Thursday, April 20, 2017

Politicians Can Be Part of a PSYOP Campaign – Whether They Realize It Or Not

Many of us remember then President George W. Bush declaring victory in Iraq under a “Mission Accomplished” banner on the USS Abraham Lincoln in San Diego on May 2, 2003 (see: https://opinionator.blogs.nytimes.com/2009/01/25/mirror-mirror-on-the-wall/comment-page-14/?_r=0, which is also this picture’s source.)

This week Vice President Pence decided to break protocol and, according to various media, stare down the North Korean troops at the DMZ (see: http://thefederalistpapers.org/us/new-video-shows-pence-stare-down-north-korean-troops-at-dmz, which is also the photo source.) The picture is actually a still taken from the CNN video. 

Antics of one type or another across the DMZ have ranged from the comical to the tragic and the Vice President’s face making is just one of the latest. On April 29, 2016 Task & Purpose ran a story “North Korea Whines About US Troop Faces At Its Border Guards” (see: http://taskandpurpose.com/north-korea-whines-us-troops-making-faces-border-guards/, which is that photo source.)

Of course, one could also conclude that neither Mr. Bush nor Mr. Pence were posing for our adversaries but were courting the American Public.

Mr. Pence’s rebellious (if you could call it that) seems to follow the pattern of the new Commander-in-Chief, that is act first and think later. This time there doesn’t seem to be much of a downside. However, it is fair to say that actions by Heads of State and other senior government leaders, whether attended or not, can have significant impact due to the 7/24 news cycle and social media.

Images can be taken out of context and used for purposes quite opposite of their original intent. A little forethought can prevent our adversaries from getting even more information ammunition.

Wednesday, April 12, 2017

How You Look Matters




One of my favorite military sources, Task & Purpose featured this little video about a Florida Police Department and their mission to combat drugs in their Florida County (see: http://bit.ly/2o6A6eE; which is also the picture source).

While the Sheriff certainly has the best of intentions, he and his deputies  come across as something between King Cobra’s gang (see picture at left; source: http://bit.ly/2o5Ojrx) and ISIS. The climax of the video when he and his coterie march off doesn’t help either.

An unfortunate fact of life is that many people will judge you by how you look. Many of us remember our mothers checking us out before we were permitted to leave. Some of us of have wives who fulfill the same purpose today.

In the MISO/PSYOP world there are two contexts WRT appearance.

1.     The Audience
You need to dress to have your audience feel positively about you. In sales training we often say “the prospect has to be listening to you and like you as a person before they will consider buying anything from you”. In the case of an audience that you are attempting to influence, such as the population of Lake County, you need to adapt your uniform to engender the trust of the people you are attempting to serve, yet adhere to appropriate force protection measures.

A very good example were the Brits in Bosnia. While the US troops were always in “Battle Rattle” – meaning helmet and body armor, the Brits were not. They wore soft caps and no body armor. This means if they came across a situation where a non-lethal response was preferred as a first step, the could upgrade to body army and helmets as a way of showing business.

Clearly this lesson was lost on Lake County. Of course it’s possible that the Sheriff thought only the bad guys would watch this video and get scared, but of course, that would never be the case in today’s world.

2.     The Supported Unit
MISO never works alone. We are always supporting a unit wither SF or Conventional and we need to look like we are a part of that unit in the military context.

Any potential negative impact of the Sheriff’s video may not be known, but it is at least a pretty good example for instructive purposes.

Monday, April 3, 2017

Small Unit Tactics Are Fundamental


I just finished my most recent stint as the IO SME for a Joint Public Affairs Contingency Course. As a part of the operational play I had to devise an influence campaign to try and stop a BN CDR from attacking the capitol city as ordered by his BDE CDR.

I must admit I wasn’t the best map-reader in the Army. I always tried to pair myself up with someone who was good at it. However it was clear to me that even before I could even develop my own MISO CONOP I had to understand the military operation. This meant assessing the convoy route, determining how long the convoy would be allowed to travel before being attacked from the air, etc. This analysis complemented the media analysis of how to reach the unit’s leadership.

Many people feel the same way about the cyber realm. In developing a graduate course for American Military University (AMU), “Cyber & The Intelligence Cycle” I have one lesson which is a practical exercise. I thought it would be appropriate to provide some insight into cyber attack and defense along the lines of a class military piece on small unit tactics.  My version is a couple of pages and can be found below.

