From Hybrid Threat To Alternative War - Snowman Series 14
Britain faces a general election, with both of the main parties committed to exiting the European Union, despite already stark economic data painting a bleak future.
Neither party leader, current Prime Minister, Theresa May, nor Labour’s Jeremy Corbyn have anything to say, however, on the biggest issue facing the country since World War Two.
The United Kingdom, along with the European allies it is set to leave, is already in the middle of a conflict and, so far, it is losing.
The evidence gathered across this investigation will now be prepared and sent to the UK and EU parliaments, and the FBI.
“World War Three, contrary to focus on ballistic tests North Korea as a potential catalyst, has already begun.”
The concept of a “hybrid threat” was first introduced in NATO’s “Strategic Concept of 2010” and was then incorporated in the NATO “Capstone Concept”, defining hybrid threats as “those posed by adversaries, with the ability to simultaneously employ conventional and non-conventional means adaptively in pursuit of their objectives.”
Hybrid threat gained renewed traction in response to Russian actions in Ukraine and the Da’esh campaign in Iraq.
In Riga, in February 2015, EU Defence Ministers called for more unity and decisive action across the union and by May 2015 the European External Action Service had created a circular “Countering hybrid threats” encouraging states to recognise the risks and build a response.
An unchecked hybrid threat results in the situation we now face: a full-scale hybrid conflict. An alternative war.
A Hybrid conflict is defined as “a situation in which parties refrain from the overt use of armed forces against each other, relying instead on a combination of military intimidation (falling short of an attack), exploitation of economic and political vulnerabilities, and diplomatic or technological means to pursue their objectives.”
Most references to “hybrid war” are based around the idea of an “adversary who controls and employs a mix of tools to achieve their objectives,” and this brings with it a number of complexities.
There is no doubt whatsoever that we find ourselves in the middle of an alternative war by its very description.
“An unchecked hybrid threat results in the situation we now face: a full-scale hybrid conflict. An alternative war.”
As with all conflicts, attributing responsibility and intent is necessary, to ensure that state and allied policy responses are proportionate and legitimate. However, international law limitations, technological constraints, and the diffusion of actions to non-state actors work together to give an adversary in such a conflict substantial deniability.
For instance, the involvement of a third party not immediately identifiable as state-sponsored (such as Wikileaks) becomes incredibly difficult to set against the legal concept of “beyond reasonable doubt”. Nonetheless, the US have done this with North Korea after the Sony Pictures hack and a NATO Summit in 2014, held in Wales, has set out that the application of Article 5 of the Washington Treaty in the event of a cyber-attack does apply.
Currently, no specific international legal framework is in place to regulate hybrid warfare.
Use of “force” in international relations is still catered for under the United Nations Charter, which states “in the absence of an armed attack against a country or its allies, a member state can use force legally only if authorised by a United Nations Security Council resolution.”
While rules regarding traditional armed conflict are laid down in international humanitarian and human rights law, hybrid conflict and threats are only covered by a patchwork of legal instruments covering specific policy areas. These are the seas, counter-terrorism, money laundering, terrorist financing, and human rights.
This effect has allowed the growth of complex hybrid conflict operations to run almost unchecked, leading the world to the precipice it now stands upon.
Trump, Brexit, the attacks on the French and Dutch elections, the world cyber-attack on infrastructure and health organisations, fake news. These are the fronts in a very real conflict from which there may be no return unless a response begins.
“the involvement of a third party not immediately identifiable as state-sponsored (such as Wikileaks) becomes incredibly difficult to set against the legal concept of “beyond reasonable doubt”.”
Europe and much of the West is very much alive to the ongoing war, with a Summit currently ongoing in Prague.
The specific focus of the partly open, partly restricted meeting is to discuss “a coordinated international response to Russian aggression” and to discuss the fact “a wide gap remains between mere acknowledgement of the threat and the development of concrete and viable counter-measures.”
Senior NATO figures and high-ranking representatives from a large number of countries are in attendance.
But the European Union itself is highly engaged on the threat already.
