CliffNotes Unfortunately, scammers are everywhere these days, and they’re constantly finding new ways to manipulate people. It could be a fake charity asking for donations or a romantic interest trying to pull at your heartstrings, their tactics are designed to trick you into trusting them. It’s easy to think, “That won’t happen to me,” but it can happen to anyone. My great aunt, for instance, lost $45,000 to a charity scam because she genuinely believed she was helping build a church in Ghana. It wasn’t until she tried to wire another $100,000 that a banker noticed something was wrong and stepped in.
Scammers exploit trust, emotion, and often our personal interests (OPSEC OPSEC OPSEC). Take, for example, my college roommate who almost got conned while selling a laptop on Craigslist. She was contacted by someone claiming they needed the laptop for their son in Africa, a story that hit close to home for her since she had been on mission trips there, which I suspect was found out through looking at her social media. The scammer likely used that personal connection to try to make the story believable, hoping she wouldn’t question it. Luckily, she sensed something wasn’t right when they asked for money to cover shipping and backed out just in time. Then there are romance scams which can be even more painful. In my hometown, a woman flew to the UK to meet a man she thought she had been in an online relationship with, only to realize he didn’t exist. Before she even made the trip, she had already sent him money, believing he needed it for his flight. Scammers in these situations spend months building trust before asking for financial help, making it harder for the victim to realize what’s happening until it’s too late. The key to avoiding these situations is understanding how scammers operate. A great way to do that is by learning from two concepts: Pre-Incident Indicators (PINS) from The Gift of Fear by Gavin de Becker and the OODA loop developed by military strategist Col. John Boyd. De Becker emphasizes the importance of trusting your gut—our instincts are designed to protect us, but too often we ignore them. If something feels off, don’t rationalize it away, it’s probably off. Recognizing the early PINS, like someone pushing for urgency or refusing to take “no” for an answer, can help you catch a scam before it goes too far. The OODA loop—Observe, Orient, Decide, Act—helps you take control of a situation by slowing things down. Scammers want you to feel rushed, so you don’t have time to think critically. The loop allows you to step back, assess the situation, and decide on the best course of action without being pressured into a decision. The bottom line is this: scammers rely on confusion, emotional manipulation, and most importantly speed to achieve their objective. The more you can recognize their tactics, the better able you’ll be to avoid falling into their traps. If something feels wrong, trust yourself and take the time to verify the details.
0 Comments
The Future of War is Decentralized Christian Brose's The Kill Chain fits into John Robb's Brave New War worldview through a shared recognition of how modern warfare is increasingly defined by technology, decentralization, and the exploitation of system vulnerabilities. Both authors articulate how traditional military doctrines and approaches are becoming obsolete in the face of rapidly evolving threats that leverage technology and asymmetric tactics.
In The Kill Chain, Brose emphasizes that the U.S. military must transition from an outdated model of warfare, which relies on heavy, centralized, and hierarchical systems, to one that is networked, decentralized, and automated. This is in direct alignment with Robb’s view of modern conflict, where networked actors—whether state or non-state—exploit the interconnectedness of global systems to disrupt, degrade, and destabilize powerful adversaries. Robb describes how global guerrillas use these networks to operate in small, autonomous groups, bypassing traditional state hierarchies to attack vulnerable infrastructure. Brose and Robb both argue that the future of conflict is not about large, conventional forces clashing head-on. Instead, it’s about how fast and effectively forces can operate within a distributed, digital network that connects sensors, decision-makers, and weapons systems. Brose’s kill chain is a system designed to integrate these capabilities at speed, while Robb’s global guerrillas are adept at targeting the weak links in such systems to bring them down. From Robb’s worldview, the ability of non-state actors and smaller forces to act quickly, adaptively, and asymmetrically is key. Brose, too, is concerned with the speed of decision-making and action in military operations. He emphasizes the need to automate parts of the kill chain with AI and autonomous systems to match the speed of modern threats, which aligns with Robb’s emphasis on networked, fast-moving actors who can outmaneuver larger, slower bureaucratic systems. Robb’s systems disruption theory is central to Brave New War. It argues that future wars will be less about physical destruction and more