Seeing the Invisible: National Security Intelligence in an Uncertain Age 9789812704825, 9812704825

Table of contents :
Contents......Page 14
foreword......Page 8
Preface......Page 10
1.1 Introduction......Page 18
1.2 The Outline of the Book......Page 20
2. Understanding National Security......Page 24
2.1 The Changing Role of the State......Page 25
2.2 The State and Globalization......Page 27
2.3 Other Globalization Actors......Page 29
2.4 Global and Local Identities......Page 30
2.5 The Cornplex Security Environment......Page 31
2.6 The Asymmetric Threats.......Page 32
2.7 Transnational Organized Crime as a National security threat......Page 35
2.8 Current State Responses.......Page 37
2.9 The Future Role of National security......Page 39
3. The Complex and Uncertain International security environment......Page 40
3.1 Threats, Risks and Vulnerability......Page 41
3.2 Types of Threat Actors........Page 47
3.3 The Fragility of the Developed States......Page 51
3.4 Converging Technology Trends and the Threat Environment......Page 53
3.5 Complexity and Uncertainty in the International System......Page 58
3.6 Predicting the Future......Page 59
4. Strategic Intelligence Assessment and surprise attaks......Page 62
4.1 Underlying Themes......Page 63
4.2 Definitions......Page 64
4.3 Data, Information, Knowledge and Assessment......Page 67
4.4 The Intelligence Cycle: Direction, Collection. Analysis. and Dissemination......Page 69
4.5 Strategic Surprise and Predictability......Page 70
4.6 The Need for Strategic Intelligence Theory......Page 75
5. Ancient and Assessment: Common Problems......Page 80
5.1 The Ancients and Strategic Surprise......Page 81
5.2 Knowledge and Assessment Failures in Ancient Times......Page 85
5.4 Categories......Page 86
5.5 The State of Strategic Intelligence Assessment......Page 102
6. Reinforcing intelligence Failures......Page 106
6.1 The Academic Response......Page 108
6.2 Strategic Assessment and Terrorism......Page 110
6.3 Reinforcing Failure......Page 113
7. Technology and intelligence......Page 114
7.2 A Lack of Balance in Resources......Page 115
7.3 7he Militsrization of Intelligence......Page 120
7.4 Secrecy Undermines the Analyticai Process......Page 121
7.5 A Lack of Training and Upgrading......Page 122
7.6 Outlook and Conclusions......Page 124
8. structure and organization: The Weakness of centralized intelligence......Page 128
9. Faint Signals......Page 134
9.1 The Case of the Flying Telephone Pole......Page 135
9.2 'The Case of the Missed Declaration of War......Page 139
9.3 The Case of the Missed Diplomatic Signals......Page 142
9.4 Conclusions......Page 144
10.1 The Case of Animal Disease and Panderrtics......Page 148
10.2 The Case of Technology Trends and Home Made Weaports......Page 151
10.3 The Case of Bangladesh......Page 154
10.4 The Case of the United States and Information Sharing......Page 157
10.5 The Case of Nano Technologies......Page 159
11. National security lntelligence and the Front Line Requirements......Page 164
12. Open Source intelligence......Page 174
12.1 OSINT and National Security.......Page 175
12.2 What Constitutes Open Source Intelligence?......Page 178
12.3 Secrecy is the Enemy of Knowledge.......Page 179
12.4 'The Private Sector has More Information and Expertise......Page 182
12.5 Contingencies and Surprises.......Page 183
12.7 Limitations of Classified lntelligence......Page 185
12.8 OSlNT and Reliability......Page 187
12.9 High Resolution Space-Based Open Source Imagery.......Page 190
12.10 Global Tracking of Issues......Page 192
12.11 Outlook and Conclusions......Page 194
13. Anticipating Future Threats: The Problem Areas......Page 196
13.1 Predicting the Future......Page 197
13.2 The Changing Role of the State and National Security......Page 199
13.3 The Complex and Uncertain Environment......Page 200
13.4 Technology and Future lntelligerice......Page 201
13.6 Artificial Intelligence?......Page 202
14. Anticipating Future Threats: The Areas of Strength......Page 206
14.1 Resiliency and Efficiency......Page 207
14.3 Asymmetric Threats and Knowledge......Page 209
14.4 Knowledge Workers and Small Groups......Page 211
14.5 Order and Choice......Page 212
14.6 Outlook and Conclusions......Page 214
15. The singpore Risk Assessment and Horizon scanning Process......Page 216
15.1 Risk Assessment and Horizon Scanning......Page 218
15.2 Interview with Ambassador Lam Chuan Leong......Page 219
15.3 Interview with Civil Service Head Mr. Peter Ho.......Page 224
15.4 Interview with Mr. Dave Snowden of Cognitive Edge......Page 229
16. Rethinking National Security lntelligence......Page 244
16.2 The Changing Role of the State......Page 245
16.4 The Future Cannot be Predicted, but it Can be Anticipated......Page 246
16.5 Faint Signal Detection......Page 247
16.8 Hurnans are not Rational Decision Makers......Page 248
16.9 Government is not a Business......Page 249
16.12 Short Term Future — A Bit Bleak in Some States......Page 250
16.13 Methodology is not Critical......Page 251
16.15 'The Future Could be bright......Page 252
16.16 'The Future of Intelligence?......Page 253
Appendix A: National security and Education: Thing Across the Boundaries of Time and specialization......Page 254
Bibliography......Page 256
index......Page 260

Citation preview

Spting thp Invisibk National Security Intelligence in an Uncertain Age

This page intentionally left blank

Seeing the Invisible National security intelligence in an Uncertain Age

Thomas Quiggin Centre of Excellence for National Security

S. Rajaratnarn School of international Studies Nanyang Technological University, Singapore

a world scientific

s. RAJARATHAN SCHOOL OF INTERNATIONAL STUDIES A Graduate school of Nanyang Technological University

Published by World Scientific Publishing Co. Pte. Ltd. 5 Toh Tuck Link, Singapore 596224 USA ofice: 27 Warren Street, Suite 401402, Hackensack, NJ 07601 UK ofice: 57 Shelton Street, Covent Garden, London WC2H 9HE

Library of Congress Cataloging-in-Publication Data Quiggin, Thomas. Seeing the Invisible : national security intelligence in an uncertain age i by Thomas Quiggin. p. cm. Inlcudes bibliographical references and index. ISBN-13 978-981-270-482-5 (pbk.) -- ISBN-10 981-270-482-5 (pbk.) 1. National security. 2. Security, International. 3. Intelligence service. UA10.5 .Q55 2007 335'.033--dc22 2006053268

British Library Cataloguing-in-Publication Data A catalogue record for this book is available from the British Library.

Copyright 0 2007 by World Scientific Publishing Co. Pte. Ltd. All rights reserved. This book, orparts therenJ may not be reproduced in any form or by any means, electronic or mechanical, including photocopying, recording or any information storage and retrieval system now known or to be invented, without written permission frnm the Publisher.

For photocopying of material in this volume, please pay a copying fee through the Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, USA. In this case permission to photocopy is not required from the publisher.

Inhouse editor: Juliet Lee Ley Chin

Typeset by LAB Creations.

Printed by Mainland Press Pte Ltd

Dedicated to Christopher James Blackburn

with hope f o r a better tomorrow

This page intentionally left blank

Foreword

The role of national security intelligence is increasingly'difficult as developed states are under new security pressures in a complex and u n c ~ ~ t a i n international environment. Protecting sovereignty, growing the economy, and enhancing internal social harmony are just a few of the major policy concerns. A web of interdependency and competition among states and non-state actors exists.These issues, combined with the fragi~ityof developed infrastr~ctures,pose challenges to state security. The new challenges to national security come from forces which are asymrnetric in nature. Terrorism and organized crime are increasingly t~ansnatio~i~l, while other threats such as resource shocks, supply chain fragility and disease can put the security of state in peril. Knowledge is the only weapon that can allow a state to prevail in the face of asymmetric threats. Power, in and of itselr', is not the answer. Currently, leaders and decision makers in many states are struggling to find answers to the challenges which now face them. Natlonai security problems are now a "whole-of~governm~nt" problem, so there needs to be a "who~e-of.-gove~nment" response. The answers will not come from just a few select intelligence and law enforcement agencies. Providing intelligence for the responses to concurrent symmetric and asymmetric threats is increasingly the responsibility of all government bodies. ln~elligencesystems must adapt so that they can provide a n t i ~ i ~ a ~ # ~ y warning to government on the types of problems t h a t are coming from

viii

RISK ASSESMENT AND HORIZON SCANNING

"over the horizon," While it has become fashionable to attack intelligence agencies for failures which may not have been of their own making, this book by Tom Quiggin, Senior Fellow at the Centre of Exceller-tcefor National Security (CENS), based in the S. Rajaratnam School of International Studies (RSIS), takes the "road less traveled," so to speak. Torn suggests bu~ldingon older and known strengths while exploiting new opportunities. One such new opportunity, made possible by the combination of recent advances in methods, concepts and technology, is the ~ela~ively new but important Risk Assessment and Horizon Scanning (RAHS) process in Singapore AsTom will show, the RAHS process may well be a global first as it directly confronts the classic intelligence problems of bureaucratic stove piping and rigid mindsets. It is hoped that this volume will help promote fresh thinking on the strategies for enhancing national security intelligence processes to better cope with the uncertainties of the ~nternationalenvironment, and as a case study, showcase how the city-state of Singapore has tried to broaden the definition of national security and provide the intelligence support necessary to make this happen.

Kumar Ramakrishna Acting Head Centre of Excellence for National Security S. Rajaratnam school of international studies Nanyang Technological University

Preface

This book is intended to explain the intelligence responses required for the emerging asymmetric threats to national security. This subject is critical now that the state is forced to operate in a complex and uncertain i n t e ~ n a t ~ o n ~ ~ e r i v i ~ o n r ~ eEconomic, ~~t. social, health, and environmental issues today are as important to national security as border issues and stability have been in the past. This book is also intended to be a policy relevant study, rather than an academic one. It is aimed a t leaders, decision makers and the “worker bees” who occupy the worlds of security, economics, intelligence and policy. In other words, it aims to support the people who actually have to get things done.The book will also be useful reading for students at the undergradiiate and graduate levels as well as the citizen who wants to understand the co i-np I ex i nt e m a t i o n a 1 arena and its impact on their lives. The d e f i n i t i o n o f national security can no longer be limited to defending borders or maintaini~~g internal stability. With the role of the state having expanded and changed, past experiences arc? rendered less valuable.The emerging asymmetric threats .to”national”security

x RISK ASSESMENT AND HORIZON SCANNING

are not controllable at the ”national” level. The risks to national security are often global in their origin, although the impacts can be localized and catastrophic. The economic, social and health aspects of the threat to the state can be every bit as damaging as the conventional state-to-statemilitary threats. The book will focus primarily on the emerging asymmetric threats. Definitions of asymmetric conflict vary, but one useful definition can be taken to refer to threats which are designed to employ an inferior strength against a stronger opponent’s vulnerabilities to achieve a disproportionate effect with the aim of undermining the opponent’s will to win.’ Natural or man made threats from biological weapons, pandemics and environmental degradation can be grouped into this area as well. The response to this sort of threat, from an ~~~~~~~~

~~~~~~~

~~~~~

a

~~~~~~~~~

~~~~~~~

intelligence point of view, i5 similar to that of other

Knowledge is critical in defeating asymmetric threats. A useful defence in an asymmetric struggle can come only from an und~rstandi~g of the threat and an ability to stop it before it materializes. Power by itself cannot prevail nor can power prevent fear. Over the past 20 years, I have had the privilege to work for a number of intelligence institutions. Among them have been the Director General of Intelligence (Canadian Armed Forces), the United Nations Proteclion Force in Yugoslavia (1 994), the Intelligence Assessment Secretariat of the Privy Council Office of Canada, the War Crimes Section of Citizenship and immig~ationCanada, the International War Crimes Tribunal for the Former Yugoslavia, the Royal Canadian Mounted Police (RCMP) War Crimes Section and the RCMP “A” Division Integrated National Security Enforcement % m .n Intelligence related work with the Conventional Forces in Europe lreaty and the Vienna Document has taken me to five countries in Eastern Europe from ~

‘The Rire of Asymmetric Threats, by Kenneth F. McKenzie, Jr., available at: www.ndu.edu/ii?ss/press/ QRR..-%OOI / s d c ~ ~ ~ h ~ ~ . h t ~ l .

Preface

xi

northern Albania to central Russia. Shore time periods were spent with the National Military Joint lritelligence Centre in the Pentagon, the Canadian Security Establishment and the Netherlands Institute for War Documentat~on. This book exists because of support from many other people. My thanks must go to them. Among them are the head of the Centre of Excellence for National Security, 5r. Kumar Ramakrishna. He has tolerated my many eccentricities and supported this project at all times. Dr. Amitav Acharya of the Institute of Defence and Strategic Studies a t Nanyang Technological University has played a major role in creating an academic atmosphere where ideas can be put forward, even if they challenge the boundaries normally imposed on such institutions. Sir Richard Dearlove KCMG OBE MA was generous in allowing me to use ideas that he had previously published. Dave Snowden of Cognitive Edge did likewise as did Dr. Kumar Ramakrishna and Dr. Norman Vasu of the Centre of Excellence for National Security. Some sections in the book also draw from work that was origi~iallypublished in the RUSI/Janes Homeland Security and Resilience Monitor. My thanks must also go to the Associate Research Fellows of IDSS' who had aided me along the way: Hoo Tang Boon, Yolanda Chin and Ng Sue Chia. Phil Berikoff has been a friend and guide over many years. Others will know who they are: ED., R.W., and C.'H'S. Colonel Patrick Nathan of the National Security Coordination Secretariat (Singapore) has also been of invaluable assistance. Warren Coons and Glenn arti in dale of the Royal Canadian Mounted Police played a major role in my success as well. Gilies Michaud was an operational leader from whom I gained considerable support for my work. Colonel Kent Koebke (United States Marine Corps -- retired) was a major influence in developing my intelligence skills as was Major David Declerq (Canadian Arrried Forces retired). Dr. Munroe Eagles, Dr. David Dewitt, Ds Paul Evans and Dr. Ron Landes were also formative influences who taught me the values of rigorous and theoretically informed work,

-

'The Institute of Defence and Strategic Studies, currently renamed as the 5 Rajaratnam School of Internationdl Studies

This page intentionally left blank

Contents

foreword

Profffce

b

1. The plan of the book

1. I

1.2

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . The Outline of the Book.. .....................................

1 ,1 .3

2. ~ ~ ~ e ~ National ~ ~ aSecurity ~ d i n ~ 9 2.1 The Changing Role of the State . . . . . . . . . . . . . . . . . . . . .8 2.2 The State and Globalization ............................ 10 2.3 2.4

2.5 2.6

2.7 2.8

2.9

Other Globalization Actors.. . . . . . . . . . . . . . Global and Local Identities .......................

The Cornplex Security Envir The Asymmetric Threats. . . . .

13

......... .....................

15

Transnational Organized Cri Current State Responses. . . . . . .

. . . . . . . . . . . . . . . . . . 20

The Future Role of Nationa

3. The Complex and U n ~ ~ ~ ~R ~t ear ~~ a ~t Security i ~ R a ~ ~ R ~ j ~ o R ~ @ n t 24 24 3.1 Threats, Risks and Vulnerability ............................... 3.2 Types of Threat Actors.. ...................................... 30

xiv

RISK ASSESMENT AND HORIZON SCANNING

3.3 3.4 3.5 3.6

.

34 The Fragility of the Developed States ........................ Converging Technology Trends and the Threat Environment . 36 Complexity and Uncertainty in the International System . . . . . 41 Predicting the Future . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

4 Strategic ~ n ~ @ ~Ass@ssment ~ ~ ~ @ and n ~Surprise e Attacks

41 4.2 4.3 4.4 4.5 4.6

45 Underlying Themes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 47 Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Data, Information, Knowledge and Assessment. . . . . . . . . . . . . . . 50 The Intelligence Cycle: Direction, Collection. Analysis. and Dissemination . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 Strategic Surprise and Predictabi~ity.......................... 53 The Need for Strategic Intelligence Theory . . . . . . . . . . . . . . . . . . . 58

.

5 Ancient and ~0~~~~ Ass$ss~~nt§: Common Problems 64 5.1 The Ancients and Strategic Surprise .......................... 64 5.2 Knowledge and Assessment Failures in Ancient Times . . . . . . . 68 5.3 Modern Literature and the Study of Intelligence . . . . . . . . . . . . . 69 54 Categories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 The State of Strategic Intelligence Assessment ............... 85 5.5

.

6 ~ e ~ ~~ fn ~o ~ ~ ~ Failures ~l ~i ~ ~ $ ~n ~ e 6.1 The Academic Response. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.2 Strategic Assessment and Terrorism .......................... 6.3 Reinforcing Failure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

.

7 ~ 7.1 7.2 7.3 7.4 7.5 7.6

89 91 93 96

@and l ~ t @~l i i g e n ~ e~ n ~ ~ ~ 97 The Outlook . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98 A Lack of Balance in Resources............................... 98 103 7he M~lit~rization of Intelligence............................. Secrecy Undermines the Analyticai Process. . . . . . . . . . . . . . . . . . 104 A Lack of Training and Upgrading ........................... 105 Outlook and Coriclusions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107

8. structure and organization: The Weakness of centralized intelligence

111

~

447

9. Faint Signals 9.4

9.2

9.3 9.4

40. More 10,1 10.2 10.3 10.4 10.5

The Case of the Flying Telephone Pole.. , . . , . , . . . . . . . . . . . 118 'The Case of the Missed Declaration of War.. . , . . . . . . . . . . . . . . 122 The Case of the Missed Diplomatic Signals.. . . . . . . . . . . . . . . . 125 Conclusions.. . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . , . . . . . . . . . . . . . , . . . 127 e . .

(.

Faint Signair Being Mir;aed? '831 The Case of Animal Disease and Panderrtics... . . . . . . . . . . . . . . 131 The Case of Technology Trends and Home Made Weaports . 134 The Case of Bangladesh . . . . , . . . . . . . . . . . . . . . . . . . . . . . . . . . . , . . . 137 The Case of the United States and Information Sharing.. , I . 140 The Case of Nano Technologies . . , . . . . . . . . . . . . . . . . . . . . , . , . . 142

'D 1. ~ a ~ i o nSecurity a~ lntell~genceand the Fsoot Line ~ e ~ u ~ ~ e 4~47e n ~ 1%. Open Source ~ n t e ~ ~ i ~ e n c e

7 57 OSINT and National Security. . . . . . . . . . . . . . . . . . . . . . . . 158 12.2 What Constitutes Open Source Intelligence?. . . . . . . . . . . . . . . . 161 12.3 Secrecy is the Enemy of Knowledge.. . . . . .. . . . . . 12.4 'The Private Sector has More Information and Expertise . . . . . 165 12.5 Contingencies and Surprises. . . . 12..6 OSINT and Information Flexibili 12.7 Limitations of Classified lntellig . . . . . . . . . , . . . . . 170 12.8 OSlNT and Reliability High Resolution Space-Based Open Source Imagery. . . . . . . . 173 12.9 12.10 Global Tracking of Issues . . . . . . . . . . . . . . . . . . . . . . . . . ' 175 12.1 1 Outlook and Conclusions.. ' ?77

12.1

.

.

.

.

I

.

I

I

13. ~ n ~ i ~ ~Future ~ a tThreats: i n ~ The Problem Areas

479

Predicting the Future . . . . . . . . . . . . . . . . . . , , . . , . . . . . . . . . . . . . . . . . 180 The Changing Role of the State and National Security.. . . . 182. The Complex and Uncertain Environment.. . , . . . . . . . . . . . . . . . 183 Technology and Future lntelligericx . . . . . . . . . , . . . . . . . . . . . . . . . 184 . . . . . . . 185 Traditional Methods of Strategic intelligence Wa~ning 13.6 Artificial Intelligence?. . . . . , . . . . . . , . . . . . . , . . . . . . . . . . . . . . . . . . . . 185

13.1 13.2 13.3 13.4 13.5

~

xvi RISK ASSESMENT AND HORIZON SCANNING

189 94, A n t ~ ~ ~ Future ~ a t ~Threats: n ~ The Areas of Strength 74.1 Resiliency and Efficiency.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 490 14.2 Diverse Views or Consensus? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192

7 4.3 14.4 14.5 14.6

Asymmetric Threats and Knowledge . . . . . . . . . . . . . . . . . . . . . . . . 192 Knowledge Workers and Small Groups.. . . . . . . . . . . . . . . . . . . . . 194 Order and Choice . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . 195 Outlook and Conclusions.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . 197

15. The ~ i n ~ a Risk ~ o A~ ses ~ s s ~ @and n t Horizon canning Process 199 15.1 Risk Assessment and Horizon Scanning . . . . . . . . . . . . . . . . . . . . ,201 15.2 Interview with Ambassador Lam Chuan Leong . . . . . . . . . . . . .202

15.3 Interview with Civil Service Head Mr. Peter Ho. .. . . . . .. . . . . ,207 15.4 Interview with Mr. Dave Snowden of Cognitive Edge . . . . . . .212 16. ~ ~ t h Nationall ~ n ~ Security ~ n ~l n t ~ ~ ~ i ~ e n c e

16.1

16.2 16.3 16.4 16.5 16.6 16.7 16.8 16.9 16.10 16.11 16.12 4 6.1 3 16.14 16.15 16.16

227

An / ~ ~ e Future / ~ i ~ foreStrategic ~ ~ Intelligence . . . . . . . . . . . . . . 228 The Changing Role of the State.. . . . . . . . . . . . . . . . . . . . 228 National Security Must be a Public Issue.. . . . . . . . . . . . . . . . . . .229 The Future Cannot be Predicted, but it Can be Anticipated. 229 Faint Signal Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230 2314 Emerging Threats are Asymmetric in Nature 231 Diversity is the Key.. . . . . . . . . . . . . . . . . . . . . . . . r . .

231 Hurnans are not Rational Decision Makers Government is not a Business.. . . . , . . . . . . . . . . . , . . . . . . . . . . . . ,232 Open Source intelligence is Critical . . . . .. . I233 Education is Required . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ,233 Short Term Future - A Bit Bleak in Some States.. . . . . . . . . . .233 Methodology is not Critical . . . . . . . . . . . . . . . . 234 235 Digital and Analogue 235 'The Future Could be .

I

.

.

'The Future of Intelligence? . . . . . . . . . . . . . . , . . , . . . . . . . . . . . . . .226 ~

Appendix A: National security and Education: Thing Across the Boundaries of Time and specialization

237

Bibliography

239

index

243

chapter 1

The plan of the Book

National security intelligence must function in a complex and uncertain internatior~a!environment. Under such circumstances, trying to anticipate and prepare for the future is the most difficult task that governments face. How can any government, especially those of small to medium sized developed states, be expected to anticipate contingencies when there are no maps to the future? that which achieves an advantage over ~ ~ ~ n ~ astrategic ~ e n surprise ~ a l an unprepare~enemy - is a fact of history, It has been with us for as long as there have been recorded histories of conflict and that is more than 2,500 years. The past record is not encouraging. Despite warnings about how to prepare for the future (Sun Tzu - circa 500 5.C. - and Phucydides - 400 B.C.), strategic surprise has been a fact of life from the days of the ancients to the present.

1.1 Introduction I arn not an academic, but rather a practitioner of intelligence. At some point in the future, academics must return to play a larger role. But their insistence on bui!dir~gboundaries for knowledge instead of breaking them down causes them to disappear down their own silos, a practice that is well known in the intelligence community.

2

RISK ASSESMENT AND HORIZON SCANNING

An over fascination with "definitions" and the need to be labeled as a "neo realist," a "critical theorist" or even a "critical theorist from the Frankfort school of thought" renders them inaccessible to mainstream intelligence analysts, policy makers, and decision makers. This is a pity, as academia has produced valuable schools of thought and tools of analysis that could further help to inform us about our world. I am a generalist. Many people believe that a room full of specialists from differing backgrounds equals general knowledge. This is simply not true. Specialists articulate arguments from within their own area of expertise and they have difficulties integrating knowledge across the boundaries that define specialization. However, being a generalist is currently out of fashion and our various developed societies have placed a premium on specialization. This is occurring at a time when we need more people who can see the big picture. Our education systems and many of our leaders are failing us badly in this area. This book may have some weaknesses that are unavoidable as a result of the previous two points. First, no academic agreement exists on many of the key issues. For instance, what is the role of the state now? Is the state becoming more powerful as we move to increase the roles of securitization and surveillance?Or, as others argue, are the institutions of the state under attack and facing collapse under the pressures of globalization? Or rnaybe both are true depending on the location and condition of the individual state. As such, generali~ationshave to be made because policy makers and decision makers have to work from a framework of understanding, even if it is sometimes inexact. Second, this book is intended prirnarily to be read by leaders, decision makers and thel'worker beesl'who occupy the worlds of security, intelligence, economics, and policy. For them, an endless mound of detail is not the requi~ement.They need finite analysis and, within this context, clarity and brevity are the essence of communication. I accept the fact that counter arguments exist, but in the world of operations and policy, the practical imperatives outweigh the theoretical. I have seen the consequences of state failure. The potential brutality of our fellow human beings under these circumstances is astounding. One look into the eyes of a refugee or a walk through a bombed out village in Yugoslavia serves as a warning lesson as to the consequences of failure.

The Plan ~f the E)

3

As such, I make the decision to generalize for the purpose of functionality with a clear conscience in the hope that we car) partially avoid further catastrophic failures. The genesis for this book comes from many areas. Not least is my twenty years in a variety of intelligence positions in a nurnber of countries. Some

of the experiences were positive and exciting, such as being declared a court expert on jihadism in support of a criminal investigation. Other experiences were less positive, especially when dealing with those p-ersons who favoured centralization and bureaucratic processes over any actual intelligence analysis. However, all of the experiences have been educational.

1.2 The outline of the book This book presents a framework for thinking about national security, the int~rnatior~al environment, and the intelligence requirements needed to support leaders and decision makers. This may come as a shock to many, but all too often individuals are thrust into an iritelligence or enforcement role with little or no training.The individual may have some relevant background experience, or they may not. This has been my situation on a number of' occasions. This is a common problem in many countries and even the so-called "developed" countries are every bit as guilty. This book hopes to provide at least a partial solution to the problem by providing a framework of analysis for thinking about national security intelligence problems. The book is structured into six main sections as fo!lows: ~ ~ ~ i~~~w~~~~ ~ n f a f~ ~~ i~t fsf w i ~ ~ nIn~Chapters ~ f f ~ .2 and 3, the changing role of the state will be examined. Without understanding what the role of the state requires, it is difficult to understand how to provide security for that state. Following that, the international environment will be examined with respect to the intelligence requirements that are needed to support national security in a complex and sometimes hostile environment. ~~~~i~~ and ~ ~ ~ w f ~ ~f Five ~ ~chapters i s ~ ~ .~of varying i ~ length will examine the issues of strategic surprise, strategic warning and the failures that have occurred. Chapter 4 provides background information on strategic

~~~~~~~~~

4

RISK ASSESMENT AND HORIZON SCANNING

warning and strategic surprise as well as definitions of the key terms used. It also examines key reasons for intelligence failures. Chapter 5 provides a historical overview of strategic surprise from the time of the ancients to the present.Chapter 6 explains why we tend to reinforce failures in the intelligence world and how this has been done again after 91’1 4 . Chapter 7 looks at the pervasive and frequently corrosive role that technology has p!ayed in intelligence and how this has negatively impacted intelligence assessment capabilities. It also examines a related phenomena of the dangerous trend in some states towards the increasing militar~zationof the whole intellige~ce process. Finally, Chapter 8 takes a short look at one of the great contradictions of the intelligence world -- the belief in a centralized intelligence capability. “Central intelligence” can be a contradiction in terms under some circumstances. ~~ ~ ~ and f ~f~ ~ ~ fScanning. pf After ~ ~ every ~ ~ major ~ ~ intelligence n failure, an exercise occurs whereby it is established that ”faint signals” that should have been seen or heard were missed. The dots, as they say, were not connected. This kind of retrospective coherence is common not just in the intelligence world, but right across most forms of human behavior. Chapter 9 will examine the issues of faint signals, trend ~ i o n i t ~ r i nand g “horizon scanning” as tivell as five cases of missed faint signals that were detrimental. Chapter 10 will contrast this with an examination of several current examples where faint signals are being missed now that may cause upset later. ~

Sscrcceese5 and ~ ~ ~It is common, ~ pand perhaps ~ even ~ fashionable ~ j to attack the intelligence community for its ”failures,” even when it is often clear that the event failures were more directly related to policy shortcomings. To contrast this, Chapter 11 will use examples of successes that have occurred in counter terrorism operations as a means to demonstrate how intelligence has worked. More importantly, it will examine where it has worked. Almost all the successes have been close to the front lines and initiated by human judgment, or they were cases of the front line analysis of technical clues provided by computers. Another poorly understood function of national security Is that of the role of the citizen. Great successes have occurred when “average citizens” have taken a role in a crisis situation. Further to that, the ultimate outcome of any event depends more on the response to the event rather than the actual event itself. In national security terms, some of the most critical first responders may be citizens. Their actions may shape the outcorne of the event. Chapter 12 will examine one of the most underused opportunities that exists for national security operations - that of open

~

'The Plan of the

45

source intelligence. Secrecy is the ally of the weaker party in an asymmetric conflict while knowledge is the friend of the stronger party. Knowledge (and the sharing of knowledge) is the critical component in defeating an asymmetric threat situation. A good defence in an asymmetric struggle can only come from an und~rstandingof the threat (knowledge) and therefore an ability to combat it or stop the threat before it materializes. As such, open source intelligence may be the most underused tool in the national security tool box. ~ i ~ ~ ~ §and $ Horizon ~ § $~ ~ ~ ~ nGiven ~ the ~ uncertain n and~complex

~nvironment,is there anything that can be done to prepare for the future, or must we simply wait for disasters to occur? Options do exist to enhance

the odds for success or survival. "Technology by itself is riot the answer, a combination of cognitive skills and technologica! support are a1,~hou~h emerging to allow for the detection of faint signals and the ability to put them into a warning context. Chapter 13 twill extend this discussion on some of the current probleni areas and how they needed to be avoided. Chapter 14 will examine the areas of naturally occurring strengths that exist and how these can be adapted for service in the fu,ture. Chapter 15 will examine the Risk Assessment and Horizon Scanning Program in Singapore which is a ~ ~ ~ ~ ptot break i n gthe"stove-pipes"and mindset failures that have pla~ued the world of insti~utionalizedintelligence. This chapter will also examine how a globalized network of "horizon scanning" programs needs to be integrated among like-minded developed nations in order to provide the besr warning and protection to all concerned. ~ ~~ ~The ~ entire ~ concept i ~ of~ national ~ security ~ i in ~a~ cornplex and uncertairi world needs to be addressed. First and foremost, national security discussions have to be dragged out of the closet and into the public arena. They should not be kept hidden away from public view. Issues such as sovereignty and the strength of the national social fabric are at stake and secrecy undermines the entire process. As a conclusion to the book, Chapter 16 will examine the complex issues at stake and rnake specific policy recornmen~ationsto face future threats. Often overlooked are the education and experience requirements for personnel recruiting. While not a direct pare of the national security process, education is a critical issue. It is a dangerous fallacy to assume that an intelligence "process"can somehow improve the quality of intelligence above the level of the quality of its producers. Appendix A, therefore,takes a look at the edu~ationalrequi?ements for the future. ~

~~~~~~~~

~

This page intentionally left blank

chapter2

Underststanding National sercurity

What is national security? On the surface, this appears to be a fairly simple question. It is the measures taken by the state to ensure the security of itself, and its citizens or subjects. On a deeper Jevel, however, a much more complex question exists that involves ur~derstandingthe role of the state and how far the state must go to define and protect its interests.This requires knowing what the interests of the state are in political, military, economic, social and er~vironmentalterms. The state has both a right and duty to protect it citizens. However, the state must also deal with the idea of a necessary balance between needs and resources and also rights and duties. Perhaps the most d i ~ c ~ofl all t is the need to provide equilibrium between the peace and order needed for a functioning society and the tolerance required for the citizens to be able to function. IdentiQing the critical elements of national security is a much more ~ i ~ ~question u l t than it seerns. It is both critical and necessary, however, to understand the changing role of the state and the envi~onmentin which the state operates. At the same time, this operating environment is increasingly complex and uncertairi with a series of traditional and emerging threats. In the following sections a number of issues will be addressed. These include the changing role of the state, the international role of the state,

8

RISK ASSESMENT AND HORIZON SCANNING

E

AND e e

globalization, non-state actors, organized crime, global and local identities, the complex security environment, asymmetric

responses, and the future role of national security. Tied to all of this, of course, will be the intelligence requirements that fall out of this assessment.

2.1 The changing Role of the state The state as we currently understand it is a relatively new invention of history. Opinions vary amongst historians and political scientists, but the state as we now know it in legal terms evolved out of Eurorse from the 13th to the 19th Centuries. Many students of history suggest that the 1648 Treaty of Westphalia was critical.q This treaty effectively recognized the principle of state sovereignty and the state's ability to control affairs within i t s own fixed borders. 7he treaty also established the principle that all states were equal in dealings with each other as states, regardless of their individual size or capabilities. These principles (in general) remain in place today. The concept of a sovereign and independent state gradually spread around the globe to a point now whev almost all land on the planet is controlled by states. The only exceptions are the continent of Antarctica and some disputed areas such as the PalestinianTerritories or Mashmir.The spread first occurred to other areas influenced by European culture such a5 North and South America. The state concept later spread t h r o u ~empires ~ that were in decline such as the Ottoman Turkish Empire. Finally, the concept of the state spread through Africa and Asia during the period of de-colonization in the 20th Century In its original form, the role of the state was limited to defending its borders and providing a minimal level of physical security for the inhdbitants '§ee,among many others, GeoffreyTreasure,7beMaking ~fModernEurope 1648-1780 See also Daniel Pi-iilpott, Revolutions in Sovereignly How Ideas Shaped Modern li~terriation~l Relations

Understanding National security

9

of the state. The state also came to be recognized as the only legitimate actor for international relations. As such, and especially in the 20th Century, the state m m e t o play the major role in any matter that was transnational. The role of the state began to expand rapidly following World War Two. Many states began to take on larger roles in regulating their economies. Even free market states believed that the state should take on some iole in correcting the problems not addressed by other means. These issues were often focused or1 full employment, trade balances, resource shortages, and price stability. Seen from another point of view, States were attempting to expand their areas of control into the economic sphere to provide sta~ilityand security. Not far behind various state interventions into the economy came the state's increasing role in mair~tainingthe standard of living of its citizens. Issues such as medical care, welfare, unemployment insurance,and individual rights were part of this change. The state also wanted to support the goals of full employr~eritand internal regional economic development to offset the failings of the market. By providing material benefits to the in~abitants of a state, the state was able to further increase it own internal legitimacy while creating a further role foor itself in national unity. Taking on these new roles was a double edged sword, however. By providing the benefits and increasing its profile with .the citizens, the state was taking a chance on decreasing its legitimacy and stability if it could not meet the ever rising expectations of its citizens. The state was becoming ~:~~~~~~~~ of the staft? has ~~a~~~~ not just the protector, but ~ o09:lthe~ state to a and rsoa fectoa. This is a ~~i~~~~~ ~ ~as the j ~ i t was becoming the what ~ ~ ~ ~ provider. o f personal lo^^ with the role of the state itself. financial security as well. While the individual state has d o ~ i n a t e the d international scene as the predominant voice, states have also gone about ~ u i l d i n ginternational institutions which they run for thernseives. The reasons foor creating such institutions vary, but in general ~~~~~~~~

~~~~~

~~~~~~~~

~~~~~~~~~

~~~~~~~~~

t

10

RISK ASSESMENT AND HORIZON SCANNING

terms they are created to establish a system of stability for the states themselves.The states attempted to do this by shutting out non-state actors such as religious movements, ethnic, linguistic, or cultural groups. In essence, the states have tried to create an international system in which only they are players. This system would ensure that the state was the final arbitrator. Those groups that did not have a territorial based state to represent them would have no voice on the international stage. The desire for states to form such institutions has been clear as such examples abound. The United Nations (UN) is one such institution. One indicator of the desire of states to be a part of the international state system is the number of states in the UPI.The UN was founded with only 51 original members, but each new state born of de-colonization or succession ~ o \ / e m ~ nhas t s usually sought to join this "club to establish itself as the legitimate voice of its territory. The number of member states in the UN as of 2006 was 192. This number was reached on 28 June 2006, when the most recent member (~ontenegro)was accepted. Other international state run organizations have included those with relatively clear mandates and rules such as the North Atlantic Treaty O~ganization(NATO). Some state institutions have been less formal and more cooperative such as the Association of South East Asian Nations (ASEAN).

2.2 The state and globalization VJhat does the term globalization mean? More interestingly, what does it mean to the policy maker and those who must make decisions in the complexity of the inte~national~nvironment?One of the key issues to be considered is whether or not globalization (however you define it) affects the role of the state and whether this effect has made the state stronger or weaker. The academic literature is not helpful in this question. Kenneth N. Waltz, Emeritus Professor of Political Science at the University of California at Berkeley, is considered one of the leading scholars in international relations. He was one of the founders of what academics call the theory of neo-realism, or structural realism. He has made the argument that ~ l o b a ~ i ~ and a t ~its o~ negative effects on the state are not much more than a passing fad and

Understanding National security

114

that the state will increase i t s functions and roles as a result of globali~ation.~ Other scholars have disputed this and believe that the te~hnological revolution in transportation and co~)municationshas begun to break down social, economic, and cultural barriers. Ulrich Beck, a t the Lud~~~g~Maxim University in Munich Germany for instance, would argue that the term globalization itself implies a weakening of state structures as well as their autonomy and power? What should the policy makers take from this sort of discussion?Whatever the academic discussion, some issues are inescapable from a policy point of view. On the economic side, large scale interstate trade and the rapid rnovernent of fluid capital is a reality and states must deal wirh it. A sudden shock in one part of the globe, such as a shutdown of an oilfield in Alaska, can cause price ripples the same day around the world. An event of transitional terrorism in the United States, such as the 9/11 World Trade Centre and Pentagon attacks, can cause major financial headaches for airlines and other businesses around the world. The state has been forced to adapt to find a new approach for itself in the face of globalized economic and security trends. Many developed states find themselves incapable of meeting some roles that citizens have come to expect. No longer is the state capable of being the economic provider to the population and a guarantor of internal social stability and a competitor in the i~ter~ational stage all at once. There are inherent contrad~~tions in these roles. At the same time, the state cannot control many of the factors that determine its 1.E FOR -!-HE STATE interrial economy such AL ~ ~ as resource prices, the impact of technology or) the labour markets, or currency values. Whether this weakens

'Kenneth N. Waltz, Globalizutionand American Power as published in The National Interest, Spring,

2000. 'lllrich Beck, ~ ~ r / dSociery, ~ i sPolity ~ Press/Blackwell Publishers, Cambridge, UK, 1999.

~

12

RISK ASSESMENT AND HORIZON SCANNING

or strengthens the role of the state is a matter of debate, but it is clear that it changes .the role of the state and the factors that the state must react to in times of change or crisis.

2.3 Other globalizationActors One purpose of the creation and maintenance of the state as well as the formation of international institutions had been to exclude other ”non-state” actors from having a voice or an effect on state affairs. Whatever one’s vievvs are on the state, changes have occurred and non-state actors appear to be escaping from the boundaries that had been set for them. No longer are they content to stay within established boundaries and not have a voice in the international arena. For policy makers, this is of concern. Phis is certainly clear in the case of transnational terrorism. In the 1990s and up to the year 2001, al-Qaeda was clearly a non-rtate actor, although it did operate out of Sudan and Afghanistan. While denied a “legitimate” voice in the international arena as it was not a sovereign territorial based state, it did nonetheless manage to force states to react to its presence. Its terrorist attacks on American embassies in Africa, its attack on the American warship the iJSS Cole, and the attacks of 9/11 demonstrated that it has had an effect on states and the state based systems. Hizbollah is another such non-state actor. Like al-Qaeda, it has been considered by some to be nothing more than a terrorist organization. Yet it holds seats in the Lebanese Parliament and is a wide scale provider of social services in Lebanon. To many Lebanese citizens, especially the Shia, Hizbollah is the only provider of social services including education, health, and welfare. While its status as a non-state actor should deprive it of an international voice, it is clear to many That Hizbollah has been able to drag the state of Israel into conflict on more than one occasion and it has forced states around the world to react to it. Numerous other non-state actors on the world stage are demanding greater attention and getting it. Some of these actors are rn~ltinat~onal corporations whose budgets and power are greater than that of some smaller states. Oil companies and car rnanu~acturers,for example, fit into this category. Such companies can demand and get states to change their taxation or

Understanding National security

13

investment policies by simply promising to add new jobs in a given state. Conversely, those same companies can threaten to remove capital or jobs in order to coerce the state into making changes in their favour. Other actors have also emerged and play roles in the area of social and environmental issues. Aggressive environmental groups such as Greenpeace have focused attention on, and have been responsible for state law changes or mo~ificationsin issues such as fishing, whaling, and pollution. While the academic community may be split on the issue of vvhether non-state actors are capable of weakening or changing the role of the state, one thing is clear. Non-state actors can cause events to happen which si~r~ificantly alter the policies of states. The best answer to the quesrion of state versus non-stare power may lie in momentum. Who is making the action, who is reacting, and who is maintaining the rno~nentum? The entity that is acting and causing the other entity to react clearly has the upper hand. Whatever the view on state power, it is clear that non-state actors such as al-Qaeda and Hizbollah can set their own agendas and cause states to react.

