return to ICG Spaces home    ICG Risk Blog    discussions    newsletters    login    

ICG Risk Blog - [ InfoT Public ]

The Warfighter Insurgency: Focus on kinetics, coupled with resistance to stability ops, threatens US success in future war


Kinetics is what the military does. Iraq is a quagmire because kinetics is all we planned for. [Thomas P.M. Barnett]

Unintended consequences of "Go Kinetic"

Army assets cannot satisfy their "other" doctrinal responsibility "to conduct Civil-Military Operations" - which in terms of Iraq is to make any lasting progress in the Siamese twins of counterinsurgency and stability operations - when the last words they hear departing the Joint Readiness Training Command (JRTC) are "Go Kinetic" first, last and always. (Broadly speaking, kinetics are weapons and munitions.)

There is a movement within the US Army called the "Warfighter Insurgency" that continues to espouse a preference for kinetic operations. If US ground assets are unable to perform Post Conflict Stability Operations because they are neither trained in, or believe in, Civil Military Operations, they cannot hope to stabilize Iraq themselves or teach Iraqi assets to do it themselves. (Anecdotal evidence shows marines performing better than the army in this regard.)

I have long felt that good counterinsurgency (COIN) was indistinguishable from post combat operations (PCO), and that the boundary line had much to do with the diminishing K-factor (Kinetics). (Big-K being reserved for Combat Operations while a diminishing-K feathers out through COIN and PCO.) In Best Practices in Counterinsurgency, Sepp defines "Successful and Unsuccessful Counterinsurgency Practices":

  • Successful
    • Emphasis on intelligence.
    • Focus on population, their needs, and security.
    • Secure areas established, expanded.
    • Insurgents isolated from population (population control).
    • Single authority (charismatic/dynamic leader).
    • Effective, pervasive psychological operations (PSYOP) campaigns.
    • Amnesty and rehabilitation for insurgents.
    • Police in lead; military supporting.
    • Police force expanded, diversified.
    • Conventional military forces reoriented for counterinsurgency.
    • Special Forces, advisers embedded with indigenous forces.
    • Insurgent sanctuaries denied.
  • Unsuccessful
    • Primacy of military direction of counterinsurgency.
    • Priority to "kill-capture" enemy, not on engaging population.
    • Battalion-size operations as the norm.
    • Military units concentrated on large bases for protection.
    • Special Forces focused on raiding.
    • Adviser effort a low priority in personnel assignment.
    • Building, training indigenous army in image of U.S. Army.
    • Peacetime government processes.
    • Open borders, airspace, coastlines.

The observations of a colleague, Stephen Henthorne, a Post Conflict Stability and Humanitarian Assistance expert, on the warfighters' prioritization for successful counterinsurgency ops virtually insure our failure in Iraq or any future combat theater that demands solutions other than massive applications of firepower:

[The] ground truth remains that the "Warfighters," that control the bulk of the Army, decided shortly after 9-11 to rearrange the categories [to] look like the following":

  • Successful K Counterinsurgency Practices.
    • Primacy of military direction of counterinsurgency.
    • Emphasis on intelligence, IO. EBO [Effects-based Operations] to better target, kill-capture the enemy.
    • Effective, pervasive psychological operations (PSYOP) campaigns, but only to assist Intel gain.
    • Priority to "kill-capture" enemy, not on engaging population except when necessary to gain Intel.
    • Battalion-size operations as the norm.
    • Military units concentrated on large bases for protection.
    • Special Forces focused on raiding.
    • Adviser effort a low priority in personnel assignment.
    • Building, training indigenous army in image of U.S. Army, but only in kinetic ops.
    • No concern about Peacetime government processes.
    • Open borders, airspace, coastlines only if beneficial to the kinetic mission.
    • Military in lead; Police supporting, but minimized.
    • The Warrior ethos perpetuated and passed on to the native units being trained.

The only forces in the middle East that seem to be conducting successful combat and stability ops at present are the enemy...

[The] actual ground truth [is] that the C2, if not the entire Army planning process is broken. This has serious consequences for not only the conflicts we are in now--but future conflicts as well. [personal emails]

UK leads the US in stabilization ops

Warfighters, please pay attention; even the machismo Columbians are attempting Stability Operations and Civil Military Affairs in FARC country while New York City reduces gang violence with social resources. Surely you can do far better. The RUSI Land Warfare Conference on 5 June, 2007 in London illustrated the breadth of opinion between the US and other attendees on stability:

Present and speaking on Day 1 were --in order---Gen Dannett UK CGS, Gen. Wallace, French, German, Italian, Canadian and Swedish CGS or Deputies. They all addressed Stability Ops except Gen. Wallace [CG United States Army Training and Doctrine Command (TRADOC)], who listed it as a number 7 priority on one of his ending slides. [personal email]

Here the head of the UK's Post-Conflict Reconstruction Unit, Richard Teuten, defined Stabilization and Post-Conflict Reconstruction for the British:

In both [Basra and Helmand], the international community is seeking to establish stability in a country emerging from a violent conflict, where the state is unable to deliver its basic responsibilities, and is faced by widespread armed opposition that requires the presence of an international peace enforcement force. "Stabilisation" is a more appropriate description. I mean by this, "the process by which underlying tensions that might lead to resurgence in violence and a break-down in law and order are managed and reduced, whilst efforts are made to support the preconditions for successful longer-term development". Whilst there is no internationally agreed definition, this interpretation is equivalent to the term "stabilisation and transformation" used jointly by the UN and World Bank in their Post-Conflict Needs Assessment, and "stabilisation, security, transition and reconstruction used by the US Government. [Directive 3000.05]

Stabilisation operations combine military, political and development actions. Military intervention seeks to assist in the disarmament and demobilisation of armed opposition, to start the process of building effective security forces and to provide the security needed for the efforts of other actors. Political engagement, both internally and externally, seeks to ensure that there is a workable inclusive settlement that addresses the underlying causes of conflict and promotes reconciliation. Capacity building support seeks to enable the government to extend its authority. This means laying the foundations for the rule of law and basic economic governance. It also means putting in place the building blocks for sustainable development through supporting basic infrastructure and service delivery, and a framework for the private sector. Underpinning all these must be effective strategic communication, both in the country concerned and at home, to avoid unrealistic expectations and sustain support. All these lines of operation are, of course, interdependent. As in the oft cited analogy, the intertwined strands of a piece of rope are stronger than the individual strands themselves. We can only win by taking a comprehensive approach.

From an exchange between myself and Henthorne:

I have found 1992 General Officer (GO) traffic on areas needing focus and there was stability ops front and center. I began to wonder if this was like the RUSI presentation where stability ops were seventh on the list but that the presenter was not bought in. Once thrown away as part of the Viet Nam debacle, did it become the perpetual bridesmaid, always in the picture but never receiving central focus?"

Absolutely spot on. Never in Central Focus, and later--never felt to be Warrior like. Many of the key GOs today are old Armor Officers whose hearts and minds are still waiting for that last big Fulda Gap battle. For at least a decade they were trained for nothing else.

I think but I cannot prove (or have not researched enough) that the general military dislike for Spec Ops that rose against Kennedy's creation of the Special Forces has never really gone away. It is a nagging feeling but do not yet have the proof in hand. Your comments on COIN being seen as part of a failed enterprise was interesting.

Absolutely spot on again. Things got worse when Spec Ops became an independent entity within the Army, and then was seen to basically run the Army when Gen. Schoomaker was brought out of retirement to be CAS. The regular Army has always resented the Spec Ops side. That's why the Black Beret was taken away from the Rangers and issued Army wide. The silent message being "The whole Army is Elite." This remains the really hidden conflict within the Army--Spec Ops Vs. Everyone Else.

I sometimes wonder if the shift the COIN/Stability is seen by regular army as making them into the very model that they spent so many years attempting to dismantle.

Absolutely spot on again. Three home runs in one e-mail…. The Army is in crisis, very serious crisis. How it weather's this crisis will determine this nation's national security in the future. [The] bright hope for this country is the USMC, Navy and Air Force. All who have the desire to do it right, just lacking the manpower and money. [personal email]

It is especially sad to read the GAO's recent Actions Needed to Improve DOD's Stability Operations Approach and Enhance Interagency Planning. Having participated in responses to GAO reports, I know that you have to read the interim responses of affected units to GAO recommendations as well as the report itself. The analysis and recommendations completely miss the central failure that there is resistance within the army to genuinely integrate and adopt stability operations.

It is my understanding from conversations with other colleagues that Wallace returned from London chastened and for the moment possessed of a new attention to Stability Ops. Henthorne's comment would appear to bear that out:

[Wallace] drafted "Training and Development Command Tasking Order IN501709," dated 15 June, 2007, and currently marked [FOUO]… General Wallace returned from London recognizing that "there is a recognized need to provide the Geographical Combatant Commanders (GCCs) with flexible, scalable, tailorable forces and cadres of theater specialists that have language, cultural, social, operational and historical acumen that can be tapped for building partnership capacity, in crisis, and for planning and execution of deliberate operations. These organizations will serve to establish, engage in, reinforce, and ensure the functions of building partnership capacity and aiding in the establishment of persistent security. They will also serve to assist Genera Purpose Forces in performing tasks previously in the sole realm of Special Operations Forces in the past. Personnel involved with the missions inherent to these types of organizations and functions must understand the cultural, historical, political, religious, and language aspects of the diverse societies in which our Soldiers and other Service members or citizens will potentially operate."

What he is referring to here is reforming the current Civil-Affairs units, presently conducting Civil-Military Operations, into "Future Theater Military Advisory and Assistance Group (TMAAG-F);" and he has tasked his subordinate commanders to seriously study the concept, and come up with courses of action for his approval no later than 01 December, 2007.

These studies are "to address the feasibility of establishing organizations assigned to each Geographic Combatant Commander that will coordinate, conduct, support, and sustain initial and steady-state security assistance, and building partnership capacity operations. This organization, called a Future Theater Military Advisory and Assistance Group (TMAAG-F), would ensure the availability and readiness of all military service assets required to support these missions; like foreign area officers or specialists; Individual Ready Reserve Soldier specialists; or military doctors, nurses, dentists, or veterinarians); or inter-agency or contract specialists like Foreign Service Officers, economists, agricultural specialists, law enforcement specialists, telecommunications or information technology specialists, firefighters, major construction specialists, or business developers."… [personal email]

Henthorne and I agree that Wallace's plan appears to rename and enhance Civil Affairs and Psychological Operations to perform the role that they should be doing today. Henthorne and I have long memories; There is a vague resemblance of Military Assistance and Advisory Group, Vietnam (MACV), and before that the Military Assistance and Advisory Group, Indochina (MAAG-Indochina) to the Future Theater Military Advisory and Assistance Group (TMAAG-F). Henthorne believes that "all roads still lead to the Fulda Gap somewhere in this process." [personal email]

Trying to remake the army; lone voices

With the hindsight of thirty years of Civil-Military Operations (CMO), Henthorne addressed an excruciatingly detailed 2004 critique of the Army’s ability "to conduct long-term stability/civil-military operations" to then CAS Peter Schoomaker. Its salient point was that Schoomaker's goal to "make an all out effort to improve [the Army's] capacity to conduct Stability/Civil-Military Operations, and to bring the Army into compliance with [SecDef's instruction to] adjust their doctrine, organizations, training, and exercise plans to ensure that U.S. forces develop a core competency in stability operations capabilities," was, however "laudable and truly necessary," "doomed to failure; at least in our lifetime":

You might well say that such training is currently being conducted at our various national training centers, the NTC/JRTC, around the country. Unfortunately, setting aside the fact that neither the quality, nor quantity, of that type of training is really happening, there are three main reasons why the current initiative to ensure that U.S. Forces, in this case the U.S. Army, develop a core competency in stability operations capabilities will fail, as it has failed repeatedly through at least the last three administrations, i.e.:

  1. The inability, or unwillingness, of the maneuver leadership of the U.S. Army to truly embrace Stability/Civil-Military Operations as the major military mission of the 21st. Century.
  2. The fog of tons of conflicting doctrine which increasingly bogs the U.S. Army down.
  3. The fact that the training system of the U.S. Army is seriously divided, diverted, and just plain broken; especially at our national training centers (CTCs).

Henthorne's primary point is that:

[We] are not winning the Peace in Iraq because we are not training to do that task, as a result we can't stabilize Iraq, nor can we train the Iraqis to do it either. This lack of training is due to a "Warfighter Insurgency" within the US Army, which still espouses, although subtle, kinetic operations as their preferred method… Finally, truly no one is listening."...

"Warfighter Insurgency"… is an insurgency against the expressed mandate of [DOD Directive] 3000.5 to enhance [the] Army's ability to conduct post conflict stability ops, it is done with malice a forethought, in secret where possible, and with the intent to maintain the Army's kinetic mission as paramount… [Henthorne amply describes warfighter insurgency in this Petraeus draft]

[It] is possible for the Army to successfully transition to Phase 4 Operations [post combat operations], if properly trained, and the operation properly planned. The "Warfighter Insurgency" is preventing that from happening. [personal emails]

The upshot is that we are getting soldiers killed needlessly. Henthorne has redefined victory appropriate to a 4GW environment, whereas the majority of US forces are still being trained to fight a 3GW effort. As shown in Iraq, when warfighters carry those 3GW tools and mindset into a 4GW environment, they get manhandled. If warfighters were executing a 4GW effort they could more easily and safely perform their primary combat mission while reasonably having more resources for noncombat operations.

Henthorne's assessment to Schoomaker is the best statement of the Stability Operations problem that I have seen to date; I recommend it without reservation, along with his May 2007 reply to Petraeus describing current conditions at the Brigade Combat Team (BCT) level, to those who want to understand what needs to be fixed in order to address future wars, not to mention improving the diplomatic maneuver of the US. Yes, it is monstrously hard to configure an entire army to deal with both 3GW and 4GW threats simultaneously. It is even more difficult when a political elite is attempting to preserve itself at the expense of said military by pushing them into the fray. Unfortunately, the Chinese and Russians are listening as are the 4GW insurgents.

Today's inability to deal with Iraq, or Afghanistan for that matter, by kinetics alone has a long history of institutional resistance. From Paul Yingling's A failure in generalship:

America's defeat in Vietnam is the most egregious failure in the history of American arms. [The jury on Iraq is still out.] America's general officer corps refused to prepare the Army to fight unconventional wars, despite ample indications that such preparations were in order. Having failed to prepare for such wars, America's generals sent our forces into battle without a coherent plan for victory. Unprepared for war and lacking a coherent strategy, America lost the war and the lives of more than 58,000 service members.

Following World War II, there were ample indicators that America's enemies would turn to insurgency to negate our advantages in firepower and mobility. The French experiences in Indochina and Algeria offered object lessons to Western armies facing unconventional foes... In 1961, President Kennedy warned of "another type of war, new in its intensity, ancient in its origin — war by guerrillas, subversives, insurgents, assassins, war by ambush instead of by combat, by infiltration instead of aggression, seeking victory by evading and exhausting the enemy instead of engaging him."

Despite the experience of their allies and the urging of their president, America's generals failed to prepare their forces for counterinsurgency... the Army viewed the conflict in Vietnam in conventional terms... While the Army made minor organizational adjustments at the urging of the president, the generals clung to what Andrew Krepinevich has called "the Army concept," a vision of warfare focused on the destruction of the enemy's forces.

Having failed to visualize accurately the conditions of combat in Vietnam, America's generals prosecuted the war in conventional terms. The U.S. military embarked on a graduated attrition strategy intended to compel North Vietnam to accept a negotiated peace... America's generals not only failed to develop a strategy for victory in Vietnam, but also remained largely silent while the strategy developed by civilian politicians led to defeat.

As the Iron Majors sought to rebuild a disgraced force to best a Soviet adversary, they built an army that forgot the lessons of Viet Nam as those lessons would not apply to a Soviet threat. The analogy I use is rods and cones, as in the black/white and color vision receptors of the human eye. The iron majors built a superb force tuned only to rods to better see their Soviet counterpart (and all established forces look for an opposing peer rather than a difficult to identify asymmetric). Deprived of cones, they do not see, cannot see, the colored nuances of COIN/PCO/Stability. In other words, their sensor network is partially blinded, their feedback loop see PCO/Stability as bad/erroneous data as opposed to merely different data, and their processor logic does not assign equal weight to anything akin to PCO/Stability ops.

Henthorne's response:

Great analogy, with one tiny missing part. the Army just didn't forget the lessons learned in Vietnam, they made a concentrated effort to throw the baby out with the bathwater. The mindset was "Vietnam was a defeat, therefore everything related to Vietnam was bad ju ju, and should be cast out. We had good stability ops programs in Vietnam--and other programs of value--but they were considered part of a failed strategy.

The Iron Curtain had really been in existence since March 5, 1946, and planning for confrontation with Russia had been ongoing since as early as 1920. However I like your Rods and Cones because after Vietnam the Army had only the Fulda Gap and Russia to prepare for----or so they thought. [personal email]

The long tail of Fulda Gap

Fulda Gap and the Wetterau Corridor describes the shortest route from the former DDR to Frankfurt and the Rhine River. Just as it was the path of the US Third Army "from its Rhine bridgehead near Frankfurt onward to Leipzig and the heart of Germany," it was assumed to be the preferred Soviet/Warsaw Pact transit in reverse in the event of a US/NATO/Soviet encounter. (The North German Plain alternate "is traversed by two major rivers and a maze of shipping canals with steep banks… is about twice as long as the Fulda Gap and... reaches the Rhine where it is about twice as wide as in the Frankfurt - Wiesbaden sector.")

Fulda Gap "was in broad use all the way up to NATO" by 1980. I submit that Fulda still captivates much of US military thinking today, notably in the General Officer (GO) ranks whereas many sergeants, lieutenants and captains are now shaped by Iraq:

[The] Fulda Gap scenario was not as much about fighting in the Fulda Gap as it was about providing a model for fighting a significant modern armored threat on short notice in a mature theater. U.S. forces were forward deployed with little or no asymmetric threat. At a strategic level, the intent was to deter attack and if attacked, successfully defend while being prepared to escalate to tactical nuclear or strategic nuclear warfare. During the Cold War, the Army trained other scenarios, but the Fulda Gap scenario represented the clear priority for training the heavy force. The National Training Center and professional development courses used the Fulda Gap template adapted to local terrain to train. The Gulf War, in many ways, conformed to the Fulda Gap scenario.

Fulda Gap's long tail was evident in 2003, when the likelihood of a massed Russian tank attack against the west was moot, TRADOC could still describe the new primary planning scenario, Caspian Sea, as "the next most dangerous situation" facing the US: 

The Caspian Sea scenario is not about fighting in the Caspian Sea area, but is all about the next most dangerous situation U.S. forces are likely to face. In many ways, it follows the 1950-53 Korean War scenario. Country A (South Korea) is attacked by Country B (North Korea). The U.S. comes to the assistance of Country A. The thrust of the scenario is how does the U.S. enter the battle area and build-up sufficient forces to achieve its national goals. The scenario is further complicated by Country C (China), which threatens to enter the conflict, especially during the buildup phase when the U.S. is most vulnerable.

The Korean scenario provides national decisionmakers with significant geopolitical issues. The situation becomes more complicated when adding an asymmetric threat like we saw during Vietnam. The Caspian Sea scenario is about getting credible force into the area of operations and deterring aggression by Country C. In the scenario, the arrival of U.S. heavy forces represents endgame. At this point, we dominate the battlefield. After heavy forces arrive in the area, they must be prepared to conduct combat operations against the heavy threat presented by Country C while providing self-protection against an asymmetric threat that specifically targets U.S. vulnerabilities.

The failure of warfighter kinetics in complex political-military operations

Kinetics (weapons and their munitions) are increasingly insufficient to address and satisfactorily conclude combat operations without blowback and sever unintended consequences:

Most of the generals and politicians did not think through the consequences of compelling American soldiers with no knowledge of Arabic or Arab culture to implement intrusive measures inside an Islamic society. We arrested people in front of their families, dragging them away in handcuffs with bags over their heads, and then provided no information to the families of those we incarcerated. In the end, our soldiers killed, maimed and incarcerated thousands of Arabs, 90 percent of whom were not the enemy. But they are now. [Douglas Macgregor]...

Analysis begins by determining why our forces in Iraq are ill equipped. One senior government official faults the Cold War and an opponent that was easy to find but hard to kill. That resultant preference for platforms and weapons still drives the defense budget. Regrettably, this priority on kinetics caused a reduction in funds for technologies and tactics essential to "find and fix" an elusive adversary.

Experience in Iraq and Afghanistan has turned that force model on its head. Adversaries in this asymmetric conflict are easy to kill—a single 19-cent bullet is sufficient, noted one senior military officer—but insurgents who meld into the population are hard to find and even harder to keep fixed until engaged [Alan D. Campen]...

And from the superb 2004 Fourth Generation Warfare & OODA Loop Implications of The Iraqi Insurgency previously cited in this weblog. (See CENTCOM Indications & Warning (I&W) validate Iraqi civil war: Indications without limit but warning politically ignored and Indications and Warning (I&W):

Iraqi insurgents have an affinity for dense urban terrain and populations offering enhanced media opportunities. Areas we must address are:

  • Separating insurgents, especially in cyberspace via media, from the population that provides passive and active support
  • Trumping insurgents’ media exposure
  • Influencing the population against the insurgents
  • Coordinating counterinsurgency actions over a wide area and for a long time

The above require an extremely capable intelligence infrastructure and strategic communications. Both are key in getting beyond just kinetics. There must be an investment in human resources, IO, cultural intelligence, and strategic communications...

Kinetics attract attention … media centric events
Potential for collateral damage and media exploitation always present, especially in urban areas even with precision strikes.
Kinetic effects compounded by collateral damage or appearance thereof, tends to underwrite and/ or license further violence against "occupying" forces … kinetics include torture and other abuses...

While important, there is frequently fixation with the physical or kinetic level of war—to the virtual exclusion of the more powerful mental & moral levels.
What we do at the physical or kinetic level can work against us at the mental & moral levels.
At the mental level, there needs to be a more effective use of IO. Of the moral level of war, which John Boyd argued is the most powerful level, there remains little appreciation of its power. In fourth generation war what wins at the physical level tends to lead to defeat at the moral level...

Integrate all aspects of political, economic, military power, to act (not react) intelligently.
Share combat information and intelligence more effectively.
IO: War of ideas … battle for the mind
Recognize the moral-mental aspects of Iraqi War.
Integrate kinetics with nonkinetic at all levels.
De-escalation vs. escalation with regards to kinetics
High tempo of mind numbing actions; force the insurgents to react!