about disrupting the complex, interconnected systems that modern states and societies depend on. In Robb’s view, global guerrillas don’t need to defeat a state militarily; they only need to disrupt the systems that allow the state to function i.e. power grids, communication networks, and financial systems. This strategy of targeting critical infrastructure with minimal resources is designed to create cascading failures, causing widespread chaos and undermining state power. The Kill Chain echoes this vulnerability. Brose argues that the U.S. military’s overreliance on large, centralized systems, such as aircraft carriers and advanced fighter jets—makes it highly susceptible to disruption. Adversaries like China and Russia have focused on developing systems designed to disable or disrupt these legacy platforms by attacking their command-and-control infrastructure, sensors, and communications; the kinds of targets Robb’s global guerrillas would aim for in a conflict. Both Brose and Robb emphasize the growing importance of cyber warfare as the key tool for systems disruption. For Robb, cyberattacks are the ultimate non-kinetic fires ( a term that suck with me after reading The Kill Chain) or a way for small, decentralized actors to create massive effects on a technologically advanced adversary by attacking the digital infrastructure that underpins its military and civilian systems. Brose describes how adversaries can exploit U.S. military vulnerabilities with cyberattacks, jamming sensors, blinding satellites, or injecting false data into decision-making systems, effectively breaking the kill chain before it can even begin. Robb’s Brave New War is built around the idea of asymmetric warfare, where smaller, less powerful actors can challenge larger states by using unconventional tactics and low-cost, high-impact attacks. He also introduces the concept of open-source warfare, where tactics, techniques, and technologies are shared across decentralized networks of non-state actors, enabling them to rapidly innovate and adapt. Brose’s The Kill Chain acknowledges this asymmetric threat but from the perspective of state-on-state conflict. He describes how China and Russia, instead of trying to match the U.S. militarily with traditional platforms, have adopted asymmetric strategies that focus on neutralizing America’s strengths. These adversaries invest in capabilities designed to disable U.S. power projection by attacking weak points in its command-and-control infrastructure, electronic warfare, and space-based assets. Brose’s warnings about this shift align with Robb’s vision of how smaller or less-resourced actors can use asymmetric tactics to outmaneuver and disrupt a more powerful adversary. Additionally, Robb’s idea of open-source insurgency ties directly into the nature of cyber warfare, which Brose sees as critical in future conflicts. In Robb’s framework, tools for systems disruption, like cyber exploits, can be shared across a global network of actors, allowing even small groups to gain access to powerful technologies that can cripple a state’s infrastructure. Brose’s analysis echoes this by highlighting how easily cyber tools can be developed or acquired by both state and non-state actors, further amplifying the asymmetric potential of modern warfare. Both Robb and Brose agree that the U.S. military must adapt if it hopes to remain competitive in the future of warfare. For Brose, this means breaking away from the obsession with legacy systems like aircraft carriers and embracing new technologies like artificial intelligence, automation, and space-based surveillance. He advocates for the U.S. military to move towards a distributed, networked system of warfare where the kill chain is automated and decisions are made at machine speed. Robb’s prescription for surviving in this new environment is similar. He advocates for a more resilient, decentralized system, where the state adopts the same kind of adaptive, networked thinking that its adversaries use. For both authors, the future is about speed, agility, and flexibility, not overwhelming firepower or centralized control. In Robb’s world, the state that can out-think and out-adapt its adversaries will survive, while the one that clings to legacy platforms will be left vulnerable to systems disruption and decentralized attacks. In Robb’s framework, non-state actors like global guerrillas use open-source tactics and systems disruption to paralyze more powerful adversaries, a strategy that is echoed in Brose’s analysis of how China and Russia are developing asymmetric capabilities to disable the U.S. military’s kill chain. Both authors warn that the future of warfare will be determined not by who has the most firepower, but by who can best adapt to the challenges of this networked, decentralized, and technology-driven world. The Kill Chain Recently, I finished this book on the way to WWHF. The Kill Chain: Defending America in the Future of High-Tech Warfare by Christian Brose is an examination of the United States’ military vulnerabilities in the face of rapid technological advancements and the shifting nature of modern warfare.