2.4 global and local identities While globalization is on the agenda of many, other processes are at work that frequently escape public discussion, but are nonetheless relevant to national security issues. One of these issues is the politics of identity. The modern state has worked hard to try to ensure that its citizens identity themselves with their state. Patriotism and nationalism are a part of this process and goal. However, sociologists, political scientists and informed observers have noted a change in many developed states, particularly since the lC38Os. ~ndividualsare frequently losing or distancing themselves from their “state identity” and choosing to identify with non-state groups instead. It is to these groups that the individuals then give their primary loyalty and obedience. Radical jihadists, organized street gang members, and organized crime figures all fit into this category. A drug cartel member may feel a greater sense of loyalty and association to his cartel brethren than his own state, which he frequently sees as the oppressor and enerny anyway. Many

14

RISK ASSESMENT AND HORIZON SCANNING

jihadists come to the radicalization process based on events in their own countries, and their goals are to overthrow the government in that country. This is to say that they may not identify with their current government, but they still recognize the state as the political unit they want to control. I-lowever, another class of jihadists also exists, sometimes referred to as the home grown jihadists. Their identity and loyalties are not to their country of birth or even that of another country. Their identity is with the larger global community of jihadists whom they see as being oppressed brethren on a global basis and not just on a national level. The intent in this book is not to get into the whole issue of the politics of identity, or what other issues can attract the loyalty of individuals. But the issues are many and they include: gender, religion, race, politics, ethnicity, caste, sexual orientation, and physical disability. Even within those categories, there can be sub-categories that are in conflict with each other.

2.5 The Complex security Environment No clear theory exists that will explain what the role of the state will be in the future. As noted above, a number of theories exist on how issues such as globalization and technology will affect the state and society. However, whatever the theory, the state is now faced with trying to deal with a number of emerging issues while remaining competitive in a rather unforgiving marketplace.This is on the minds of many politicians, bureaucrats, and academics. It should also be on the minds of intelligence personnel on a daily basis. The international security envi~onmentshows every sign of becoming more complex and uncertain. Separatist movements, state failures, and decolonization have increased the number of states from 51 in 1945 to 192 UN recognized states in 2006, plus the Vatican, Taiwan and other anornalies. Technology has greatly changed both comm~~nications and t~anspo~tatior~, both of which are providing security challenges to the state. Most inte~esting, and perhaps the most challenging is that power is devolving in some cases rather than evolving as it relates to threats to the state. Previously, it took a military force organized by the state to constitute a major threat to most states. In the not so distant future, small groups or even an individual may

Understanding National security

15

be able to produce bioiogical or chemical weapons or even radiological devices such as dirty bombs.This will give them the ability to directly threaten the state, thus compounding the state's security problems to an even greater degree. This is a worrisome trend. It can be dangerous to extrapolate too far, but current indicators suggest that non-state actors, small groups, or even individuals may soon be able to take on a strategic role and influence state behavior a t that level. The attacks of 9/11 highlight this trend as does the conflict between the state of Israel (a UN recognized state) and Hizbollah (a non-state actor). Most interesting in the case of the 2006 Israeli-Hizbollah conflict was the lack of a clear winner or loser in the conflict. This does not bode well for the future security of the state, as a long established sovereign state was not able to fully express its will over a nor)state actor.

2.6 The Asymmetric Threats The definition of what constitutes power in the international system is changing. Most political scientists and other observers generally view the state as the primary unit of analysis in the international arena. This is still true in many respects, but surprisingly, small groups of individuals or even single individuals now have the power and capability to affect major change at the international level. The most glaring example of this is the 9/11 attacks whereby it can be argued that 19 men quite literally provided the pivot point around which history changed. Other small groups have also had a huge impact, such as the four London bombers of 7 July 2005 or the Bali bombers in 2002. These types of attacks, whereby a small group of individuals attack a much larger power, are frequently called asymmetric attacks. Much debate

16

RISK ASSESMENT AND HORIZON SCANNING

exists in academic circles as to what constitutes an asymmetric relationship. In general it can be stated that the perpetrators of an asymmetric attack avoid attacking the strongest points of their adversaries while seeking to exploit vulnerabilities in the weakest points. At the same time an implicit premise exists that there is an element of surprise not just in the timing of the attack, but also in i t s method, means and goals. Lying behind many asymmetric attacks is the expectation by the attacker that while the attack itself may go as planned, one attack by itself will not achieve success. Rather, the perpetrators of the attack expect that many attacks will be required over a long period of time to break down the will of the stronger power. Victory, for the attacker, comes not from battlefield success, but instead d gradual wearing down of the will of the stronger power. David A. Charters is the Director of the University of New Brunswick's Centre for Conflict Studies, and is also the Executive Editor of its Journal of Conflict Studies. Seen from the historian's point of view, he examines asymmetric threats in the following way:

"They circumvent fhe state's militcrry strength, und try to 'decapitcrte' or (~ndermine government by using covert violence, corruption, and di5rupti~n to attack or exploit a country's 'cenferr of gravity' and critical infrusrruc~ure5."~ History is replete with examples of asymmetric conflicts that have been won by the weaker power. The Vietnamese drove both the French and the Americans out oftheir homeland. Algeria defeated the French and the Soviet Union was forced to retreat in humiliation from Afghanistan. Hizbollah has successfully driven American, Israeli and French forces out of Lebanon (1 982 to 2000). The actDr5 that carry out asymmetric amcks can be both state level (Vietnam) and non-state level (al-Qaeda and Hizbollah) actors. The current national security problems for most states do not derive from the state level threats. It is the non-state actors that are creating most of the mayhem. 'For this and further informationon asymmetric threats and non-traditional security see David A. Charters, "Canadian Foreign Policy, Terrorism, and Non-Tradiri~n~l Security Threats: Temporary Aberration or Permanent Condition?"It is availableon the website of the Canadian Defence and ForeignAffairs Institute at: http://www.cdfai.org.

Understanding National security

17

Asymmetric attacks are generally associated with terrorism and political violence. To reduce it to its most basic, terrorisrn and political violence exist for simple reasons. If the state cannot provide a suitable level of economic and social protection for those living on its territory, then those groups which can promise a brighter future or salvation will prosper. The "cause" will attract adherents locally and iriternationally who are willing to perform attacks against stronger opponents. An asymmetric conflict cannot be won with brute strength or firepower. Knowledge, experience, and organization are the major assets needed to survive and prevail in an asymmetric conflict. Technology itself is not necessarily an asset either. Rather it is often a major v~~lnera~~ility. Secrecy, so loved by intelligence services and by governments themselves, is the ally of the weaker power and the enemy of the stronger. Secrecy is also the enemy of knowledge, and with knowledge being the only real weapon against an asymmetric threat such as terrorism, the developed nations who still have large secret bureaucracies are making the problem more difr'icu1.t for themselves, What of other non-traditional threats that are emerging? Other nontraditional threats or re-emerging threats may also be fit into the asymmetric mold or need to be considered in the national security matrix of threats as well. Among the most obvious (beyond transnational terrorism) are t~ansna~io~al organized crime and cyber-terrorism. However, a long list of other threats exists such as pandemics, re-emerging disease threats such as tuberculosis, supply chain fragility, resource price and supply shocks, environmental changes, and economic rrieltdowns such as the 1997 Asian econornic crisis. Many of these threats are of a nature whereby the probability of such an event is relatively low, but the physical, social, economic, and political costs ofthe impact would be disproportionately high. Of all of the threats listed in this chapter, the only ones that have a potential for mass casualties are tiansnational terrorism and pandemics.

18

RISK ASSESMENT AND HORIZON SCANNING

2.7 Transnational organized Crime as aNational security Threat Organized crime of a domestic nature is not a new issue for law enforcernent and intelligence agencies. Most local and national level institutions have become familiar with the nature of its activities (drugs, prostitution, smuggling, money launder~ng,murder for hire, etc.). "Old fashioned" organized problem is a criminal and social issue, but it /s not necessarily a nationai security issue. However, new developments in trans~Jafiona1organized crime call this into question. Consider the following:

Today we are a world in which trunsnational criminal gungs have rnore one^ better c~mputers,better information and vastly more motivati~nto act and to act ruthless^ thun most states. Perhaps even more fri~htening, we face a world /n ~ h i we c ~are allowing technology and ljmited pohcy ~jnderstandin~ to create very ~ i g n i ~ c a masses nt of disposed and u / i e n a ~ ~ d sizeable elements v~ithinour own borders; und at p ~ ~ p ~ ~ a t-i o nincluding s ?he s(sme time we ore igno~ingour ~ o v e r n m e nobl~gations ~~ to provide for home defence and for electronic defence in the private sector."' Transnational organized crime has prospered greatly since the end of the Cold War and the period of rapid globalization that occurred a t roughly the same time. Cri~n~nal networks have been able to take advantage of improved technology, weaker border controls, ethnic and regional conflicts, and new growth in financial markets. The newer tran~nationalorganized crimes groups also tend to have different structures than the older organized crime groups. The new t~ans~~ational groups tend to be more fluid, networked, and form associations

for the purposes of convenience and profit. This is in sharp contrast to the older organized crime networks that were ohen family led, strictly hierarchical in nature, and relatively stable in their areas of interest.The newer tran~nation~l ~ ~ ~ acrime n i networks ~ e ~ also lack the structure and o r g a r ~ ~ z a t0f~ othe ~ older networks and at the same tirne, they operate across more inte~n~tional

'Robert David Steel?,On /nte//f~ence Spw and Secrecy fn an Open World, O S S International Press, Oaktori Viiyinia, 2001, page 194

Understanding National security

19

boundaries.Therefore, the newer groups are harder for intelligence and law enforcement agencies to track and prosecute. As with the other forms of asymmetric threats, however, a response to them is required by the state and it will fall wholly or partly into the realm of national security intelligence to deal with this issue. Knowledge is only answer to dealing with such forms of activity. At least in the short to medium term, the outlook for states dealing with asymmetric threats is not positive. By their very nature, those people who attempt asymmetric attacks are exploiting known weaknesses. A t the current time, those weaknesses appear to be multiplying for a number of reasons. Among those reasons are:

a. ~ ~ ~ ~~ @ ~ ~~ For ~ ~instance, p ~ a /the n ~improvements ~ ~ ~ ~ . ~in computer i n technology mean that technological crime can affect more people faster.

b. % n g @ P n Q ~ ~ ~ p ~ / I r cLaw B ~enforcement ~ ~ P ~ ~ i ~ pagencies . are improving and work well in sorne areas. In others, however, they remain weak. With respect to intelligence flows, however, the sharing between states remains limited and the knowledge required (which is the only useful weapon) does not flow easily. Perhaps even worse is the issue of internal intelligence flows. Intelligence agencies within one country do not necessarily communicate with others in their own country. Numerous failures, such as the 9/11 attacks, were due to both inte~nationalintelligence sharing failures and domestic sharing failures. c. ~ ~ ~ e / and g ~k w g ~~ ~~ e ~~ Q ~~n~~~~~~~ P ~ @ The ~ intelligence @ ~ ~ and law enforcement agencies do not have the same roles in all countries. What may be a law er~fo$cement issue in one country may be the provenance of an intelligence agency in another. The international diplomatic system, with it series of attaches and liaison officers is frequently frustrated by a lack of what could be called interoperability and the refusal of some intelligence agencies to deal with police and judicial agencies.

d. Legal ~~~~i~~~~ What constitutes legal "proof" in one country may not constitute proof in another. Given the nature of asymmetric activity, it is a rare case when there is a"smoking gun"that will rise to the level of absolute proof in all jurisdictions.

20

RISK ASSESMENT AND HORIZON SCANNING

e. Ski// sets. Sad as it is to say, the skill sets of criminal and terrorist organizationsare sometimes more highly developed than that of government bureaucracies. Modern transnational crime and terrorist groups frequently have highly educated individuals working for them who function under the double pressures of performance requirements which can be high (leadership pressure from above) and the fear of getting caught. Some bureaucracies, on the other hand, tend to rotate persons around from job to job with little to no focus on skills sets, training or responsibility for performance.

2 4 current stste Tesponses ~~~~~~~

~~~~~

Given all the changes in the role of the state arid the problems it faces, how do we in general assess the response of the state? Like rnost other problem areas, there is good news and bad news. There are four key problems with current gotvernmental structures and processes, which are in fact common to almost every state.“ The first issue is the over-dependence on the “centre”- normally the institutional apex of ministries and agencies - to collect, analyze and contro! the incoming information that the state needs to operate. In today’s world the centre simply cannot cope with the multitude of incorning information. To adapt successfully it must more effectively decentralize intelligence collection, analysis and control to as near the street level as possible and becorne more of a policy guidance and senior decision- making operation instead. This process of “intelligence decentralization” must take place not only within t h e overall governmental ”centre” outward to the ministries and agencies, but within the ministries and agencies as well. In one Canadian municipal police force, for example, emergency phone operators and dispatchers are being trained to become aware of unusual incidents that may involve terrorism or other national security-related incidents, no matter how rninar the issue. When they do notice an unusual pattern or event, a ‘Large parts of rhis section were originally published a t the Institute of Defence and Strategic Studies a t the Nanjiang Technological University in Singapore. For the full text of the article, see “Singapore‘s

DarwinianImperative: Survival in a Complexand UncertainWorld,” Kuniar RamakrishnaandTom Quiggin, IDSS commentary 29/06,28April 2006 at: http://www.idss.edu.sg/publications/Perspective/lDSS0292006. pdf

Understanding National security

21

notation is passed to the force's intelligence section for analysis and possible follow-up. This example runs contrary to that of most, but it is an excellent example of what can be done effectively and simply. The second problern is that of expanding the understa~~ding of the kinds of signals in the environment that may well have a security implication. In the past it was reckoned that it was sufficient for the defence, home affairs and foreign ministries to focus on security threats while the non-security agencies focused on conventiona~issues such as public health, trar~s~o~tation and community relations. Today, the boundaries are not that cut and dried: a seemingly innocuous flu outbreak may well be a bioterrorist attack. Buses and trains may be subjected to terrorist bombs. Radical religious ideas may be circulating within the body politic, undermining community ties and fuelling radical recruitment. The upshot of all this is that the business of preserving national security today is now the preserve of both the traditional security as well as the non-security agencies. The third problem is that of institutional "stove-piping".This refers to the deepiy entrenched habit of government agencies the world over of operating in "information silos" detached from one another, even if they are working in say, the same national security dornain. Part of the reason for this stovepiping is sheer bureaucratic rigidity. Organizations are hierarchical and information tends to flow vertically from the street level to the apex, rather than horizontally. Another reason for this institutional stove-piping is more banal: bureaucrats in any domain tend to jealously guard information from one another. Whatever the cause, institutional stove-piping is no laugh in^ matter. The 9/11 Commission Report, put out by the U S Congress in 2004, demonstrates in detail how the inability of the CIA, the FBI and other US national agencies to coordinate and act on intelligence in a timely and effective manner played a role in the catastrophic intelligence failure that led to the attacks on September 11, 2001. The fourth problem area runs hand in hand with the issues of silos and stove-piping. This is the issue of mindsets. Virtually every intelligence failure (and policy failure) froin Pearl Harbor to 9/11 was attributable to some extent to rnindset problems. Whether it is an inaccurate view of reality, the refusal to deal with change, leadership pathologies, or the sycophants who surround leaders who have lost touch, the mindset problem is critical.

22

RISK ASSESMENT AND HORIZON SCANNING

The problem, as can be seen here, is very much an all-of-government problem. Therefore, the response that is required is an all-of-gove~n~ent issue as well. Networked government is part of the answer.

2.9 The Future Role of National Security The state cannot eliminate risk for itself, its citizens or those national and international businesses that operate on its territory.To expect this to happen under even the most ideal circumstances would be delusional. The state will continue to face a number of threats from other states, political extremists, transnational organized crimes, natural disasters, man made disasters, market forces and environ~entaldegradation. The role of national security is to support the state and its interests while protecting it against threats. This role is expanding and will continue to expand, regardless of the wishes or plans of those involved. Senior leaders and policy makers will have to deal with these problems as they arise. By extension, national security intelligence will have to deal with ail of these issues as well. National security intelligence agencies will have to change and adapt quickly in the future in time periods measured in weeks or months. They will also have to reach outside their own institu~ionalboundaries to find the knowledge they need to rneet the challenges. If national security related intelligence agencies cannot assist the state by anticipating the types of problems that are coming over the horizon, they will face the threat of becoming redundan.t or will be relegated behind will those non-intelligence or ~~~~~

private organi~at~ons that can provide anticipatory warning

Chapter 3

The complex and Uncertain

International security Environment Newspaper headlines are filled with stories about the thredt of nuclear terrorism, biological attacks, and possible chemical accidents resulting in the deaths of thousands. Horror stories abound about everything from missing Soviet era nuclear weapons to biological labs being built in the apartments of radical jihadists. Rogue states may have long range missiles with nuclear warheads and trar~sriationalterrorists may be plotting to send a nuclear warhead into the heart of a city‘s harbor by hiding it in a 40 foot sh~pping container. Suicide terrorists lurk behind every wall or tree and hand held missiles shoot down unarmed civilian airliners. On top of these potential disasters, we are also told about pandemics that could kill millions, just like the Spanish Flu pandemic of 1918 that killed some 20 to 40 million people in a matter of months. Then there are fears of computer hacker attacks that could knock out our electrical power and phones. Global warming may now affect our weather and climate. Old nuclear reactors might produce another Chernobyl like disaster. On top of all of this, we might be running out of oil and water. Are we living in an “Age of Fear”? And if so, how do we even begin to deal with the threats and risks that are “out there”? In order to be able to work with a complex and uncertain inte~national ~ ~ v i ~ o n m eitn its, worth the effort to understand some of the terms and ideas. As such, this chapter will first identify a number of key t e r m and

RISK ASSESMENT AND HORIZON SCANNING

24

definitions, and then move on to deal with the new threat environment. The chapter will be structured in the following way: 1. Definitions of key terms such as threat, risk, vulnerability, fear and risk

2. 3.

4.

5.

managemer~t; A description of the types of threat actors that are in play and how these varied actors require a different type of intelligence response; An introduction to the concept of fragility in developed states and why this concept is of increasing importance to national security intelligence analysts; An example of converging technology trends that should serve as a warning to future problems in national and transnational terrorism and organized crime; and A description of complexity and why predictability is not possible in our in~ernationa~ system, despite the views that have been expressed by many people over, literally, centuries.

3.1 Threats Risks and vulnerablity One of the most difficult problems in dealing with national security is the issue of understanding the difference between a threat and a risk. Unfortunately, these two terms are often used interchangeably. Consider the following two hypothetical statements:

“There is a threat being developed by terrorists to use nuclear weapons against us and we cannot ignore this kind of risk,” and,

“We have never lived under such great threats before in our his tor^^ Both of these statements suggest that we should be afraid of something, but neither statement by itself is useful to intelligence analysts or policy makers because they lack clarity or any real indication of the level of action that needs to be taken. Let us first look at the term threat, and then compare it to risk. A threat can be defined in a number of ways, but for the purposes of national security

The complex and uncertain international security Environment

25

intelligence, it can be put this way: A ,threat is a potential for an individual or a group (source) to exercise (accidentally or intentionaily) an action which exploits a vulnerability. The key term here is potential.' The use of the term threat does not automati~allyimply any actual level of how much danger exists. For instance, one could say that there is a threat that transnat~on~l terrorists could obtain weapons grade plutonium and use it 'to contaminate a major port .facility or a passenger transit hub such as Victoria Station in London, UK. In today's age, this is in fact a possibility. But to say something is a "threat" is actually meaningless to decision makers. Just because there is a "threat"doesnot mean there is actually any real chance of it happening. Therefore the threat $0~ ~ ~ ~ ~ ~bxpkl~ ~ i 3 n statement is meaningless as it provides no indication of what action should be taken. This brings us to the term risk. While there may be a potential for tra~~snational terrorists to obtain such dangerous materials and then deploy them in a contaminatior~attack, what is the actual probability .that this wili happen?This is the concept of risk. Risk, therefore, can be defined as the ~~robab~lity of ha~mfu~ consequences arising from an action taken by a source to exploit a known vulnerability.This can be expressed in a number of ways, but one cornniorily used statement is that risk is equal to .the severity of the consequences multiplied by the probability of the event occurring. Therefore, the term risk, when used in its proper context, can be ~eaningful to policy makers as it implies a course of action or reaction that can he taken by them. Statements such as the two hyporheticals above are not reaily useful because they offer no insights to policy makers beyond the obvious. ~~~~~

~~~~~

'Part of this definitiori was taken from hMp~/www.disastercenter.corn/t@rror/~~-risk.ht~. See this site for more discussion on threats and risks

26 RISK ASSESMENT AND HORIZON SCANNING The issue of vulnerability frequently comes u p in be the Of relation to threats and risks. from ar\ o n c e again, however, ken by ld %8jrce to (a confusion about the use of fity. A risk ~~~~~~~~~t the terms and their meaning causes a hck of focus and ~~~~S~ of or ~~~~~~O~ that unhelpful actions. Simply put, vulnerability is a flaw or weakness that can he exploited by an attacker. It can be a weakness that is a result of a rnanmade situation, such as weaknesses in software programs that allow for easy hacking. It can also he a natural vulnerability, such as a long coastline of a sparsely populated country which is vulnerable to smuggling. As with the concept of threat, there is frequently confusion with vulnerah~lity.A vulnera~il~ty on a website may allow hackers to deface the site or take control of the banners.While this is embarrassing, it is not critical to the core interests of the website. If, however, the vulnerability allows hackers to enter the website and remove the credit card information of the customers, then this is a critical vulnera~ility.With policy makers, it is necessary that intelligence assessments make a pairing between the vu~ne~ability, and the actual consequences of the action. Without the distinction, policy makers may take unnecessary actions to protect minor vulne~abilities~ while a t the same time developing a sense of "fatigue" in responding to issues. Crying wolf on minor issues will cause policy makers to ignore larger issues when they arise later. 1Ve live in an Age of Fear? This is an unfortunate reality. While marly societies have become increasingly risk aversive a t any rate, the terrorist events of the 1990s and the 9/11 attacks have changed the way our societies operate. ~~~~~~

~~~~~~~~~~~

~~~~~~~~~~~~

~~~~~

~~~~~

~~~~~~~

~~~~~~

~~~~~~

~~~~~~~~

'Most of the information presented here on fear is adapted from the work by Dr. Arriitav Acharya at the Institute of Defence and Stratqic Studies, Manyang Technological University,Singapore. Fur further e information on fear and power in politics, see Arnitav Acharya, Age offear: Power versus ~ r i f l c j ~in/fhe War on Terror, Marshall Cavendish International, Singapore, 2004

The complex and uncertain international security Environment

27

The various government led discussions on terrorism, and the climate of fear they have created, have drowned out or blurred almost all other threat issues a t a time when numerous other problems should be receiving attention. The years since the 9/11 attacks have produced three main kinds of fear. The first and most obvious is the fear of an attack itself. Given the global nature of the attacks and their seeming randomness, it is not irrational to be fearful on an airplane, on a subway or at a crowded market area. Another form of fear is fear of the "hegemonic"or imperial state. Many governments have used the climate of fear to justify a whole series of security actions, many of which have little or nothing to do with terrorism itself. And lastly, there is the enhancement of the fear of a "surveillance state." While it is the private cornpanies who probably abuse privacy the most, the ongoing fear of the state having the ability to monitor private citizens on a constant basis has been increased since 9/11. Froen a national security point of view, two critical issues fall out of the discussion on fear. First 0% power does not defeat fear. The United States is the most powerful nation on earth and has a military capability to strike anywhere. At the same tirne, it is one of the rnosr fearful states. Fear can only be defeated by knowledge, experience and organization, It cannot be defeated by firepower or coercion. More power wiil not defeat fear as the relationsh~pbetween the two forces is asymmetric in the first place. In the case o f terrorism, a s methodology and not a ~~~~~~~-~ FEAW force, the terrorists have resorted to their violent veat attacks precisely because and expe they are the weaker party are the ~~~~~~~~~~, in the conflict. The second issue of concern to national security relating to fear is that of distortion. We are repeatedly given statements such as "terrorism is the greatest threat of our times" or "terrorism is the greatest threat to civil society." Is this actually the case? Terrorism can kill dozens or hundreds or even thousands of people at one tirne, yet a flu pandemic could kill millions. Cigarettes kill millions ~~~~~~~~~~~~~

~~~~~~~~~~

~~~~

~~~~~

28 RISK ASSESMENT AND HORIZON SCANNING while small arms are the greatest single source of violent death on a global basis. Resource shortages and economic disparities create both wars and famines. Organized crime is spreading fast under the cover of terrorism and it is penetrating legitimate businesses and governments. Clearly terrorism is important, mainly because of its ability to drive wedges into civil society and to tear apart the social fabric of multi-cultural societies. But it is by no means the greatest or only threat. ~Jnfortunately,intelligence agencies and others have focused on terrorism at the expense of other threats. This kind of distortion, especially in budget and resource areas, is a type of threat to national security itself. Ironically,this inadvertently plays directly terrorist groups: weakening societies by creating a Given the climate of fear, and the seemingly uniimited sources of risk (used in its proper context), how are the intelligence and law enforcement agencies of the state to respond?“Risk management” is a term used by many, but the lack of clarity in the national security context is rather shocking when it is examined. Large carporations are responsible to shareholders and they live in great fear of unforeseen issues that wipe out profits. As such, they go through a process of identifying their assets, their personnel, and their activities. Following that, they identify the localized or globalized threats to their companies. The results are put on a matrix and those high probability threats that carry hiyh potential for losses (i.e., high risk) are dealt with first. The vulnerabilities that caused the threats are addressed and therefore the risk is lowered. Following that, lower probability issues are assessed (along with their potential for losses) and they are addressed later. Again, it may come as a shock to many people both inside and outside of the national security and i n t e l ~ i ~ e ~communities ce that most countries have never gone through the exercise of doing a national level risk assessment. The risk assessment process tends to be disjointed and focused more on

The complex and uncertain international security Environment

29

ind ivid ua I issues (crime, terrorism, threat of invasion) and do not take an overall view. As such, national security priorities are never id~ritifiedand the responses t o them tend to be unfocused and driven by the "flavour of the month" approach c)r whatever issue will yet the most funding in the next budget. Resources and manpower are limited. As such, ~ o v ~ r n ~ r ~ ealready nts, operating under d i ~ c u lcircumstances t cannot afford unnecessary distractions caused by waste. Consider the following statements from a ~ o v e r n t Accoiintability Office (GAO) reports on threat assessments:

"What is important about intelligence agency threat assessments is the very critical distinction between what is conceivable or possible and what is lik~ly in terms of the threat of a terrorist attack. Some of the public s~a~e~nents mude by intel/igence ~ommunityofficials about the terrorist CBRN threa~do not i n ~ l u d ei m p o r ~ a nqualifications ~ to the informatio~they present. Rased upon our reading of the classified threat documzrirs, such as national intelligen~eestimates, such qualifications include the fidelity and a m o u n ~of credible intelligence, the terrorists' in tentions versus their capa~ilities,w h e t t ~ ~ r the target is m i l i ~ or a ~ivilian, ~ whe~herthe target is inte~nationalor d ~ m ~ s ~ i ~ ant? whether the enemy is a government or terrorists w i t ~ o u foreign t ~overnmentsponsors hi^. ~ i t h o uthe t benefits that a threat and risk assessmefit pr~vides,many a ~ e n ~ i have e s been relying on worst case scenarios to generate countermeasures or establish their programs. Worst case scenarios are exireme 5ituation.s and, as such, may be out of balance w i ~ hehe threat. In our vie&% by using worst case scenarios, the federal g o v e r n ~ e n tis fo~usingon vulrierabilities ~ w h i care ~ i unlimited} rather than credible threats ~ ~ t i i are ch ' S e e the IJS ~overr~~7ient's report of GAO/T-NSIAD-OO-l45, Cornhating 72rrorisrn: lssires in M ~ n u ~ i n ~ ~ ~ u n f ~ f ~ ~Programs, f f o f i s ~Statement of Norrnaii J. Rabkin, Director National Security Preparedness lssiies, National Security and International Affairs Division Testimony before the Svbconimittee on Clversiglit l n ~ ~ s ~ ~ and a t ~Emergency ns, ~~nagerflent, Committee (~n'rra~spor~a~iofl and lri~rastru~ure, I-louse of Representatives Urlited States General Accounting Office. It is available through the GAO ofice or it can be found on the on the World Wide Web at: http~/~~ww.gao.gov/arcl-ii~e/2000/ns0014fjt. pdf.

30 RISK ASSESMENT AND HORIZON SCANNING lirnited~.By targeting investments bnsed on worst case scencrrios, the ~overnmer)t may be over f u n ~ i some ~ g jni~iativesand ~rogramsand under fundjn~ the more likely threats the country will face. These types of ~ u a l i ~ c a t j o n . ~ are important because, without them, decision makers in both the executive or legislative branch may get an exaggerated view of the terrorist threat"

As such, what a risk actually is, as distinct from a threat, is frequently overlooked and the responses are - to put it politely -- inadequate.

3.2 Types of Threat Actors Multiple threat actors exist in the international environment and the national security intelligence agencies must be prepared to contend with all of them a t one level or another. Some of the threat actors are decidedly high technology forces, while others could be referred to as low technology brutes. it is not easy to categorize or identify them all, but Robert David Steele' has provided one such categorization which is useful for thinking about the problem. He uses four classes of threat actors as a means of generating an understanding of how to deal with the threat e n v ~ ~ o n r ~ e n t . The four classes he identifies are: a. b. c. d.

High Technology Brutes, High Technology Brains (technology, and knowledge based), Low Technology Brutes, and Low Technology Brains (ideological and culture based).

Let us consider each one of the types of threats in turn and consider the problems that will arise in dealing with them from a national security intelligence point of view. 'This section on Types of Threat Actors draws heavily and almost exclusively from Robert Steele. He has written extensively on the issue of the various classes of threat that exist or are emerging. See, f t iWar o ~ And The Future Of The Corps, among many others, for further information: The 7 ~ f f n ~ f o r ~ fOf Mzjor Robert David Steele, USMCR, 28 April 1992, available at: http~/www.well.com:70/0/MiIitary/4_. warriors. See also "The Asymmetric lhreat: Listening to the Debate,"Joint Forces Quarterly, Auturnnl Winter 1998-1 999, pages 78 to 84 which is also available on the World Wide Web at: http://www.well. corn:~O/O/~iIit~ry/4-~arriors. See also Robert Steele, 017 /nre//igence,Spies andSeirecyin on Open World, OSS International Press, Oakton Virginia, October 2001.

The complex and uncertain international security Environment

31

a.High Technology Brutes. This is the Threar that most intelligence personnel imstinctively understand and they have been the traditional state-to-state ~~~~

threat for the last several hundred years. The examples of this kind of threat are the conventional state powers that have organized military forces. These states are equipped for, and practice, medium and high intensity warfare. The forces they use are complex, expensive and require extensive logistics support to keep them in the field. The source of the power of these states is taxation and conscription or highly paid volunteer armies. They depend on technology for their effective communica~ionsand intelligence. Their precision targetir~gof munitions provides them with some effectiveness. Unfortunately for such states, the balance of power is shifting away from state supported organized forces and moving towards autonomous groups with electronic support and towards single individual or small groups who can target complex systems which are difficult to defend. In many ways, the capability of states no longer matches such threats. b. Low ~~~~~~~~~yBrutes. These are the types of threat actors that first began to prominently emerge in the 1980s and 1990s. Two of the best examples of this type of threat are the drug cartels and traditional old style organized crime (Sicilians and Albanians are current examples).These types of organization practice criminality and conflict at a low-intensity level.Their source of power is their ruthlessness and their ability to create ambiguity and unanticipated scenarios.They rely on natural stealth and random targeting for their effect. Tracking them is the classic needle-in-a-haystack problem and they use randomness of both methods and objectives to frustrate physical or electronic surveillance. They have wealth and a steady supply of expendable individuals to use a t the front lines of their operations. They do not necessarily have a supporting ideology or belief structure, beyond that of profit. However, at least in the short term, their capabilities match their goals and requirements.

32 RISK ASSESMENT AND HORIZON SCANNING c. Low ~~~~~~~~~y These groups may pose the largest and most significant problem t o national security intelligence agwxies for the foreseeable future. They are reliant on popular appeal to the masses and are relatively impervious to attacks from higher technology forces, especially ifthe attdcking forces do not maintain the ideological and moral high ground. It is extremely difficult, if not impossible, to defeat such a forte using only brute force. They can only be defeated by a comprehensive ideological, moral, and cultural catnpaign that wins support away from the grass roots. The bottom line of their support is actually rather simple. If the existing institution^ (i.e., the state) are not providing a degree of economic and social stability, then the low technology "brain" groups can receive support by promising the masses a form of either salvation or comfort in the future. These groups also attempt to dominate the moral arena, and when they can they have a powerful persuasive force at their disposal that can move their members to undertake spectacular feats against more powerful opponents. Their ability to create amb~guiryand confusion is a major capability. like many other non-state violent actors, they have also become expert5 at exploiting legal loopholes in various states and will ofken rnake their international plans accordingly. These kinds of groups are not adverse to using high technology and it serves them. But their strength comes from brute force attacks such as bombings, hijackings or assassinations, not from sophisticated attacks such as computer viruses or hacking into bank mzounts. It is still not clear if their capabilities will clearly match their goals and r~quirementsin the long run, but in the short term, they appear to be successful. ~~~~~~~

~~~~~~.

d. ~j~~ ~ @ These ~ types of ~ threat actors ~ are associated ~ with ~ high end hackers who hack for monetary profit, friendly and unfriendly nations that practice economic espionage, transnational corporat~onsthat are linked to or operated by organized crime, money launderers for drug cartels, and similar groups and individuals.~heypractice i n f o ~ m a ~ warfare, ~on have knowledge as their source of power, and rely on cyber stealth and data~asetargeting for their effect. Individual hackers are r~lative~y untouchable, especially if they operate across state borders. It is worth noting that high end hackers can exist and operate in states which are otherwise seen as being low technoiogy environments. As a general rule, their capabilities are w e ~ l - ~ a t c h etod their goals and requirements.

~

The complex and uncertain international security Environment

33

As can be seen from the four categories above, each type of threat possesses a different set of skills and capabilities. Each category also requires a different sort of response,This constitutes a serious problem for the national security intelligence community. Intelligence requirements and capabilities against the high technology brutes are -- on average - fairly well developed in most states. The intelligerice institutions of many states were designed arid funded with foreign threats in mind and have developed accordingly. Not only that, the structure and organization of the intelligence agencies themselves usually mirrors the structure and organization of the states that are perceived to be d threat. As with the high technology brutes, intelligence capabilities for working against low technology brutes are reasonably good in most states. Long practice and experience have built up a knowledge base on how to work against low technology organized crime,These organizations (frequenrly family based) also have a predictable structure and organization which facilitates intelligence collection against them. The most problematic intelligence problern is that of the low technology brdins. Dealing with this form of political violence and terrorisrn is fundame~tallydifferent and more complicated than even previous forms of terrorism. Previous experience with terrorist groups such as the Irish ~epub~ican Army or the Bader-Mienhoff Gang may not be of direct use. In the past, many such terrorist groups developed a clear structure and o~gani~ation which could be mirrored by intelli~enceor law enforcement agencies. Such groups also had political agendas that were relatively clear. As such, designing an intelligence collection program to operate against them was a straight forward (albeit difficult) task. Why make a distinction between groups of the past and the threat posed by contemporary terrorist groups such as al-Qaeda and other such

group^?^ Even though al-Qaeda had a relatively clear structure and organization, it lacked a direct political agenda.The destruction of the House of Saud and the removal of American troops from Muslim majority lands may have been ________^.

...

31hisextract is taken from the Institute of Defence and Strategic Studies Commntary Paper entitled “ ~ o n ~ ~ m pTerrorism ~ r a ~ yand intelligence^' by Sir Richard Dearlove and Torn Quiggin, 7 August 2006. It is available on the World Wide Web at: hbp~/~w.idss.edu.sg/pu bli~arions/Pe~specr~~~/lDSSOS22001j.

pdf.

34 RISK ASSESMENT AND HORIZON SCANNING

al-Qaeda goals, but it does appear that al-Qaeda was more about ideology than a specific agenda Due to the success of the attacks against al-Qaeda in Afghanistan and investigations in other countries, al-Qaeda has mutated. It no longer has a viable structure and organization nor does it have a clear political agenda other than some vaguely stated ideas about restoring a caliphate reaching from Spain to Indonesia. Recent attacks such as those in London, Madrid, and Mumbai have been planned, financed and executed by locally formed groups acting without central direction. These groups lack the structure and organization that was typical of earlier terrorist groups. The lack of defined structure and organization on the part of contemporary terrorist groups poses significant new intelligence collection challenges to intelligence and law enforcement organizations. Infelligence collection in the p a s t h a s been designed to confront other intelligence organizations, or to collect intelligence against organizations that have si m i Ia r hieia rchicaI structures. Conternporary terrorist groups do not have such structures; t h e re fo re i n t e I I ig e n ce collection efforts have to be recast in order to more closely mirror the groups they are working against.

3.3 The Fragility of the Developed ststes Fragility is not a term that is used often in discussing national security in many countries. However, it is increasingly apparent that modern developed societies are vulnerable due to the complexity of their infrastructure systems. This applies to energy supplies, communications, banking services, water, stock markets, air trafTic control systems and a host of other networks.

The complex and uncertain international security Environment

35

Reduced to its most basic description, the fragility of our infrastructure systems is an unintended consequence of the nature and o r g a n i ~ a t ~ofo ~ our highly centralized technologies. We have built an interlocking series of supply and support services with no overall consideration for how vulnerable a system this process was creating.* On top of these problems, we have a series of other \/ulnerabilit~esbeing built into the system as well. The highly successful "just-in-time" delivery systems now mean that there is very little excess stock available should there be a supply disruption. While this may not be critical for DVD players or flat-screen TVs, the issue is critical when energy or food supplies are considered in some countries. As such, these highly complex systems are vulnerable with wide spread failures becoming increasingly likely. The major power outage in Auckland, New Zealand in 7 998 left some business without power for weeks. In August 2003, large portions of the American Midwest, Northeast and Ontario, Canada were lef? without power, Some 50 million people were affected due to a series of cascading grid failures that were not anticipated. In September 2003, another 60 million people were left without power in Italy, most likely due to a tree hitting a power line in Switzerland! Similar failures have occurred in London, UK (2003), Kuala Lumpur ( 2 0 0 3 ) , and numerous other areas. The reasons for failure in OUT fragile systems can be varied. Among the most common are acts of war or terrorism, atlacks from disgruntled former employees, technical failures, or weather. These technical factors are being aggravated by legislative factors

'For this arid further information on the issue of fragility, see Amory 8. Lovins and L. Hunter Lovins, 8rirr-lePower: Energy Struregy for ion^/ Security, Rocky Mountain Institute, Snowrnass, Colorado 1982. The book has been updated (2##1) and released on the internet and is available at: httpJ/wmv.rrni. or~jitepages/pidl#~ 1 ,php

36 RISK ASSESMENT AND HORIZON SCANNING such as deregulation and privatization, both of which are responsible for decreased investment in infrastri~ct~~re and tower levels of redundancy and maintenance. This fragility has not been lost on terrorists at both the narional and transnational level. In 1982, authors Amory B. Lovins and L. t-tunter Lovins noted that the disruption of energy supplies had become something of a fad with terrorists.7 Following an attack on a French oil tanker in 2002, Qsarna Bin Laden released a statement that cut to the heart of the matter: "the mujaheddin hit the secret line, the provision line and the feeding to the artery of the life of the crusader's nationl'Oil, in other words, is the lifeblood of many developed states and terrorists know this. Other attacks against oil and gas have occurred in Iraq, Indonesia, Saudi Arabia, Nigeria, Iran, Pakistan, India and Russia. ~ n f o r t i ~ n a t ecurrent l~, developments suggest that fragility will continue to be a major issue. An ongoing drive for "efficiency" and profit means that r ~ ~ i ~ n d a are n c being ~ e ~ removed from marly systems. An increased amount oftech~ologica~ speciali~ationmeans that more systems are becorning fragile while at the same time, aging infrastructure such as power grids are becoming weaker due to age and overloads. From a national security intelligence point of view, this means more vulnerabilities that can be exploited.

