Embed Size (px)
Citation preview
1
Selected Papers in Security Studies: Volume 6
The Continued War on Terrorism – How to Maintain Long-Range
Terrorist Deterrence
Technical Report UTDCS-35-11 The University of Texas at Dallas
Department of Computer Science November 2011
Jan Kallberg and Bhavani Thuraisingham
2
Selected Papers in Security Studies: Volume 6
The Continued War on Terrorism – How to Maintain Long-Range
Terrorist Deterrence
Jan Kallberg, PhD and Bhavani Thuraisingham, PhD
Cyber Security Research Center, Erik Jonsson School of Engineering and Computer
Science, The University of Texas at Dallas, Richardson, United States
Jan Kallberg, Visiting Scholar, Cyber Security Research Center, Erik Jonsson School of Engineering and Computer Science, M/S EC-31, UTD, 800 W Campbell Rd, Richardson TX 75080, United States E-mail: [email protected] Bhavani Thuraisingham is Louis A. Beecherl, Jr. I Distinguished Professor, Department of Computer Science, Director of the Cyber Security Research Center, Erik Jonsson School of Engineering and Computer Science, The University of Texas at Dallas. Jan Kallberg is visiting scientist at the Cyber Security Research Center. This is the sixth in a series of reports we are writing on Security Studies and the application of information technology for providing security and combating terrorism. We will include papers on both cyber security and national security. The purpose of these series of reports is to guide us in the technologies we are developing for both cyber security and national security. The technologies include systems for assured information sharing and assured cloud computing and tools for secure social network analysis and data mining for security applications such as malware detection. Our research to develop these technologies is supported by the Air Force Office of Scientific Research. DISCLAIMER: The Views and Conclusions contained in this report are those of the author and do not reflect the policies and procedures of the University of Texas at Dallas, the United States Government or the Air Force Office of Scientific Research.
3
The Continued War on Terrorism – How to Maintain Long-Range
Terrorist Deterrence
The American withdrawal from Afghanistan scheduled for 2014 signals an end to the
first phase of the global War on Terrorism. The future global War on Terrorism is
indicated to be focused on intelligence operations, surgical strikes to attack terrorist
groups, increased surveillance and interception of terrorist activity and finally
deterrence. Traditional deterrence requires a mutual understanding of a common
rationality and a mutual interest of survival between the parties. These conditions do
not exist in deterring terrorists. This paper is focused on how to establish and
maintain long-range terrorist deterrence. If traditional deterrence is applied on
terrorism it tends to end up in a tit-for-tat game, strike when struck, and counter value
targeting. Traditional deterrence does not work against groups that operate under a
different rationale. Instead, deterrence could be directed to the first logical layer
surrounding terrorist activity like criminal networks supplying resources paid buy
cash or illicit drugs. If these layers are deterred, terrorists either are denied necessary
means or are forced to take bolder and riskier approaches to acquire their means
exposing them to a far higher likelihood of detection and interception.
Keywords: terrorism, deterrence, irrational actor, cyber warfare, forensics, terror
funding, austerity, war on terrorism, cyber forensics, data mining
1. Introduction
The War on Terrorism (WOT) is entering a new phase when the counterinsurgency
war in Afghanistan comes to an end step by step. After the suppression of terrorist activity
by occupation and military operations the next development in WOT would steer towards
surgical military operations supported by the intelligence agencies without holding larger
territories in foreign lands. This will indirectly reduce the ability to limit terrorist activity
and preparations on foreign soil.
4
A word that reoccurs in the political debate is deterrence and the quest to deter
terrorist activity. Deterrence requires that there is a semi-rational actor on both ends and
that the actors share a mutual interest of survival.1 Terrorists are irrational actors and tend
to lack the interest of survival or maintaining their freedom.2 The concept of rationality is
normative and the irrationality is seen from the perspective of the deterring party. States
that deploy traditional deterrence against terrorists can fail to reach their goals. 3 The
terrorist deterrence literature is heavily steered towards interpreting these organizations,
their message, and how they are portrayed. Instead of seeking to understand and de-codify
the outlook of al Qaeda and associated groups, we are focused on deterring vital links in
their procurement chain. To a degree, it does not matter if the individuals X, Y, and Z want
to commit terrorist acts if they are unable to do it. There is an inviting lure in the unknown,
the thinking and ideology of al Qaeda, and trying to understand why they want to perpetrate
these acts. In our model the al Qaeda weltanschauung is trespassed, ignored, and the focus
is on the ability to gather resources and perpetrate a high casualty attack. If al Qaeda fails to
be able to commit terrorist acts, deterrence has been effective even if it was targeted
indirectly. This paper investigates and reviews the options to create a functional and
deployable deterrence against terrorism by focusing on the first rational layers in the
terrorist procurement chain to deny the terrorist access to the necessary means to stage
attacks that result in mass casualty events.