Brose, who served as the staff director of the Senate Armed Services Committee and as a senior advisor to Senator John McCain, leverages his insider perspective to offer a sobering critique of how the U.S. military is failing to adapt to the challenges of a new era defined by AI, automation, and cyber capabilities. The “kill chain” concept refers to the sequence of detecting a threat, deciding on a response, and taking action to neutralize it. Traditionally, this process involved human decision-makers at each stage, but modern warfare demands faster, more automated processes. Brose argues that America's military kill chain is slow, centralized, and heavily reliant on legacy systems that are vulnerable to disruption. The Kill Chain contends that the United States is locked into an outdated model of warfare, one that emphasizes traditional platforms like aircraft carriers, fighter jets, and tanks. These systems, Brose argues, belong to an era of industrial-age warfare that is quickly becoming obsolete in the face of information-age threats. Today’s conflicts are increasingly defined by “data, sensors, autonomous systems,” and the ability to leverage these technologies to achieve real-time decision-making and action; essentially, how quickly and effectively a military can complete its “kill chain.” Brose paints a stark picture of how adversaries like China have studied the U.S. military's strengths and weaknesses and developed strategies to counter them. Rather than attempting to match the United States platform for platform, China has focused on developing capabilities that can exploit the vulnerabilities of America's complex, interconnected military systems. These capabilities include advanced cyberwarfare tools, electronic warfare systems, and precision-guided missile technology designed to target the weak links in America's kill chain. The book explores how China’s investment in these areas is part of a broader strategy to neutralize America’s advantages. China has invested in anti-ship ballistic missiles that can target U.S. aircraft carriers, developed advanced electronic warfare capabilities that can jam or blind U.S. surveillance systems, and built extensive cyber capabilities to compromise American military networks. These developments challenge the dominance of the U.S. military, as they can render its traditional platforms ineffective before they can even enter the battlefield. Brose makes the case that the United States is at risk of losing its strategic edge because it has not adequately adapted to this shift. The U.S. military's focus on maintaining and expanding expensive legacy systems leaves it poorly positioned to counter adversaries who are innovating more rapidly and adopting strategies that focus on disrupting America’s ability to respond effectively. The Kill Chain does not shy away from critiquing the entrenched bureaucracy of the Pentagon and the defense-industrial complex. Brose highlights how the procurement process is bogged down by inefficiency, resistance to change, and an obsession with maintaining traditional platforms. He argues that this mentality has led to a situation where the U.S. spends billions on legacy systems that may never be effective in a future conflict. Brose is particularly critical of the U.S. defense budget's emphasis on sustaining existing programs rather than investing in new technologies. He contrasts this with China’s approach, where the focus is on developing capabilities that can counter the United States’ strengths and exploit its weaknesses. This difference in strategic thinking, Brose suggests, has created a scenario where the U.S. could be outmaneuvered in a future conflict, not because it lacks resources, but because it has failed to innovate and adapt. One of the more urgent messages in The Kill Chain is the need for the United States to integrate emerging technologies like artificial intelligence and autonomous systems into its military strategy. Brose argues that these technologies are not just enhancements to existing capabilities but are the keys to unlocking a new model of warfare where decisions can be made at machine speed. In a world where threats emerge and change rapidly, relying on human decision-making in the kill chain can be a fatal flaw. Brose envisions a future where AI-enabled systems can identify, track, and prioritize threats autonomously, with human oversight serving as a guide rather than the primary decision-maker. This shift would enable the military to operate faster and more efficiently, adapting to threats in real-time rather than relying on slow, hierarchical chains of command. Brose highlights that the private sector is already leading in many of these areas, with companies like SpaceX and Palantir driving advancements in AI, space-based surveillance, and data analysis. He advocates for greater collaboration between the Department of Defense and these innovative private companies, arguing that such partnerships are essential if the U.S. military is to harness cutting-edge technology and maintain its competitive edge. Brose argues that America must embrace a new way of thinking about warfare—one that prioritizes speed, agility, and the ability to operate across a distributed, networked battlefield. This requires a willingness to take risks, to abandon the comfort of legacy platforms, and to invest in technologies that can make the military more effective in an era of information warfare. He also emphasizes that the future of warfare will not be won by having more tanks or aircraft carriers but by building systems that can see, think, and act faster than those of adversaries. This means focusing on developing the infrastructure for autonomous drones, space-based sensors, and AI-driven analysis tools that can turn data into action in milliseconds Into the Gray Zone Gray zone warfare occupies the ambiguous space between peace and open conflict, where actors engage in aggressive activities that fall short of conventional war. These actions are designed to achieve strategic objectives while avoiding direct military confrontation and maintaining plausible deniability. Gray zone tactics exploit gaps in international law and norms, making it difficult for targets to justify a forceful response.
