At Fort Bragg, 1st Special Forces Command is building an Information Warfare Center that will specialize in “influence artillery rounds”:
“Cyber is another delivery system. It’s a platform, like an artillery piece that you can deliver influence rounds through,” Croot said. “There’s an information revolution that has occurred, and things move faster than we’ve ever seen before, and it’s hard to change mindsets of people and systems and processes to be able to move at the speed of information.”
It also has a more defensive role, described in more down-to-earth terms:
This also includes training forces on how to reduce their digital attack surfaces while deployed and even in garrison in the U.S.
The dangers were demonstrated to great effect a few years ago during a unit exercise, Croot explained. Prior to deploying to the exercise in the U.S., the commander told his unit he wanted everyone off social media a full month prior.One day into the exercise, the commander laid out how many people the unit had deployed, what base they came from, where they were going, what their mission was and where their families lived, all from their digital footprints, Croot said.
“If you want to be terrified, sit and see and watch a picture of a family member up on a Facebook post talking about you and where you work and where you’re going,” he said. “This is real, and it absolutely is something that we have got to take seriously from a home station force protection perspective, let alone at the edge.”
Battlestar Galactica rules. No digital networks. Hostile forces have compromised them all.
The more basic problem is: “social media” isn’t. Look at what it IS, what it DOES, not what it calls itself. It’s not about talking to friends and family. It’s a global-scale propaganda platform. You put something on a computer network, including a comment like this one I’m writing now, you must assume and expect that every single person in the world, including psychopathically evil individuals who have it in for you personally, are going to see it. And you need to think about what they can do with it.
People who post photos of their kids on the internet are out of their goddamned minds.
Yes, this: “It’s a global-scale propaganda platform.”
This is not a new issue; go back to WWI and WWII, and you’ll find proscriptions on people keeping diaries and journals, plus concerns about what they were writing home to Mom and Dad. This led to draconian rules and censorship.
Circa 2005, I’m the Brigade Intelligence NCO for an Engineer Brigade about to go on its second tour to Iraq, this time with 101st Airborne. Some five-six months before deployment, during the train-up, I start to look around and ask myself what our vulnerabilities were. Judging from the inane crap some of my troops were posting on the various then-available internet sites, I realized we had a problem.
I did not think that this was a major insight, or that anyone who wasn’t blind to reality could miss it. I was wrong.
Started out by talking it over with my then-boss, who was dismissive of it. He was going through issues at the time, so I can’t really blame him for not thinking things through. New boss incoming, talked to him–He saw the potential for problems, didn’t necessarily agree with me about the priority, and he thought it was something for the future. With his guidance and support, I did up a bit of a white paper pointing out all the issues I could think of, which I still believe were as obvious as flies on a donkey’s ass. The reaction I got from the rest of the Brigade staff was pretty much “Oh, isn’t that precious! A senior NCO who can write, and thinks he’s a person!!”. It was like I was a performing bear, or something…
No actions taken. I might also point out that one of the issues I wrote up in that paper was in reference to the potential for someone going out and buying themselves a satellite phone for the deployment, and what might flow from that. I remember particularly a very sarcastic young captain on the staff mocking that concern, saying that no soldier could possibly afford such a luxury in the first place, so why worry about it.
My white paper sat on desks, no actions taken, and apparently no thoughts given. We went off to do Command Post Exercises with 101st Airborne at Fort Campbell, and I queried them about the issue, handing off copies of what I’d written. Again, they pointed and laughed, hooting at my naivete. Around that point, I started to question my own thinking, ‘cos if all these smart people were telling me I was lunging at non-existent problems, well… I must be wrong, no?
Cue up immediately before the deployment. Panic-stricken messaging comes down from 101st to us at Fort Lewis: We had to scrub all social media sites for possible OPSEC violations, and start monitoring them… Seems that most of what I’d written had come true, in that they’d had a rather embarrassing and significant breach of security via social media.
Day or so later, that smartass captain who’d made fun of me for worrying about satellite phones is up in my office looking for “what to do” because he’s just found out, by accident, that one of his junior enlisted soldiers has really rich and wealthy in-laws, and they’ve just bought him a better satellite phone with better coverage in the Middle East than the ones we purchased… Just so he can stay in touch with his pregnant wife. Due directly to that captain’s mockery and sarcasm, the policy letter on such things that I’d about convinced the Operations officer to write and put out had been quashed, and having him in my office begging for us to do something about the issue was a bit precious. I had to remind the asshole who’d been the one to ensure we weren’t prepared for that issue. No sign of embarrassment on his part, and he continued to blame us for our “failures” to foresee the eminently predictable. My boss was not sympathetic, all of that captain’s fine work of mockery having taken place just as he was arriving and getting his feet under him.
Oddly enough, most of my recommendations got put into effect without a single ‘effing word of attribution. Chunks of my white paper were word-for-word ripped off by 101st Airborne staff for inclusion with their policy letters, as background.
Anyone still wonder why the hell I’m cynical about the military…?
