Saturday, September 19, 2020

Force Preservation in the Online Social Domain – A Digital Camouflage

In this age of digital socialization, the digital realm increasingly becomes a significant dimension of the contemporary battle space. Much has been said and done about cyber threats; however, very limited attention is paid to the challenges arising from the malicious use of openly available digital information related to military organizations.

Today, adversaries do not require significant resources or advanced cyber capabilities to pose a threat. Social media and connected technologies are easily accessible, providing information and infrastructure that can be exploited by anyone with access to an internet-enabled computer.

Social media is a mix of human psychology—specifically social behavior—and the Internet of Things. While this assessment is largely accurate, it's essential to note that the human element accounts for approximately 70% of this dynamic, while the network comprises the remaining 30%. The personal internet was available even in the early 1990s, but it was the synthesis of the human urge to communicate—with a person (a face) rather than an IP address—that spurred the explosive growth of social media platforms. The arrival of the smartphone, a handheld connected computer, further placed the world in our palms. While this convergence brings numerous benefits, it also raises concerns. As devices—from phones to watches—become computers, they simultaneously transform into potential surveillance tools.

The survival of any military force is a primary concern in strategic planning and decision-making. This consideration extends well beyond military operations and involves issues such as public support and political cohesion. It is evident daily how the nation's military protects its members. Recently, the media highlighted steps taken by the Army to safeguard soldiers against the coronavirus, in addition to measures implemented by the government. We have also seen security efforts surrounding various bases and ports, which are vital military functions. Similar to physical security, digital security is another aspect that keeps military planners vigilant.

We have heard about measures such as app bans, smartphone bans, and wearable device bans mentioned in various reports concerning the military. While these measures can be effective, there is no silver bullet solution. With such pervasive technology, apps like Facebook and devices like smartphones and smartwatches have become integral to our daily lives. Their functionality has become a necessity, especially with e-banking, e-commerce, and crucial contact tracing platforms. Therefore, a completely non-implementable digital isolation as a protective measure offers limited value.

Separating mobile phones from defense personnel in official areas or during exercises and operations may be critical for operational security; however, it does not address the complex threats in the digital domain. An individual’s digital footprint is established over time, and the accumulated data points are collected through years of internet activity. These data points are processed through machine learning and artificial intelligence-based computational processes, creating an online profile. Leaving a smartphone outside a particular office five days a week simply indicates that an individual works inside that office. Subroutines transmitting location data from devices are embedded in basic map applications, and one does not need covert surveillance infrastructure to access this information. Similar conclusions can be drawn from the analysis of any other interfaced app. Services like Flightradar24 provide information on Air Force C-17 flights, while geotagged selfies can reveal even isolated border locations. It does not matter whether the photo is shared on Facebook, WhatsApp, or emailed; the location metadata is embedded within the image and is independent of the app used.

While the military may isolate individuals, open, crowd-sourced information has become a simpler method for obtaining critical inputs. Recently, a Twitter handle posted an old photograph featuring officers from an elite unit. Although many individuals in the image may have retired, comments on the tweet from people eager to engage in discussion or seek recognition revealed the identities of several individuals in the photograph. Cases of people identifying areas and commenting on their military significance are common and cannot simply be ignored. Information about military capabilities, such as personnel and equipment numbers, can even be gathered from civilian and commercial sensors, including footage captured by publicly available or misconfigured traffic and CCTV cameras. It is not one event that poses a security risk; rather, it is the long-term information matrix that can be woven from such data points that raises concerns.

Defeating an adversary, by whatever mechanism, is a cognitive outcome. It is the accumulated stresses of combat and perceptions of the situation that lead to fear, flight, and other psychological responses.

Active, adaptive digital camouflage may be a viable option in modern military operations.

Camouflage is often confused with concealment. To camouflage means to blend in with the surroundings, making one undetectable to an observer, while concealment is simply protecting something from view. Digital camouflage aims to integrate military digital information with various types of 'noise data,' thereby preventing the enemy from honing in on specific information and interpreting it as intelligence. For this strategy to be effective, it must be both pre-emptive and adaptive.

Implementing pre-emptive measures that establish systemic resilience against the malicious use of digital information is crucial. Raising awareness about the adversarial risks associated with the social media information environment is an essential first step, but this general awareness should be complemented by specific educational initiatives, internal communication strategies, and evolving regulations. Militaries are likely to favor these countermeasures as they rely on fundamental deception tactics. 

Effective measures should protect critical information in several ways: by minimizing predictable online behavior patterns and by camouflaging indicators that cannot be avoided, pairing them with meaningless changes that provide alternative interpretations. Once military commanders incorporate these elements into their mission plans, technical specialists can take on the responsibility of implementing them.

Extracting information from the open internet, especially given the abundance of social media posts, presents an opportunity where a small investment can yield significant returns. To counter an adversary effectively, keeping them occupied within the OODA (Observe, Orient, Decide, Act) loop is essential. A strategically planned denial of opportunities should be integrated into the operational philosophy; this approach represents a significant advancement on the horizon. Camouflage serves a functional role in concealment, but it should not be seen as a substitute for offensive capabilities. Preserving forces in the digital realm must be a core part of our strategic communication plan.


No comments:

Post a Comment

Different take on Kashmir

     A very broad understanding of Relativity is that Point of View depends on Point of Viewing. It is more complicated than that, but it do...