5
2. Current Situation
Downsizing the War on Terrorism
The events of 9/11 in 2001 put an end to a decade of U.S. post-Cold War
realignment and dismantling overseas engagements. A surge of military operations in
foreign countries occurred and in regions that had never been accessed before – mainly
Central Asia. The calm years after the collapse of the Soviet Union were quickly replaced
by the global War on Terrorism after 9/11. To equip, train, and organize the War in
Afghanistan has been an expensive undertaking, especially as this war is fought in remote
locations with limited infrastructure.
The large-scale global WOT is incrementally coming to an end. There are several
drivers in this process. There have not been any major terrorist attacks in the continental
U.S. since 2001.The U.S. has been the geopolitical engine for the WOT so the political
motivation for the rapid expansion of global engagement in 2001-2003 are eroding. Over
the last years the political and popular resistance against a maintained offensive and broad
foreign engagement in the pursuit of WOT has gained momentum. The opposition of
continued large-scale operations exists in both political ends of the spectrum. The U.S.
popular support for continuing fighting a war in Afghanistan is losing ground to other more
pressing issues – unemployment, federal debt, and a lingering economy – in the public
mind. This forms a drastic shift in the perception of how valuable foreign military
engagements are for the interests of the United States. The change of popular sentiment to
foreign engagements is visualized by a poll where 55 % of the adult American population
wants to disengage from Europe as a part of NATO4 and 59 % wants the troops to return
from Afghanistan.5 This is a radical change from a few years ago. Policymakers start to
6
realize that there is limited, if any, return on investment fighting counter-insurgency land
wars or occupying foreign countries after an expensive land war to suppress and limit
terrorist activity.6 The U.S. even considers a quicker withdrawal from Afghanistan than
previously planned. 7 The terrorists are still active, even if the terrorist groups are
decimated, and the terrorist organizations can within a few years regroup and reorganize in
their regions of permanent presence. Core questions are if groups in Afghanistan in the
future will be an instigator for terrorism or if the future terrorism will originate within the
target regions themselves. The future of Afghanistan after the withdrawal of the
international forces is uncertain and once the U.S. has withdrawn from Afghanistan, it is
unlikely that larger WOT operations would occur in the region.
The result will be limited interception of terrorist activities abroad and increased
reliance on “friendly” nations as proxies for WOT by supporting them in their effort to
combat domestic terrorist activity. Several of these “friendly” nations are plagued by
inefficient government, corruption, tribal cleavage, and limited reach of the security forces
in their societies, which can radically undermine the effort to use regional proxies. This
aggregated development could lead to a stronger operational opportunity especially for
Islamic terrorists when their traditional staging areas are less targeted by the U.S. and its
allies. The WOT focused early on intercepting fund raising and the upper part of the
hierarchy of resource gathering for terrorists. The terrorists adapted and utilized other ways
of raising funds like drug trafficking and illicit activities.8 9This change of modus operandi
and the increased reliance on drugs as terrorist funding could escalate terrorist activity after
a withdrawal from Afghanistan of U.S. forces due to the abundance of opiates available in
the region.
7
Underlying Military Doctrines
Military engagements are driven by politically defined doctrines and the outlook of the
executive leadership and the legislature, which translates to operations and coalitions to
reach these goals. WOT is to a high degree a product of the most recent U.S. doctrine – the
pre-emptive war. States execute strategies that are derived from doctrine. Two military
doctrines have been visible in the post-Vietnam war U.S. national security: first the
Weinberger doctrine of 1984 that said he U.S. should only fight wars with a certain
outcome, a short duration, and enjoyed popular support and when vital U.S. interests were
at stake, clearly visible in the first Iraq war and the liberation of Kuwait. The second is the
pre-emptive war doctrine and actively using military power overseas to reach political
goals, with George Schultz as a proponent in the 1980s against the Weinberger doctrine. A
pre-emptive war doctrine brings the war to the enemy in an early stage. The pre-emptive
war doctrine became the George W. Bush outlook. Schultz was also an advisor to George
W. Bush in the early 2000s. In Afghanistan and Iraq, 4,000 Al-Qaeda fighters cost $120
billion a year to fight – a cost of $30 million per individual adversary.10 The fiscal reality
forces doctrinal correction. The political reality will pave the way for defense reductions. A
hegemony that retracts can also have a destabilizing effect on the international system.11
The final balancing of the federal budget will determine the level of overseas commitments
the United States are ready to engage in to continue conducting WOT.