Speaking to Maja Kocijančič, Spokesperson for EU Foreign Affairs and Security Policy, she says “The EU coordinates on all substantial threats, such as terrorism, cyber or hybrid attacks, or propaganda, obviously along the competencies it has.”
“Cyber-attacks are a growing concern worldwide – including for the European union. Recent attacks experienced in different sectors require a coordinated response. While Member States remain in the front line for much of this work, the EU has an important role to play,” she adds. “In this regard, we will update our Cybersecurity Strategy and reinforce the regulatory framework at EU level on cybersecurity.”
When it comes to hybrid threats, insofar as they relate to national security and defence, and the maintenance of law and order, the primary responsibility also lies with individual EU Member States. However, many of them face common threats, which can also target cross-border networks or infrastructures. “Such threats can be addressed more effectively with a coordinated response at EU level by using EU policies and instruments,” Kocijančič said.
The Commission and the High Representative presented a Joint Communication "Joint Framework on countering hybrid threats – a European Union Response" which was adopted in April 2016, just as Britain’s Brexit referendum campaigns officially began.
Kocijančič explained the action taken after the framework was launched. “Finland established the Centre of Excellence for countering hybrid threats in April this year. While it is a Finnish national initiative, it constitutes a direct response to one of the 22 actionable proposals made in the Joint Communication.”
On the launch, high Representative of the Union for Foreign Affairs and Security Policy and Vice-President of the Commission, Federica Mogherini, said “as the European Union, we will grant our full support to Finland in driving the new Centre of Excellence for countering hybrid threats forward to a full operation capacity and in its future work in delivering expert strategic analysis on countering hybrid threats, which will contribute to security in Europe. The establishment of the Centre in Helsinki will further strengthen EU-NATO cooperation, particularly on one of the greatest challenges in today's world.”
Things have moved forwards since then. “Cyber and hybrid threats are part of the new, important cooperation between the EU and NATO, agreed through a set of 42 concrete proposals in seven different areas identified by the Joint Declaration signed in Warsaw,” Kocijančič told me.
The EU has also put in place a task force, aimed which Kocijančič says is aimed at “improving the EU's capacity to forecast, address and raise awareness of disinformation activities by external actors.”
The EU STRATCOM Task Force was set up specifically to address Russia's ongoing disinformation campaigns. From the outset one of the key focus areas was “analysing disinformation trends, explaining disinformation narratives and myth-busting.”
They publish ongoing fact-checks under the banner of the Disinformation Review Team, which can be found on Twitter @EUvsDisinfo.
The alternative war had been a live conflict for at least two years before Trump and Brexit began to unravel, despite all the signs being in plain sight.
The damage to date will take years to correct without more stringent response.
“The EU STRATCOM Task Force was set up specifically to address Russia's ongoing disinformation campaigns. From the outset one of the key focus areas was “analysing disinformation trends, explaining disinformation narratives and myth-busting.””
One crucial element of the political manipulation deployed by Russia, notable by its failure in France due to the government responses, and by its success in the UK with Brexit and US with Trump, is the relatively new and still misunderstood technique of psychometrics.
Infamously deployed by American company Cambridge Analytica, part of the British SCL Group, in both the Trump campaign and Leave.EU’s Brexit campaign, psychometrics utilises ‘big data’ gathered through social media, surveys and other databases to create a personal profile to which messages can be tailored and targeted. It is a warfare technique.
Cambridge Analytica, through ex-board member and special adviser to Trump, Steve Bannon, is believed to be making attempts to woo the Pentagon and another company in the same market is Palantir, already linked to the US Department of Defense.
Until it became widely known in 2017, the technique of harnessing big data had been perceived as a risk for a number of years.
Back in 2010, cyber security company HB Gary – who worked on Federal contracts – were in friendly talks about integrating with Palantir about social media. Under the heading “Social Media, Exploitation, and Persistent Internet Operations,” senior employees of both companies were discussing “The rise of the social web has created an entirely new set of useful technologies and security vulnerabilities. It is our experience that most individuals and organisations understand there are risks to using social media but don't understand the full extent, from what types of use, what the real risks are, or how the vulnerabilities can be fully exploited.”
