Monday, November 28, 2005


I have been studying the 9/11 along with the 3/11 Madrid trains attack terrorist networks. (Great insight from Daniel Benjamin and Steve Simon in their book The Next Attack). The similarities are there but what's more striking are the differences between these two group of terrorists. Those differences are what's worrisome. These are some of the characteristics that the two terrorist groups shared:

Focus. This focus gets more intense as the operation nears its completion. The closer to the attack the more focused the group becomes. All dissent is shed aside for the mission. For the 9/11 attacks a group of 19 young men was even to operate as a cohesive unit even though they were geographically dispersed and split into four separate sub-groups. For the 3/11 attacks in 2004, the terrorists started building the bombs they were going to detonate the day prior to the attack. Once the bomb-making began they really had no rest, did not sleep, until after the attack. Focus and misguided passion are an imperative of all successful terrorist operations.

Coordinated set of actions. Both the 9/11 and the 3/11 attackers took advantage of the synergistic effect created by multiple attacks occurring within a limited amount of time and in geographically dispersed locations. One of the desired effects is to overwhelm the response systems in place. The US has used this technique successfully, particularly during Desert Storm, where the massive air campaign effectively disrupted the formidable Iraqi air defenses, using parallel attacks. The systems in place (NORAD, FAA, NYPD, FDNY) were also clearly overwhelmed during the 9/11 attacks. Among the civilian population this precisely times attacks also create the impression that the terrorists are everywhere, that the threat is not localized. Even though the 9/11 attacks took place in the east coast, the whole United States was paralyzed for at least a 24-hour period. By coordinating their actions the terrorists appear bigger than they really are. The 11 March 2004 attacks consisted of a series of ten explosions that occurred at the height of the Madrid rush hour aboard four commuter (Cercanias in Spain). Thirteen improvised explosive devices were reported to have been used, all but three of which detonated.

Use of the readily available. Both the 9/11 and 3/11 attacks used existingtechnologiess in novel ways. The terrorists did no spend a dime on R&D. This demonstrates that sometimes what matters is not the weapon, but how you use the weapon. Airline jets and commuter trains are not designed as weapons or delivery vehicles for explosives, yet that's precisely how they were used for theseattackss.

A chain of effects. We are still recovering from the damage cause by 9/11. Thousands of lives ended that day, and may more survivors' lives were disrupted and changed forever. Our economy suffered. The echoes of 9/11 stillpermeatet our involvement in Afghanistan and Iraq. The Madrid Bombings directly affected the Spanish elections and was the tipping point in Spain's decision to pull out of Iraq. These spectacular terrorist attacks have effects over entire nations, over millions of people across continents and the reverberations of the attacks are still felt years after they occurred.

These are some of the similarities between the 9/11 and 3/11 attacks. The differences are more disturbing.

I'll discuss the differences in my next post.

Sunday, November 20, 2005


I have been studying the work done by Valdis Krebs in mapping covert networks using open source data. Krebs has done some outstanding analysis on the terrorist network behind the events of September 11, 2001. According to Krebs’s analysis, the 9/11 terrorist network operated like a project team, like a team of lawyers handling a case, or a team of engineers working on a building. Like a project team, a terrorist network has:

1. Chores to complete. Before an attack there is a series of duties that needs to be completed, this include: securing a place to meet, getting vehicles for transportation, purchasing plane tickets, acquiring train schedules, explosives, weapons, and other logistic and material needs necessary to accomplish the main objective. A terrorist group has to be effective at achieving its main objective, but it must also be able to successfully complete a number of tasks prior to the execution of the main attack.

2. Information to share. The terrorist organization must find an efficient and secure method of distributing information among its members. Security is particularly important for terrorist groups. Terrorist organizations have a wide array of places where they can get information to accomplish their missions, ranging from personal contacts, to open Internet sources. Once in possession of a piece of information the organization must effectively distribute it to the appropriate people within the group. Depending on the character of the terrorist or insurgent network information can spread within the community like an epidemic. Witness how information spreads between the different groups of insurgents in Iraq. At a different level, not all of the nineteen 9/11 hijackers had the same level of knowledge of their mission, nor was the sequence at which they were receiving information equal with the group. The flow of information in a scale-free network like al Qaeda is dynamic though and usually not constrained by the verticality of a hierarchy. At the strategic level, an organization like al Qaeda can spread information and influence terrorists groups sympathetic to their cause using television broadcasts of their messages. At the operational level, in a geographically contiguous area like Iraq the spread of information is epidemic between the different terrorist and insurgent groups operating in the country.

3. Funding to obtain and disburse. Currently, terrorist networks are more likely to be self-funded than state-funded. A terrorist network can be tied to a criminal network for its funding. A financier of terrorism can provide funds for a group based on past successes using innovative means. Terrorism is becoming more and more an entrepreneurial activity.

4. Schedules to meet. Terrorist groups often choose a significant, symbolic date for their spectacular attacks, however, because of their relatively small size, there are inherently flexible and can move, with relative ease, the date of an attack to an earlier of later date than originally planned.

5. An objective to accomplish. A terrorist group sees itself as part of a much larger community. They see the successful completion of their act of terror as part of a total effort.