Separating Deterrence and Suppression
The use of land war to fight counterinsurgency operations, as in Afghanistan, is no
deterrent for the terrorist organization but it slows down al Qaeda and associated groups’
ability to operate in foreign countries. The terrorist activities have been suppressed by
8
attacking their permanent base areas and training grounds and blocks access to resources
needed for terrorist activity. The same factual effect is created by monitoring international
money transfers, bank accounts, and extremist’s fundraising events. Suppression creates
hurdles for extreme groups but they are still operating under adaptive ways to avoid being
intercepted.12 13
The Measurement of Success
Success in fighting terrorism is the absence of terrorist attacks and limiting the
possibility of future attacks. The WOT has currently been successful in protecting the
continental United States. The success for WOT operations in Afghanistan is determined by
the long-term residual effect. A concern is the flow of opium which has not stopped during
the war – but instead the export of illicit drugs has increased compared to during the
Taliban rule.14 The flow of heroin from Afghanistan raises long-range concerns for
increased abilities of terrorist organizations to fund their operations using heroin as a
currency. The importance of opiates as a commodity was shown in October 2011 when
U.S. federal agencies claimed they intercepted a covert assassination attempt on the Saudi
ambassador to the United States orchestrated by Iranian interests. According to U.S.
authorities the payment for the murder was planned to be made with opiates.15 The criminal
network, the drug cartel, accepted to be paid in opiates as a valid currency to provide and
procure support for a murder. As long as the South American and Mexican drug trading
organizations (DTO) can sell more heroin in the United States than they can produce, there
will be a deficit that can be filled by heroin from Central Asia. The Islamist terrorist
organizations in Afghanistan and Pakistan have access to vast quantities of heroin and
opiates produced in the region. This combination creates a risk for U.S. homeland security.
9
3. Terrorist Deterrence
Semi-rational and interested in survival
The repeated demagogy through the global WOT, in its different shapes depending
on country and politicians, is the notion that terrorists can be deterred. Deterrence requires
that the actors are semi-rational and have a mutual interest in survival. This basic sine
qua non needs to be fulfilled. If one actor acts irrationally and the other acts rationally,
deterrence fails and the equilibrium is broken. The same broken equilibrium occurs when
one or none of the actors has an interest in survival. Deterrence does not change behavior in
an actor who does not care about the consequences.
Terrorists are not rational actors.16 Therefore they cannot be deterred using
traditional deterrence theory targeting the terrorists themselves. As an analogy, a moral
argument only works on an individual that shares the same value system. If the person
targeted with the moral argument does not share the same value system, the person will find
the moral argument either immoral or spurious. The moral argument will not trigger change
in behavior. Those who want to deter terrorists face an identical problem. Terrorist
organizations can be deterred if they are state sponsored as Hezbollah but these threats are
unique to the Middle Eastern environment.17 The Israeli deterrence executed especially
towards Hezbollah is not deterrence of the terrorist organization per se, as they are only a
proxy, but the deterrence is direct from the targeted state towards the sponsoring state or
number of states.18 Western democracies are not targeted by state sponsored terrorism in
the same way as Israel.
10
WMD as Demarcation
As long as terrorists do not possess weapons of mass destruction (WMD), terrorists
can be politically downplayed and treated as a criminal activity, gang violence or drug
trafficking organizations. The terrorists lose their part of the spotlight. The terrorist activity
becomes a law enforcement issue and is processed through the judiciary system together
with rapists, murderers, and violent criminals. The treatment of terrorists as regular
criminals undermines their imagined legitimacy and projected cause. Government has to
claim the story to tell.19 Terrorism without WMD is a threat to citizens but not the nation
state. Once terrorists have WMD we enter a new realm, as noted by Robert Kehler:
“Operations against a regional adversary either having or presumed to have nuclear
weapons would present problems that have never been directly faced and are not yet fully
understood.”20 Even if terrorists acquired WMD it would not mean the end of the world and
the apocalypse21 but it would have drastic implications on our society and individual
security.22 Deterrence against WMD-holding terrorists has been discussed in the literature
but it directs the deterrence towards a supporting state sponsor which has provided the
WMD to a proxy.23
Terrorists cannot potentially jeopardize the stability and integrity of major nation
without WMD. Even with WMD it is questionable that terrorists are able to threaten the
survival of any stable and constitutionally functional country without violent cleavages.
The economic impact could be more destabilizing when the global financial markets would
react with extreme volatility. So even in several of the darkest scenarios of terrorists using
chemical agents or nuclear arms, a functional democratic state would be able to absorb the
damage.
