Virtual Militias

**Hacksaw** · 02-27-2008

All,

I readily except all criticisms regarding my "construct". Words are important, so the use of "stasis" and near-perfect" information is dubious for supporting rigorous evaluation. I just lack the vocabulary/time to communicate clearly.

I would like to clarify that I have no illusion whether this model, if applied to a single actor, would necessarily predict behavior in a micro sense. "Rational" behavior is in the eye of the beholder, but at a Huntington-civilization level I propose that the effect of an ever-present info-sphere will dampen radical upheavals/flucuations if for no other reason that it becomes damn difficult for any single actor/group to maintain the illusion of an alternative "reality". Even the super-powered individual will have difficulties with "staying power"

I suppose we'll just have to agree that the mob is right and I'll wallow in my ignorance

Live well and row

**Cannoneer No. 4** · 03-11-2010

Jihad Jane thread over at The Whole News
http://council.smallwarsjournal.com/...ead.php?t=9957

**Cannoneer No. 4** · 04-28-2010

http://ndupress.blogspot.com/2010/04...tias-with.html

US defenses are insufficient to stop Chinese cyber attacks. The US-China Economic and Security Review Commission estimates that Chinese cyber attacks cost the US hundreds of billions of dollars annually. By way of comparison, this is substantially more than the entire Chinese military budget.

What is needed is a threat that is both capable of forcing China to take notice and that it will believe the United States would execute. Such a threat exists. While China's regime does not appear willing to be deterred by conventional diplomatic or legal complaints, it has demonstrated considerable concern about threats to its censorship apparatus.

The most effective way to threaten Chinese censorship would be for US and partner nations to develop their own cyber militias. Rather than stealing intellectual property and disabling public institutions, however, Western militias would aim at finding ways to bypass Chinese firewalls to spread internet freedom.

From National Defense University Press Blog

America already has cyber militias doing PSYOP, and this is a call for cyber militia CNA.

**Cannoneer No. 4** · 01-04-2011

Saw this on Twitter this morning. Some of you may have heard it.

http://www.npr.org/2011/01/04/132634...w#commentBlock

In the years since that cyberassault, Estonia has distinguished itself once again: Now it is a model for how a country might defend itself during a cyberwar. The responsibility would fall to a force of programmers, computer scientists and software engineers who make up a Cyber Defense League, a volunteer organization that in wartime would function under a unified military command.

"[Our] league brings together specialists in cyberdefense who work in the private sector as well as in different government agencies," Defense Minister Jaak Aaviksoo says. The force carries out regular weekend exercises, Aaviksoo says, "to prepare for possible cyber contingencies."

The unit is but one division of Estonia's Total Defense League, an all-volunteer paramilitary force dedicated to maintaining the country's security and preserving its independence.

What lessons can an Estonian Civilian Irregular Information Defense Group, or Cyber Defense League within the Estonian Total Defense League, teach American Computer Network Defenders?

**selil** · 01-04-2011

I met last June with the CO of the Estonian Defence League (actually had dinner with him and his XO). I also met with the Defence Minister at a meet and greet. While I was in Estonian I was giving a presentation titled "Cyber warfare: As a form of low-intensity conflict and insurgency" which definitely plays out similar to what is discussed in the article. Rain Ottis gave a similar talk titled "From Pitchforks to laptops: Volunteers in cyber conflicts".

Many ideas of the concepts of levee' en masse are present in the European strategy to solve issues in cyberspace. Whereas, here in the United States I can't even think of talking to the bastion of cyber wizardry known as the NSA (now bow towards Ft. Meade). I can discuss with a much wider group of talented individuals options and success strategies in Europe. The European model though flawed in many ways is much more a distributed capability thereby giving much more power to the individual and empowering the state through resilience.

I gave credit to Small Wars Journal in my talk and several members of the council. There is a severe disconnect between the study of conflict and the study of cyber capability. I need schooled on the conflict, but understand the cyber quite well. Bringing together these two populations you would think would be easy. Not so much.