Ignored, the monomaniacal focus on kinetics that resulted in the speedy initial fall of Baghdad turned into the proverbial tar baby:

[All] of the Iraqis we had worked with said: "Number one: civil order and security. Number two: power restoration. Number three: jobs." They sang that particular song day in and day out for months. From the time that we even got close to the border with Iraq, they said, "Those are your top three priorities." If you address those early on; in other words, you arrive with a civil order, new rules of engagement, psy-ops teams driving down the street, speaking Arabic, saying: "Go back to your homes. Police, stay on duty. If you are seen on the streets and are carrying a weapon, you will be shot. If you loot or commit acts of criminality, you will be shot."

But for whatever reason, that didn't happen. The generals did not plan any of that. And I think that it might be useful to ask them why they didn't. But to say that they didn't because they weren't told to do it doesn't resonate strongly with me. ... If you look at counterinsurgencies, counterinsurgencies are successfully dealt with when you make it very clear that you are not there to conquer; you are not there to occupy. What you really want to do is create conditions of stability and order. To do that, you need the support of the population. That means that they need to look to their police; they need to look to their military. But you can provide the invincible fist that is behind them...

Ultimately, we ended [up] behaving, I'm afraid, a lot like the British soldiers in Ulster in the early1970s, where they incarcerated thousands of Irish Catholics without trial, held them for long periods. And about the only thing that the British army managed to do in the early '70s when they intervened in Ulster was to recruit for the IRA [Irish Republican Army]. In the Arab world, you shoot one person, you've now alienated a hundred people in the man's family and tribe. If shoot several, if you injure several, if you incarcerate several, you run terrible risks of alienating large numbers of people. Now, some would argue we didn't have any choice. I'm not sure that's true. We were trying, we thought, to deal with an insurgency effectively, and I think what we did is make it worse. We incarcerated, it's estimated, over 46,000 people. And it's been made clear that less 10 percent of that number is really guilty of anything that justified incarceration. And in the meantime, their families were told nothing. Imagine the consequences in our country for that kind of behavior. [Douglas Macgregor]...

Iraq: Where are we now?

Deprived of appropriate doctrine, the training to use it and the force structure to implement it, too many US commanders are left in the position that Zinni identified in 2003:

On one hand, you have to shoot and kill somebody; on the other hand, you have to feed somebody. On the other hand, you have to build an economy, restructure the infrastructure, build the political system. And there's some poor lieutenant colonel, colonel, brigadier general down there, stuck in some province with all that saddled onto him, with NGOs [nongovernmental organizations] and political wannabes running around, with factions and a culture he doesn't understand. These are now culture wars that we're involved in. We don't understand that culture.

The warfighter focus on Soviet era Fulda Gap kinetics to the exclusion of low-no kinetic approaches has left us unable to compete in modern unconventional war:

Despite paying lip service to "transformation" throughout the 1990s, America's armed forces failed to change in significant ways after the end of the 1991 Persian Gulf War… The armed forces fought the global war on terrorism for the first five years with a counterinsurgency doctrine last revised in the Reagan administration. Despite engaging in numerous stability operations throughout the 1990s, the armed forces did little to bolster their capabilities for civic reconstruction and security force development. Procurement priorities during the 1990s followed the Cold War model, with significant funding devoted to new fighter aircraft and artillery systems. The most commonly used tactical scenarios in both schools and training centers replicated high-intensity interstate conflict. At the dawn of the 21st century, the U.S. is fighting brutal, adaptive insurgencies in Afghanistan and Iraq, while our armed forces have spent the preceding decade having done little to prepare for such conflicts.

Having spent a decade preparing to fight the wrong war, America's generals then miscalculated both the means and ways necessary to succeed in Iraq. The most fundamental military miscalculation in Iraq has been the failure to commit sufficient forces to provide security to Iraq's population… Given the lack of troop strength, not even the most brilliant general could have devised the ways necessary to stabilize post-Saddam Iraq. However, inept planning for postwar Iraq took the crisis caused by a lack of troops and quickly transformed it into a debacle. In 1997, the U.S. Central Command exercise "Desert Crossing" demonstrated that many postwar stabilization tasks would fall to the military. The other branches of the U.S. government lacked sufficient capability to do such work on the scale required in Iraq. Despite these results, CENTCOM accepted the assumption that the State Department would administer postwar Iraq. The military never explained to the president the magnitude of the challenges inherent in stabilizing postwar Iraq.

With a revised but belated counterinsurgency strategy, Petraeus is attempting to recover the gap, but politics, the 'September review,' and the 2008 election may overtake the issue.

Petraeus may be undermined as much from the inside as by external events, by colleagues who feel that they are also doing the right thing. On its face the new Stability Ops plan moving through General Officer review is sound in content but leaves too much discretion in enforcement. Henthorne:

DOD Policy Section says nothing specific about how the Army, or Joint Forces, are to train to conduct and support post conflict ops as a "core competency." Throughout the document the word "Develop" is used almost ten to one to the word "Train(ed)." "Develop" leaves a lot of latitude and both takes time to develop, and gives time to Warfighters to stall. Bottom line there are a lot of "Catch 22's" in this document and it has no enforcement teeth.

My belief of almost five years now remains the same. Unless someone has the authority and balls to say---"You will develop post conflict training, on all levels, according to the following guidelines,", and there are plenty of talented folks who truly know what those guidelines are, and within the following time frame," once again this isn't rocket science--so it truly shouldn't take long at all, this document, like others, will die a slow death executed by the Warfighter insurgency. [private email]

The warfighters' low-kinetics stepchildren: Military Operations Other Than War (MOOTW), Counterinsurgency (COIN) and Stability Operations (SO)

I have long felt that MOOTW, COIN and Stability Ops intersected. (Henthorne has already taken to calling SO "the other side of the COIN" [private correspondence]). COIN and Stability Ops as concluding steps in major war share much with 'standalone' Military Operations Other Than War (MOOTW). Whereas "war encompasses large-scale, sustained combat operations to achieve national objectives or to protect national interests," the focus of MOOTW is to deter war and promote peace. COIN and SO merge with the needs of MOOTW to be "more sensitive to political considerations and often the military may not be the primary player. [While MOOTW principles are an extension of warfighting doctrine] more restrictive rules of engagement and a hierarchy of national objectives are followed":

  1. Direct every military operation towards a clearly defined, decisive and attainable objective.
  2. Unity of effort in every operation ensures all means are directed to a common purpose.
  3. Security is always important and depends on never permitting hostile factions to acquire a military, political, or informational advantage.
  4. MOOTW may require restraint in order to apply appropriate military capabilities prudently.
  5. Perseverance allows for measured, protracted application of military capability in support of strategic aims.
  6. Committed forces must sustain the legitimacy of the operation and the host government, where applicable...

[MOOTW] operations include: arms control; combatting terrorism; Department of Defense support to counterdrug operations; enforcement of sanctions/maritime intercept operations; enforcing exclusion zones; ensuring freedom of navigation and overflight; humanitarian assistance; military support to civil authorities; nation assistance/support to counterinsurgency; noncombatant evacuation operations; peace operations; protection of shipping; recovery operations; show of force operations; strikes and raids; and support to insurgency.

Mental and organizational difficulties in shifting from kinetics to low-no kinetics

MOOTW and Stability Ops, even COIN, share common problems. Taw and Vick write in late 1997:

Typical [MOOTW deployments] are large-scale peace operations that tend to be operationally complex, protracted and politically volatile. Thus, U.S. forces have found themselves in Haiti, Somalia, Bosnia [and] other places to enforce no-fly zones, to protect humanitarian aid workers from bandits, to act as a buffer between previously or potentially warring parties and otherwise to help provide relief to populations in crisis.

Until recently [but I think nothing has fundamentally changed], the Department of Defense (DoD) has argued that [MOOTW] operations are "lesser-included cases" that can be effectively conducted by forces structured and trained for large-scale combat. But MOOTW are qualitatively different from combat operations, [and] the military can no longer ignore the fundamental issues they raise: whether trade-offs may have to be made between readiness for operations other than war and readiness for a major conflict; which services, and within them which types of units, are best suited to such operations; and whether to shift some defense resources away from big wars and toward these traditionally lesser-included cases...

Organizational problems are just the tip of the iceberg. Again, remember this was 1997; How little has changed:

While the organization of the Army maximizes its capabilities for big wars, it is less appropriate for some other kinds of operations. For example, in peace operations and disaster relief efforts, engineering capabilities may be required that are not available at the division level. Rather than reach into higher echelons, the Army's inclination will be to rely on division-level combat engineers who are trained and equipped to tear down obstacles rather than to build infrastructure.

[The] bulk of the Army's support capabilities resides in the reserve components. Without a presidential call-up, the limited capabilities in active-duty units will be augmented only by volunteers, who may show up either in inadequate numbers or in inappropriate mixes of capabilities and specialties. Thus, although civil affairs personnel were plentiful in Somalia (where a formal call-up of reservists was not authorized), they did not represent the most useful combination of skills and languages.

[Even] if the right forces show up in the right place at the right time, there is evidence from recent operations that combat commanders are not sufficiently trained or prepared to employ support and special forces units appropriately.

Henthorne offered a more telling anecdote to my 2005 pair, Civil war within the pentagon; tampering with the ‘tipfid,’ part 1 and part 2:

Of greater significance to me was the fact that the US Army War College Archives in Carlisle, PA., is the largest repository of Post WWII Stability Ops information. Yet no one from DOD, DA the Congress or the White House ever requested any back ground info from those archives. The only effort that was made was a phone call that I took one day from OSD, asking how many military police we used in Post War Germany. When the answer was supplied the OSD response was "Far too many-it smacks of long term commitment, we need to be on our way home in 6 months."

Selling reality in a post-Iraq political-military landscape

Advocates of Stability Ops, COIN and MOOTW would be wise to read the witty 1995 The Selling Of Military Operations Other Than War by a marine, James Jamison, as it is likely that 'the well has been poisoned' for the foreseeable future in securing easy sanctioning of needed COIN, SO and MOOTW operations. Compared to the presumed speed of major war:

Military Operations Other Than War can take years to accomplish. The support of the American people is key to their successful completion. In the past, the selling of those operations to the public, particularly the effort at the national level, has been inadequate… Unlike war, MOOTW rarely generates the national will required to stay engaged in the expenditure of human and monetary resources. The American people have the power to grant patience and persistence to U.S. military forces, who are often the major players in providing presence in the MOOTW area of operations… At the national level, poor presentation of the cost-to-benefit ratio has resulted in the public's lukewarm embrace of MOOTW.

It is clear that Iraq, for example, failed to secure the Three "P's":

Successful MOOTW require presence, persistence, and patience. These so called "three P's," are strongly affected by public opinion. The National Command Authority can order a military presence, but the American people must be sold on the value of the operation for the last two P's, persistence and patience, to be granted. [The] object (end state) of a military operation must be agreed upon prior to the commitment of forces. The value of that objective must then be determined. Next, the costs, both practical and moral, must be calculated and compared to that value. An operation should only be joined if the benefits exceed the costs.

Jamison's PUBLIC RELATIONS PRINCIPLES are as timely and as cautionary as they were in 1995 They should be headed in earnest now:

    • The Government Does Advertise
    • Advertising Is Part of American Life
  • Advertising-based Public Relations Techniques
    • Find the Need and Fill It
    • Positioning the Operation Positively
    • Create the Right Image
    • Be Sensitive to Your Audience
    • Spread Your Story First
    • Know The Product
    • Clear Message By The Right Spokesperson
  • Not All Operations Other Than War Can Be Sold
    • Vacillation Blurs The Message
    • 1,2,3,4, What The Hell Are We MOOTW-ing For?

The Not All Operations Other Than War Can Be Sold section bears careful reading for future MOOTW, COIN and SO efforts.

Warfighters need social scientists

Social scientists can keep warfighters alive just as effectively as body armor. Here are two examples, the first being a virtual demand for Stability Operations:

1. Target compliance is essential, otherwise extraordinary and unexpected brute force is required for victory.

Warfighters - and their political elites - overestimate their kinetic effect. While probability of victory can be indicated by key variables such as Primary Political Objective, Troop Commitment, Local Government Ally, Regime Type, Relative military capabilities, Distance and Time, the "most important factor influencing whether the more powerful nation is successful is whether its strategic objective can be accomplished with brute force alone or requires the cooperation of the adversary."

Defining "foreign military intervention as the foreign deployment of at least 500 combat-ready, regular military troops (ground, air, or naval) with the intent to participate in hostile action against a target government or sub-state group for the purpose of achieving immediate-term political objectives," Sullivan studied the 122 "foreign military intervention by the five major powers, Britain, China, France, the U.S., and the U.S.S.R/Russia, during the period between 1945 and 2001":

[There] is a human tendency to overconfidence that is likely to be a particularly common trait among political leaders and an especially acute problem in crisis decisionmaking. According to [Dominic Johnson], a "fog of hope and wishful thinking" is often present at the initiation of violent conflicts… [Because] one or both sides lack complete information, fully rational leaders could come to different conclusions about the probable outcome of a war between them…

Unfortunately, predicting war outcomes is much more complicated than arriving at an accurate measure of relative military capabilities. In fact, the relative balance of military capabilities is not likely to be the primary source of pre-war uncertainty and even complete information about the distribution of warfighting capacity is unlikely to translate directly into accurate predictions about the cost and outcome of many wars…

States almost always prefer to attain their objectives without having to physically destroy their adversary. [A] state that is strong enough can seize territory, overthrow a foreign regime, or defend an ally’s borders by completely destroying or disarming the target’s armed forces regardless of the strength of the target’s will to resist or its tolerance for costs. In contrast, a state can only achieve coercive objectives if it can gain target compliance.

If a state seeks a change in an adversary’s behavior, rather than the elimination of that adversary, the state must persuade the adversary to comply by manipulating the costs and benefits of compliance versus noncompliance. Just as a prisoner cannot be forcibly compelled to provide intelligence, a regime cannot be physically forced to change its policies toward ethnic minorities within its borders or compelled to stop sponsoring international terrorism. Like the prisoner, the target government must be convinced that compliance is less costly than resistance. When a state seeks to maintain the political authority of its own colonial regime, or that of an ally in a foreign territory, the objective falls somewhere in the middle of the continuum because it has both brute force and coercive components. The state can attempt to erode the insurgent’s capacity to fight, but the population of that territory must eventually be persuaded to withhold or terminate its support for the insurgency because elimination of the insurgent threat is not possible as long as popular support is sufficiently strong.

Sullivan's model "predicted a seven percent chance of success for the Soviets in the 1979 to 1988 war in Afghanistan and a 93 percent chance of success for the U.S. in the 1991 Gulf War." However, in Operation Iraqi freedom (OIF), her model said "that if the population was not supportive of whatever new regime we put in power and the American strategic objective shifted from regime removal to maintaining the authority of a new government, the likelihood of a successful outcome would drop from almost 70 percent to just under 26 percent… with an estimated duration of 10 years."

2. Issues internal to the target greatly affect, or deflect, the forces applied by an external state.

Studying a diverse set of civil wars, including Sri Lanka, El Salvador, Guatemala, Lebanon, Northern Ireland, East Timor and West Papua, Kirschner identified five conditions that "affect security fears and commitment problems in ethnic civil wars, increasing conflict duration" completely independent of actions of an external force such as US troops:

  • Discrimination
  • Historically hostile inter-group relations
  • Atrocities
  • Segregation
  • Distinctiveness of group members

These variables undermine combatants’ belief that their adversary will not renege on a post-war settlement, and in some cases, also create information problems that increase uncertainty about the outcome of peacefully negotiated settlement…

Those focused on Iraq will see the resonance of opposing militias using names, residency, locales, methods of prayer and head gear to identify Sunni from Shia:

[Kirschner's] results indicate that fears deriving from specific patterns of inter-ethnic relations increase commitment problems and make some ethnic wars more difficult to resolve. Specifically, pre-war discrimination against members of the ethnic group rebelling, the distinct identifiability of rebels, and atrocities all substantially increase the length of ethnic civil wars. Discrimination and atrocities exhibit a u-shaped relationship, with very high levels of both variables decreasing conflict duration. However, segregation and past conflict do not affect duration… Case studies also suggest that in some instances, specific forms of discrimination are especially significant, for instance, in resource-rich regions that do not enjoy the wealth of these resources...

Distinct and easily identifiable combatants experience longer wars. However, it is possible that the opposite mechanism operates in some conflicts. In other words, if members of a rebelling ethnic group are indistinguishable from other groups, the war might be longer because their adversaries cannot find them to kill them. In some conflicts where this might be the case, local knowledge could substitute for physical features, language, or religion. For instance, in Sri Lankan riots, Sinhalese thugs have used multiple strategies to target Tamils, including census lists, neighbors’ testimony, ear piercing, and inability to recite Buddhist verses...

The excruciatingly overdue integration of the warfighter and the social scientist

It is increasingly likely that Clausewitz's "fog of war" will be resolved as much or more by psycho-social warfare (controlling if not winning hearts and minds) than by an ability "to see, sense and kill anything that moved about the battlefield." 'Post combat operations' in Iraq have seen "effects-based and net-centric operations" fall short of victory whereas a timely and legitimate human outreach program would have reduced the number of insurgents, sympathizers and enablers, thereby making our targeting networks more effective.

Scales cites Alan Beyerchen's use of "amplifiers" whose effects in war are nonlinear, i.e., that redefine the nature of war rather than merely act as a force multiplier. Operation Iraqi Freedom (OIF) has commenced World War IV in earnest, and we are, at a minimum, doing more poorly than expected:

  • Chemists' war - World War I
  • Physicists' war - World War II
  • Information researchers' war - Cold War or "World War III"
  • Social scientists' war - World War IV

Beyerchen surprises by placing the transformation event "at the end rather than the beginning of an epoch." Using the information war as an example, "the value of net-centrism as an amplifier — a factor that fundamentally shapes the nature of conflict — has passed; its formative influence on the course of war is over. Al-Qaida's success in Iraq simply drives the last nail in its coffin."

See Sidebar: Beyerchen on disruptive innovation (amplification)

Scales defines a very new world, one alien, almost unrecognizable, to today's technology intoxicated military:

World War IV will cause a shift in classical centers of gravity from the will of governments and armies to the perceptions of populations. Victory will be defined more in terms of capturing the psycho-cultural rather than the geographical high ground. Understanding and empathy will be important weapons of war. Soldier conduct will be as important as skill at arms. Culture awareness and the ability to build ties of trust will offer protection to our troops more effectively than body armor. Leaders will seek wisdom and quick but reflective thought rather than operational and planning skills as essential intellectual tools for guaranteeing future victories.

As in all past world wars, clashes of arms will occur. But future combat will be tactical, isolated, precise and most likely geographically remote, unexpected and often terribly brutal and intimate. Strategic success will come not from grand sweeping maneuvers but rather from a stacking of local successes, the sum of which will be a shift in the perceptual advantage the tactical schwerpunkt, the point of decision, will be very difficult to see and especially to predict. As seems to be happening in Iraq, for a time the enemy may well own the psycho-cultural high ground and hold it effectively against American technological dominance. Perceptions and trust are built among people, and people live on the ground. Thus, future wars will be decided principally by ground forces, specifically the Army, Marine Corps, Special Forces and the various reserve formations that support them…

To win World War IV, the military must be culturally knowledgeable enough to thrive in an alien environment. Victory will be defined more in terms of capturing the psycho-cultural rather than the geographical high ground. Understanding and empathy will be important weapons of war…

The evidence [from Iraq] thus far is that we have been intellectually, culturally, sociologically and psychologically unprepared for this kind of war. To me, the bottom line is clear: If the single most important objective for the first three world wars was to make better machines, then surely the fourth world war corollary will be to make better soldiers, more effective humans. To do so, soldiers need improved social science in nine areas:

  • Cultural awareness
  • Building alien armies and alliances
  • Perception shaping as art, not science
  • Inculcate knowledge and teach wisdom
  • Tactical intelligence
  • Psychological and physiological tuning
  • Develop high performing soldiers and small units
  • Leadership and decision-making
  • Intuitive battle command

Bumpy road ahead

Beyerchen's amplifiers do not disappear; they retain influence but diminish over time. The problem is that armies and their contractors tend to spend on these diminishing amplifiers with only marginal gains, while missing the emerging amplifier.

Scales feels that social sciences won't attract much interest as amplifiers "until the military intellectual community acknowledges that virtually all failures in Afghanistan and Iraq were human rather than technological." It is going to take a searing After Action Report and Lessons Learned to begin to document the causal conditions.

At the moment, "Technocentric solutions are in our strategic cultural DNA." It will be hard to shift to a soft solution. Military contractors and their senators and representatives will fight it unless it can be turned into plants and jobs. Beyond that, Chantrill thinks that the necessary cooperation between warfighter and social scientist will be a "tall order":

The military mistrusts the practitioners of the social sciences and the feeling among most social scientists is mutual. Over the last century the social sciences have been deployed to amplify the power of government in domestic policy. And the social scientists loved the power and the prestige they obtained. But now we are talking about research and development to amplify and support US foreign policy. Can generals talk to social science professors? Will social scientists agree to work for the Pentagon?

Things change, sometimes they come full circle. Steve Henthorne, meet Bob Scales.