3.4 Converging Technology Trends and the Threat Environment The intelligence community regularly monitors trends in technology to identify which of them may become either a threat or an asset to national security operations. What frequently gets missed by observers is the issue of convergence and adaptation. New threats often emerge not just from the d e ~ e l o ~ m eof n t one new technology, but rather from a cornbination of new technologies or an adaptation of new methods and uses for existing technologies. Fringe groups and small groups under pressure tend to be best at: cornbining new technologies or adapting them to uses for which their 'For more details in this ~rruesee Amory B Lovins and L Hunter Lovins, Rntlle Power Fnerqy S r r ~ f ~ g y br ~ ~ rSecurity, / ~Rocky ~ Mountain ~ ~ /Institute, Snowmass, Colorado T 982

The complex and uncertain international security Environment

37

original desigriers did not envision. Two of the best examples of this are the 9/11 attack5 and the use of turntables by rap musicians. Jeff "Skunk Baxter IS a fcxmer rock guitar musician (The Doobie Brothers and Steely Dan) who now makes a living as a consultant to a number of major consulting firms, many of them connected to the American defence community. He states the case quite clearly when he notes, "We thought turntables were for playing records until rappers began to use them as instruments, and we thought airplanes were for carrying passengers until terrorists realized they could be used ds missiles."' While there are many examples of convergence, the following is a n explanatory example of one set of four trends that are already converging to create new national security problems. These four trends are: __.

1. i he uncontrolled spread of information and improved technologies to build better home made weapons; 2. The droppirig costs of technology and materiel acquisition; 3. The increased availability of raw materials to build weapons; and 4. The trend towards self-directed and self-funded terrorist attacks by locally formed terrorist groups using do-it-yourself (DIY) technologies.

Both the internet arid regular book publishers are increasingly becorning sources of information for DIY information on how to make all types of explosives. The internet is an excellent source of information for learning how to make home made weapons of all types. There is little to no effort made to control or suppress this information. Ironically, one of the most (in)famous ai-Qaeda training manuals, known frequently as the " ~ a r i c ~ e s t e ~ Manual"' is available on the internet at a site hosted by the United States Govc?rnrnen.tD e p ~ r t ~ ~ofeJustice." r~t It contains directions on how to make 'For further in~~rrnation on this see the article Rocker ieff Baxter M o m and Shakes In National Security. Once With Doobie Brothers, Now in Co~~ntertefrorisrr~, He Has Ear of Pentagon," by Yochi J. Dream$ Staff Reporter ofThe Wall Street Journal, 24 May 2005, page A l . 'This manual received the name the "Manchester Manua1"after it was found during the search of a suspected al-Qaeda member's house in Manchester, Uti. It was translated and entered as evidence during the"Ernbassy $ornbi~g"trialin New York in 2001. I@

See the United States Department of Justice website for a copy of the Manchester Manual at: http:// w\Nw.usdoj.gov/ag/manualpartl-1 .pdf.

38 RISK ASSESMENT AND HORIZON SCANNING a number of chemical and biological substances as well as offering guidance on "Assassinations Using Poisons And Cold Steel" (Lesson 16). Print manufacturers are useful as well, with a wide range of books available. Among the best of the older books for creating mayhem is the Anarchists Cookbook which is also now available in an updated web version." Among the newer and more dangerous books are examples such as Uncle Fester's Home Workshop Explosives. This book, which is available on Amazon. among other places, describes the process to man~~facture a number of different explosives using material that are easily available. Among the explosives described for home manufacture are: RDX, ammonium nitrate, acetone peroxide blasting caps, nitroglycol, nitromannitol, PETM and fuel-air explosives. In another book, Silent Death, the same author discusses how to manufacture biochemical weapons such as tabun and sarin gas, botulinum (botulin toxin), ricin, phosgene, and arsine. On top of the current explosives being manufactured, internet articles also discuss new explosive technologies such as superthermites and nano metals. Articles and manuals also exist for the DIY manufacture of the deadly poison ricin. This poison can be manufactured in your kitchen for less than twenty American dollars; provided the producer has access to normal kitchen equipment." This form of ricin production will create a powder that will field test positive for ricin. While the increasing availability of information about the home manufacture of weapons is increasing, the cost of technology is dropping for all consumers, including terrorists and those involved in activities such as organized crime. While the criminal elements can profit from lower costs of mobile phones, internet access and electronic products, they also have increased access to low cost technologies such as cell phone jammers. Among other things, cell phone jammers are useful for protecting remotely detonated bombs during the deployment phase. See the new version at: hrtp://~iome.tiscaIi.be/comicstrip/anarcoo~indariarcook.htrt~I

"See Amazon.com at: http:llv~ww.amazon.eom/Workshop-Explosives-Second-Uncle-Fester/ dp/0(370148.~2/sr-8-l/qid=1157446106/ref=sr~l~l/l02-2322972-418493~~ie~~F~~~b~~~s. 'is

The author conducted an informal experiment by purchasing the required items from a garden supply store and a drug store.7'he cost was less than twenty Aimerican dollars.The raw materials and the directions obtained from the internet were taken to a Level Three laboratory and were presented to lab experts on toxins. It was their opinion that the powder that wolrid have been produced would have field tested positive for ricin.

The complex and uncertain international security Environment

39

Overall, the costs of conducting terrorist attacks are dropping rapidly. Loretta Napoleoni is an economist and long term expert on terrorist financing. In an interview with the BBC World Service she stated that: "Ifyou look at 911 ?,which cost only $500,000 to execute, and then you look at all the subsequent attacks that have taken place - going from Bali to lstanbul to ~ a ~to ~London i d - we actually see that the cost of the attacks is decreasing e x p o n e n t i ~ l ~ ' ~ The cost of the London bombing was estimated to be just a t or below one thousand dollars. The Madrid bornbings, just over a year earlier, were estimated to have cost some $10,000 while the cost of the Bali bombing (2002) was estimated to be around $35,000. Whatever the actual costs, the trend is clear that the costs of operations for carrying out such a major attack are dropping. Given the widespread availab~lityof information and raw materials, it is highly probable that the costs for terrorists will remain low while their lethality increases. The manu~actur~ of explosives and biochemical weapons requires access to a number of raw materials which were previously either hard to find or raised suspicions when ordered. This is changing as both the availability of raw materials is growing as is the understanding of materials that can be obtained from common commercial products. Aluminum powder, for instance, is now generally understood to be useful for increasing the power of ammonium nitrate explosives. This powder is ofteri available in a painter's shop. Another example is acetone which is used in the production of ricin. Rather than trying to obtain acetone directly, purchasers can buy nail polish remover which is available in any drug store or cosmetic shop. Information also exists on how to purify such useful ingredients as glycerin or how to synthesize nitric acid with ~ i n i m aequipment. l Due to the attacks against al-Qaeda in Afghanistan (2001 and 2002) and the large scale investigations and arrests in other countries, al-Qaeda is no longer the leading organization that is was in the 1990s. It no longer has a viable command and control system. The attacks in Mumba~(2006) London (2005),Madrid (2004, Istanbul (2003) and others were planned, financed . -

the BBC story"London bombs cost just hundreds" by Michael BuchananJuesday, 3 January 2006, 0O:OO GMT.

40 RISK ASSESMENT AND HORIZON SCANNING and executed by locally formed groups acting without central direction. These groups lack the structure and organization that was typical of the earlier al -Qaeda operations.The attacks do, however, demonstrate that locally organized, directed and funded groups are capable of launching high impact, low cost attacks with materials that are widely available. Other such &Tacks have been prevented.The arrests of eight British individuals and one Canadian on 28 March 2001 demonstrated that these”self starters” had a good working knowledge of ammonium nitrate and aluminum powder explosives which would have been highly destructive.7’ The London attacks of July 7th 2005 may be the best example of the convergence of the trends. The group in London did not receive its training, financing or equipment from al-Qaeda. They were self-starters who sought out their own involvement and were not “recruited”in the traditional sense of the term. The choice of targets was their own, albeit in line with the general aims of the ”economic jihadl’aimed a t inflicting the highest possible economic costs on the target country. At the same time, the London bombers appear to have made a sig~i~cant breakthroi~~h by using homemade TATP (triacetone triperoxide).This explosive has been used before by other more organized terrorist groups, but this may be the first example of a locally organized and funded group using DIY home made TATP successfully. The base ingredients for TATP are available in most states and can be bought as drain cleaner, bleach and acetone. Ail of these substances can be bought without raising suspicion from even a vig~lar~t observer. Based on these four trends alone, the outlook for national security operations is not positive. Terrorists, organized crime figures and others involved ira various forms of political violence may soon be able to widely produce “do it yourself” high explosives that have the same destructive capability as TNT or C4. At the same time, the technology for making home made fuel air bombs is also gradually becoming more popular and may also make its appearance during an act of political violence. The same can be said of biochemical products such as ricin or similar substances. While 1%

For a good overview of the CanadianAJK case, see the Ottawa Citizen story ~ n t i t I e d ” ~ 1 ~Khawaja n~in comtitutes the Canadian end of the conspiracy,” published on Thursday, 23 March 2006. httpJ/vvww. canada.com/ottawacitizc‘n/newslstory.html~id=~~~~2~d-d9~~)~4e~~-a4b~-392ebSfaaf34&k=75 162.

The complex and uncertain international security Environment

41

hard to weaponize, the use of such toxic substances, even a minor dispersion with minimal or no fatalities, would result in a huge disruption and high cleanup costs.

3.5 Complexity and Uncertalnty in the international systrm Leaders of all sorts want control over the organizations they lead and the environmer~tsin which they operate. This is especially true of national level decision makers involved in the field of national security. For leaders who are concerned with policy and operations in the international environment, the ability to control the factors that affect them is limited, and especially so for less powerful states. If they cannot have control, then leaders and decision makers want an understanding of the env~ronment,so as to avoid risk or damage. Part of this desire for control is clearly connected to the idea of predicting the future. Is it possible to predict future events that will be of concern to leaders and decision makers who work in the ever expanding field of national security? Simply put, it is not possible to predict the future, no matter how much data is obtained or how much human or machine processing is done. Multiple reasons exist for why is it is impossible to predict the future. Two of them are quite clear and easy to understand. The first one is that the variables we need to track for predictability are not constant arid they operate in an open system.The second one concerns the number of variables a t play and how many outcomes can occur with just a few variables. Many people still believe that if you understand why one intelligence failure occurred, you can take that information and prevent the next failure. This is a false assumption. The reality is that the international threat environment is an "open" system and there are multiple variabies that afTect each situation differently. You will get predictability in a system only if the exact same variables occur in the same order in the same env~ronment.'This will occur only in a closed system that operates in a controlled environment. However one conceives of the interriational threat er~virori~ient, it is not a closed system with constant variables.Therefore, the same set of circumstances will not occur and predictability based on past learning is not possible.

42 RISK ASSESMENT AND HORIZON SCANNING The other main problem with predictability is the issue of the number of variables a t play. The assessment process simply cannot capture the number of variables a t play and make sense of them. Consider an arialyrical problem where there are only four variables at play. To put the problem in a different light, consider that there are four variables and it is your job to "connect the four dots" in such a way that your intelligence consumers can understand the outcome of this connection. With only four dots to connect, there are six different ways of linking up the dots. With these four dots and six different links, it is then possible to see that there are sixty-four different possible patterns that could be formed. Your intelligence consumer can now see that there are sixty-four different ways of connecting the dots or sixtyfour different possible outcomes to a problem that has only four variables. An intelligence problem with only four variables is an unlikely event, however. Perhaps a more realistic intelligence analysis problem would have ten variables. How many different ways are there to connect the dots? The answer is quite startling. With only ten different dots to connect, there would be a total of forty-five different dot patterns that could be created. What is stunning, however, is that the ten dots and forty-five patterns can produce 3.47 trillion different outcomes. Needless to say, even with the most advanced computers, doing the calculations for 3.47 trillion different possibilities is a daunting task. Even this assumes that each variable can be reduced to a mathematical form so that the binary decision making process of a computer can handle the problem. At the end, all you would have is a report to your consumers that says there are a few trillion different possible outcomes. With all of this understood, it should be clear that each real world intelligence problem in national security is likely to have hundreds or maybe even thousands of different variables at play. The number of possible o ~ ~ t ~ o r nineas real world situation would be astronomic.

3.6 Predicting the Future It is not possible to predict the futLire.Tirne and resources which are expended in trying to do so are largely being wasted. This is not to say that the

The complex and uncertain international security Environment

43

intelligencecommunity at large should simply give up. The survival of some states and the prosperity of many depend on the states’ ability to react intelligently in a time of crisis. In the case of a major naturai disaster or large scale terrorist attack, it is not so much the event, but the reaction, that matters. Leaders and decision makers a t all levels need to react in the best possible way and they need to be informed ahead of time about the problems. While predicting the future is not possible, it is possible to anticipate the types of problems that are coming over the horizon before they arrive. This form of risk assessment and horizon scanning will be discussed in later chapters.

This page intentionally left blank

Chapter4

Strategic Intelligence Assessment and surprise Attacks

Operating in the international environment is a complex task, requiring broad based expertise in a number of fields such as politics, economics, law, military affairs and psychology. In order to decide on how to act in crisis or in conflict "a person must predict how others will behave. If he seeks to influence thern, he needs to estimate how they will react to the alternative policies he can adopt."' The intended role of strategic intelligence assessment is to provide actionable knowledge or anticipatory warning to decision makers. The key word in this is actionable, or as otherwise stated: "Knowledge, if it does not determine action, is dead to us.? This actionable knowledge should anticipate risk through foresight into complex situations. However, one of the most remarkable aspects of human history IS the continuity of strategic surprise and the associated intelligence issues. Perhaps even more interesting is that while the causes of the failures appear to have been consistent over history, they have been repeatedly studied and then the failures have re-occurred, usually for the same reasons again.

'Robert Jeivis, Perception andMijpe~ce~fio~ in /n~ernuriona/ Poiitics, Princeton Oniveisity Press, Princeton, NJ, 1976, page 32. 'Walter ILaqueur, World of Secrerr,Weidenfeld and Nicolson, London, 1985, referring to Plotinus Rome

205-279 AD, page ix.

46 RISK ASSESMENT AND HORIZON SCANNING of the key reasons is that the entire field of strategic intelligence lacks a positive working theory that can explain the capabilities and limits of the field. With no accepted working theory, it is d i ~ c u l to t frame discussions about how to make changes and imp~ovements.A limited theoretical basis now exists' and it is useful as a means of discussion, but the field is a long way from being considered a mature one. Before examin~ngwhy this is so, it may be worth looking a t two themes that will underlie this chapter. After that, the chapter will look at how key intelligence terms are defined and how the process of intelligence works.

4.1 Underlying Themes Two themes will underlie this chapter. The first is that the problems whit-h in the past have plagued decision makers whert they have Tried to reduce strategic surprise are comparable to those same problems of today. Ancient authors, such as Sun Tzu and Thucydides, were separated geographically by thousands of kilometers, yet they observed similar views on how their societies reacted in times of crisis, especially with respect to predictability and the avoidance of strategic surprise. The behavior of their two widely divergent societies was similar, as they held out that oracles and other divine devices would provide them with the predictive insights they wished. The Prussian strategic thinker, Karl von Clausewitz, writing in the 19th Century, observed many of the same problems as the ancients. The second underlying theme is the information revolution and what it is doing to intelligence analysis and strategic surprises. At the close of the 20th Century, considerable discussion had evolved from the rapid advances in technology, especially as it relates to information. The high priests of the info~mationrevolution, such as the futurist authors Alvin and Heidi Toffler, and Bill Gates of Microsoft, had outlined a positive view of the future and how the spread of information would help. Unfortunat~ly~ the informat~o~ ~ e ~ o l u t i ohas n a negative aspect as well. As the means of producing and *See the paper "Studying and leaching about Intelligence: The Approach in the United Kingdoin" by Michael S. Goodman. It is part of the CIA series of intelligence papers and is available to rhe public oil the CIA'S primary website at: www.cia.gov or a t t~~ps://www.cia.gov/csi/st~dies/vol50noZ/html~~files/

Studyliig-~~achirig.-b.htm.

starategic intelligence Assessment and surprise Attacks

47

t r a r ~ s ~ ~ i t information tir~g increase, so does the volume. The rapid increases in both technology and volume have created many more opportunities for distortion of that information. For anyone interested in international relations in general, the information revolution poses immense challenges."

4.2 Definitions Considerable difficulty exists in any investigation into the rather huge field of intelligence. Defining terms which are ill-defined or misunderstood is a key part of the problem. Even the term infe//igence is broadly misused in academic literature. For instance, Jarnes Der Derian defines intelligence only as a covert activity.5 Many, if not the majority of observers, believe that the terms infe//igen~e and spying are synonymous.7he popular literature available as well as TV and movies have reinforced this view. The term i ~ ~ e / / i g e also ~ c e conjures up visions of secret agents dashing about the planet ordering vodka martinis'lshaken, not stirredl'This f i c t i o n a ~ i ~ e ~ i-lollywood version of what is more properly known as covert action does not reflect what the vast majority of intelligence workers actually do. Intelligence is also viewed as a technical activity whereby imagery and communications satellites collect otherwise inaccessible info~mation.This popular view is closer to the reality. Rarely is intelligence pictured, however, as being a group of analysts in their work spaces trying to make sense of the data and in for ma ti or^ provided to them. in most cases, however, this is what intelligence is, particularly at the strategic assessment level. In order to achieve a degree of conceptual clarity, the terms used in this chapter will be defined and explained. The definitions used will be those that are either clearly defined or generally accepted within the intelligence ~ i r ~ f o r ~ ~overload a ~ i o nand getting ail the right information to analysts was an intelligence problewi as early as the late 1960s. See Major General Sir Kenneth Strong KBE, CB, Men ~~/nre//gencc?, Cassel and Company, London, 1979, pages 1 52/153. See also Henry Ransom, The /nle//~~c?nceEstab/isishnlgnt Harvard [Jniversity Press, Cambiidge University Press, 1970, pages 106-1 07. Ransom writes that US congressmen believed that an excess ofdara and a paucity of assessment may have been responsible for such events as the North Korean seizure of ttte Pueblo in 1968, the israeii attack on the Arnerican ship Liberty in 1967,and the surprise cornmunist offensive of7'et in 19668. 'Jarnes Der Deiian, ' ~ n t i . ~ ~ i p l o mIntelligence a~y~ Theory and Surveillance Practice,'' published in / n t e / / i ~ ~and i~cN e ~ r i ~ nSecurity, a/ Vol. 8, No. 3, July 1993, page 3 1.

48 RISK ASSESMENT AND HORIZON SCANNING community. Where a possibility of ambiguity exists due t o multiple ~nterpreta~ions of the same term, one usage will be identified and adhered to throughout the chapter. As the major focus of the chapter is strategic intelligence assessment, this term will be broken down and defined first. For this chapter, the term strategic will be used in a broad form, that is “important, a matter of concern to the national government.” In temporal terms, something that is of interest to strategic assessment can be historic, current, or of future concern. I t will include military, economic, and political rnatters as well as issues such as resources, terrain, demographics and ir~fo~mat~on technology capability. This definition will be closer to the work of strategists such as Sun Tzu rather than the latter day views of others such as Clausewitz or Jomini. For SunTzu, strategic thinking had to include eight main areas of concern: economics, sovereign power, the character of generals, o~ganization, movement, control, terrain and weather.* This is strategic thinking at its broadest. For Jomini and perhaps even Clausewitz, the term Strategic was much narrower and tended to include factors that were only relevant to tactics and the battlefield. Modern day decision makers and strategic assessment analysts are forced to deal with a complex environment with multiple factors sometimes spanning the entire globe. As such, it is appropriate to use a broader rather than a narrower definition of srrategic. The definition of intelligence is somewhat more problematic, given the broad spectrum of interests covered by intelligence. At a basic and benign level, intelligence can be defined simply as processed information. Or it can he more specific when it is described as being ”knovdedge and analysis designed to assist action.”3 At its most aggressive, intelligence has been described as “the continuation of war by clandestine interference of one power into the affairs of another.”’ Each of these definitions is narrow, however, and none of them take into account the depth and breadth of knowledge and activities that fall under the broad heading of intelligence.

‘Sun Tzu: TheArt of Waf, translated by Samuel 6. Ciriffiths, New York Oxford University Press, 1963. ‘Robert Rowie, as quoted in Ernest May, Knowing One’sEnemies,Princeton University Press, Princeton,NJ, 1986, page 3. ‘James Der Derian, “Anti-diplomacy, intelligence Theory and Stirveillance Practice,”op. cit.

starategic intelligence Assessment and surprise Attacks

49

There has been much discussion over the issue of whether intelligence should be defined as a science or a craft. General Maurice-Henri Gauche argued that intelligence is potentially an exact science. As the iong time head of the French Deuxikme Bureau, he held great sway in the 1950s.’ Despite some strong supporters for the “science” side of the debate, intelligence defies categorization as a science and remains very much a craft. Walter Laqueur, a long time historian and expert on intelligence, sidesteps the debate of whether or not intelligence forecasting should be defined as a scierice or a craft when he argues that success in being predictive is more a rnatter of basic assumptions than it is methodology.”l~thebasic assumptions are! correct almost any approach will do; if they are wrong, even the most sophisticated method cannot repair the damage.”” Laqueur is clearly in line with Karl Popper when he quotes Popper as saying that it is doubtful whether long term predictions can be made. Popper felt that long ‘term predictions could apply only to those systems that are isolated, stationary arid recurrent. These system are very rare in nature and ”modern society is not one of‘ them:’” Sherman Kent, in his classic 1949 work on strategic intelligence, identifies intelligence as multifaceted enterprise.q27 0 Kent, intelligence has three main attributes; it is a form of knowledge, a form of organization, and a form of activity. This broad definition captures the nature of intelligence and the many different types of institutions and people who are involved. ‘This chapter will examine one of those forms of intelligence, that is, irirelligence as knowledge. Of the four major elements of intelligence (collection, counter-intelligence, analysis, and covert this chapter intends to focus primarily on the end products of analysis. Thus, when this

*See the discussion in Ernest May, editor, Knowing One4 Enemies, page 3. “Walter Laqveur, world ofsecrets, page 306. ”Karl Popper as quoted in Laqveur, page 296. a2

Sherman Kent, Strategic Intelligencefor Arnericnn Fofeign &/icy, Princeton University Press, Princeton, New Jersey, 1949, page vii. 19

Roy Godson, Intelligence Requirements for the 1980’s; Elernents of Intelligence, National Strategy lnforniation Centre, Washington D.C., 1979, pages 6 to 9.

50 RISK ASSESMENT AND HORIZON SCANNING chapter uses t h e word intelligence, unless otherwise W@k'I

strategic intelligence as a form of knowledge. in the Western context, strategic intelligence can be defined as "info~mationneeded or desired by the government in pursuance of its international objectives."B4 Assessment is a difficult term to define. Assessment is the final step in the analytic process that combines all sources of info~mationinto a final product. Assessment, for the purpose of this chapter, will be defined as being distinct from analysis and appraisal, although the three terms are frequently used interchangeably. Analysis and appraisal occurs at all levels of intelligence and it can be single source, multi-source, or all-source. Assessment is the final step in the analytical process which includes all sources of intelligence and other forms of data, information and knowledge. It is the definitive all-source product and is written for senior consumers, usually with action or policy implications.~~ Strategic intelligence assessment cannot be done with only a single type of information. It must be created with all sources of intelligence, both overt and covert as well as being contextualized by the experierlce of the analyst or organization. The definition of strategic intelligence assessment therefore is: The final all-source intelligence product of actionable knowledge provided to government to anticipate or reduce uncertainty in its pursuit or protection of inter~~ational political, economic and seciirity objectives. ~~~~~~

gy

~~~~~~~

4.3 Data,Information, Knowledge and Assessment Great confusion exists about the use of various termir~olo~ies associated to the general subject of information. It is worth clariQing some of the terms and how they can be used. Definitions vary, depending on how one I6

Godson, Ekrnenrs ~ ~ / n t e / / / gpage e ~ c 5. ~,

"Micliael t-lerman, / ~ t e / / / g ePower ~ ~ e I/? P ~ U Cand P War, London, RIIA, 1996, page XVI

starategic intelligence Assessment and surprise Attacks

51

makes them, but a useful way to look a t the whole field is to put the terms on a continuum running. The terms dara, i n f o ~ ~ u ~and ion, ~ ~ ~are ~frequently / e d ~ ~ used i n t e ~ c ~ i a n g e a b l y , one of them, leading to a lack of clarity in practical and conceptual terms. ~dditionally,the term ussessrnenf (in cornmori usage perhaps i n r i ~ ~ f , ~ i ~or ~ en/ig~i~enrnen~) o ~ ~ is, used frequently in various contexts without the benefit of clarity. The term data would be located at the far left when located on a cor~tinui~m. This is the lowest form of collection and it has not undergo~e any form of processing. I t is the "zeros and ones" of digital methods of t~ansmission. For example, an imagery satellite creates a signal to send its image to earth in a digital form. The ground station receives a strearn of zeros arid ones in a digital form and stores it on a disk. Similarly, most other collection systems, such as signals intelligence radios and computers receive and store their product in a digital form. The same can be said of systems that store bulk amounts of text in a digital form. Terabytesqsof data are collected and stored in this matter. But without an initial level of processing or analysis, the stored data is useless to the consumer. lriforrnation is next on the continuurn and it is what is obtained in the primary level of processing. To continue with the satellite analogy, the zeror and 0ne.s are then organized in such a way that a human being can derive benefit, In most cases, this means that the digitalized data is converted into an image or picture from which information can then be obtained. For example, an analyst could view the image and determine that there is a large formation of armored vehicles and tanks outside of a military garrison, While this may be useful information, it is the limit of what can be derived from the imagery. Without some form of further processing, the . . . .

"One terabyte equals I012 bytes or 1,000 gigabytes or 1,000,00~,000~0~0 bytes

52 RISK ASSESMENT AND HORIZON SCANNING analyst cannot make judgments about what the vehicles are doing. By itself this is insu~cientand the analyst needs a further source of information. Knowledge is the next level of analysis that allows for initial judgrnents to be made. Further sources of information are required in order for this to happen. The other sources can be, for example, previous imagery analysis, diplomatic reporting, signals intelligence, or open source reporting. By putting the new information into context with previous information, knowledge is then produced. "Knowledge is a broader term, since it comprises not just knowing the facts, but understanding their causal and consequential relati onships."" Continuing with the imagery analogy, the image in question may have been taken the day before the country's national day. Large military parades are common on the natiorial day, so what initially was seen as possible threat info~m~tion, is novv knowledge that this type of behavior is quite normal and need not cause further alarm. The intended role of assessment is to provide actionable knowledge to decision makers. The key word in this is actionable: "Knowledge, if it does not determine action, is dead to US."" This actionable knowledge should reduce surprise and risk through foresight into complex situations. In the case of the satellite imagery example above, the final assessment from the intelligence community could be that the action seen is not a threat, and therefore the leadership can order a return to norrnal monitoring W h no further action required.

4.4 The intelligence cycle:Direction, Collection, Analysis, and Dissemination How are strategic assessments done and how is the data processed to the final end product of assessment? Put another way, how does ineelligence analysis work at its most basic level? Multiple ways of looking at this exist, but one way is to examine the intelligence cycle and how it would function in an ideal world. 17

Susan Strange, Structure5 of Power in the World Economy8Printer Publishers Limited, London, 1988, page 1 18.

s.s

Walter Laqwur, World ofSecrefr, referring to Platinus Rorne 205-270 AD, page IX.

starategic intelligence Assessment and surprise Attacks 5.3

The intelligence cycle is normally referred to as a cyclical process whereby consumers of intelligence make their demands known (direction). Following the demand, the intelligence community attempts to gather the necessary data (collection). The data is then processed (analysis) and passed back to the director (dissem~nation). In actual practice,the intelligence cycle represents

an ideal which is not usually reached in the day-to-day workings of the community. Rut it remains a useful way of understanding hov~ the intelligence conirnunity works and where the strengths and weaknesses of the community are to be found.’s The most problematic part of the cycle rnay be direction. Marly decirion makers do not know what kinds of questions need to be asked until a crisis is looming. By that point, insuffcient time exists for the intelligence cycle to function and the leadership will not, in all probability, get the information they need.

4.5 Strategic surprise and Predictability A t the heart of strategic intelligence assessment lies the issue of predictability and risk management.Leaders of all sorts want control over the organizations they lead and the environment in which they operate?@For leaders who are concerned with policy and operations in the international environment, the ability PO control is frequently limited if not impossible even for iarger states and even less so for smaller states. If they cannot have control, then a t the very least they want an understanding of the environment, so as to lessen risk or damage to their states. The desire for control and/or understanding is what drives the require~r~e~~t for predictability.The predictive need has been a common feature of history frorn Sun Tzu’s time to modern day. Sun Tzu stated that “What is called forekno~/l~dge cannot be elicited from sprits, nor from gods, or by analogy ”For a further explanation of the intelligence cycle and some of its problems see Walter Laqueur, World oFSecrets, pages 20-27.See also Loch K. Johnson, ”Analysis for a New AgeI .ON x SO% = >.5%) it is perhaps ~ ~ haw ~ ~~~~~i~~~ ~ get made,~ s ~ a ~ easier to understand how weak decisions get made. The United States has tremendous influence on other intelligence communities around the world. Part of that influence is clear and direct, such as intelligencesharing programs and technology transfers.This influence continues a t events such as international intelligence conferences and symposia. Other effects are indirect, however, such as other countries monitoring the methods and technology of the United States and then consciously (or subconsciously) adapting the ideas. During the Cold War, cooperating or sharing information with the United States probably made sense for many other countries. They may have had common goals as the United States and found it useful or politically beneficial to simply follow along. Now, however, things are changing. Most developments in the US intelligence community are geared towards technology driven issues such as Support to Military Operations (SMO). This is occurring at the cost of other forms of intelligence such as diplomatic and political intelligence. At a time when many states are facing asymmetric threats or internal threats, this model is a doubtful one for small- to medium-sized developed states. The management of knowledge in the intelligence community is an issue that is becoming more critical. Not only are we in the midst of the "information revolution," we are also facing a series of asymmetric threats where knowledge is the only functional weapon. It is a critical issue to ~~~~~

~

~~~~

~~~~~

~

109

Technology and Intelligence

understand when best t o use IT (data and information collection) and when best to use the inherent skills and talents of humans (knowledge and assessment). Yet we do not see that many leaders in the intelligence community even understand the nature of the threat environment, the threat actors, or the responses to them. One of the common attributes seen in many countries and agencies is the endless rotation of intelligence and operational staffs with little to no concern about consistency or the growth of knowledge. Given the complexities of today's security environments, it can take years to develop competencies. Yet we rotate and promote personnel with only the most minimal considerations to a career path. This is self-destructive at best and negligent a t worst. The outlook a t this STAFF ~~-~~~~~~ point remains guarded. Many opportunities 910 term ~a~~~~ for e~~~~~~~ exist for intelligence ~ ~ to ~ a For ~ ~~~~~~X ~ su n ~ communities around the in ~ ~~e~~~~~~ t ~ ~ ~ofie! ~~ world to react to new and emerging threats with the next r o ~This~ is a~s i ~~ ~ ~~ effective and relatively low ~n~~~ a%~ e ~at abest~andi ~e~~~~~~~ ~ ~ at cost systems. The lowest cost of these systems and the most effective may alreadybe in place -the intelligence analysts. But trapped in a system overwhelmed with high cost but non-productive technology driven "solutions," it is not clear that the analysts will receive the support or training needed to break free. All too frequently, these are good people trapped in a bad system. Until the focus moves away from technology and towards the humanization of the intelligence process, no substantive progress is likely. ~~~~

