The Next War on Terror Will Be (Lost) Online

Thursday, May 31, 2012

Ali-Reza Anghaie


The good people at SOFREP posted The Next War on Terror Will Be Fought Online featuring none other than Mikko Hypponen.

Predictably the comments were the Cyber Counter Terrorism Cerberus:

  • 'I'm surprised he didn't mention' such and such
  • 'It's actually much worse' and here is why
  • 'It's already happening' and we're all missing it

And the comments that always seem to be missing from the ever-increasing volume of Cyber Doom & Gloom stories is how we can meet the challenge ~before~ it's "online" (pun intended).

Sure, many people say we must Cyber mobilize on epic scales and usually there is a call for more Government. And sure, there are growing ranks of Cyber Counter Terrorism practitioners across both Private and Public space. Except that's only to meet the enemy we really want to see - the one that suits perhaps what we're comfortable doing or getting funding for?

If I go full monty we're framing the problem in the way that everyone feels like they can get in on it. No physical aspects - much less risk.

Standard disclaimer before I proceed - there is a Cyber espionage/terror/war problem, we're going to get hit complete with kinetic effects, something bad is going to happen, and in retrospect it will have been preventable.

Somebody would've screamed and a left hand didn't know what the right hand was doing and unnecessary impediments were to blame. There will be Congressional Hearings and new legislation. Yada yada yada.

(Related side-notes: Please see Meredith Patterson's talk The Science of Insecurity for an Engineering intermission on where we should be taking the technical discussions BTW. And you might want to read Who Fights for the Users? and Who Fights for the Users? Part II: FBI's AntiSec for some of the types of mistakes the above culture will create if the Cyber CT fight remains the only topic of action.)

Since all that's going to happen anyway can we at least ALSO try to win the long term Cyber Counter Terrorism battle in the Gaps?

An often overlooked aspect of the "online Jihad" is that the target audience is actually on the fringe of having more things and better things to do. Much of the target audience and participants in the forums attracting all this attention are, for lack of a better term, trolling society. They're living a life of sin by most measures of their extremist fringe inspiration and somehow ended up on a fence full of bitterness and looking for redemption.

And in parallel, a lot of the "traditional" terrorists we're most afraid of - and arguably could cause far more havoc than a majority of Cyber scenarios - have none to minimal roots online. We're not catching their extremism and the will (that the current crop of online disciples might be lacking) before this group is wired up.

The connection?

Where fiscal and general resource economics are lacking is where we need to preemptively cut off the "supply" to the Terrorist "thought leaders" who ~are~ online. We need to dry up their armament of human capital (the "in parallel" group).

And we're neglecting these areas because the same best equipped "fighters" on that front are being thrown wholesale to the idea of Cyber espionage/terror/war. (BTW, it shouldn't escape attention that Terrorist "though leaders" are confused about this often too. Which also can be used to our advantage.)

Where is the disconnect? The War on Terror is not over - actually I think this idea of TWoT moving online is predominantly because people know TWoT isn't over but don't know "where" it is now. Or the "where" they know isn't one they can readily address.

We need to get our Western privilege and "sensibilities" out of the way and let the Markets bring food, water, and ICT supply to East Africa (to choose one hot region as an example). We need to drop the orchestrated strongmen - transition them out economically - instead of the idealistic and naive early Arab Spring approach.

We need to get formalities out of the way and emphatically create opportunity where the informal and underground economies reign - we need to put a moderate secular face to all of those efforts. And we need to do it now. Those endless new heads being thrown at crawling IRC, forum impersonating, data, Maltego and Palantir - hey - they're the people who are best fit to do ~these~ jobs right too.

It's time to consider we might be putting some of our Cyber soldiers on the wrong line. (Again, read the Disclaimer above. This isn't about denying problems - it's about economically addressing all the problems for the widest ROI.)

Some of this is going to be unpopular with, again, our Western privilege and "sensibilities"... similarly to the idea that *gasp* maybe DDT has a place in Africa. Maybe Google or Twitter's Privacy policies or cookies aren't the end-all of situations and we shouldn't keep insisting to our Freedom fighting brethren in the lesser developed World to avoid them at all costs.

We're just helping develop more Gaps in the meantime - we don't have time to waste. We can address these problems in less absolute terms from our end - while letting them fight up from their end and meet us in the middle where we ~both~ have resources to then push toward the more idealistic endpoints.

If we expect to fight the War on Terror online - we're going to lose. We need to prepare for Battles online and win the War offline and in the Gaps. Dry up the human capital by bringing them "online" with the rest of the economically enabled and upwardly mobile World.

I'll leave you with one last analogy that occurred to me today... don't neglect your BUIS. The basics are important - remember how we won the last major Wars. They weren't "Won" the day the last gunshot was fired, we were victorious when everybody again felt enabled and full of upward options and Freedoms.

p.s. I'm sick as heck while writing this so I'm skipping the re-read and edit. Sorry ahead of time.

Cross-posted from Packetknife's Space

Possibly Related Articles:
Security Strategy Government terrorism internet National Security FUD jihadist online safety counter-terrorism
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.