11
National security and individual security
It can be questioned if terrorists are a national security threat for a major
industrialized nation as terrorists are unable to overthrow the government, occupy territory,
and establish a new regime. Terrorists are a threat to the individuals’ security and can create
loss of human lives, destruction, and mayhem. The severest damage that can occur is not
the terrorist attacks but the national self-inflicted damage by the target country. National
security damage can be self-inflicted in two ways. First, the nation overreacts and spends
itself into financial instability in its pursuit to crack down on terrorist activity. Second, the
financial market overreacts to terrorist activity and generates financial instability. In both
examples there is a non-proportional reaction to the event but the state will stabilize after
the extra-ordinary period.
The distortion of seeing terrorism as a high-level threat is the policy outcome where
solutions are at the traditional national security level moves - invasion, occupation,
bombardment, war, and tit-for-tat games by striking when struck. Long-term it is not a
sustainable model because it builds the terrorists’ case by indirectly creating leverage,
presenting terrorists as a tangible risk to the state they target, and terrorism tends to be a
permanent fixture when equivalent retaliation prevails as strategy. Proportionality in
retaliation is an intellectually interesting proposal but ineffective as a deterrent.
If the nation is threatened, then the nation uses its traditional means of defense. The
terrorists have by moving their agenda from obscurity to the global headlines reached their
first checkpoint on their journey of self-defined success. Nations that treat terrorists as main
adversaries uplift terrorists to abilities that they never had or will have. That does not mean
that the nation should ignore or downplay the fact that terrorists’ intent is to kill innocent
12
civilians – but the approach is more relevant if terrorism is treated as organized crime
instead of a direct threat to national security.
When nation states choose the improper deterrence and engage in tit-for-tat games
using an irrelevant currency, failure is on the horizon. One example is the retaliation for the
attacks on the U.S. embassies in Africa in 1998:
“American cruise missiles struck without warning yesterday at paramilitary training
camps in Afghanistan and a Sudanese pharmaceutical plant that U.S. intelligence
identified as a chemical weapons facility. President Clinton described the synchronized
blows as retaliation for the twin bombings this month of U.S. embassies in Africa and
an effort to pre-empt further terrorist attacks.
"Today, we have struck back," Clinton said in a surprise announcement at the
Massachusetts island resort of Martha's Vineyard, where he cut short his vacation and
returned to Washington for a late afternoon conference with his national security team
in the White House situation room.
Clinton described the training complex in Khost, Afghanistan -- 94 miles southeast of
Kabul and just inside the border with Pakistan -- as "one of the most active terrorist
bases in the world." He said it was "operated by groups affiliated with Osama bin
Laden," a Saudi expatriate whose public declarations and shadowy history have placed
him at the centre of suspicion since the Aug. 7 destruction of U.S. embassies in Kenya
and Tanzania.
Yesterday's use of military force was distinguished not only by its scale, among the
largest of the Clinton presidency, but by the nature of its target: a stateless
confederation of terrorist groups, without strict hierarchy, government or territory. A
high-ranking intelligence official said of bin Laden: "He's a transnational actor in and
of himself."24
In retrospect it is clear that the retaliation for the terrorist attacks on August, 7,
1998, did not pre-empt or deter Osama bin Laden nor did it deter the Taliban to further
13
house terrorists. The retaliation would maybe have created deterrence for a rational state
actor, that had a shared interest for survival, but al Qaeda was driven by a different
ideology and agenda. Just because a nation has military might does not automatically mean
that the military solution is optimal.
In a free society, freedom of expression and reporting is pivotal as a democratic
safe-guard and is fundamental to the Western democracy. Terrorists exploit the fact that the
Western societies allow free press. In today’s 24-hour media environment, the terrorists
will have the attention of a large audience on TV and the Internet. Government cannot
remove within the democratic framework the media attention terrorists get, but government
can to a degree control the context in which the activity is presented. If terrorist activity is
seen as organized crime with the purpose of driving a political cause through violence,
crime, and drug trafficking, terrorism loses ground as a national threat.
Imperfect Information and Lack of Interface
There are several obstacles for deterrence targeting the terrorists themselves. To
theoretically be able to deter terrorist organizations, without considering their ideological
motivation that nullifies deterrence, it would require that the deterring party has insights
and understanding of the operations and daily agenda setting within these organizations.
The terrorist leadership would have to be known, as well as their internal processes, and the
way they operate on a daily basis. The cultural differences, the different layers of secrecy,
imperfect information, inability to verify who is who in a terrorist organization, and the fact
that many actors within these organizations are not identified removes the prospect of long-
range deterrence of the terrorist organization itself even if it is theoretically possible.25
14
Another factor is the lack of interface with the terrorist organizations because they
are not structured in a hierarchical order. In the Cold War, the U.S. could send signaling
messages of intent, extent of ability, the will, and doctrine to the Soviet executive leader
and his politburo which was the policy making central committee of the Communist Party
of the Soviet Union.26 The Soviets on the other hand had an interface with the U.S.