Gang Wars: The Failure of Enforcement Tactics and the Need for Effective Public Safety Strategies
Judith Greene and Kevin Pranis
Justice Policy Institute
July 18, 2007

Colombia Challenges Rebels With a New Weapon
Government Bringing Social Programs to Long-Neglected Regions in Bid to Establish a State Presence
By Juan Forero
Washington Post
July 10, 2007

The ARMY Magazine Hooah Guide to Counterinsurgency History and contemporary practice—including a condensed version of U.S. Army Field Manual 3-24 Counterinsurgency—are combined in a counterinsurgency short course.
By Dennis Steele
Army, July 2007

Janjaweed Using Rape as 'Integral' Weapon in Darfur, Aid Group Says
By Nora Boustany
Washington Post
July 3, 2007

Why Is The US Losing The War In Iraq?
By David Silbey
Jamestown Project
July 2007

The Americans Have Landed
By Thomas P.M. Barnett
6/27/2007, 10:12 AM

Network Eccentricity Imperils the Infosphere
By Col. Alan D. Campen, USAF (Ret.)
July 2007

War Aims and War Outcomes: Why Powerful States Lose Limited Wars
Patricia L. Sullivan
Journal of Conflict Resolution, June 2007, Vol. 51, No. 3, 496-524
DOI: 10.1177/0022002707300187

Laws Without Justice: An Assessment of Sudanese Laws Affecting Survivors of Rape
Refugees International

Jun. 19, 2007 at 9pm

Tasking Memo Stability Operations Plan (GO Review)
Department of the Army
14 June 2007

Annex (Action Plan for Army Stability Operations) to Army Campaign Plan
Department of the Army
13 June 2007

Military Operations: Actions Needed to Improve DOD's Stability Operations Approach and Enhance Interagency Planning
Report to the Ranking Member, Subcommittee on National Security and Foreign Affairs, Committee on Oversight and Government Reform, House of Representatives GAO
May 2007

The Flight From Iraq
New York Times
May 13, 2007

A failure in generalship
By Lt. Col. Paul Yingling
Armed Forces Journal
May 2007

What Price Victory? When Leaders Underestimate the Cost of War
Patricia L. Sullivan
Journeys in World Politics 2007 Workshop
April 27, 2007

Fear and Ethnic Civil War Duration
Shanna A. Kirschner
University of Michigan
Journeys in World Politics 2007 Workshop
University of Iowa
April 27, 2007

Petraeus letter response to Henthorne
By David Petraeus
4 April 2007

"Warfighter insurgency" letter to Gen David Petraeus
From Stephen Henthorne
29 March, 2007

Note: Contains more insight into Warfighter Insurgency cause & effect. Omitted from Petraeus letter (above) as no education needed

The Successful Iraq
How the United States defeated an insurgency in the Philippines.
By David Silbey
Posted Monday, March 19, 2007, at 5:23 PM ET

Aid Workers With Guns
New York Times
March 4, 2007

By Richard Teuten, Head Post-Conflict Reconstruction Unit
31 January 2007

In Support of Peacebuilding: Strengthening the Post Conflict Needs Assessment
UN/World Bank PCNA Review
January 2007

United States Army, Europe and 7th Army (USAREUR/7A) Training Strategy and Guidance, FY 07-08
David D. Mckiernan, Commanding General USA

FM 3-24
MCWP 3-33.5
15 December 2006

A Strategic Amplifier for World War IV
by Christopher Chantrill
Road to the middle class
August 16, 2006 at 8:40 am

Apparently, the counterinsurgency manual needs a rewrite
posted by Dan on 08.07.06 at 10:10 AM
Daniel W. Drezner
August 7, 2006

Counterinsurgency, by the Book
Op-Ed Contributor
New York Times
August 7, 2006

Towards a Foreign Policy That Works
Monday, July 31, 2006

Clausewitz and World War IV
BY Maj. Gen. ROBERT H. SCALES (ret.)
Armed Forces Journal
July 2006

Counterinsurgency (Final Draft - June 2006)
FM 3-24
June 2006

Military Support for Stability, Security, Transition, and Reconstruction (SSTR) Operations
Department of Defense
November 28, 2005

Best Practices in Counterinsurgency
Kalev I. Sepp
May -June 2005

Getting Out Right
Warnings from many experts went unheeded before we entered Iraq. Let's listen as we prepare to "shape the exit"
by James Fallows
Atlantic Monthly
April 2005

TRADOC Regulation 71-4
Department of the Army
Headquarters, United States Army
Training and Doctrine Command, Fort Monroe, VA
24 March 2005

War games to shape Signal Corps' future
By Steve Brady
Army News Service
Jan. 28, 2005

Scenario, ATW IV
APPENDIX C, Pages 31-34
Medical Risk in the Future Force Unit of Action: Results of the Army Medical Department Transformation Workshop IV
David E. Johnson, Gary Cecchine
ISBN 0-8330-3775-7

War Strategy: Dramatic failures require drastic changes
Douglas A. Macgregor
St. Louis Post-Dispatch
Sunday, Dec. 19 2004

Fourth Generation Warfare & OODA Loop Implications of The Iraqi Insurgency
G.I. Wilson, Greg Wilcox, Chet Richards
December 2004

Henthorne letter to Senator Carl Levin
REF: Capability to conduct long-term stability operations
1 November, 2004

INTERVIEW Douglas Macgregor
Rumsfeld's War
Oct. 26, 2004

Stability Operations
A Common Perspective
US Joint Forces Command Joint Warfighting Center
Doctrine and Education Group's Newsletter
Volume 12, No. 2, October 2004

Assessing and enhancing the Army’s capabilities to conduct long-term stability/civil-military operations
Letter to General Peter J. Schoomaker CSA
From Stephen Henthorne
Joint Readiness Training Center
18 October, 2004

Stability Operations
A Common Perspective
US Joint Forces Command Joint Warfighting Center
Doctrine and Education Group's Newsletter
Volume 12, No. 2, October 2004

Practical Guide to Multilateral Needs Assessments in Post-Conflict Situations
A Joint Project of The United Nations Development Programme, World Bank, United Nations Development Group
August 2004

4GW & Zinni's Question: What is Nature of Victory?
Address by General Anthony Zinni, U.S. Marine Corps (Retired)
Naval Institute Forum 2003
4 Sept 2003, posted 20 Sept

Other Expeditionary Operations
Center for Emerging Threats and Opportunities
Marine Corps Warfighting Lab
11 June 2003

By Bryon E. Greenwald
Ohio State University
NOTE: If asked what app to read the item, select PDF

Training transformation to Future Combat Systems - FCS
by Clyde T. Wilson
Jan-Feb, 2003

Army War Games Provide Azimuth For DoD's Future Force
By Gerry J. Gilmore
American Forces Press Service
April 29, 2002

Henthorne letter to RUSI journal
REF Sir Michael Howard's 'Mistake to Declare This A "War"'
February 2002

Those Who Live by The Littorals, Could Easily Die by The Littorals.
The Emerging Role of The United States Marine Corps In Civil Affairs and Psychological Operations For Operations Other Than War
By Stephen E. Henthorne
U.S. Army War College

Network Centric Warfare
Report to Congress
Department of Defense
27 July 2001

Thinking About Innovation
by Williamson Murray
Naval War College Review
Spring, 2001

Effects-Based Operations (EBO)
A Grand Challenge for the Analytical Community
By: Paul K. Davis
ISBN: 0-8330-3108-2

Stability Operations and Support Operations, Chapter 9
Department of the Army
31 October 2000

From Sideshow to Center Stage: Military Operations Other Than War
RAND Research Review
Volume XXI, Number 2
Fall 1997

Lessons from Somalia: The DILEMMA OF Peace Enforcement
Major Robert D. Allen
CSC 1997

From Radio To Radar: Interwar Military Adaptation to Technological Change in Germany, the United Kingdom, and the United States
By Alan Beyerchen
Military Innovation in the Interwar Period, Williamson Murray and Allan R. Millett, eds.
Cambridge University Press, 1996

Operation Just Cause: Lessons for Operations Other Than War
By: Jennifer Taw
ISBN: 0-8330-2405-1

PEACEKEEPING: A Selected Bibliography
Compiled by Virginia Shope
US Army War College
February 1996

The Selling Of Military Operations Other Than War
Major James F. Jamison, United States Marine Corps
CSC 1995

Joint Doctrine for Military Operations Other Than War
Joint Pub 3-07
16 June 1995

U.S. Intervention in Ethnic Conflict
Fred Wehling, John Steinbruner, George Kenney, Michael Klare, Michael Mazarr
Institute on Global Conflict and Cooperation
May 1995

Peace Support Operations and the U.S. Military
Dennis J. Quinn, ed.
National Defense University Press

Updated 18 July 2007

Gordon Housworth

InfoT Public  Strategic Risk Public  Terrorism Public  


  discuss this article

The Mu shu pork Index for predicting Chinese propagation of inflation


If you manufacture product in China as part of your global supply chain or purchase Chinese products for inclusion into your manufacturing or processing efforts, you should pay attention to what we are calling the Mu Shu Pork Index in the spirit of the Economist's Big Mac Index (1986) and Starbucks Tall Latte Index (2004). But whereas the Big Mac and Starbucks Indices are based on the theory of purchasing-power parity (PPP) that argues that exchange rates will, over time, equalize the price of identical baskets of goods and services in any two countries, our Mu shu Index will define a basket of effects that will flush rising costs and inflation through the Chinese economy and out into the global supply chain that absorbs Chinese product.

End of the low cost, labor intensive inflationary brake

The intersection of a litany of Chinese adulterations and contamination of pharmaceuticals, food stuffs and commodities with the skyrocketing cost of pork, the meat staple of every Chinese, all set against unease in the bond markets triggered the need for an inflation index that could be propagated globally.

With the global economy expanding at a robust pace, and prices rising in fast-developing countries like India and Mexico, central bankers and investors are becoming concerned. Interest rates are inching up in the United States and Europe as lenders demand that borrowers pay more to offset the erosion of buying power over time...

Heavy investments in new factories, roads, rail lines and ports have helped limit inflation until now in manufactured goods, as productivity improvements mostly offset rising wages and higher prices for food, oil and metals. Economists and business executives say that manufacturers face growing pressure to raise prices as well, particularly with the torrent of money pouring into China, which has helped push up the prices of Chinese stocks and real estate.

Prosperity driven consumption, wage inflation and commodity increases have driven up prices for Chinese pork, chicken, fish, beef and eggs but pork's rise has been so great that the CCP was taken by surprise, ordering municipal subsidies on pork purchases. (In less than two months (March-April), live pig prices rose over 70% while pork was up almost 30%, both continuing to rise into May. Meat prices alone are contributing one % to the inflation rate.) Inflation is back in China, driving up wages and resource costs and will shortly drive up export prices; China's low cost labor intensive market is about to come to an end, ending an inflationary brake to the US/EU.

Cost cutting by other means; Cutting corners is an open secret in China

Pork is not the only inflation driver. Removing thinly veiled dysfunctions and dangerous shortcuts in Chinese supply chains will add cost.

"We're now learning some of the dirty secrets behind this fast-growing economy," said Wang Fei-ling, a professor of international affairs at the Georgia Institute of Technology. "And the dirty secret is they're cutting corners in making things."

Students of the Chinese manufacturing environment find such comments naive or at least inattentive to facts on the ground. Cutting corners has been a general manufacturing characteristic of Chinese firms even at the higher end, automotive market and associated components. Whereas processes such as APQP (Advanced Product Quality Planning) have long been standard in the North American and European market, US/EU Tier One automotive suppliers often talk of having to endure "good enough" production where the Chinese manufacturer decides what is good enough - and where it cannot be seen, notably in materials, coatings and plating - components have an increasingly high probability of being far from 'good enough.' In conference after conference on Chinese manufacturing, one hears firms lamenting that good Chinese suppliers are hard to find if they are skilled (as their production capacity is already saturated) or if they are not, requires patient and expensive training before a reliable product stream is produced. (And once you've trained them, they are likely to shift away from you to other clients willing to buy your training at a discount.)

The aforementioned does not mean that the Chinese are incapable of superb production; Far from it, especially in a national security environment. In an analogous condition, one remembers Russian manufacturing technology in early MIG-21 Fishbed fighters which often resembled what we liked to call 'rusty beer cans' yet the same aircraft's afterburner ceramic coatings (which suppressed the ionized gas plume detectable by VHF search radars) was state of the art. China is capable of world class production; This article is addressing commonly available Chinese commercial manufacturing and processing.

The PRC is, certainly has, attempted to portray two Chinese firms, Xuzhou Anying Biologic Technology Development Company and Binzhou Futian Biology Technology Company, found to be exporting melamine-tainted wheat flour to the US as "rogue companies, or "special individual cases" in a largely well-managed export industry," but such efforts to box the breach "seems quite at odds with local Chinese agricultural industry executives:"

In recent weeks, they have said in interviews that for years producers and feed makers have either used melamine in animal feed, sold it to animal and fish feed producers or knew of the sale and use of melamine in animal feed. Interviews with animal feed producers, melamine makers and melamine and feed traders suggested that it was a widespread practice to mix melamine into feed to deceive buyers into thinking they were getting higher-protein meal.

Most of the people interviewed said they did not believe that the practice was illegal or that melamine was toxic in animals or humans; the melamine was simply filler, most of them said, a way of earning extra profits. They did say, however, that it was also mixed secretly, otherwise buyers would know they were being cheated out of protein. "Our clients who buy melamine scrap to make animal feed are mainly from Shandong Province," Qin Huaizhen, manager of the Gaocheng Shunkai Chemical Factory in Hebei Province, said two weeks ago. "They use melamine scrap to produce fish, chicken and other animal feed." He went on to add: "Clients use it to boost the protein level."

Be it ethylene glycol in cough syrup, contaminated melamine in pet food, or lead in baby bibs and children's rings, Chinese firms have more to overcome than fears of "Made in China" morphing into "Buyer Beware." Their manufacturing costs will have to rise as they remove the short cuts. Old habits will die hard, province by province, city by city and plant by plant. The omens are not good that Chinese denials and information embargoes in the melamine contamination replicated those seen during the SARS and avian flu outbreaks, or that counterfeiters continue to follow industrial polluters into the interior of China in order to avoid exposure.

"Basically, for entrepreneurs, if something is not explicitly banned - it's not banned... As long as people are not sick or dying, it's O.K."

I predict that this correction will have a very long tail throughout the greater Chinese supply chain whose exports are currently pegged at over one trillion USD per annum, a tail that will affect many of the prosaic industrial, consumer and food items that populate the global supply chain.

What happens in the place of low cost labor products

Low skill, low wage jobs will shift to value-add, high skill industries. Here is one that will further upset existing OEM and Tier One suppliers in Asia, North America and Europe:

China's auto parts exports have increased more than sixfold in the last five years, nearly topping $1 billion in April and emerging as one of the fastest-growing categories of Chinese industrial products sold overseas. More than half of these auto parts go to the United States; most of the rest to Europe and Japan.

The rise of Chinese auto parts exports is part of a much broader shift. China is moving up from basic goods like textiles, toys and shoes and toward higher-value industrial goods that pay better wages - but also compete more directly with products from countries like Mexico and even from advanced industrialized countries like the United States...

Soaring output at auto assembly plants in China is generating enormous demand for auto parts and creating the economies of large-scale production previously possible only in North America, Europe and Japan. And with at least a half-dozen Chinese automakers planning to start exporting in the next few years, Chinese auto parts will soon be going overseas not just in crates, but as part of fully assembled cars.

Multinational automakers set virtually the same quality standards for their operations all over the world. They are working closely with Chinese parts companies to help them meet these standards; once they do, they are allowed to submit bids for supplying factories elsewhere.

Readers are referred to Sean McAlinden's work on the auto sector, two of which are cited here and here, for the impact of that industrial migration on US/EU OEMs and their suppliers. They will fondly remember the time when declining market share and inflation were their principal concerns. It will be instructive to construct the Mu shu basket.

UPDATE: Observation from a skilled senior operational staffer at a large Tier One with whom we have had ongoing discussions on IP protection methods for four plus years: "This [inflation] is to be expected."

My reply: "To the thoughtful, yes, but for those who ran to, or were driven to, China with the sole goal of low cost piece part pricing [leaving aside direct and indirect transportation costs due to delays, port crowding, lack of bottoms, etc.], this cost-up will come as a shock without an effective response." We discussed the similarity in the purchasing efforts of both GM and Ford which had driven suppliers to China purely to achieve lower piece part costs. He agreed with my assessment that those supply chains, and the suppliers therein, will face heightened vulnerability as they are unable to continue to meet cost-down demands, maintain margins, hold/build revenues and likely loan covenants from their banks.

Rise in China's Pork Prices Signals End to Cheap Output
New York Times
June 8, 2007

Yields on Treasuries Climb; Shares Tumble Again
New York Times
June 8, 2007

China to Revise Rules on Food and Drug Safety
New York Times
June 7, 2007

Chinese Auto Parts Enter the Global Market
New York Times
June 7, 2007

When Fakery Turns Fatal
New York Times
June 5, 2007

China Sentences Former Drug Regulator to Death
New York Times
May 29, 2007

An Export Boom Suddenly Facing a Quality Crisis
New York Times
May 18, 2007

China Urges U.S. Not to Punish All Food Exporters
New York Times
May 17, 2007

At Shanghai auto show, China carmakers in search of edge
By Keith Bradsher
April 22, 2007

China: Land of opportunity?
Oakland Business Review (Michigan)
November 2, 2006

The Economist
May 25, 2006

There's No Place Like Home: The Geography of Automotive Employment
Presentation to Chicago Federal Reserve Conference on "The New Geography of Auto Production"
Sean P. McAlinden
Center for Automotive Research
April 19, 2006

Coffee cup holds secret to currency forecasts
From Times Online
January 16, 2004

Burgers or beans?
A new theory is percolating through the foreign-exchange markets
From The Economist print edition
Jan 15, 2004


Disaster Deferred: The U.S. "Big 3" and the Labor Cost Squeeze
Glenn Mercer, McKinsey & Company, Inc.
GERPISA Conference
April 2003, Paris

Estimating the New Automotive Value Chain
A Study Prepared for Accenture
Sean P. McAlinden, David J. Andrea
Center for Automotive Research, Altarum Institute
November 2002

Gordon Housworth

InfoT Public  Risk Containment and Pricing Public  Strategic Risk Public  


  discuss this article

Prediction: the Cisco-Huawei IP debacle repeated itself with Denso, and likely for the same reasons


'National security' breach theft from Denso

In briefings three years ago to some of the largest tier one automotive suppliers, we forecast that Toyota/Denso would be the wholesale Automotive OEM target for IP theft as it was one of the few (the only significant) OEM that retained the capacity to design and manufacture everything that they purchased. (All other OEMs were in the process of surrendering their production technology via joint ventures so the only items worthy of hostile collection were their vehicle designs, preferably the mathdata CAD files thereof.) Another forecast was that any Toyota/Denso JV with a Chinese entity would be an IP siphon to the Chinese. The first forecast has now come true, and is likely only the beginning of the loss. The second is undoubtedly in progress.

In March Kyodo News reported that a Chinese engineer, Yang Luchuan, 41, at Denso's facility in Kariya, Aichi Prefecture, was suspected of "embezzling [Dowjones prefers "stealing"] information on about 1,700 types of products, including sensors and industrial robots [of which] about 280 types were considered top secret by the company."

This theft was discovered after the fact during an "internal investigation following a problem with its database system" which could mean that Yang was discovered by accident or that other means and methods were being concealed. In a classic piece of insider theft:

  • Yang made repeated downloads from Denso corporate libraries between October-December 2006 to a Denso-supplied laptop
  • Forensic analysis showed subsequent copying of the files from the laptop to as yet undiscovered external storage devices
  • Yang made at least three trips to China following the downloads including one ( 16 Feb-4 March) two days after being by Japanese authorities.
  • Yang took the laptop home but denied the copying disclosed by forensics
  • Yang destroyed the hard drive of his home computer

The Denso theft again reinforces our maxim that IP holders must protect an asset 'wherever it appears in the global supply chain at any tier' as opposed to only ostensibly 'risky states.' This theft is complicated by the presence of a foreign national in the critical path, a fact that we continually flag to firms placing IP-rich R&D hives in China, which often pose a greater IP risk than in-country manufacturing operations.

What little is known of Yang's background indicates a PLA plant against a high value target, Yang:

  • "Graduated from a Beijing-based university in 1986"
  • Worked "for a state-run company developing missiles and rockets in China" (the firm's name is not disclosed in any article)
  • "Came to Japan in 1990, and graduated from an engineering college in Tokyo"
  • Joined Denso in December 2001
  • Participated in "engine parts development and other works"
  • Served as "vice chairman of the Japan Association of Chinese Automotive Engineers"

Almost immediately after Yang was detained, the Yomiuri Shimbun weighed in with an uncharacteristically blunt editorial noting that:

  • The theft, as great as it was, was "probably just the tip of the iceberg"
  • "National interest [was] at risk" given the nature of Denso's research and engineering
  • "Denso's data management clearly was lax" allowing damage to Japanese interests beyond the confines of Denso
  • "Anti-espionage laws [are] lacking" even as the "National Police Agency believes China is trying to obtain various advanced technologies and related information in Japan"
  • "Employment of foreign engineers and researchers" needed national as well as corporate oversight
  • Management of important corporate information is not an issue "that can be left to the private sector alone"
  • As the Japanese Penal Code only stipulates a maximum five year sentence for embezzlement, the "police reportedly also plan to establish a case under the Unfair Competition Prevention Law as it provides for a heavier [ten-year] punishment"

Little more was published in the Japanese press until small items appeared two weeks later in Japan Times; Japanese magistrates and police had withdrawn charges and released the Chinese engineer that executed the "national security" level IP theft against Denso. The anemic refusal to indict and the release notices (verbatim below as they have now scrolled off) are mind-boggling in their banality, and there has been nothing more from official sources since. Astonishing until one considers the leverage that China could apply against Denso and Toyota:

Prosecutors decide against indicting Chinese man over data theft
Japan Times
Apr 6, 2007
Requested article has expired, and is no longer available

NAGOYA - The Nagoya District Public Prosecutors Office on Thursday decided against filing a formal charge against a Chinese employee of auto parts builder Denso Corp who was arrested on suspicion of taking out product design data without the company's authorization, investigative sources said. The prosecutors apparently decided it was difficult to establish a case...

Prosecutors release Chinese man over data theft
Kyodo News, Japan Today
Saturday, April 7, 2007 at 07:16 EDT
Requested article has expired, and is no longer available

NAGOYA - The Nagoya District Public Prosecutors Office on Friday released a Chinese employee of auto parts maker Denso Corp who was arrested on suspicion of taking out product design data, with a view to suspending indictment against him.

The release of Yang Luchuan, a 41-year-old engineer at the company based in Kariya, Aichi Prefecture, marked the end of the case, with investigators unable to confirm why the data was taken and whether it was handed over to other people.

The affair has been whitewashed. My immediate impression was that Cisco's manhandling by Huawei and the PLA had repeated itself, and for the same reason: threats of extralegal punishment in the Chinese market.