**Cannoneer No. 4** · 01-04-2011

Conscripting Cyber Experts to Protect IT Infrastructure

http://blogs.govinfosecurity.com/posts.php?postID=840

Defense Minister Jaak Aaviksoo says it's so important for Estonia to have a skilled cyber army that the authorities may institute a draft to assure every IT expert is available in a national emergency:

"We are thinking of introducing this conscript service, a cyber service. This is an idea that we've been playing around [with]. We don't have the mechanism or laws in place, but it might be one option."

Estonian CND is pretty cool, but how much of what they do in Estonia could Americans do in America?

Our new Civilian National Security Force that's just as big and just as well funded as our military might consider drafting all the skiddies who signed up for Low Orbit Ion Cannon.

**Stan** · 01-04-2011

Sam,
Sadly we couldn't get together during your stay (being made aware of your visit from our SWC agent in Sweden (M1)

One of the things with conflict and cyber wizardry in Estonia is a serious generation gap. The older folks spend an enormous amount of time and energy preparing for Russia's return and the youth behind a monitor. Trying to teach someone how to use a spreadsheet is just as challenging to explain and employ as is emergency preparedness to teenagers.

I hope they start concentrating on internet fraud before someone slips in the back door and takes all our Euros

**Cannoneer No. 4** · 01-04-2011

Happy New Year!

What does SWC's man in Estonia care to share about the Total Defense League?

Kaitseliit

**Stan** · 01-04-2011

Originally Posted by Cannoneer No. 4

Happy New Year!

What does SWC's man in Estonia care to share about the Total Defense League?

Kaitseliit

Happy New Year to you too !

There are actually two SWC men in Estonia (Kaur is lurking about or back to his real job east of here

)

That's a difficult question. My previous experience with the Defense League in 95 was mixed. Kind of reminded me of an extremely under-financed militia (some Estonians reminisced of the 1940s and called them the Forest Brothers). Back in 95 (similar to 1940) they were poorly equipped and disorganized as the country was trying hard to concentrate on active duty forces, leaving their national guardsmen to hover for funding. But that didn't stop the League from training and maneuvers where possible. I would later learn that many of my friends and associates were reserve members and were quite active within their assigned units.

In the 1940s the so-called Forest Brothers were responsible for more Russian officer (single shot) kills than any other military unit to include SS death squads. They couldn't afford to squander ammo nor spend too much time in the AO. They adapted well to both the terrain and their own shortcomings (Estonian's rarely whine when the chips are down).

Although they financially fair much better today, most of the older folks tend to hang onto their tried-and-true traditions.

I can't comment much on the Cyber Defense League - just not my background nor interest.

**selil** · 01-04-2011

Originally Posted by Cannoneer No. 4

Happy New Year!

What does SWC's man in Estonia care to share about the Total Defense League?

Kaitseliit

I talked to them about their training. While I was there they were getting top notch training from SANS and others. They are also tied in with NSA, DOD directly, NATO, and a few other organizations around Europe. They have CCD COE there that is a government group, and several of their members are highly regarded here in the United States.

To quote the famous M1, Estonia is a small country with hot chicks. No wonder Stan and Kaur live there.

**Cannoneer No. 4** · 01-04-2011

Originally Posted by Stan

In the 1940s the so-called Forest Brothers were responsible for more Russian officer (single shot) kills than any other military unit to include SS death squads.

The Forest Brothers and the Selbschutz, Schuma Battalions, and the 20th Waffen Grenadier Division der SS (Estnische Nr. 1) whacked a lot of Sovs during the Great Patriotic War. Great Irregular Warfare stuff for a different thread.

Estonian Exceptionalists have forgiven themselves for their Nazi past and convinced their countrymen that Estonia is a force for good in the world and deserves to survive.

**Stan** · 01-05-2011

Hey Cannoneer !

Originally Posted by Cannoneer No. 4

The Forest Brothers and the Selbschutz, Schuma Battalions, and the 20th Waffen Grenadier Division der SS (Estnische Nr. 1) whacked a lot of Sovs during the Great Patriotic War. Great Irregular Warfare stuff for a different thread.