President, the national security community, and Congress. Messages and communication
could be verified and validated by a controlled level of “healthy” espionage conducted by
CIA and KGB. In the United Nations, the U.S. envoy could walk down the hallway for an
informal meeting with the Soviet envoy. In case all that failed, a clearly marked red
telephone was installed in both leaders’ offices which did not receive any other calls that
would block the line. There existed during the Cold War an interface that could transmit
and receive messages between the parties.
Strategic deterrence needs a counterpart and an interface. In counterterrorism, a
deterring party lacks both an identifiable target organization for deterrence to which
deterrence can be tailored and there is an absence of interface. The level of imperfect
information nullifies the ability to fully comprehend the actions of the terrorist
organization, their leadership, agenda setting, and internal power structure. If there is no
hierarchy, then coordination is intermittent and dependent on interaction between leaders
that consider themselves as equals within the terrorist organization.
Instead of trying to deter at the strategic level, deterrence has to be focused on
creating individual deterrence. Once deterrence shifts it is important to identify who is
receptive to deterrence and who is likely not to be receptive. By deterring at the individual
level primarily instead of the strategic level, terrorist activity is given less attention as a
“national threat”.
15
4. Deter at First Logical Level
Terrorists need resources, contacts, and information to be able to conduct terrorist
acts. Every acquisition of resources and request for material requires a human interaction
and on the other end there will individuals who have formed their own agenda
independently from the terrorists. The first logical level is where actors care about
repercussions, life, and personal liberty. This is likely not the terrorists themselves but
instead their criminal providers (figure 1). The supporters are not targeted by deterrence
strategy because of their limited impact on the actual risk level. A strategy that included
supporters would be broad and less targeted. During the duration of WOT, after the events
of 9/11 until today, massive federal resources in the United States have been used to
identify who are the financiers of terrorist networks. This work was primarily focused on
the upper echelon of supporters that aggregated and collected resources on behalf of
organizations based overseas.27 Ten years later, these supporters are no longer able to
gather resources as these activities are likely to be intercepted and detected leading to
prosecution. Instead, the terrorist groups in many cases have to self-finance their activity by
criminal and illicit activity which includes fraud, theft, identity theft28, and illicit drug
dealing. The absence of financiers and fund raising is evidence that targeting deterrence
towards individuals is effective.
The main providers of materials that can be used for high casualty terrorist attacks
are criminals. It is important to keep in mind that these resources are hard to obtain without
connections to criminal networks and these networks are not accessible without an
introduction. It is the criminal’s decision if he wants to sell or not and that is based on the
criminal’s self-interest.
16
Accumulated Hindrance
Terrorists need to connect and organize numerous pieces and people to be able to
commit terrorist acts. They need documents, access, safe houses, weapons, transportation,
explosives, detonators, and other support functions. These functions and resources create a
chain that is dependent on every link. The more complex operation, or if the terrorists are
not natives of the target country and society, the more numerous are the links. A chain is as
strong as its weakest link. The terrorists will also lack the social interface, the language, and
the contacts to be effective in the planning and organization if they are on foreign soil.
Even domestic terrorists, who are born and raised in the target country, will have
difficulties to acquire materials for projects that have a potential for high lethality and mass
casualty outcome because of the need of criminal connections. Even if the domestic
terrorists have been incarcerated it does not automatically give them the opportunity to
acquire military-grade explosives as most serve prison time in county jails with felons that
committed traditional crimes. Military-grade explosives are not for sale and connections to
illicit trade routes are necessary. The number of contacts needed to be able to find a willing
seller adds up the probability for failure, detection, and law enforcement interception.
Creating Uncertainty by Technical Superiority
The technical abilities of the nations that seek to detect terrorist activity and break
up the terrorist infrastructure are far superior to the criminal networks technical
understanding, especially as it is not shared among criminals except for basic understanding
of forensics. Any criminal selling illicit goods does an assessment what is the probability to
get caught, the effects of getting caught which is then put in relation to the opportunity.
Even if the perpetrator does not sit down and tabulate the pros and cons, there is a process
17
in the potential perpetrator’s mind to determine if the risk is worth it. Forensic technology
creates uncertainty and the actual extent of the forensic ability within law enforcement and
security agencies is unknown to the individual that is a target for deterrence. A relevant
analogy is the introduction of forensic DNA testing which radically changed the probability
for obtaining evidence and prosecute perpetrators. The federal DNA Initiative29 describes
on their website what the innovation of DNA forensics meant for criminal justice:
“DNA typing, since it was introduced in the mid-1980s, has revolutionized forensic
science and the ability of law enforcement to match perpetrators with crime scenes.
