Terror Strategy: Is The U.S. Losing The Information War?
By J.M. Berger
Last week, John Kerry outlined his plan for fighting terrorism, which he offered a sharp alternative to President Bush's prosecution of the War on Terror so far. (external link to related story
But while Kerry made several key changes in execution, his plan is based on many of the same underlying assumptions that fuels the Bush Administration's policy toward terrorism.
These assumptions, treated as articles of faith by the U.S. government and media, are dangerously flawed. If they are not corrected, the outlook for U.S. security for the foreseeable future is grim.
Kerry's plan is more closely aligned with the realities of geopolitics and global terrorism today, but the tactics and targets he identifies are many respects very similar to those identified by both the Bush and Clinton administrations.
At best, Kerry's proposals would reduce the damage that the Bush Administration's policy is currently causing to U.S. security, global standing and civil liberties. But "do no harm" is only the first principle in an effective counterterrorism strategy.
Both camps are still neglecting some of the most important elements of al Qaeda's broad global network. This failure of imagination puts America and its allies at more risk than ever against an implacable enemy that has already adapted to to the changing reality of a post-September 11 world.
There are several policy failures currently wreaking damage on U.S. security. Rather than debating the particulars of how to apply the same flawed strategy, U.S. politicians at every level need to take a hard look at several areas where a dramatic change in focus can lead to swift improvement.
INTELWIRE will publish a series of strategy briefings between now and the election, dealing with key areas in the War on Terrorism, including information strategies, prosecution of terrorist suspects, practical steps to secure the homeland, and defining the enemy.
The first article in the series addresses information management strategies employed by al Qaeda and the United States. This topic, which has not been discussed extensively by either candidate, was raised by the 9/11 Commission to some degree.
The commission, however, focused on specific information bottlenecks and technological improvements. While important, these issues obscure an underlying problem that affects U.S. information flow at every level.
The information issue is integral to the conflict between Western governments and the global network of terrorist groups generally referred to under the heading of "al Qaeda."
The name "al Qaeda" means "the base." Although the term is commonly construed in the sense of a military base or foundation, it is more accurately understood as "data base."
al Qaeda originated in the mid-1980s as a compilation of names and addresses, collected by Osama bin Laden for the purpose of sending money to the families of Afghan Arab volunteers.
But the list had an ulterior purpose. It was used to keep track of the Afghan Arabs and to categorize their skills and nationalities, allowing bin Laden's network to maintain links between the volunteers and the "corporate" al Qaeda organization.
This database of names and networks, the world's most dangerous rolodex, is at the very heart of al Qaeda's capabilities. al Qaeda operatives today add their names to the database using an application form, much like any employee seeking a job. The base is used to recruit operatives for terrorist operations, to solicit logistical support of those operatives (such as lodging and food), and to solicit and launder money to fund terrorist attacks.
By the early 1990s, significant parts of the database had been computerized. Known al Qaeda operatives used laptop computers, floppy disks and PDAs to file away names, phone numbers and addresses, in addition to collecting business cards and traditional handwritten address books.
Since its founding, the informational component of al Qaeda has skyrocketed in importance. In addition to collecting information, the network also sends information around the world.
The terror network's primary function today is managing and disseminating information of every kind, including contact names and phone numbers, fatwas
in support of terrorist goals, university-level courses in terror tactics, and an gigantic library of printed, CD-ROM and online reference materials (including "how to" guides on making bombs, kidnapping Westerners and infiltrating communities).
al Qaeda even publishes a magazine, al-Battar, which includes inspirational religious tracts, coded instructions to operatives, helpful tips on waging guerrilla war, and suggestions of P.R. strategies. (external link
With only an ad hoc network of personal computers, Web sites, printing presses, rolodex cards, handwritten address books and human brains, al Qaeda has created an information-rich infrastructure designed to aggressively push information out
to terrorist operatives around the world.
Because so much of al Qaeda's information base moves so freely, the organization is also extraordinarily effective at restricting its relatively small pool of truly sensitive information, such as attacks in progress, and the location of top leaders like Osama bin Laden and Ayman al-Zawahiri. When you have fewer secrets, they are easier to keep.
In contrast, the U.S. government is built to perform in exactly the opposite manner. U.S. government information structures are tasked primarily to restrict information and its flow
. Complex layers of classification and secrecy combine with massive bureaucratic hurdles and obsolete technologies to create a gigantic information sink. Data goes in, but only a small percentage of that data comes out.
Philosophical questions aside, the strategy of information restriction is not particularly effective at hardening American targets. Using a combination of undercover moles and open source documents, al Qaeda has managed to collect intelligence on everything from fleet movements, to nuclear power plant security and design, to military tactics and techniques.
The much discussed failure to watchlist 9/11 hijackers Khalid Al-Midhar and Nawaq Alhamzi is a perfect example of the data sink at work. Since September 11, little has been done to correct the problem. There is still no unified terrorism watchlist for use in border interdiction and restricting air travel by suspected terrorist operatives. (external link to related story
What little watchlisting exists is deeply flawed, and has been documented to include substantial amounts of inaccurate, outdated and politically motivated information, such as the names of anti-war activists. After the arrest of Jose Padilla, an alleged al Qaeda operative, there were anecdotal reports of airline passengers with the same name being singled out for additional screening, even though the suspect was already in custody and despite the fact that the name Jose Padilla is extremely common.
Singer Yusef Islam (previously known as Cat Stevens) was recently targeted by a no-fly list. While the inclusion of Islam's name on the no-fly list was the subject of light-hearted commentary in the media, the deeper story of the day was that his watchlist status wasn't detected until after his plane had crossed the Atlantic Ocean.
Obsolete technology makes matters worse.