Hmm, just so some folks don’t get the wrong idea thinking the Forest Brothers were Nazis or Nazi sympathizers, I need to clear this one up a smiggin.

Generally speaking the Forest Brothers limited their activities to supporting Estonian and Finnish soldiers and were at one time something of a myth or legend when soldiers returning from the front recanted stories of “Forest Brothers” disrupting flanking enemy fire and saving their butts. They however were not an elite SS unit hangin’ out in the trees and Bogs. One very old dude told me “how easy it was to pick off Russian officers” as they always paraded around in class A’s with all the glittering accoutrements glaring you in the face.

Originally Posted by Cannoneer No. 4

Estonian Exceptionalists have forgiven themselves for their Nazi past and convinced their countrymen that Estonia is a force for good in the world and deserves to survive.

Most Estonians agree that Estonia was occupied both by the Germans and Russians (they were in fact occupied not less than 15 times, but we’ll stick with the 1900s for now). What one doesn’t hear too often when speaking to people over 50 are bad stories about the Germans raping and pillaging. The Russian-related stories run the gamut between freedom fighters and nearly “African Style” animals (unless of course you’re speaking to an ethnic Russian

).

I know of only one or two ethnic Russians in the Defense League today and they were born to either an Estonian father or mother (which statistically speaking doesn’t count as a Russian). So, IMO, the Defense League will continue its tradition and the Cyber Defense Unit is simply reflective of the League’s newest and youngest patriotic members. I’m reminded that the next war will not include firearms, and keyboards will soon be a thing of the past (jeez, why did I ever learn to type in the first place ?).

Regards, Stan

**Old Eagle** · 01-05-2011

I absolutely do not want to hijack this thread because the concept of a cyber militia is intriguing in many aspects.

Piggybacking on what Stan wrote, however --

One of the most fascinating evenings I spent in Tallinn was with two WWII vets. During the German occupation, draft age males were swooped up into the Wehrmacht. During the Soviet occupation, they were spirited away into the Red Army. These two ancients lived only a couple of blocks apart and were close to the same age. One had been forced into the Red Army and the other into the Luftwaffe two years later. The Soviet had become an officer and rode with the armored columns that "liberated" his homeland. He eventually rose to the rank of LTG. Just listening to them talk about their experiences hour upon hour made the headache the next morning worth it.

Kaitseliit -- in the early days of post-Soviet independence, they were absolutely scary. Like 14 - 80 yr old Boy Scouts with guns (and booze).

**anonamatic** · 01-08-2011

The US has a need for people but isn't in a position to do a draft, even for this. The idea has been raised, but I don't think it is being looked at as seriously as it should be. In lieu of that, there is a lot of effort being put in to developing those skills from the private sector as well as internally in the services.

People making the observations that this is a hard area to bridge are really making better observations than it might seem. While it's sometimes hard to articulate what is an attack and what's a protest at a very basic level, it's even more difficult to deal with some of the strategic field as it exists. You can for instance harm a country, and potentially kill people in active attacks, while completely ignoring their military assets. If enough disruption is created for a long enough time, commerce & services get hurt. That's operations that are only taking place inside a civilian realm too. When you start chucking operations against military assets into the mix, well things get a lot more wicked, a lot quicker.

There are a lot of instances of cross-domain activity between technical means and more purely kinetic means of disrupting enemy activity. Those types, the use of tech in insurgencies, rebellions, & by state sponsored types are probably one of the hardest to cope with. When I first started trying to learn more & get current with COIN concepts to work with them as they related to technical domain problems, I really questioned myself a hell of a lot. It took me a long time to really understand how hard dealing with those issues really is, and that absent any wirehead geekery at all.

Somewhere between turning off all the lights in a city, and helping the strategic captain figure out how to make stuff happen in IO with the strategic printer lies a huge variety of problems.