~~~~~~~~

~~~~~~~~~

~

~

~

This page intentionally left blank

Chapter 8

Structure and OrganizatiQn: The Weakness of Centralize Intelligence Is the concept of a centralized intelligence analytical capability an ongoing

weakness?This is a critical question, and it is becoming more so in the face of asymmetric style threats to national security. In order to prevail in the face of an asymmetric threat, knowledge is the key weapon. Power in and of itself will not work. Therefore, how knowledge is to be produced by intelligence agencies is a question worthy of public debate. In order to have its greatest effectiveness, intelligence and operational information needs to be integrated as close to the front lines as possible and as quickly as possible.Those analysts and operators working at the front lines need to have a "strategic view" or big picture outlook (albeit scaled down) and they need to be able to cross institutional boundaries at the front lines as well. Put bluntly, an individual on the front lines will be better able to recognize the impact of a piece of information against its background than someone who is distant from the scene. Information is most valuable when the analysis starts at the front lines in an immediate and relevant context. Removed from that frontline context, much knowledge becomes of lesser value or its significance can be missed or misinterpreted. Clearly, an ongoing integration of knowledge as it moves up the chain is important, but if that process has not started at the front lines, the most important opportunities would have been lost.

112

RISK ASSESMENT AND HORIZON SCANNING

Currently, however, we are faced with a number of intelligence organizations that have a belief in a "centralizedonly" analytical capability. Many of the individuals responsible for national security related information losf. and intelligence are still trying t o operate their centralized bureaucracies as though they were capable of processing and understanding all of the information needed to make informed decisions without reference to the inputs and views of the front line. Worse still, many intelligence agencies avoid or disdain getting front line information from non-intelligence agencies and will not allow direct communication with other agencies or institutions. This is a form of structural and organization weakness that is built in. It is not necessary, but it has become an inbred habit. Whether governments or intelligence agencies like it or not, we now live in an age of distributed information and intelligence. Government no longer has a monopoly or even a majority share of expertise on traditional areas of government interest such as military weaponry or foreign policy. This remains a valid view, even when non-traditional issues such as transnational terrorism, organized crime or other asymmetric style threats are concerned. It is doubtful that it ever made sense to centralize analytical capabilities,' although this has not stopped generations of bureaucrats from trying to use industrial era and Fordist approaches to do just this. National leaders now find themselves operating in a complex and uncertain international environment when it comes to national security threats. Even the most powerful states find themselves in a position where they have to "defend against uncertainty" when there is "no way to predict the probable nature of the threat ..."' In the past, national security usually 'I For further on this issue see, op. cit., Gregory Treverton, Reshaping National Security /nre//igence,page 65 and Robert David Steele, On Inteiligence,pages 141, 196 and 234.

Structure and Qrganimatio

113

meant defending borders and trade routes externally while watching for instability or insurrection domestically. Currently, the list of threats, both symmetric and asymmetric, is increasing rapidly. Depending on the individual state, these threats can come from disease, the environment, technological changes, energy supply shocks, energy price shocks, commodity price changes, or threats from transnational terrorism such as biokhemical attacks or dirty bomb explosions. Almost none of these threats are driven by hierarchical bureaucratic structures that have solid lines of communication or regularized patterns of behavior. For example, in terms of transnational terrorism, the threat continues to change as al-Qaeda (and others) have devolved under pressure to a point where they are now more of a source of inspiration and leadership and less of a threat in-and-of themselves. While al-Qaeda may try to rebuild itself into a functioning organization, its relationships with others will remain more networked than hierarchical. Those attacks that have been successful of late such as the 7/7 bombings in the UK, the Mumbai train bombings, and the Madrid train bombings, demonstrate a large degree of independent local capability. These groups were largely inspired by the message of al-Qaeda, but their recruiting, targeting, financing and organization were done at the local level. The case of al-Qaeda is worth examining in this light. As mentioned in Chapter 7, this group has undergone repeated and serious changes to its structure and organization when it is traced back to its 1979 roots - with nine main organizational changes in its 27-year history, five of which occurring in just the last five years alone. What is the future of al-Qaeda and its inspired sub-groups?This is not clear, although there are ongoing struggles in Iraq, Afghanistan, Pakistan, Bangladesh, Thailand, Indonesia, the Philippines, Russia (Chechnya and Dagestan) and others. This does not include other known areas of jihadist activity such as Spain, the UK, France, Germany, Canada and Sweden. What is clear is that in order to be effective in anticipating or reacting to asymmetrical threats, the organization and structures of the national security institutions must be operationally flexible enough to adapt 'Anthony H. Cordesman, Terrorism, Asymmetric Warfare and Weapons of Mass Destruction, Praeger Publishers, Westport, CT, 2002, page 11.

114

RISK ASSESMENT AND HORIZON SCANNING

themselves to the changes in the threat. At the same time, they must also be able to make structural and organization changes that mimic those of the threat. Centralized bureaucracies do not do this well, but front line organizations tend to have greater adaptability. Al-Qaeda is just one example of emerging threats that change rapidly as they evolve. Consider as well the issue of animal diseases. While most of the media’s focus in these issues has recently been on the bird flu (H5N1 virus), it has been overlooked that animal diseases are making the “jump” to humans a t an alarming rate. The total appears to be about 38 new diseases jumping in the last 25 years. For every year that goes by, one or two new pathogens and multiple variations of existing threats infect humans for the first time? Front line health care agencies and front line scientists tend to notice the small changes, but centralized bureaucracies take a longer length of time to notice. In addition to analytical problems, another problem that is clear is that current government structures have a hard time coping with more than one crisis at a time. The reasons for this are numerous. Among them are: shortage of resources, lack of skilled personnel, information silos, political culture, lack of integration between key government departments, lack of preparedness, lack of crisis strategy plans, lack of redundant communications capability and sometimes even a lack of primary communications capability. One part of the inability to react to a multiple crisis situation is that intelligence staff and knowledge workers in general are now forced to work in hierarchical organizations that are full of “stove-pipes” or “silos‘: They are constantly slowed or crushed by the bureaucratic mentality of mid-level managers who favour bureaucratic process over the operational imperative. Information that can and should flow from one skill centre to the next in minutes or hours is instead forced to work its way up through one chain of command, over to another organization, and then down another chain of command to where it might be practically employed. All of this can take

’See some of the work done on infectious diseases done by Professor Mark Woolhouse of University of Edinburgh in Scotland as reported by Mark Henderson,“Deadlyviruses mutating to infect humans at rate never seen before,”available online at: http~/wwir~.timesonIine.co.uWarticle/0,3-2o4969~,00. html.

Structure and Qrganimatio

115

hours, days, or weeks, and this assumes that the middle managers even allow it to happen. A11 too often, one organization will not share with another due to the fact that bureaucrats in any domain tend to jealously guard information from one another in order to increase their "leverage"over what they see as competitors for scarce resources. In a time of crisis, self-emerging groups must be allowed to form among workers who are already familiar with each other's work and skills. These self-emerging groups must be able to rise to meet an issue, work the crisis period and then dissipate afterwards.There are models for such groups that already do this. Anyone who has observed social activist groups knows that they individually will monitor their own priority areas of interest. When there is a convergence of interest, they form a specialized leadership group, plan, recruit, and organize and then carry out their action.Then the group dissipates back to its original sub-groupings that only loosely communicate with each other. Some of the best examples of this have been seen with major events such as protests a t G8 or IMF meetings, or leadership visits to foreign countries. Government needs to continue to adapt and develop structures that are "spoke and wheell'rather than hierarchies.To adapt successfully it must more effectively decentralize intelligence collection, analysis and control to as near the street level as possible and become more of a policy guidance and senior decision making operation instead. This process of "intelligence decentralization" must take place not only within the overall governmental "centre" outward to the ministries and agencies, but within the ministries and agencies as well. Needless to say, current government structure and organization charts defeat any form of flexibility and it can take months or years and mountains of paperwork to get "positions"changed, budgeted and justified. Simply put, Walt Kelly's cartoon character Pogo may have it right when he said: "1 have seen the enemy and it is us." It is impossible to believe that any one government department or ministry can be expected to develop a structure and organization that can effectively deal with a broad range of threats to homeland security. The solution to the current problems has to be an all-of-government response, and a strong collaborative network must be built across key departments.

116

RISK ASSESMENT AND HORIZON SCANNING

This network must be unobstructed for the staffs to communicate well enough to find the "weak signals" that so ofien presage an attack or crisis, but are missed due to bureaucratic structures and organizations. In order to effectively combat a wide range of asymmetric threats in a complex and uncertain environment, government intelligenceand operational structures have to be nearly as flexible and as capable of rapid change as those that threaten it. At the same time, it should be clear that much of the threat is localized and "down in the weeds." If the institutions of the government are to have a fighting chance of anticipating the threats in time to provide useful advice to senior leaders, then the institutions themselves have to have eyes and ears down at the local level. These eyes and ears must be in constant communication with each other, regardless of departmental lines. The tightly controlled institutions and centralized bureaucracies so loved by current senior bureaucrats and politicians are products of the industrial age and the Cold War. While they may have served us well during those now-gone eras, the reality is that most developed and many semi-developed nations are well past that point. In order to react to or defeat such threats, our government structures must be capable of morphing as quickly as the threats in order to anticipate, meet, and defeat upcoming or existing threats.

Chapter 9

Faint signals

The issue of "faint signals" or "weak signals" is a t the root of many current discussions, primarily those concerning the improvementof future intelligence warning systems. Most frequently, the debate concerns the question of why early warning signals were not picked up which could have warned of an impending attack or disaster. The issue of faint signals can be, for discussion purposes, broadly divided into two main groups. One is that of faint signals which existed, but were simply not picked up by anyone in a position to interpret their meaning. The second group is that of faint signals that were clearly picked up by persons who could have reacted, but did not. It is the second group which will be the focus. Signals often get missed even when the sender thinks that they are making an obvious statement. Why is this the case? A major part of the reason for this is often called "pattern entrainment." People tend to try to make sense of the world around them by imposing their own form of order on it. In essence, they form a set of patterns in their mind which helps them to understand the world as they see it for themselves. In other words:

... whatever we perceive is organized into patterns for which we rhe perceivers are largely responsible. As perceivers we select from all the stimuli falling on our senses only those which interest us, and our interests are governed by a

118

RISK ASSESMENT AND HORIZON SCANNING

patrern-making tendency, sometimes called a schema. In a chaos of shi~ing impressions, each of us constructs a stable world in which objects have recognizable shapes, are located in depth and have permanence. As time goes on and experience builds up, we make greater investm~ntin our systems of labels. So a conservative bias is built in. It gives us confidence.’

Put another way, we frequently tend to see what we want to see. If issues arise that run contrary to what we think we know or we do not want to know, then we will ignore them. Such is the case with faint signals when seen in retrospect. All too often, the signal may have been clear, but the person or group at the receiving end chose to ignore it as it ran contrary to their existing beliefs or patterns. Pattern entrainment is an issue here and this pattern of entrainment is what needs to be broken in order to have an effective analysis of faint signals. The chapter will look at three cases of “faint signals” that were missed which later caused considerable upset or damage. It should be noted that in many cases, the so-called faint signals are often not that faint. To the contrary, the signals that get missed are quite frequently anything but faint. In the first of the following cases, the faint signal that got missed was a missile the size of a telephone flying in plain view. How is it that this signal got missed? In the second case, a man with a long history of conflict and thousands of fighters at his disposal declares war. The strange point is that no one appears to have listened to him - at least not until it was too late. In the third case, another man with a long history of leading his country into conflict also appears to announce his attention to start a war. Yet once again, no one appears to have got the message. Could major wars have been prevented if a few faint signals had been picked up when they needed to be?

9.1 The case of the Flying Telephone pole Operation Deny Flight began over Bosnia in the former Yugoslavia on 12 ‘Mary Douglas, as quoted in C. F. Kurtz and D. J. Snowden,”The new dynamics of strategy: Sense-making in a complex and complicated world8”availableon the web at: h~p~/~ww.research.ibm.com/journal/ sj/423/kurtz..html.

Faint Signals

119

April 1993 in response to UN Security Council Resolution 816/93. This resolution authorized the enforcement of a no-fly zone. The ban on aircraft was extended to cover all fixed wing and rotary wing flights except for those authorized by the UN force in the former Yugoslavia (UNPROFOR). Later, NATO ministers decided to expand the role and close air support was offered to UN troops on the ground as well. On 2 June 1995, while flying as part of Operation Deny Flight, an F16 single seat fighter jet was shot down over Bosnia by a decidedly third rate Bosnian Serb Army. What was amazing about this case was that an earlier attempt had been made to shoot down another F16 under similar circumstances the previous week. Despite a near-miss, NATO did not alter the timings of its regular patrol flights nor did it apparently alter the flight path that had been used regularly. In short, despite having been caught completely by surprise by a weapons system that nearly shot down a top-of-the-line fighter jet, NATO made no effort to respond by changing any of their activities. Given that the pilot in the first jet was nearly shot down by a missile which he actually saw, it is hard to describe this sudden change of events as being heralded by a "faint signal." In fact, it was a very clear and direct signal that something radically different was occurring. The Bosnian Serb Army was equipped with a number of severely outof-date Soviet made anti-aircraft missiles known commonly by their NATO designations of SA-2 Guideline, SA-3 Goa, and SA-6 Gainful. The SA-2 was first publicly displayed in 1957 at a May Day Parade and the SA-3 was deployed into service between 1961 and 1964. The "newer" SA-6 went into service in 1967: The Soviet series of missiles was well known to NATO pilots and the Soviet Union had sold them to a number of different states. They were regularly used in Viet Nam (SA-2) and were used in the 1973 Yom Kippur War as well (94-2, SA-3 and SA-6). The SA-2 missiles and their closely related SA-3 follow-ons are commonly known among pilots as "flying telephone poles." The missiles are huge, 'For information on various Soviet era anti-aircraft missiles, many of which are still in service, see: http~/w~~~~.fas.org/man/dod-l Ol/sy~missile/r~~/radar-rus.h~m. See the information at: httpJ/www. designation-systems,ne~non-us/soviet.html or see also http://www.aerospacewe~.org/ques~io~/ weapons/qOl80.shtml.

120

RISK ASSESMENT AND HORIZON SCANNING

measuring more than almost 11 metres long (35 feet) in some variants and are capable of speeds up to Mach 3. Respite their high speed, pilots could see them coming and if they were in jet fighters, they frequently could defeat the missile by executing a rapid 90 degree turn. The original intent of the missiles was to hit high flying non-maneuvering aircraft such as the American 8-52 heavy bomber. Notwithstand~ngall of this, the Bosnia Serb Army managed to use aging technology to shoot down a vastly superior aircraft a t a time when NATO totally dominated the airspace. Was this a lucky shot on the part of a third rate army, or was this the result of faint signals that were missed by commanders, lulled into security by their belief in their own technology and the regularized nature of their mission? Given that the same sort of attack had been tried for the first time a week before, and given that the attack that shot down the F16 occurred in a similar manner, it is evident that the answer lies closer to the missed faint signal than it does the lucky shot. The Bosnian Serb Army had not been shy about using their equipment in either conventional or non-conventional means. Violence had been widespread in Bosnia from 1992 to 1995 and the Bosnian Serb Army had used many non-conventional means of attack. Included in those methods had been the use of surface to air missiles in the surface to surface mode which provided them with a terrifying if wildly inaccurate attack weapon. There had also been a series of reports about the use of several small rockets fitted together to carry large bombs. Again, these weapons were inaccurate, but they were terrifying to those in the area and demonstrated the will and capability to adapt. While open source media accounts vary and the whole story may never be known, it appears that the Bosnian Serb Army had fired at an F16 fighter the week before 2 June 1995 after observing NATO aircraft fly down the same flight path numerous weeks in a row. Although the first pilot reported the attack, the ensuing near miss and his successful escape, NATO did not appear to change its actions as a result. Without insider access to all the players, including the missile crews, their commanders, the NATO pilot and his commanders, it is difficult to assess what exactly went wrong. However, in cases like this, it is usually the situation

I

Faint Signals

121

that not one thing went wrong, but rather several factors together led to the failure. Among those factors were probably: 1. Mindsets. Strategists, operational commanders, and even pilots and soldiers at the tactical level tend to ignore or simply dismiss any information that does not fit into their understanding of what the situation is really all about. Sometimes this is a matter of not understanding the new issue, or perhaps the new issue would disrupt their assessment. As such, unwilling to admit an error or unwilling to incorporate new facts into their assessment, individuals ignore the new information until such a point that an overwhelming shock or defeat forces them to finally accept it. NATO commanders thought they were vastly superior to the Bosnian Serbs and could not change that viewpoint even when they came close to losing an aircraft. It was only the shock of actually losing an aircraft that finally made them change their pattern entrainments. 2. Overconfidence. Although related to the issue of mindsets' mentioned above, overconfidence in its own way helps to create bad mindsets to a point where it leads to a failure to act or bad decisions. In the case of strategic and operational level commanders, they tend to be in a mindset where they don't even know what it is they do not know. 3. Technology. Militaries and governments with superior technology tend to develop a belief in the technology itself, rather than believing in their overall system and their own skills. In short, they tend to believe that their technology will save them even in unknown circumstances. This has proved to be the path to failure on a number of occasions and it continues to happen in spite of weak signals that should have been warnings. The loss of the F-16 is similar in some respect to the Israeli Air Force losing aircraft in the initial stages of the 1973 War or the severe damage their Navy suffered a t the hands of Hizbollah in 2006.

The flying telephone pole case is a clear example of a faint signal being missed. The report on the first attack was timely and clear, and the nature of the attack and its location were clear.Those a t the receiving end, however, were probably crippled by their own beliefs and were not able to deduce that an isolated incident actually represented a pattern shift. Arguably, given

122

RISK ASSESMENT AND HORIZON SCANNING

its size and speed, this could be put forward as a case of a not-so-faint signal being missed in spite of its direct threat.

$322 the Case of the Missed Declarationof On 23 February 1998, a man deliberately published what amounted to a declaration of war with the full intent that it be read and understood by those he was declaring war against. This event, which was largely ignored a t the time, may yet turn out to be one of the most (in)famous missed faint signals of all times. Osama Bin Laden, the head of the al-Qaeda terrorist network, published his ”World Islamic Front for Jihad Against Jews and Crusaders” statement in the London based Al-Quds Al Arabi newspaper on 23 February 1998. The Al Quds Al Arabi newspaper had been publishing since 1989 and it was owned by Abd al-Bari Atwan, a Palestinian who was born in the Gaza Strip in about 1950. The paper has long been critical of Arab governments as well as what the paper believes is an over reliance of many Arab governments on their relationship with the United States. The paper has also been critical of the American/lsraeli relationship. Circulation figures are estimated in the tens of thousands. The paper had drawn international attention and been banned in a number of different Arab countries. In the”World Islamic Front for Jihad Against Jews and Crusaders’lstatement, Bin Laden outlined his basic grievances and made his intentions quite clear. America and its allies had (in the eyes of Bin Laden):

... been occupying the lands of Islam in the holiest of places ... plundering its riches, dictating to its rulers, humiliating its people, terrorizing its neighbors, and turning its bases in the Peninsula into a spearhead through whjch to fight the neighboring Muslim peoples. If some people have formerly debated the fact of the occupation, all the people of the Peni~sulahave now acknowledged it.’ ”I-Quds al-Arabi, London UK, 23 February 1998, page one. See any one of a number of websites for an English translation of the original article. It is available at the following site: httpJ/www.ndu.edu/ nduspeeches/UsamahBin-Mi~hammadBin-Ladin.htmor at the Federation of American Scientists Intelligence Resource Program website which is located at: http://~~w~~.fas.org/irp/world/~ara/ docs/980223-fat~va.htm.

Faint Signals

123

In very clear language, Bin Laden continued on with his explanation which (to him) justified his actions. He used the no-fly zone and sanctions as justification by stating: The best proof of this is the Americans’ continuing aggression against the lruqi people using the Peninsula as a staging post, even though all its rulers are against their territories being used to that end, still they are helpless. Second, despite the great devastation inflicted on the Iraqi people by the crusader-Zionist alliance, and despite the huge number of those killed, in excess of I million ... despite all this, the Americans are once against trying to repeat the horrific massacres, as though they ure not content with the protracted blockade imposed after the ferocious war or the fragmentation and devastation. So now they come to annihilate what is left of this people and to humiliate their ~ u s l i mneighbors.” This statement was co-signed by a number of other supporters of Bin Laden and was called a fatwa. In Islam, a fatwa is considered a type of legal pronouncement and it is usually given by an Islamic law specialist on the issue of concern. Because Islam does not have a centralized hierarchy or central administration, there is no actual set of rules for who can and cannot be allowed to issue such a ruling. Most Muslims and non-Muslim observers agree that Bin Laden lacks the religious credentials to issue a fatwa, especially on such a major issue as the killing of perceived enemies. NotwithstandingBin Laden’s lack of Islamic religious credentials, the other co-signers of the fatwa did have some credentials that should have sounded alarms. Ayman al-Zawahiri was noted in the fatwa to be leader of the Jihad Group in Egypt. Previously, Zawahiri had been jailed in Egypt because he had been a member of the Muslim Brotherhood when they assassinated President Sadat. He was later released and went to Afghanistan in the 1980s and became a part of the Bin Laden circle. He returned to Egypt and, among many other things, was considered responsible for the mass murder of 62 tourists in Luxor, Egypt in 1997.‘ Rifai Ahmed Taha was another co-signor “For information on Ayman al-Zawahiri, see, among others, Strobeialbott and Nayan Chanda, TheAge of Terror, Basic Books, New York, 2001. See also Jessica Stern, Terror in the Nume of God: Why Reiigions Milifants Kiil, Harper Collins Publishers, New York, 2003. See also Jane Corbin, a/-&eda: In Search ofthe Terror Network that Threatens the Worid, Nation Books, New York, 2003. See also Peter L Bergen, l-lob War lnc: h i d e the Secref World of Osurna Bin Laden, Simon and Schuster Touchstone Books, 2002.

124

RISK ASSESMENT AND HORIZON SCANNING

of the fatwa. He was a former leader of the Egyptian terrorist group al-Gama’a al-lslamiyya and was believed at the time to be a close associate of Bin Laden.’ He was also believed to have been one of the most hard line leaders and had rejected any calls for a truce with the Egyptian leadership. He was associated with the Luxor Temple massacre of 1997 and may have actually given the orders to carry it out. The other signatories were Sheikh Mir Hamzah, secretary of the Jamiat-ul-Ulema-e-Pakistan; and Fazlul Rahrnan, leader of the Jihad Movement in Bangladesh. Both of them were well known at the time. The mblication of the fatwa caused barely a stir at the time, However, this did change a bit some six months later when explosions ripped apart the American Embassies in East African capital cities of Dar es Salaam, Tanzania and Nairobi, Kenya. About 220 people died and as many as four thousand people were injured. The 7 August 1998 attack was carried about by al-Qaeda. Still, however, there was no wide spread alarm or public awareness that al-Qaeda was genuinely interested in targeting American interests. Some two years later, however, the USS Cole was in port in Yemen and was attacked by al-Qaeda suicide bombers. The USS Cole was nearly lost and 17 of its crew were killed along with 40 wounded. It is unreasonable to argue that the fatwa and the follow on attacks should have allowed the intelligence community to directly predict the discrete event which was the attacks on 9/11. However, the fatwa, taken together with the earlier 1993 World Trade Center bombing, the 1996 Khobar Towers bombing in Saudi Arabia, the 1998 embassies attack and the bombing of the USS Cole should have sent some sort of signal. What did get missed is at the absolute core of the entire issue of faint signals and horizon scanning. In this case, there was a series of faint (and not so faint) signals that were being sent out by Osama Bin Laden and his terrorist network. Despite the intended clarity of his 1998 fatwa and other messages, the concept of a threat warning against the US homeland was never taken up and made clear to either the American government or its citizens. The faint and not so faint signals being sent out were not picked ’See the MIPTTerrorisrn Knowledge Data Base for further information on the GAI andTaha. For specific information on Taha as a leader, see the leadership subsection under: http~/www.tk~.org/KeyLeader, jsp?rnemlD=5746.

Faint Signals

125

up due to pattern entrainment. Most of the intelligence agencies at the time were geared towards issues other than terrorism and they simply did not have such issues ”on the radar screen.” As such, the signals did not register. If it had been, one of two things might have happened. If intelligence personnel and investigators were aware of a general threat, they might have been able to put the warning pieces about 9/11 together before the attack. Even if they had missed the individual event, however, the nation and i t s leaders would have been better prepared and able to react intelligently if they had known such an attack was possible.

9.3 The case of the missed Diplomatic signals On July 25th, 1990, one of the most legendary diplomatic meetings of the 20th Century took place between American Ambassador to Iraq April Glaspie, and Iraqi President Saddam Hussein.The meeting was later seen as immensely critical, as eight days later Iraq would invade Kuwait, unleashing the First Gulf War. What lies at the centre of the debate over the meeting is whether or not President Saddam Hussein, a long time ally of the USA at that point, had‘lasked permission”to invade Kuwait. In the eyes of Hussein - and many Iraqis - Kuwait was an errant province of Iraq that should be returned to the fold. Mot only that (again in the eyes of Hussein) Kuwait was stealing oil from Iraq through the technique of cross border drilling. Apparently, President Hussein must have believed the answer was “yes“ as he carried out the invasion and was then surprised by the reaction from America and much of the rest of the world. What really happened and who said what remains a matter of dispute. According to Iraq officials, (whose views must be seen as suspect), the conversation went something like the following:‘

‘The American State Department has not released the cables or minutes from the meeting.Therehave, however, been a variety of reports released including the August 2002 publication by Andrew I. Kilgore in the K’ushingloon Report on ~ ~East Affairs. d ~Another / version ~ of the transcript was printed in the New York Tima on 23 September 1990. For a version of the cable as rdeased to the MargaretThatcher Foundation see: hnp~/~~:n/w.margaret~1.iatcher.ory/archive/displaydocumerit.asp?docid=l10705.

126

RISK ASSESMENT AND HORIZON SCANNING

US Ambassador Glaspie - I have direct instructions from President Bush to improve our relations with Iraq. We have considerable sympathy for your quest for higher oil prices, the immediate cause of your confrontation with Kuwait. (pause) As you know, I lived here for years and admire your extraordinary efforts to rebuild your country. We know you need funds. We understand that, and our opinion is that you should have the opportunity to rebuild your country. (pause) We can see that you have deployed massive numbers of troops in the south. Normally that would be none of our business, but when this happens in the context of your threats against Kuwait, then it would be reasonable for us to be concerned. For this reason, I have received an instruction to ask you, in the spirit of friendship - not confrontation regarding your intentions: Why are your troops massed so very close to Kuwait’s borders? Saddam ffussein - As you know, for years now I have made every effort to reach a settlement on our dispute with Kuwait. There is to be a meeting in two days; I am prepared to give negotiations only this one more brief chance. (pause) When we (the Iraqis) meet (with the Kuwaitis) and we see there is hope, then nothing will happen. But if we are unable to find a solution, then it will be natural that Iraq will not accept death.

U.S. Ambassador Glaspie - What solutions would be acceptable? Saddarn Hussein - If we could keep the whole of the Shatt al Arab - our strategic goal in our war with Iran -- we will make concessions (to the Kuwaitis). But, if we are forced to choose between keeping half of the Shatt and the whole of Iraq (i.e., in Saddam’s view, including Kuwait) then we will give up all of the Shatt to defend our claims on Kuwait to keep the whole of Iraq in the shape we wish it to be. (pause) What is the United States’ opinion on this?

US. Ambassador Glaspie - We have no opinion on your Arab to Arab conflicts, such as your dispute with Kuwait. Secretary (of State James) Baker has directed me to emphasize the instruction, first given to Iraq in the 1960s, that the Kuwait issue is not associated with America. According to American officials, who did not address the issue until after the war was over, the situation was much different. In a New York Times

Faint Signals

127

article of 24 March 1991, Ms. Glaspie, speaking publicly for the first time, said that the transcript omitted important sentences, such as her insisting that any disputes be settled without violence. She said Mr. Hussein was"too stupid" to realize that Washington meant business. Whatever the realities of the meeting, it is clear that both sides may have been trying to send signals, and both sides somehow missed the messages. If we live in an information age that allows for instant global contact between various embassies and the respective"headquarters"in their national capitals, how is it that this happens? What were the view of others at the State Department and presumably intelligence agencies that were reading the cable traffic? Did they have a sufficient diversity of views to pick up on the seriousness of Iraq? More interestingly, are there signals being sent now that are being missed or misread by the intended recipients? The Middle East, with its complex history, multiple cultures and religions may be trying to send signals that are often ignored or misread as the intended recipients do not want to hear the message. Without a wide diversity of individuals viewing the available information, the faint signals will continue to be missed. Whatever the actual reality, this one faint signal misreading may have led to the First Gulf War, which in turn led to the patrolling of the aerial exclusions zones, sanctions, and the American led invasion of Iraq in 2003. This one event may eventually register as one of the most amazing missed "faint signals" of the 20fhCentury.

9.4 Conclusions As seen in the cases above, the faint signals are frequently seen, but the observers ignore them or are not capable of putting them into a context where the significance can be determined. The importance of the signals was clear in retrospect, but arguably these types of signals were more ignored than they were missed. From an intelligence perspective, there are at least two useful responses to this sort of problem.

128

RISK ASSESMENT AND HORIZON SCANNING

1. Training. Faint signals are one case where basic intelligence training could

actually make a difference and improve analysis. If analysts were shown a number of failure scenarios and the patterns of development that led up to them, then they would have a higher chance of detecting the problems ahead of time. This type of training is already common for pilots and aircrew. It is understood in the aviation community that it is rare to have a plane or helicopter crash occur because ofjust one failure or mistake. In almost every aviation disaster, there is a series of small mistakes or failures that are made one after the other. Only after a series of mistakes are made is there no chance of recovery. As such, pilots and aircrew are taught to be alert to the idea that a series of small incidents could lead to a major event. As such, if they see a pattern of mistake occurring, they are taught to break off the action and rethink the situation before recommencing. In other words, the aviation community has taught itself to be sensitive to a series of faint signals that might be trying to tell them something. The same could be done for intelligence analysts who work at the strategic level. If they are exposed to a series of examples as to how faint signals were missed in the past, they may then be able to see new situations developing in which information needs to be reinterpreted to shake out the faint signals. It is unlikely that a specific methodology could ever be developed to do faint signal detention that would work consistently or automatically. Rather, it is probable that faint signal detection successes will come from the state of mind of the analyst rather than any particular method. 2. Diwersity. Faint signals often get missed because the receiver of the signals did not understand the context in which the signals were being sent. Knowledge is context dependent. Intelligence agencies (and many other parts of government) frequently tend to hire one kind of person with a fixed "ideal" background. Rather than getting a diversity of views or new interpretations of intelligence, the opposite occurs. A fixed view forms that is then almost impossible t o shake as the fixed view them becomes the "truth" and no one is allowed to challenge it. Diversity is one clear answer to this problem. Multiple perspectives can be brought to bear by multiple

Faint Signals

types of personnel, thus ensuring that a wider range of views can be put forward. At that point, the r a t e of faint signal detection can increase and better warnings can be put forth.

F

129

This page intentionally left blank

chapter 10

More ~ a i nSigna~s t Missed?

As noted in the previous chapter, so-called faint signals often get missed even when they are in plain view. Quite often, faint signal detection can be improved by just looking a t current issues with a diversity of views. Currently, there are a number of issues where faint signals may be emanating, but we are failing to grasp valuable information due to a lack of willingness to examine them from an alternative point of view. The following five cases are offered as examples of how information that could inform senior leaders and decision makers could be extracted from the current situation with an alternative reading of the faint signals. While no one case may prove to have a critical impact, such reviews can inform debates about priorities, spending and the threats of the future.

10.1 The case of animal disease and pandemics One of the most highly studied issues concerning national security is the possibility of a pandemic caused by the H5N1 virus, more commonly known as avian flu or the bird flu. Is it possible that there are faint signals warning of a future pandemic that are somehow being overlooked despite the near global focus and the billions of dollars being spent? The following is a case of how faint signals can be overlooked. While the bird flu has focused the world's attention on pandemics, it is often overlooked

132

RISK ASSESMENT AND HORIZON SCANNING

that there are other critical problems concerning the transmission of disease from animals to humans. While it did not gather much public attention, researchers have recently announced that they believe some 38 illnesses have jumped from the animal world to the human world in the last 25 years alone. For every year that goes by, one or two new pathogens and multiple variations of existing threats infect humans for the first time. According to researcher Mark Woolhouse, professor of epidemiology at the University of Edinburgh in Scotland, this is not a sustainable rate that the human species can tolerate because it would imply that people run the risk of being overwhelmed.' He, and many others, seems to believe that there is a very real possibility of future pandemics caused not by the bird flu, but by any one of these animal borne diseases that can mutate and then transfer from animals to humans. Currently, it is believed that there are 1,407 pathogens that can infect humans of which 58% come from animals. Of those 58% of animal derived pathogens, scientists believe that 177 of them are emerging or re-emerging and may pose a threat to humans. There may be a number of different reasons for this apparent problem that is allowing diseases from the animal world to leap to our own. Each of these reasons may also be a faint signal unto itself. The main reasons appear to be the emergence or re-emergence of fungi associated with hosp~~alization and poor population health. Also, the emergence of pathogens associated with contaminated food and water and those with international travel are of concern. Finally, changes in land use and agriculture are associated with greater bacteria growth. What is to be understood from this situation? Numerous outcomes may result from the failure to pay attention to a series of faint signals while focusing on the issue of bird flu. The most obvious examples might be that while we are all focusing on bird flu, it may be an altogether different pathogen that causes the next global pandemic. A second observation may be that in order to effectively monitor potential pandemic outbreaks in the ~.~

'For further informationon this issue see: h~pJ/v~vJ.msnbc.msn.comli~l~ 1460927/or h ~ p J / ~ ~ w w . boston.com/news/nation/articles/2006/02umans~contracting~animaI~diseases/ .

Faint Signals

133

future, the surveillance of the emerging and re-emerging pathogens may have to be much broader than is the current practice. While it may be fine to make such observations, what sort of'lfaint signals" policy advice should be given to a country's leadership based on this sort of information in these kinds of conditions? Using a combination of "faint signals"and the RAHS approach, several ideas appear. Among them are the following: 1. An over focus on one issue means you may be missing another. How wide are the apertures on your intelligence collection system? Are you

widening them enough to catch not just avian flu outbreaks, but the potential faint signals and early warning signs from other outbreaks? Or, to put it in military terms, if you think that your operational plan is ready for the fight against a known enemy, then there is a high likelihood that you will get ambushed by an unknown enemy. 2. What does this mean for state reponses?Currently, some states are heavily

focused on pharmacological responses to the avian flu - which may or may not work in the event of an outbreak of the H5 N1 virus. Even then, the vaccines may be of a limited number. Seen from a RAHS perspective, what may really be required by the state is a host of non-pharmacological responses which can be implemented no matter what the nature of the actual disease problem is. These responses must be sufficiently strong to contain the problem, yet at the same time be finely targetted enough to not shut down the economic and social system of the society. The SARS crisis in Singapore, Canada, and elsewhere should underline this point. 3. What about the nature of technological research being directed or supported by state institutions?Frequently, the focus is on finding cures

or solutions to one threat such as the avian flu. Instead, perhaps research money and skills would be better spent on broader approaches. Rather than spending on a vaccine for one disease, would the state be better off with a new lab and processes which could identify new strains of diseases and then "grow"the cures quicker?Given the range of emerging threats, this must be considered.

134

RISK ASSESMENT AND HORIZON SCANNING

4. Is the state taking enough precautions to ensure that it is part of the

solution and not part of the problem?The emergence or re-emergence of some diseases is often associated with hospitalization, poor population health, international travel and new bacterial strains associated with changes in land use and agriculture. All of these are issues related to state laws and practices.

3&2 The Case of ~ e ~ ~ ~Trends o l oand g Home ~ ~

a ~ ~~ ea

~

Faint signals need not emanate from just one source. Often a series of individual signals operating in isolation from each other can indicate a future trend that will evolve into a serious threat. Converging trends or the interaction between trends can produce unforeseen results. The interaction of trends may have a force multiplier effect in which the outcome is, in effect, greater than the sum of the contributing inputs. Tracking the effects of just one trend may be a difficult but manageable task. Attempting to track the combined effects of multiple trends is much more difficult and may in fact be impossible until there is an unexpected outcome. However it should be possible to track trends and intersecting trends at least within the confines of known threat areas such as transnational terrorism. For instance, two trends that obviously contribute to producing a third action are those of the increasing level of violence seen on TV and webbased news systems that show Muslims as the victims. The ongoing war in Iraq is one example, as is the violence in Lebanon that re-ignited in the summer of 2006 after having been quiet for years. Afghanistan and Chechnya provide other examples. A t the same time, the jihadists have come to dominate the battle space of the internet, especially where it comes to propaganda and recruiting. As such, the combination of these two trends has resulted in a major upsurge in home grown jihadism. Some initial weak signals were seen in the year 2000 or thereabouts, but the trend has become much clearer since 2003. If that trend is occurring and was not really noticed for a number of years, what other trends are there in transnational terrorism that we should notice?Do they have the potential to be as dangerous as the self-emerging groups of the home grown jihadists?

o

n

More Faint Signals Being Mi

135

Four seemingly unconnected trends are being drawn together and may provide a worrisome series of future terrorist attacks. Already, there have been individual events that demonstrate the menace of each of the following, but the faint signals now suggest that there are future threats coming that are not being contemplated. As mentioned in Chapter 3, there exist the following: 1, The uncontrolled spread of information technologies to build better

home made weapons; 2. The dropping costs of technology and supplies acquisition; 3. The increasing availability of materials to manufacture weapons; and 4. The trend towards self-directed and self-funded terrorist attacks by locally formed terrorist groups using do-it-yourself (DIY) technologies. The uncontrolled spread of information on weapons technology is continuing. Both the internet and regular book publishers are increasingly becoming sources of informationfor do-it-yourself (DIY) information on how to make all types of explosives. Among the more dangerous books are the previously noted Uncle Fester's Home WorkshopExplosives available on Amazon. corn. This book and many others describe the process of manufacturing a number of different explosives using materials that are easily available.2 Among the explosives described for home manufacture are: RDX, ammonium nitrate, acetone peroxide blasting caps, nitroglycol,nitromannitol, PETN and fuel-air explosives. In another book, Silent Death, the same author discusses how to manufacture biochemical weapons such as tabun and sarin gas, botulinum (botulin toxin), ricin, phosgene, and arsine. On top of the current explosives being manufactured, internet articles also discuss new explosive technologies such as superthermites and nano metals. Articles and manuals also exist for the DIY manufacture of the deadly poison ricin. This poison can be manufactured in your kitchen for less than 20 US dollars, with regualr kitchen equipment. This form of manufacture will create a powder that will field test positive, even if it is not a highly pure substance.

'hltp://www.amazon.com/Workshop-Explosivtdp/0970148542/sr qid=1163743946/ref=sr~1~2/002-4866435-5715232?ie=UTF8&s=books.

1-21

136

RISK ASSESMENT AND HORIZON SCANNING

Another major area of concern is the falling cost of technoglogy for all consumers, including terrorists. While terrorists can profit from lower costs for mobile phones, internet access and electronic products, they also have increased access to low cost technologies such as cell phone jammers.These jammers are useful for electronically protecting remotely detonated bombs during the deployment phase. Much the same can be said for the cost of developing explosives or chemical and biological subtances. PETN and other such high explosives used to be difficult to obtain and would be either expensive to buy (black market) or would have to be stolen (high risk). Now they can be manufactured from the comfort of your own home. Overall, the costs of terrorist attacks are dropping rapidly.The 9/11 attacks may have cost as much as USD I million.The Bali attacks were much cheaper at a presumed cost of USD 35,000 to USD 50,000 while the London bomb~ngs probably cost less than USD 2500. The use of TATP during the July 7th bombings in London demonstrates that these terrorists may have made a considerable cost breakthrough combined with an effective operational advantage. As such, we are seeing the emergence of the poor terrorists who can still have a devastating effect notwithstanding their lack of financial resources. The costs are dropping exponentially. An increased availability of raw material is also assisting terrorists. The manufacture of explosives and biochemical weapons requires access to a number of sometimes hard to obtain raw materiakThis is changing as both the availability of raw materials is growing as is the understanding of materials that can be obtained from common commercial products. Aluminum powder, for instance, is now generally understood to be useful for increasing the power of ammonium nitrate explosives. This powder is often available in a painter's shop. Another example is acetone which is used in the production of ricin. Rather than trying to obtain acetone directly, purchasers can buy nail polish remover which is available in any cosmetic shop, Information also exists on how to purify glycerin or how to synthesize nitric acid with minimal equipment. The trend towards self directed attacks may be the most signifcant new problem. Recent terrorist attacks such as the Madrid train bombings or the London Tube bombings, demonstrate that locally organized, directed and

More Faint Signals Being Mi

137

funded groups are capable of launching high impact, low cost attacks with materials that are widely available. The arrests of eight British and one Canadian terrorists on 28 March 2004 also demonstrates a good working knowledge of ammonium nitrate and aluminum powder explosives which would have been highly destructive. The arrest of 19 individuals in Toronto in mid-2006 bears the hall marks of a self-directed group doing its own planning independent of external direction, as did earlier arrests in Australia in late 2005. Localized terrorist groups using DIY technology have already demonstrated that they are capable of developing good quality high explosives. This ability will no doubt improve given the widespread information on the internet as well as in other sources such as textbooks and libraries. With four different trends at play, there may be as many as a dozen more different problem areas developing, each of which could bring futher advantages to terrorists while greatly increasing the cost of recovering from their attacks. One of the most dangerous may be the use of biotoxins in attacks. With biotoxins, the simple manufacture of ricin may prove a serious threat. While actually turning ricin into a weapon which can produce large scale casualities is difficult, the simple introduction of ricin into the ventilation system of a building or subway system will result in an expensive cleanup operation that could take days or weeks. The costs of cleaning up the Brentwood postal facility, tainted by anthrax during the 2001 attacks, was estimated at USDI 30 million and took 26 months.

10.3 the Case of an^^^^@$^ Bangladesh often gets ignored in international affairs or

-.

perhaps worse -

is treated as a state which is perpetually under stress from natural disaster

such as flooding. Henry Kissinger's cutting statement in the 1970s that Bangladesh was nothing more than an international basket case has not helped. But is there something going on in Bangladesh that is being missed? Are there faint signals emanating out of Bangladesh that warrant greater international attention? The answer is clearly yes and there have been a series of signals which are being either missed or ignored.

138

RISK ASSESMENT AND HORIZON SCANNING

Bangladesh came into being as a country following a bitter civil war and a split with Pakistan. Formerly known as East Pakistan, this country of 150 million people has suffered under military dictatorship (1 975 to 1990). Even since 1990, the country has suffered from a series of governments and leaders who have been considerably less than competent. Poverty and violence are widespread, and the government’s manipulation of religion to shape policy has had serious negative long term effects, The 1971 founding constitution was secular, but by 1978, changes were being made to introduce religion into the state’s governance and in 1979, religious parties were started. In 1988, Islam became the official state religion. The government has clearly failed in its attempts to improve conditions in much of the country. The areas in the North West are probably in the worst shape. Almost any form of government presence and institutionaliza~ion is missing in this region. Schools, hospitals, civic administration and other such services do not function unless they are provided by NGOs or locally derived efforts. As such, these areas are poverty stricken even more so than the rest of Bangladesh and young people are increasingly vulnerable to radica Iizat ion. One of the earliest faint signals to come out of Bangladesh was the 1998 so-called fatwa of Osama Bin Laden. This document was essentially a callto-arms by Bin Laden and a declaration of war against Americans and their allies, itself another faint signal that was missed. Osama Bin Laden has considerable credentials as a former mujahideen who moved on to become the founder and leader of al-Qaeda. His leadership skills are well known and his organization skills are respected within his own organization. However, despite his (mis)use of Islam to motivate his followers, even his close supporters recognize that Bin Laden is a complete light weight when it comes to religious matters. He has no formal training in Islam and has displayed no great theological capabilities. As such, if he tried to issue a fatwa on his own, it would carry no great weight among Muslims - even those who might be sympathetic to his cause. In order to give the 1998 fatwa some credibility, it was signed by four other individuals who have some religious clout and name recognition. One of those individuals was Fazul Rahman who was identified as the leader of the Jihad Movement in Bangladesh.

More Faint Signals Being Mi

139

In 1998, Bangladesh was not known as a hotbed of political extremism that was related to the jihadi movement. Close observers of the region, however, would have remembered that a large number of Bangladeshi citizens went to fight in the Afghan War from 1979 to 1989. The numbers are unclear a5 to how many went, but two to three thousand seems to be a fair estimate. While speaking in Singapore a t an Institute of Defence and Strategic Studies seminar, Associate Professor Ali Riaz3 stated that twentyfour Bangladeshis were known to have died in the war while most of the remainder returned to Bangladesh. He further noted that of the seven key leaders arrested in Bangladesh following the 2005 bombings, a t least four of them had experience in Afghanistan. Altogether, he estimates that about 80 of 300 individuals arrested for various extremist related events had traveled to Afghanistan during the Afghan war or during the Paliban rule. On 17 August 2005, one of the most amazing events happened in Bangladesh that should have signaled to the world that something serious was afoot. On that day, some 450 bombs exploded throughout almost all of Bangladesh in less than one hour. Only a few people were killed, so it appears as though the action was carried out to send a message of power and organization rather than to kill. The action was carried out by Jamatul Mujahidin Bangladesh (JMB) which had its members leave pamphlets a t the locations of the explosions. The leader of the group, Abdur Rahman, was captured in 2006 following a 30-hour standoff with the police." Following that attack, a wave of more deadly attacks followed that targeted judges and other government officials. What are the faint signals that are being sent, and what is being missed? Several issues should be viewed as potentially serious. In 1998, Osama Bin Laden chose a Bangladeshi to co-sign a rather significant statement and identified him as a Bangladeshi. This should show that al-Qaeda a t the time had significant interests in, and respect for their "brethren" in Bangladesh, indicating that the movement there had both strength and potential. This contrasts to India, which despite its large Muslim population showed no .-

'1055 seminar by Ali Riaz, Associate Professor of Politics and Government, Illinois State University, USA on"Not Alone:The Dynamics of lslamist Militancy in Bangladesh," 18 July 2006. *"Top Bangladesh militant captured:'BBCNews as published on 2 March 2006 at 164400 GMT. See: http~/ne~s.b~.co.u~~~ni/south~asia/4761770.stm for further details.

140

RISK ASSESMENT AND HORIZON SCANNING

interest in the Afghan war or the jihadist movement in the 1980s or the 1990s.

In 2005, the JMB was able to place 450 bombs at once and have all those go off in a time period of one hour. This suggests a well disciplined and well organized group. The follow on attacks also showed some deadly precision as they killed government officials. Overall, these and other faint signals suggest that Bangladesh has a growing jihadist problem with an internationalist point of view. The government is failing to provide basic social services and security which radicalizes the population. Current evidence suggests that there are considerable training facilities in Bangladesh to support this activity. Bangladesh should be seen as a potential training ground and problem area that could progress to be as much a threat as Pakistan.

10.4 The case of the united states and information sharing Information sharing has been repeatedly identified as one of the weakest points of various intelligence communities around the world. The phenomena whereby intelligence agencies either cannot or will not share information with each other has become known as "stove-piping"or "the silo effect." In short, intelligence agencies are often good a t moving information up and down their own chains of command, but do a poor job of sharing this information laterally. Numerous investigations into one form of crisis or another have made the same conclusions. Stove-piping is a critical reason why failure occurs. In the United States itself, a lack of sharing and cooperation has been noted in a number of investigations from more than 55 years ago including the 1949 Hoover Commission and the 9961 Taylor Commission. The issue of stove-piping was addressed under the Clinton Administration as identified in its study"B1ueprint for E-Government:The Next American Revolution."The Blueprint called for a greater sharing of information between agencies in the US government. This study was adopted by the Bush (Junior) Administration on 21 February 2001. After the 9/11 attacks in the United States, the issue of stove-piping was again identified as a critical shortcoming. The 9/11 Commission Report, put out by the US Congress in 2004,

More Faint Signals Being Misse

141

demonstrates in detail how the inability of the CIA, the FBI and other US national agencies to coordinate and act on intelligence in a timely and effective manner played a role in the catastrophic intelligence failure that led to the attacks on 11 September 2001. Given all of this, and the massive impact of the 9/11 attacks, is it safe to assume that the US government and others have been able to fix the problems? With 3,000 persons dead and billions of dollars lost, this should have been the catalytic event that would force the intelligence community into pushing for solutions. However, there are faint signals that suggest more intelligence failures are likely in the future and they will occur due to a lack of intelligence sharing between agencies. The influential United States Government Accountability Office (GAO) has released a report on information-sharing within the US federal government.' The focus of the report was on the sharing of unclassified,but sensitive, terrorism-related information. It surveyed 26 agencies and was released in March 2006. The report was critical, noting that four and a half years after 9/11, there was still no government-wide policy or process in place to integrate terroristrelated sensitive information. The report noted that this information was crucial to protecting the American homeland. According to the GAO, responsibility for this process was initially passed from the White House to the Office of Management and Budget and then to the Department of Homeland Security. None of these agencies completed the task from 2001 to 2004. Following that, the Intelligence Reform Act of 2004 called for an "information sharing environment" t o be created. In December 2005, President Bush stated that the creation of such an environment was within the purview of the Director of National Intelligence, The Director did issue an interim report in January 2006, but resigned shortly thereafter. As of March 2006, no policy or program is in place to allow for internal sharing of terrorism-related information. Open source information and anecdotal evidence suggests that information-sharing (classified and unclassified) within the US government remains a major obstacle. Despite the shock of 9/11, agencies such as the 'For more information on this, see the website of the United States Government Accountability Office at: http~/ww~~.g~.gov/new.i~ems/dO63~S.pd~

142

RISK ASSESMENT AND HORIZON SCANNING

FBI and the CIA still do not effectively share information and budgetary turf wars appear to be winning out over the imperative of national security. Notwithstanding all of the above, there appear to be some signals emerging that are not being heard, or a t least not being acted upon. Among them is the fact that the issues of “silo-busting” or ”stove-piping” remain the single greatest problem, despite this issue being repeatedly identified. At present, no indication exists that the US government will solve its intelligence and internal information-sharing problems in the foreseeable future. At the same time the Department of Homeland Security model of a centralized bureaucracy trying to control all aspects of an issue does not appear to be functioning well, a t least on the information-sharing level. As such, the failure to notice or address these kinds of signals suggests that further intelligence failures are likely on the part of the US.At the same time, those allied states that use US based intelligence as part of the indicators and warnings process should not feel too comfortable in believing they are getting the ”full picture.” Most serious of all from a faint signals perspective is that this report deals with unclassified information. If the unclassified problem cannot be solved in five years with this kind of pressure, what does this say about the same problems at the classified level? Experience and common sense dictates that whatever the problems are a t the unclassified level, they are probably greater at the classified level.

183 The Case sf ~ ~ n e ~ e c h n o l o ~ i e ~ Electronically-driveninformation technology (IT) has been the focus for many ~ounter-terrorismtechnologies. As a result, the electronic revolution has caught the world’s imagination. Many assessments envisage IT as the future of counter-terrorism. It is worth noting, however, that such an outlook is primarily based on a linear approach, not on a scanning approach. In other words, it assumes a continuous extrapolation of past trends.‘ ‘The majority of information in this section was originally researched by 1400 Tiang Boon who is an Associate Research Fellow at the Centre of Excellence for National Security at the S.Rajaratnam School of International Studies (RSIS) in Singapore. It has been adapted for use here with his permission.

ore Faint Signals Being Misse

143

The future of IT should be monitored, but in today's complex and uncertain environment, it may not be enough. One emerging, but often overlooked high potential technology is nanotechnology. Nanotechnology is the science of controlling atoms and molecules in the nanometer (1 billionth of a meter) scale to develop new materials that can have useful and unique properties. Unlike conventional manufacturing science which constructs things based on preexisting matter such as wood, metals and stones, nanotechnology looks at the possibility of starting literally from the bottom up to assemble an object atom by atom. And since it is the configuration of atoms and molecules in a substance that decides its attributes, the ability to arrange atoms with a nano-dimensional precision means that possibilities exist for new entities that can have unprecedented characteristics. Currently, nanotechnology is at the beginning of the applied research stage. Contemporary methods for manipulating atoms are crude, to say the least. While atoms can be moved, they are being transposed in mass. As one technologist puts it, "it is like making things out of LEG0 blocks with boxing gloves on your hands."' Despite the existing rudimentary current standard, the future of nanotechnology remains bright. Already, certain counter-terrorism applications can be gleaned from nanotechnology. Furthermore, scientists are estimating that it is only a matter of eight to ten years before the technology reaches mainstream maturity. Given all these, it is fair to say that nanotechnology will eventually become a major driver in counter-terrorism tactics. What are some of the ways in which "small tech" can contribute to counter-terrorism and other crime related issues? Nanotechnology has the unique ability to create tools which are able to detect explosives that current X-ray and metal detectors miss. By creating special enzymes that can recognize certain explosive molecules, bombs may be critically detected much earlier. The first successes have already occurred. In June 2006, Professor Maher Kalaji of the University of Wales, Bangor, created a detector capable of

'This description is attributed to Dr. Ralph C. Merkle, who is one of the pioneering figures in the field of nanotechnology.

144

RISK ASSESMENT AND HORIZON SCANNING

“sniffing” out very small traces of explosives in the atmosphere. Named the “nanodog’; the detector is sensitive enough to even discern explosives with concentratioris in the part-per-trillion range. Just imagine: if the ”nanodog” can become ubiquitous in the same way as smoke detectors are in most buildings - terrorist bombing chances may be signi~cantiyreduced.” Nanotechnology can also be developed to detect chemical warfare agents such as nerve gas, sarin and mustard. In this connection, Professor Ken Klabunde of Nanoscale Materials, has developed nanoparticles which will not only be able to recognize deadly chemicals, it can also neutralize them instantaneously on the spot? Significantly, these nanoparticles are minute enough to be sprayed or used in an air filter, thereby leaving the possibility that it can be used to fortify air vent systems which are highly vulnerable to chemical terrorism. Meanwhile, Professor Klabunde has envisioned that future versions of these nanoparticles will even counteract biological agents such as viruses and anthrax. Another possible application of nanotechnology is in counter-terrorism intelligence. In this respect, miniaturized sensors known as ”smart dust” are being developed - which in its fully conceptualized form, will be able to form “clouds of eyes’lthat will be able to track and monitor activity. Because this ”smart dust” will almost be invisible to human sight, the surveillance capability will constitute a quantum-leap in surveillance standards. Currently, the smallest conventional sensor is small, but still in the range of one centimeter in diameter - not exactly dust-like. However, with future advances in nanotechnology,it is envisaged that these sensors will eventually downsize enough to become ”smart dust.”” If a terrorist attack is to eventually happen, nanotechnology will also be able to serve valuable forensic functions. In what is known as the “lab-onthe-chip” concept, researchers are currently developing nanodevices which are capable of analyzing DNA samples within a matter of seconds, thereby

‘For more information on the nanodog work, see the website of the University of Wales, Bangor at: http://www.chemistry.bangor.ac,u~~nanodog.php.

’For more on this work of Professor Klabunde and its potential use in detection see: httpJ/www.wtec. org/nanoreports/cbre/CBRE-Detection-I 1-1-02-hirespdf. “Smart dust is the brainchild of Kris Pister. For more information on smart dust and its potential uses, see: hMp~/robolics.eecs.berkeley.edu/-pister/SmartDus~.

More Faint Signals Being Misse

145

providing counter-terrorism investigators with time-sensitive, after-attack evidence, With this kind of"small"edge, the lead time gained in establishing the identity of the perpetrators will be crucial. Despite the inherent promise of nanotechnology, it is important to note that "small tech is not the silver bullet of counter-terrorism - it is just a bullet.While nanotechnology can certainly create important counter-terrorism applications, it does not mean that terrorists or terrorism, will be eradicated. As strategist Colin Gray puts it aptly, "technology (and that includes nanotechnology) does not determine the outbreak, course and outcome of conflicts."~anotechnologyshould not be hyped as a panacea for the complex area of counter-terrorism. Furthermore, a double-edged sword phenomenon exists in this case. Nanotechnology can also be utilized by extremists or terrorists. When "small tech" becomes commercialized, who is to say that terrorists will not use it for their own purposes? In the same way the internet has been used by terrorists for their recruitment, communication and propaganda, nanotechnology may also be similarly exploited. One possible area of abuse is in the creation of a "nano-bomb." Explosives are more effective if the granular size of the particles involved can be made smaller, which increases the rate of oxidation of the explosive, rendering it more powerful. This methodology is already used by terrorists (and others) when they grind ammonium nitrate powder down to a finer size in order to increase its explosive power. Doing this a t the "nano level" would increase the power of some conventional explosives by an order of magnitude or more. Put simply, this means more bang for less size, a seductive proposition for terrorists. Indeed, the extent to which nanotechnology may be abused is entirely up to the malevolent imagination of a terrorist. As with any other technology, a race will exist to see who can more successfully exploit new technologies and ideas.Typically, smaller organizations that have a Darwinian imperative on them to survive have shown themselves to be better in this kind of exploitation. The current jihadist domination of the'lbattle space"ofthe internet is a current example. If, however, governments are able to move quickly with the benefit of "horizon scanning" attitudes, nanotechnology may prove to be a key asset in counter terrorism operations and other forms of crime fighting.

This page intentionally left blank

Chapter11

National Security lntelli and the Front line Re It has become a habit, perhaps even fashionable, to engage in a wide range of intelligence bashing activities after every major crisis. On occasion, the attacks on the intelligence community might be valid. However, it is often the case that the real root of the problems were either failed policies, or the politicization of the intelligence process to serve policy decisions that were already made in advance. The recent attack on Iraq in 2003 is a clear example of this.a Despite the recent focus on failures by the intelligence community to detect and prevent acts of terrorism such as the 9/11 attacks on the US or the 7 July 2005 London bombings, law enforcement and police agencies have in fact had multiple successes in the past 15 years and thousands of lives have been saved. One emerging trend is that many of the failures have occurred a t the strategic level, while some of the most significant victories have been a t the front lines or at the local level. By examining intelligence

‘A major portion of this chapter was previously published by RUSKJanes Horne~~ndSecurityffndRejilieflc~ Monitor, in Norman Vasu and Tom Quiggin, ”People Power in the War on Terrorism!” on 22 May 2006. Other parts of the chapter are drawn from Tom Quiggin, lntelligence Lessom: ”Defeating Terrorism on the Front Lines,” RUSVJanes Homeland Security and Resilience Monitor, February 2006. ‘Tom Quiggin, “Marching To War: The Invasion of Iraq - A Plan Fourteen Years In The Making: The Royal United Services /ns~irureJourna/, October 2003.

148

RISK ASSESMENT AND HORIZON SCANNING

successes and failures, lessons can be learned that will have direct policy implications for future training and resource deployment. Strategic intelligence warning has had a far from spotless record over the last century. Significant failures have included Pearl Harbor, the 1973 Arab-Israeli War, the collapse of the Soviet Union, Iraq's invasion of Kuwait and the attacks on the US on 9/11. At the strategic level, these failures share a number of distressingly common features: warning information that lacked proper assessment, stove-piping, a deliberate lack of inter-agency cooperation and a bureaucratic overemphasis on process at the expense of operations. Most destructive, however, may be that bureaucrats in the intelligence community are rarely held responsible for their failures. As a result, the most critical part of the intelligence cycle -- direction - is often the weakest. Although changes are currently being made in intelligence and security agencies in the West, they will not solve the problems described above. Most of the changes are cosmetic or simply add another layer of bureaucracy to the existing system. The reforms could even leave Western nations more vulnerable to surprise attacks.This includes the possibility of more 9/1 l-style attacks or attacks involving weapons of mass destruction. It is more likely, however, that the current series of smaller, uncoordinated attacks such as the 7 July 2005 London bombings and the 1 1 March 2004 Madrid bombings will continue. A pessimistic but accurate assessment of strategic analysis was published by Richard Betts in 1978 and republished in 2004. In his article, Betts makes the observation that the best way to be prepared for dealing with intelligence mistakes and decision-making errors is to have a "tolerance for disaster? While intelligence failures inevitably receive more coverage by the media, successes have occurred in the struggle against terrorism. The cases of Ahmed Ressam, who was arrested before a planned bomb attack on Los Angeles International Airport in 1999, and Jamaat al-Fuqra, a terrorist group whose plans t o bomb a cinema and temple near Toronto in 1991 were thwarted, are two examples. In both cases, terrorist attacks that could have

Richard K. k t t s , "Analysis, War and Decision: Why Intelligence Failures are Inevitable," World Poiifics, Vol. 31, No. 1, October 1978, pages 61-89.

N ~ ~ iSticurit ~ n ~ l

and the Front Line ~ e q ~ i r 149 ~ ~

resulted in the loss of hundreds of lives were prevented by border agents equipped with little more than keen observational skills and experience. On 14 November 1999,Ahmed Ressam was confronted and then arrested while trying to cross the Canadian-US border. A US customs inspector with I9 years’ experience, Diana Dean, questioned Ressam. She noticed that he was acting in a strange manner and asked him to open the boot of his car. Ressam tried to run but was captured after a brief chase. Investigations later revealed that his car contained a powerful homemade explosive and that he was en route to attack Los Angeles International Airport. As a result of Ressam’s capture, information was obtained that prevented other attacks. Dean has remained modest about her accomplishment, but it is possible that her frontline skills saved the lives of hundreds or thousands of people. Another example of a frontline success against terrorism was the arrest and conviction in Canada of members of the Jamaat al-Fuqra. Formed in New York and led by Sheikh Gilani, Jamaat al-Fuqra carried out violent attacks and murders during the 1980s and the early 1990s. Numbers are difficult to obtain, but the group might have carried out between 15 and 18 bombings and killed 10 or more people in assassinations or bombings. In October 1991, members of Jamaat al-Fuqra were stopped a t the Niagara Falls border crossing. In a subsequent trial in Canada, it became clear that the group had intended to bomb a popular Hindu cinema and a Hindu temple near Toronto. If the attack had succeeded, the death toll would have been in the hundreds or low thousands. Several members of the group were convicted but are now out after long sentences. As with the Ressam case, the border agents responsible for beginning the investigation that led to the arrests and convictions were not acting on previous intelligence.Their decisions to take action were based on their own observations of the individuals and situations they encountered. While testifying before the US government’s 9/11 Commission, border agent Jose E Melendez-Perez stated that he had refused entry to Mohamed al-Qahtani on 4 August 2001. Commission members believe that this man was the ”20th hijacker” in the 9/11 attacks. Melendez-Perez stated that he had worked as a border agent since 1992 and that he had acted on gut instinct. He said: ”I thought the man had military training because of his impeccable physical condition, his body language and a feeling that the

150 150

RISK ASSESMENTAND ANDHORIZON HORIZONSSCANNING RISK ASSESMENT ~ANNIN~

man had knowledge of interview techniques. Al-Qahtani had only a one-way ticket from Dubai, no hotel reservations and insufficient money for the sixnight stay he said he was planning.” While gut instinct might have been at work, it is clear from his testimony that Melendez-Perez was also acting upon developed skills and training in visa procedures. Melendez-Perezdid not know, however, that al-Qahtani was likely to have been traveling with Mohammed Atta, who was the pilot of one of the aircraft hijacked on 11 September 2001. After the events of 9/11, it was also found that hijackers Marwan al-Shehhi and Saeed al-Ghamdi were subjected to some scrutiny by border agents who took a second look a t their papers. According to investigators’ reports, the men told stories to border agents that did not fit with the visas they had. Nevertheless, all three were admitted. In this case, the frontline personnel had the information to act but did not. This might have been due to a lack of training, a lack of will or perhaps the feeling that they would not be supported by their superiors if they did act. It is also possible that they, like many others, had been pressured not to ”hassle” Saudi citizens. It is clear from these examples that frontline officials have saved the lives of hundreds, if not thousands, of citizens by preventing terrorist attacks. Terrorist operatives travel frequently and must do so for training, recruiting, financing or planning operations.They must also live within local communities, purchase supplies and communicate locally and internationally. Some terrorists who even artack within their own community or country, such as the 7 July 2005 London bombers, are known to have traveled internationally. These issues remain major vulnerabilities for potential terrorists, despite the decentralized structure and evolution of al-Qaeda and those individuals and groups inspired to act in its name. Responding to terrorism is usually seen as being almost exclusively the role of the police or security services. The 9/1 lattacks on the US illustrated how members of the public can play a crucial part in countering terrorism. Terrorism and political violence are constants for the foreseeable future and few developed states will be immune to these problems. Dealing with these attacks in such a way that they do not tear apart the social fabric of societies is a key element in destroying the key attribute of terrorist attacks: fear. Centralized bureaucrats and politicians sometimes have a paternalistic view of the societies in which they operate. They tend to believe that they

~ ~ t i ~Securit nal

and the Front Line Require

151

are the only ones who have the skill and knowledge to tackle the various emergencies and catastrophes that arise in society. To date, there is considerable evidence being collected that suggests the contrary. The first and best responders to a crisis will be those on the front line. Citizens, police and other emergency responders will be the first to face the fight. As such, if their response is positive and constructive, the chances that the crisis will play itself out with lessened catastrophic effects are increased. If the initial response on the front line is panic, however, any follow on response from central authorities may not salvage the situation. It is the social and technical resilience of society that may be the best weapon in fighting terrorist attacks. And this resilience may be much stronger than is generally believed. In conflict, the use of strategic surprise is generally the weapon of the weaker side. This is the nature of asymmetric attacks. Such was the case with the 9/11 attacks on the US. However, far from achieving the total strategic surprise that the hijackers sought, it can be argued that the effective use of tactical intelligence by the citizenry stopped the momentum of the attacks only 108 minutes after the first indications that something had gone terribly wrong. To use terms from the intelligence community, the intelligence cycle of the passengers on United Airlines flight 93 was operating inside the operational cycle of the hijackers. As such, they were able to defeat them. This defeat played a major role in depriving the hijackers of their goal of disrupting US political capabilities and lessened the shock effects of the attack. Partially as a result of the resilience factors, the overall success of al-Qaeda’s 9/11 mission was not attained. The destruction of the US Capitol building would have had a serious symbolic effect, as great as or greater than that of the loss of the World Trade Centre in New York. According to the 91’1 1 Commission, the first sign of trouble came at 0814. At that time, the hijackers began to force their way into the cockpit and take command of American Airlines flight 11, which was en route from Boston to Los Angeles. By 0819, however, flight attendant Betty Ong was able to call an American Airlines reservations office and report that the flight was in trouble. Only five minutes into the crisis, the social resilience factors were starting to play themselves out and valuable information was being transmitted to the world outside. By 0825, the Boston air traffic control centre was also aware of the problem.

153 152

RISK ASSESMENT AND HORIZON SCANNING

Unfortunately, notwithstanding the professionalism of the flight attendants and others, the shock of the strategic surprise of the hijackers overcame them with the loss of three aircrafts and thousands of lives. United Airlines flight 93 had a different outcome, however, partly due to the initial responses of the passengers and crews of the first three flights (American Airlines flight 11, American Airlines flight 77, and United Airlines flight 175) and various ground-based individuals. It is clear from the 9/11 Commission report that the passengers and crew on board United Airlines flight 93 were able to gain critical information by communicating with airphones and mobile phones. Gathered at the back of the aircraft where they had been forced to gather by the hijackers, the passengers analyzed the information available to them and took action all of this without direction from central authorities. At approximately 0957, the passengers of United Airlines 93 started a sustained and determined counter-attack against the hijackers in the cockpit. This was only 103 minutes after the beginning of one of the most shocking examples of strategic surprise. Al-Qaeda's opposition forces reacted and turned the battle back in the other direction.The passengers of flight United Airlines 93 had put themselves directly into the battle - successfully. At 1002, the flight came to a halt when it crashed into a field in Pennsylvania. This was 108 minutes after the first sign of the crisis. It should be remembered that the costs of getting into the fight were frighteningly high, with a 100 per cent casualty rate on the flight. Social resilience and gumption are key factors in any such event. For any hijack to succeed, the hijackers must be able to generate a sense of powerlessness in their victims while also reducing the amount of information available to them in order to ensure this state is maintained. By disempowering their victims, hijackers are better placed to keep them docile and compliant. In the case of the United Airlines flight 93, the hijackers were unable to do either. Their failure to do so was chiefly due to the resilience and gumption of their intended victims. If resilience is composed of the four factors of knowing, judging, engaging and acting, all four factors were exhibited on that flight. The successful defence mounted by the passengers of the United Airlines flight exhibited a large degree of both social resilience and technical adaptation permitting them to empower themselves by:

~ ~ t ~ oSecurit nal

-

,,

153

and the Front Line Require

knowing what was happening; judging the situation a t hand; formulating a plan together; and acting out their plan.

The combination of these factors enabled the passengers to take back what the hijackers intended to remove from them - their autonomy and their access to information. By using the technology a t hand, that is, mobile and airphone telephone networks, the passengers were permitted to obtain the minimal basic information they needed to undertake a course of action. They were able to deduce that this was not a "typical"hijacking in which the aircraft would be landed and they would be involved in some sort of hostage crisis followed by a negotiated settlement. On the contrary, all the evidence suggests that the passengers understood that they were going to die as part of a suicide

attack. With regard to social resilience - although it is a term normally associated with a community's ability to respond positively when a massive trauma is experienced - it may be argued here that the actions of the passengers is an allegory for how most societies should react to acts ofterrorism. Instead of waiting for the first responders in an emergency, these passengers understood that there was no foreseeable aid on the way and action had to be taken. What are the lessons learned? Strategic surprise has been a constant throughout history. Institutionalized intelligence services have not prevented surprise attacks in the past and it is unlikely that they will eliminate them anytime in the future. Newer methodologies such as risk assessment and horizon scanning will alert leaders to the upcoming 6 types of problems and aid them in the response, but In a crisis, if is not sc) the event that discrete events will still ~~~~~

cause strategic surprise

The passengers of United Airlines 93.3showed

that it is possible for a

