519. Active Defense: Shaping the Threat Environment

[Editor’s Note:   In his insightful Sub-threshold Maneuver and the Flanking of U.S. National Security, Dr. Russell Glenn observed that China and Russia:

“... are choosing to sidestep U.S. conventional dominance…. seek[ing] to compete in fields cheaper to cultivate and maintain — cyber, information, and artificial intelligence among them — buying time in addition to taking advantage of whatever economies this indirect approach provides.

Per Ian Sullivan‘s seminal China and Russia: Achieving Decision Dominance and Information Advantage:

China’s “Three Warfares operates along three interrelated lines of effort: Media Warfare; Psychological Warfare; and Legal Warfare (sometimes called ‘lawfare’). Taken together, these provide the PLA with a capability to control perceptions and shape the narrative, while undermining those of an opponent. This likely is designed for use in competition, but becomes essential in crisis as they work to set conditions for a transition to conflict in their favor. It also may provide them with a way to maintain a narrative edge in conflict and perhaps even allow for off-ramps in China’s favor.

Russia‘s “Information Confrontation is designed to create confusion and sow doubt in the existence of truth, complicating an adversary’s decision-making and undermining their will to fight.  If done correctly, Information Confrontation keeps the Kremlin at a threshold below armed conflict, allowing it to ‘win without fighting.’  Information Confrontation offers a two-pronged pathway to secure a form of Decision Dominance over its adversaries.  The first is information technical operations, designed to target, disrupt, exploit, manipulate, or destroy an adversary’s C4ISR and other systems a society needs to function.  This involves a combination of cyber operations, space and counter-space efforts, and electronic warfare at all echelons.  The second is information psychological operations, designed to exploit and exacerbate pre-existing societal divisions, and affect the cognitive realm and emotions of targeted audiences and individuals.

Our new TRADOC Pamphlet 525-92, The Operational Environment 2024-2034: Large-Scale Combat Operations states:

The ability of adversaries to rapidly influence the information and human dimensions will challenge the Army’s ability to achieve information advantage in LSCO.

Today’s incisive post by proclaimed Mad Scientist Vincent H. O’Neil provides us with a useful prescription to effectively counter our adversaries’ hybrid operations — Active Defense — “a proactive security program that pairs comprehensive intelligence collection with operations designed to degrade a hostile party’s offensive capabilities.”  Read on to learn how the Army, Joint Force, and Intelligence Community can seize the “high ground” and neutralize our adversaries’ nefarious endeavors!]

In this era of increasing state-on-state violence and decreasing reaction times, passive defense postures may no longer be tenable.  Defense strategists now need a more active approach that provides early warning and discourages attacks.   This approach is called active defense.

Active defense is a proactive security program that pairs comprehensive intelligence collection with operations designed to degrade a hostile party’s offensive capabilities.

While this article discusses active defense in terms of a nation managing its security, it can apply to any group of people facing an imminent threat of organized violence.  Active defense is especially useful for entities that aren’t strong enough to defeat armed aggression.

Intelligence Collection

For this discussion, intelligence is defined as raw information that has been analyzed for insights and usefulness.  Active defense requires a comprehensive understanding of the hostile party and the environment in which it operates.  That includes, but is not limited to, societal characteristics, political systems, economic conditions, offensive capabilities, and technological development.  An effort as widespread as this will rely on numerous sources of information and multiple collection efforts.

The intelligence environment is constantly changing, so the methods for gathering information must continuously evolve.  Studying entities outside the intelligence community that also gather and analyze information can help enhance existing procedures.  Here are some possible sources of inspiration:

      • International law enforcement:  These agencies leverage both electronic and human sources across the globe to surveil and infiltrate criminal organizations, an approach that fits active defense.
      • Corporate security forces:  The full-spectrum, never-ending nature of this work is similar to a nation seeking to defend itself from external aggressors.
      • Private investigators:  Their ability to recruit knowledgeable people willing to divulge derogatory information has similar application in active defense intelligence collection.