To think about a draft, you have to think about what for. There's also a lot of distance between growing in house information warfare skills inside a service (something I firmly believe in), and being able to expect to buy them like a COTS purchase of MS Word. Dealing in the private sector, and this is I think broadly true of more than the US, one encounters capacity issues no matter where you turn. Often enough it's the private sector that's in need of either protection or attack depending on ones goals. The issues they face are different than some of the boots on the ground issues that come up. The two intersect however, and that's the part that gets rough on everyone...

If instead of blowing up a radio tower to shut off the radio station, I'm turning the thing off, & subverting the cellphone base station that's using the same mast, and keeping the ability to reuse both for my own ends, well that's more useful than making craters in a lot of instances. In many however, that's not going to be an option. Do you want your forces to be able to finesse those situations? Hell yes whenever possible. That's a capacity built with some bricks of knowledge though. Training people to know what to look for, know how to cope with tech they find, not to freak out at piles of wires in some cases, and in others to run the hell away, well every service is dealing with those sorts of issues today.

So, I don't think it's enough to talk about a draft. The idea of a national guard, or some sort of technical reserve probably has a lot of merit in many instances. In smaller countries I think such a thing may become essential. In larger ones, assuming a larger capacity, logistics will probably end up creating situations where capacities are concentrated, but there are limits to scale there too.

I do think in the US at an industrial level mere voluntarism is not enough. That's been tried, and it doesn't work nearly as well as anyone wants. I'm not sure what's in between a draft and some ridiculous notion of buying talent & services like it's some standard purchase, this is not stuff that comes off the shelf, as has been amply demonstrated.

I'm fairly good at protecting computers & capable of no end of nasty in adversarial situations, but that feeping geekery is completely useless without understanding domain issues. Warfare has entirely different problems than making sure a web coupon application creates a proper expiry date for example, or any of the 'how do I make this work' tasks that go with information system creation & modification.

This is a difficult problem, and I think it's a set of issues that have moved beyond trendyness to being real problems that forces have to cope with. There is a lot of that reflected in the infrastructure related aspects of various COIN doctrine. What's changed is that technology of all sorts has become far more ubiquitous than anyone foresaw.

**selil** · 01-08-2011

Originally Posted by anonamatic

This is a difficult problem, and I think it's a set of issues that have moved beyond trendyness to being real problems that forces have to cope with. There is a lot of that reflected in the infrastructure related aspects of various COIN doctrine. What's changed is that technology of all sorts has become far more ubiquitous than anyone foresaw.

There are numerous other issues as you stumbled across a few times in your previous post. The mixture of IO with cyber warfare. Information operations assists the "strategic captain" but are by definition not kinetic operations. Whereas, cyber warfare most assuredly can be a kinetic operation.

Part of the issue is that there are different technocracies that are involved and they each have specific view points, expectations, and valuations of capabilities.

The technical network sophisticate will use specific language to express capabilities to inflict damage on the adversary. The social network sophisticate will likely use similar language to express inflicting damage on an adversary. Yet they will be talking about two dissimilar goals and assumptions of ability.

When we talk about technical sophistication across the broader domain of cyber warfare it is important to understand that all capabilities found in other domains of warfare must be found in cyber warfare. There must also be some special operational characteristic. Land, sea and air all have specific properties that are inherent in all of the domains as regards conflict. And, each also has a specific attribute.

As we see in land warfare the armor officer is going to see specific attributes of his weapons platform as requirements for land offense. The artillery officer will also see specific missions and roles for his offensive weaponry. There will always be the infantry who will say that wars are won by them and others are merely supporting roles.

It is imperative that the roles of cyber warfare specialists be addressed from a holistic view point showing what the specific platforms, weapons, roles, and tactics are before engaging in strategic discussions. Who would you draft may be an easier question to answer than what would you have them do.

Having technical sophistication in moving from analysis through vulnerability to exploitation may seem necessary but it a small part of the cyber warfare strategic landscape. Supply chain hacking, exploitation of the design and prototyping process, reverse engineering, post retirement exploitation, and many other venues of intelligence gathering and attack are also available.

The current information technology sophisticate is going to look at the network as the domain and be horribly misguided. The air-gap will stymie them, but when looked at in a broader context be negligible. There is a myopia found in most discussions of network exploitation that simply has to be addressed. There is a small group of authors who have looked at this topic and come up with some answers.