A recent FOIA request by INTELWIRE to the FBI yielded a response that the agency's chief of records and information dissemination is incapable of searching its own archives for information related to a specific criminal case in which the FBI participated extensively. The case, the prosecution of Ramzi Yousef's so-called Bojinka plot, was one of the FBI's most important investigations of the last decade. (link to document
The FBI has at least eight independent information processing systems, none of which are integrated. A recent congressional report on modernization efforts reports that the FBI is "hamstrung by outdated technology in networks, hardware, software and infrastructure support."
While the CIA's systems are shrouded in secrecy, the situation there is believed to be comparable, and aggravated by an institutional loathing for paper trails and accountability. In the past, the agency routinely kept the most sensitive -- and most important -- information on paper only, in a vault, where it cannot be centrally indexed for processing and analysis. On top of this institutional resistance to putting things "on the books," new collection technologies and a flood of recent prisoner interrogations have resulted in a glut of new data, which is then dumped into a system already floundering from information overload.
On the homeland security front, intelligence gathered concerning al Qaeda tactics and personnel does not consistently or timely make its way to the front lines -- first responders such as local police departments, or even travel between regional FBI and ATF offices. Information about a recent theft of 3,000 pounds of ammonium nitrate (a popular ingredient in al Qaeda bombs) from a North Carolina factory was not known to ATF officials, nor to FBI headquarters, nor even at FBI offices in the region, despite the fact that local police had called both agencies in to investigate, and despite the fact that the FBI had concurrently announced that al Qaeda might be planning truck bomb attacks. (related story
In another case, an al Qaeda strategy to blow up several apartment buildings simultaneously was only disclosed as part of a political decision to defend the administration's detention of al Qaeda dirty bomber Jose Padilla. (related story
) The apartment bombing plan was not apparently disclosed to local law enforcement officials in the FBI's weekly homeland security bulletin, where such detailed intelligence most certainly belonged.
In fact, almost every substantial release of real intel about al Qaeda tactics and personnel since September 11 has been politically motivated, while the government's Homeland Security resources for citizens have consisted of simplistic and nonspecific advice like "buy duct tape" and "in the event of a dirty bomb attack, take shelter." (DHS resources for citizens
We live in an age of unprecedented information management potential, and yet the most sensitive government functions are woefully behind the curve in exploiting their massive data banks. In many cases, it's possible for private individuals to collect and process more information about terror suspects using commercial data banks like Lexis-Nexis than it is for government officials to draw conclusions from its many compartmented and classified data sources.
In response to this obvious information crisis, the U.S. chose to focus on enhancing collection techniques, seeking dramatically expanded law enforcement powers to obtain data through the USA-PATRIOT Act and its follow-on legislative fixes.
This approach is flawed on several fronts. In addition to the civil liberties issues raised by the legislation, the PATRIOT Act serves only to increase the flow of raw information into a system already glutted with unusable information. Before they ask for more collection power, federal authorities first need to demonstrate that they can process the information they already have.
Before the fact, U.S. authorities had collected more than adequate intelligence to prevent the September 11 attack or at least mitigate its severity. The major flaws were not in the collection systems, but in failing to integrate the intelligence in a central data system, and to subject the information to timely, competent and thorough analysis at the headquarters of the FBI, CIA, NSA or the White House itself.
According to Richard Clarke, former director of counterterrorism for the Bush and Clinton Administrations, U.S. officials were able to confirm that the names of al Qaeda operatives appeared on the passenger lists of the hijacked flights by midday on September 11. The information had been sitting in a compartment, useless. The problem wasn't collection, it was dissemination.
Obviously, it is not a technical impossibility to move the names of suspected terrorists from one node to another. At the most basic level, the U.S. disadvantage in the information war has much more to do with intent
than it does with capability.
al Qaeda's intent is to distribute
its information, and because of that clear focus, it succeeds despite significant technological disadvantages. al Qaeda's information strategy is executed using the materials at hand, including laptop computers, desktop computers, electronic organizers and file cabinets.
The U.S. government's intent is to restrict
information, as evidenced by its government secrecy and classification efforts. Massive bureaucratic inertia makes it even more difficult for information to move from its collection point to headquarters. On the odd chance the information actually makes it to headquarters, it frequently crawls into a compartmented bureaucratic drawer and only emerges when investigators start seeking accountability for a failure.
And accountability is perhaps the key issue here. The philosophy of restricting information is entrenched by a fear of accountability on the part of both politicians and bureaucrats. That fear is such a powerful motivator that incoming presidential administrations almost never blow the whistle on the classified mistakes of their predecessors, in an unspoken honor system designed to keep information under lock and key.
But accountability can usually only be deferred; it is rarely denied. And as Richard Nixon famously observed, it's the cover-up that kills you. It's better for America to learn from its mistakes quickly
than to bury evidence of its failures for months, years or even decades.
While many specific technical and policy fixes would be required to entirely fix the information crisis on a pragmatic level, none of those fixes will be worth much unless the U.S. leadership changes its intent from restricting
No one is suggesting the U.S. advertise battlefield strategies during war, or release a detailed description of White House security procedures. But there is a desperate need to make good data about the real terror threat available to the public, the media, legislators, and most importantly, to front-line law enforcement officials at the local and national level.
The only way change will happen is through an act of political will by the current or future occupants of the White House. The decision will almost certainly result in a dramatic wave of accountability, shock and blame for both political parties, as previously undisclosed information begins to flow out to the public.
However painful it may be, the process is necessary so that Americans can make informed decisions -- everyone from law enforcers, to legislators, to business leaders, to judges and juries, to voters.
Our information systems represent one of the country's biggest vulnerabilities. The War on Terrorism is an information war on every front, and the U.S. has unilaterally disarmed.