« "What's Up?" | Main | Who We Are Fighting »

What Now?

What Now?

There's been more and more talk about what the next move in the Anti-Terrorist War is to be, lately. I've also been thinking along the same lines, but not down the same paths, if you will. There's a clamor for attacking Iraq, some grumblings about the Philippines and Sudan. Perhaps some people think it's all about to be over.

Since mid-September, I've been musing a bit about how to defeat al Qaida-like organizations. I have some ideas, but I don't know how feasible they are.

I'll leave what the next military move will be for some other discussion. The military has always seemed to me a bit of a sideshow in this war (albeit an important one). What I'm curious about is what our overall strategy will turn into if/when we kill or (God forbid) capture bin Laden. Let me back up, though, to how I was thinking before we engaged the Taliban in a military conflict...

Who is the enemy?
"Terrorism"

Um, but who is the enemy?
Terrorists?

More specifically?
Terrorists with global reach who target American interests, and the states, para-states, NGOs and individuals who support them in some manner.

Good answer (finally), although still a bit murky. What is the specific enemies list?
Well, that's tricky. The potential list is quite long. However, it includes groups and individuals that may not actively be our enemies. To start with...

How about you just post that list later when you can find it, rather than try to recreate it from memory.
Okay.

Al Qaida is solidly in the enemies list, though, right?
Right. And, for what it's worth, tactics that work well vs. al Qaida are likely to be effective against other non-state members of that list as well.

Such as?
Denial Of Service attacks: overload the network's capacity for transmitting information across its nodes, and it will become far less effective, and may, in fact, behave erratically, providing new opportunities to strike it more, ah, forcefully.

Hm. Okay, I think I see where you're going with that, but I'm not convinced. Be more specific.
Okay. Al Qaida - The Base - is essentially a network of networks, a latticework of discrete nodes that communicate and cooperate with one another to achieve goals impossible for any single node. For security reasons, it is very decentralized. The majority of any given node's members have no knowledge of the majority of connections with other nodes. By necessity, this means that no individual, anywhere in the organization, has a complete understanding of the entire system.

Really?
Sure. Think about it. It would be wildly inefficient and insecure to try to mastermind the entire architecture to the last detail. The network would evolve in a semi-unplanned manner. Furthermore, some nodes may not even realize they're "in" the network; they may only feel that they have a friendly association with someone who knows someone, etc. The leader of that node, though, gets instructions passed to them from a source that the other node-members are unaware of. Even then, the node leader may believe that they are serving some other organization and that al Qaida is merely a distant ally.

You're getting off track.
Well then stop interrupting.

Sorry. Go on.
Anyway, all communication systems have a theoretical maximum capacity. Because the links between nodes are so tenuous in this particular organization, and because of the need for secrecy in all communications, the theoretical capacity to communicate information should be surprisingly low, compared to that of other, more "above board" systems. Under normal circumstances, though, the capacity is high enough for the organization to operate quite effectively, although slowly. However, if one were to somehow overload the information-carrying capacity of this particular network, taking advantage of its limited capacity, then one might be able to at the least slow it down and hopefully, possibly, cripple it. The best-case scenario would be to get it to engage in erratic, undefined behavior.

Okay, say I buy that there's a maximum to their capacity. Wouldn't it still be very difficult to spam it, so to speak, to the point you are shooting for?
Yes, it would be very difficult. In fact, I'm not entirely certain it can be done. If it can be done, though, the first step to figuring out how is to analyze the kinds of information the system is hungry for.

Right. If we're going to overload their communication system, it'll have to be by providing them with overwhelming amounts of information that they want to take inside the system for distribution.
That would be one approach, at least.

But what sort of information does this network traffic in?
General intelligence gathered from outside, instructions sent from higher nodes, and possibly requests from lower nodes for supporting intelligence. Actually, there are other types, but they are less susceptible to attack or can be shoe-horned into the above three categories.

So we go after the first category?
Actually, we pursue all three. The general intelligence category seems most promising, because it appears to depend a lot less on good existing penetration of the organization by our intelligence assets. However, that appearance is misleading; the dependency is less, but not by nearly the amount one might first suppose. You see...

I'm sorry. I have to interrupt, here. Before we spend a great deal of time/energy on figuring out how to do it, I want a better idea of what our efforts will gain us.
What do you mean?

Well, let's just say that we know of some methods that will flood the system.
I see where you're going. Yes, a first step Denial Of Service would not be truly sustainable over a long period of time, regardless of the solution. That's a fair assumption.

Exactly. So what are we going to accomplish, in the long term?
Well, erratic behavior is the real goal, then, isn't it?

Right
Because we can't just initiate and maintain a DOS that goes on forever, can we?

Nope. But what we can do is use that to open up an opportunity for other action.
Right. That's what I was saying earlier.

Undefined behavior.
Right. Because of the tendency of these nodes to operate for long periods without instruction or guidance from their superior nodes (which they may not always realize are superior), anything that interferes with their communications could cause them to behave in a less-carefully coordinated manner, given enough time, thus exposing them more to our intelligence operations. Then we have more clear targets for covert and military operations.

But there's a serious risk, of course.
What's that?

"Undefined behavior" could be deadly for innocent civilians.
Ah, yes. I hadn't thought of that.

You should have. This is the problem with thinking about this too abstractly. You lose track of what it actually means. The most useful and likely sort of undefined behavior for a terrorist node is to execute some terrorist operation without the knowledge and support of the larger network.
Hm. Then maybe this isn't such a good approach, after all.

No, actually, it is the only approach.
What do you mean by that?

From what you've said, it's clear that al Qaida - and organizations like it - depend on maximum secrecy. However, the only totally secure approach would be for them to not operate at all. Most of the time, they lay very low. Only when they do something big - like the Atrocity they committed in September - do they expose themselves to real attack.
And you think provoking them into attacking us is therefore good?

No, no. I think it is inevitable. Whether we use a DOS attack or just directly pinch off entire nodes, some nodes and sub-networks will clearly become rogues. Kill bin Laden and all the other people at the top of that network, and you will suddenly have five or ten smaller networks, each acting with less constraint than they did when under the bin Laden node's coordination.
I see. I guess it is inevitable. Unless...

Unless what?
Unless we can find a way of rolling up the whole network at once.

Is that possible?
I don't know. I doubt it.

So we should expect more attacks as we become more successful?
To a point, and then they should begin to diminish. Also, those attacks will be less successful, without the full support of the original network.

True.
Can I ask you a question?

Shoot.
Why the dialogue?

I don't know. I guess it's how I think, sometimes.
Because it's tiring after awhile.

Yes, it is.
Maybe you should just post this now.

Posted by Mac on December 11, 2001 4:40 PM |

TrackBack

TrackBack URL for this entry:
http://thefraziers.org/mt33/mt-tb.cgi/111

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)