The small wars community and specifically counter insurgency community have documented many lessons that can be transferred to the cyber realm. Remember from earlier we should find this as a possibility if the domain actually exists. Using the tools and weapons of an adversary against them, using their infrastructure as a weapon, finding safe havens within the adversary population, interdicting the supply chain, and much more all possible within cyber warfare.

There is a lot more to cyber warfare than the global information grid, and there is much more than the limitations of information operations doctrine. The key is that all domains and militaries operate on information. A scholar of cyber warfare has to be able to point at ancient wars and find the patterns of cyber warfare inherent in the previous conflicts. Cyber as a word to often to too many people is synonymous with Internet. This is similar to the problem of information technology meaning computers. Neither is true, but both are neither false. A pencil is a piece of information technology the same as the filing cabinet. Finding those patterns in cyber warfare is important.

Why are the patterns so important? Because, they inform you on the why you need cyber experts and who you need.

**anonamatic** · 01-09-2011

Originally Posted by selil

There are numerous other issues as you stumbled across a few times in your previous post.

You'll have to forgive some of what I said in that I have constraints on talking about this subject. I tend to be a bit generic about some things in an effort to be disciplined about discussion because of that. I didn't post here at all for a very long time for that same reason, & skipped introducing myself too due to similar motivations.

You said "Who would you draft may be an easier question to answer than what would you have them do." and I think that's very true. Bridging the gap of being able to tell people what to do involves them having some understanding of what & why, then they can put together how. Going the other direction is often equally difficult, the parable of the 'horseshoe nail' or whatever the lost messages tale is called is a good example of that with low-tech. Explaining to people why an easily overlooked nail can be important can be a lot like trying to explain how the Death Star has only one miraculously overlooked twisty path to being blown up that no one thought of. As an aside, notice how for that operation Obi-Wan used the Star Wars equivalent of PowerPoint... Darth Vader was not the only grim thing about that future...

In any case, I agree broadly with the things you said. I'd add that I think there's been some really dramatic evolution that's pushed technical aspects of conflict in their current direction. I can say with absolute certainty for instance that some of what was in the Hollis paper will come as a real surprise to a lot of geeks when they're confronted with aspects of the changing terrain.

**selil** · 01-09-2011

Originally Posted by anonamatic

You'll have to forgive some of what I said in that I have constraints on talking about this subject. I tend to be a bit generic about some things in an effort to be disciplined about discussion because of that. I didn't post here at all for a very long time for that same reason, & skipped introducing myself too due to similar motivations.

Totally understood and I'll keep that in mind. Participate as you are able and it is welcome. As you might guess I'm an open book, unconstrained at this time, by any government or business entity. You can go to my website, see my complete CV so you can determine if I have any credibility in my statements.

I am currently preparing a large scale project in targeting and weaponization across the totality of the cyber domain. The bones of the argument are that cyber has the following traits.

cognition -> technology -> cognition

or

cognition -> technology -> heart beats

or

cognition -> technology -> technology

We always start with intent and our overall targeting goal is a change in attitude, living status, or breaking stuff.

Explaining that concept to a information technology professional who has limited understanding of conflict and even less of weaponization of their platforms is difficult. Utilizing strategies and cultural clues as the Estonian forces are attempting are good strategies of levee' en masse. Selection of weapons and strategies that are conceptually taking into account perfidy and law of war are also anathema to most technocrats.

Add to this mix the multiplicity of domains, the myriad complexities of signals versus EM, versus IO communities and you have no structure to plug a volunteer force into.

**Cannoneer No. 4** · 01-10-2011

davidbfpo has thoughtfully started a new thread, Small, Forgotten Small Wars, where Estonian Operations Other Than Information are being discussed.

Discussion of Estonian IO, CND, CNA, PSYOP, MILDEC, OPSEC & EW is what I had in mind for this thread.