Cisco tried to box with God

Who is Huawei Technologies and how could they have escaped Cisco's legal assault despite Huawei's fielding a router architecture containing stolen Cisco code down to identical text strings, file names, comments and bugs? Look no farther than its founder, Ren Zhengfei, one of China's IT "power players." From RAND's A New Direction for China's Defense Industry:

Huawei Shenzhen Technology Company. Huawei was founded in 1988 by Ren Zhengfei, a former director of the PLA General Staff Department's Information Engineering Academy, which is responsible for telecom research for the Chinese military. Huawei maintains deep ties with the Chinese military, which serves a multi-faceted role as an important customer, as well as Huawei's political patron and research and development partner. Both the government and the military tout Huawei as a national champion, and the company is currently China's largest, fastest-growing, and most impressive telecommunications-equipment manufacturer...

In analyzing the dynamics of the IT sector, it is first necessary to divide the defense portion of the IT sector into two related but distinct categories. The first includes those subsectors providing the PLA with commercial-off-the-shelf IT systems, such as routers, switches, and computers, which have become increasingly central to the digitization of the U.S. military. Key companies in this category include such "red chips" (the Chinese equivalent of U.S. blue-chip companies) as Huawei, Zhongxing, Datang, Julong, and the Wuhan Research Institute, all of which are private companies spun off from state research institutes that enjoy national-champion preferences within the system. They are marked by new facilities in dynamic locales, such as southern and eastern China, a high-tech workforce, and infusions of foreign technology. These firms are not obligated to provide a social safety net for thousands of unemployable workers and their families in rural areas. Instead, they hire and fire staff using market-based incentives and stock options...

The two most important categories of Chinese IT firms, particularly in dealings with foreign multinationals, are telecommunications equipment and electronics. Publicly, the major players in telecommunications - Huawei, Datang, Zhongxing, and Great Dragon (Julong) - appear to be independent, private-sector actors. By contrast, many of the electronics firms are grouped under ostensibly commercially oriented conglomerates, such as China Electronics Corporation. However, one does not need to dig too deeply to discover that many of these electronics companies are the public face for, sprang from, or are significantly engaged in joint research with state research institutes under the Ministry of Information Industry, defense-industrial corporations, or the military. Indeed, each of the "four tigers" of the Chinese telecommunications equipment market (Huawei, Zhongxing, Datang, and Julong) originated from a different part of the existing state telecommunications research and development infrastructure, often from the internal telecommunications apparatus of different ministries or the military. These connections provide channels for personnel transfers, commercialization of state-sponsored R&D ("spin-off"), and militarization of commercial R&D ("spin-on")...

Huawei has also become the most successful Chinese exporter of equipment, entering international markets in 1996. According to one source, "For the future, Huawei wants to be the Cisco of the PRC, but also is ambitious to become a global player." The company is rapidly penetrating Africa, Russia, India, and many other areas ignored by Western telcos...

Huawei is at the core of what is called China's "digital triangle":

The pace and depth of these advances cannot be explained by traditional Chinese defense-industrial reforms. Instead, they originate in a paradigm shift that could be called the "digital triangle," the three vertices of which are (1) China's booming commercial information-technology companies, (2) the state R&D institute and funding infrastructure, and (3) the military. The links among these three vertices are of long standing, given that telecommunications and information technology in China were originally developed under the auspices of the military, and the commercial relationships with state and military research institutes remain important.

The digital triangle approach resembles a classic technonationalist strategy a la Japan, with high-level bureaucratic coordination and significant state funding. But it also has the attributes of market-based, dynamic, nimble, and internationally oriented private enterprises. The techno-nationalist strategy has been attempted by the defense-industrial system in China in the past; that it is currently successful in information technology and shipbuilding may be driven more by the integration of those sectors into the global R&D and production chain than by China's technological strengths per se.

The digital triangle represents an important evolution in the military's strategy for telecommunications development. Under the previous model, such companies as the PLA General Staff Department's China Electronic Systems Engineering Corporation (CESEC) built commercial networks and served as a front company for the acquisition of technology for the military. Private Chinese companies such as Huawei, by contrast, represent the new digital-triangle model, whereby the military, other state actors, and their numbered research institutes help fund and staff commercially oriented firms that are designated "national champions," receive lines of credit from state banks, supplement their R&D funding with directed 863 money, and actively seek to build global market share. The military, for its part, benefits as a favored customer and research partner. Companies such as CESEC continue to exist, but they now serve as systems integrators of technologies from multiple outside vendors...

As part of its backbone infrastructure work with the PLA, Huawei supplied secure fiber optic communications networks widely within the PLA, its missile networks and fire control/command and control systems, and would supply a variant, Tiger Song, to Iraq prior to OIF which greatly complicated US interdiction as previous Iraqi anti-air comm had been interceptable, targetable transmissions. The PRC was one of many UN embargo violators (which included our allies France and Germany as well as Russia):

Iraq purchased a number of Chengdu F-7 fighter jets from Beijing and has managed to trans-ship spare parts made in China for its force of F-7 and MiG-21 fighters through illegal front companies in Jordan, Hong Kong and Singapore. China also supplied Iraq with a large number of T-55 and T-58 tanks equipped with modern night-vision gun sights and laser range-finding systems. Somehow, the Iraqis keep these tanks in tip-top condition with an ample supply of Chinese-made spare parts. It is well known that China sold Iraq the "Tiger Song" air defense system during the 1990s. Both [Powell] and [Rice] have stated that China sold Iraq its new air defense system. The sale took place despite the fact that China also signed on to the U.N. ban on weapons sales to Iraq. NATO gave the system its name in 1998 after it was discovered to be operational in the Iraqi desert.

Tiger Song had interesting antecedents:

The Chinese-built "Tiger Song" fiber-optic air defense system used by Iraq is comprised of American-made technology obtained with a waiver from the Clinton Administration... The advanced fiber-optic system was a result of the friendship between General Ding Henggao, Commander of the Chinese Army military research bureau COSTIND [Commission on Science and Industry for National Defense] and then-US Defense Secretary William Perry...

In 1994, Professor John Lewis of Stanford University... teamed with General Ding to buy an advanced AT&T fiber-optic communication system for "civilian use" inside China. According to the Far Eastern Economic Review, [Perry] wrote a letter to US Government export control officials, favoring the fiber-optic export to China. The venture was called "Hua Mei." The Chinese part of the venture was run by the newly formed firm, "Galaxy New Technology," with General Ding's wife, Madame Nie Li, as the head of the project.

With the support of Perry and the advice of Prof. Lewis, AT&T shipped the secure communications system directly to a Chinese Army unit, using Galaxy technology as a front. The so-called "civilian" Galaxy firm was packed with senior Chinese military officers... Madame Nie was not only the wife of General Ding, but actually Lt. General Nie Lie of the Chinese Army. Galaxy Director and president was Mr. Deng Changgru, also known as Lt. Colonel Deng Changru, head of the Chinese Army communcations corps. Co-General manager of Galaxy, "Mr." Xie Zhichao, also known as Lt. Colonel Xie Zhichao, director of the Chinese Army's Electronics Design Bureau...

"The Chinese army's Electronics Bureau... modified the American fiber-optics communication system, changing it into a secure air-defense system. The Chinese military then exported the newly modified system to Iraq. The Iraqi air defense network, NATO code-named "Tiger Song," is made of US and French fiber-optic parts modified by the Chinese military."

Today [2001], Iraqi anti-aircraft missiles, guided by Tiger Song, regularly target US fighter planes. And following the recent US-British attack on the system, Chinese military engineers are reportedly repairing damages to the system.

Cisco eclipsed by Huawei's theft of IOS

Had Cisco performed a competent due diligence, it would have known that its arms were too short to box with God. Instead, it soldiered ahead as if an award in US jurisdiction would protect "its IOS software package, which lies at the heart of many of its box designs":

After years of pretending they loved the competition of cheap knockoff routers from China, Cisco Systems filed suit today against Chinese telecom equipment giant Huawei Technologies, charging patent and copyright violations which, if proven, could cripple the Chinese company's recent bold expansion.

It is the first-ever intellectual property lawsuit for Cisco, and one senior Cisco officials had tried to avoid by consulting with both Huawei and Chinese government officials...

Mark Chandler, Cisco's general counsel, said the main reason for the suit was the discovery that Huawei was using the same source code for the software powering its routers. The code, called IOS (internetwork operating system), is the crown jewel of Cisco's technology. "Over the past year we had more and more of a case," he says, citing such things as the identical command lines and user manuals between Cisco and Huawei products. "But several months ago we realized the source code was copied--that's when we began direct negotiation." Huawei officials were receptive to negotiations, he said, but never changed their practices.

Chandler says Cisco hopes for what he termed "a recognition by Huawei that its conduct is unacceptable," ending the need for the suit...

Cisco [started] its war in the US, filing its first lawsuit against Huawei in a US district court in Texas, the state where Huawei houses its US headquarters. For Cisco, this is friendly ground. As a San Jose-based company, most of Cisco's patents and trademarks are protected by the US Government, giving Cisco home-field advantage and maybe a stronger position in the case. Clearly, if it wins, Cisco will get the injunction it wants against Huawei in the US...

Cisco filed a lawsuit alleging that Huawei "unlawfully copied and misappropriated Cisco's IOS software... and infringed numerous Cisco patents."

This article was prescient, but likely not for the reasons assumed:

But, you have to wonder if a victory in the US will lead to a worldwide victory for Cisco. Clearly, the battle in the US will be the first in a set of lawsuits the company files against Huawei. The real battleground will be in China. While Cisco has the edge in the US, the advantage balance shifts quickly to Huawei in the Chinese market. Even with a US victory, Cisco will likely fight a long uphill battle to try and convince China to rule against Huawei. And, if they win, they'll fight an even more tedious battle trying to get China to impose sanctions against Huawei...

Even if the US comes to the aid of companies to protect IP infringements in China, there's no guarantee that the infringements will stop. And if a communication giant like Cisco, with its deep legal pockets, can't stop Chinese companies from infringing on IP, how can any comm company targeting the market expect to protect its IP from Chinese pirates...

And then it was over with this fig leaf that did not fool the knowledgeable:

Cisco Systems today [1 Oct 2003] agreed to suspend its patent infringement lawsuit against Huawei after the Chinese equipment manufacturer signed an agreement to modify some of its products.

Huawei will continue to abide by the terms of the preliminary injunction order made by a district court in Texas in June. This injunction served notice on Huawei to stop its alleged use of Cisco router code.

Addressing Cisco's concerns about alleged piracy, Huawei has voluntarily made changes to some routers and switches. The two companies have agreed on a process for reviewing these changes. Provided the review confirms that the agreed changes have been made, the two sides will draw a line under the dispute.

All other terms of the agreement are confidential - so we don't get to know how much (if any) money changed hands.

After having purloined Cisco IOS source code, Huawei could not have satisfied a US court of law by merely agreeing to "modify some of the products." That would be analogous to General Motors, having determined that Chery stole the mathdata of the Chevy Spark/Daewoo Matiz to produce Chery's QQ minicar, absolving Chery and permitting the QQ to proceed after Chery made a few changes in Class A surfaces.

Past Chinese practices and anecdotal evidence bolsters our belief that Cisco was threaten with extralegal penalties that would threaten its ability to do business in the PRC, i.e., revenue, access, and market position. Cisco effectively capitulated; Huawei made no fundamental code changes, nor did it stop shipping any product and it continued to undersell Cisco by a third.

Cisco as collateral casualty of Desert Storm and Operation Iraqi Freedom (OIF)

It is asking much of a commercial firm to be as aware of foreign military needs reacting to changing geopolitical climates when (a) the firm is not focused on, and aware of, collectors' ability to harvest its IP, generally with impunity, and (b) the firm is focused on its perceived commercial competitors, and may be doing a greater or lesser job of maintaining its position and placating its stakeholders.

Still, Cisco's experience is instructive for the need of just such an external awareness and the tools to match. As previously noted, the 2005, 2006 and 2007 issues of Military Power of the People's Republic of China indicate the galvanic shock that Desert Storm, Operation Iraqi Freedom (OIF) and Kosovo had on Chinese military and geopolitical thinking. Achievement of C4ISR (Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance) became a PLA mantra and Cisco was a foundation toolset to that end.

It is instructive to read the section on Impediments to Defense Transformation in the Asia-Pacific from Challenges to Transforming Asian-Pacific Militaries not for what it predicts but using the criteria of its predictions as a watch list for rapidly changing conditions. China has already overturned Bitzinger's limitations on the high end while the Tamil Air Tigers has overturned it on the low end. See China: a planners' preference defense industry succeeds in spite of systemic shortcomings.

Commercial firms should pay heed. Microsoft's Kai Axford has two interesting introductions, Economic Espionage: Mitigating the Risk Using Non-Technical Methods and Economic Espionage: Mitigating with Technical Methods, that are certainly useful steps but even those will fall without integration into a holistic Design Basis Threat (DBT) (here and here) risk response analysis.

Toyota/Denso similarities to Cisco

Denso's global sales and net income for the fiscal year ended March 31, 2007, was $30.6 billion USD and $1.7 billion USD respectively, of which Asia and Oceania provided $4.1 billion USD in sales and an operating income of $388.8 million USD. Strong vehicle production in China contributed significantly to its Asian figures.

Denso's Koichi Fukaya identified China's importance early in his tenure as CEO:

Q. Where is Denso's biggest growth area worldwide?
A. The U.S. has already grown quite a bit. But Europe will lead the pack... The No. 2 market would be China.
Q. How important is China for Denso?
A. The amount of cars on the road will double in only few years. A country like that does not exist anywhere else in the world. We want that new business in China. We consider China a very, very important country.
One problem though is the OEM mix is very, very complex. First Auto Works [FAW] has a joint venture with both Toyota and Volkswagen. It was in the media that Toyota would start a new joint venture with Guangzhou Automobile Group, which has a joint venture with Honda. There are a number of activities going on that cannot be seen anywhere else. We are carefully monitoring those moves.
Q. Is your strategy for local production or export?
A. We want to manufacture in China for the growing market there. Export is not an issue... We want to maintain our principle of making products where our customers exist...
Q. What Is the next market for diesel growth?
A. China will be next. Engines in large size, buses and trucks are becoming modernized. So the desire is for high performance, high efficiency engines while making them more compact. China always demands the latest technology. We are trying to bring to China--diesel's newest technology--the commonrail technology...

And Denso can never be viewed in isolation from Toyota; pressure on one is pressure upon the other. Unlike China's positive trade balance with the US, China has a "heavy negative trade balance" with Japan and Korea principally due to:

  • Presence in China of Japanese and Korean OEMs "importing parts from home"
  • Protectionist measures from Japanese and Korean domestic auto part industry to limit imports (especially Japan)

Toyota commenced in-country production of the Camry in Nansha in May 2006:

Toyota joins a rush by the world's automakers for a share of China's auto market, which saw sales jump by 30 percent last year and is poised to overtake Japan as the world's No. 2 market. Toyota, a relative latecomer to China, had a paltry 3.5 percent of the market last year, with 179,000 vehicles. That puts it well behind top foreign automaker General Motors Corp., which vaulted past Volkswagen AG of Germany to grab 11 percent of the market last year...

Toyota began exporting to China in 1964 but lagged behind rivals in focusing its ambitions on the Chinese market, choosing instead to concentrate on the markets in the United States and Europe. It wasn't until 2002 that it rolled out its first locally produced, Toyota-brand car with a Chinese partner, state-owned FAW Group Corp...

[Toyota] says the [Nansha] facility brings its most advanced technology to China -- a step sought by Chinese leaders as they try to build up a world-class auto industry...

The new Nansha factory also has drawn a group of parts suppliers such as Japan's Denso Corp., which said Tuesday it will spend 30 billion yen (US$265 million; ?210 million) over the next five years to shift production to China...

Despite political tension between Japan and China that flared into riots last year, Japanese automakers are heavily investing in China, and last year pumped a total of 113.7 billion yen (US$1.03 billion) into the country.

Both Denso and Toyota are now committed to China out of necessity and that footprint brings risk. I cannot imagine either Denso or Toyota sliding into the 1st China International Auto Parts Expo (29 Nov - 1 Dec, 2007) in Beijing in a confrontation over a "national security" level theft in trade secrets and Intellectual Property from one or more Chinese entities that would in all likelihood involve PLA assets.

The moral is: prepare in advance to defer and deflect predations upon your IP as once the theft occurs there is little recourse under the best of circumstances, and in the face of extralegal sanctions, likely zero.

DENSO Announces Year-end Financial Results
April 26, 2007

Economic Espionage: A Real Threat
Kai Axford
Security Minded - from Kai the Security Guy

Published Tuesday, April 10, 2007 11:24 AM

Economic Espionage: Mitigating the Risk Using Non-Technical Methods
Kai Axford
Security Minded - from Kai the Security Guy
Published Wednesday, April 11, 2007 3:57 PM

Economic Espionage: Mitigating with Technical Methods
Kai Axford
Security Minded - from Kai the Security Guy
Published Friday, April 13, 2007 11:34 AM

Prosecutors release Chinese man over data theft
Kyodo News, Japan Today
April 7, 2007 at 07:16 EDT
Requested article has expired, and is no longer available

Prosecutors decide against indicting Chinese man over data theft
Japan Times
Apr 6, 2007
Requested article has expired, and is no longer available

The Flowchart Model of Cluster Policy: The Automobile Industry Cluster in China
Akifumi Kuchiki
April 2007

Denso's management of classified data lax
The Daily Yomiuri(Tokyo)
March 20, 2007 Tuesday

China Edging US in Espionage, Author Says
By Kevin Mooney
March 19, 2007

Denso Chinese engineer an industrial spy?
Sunday, March 18, 2007

Denso Corp. Engineer Held Over Suspected Data Leak - Kyodo
provided by: Dowjones Business News/Easy Bourse
Friday March 16th, 2007 / 19h20

Toyota in the World (Toyota Chronology) 2007

Toyota rolls out first made-in-China Camry in bid to catch up with rivals
May 23, 2006

The Civilian High-technology Economy: Where is it heading?
Adam Segal, Maurice R. Greenberg Senior Fellow for China Studies
Council on Foreign Relations
March 16, 2006

The Quadrennial Defence Review - Revolution Reloaded?
by Greg
06 Feb 2006 04:21 PM PST

Telecom giant taking shape
Huawei and its Plano unit plan to win big in U.S.
By JIM LANDERS / The Dallas Morning News
03:27 PM CST on Tuesday, December 20, 2005

The automotive parts industry in China: gearing up for world leadership
Riccardo Battaglia, Sara Ciavorella
Value Partners S.p.A.
Shanghai, November 2005

Pentagon Document: U.S. Paid Pro-Saddam Figures, Chinese and French
Charles R. Smith
PEHI Newsmax
Monday, Feb 28, 2005

A New Direction for China's Defense Industry
Evan S. Medeiros, Roger Cliff, Keith Crane, James C. Mulvenon
ISBN 0-8330-3794-3

China's champions
The struggle of the champions
The Economist
Jan 6th 2005

Inside China - The Chinese view their automotive future
IBM Business Consulting Services

Civil-Military Integration and Chinese Military Modernization
Richard A. Bitzinger
Asia-Pacific Center for Security Studies (APCSS)
Volume 3, No 9, December 2004

Chinese Competitors Chew at Cisco
Light Reading
NOVEMBER 10, 2004

Challenges to Transforming Asian-Pacific Militaries
Richard A. Bitzinger
Asia-Pacific Center for Security Studies (APCSS)
Volume 3, No 8, October 2004

China's Telecom Forays Squeeze Struggling Rivals
Amid a Shaky Recovery, Competitive Pressures Hit Western Companies Hard
September 8, 2004

The New Weapon In China's Arsenal: Private Contractors
Once-Lethargic PLA Becomes Stronger Force With Help Of Modern Defense Sector
A Bigger Threat to Taiwan?
July 16, 2004

Chinese Military Modernization Aims For Regional Projection
Advanced technologies lie at the heart of most efforts.
By Robert K. Ackerman
October 2003

Denso to establish Shanghai, China, joint venture - Asia - Shanghai Pudong "EV" Fuel Injection Co. Ltd - Brief Article
Automotive Industries
Sept, 2003

Cisco halts Huawei piracy suit
Peace in our time
By John Leyden
1 October 2003 20:23 GMT

The PLA, Trade, and U.S. Interests
Chapter Fourteen
Kevin G. Nealer

The People's Liberation Army and China in Transition
A Publication of the Center for the Study of Chinese Military Affairs
by Stephen J. Flanagan and Michael E. Marti
National Strategic Studies, National Defense University
August 2003

New Denso head sees growth in A/C, diesel and telematics - Supplier Business - Koichi Fukaya - related article: Denso heads South - Interview
Automotive Industries
August, 2003

The Chinese Automobile Industry and the Strategic Alliances of China, Japan, the US's Firms
--The Cases of FAW-Toyota, Dongfeng-Nissan and Shanghai-GM--
Discussion Paper for International Motor Vehicle Program (IMVP), MIT, U.S.A.
(First Draft)
Chunli Lee Aichi University, Japan; Takahiro Fujimoto University of Tokyo
May 2003

DENSO to Establish Guangzhou, China Joint Venture To Produce Car Air Conditioners
Auto Channel
TOKYO, April 1, 2003

The Chinese Auto Industry
Global Automobiles
Keith Hayes, Max Warburton, Gary Lapidus, Kunihiko Shiohara, Young Chang, Shane McKenna
Goldman Sachs
February 21, 2003

Cisco/Huawei battle could shape move into China
By Robert Keenan
Jan 23, 2003

No More Mr. Nice Cisco
Quentin Hardy
01.23.03, 5:13 PM ET

China Strengthens Ties With Taleban by Signing Economic Deal
John Pomfret
International Herald Tribune
September 13, 2001
Original scrolled off


Western Warplanes Hit Iraqi Defenses-Pentagon
By Charles Aldinger
Friday August 10 9:08 AM ET 2001

China's I.T. Power Players
Rich, savvy and well connected, these are the key people leading China's drive toward commercial success in the world of high tech
Asia Week
7/27 - 8/3/2001

Sanctions Busting: Technology Two-Timing
By Kelly Motz and Jordan Richie
The Asian Wall Street Journal
March 19, 2001


Chunli Lee, Takahiro Fujimoto, Jin Chen
Actes du GERPISA no. 34
June 2000
Groupe d' Etudes et de Recherches Permanent sur l' Industrie et les Salariés de l' Automobile (Permanent Group for the Study of the Automobile Industry and its Employees)

Gordon Housworth

InfoT Public  Intellectual Property Theft Public  Strategic Risk Public  


  discuss this article

US IT infrastructure is as, likely more, vulnerable to active and passive cyberattack than Estonia


'Cyber-collection' versus cyberterrorism

The ongoing organized cyberattack on Estonian state and commercial IT infrastructure is the clearest example of a "cyber Pearl Harbor" - an active attack to disrupt or degrade the capacity of a state to function, to conduct commerce, to defend itself - yet as instructive, even attention grabbing to the thoughtful few, as this active attack is, it is among the smaller risk category of IT cyber risk; The greater risk is the wholesale 'passive' probing and intrusion efforts to reconnoiter infrastructure and steal proprietary/classified information.