There is really no way to deal with this crap, effectively. When it was Joe Schmuckatelli writing home to Mom and Dad once a week or so, you could potentially stay on top of that with mass censorship. These days? LOL… Cat’s out of that bag, and how. Look at what is happening to the Russians over on bellingcat.com. Just about everything they’re doing is open-sourced off the internet and social media sites, and the amount of OPSEC damage done just by some idiot publishing a single photo on social media is incredible. The autistic bastards over there managed to figure out where and how many actual Russian vehicles were in Ukraine, just from the background of a shot taken in a motor pool.
The only way I can see around this is to go totally open, and not bother to censor shit. You can’t, effectively, so why bother?
This means you’re going to have to either go the Battlestar Galactica route and eschew all the benefits of the internet and social media, or you’re going to have to embrace the suck and do everything in the open, honestly. What this means, long-term, is that OPSEC is a joke. You’re not going to be able to do a bunch of the surreptitious crap that used to be so common, so your tactics and techniques are going to have to be out in the open. At best, you may manage to pollute the infostream with false data, but that has limited benefit.
To a degree, I think that traditional intel is dead as a doornail. Who needs a human intelligence source when the enemy is publishing pictures of himself beheading captives, and boasting about it? Why bother with propaganda, when your enemy is doing it to himself, and far more believably? A reputation for lying is only going to cause people to look at the truth and see lies, anyway…
My take is that all of this openness means that a lot of what governments and militaries have gotten away with in the past is obsolete, and they’d better get used to the idea. Subterfuge is useless; raw strength and an utter abandonment of security and secrecy may be what we have to do, going forward. OPSEC may well be a fool’s game, these days. Maybe.
Also… Couple this issue with the OPM breach, and you’ll come to the same conclusion: Either you work out a way to deal with this reality, or you just roll over and spread your metaphoric cheeks for what’s waiting for you.
I’ve said it before, and I’ll repeat it here: Things and places like the drone pilot operation at Nellis AFB are vulnerable. They’re going to be attacked as an opening phase to any war with a serious opponent, just like the Taliban demanded al Qaeda eliminate Amed Shah Massoud of the Northern Alliance as a preliminary to 9/11.
This is an unavoidable fact. You can’t look at things as they are and miss it, or deny the implications. Those drone operators are likely already on a list, along with their home addresses, family members, and full activity logs. If someone wants to do so, they’re going to target those operators. I can think of a dozen vulnerabilities that have almost certainly been exploited, what with the OPM breach and social media.
This being the fact, there’s only so many things you can do for threat reduction. One would be to pull all those people into the base, forcing them to live on post behind decent security, as well as monitoring them when off base. Immediate reaction teams would be needed, and you’d need to keep an eye on all of them and their family members for signs of coercion and/or blackmail.
Alternatively, you could move the entire operation away from Nellis, which is adjacent to Las Vegas, and put it somewhere more easily secured–Like, Mountain Home AFB in Idaho. Las Vegas is a sad joke, for security–How the hell would you separate either al Qaeda or Chinese nationals come to eliminate drone crews from tourists and gamblers? In a community like Mountain Home, such would stick out like sore thumbs, making it a lot harder to attack US assets.
Another thing that could be done would be to up-armor the drone operators and family members, teaching them how to identify attacks, effectively defend themselves, and create opportunities for the immediate reaction teams to intervene. As well, you’d need immediate reaction teams ready to go, at all times.
If you put me in charge of securing that program, and I could not convince anyone to actually move the whole mess somewhere defensible, my next course of action would be to implement a massive “Q-Ship” program, seeding false drone crew identities across social media and the OPM database. Such identities would indicate vulnerable parties who were anything but; actually being heavily armed and highly trained operatives who were ready and waiting for attacks, with the intent of them being tripwires and lethal traps for the attackers. Have the attackers hit a few targets that are prepared to defend themselves effectively, and odds are pretty good that they’re at least going to be distracted and thrown off of their games enough to disrupt their plans.
That’s about the only way forward, that I can see. We need to get used to operating in a totally open environment, one where there is no security and no real front lines or compartmentalization. War can come at any time and at any location; you’re no more “safe” at home with the wife and kids than you are when you’re “outside the wire” overseas in a mass of little brown people.
That’s the mentality that we need to take up and inculcate in everyone. Self-defense is the only option, and you have to be ready to kill your attackers at any time, in any venue, and under any conditions. So too the wife and kids, because they’re going to be attacked in order to get at you, or become collateral damage on the way to putting you out of action.
“The more basic problem is: “social media” isn’t. Look at what it IS, what it DOES, not what it calls itself. It’s not about talking to friends and family. It’s a global-scale propaganda platform. You put something on a computer network, including a comment like this one I’m writing now, you must assume and expect that every single person in the world, including psychopathically evil individuals who have it in for you personally, are going to see it. And you need to think about what they can do with it.
People who post photos of their kids on the internet are out of their goddamned minds.”
This is an aspect of social media that people completely miss, and one reason I’m not a participant.
At some point in the future, processing power and memory are going to be dirt cheap; everything you’ve ever posted online or posted in any format from text messaging to posts like this one are going to be available and usable for data mining. Everything.