Establish the information’s accuracy

Verification of intelligence is crucial, and it can come from a portion of the collection effort different from the part that generated the lead.  To properly vet new information, an intelligence collection effort must be put in place long before a threat gets in motion.  Establishing sources during periods of peace also provides time to determine which ones are reliable and drop those which are not.

Additionally, a robust verification network can provide feedback on the effectiveness of active defense operations launched to thwart an opponent’s aggressive planning.

Keep the footprint small

Active defense works best when the opponent is unaware of it, so secrecy is key.  When undercover operatives are deployed inside an adversary’s borders, their numbers should be kept to a minimum.  This is especially true when it is physically, linguistically, or culturally difficult for those agents to present themselves as residents of the opponent nation.  When possible, use local resources who speak the language, understand the culture, and know its politics.

Practitioners of active defense should leverage existing entities that are already a problem for a belligerent regime.  Creating opposition groups in the adversary’s territory is difficult, and can be traced back to its sponsors.  Shaping the conflict environment naturally, by exploiting organic entities and ongoing frictions, can help keep an active defense program hidden.

These existing groups do not necessarily have to know they are being used in this fashion.

Develop a wide range of human sources

Active defense uses the full spectrum of intelligence collection, from satellite imagery to paid informants.  When practitioners lack high-tech capabilities, they may have to rely more heavily on human sources.  These contacts can be found or created using techniques both new and old.  For example, covert operatives can recruit members of an opponent’s government as informants or trick them into divulging secrets.  Disgruntled employees and disenchanted supporters are exploitable weak spots in otherwise sound security systems.

No matter how tight a hostile party’s security might be, there are always people who know things they shouldn’t.  Managers of a regime’s communications systems, maintenance and janitorial workers in government buildings, and even the family members of an opponent’s leadership can detect signs that a big operation is imminent.  Active defense practitioners need to use imagination to locate and exploit such people.

Paid informants are a prime source of early warning, even when they have no direct link to the adversary regime.  Some everyday citizens know the difference between routine military maneuvers and preparations for an attack.  While a single individual sending a warning may not be actionable, developing a network of human sources can help confirm or disqualify that alert.

Operations based on intelligence efforts

The two pieces of active defense, intelligence collection and operations based on that effort, are in constant development and continuous consultation.  As opponent weaknesses are discovered, ways to exploit them should start to manifest themselves.  Here are some examples:

Promote factions:  Very few regimes or organizations are uniform in their views.  Even groups who espouse the same ideology will have differences of opinion.  When those dissenting views are ignored, it can lead to resentment and factionalism.  Leveraging that division can reduce an opponent’s ability to strike.  Factions are also prime sources of intelligence because of their intimate knowledge of a regime and motivation to share information harmful to it.

Encouraging factional disputes can be passive or active.  For example, an extreme dissident group might be open to an offer of monetary or technical assistance, while a more moderate faction may require a less direct approach.  In both cases, it is important to conceal the presence of an active defense campaign.  Here are some potential scenarios:

      • If the news media operates freely inside the opponent nation, encourage it to praise the dissidents or incite them to greater effort.  If social media is available, use it to raise awareness of the faction and broadcast its argument.  In places where news and the Internet are restricted, learn how opinions are covertly expressed.  Identify the channels of dissenting opinion that have gained the public’s attention in the past, and utilize them.
      • If a faction is openly publicizing its views, boost that signal.  If they aren’t speaking out, do it for them.  Use all available means of communication, from the Internet to word of mouth, to let people know there is an alternative to the regime or its policies.
      • Promote factions externally through diplomacy.  Raise their status by insisting that dissenting parties are named and included in negotiations.  Refer to them as serious players in public statements, and convince other nations to show them respect.

Be careful not to promote a dissident group that is more extreme than the current regime.  With that said, encouraging factions can distract an opponent’s leadership and even open the way for a more peaceful government.

Encourage rivalries:  This potential weakness exists on at least two levels:  1) inside the hostile regime where leaders may be feuding, and 2) outside the opponent nation where competitors oppose its aims.