Cyberattacks have emerged as a quintessential tool of gray zone warfare, operating in the space with particular effectiveness. It allows state and non-state actors to inflict significant damage on adversaries without crossing the threshold that would trigger traditional military retaliation. This ambiguity makes cyberattacks especially attractive for those seeking to advance their interests while minimizing the risk of escalation. Common gray zone tactics include cyberattacks, disinformation campaigns, economic coercion, and the use of proxy forces. In the cyber domain, these methods often target critical infrastructure, financial systems, and government networks. Such attacks can disrupt essential services, undermine public trust, and cause economic damage without physical destruction. The 2015 and 2016 attacks on Ukraine's power grid, attributed to Russia, are examples of this approach. By temporarily disabling portions of the grid, the attackers demonstrated their capabilities and instilled fear without triggering a military response. The attribution problem inherent in many cyberattacks further aligns them with gray zone tactics where sophisticated actors can mask their identity, use false flag operations, or leverage compromised systems in neutral countries to launch attacks. Obfuscation creates plausible deniability, complicating diplomatic and military responses. Even when technical evidence points to a specific nation, proving state sponsorship to a level that justifies retaliation often remains challenging. Russia's actions in Ukraine provide a clear example of gray zone warfare beyond just cyberattacks. The 2014 annexation of Crimea involved the use of "little green men, " unmarked troops that Russia initially denied were its own. This allowed Russia to achieve its objective while muddying the waters of international response. Similarly, Russia's ongoing support for separatist forces in eastern Ukraine, combined with its cyber operations against Ukrainian infrastructure, exemplifies the nature of gray zone tactics. Cyber espionage operates in a similar gray area. While espionage is an age-old practice, the scale and scope enabled by cyber tools blur the lines between intelligence gathering and active measures. Massive data breaches like the U.S. Office of Personnel Management hack, attributed to China, illustrate how cyber espionage can have strategic implications beyond mere information collection. The use of cyber tools for election interference represents another facet of gray zone warfare. Disinformation campaigns, hack-and-leak operations, and attacks on voting infrastructure can undermine democratic processes and sow discord without direct military involvement. The alleged Russian interference in the 2016 U.S. presidential election demonstrated the potency of these tactics in shaping geopolitical outcomes while maintaining a veneer of deniability. Healthcare ransomware attacks are a prime example of gray zone conflict tactics, targeting critical infrastructure in a way that disrupts societies without provoking traditional military responses. By attacking healthcare systems, cyber-criminals, sometimes linked to state actors or allowed to act with certain restrictions from their territory, exploit vulnerabilities to cause significant harm, such as hindering patient care and sowing public fear. These operations leverage the anonymity and plausible deniability inherent in cyberspace, allowing perpetrators to put pressure on adversaries covertly by "throwing sand in the gears". The increased targeting of healthcare facilities (in my opinion), following geopolitical events like the Ukraine invasion, underscores how such cyberattacks have become key tools in gray zone strategies, blurring the lines between peace and open conflict. Protecting our data and systems is no longer just about preventing theft or disruption, it's about safeguarding national security and economic stability. The future of conflict is in cyberspace and cybersecurity professionals must see themselves on the front lines of this evolving form of warfare. Final Review John Robb's "Brave New War" and his "Global Guerrillas" blog, despite being penned in 2007, remain eerily prescient reads for today's cybersecurity practitioners. Robb, a former Air Force officer turned analyst, dissects the evolving nature of conflict in a world where traditional power structures are increasingly vulnerable to decentralized, networked threats.
The core thesis revolves around what Robb terms "open-source warfare" a concept where loosely affiliated groups can share tactics, techniques, and procedures to wage asymmetric warfare against nation-states and large organizations. Sound familiar? It's essentially describing the modern threat landscape cybersecurity professionals grapple with daily. Robb's analysis of how these groups can exploit systemic vulnerabilities to cause cascading failures is particularly relevant. He argues that by targeting critical nodes in complex systems - be it infrastructure, supply chains, or information networks , otherwise small groups can inflict disproportionate damage. This mirrors the potential impact of well-executed cyberattacks on our interconnected digital systems. The book's exploration of "super-empowered individuals" those who can leverage technology to punch far above their weight is downright prophetic. In an era where a single hacker with the right tools can potentially cripple a multinational corporation, Robb's warnings feel less like speculation and more like a playbook for the threats we face. What makes "Brave New War" particularly valuable is its focus on resilience and adaptability as key defensive strategies. Robb argues for decentralized, resilient systems that can withstand and quickly recover from attacks - a philosophy that aligns closely with modern cybersecurity best practices like zero trust architecture and defense-in-depth strategies. For cybersecurity practitioners, "Brave New War" offers a broader context for understanding the threat landscape we operate in. It's not just about protecting networks, but rather it's about comprehending how those networks fit into larger, vulnerable systems that adversaries seek to exploit. In a field that often gets bogged down in technical minutiae, Robb's strategic-level analysis provides a valuable big-picture perspective. It's a reminder that effective cybersecurity isn't just about firewalls and patches, it's about understanding the evolving nature of conflict in a networked world. Is it a comfortable read? Hell no. Robb's vision of decentralized, networked threats exploiting our systemic vulnerabilities is downright unsettling. But it's precisely this discomfort that makes "Brave New War" a must-read. It challenges our assumptions, broadens our threat models, and ultimately makes us better prepared to face the brave new world of cyber conflict. I highly recommend this book and following Robb. Brave New War: Amazon John Robb: Solutions Robb's advocacy for resilience through decentralization has gained traction across various sectors, though implementation often lags behind recognition of its importance. The energy sector provides a prime example with the emergence of microgrids as a practical application of Robb's ideas. These small-scale, local energy systems can operate independently of the larger grid, enhancing community resilience against both physical and cyber attacks. The development of microgrids in Puerto Rico following Hurricane Maria demonstrates how decentralization can bolster communities in the face of natural disasters and potential attacks.