Between FY 2005 and 2006, federal assets showed a marked rise in activities involving unauthorized access, improper usage, scans/probes attempted access, investigation, even denial of service, yet a decrease in malicious code (a condition I believe is due more to spear phishing and other, more intelligent exploits than to lessened activity).

In their fiscal year 2006 financial statement audit reports, 21 of 24 agencies indicated that they had significant weaknesses in information security controls. [The] weaknesses persist in major categories of controlsincluding, for example, access controls, which ensure that only authorized individuals can read, alter, or delete data, and configuration management controls, which provide assurance that only authorized software programs are implemented. An underlying cause for these weaknesses is that agencies have not yet fully implemented agencywide information security programs, which provide the framework for ensuring that risks are understood and that effective controls are selected and properly implemented. Until agencies effectively and fully implement agencywide information security programs, federal data and systems will not be adequately safeguarded to prevent unauthorized use, disclosure, and modification.

Without a systemic application of a Design Basis Threat (DBT) analysis, I cannot see federal or commercial systems staying ahead of the growing number of attackers and recon efforts; money and attention will be squandered for "feel good security" rising from false practices and vendors' siren recommendations of their particular wares as plugging the gap. See:

Furthermore, most systems are Brownfield legacy or if they are Greenfield they have critical links/access to Brownfield systems. Atop that, most systems are not designed with security in mind. From The defender's dilemma: common threads in exploiting commercial supply networks:

The problem is that the commercial production environment, in this case the "defender," is supremely exploitable as commercial supply chains are designed around economic efficiency and manufacturing efficiency rather than exploitation security. [Terrorist supply chains, or asymmetrical attacker Supply chains, are not built for commercial efficiency but for detection avoidance at least until the attack is in progress.] Cost and risk rise to the commercial defender as they try to backfill security needs atop a commercial structure. In this situation, it tracks with the difficulty in countering IP theft and diversion unless the process is built in from the onset. In all such environments, it is too easy to ask how often [the target will be attacked] as opposed to if or when?

Readers are encouraged to review my 2005 Malicious marketplace uniting espionage, criminal groups, crackers, terrorism, vulnerable systems, commercial and government targets that highlighted the Chinese Titan Rain intrusion efforts and confirms "our experience that 'cyber-collection' far outranks cyberterrorism":

The black hat community attacking commercial and military targets is as large as it is diverse and global:

  1. State espionage against foreign commercial and military targets
  2. Criminal enterprises focused on money over fame or ideology
  3. Stateless terrorism and its associated criminal money raising campaigns (phishing for example)
  4. "Outsourced" smaller criminal enterprises in low cost, permissive cultures (who can fabricate exploits too labor intensive for more established criminal groups)
  5. Cracker groups selling exploits to groups 1, 2, and 3 directly or through brokers

The Chinese enshrined informationalization, the best definition of which is from the Double Tongued Dictionary, into its military doctrine in 2004:

Subsequent analysis has shown that the People's Liberation Army (PLA) pursues a similar outsourcing strategy in its IT (Information Technology) and IP (Intellectual Property) harvesting by using Chinese commercial entities as proactive agents, i.e., your contract engineering house or supplier is also the collector of your proprietary information [private briefing to clients].

In a DOD background briefing for the 2007 Military Power of the People’s Republic of China, a question was raised on "informationization, which sounds quite a bit like our network-centric. Would that be a correct assumption?"

DEFENSE DEPT. OFFICIAL: I would be hesitant to draw a direct parallel, but I think that certainly China's ideas on what informationization is would be informed by their understanding of network-centric warfare. I think when they say informationization, it's really their understanding of how information technology is now a pretty significant component of the modern battlefield. So it's, you know, intelligence, surveillance, reconnaissance, precision strike. So it's the role of information, information systems, information technology. So I'd probably say it's not a direct parallel.

Target Estonia, and only Estonia

Estonia ranks with Scandinavian states in its level of internet integration:

One of the most wired societies in Europe… Estonia has a large number of potential targets. The economic success of the tiny former Soviet republic is built largely on its status as an "e-society," with paperless government and electronic voting. Many common transactions, including the signing of legal documents, can be done via the Internet...

A massive DDoS (Distributed Denial of Service) attack against such a state had the potential to cripple it, incurring costs and interruptions, and raising the risk calculus of potential partners who might do business with it going forward. With Estonian-Russian relations already strained at best, an Estonian action to relocate a Soviet war memorial, the "Bronze Soldier," on 27 April triggered just such a series of attacks within hours. This attack is unique for its lack of criminal motive and the presence of a direct and identifiable nationalistic motive.

While specific Estonian ISPs have been under DDoS attack for months by the Allaple virus, the motive for those attacks are unclear. The April-May DDoS attacks, in contrast, are massive, immediately tied to causal condition and perpetrator(s). In a stroke, a state's electronic infrastructure was raised to the same level as its sovereign territory and airspace. Estonia's infrastructure - government, banking, ISPs, telecommunications and news agencies - was driven offline, almost completely outside of the Baltic states and Scandinavia.. The Estonian defense ministry ranked the attack on the nation as comparable to 11 September.

There was also precision in the attacks. While Estonia is both a NATO alliance member and an EU member, no NATO systems in Estonia were attacked.

Attack characteristics

Described as a "common-size attack" of 100-200 megabits per second, the Estonian attack is analogous to the Apolo Ohno attack in both size and nationalistic impetus; and similar in size to the 2006 rogue DNS server attack. "Multiple botnets and tools--both botnet-related and not botnet-related" were employed.

Though Estonia is generally cyber-wise, this attack demands substantial numbers of skilled technicians. Estonian ISPs are working with their international ISPs "that give them inbound traffic as well as the attack traffic" in order to push out traffic interdiction, identify root cause and isolate them. Expect changes in botnet locations and sources to retain attack vibrancy; Expect variations in sources, traffic and packet types.

Another 'characteristic' of the Estonian attack is its success; For a modest investment in botnets, the attacks have degraded Estonian commercial and governmental operations, registering an effective and highly visible protest. Governments, factions and corporations should expect copycat events. Much larger attacks, blended with multiple payload characteristics, are quite possible.

Stateless quality of active and passive cyber attacks

"If a member state's communications centre is attacked with a missile, you call it an act of war. So what do you call it if the same installation is disabled with a cyber-attack?" NATO Official

The better DDoS attacks and penetration attacks share a condition common to terrorist groups, namely statelessness, and with it the ambiguity of identifying the culpable state actor and the risk of targeting the innocent. A peer-to-peer botnet can go far in camouflaging its controller. Whereas the first wave of attacks on Estonia largely emanated from Russian servers, including those government, the second, larger series emanated from a global array of servers.

This stateless nature, in addition to the newness of active statewide cyber attacks, raises many questions that have yet to be codified in international law:

  • What is the cyber equivalent for the death of a nation's citizen?
  • How many of those units constitute grounds for cyber or military retaliation?
  • What is the variance between a cyber and military threshold response?
  • What level of proof is needed to secure international approval?
  • If an attack emanated from within a state, is it a sanctioned state action or a rump action by groups of its or other nationals?
  • What is the appropriate level of response, in kind or otherwise?
  • When does a cyber attack become indistinguishable from a conventional attack? (One might well ask when this question will be considered quaint and rendered moot.)

Answering these questions will not be easy as the international community has yet to formulate responses to lesser levels of cyber crime and terrorism, much less a massive cyber attack; Neither NATO or the EU have yet defined what constitutes a cyber attack.

US ability to withstand a major active cyber attack

If the federal government is seriously contemplating a 'cyber Pearl Harbor' threat, the unclass reporting and current asset deployment does not reflect it. Quite the opposite, the current US cyber warfare strategy is seen as "dysfunctional" and a "complete secret to everybody in the loop" by General James Cartwright, US Strategic Commander. Cartwright made this assessment:

  • Cyber warfare strategy divided among three groups: Net Warfare (attack and reconnaissance), Joint Task Force for Global Network Operations (network defense and operations) and Joint Information Operations Warfare Center (electronic warfare)
  • Groups operate independently with poor information sharing
  • Present DOD approach "developed ad-hoc" based on terminal defense, commences action "only after an attack, and takes weeks for a response
  • Result is a "passive, disjointed approach that undermines the military's cyberspace operations"
  • US not developing cyber intellectual capital at the required rate to address a tiered hierarchy of "hackers, criminals, and nation-states"
  • "DOD must move away from a network defense-oriented cyber architecture [while] cyber reconnaissance, offensive, and defensive capabilities must be integrated and leveraged for maximum effect"

As Cartwright was opining in early 2007, it does not give this author comfort that the first federal cyber war exercise, Cyber Storm, carried out in February 2006 had such a relatively positive outcome. (It is moments like this when I remember the counsel of a skilled practitioner who noted that any exercise presided over by political elites must be designed not to fail lest their stewardship be called into doubt.)

Cyber Storm was to provide a "controlled environment to exercise State, Federal, International, and Private Sector response to a cyber related incident of national significance" affecting "Energy, Information Technology (IT), Telecommunications and Transportation infrastructure sectors." My lack of comfort was not improved by the choice of attacker, a group of "anti-globalization radicals and peace activists" called the Worldwide AntiGlobalization Alliance (WAGA) instead of a substantive Hezbollah or al Qaeda effort, or better yet, the expected swarm attack of a Chinese or Russian cyber offensive. See Informationalization in Chinese military doctrine affects foreign commercial and military assets.

Were the stakes not so high, this lighthearted review might be funny:

The attack scenario detailed in the presentation is a meticulously plotted parade of cyber horribles led by a "well financed" band of leftist radicals who object to U.S. imperialism, aided by sympathetic independent actors… Apparently, no computers were harmed in the making of Cyber Storm. "There were no actual attacks on live networks, no Red Team," the presentation notes. "Players reacted to situation and incident reports according to their regular/normal SOPs." So it was more of a paper exercise. A referee points at someone and yells, "You! Your website is defaced. What do you do?" -- and the organization responds accordingly… And on it goes, with over 800 scenario "injects" over four action-packed days.

Having spun scenarios without limit, Cyber Storm's "Overarching Lessons Learned" offer painful parallels to each of the TOPOFF series simulating large-scale terrorist attacks involving biologic, chemical and radiological WMDs ("diseases are fearsome, hospitals and first responders are overwhelmed, interagency and intra-agency coordination is pummeled while communications in the form of multiple control centers, numerous liaisons, and increasing numbers of response teams merely complicate the emergency response effort"). See Bioterrorism Drill TOPOFF 2 -- Failing to think like al Qaeda & relearning old lessons and Katrina as an "incident of national significance" puts the lie to DHS scenario planning for terrorist event preparation.

Who could be surprised by these lessons learned? They could describe any large bureaucracy under stress, perhaps even their daily environment:

  • Correlation of multiple incidents is challenging at all levels:
    • Within enterprises / organizations
    • Across critical infrastructure sectors
    • Between states, federal agencies and countries
    • Bridging public private sector divide
  • Communication provides the foundation for response
  • Processes and procedures must address communication protocols, means and methods
    • Collaboration on vulnerabilities is rapidly becoming required
    • Reliance on information systems for situational awareness, process controls and communications means that infrastructures cannot operate in a vacuum
  • Coordination of response is time critical
    • Crosssector touch points, key organizations, and SOPs must be worked out in advance
    • Coordination between publicprivate sectors must include well articulated roles and responsibilities

A way forward

USAF (Air Force) is undertaking what I believe is some long overdue consolidation, removing all ISR (intelligence, surveillance and reconnaissance) from the operations community and consolidating them under the intelligence directorate (A2), and standing up a Cyber Command based on 8th Air Force infrastructure capable of seeing "Cyberspace [as] a fighting domain where the principles of war do apply."

If the US was confronted with a major cyber attack against critical IT infrastructure, DoD is said to be "prepared, based on the authority of the president, to launch a cyber counterattack or an actual bombing of an attack source" but I am not sanguine. "The primary group responsible for analyzing the need for any cyber counterstrike is the National Cyber Response Coordination Group (NCRCG)" whose key members are US-CERT, DoJ and DoD. But it appears that a coordinated response remains a work in progress:

The NCRCG's three co-chairs acknowledge it’s not simple coordinating communications and information-gathering across government and industry even in the best of circumstances, much less if a significant portion of the Internet or traditional voice communications were suddenly struck down. But they asserted the NCRCG is "ready to stand up" to confront a catastrophic cyber-event to defend the country.

I think it accurate to say that interagency coordination and response, together with coordination with the private sector who manages much of US IT infrastructure, has yet to be tested; Cyber Storm's next event should inject realism over rainbow scenarios. At the moment, US Strategic Command will issue a counterattack recommendation to POTUS:

In the event of a massive cyberattack against the country that was perceived as originating from a foreign source, the [US] would consider launching a counterattack or bombing the source of the cyberattack [but] the preferred route would be warning the source to shut down the attack before a military response.

Given that initiating a cyber counter-counterattack will currently violate the Computer Fraud and Abuse Act, we have a long road ahead.

Double Tongued Dictionary
Note: The Double-Tongued Dictionary is useful to readers of Asian issues in particular as it "records undocumented or under-documented words from the fringes of English, with a focus on slang, jargon, and new words [that are] absent from, or are poorly covered in, mainstream dictionaries."

War Fears Turn Digital After Data Siege in Estonia
New York Times
May 29, 2007

Cyberattack in Estonia--what it really means
Arbor Networks' Jose Nazario takes stock of the denial-of-service attack against the Baltic nation--and the wider implications.
By Robert Vamosi

May 29, 2007, 4:00 AM PDT

Air Force examines its vulnerability to cyberattack
BY Sebastian Sprenger
May 29, 2007

Feds take 'cyber Pearl Harbor' seriously
BY Jason Miller
Published on May 28, 2007

China Crafts Cyberweapons
The Defense Department reports China is building cyberwarfare units and developing viruses.
Sumner Lemon
IDG News Service
May 28, 2007 10:00 AM PDT

DoD: China seeking to project military power
By William H. McMichael - Staff writer
Marine Times
Posted : Friday May 25, 2007 16:11:31 EDT

DoD Background Briefing with Defense Department Officials at the Pentagon
Presenter: Defense Department Officials May 25, 2007
[No attribution, comments for background only]
[Subject was the 2007 China Military Power Report]
News Transcript On the Web
Office of the Assistant Secretary of Defense (Public Affairs)
US Department of Defense
May 25, 2007

Military Power of the People’s Republic of China
Office of the Secretary of Defense

Cyber Assaults on Estonia Typify a New Battle Tactic
By Peter Finn
Washington Post
May 19, 2007

Estonian DDoS Attacks - A summary to date
by Jose Nazario
Security to the Core
Posted on Thursday, May 17, 2007

NATO concerned over cyber attacks on Estonia, possible impact on alliance
Associated Press/IHT
May 17, 2007

Estonia urges firm EU, NATO response to new form of warfare: cyber-attacks
AFP/Sydney Morning Herald
May 16, 2007 - 12:05PM

Russia accused of unleashing cyberwar to disable Estonia
· Parliament, ministries, banks, media targeted
· Nato experts sent in to strengthen defences
Ian Traynor in Brussels
May 17, 2007
The Guardian

A cyber-riot
The Economist
May 10, 2007

INFORMATION SECURITY: Persistent Weaknesses Highlight Need for Further Improvement
Testimony Before the Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology, Committee on Homeland Security, House of Representatives
Statement of Gregory C. Wilshusen and David A. Powner
April 19, 2007

Black Hat: Botnets Go One-on-One
Kelly Jackson Higgins
Dark Reading
FEBRUARY 22, 2007

Cartwright: Cyber warfare strategy ‘dysfunctional’
BY Josh Rogin
Published on Feb. 9, 2007

RSA - US cyber counterattack: Bomb one way or the other
Ellen Messmer
vrijdag 9 februari 2007

Blue Force Tracker for cyberspace?
BY Josh Rogin
Jan. 25, 2007

Air Force to reorganize intell community
BY Josh Rogin
Published on Jan. 12, 2007

When Hippies Turn to Cyber Terror
By Kevin Poulson
Wired Blog 27B Stroke 6
August 15, 2006 | 12:27:58 AM

Report: Hackers engage in vulnerability auctions
BY Rutrell Yasin
July 12, 2006

National Cyber Exercise: Cyber Storm
National Cyber Security Division
New York City Metro ISSA Meeting
June 21, 2006

Military Power of the People’s Republic of China
Office of the Secretary of Defense

Risk management critical for FISMA success
Experts say IGs, execs must agree on common enforcement and audits
BY Michael Arnone
March 13, 2006

China Investing in Information Warfare Technology, Doctrine
By Kathleen T. Rhem
American Forces Press Service
July 20, 2005

The Military Power of the People’s Republic of China
Office of the Secretary of Defense

Gordon Housworth

Cybersecurity Public  InfoT Public  Infrastructure Defense Public  Intellectual Property Theft Public  Risk Containment and Pricing Public  Strategic Risk Public  Terrorism Public  


  discuss this article

Informationalization in Chinese military doctrine affects foreign commercial and military assets


Informationalization, the computerization of business, industry, and military, has entered Chinese military thinking in earnest, affecting both foreign commercial and military assets. US and EU commercial assets have already suffered serious predation from Chinese military assets and Chinese commercial assets operating under military direction.

In the absence of a US counter-cyber warfare strategy, Chinese IT technologists enter all but the most secure US systems, exceeding the limits of passive examination and surveillance. Naval Network Warfare Command (Netwarcom) and others observe:

  • Chinese attacks "far outstrip other attackers in terms of volume, proficiency and sophistication, [the conflict having] reached the level of a campaign-style, force-on-force engagement"
  • "Motives of Chinese hackers run the gamut, including technology theft, intelligence gathering, exfiltration, research on DOD operations and the creation of dormant presences in DOD networks for future action"
  • Chinese employ complex, parallel attacks including using a virus plant "as a distraction and then come in "slow and low" to hide in a system while the monitors are distracted... spear phishing, sending deceptive mass e-mail messages to lure DOD users into clicking on a malicious URL, [and innovative implementations] of more traditional hacking methods, such as Trojan horse viruses and worms"
  • Attacks are so deliberate, "it's hard to believe it's not [Chinese] government-driven"

Shifting from 'passive' to active cyberwarfare, the PRC intends to "be able to win an "informationized war"" by 2050. Where technology continues to outstrip policy, the advantage goes to the agile able to pierce regulatory and technical barriers.

In reverse order, I have gathered together the pertinent information warfare snippets from the 2007, 2006 and 2005 annual Military Power of the People's Republic of China that outline the significant leaps made by China in both conceptual thinking and implementation:


The 2007 Military Power of the People's Republic of China cites active and passive Chinese cyberwarfare in two chapters:

Chapter Four, Force Modernization Goals and Trends:

Information Warfare. There has been much writing on information warfare among China's military thinkers, who indicate a strong conceptual understanding of its methods and uses. For example, a November 2006 Liberation Army Daily commentator argued:

[The] mechanism to get the upper hand of the enemy in a war under conditions of informatization finds prominent expression in whether or not we are capable of using various means to obtain information and of ensuring the effective circulation of information; whether or not we are capable of making full use of the permeability, sharable property, and connection of information to realize the organic merging of materials, energy, and information to form a combined fighting strength; [and,] whether or not we are capable of applying effective means to weaken the enemy side's information superiority and lower the operational efficiency of enemy information equipment.

The PLA is investing in electronic countermeasures, defenses against electronic attack (e.g., electronic and infrared decoys, angle reflectors, and false target generators), and computer network operations (CNO). China's CNO concepts include computer network attack, computer network defense, and computer network exploitation. The PLA sees CNO as critical to achieving "electromagnetic dominance" early in a conflict. Although there is no evidence of a formal Chinese CNO doctrine, PLA theorists have coined the term "Integrated Network Electronic Warfare" to prescribe the use of electronic warfare, CNO, and kinetic strikes to disrupt battlefield network information systems.

The PLA has established information warfare units to develop viruses to attack enemy computer systems and networks, and tactics and measures to protect friendly computer systems and networks. In 2005, the PLA began to incorporate offensive CNO into its exercises, primarily in first strikes against enemy networks.

Chapter Six, Force Modernization and Security in the Taiwan Strait:

Beijing's Courses of Action Against Taiwan

Limited Force Options. A limited military campaign could include computer network attacks against Taiwan's political, military, and economic infrastructure to undermine the Taiwan population's confidence in its leadership. PLA special operations forces infiltrated into Taiwan could conduct acts of economic, political, and military sabotage. Beijing might also employ SRBM, special operations forces, and air strikes against air fields, radars, and communications facilities on Taiwan as "nonwar" uses of force to push the Taiwan leadership toward accommodation. The apparent belief that significant kinetic attacks on Taiwan would pass below the threshold of war underscores the risk of Beijing making a catastrophic miscalculation leading to a major unintended military conflict.


This is consistent with the 2006 Military Power of the People's Republic of China which described Chinese IT warfare preparation as follows:

Chapter Five, Force Modernization Goals and Trends:

Formation of Information Warfare Reserve and Militia Units

The Chinese press has discussed the formation of information warfare units in the militia and reserve since at least the year 2000. Personnel for such units would have expertise in computer technology and would be drawn from academies, institutes, and information technology industries. In 2003, an article in a PLA professional journal stated "coastal militia should fully exploit its local information technology advantage and actively perform the information support mission of seizing information superiority."

Militia/reserve personnel would make civilian computer expertise and equipment available to support PLA military training and operations, including "sea crossing," or amphibious assault operations. During a military contingency, information warfare units could support active PLA forces by conducting "hacker attacks" and network intrusions, or other forms of "cyber" warfare, on an adversary's military and commercial computer systems, while helping to defend Chinese networks.

The PLA is experimenting with strategy, doctrine, and tactics for information warfare, as well as integrating militia and reserve units into regular military operations. These units reportedly participate with regular forces in training and exercises.