**anonamatic** · 01-10-2011

Originally Posted by selil

Totally understood and I'll keep that in mind. Participate as you are able and it is welcome. As you might guess I'm an open book, unconstrained at this time, by any government or business entity. You can go to my website, see my complete CV so you can determine if I have any credibility in my statements.

Thank you, this is a low-BS site overall but I did already go take some look at your site, I think you're doing good work. The site admins have my name, mail, & I'm not bouncing around any. I'm open to more privately than publicly, but I need the tripwires of pseudo-anonymity too. With a lot of what I do if you know who I am then I'm doing it wrong, so it's something of a habit too.

In your earlier post, when you said "technology -> technology" can you clarify what you meant by that? I'm not sure quite what you mean there, although I follow the earlier synopsis a bit better.

Quite frequently even today when you talk about destroying either a piece of tech, or a system that relies on it, technologists greet the idea with surprise. There are two types of surprise that come up, one is surprise at a method, the other more common one is surprise at the possibility of doing such a thing. That latter one I encounter the most. I encounter it a lot less frequently in any discussions with military people, but it still happens because everyone has a tendency to take technology for granted until it's gone. Figuring out the implications is difficult a lot of the time too, and it's taught me to be able to feel very comfortable listening to someone & then saying "I did not know that".

I think that an awful lot, and not all, but very many technocrats do not understand warfare, and very little of war. A lot of them don't understand government, or that order & anarchy can both be extraordinarily destructive when they are taken to extremes of implementation. It would be very easy for me to go off on a long, long & detailed rant about all the ways that's true, but I'll just add that it's the same problem as seen between civilians & their governments & their military in most countries. Technology people, & geeks of all flavors, can be personally abstracted from basic hygiene so I think it helps to keep in mind sometimes that their limitations in those areas can cause a wide variety of understanding problems, & military matters are part of the pile, not an exception.

**anonamatic** · 01-10-2011

I think that some of the arguments that Clauser makes in the paper published on the site about 'drafting the US civil service' might apply to tech domain stuff, and apply outside the US.

I'm of the opinion that in smaller states especially with technology there needs to be a fairly holistic approach that can draft people when necessary & put in place organization to deal with digital conflict. It's a mistake to rely on technology people to solve problems on their own, and that was shown in this conflict. One of the constant themes of any complex forensic examination is the amount of 'didn't know' that pops up. The US grapples with that to this day, but with smaller states, less is more. That extends to impacts, as well as to the people involved in dealing with the effects of conflicts on systems. The larger an IT infrastructure a country has going on, the more technology ubiquity, the more they can muddle along. There are problems of symmetry for attackers that are usually overlooked when discussing technology operations too. Attackers face disadvantages, and there being an awful lot of technology out there is one of them.

One other thing that has a bearing is that there are usually somewhat fewer layers of everything in a smaller state, so that creates more organizational pressure to cope with these problems.

Businesses have a very long history of trying to ignore the constraints of nation for profit, & they can not be relied on to safeguard their own best interests quite frequently, much less the interests of countries they're from or operating in. They just aren't focused on that, and I suspect rarely if ever will be. This gets reflected in government standards for tech, but that doesn't work at all for people & organizations so something different is needed. Structurally, I'm not sure that there aren't various ways of coping with these problems without a `draft', but when it comes to making sure things function, and making sure that the right people are talking to each other in the event of some attack or disaster, that's somewhat non-optional. It's a baseline requirement of disaster planning in a lot of respects.

I think it's particularly important for Estonia not to adopt a position of not going back to business as usual. The more they can do to reduce vulnerability to attack, the less they will be attacked. The less that happens, the less conflict is fueled. So it's well worth the effort & investment on the part of everyone to invest organized effort in this. It's been demonstrated that `getting away with it' is not a viable strategy because it will not work. People and overhead in technical security is commonly a skimped-on technology aspect for a lot of reasons, some of them quite good, but many are not because of the downplayed risks.

One of the characteristics of the Estonian conflict was attrition, and it's quite obvious that it had an effect over time. This offers some explanation how cumulative small risks can contribute to large structural failings too, and it's really one of the best modern examples of that around.