Thousands of cases have been closed and innocent suspects freed with guilty ones
punished because of the power of a silent biological witness at the crime scene.”
DNA changed the balance between unlikely detection of who committed specific
crimes to likely detection. Indirectly the new DNA forensic science invented in the
1980s not only solved cases but it also restrained and deterred potential perpetrators.
Today the forensic abilities have increased dramatically and many artifacts surrounding
perpetrators and potential terrorist are silent witnesses that can become evidence
against any attempt to organize terrorist attack.
5. Methods to Reach Deterrence
The criminal supporting networks consist of individuals that have an interest in
maintaining their freedom and survival. These actors in criminal networks also have a
rational or at least semi-rational behavior. These criminals conduct their business in trading
drugs, weapons, stolen goods, counterfeit, human trafficking, extortion, gambling, and
other illicit goods or activities because for the actors it is a “quick” way to make money
with limited risks.
18
Criminological literature has shown that very few criminals consider the factual
consequences after they get caught as a deterrent but are focused on the notion that they
will not get arrested.30 These surveys are based on traditional criminal behavior like
burglars and thieves. Criminal sellers have the same behavior but the difference with
burglars and thieves is the level of premeditated action where criminal sellers are less
spontaneous to the opportunity and instead more planners of their activities. This difference
would support deterrence. Forensics is used to deter by conveying to potential illicit sellers
that it is unlikely that whatever business they engage in with terrorists, or their affiliates,
will go undetected from the authorities.
Cyber Forensics
Cyber forensics is a newly established science that started with the mass
introduction of computers in the 1980s and has grown in importance. The field covers
several angles for the digital paths individuals create by their usage on the Internet,
computers, and electronic devices. 31 The developments in the field the last ten years have
been accelerating, driven by not only WOT but also financial, compliance, and police
investigations. Digital devices, from embedded software in everyday life to digital
communication, capture information and are silent witnesses to the activities conducted by
the user. Cyber forensics makes it harder for the seller to fully understand what traces are
left in the interaction with the buyer and what digital evidence the buyer created in the
staging of the purchase and after the purchase.
Governments are now actively mass-storing digital data from the Internet and other
venues. Unprecedented ability to collect data is inviting but terabytes of data will not
provide accurate information unless this data collection is matched by equal resources in
19
interpretation and analysis. The amount of data is increasing but the question is if the ability
to analyze is following at the same pace. Data mining will only have a deterring effect if
the data stored are available to analysis and there are tools able to congest the data volume.
Chips, computers, and data recording devices embedded in products in combination
with data collected by GPS and cell phone traffic create a new realm of cyber forensics.
One example is the EDR (Event Data Recorder) in new cars which incrementally creates a
“black box” in the car that over time will collect even broader data.32 For a perpetrator who
decades ago could intimidate persons surrounding the event to not cooperate with law
enforcement, the control is lost. Digital devices collect data and become the prosecutors’
star witnesses. This uncertainty, especially as it is beyond a person to fully comprehend
how and where data is collected, and as it is collected at a remove secure location in many
cases, the perpetrator cannot after the event erase or manipulate the collected information.
The massive amount of data collected by a myriad of services and devices make it
impossible for a perpetrator to avoid leaving a digital trail.
Traditional Forensics
Traditional forensics has developed dramatically in ability, precision, and technique
the last thirty years. The message from law enforcement, homeland security assets, federal
agencies, and the people is straight forward – if you sell and provide for terrorists we will
hold you accountable. It is important that law enforcement and the spokespersons for the
homeland security agencies clearly show the abilities. As an example, the commercial TV
shows, “CSI-Miami” and “CSI-NY”, project the ability that it is just a matter of time before
the forensic experts are able to connect the dots. The notion in the public mind that forensic
experts are the wizards of our age supports the deterring effect.
20
Human Intelligence
Human intelligence, the use of informants, increases the uncertainty who a terrorist
is dealing with and if the person is an informant or not. If criminal networks are deterred to
deliver necessary material for a terrorist attack, the intended perpetrating terrorists are
forced to seek resources in wider circles and take the risk dealing with potential sellers that
they cannot verify through contacts or associates. Informants, who already serve a purpose
in law enforcement against DTO and organized crime, would be able to identify and trigger
interception of terrorists in the process of perpetrating terrorist acts.