Exploiting Information Warfare

The PLA considers active offense to be the most important requirement for information warfare to destroy or disrupt an adversary's capability to receive and process data. Launched mainly by remote combat and covert methods, the PLA could employ information warfare preemptively to gain the initiative in a crisis.

Specified information warfare objectives include the targeting and destruction of an enemy's command system, shortening the duration of war, minimizing casualties on both sides, enhancing operational efficiency, reducing effects on domestic populations and gaining support from the international community.

The PLA's information warfare practices also reflect investment in electronic countermeasures and defenses against electronic attack (e.g., electronic and infrared decoys, angle reflectors, and false target generators.

Computer Network Operations. China's computer network operations (CNO) include computer network attack, computer network defense, and computer network exploitation. The PLA sees CNO as critical to seize the initiative and achieve "electromagnetic dominance" early in a conflict, and as a force multiplier. Although there is no evidence of a formal Chinese CNO doctrine, PLA theorists have coined the term "Integrated Network Electronic Warfare" to outline the integrated use of electronic warfare, CNO, and limited kinetic strikes against key C4 nodes to disrupt the enemy's battlefield network information systems. The PLA has established information warfare units to develop viruses to attack enemy computer systems and networks, and tactics and measures to protect friendly computer systems and networks. The PLA has increased the role of CNO in its military exercises. For example, exercises in 2005 began to incorporate offensive operations, primarily in first strikes against enemy networks.


The 2005 Military Power of the People's Republic of China identified Informationalization as a key element of Chinese Military Doctrine in all its aspects:

Developments in Chinese Military Doctrine

  • China's latest Defense White Paper deployed authoritatively a new doctrinal term to describe future wars the PLA must be prepared to fight: "local wars under conditions of informationalization." This term acknowledges the PLA's emphasis on information technology as a force multiplier and reflects the PLA's understanding of the implications of the revolution in military affairs on the modern battlefield.
  • The PLA continues to improve its potential for joint operations by developing a modern, integrated command, control, communications, computers, intelligence, surveillance, and reconnaissance (C4ISR) network and institutional changes.
  • During 2004, the PLA began to integrate military and civilian suppliers in the procurement system and outsourced a number of previously military jobs to civilian industry. The PLA is placing greater emphasis on the mobilization of the economy, both in peacetime and in war, to support national defense...

Perceptions of Modern Warfare and U.S. Defense Transformation

China observes closely foreign military campaigns and defense modernization initiatives. The United States factors heavily in these observations as a model of how a modern military engages in modern warfare. China draws from U.S. military operations by adopting or emulating lessons in some areas, and in others, by identifying exploitable vulnerabilities in potential high-tech adversaries. In addition, U.S. defense transformation, as demonstrated by recent U.S. operations, has highlighted to China the expanding technological gap between modern military forces and those of developing countries. The 2004 Defense White Paper identifies the "technological gap resulting from the revolution in military affairs" as having a "major impact on China's security." These concerns have prompted China's leaders, including President Hu Jintao, to order the PLA to pursue "leap ahead" technologies and "informationalized" capabilities to increase the mobility, firepower, and precision of PLA weapons and equipment.

Operation DESERT STORM (1991) was a primary motivator behind China's efforts to prepare for future warfare. The PLA noted that the rapid defeat of Iraqi forces revealed how vulnerable China would be in a modern war. The Gulf War drove the PLA to update doctrine for joint and combined operations to reflect modern warfare and to accelerate reform and modernization. The Gulf War also spurred PLA debates on the implications of the revolution in military affairs, and led China to seek modern C4ISR and to develop new information warfare, air defense, precision strike, and logistics capabilities...

Observations of Operation IRAQI FREEDOM
In May 2003, PLA Deputy Chief of the General Staff Xiong Guangkai authored an article assessing the broad implications of Operation IRAQI FREEDOM for Chinese assessments of modern war. Some of his more salient observations follow:
-- On gleaning lessons from coalition operations: ". . . the trend of new military changes is developing rapidly in the world, and the recent Iraq war has reflected this trend. We should not only profoundly research and analyze this trend but also actively push forward military changes with Chinese characteristics according to our country's actual conditions." ...

Dougle Tongued Dictionary
Note: The Double-Tongued Dictionary is useful to readers of Asian issues in particular as it "records undocumented or under-documented words from the fringes of English, with a focus on slang, jargon, and new words [that are] absent from, or are poorly covered in, mainstream dictionaries."

China Crafts Cyberweapons
The Defense Department reports China is building cyberwarfare units and developing viruses.
Sumner Lemon
IDG News Service
May 28, 2007 10:00 AM PDT

DoD: China seeking to project military power
By William H. McMichael - Staff writer
Marine Times
Posted : Friday May 25, 2007 16:11:31 EDT

DoD Background Briefing with Defense Department Officials at the Pentagon
Presenter: Defense Department Officials May 25, 2007
[No attribution, comments for background only]
[Subject was the 2007 China Military Power Report]
News Transcript On the Web
Office of the Assistant Secretary of Defense (Public Affairs)
US Department of Defense
May 25, 2007

Military Power of the People's Republic of China
Office of the Secretary of Defense

Cyber officials: Chinese hackers attack 'anything and everything'
BY Josh Rogin
Published on Feb. 13, 2007

Military Power of the People's Republic of China
Office of the Secretary of Defense

The Military Power of the People's Republic of China
Office of the Secretary of Defense

Gordon Housworth

Cybersecurity Public  InfoT Public  Infrastructure Defense Public  Intellectual Property Theft Public  Risk Containment and Pricing Public  Strategic Risk Public  Terrorism Public  


  discuss this article

Think Dust Bowl and California, or Black Death and London, not Katrina and Texas, in response to pandemic migration


In an ongoing discussion of pandemic preparation (see State of H5N1 Avian flu (Un)preparedness), I'd flagged The science of New Orleans: Getting out of town alive as pointing to similar demands on those attempting to avoid pandemic hotspots, to which a colleague asked, "Do you envision an evacuation as a response to Avian Flu? Would we be safer to hunker down or head out to our vacation cottage or at Aunt Myra's in East Fork? Is this what we mean by social distancing?

Replied that I do not envision "an evacuation" as in a single or large scale federally sponsored event but rather an uncontrolled series of evacuations large and small initiated by individuals and heads of families. Nations do not evacuate willingly for many of the reasons we saw in Katrina:

  • Protracted political decision process between federal and state to evacuate
  • Insuring mechanics of arranging personnel and assets to perform the evacuation
  • Siting in-transit provisioning of assets such as gas, food and restrooms
  • Willing state or federal recipients at the evacuation terminus
  • Arranging return of evacuees
  • Ability to do some or all of the above under emergency or crisis conditions

I wrote a Katrina series in 2005 of which part 2, Repeating systemic faults of Katrina in Ritaimpacts this conversation:

In an attempt to avoid a repeat of the mistakes of Katrina (here, here and here) that left local authorities and police with little choice but to break the law in order to do their job, FEMA calls for mass evacuations from threatened coastal areas. With an estimated 1.8 million or more Texas and Louisiana residents under evacuation orders, hundreds of thousands of Houston residents attempted to move inland, primarily north and west, in what quickly became mass gridlock crawling at 'hours per mile' instead of miles per hour. Apparently no one thought of the secondary and tertiary effects of setting such mass flight in progress.

The triggering call in a pandemic may not be a FEMA call but an accumulation of smaller events that may escape federal and state notice until people are in motion. My first assumption is that, all things considered, motion will be a mixture of reflex, custom, history and access. A colleague's comment about retiring to the vacation cottage is an example as might be the historic Boston notion of sending its women and children north and west to higher elevation in order to escape the summer ills.

Katrina was an example of federal fecklessness and ultimate state assumption of responsibility. Consider the consequences if, for example, Texas had refused rather than facilitated evacuation and resettlement of Katrina evacuees. In the case of Katrina, by the time an organized evacuation was underway of those who could not leave of their own volition, the evacuees were seen as disadvantaged, generally poor and not in peak health, but not thought of as diseased and infectious.

In case of a pandemic, think 1930s Dust Bowl rather than Katrina where individual family migrations were intercepted and turned back, by force if necessary. Substitute California for Texas:

The Dust Bowl exodus was the largest migration in American history. By 1940, 2.5 million people had moved out of the Plains states; of those, 200,000 moved to California. When they reached the border, they did not receive a warm welcome, as described in this 1935 excerpt from Collier's magazine. "Very erect and primly severe, [a man] addressed the slumped driver of a rolling wreck that screamed from every hinge, bearing and coupling. 'California's relief rolls are overcrowded now. No use to come farther,' he cried. The half-collapsed driver ignored him -- merely turned his head to be sure his numerous family was still with him. They were so tightly wedged in, that escape was impossible. 'There really is nothing for you here,' the neat trooperish young man went on. 'Nothing, really nothing.' And the forlorn man on the moaning car looked at him, dull, emotionless, incredibly weary, and said: 'So? Well, you ought to see what they got where I come from.' "

The Los Angeles police chief went so far as to send 125 policemen to act as bouncers at the state border, turning away "undesirables". Called "the bum brigade," by the press and the object of a lawsuit by the American Civil Liberties Union, the LAPD posse was recalled only when the use of city funds for this work was questioned...

As roadside camps of poverty-stricken migrants proliferated, growers pressured sheriffs to break them up. Groups of vigilantes beat up migrants, accusing them of being Communists, and burned their shacks to the ground.

Had not Roosevelt intervened, things could have become much worse, much as they did in England during its plague epidemics:

In 1563, London experienced another outbreak of plague, considered one of the worst incidences of plague ever seen in the city. The bubonic plague took almost 80,000 lives, between one quarter and one third of London's population at that time. Statistics show that 1000 people died weekly in mid August , 1600 per week in September, and 1800 per week in October.

Fleeing form the cities and towns was common, especially by wealthy families who had country homes. Queen Elizabeth I was no exception. She took great precaution to protect herself and the court from plague. When plague broke out in London in 1563, Elizabeth moved her court to Windsor Castle. She erected gallows and ordered that anyone coming from London was to be hanged. She also prohibited the import of goods as a measure to prevent the spread of plague to her court.

Later, in 1578, when plague broke out once again, Elizabeth took action. This time she ordered physicians to produce cures and preventative medicine. Also, most public assemblies were outlawed. All taverns, plays, and ale-houses were ordered closed.

Many smaller villages and hamlets imitated court practice, barricading themselves against travelers. Despite this resistance, people moved then and will do so in a current pandemic, i.e., some people will move in an attempt to better their condition while others will see their betterment in obstructing that movement. I also look to series such as SAMP (Southern African Migration Project) for xenophobic responses to migration. (See here and here.) Van Heerden, for example, has an interesting diagram of factors influencing "disease, fatalities, injuries, epidemiology, toxicoligy, sociology and environmental health" in COASTAL LAND LOSS: HURRICANES AND NEW ORLEANS that I would like to see adapted to pandemic evacuation.

The nature of a pandemic will transmogrify in unpredicted ways that defy pat scenario response analysis, but that does not mean that federal and state entities should consider the impacts of evacuations that degrade transportation arteries that are otherwise assumed open to state/federal initiatives to deal with a pandemic.

The travel page (with links to state pages) of the Department of Health and Human Services (HHS) Pandemic Flu page is about as helpful as it gets. A cursory read shows the need for thoughtful individual and community effort as it is unlikely that federal assets will be uniformly available to respond to support requests. See The Need For Personal And Community Preparedness, Preparing for Persuasion and Lessons From Katrina.

The travel industry is planning; the American Hotel & Lodging Association (AH&LA) is one member of the travel community that is already thinking about a flu pandemic, and well they should, as their members will on the front lines of dislocated travelers:

AH&LA is tracking this issue very closely and providing members with the most current information available... AH&LA's Loss Prevention Committee is coordinating with government agencies on industry-wide efforts. AH&LA has established contact with key leaders at HHS and other departments to ensure members have all the tools and information they need to ensure the safety of employees and guests in the event that the worst-case scenario develops. While it is impossible to predict when a pandemic will strike, having a plan in place before that happens is the best way to minimize disruptions at your property... Crafting a plan for a flu pandemic is critical to any hotel's emergency preparedness efforts, and now is the time to develop those plans-before final warning signs are detected.

Preparing for Persuasion
Posted by Nedra Weinreich
Pandemic Flu Leadership Blog May 22-June 27
Posted May 25, 2007 at 7:28 am

Lessons From Katrina
Posted by Albert Ruesga
Pandemic Flu Leadership Blog May 22-June 27
Posted May 25, 2007 at 12:55 pm

The science of New Orleans: Getting out of town alive
Posted by Harry Fuller
May 23, 2007 2:51 PM PDT

The Need For Personal And Community Preparedness
Posted by Greg Dworkin
Pandemic Flu Leadership Blog May 22-June 27
Posted May 21, 2007 at 5:46 pm

Unmasking the 1918 Influenza Virus: An Important Step Toward Pandemic Influenza Preparedness
Anthony S. Fauci, Julie L. Gerberding
National Institutes of Health, Centers for Disease Control and Prevention
October 5, 2005

Ivor Ll. van Heerden, Director and Ahmet Binselam, GIS Supervisor
Center for the Study of Public Health Impacts of Hurricanes
Louisiana State University
20 July 2004


Ivor L. van Heerden, Ph.D.
Center for the Study of Public Health Impacts of Hurricanes
LSU Hurricane Center, Louisiana State University, Baton Rouge, LA
July 2004

HIV/AIDS and Children's Migration in South Africa
Migration Policy Series No. 33
Series Editor: Jonathan Crush
Southern African Migration Project (SAMP)

Regionalizing Xenophobia? Citizen Attitudes to Immigration and Refugee Policy in Southern Africa
Migration Policy Series No. 30
Series Editor: Jonathan Crush
Southern African Migration Project (SAMP)

Surviving the Dust Bowl
written and produced by Chana Gazit
co-produced and edited by David Steward
The American Experience, WGBH Boston, Mass.

Gordon Housworth

InfoT Public  Infrastructure Defense Public  Risk Containment and Pricing Public  Strategic Risk Public  


  discuss this article

Generic elements and process of a Design Basis Threat (DBT) protection system


Part 1, Structured IT risk remediation: Integrating security metrics and Design Basis Threat to overcome scenario spinning and fear mongering

An international design basis threat (DBT)

The aftermath of the 11 September attack brought renewed urgency to US, EU and Russian efforts to strengthen physical protection of nuclear materials and all nuclear facilities, power and weapons. While Sandia's Jim Blankenship noted that a "Design Basis Threat (DBT) has been used by the United States since the 1970s as the basis for the design and evaluation of a nuclear facility’s physical protection system and as a standard for comparison as the threat changes", the DBT was too often scenario-based rather than procedural - a condition not challenged until the Khobar Towers attack. From Multisourcing: belated recovery of forgotten first principles, part 2:

Scenario-based responses are dangerously omissive, driving clients to extraordinary cost and diversion, often without merit, but is prevalent in part because it is simple. It requires no procedural rigor or grounding in fact, only the ability to ask "What if?" endlessly, yet is virtually ineffective for deferring, deflecting, or interdicting an adversary's preparation.

Witness the events of the July 2005 mass transit bombings in London where the UK had had a thirty-year history of dealing with a variety of terrorist attacks and bombings, the "scenario" and "lessons learned" from the earlier transit attacks in Madrid, Spain, were well-known, yet proved little benefit to the British in interdicting the London attacks of July 2005.

Scenario-spinning has no logical end and provides no threat assessment, vulnerability assessment, or risk assessment that would normally be enshrined in a firm’s Governance Model.

Scenarios were an Army staple until the terrorist truck bomb attack along the northern perimeter of Khobar Towers, Dhahran, Saudi Arabia, on June 25, 1996. (Khobar Towers was a facility housing U.S. and allied forces supporting Operation SOUTHERN WATCH, coalition air operations over Iraq.) The report by Wayne A. Downing, General, U.S. Army (Retired) which has become known as the Downing Report (Introductory Letter, Preface and Report), reinvigorated the uphill effort to substitute procedurally consistent threat and vulnerability analyses in place of scenario generation.

Without guiding bounds, scenarios proliferate endlessly, often crippling most well-intended, protective efforts (paralysis by analysis). Defenders must define a coherent view of their risk tolerance before they can craft a response strategy that can reasonably and consistently respond to the threats on offer.

Rising from efforts at Sandia, DoE and the NRC, the "IAEA desired an international approach for a DBT methodology that could be offered to all Member States." By 2002 member states had agreed upon a DBT "international standard model" that reconciled varying approaches as to where "risk" was accommodated.

The DBT has become the basis for the design of the physical protection system (PPS), the evaluation of a PPS under assault and the means to document and absorb future threats. Within this framework, each state can modify "the DBT process to better accommodate their culture, the technical resources of their facilities and authorities, and their regulatory frameworks."

Blankenship paints the need for DBT in bold relief:

  1. If the facility does not know who the adversaries may be and what the adversaries’ resources may be, then the design of the [protection system] probably is inaccurate...
  2. Without a DBT, the evaluator has no objective measure for evaluating the effectiveness of the  [protection system]. This lack could lead to inconsistent evaluations...
  3. [Changes] could not be documented, and in fact might not even be noticed, if there were not a standard DBT created at some point in time, against which the future threats are compared...

Nine steps were recommended for developing, using, and maintaining a DBT:

  1. Identify Roles and Responsibilities of all Organizations
  2. Develop Operating Assumptions for Use with the DBT
  3. Identify the Range of Potential Generic Adversary Threats
  4. Identify an Extensive List of Threat Characteristics
  5. Identify Sources of Threat-related Information
  6. Analyze and Organize Threat-related Information
  7. Develop Threat Assessment and Gain Consensus
  8. Create a National DBT
  9. Introduce the DBT into the Regulatory Framework

The outcome of the first six steps [is] the Threat Assessment (TA) document, which contains a description of the full range of credible threats to the nuclear facilities in the State… This TA is then sent to the competent authority, which implements the State’s regulatory framework and sets policy for the physical security provisions in the State. The competent authority evaluates the risks associated with the DBT, the consequences of a successful attack by the DBT, and the probability of such an attack. The agency knows the State resources that are available or could be made available to counter the DBT. This agency then reduces the threat assessment document to incorporate the risk that the state is willing to accept. This produces a Design Basis Threat (DBT) statement against which the facilities must protect and against which they will be evaluated by the State competent authority.

Redrawing Blankenship's model for added clarity:

Generic elements of a DBT protection system

Axel Hagemann, a GRS (Gesellschaft für Anlagen und Reaktorsicherheit mbH) representative to IAEA undertook a description of DBT for IAEA member states in DBT - Basis for developing a European physical protection concept. Hagemann's DBT procedural descriptions for a state implementation are noted in its appendix which I have attempted to generalize for a corporate setting without losing Hagemann's original presentation model.

The result of Blankenship's threat assessment enters in box 1, having documented an analysis of the credible motivations, intentions, and capabilities of potential adversaries that could cause undesirable consequences:

Generic Elements of a DBT Protection System

The consequences represented in box 2 are defined as the potential level of impact on the interests of the public, nation, key interest groups, and possibly the international community. Consequences could be defined in relation to the class of event derived from end-items. The concern on potential consequences will influence policy of the decision making process in the development of a DBT. This decision making process is represented in diamond 3, which represents the Governance committee’s responsibility to decide with the definition of a DBT on the level of protection. The decision making process represented by diamond 3 can include technical, resource, administrative and political concerns. This reduces the influence of emotions on the concern and opens provides opportunities to adjust existing definitions of the DBT.

The key elements in the creation of a DBT are threat assessment and decision making considering potential consequences. Threat assessment and decision-making are separate and different processes even though in practice they may be carried out simultaneously. The threat assessment process, and the document that describes the conclusions, scopes all the realistic and credible threats that the Governance committee needs to consider.

Some threats may not be manageable in terms of a DBT because some aspects of the protection system fall outside the responsibility of the Governance committee. These threats are described as being out of scope of the DBT, i.e., "Outside DBT" does not necessarily describe a magnitude of threat above that described in the DBT, but can describe threats that are inappropriate to include in a DBT.

Those threats still need to be accounted for and either ruled out of scope or other competent authorities need to be involved to define a response. The diamond 13 represents this additional decision making process for which the Governance committee is responsible. The decisions symbolized by diamond 13 could be of high relevance if new concepts emerge that were not included in the design basis. The goal is to achieve a process which results in achieving acceptable risk, box 14. The Governance committee can, as available, draw on external agencies for provide intelligence and data to support creation of the Threat Assessment and maintenance of the DBT.

The protection definition shown in box 6 must be designed against the DBT and will be evaluated by the Governance committee using the definition of the DBT. Protection objectives will be specific for the items transiting the system. The security functions in box 8, detection, deter, deflect, defend and recovery must be defended against the DBT.

Responses may be graded or immediate depending upon the current evaluation of the threat, the relative attractiveness and potential of items and the potential consequences associated with diversion of that item. The requirements on the security function "Deter" can vary depending on the desired response time, response capability and method.

Process steps

Threat assessment (box 1): An analysis documenting the credible motivations, intentions, and capabilities of potential adversaries that could cause undesirable consequences from diversion of end-items. The result of the threat assessment process describes the credible threats.

Consequences (box 2): The potential level of impact on the interests of the public, nation, key interest groups, and possibly international community.

Decision process (diamond 3): Consideration of the results of the threat assessment, the consequences and the policy leads to definition of the DBT. The corporate Governance committee coordinates the development of a DBT and is responsible for its maintenance.

Outside DBT (box 4): Describes those threats identified in the Threat Assessment that will not be included in the DBT, but still remain as a credible threat. Threats outside the DBT must be considered and ruled out of scope and indefensible or an external authority must be involved to complete the mediation required by the DBT.

Design Basis Threat – DBT (box 5): Describes the attributes and characteristics of potential insider and external adversaries who might attempt acquisition of items deemed sensitive, and against whom a protection system has been designed and evaluated.

Protective envelope (box 6): Describes the total protection against unauthorized acquisition or diversion and will likely require a design that includes procedures, facility design, and hardware.

Specific protection objectives (box 7): Describes the means of protecting items that are moving through the system, and all other items defined as having some risk.

Specific responses (box 8): Describes methods to "Detect" or "Defer" an acquisition of an item or to invoke emergency containment responses as appropriate under the DBT.

Vulnerability assessment and capacity evaluation (box 9): A test of the system’s ability to respond to both the DBT and ongoing threats "in the wild".

