Since the turn of the century, open source warfare (OSW) has become the norm in conflicts from Iraq to Thailand to Nigeria to Pakistan to Russia and to Mexico. Traditional guerrilla and organized crime hierarchies and their associated patterns of activity have melted away in favor of loose collaborative communities that exhibit levels of resilience, efficiency, flexibility, and innovativeness far higher than our traditional foes. This transition has been due to rapid growth in connectivity (globalization and the Internet), organizational adaptation to external threats (primarily decapitation attacks), and a change in approach (an evolution in warfare described at length on this weblog). Additionally, these organizations are increasing mounting attacks on and through our networks (infrastructure, economic, and social). We're past the tipping point.
As a result of this shift, we need to think about security in terms of network dynamics. One of the few papers on this topic comes from Shishir Nagaraja and Ross Anderson (University of Cambridge) entitled "The Topology of Covert Conflict." In this paper, the authors apply game theory and various offensive (decapitation of highly connected or central nodes) and defensive (rapid replenishment, cliques, and delegation) strategies to determine potential outcomes. They found that decentralization (specifically cliques and delegation, see paper for descriptions of what these terms mean) provides a good means of defense against all types of decapitation attacks (against critical leadership targets or important infrastructure nodes).
This is exactly what we have seen. Real-world guerrillas have decentralized through open source techniques. However, our experience shows us that these networks have some additional defensive characteristics that make them even more resilient than suggested by Anderson and Nagaraja. I would add the following defensive dynamics to real world guerrilla networks:- Micro-markets as a means of automating the discovery process and implementation of delegation. These markets make delegation fast and efficient. See "The IED Marketplace in Iraq" for more.
- Broadcast stigmergy (if you don't know what this word means, read this). Methods of mass communication such as media coverage, viral videos/audio from symbolic leaders, and terrorist discussion forums supply a means for rapidly spreading ideas through the entire network. The broadcast links are only loosely coupled to individual nodes and therefore extremely robust. Further, the decentralized autonomy of open source warfare makes these broadcasts into a form of stigmergic communication (which may lead to emergent intelligence). This mechanism allows disconnected groups to reconnect to the open source warfare playbook.
- Rapid healing through lateral lines of interconnection. Connections between autonomous groups in an open source framework are rapidly manufactured through multiple social networks (mosque, tribe, extended family, gang, and economic) and modern infrastructure (communications, roads, etc.) that speed up interconnection. Therefore, an open source network can heal much faster than a traditional covert networks. This implied rate of healing is much faster than any mechanism (that I know of) that can identify and decapitate critical nodes (both by degree and centrality).