes the form of disrupted flows that result in immediate financial loss or ongoing supply shortages.  Within a market, an attack on the systempunkt destabilizes the psychology of the market to induce severe inefficiencies and uncertainties.  The ultimate objective of this activity, in aggregate, is the collapse of the target state and globalization.