Duffer’s Drift (found at: http://www.globalsecurity.org/military/library/policy/usmc/fmfrp/12-33/fmfrp12-33.pdf) is regarded as a classic in the realm of small unit tactics. It is set in the Boer War and describes dreams that a LT has while being charged with the defense of a key piece of terrain. You can find a copy of the book on Amazon at: http://amzn.to/2nBB0j8 (which is also the photo source).

In this version I’ve brought it up to date and analogized the small unit infantry tactics to the cyber world of today. 

There is a USMC authored Rand version for Information Operations Practitioners which is 50 pages worth and can be found at: http://bit.ly/2oL1XRI

First Dream

“Do not put off defense” can be interpreted to mean employ an active, layered defense or defense in depth means to employ a number of complementary security products and services in your defense. These include multi-factor authentication, firewalls, intrusion prevention systems, etc.

“Locals” we can define to be contractors, visitors, temporary employees and similar stakeholders. In the defense context the principles relating to ‘locals’ means that you treat everyone as a security risk who must adhere to the same policies and procedures as employees and who must be subject to the same sort of cybersecurity technology products and services as others. Security needs to be uniform across all personnel seeking to access the organization’s information technology resources.

“Tents” in the cyber context means insure that all devices and networks have at least a minimum amount of security to avoid casual use by unauthorized personnel and to discourage would be cyber trespassers.

Second Dream

The second dream makes a strong case for cyber concealment and deception. Techniques here can include honey-pots and sandboxes. Honeypots and sandboxes are technical means whereby systems and/or networks are set up that are totally isolated from actual systems and networks. They are designed as decoys to attract, study, and entrap attackers. Both of these induce the attacker into an area where they can do no harm.

As to locals in this dream – the implication is that the organization treats the employees well so that they don’t covet the contractor’s position. Contractors should not be given favorable treatment to include the need to cover shifts beyond the normal day shift/week day work schedule.

Third Dream

The third dream makes the case for stringent ‘local’ management. This may also alluded to the 21st century enchantment with Social Media and that family members might unwittingly be security risks or even targets. Executives and those in sensitive positions need to take special care to insure that the organization’s sensitive data, prototypes, plans, etc. are not accidently exposed on social media by family members. This bid for OPSEC means that family members should be aware of the dangers of social media and should have clear guidelines as to what they cannot do.

Comments with respect to trenches can be taken to mean that there is a need for advanced security architecture. Architecture should also consider how organizations should maintain security in the face of advances in smartphones, tablets, etc. Systems should be designed with cyber security as a core foundational element rather than as an add-on feature after the systems or applications are fielded.

Fourth Dream

There are several key points contained in the 4th dream. First of all, the dream correctly realizes that cyber is everywhere. This is especially critical given the growth of the Internet of Things (IoT) as the 21st century version of Supervisory and Data Acquisition (SCADA) systems. Advice about guarding your rear could easily be interpreted as watch out for intentional (created by bots perhaps) or unintentional backdoors. Today’s software is highly complex and contains tens of thousands of lines of code. Product flaws, whether or known or unknown, can offer inviting entry points for attackers.

Huddling the men could be interpreted as meaning - don’t put all your sensitive data in one spot. This principle is a driving force behind cloud architectures software as a service. Data Centers are giving way to web services for a variety of reasons with cost reduction being a primary consideration and advanced security such as provided by Amazon Web Services (AWS) being another. Not that AWS is impregnable. They make it clear that the client bears a heavy responsibility for security as well.

Concealment needs to be addressed physically and logically. Physically it is not a good practice to make it easy to find your data center. Data centers should be concealed to add to their security and they should be buffered with appropriate physical security measures.

Interestingly enough the 4th Dream makes a case for penetration testing – “Look from the enemy’s view.” As a practical matter, penetration testing should be holistic. While employing white hat (good guy) hackers to test your IT security postures is a good idea, Human Intelligence (HUMINT) operatives should be considered to test resistance to social engineering and other people based efforts.

Fifth Dream

Makes a case for deception. Read industry expert Bruce Schneier’s brief summary at: https://www.schneier.com/blog/archives/2014/08/us_air_force_is.html.

Sixth Dream
Use everything you have learned in all the other dreams to come up with the best possible cyber defense in your own situation.