The emails were dumped on the internet by Wikileaks after one HB Gary employee exposed alleged members of Anonymous to the authorities in 2011, an event which ruined his career.
Arron Barr set out in further emails just how significant the development of big data as a weapon could be.
“There is an immense amount of information that can be aggregated from social media services to develop competitive intelligence against any target. Take any US defence contractor. If I could harvest a significant amount of data from sites such as FBO, Monster, LinkedIn, Input, Facebook, Twitter. What type of picture could I put together as far as company capabilities, future plans, contract wins, etc. From a targeting perspective could I identify information exposure points that lead to a defensive weakness…I spoke to INSCOM a few weeks ago about their desire to start to incorporate more social media reconnaissance and exploitation into their red team efforts. Such a capability has a broad applicability that will be more significantly needed in the future.”
Barr was years ahead of his time in identifying the risks which were subsequently exploited to manipulate both British and American electorates.
In one briefing email he wrote, “the explosive growth of social media has created a highly effective channel for the collection and aggregation of personal and organisational information for the purposes of tailoring content for users. To Interact in a social media ecosystem requires some release of personally identifiable information (PII), in fact with most services the more information you provide the more tailored and beneficial the experience. In most cases these are legitimate reasons for providing the information with tangible user benefits, whether it be to more personalise and localise advertising or tailored and real-time information delivery that increases personal productivity. Unfortunately, the same methods are being used to conduct information reconnaissance and exploitation. The most common current examples are spear-phishing attacks. Future social media exploitation tactics will likely be applications and service that provide personal benefit or entertainment, but serving a dual purpose to collect information that can be used for more insidious purposes. This marks a new class of exploitation, vehicles directly targeting people rather than the machines they use.”
HB Gary no longer exists as it was, and Barr is now a recluse. Nonetheless, what they identified many years ago was not only visionary but has become part of the Russian hybrid arsenal via their third-party hacking and disinformation channel, Wikileaks.
“Future social media exploitation tactics will likely be applications and service that provide personal benefit or entertainment, but serving a dual purpose to collect information that can be used for more insidious purposes. This marks a new class of exploitation, vehicles directly targeting people rather than the machines they use.”
I tracked down one former employee of HB Gary and asked them how dangerous social media really was and if it had been weaponized. “The Russian stuff kinda proves that out right?” they replied, without hesitation.
“There is enough info and interaction purely in the public domain to provide intelligence and to engage in influence. Social media is the perfect mechanism. But we can see that happening right in front of us. Just have to organise and automate,” they added.
In the Wikileaks dumps on HB Gary there were a number of mentions about defence from weaponized use of this data, but nothing concrete. Again, the response was stark.
“There isn't really a defence of some properly. Not one that can be easily devised. Platforms are of course working to manage "fake info" but that only will take care of the careless and less sophisticated - if done properly. [It’s] taking advantage of people's natural inclinations... but again we can see all this in front of us.”
I pressed them on Cambridge Analytica and what they knew through the industry grapevine but the answer confirmed a lot of the rumours about the company’s secrecy. “I haven't heard anything...there are people that obviously have the background and talent and are now, and increasingly going to apply it in the wild. The question is not “is developing the capabilities unethical?” It's what do you do with it.”
“I tracked down one former employee and asked them how dangerous social media really was and if it had been weaponized. “The Russian stuff kinda proves that out right?” they replied, without hesitation.”
This all began with a trip to Sweden, to find out the truth about crime and immigration.
That investigation opened the door to this one, which has clearly connected the far-right across Europe to both the American alt-right movement and Russia.
In turn, the Trump Administration, Brexit, and Russia have become inseparable, along with their third party actors and big data companies adding to the confusion of non-state plausible deniability.
I am left in no doubt, however, that the #snowman investigation has exposed the alternative conflict of World War Three. A hybrid battle which, contrary to focus on ballistic tests North Korea as a potential catalyst for future action, has already begun.
The dark truth is: Russia never made the official declaration.