Schneier on Security
A blog covering security and security technology.
« Authentication Stories |
| Maps Showing Spread of ZeroAccess Botnet »
October 4, 2012
Tradecraft and Terrorism
Posted on October 4, 2012 at 3:35 PM
• 13 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
This thing badly needs footnotes or references. It reads like a brainstorming session.
"This thing badly needs footnotes or references. It reads like a brainstorming session."
Stratfor's stuff is always like that. You have to read it for what it is; a bunch of ideas.
They could also just threaten an attack and rely on eager politicians to ruin out society for them in the name of "safety". Seems a lot easier to me.
Sounds like "sleeper cells" are a dead end. Operational security, communications security and logistics are just not going to hold together long enough.
If you are in the US and don't already have a mature plan, you aren't going to cause much *physical* damage.
"Before an attack can be planned, an aspiring terrorist group must be organized, funded and trained."
So in other words, this article insists that lone wolves like Timothy McVeigh and Lee Harvey Oswald couldn't possibly do what they are accused of and we should look to vastly larger conspiracy theories.
Organization, training, and funding can easily come from separate sources. The worlds militarys (and moreso various wars) produce millions of trained potential terrorists (especially when very few can do plenty of damage). Funding requirements largely depend on tactics and motivation: Pilot training for 9/11 likely wasn't cheap, while McVeigh's explosives were largely a mound of fertilizer. One thing that is harped on this board a lot is police work, and while the sting operations used in the US may appear a failure (your typical "terrorist" is some shmuck carefully talked into "terrorism"), it should disrupt attempts to organize.
"while the sting operations used in the US may appear a failure (your typical "terrorist" is some shmuck carefully talked into "terrorism"), it should disrupt attempts to organize"
Yeah, and "talked into" by either CI(confidential informant) or undercover LEO. The difference is that when initiative was NOT on shmucks side, in case of CI - no legal defence for shmuck at all in the court. Just observation.
Hmm it's not just a rambaling brainstorming it's got wrong with it.
For instance, it mentions the aircraft hijacks of the 1960's&70's but forgets to mention that many of these were in effect "state sponsored" and were part of the "proxie war" stratagems of the cold war era.
As others have noted above it does not need to be a group, nor as has happened with the attempts at gas cylinder bombing in the UK's Glasgow airport (June 2007) or Times Square NY (May 2010) and several other places do the group/individual need to be organised funded or trained (which is probably why both incidents did not work the way the perpetrators intended).
As for operational security the various N.I. terrorists groups had little trouble getting recruits and limiting any damage infiltrators from Gov/LEO trying to work their way in which was why the Gov tactics changed to trying "to turn" suspected individuals.
Further fake/alternative ID's are not a necessity for terrorists many groups have and do prosper without them and when it comes to suicied bombers often they use their own quite legaly issued travel documents.
Whilst modern methods of communication are getting harder, traditional non electronic means are still just as effective as they have always been.
As for funding there are various Muslim and Asian banking systems that have and do continue to work effectivly using what are in effect bussiness letters of introduction/credit to a cut out who then passes the funds on in other methods. One trick that has worked for a while is gold coins. Many people from Asian and other backgrounds collect and trade using gold coins these can be moved / smuggled relativly easily and worn ass jewlery. As has been seen in the past with UK VAT fraud gold coins melted down and cast into rough ingots are bought quite readily by asian jewlers etc for cash or semi/precious stones. Adding small quantities of other metals such as copper etc is also known by many criminals world wide as a way to disguise the origin of the base metal.
I could go on and pick many many more holes in the artical and give counter examples to show that "it aint necessarily so". But that would be both to easy and missing the point. The point is that enquiring and inventive minds have been at the terrorism game since before the word was invented or for that matter could be written down.
Spying has often been refered to as "the second oldest profession in the world" and much trade craft has been practiced and honed to a very fine degree over the centuries. In a way terrorism is just an offensive subset of Spying, it was back in WWII that Churchill effectivly legitimised this "branch of spying" by trying to set Europe ablaze via the likes of the Special Operations Executive (SOE).
The simple fact is that this trade craft was developed from the skills of criminals (crime almost certainly being the oldest profession in the world) and as we have seen most forms of crime have stayed the same even with the advent of modern technology, they have just changed slightly the tools available thus providing more opportunity to those with inventive minds.