Widespread implementation of such decentralized systems remains a challenge. Regulatory hurdles, entrenched interests, and the inertia of existing infrastructure often impede progress. The tension between the recognized need for resilient, decentralized systems and the practical difficulties of overhauling established infrastructure highlights an ongoing struggle in realizing Robb's vision. In cybersecurity, Robb's concept of open-source security has seen significant adoption. Information Sharing and Analysis Centers (ISACs) in various industries and the Cyber Threat Alliance exemplify this approach, facilitating the sharing of threat intelligence among organizations. This collaborative model allows defenders to share information and strategies as readily as attackers, creating a more robust collective defense. The rise of bug bounty programs and responsible disclosure policies in the tech industry also aligns with Robb's vision of harnessing collective intelligence for defense. These initiatives have proven effective in identifying and addressing vulnerabilities before malicious actors can exploit them. However, the open nature of these programs also creates potential risks, as information about vulnerabilities could potentially be misused if not carefully managed. Robb's emphasis on adaptive, network-centric defense has influenced military doctrine, with concepts like the U.S. military's "Multi-Domain Operations" reflecting a more flexible, interconnected approach to warfare. In the corporate world, the adoption of agile methodologies in cybersecurity represents a step towards the kind of adaptive defense Robb envisioned. Despite these advancements, many organizations still struggle to match the speed and flexibility of their adversaries. The gap between the ideal of rapid, adaptive defense and the reality of organizational constraints highlights the ongoing relevance of Robb's warnings. Balancing the need for agility with the requirements of security and stability remains a significant challenge for many institutions. The importance of building social capital, strong, trust-based networks within and between communities is particularly relevant in the face of information warfare and social media manipulation. Initiatives focused on digital literacy, fact-checking networks, and community resilience programs would ideally align with this aspect of Robb's thinking, but that has yet to be determined. Robb's advocacy for localism and community empowerment has seen mixed implementation. Community policing initiatives and local emergency response teams reflect this philosophy, empowering communities to take an active role in their own security and governance. The rise of cryptocurrency and blockchain technologies represents an interesting development in this space, potentially providing tools for local economic empowerment and decentralized governance structures. However, the trend towards centralization in many aspects of governance runs counter to Robb's recommendations. The tension between local empowerment and the need for coordinated responses to large-scale challenges present an ongoing dilemma in implementing Robb's ideas. Implementation of Robb's proposed solutions face significant hurdles. Institutional inertia, short-term thinking, and the complexities of coordinating decentralized systems all pose challenges to realizing his vision of a more resilient society. Moreover, some of Robb's ideas, particularly around localism and decentralization, can be challenging to reconcile with the realities of an increasingly interconnected global economy and the scale of transnational threats. Super-Empowered Individuals: The Rise of Non-State Actors Another idea present in John Robb's "Brave New World" is the the emergence of super-empowered individuals has reshaped power dynamics in ways that challenge traditional governance and security paradigms. While these actors have driven innovation and progress in many sectors, their outsized influence also presents significant risks to societal stability.