Decision process (diamond 10): Represents internal decisions made during the design or evaluation of the protection process to include an evaluation as to whether the specific objectives are achieved. This decision box includes any decision regarding improvement, redesign or post damage crisis management.

Crisis management (box 11): Describes an internal post-incidence damage control in response to an undesired acquisition of an item.

Internal emergency response (box 12): Describes actions required to mitigate an inadvertent breach or loss of control of an item.

Decision process (diamond 13): Describes a process under which the Governance committee achieves an acceptable level of risk for all items in the DBT.

Acceptable Risk (box 14): Defines acceptable risk in which the term "risk" is used as the likelihood that a threat will be able to affect an undesirable consequence. Risk can be reduced but not eliminated. All the judgments and decisions imply an acceptance of a degree of risk.

External competent authority (diamond 15): Describes how to respond to credible threats not included in the DBT. (The DBT may be revised or extended in this process.)

External authority responsibility (box 16): Describes a class of external action, protection or assistance taken by external authority.

External authority response (box 17): Describes external authority response in support of the corporation.

External security (box 18): Describes measures taken by external authority in support of corporation that acknowledge a credible threat as External to the DBT. Any such measures are made in concert with internal emergency response measures.

Use of Design Basis Threat at Department of Energy

It is instructive to consider one of the best practitioners of the Design Base Threat and Vulnerability Assessment process, the Department of Energy (DOE). DOE is also remarkable in its rigor, and among the few in and out of government that reject a scenario based ‘threat’ definition.

The key component of DOE’s risk-based security practices is the DBT, a classified set of characteristics of potential threats to DOE assets. The DBT traditionally has been based on the Postulated Threat, a classified, multi-agency intelligence community assessment of potential terrorist threats. The DOE DBT considers external threats that include terrorists, criminals, psychotics, disgruntled, employees, violent activists, and spies. The DBT also considers internal threats by insiders who have authorized unescorted access within DOE facilities and programs. These insiders may operate alone or in concert with an adversary group, and are routinely considered to provide assistance to a terrorist group noted in the DBT. The DOE generally considers the threat of terrorist groups to be the most demanding threat contained in its DBT.

For over a decade, DOE has employed a risk management approach that seeks to direct resources to its most critical assets (Category I special nuclear material) while mitigating the risks to these assets to an acceptable level. Levels of risk are derived from a mathematical equation that compares a terrorist group’s capabilities with the overall effectiveness of the crucial elements of the site’s protective forces and systems, and then assigned classified numerical values.

DOE counters its terrorist threats noted in the DBT with a multilayered protective system. While specific measures may and do vary among sites, all DOE protective systems at the most sensitive sites employ a in-depth defense that includes sensors, physical barriers, hardened facilities and vaults, and heavily armed paramilitary protective forces equipped with such items as automatic weapons, night vision equipment, body armor, and chemical protective gear. The effectiveness of the protective system is formally and regularly examined through vulnerability assessments.

A vulnerability assessment is a systematic evaluation process in which qualitative and quantitative techniques are applied to detect vulnerabilities and arrive at effective protection of specific assets. To conduct these assessments, DOE uses subject matter experts (SMEs), computer simulated attacks, and force-on-force performance testing in which the site’s protective forces undergo simulated attacks by a group of mock terrorists.

Assessment results are documented at each site in a classified document known as the Site Safeguards and Security Plan which, in addition to identifying known vulnerabilities, risks, and protection strategies for the site, it formally acknowledges how much risk the contractor and DOE are willing to accept.

Historically, DOE has strived to keep its most critical assets at a low risk level and may insist on immediate compensatory measures should a significant vulnerability develop that increases risk above a low risk level. Through a variety of complementary measures, DOE ensures that its safeguards and security policies are being complied with and are performing as intended, e.g., identified high and moderate risks require corrective actions and regular reporting. Response measures can go so far as to curtail operations until the asset can be better protected.

While contractors must perform regular self-assessments and are encouraged to uncover any problems themselves, DOE requires its field offices to comprehensively survey contractors’ operations for safeguards and security annually. All deficiencies identified during surveys and inspections require the contractors to take corrective action.

The DOE’s May 2003 DBT reflecting a post-September 11 environment by identifying a larger terrorist threat than did the 1999 DBT and expanding the range of terrorist objectives to include radiological, biological, and chemical sabotage. Notable issues of the 2003 DOE DBT included an expansion of terrorist characteristics and goals, and an increase in the size of the terrorist group threat:

Expansion of terrorist characteristics and goals: "The 2003 DBT assumes that terrorist groups are the following: well armed and equipped; trained in paramilitary and guerrilla warfare skills and small unit tactics; highly motivated; willing to kill, risk death, or commit suicide; and capable of attacking without warning. Furthermore, according to the 2003 DBT, terrorists might attack a DOE facility for a variety of goals, including the theft of a nuclear weapon, nuclear test device, or special nuclear material; radiological, chemical, or biological sabotage; and the on-site detonation of a nuclear weapon, nuclear test device, or special nuclear material that results in a significant nuclear yield. DOE refers to such a detonation as an improvised nuclear device."

Increase in the size of the terrorist group threat: "The 2003 DBT increases the terrorist threat levels for the theft of the department’s highest value assets—Category I special nuclear materials—although not in a uniform way. Previously, under the 1999 DBT, all DOE sites that possessed any type of Category I special nuclear material were required to defend against a uniform terrorist group composed of a relatively small number of individuals. Under the 2003 DBT, however, the department judged the theft of a nuclear weapon or test device to be more attractive to terrorists, and sites that have these assets are required to defend against a substantially higher number of terrorists than are other sites. For example, a DOE site that, among other things, assembles and disassembles nuclear weapons, is required to defend against a larger terrorist group. Other DOE sites, such as an EM site that stores excess plutonium, only have to defend against a smaller group of terrorists. However, the number of terrorists in the 2003 DBT is larger than the 1999 DBT number. DOE calls this a graded threat approach."

The moral of DBT: a living instrument

The moral is that a DBT must be a continuously maintained instrument as "Things Change" as David Mamet so wittily showed in his film of the same name: New attackers with expanded characteristics and goals will appear. Attacker group size may swell unexpectedly - and that includes swarms of seemingly unrelated attackers operating against different parts of one's organization. Higher authority may mandate extended protective strategies. Corporate environments can weakened under stress, sometimes degraded imperceptibly, due to issues of financial pressure, takeover, expansion, new roll-outs or other restructuring.

A Russian Perspective on Cooperation Threat Reduction
Dmitry Kovchegin
BCSIA Discussion Paper 2007-04, Kennedy School of Government,
Harvard University, April 2007

Systems Security Engineering: An Updated Paradigm
John W. Wirsbinski
INCOSE Enchantment Chapter
November 8, 2006

Nuclear Security: DOE Needs to Resolve Significant Issues Before It Fully Meets the New Design Basis Threat
Report to the Chairman, Subcommittee on National Security, Emerging Threats, and International Relations, Committee on Government Reform, House of Representatives
April 2004

Using Bilateral Mechanisms to Strengthen Physical Protection Worldwide
Nuclear Terrorism and International Policy
Dr. Edwin Lyman
Union of Concerned Scientists
Institute of Nuclear Materials Management, 2004

Approaches to Design Basis Threat in Russia in the Context of Significant Increase of Terrorist Activity
Dmitry Kovchegin
Presented at the INMM 44th Annual Meeting, Phoenix, Arizona. Conference Paper, 2003

DBT - Basis for developing a European physical protection concept
Axel Hagemann
EUROSAFE, Towards convergence of technical nuclear safety practices in Europe, Paris
Nuclear material security, Seminar 5, p. 59-68
25-26 November 2003

Protection against Sabotage of Nuclear Facilities: Using Morphological Analysis in Revising the Design Basis Threat
Stig Isaksson, Tom Ritchey
Swedish Nuclear Power Inspectorate and Swedish Defence Research Agency
Adaptation of a Paper delivered to the 44th Annual Meeting of the Institute of Nuclear Materials Management - Phoenix, Arizona, July 2003

Jim Blankenship, Sandia National Laboratories
EU-High Level Scientific International Conference on PHYSICAL PROTECTION
Salzburg, Austria
8-13 September, 2002

Jim Blankenship, Sandia National Laboratories
EU-High Level Scientific International Conference on PHYSICAL PROTECTION
Salzburg, Austria
8-13 September, 2002

List of Papers
EU-High Level Scientific International Conference on PHYSICAL PROTECTION
Salzburg, Austria
8-13 September, 2002

COMBATING TERRORISM: Threat and Risk Assessments Can Help Prioritize and Target Program Investments
Report to Congressional Requesters
General Accounting Office
April 1998

Gordon Housworth

Cybersecurity Public  InfoT Public  Infrastructure Defense Public  Intellectual Property Theft Public  Risk Containment and Pricing Public  Strategic Risk Public  Terrorism Public  


  discuss this article

Structured IT risk remediation: Integrating security metrics and Design Basis Threat to overcome scenario spinning and fear mongering


Industry absorption of effective metrics for realistic threat and risk analysis in IT is moving far too slowly. A 2003 article, Information security: why the future belongs to the quants, contained a useful metric, Business-adjusted risk (BAR), "for classifying security defects by their vulnerability type, degree of risk, and potential business impact." The BAR used Risk of exploit ("how easily an attacker can exploit a given defect") and Business impact ("the damage that would be sustained if the defect were exploited"). The BAR's use of "relative ratings for both likelihood of occurrence and business impact [allowed it to behave] similarly to insurers’ annual loss expectancy calculations."

Four years on, the quants are still waiting while scenario spinning and FUD continue to flow from the unskilled or the commercially craven; Too many members of management, IT included, are among the former while too many security vendors populate the latter. A co-author of that 2003 piece, Andrew Jaquith, has recapitulated and expanded his work in security metrics in Security Metrics: Replacing Fear, Uncertainty, and Doubt, providing a one-stop shop for defining and implementing IT metrics for risk. It has merit to me as the metrics can form inputs to a Design Basis Threat (DBT) calculation for IT in place of the fear mongering from certain security firms. (Expansion for special nuclear material here.) There are threats, numerous and growing, but often not the threats solvable by the security products on offer. Worse, too many firms, Symantec among them, sell products that are consumptive of system resources while providing attack windows in their own code. Enterprise clients are generally deprived of a realistic means of identifying and interdicting realistic, often trivial, penetrations of their infrastructure.

I refer readers to The danger of confusing terrorist interdiction with the consequences of terrorist action for the perils inherent in pursuing scenario-based responses, and, as a start, to FEMA 452 - Risk Assessment: A How-To Guide to Mitigate Potential Terrorist Attacks for its introduction to assessment of threat, asset value, vulnerability and risk.

I fear that Jaquith's efforts have been ignored in the main as Escaping the Hamster Wheel of Pain which forms the first chapter of Security Metrics has been around since May 2005 as has his criticism of Symantec (easily 2005) and a useful but overlooked The Vulnerability Supply Chain (also 2005).

Useful metrics have been out there but have not been picked up en masse, but then neither has DBT, especially in its pure form used on the weapons side of DoE as opposed to the scenario laden approach on the nuclear power side. The combination of effective metrics shorn of histrionics with the Design Basis Threat process offers a realistic means to enterprises needing to formulate a cost effective and sustainable defense posture. We are among the few that have successfully applied DBT to Intellectual Property (IP) threats and remediation.

It cannot be overemphasized that the solution to this problem is NOT an Information Technology (IT) solution but IS primarily a Counterterrorism (CT) and Counterintelligence (CI) solution applied to corporate infrastructure, augmented by IT as the CT/CI process demands. Were it solely an IT solution, then one might suppose that this class of problem could be solved at least as often as major IT applications succeed (which depending upon whose statistics one chooses to accept, some 40 to 60% of large IT solutions either fail, are withdrawn, or at best suboptimal in their performance). The solution path can only be hinted at in this brief survey and the requisite CT/CI practionership and its understanding of an asymmetric attacker takes years to develop (which is one of the reasons that it occurs in so few instances and why the market tolerates so many pretenders as the clients cannot properly estimate the skill set needed to address the problem).

It is also a substantial systems analysis problem. In asking Scott Borg for a current copy of the Cybersecurity Checklist, I noted that I refer clients to his PPT, The New US-CCU Cyber-Security Check List, and its flagged need to address both physical and IT/cybersecurity, but add the following to it:

  • (First I have to describe Ackoff's three laws of systems - people can grasp the first two but the third floors them)
  • Systems fail at their boundaries, and that includes boundaries between components and clusters of components that act as subsystems.
  • Physical and cyber are two of those subsystems; there are many more, all interacting to Ackoff's third law.
  • A check list is a still frame from a motion picture, but people rip the frame, losing the underlying assumptions and context in the process.
  • A check list without a date/time stamp is useless, even dangerous.
  • Process-based threat and vulnerability assessment are key in defining appropriate levels of protection; remediation steps are then pulsed to insure that they deliver against the threats.
  • Scenario-based defense, while useful in estimating consequences of a particular scenario, is dangerous as it spins out of control, usually missing the fatal payload.
  • Good security is process-based rather than hardware-based (process is 10:1 over hardware, and process comes first as it will define the needed hardware).
  • Defenders never see themselves as attackers do, especially asymmetrical attackers, and so rarely protect the right mix against legitimate threats.
  • Defenders too often look for "peer attackers" instead of a simple asymmetric.

Scott's reply mirrors our own experience:

You are right in pointing out how hard it is for most people to think in terms of dynamic systems and processes.  I like the way you have formulated the problem in your e-mail.  We have been struggling with many of the same issues when it comes to getting people to understand the problems they will increasingly face.

The following is derived from an unclass analysis, Asymmetric Threat Detection in the Material Security Environment, we performed for a DLA unit in 2005. Seasoned practitioners will easily envision frontloading Jaquith's metrics into the threat side of DBT.

Evolving Nature of Threats

Technological surges in many sectors, so many as to effectively shield the collective effect from many investigators, coupled with globalization, the availability of WME (weapons of mass effect) has changed the risk landscape, most notably in the means to effectively address low-probability, high-consequence threats.

Too many fail to properly differentiate threat from risk, i.e., a threat is a source of harm (loss) whereas a risk is the estimation of the likelihood of that harm occurring coupled with the potential impact from its occurrence. Threat assessment is only one aspect of a larger and more complex risk analysis process, yet too many remain fixated on threat analyses as the sole basis of applying protective measures without sufficient attention paid to precision or control in their application.

Too many designs for low-probability, high-impact threat sources tend to skew the design of the security plan to costly countermeasures when precision could have provided cohesion and freed up resources. Too often, an organization adopts what it assumes is an extremely ‘secure’ system that either cannot be implemented, cannot be sustained, is impractical for its users or overlooks active threat paths because finite resources are fully engaged elsewhere.

Threat Levels

A threat can be defined as the intended potential to cause an undesirable consequence. The result of a threat assessment documents the result of an analysis of the credible motivations, intentions, and capabilities of potential adversaries that could cause undesirable consequences... The threat level provides a current estimate of ongoing risk to personnel, facilities, or interests from terrorist attack. Analyses deriving threat levels at Department of Defense (DoD) are commonly performed by the intelligence staff at each command level, and resulting threat levels can differ by echelon. Threat Levels range from Negligible to Critical, are based on a systematic analysis of the factors of existence of terrorism, terrorist capability, history of terrorism, intentions of terrorist groups, and targeting by terrorist groups. The system is not perfect but can be effective in a relatively contained risk environment, as it inherently allows for a concentration of resources for periods of elevated risk, conserving those resources in the process.

Threat Analysis

To supplement a risk responsive approach, such as in the use of threat levels, ICG prefers to create a risk matrix for each identified threat group so as to perform a more precise capabilities analysis. ICG prefers this more extensive version -- as it allows greater ability to profile the group under examination and to create a baseline for ongoing comparative analysis, a means to capture outlier data that may indicate an emerging threat:

Variant 2: Threat Analysis Factors

Factor must be Present: X; Factor may or may not be Present: O


































In response to threat levels, companies or commands adopt or change Force Protection Conditions (FPCONs), which are measures to protect people and facilities from the postulated current threat. Each FPCON potentially entails increasingly stringent security measures. A nominal DoD matrix contains intelligence assessments, warning reports, spot reports and law enforcement reports. The Department of State (DoS) adds broader factors, such as political violence which encompasses terrorism, counterintelligence, anti-U.S. technical intelligence, and activities against the U.S. community in determining its threat levels.

Risk is a function of threat, likelihood, consequence, vulnerability, and asset value. Impact is a function of:

  • Resources (the adversary's resources to execute and the defender's resources to defend, respond and recover post-attack)
  • Unexpected Methods by the adversary
  • Adversary's understanding of our infrastructure and the means to achieve exploitation
  • Defender's vulnerabilities
  • Effect Multipliers -- Where typical effect multipliers are:
    • Disruption of cyber infrastructure
    • Prevention or reduction of response and retaliation
    • Decrease or suppression of initiative to respond politically
    • Employment of psychological operations (Psyops)
    • Generation of fear and indecision
    • Introduction of WME (Weapons of Mass Effect)

Asymmetrical Rules Base (Attacker Rules)

Crafted from the 'success' of an earlier World War I static defensive war, the French Maginot Line failed under the newer concept of a mobile mechanized infantry. Accordingly, current defenses will fail under attack by the small-scale, high-impact operations of an asymmetrical attacker employing unexpected, non-traditional and broadly applicable methods unless we learn the current methods of the adversary and adopt simple effective measures.

Threat assessment must include the ability to impute an asymmetrical rules base as part of the threat definition so as to permit the defender to think more like a terrorist (as opposed to a defender) in defining a realistic threat posture, i.e., act without the self-imposed rules and limitations of the defender so as to view the risk calculation through the eyes of any number of threat groups, be they Muslim fundamentalists, Patriot right, Millennialists, single-interest terrorists such as the Earth Liberation Front (ELF), or various groups aggrieved at US actions. Each threat group has 'rules' such as preferences in targets and timing, varying motives for action, specific means or technical capability for action, and the later the threat detection the greater the threat group’s opportunity for action.

Asymmetric adversaries employ very different variables in their calculations for risk than the defender where the adversary is essentially interested in forestalling detection and accomplishing mission fulfillment. As previously noted in threat definition, a study of each category of attacker and, in specific cases, individual adversary groups, will identify a typology of action such that we can view risk and reward through the eyes of the asymmetric attacker. Without that view, much of successful defense is happenstance.

Introduction to Design Basis Threat (DBT)

The successful approach to defer (delay hostile efforts), deflect (move hostile intent to another target) or defend (interdict an incipient hostile attack) against an asymmetric attacker is almost all proactive process with a modest amount of strategically placed hardware that adds specific and reliable value to the process.

The core of that process is the Design Basis Threat (DBT) that will capture and formulate risk management objectives that balance commercial and security objectives, providng a means to evaluate threats over time. The DBT becomes an integral, inseparable part of corporate governance. The DBT becomes the mechanism that informs management of the types of threats it may face over time and allows them to define the threats that are in or out of scope, the response level that will be committed to each threat, and the cost for that response level.

The DBT absorbs the 5-Step Risk Management Process of FM 100-14, Risk Management, which is the commander’s principal risk reduction process to identify and control hazards and make informed decisions:

  • Identify hazards
  • Assess hazards
  • Develop controls and make risk decisions
  • Implement controls
  • Supervise and evaluate

The DBT, just as all sound risk management, does not:

  • Inhibit the commander’s and leader's flexibility and initiative
  • Remove risk altogether, or support a zero defects mindset
  • Require a GO/NO-GO decision

The DBT will include threat assessment, a safety-oriented hazard assessment, asset value assessment and an asset risk assessment that draw upon technical insights and the results of internal and external pattern detection. Where the best DBT implementations differ from almost all conventional DBTs is that the DBT must NOT be a scenario-based risk process but rather a rigorous procedural analysis. As noted above, a solution to IT risk identification and remediation is not solely an IT solution but rather the application of a CT/CI approach to a firm's infrastructure, augmented by IT as required. The DBT process is used to assess risk more effectively, enshrining speed to flag rising risk for inspection and action.

The DBT process can be used also to identify security guidelines that should be migrated across supplier relationships on both the buy (outsourcing) and make (manufacturing) side. Upstream outsourcing is a too often overlooked failure point. See Multisourcing: belated recovery of forgotten first principles, parts 1 and 2.

If history is any guide, integration, implementation and wider adoption of IT metrics DBT will be slow while phishers and penetrators will lunge ahead (here and here), but at least the path is there.