6. Conclusions
Cyber forensics, traditional forensics, and human intelligence combined are an
effective deterrence for terrorism because together these methodologies deny access to
military grade explosives and other means of high lethality. Forensics are seen in a
prosecution supporting role and post event but forensics can also have a strong deterring
impact by making the providers less sure that they can sell illicit goods undetected. The
denial forces terrorists to try new venues and contact assumed criminal connections that
expose them to detection by either cyber investigations or human intelligence. The criminal
enterprise to sell illicit goods is driven by the perceived opportunity of manageable risks
and high profits. By changing the equilibrium and increasing the risks, the seller has to
dramatically increase the price of the commodities to offset the increased risk or restrain
from selling. If forensics can convey that it is almost certain that the seller will face
prosecution and repercussions, the price becomes extremely high which makes it unlikely
to be sold because self-funded terrorists does not have unlimited financial means. The seller
21
is indirectly selling ten – fifteen years, or more, of his life if arrest is assumed certain. In
reality, the seller would restrain from selling because the risk makes it uninviting.
If deterrence increases the likelihood for denial of sale from criminals to terrorists
then the terrorists have three options. First, to restrain from terrorist activity, then to
continue searching for a criminal organization that will sell these commodities and by
doing so likely to contact and interact with a law enforcement informant and intercepted,
and last, to try to manufacture the explosives themselves with crude technology and less
effective chemical ingredients. Even the last option becomes a point of detection because
excessive purchases of bomb making material can draw the attention of law enforcement.
If the terrorists are able to create homemade bombs, these bombs have some
embedded flaws as any product that is built by novice unskilled labor. These homemade
explosive is less stabile which nullifies the intended effect by detonating too early, and
often killing only the perpetrator33, never detonating and provideing a complete device that
can be investigated by forensics experts, or detonating too late with marginal effect, if any.
The probability for a failed attack has increased dramatically.
If terrorists only alternative is to produce their own homemade device, the chance
for their plans to succeed is drastically reduced. Several recent attempts at terrorist attacks
used homemade devices that failed. 34 Once the attempt has failed, the unattended explosive
device becomes a direct link to the perpetrator in the hands of forensic experts.35 A failed
bomb would provide finger prints, chemical leads, a track of where it was purchased, DNA
trace, and even if the perpetrator has been cautious it is likely that the parcel will be a trace
back to where it originated. After the Madrid bombing in March 2004, it only took one
fingerprint from a cell phone in an unexploded bomb to unwind the whole terrorist ring and
their suppliers.36 These successes establish deterrence to suppliers and the opportunity to
22
deter providers using forensics has increased with the increasing number of digital devices
and cyber forensics. If deterrence has denied terrorists access to military and commercial
grade of detonators and explosives, and firearms if applicable, by resetting the risk and
opportunity calculation for criminal networks and the illicit trade, then it reduces the risk
for terrorist attacks and if an attack happens, it minimizes the actual damage inflicted.
Retargeting deterrence from the terrorist groups to the first logical layer in the terrorists’
perimeter is likely a viable way to limit terrorists’ opportunity.
Figure 1. If the criminal suppliers are deterred and terrorists are denied materials needed to organize attacks, it is of less importance if the terrorists or their following are deterred. The effect will be the absence of terrorist attacks which is the overarching goal for the deterring party.
Acknowledgement: This material is based in part upon work supported by The Air Force Office of Scientific Research under Award No. FA-9550-09-1-0468. We thank Dr. Robert Herklotz for his support.
Terrorists
First rational layer ‐ criminal
networks
Supporters with limited
impact
23
1 John M Collins, Military Strategy (Dulles, VA: Brassey’s, 2002) see ch.7. 2 Lawrence Freedman, Deterrence (Malden, MA: Polity), see page 24. 3 John M Collins, “Principles of deterrence”, Air university review, November-December 1979. 4 Rasmussen Reports, ”55% Want U.S. Troops Out of Europe,”
http://www.rasmussenreports.com/public_content/politics/general_politics/october_2011/55_
want_u_s_troops_out_of_europe (accessed 8 November 2011). 5 Rasmussen Reports, ”59% Want Troops Home from Afghanistan,”
http://www.rasmussenreports.com/public_content/politics/current_events/afghanistan/59_want_troo
ps_home_from_afghanistan (accessed 9 November 2011). 6 James Wood Forsyth Jr, “The Past as Prologue Realist Thought and the Future of American
Security Policy,” Strategies Studies Quarterly 5, no.3 7 Wall Street Journal Online, U.S. Explores Faster Afghan Handover,
http://online.wsj.com/article/SB10001424052970204621904577014303354145714.html
(accessed 8 November 2011). 8 Paul Rexton Kan, Drugs and contemporary warfare (Dulles, VA: Potomac Books, 2009) 9 Washington Post Foreign Service, Al-Qaeda Masters Terrorism On the Cheap By Craig Whitlock,
(August 24 2008) http://www.washingtonpost.com/wp-
dyn/content/article/2008/08/23/AR2008082301962.html (accessed 7 November 2011). 10 Office of the Under Secretary for Defense, National defense budget estimates for FY 2012,
http://comptroller.defense.gov/defbudget/fy2012/FY12_Green_Book.pdf (accessed 7
November 2011). 11 Robert O. Keohane, “The theory of hegemonic stability and changes in international economic
regimes, 1967-1977,” in Change in the international system, eds Ole R Holsti et al. (Boulder,
CO: Westview Press 1980) 12 Washington Post Foreign Service Sunday, Al-Qaeda Masters Terrorism On the Cheap. 13 Paul Rexton Kan, Drugs and contemporary warfare. 14 Paul Rexton Kan, Drugs and contemporary warfare. 15 MSNBC Online, “Sources: Would-be assassin linked elite Iran military unit to drug trade,”
http://openchannel.msnbc.msn.com/_news/2011/10/13/8308097-sources-would-be-assassin-
linked-elite-iran-military-unit-to-drug-trade (accessed 8 November 2011).