On the positive side, super-empowered individuals have been catalysts for transparency and technological advancement. Whistleblowers like Edward Snowden exposed government overreach, sparking crucial debates about privacy and surveillance. In the tech world, entrepreneurs like Elon Musk have pushed the boundaries of what's possible in electric vehicles and space exploration, influencing entire industries through sheer force of will and innovation. The financial sector in particular has seen similar disruption. The anonymous creator(s) of Bitcoin, known as Satoshi Nakamoto, launched a revolution in digital currencies that's challenged traditional banking systems and concepts of value. This innovation has opened up new possibilities for financial inclusion and decentralized economic models. However, on the flip side, social media platforms, while democratizing information flow, have also become breeding grounds for disinformation campaigns. Bad actors can now rapidly spread false narratives, manipulating public opinion and potentially destabilizing political systems. The speed and reach of these platforms often outpace traditional fact-checking mechanisms, creating an environment ripe for exploitation. In cybersec, we see this as individual hackers and small groups have demonstrated an alarming ability to cause outsized disruption. The 2014 hack of Sony Pictures, attributed to a small team of North Korean-linked operatives, embarrassed a multinational corporation and created international tensions. More recently, ransomware attacks by groups like DarkSide have shown how a handful of skilled individuals can disrupt critical infrastructure and extort millions from large organizations. The financial influence of super-empowered individuals has also shown a darker side. We've seen how a single tweet from a prominent figure can send shockwaves through entire markets, highlighting the precarious nature of systems vulnerable to individual whims. This volatility poses risks not just to investors, but to economic stability more broadly. These developments present significant challenges for governance and security frameworks. Traditional power structures and regulatory systems were designed to handle nation-state actors or formal organizations. They often struggle to contend with the fluid, unpredictable nature of small groups, much less individual actors empowered by technology. The speed at which these individuals can act often outpaces the ability of institutions to respond effectively. Looking forward, it's clear that new approaches to security and governance are needed. These must be flexible enough to harness the positive potential of super-empowered individuals while mitigating the risks they pose. This might involve rethinking regulatory frameworks, developing new models of public-private cooperation, and fostering digital literacy to create a more resilient society. The trend of individual empowerment will likely accelerate as technology continues to evolve. Advancements in AI, biotechnology, and other emerging fields will likely create new avenues for individuals to exert transformative influenc not seen in previous generations. Open-Source Warfare and The Democratization of Conflict Continuing with Brave New War by John Robb. The rise of open-source warfare presents us with complex challenges and opportunities. While it has undeniably empowered non-state actors and individuals, this openness also offers potential benefits for defenders and security professionals.
Open-source approaches have revolutionized cybersecurity efforts. Many defense strategies now rely on community-driven threat intelligence sharing and open-source tools. This collaborative model has allowed for rapid identification of new threats and the development of countermeasures at a pace that often outstrips traditional, closed security systems. However, this same openness that strengthens defense can also be exploited by malicious actors. The freely available nature of many hacking tools and cyber warfare techniques means that sophisticated attack capabilities are no longer the sole domain of nation-states or well-funded criminal organizations. A skilled individual with internet access can potentially wield cyber weapons that were once the exclusive purview of government agencies. This duality creates a constantly shifting security landscape. Defenders must remain vigilant, adapting their strategies as quickly as new threats emerge. At the same time, they can leverage the collective knowledge and resources of the open-source community to bolster their defenses. The challenge moving forward lies in striking a balance and harnessing the innovative potential and rapid adaptation of open-source approaches while mitigating the risks they pose to security and stability. This may require a fundamental reevaluation of traditional security paradigms, focusing less on controlling information and more focus on networked resilience and adaptability. As Robb noted, in this Brave New War, the ability to quickly adapt and learn from a distributed network may prove more crucial than conventional advantages in resources or manpower. This shift demands a new approach to security, one that embraces openness and collaboration while remaining clear-eyed about the potential risks. Ultimately, open-source warfare has irrevocably altered the nature of conflict and security in our interconnected world. How we navigate this new reality will shape the future of global security for decades to come. Systems Disruption: Exploiting Interconnected Vulnerabilities Continuing with John Robb's "Brave New War" which introduced a prescient concept that has become increasingly relevant in our interconnected world: systems disruption. Robb argued that in modern conflicts, targeting critical infrastructure could cause widespread chaos and undermine a state's ability to maintain control. This strategy, focusing on exploiting vulnerabilities in complex systems rather than engaging in direct combat, has proven remarkably accurate in predicting the nature of modern threats.