~~~~

154

RISK ASSESMENT AND HORIZON SCANNING

society to react to surprise, defeat an attacker and regain the initiative in the fight almost immediately, no matter how shocking the event. The immediate and effective response, it should be noted, did not come from formal government decision-making structures such as the military or the police. Nor did the initial response come from informal or impromptu state formations. The response came from the citizens at the scene. This selfemerging group of leaders and followers provided the first line of defence and reaction. Given the wide range of threats that governments face, such as terrorism, pandemics, natural disasters and man-made calamities, governments take into account the fact that the first responders - and the basis of the survival of their social fabric - might well depend on the immediate actions undertaken by citizens who operate on the front line.The social and technical aspects of resilience have their strength from the ground up - not from the top down. The actual event, as was noted above, is not really the issue. The response and how it unfolds is the issue. Although there is currently a high degree of focus on counterterrorism activities, the resources available are limited. How can we best spend this money to protect people against terrorist attacks? The following are suggestions on how to focus resources to prevent terrorist attacks before they occur. Frontline training and support. Some successes have occurred because frontline officials noted discrepancies in visas, other documents and the stories presented by travelers. Increased training and support for frontline officials is a sound investment. Further action must also be taken by supervisors to support frontline officials. A higher”false a1arm”rate may occur as frontline officials challenge doubtful documents and stories, but supervisors must be willing to support the decisions of their frontline workers. Basic policing skills. It may seem counterintuitive, but the greater the level of globalization and internationalization,the more important it becomes for local police officers to know their neighborhoods. It is crucial that they think globally and act locally. An effective understanding of the local neighborhood and changes within it are critical elements in the intelligence process. A well-informed frontline police officer is an effective weapon in combating any type of crime.

National Securir

and the Front Line Requireme

155

Human intelligence.The Cold War and the information revolution have given many senior leaders the ohen false impression that risk-free intelligence gathering can be done through technological means. While there is some truth in this, the reality remains that finding inroads into extremist or terrorist communities is still best accomplished through sources and agents. Developing these assets is an effective means of gaining insights into the activities of local communities. Human intelligence will not be a silver bullet however. Sources take time to develop and in the frequently non-structured world of jihadism, even a well developed source may be useful for only a short period of time. Specialization. Learning how to fight terrorism and political extremism effectively is a complicated task. It can take months or years to develop even the most basic skills required. A significant amount of operational experience is required to build up the confidence of those involved. Too often, however, staffing and promotion systems mean that frontline officers and analysts are rotated endlessly. This policy of rotation without some form of planning is self-defeating at best and negligent a t worst. Social resilience matrers. In a catastrophic event, it is not so much the event that matters; it is the response to the event that will shape the outcome. Strong social resilience, which can be developed, is a key instrument in fighting and defeating terrorism. As with many other aspects of responding to catastrophic events, it is a t the front line and with the first responders that the key issues lie. ~ron~/in intelligence. e Terrorist threats following the 9/11 attacks on the US have been largely localized and lacking in central organization. In order to track such threats, low-level intelligence gathering must occur a t the front lines or at the street level. The information collected can then be quickly synthesized into actionable intelligence.

This page intentionally left blank

Chapter 12

Open source intelligence

Open Source Intelligence (OSINT) is not just open source information nor is it a substitute for "all source analysis."OSlNT is a distinct analytical process that "integrates world class human expertise with an integrated humantechnical process to produce just enough, just in time intelligence information tailored to support a specific decision."' If done correctly, it is as rigorous and timely as any other intelligence source and is usually done a t a fraction of the cost. Seen in another light, it is an intelligence discipline that uses information of potential intelligence value that is generally available to the public. It is also a source that provides understanding about certain events or situations which will then help the analyst understand the various classified materials that are available. It may seem ironic to a certain extent, but military commanders have sometimes been the leaders in developing OSINT intelligence. The NATO d ~ ~ n ~ t of i o OSINT n is information that has been deliberately discovered, discriminated, distilled, and disseminated to a select audience, usually the commander and the immediate staff, in order to address a specific question." OSINT, in other words, applies the proven process of intelligence to the

'Robert David Steele, On Intelligence, page 108. 'For a list of NATO's open source information and guide books, see: h~p~/information..retrieval.info/ docs/NATO-0SINT.html.

158

RISK ASSESMENT AND HORIZON SCANNING

broad diversity of open sources of information, and creates intelligence.The following explains the key terms in this definition: Discovery. "Knowing who knows" and "knowing where to look are the heart of a global OSINT process, which leverages distributed centres of expertise and archival knowledge. Eighty per cent of the information needed to make OSINT useful is not online and not in English. Discrimination. Careful discrimination between good and bad sources, current and outdated sources, relevant and irrelevant sources, and finally, between cost-effective and cost-prohibitive sources, is part of the unique value of the OSINT process. Distillation. The most important value added by the OSINT process is that of distillation, so that the final OSINT report can be as short as a paragraph or a page, and can communicate to the decision maker the essence of the collective wisdom pertinent to the decision under consideration. The OSINT process permits the out-sourcing of first echelon analysis, and allows world class expertise to be placed in the service of the consumers.

De/ivery.The best intelligence in the world is useless if it cannot be delivered to the customer in a timely fashion, in a media compatible with the in-house system, with adequate provision for security, and in a format that can be easily understood.

12.1 OSINT and National Security This chapter will examine (OSINT) with an emphasis on its relationship to national security intelligence requirements.These requirements are increasing both in the subject matter required and in the speed with which actionable reports are required by senior leaders. An already uncertain and complex international environment presents indications of becoming more unstable.'

'Part of this section was originally published as a IDSS commentary paper (105/2006) entit1ed:"It Sure is Dark in Those Caves: Open Source Intelligence for National Security."It is available at: wwwntu.edu. sg/idss/publications/Perspective/lDSSl052006.pdf.

Open Source lntellige

159

The current threat is devolving downwards from systems threats (countries or large organizations) to the individual or small group level. National security intelligence must provide for possible intra-state conflicts, but it must also deal with non-traditional threats such as transnational terrorism or critical inf~astructuredisruptions. Unfortunately, most of the highly technological and classified intelligence systems were designed to operate against threats at the state level in the Cold War. These highly classified systems may work well against large scale threats such as armies, but they cannot perceive or react to individual level capabilities and intentions. With a dynamic and complex threat environment, a developed country now faces the need for an increasing number of people who can see and understand the bigger picture. Decisions affecting the future will require a broader range of input, not similar decisions as in the past. Furthermore, the decisions will have to build in more flexibility and scalability to adapt to developing external pressures and technological change. And they will have to be made faster. Timeliness and accuracy are the two bywords of intelligence, whatever the particular area of leadership requirements. Of the two, however, timeliness is the most critical. A variety of political and military leaders have stated that even a partial intelligence picture with flaws delivered in a timely manner is more useful than the best intelligence provided after the fact, The asymmetric threats are a particular challenge in this area as they tend to develop faster than larger symmetric ones. Looking behind the varied list of threats that could negatively impact national security and the economy, the most serious threat could be the information gap between what is known and what needs to be known. To be clear, the world is currently awash in data and has been since the late 1960~4Obstacles exist, however, in getting information from where it is, to where it is needed in a timely manner. A series of technological promises of the past have not fixed this problem. If these problems are not fixed or sidestepped, then more failures caused by a lack of information flow can be expected.

‘See Major General Sir Kenneth Strong KBE, CB, Men oflntelligence,Cassel and Company, London, 1970, pages 152 to 153.

160

RISK ASSESMENT AND HORIZON SCANNING

OSINT is particularly well suited to national security work, even though it lacks the "cool factor" of classified intelligence and is seen as a threat by many centralized bureaucracies. Why is OSINT so well suited to tackling national security asymmetric threats?Several key points need to be conveyed with respect to OSINT and its role. Among the most important ones are: a. Much confusion exists as to what constitutes OSINT. Despite much taik, the internet is not everything there is t o OSINT. The reality is that there is more searchable and reliable information in commercial and aggregate data bases than there is on the World Wide Web (WWW). b. Spies know only secrets. Secrecy is the enemy of knowledge and therefore the ally of the attacker. Asymmetric conflict is a form of conflict whereby knowledge is the key tool or weapon needed to prevail over. Intelligence personnel are frequently cut off from the rest of the world and are unaware that much of what needs to be known is already available.The intelligence community is no longer in the business of secrets; it is in the business of information, of which a limited part needs to be kept secret. C. The private sector has more information and expertise available than the government. Therefore, senior leaders and decision makers are already getting most of their information from OSINT. Moreover, the private sector has already spent the money necessary to provide the technology to recover this information when and how it is needed. d. Many of the contingences or surprises that arise tend to do so in both geographic and thematic areas not covered by classified sources. Yet the government leaders will need the information anyway. e. OSINT allows for a greater fiexibility when dealing with politicians, bureaucrats, foreign partners and with civilian agencies that lack security clearances. OSINT relies exclusively on information gained through legal and ethical means. It can therefore be used in court proceedings, quasijudicial hearings or other public venues. It is a means of informing the public about threats in an open manner. OSINT can be used as al'reverse engineering tool" to allow information to be used in the public realm. f. Highly classified intelligence reports tend to identify isolated facts, rather than provide an overview of what is actually important or information needed for decision makers.

Open S Q W CIntellige ~

161

g. OSINT is no more or less reliable than classified intelligence. Despite the widely held assumption that classified intelligence is more reliable than OSINT, there is no actual body of evidence to support this. As with any other form of information, there are methods available to verify the reliability of sources and facts. h. OSINT imagery is now available at high resolution and very low costs. As such, many groups and other non-governmental agencies can now have their own space-based imagery capability. i. A small number of OSINT analysts (two to three) can track and provide warnings on global phenomena that are of interest to the state. This can be done using complex Boolean searches on data bases such as Dialog or Lexis Nexis assisted by the WWW.

12.2 what constitutes open source intelligence? The sources that make up OSINT are widely varied. Currently, one of the greatest myths and weaknesses of OSINT is that it is often associated with just the internet or the WWW. The WWW, while useful to some degree, is a limited source. Search engines designed for WWW use are themselves limited, in the sense that much if not most of the WWW is not accessible to search engines and can only be exploited by using deep web search techniques. Searching the deep web is beyond the capability of most users. Consider the 41 1 or white and yellow pages services offered by many phone companies. Search engines will search the title page of the 411 service, but they cannot go into the website itself. In the case of the Canada 41 1 system? for example, the site claims that there are some 12 million listings. A search engine such as Google@, however, will find none of those 12 million listings as they are not on the "front page" of the website. The same can be said for most of the content of the web. The larger commercial data bases such as Lexis Nexis and Dialog have more searchable information than the WWW and their data bases are stable and offer a replicable search capability. As well, the commercial data bases tend to be focused on their areas of interest, while much of the content of 'See httpi/ww~~.canada411 .ca/.

162

RISK ASSESMENT AND HORIZON SCANNING

the WWW is filled with pornography. According to the IBM's WebFountain team (2004 report), about 30% of the WWW is pornography while another 30% of it is duplicate information. Seen another way, this means about 40% of the ~ W W may actually be useful information. What other sources can be exploited by national security intelligence requirements? The sources are too numerous to list here but among them are books, newspapers, scientific and academic journals, phone books and 41 1 information listings, TV and radio broadcasts, government d3ta bases, census reports, other government reports, maps, gazetteers, navigation guides, terrain analysis guides, open source high resolution imagery, business reports, budget reports and others. What is available to OSINT researchers is limited mainly by their creativity and imagination.

12.3 secrecy is the Enemy of knowledge A globally observed obstacle to good intelligence on asymmetric threats is the obsession with secrecy. Repeated indications are that some 75% to 90% of classification is motivated by the need to protect "turf" and reputations.' Classification is also used deliberately to avoid legislation that exists in many countries that allows for citizens to access unclassified government documents. Only rarely is the method of classification used to actually protect matters of interest that are directly related to national security. To be quite clear, information does exist in government that can and should be covered by laws related to classification. However, only a small minority of the information actually needs to be classified to protect sources and agents, or to prevent potential damage to the interest of the state. One result of over classification is the building of bureaucratic bunkers or caves. In order to protect their classified information, bureaucrats build compartmentalized systems that in effect, cut them off from the rest of the world. The costs of this can be high, as special computers are required to handle the information and it must be stored in cabinets and vaults that are 'See, among many others, Robert David Steele, On Infelligence, page 58.

Open Source lnteiiige

163

expensive as well. At the same time, this focus on classification means that the ”bunkers” that are built tend to isolate those who work in them. The flow of information from open sources does not reach these people and the fact that they carry a security clearance can stop them from making valuable contacts in the private sector or the academic world. Ultimately, the system of classification and protection we have built is self-defeating, especially now that the focus of the threat from the Cold War has changed. Consider the following statement: We have created a security bureaucracy which has lost sight of its purpose, and has no idea how to deal with the changed circumstances of a world in which the US intelligence c o ~ m u nno i ~longer controls the bulk of the information. Worse, we have an entire community of intelligence professionals good people trapped in a bad system - who have been trained by rote to stay inside their little box, and literally have no un~ers~anding of the vast wealth of information available to them outside of the bunker, often for no more than the price of a telephone call.’ A recent American situation related to terrorism demonstrates how “dark it can be in the bureaucratic caves of intelligence. Sadly enough, this scenario

could be played out in almost all of the developed countries, many of which have fallen prey to the same problems. In June of 2006, US government officials loudly complained that the New York Times reported the tracking of terrorist financial information. They believed that this would compromise efforts to track terrorists by alerting them to the fact they were being tracked and they were particularly upset that references had been made to SWIFT codes (a form of electronic addresses in banking). President Bush sharply condemned the disclosure of a program to secretly monitor the financial transactions of suspected terrorists. “The disclosure of this program is disgraceful,” he said. ”For people to leak that program and for a newspaper to publish it does great harm to the United States of America.” Bush said the disclosure of the program ”makes it harder to win this war on terror.”* ’Robert David Steele, ibid., page 56 *See, among many others the Washington Post at h~p~/~/~~w.\~ashingtonpost~co~n/wp-dyn/conten~ articl@/2006/06/26/AR2006062600563.html.

164

RISK ASSESMENT AND HORIZON SCANNING

Following the story, White House spokesman Tony Snow said it was up to the Justice Department to determine whether there would be a formal investigation of the news leak. "Certainly nobody is going to deny First Amendment rights. But the New York Times and other news organizations ought to think long and hard about whether a public's right to know in some cases might override somebody's right to live,"Snow said."And whether, in fact, the publication ... could place in jeopardy the safety of fellow Americans."" The interactions between the press, the Administration and various intelligence community officials made for high drama in the news, but was there any substance to the allegations that the press story would hurt the war on terror?The reality is that most of the individuals involved outside of intelligence agencies knew that there was nothing new in the press stories that would aid terrorists in any way. Arabinda Acharya is an expert in terrorist financing a t the International Centre for the Study of Political Violence and Terrorism located a t the 8.Rajaratnam School of International Studies (RSIS) in Singapore. He makes the following observations concerning the New York Times press stories:

The terrorists know full well that they are being tracked and they are taking steps to avoid this. Many of them also have a well developed understanding of how international banks work. They have resorted to recruiting proxies so their own names and organi~ationswill not be involved. They frequently use women to transfer money, thin~ingthat women will draw less attentjon than men from law enforcement authorities. They are shying away from registered charities that they used in the past as fronts for their fund raising and fund transfers. Terrorists are also continuing to use non-formal transfer methods which are more d i ~ c u lto t track.Affother key development, especially among the home grown jihadist groups, is that they are increasingly self-financed,This finuncing can come from either their own funds l e g a obtained ~~ or through crime such as credit card fraud. The

'See the details of the story as published in the website of US.4 Today: "Bush -Disclosure of financial monitoring program disgraceful," 6/26/2006 11:14 AM ET, http://~~~w.usatoday.com/news/ washington/2006~~ffi-26-bush-monitoring~x.h~m.

Open Source i ~ ~ ~ ~ i i g165 e

New York Times story, while wrapped up in the mystique of secrecy and intelligence, was reporting old news.'@

t i Expertise on ,I The Private Sector has ere ~ n f ~ r ~ ~and Most classified intelligence agencies may not even be thinking about it, but the new reality (since the 1990s) is that the private sector frequently has more information and expertise about a given matter of national security interest than they do. In the age of distributed intelligence (as opposed to centralized intelligence), there is no longer the ability for government agencies to dominate the world of intelligence or knowledge. Simply put, even with their current large budgets, classified agencies cannot cover every country on the earth with spies and technology. Nor can they even effectively monitor every potential problem area or issue. It is also generally understood by most people in the policy world that it is impossible to predict where the next "big problem"will come from. This has a critical impact on intelligence agencies if they want to remain relevant during times of crisis. While it is not possible to monitor and learn every facet of human activity on the planet, it is possible for a small group of analysts to learn how to find out relevant information quickly and under pressure. The most valuable analysts now may not be those with specific expertise on a given subject, but rather those who can create instant links between those who need to know (the leaders and decision makers) and those who know (the experts). If leaders or decision makes are given the information they need in a timely manner, they are highly unlikely to be critical later when they find out how the information was made available to them. With this in mind, consider for one moment what access to a large commercial data base can and has done for some of,the more forward thinking intelligence agencies. Two of the larger and more effective commercial aggregator data bases are Dialog and Lexis Nexis. Each one of them has approximately 10,000 newspapers which they electronically capture ''Interview of 11 September 2006 with Arabinda Acharya of the International Centre for the Study of Political Violence and Terrorism, 5. Rajaratnam School of international Studies (RSIS), Nanyang Technological University, Singapore.

166

RISK ASSESMENT AND HORIZON SCANNING

on each publication cycle. Additionally, they both have thousands of other individual sources. Global business information is included. In the case of one data base, the amount of business information would fill up some 800 million pages of text on ownership and operations around the world. There are various other sources which come from a variety of backgrounds including government, medical, scientific, intellectual property, legal, technologies, patent and market research. Interestinglyenough, the aggregated data bases such as Dialog and Lexis Nexis offer considerable security advantages over smaller data bases or the WWW. With most of the searches done on the WWW, there is always the possibility that the owner of the website searched will know that their site has received "hits." If they are of a criminal nature, the owners of the sites may well monitor themselves to see who is monitoring them. Some enforcement and intelligence agencies use software that disguises their own internet services providers or ISPs, but even then, the owner of the site may detect search patterns or unusual searches. With the large commercial data bases, this problem disappears as no third party agreements exist between the owners of the data bases and outside individuals to tell them who has been searching for their names or businesses. Caution should be applied with smaller commercial data bases however, especially those that only deal in business information. It is a common practice for some business-oriented data bases to sell information out "both doors." Not only will they sell their information to the customer who buys it, they will also sell a list of who has been doing searches to the businesses that they list. When using small-scale commercial data bases, this is information worth knowing ahead of time.

823 ~ Q n ~ i n ~and ~ N ~ c i ~ ~ Murphy's Law suggests that things will always go wrong when and where you least expect it. Anyone who has ever worked in business or any of the operational arms of government and the military will know this to be true. This can happen to the largest and best prepared organizations as well as the smallest. Consider the war in Yugoslavia. All of Europe and NATO had been preparing for the potential hot war that could break out in Europe.

Open Source i n ~ ~ l l i ~ 167 ~n

As such, almost every seemingly possible military and political contingency conceivable had been figured out. In the immediate aftermath of the Cold War, however, fighting broke out in Yugoslavia in 1991 and 1992. To the surprise of many, it was rapidly discovered that little was known of this European country, to the point that the first soldiers who went in as part of the European Community Monitoring Mission and the United Nations Protection Force did so using maps from the most non-military of all sources the Michelin Guide. Recent experiences have confirmed the notion that a crisis will come from an unseen or un-thought of area of event. Among the recent examples are 91’1 1, SARS, the suicide nature of the London bombings of July 2005, the fighting in Lebanon in July 2006, the attack on the USS Cole, the Danish cartoons controversy, Srebrenica and Rwanda. It is impossible for any intelligence agencies, no matter how well funded or equipped, to maintain coverage on every possible scenario. Nor, in an open system such as the international community, is it even possible for any agency to even consider what every contingency might be. As such, during a time of crisis, intelligence agencies will get caught short. The most likely source of immediate information on the issue a t heart will be in the area of OSINT. No matter what the geographic or thematic nature of the crisis, there would have been humans who have been involved and would have written and reported on the issues. With asymmetric threats on the increase, an ever increasing likelihood exists that the issue that arises (i.e., a crisis) will occur in an area or from a source which is not on the priority list of the intelligence agency required to respond. The answer in many cases will be for that agency to have an existing OSIIUT capability to find and deliver information from expert sources in minimal time. In most cases, a half hour to one hour lead time should provide an agency with sufficient time to provide an immediate, if general, assessment of the nature of the crisis and the players involved. One to four hours should allow the agency time for a more careful review of the intricacies of the issue and within one day, the agency should be able to provide direct, indepth expertise and advice to the leadership. This, of course, presumes that the agency has worked to produce the OSINT capability ahead of time.