What this implies is that you’re going to be evaluated for everything you’ve ever said or posted is going to be in a real “permanent record” that’s going to be usable by nearly anyone with the money to pay for the work, which won’t be that expensive given the nature of things.
Your potential employers are going to be able to do deep data dives on you, your background, and everything even remotely attributable to you. And, you’re not likely to even know what the hell they’re holding against you, when they turn you down.
It may well be that the algorithm has turned up things you don’t even know about, like a correlation between childhood toys shown in Christmas pictures your mom put up on social media and employee misconduct. Maybe there’s a statistical significant relationship between little boys who played with Transformers and their employers later being sued for sexual harassment. The data dives may turn up relationships that don’t even make logical sense, but which are still there. If the algorithm looks at employees who have deleterious personnel records, and then look at you and find matches…? Yeah.
There is stuff with this that nobody ever thinks about–The data and the algorithms we have now are nothing like the ones we’ll have in the future. Things are going to turn up, and the only way to avoid the repercussions is to have the minimum footprint possible.
Of course, on the other hand, if you’ve got nothing to evaluate, then you’ll likely be just as un-employable.
This is one of those things that’s going to happen, and it’s just a question of how it gets worked out. Right now, it’s not illegal for you not to participate in “social media”. With things like the Chinese “social credit” concept, that may not last.
Kirk,
They only learn by suffering.
Then those who suffer rotate away or leave the service, and the cycle of ignorance to suffering begins again.
Ask a combat vet about trying to tell green leaders, which is the majority, anything. Mockery and resentment.
As for our precious officers to commission based on college in a society of mass literacy and an army of 100% literacy is archaic, obsolete madness.
We will have military reform when the Pentagon is burning and the survivors are kneeling as prisoners in the parking lot, not one moment before.
To be fair the Officer corps including the Generals have no real power, that lies with our precious civilian and nearly all unelected war profiteering never served Elites. See the Kagans, or Nuland [same] or Ms Slaughter, or Michelle Flournoy.
Or yes Jack Keane.
We haven’t had a General since MacArthur, and they saw what happened to him. Should one elude the process of elimination he may get one bite at the apple then will be destroyed. See Petreaus, Ham, Mcchrystal, others.
all the benefits of the internet and social media,
Yeah???? I think not. I believe that probably 90% of our issues go away with the removal of post 1995 (ish) internet and social media has no benefits. (none, it’s a parasite). OH sure, we have access to all the information in the world (that isn’t censored)………but innovation has completely stopped, the culture has totally died and the insane have taken over. And while pen and paper aren’t secure, it takes a lot of work to steal millions of files of paper. It takes 30 seconds for computers. NO security, no value, total destruction of the culture that created it. No, I think that removal the internet is going to be required to move forward to a better place.
“What this means, long-term, is that OPSEC is a joke.”
Nobody, but *nobody*, wants to admit that.
Let’s say you have an operation against some third-world shithole country or a raggedy group of terrorists. Chances are they wouldn’t be getting feisty if they didn’t have financial backing from somewhere.
They can *buy* real-time satellite imagery. There are a dozen companies leasing satellite time, and some with their own satellites. Cheap enough for small-town bureaucrats to use for code enforcement.
They can *buy* drones; the usual quadrotor-with-camera, and there have been big model airplanes found out in the field with cellular downlinks. You’re talking Toys’R'Us, not Area 51… but cheap, disposable, and, really, nobody is *looking* for a 4-foot-wingspan model airplane up there.
They can buy, quite legitimately from places like Amazon, “spy” and hidden surveillance equipment that will work just as well as whatever the NSA does. From shady online sources, they can get Stingray boxes to intercept all cellular communications, modern blue boxes to listen to the land lines, and off-the-shelf scanners to listen to any unencrypted radios.
They can hire, from very shady but quite available sources, people who will try to break through whatever pathetic “security” your hastily-deployed network infrastructure has. As the very least they have traffic sigint; more likely, they will have everything.
I see PR reports from “Cyber Command” that, granted both their leaders and PR people are likely clueless and I’ll even give them credit for disinformation, but it looks like they’re slooowly building an organization that would be start of the art… for the 1990s.
Real-world military security? The USAF’s drone operation center in Oklahoma, that got taken down by “a computer virus.” Took weeks to get it back up. Then down for more weeks. Then back up. Then back down… what kind of idiot would put a weapon system on the internet? Now you know…
“As for our precious officers to commission based on college in a society of mass literacy and an army of 100% literacy is archaic, obsolete madness.”
True, but not even Stalin could stamp that out. The whole freakin’ Red Army walked out until he backed off on the “flat command structure” thing.
Same kind of pecking order BS that led the Sandhurst crowd to pull a sit-down strike in WWII when they found Churchill was going to make a Zed a theater commander. Not no, but *hell* no, they weren’t going to take orders from a colonial. Churchill had to back off on that. I never figured out their reasoning since it was okey-dokey to take orders from Americans with the “Joint Command” thing… maybe Americans don’t count as “colonials” any more.