I just read an interesting article entitled, “Epic Landpower Fail,” in which the author, a US Army Major and strategy professor at West Point, makes the point that today all landpower is attributional. What he means is that landpowers – armies – can be attributed to a specific country. You can’t just mass a force in a foreign country without the entire world knowing to whom it belongs. As we saw recently with Russians in Ukraine, even putting a small contingent of troops in a country is going to draw attention. They may look different, act differently, or exhibit all those ‘C’ factors (Contrasts) that good analysts look for when identifying threat characteristics. Those threat characteristics, or signatures, are going to lead analysts to believe that those men were/are Spetsnaz or FSB.
But what about when we can’t tell our different enemies apart? The opposite – what we might call “nonattributional warfare” – is the fight against an enemy whose intent is to remain hidden or anonymous. This thought reminded of me being in Iraq and Afghanistan and trying to decipher which group, cell or leader perpetrated specific attacks. There were what we call ‘indicators’, which are Signatures.
A made up example: Mullah Ahmad liked to use pressure plates for his IED triggers. Therefore, within his known or suspected area of operations (AO), we could attribute all those pressure plate IED attacks to his specific IED cell. This is what we call TECHINT, or Technical Intelligence. The same could be said for sniper events, or mortar and rocket attacks, or murder and intimidation campaigns against the populace. I remember being at a small FOB and getting hit with rockets that landed inside our base. It seemed like we always had incoming during one of two times: right during dinner or in the early, early morning. Pretty much the times when you were tired and just wanted to be left alone. But we pretty much knew who was doing it. Even with our limited organic intelligence assets, that was the easy part; finding those rockets while they were being set up and/or before they were launched was more difficult. And finding and killing the leader and his cell members proved even more difficult.
And then there were these new attacks, or a new tactic, technique and procedure (TTP) we hadn’t seen before. It might be a variation of an old TTP, or it might have been a completely new TTP. Either way, part of our task was to identify who was responsible and then start up the targeting process. What indicators were there about this anonymous insurgent? Did he leave any clues? Is he accidentally telegraphing critical information? (For instance, if his rocket attacks became significantly more accurate, then he likely has a spotter observing the impacts on our base — is his spotter already on our base? That’s an imminently critical threat for counterintelligence.) Is he a new player that recently came into our unit’s AO? Did we kill the old cell leader and just haven’t heard about it, and is this the work of the new leader? These are pretty standard questions that analysts ask themselves during an up-close and personal counterinsurgency. But this is the nature of fighting an anonymous enemy. Had Facebook and social media been as popular in Iraq and Afghanistan as it is in America today, the fighting in these wars could have been over within a matter of a few years (that’s my own personal opinion). America has really given up the ghost on the privacy front, and that’s even before we get into NSA programs. (As a student told me during the NC PATCON, “If you aren’t paying for the product, then you are the product,” in regards to Google, Yahoo, Facebook, etc. Wise words.)
Fighting an enemy whose attacks go unattributed by design gives him an advantage. By going low tech and avoiding the strengths of the US Intelligence Community (IC), namely Signals Intelligence (SIGINT), the adversary removes that significant advantage. The guerrilla adversary’s Battlefield Operating Systems (BOS) – Maneuver, Fire Support, Mobility/Countermobility/Survivability, and Combat Service Support (re: Auxiliary) – can largely operate without scrutiny of active surveillance because they’re hidden in plain sight, use strict Operations Security (OPSEC) and Communications Security (COMSEC), and play against the weaknesses of their larger and technologically superior adversary. Every strength is also a weakness. The US IC over relies on SIGINT; therefore when the targets stop communicating electronically, that SIGINT well dries up. The Army is really big and powerful, but it’s slow to move large forces that aren’t specifically designed for rapid deployment, and for every tooth deployed, there has to be several tails all working to keep that tooth in the fight.
In addition to remaining ‘off the radar’ so to speak, nonattributional warfare gives even skilled analysts fits. In short, if one or two or three different guerrilla cells all operate within the same relative AO, and whose identities and organization are unknown to the regime intelligence element, the regime analyst can plot the attacks on the situational template, generate beaucoup intelligence requirements, and task all available collection assets until he’s blue in the face; however, what he’s not going to do is tell the difference between attacks from Cell A and attacks from Cell B or Cell C. Being able to identify specific cells and tell their differences is a pretty critical task for the All-Source analyst.
Now, that analyst going to look for all the SPACE characteristics (it’s what I would do, at least) – Signature, Profile, Association, Contrast, and Exposure – to draw conclusions about the perceived differences in TTPs. He’s going to use battlefield biometrics to identify Signatures (fingerprints off expended brass in this case), develop those Signatures into a Profile (Cell A/B/C), form Associations between the attacks (time, location, target, TTPs), and identify Contrasts in between those Associations until he can build a cumulative Profile for each cell. But the fewer clues these guerrilla cells leave behind, the less likely it becomes that he’s going to form an accurate conclusion. Poor guy; he can only work with what he has. But the less he has, the better off those guerrilla cells become (which is why security is so important to understand at a practical and academic level).
So a few days ago we talked about the guerrilla’s need for hearts and minds, for developing a human terrain that provides cover and concealment. Nonattributional warfare — warfighters who we can’t identify or necessarily associate to a specific cell, team or cause — should be a corollary to the tenets of guerrilla warfare. Guerrillas can’t remain anonymous as long as their villages and communities are outing their identities. An identity, even a pseudonym, is the loose end of a ball of yarn that a good analyst will pull. Sorting identities helps to build these cell profiles and identify their structure. Even knowing that each cell is comprised of three to five guerrillas is important to learn. It may take a while – it may take longer than the analyst has – but he’ll get the whole ball unraveled eventually, all the while pushing out targeting packages on the highest payoff targets. (If you’re a cell facilitator, it’s not going to end very nice for you.)
So if anything is ever truer, it’s that once you’ve been identified, you can’t un-identify yourself. Once you been associated, you can’t be un-associated. When catastrophe can start with an identity, it’s always best to stay anonymous. The guerrilla’s goal, then, is to fall through the cracks. That’s where he survives.