168

RISK ASSESMENT AND HORIZON SCANNING

12.6 osint and information Flxibility

i

OSINT allows for greater information flexibil ty when intelligence agencies have to deal with politicians, bureaucrats, foreign and domestic partners and other agencies. This same sort of flexibility will apply when intelligence and law enforcement agencies have to deal with legal proceedings such as court cases, quasi-judicial hearings, or public hearings. The most obvious reason for this is that all OSINT is derived from information that was collected exclusively through legal and ethical means. As such, when the information is passed to the public realm, there is no need to try and hide the sources from which it came. OSINT can also be of great assistance to intelligence agencies even if classified sources are in use. It has been frequently pointed out that a process of'lreverse engineering"can be applied. If an agency has classified information that it wants to use in public, but a valid reason for classification exists, then that agency could launch an open source intelligence search for the same information. Experience has shown that either the same information can be found, or at least information that is "close enough can be found to get the necessary information to where it needs to go.

12.7 Limitations of Classified Intelligence For reasons of both process and capability, highly classified intelligence reports have severe limitations when they are required to inform leaders about global events that may have some degree of complexity.The products produced by classified agencies are frequently beaten out by non-classified sources when they compete head to head. Various experiments in the past have embarrassed the classified intelligence communities badly." Even former US Joint Chiefs Chairman and former Secretary of State Colin Powell made a damning statement when he stated: "1 preferred the Early Bird with its compendium of newspaper stories to the President's Daily Brief, the CIA'S capstone daily product."" "Gregory Treverton, Reshaping National intelligence for an Age of Information, page 133 and Robert David Steele, On /nre//igence,page 166. 11

Colin Powell, My American Journey, Random House, New York, 1995, page 293.

Open Source intelligen

169

These thoughts were echoed by Gregory F. Treverton who stated that the President's Daily Brief (PDB) was the signature product of the Central Intelligence Agency and it had its own staff to prepare it. The PDB was delivered to the President and a select group of senior officers each morning. The PDB was sometimes delivered in person to the President by the Director of Central Intelligence or it could be sent in hard copy. Dr. Treverton, who has been a t various times a staff member of the National Security Council, and also a staff member of the Senate Select Committee on intelligence, a senior consultant with the RAND Corporation and Vice Chairman of the National Intelligence Council, makes the following observations about the daily brief What struck me during the Clinton Administration was that while the PDB was an interesting set of discrete facts, it was not much more than that. It seemed less than helpful in building an understanding of any issues, because it did not convey much sense of what was more important than what, of how today's information fit in with yesterday's or last week's, or of how what the PDB reported was different from what the President had read in his morning Washington Post.'

'

The basic problem is this. Classified agencies are privy to a whole series of discrete facts and bits of information that they have collected electronically or from sensitive sources. While this information is valuable - and sometimes critical - unto itself, the agencies have not been trained 'to make sense of it all. Unfortunately, most of their collection targets are also not in the business of making sense of overall situations either, so the highly classified intelligence tends to be pieces of a puzzle rather than an overall picture. In order to make sense of the overall picture, outside information needs to be involved. Some intelligence assessment agencies seemed to have learned these lessons while others continue to report "just the facts" no matter how irrelevant or disjointed these facts can be. One other embarrassing frailty of this system of classified intelligence reporting is that it often leads to intelligence agencies reporting "top secret"

2s

Gregory Treverton, op. cit, page 107.

170

RISK ASSESMENT AND HORIZON SCANNING

information which is in fact generally known to all who have knowledge of a general issue anyway.Treverton reports that he used to keep a list of what he called "how1ers"or"secrets"thatwere provided to him that were statements of the obvious. One of his favourites was that a spy sent in a report that the French government did not like the General Agreements on Trade and Tariffs. Treverton notes that the information from the spy was both correct and important. Unfortunately, it was also commonly held knowledge to anyone in the world of business or trade and was only viewed as a secret by those intelligence personnel who had come across the information in a covert manner.14 This type of reporting not only ties up the intelligence service by having unnecessary classified material transmitted and stored, it also calls into question the competence of the intelligence service involved.

12.8 OSINT and Reliability One of the greatest sources of confusion on the intelligence world (and those who follow it) is the belief that there is some correlation between classificationand accuracy or reliabiIity.Thereis not. Just because a document is classified a t a high level does not mean its accuracy is better or worse than a lower classified document. The reason documents get higher classification is because of a greater need for source protection or a greater possibility of damage to the national interest should the information be released. While the intelligence community tries t o determine the reliability of the intelligence reports it is providing, there is nothing in the process that links the degree of classification to the reliability. The use of open source intelligence is a discipline unto itself just like any other form of intelligence activity. In short, it can be described as the use of publicly available material which is processed by humans with expertise in the area of concern. In most cases, determining the reliability of the sources and their information is subject to the same general process as is used in the rest of the intelligence community.

"/bid., page 1 19

Open Source intelligen

171

Assessing the reliability of OSINT is critical. Many different ways exist to assess reliability, but one generic method used is sometimes referred to as the AI/E5 method. This methodology looks a t both the reliability of the source and the logical consistency of the information being reported. The methodology can be briefly defined as fol1ows:The source of the information is assigned a level of credibility based on a scale of A (high) to E (unknown). The facts that are being presented by the source are rated on a scale of 1 (credible) to 5 (credibility unknown). Once this is done, the material is assigned a rating such as B3 or A2. With respect to the source, it must be verified for reliability. In the case of OSINT, this can mean both the individual providing the information (if known) and the organization for which the source works. Both of these aspects provide an opportunity to assess a track record of reliability and both opportunities should be exploited. In the case of a conflict (i.e., a well known and reliable newspaper but a doubtful reporter) then the lower of the two assessments is the one that should be used. The rating scale can be defined as follows: A. This is a well known source that has a long record of providing information. The information over time has been proven to be reliable and factual. This is a well known source that has proven to be reliable, but the source B. has provided information in the past which has been shown to be doubtful. The source believes the information was accurate at the time of delivery, but the information has not proven to be completely accurate over time. c. This is a source that appears to have a record of presumed factual reliability, but the lack of a long track record does lend some doubts. D. This is a source of doubtful reliability that has a track record of providing false or misleading information in the past. Additionally, the information being provided may be deliberately or subconsciously tainted by the agenda or ideology of the group or individual involved. E. This is an unknown source. As such, there is no way of determining the track record.

The facts in the report must also be verified for consistency and logic

to see if they fit in with a known pattern of reporting in the past. If they

172

RISK ASSESMENT AND HORIZON SCANNING

do, then the credibility can be considered as high. If they do not, then questions must be raised and an assessment made to see if the inconsistencies represent a change in the situation, or if it is bad reporting. The rating scale can be defined as follows: 1. The information in this report appears credible. It is information that fits

2.

3.

4.

5.

with a known and proven background of previous information that proved reliable in the past. In the most basic of terms, it passes the "smell test." The information appears to fit a known pattern and compares well with other known facts. However, variations exist from known patterns and this is a cause for either concern or further investigation. The information provided in this report appears to contradict known facts or normal patterns with no known explanation of why this is so. This is cause for Serious concern. Either the information is incorrect, or serious further investigation is required for an explanation of the inconsistencies, The information in this report does not make sense based on all previous knowledge of the issue. It is highly doubtful and should not be given any credibility. The information might be credible, but no means exists to compare it to any other known background information. It is totally new and no means exists to compare it to other known facts. As such, it should be read with a skeptical mindset.

One example of a reliability rating might be as follows. A newspaper report suggests that fighting is about to break out in a Central Asian state. It notes that there have been a series of riots in the past between competing ethnic groups which have been brutally suppressed.The ruling group, which is the ethnic minority, has a long history of abuse, but it is losing control due to a collapsing economy and the oppressed majority is now ready to challenge it directly. How does one assess the reliability of the report? The first step is to check the source of the report with respect to both the newspaper itself and the individual reporter. Is the newspaper known to have been reliable in the past? Is the newspaper owned or operated by a political party or an

Open Source lntelligen 173 individual that is known to a political or ideological link to the parties involved? Who is the reporter? Does this reporter have a personal interest in the story? Where was the reporter a t the time of the incident? Was the reporter in the country, or was the reporter hearing the story second hand from another source? If these questions can be answered, then it may be possible to assign the report an "A" rating. Otherwise, a lower rating would have to be applied. What of the facts of the story? If the report states that the sources of the conflict are ethnic, what in fact is the ethnic makeup of the country? Does this compare well with the actual story? Has there been political violence in the recent past and has there been a longer history of violence as well? Is the economy actually problematic, or are there other factors at play? Has there been similar reporting from other sources not connected to this report? Again, if all of these questions can be answered in the affirmative, then a high rating of "1" can be applied. If not, then a lower rating must be considered.

ace-Based Open 6.owce Ima In the past, the technologies and processing surrounding space-based high resolution imagery were closely guarded state secrets. Its existence only appeared in the public domain on rare occasions. The concept of open source space-based imagery gradually became a subject of discussion, but it was only in 1972 that the first open source imagery satellite was launched. Called LANDSAT, this NASA project was of rather limited value as its resolution was limited to approximately 80 metres. This was useful to a number of geographic and agricultural functions, but it was of little intelligence value for military, security or business purposes. All of this changed when the American President signed the Presidential Decision Directive 23 or PDD-23 in March 1994. Under this directive, American companies were allowed to license technologies that would allow them to sell high resolution space-based imagery that is now being sold in the range of one half of a metre. This decision by the American government was not so much leading the field as it was responding. Other countries such as Russia were offering to sell their imagery for cash and others such as Israel

174

RISK ASSESMENT AND HORIZON SCANNING

and France were willing to follow suit. The search for profits appeared to be outweighing former national security imperatives. What exactly can be done with open source imagery?The answer is that the capabilities are limited mainly by the imaginationof the consumer. Open source imagery can be used by businessesto keep an eye on their competitors or it can be used for surveillance before an attack. It has been used in war crimes investigations and in order of battle assessments by military forces. What can actually be determined in a useful way varies on the circumstances or the exact needs of the consumer. However, the following chart provides a rough idea of the resolution (measured in metres) required to detect, identify and then precisely identify a range of targets.’$

Detection

General Identification

Precise Identification

4t05

1.5

1

Vehicles

1.5

.6

.3

Radar and Radio Sites

3

1 to 1.5

.3

Bridges and Roads

5

4

2

Powerlines

3

1

1

60-70

10-30

2 to 3

90+

30-90

4.5

Tactical Aircraft

Industrial Plants Terrain

Fig. 12.1. Detection capabilities of imagery.

Open source imagery of this capability is now available to anyone with a credit card and a lap top computer. As such, what was once (and thought by some to still be) secret and unavailable is now available to the general public. This trend will increase as companies such as GoogleB are making limited amounts of imagery available at one metre of resolution. While Google provides no analytical services and hence its imagery is of limited

15

See the Canadian Security and Intelligence Service Commentary Paper No. 75, “Exploiting The New High Resolution Satellite Imagery: Darwinian Imperatives!” by Mark Stout and Thomas Quiggin.

Open Source lntellig

175

value, it will increase the competitive nature of the market, meaning that resolution of less than one half of a metre will soon be available.

.10 Global tracking of Issues One of the most under-explored aspects of OSlNT is its capability to track global issues of a critical nature such as pandemic diseases, SARS or jihadism. This rather massive capability is being used by a limited number of agencies, but it has not yet become a common practice despite its availability and low cost. Consider the case of a disease outbreak that could spread rapidly into an epidemic or a pandemic. While bird flu has focused the world's attention on pandemics, it should not be overlooked that the transmission of disease from animals to humans poses potentially wider dangers. Researchers believe that animal illnesses are jumping from the animal world to the human world a t an increasing rate, especially in the last 25 years. For every year that goes by, one or two new pathogens and multiple variations of existing threats infect humans for the first time. According to Mark Woolhouse, professor of epidemiology at the University of Edinburgh in Scotland, this trend is a worrying one." Currently, it is believed that there are 1,407 pathogens that can infect humans, of which 58% come from animals. Of these 58% of animal-derived pathogens, scientists believe that 177 of them are emerging or re-emerging and may pose a threat to humans. Several reasons exist for the increase in the number of diseases that are making the leap from the animal world to our own. Among those reasons are: 1. The emergence of fungi that is associated with hospitalization; 2. The emergence of fungi that is associated to poor population health; 3. The emergence of pathogens associated with contaminated food; 4. The emergence of pathogens associated with international travel; and

5. The emergence of bacterial strains associated with changes in land use

and agriculture. I$

See:http~/www.msnbc,msn.com/id/11460927/for further information on this issue or http://www boston.com/news/nation/articles/2006/02/20/humans~contracting_an1mal_diseases/.

176

RISK ASSESMENT AND HORIZON SCANNING

What is the response from the intelligence community a t large? Is the potential series of issues a national security problem? The answer is yes, given the potential for large scale deaths, economic devastation and the possible political instability that might follow in the wake of a major economic downturn. The key issue in disease outbreaks and possible pandemics is early warning and early reaction. But how does one track the entire globe for potential outbreaks, especially given the “uneven” degree of reporting that comes from some governments? Part of the answer lies in the global monitoring of disease outbreaks even minor ones - from tracking news services and government reports from around the world on a daily basis by searching for key words related t o potential disease outbreaks. This process i s already occurring successfully. Major commercial data bases such as Dialog and Lexis Nexis each tracks some 10,000 newspapers around the globe on a daily basis as well as approximately 10,000 other sources, including government reports and medical journals. Most of the information on the WWW and in the commercial data bases is highly unstructured, however, so searching these many reports on a daily basis would be impossible without a staff of thousands. The problem can be beaten by two or three people, however, using Boolean search strings that are specially constructed for whatever issue needs to be tracked. The search strings are complex, however, and may produce a search string that can be anywhere from ten to fifty lines long or more. In the case of searching for disease outbreaks, the strings are constructed by cooperation between data base specialists and medical specialists. The medical specialists determine the key diseases they want tracked and then they provide a list of possible disease names, symptoms and signs of outbreaks that can be associated to each disease. One search string is established for each disease which contains Boolean terms to detect and identify the critical ones when they occur. A similar process then occurs for each disease, and then all of the strings are put together to create one search that can be executed daily. Given the wide range of languages now covered by commercial data bases, the extensive global coverage serves as an effective warning system.

Open Source inreili

177

The same process can now be applied to virtually any form of activity. This includes transnational terrorism trends, transnational organized crime trends or natural phenomena such as polar ice melting.

12.11 outlook and conclusions OSINT in not just open source information nor is it a substitute for all source analyses. OSINT is a distinct analytical process that integrates human expertise and open source information to produce policy relevant or actionable intelligence. OSINT can fill in most of the gaps in national security intelligence immediately and at low cost. The budgets currently used to support OSINT are normally less than 1% of the money spent on intelligence collection and analysis. If those levels are moved up even modestly, then the OSINT capability would manifestly improve the knowledge levels of government intelligence agencies and other concerned individuals. Knowledge is the critical component in defeating an asymmetric threat situation. A good defence in an asymmetric struggle can only come from an understanding of the threat (knowledge) and therefore an ability to combat it or stop the threat before it materializes. The same can be said of natural asymmetric threats such as pandemics or climate change. Classification is an obstacle to the movement of information and may be more of a vulnerability than an asset. Secrecy is the ally of the weaker party in an asymmetric conflict while knowledge is the friend of the stronger party. Agencies involved in national security issues should be trying to find more ways of sharing information, intelligence and methodologies of defeating asymmetric threats. As such, greater alliances should be explored with partners that offer OSINT knowledge on threats. These partnerships should include both domestic and foreign as well as private sector relationships.

This page intentionally left blank

Chapter 13

A n t i c i ~ a t i nFuture ~ Threats: The Problem Areas

As the common joke goes, predictions are a very difficult business, especially where the future is concerned. Nonetheless, leaders and decision makers want to decrease their risk and increase their options for positive outcomes by having some form of predictability. Leaders of all types have sought out foreknowledge from a series of oracles, gods or computers. None have proven effective. Plenty of reasons exist to be both pessimistic and optimistic about whether or not we can predict or anticipate the future. It will be argued here that no solution is in sight for predicting the future. Further to that, it will be stated that predicting discrete events in the future is impossible in an open and complex system. On a more optimistic note, however, it will also be argued that while prediction for the future is a non-starter, we should be able to f f ~ t i c i ~ f fthe t e nature of upcoming problems. With the ability to anticipate such problems, leaders and decision makers can be prepared to react intelligently when a crisis arises. But first, what are the problems that face us as we try to predict or anticipate the future? Some of these issues have already been discussed in the earlier chapters, but it is worthwhile observing them together and examining their impact. While there are many such problems, they can be broken down into six main areas. These are:

180

RISK ASSESMENT AND HORIZON SCANNING

1. We cannot predict the outcome of events in an open system with multiple

2.

3.

4.

5.

6.

independent variables. The international system in which the state and its intelligence agencies must operate is such a system. The role of the state is changing and it faces increasing requirements to maintain its role in stability and security. The environment in which the state has t o operate is becoming increasingly complex and uncertain. The state is facing multiple threat actors in the complex and uncertain international environment. The previous main threat to the state was other states, generally referred to as symmetrical threats. Now, the threat is devolving to the point where there are multiple levels of non-state threat actors which can have lethal or debilitating effects. Technology has produced mixed results when it comes to anticipating threats in the national security area. In most cases, it has re-enforced the areas where intelligence was working well anyway (collection and collation) and it has produced little in the areas where intelligence is weakest (analysis). On the whole, it can be argued that technology has been an overall resource drain on improved analysis. Traditional methods of strategic intelligence being used to prevent surprise have not been successful. They were mainly developed during the Cold War when the bi-polar confrontation provided a t least a minimal degree of “stability.”Currently, strategic intelligence systems face a more complex environment with greater numbers and types of threat actors. It is irrational to consider that systems which did not work well in the past will now work well in a more complex environment. Artificial intelligence has not happened, nor is it likely to in the near future. Counting on this sort of technology is unrealistic.

13.1 Predicting the Future Predictions about the future can only be made in a closed system where there is a known and limited number of variables. For instance, a group of scientists can make predictions about when water will boil if they know the relative factors such as the amount of water, the resting temperature, the ambient atmospheric pressure, the amount of heat being applied, and the purity of the water.

....

utuve Threats: The Problem Ar

181

If all of the variables are known and controlled, then the scientists can make accurate predictions.If, however, they are not given the values for one of the variables (atmospheric pressure for instance) then they cannot predict the outcome accurately. Dealing with the types of problems associated with national security means that no level of predictability is possible as the number of variables is unknown and likely to be high in number. The variables are also not part of a closed system. The arena of national security and international relations is very much an open system with variables that change daily. Consider the following example.You are working as an intelligenceanalyst and your boss calls you in with a new problem. You are given a quick background explanation and some documents and asked for your predictions on what the possible outcome of this new problem might be. As a well trained analyst, you read the document and ascertain that there are basically four variables at work in this problem. As such, you work out that the four variables could interact or "link to each other in six different ways and that a combination of these various linkages could give you 64 different possible combinations of interactions. Stated another way, with four major variables at work, there could be as many as 64 different outcomes to the problem, depending on the various values and timings of the variables at work. The next day your boss calls you in again. This time he has a more complex brief, When you read the documents, you realize that this particular problem has ten major variables that could affect the outcome. At this point, you start to realize that your mathematical skills are limited to high school algebra and you are confused as to the possible number of outcomes you may have to deal with in order to provide a satisfactory answer to your boss. You consult a mathematician who gives you a rather startling answer. The total number of different "1inks"or ways that the variables could interact with each other is 45. However, the mathematician also points out that there are 3.47 trillion (trillion) different possible outcomes, depending on which variables interact and when. This number is, quite literally, astronomical. There is no way any human being, group of humans or computers will be able to provide a sensible response to the question that will have any meaningful impact on the person asking the questions.' With that in mind, consider

'The author extends thanks to Dave Snowden of Cognitive Edge for the use of this example.

182

RISK ASSESMENT AND HORIZON SCANNING

the complexity of a question such as "do you think the terrorist group will try and launch another attack in our country and when and where will they do it?"This is an understandable question from senior leaders and decision makers. But there is no way of successfully predicting whether or not an attack will occur. While the question itself is quite simple, the reality is that there could be hundreds or perhaps thousands of variables a t work. Even if the highly unlikely situation were to exist where the investigators and analysts know most of the variables, predicting an outcome remains impossible. The lesson in all of this should be fairly clear. In an open system such as the international system that has a large and unknown number of independent variables, it is simply not possible to make predictions.Without a doubt, there would always be those who later claimed to have made an accurate prediction. In most cases, however, the predictions were never able to produce "actionable intelligence."Thesesorts of predictions are the types that say "the terrorists may attack the capital city." When they do attack, the predictions look valid. When they do not, no one remembers and the methodology is not questioned. Predicting the future is not possible. Time spent, therefore, attempting to do so is time wasted.

13.2 TYhen Changing Role of the state and aNational security

As was noted earlier, the role of the state has changed and continues to change. The state is no longer just a protector. In many situations it has taken on the role of provider as well. This role of provider is often tied to one of national unity or to making loyalty to the state seem a reasonable course of action. As such, the state is in many ways now committed to maintaining multiple roles of responsibility. The state must provide an acceptable degree of social security and stability while at the same time provide a sufficient degree of economic prosperity. It is difficult to assess with a given degree of accuracy, but over the last fifteen to twenty years the state has also taken on the role of international competitor. In order to maintain its economic competitiveness in a globalizing economy, the state must be prepared to undertake a number of actions to maintain competitiveness or it must be ready to deal with the fallout.

uture Threats: The Problem

183

This puts most states in a quandary. Competitiveness sometimes means shedding jobs in heavy manufacturing, for example, and moving those resources into higher value-added industries. While the state may benefit overall, it faces redundant workers who have high expectations on how the state will provide for them. The general conclusion to be drawn here is that the role of the state is becoming a more difficult one and the challenge of maintaining its multiple roles is increasing. As such, the number of factors that can impact negatively on the state is increasing. It is the job, a t least in part, of the national security intelligence function to be aware of the potential problems.

13.3 The Complex and Uncertain Enviroment Not only must the state prevail in the face of competition from other states, it must also deal with the reality that some corporations have as much economic clout as many states, Corporations are frequently less reluctant and less restricted in their use of that clout. Other "actors" exist that pose threats as well. Currency markets, interest rates, and energy costs can have a huge impact on a state and its role as provider, but the state frequently has only the most modest control over such variables. To add to the state's problems, other factors such as health care issues (SARS, AIDS, and avian flu) can have an impact on the state as well as the weather (ice storms, hurricanes, and tsunamis). The state must also contend with other non-state actors such as transnational terrorism, transnational organized crime, and the drug trade. The number of potential actors who can harm any one state is increasing. At the same time, the size and capabilities of a group to act effectively against a state is steadily decreasing due to issues of technology, travel and communication. The threat, almost paradoxically, is devolving to the point where a small group of people with limited finances can have an impact a t the national level against all states. What does all of this mean to the intelligence community and national security? In short, it means the number of threat actors is increasing a t the same rate as the lethality of those actors. Most of these threat actors are asymmetric, which means that military force against them is of only the most limited utility.

184

RISK ASSESMENT AND HORIZON SCANNING

The only truly useful weapon against an asymmetric threat - be it a terrorist group or a pandemic - is knowledge. What is the role of national security intelligence agencies if not to produce knowledge and assessments that are useable to leaders?

13.4 Technology and futhure intelligence The future of intelligence is not about technology. It is about knowledge and how we manage, plan, train and organize ourselves to produce effective knowledge for leaders. We have been promised a series of technological solutions to many of our intelligence problems since a t least the 1960s. To date, technology has done a wonderful job of raw data collection and the collation (sorting and storing) of that data. This has been immensely useful in a number of areas such as satellite imagery, allowing leaders and decision makers to"see"where they would otherwise be blind.This type of technology was especially useful against a symmetric conflict where forces of a similar type faced each other. This technology, however, never did fill in one half of the two-part intelligence question. While it did provide useful information on "capabilities," it did not provide the necessary information to produce knowledge on "intentions." Seen in another way, technology has provided intelligence services with a large amount of data and information (the lower or left end of the continuum) but it has not provided any significant improvement with respect to knowledge and assessment (the higher or right end of the continuum). It is critical in an asymmetric conflict to prevail with actionable intelligence (i.e., knowledge). Without it, the ability to prevail is severely compromised or lost. Given the nature of some of the threats (bio-terrorismor pandemics), the costs may not be sustainable by some states. The challenge to intelligence agencies now has reversed in on itself. With a symmetric foe, the intelligence services could provide useful information on capabilities with high technology systems. Those same systems now are increasingly limited in their ability to detect capabilities and have little impact on determining intentions. As such, maintaining the current imbalance on spending in intelligence agencies (which favours technology over humans) will result in a net drain in resources where they are needed most.

uture Threats: The Problem Ar

185

13.5 Traditional Methods of strategic intelligence warning The purpose of strategic intelligence, however understood or practiced in various states, is to provide some form of foreknowledge to leaders to better allow them to operate in the world around them. Since its inception as a form of national activity about 100 years ago, the overall track record of strategic intelligence in preventing major surprises has not been encouraging. Neither, for that matter, is it terribly encouraging that strategic intelligence as a form of activity has not been able to provide itself with a working theory on its own capabilities. While there has been a significant amount of effort made since the time of Sherman Kent in the late 1940s, it has not been accomplished to date. The questions are these. If the strategic intelligence capabilities of the post-World War Two period were not effective in preventing strategic surprise at the time, will they be capable of preventing strategic surprise now? Can those systems adapt themselves to provide that capability now in the face of an increasingly complex and uncertain environment?Given that the classic and repetitive failures in strategic intelligence warning were almost always the same (stove-pipes and mindsets), are we acting now to see if those failures can be addressed?Has this been done? The answer in the post 9/11 period is almost universally "no." While limited initiatives are being made in some areas, the will or the ability to tackle the large problems is not evident in most states.

13.6 A~tificialIntelligence? This is not a book on Artificial Intelligence (AI) and this is not the time or place to get into an extended discussion on the issue of AI. However, several key points are worth making on Al with respect to national security intelligence requirements. The first point is that Al has not happened yet. In 1955, a proposal was made by J. McCarthy of Dartmouth College, M. L. Minsky of Harvard University, N. Rochester from the I.B.M. Corporation, and C.E. Shannon from Bell Telephone Laboratories to study the concept of artificial intelligence. In their proposal for a study to be carried out, they stated:

186

RISK ASSESMENT AND HORIZON SCANNING

We propose that a 2-month, 1@manstudy of artificial intelligence be carried out during the summer of 1956 at Dartmouth College in #anove~New #ampshire. The study is to proceed on the basis of the conjecture that every aspect of learning or any other feature of intelligence can in principle be so precisely described that a machine can be made to simulate it. An attempt will be made to find how to make machines use language, form abstractions and concepts, solve kinds ofproblems now reserved for humans, and improve themselves. We think that a significant advance can be made in one or more of these problems if a carefully selected group of scientists work on it together for a summer?

The first major conference on Al was held as planned in 1956 and was organized by Minsky. Since then, computers have made significant advances, but it appears that the first 30 years or more of work on A1 was spent on trying to get computers to do quantifiable tasks such as learning how to play chess or doing high-end mathematical problems. To the layperson, it appears as though the scientists of the day thought that all forms of human behavior, including learning, could be reduced to a series of rules that would conform to "hard science" rules. In essence, human behavior could be described in mathematical terms, and then computers could be built to do what humans do - only they could do it faster. In 1986, Rodney Brookes, director of the Al lab at the Massachusetts Institute of Technology made a rather startling announcement to those interested in Al. Most of the field of Al had been taken up with the study of symbols and structured language and how this could be adapted into computer programming and hence Al. Brookes caused an uproar at the time when he suggested that the overall approach to Al was wrong. It was not possible, he suggested, to build a "brain in a box." Human intelligence, he believed, did not exist in isolation from the rest of the world, In order for a computer to "learn" or to have Al, it would have to interact with the world around it and with other intelligent life forms such as humans. This work by Brookes points out what many people already believed. Knowledge is dependent upon the context in which it exists. Whatever form knowledge takes such as the written word, photos, videos, or symbols, each ?5ee: http~/www-formal.stanford.edu/jmc/history/dartmouth/dartmouth.htmlfor the full contents of chis document.

ture Threats: The Problem

187

one will have a far different meaning depending on who views the symbols and where. Consider the swastika symbol used by the Nazis in Germany during their time in power. To anyone familiar with the history of the Nazi party and World WarTwo, it can be construed as a symbol of fascist oppression. To someone who survived the concentration camps, it is a symbol of mass death and fear. However, the swastika is a sacred religious symbol to both Hindus and Buddhists and it frequently adorns temples and other buildings. There is no direct connection to them about the evils of fascism. Consider another example of how difficult it is to understand a word in its proper context. Steven Pinker is author of the 1997 book, How the Mind Works. He uses a rather humourous example of how confusion can be created when different people apply different meanings to a word depending on the context or category in which it is used. He explains as follows: But whenever one tries to program a set of criteria to capture the members of a category, the category disintegrates. Leaving aside slippery concepts like "beauty" or "dialectical materialism," let's look at a textbook example of a well-defined one: "bachelor." A bachelor,of course, is simply an adult human male who has never been married. But now imagine that a friend asks you to invite some bachelors to her party. What would happen if you used the definition to decide which of the following people to invite?Arthur has been living happily with Alice for the last five years. They have a two-year-old daughter and have never officially married. Bruce was going to be drafted, so he arranged with his friend Barbara to have a justice of the peace marry them so he would be exempt. They have never lived together. He dates a number of women, and plans to have the marriage annulled as soon as he finds someone he wants to marry. Charlie is 17years old. He lives at home with his parents and is in high school. David is 17years old. He left home at 13, started a small business, and is now a successful young entrepreneur leading a playboy's lifesvle in his penthouse apartment. Eli and Edgar have been living together for many years. faisal is allowed by the law of his native Abu Ohabi to have three wives. He currently has two and is interested in meeting another potential fianct'e. father Gregory is the bishop of the Catholic cathedral at Groton upon Thames.' 'For this and more on the issue of context and knowledge, see Steven Pinker, ~ o ~ / f b Works, ~ ~ iW.f l ~ W. Norton & Company; 1st Edition, October 1997.

188

RISK ASSESMENT AND HORIZON SCANNING

Artificial intelligence may eventually become a reality. However, the problem has been worked on for more than 50 years now and no computer has been built that can undertake the most basic of human intelligence functions. In order to "learn" and have "intelligence" such as a human being, the computer will have to have some form of mobile "body"and it will have to interact in a meaningful way with humans in a variety of social situations. Only then will it develop the ability to learn new knowledge in the context in which it is generated. Without the ability to put the knowledge in context, the computer will not be able to make reasoned assessments. From the point of view of intelligence support to national security, A1 remains an elusive entity. It may be able to beat experts at chess, but it cannot yet understand the mentality and modalities of a terrorist, assassin or a drug lord.

Chapter14

Anticipating future Threats: The Areas of strength

Anticipating future threats to national security will be a tough issue, but reasons exist for optimism, especially for small- and medium-sized developed states. While the threats are many and the environment complex and uncertain, strengths and opportunities do exist. These strengths can be utilized if they are organized correctly. This chapter will outline a series of strengths that exist for leaders and managers involved in national security intelligence. What are the strengths available to those who need to manage intelligence issues for national security? While the following list is not complete, it will offer some ideas and insights into what can be done. Resilience and efficiency are opposing characteristics when they are located within a knowledge based organization. Governments should be moving towards more resilient systems in the face of evolving threats. It is understood that a series of diverse analytical views is more valuable than a consensus view from a group. It is also clear that the international environment operates on rules of complexity with no predictions possible. While there are no “right answers” for future problems, there are right ways to tackle the issues. It is understood that most future threats are asymmetric. The best way to prevail in the face of the asymmetric threat is to use knowledge.

190

RISK ASSESMENT AND HORIZON SCANNING

4. Knowledge workers like small, self-emerging groups. This is fortunate as this is roughly the same way most asymmetric threat actor groups are organized. 5. Technology has an excellent role to fill as an enabler and a tool. 6. The assumption of order in relationships is now known to be a fallible concept. The assumption that human beings are rational decision makers is also a fallible concept.' This knowledge will allow the shaping and building of better decision making models that mirror the human mind.

14.1 Resiliency and Efficiency What is the role of government? Is it most important for governments to follow business models and be "efficient"? Or is it more important for governments to be resilient and effective in a time of crisis? This is not a simple question, but it is critical. Quite frequently, we hear the discussions and ideas that governments should learn to be more businesslike. We are told that businesses are more efficient than governments and that businesses can sort out problems better than governments. To a limited extent, there may be lessons that government might learn from business, such as the removal of personnel who are not up to the job in which they have been positioned. However, one should also remember that in the marketplace in which businesses operate, a Darwinian imperative sorts out inefficient businesses and kills them. It should also be noted that the lifetime of an average business is measured in years, not decades. According to the major international bank HSBC, the lifespan of some businesses is currently about eight years, although figures may vary widely across different business sectors and countries.2 The point is that government must have continuity and it must function under times of stress or rapid change. The citizens of a country must be 'For more information on these last three concepts, see C.F. Kurtz and Dave Snowden in "The new dynamics of strategy: Sensemaking in a complex and complicated vu.orld,"which i s available at: hap:// vww.research.i bm.com/journal/sj/423/kur~.html. 'See the report prepared for the Department of Trade and Industry in the UK at: httpJ/www. competition-commission.org.uWrep~pub/reports/2002/fuIltext/462c3.pdf, Paragraph 3.81 or Table 3.4.

.. ..

re Threats: The Areas of Stren 191 served under all conditions and will expect services to be resumed quickly, no matter what the cause of the disruption is.This is a problem that increases with the level of development of the state. The higher the degree of development, the greater the expectations of the citizens that services will be restored quickly. The market place allows for a multiplicity of businesses to exist at the same time, with some of them bound for further success and others for failure. Government, on the other hand, cannot just "go out of business." If the government goes out of "business," then that is what is now commonly called a failed state. Yugoslavia could be considered such a state as can collapsed states such as Somalia and Afghanistan. What model should governments try the most to emulate in a complex environment and what must national security intelligence expect from this? Should they seek the business model of efficiency or should they seek resilience? Depending on which model you choose, there will be a series of radically different decisions made on issues ranging from staffing levels to the education and training of analysts. One way of looking at the issue might be through the eyes of the military in many developed states. A common joke or truism among many military professionals is that no combat proven military unit ever passed an inspection, and no military unit that passed an inspection ever succeeded in combat. Intuitively and based on hundreds of years of experience, many military commanders understand the point. If you are highly efficient and well ordered, you lack the ability to deal with complexity when it arises. To the contrary, if you have a unit which is prepared to deal with complexity and sudden changes, you most likely have a unit which does not pay close attention to the minor irrelevant details associated with garrison life. War, as is understood by military commanders, is the ultimate act of complexity. Government is not business and it cannot afford to let business models dominate it. Government, and those agencies that serve within it, need to have resilience as their dominating thrust because they have to deal with complexity and change. Anyone who uses terms like "best business practices" and "industrial best practices" should be viewed with high suspicion. Government has i t s own strengths in resilience, organization and the ability to deliver services under duress or in times of crisis. Part of this ability

192

RISK ASSESMENT AND HORIZON SCANNING

comes from its multiple arms such as military, police and civil defence services. Given the current environment of uncertainty, it makes sense to focus on the resilient aspects of government rather than seeking some mythical form of business-style efficiency.

742 ~ i w ~ Views ~ s eor Consemus? Should an intelligence agency speak with one voice?One school of thought would have it that an intelligence agency, or even the intelligencecommunity, should speak with one voice on any given issue without any contrarian point of view. Other agencies believe that there should be one main voice or a consensus view, but that a separate paper or section can allow for a dissenting view. Other analytical institutions, mostly outside of government, recognize that diversity is a fact of life and put no restrictions in place concerning the issue. Is there a correct answer to this problem, especially in view of the developed state operating in a complex environment? The short answer is "yes" and it should become a real strength for government agencies. Given that there is no method of predicting any one single discrete future event, the answer starts to get clearer. There cannot be one view of the future. This is not possible. Further to this, senior leaders and decision makers have, over time, made repeated statements about intelligence suggesting that anything is better than nothing, and even a 50% correct answer a t least gives them something to think about. Diversity is a key issue in preparing for future threats. This means that intelligence agencies must be willing to hire and train a diverse group of individuals and allow them to prepare a diverse set of views of the future. Senior leaders and decision makers in turn need to be exposed t o a range of problems that may arise. If they have not been exposed to a range of views ahead of time, their ability to react will be limited at best.

14.3 Asymmetric Threats and Knowledge For an intelligence service or a government as a whole, understanding a symmetric threat is a manageable task. In most cases, the symmetric threat

.....

re Threats: The Areas of Stren

193

will have a structure and organization similar to that of its opponent. Dealing with the threat is a matter of building a model of its capabilities and intentions, and then responding to it. An asymmetric threat is a greater problem. Transnational terrorism, for instance, is a form of distributed terrorism and i t s attractor mechanisms are ideas. More traditional state-based terrorist groups such as the IRA or the Shining Path had (or have) fixed objectives, cell structures, and chains of command. While traditional terror groups try to flatten their organizational structures, they remain hierarchical in nature. The removal of one or two key leaders, or the intelligence penetration of one cell, could severely weaken the group. Now, however, with distributed terrorism threats such as home grown jihadism, there is no key leadership cell and no key lines of command or communication. Many of these groups are self-emerging and they do their funding, recruiting, and planning activities in a non-structured method. Their planning cycles tend to be short and the group’s structure may only be in place for one or two operations. Fortunately, most governments and intelligenceservices either understand asymmetric threats, or are at least now trying to learn about them. One of the key lessons learned about asymmetric threats is that the response ro them must be knowledge based. Knowledge is the only advantage that will allow a state to prevail over an asymmetric threat. Reduced to its most basic, you can’t get them if you don’t know where they are. If it is understood that knowledge is the best hope in prevailing against an asymmetric threat, then from this it should be learned that secrecy is the enemy of knowledge. Knowledge, in order to be of value and to increase its strength, must travel and be used. If not, it becomes sterile, dated, and useless. For the transnational terrorist or organized crime figure, intelligence agency classification is one of their greatest assets.They know that information gathered on them in one area will not be used against them in another. Worse still, there is a new field of study that suggests that the global jihadists have studied the various legal systems of a number of countries and made operational decisions based on their knowledge.z ‘Sarah Jaimie Brunell,”Under the Radar: Strategies,Tactics and Measures ofTerroristsAvoiding the Law,” conference paper presented at the Institute of Defence Analyses in Colombo, Sri Lanka, 4 March 2006.

1194

RISK ASSESMENT AND HORIZON SCANNING

14.4 ~ ~ o w l e Workers d ~ e and Small Crowps Asymmetric threats, almost by definition, tend to come from small groups. The groups tend to have fairly flat hierarchical structures or they have networked or nodal structures. On occasion, they may also be self-emerging groups that come together for one event or attack and then dissipate immediately thereafter. This is bad news from an intelligence and enforcement point of view. The good news, however, is that knowledge is the key factor in defeating asymmetric threats, and knowledge workers, by happy coincidence, tend to like working together the same way as their targets or enemies do. Knowledge workers tend to like working in small groups with flexible rules and variable time slots. They also like the idea of information sharing within their own small trusted networks, although they often resist sharing process methods and knowledge outside of them. One common misperception about the handling of knowledge within organizations is that you do not need experience or "knowledge workers" within an organization if you have a good computer based filing and collation system. Except in the most mundane or repetitive types of tasks or processes, this is wrong. Files and other collation system never capture the information and knowledge built up by those who have the experience. One useful set of general rules follows here concerning the building of knowledge within an organization. According to Dave Snowden of Cognitive Edge, the three best rules to remember are: 1. Knowledge will only ever be volunteered, it cannot be conscripted; 2. We only know what we know when we need to know it; and

3. We always know more than we can tell and we will always tell more than we can write down.4

What do we need to learn about knowledge workers who are tasked with complex issues in national security intelligence organizations?Knowledge workers work best in environments with minimal structures, minimal supervision, maximum difficultiesas challenges and working within trusted

'See: http~/wv~w.cognitive-edge.com/2006/08/volunteer~not_conscript.php.

re Threats: The Areas of Stren

195

networks. While the size of a trusted network of knowledge workers may vary, the most basic rule is that unless the workers know each other over a period of time, the limit of trust is extended to three people in a chain. We also know that: Informal self-formed networks carry more intrinsic trust than formal networks and respect the truth that knowledge can only be volunteered; it cannot be conscripted. It is impossible to formalize the informal, while preserving the trusted nature of informal knowledge transfer and that in consequence we need to focus on the co-evolution of the formal and informal for effective learning. Informal communities arise through mutual interaction and inter~ependencyover time; they evolve but cannot be designed, although as we will see later, we can design the starting conditions and influence that evolution. Context is critical lo knowledge and learning. Remembering what we know is contextual: we only know what we know when we need to know it. Context can influence the nature of trust in an exchange.'