24
16 John M Collins, “Principles of deterrence” 17 Schmuel Bar, “Deterring terrorist – what have Israel learnt”, Policy Review, June-July 2008. 18 Daniel Whiteneck, “Deterring Terrorists: Thoughts on a Framework”, The Washington Quarterly,
Vol. 28:3 19 Mary Crannell and Ben Sheppard, “Preparing to Lead with a Compelling Narrative If You Don't
Frame the Narrative, Someone Else Will”, Strategy Studies Quarterly, Fall 2011. 20 C. Robert Kehler, “Nuclear-Armed Adversaries and the Joint Commander,” Naval War College
Review, Winter 1996. 21 Kenneth N Waltz. Nuclear myths and political realities. American Political Science Review 84,
Vol. 3. 22 Daniel Byman, “Al qaeda as an adversary”, World Politics 56, Vol.1. 23 Daniel Whiteneck, “Deterring Terrorists: Thoughts on a Framework”. 24 Washington Post, “U.S. Strikes Terrorist-Linked Sites In Afghanistan, Factory in Sudan,”
(August 21, 1998) http://www.washingtonpost.com/wp-
srv/inatl/longterm/eafricabombing/stories/strikes082198.htm (accessed 8 November 2011). 25 Robert F Trager and Dessislava P. Zagorcheva, "Deterring Terrorism: It Can Be Done."
International Security 30, no. 3. 26 Robert H Reed, “On Deterrence”, Air university review, May-June 1975. 27 University of Texas at Dallas, Technical Reports Erik Jonsson School of Engineering and
Computer Science, UTDCS-25-10 Selected Topics in Terrorism Studies, “Volume 2: Al
Qaeda Terrorist Financing and Technologies to Track the Finance Network”. 28 Shift4, commercial information, http://www.shift4.com/pdf/s4-wp0806_terrorism-and-credit-
card-information-theft.pdf (accessed 7 November 2011). 29 The DNA Project. http://www.dna.gov/basics/analysishistory (accessed 7 November 2011). 30 Bradley R. E. Wright, Avshalom Caspi, Terrie E. Moffitt and Ray Paternoster,
“Does the Perceived Risk of Punishment Deter Criminally Prone Individuals? Rational Choice,
Self-Control, and Crime”, Crime and Delinquency 41:180. 31 Ashley Brinson, Abigail Robinson, and Marcus Rogers, “A cyber forensics ontology: Creating a
new approach”, to studying cyber forensics http://dfrws.org/2006/proceedings/5-Brinson.pdf
(accessed 7 November 2011). 32 MSBNC, “Digital evidence becoming central in criminal cases”,
http://openchannel.msnbc.msn.com/_news/2011/11/11/8743687-digital-evidence-becoming-central-in-criminal-cases (accessed 19 November 2011).
25
33 New York Times, “Police Say Early Detonation of Bomb Averted Disaster in Sweden”,
http://www.nytimes.com/2010/12/15/world/europe/15sweden.html?ref=taimourabdaly
(accessed 7 November 2011). 34 New York Times, “Arrest Made in Times Square Bomb Case”
http://www.nytimes.com/2010/05/04/nyregion/04bomb.html (accessed 7 November 2011). 35 New York Times, “Unexploded Car Bomb Left Trove of Evidence. New York Times. May 3,
2010,” http://www.nytimes.com/2010/05/04/nyregion/04evidence.html?ref=nyregion
(accessed 8 November 2011). 36 James E. Girard, Criminalistics: Forensic Science, Crime, and Terrorism (Burlington, MA: Jones
& Bartlett Publishers)