The core of Robb's insight lies in recognizing the inherent fragility of our interconnected systems. As societies have become more technologically advanced, they've also become more dependent on complex networks of infrastructure from power grids and water supplies to financial systems and communication networks. While these interconnected systems offer tremendous benefits in terms of efficiency and capability, they also present a significant vulnerability. A well-placed attack (or bad update in the case of Crowdstrike) on a critical node can have cascading effects, causing disruptions far beyond the initial point of impact. Robb's concept goes beyond traditional notions of sabotage or infrastructure attacks. He recognized that in a world of complex, interdependent systems, relatively small actions could have disproportionately large effects. This asymmetry is particularly appealing to non-state actors or smaller powers who lack the resources for conventional military confrontations. By targeting key vulnerabilities in critical systems, these actors can potentially cause widespread disruption and chaos without the need for large-scale military operations. The psychological aspect of systems disruption is another key element of Robb's analysis. He understood that beyond the immediate physical or economic impacts, successful attacks on critical infrastructure could erode public confidence in the state's ability to provide basic services and security. This loss of confidence can be as damaging as the physical disruption itself, potentially leading to social unrest or political instability. Robb's foresight in identifying the potential for systems disruption has been validated repeatedly in recent years. Cyber attacks on power grids, ransomware targeting healthcare systems, and disruptions to financial networks have all demonstrated the vulnerability of our interconnected world, the Colonial Pipeline ransomware incident is a good example of this. These incidents have shown that Robb's concept of systems disruption is not just a theoretical construct, but a real and present danger in modern conflicts. As our reliance on technology continues to grow, so too does the potential for systems disruption. The rise of the Internet of Things, the increasing digitization of critical infrastructure, and the growing sophistication of cyber weapons all point to a future where the risks of systems disruption are likely to increase rather than diminish. In response to these threats, Robb emphasized the need for resilience in our critical systems. This means not just hardening defenses, but also building redundancy and adaptability into our infrastructure. The goal is to create systems that can withstand attacks or disruptions and quickly recover, rather than cascading into widespread failure. The CrowdStrike incident of July 19, 2024 serves as a good illustration of the risks inherent in centralized systems, particularly as it relates to cybersecurity. CrowdStrike, a major player in the cybersecurity industry, experienced a critical software update failure that cascaded into a widespread outage affecting millions of devices across various sectors. The incident began with a seemingly routine software update to CrowdStrike's Falcon platform. However, a misconfiguration in the update caused the security software to malfunction, effectively disabling endpoint protection for a vast number of clients simultaneously. This single point of failure in a centralized system rapidly escalated into a crisis affecting financial institutions, healthcare providers, energy companies, and government agencies. I experienced this first hand with my work laptop and later that morning trying to take the CCSP at a testing center as all the computers were BSOD. Banks reported disruptions in transaction processing systems, hospitals faced interruptions in accessing patient records, and several power plants had to switch to manual operations due to concerns about compromised industrial control systems. The ripple effects of this outage highlighted how deeply embedded CrowdStrike's services had become in critical infrastructure across multiple industries. What makes this incident particularly noteworthy is that it wasn't the result of a malicious attack, but rather an internal error, however this is what a crippling cyber attack could look like. This underscores a key vulnerability of centralized systems even without external threats, they can still fail catastrophically. The concentration of so many critical services under one provider created a single point of failure that, when compromised, had far-reaching consequences. The CrowdStrike outage should serve as a wake-up call about the dangers of over-reliance on centralized cybersecurity solutions and systems. It demonstrated how the very systems designed to protect against disruption can themselves become vectors for widespread disruption when they fail. This incident reinforces the need for diversity and redundancy in critical systems, echoing John Robb's warnings about the vulnerabilities created by our interconnected, centralized infrastructure. Networked Warfare In 2007, John Robb's "Brave New War" introduced a radical new framework for understanding conflict in the 21st century. At the time, Robb's predictions may have seemed speculative, but they have since proven to be disturbingly accurate. Robb argued that the future of warfare would be dominated not by nation-states and traditional military forces, but by decentralized, networked insurgencies and super-empowered individuals who would leverage technology to disrupt societies in ways previously unimaginable.