14.5 Order and choice Two great fallacies underlie much of our thinking in the intelligence community and indeed much of the rest of business and government. The greatest fallacy is the assumption of order. We believe that: There are underlying relationships between cause and effect in human interactions and markets, which are capable of discovery and empirical veri~cation.In consequence, it is possible to produce prescriptive and predictive models and design interventions that allow us to achieve goals. This implies that an understanding of the causal links in past behavior allows us to define "best practice" for future behavior."

'For more on this see, Dave Snowden, "From atomism to networks in social systems: httpj//www. emefaldinsighl.com/lnsight/viewContentServlet?Filename=Published/EmeraIdFullT~xtArticle/ Articles/l190120603.html.

'C. F. Kurtz and D. J. Snowden, "The new dynamics of strategy: Sense-making in a complex and complicated world," IBM SystemsJournai,Vol. 42, No. 3,2003.

a

196

RISK ASSESMENT AND HORIZON SCANNING

The simple and brutal reality is that this is not true. While there may be simple cause and effect relationships in some aspects of the hard sciences, this is not the case when humans are involved. It is not possible to be predictive in an open system with multiple independent variables. As such, there may be ”best practices”for the regular day-to-day tasks in an ordered environment such as a large headquarters, but there is no such thing in the complex and daunting world of national security intelligence requirements in the field. This also applies to most other areas of human endeavor such as politics or international relations. This is actually a rather liberating discovery. Intelligence communities and many others have put huge amounts of effort into trying to predict the future. Fortunes have been spent and reputations and credibility have been lost. After every major intelligence ”failure,” commissions have tried to understand the failure. They then make recommendations to ensure it does not happen again, which of course it does. Now, we can start to realize that the task at hand is not to try and make predictions that we are not capable of and start to focus on the more reasonable task of anticipating the types of problems and crises that governments will have to face. Another great fallacy is that we believe that human beings are “rational actors” and that when: . .. faced with a choice between one or more alternatives, human actors will

make a “rational” decision based only on minimizing pain or maximizing pleasure; and, in consequence, their individual and collective behavior can be managed by manipulation of pain or pleasure outcomes and through education to make those consequences evident.’

People don‘t make decisions based on a rational evaluation of considered choice. What they actually do is a first-fit pattern match, based on prior experience, and then, if interviewed, say (and believe) that it was a rational choice. There is a similar problem in knowledge in that the way people say they know things is not the way they actually know them!

-~ ’/bid. a http://www-03.ibm.com/ibm/palisades/ebinsigh~issues/2002-0~article-1-print.pdf.

re Threats: The Areas of Stren 197 14.6 outlook and conclusions While the tasks ahead for national security intelligence may appear daunting, there is much to be optimistic about. Great lessons have been learned about how intelligence agencies can organize themselves and how they can share the most valuable of all intelligence commodities: knowledge. It is known that discrete future events cannot be predicted, so agencies can quit focusing on that task and move on to more important issues. Human beings like to share knowledge in small groups and it is clear how effective they can be with difficult tasks. This provides insight into to how to organize for future knowledge sharing. An efficient and stable system lacks resilience, and a resilient system has redundancies that are required in a time of crisis or stress. So which system do we want a government to be? And where do we focus our efforts? For smatl- and medium-sized developed states, the answer is clear. Governments will need resilience in a time of crisis, so they must build and organize themselves towards that end. Business best practices may be good for some businesses, but government is not a business and the goals and environment are different.

This page intentionally left blank

Chapter 15

The Singapore Risk Assessment and Horizon Scanning (RAHS) Process In just over fifteen months, the state of Singapore was shaken by two serious events. In December 2001, a series of arrests involving members of the Jemaah lslamiyah terrorist group was announced. These arrests drove home to Singaporeans that transnational terrorism was their problem as well. On 24 March 2003, the government of Singapore invoked the Infectious Diseases Act to quarantine all individuals who might have been exposed to SARS patients. This action further demonstrated to the people and government of Singapore that they were indeed living in a complex and uncertain international environment. While the two incidents may not appear to have commonalityon the surface, two key similarities caused serious consternation within the Singaporean government. Both of the incidents were nontraditional asymmetric style threats and both caught the government by surprise. The incidents also raised questions among various senior leaders and decision makers about what other surprises might be out there that they were not aware of and how badly Singapore could be hurt if they failed to anticipate further problems. What other "faint signals" were being missed at the same time? Singapore's predicament was not unique. Many states have been caught by strategic surprise in the past. It was also clear that the nature of strategic surprise was changing. Surprise was increasingly coming from non-traditional asymmetric style threats while the potential lethality and costs of the problems were increasing.

200

RISK ASSESMENT AND HORIZON SCANNING

The government of Singapore recognized that as a small state with limited strategic depth and a highly developed infrastructure, there were multiple vulnerabilities to multiple types of asymmetric threats. Not only were transnational terrorism and disease serious issues, there were also major question marks over issues such as supply chain security, environmental degradation, natural occurring disasters such as tsunamis and cyclones, chemical and biological incidents and the insidious forward march of transnational organized crime. After much inward and outward looking about the intelligence problems and the future, the government gradually came to a series of conclusions about how to deal with a complex and uncertain international threat environment. Among the key views put forward were: 1. The new threats are a whole-of-government threat, so this needs to be

2.

3.

4.

5.

6.

7.

met by a whole-of-government response. National security can no longer be the realm of just a few key security related ministries. A whole-of-government response means that there has to be major modifications to the way government is structured. Government must have a cross agency networked approach that can generate and absorb diverse views. The overarching centralized bureaucracy approach such as that of the Department of Homeland Security in the United States was not the approach needed by small- and medium-sized states. Networking and decentralization are key aspects of the response. Knowledge, not raw power, is the key ingredient required to prevail in the face of an asymmetric threat. Human judgment, not technology, is the answer to the future of threat warning. Technology is a key component and a necessary enabler, but it is not the driver. Horizon scanning had to be done to "see" the faint signals that are developing on the horizon in order to allow the government time to anticipate the problems coming at it. Pattern analysis will be a key aspect of this capability. Accurate predictions about discrete future events are impossible. The international system is an open system and there is no control over most of the variables, nor can all of the important variables even be known.

The Singapore Risk Assessme

201

Future types of problems can be anticipated, but discrete events cannot be predicted.

15.1 Risk Assessment and and norizon scanning in^ ~~~~~~~

The Risk Assessment and Horizon Scanning (RAI-IS) process in Singapore will look for faint signals, track multiple scenarios and put in place collective frameworks to address the new and emerging security threats. Most of these threats are asymmetric, which increase the challenges of detection. The network being developed in Singapore will be coordinated by the National Security Coordination Secretariat and is being designed to include not only the traditional security agencies, but most other government agencies such as education and health. More non-traditional agencies will be brought into the process as it develops. The network will be designed to incorporate agencies, people, data and the technological tools and software to support this process. Technology is seen as a critical enabler and support tool, but it will be used to assist rather than replace that which is the best overall device for the detection of future threats: the human mind. Ultimately, the best hope for success in the future lies with people. Connecting the dots is a useful exercise for historians and review commissions, but it is not a tool that can be used for future predictions. Pattern detection and sense-making are the key determinants for the detection and understanding of faint signals that are the harbingers of future problems. Discrete detection of individual events is not the goal, but the process will allow for the antici~utionof future problems. Senior leaders who are aware of the types of problems facing them are far better equipped to deal with a fast breaking crisis. The quicker the reaction in the initial stages of crisis, the better.The outcome of a crisis lies less in the actual event itself, and more so in the response. While the Risk Assessment and Horizon Scanning process in Singapore involves many people and agencies, two of the key government figures are Ambassador-at-large Lam Chuan Leong and Permanent Secretary Mr. Peter Ho. Another key figure on the conceptual side is Mr. Dave Snowden, formerly the director of IBM’s Cynefin Centre for Organizational Complexity and now

202

RISK ASSESMENT AND HORIZON SCANNING

head of his own knowledge management company. interviews conducted with them reveal much of the key information needed to understand the new RAHS process.

1 5 2 Interview with

~~~~~~~~~~

Lam Chum Le~sgl

Lam Chuan Leong is Second Permanent Secretary and an Ambassador-atLarge with the Singapore Ministry of Foreign Affairs. Within that capacity, he is also in charge of Special Projects. He holds, or has held, a number of different positions including being the Chairman, lnfocomm Development Authority of Singapore and Chairman, Competition Commission of Singapore. He holds an MBA from Harvard Business School and a First Class Honours in physics from the University of Singapore. In an interview discussing some of these broad concepts, Ambassador Lam put forward a number of general views on the Risk Assessment and Horizon Scanning (RAHS) process that is underway.' Question: There are differing views as to what constitutes "strategic" when the term is used in the context of government and security threats. Sun Tzu, for instance, would claim that the term is very broad in its outlook, and would include issues such as economics, sovereign power, the character of generals, organization, movement, control, terrain and weather. Others such as Thucydides appear to be in general agreement with this, while strategists in later years such as Antoine-Henri Jomini would define strategic issues as only those that define operational planning and intelligence.Where would you put the term strategic? Should it be used in the broader context or the narrower context in terms of today's national security intelligence problems?

Response from Ambassador Lam: The need is for the broader view and not the narrower view. There is a clear need for a networked government and those people a t the front lines of government must take on a broader view of their own work.

'The interview was conducted at the Ministry of Foreign Affairs, Singapore on 22 August 2006

.

.

The Singapore Risk Assessme

203

The front lines must have a strategic view of their own, although those at the front lines will have a view that is smaller in scope and shorter in time of impact. But this is what the strategic view must be: broad and beginning at the front lines. The breadth of view of the individuals involved will escalate as you move further up the ladder of responsibility. The higher up the ladder, the broader the view will be of the decision makers and the longer their view of time. As a general rule, the personnel at the front lines tend to have a higher degree of specialization. They will only be looking at their own area of expertise. The frontline personnel also have a rich body of detail against which they can measure or assess the events and information in front of them. Because of their specialization, their work needs to be worked into a network of assessment units in order to gain the best value from the information being generated. Question: In terms of past intelligence problems and current challenges, we

talk of the problems of stove-piping and the failure to share information and intelligence across boundaries. This problem stems from a lack of integration. At what level would you suggest that the integration of incoming data and information needs to occur? Response from Ambassador Lam:This is one of the toughest questions. At

every level, however, we need to have individuals take a broader view of their work and their responsibilities. With the lower levels having a richer supply of detail than higher levels, and with the higher levels having a broader view over a number of areas of specialization, it is clear that the integration needs to start as close to the front lines as possible. There are two critical issues to address in this area. One, as was just noted, is the need to integrate and network a t the lower levels and right up through the system. The other issue is filtering the incoming data into the intelligence system. The solution to the filtering problem lies in the issue of imposing a pattern recognition system on the data. If we believe that many failures of the past have had “faint signals” that were missed, then we have to believe that the signatures of the next unforeseen problem are there as well. How we filter out this information is the key to the process.

204

RISK ASSESMENT AND HORIZON SCANNING

Question: The intelligence historian Walter Laqueur has suggested that methodology i s not really a critical component. He states that basic assumptions matter more than methodology and that if the basic assumptions used in analysis are correct, almost any methodological approach will do. If the basic assumptions are wrong, then even the most sophisticated methods cannot repair the damage. Ultimately, it can be argued that intelligence officers have t o be intelligent. In light of this, how can an intelligence system filter out the incoming data and draw conclusions about what requires further investigation and what can be disregarded? Response from Ambassador Lam: Let me first take a step back. In order to best assess the information available, an individual must have a number of patterns built into his or her mind. The person who has the most patterns, ideas, or experience will best be able to pick up on changes in the environment and interpret them. This means generalists with a broad or liberal education. The more patterns that are there, the more likely we are to get assessments that are accurate or useful.This also means that we need generalists to look a t the information that is emerging and the patterns it is forming. However, there is a finite amount of time available to get that education. Clearly, no one person can get all the education that is needed. Therefore, we need many people with many different backgrounds who have built up many different patterns of recognition. The more such people we have, the more likely we are t o enjoy success in this area. We need to have large groups with multiple and diverse backgrounds working in various subgroups, but networked together so they are aware of each others' information. When different groups "filter"or analyse different information, they produce varying results or alternative views of the future. Question: Can computers produce the type of knowledge required for anticipating the future threats that governments face? Response from Ambassador Lam: The success of the Age of Reason and the Enlightenment often leads us to believe that there is a logic to everything. We can use facts and logic to build and understand our world. We have produced science, logic, and reason and we believe that there can be logical patterns to all of our problems. We now use computers to organize our

The Singapore Risk Assessme

205

data. But we must not believe that computers will now produce"know1edge." This is not true or possible. Computers and technology can be of assistance. Computers can, to a limited degree, be good at pattern recognition. Currently, however, computers have a tough time a t this problem because they are better at categorizing and processing than they are at pattern recognition. Think of the issue of Optical Character Recognition (OCR). Computers do an excellent job of OCR when they have a predictable form of characters to recognize. But when they have to try and do OCR on human handwriting, especially messy handwriting is a very difficult task a t the current levels of technology. Yet humans can usually solve the problem of messy han~writingthrough their own form of character recognition. Computers can see some patterns that are not obvious to humans, but we will always wind up falling back on human judgment and we will use our life-long built-up patterns to do this. We need to answer the question: Does what we see make sense? And the genius of the human mind is needed for this process of sense-making. Question: How do you respond to situations such as the number or types

of analysts that are employed by large organizations such as the American Central Intelligence Agency? Open source reporting suggests that the CIA may have had as many as one thousand analysts working for it. But one criticism about them is that most of these one thousand analysts came from similar backgrounds and lacked the diverse views necessary to produce alternative views of the future. Response from Ambassador Lam: This calls to mind a former boss of mine who frequently asked the same question about many different people: Does this person have thirty years' experience in his work, or does he have one year's experience repeated thirty times? It may be useful to compare the issue of diversity in intelligence to the diversity of views and approaches in the private sector. In a free market system, there is no one central planner and there are many different individuals and companies that are making assessments. Consider the major issue of future car engine systems. Will we see car engines in the future that are hydrogen powered, or will we see fuel cells or hybrids in widespread use? Or will there be an entirely different approach that we have not seen yet?

.......

206

RISK ASSESMENTAND ANDHORIZON HORIZONSCANNING SCANNING RISK ASSESMENT

Different companies are working on different approaches now. Some of them will turn out to be following the right path and they will be successful in the future. Others may be wrong, and their views will gradually disappear. However, there are a diversity of views being explored and a diversity of opportunities being examined. Eventually, new and better car engines will emerge to benefit all of us. This cannot happen well in a command economy where the options for experimentation are fewer. As such, the intelligence communi~yshould be able to have different groups of individuals working on the incoming data who can produce a diversity of views on the future and the threats that may be faced. Question: Different voices in the intelligence community have argued that accuracy and precision are the key elements of intelligence reporting. But

some very senior users of intelligence have stated that they would rather have a general intelligence report with serious flaws in it delivered to them ahead of time, rather than a 100% accurate report that contains only minute details and no overall assessment. What is you view on the issue? Response from Ambassador Lam: Senior decision makers need something to work with in times of planning or crisis. Even if they disagree with the intelligence analysis that is delivered to them, it at least gives them somewhere to start. The human mind needs to make sense of data. Incoming data without some form of preconceived theory or method of understanding has no meaning. We therefore need some theory or concept upon which to base our understanding. This is effectively a form of filtering data. Question: Many other countries have tried to attack the intelligence problems you are facing now and have not been successful. These are, in essence, the classic intelligence problems of stove-piping and mind sets. Why do you

believe that Singapore can tackle these problems successfully when others have failed in the past? Response from Ambassador Lam: There are many reasons why Singapore has the opportunity to tackle these problems. First of all, Singapore is small

and therefore does not suffer greatly from the critical problems of bounded rationality.If you are one bureaucrat in a system of thousands, then you can

The Singapore Risk Assessme

207

only have a very small part of the big picture. You will also know only a small percentage of the others involved in the same areas of concern in which you work. On the other hand, if you are one of only one hundred individuals, then you have a much larger piece of the whole view. The more people you have with a clearer part of the “big picture” the better are your chances of detecting changes in patterns. Singapore is also connected. It has a comparatively small civil service which is linked to the local and global private sector. It is a cosmopolitan city with strong global links around the world. Singapore has sent large numbers of its students around the world to learn from other countries and can therefore draw upon a rich series of experiences and education when it is required. Singapore has a mixed and diverse population. This is true in ethnic, religious and language terms.Therefore, it has adapted to the idea of diversity and most people in Singapore are used to working with others. The nature of the diversity and educations means that Singaporeans are predisposed to networking - a key factor in studying the future. Singapore is also less likely to be captured by “pattern rigidity.” It is a young country, yet it has seen many changes. As such, it is less likely to be trapped into one pattern of behavior.This is a major advantage when dealing with change in the international system. Question: What is the future of the RAHS process in terms of global outreach? It appears that this process can only be truly successful if it is used by a

number of other countries that work along similar lines. Response from Ambassador Lam: I cannot be prescriptive in this area.

Clearly, we need to find interested and willing partners in other countries who are willing to work along similar lines. Only then can networking of this type develop its greatest value. This is a process that will need to find and follow its own momentum.

7 5 3 l~terviewwith Civil Service Head Mr. Peter Ho Mr. Peter Ho is the Head of Civil Service and concurrently holds positions as Permanent Secretary for the Ministry of Foreign Affairs and Permanent

208

RISK ASSESMENT AND HORIZON SCANNING

Secretary for National Security and Intelligence Co-ordination. Mr. Ho put forward a number of views on the genesis of the RAHS process and how this process will help governments adapt and survive in a complex and uncertain international environment." Question: Can you describe the genesis of the Risk Assessment and Horizon Scanning project? Response from Mr. No: First, let me say that the RAHS system is not a project; it is a process and an approach. It is designed to help leaders think about future problems and to anticipate the issues that will confront us in the future. It is not designed to replace human judgment, but it is an aid on how to think about risk in the future. This was not a program that started as a flash or as a sudden inspiration. The program has been years in the making and it is a part of the larger program of getting governments to be prepared for an increasingly complex and unpredictable future. And preparing for the future is one of the most hazardous duties there is in government. We cannot discount fundamental surprise, but we should be prepared for it. The initial traces of the current RAHS process go back to a meeting with Dave Snowden, formerly of IBM and now the head of his own company, Cognitive Edge. He described to me his Cynefin frameworks or description of how decision makers are forced to operate in something as complex as the current international environment. In this description, he noted that decision makers could be operating in four different decision making quadrants. The first he described as ordered, where everyone understands the problem and knows what to do. The second was complicated, where experts have to be called in to help. The third mode was complex, where the decision makers cannot depend on experts or on past experiences and have to react quickly and probe their environment to seek emerging trends and responses.The fourth quadrant of decision making is chaotic where the decision makers can only react to their immediate crisis and they will need to use novel responses.

'The interview was conducted at the Ministry of Foreign Affairs, Singapore on 22 August 2006. 'Refer to Fig. 15.1.

The Singapore Risk Assessme

209

This Cynefin framework helped fill in the gaps for futures planning. We had used in the past a number of scenario planning methodologies, but they were linear and worked best in the known and knowable quadrants of the Cynefin diagram. Scenario planning clearly did not work as well in the complex or chaotic quadrants of the Cynefin diagram where there was complete surprise or an unknown series of variables at work. The Dave Snowden approach made no assumption about the world views, but it did give an insight into how you can anticipate and deal with future problems. At roughly the same time, I received a briefing on the "Total Information Awareness" project that was being carried out in the United States. The boldness of the idea of collecting data from multiple data bases to discern patterns and anomalies was interesting, although the overall project may have not been suited for Singapore. Also, the United Kingdom was doing work on horizon scanning after the mad cow disaster which cost them billions and left them with a public relations disaster. They have since done very good work in this area. In January 2005, we held a major conference in Singapore with some of the leading minds in knowledge management, technology and intelligence. It was at that point that the threads of the project came together and the RAHS concept began to truly take shape.

Question: How do you view the term srraregic within the context of the RAHS process? Is it a broad term in the sense of Sun Tzu or do you see it in the narrower sense of the term? Response from Mr. ffo:The RAHS process sees the term very much in the broad sense. Question:What do you think is the single greatest danger facing governments as they try t o adapt to a complex and uncertain international environment? Response from Mr. NO:We are now dealing more and more in the complex or chaotic areas as described by the Cynefin framework. The patterns of the past are not valid. These patterns are only useful when dealing in the knowable space. As a result, pattern entrainment is probably the greatest single danger to the future. RAHS can be seen as a tool to help us bypass

210

RISK ASSESMENT AND HORIZON SCANNING

the human instinct to impose order on our experience.This idea of imposing order on our experiences works well enough when we are in the ordered/ knowable realm, but it is now rare that we operate there. Question: There have been many successes in the field of counter terrorism that have occurred on the front end of line agencies. Do you feel that the best chances for success in counter terrorism and other asymmetric threat areas will come from the front lines? Response from Mr. Ho: We cannot be prescriptive about where the best trigger information may come from in response to an asymmetric threat. It can be from the front lines, from the citizens or from the highest levels of government. What is important to acknowledge and work with is that that the trigger information can come from anywhere. This is part of the reason why the RAHS project is an all-of-government approach. Question: Could the RAHS process then be seen as not just an all-ofgovernment approach, but one that should really be considered an all-ofsociety approach as well? Response from Mr. Ho: Yes, the citizen riding on the MRT train (Mass Rapid Transit) can be seen as an important player as well. Question: Can you give us an example of how you think the RAHS process may work in the future? Response from Mr. No: A primitive example of how the RAHS process might work is the SARS example in Singapore. If there is another outbreak, who is most likely to detect changes? It is probable that the first people to notice some pattern changes will be the staff and doctors in clinics.They will notice more cases of the flu, but may assess this as being just another seasonal or cyclical outbreak. If they are linked together through the RAHS process - even if not consciously -then someone may realize an emergent pattern different from a seasonal flu outbreak and alert the others. Now you have a "trigger" that should be investigated by the health department to see if there is actually a problem. This is why we say that the RAHS process has t o be an whole-ofgovernment approach. We do not know where the next major strategic surprise event may originate. This is why it is critical to have departments

The Singapore Risk A 5 ~ ~ § § ~ e211 n

like health and education in the RAHS process and indeed the whole-ofgovernment approach. They are not seen as traditional security partners, but they will be key players in the future. Question: How do you go about educating people for this type of future and the RAHS process? I

Response from Mr. Ho: We have already begun doing this through the Civil Service College. The message has to get out to all of the Civil Service as well. Mindsets are still the biggest issue. More and more of the most strategic issues that we will have to tackle going forward requires people from different agencies to work together. We will have more and more people working in a matrix fashion. They will have two bosses. One boss will be from within one of the concerned ministries and will be the Permanent Secretary from that department. The other boss will be the Permanent Secretary of the cross agency. For the ministry personnel, it will not be enough that they do the work within their own ministries. In future, they will be judged as well on how they perform on cross agency work. Question: Many other countries in the past have examined the cause of intelligence failures and the lack of strategic warning. The usual causes have repeatedly been identified as stove-pipes and mindsets. But even with all the other studies the problems have not been cracked. What is it about the RAHS process that makes you think you can tackle the problems? Response from Mr. No: Singapore has a clear track record of identifying strategic problems, systematically assessing them and then implementing practical solutions. We have shown a willingness to push boundaries and tackle problems that many felt were intractable. In other words, we are prepared to try something “new”and do it well. The basic approach for the RAHS is to conceptualize the process, test it, improve it and then open it up to others. In order for the RAHS process to be truly successful, however, we need to find other like minded partners, perhaps in other countries. If we are not prepared to have partners, then the RAHS process will never realize its full potential.

21 2122

RISK ASSESMENT AND HORIZON SCANNING

465A Interview with Mr.Dave snowdennn of Cognitive Edge

Question:What is the Cynefin framework and why do you feel it is of value to the RAHS process in Singapore?" Response from Mr. Snowden: Let me refer you to some of the work done by myself and Cynthia Kurtz. In our paper"The new dynamics of strategy: Sense-making in a complex and complicated world,"' we describe how we came up with the name and how the framework has evolved. The following extracts explain these issues. The Cynefin framework originated in the practice of knowledge management as a means of distinguishing between formal and informal communities. It is also a means of talking about the interaction of both with structured processes and uncertain conditions. It has now outgrown its application in knowledge management, having been in use by our group for several years in consultancy and action research in knowledge management, strategy, management, training, cultural change, policy-making, product development, market creation, and branding. We are now beginning to apply it to the areas of leadership, customer relationship management, and supply chain management. It has also been used by third parties. The name Cynefin as a Welsh word whose literal translation into English as habitat or place fails to do it justice. It is more properly understood as the place of our multiple affiliations, the sense that we all, individually and collectively, have many roots - cultural, religious, geographic, tribal, and so forth. The name seeks to remind us that all human interactions are strongly influenced by the patterns of our multiple experiences, both through the direct influence of personal experience and through collective experience expressed as stories. We consider Cynefin a sense-making framework, which means that its value is not so much in logical arguments or empirical verifications as in its effect on the sense-making and decision-making capabilities of those who use it. We have found that it gives decision makers powerful new constructs

'A series of interviews and meetings were conducted from July to September 2006 in Singapore.

'See this paper dt: http~/~~w\~.research.ibm.com/~ournal/sj/423/kurtz.htmI.

The Singapore Risk Assessme

213

that they can use to make sense of a wide range of unspecified problems. It also helps people to break out of old ways of thinking and to consider intractable problems in new ways. The framework is particularly useful in collective sense-making, in that it is designed to allow shared understandings to emerge through the multiple discourses of the decision-making group. We make a strong distinction here between sense-making frameworks and categorization frameworks. In a categorization framework, four quadrants are often presented in a two-by-two matrix (for example, pick up any management textbook or analyst report). Typically, it is clear (though often unstated) that the most desirable situation is to be found in the upper right-hand quadrant, so the real value of such a framework is to figure out how to get to the upper right. In contrast, none of the domains we will describe here is more desirable than any other; there are no implied value axes. Instead, the framework is used primarily to consider the dynamics of situations, decisions, conflicts, and changes in order to come to a consensus for decision making under uncertainty. COMPLEX

KNOWABLE

Cause and effect are only coherent in retrospect and do not repeat Pattern management

Cause and effect separated over time Analytical/Reductionist

Perspective filters

Scenario planning

Complex adaptive systems Probe-Sense-Respond

ense-Analyze-Respond

ships perceivable Stability-focused

ause and effect relations repeatable, perceivable and predictable

intervention

Legitimate best practice

Enactment tools

Standard operating

Crisis management Act-Sense-Respond

Process reengineering Sense-Categorize-Respond

Source: Kwtz and Snowden (2003, p.468).

Fig. 15.1. The Cynefin framework.

214

RISK ASSESMENT AND HORIZON SCANNING

The Cynefin framework has five domains, four of which are named and a fifth central area, which is the domain of disorder. The right-hand domains are those of order, and the left-hand domains of un-order. Ordered domain: Known causes and effects. Here, cause and effect relationships are generally linear, empirical in nature, and not open to dispute. Repeatability allows for predictive models to be created, and the objectivity is such that any reasonable person would accept the constraints of best practice. This is the domain of process reengineering, in which knowledge is captured and embedded in structured processes to ensure consistency. The focus is on efficiency. Single-point forecasting, field manuals and operational procedures are legitimate and effective practices in this domain. Our decision model here is to sense incoming data, categorize that data, and then respond in accordance with predetermined practice. Structured techniques are not only desirable but mandatory in this space. Ordered domain: Knowable causes and effects. While stable cause and effect relationships exist in this domain, they may not be fully known, or they may be known only by a limited group of people. In general, relationships are separated over time and space in chains that are difficult to fully understand. Everything in this domain is capable of movement to the known domain. The only issue is whether we can afford the time and resources to move from the knowable to the known; in general, we cannot and instead rely on expert opinion, which in turn creates a key dependency on trust between expert advisor and decision maker. This is the domain of systems thinking, the learning organization, and the adaptive enterprise, all of which are too often confused with complexity theory. In the knowable domain, experiment, expert opinion, fact-finding, and scenario-planning are appropriate. This is the domain of methodology, which seeks to identify cause-effect relationships through the study of properties which appear to be associated with qualities. For systems in which the patterns are relatively stable, this is both legitimate and desirable. Our decision model here is to sense incoming data, analyse that data, and then respond in accordance with expert advice or interpretation of that analysis. Structured techniques are desirable, but assumptions must be open to examination and challenge,This is the domain in which entrained patterns

The Singapore Risk Assessme

215

are at their most dangerous, as a simple error in an assumption can lead to a false conclusion that is difficult to isolate and may not be seen. It is important to note here that by known and knowable we do not refer to the knowledge of individuals. Rather, we refer to things that are known to society or the organization, whichever collective identity is of interest at the time. If I look up my organization’s policy on travel to Iceland, I may not know what I will find there, or even how I will find it, but I know I can find something, because I know it is known to the organization. If I want to know how fish sleep, I may not know how or where to find out, but I have a hunch that somebody knows. Un-ordered domain: Complexrelationships.This is the domain of complexity theory, which studies how patterns emerge through the interaction of many agents. There are cause and effect relationships between the agents, but both the number of agents and the number of relationships defy categorization or analytic techniques. Emergent patterns can be perceived but not predicted; we call this phenomenon retrospective coherence. In this space, structured methods that seize upon such retrospectively coherent patterns and codify them into procedures will confront only new and different patterns for which they are ill prepared. Once a pattern has stabilized, its path appears logical, but it is only one of many that could have stabilized, each of which also would have appeared logical in retrospect. Patterns may indeed repeat for a time in this space, but we cannot be sure that they will continue to repeat, because the underlying sources of the patterns are not open to inspection (and observation of the system may itself disrupt the patterns). Thus, relying on expert opinions based on historically stable patterns of meaning will insufficiently prepare us to recognize and act upon unexpected patterns. The decision model in this space is to create probes to make the patterns or potential patterns more visible before we take any action. We can then sense those patterns and respond by stabilizing those patterns that we find desirable, by destabilizing those we do not want, and by seeding the space so that patterns we want are more likely to emerge. Understanding this space requires us to gain multiple perspectives on the nature of the system. This is the time to “stand still” (but pay attention) and gain new perspective

216

RISK ASSESMENT AND HORIZON SCANNING

on the situation rather than “run for your life,” relying on the entrained patterns of past experience to determine our response. The methods, tools, and techniques of the known and knowable domains do not work here. Narrative techniques are particularly powerful in this space. We have described elsewhere a range of methods designed to stimulate emergent patterns in complex knowledge interactions by increasing the number of perspectives available to a decision maker.

Un-ordered domain: Chaos. In the first three domains we have described, there are visible relationships between cause and effect. In the chaotic domain there are no such perceivable relations, and the system is turbulent; we do not have the response time to investigate change. Applying best practice is probably what precipitated chaos in the first place; there is nothing to analyse; and waiting for patterns to emerge is a waste of time. The chaotic domain is in a very real sense uncanny, in that there is a potential for order but few can see it - or if they can, they rarely do unless they have the courage to act. In known space it pays to be canny, that is, to know how to work the system in all its intricacies (canny meaning not only shrewd but safe). But in chaotic space, a canny ability gets you nowhere (there is no system to be worked). You need a different type of ability, one that is uncannily mysterious, sometimes even to its owner. Canny people tend to succeed in their own lifetimes; uncanny people tend to be recognized and appreciated only centuries later, because during their time their actions appeared to be either insane or pointless. Each of these styles has a unique ability to succeed in a particular space, and each is necessary. The decision model in this space is to act, quickly and decisively, to reduce the turbulence; and then to sense immediately the reaction to that intervention so that we can respond accordingly. The trajectory of our intervention will differ according to the nature of the space. We may use an authoritarian intervention to control the space and make it knowable or known; or we may need to focus on multiple interventions to create new patterns and thereby move the situation into the complex space. Chaos is also a space we can enter into consciously, to open up new possibilities and to create the conditions for innovation. The domain of disorder. The central domain of disorder is critical to understanding conflict among decision makers looking a t the same situation

The S i n ~ a ~ QRisk r e ~ s s e ~ s r n ~ n217

from different points of view. Often in a group using the Cynefin framework, people agree on what the extremes of the four domains mean in the context they are considering, but disagree on more subtle differences near the centre of the space. As a result, individuals compete to interpret the central space on the basis of their preference for action. Those most comfortable with stable order seek to create or enforce rules; experts seek to conduct research and accumulate data; politicians seek to increase the number and range of their contacts; and finally, the dictators, eager to take advantage of a chaotic situation, seek absolute control. The stronger the importance of the issue, the more people seem to pull it towards the domain where they feel most empowered by their individual capabilities and perspectives. We have found that the reduction in size of the domain of disorder as a consensual act of collaboration among decision makers is a significant step toward the achievement of consensus as to the nature of the situation and the most appropriate response. Question: What aspect of the naturalized approach to knowledge management is relevant to the RAHS process and why do you believe this

to be true? Response from Mr. Snowden: One way of looking a t problem solving approaches is to look at what can be called the ideal approach and the real

approach. The ideal approach is the one often used and we tend to want to fix older problems by looking backwards. When we identify the past problems, we then hope to build the “ideal” system which will work better in the future. There is a significant problem with this. We tend to look at past failures and try to understand them through a process of retrospective coherence. That is to say we ”connect the dots” that we did not connect before and then, through hindsight, see how we should have connected them. Then we go out and try to build a system that will allow us to connect the dots in the future. In other words, we design new systems and rules based on the hindsight we have gained. What is a t issue, however, is that good hindsight does not equal foresight in an open system like international politics where the variables will change. That is what can be called the idealistic approach which will never work because the “dots that need to be connected” next time will be different.This idealistic approach starts with

218

RISKAASSESMENT AND HORIZONSCANNING SCANNING R1SK S S ~ S ~ EAND N ~ HORIZON

a desired future state, performs a gap analysis and then seek to close that

gap backwards. The naturalistic approach is essentially the realistic one. Here we treat the system as a whole (the peoples, the organization, its environment, and the technology) as part of a complex system. We know that in a complex system we cannot manage outcomes. But we can set the starting conditions. So that is what we do. Instead of designing the system based on ideal outcomes we start with a semi-robust architecture into which we introduce various tools. We make these tools available to different groups of people. We train, we celebrate and promote success, we see what is imitated and what is not. Critically we spend time with the failures so see if they present a greater opportunity for learning. Failure is a more useful learning mechanism than success, which is why I worry about story based approaches which only produce, or tend to produce positive stories. As patterns of use stabilize, then we start to introduce some stability. We start to take a "just in time" approach to knowledge management. We realize that informal communities are a lower cost option to knowledge storage and use than formal systems. Basically we allow the system to evolve from the interaction of its elements, not the idealism of a designer who does not share the context of the present, let alone the future. Question: You used the expression "connect the dots." This expression frequently shows up in the literature and the reports concerning intelligence failures. Intelligence analysts are told that it was their inability to "connect the dots" that led to the failure. Consider the following statement made by President Bush in January 2006 during his visit to the National Security Agency. He stated that "The 9/11 Commission made clear, in this era of new dangers we must be able to connect the dots before the terrorists strike so we can stop new attacks."6 Do you think that it is really possible to find a way to connect the dots ahead of time?

Response Prom Mr. Snowden: First let me state this. The hard sciences are really good atl'connecting the dots" in hindsight.This is a process sometimes called retrospective coherence. In other words, with added information of knowing what actually happened, there is always someone who will say 'See this statement at: http~/~vww.whitehouse.gov/ne~vs/releases/2006/01/20060125-1 .html.

The Singapore Risk Assessme

219

that they would have been able to connect the dots looking forward. They are then critical of those who did not. Quite frankly, I have some sympathy for those who are accused of these failures. Let me put it this way. If you were working on an intelligence problem and there were four different "dots" that needed to be connected, there are six different ways of linking up the dots and a total of 64 different possible patterns or outcomes that could occur as a result of the interaction between these variables or dots. This is a rather large number of different outcomes, but the concept of 64 different options is at least conceptually manageable. However, if you were dealing with an intelligence problem that had 10 different dots that needed to be connected, then you have a whole different problem. The total number of possible links that could be created between the dots is 45, a fairly large number in and of itself. But the truly interesting thing is that the total number of possible outcomes in this case is 3.47 trillion -that is, trillion with a (t).A number like that is beyond the conceptual understanding of most people and it is absolutely meaningless from a prediction point of view. Now, think about the problems facing a counter terrorism intelligence analyst or an economic analyst looking at the future. In these cases, there are frequently hundreds or perhaps thousands of dots that need to be connected. And many of these dots are human beings, who may be subject to a series of external factors that change by the day or by the week. Thus, a human being may have made a decision to "attack on one day, but they would come up with a different decision the next day. Thus, even if you could establish some means of dealing with literally trillions or quadrillions of possible outcomes and then find thel'right one,"any change in the external environment would mean that all of your calculations would then have to change. Simply put, if we are expecting to predict the future by connecting the dots, it is simply not going to happen. QuesPion:Your work raises the issue of rational decision making and suggests that human beings may not be as rational in the decision making process as we would like to believe. How do you explain to people that their decision making process is not as rational as they might think? Response from Mr. Snowden: Human beings do not make decisions on the basis of a rational evaluation between the choices that are in front of them.

220

RISK ASSESMENT AND HORIZON SCANNING

Computers make decisions on the basis of a programmed evaluation between choices. What we actually do is search our memories to find the pattern from our previous experiences which appears to fit. Then we use it. And if we cannot find a pattern from our previous experiences, then we extrapolate possible future patterns until the first fit one appears to apply and we use that. Then if we are interviewed about our decision making process, even within hours, we have by then rationalized the decision as a logical outcome based on rational choices. This has massive implications for strategy, battle field decision making, and also for foreign policy decision making. Human beings work on the basis of entrained patterns. We build multiple patterns which allow us to filter highly complex information, and we respond in accordance with our patterns. And the patterns are only challenged during a crisis. Look a t the history of science. Every single major advancement in science has been opposed by the previous scientific establishment because it involved a break in the patterns in which they have entrained themselves over time. And you also see this in expert communities in knowledge management. The experts entrain their thinking - the very thing which makes them an expert - and this means they do not open themselves to new ideas. The Risk Assessment and Horizon Scanning process in Singapore is partly designed to take advantage of and to exploit this understanding of how humans do pattern recognition.

Question: What kind of people do you need to work with decision making in a complex environment? We hear various arguments about specialists and experts, but what qualities do you believe are the right choice for personnel to have working in a complex decision making environment?

Response from Mr. Snowden: The people who work best with complexity and a changing environment are those people who work best with abstraction and change. This means people with very broad experience or people who have a classic liberal education. In order to deal with a complex environment that has many changing variables, we need to have people who are generalists. At the current time, I would say that we have too many specialists working in governments, especially in the small- and medium-sized developed states. They are great at doing what they do and this is not a criticism of them or their work. However, what we need to make sense of complex

The Singapore Risk Assessme

221

situations are generalists. A collection of specialists is not the same as having a generalist's view. The problem with a collection of specialists is that they each will argue a separate point of view. Most importantly, they do not have the ability to integrate information across a series of fields of knowledge.This is the domain of the generalists. The other major problem with specialists is that they tend to be reductionists as well. They believe that you can break the problem in front of you down into its component parts, and then deal with each part separately. In manufacturing, this might work, but with a complex field such as international relations, the "pieces"of the problem are all interrelated and cannot be broken down without losing the essence of the problem a t hand. Question: Walter Laqueur, a historian with a long track record on the study of intelligence made some interesting observations in his major work A World of Secrets: The Uses and Limits of Intelligence. At one point he states: "There will always be an element of accident and luck involved, for which there can be no accounting. But in the long run, ignorant people will not be consistently lucky, nor will competent people be consistently wrong.'I7 Do you believe that luck is a major factor in risk assessment and intelligence analysis, or is there something else at work here? Response from Mr. Snowden: We will get "lucky" depending on the background of the people we have looking at the data. Laqueur may be right in the sense that we make some of our best discoveries in science and intelligence by seeming luck - when one individual recalls a memory about an earlier event or pattern that then provides current understanding. Our best weapon against detecting future trends that may be dangerous (or beneficial) is the accidental discovery of new facts - i.e., serendipity. The human brain tends to work very well in a mode of serendipity. It is highly beneficial to us that it does. For example, many of our best discoveries and inventions tend to come from moments of serendipity. The English author Horace Walpole formed the word serendipity from an old name for Sri Lanka, Serendip. He explained that this name was part of the title of "a silly fairy tale" called "The Three 'Walter Laqueur, WorldofSecrets, page 318.

222

RISK ASSESMENTAND AND HQRIZON HORIZONSCANNING SCANNING RISK WSSESMENT

Princes of Serendip." As their highnesses traveled, they were always making discoveries, by accidents and sagacity, of things which they were not in quest of. In general, serendipity means that you find some valuable when you are not looking for it. In information technology, serendipity often plays a part in the recognition of a new product need or in solving a design problem. Web surfing can be an occasion for serendipity since you sometimes come across a valuable or interesting site when you are looking for something else. This is consistent with horizon scanning - how do we look for something when we do not necessarily know what it is we are looking for? How could we have looked out for SARS when we did not know it was a threat? Question: Would you describe your work as a methodology for intelligence analysis or risk assessment?

Response from Mr. S R O W ~ ~The R : basic principle at work in intelligence is that there must be a steady inflow of data. This need not be every bit of relevant data in the world. Large scale data is important, but not critical to success.The data must then be given to the various agencies and individuals involved. The next part is critical. The data must then be able to rotate freely around to the various analysts in the agencies. If the data does not flow, then it becomes trapped in the intelligence"silos"andfailure is the probable outcome. If the data does rotate around the various agencies, however, then useful warnings and advice will come out of the agencies and go to the relevant senior leaders or decision makers. The actual methodology used by the various agencies is not all that critical. Any one methodology may be as good as another, as long as the data moves through the silos and does not become trapped. The best situation would be when a number of different methodologies are used in conjunction with each other. Humans tend to get bored and will fall into complacency if they use the same methods over and over again. Once this flow of information is set up, it is necessary to capture the various "memories" or patterns. If these are captured and stored, then the RAHS system will have a large storehouse of memory patterns to draw against and will detect new situations and the'lfaint signals"wil1be recognized. The more memory patterns are stored for the system, the better it will be for detecting new "faint signals."

The Singapore Risk Assessme

223

QuestiomThere is a need for senior leaders and decision makers to make sense of what is happening around them and to them. Your work refers to sense-making as a way of doing this. What are the key principles at work in your view of sense-making? Response from Mr. Snowden: The three basic questions that need to be asked for sense-making are: I . Do I see the data? 2. Do I pay attention to the data? 3. Do I act on the data or get others to act on the data?

These are not the same questions, especially questions one and two. Just because we see something does not mean we pay attention to it. And just because we see something does not mean we will actually learn from it.

In the overall framework of sense-making, we need to design computer systems that conform to how humans work and how they see the world. The systems should nor be built to conform to computer standards, nor should they reflect how we think that human beings should analyse data. Most computer systems are built on a data processing model which suits computers and serves us well in simple tasks such as accounting or cross categorization analysis. This idea has huge implications for how we design computer systems and how we organize ourselves. This is something that we have become aware of in only the last five years and the effects of this change are not yet clear. Question: Almost every assessment of intelligence failures identifies the issue of "stove-piping" or silos in the sense that organizations do nor share information internally. Do you think it reasonable to assume that large scale information sharing inside of or between agencies is likely to occur?

Response from Mr. Snowden: Over a period of years, I have formulated a series of rules of thumb or heuristics of knowledge management. The first of these reference the fact that you cannot make someone surrender their knowledge in the way that you can make them conform to a process. It was originally coined in reference to individuals but I have come

224

RISK ASSESMENT AND HORIZON SCANNING

to realize that it also applies to organizations. Even if they are directly ordered to do so by governments, agencies will find a variety of reasons for not sharing the data as they are required to do so. Look a t the "no-fly-list"in the United States. Five years after 9/11, it appears that there are in reality a t least four different no-fly lists. The various agencies such as the CIA are not putting all of their information on them and there is no one consolidated list that can be consulted in a time of stress or crisis. There are a number of reasons that would come from the agencies as to why they are not working together. Most likely, they would tell you about an inability to share data due to software or hard ware reasons and they would tell you that the data collected on one list is different from another so they cannot be combined.The reality is, however, that there are no good examples of government agencies ever having shared data under such a process and it is unlikely to happen now. It just goes against too many human and bureaucratic barriers. Question: Are you saying that the silo or stove-piping problem cannot be solved? Response from Mr. Snowden:The problem can be solved, but not by forcing people to share their data across silos. Human beings can share information naturally, if they can see a specific need but they will not share it on the basis that it might be useful to do so. There are technological ways of assisting this as well that will help overcome natural human barriers. In general, human beings will "gift"or give information to other individuals or organizations if it is requested in the context of current need. Informal networks or direct access to other individuals is the key requirement. An extension of the rule noted about would be: if you ask someone for specific knowledge in the context of a real need it will never be refused. If you ask them to give you your knowledge on the basis that you may need it in the future, then you will never receive it. Rarely will humans give other individuals information when the context of the information request is to share information or just provide large amounts of data. One major software project I have worked on required a sharing of data across agencies. The goal was noble, but there is no way that one agency was going to make all of its data visible to the others on the basis that they might need it. It would break ethical principles and in some cases the law

. .

The Singapore Risk Assessmen

225 . .

for them to do so. It is one of the reasons why I don’t panic too much about government agencies gathering data about the public. The likelihood that they will put it together or share it is not so high that it becomes a threat. The solution lies in thinking very differently about the problem. If we share the metadata about the data, and there is a coherent structure to that metadata, then we can share that between agencies while leaving the data in its silos. There is no compromise of privacy here. This will not work with a hierarchical taxonomy or a t the other extreme with free tagging (social computing, technorati, etc.). In the RAHS system we use a form of semi-structuredtagging combined with software that can replicate the way different humans tag data. Sharing the metadata involves no breech of security or ethics and is easier to achieve. No one agency ever has to do large scale sharing of the sensitive or personal data under their control and I do not think that it will happen any time soon. However by merging the metadata, and using semi-automation to tag the data from different perspectives we are able to look for clusters and anomalies across very large data sets, and then request specific data items in the context of demonstratable and immediate need. In our experiments we find that often the metadata is enough in its own right as long as you keep the original data in its raw state - as tagged fragments and not as structured or interpreted material. In effect the specifics of patterns can be shared between agencies in a context of need rather than one of broad sharing. It also increases the transfer from seeing, to attending, to acting (the earlier stated three aspects of sense-making). If I search tagged metadata I am not prejudiced by my view of the data per se or subject to filtering by other analysts. When I see a pattern in the metadata I ~ a y u r r ~to ~ the r ~ data o ~ which created it. In contrast, in a normal environment I might just scan through the data without seeing the weak signals it contains. The fact that the data is also part of a metadata pattern also increases the changes that I can get somebody senior to pay attention and to act on my discovery.

This page intentionally left blank

Chapter 163

Rethinking National Security Intelligence

National security as a form of government activity requires a major rethink. Smail- and medium-sized developed states are particularly vulnerable to the complex and uncertain international environment which is increasingly characterized by asymmetric threats. These threats are capable of acting against multiple vulnerabilities. Bluntly put, the state is vulnerable at a number of levels across a wide range of issues. While the state struggles to come to terms with these new threats, the older symmetrical threats such as state-to-state conflict have receded into the background, but they have by no means disappeared. Having t o deal with both symmetrical and asymmetrical threats a t the same time puts an increased burden on intelIigence systems. Many developed states face another ongoing or emerging national security issue: the state is not seen as a legitimate actor or viable repository for the loyalty of many groups and individuals. If a state is to be viable, it must extend its security and social role to all its inhabitants. National security is not just for the security of the state itself, but for all of those living in the state. With a sense of "drifi" developing in many states, especially among the younger populations, this is a serious issue. The politics of identity may be a phrase that is not known to many people who work in the national security intelligence field, but it is something that they will most likely come to know in the future.

228

RISK ASSESMENT AND HORIZON SCANNING

At this point, it is not clear if the state and the concept of national security need some rethinking or if a major reworking is due such as it was

in the 1600s. Whatever the answer is to that greater question, national security intelligence itself clearly needs a major rethink now. With more than seventeen years having passed since the end of the Cold War and five years after 9/1 I , sufficient time has elapsed for us to make some observations about the future of national security intelligence in our complex and uncertain international environment. What follows are some brief conclusions based on the earlier chapters.

16.1 An Intelligent Future for strategic intelligence The future of national security intelligence (and other forms of intelligence) lies in leadership, management, organization and in a greater understanding of cognitive skills. Since the end of the 1960s and possibly even earlier, much of the intelligencecommunity has been shaped by technology. All too often, what was technically possible is what drove intelligence policy. The future lies in thinking. At the strategic level, the drive towards technology-led solutions is beginning to exhaust itself. The future of good strategic intelligencewarning lies in improving analysis and assessment skills. Despite claims to the contrary, computers can only support this most critical function. They cannot solve the problem for us. Ultimately, it must be the genius of the human mind that makes sense of our world for us.

16.2 The Changing Role of the state The role of the state is changing, and therefore the role of national security must change with it. The state, in many cases, has taken on increased roles in the economy, provision of services, health, education and trade. As well, many states now find themselves as economic competitors in a globalized marketplace, causing structural unemployment in their populations. Issues such as transnational terrorism, transnational organized crime, SARS, and natural disasters have sent out signals that the state‘s ability to respond to these threats has been rather limited. While improvements have

ing ~ ~ ~ iSecurity ~ nlneelli a l

229

occurred, it is also clear that national security intelligence must do a better job of identifying possible threats and preparing for them ahead of time. This will require the participation of all government agencies.

163 Hatianal Security ~

~be a§Public t ISSMQ

The state has both a right and a duty to provide security to all of its citizens, not just to the structures of the state itself. Therefore, national security needs to become more of a public issue as the threat expands. It should be as natural to discuss national security matters in public as it is to discuss health care, education, and the economy. National security is no longer just an issue of border and internal security. In states which are becoming increasingly complex, interdependent, and fragile, the effects of many international issues may be felt by the citizens of the state almost immediately. As such, the citizens need to be informed about these issues in order to understand them. The public must also be informed as they are the first line of defence and the first responders to any crisis. An alert and well informed citizenry can make the difference as to whether a significant incident is handled well or if it becomes a major crisis. National security has become a whole-of-governmentproblem.Therefore, it needs a whole-of-government solution. Greater moves towards networked government agencies and frontline integration are necessary.

.I The Future Cannot be Predicted, but it Can be A ~ t i c i ~ a ~ @ Discrete events in the future cannot be predicted. This, however, has not stopped an endless series of commissions and intelligence investigationsto loudly proclaim that intelligence officials have failed to "connect the dots." Unfortunately,'~elegating mission impossib1e"l to the intelligencecommunity will not change the fact that uncertainty is a key element in the future and no one can "connect the dots" in any way other than on hindsight. 'For more on the issue 0f"delegating mission impossib1e"to the intelligence community, see Anthony H. Cordesman, Terrorism, Asymmetric Warfare, and Weapons of Mass Destruction, Prager Publishing, Westport C7; 2002, page 440.

230

RISK ASSESMENT AND HORIZONSCANNING SCANNING RISK A S S ~ S ~ ~AND N T HORIZON

While discrete events cannot be predicted, an effective program of risk assessment and horizon scanning, supported by pattern detection software, can anticipate the types of problems states will face. Leaders and decision makers can respond effectively to a crisis if they are a t least aware of the general nature of the problem and the threat which it potentially poses. Without that knowledge, their responses may be either ineffective or based on a misunderstanding of the nature of the threat. Worst of all, they may be paralyzed into inactivity which i s the worst of all possible actions. In the event of a major crisis, it is not so much the event that shapes the outcomes and the future. It is the response to the crisis that shapes the future.

16.5 Faint signal detection Horizon scanning, the systematic and continuai survey of the environment for faint signals or emergent indicators of change, is an idea whose time has come. Originally conceived as a corporate ”sense-making” tool, the concept has been extended well beyond its traditional focus to become practiced in a wide variety of domains from counter-terrorism, military intelligence, public health, ecological preservation and economic planning, to name just a few. Faint signal detection can be improved in two distinct areas. The first is in improving mindsets and the training of intelligence analysts. Many socalled faint signals were not all that faint. They were quite clear, but were ”missed” because they did not fit into the pattern entrainment of the individuals who were receiving them. The key factor in detecting those faint signals which are being missed due to their low profile or lack of any obvious impact is pattern detection. “Connecting the dots” is impossible with the humongous amount of data flowing around the world. However, pattern detection, when applied to sense making capabilities, has the potential to break this problem. The Risk Assessment and Horizon Scanning process in Singapore will be among the first efforts to detect faint signals using this method.’ *Parts of this section were contributed by HooTiang Boon, an Associate Research Fellow at the Centre of Excellence for National Security, RSIS, Singapore.

ing National Security Intellige

231

16.6 EmergingThreats are Asymmetric in Mature Most of the emerging threats to national security are either asymmetric, or they are issues that require the same sort of intelligence scanning and responses as an asymmetric threat. Describingthe SARS virus as an asymmetric threat may suggest that the virus itself has a consciousness (which it does not), but the nature of the threat is every bit as serious as transnational terrorism and it requires a similar type of response. The only effective weapon that can be used to prevail in the face of an asymmetric threat is knowledge. Power alone cannot prevail in the face of an asymmetric threat. Trying to increase the levels of power only serves to accentuate the degree of asymmetry. Neither can power buy freedom from fear.

16.7 1 6 J Diversity is the i(ey Diversity is the key issue to successful strategic intelligence analysis. As in the competitive commercial private sector, a diversity of approaches can be tried at one time to assess different future options. The chances of finding a future solution increase with an increase in the number of diverse views. As such, the intelligence community should be able to have different groups of individuals working on the incoming data who can produce a diversity of views on the future and the threats that may be faced.

16.8 Wu~ansare not Rational Decision Makers Human beings do not make decisions on the basis of a rational evaluation between the choices that are in front of them. Only computers make decisions on the basis of a programmed evaluation between choices. What human beings do is to search their memories to find the pattern from their previous experiences which appears to fit and then use that as the basis for decision making. Human beings, however, will claim that they have made decisions by a rational process, even if interviewed only a few hours after the decision has been made. In essence, humans rationalize their decision making process

232

RISK ASSESMENT AND HORIZON SCANNING

backwards to claim that they have come to a logical outcome based on rational choices. This has massive implications for strategy, intelligence, battle field decision making, and for foreign policy decision making. If carefully thought through, it also has implicationsfor the ways computers are built. Currently, computers are built using a binary decision making process. This, in many respects, is the same way they present the information they process. However, this is not the way humans think. The greatest opportunities for computer technology may be in building computers that try to interact with humans in the same way humans interact with each other. The opportunities for computers here would seem to be limitless.

16.9 Goverment is not a Business What is the role of government and what are citizens entitled to expect from their government? We are increasingly told that government must be “efficient” and that government agencies must adhere to business models with their endless litany of key performance indicators and key success indicators which measure success against stated missions and goals. Should governments have “balanced scorecards” to determine whether or not it is “bridging the gap”? Governments are ultimately judged on the basis of whether they effectively provide the public goods of security, welfare and justice. Cost-cutting measures to promote savings and efficiencies must contribute to this mandate and not undermine it. The national security and strategic early warning community must have i t s overall impact measured by one criterion: the extent to which its assessments actually add informational and analytical value to the national decision-making process.This requires a qualitative, rather than a quantitative, judgment by policy elites. The strategic intelligence community must thus be granted the authority and autonomy to best carry out its responsibilities free from artificially imposed impediments created by the clumsy application of unresponsive bureaucratic norms.” ’Parts of this section were originally produced as an IDSS commentary entit1ed”The Future of Strategic Early warning^ (I 14/2006),by Tom Quiggin and Kumar Ramakrishna.It is available at: httpY/www.idss.

edu.sg/publications/Perspective/lDSSl142006.pdf

The Singapore Risk Assessme

233

Open Source lntcplli Knowledge is the critical issue in dealing with an asymmetric threat. The private sector has more knowledge and expertise than the government in almost every field of human endeavor. Knowledge, unlike money in an interest bearing bank account, loses its worth if it is not shared and moved around. In order to best prevail over asymmetric threats, government agencies with a national security responsibility need to have wide ranging and immediate access to open source information. At the same time, it can be expected that in a crisis some information required may not be in either classified or open sources. As such, the agencies will need to be able to draw on a wide range of contacts in the private or academic sector. When the crisis starts, it is too late to start working at developing trusted open source or private sector contacts. The contacts need to be developed ahead of time.

1&*I1 ~ ~ u c ~ ~ ~ o n Dealing with complexity means dealing with abstraction.Those who are the most capable in dealing with abstraction are individuals who have a broad range of experiences and/or who have a liberal education that is grounded in such thinking.Those who are schooled or experienced in a linear process such as technical personnel are less likely to deal well with abstraction unless they have been exposed to such issues a t some point in their careers.

,1%Short Term Future

-A Bit Bleak in Some States

The knowledge that a government has or can quickly access may be the deciding factor in a crisis. The quality of intelligence analysis will play a role in the increasingly complex threat environment. However, the quality of analysis may not improve greatly in many states in the short term. The reasons for this are complex, but the main focus may be on a lack of training and the continuous rotation of staff without a plan for their development. Other problems are a lack of overseas experience, the isolation of analysts

234

RISK ASSESMENT ASSES~€NTAND ~ANN~ RISK AND HORIZON HORIZON~SCANNING

NG

due to security measures, a lack of open source intelligence, and a risk averse bureaucratic environment. Another sensitive subject is recruiting. Intelligence analysts who are destined to work at the strategic level must have natural curiosity, competency in various fields such as history, geography and politics, and an expansive mind. Even with good recruits, it would take years to develop such individuals under even ideal circumstances. Unfortunately, business model driven bureaucracies and short term planning means this does not happen in most cases. At least in the short term, we should expect to see many governments functioning with an analytic capability that is weakening, rather than strengthening, in relative terms compared to a complex environment.

16.13 Methodology is not critical No analytic methodology exists or is likely to exist that will magically solve the problems of future prediction for the strategic intelligence analysis community. In the 196Os, Erich Jaentsch, who was an astrophysicist with strong interdisciplinary leanings, identified about one hundred different methods of rational foreca~ting.~ Since then, more methodologies have been added to the lists which are in use in varying environments? A normative analysis of the situation would suggest that if there was a useful methodology for predicting the future, it would already be in widespread use. At the same time, if there is such a methodology, only a limited few forms of it would need to exist. Given that there are over one hundred identified future methodologies, it suggests that there has been little widespread success in this field to date. 'Walter Laqueur, World ofSecrefs,page 306 'Among those methodologies in vogue are: EnvironmentalScanning,The Delphi Method,lhe Futures Wheel, Trend Impact Analysis, Cross-Impact Analysis, Structural Analysis, The Systems Perspectives, Decision Modeling, Statistical Modeling, Technology Sequence Analysis, Relevance Trees and MorphologicalAnalysis, Scenarios, Interactive Scenarios, ParticipatoryMethods, Simulation and Games, Genius Forecasting, Normative Forecasting, S&T Road Mapping, Field Anomaly RelaxatiobText Mining for Technology Foresight, Agent Modeling, State of the Future Index (SOFI),The Multiple Perspective Concept, Scenario Planning, and Causal Layered Analysis. See the site http://www.acunu.org/ millennium/FRM-v2.htm~for further information on a variety of methodologies.

ing National Security Intellige 235 Methodology, however, is not a critical factor in the analytic process at any rate, If there is a generous flow of information into an intelligence system which is then circulated to a wide range of open minded analysts, then the leaders will most probably get good analysis for their needs. Any basic methodology will make the process work. If on the other hand, information silos exist or the analysts are crippled by mindset problems, no methodology can defeat these over riding obstacles."

41 6.94 Digital and Analogue Ultimately, computers are binary decision makers. It is either a zero or a one. That is all a computer can do at the most basic task level. All tasks for computers must be broken down into the simplest of steps or they cannot function. Therefore, digitalization is by its nature a reductionist practice. But the complexities of the emergent order problems of the future are not capable of being broken down into smaller parts for analysis. When this is done, the process of reductionism loses the essence of the problem at hand. We are frequently trapped into the idea that computers can somehow solve difficult problems. While this is true for tasks such as accounting or for processes such as categorization, it is not true when attempting to deal with complex ideas such as social resilience or the threats to the economy from a SARS type incident. We need to quit worshiping a t the temple of digitalization. It reduces us and makes us smaller - just like the way binary models make decisions. The power of understanding complexity, uncertainty and abstraction will be a leadership tool and survival mechanism for the future. To lose the power to think abstractly and to be reduced to a binary model would be destructive.

16.15 the ~ u ~ Could u r be ~~ r i ~ h ~