      • For internal rivalries, consider relative position.  If one of the competitors outranks the other, the subordinate may be jealous while the senior feels insecure.  Use news reports, official statements, intentionally leaked intelligence estimates, and rumors to praise one competitor and prod the other into greater activity.
      • For threats from a completely different entity, aggravate the major points of contention.  If the conflict is existential, both parties will have to dedicate time and resources to defending themselves.  Provide the rival with key intelligence, improved technology, or material support to force an adversary to reorient its focus on that danger.

Disrupt logistics:  Even when a hostile party appears to be self-sustaining, there is always something they get from somewhere else.  It may be a service, such as processing a resource they can’t refine.  It may be technological, in the form of products or expertise from a third party.  Close examination of supply chains can point out key flaws such as a single source for crucial items, funding for a large part of the budget, or a fragile chain of handlers passing vital materials.

      • Leverage the law.  If any of a hostile party’s suppliers or supporters are breaking any law in any way, collect evidence and report them.  Get international bodies involved, to confuse the adversary about who is disrupting the supply lines and raise a public outcry against their misdeeds.  Threaten their access to the electronic money transfer system to complicate payments and convince legitimate suppliers to stop supporting them.
      • Make simple things hurt.  When supply lines can’t be severed, rendering them less accessible or more expensive still harms the recipient.  An active defense program includes numerous campaigns operating on different lines, so forcing an adversary to wait longer and pay more for needed assistance can complement other efforts.
      • Increase doubts.  If a hostile party’s supply chain is open to physical interference, add substandard items to that flow.  The receipt of dud ammunition, faulty electronics, or half-empty crates may generate accusations and denials.  If these disputes create enough mutual distrust, it may end the entire relationship.

Shape perceptions:  A hostile regime or organization that actively promotes a narrative about itself may live in fear of the truth.  Spotlighting contradictions between the image and the reality can give voice to alternative movements or leadership.

      • Combat lies with facts.  A belligerent regime will often run a propaganda campaign to make itself look better and blame the conflict on its intended victim.  The ongoing collection of intelligence in active defense should provide evidence to the contrary.  Publicize derogatory information about the opponent, along with proof, to help show the propaganda is not true.
      • Sway public opinion among the adversary’s constituents.  If the regime forces its people to live in austerity while funding military needs, popular disapproval should already exist.  The intelligence assessment of the society inside the hostile party’s borders should indicate which means (social media, word of mouth, or some other method) can be used to fan this discontent.  Base this approach in the truth, but don’t forget there is a role for satire as well.  Regimes that rule by fear are greatly threatened by public ridicule.

Some regimes base their legitimacy on the promised defeat of another entity.  Disrupting their attack plans and snarling their logistics can cause postponement after postponement.  In the face of such prolonged inaction, the regime may find itself endangered by demands for a change in policy.  While such a development is a goal of active defense, it is important to remember that an opponent facing internal dissent may launch an attack just to stay in power.  Never assume a hostile party is a rational actor.

Take charge of the threat environment

Active defense shapes the environment in which a nation’s protectors operate.  By seizing the initiative, it prevents opponents from preparing at their leisure and attacking when they choose.  While it cannot take the place of an armed force trained and ready to oppose aggression, it can greatly assist that security effort.

Because an active defense program is based on the specific circumstances of a given conflict, there are few rules about its employment.  However, practitioners should keep the following suggestions in mind:

      • Create a self-verifying intelligence effort long before potential hostilities.
      • Seek inspiration from actors outside traditional defense organizations.
      • Look beyond obvious sources of information.
      • Conceal the campaign by leveraging local entities and frictions.
      • Evolve new techniques to stay ahead of the changing environment.

A successful active defense program can create real security and possibly lead to peace.  By creating a detailed intelligence picture of the opponent and the factors that influence it, active defense provides crucial information and insights on an adversary.  By degrading an aggressor’s ability to attack, it alters the operational landscape.  By promoting dissenting voices, it offers an alternative to a hostile regime.