Part 2, Generic elements and process of a DBT protection system

Security Metrics
Posted by samzenpus on Wednesday May 16, @03:35PM
May 16, 2007

8 Questions For Uncovering Information Security Vulnerabilities
Tips for testing information security vulnerability hypotheses with questions designed to head off potential problems.
By Andrew Jaquith
16 May, 2007

Google: 10 percent of sites are dangerous
By Tom Espiner,
Published on ZDNet News
May 15, 2007, 7:56 AM PT

Do you know what’s leaking out of your browser?
Posted by Ryan Naraine @ 11:22 am
Zero Day
May 14, 2007

Using Metrics to Diagnose Problems: A Case Study
When initially deploying transactional financial systems it's wise to make sure perimeter and application defenses are sufficient.
By Andrew Jaquith
11 May, 2007

Models for Assessing the Cost and Value of Software Assurance
John Bailey, Antonio Drommi, Jeffrey Ingalsbe, Nancy Mead, Dan Shoemaker
Software Engineering Institute,
Carnegie Mellon University
Last modified 2007-05-10 10/07 4:38:24 PM

Security Metrics: Replacing Fear, Uncertainty, and Doubt
Andrew Jaquith
Addison-Wesley Professional; March 26, 2007
ISBN-10: 0321349989

ebook: ISBN: 0321509471
File Size: 4393 kb
Released online for download: 03-03-2007

Making the Business Case for Software Assurance
Nancy R. Mead
Software Engineering Institute,
Carnegie Mellon University
2007-02-06 12:30:16 PM

Victor-Valeriu PATRICIU, Iustin PRIESCU, Sebastian NICOLAESCU
Department of Computer Engineering
Military Technical Academy, Bucharest, Romania
Journal of Applied Quantitative Methods
JAQM, Vol 1, No. 2, Winter 2006

Rational Choice of Security Measures via Multi-Parameter Attack Trees
Ahto Buldas, Peeter Laud, Jaan Priisalu, M¨art Saarepera, and Jan Willemson
In J. Lopez, ed.
Proc. of 1st Int. Wksh. on Critical Information Infrastructures Security, CRITIS '06 (Samos Island, Aug./Sept. 2006), pp. 232-243. Univ. of the Aegean, 2006

NOTE: The following PDF of a PPT presentation by Buldas et al is useful for stepping a reader through the attack tree process under discussion:

Rational Choice of Security Measures via Multi-Parameter Attack Trees
Ahto Buldas, Peeter Laud, Jaan Priisalu, M¨art Saarepera, Jan Willemson
August 30 – September 2, 2006, Samos Island, Greece

Checklist outlines new cyberthreats
BY Michael Arnone
Published on April 26, 2006, updated at 5 p.m. May 5, 2006

The New US-CCU Cyber-Security Check List
Scott Borg
GSC-11 Chicago

The Vulnerability Supply Chain
by Andrew Jaquith
6 December, 2005
last changed on 00:06 07-Dec-2005

Asymmetric Threat Detection in the Material Security Environment
With Initial Recommendations Regarding Disposition of WMD-Related End-Items For Defense Reutilization and Marketing Service
Prepared by Intellectual Capital Group LLC
21 September, 2005

The Symantec Threat Report: Read Between the Lines
by Andrew Jaquith
September 20, 2005
last changed on 09:51 22-Sep-2005

A Few Good Metrics
Information security metrics don't have to rely on heavy-duty math to be effective, but they also don't have to be dumbed down to red, yellow, green. Here are five smart measurements—and effective ways to present them.
By Scott Berinato
July 2005

Escaping the Hamster Wheel of Pain
By Andrew Jaquith
4 May, 2005
Last changed on 11:56 04-May-2005

The Metrics Quest
Under pressure from the CFO to quantify security benefits, a CSO finds measures that matter
November 2004

Nuclear Security: DOE Must Address Significant Issues to Meet the Requirements of the New Design Basis Threat.
Testimony Before the Subcommittee on Oversight and Investigations, Committee on Energy and Commerce, House of Representatives
GAO-04-773T, General Accounting Office (GAO)
May 11, 2004

Collecting Effective Security Metrics
By Chad Robinson
Robert Frances Group
April 09, 2004

Information security: why the future belongs to the quants
Daniel Geer Jr, Kevin Soo Hoo, Andrew Jaquith
Security & Privacy Magazine, IEEE
Volume 1, Issue 4, July-Aug. 2003 Page(s): 24 - 32
Posted online: 2003-08-11 14:23:28.0
ISSN: 1540-7993


Risk Management
FM 100-14
Field Manual Headquarters
No. 100- 14 Department of the Army
Washington, DC, 23 April 1998

Gordon Housworth

Cybersecurity Public  InfoT Public  Infrastructure Defense Public  Intellectual Property Theft Public  Risk Containment and Pricing Public  Strategic Risk Public  Terrorism Public  


  discuss this article

Gates-Fallon reality diverges from Bush43-Petraeus; senior Republicans tilt to the former


A short article from The Swoop, Iraq: The Worst Lies Aheadis breathtaking in its directness:

  • SecDef Gates and incoming Central Command (CENTCOM) commander Admiral William "Fox" Fallon are far less hopeful than Multi-National Force - Iraq (MNF-I) commander, General David Petraeus.
  • Gates/Fallon assessment of Iraq is said to be "closer" to that of the UN Assistance Mission for Iraq (UNAMI) 25 April Human Rights Report than to anything emanating from the White House
  • Pentagon overall puts "little credibility" in diehard "strategies for victory" from American Enterprise Institute (AEI) and the like
  • Personal relations between Fallon and Petraeus are "distant"
  • Petraeus is "unpopular in the Pentagon" for an accommodation to Bush43 that "will damage the US Army"

No surprise, Gates has little confidence in Nouri al-Maliki and the Shia political leadership, but here is the most interesting item:

  • US petroleum experts are urging the White House to reduce its pressure on the al-Maliki government to officiate the 15 February, 2007, draft of the IRAQ OIL AND GAS LAW as it is so favorable to International Oil Companies (IOCs) that it is certain to be repudiated

Overall, the consistent refrain is that "the worst lies ahead" and that the assessment of the Surge in the fall will lay matters bare. And in a nod to political reality from "senior Republicans" outside the White House:

  • Gates is being urged "to act as the intermediary between the White House and Capitol Hill to launch the process of reducing US force levels in time for the 2008 presidential campaign"

As to the UNAMI Human Rights Report, formerly published bimonthly and now quarterly, I have found the HRP a consistently reasonable indicator of Iraqi conditions on the ground, and one that has been widely at variance with the rosier views issued by the Bush43 administration. The variance is wider when one remembers that UN documents tend towards the median, even lowest common denominator, when trying to reach consensus among member states on divisive issues.

Raised in the Oil Patch, I found certain articles of the Oil and Gas Law draft to be absolutely scrumptious (for contract holders): Article 9: Grant of Rights, Article 13: Exploration and Production Contracts, Article 33: Taxation, Article 34 - Royalty, and Article 39: Resolution of Disputes. Equally scrumptious is Article 14: Obligations of the Holders of Exploration and Production Rights, for what it does not obligate the foreign rights holder to do. Texas and Louisiana have more stringent laws for their petroleum assets.

This draft is so favorable to foreign rights holders that it could have been drafted by the short-lived American Viceroy in Iraq, the Coalition Provisional Authority (CPA). Pursuing this hunch at Iraq Revenue Watch (IRW) established by George Soros' Open Society Institute (OSI) in May 2003 (and collecting materials henceforth), I think that CPA antecedents are present. Readers can peruse the key documents and decide for themselves. Among the "commentaries by Iraqi oil experts," I found this bit of understatement:

The law is investment friendly. It encourages private enterprise and welcomes the international oil companies (IOCs) to work in partnership with the Iraq National Oil Company (INOC).They have a recognised role to play in the transfer of up-to-date state-of-the-art technology, technical and managerial training of Iraqis, and in investment capital. Selection from among pre-qualified companies will be made through tendering in a transparent and accountable process.

I agree with the assessment that Swoop presents, i.e., that when Iraqis have some position to be able to contest this draft, they will and will punish those IOCs that had advantaged themselves under it. Were I an Iraqi, I would.

On a purely technical note dealing with Arabic/English translations and Iraqi/US assumptions, I recommend Bell and Saunders' Constitutional Issues Regarding Federal and Regional Authority.

I find the Fallon-Petraeus relationship comment to be of interest and hard to document in open source, but then Swoop advertises its leading edge capture. Still, in a city that thrives on gossip, I am surprised that I do not see more of this emanating from Washington, especially from administration detractors. I do note this comment from the Donnelly/Waller The Man Who'll Lead the Surge:

Petraeus - whom critics call "King David" for his often sophisticated self-promotion skills...

In addition to this item, I also suggest Arkin's The Overrated General Petraeus. A later Swoop item, Washington's World - May 7th - May 13th, 2007, adds:

Officers close to Admiral William Fallon, the Central Command commander, report that he is skeptical about the General David Petraeus' "surge" strategy which he sees as "slick presentation" rather than genuinely innovative.

The link on the word 'skeptical' points to Fallon's Senate Armed Services Committee address, not the venue for a smooth diplomat to denigrate a subordinate. Still, Swoop maintains the Fallon-Petraeus divide.

A note about Swoop itself; It was Swoop that first leaked Bush43's description of the Iraq Study Group's report as a "flaming turd." The Telegraph's Toby Harnden describes Swoop as "a remarkably well-plugged-in website produced by anonymous Washington insiders who have tentacles that reach into the dark corners of the political and intelligence worlds." The FT's Gideon Rachman notes the "Excellent Swoop foreign policy analysis" in Iran and the Washington debate. (I cannot find the quote that Swoop ascribes to WaPo.)

Swoop advertises that it is produced by the "Washington Assessment and Analysis Service" which does not otherwise exist on the web, is printed in English, Arabic, Farsi, Hindi, Chinese, Korean and Japanese for those "who need an accurate, objective and independent understanding of American intentions" in US international "political, military, financial and commercial" policy. It has two public sponsors, Blue Tech and eLawForum.

Amalgamating a series of its posts, I deduce that that the common axis of Putin and energy will see Russia attempt to recover its near abroad, expel the US from the energy Stans of Central Asia and create a rift between the US and Europe, but that is another post.

Washington's World - May 7th - May 13th, 2007
The Swoop

Iraq: The Worst Lies Ahead
The Swoop
Published on: May 5th 2007 13:12:03

3 MAY 2007

Human Rights Report
1 January - 31 March 2007
UN Assistance Mission for Iraq (UNAMI)

Silver Fox
Biography of Admiral William J. Fallon
Military Advanced Education (MAE)
Volume: 2 Issue: 1
Published: Apr 28, 2007

Biography of Lieutenant General David H. Petraeus Commander, Multi-National Force-Iraq, Operation Iraqi Freedom
Military Advanced Education (MAE)
Volume: 2 Issue: 1
Published: Apr 28, 2007

KRG publishes draft Federal Oil and Gas Law of Iraq in English and Arabic
Kurdistan Regional Government (KRG)
9 Mar 2007

The Man Who'll Lead the Surge
Jan. 09, 2007

The Overrated General Petraeus
By William M. Arkin
Early Warning
January 5, 2007; 10:00 AM ET

NO. _______ OF 2007
15 FEBRUARY 2007

Gordon Housworth

InfoT Public  Strategic Risk Public  Terrorism Public  


  discuss this article

State of H5N1 Avian flu (Un)preparedness


A recent off the record conversation with a city public health official on flu pandemic preparedness after three years of "preparation":

  • Insufficient vaccine stocks
  • Little discussion of who gets priority access to vaccine
  • Volunteers exist for assisting positions and for law enforcement, yet most do not yet have an N95 mask and, his words, not mine, it is not clear if an N95 mask is effective against H5N1
  • Vaccine distribution plans pivot about airlift distribution from six regional depositories to adjacent states
  • Population urged to store three days of emergency supplies although most avian flu scenarios require some two weeks of supplies in order for flu to transit the available vectors (vulnerable population sectors)

If only the situation were this bright:

  1. Not only is there insufficient vaccine in the abstract, insufficient regional supplies will further suffer from predation on the supply/distribution chain as have-nots realize what is passing by them, hijacking the supply. Stocks not immediately consumed or destroyed will go to black market auction.
  2. There have been discussions as prioritizing vaccine receipt, nominally first responders and hospital staffs and an ill-defined 'command and control' structure but is expected to break down quickly. Human nature predicts a Dr. Strangelove effect to retain key stocks for senior command and control. I would expect attacks on presumed storage sites.
  3. First responders and support staff will dwindle as they know that their chance of infection is greater, some will come in for vaccine, trying to get more for family members and then depart. There are some recent studies that predict a failure of the first responder hospital staffs begged by their families not to go in. Expect to see infrastructure breakdown.
  4. Standard masks, including simple commercial N95 masks, are insufficient. Worse, most individuals are not taught to put one properly and test it for leaks. People with good masks, or with something better than those who have none, will become assault and battery targets.
  5. Most untrained individuals do not function well in the constrictive environment of a mask, e.g., if a mask is easy to breathe in, it is not adjusted correctly. It is a bit like SCUBA; you have to work to draw a breath. In full masks, vision is constrained, etc. By comparison, SARS was actually difficult to contract. A higher H5N1 contagion rate would have made a mockery of common mask strategies employed by the Chinese.
  6. As to airlift distribution from federal depositories, I suspect that infrastructure faults already alluded to will include airports, often starting with the underpaid and the unnoticed. Think hospital orderlies and janatorials for a start.
  7. People will think too late of the needed two week plus stocks of water and food, so resorting raids on supply points, groceries, et al.

Given the kinds of gaming scenarios with which I am familiar, it is not so great a leap to envision a worst case use of bioweapons to create a firebreak in an exceptional epidemic, i.e., there is no transmission if there are no vectors.

See related background items:

Intractable nature of achieving preparedness

Flu preparedness presents few solutions - where solutions are defined as combinations of money, assets, personnel and attention - to solve what is a massive infrastructure and societal issue that has been unable to breach government and public awareness for what might be a "then, maybe" event in the face of immediate and serious problems for which voters are demanding a solution now. It is a signal to me that federal authorities do not have a viable solution if they are still grappling with the concerns that opened this post.

While one might wonder why flu preparedness presents so intractable a problem after three years of thought, there is a prior example at our feet - earthquake preparedness. Flu preparedness is analogous to earthquake preparedness in that both present the possibility of enormous costs, serious disruption and commercial impact for a "maybe event, but maybe not my city or region" event. Earthquake preparedness has been in the public consciousness far longer than flu and we are not appreciably better prepared for it. Stanford University, for example, is slowly working its way to a comprehensive response posture, propelled by a series of quakes.

One of the few 'solutions' that I can see rises from studies of the emergence of Influenza A H1N1 in the 1918-1919 Influenza epidemic which showed that isolation was a significant factor in reducing infection transmissions. Given today's transportation venues, one wonders if isolation still offers a viable solution.

Much about masks

There are many kinds of masks: Non-powered Air-Purifying Respirators (filtering facepiece, half mask, full facepiece), PAPR (Powered Air-Purifying Respirators), and supplied air (Supplied-Air Respirators (SARs), (Self-Contained Breathing Apparatuses (SCBA)). OSHA's Assigned Protection Factors is the best single source that I have found for mask characteristics, applications and effectiveness.

When I see comments from the infrastructure community such as "The N-95 / N95 mask is the mask recommended by CDC and Health care experts," they neglect to say, or are unaware, that a cost benefit analysis has been done, the upshot of which is that this '95%' class of non-powered air-purifying respirator is the most that responder agencies can reasonably be expected to be purchased in volume, is one of the few classes that is even available in any volume yet still will be insufficient for all in the event of an epidemic. I sum it as, anything more and they don't buy; anything more and there aren't remotely enough.

The H5N1 investigative community properly describes N95 as the minimal protection:

Disposable particulate respirators, such a NIOSH approved N-95, are the minimum level of respiratory protection that should be worn. However, wearing respirators that offer a higher level of protection, including full-face piece, hood, helmet or loose fitting face piece respirators also will serve to protect the eyes.

One of nine NIOSH classifications (National Institute for Occupational Safety and Health) for certified particulate respirators, N95 is described as:

N95 rated filters have a filtration efficiency of at least 95% filtration against solid and liquid particles that do not contain oil. In the NIOSH classification system, particulate respirators are given an N, R, or P rating. N stands for Not Resistant to oil. R stands for Resistant to oil. P stands for oil Proof. Each particulate respirator is also given a filter efficiency rating of 95, 99, or 100 when tested against particles approximately 0.3 microns in size (mass median aerodynamic diameter) according to the criteria stated in 42 Code of Federal Regulations Part 84.

While N95 respirators have a 95% filtration efficiency, the key is the Assigned protection factor (APF):

Respirators are designed to help reduce, not eliminate, workplace exposures to airborne hazards... [The] efficiency of the filter material alone does not determine the overall reduction in airborne hazards provided by a respirator. The other determinant in reducing exposure is fit. If a respirator does not seal properly to the face, airborne hazards can penetrate or enter underneath the face piece seal and into the breathing zone. The term that incorporates the overall expected reduction in exposure is called an "assigned protection factor" (APF). NIOSH defines APF as the "minimum anticipated protection provided by a properly functioning respirator or class of respirators to a given percentage of properly fitted and trained users." The APF tells you the factor by which the respirator will reduce your exposure. The APF takes into account all expected sources of facepiece leakage, such as leakage around the edges, valve leakage, and filter penetration. The APF of a NIOSH-certified half facepiece respirator is 10. This means that a properly used NIOSH-certified half facepiece respirator (one that covers your nose and mouth only, such as an N95 particulate respirator) will reduce your exposure to airborne contaminants by a factor of 10. Note, the APF is not intended to take into account factors that may reduce respirator performance such as poor maintenance, failure to follow manufacturer's instructions, and failure to wear the respirator during the entire exposure period. It is important that the respirator is correctly worn and used as part of a comprehensive respirator program...

It gets worse:

I agree that fit-testing is important and an N-95 respirator is much better than a boulder-catching surgical mask. A full-face respirator with HEPA filters would be even better, but my bet is that hospitals are using half-faced respirators. When I did respirator fit-testing in one USEPA course, none of the three half-faced respirators that I tried worked when I talked or moved my head from side-to-side. The movement broke the seal. Needless to say, hospital staff do talk and move their heads.

When I did that respirator fit testing, only a properly fitted full-faced respirator worked, and only 2 out of 3 full-faced respirators that I tried passed the fit test. People with glasses (like me) can get eyeglass inserts. Also, a beard will prevent an adequate fit. Don't ask me how many times I've seen people with beards wearing respirators that they bought at a hardware store. Between not being properly fit-tested and the bypass created by the beard, they're worthless. Personally, I wouldn't trust a respirator that isn't fit-tested, period, with absolutely no exceptions whatsoever (am I perfectly clear?). The U.S. representative who is trying to stop fit-testing for hospital workers is totally ignoring the science, and if passed, I predict increased infections of all sorts. Also, God help us if this passes and some terrorist releases large quantities of Anthrax or the like. They'll take out the hospitals along with everything else...

And of course, wearers must clean appropriate respirators after use:

Disposable respirators should not be cleaned; dispose of the respirator immediately after use according to facility policy. In addition, the CDC and WHO suggest not touching the front of particulate respirators during removal and to follow with hand hygiene procedures. Reusable respirators may be disinfected using a mild bleach and water solution (0.1% sodium hypochlorite).

P100 HEPA as the standard

HEPA is High Efficiency Particulate Air. HEPA filtration is already in common industrial usage as well as by those afflicted by allergies. While HEPA is good for dusts and molds, it only traps particulates, allowing any contaminant in non-particulate form to pass through the filter. For my general purpose usage, I employ combination cartridges designed for pesticides as well as dusts, fumes and mists (Organic Vapor plus P100 HEPA). I have both half face and full face masks, all with Organic Vapor/P100 HEPA cartridges. Both permit use of glasses w/o breaching mask seal.

Compare P100 filtration to the lesser N95 or N99 filters:

Passes NIOSH's most rigorous testing criteria and is approved for minimum 99.97% efficient protection against oil & non-oil particulates.
Typical applications: battery plants, nuclear power facilities, asbestos abatement [and] remediation, lead, cadmium, silver, cobalt fume & dust, radionuclides and radon daughters. Also used for dusts, fumes, & mists with a PEL [Permissible Exposure Limit] less than 0.5mg per cubic meter.

Even that does not guarantee freedom from infection but it is vastly superior to N95 masks, especially the disposables which are intended to be discarded (properly) after a single use.

I find the advisory through DHS (personal email) that, "Doctors, first responders and air traffic controllers can use N 95 masks in work settings as long as they are properly fitted and some training occurs," to be disingenuous. To be frank, a key problem with these N95 "office work" masks is that masks in which you can talk, can be heard and be understood will not seal, yet those employees (physicians should know better) will still take them home with them, using them in the community, unaware of their risk.

Where is the discussion on home or office decontamination?

Seemingly absent from the discussion of mask use by the public is the issue of decontamination. Assume that you have an acceptable mask, properly fitted with active filtration cartridges, and are exposed to H5N1 flu variants. What happens when you remove the mask, possibly touching mucous membranes or mouth? Where is the guidance for disposable or non-disposable gloves, protective clothing, shoe covers or boots, and safety goggles?

How do you prevent tracking the agent into your home? Again, the procedures are simple but rarely addressed in literature for the public. An Expedient Semi-Permanent Decontamination Shower is described in this post 11 September guide to NBC warfare survival.


With the Katrina recovery debacle as yet unresolved, I am not sanguine with the ability of DHS and FEMA to respond to a pandemic. The valiant at CDC and WHO are not enough. See:

I consider a commercial P100 HEPA cartridge in concert with good practice as the baseline. You can get a good half face HEPA cartridge respirator that can be fit properly along with a box of six cartridges for what I consider a modest price but still a price that neither states or Congress is willing to fund. We cannot recommend what we are unwilling to fund so we all collectively blink and admire the Emperor's new clothes. In our business that is called accepting risk by default, which is not a useful survival strategy. I may still not survive infection, or I may be bludgeoned for my respirator, or I may succumb to some other systemic failure, but my odds are better.

'Supermap' Of Avian Flu Yields New Info On Source And Spread
Source: Ohio State University
Science Daily
April 30, 2007

Google Earth files for avian flu virus
Roderic Page at 2007-04-28 10:27
Systematic Biology
The Google Earth file that accompanies the paper "Genomic Analysis and Geographic Visualization of the Spread of Avian Influenza (H5N1)" (Janies et al., doi:10.1080/10635150701266848, or OpenURL) is available here (aiTrees.kmz).

Respiratory Protection and Avian Influenza Viruses Frequently Asked Questions
3M Occupational Health and Environmental Safety Division

Assigned Protection Factors; Final Rule - 71:50121-50192
U.S. Department of Labor
Publication Date: 08/24/2006
Publication Type: Final Rules
Fed Register #: 71:50121-50192
Standard Number: 1910; 1915; 1926
[Federal Register: August 24, 2006 (Volume 71, Number 164)]
[Rules and Regulations]
[Page 50121-50192]

Faculty Senate hears report on emergency-preparedness plan
Earthquakes, disease outbreaks, acts of terrorism weighed in plan
Stanford Report, February 1, 2006

Disease Forecasting
By Jim Duffy
Johns Hopkins Public Health
Fall 2005

from Mass Casualty Incidents Involving the Release of Hazardous Substances
January 2005

Avian Influenza Symposium
Moderator: Nina Marano
Centers for Disease Control and Prevention Symposium on Avian Influenza
November 3, 2004

Mail: Respirators and China
Posted 11:55 PM by Jordan
Confined Space
Wednesday, September 15, 2004

The ABC's of NBC Warfare Survival: A Public Guide to Surviving Nuclear, Biological, and Chemical Terrorist Attacks
Fred H. Lane

Gordon Housworth

InfoT Public  Risk Containment and Pricing Public  Strategic Risk Public  


  discuss this article

Prev 1  2  3  4  5  6  7  [8]  9  10  11  12  13  14  15  16  17  18  19  20  21  22  23  24  25  Next

You are on page 8
A total of 68 pages are available.

Items 71-80 of 673.

Pages: [1 - 25] [26 - 50] [51 - 68]

<<  |  July 2019  |  >>
view our rss feed