This book, which I picked up as a freshman polisci major in 2007 shaded many of the papers I wrote, and as I sit here in 2024 writing this, the world has seen Robb's vision unfold in real-time. From the rise of ISIS to the ongoing conflict in Ukraine, from cyber attacks on critical infrastructure to the influence of tech billionaires on global affairs, the concepts outlined in "Global Guerrillas" have moved from the realm of theory to stark reality. When Robb introduced the concept of networked warfare in "Global Guerrillas" in 2007, it represented a radical shift from traditional military doctrine. Robb envisioned a world where decentralized groups, operating without rigid hierarchies, would challenge state powers through adaptability and resilience. Today, this form of warfare has become the norm rather than the exception, with many parallels to what we see in the cybersec world. The evolution of cyber warfare provides a perfect parallel to the rise of networked warfare in physical space. In many ways, cyber threat actors were the vanguard of this decentralized, agile approach that's now reshaping conventional conflicts. In cybersecurity, we've long observed how decentralized hacking groups and state-sponsored actors consistently outmaneuver more traditional, hierarchical defense structures. Consider groups like Anonymous or the countless ransomware gangs operating today. They function as loose collectives, often with members spread across the globe, coordinating their efforts through encrypted channels and dark web forums. This structure allows them to rapidly adapt to new security measures, share zero-day exploits, and launch coordinated attacks that are difficult to attribute or counter. This dynamic, which emerged in the digital worlds first due to the inherent nature of the internet as a decentralized network, has now manifested in physical conflicts. The ongoing war in Ukraine serves as a prime example of networked warfare in action, mirroring the tactics we've seen in cyberspace. Ukrainian forces, bolstered by volunteer battalions and local defense groups, initially employed a networked approach that allowed them to effectively resist a larger, more conventionally structured Russian military. These decentralized units operated with high autonomy, making decisions on the ground without waiting for orders from a central command. This flexibility proved crucial in responding to the fluid and unpredictable nature of the conflict, especially during the early days of the 2022 Russian invasion. However, the effectiveness of Ukraine's networked warfare tactics didn't go unchallenged. As the conflict progressed, Russian forces began to adapt, albeit slowly and at great cost. This adaptation underscores a key aspect of networked warfare - it's not a silver bullet, but rather a constantly evolving approach. Russia's shift became evident in several ways. They increased autonomy for frontline commanders and adopted smaller, more mobile units. Their information sharing improved, though still not matching Ukraine's speed. The integration of mercenary groups like Wagner, which often operated with more autonomy than traditional military units, allowed for more flexible tactics. Russia also ramped up efforts to disrupt Ukrainian communications through enhanced electronic warfare capabilities. This evolution mirrors what we see in cybersecurity, where threat actors and defenders are locked in a constant arms race of tactical innovation. The side that adapts faster and more effectively gains a temporary advantage, until the other side catches up. As many of us know, the attackers almost always have the advantage. The lesson here isn't that networked warfare doesn't work, but rather that its effectiveness depends on continual evolution and the ability to stay one step ahead of the opponent. Ukraine's initial success came from being more adept at networked operations than Russia. As Russia has slowly closed that gap, the conflict has entered a new phase where both sides are employing elements of networked warfare. This dynamic isn't unique to Ukraine. We've seen similar patterns play out in various conflicts around the world. The rise and fall of ISIS demonstrated how a decentralized network could rapidly gain territory and influence across multiple countries, challenging traditional state powers. Their use of social media for propaganda and recruitment mirrored tactics used by cyber threat actors. In Mexico, drug cartels operate through highly decentralized networks that extend their influence across vast territories and even into international markets. This structure makes them incredibly resilient and difficult to dismantle, much like persistent cyber threat groups. The 2020 protests and riots in the United States saw decentralized groups like Antifa rapidly mobilize and coordinate actions across multiple cities, often outmaneuvering more hierarchical law enforcement structures. The prevalence of networked warfare poses significant challenges to traditional military and security structures in both cyber and physical domains. State actors are being forced to adapt, moving away from rigid command hierarchies towards more flexible, mission-oriented command structures. However, this adaptation is often slow and hampered by institutional inertia. In cybersecurity, defenders often find themselves playing catch-up, constrained by organizational hierarchies, compliance requirements, and the need to protect vast attack surfaces. The "assumed breach" mentality that's become prevalent in cybersecurity is a tacit acknowledgment that networks will be compromised, the goal is now to detect and respond rapidly rather than trying to create an impenetrable perimeter. This mindset has carried over to physical conflicts. Ukrainian forces, adopting an approach similar to modern cybersecurity practices, operate under the assumption that Russian forces will break through at some point. Their networked structure allowed them to rapidly detect incursions and respond flexibly, much like a well-designed incident response plan in cybersecurity. The line between cyber and physical warfare will likely continue to blur. The skills and mindset required to operate effectively whether you're a cyber defender or a military strategist are remarkably similar. Adaptability, decentralized decision-making, and the ability to function as part of a resilient network are becoming the core competencies of modern conflict, regardless of the domain. The success of networked actors in recent conflicts, both in cyberspace and on physical battlefields, underscores Robb's prescient understanding of how technology and social dynamics would reshape modern warfare. However, it also highlights that networked warfare isn't a static concept, but a dynamic, evolving approach that requires constant innovation to remain effective. As the 21st century marches on, the ability to operate in a networked, decentralized manner and to continually evolve these tactics will likely become even more critical in determining the outcome of conflicts, both large and small, in all domains of warfare. The challenge for both state and non-state actors will be the continuous adaptation and innovation to stay ahead in this new generation of warfare. |
Details
AuthorI'm Luke Canfield, a cybersecurity professional. My personal interests revolve around OSINT, digital forensics, data analytics, process automation, drones, and DIY tech. My professional background experience includes data analytics, cybersecurity, supply-chain and project management. ArchivesCategories
|