If people wish to try and become successfull terrorists I would commend them to first study a little history then examin how technology has changed the game a little as it has with crime. By the end of the process if they have the brains to become successfull they will almost of certainly realised there are better ways of achiving most of the goals they desire. History has shown us that Communism did not fail from external pressure (although it certainly helped) but from within with the leadership realising that it was not working. This failing from within historicaly is also the fate for most dictatorships and empires.
But a final thought, as bad as 9/11, 7/7 etc were, which has caused more harm to the every day lives of US and other western nations, global terrorism or the global recession attributed to the behaviour of the banking industry and/or global capitalism?
Seems to me there are risks to mounting an organized campaign. So make everything open source. Publish as much information as you can about terrorism trade craft. Instead of active recruiting, select an ideology and use marketing techniques to attract individuals. Pretty soon you will have lots of self funded individuals on your mission. The vast majority of these "lone wolves" will fail, but a certain percentage will succeed. Lucky for us, the last major ideology that had any appeal across cultures was communism, et al. Communist aligned so called "terrorists" did manage to cause lot of havoc worldwide. Islamic ideology is unlikely to have much appeal outside of the islamic world, not enough to turn individuals into lone wolves at least. What I don't understand is why would anyone even both with all of this, when all it takes is a phone call to your favorite building/station/airport to cause mass hysteria and disruption?
It has problems in that these guys appear to have not read other types of history, or asked anyone who plans, well, anything. No ex-staff officers (or hell, Platoon SGTs) at Stratfor?
"...the more challenging secure communication becomes..."
This whole thing brings up huge issues that have bitten terrorists and organized crime... and armies and corporations. The secure layer is just one bit, but it also needs to be effective and scaleable. We've all worked in companies where maybe one guy knows what is going on, and a wiki would be better, but that's a security risk, so is denied by IT, so we email everything around, or cheat in some way.
Or, as a scale example, the German Army had a giant headquarters/joint-communications center set up in teens which they kept secret, and started to use when WW1 came up. Brilliant idea, well organized only just now being replicated well in some countries. Except: It had maybe 1% of the needed capacity for an actual war. Overloaded immediately on the tactical side, so orders come into the building and stay there. Second: secret. Most subordinates didn't know about it, or where it was so couldn't send runners (always have a fallback)
Using the world "tradecraft" in connection with terrorism is like saying "expert robber" or "professional vandal."
These are people who fumble their way to temporary victory followed by humiliating defeat.
Terrorism is _easy_ from the operational and logistics perspective, if you are a broken or inhuman monster. All you have to do is not mind hurting or killing large numbers of innocent people.
Fortunately, people who lack a conscience are few and far between -- and likely to get caught. A schmuck willing to indulge in mass murder is dangerous. Better to entrap them with fake plots than roll the dice whether they will come up with a working plot on their own.
Criminals don't approve of terrorism any more than anyone else rational and sane does. It's bad for business.
Glyndwr Michae says: "They could also just threaten an attack and rely on eager politicians to ruin out society for them in the name of "safety". Seems a lot easier to me."
Fortunately, our society is really hard to ruin. Despite expensive security theater (I consider the September 11th security fee on my airline ticket to be exactly that), we haven't quite declared war on ourselves just yet.
Andrew at October 5, 2012 6:00 PM wrote: "Fortunately, people who lack a conscience are few and far between -- and likely to get caught."
Or they become corporate executives and Wall Street bankers, and get rewarded for their sociopathy.
See today's "Dilbert" comic strip.
@Andrew: Terrorism does not have to fail, but not every goal is achievable with terrorism. The first that comes to mind is an even smaller version of guerrilla warfare to bleed out an occupying force (might take a long time, but Vietnam was mainly lost in the press and could not have been won militarily by either side anyway). The second is as a pretense/trigger to create a fascist police state, or at least drift a little more in that direction (see Gladio). Breivik probably tried this, too. But luckily the Norwegian government got more brains (and balls) than the rest of Europe combined and kept cool.
With our southern gate, and our coasts,and our visas, wide open; Who needs fancy plans? Walmart,Ace Hardware,and on-line data and sales are open;who needs "professional experts". Sabots away...
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.