~~~~~

The potential for a bright future exists for national security intelligence in 'For more on this issue see Walter Laqueur, WorldofSecrefs, page 306

......

236

RISK AND SCANNING RISK ASSESMENT ~ S S E AND S ~HORIZON HORIZON ~ ~ S ~~AN~IN~

small- and medium-sized developed states. The technology and the human capability to provide a useful warning function are in existence. What is lacking is the management, organization and political will to carry out the changes needed. As Pogo put it: "We are confronted with insurmountable opportunities."'

16.16 The Future of intelligence? In short, the intelligence officers of the future will have to be - well intelligent.

'Walt Kelly (1913 to 1973), from the"Pogo"comic strip.

Appendix ix

National security and education: s Thinking Across the Boundaries of time and specialization The challenges of national security appear, in many respects, to be almost overwhelming. If it not possible to predict the future for even a few years in advance, what can the state do to ensure its future viability? One thing that can be done today to prepare for the national security problems of tomorrow is the education of those who will have to take up leadership and analytical roles in the future. Aristotle argued that there were two types of education: liberal and vocational (or servile). The vocational education was designed strictly for individuals to get a job in a specific trade. By contrast, a liberal education was designed for the "free men" of the Greek state (i.e., non-slaves). It aimed to develop higher knowledge. Higher education is by definition concerned with abstractions. It is meant to develop a coherent body of knowledge for its own sake and to create leaders with a strong sense of moral development. As put by the Irish poet William Butler Yeats, if no philosophical habit of mind is developed, "the centre cannot hold and mere anarchy is loosed upon the world." National security now has to deal with increased complexity and uncertainty. This means dealing with abstractions. As such, individuals who are adept at working with abstractions are more likely to deal with the stress of sudden uncertain situations. This contrasts with those individuals who deal in closed systems with fixed and recurring variables. Consider the current situation with respect to asymmetric threats and national security. To some, these represent a new kind of threat with an unnerving and unsettling new form of"1ogic"whereby the smaller force can greatly upset the larger force. Trying to adapt to this new inverted form of logic may be difficult for some. However, those individuals who have studied Thucydides will recognize these kinds

238

RISK ASSESMENT AND HORIZON SCANNING

of problems from the Milean debate on the uneasy relationship between the powerful Athenians and the weaker inhabitants of the island of Melos. National level leaders of all states have to work in an environment where they must integrate economic, social and security problems in order to produce intelligence and effective decisions in a timely manner. They need to see the "big picture" and those who provide them with intelligence and advice also need to see the big picture. Without the ability to integrate knowledge across the artificial bounda~~es of bureaucracy, national security intelligence advice will be weaker than it could be. What can we do today that will improve the national security intelligenceservices of the future? Without a doubt, education is one option that will prove valuable in the future.

Bibliography

Acharya, Amitav, Age of Fear: Power versus Principle in the War on Terror. Marshall Cavendish International, Singapore, 2004. Adams, James, The New Spies: Exploring the Frontiers of Espionage. Pimlico Edition, London, 1995. Aid, Matthew M., "The Time of the Troubles: The US National Security Agency in the Twenty First Century," in Strategic Inrelligence: Windows Into a Secret World, Loch K. Johnson and James K. Wirtz (eds.). Roxbury Publishing Company, Los Angeles, California, 2004. Alexseev, Michail A., Without Warning: Threat Assessment, Intelligence, and Global Struggle. St. Martins, New York, 1997. Berkowitz, Bruce and Goodman, Allan, Strategic Intelligence and American National Security. Princeton University Press, Princeton, New Jersey, 1989. Betts, Richard K., "Intelligence Test: The Limits of Prevention,"in How Did This Happen? Terrorism and the New War, James F. Hoge, Jr., and Gideon Rose, (eds.). Public Affairs, New York, 2001. Cordesman, Anthony, H., Terrorism,Asymmetric Warfareand Weaponsof Mass Destruction. Praeger Publishers, Westport, Connecticut, 2002. Davis, Jack, "Improving CIA Analytic Performance: Strategic Warning," The Sherman Kent Center, Occasional Papers: Volume 1, Number 1, September 2002. Davies, John L. and Gurr, Ted Robert (eds.), Preventive Measures: Building RiskAssessment and Crisis Early Warning Systems. Lanham, Rowman & Littlefield, Maryland, 1998. Dearlove, Sir Richard and Quiggin, Tom, "Contemporary Terrorism and Intelligence," IDSS Commentary Paper 82/2006,7 August 2006,available at: http://www.idss. edu.sg/pu blications/Perspective/lDSS0822006,pdf. Der Derian, James, "Anti-diplomacy, Intelligence Theory and Surveillance Practice," in lntelligence and National Security, Volume 8, Number 3, July 1993.

240

RISK ASSESMENT AND HORIZON SCANNING

Dougherty, James E. and Pfaltzgraff, Robert L. Jr., Contending Theories of lnternationa/ Relations, 3rd Edition. Harper Collins, New York, 1990. Dulles, Allen, The Crafr of Intelligence. Weidenfeld and Nicolson, London, 1963. Einhard and Notker t h e Stammerer, Two Lives of Charlemange. Penguin Books, Middlesex, England, 1969. Ford, Harold P., Estimative Intelligence, The Purposes and Prob/emsof National lntel/igence Estimates. Defense Intelligence College, Maryland, 1989. Godson, Roy, /nte//i~ence Requirements for the I980's: Elements of ~n~e~~igence. National Strategy Information Center, Washington D.C., 1979. Gooch, John and Perlmutter, Amos (eds.), Military Deception and Strategic Surprise. Cass Publishers, London, 1982. Griffiths, Samuel B., Sun Tzu: The Art of War (Translation). Oxford University Press, New York, 1963. Gunaratna, Rohan, lnside A/ Qaeda: Global Network of Terror. Berkley Books, New York, 2003. Herman, Michael, Intelligence Power in Peace and War. RIIA, London, 1996. Hoffman, Bruce, lnside Terrorism. Columbian University Press, New York, 1998. Howe, Harry Ransom, The lnte/ligence Estab/ishment. Harvard University Press, Cambridge, Massachusetts, 1970. Hybel, Alex Roberto, The Logic of Surprise in /nternationa/ Conflict. Lexington Books, Lexington, Massachusetts, 1986. Johnson, Loch K. and Wirtz, James J. (eds.), Srrategic lnte//igence:Windows Into a Secret World. Roxbury Publishing Company, Los Angeles, California, 2004. Kam, Ephraim, Surprise Attack. Harvard University Press, Cambridge, Massachusetts, 1988. Kean,Thomas H. and Hamilton, Lee H., et al, The 9/7 J Report: The National ~ommjssion Report on Terrorists Attacks Upon the United States. St. Martin's Press, New York, 2004. Kent, Sherman, Strategic Intelligence for American Foreign Policy. Princeton University Press, Princeton, New Jersey, 1949. Keohane, Robert, Neorealis~and if5 Crirics. Columbia University Press, New York, 1986. Kurtz, C.F., and Snowden DJ., "The New Dynamics of Strategy: Sense-making in a Complex and Complicated World," IBM Systems Journal, Volume 42, Number 3, 2003. Laqueur, Walter, World of Secrets: The Uses cand Limits of Intelligence. Weidenfeld and Nicolson, London, 1985. Laqueur, Walter, The New Terrorism: Fanaticism and the Arms ofMass Destruction.Oxford University Press, Oxford, UK, 1999. Laqueur, Walter, No End to War: Terrorism in the 2 1 9 Century. The Continuum International Publishing Group, London, UK, 2003.

re Threats: The Areas of Str

241

Lovins, Amory 8. and Lovins, Hunter L., Brittle Power: Energy Strategy for National Security. Rocky Mountain Institute, Snowmass, Colorado, 1982. May, Ernest, Knowing Ones Enemies. Princeton University Press, Princeton, New Jersey, 1986. Merari, Ariel, "Terrorism as a Strategy of Insurgency," Terrorism and Political Violence, Volume 5, Number 4, Winter 7993. OLeary, Jeffery (Major), Surprise and Intelligence: Towards a Clearer Understanding. Air War College, Maxwell Air Force Base, Alabama, 1997. Pinker, Steven, How the Mind Works, 1s t Edition. W. W. Norton & Company, New York, 1997. Powell, Colin, My American Journey. Random House, New York, 1995. Quiggin, Tom, "Response to 'No Cloak and Dagger Required: Intelligence Support To UN Peacekeeping: lntelligence and National Security,Volume 13, Number 4, Winter 1998. Quiggin, Tom, "Marching To War: The invasion Of Iraq: A Plan Fourteen Years In The Making,'' The Royal United Services Institute Journal, London, October 2003. Quiggin, Tom, "It Sure is Dark in Those Caves: Open Source Intelligence for National Security," IDSS commentary Paper 105/2006. Quiggin, Tom and Ramakrishna, Kumar, "The Future of Strategic Early Warning," IDSS Commentary Paper 1 14/2006. Ramakrishna, Kumar and Quiggin, Tom, "Singapore's Darwinian Imperative: Survival in a Complex and Uncertain World," IDSS Commentary 29/2006, 28 April 2006. Ransom, Henry, The IntelligenceEstablishment.Harvard University Press, and Cambridge University Press, 1970. Robert Jervis, Perception and Misperception in International Politics. Princeton University Press, Princeton, New Jersey, 1976. Rusbridger, James, The lntelligence Game. I.B. Tauris and Company Limited, London, 1989. Smith, Steve, Booth, Ken and Zalewski, Marysia, lnternafional Theory: Positivism and Beyond. Cambridge University Press, Cambridge, UK, 1996. Steele, Robert David, On Intelligence: Spies and Secrecy in an Open World. OSS International Press, Oakton, Virginia, 2001. Stern, Jessica, Terror in the Name of God: Why Religions Militants Kill, Harper Collins Publishers, New York, 2003. Stour, Mark and Quiggin, Tom, "ExploitingThe New High Resolution Satellite Imagery: Darwinian Imperatives?" The Canadian Security and intelligence Service, Commentary Number 75, Summer 1998. Strange, Susan, Structures of Power in the World Economy. Printer Publishers Limited, London, 1988. Strassler, Robert B, The Landmark Thucydides:A ComprehensiveGuide to the Peloponnesian War.The Free Press, New York, 1996.

ASSESMENTAND ANDHORIZON HORIZONSSCANNING 242 RISK WSSESMENT ~ A ~ N ~ N ~ 242 RISK

Strong, Sir Kenneth (Major General), Men ofintelligence. Cassel and Company, London, 1970. Talbott, Strobe and Chanda, Nayan, The Age of Terror. Basic Books, New York, 2001. Treverton, Gregory, Reshaping ~ a ti o n a/nte//igence / for an Age of /nformation.Cambridge University Press, Cambridge, UK, 2003. Ulrich Beck, World Risk Society. Polity Press/Blackwell Publishers, Cambridge, UK, 1999. Vasu, Norman and Quiggin, Tom, “People Power in the War on Terrorism?”RUSI-hnes Homeland Security and Resilience Monitor, 22 May 2006. Wohlstetter, Roberta, Pearl Harbor: Warning and Decision. Stanford University Press, Stanford, California, 1962.

Index

9/11 Commission Report 21, 140

A Abdur Rahman 139 actionable intelligence 155, 177, 182, 184 Afghanistan 12, 16, 34, 39, 106, 113, 123, 134, 139, 191 Age of Fear 23, 26, 28, 239 Age of Reason 204 Ahmed Ressam 148, 149 al-Qaeda 12, 13, 16, 33, 34, 37, 39, 40, 54, 106, 107, 1 13, 122, 123, 124, 138, 139, 150, 151 Alex Roberto Hybel 55 Ali Riaz 139 Allen Dulles 64, 67, 71, 75 Aluminum powder 39, 136 Ambassador-at-large Lam Chuan Leong 201 Amitav Acharya xi, 26 Amory B. Lovins 35, 36 Angelo Codevilla 80 Anthony Cordesman 98 anthrax 137, 144 April Glaspie 125

Arabinda Acharya 164, 165 Artificial Intelligence (All 185 asymmetric vii, ix, x, 5, 8, 15, 16, 17, 19, 27, 91, 97, 104, 107, 108, 111, 112, 113, 116, 151, 159, 160, 162, 167, 177, 183, 184, 189, 190, 193, 194, 199, 200, 201, 210, 227, 231, 233, 237 Aum Shinrikyo 93, 94 Ayman al-Zawahiri 123 B

Bali 15, 39, 136 Bangladesh 113, 124, 137, 138, 139, 140 Boolean searches 161 Bosnia 118, 119, 120 Bosnian Serb Army 119, 120

C C.F. Kurtz 190 Canada x, 35, 79, 89, 90, 113, 133, 149, 161 CBRN 29 centralized intelligence 4, 11 1, 165 Centre of Excellence for National Security viii, xi, 142, 230

244

RISK ASSESMENTAND ANDHQRlZON HORIZON§SCANNING RISK ASSESMENT C~NN~~G

Charlemagne 68 Christopher Andrew 70 Cognitive Edge xi, 181, 194, 208, 212 Colin Powell 168 commercial data bases 161, 166, 176 connect the dots 42, 217, 218, 219, 229 Consartium for the Study of Intelligence 70, 77 Cynefin framework 209, 21 2, 213, 214, 217 D Darwinian imperative 95, 145, 190 Dave Snowden xi, 181, 190, 194, 195, 201, 208, 209, 212 David A. Charters 16 David Kahn 82, 83, 95 Department of Homeland Security 90, 141, 142, 200 Diana Dean 149 Director of National Intelligence 90, 141 dirty bombs 15 Diversity 128, 129, 192, 231 E education 2, 5, 12, 191, 196, 201, 204, 207, 21 1, 220, 228, 229, 233, 237, 238 Ephraim Kam 54, 55 Erich Jaentsch 234 Ernest May 48, 49, 70

F faint signals 4, 5, 117, 118, 120, 122, 124, 127, 128, 129, 131, 132, 133, 135, 137, 138, 139, 140, 141, 142, 199, 200, 201, 203, 222, 230 Fazlul Rahman 124 Flying Telephone Pole 1 18

G General Maurice-Henri Gauche 49 globalization 2, 8, 10, 11, 13, 14, 18, 154 Gregory Treverton 92, 1 12, 168, 169 H H5N1 114, 131, 133 Harold t? Ford 56, 57, 77, 82 high resolution imagery 162, 173 Hizbollah 12, 13, 15, 16, 121 home grown jihadists 14, 94, 134 Hoo Tiang Boon xi, 142,230 horizon scanning 4, 5, 43, 124, 145, 153, 209, 222, 230

I integration 72, 91, 11 1, 112, 114, 203, 229 intelligence bashing 147 International Centre for the Study of Political Violence and Terrorism 164, 165 IRA 193 Isaac Ben-Israel 80 Istanbul 39 J Jamaat al-Fuqra 148, 149 James Adams 69 James Der Derian 47, 48, 80 James E. Dougherty 59 James J. Wirtz 55, 91 Jeff "Skunk" Baxter 37 Jemaah lslamiyah 199 Jessica Stern 93, 123 jihadists 13, 14, 23, 94, 134, 193 Joint Intelligence Committee 61 Jose E Melendez-Perez 149

K Karl Popper 49 Karl von Clausewitz 46

index

Ken Klabunde 144 Kenneth N. Waltz 10, 11 knowledge workers 1 14, 194, 195 Kumar Ramakrishna viii, xi, 20, 232 L

L. Hunter Lovins 35, 36 Loch K. Johnson 53, 239 London 15, 25, 34, 35, 39, 40, 45, 47, 50, 52, 53, 64,67, 69, 75, 77, 80, 82, 93, 100, 1 22, 1 36, 147, 148, 150, 159, 167, 239, 240, 241, 242

245

0 Open Source Intelligence 157, 161, 158, 233, 241 Operation Deny Flight 11 8, 1 19 organized crime vii, 8, 13, 17, 18, 24, 31, 32, 33, 38, 40, 94, 96, 105, 107, 1 12, 177, 183, 193, 200,228 Osama Bin Laden 36, 122, 123, 124, 138, 139 OSINT 157, 158, 160, 161, 162, 167, 168, 170, 171, 175, 177 P

M Madrid 34, 39, 1 13, 136, 148 Maher Kalaji 143 Major General Sir Kenneth Strong 47, 100, 159

Manchester Manual 37 Mark Stout 95, 174 Mark Woolhouse 1 14, 132, 175 Mathew M. Aid 92 metadata 225 methodology 27, 49, 50, 73, 80, 128, 145, 171, 182, 204, 214, 222, 234, 235 Michael Herman 50,53, 69, 70, 83, 86 militarization 4, 98, 103 Mindsets 121, 211 Mirror imaging 57 Mumbai 34,39, 113 N

Nanotechnology 142, 143, 144, 145 National Security Agency 92, 218, 239

Norman Vasu xi, 147 North Atlantic Treaty Organization (NATO) 10 NSA 92

pandemics x, 17, 23, 96, 105, 107, 131, 132, 154, 175, 176, 177, 184

Patrick Nathan xi PDB 169 Peloponnesian War 63, 66, 241 Permanent Secretary Mr. Peter Ho 201 PETN 38, 135, 136 Pogo 115, 236 positivism 61 President’s Daily Brief 168, 169 Public Safety and Emergency Preparedness Department 90 R RAHS viii, 133, 199, 201, 202, 207, 208, 209, 210, 211, 212, 217, 222, 225 Richard K. Betts 56, 82, 85, 91, 148 ricin 38, 39, 40, 135, 136, 137 risk 22, 24, 25, 26, 28, 29, 30, 41, 43, 45, 52, 53, 64,73, 82, 91, 132, 136, 153, 155, 179, 208, 221, 222, 230, 234 Risk management 28 Robert B. Strassler 66 Robert David Steele 18, 30, 98, 101, 102, 105, 112, 157, 162, 163, 168 Robert Jervis 45, 54, 56, 241

246

RISK ASSESMENT SCANNING RISK A § § ~ S AND ~AND ~ HORIZON NHORIZON ~ SCANNlNG

Robert L. Pfaltzgraff, Jr. 59 Roberta Wohlstetter 54, 70, 71, 74 Rodney Brookes 186 Rohan Gunaratna 93 Roy Godson 49, 70, 77 RUSI/Janes Homeland Security and Resilience Monitor xi, 147

S S.B. Griffiths 54 S. Rajaratnam School of International Studies (RSIS) viii, xi, 142, 164, 165, 230 Saddam Hussein 54, 125, 126 Sarah Jaimie Brunell 193 SARS 133, 167, 175, 183, 199, 210, 222, 228, 231, 235 Secrecy 5, 17, 18, 30, 98, 104, 160, 162, 177, 241 Sheikh Gilani 149 Sherman Kent 49, 70, 71, 72, 78, 89, 185, 239 Shining Path 193 Singapore 89, 199, 200, 201, 202, 206, 207, 208, 209, 210, 21 1, 212, 220 Sir Richard Dearlove xi, 33 SMO 104, 108 social resilience 151, 152, 153, 155, 235 Spanish Flu pandemic 23 STAFF ROTATIONS 109 Steven Pinker 187 stove-piping 21, 91, 99, 140, 142, 148, 203, 206, 223, 224 strategic surprise 1, 3, 4, 45, 46, 54, 56, 58, 82, 86, 89, 91, 98, 151, 152, 153, 185, 199, 210 Sudan 12, 106 Sun Tzu 1, 46, 48, 53, 54, 64, 65, 202, 209, 240

Support to military operations 104 Susan Strange 52

T Taliban 139 TATP 40, 136 The Royal United Services Institute Journal 147, 241 Thucydides 1, 46, 65, 66, 67, 202, 237, 241 Toronto 137, 148, 149 transnational organized crime 17, 18, 96, 105, 177, 183, 200,228 Transnational terrorism 96, 193 Treaty of Westphalia 8 U Ulrich Beck 11, 242 UN 10, 14, 15, 63, 74, 119, 241 United Airlines flight 93 151, 152 United Nations x, 10, 167 UNPROFOR 119 Ursula K. Le Guin 97 USS Cole 12, 124, 167

W Walt Kelly 115, 236 Walter Laqueur 4549, 52, 53, 60, 64, 71, 72, 73, 80, 81, 86, 93, 94, 95, 98, 204, 221, 234, 235 weak signals 100, 1 16, 1 17, 121, 134, 225 whole-of-government response 200 whole-of-government threat 200 World Islamic Front for Jihad Against Jews and Crusaders 122 World Wide Web 29, 30, 33, 160 Wu Ch’i 65 Y Yugoslavia x, 2, 118, 119, 166, 167, 191

This page intentionally left blank