If you enjoyed this post:

Check out Vincent H. O’Neil‘s previous blog post —  The Information Disruption Industry and the Operational Environment of the Future — and his associated video presentation from 20 May 2020, part of the Mad Scientist Weaponized Information Series of Virtual Events.

Read TRADOC Pamphlet 525-92, The Operational Environment 2024-2034: Large-Scale Combat Operations

Explore the TRADOC G-2‘s Operational Environment Enterprise web page, brimming with information on the OE and how our adversaries fight, including:

Our China Landing Zone, full of information regarding our pacing challenge, including ATP 7-100.3, Chinese Tactics, BiteSize China weekly topics, People’s Liberation Army Ground Forces Quick Reference Guide, and our thirty-plus snapshots captured to date addressing what China is learning about the Operational Environment from Russia’s war against Ukraine (note that a DoD Common Access Card [CAC] is required to access this last link).

Our Russia Landing Zone, including the BiteSize Russia weekly topics. If you have a CAC, you’ll be especially interested in reviewing our weekly RUS-UKR Conflict Running Estimates and associated Narratives, capturing what we learned about the contemporary Russian way of war in Ukraine over the past two years and the ramifications for U.S. Army modernization across DOTMLPF-P.

Our Iran Landing Zone, including the latest Iran OE Watch articles, as well as the Iran Quick Reference Guide and the Iran Passive Defense Manual (both require a CAC to access).

Our Running Estimates SharePoint site (also requires a CAC to access), containing our monthly OE Running Estimates, associated Narratives, and the 2QFY24, 3QFY24, and 4QFY24 OE Assessment TRADOC Intelligence Posts (TIPs).

Review the following related Mad Scientist Laboratory content:

Gaming Information Dominance, by Kate Kilgore

China and Russia: Achieving Decision Dominance and Information Advantage by Ian Sullivan, along with the comprehensive paper from which it was excerpted

Information Advantage Contribution to Operational Success, by CW4 Charles Davis

Sub-threshold Maneuver and the Flanking of U.S. National Security and Is Ours a Nation at War? U.S. National Security in an Evolved — and Evolving — Operational Environment, by Dr. Russell Glenn

How to Win Strategic Competition Across the Competition Continuum, by Brig Gen Thomas A. Drohan, Ph.D. (USAF-Ret.), SGM Sohail Shaikh (USA-Ret.), and COL Randall P. Munch (USA-Ret.)

“Sixth Domain” – Private Sector Involvement in Future Conflicts and War, Inc: The Private Sector in Contemporary Conflict, by LTC Kristine M. Hinds, as well as Team Sullivan’s TravelsFuture Dynamics of Warfare: Everyone is a Player, Everything is a Target and their comprehensive Final Report.

In the Cognitive War – The Weapon is You! by  Dr. Zac Rogers,

Non-Kinetic WarGlobal Entanglement and Multi-Reality Warfare and associated podcast, with COL Stefan Banach (USA-Ret.)

What the Joint Force can learn from K-Pop “Stans” by Matthew Ader

LET’S TWEET, GRANDMA – Weaponizing the Social to Create Information Security, by CDR Sean M. Sullivan

Russia-Ukraine Conflict: Sign Post to the Future (Part 1), by Kate Kilgore

Weaponized Information: What We’ve Learned So Far…, Insights from the Mad Scientist Weaponized Information Series of Virtual Events, and all of this series’ associated content and videos 

About the Author:  Vincent H. O’Neil is an award-winning novelist in the mystery and science fiction genres. He holds a master’s degree in international relations from The Fletcher School and a bachelor’s degree from West Point. He is also a graduate of the Defense Language Institute’s Mandarin Chinese program and the U.S. Army Command & General Staff College. His website is www.vincenthoneil.com.

Disclaimer: The views expressed in this blog post do not necessarily reflect those of the U.S. Department of Defense, Department of the Army, Army Futures Command (AFC), or Training and Doctrine Command (TRADOC).

Share on Facebook Share on LinkedIn

Leave a Reply

Your email address will not be published. Required fields are marked *