Sunday, November 06, 2005

Terror and Circumstance

Fighting in Iraq is not a necessary correction of mistakes of the past. The Bush administration's decision to use military force in Afghanistan and Iraq was made in a historical context and under different circumstances from those of previous adminstrations. Many factors counted in the current admintration's decisions, the attacks of 9/11 being the dominant one. Since the Nixon administration, decades before the 9/11 attacks, there's been constant debate over the appropriate responses to Islamic terrorism. President Nixon formed a counterrorism panel in response to the terrorist attacks at the 1972 Olympic Games in Munich. This panel compiled a threat assessment in 1972 that included "rumors and unconfirmed reports" of a Palestinian terrorist cell operating inside the US and planning spectacular terrorist attacks on US soil. That initial treat assessment presaged the vast majority of all counterterrorism reports since then; it is the nature of the business most of this reports are based on "rumors and unconfirmed reports".

That's why is so difficult to act on these reports. What's a rumor and what's actionable intelligence? Unfortunately, we can't act everywhere and be strong everywhere. And we can't act on every "unconfirmed report". That's why the US military actions in Afghanistan and Iraq were only possible after the attacks of 9/11. What kind of support would President Bush (or Clinton) would have been able to garner for a large-scale attack against either one of these countires before 9/11? Probably not a lot. Domestically, imagine how the airlines would have reacted if forced to pay for the security improvements they pay for now, before 9/11.

Now, to move from this "rumors" paradigm we must get to know better our adversaries. How they operate. We need to understand how the terrorists think. We can start by understanding that not all terrorists are crazy fanatics. Were all the Nazis and Japanese that we had to fight during World War II fanatics? How about the communists we fought during the Cold War? No, and no. We must understand terrorism beyond the pychological perspective and begin understanding terrorism from an operational perspective. We beat the Nazis and the Japanese, not because we dismissed them as crazies, but because we closely examined their operational concepts and came up with ways to fight them effectively. Part of the reason why we lost in Vietnam is because we did not understand the enemy, and mischaracterized the conflict. In order to win, we must understand the enemy, and understand the character of the war we are fighting. It also helps to know who are main enemy is. Today, our main enemy is a worldwide network of Islamic jihadists.

Questions: How do the terrorists see the world? How do they see war? What is their strategy? How do they carry out their strategic goals? How do they pick and chose which operations will get a green light, which ones they will put on hold, and which ones are not to be considered. The terrorist can't attack everywhere and they can't be strong everywhere.

I'll expand on this later. I found this really good article that asks the question,
can Al Qaeda endure beyond Bin Laden? My answer: yes. Read the article to see the author's answer. Hint, as with all enterprises, is all about leadership.

Thursday, November 03, 2005

Challenge: Beyond Detection

Challenge for US airpower in the current conflicts in Iraq and Afghanistan, and for possible scenarios in North Korea, Iran, and other countries in which we might be involved: the enemy will hide yes...But more importantly, the enemy will run. Constantly. SCUD missiles launchers will not stay put. Neither will troops or mobile surface-to-air missiles. Ground units will probably practice dispersed warfare; they will be scattered, running, and hiding across the battlespace. If they are smart they'll rarely (if ever) mass in large formations.

Our adversaries will try to hinder our detection and identification capabilities. No matter how accurate your smart bombs are, you can't strike what you can't find. Even if we find the prospective targets, from the air, the enemy might be indistinguishable from civilian noncombatants. The enemy might be intermixed with civilian noncombatants so that even if he is found our decision to strike him will be colored by collateral damage concerns. The challenge: to distinguish friend from foe; dummy equipment from operating equipment; combatant from noncombatant.

Wednesday, November 02, 2005

Urban Warfare Paradigm Shift

In the planning for the first US large-scale Fallujah incursion, Operation Vigilant Resolve, the Marines had a list that included of dozens of targets that, based on intelligence, were candidates to be struck using airpower or kinetic means, meaning aerial bombardment. The targets themselves were a collection of buildings spread all over Fallujah, somewhat concentrated on the northwest side of the city, the Jolan district. The thing is, the real targets were not the buildings themselves but the people that potentially could be inside the buildings, namely groups of insurgents using the structures as "barracks" or improvised command and control nodes or prepared firing positions. Destroying the buildings themselves was not going to achieve the desired effects if the individuals in question were not inside the buildings at the time of the strike.

So, we could have set a time to send strike aircraft and destroy all the buildings in one day...and achieve nothing beyond the demolition of a series of building. Now, US forces had information that, at some point, it was likely that insurgents would be inside one of these buildings, the rest of the time we did not know where these guys were. There were dozens and dozens of building with insurgents inside about which we did not know anything. Basically, we had to wait until the insurgents arrived at the targeted facilities that we knew about and then hurry up and strike before they leave. To accomplish this you are going to need a great deal of persistent surveillance on the facilities that we do know about, and that could possibly, at some point, be visited by a group of insurgents or by insurgent leadership.

During World War II airpower us used to attack entire cities: Stalingrad, Cologne, London, Dresden, Tokyo, etc. By the time of the Vietnam War, airpower was attacking areas and facilities. During the Gulf War, and other conflicts during the 90s, it was demonstrated that airpower could go after specific portions of a building. Increasingly, airpower is being used not to target entire cities, or entire facilities, or even portions of a building. Airpower is being (and will probably be in the future) used to target small groups of individuals (less than 20 people) or even particular individuals. So in less than 70 years airpower has gone from going against entire cities to the targeting of single individuals.

This page is powered by Blogger. Isn't yours?