“The principal characteristic of twenty-first-century international relations is turning out to be nonpolarity: a world dominated not by one or two or even several states but rather by dozens of actors possessing and exercising various kinds of power. This represents a tectonic shift from the past.”

“Today’s world differs in a fundamental way from one of classic multipolarity: there are many more power centers, and quite a few of these poles are not nation-states. Indeed, one of the cardinal features of the contemporary international system is that nation-states have lost their monopoly on power and in some domains their preeminence as well.”

-Richard Hass, Head of the Council on Foreign Relations and former head of Policy Planning at the U.S. Department of State, writing in 2008.

Google’s rise over the past ten years has coincided with and arguably assisted in the creation of extra-state entities, which can project enormous power globally. The equation can be simplistically stated: in an information economy, control of information equates to raw power. The Industrial Revolution fueled the British Empire, control of markets fueled the American Empire, control of information is fueling the Google empire. In the space of ten years, the Internet has gone from supporting pets.com to being the pre-eminent vehicle for projecting power. However, the continuation of the open Eco-system of information, innovation and development, which has provided the platform for this success is not assured (as has been highlighted by a variety of Internet scholars and strategic thinkers). Open systems are messy, and therefore, closed wall Internet systems may grow in popularity as consumers seek protection from some of the anarchy that reigns online. This scenario is not new. The United States is the original messy open political system and by managing to control this method of organizing society it became a super-power. China offers an alternative: a closed wall system to protect its citizens from the anarchy of open society. Google has been the champion of the open Internet. Just as American exceptionalism has driven the United States to intervene globally to uphold Jeffersonian values, Google intervenes in FCC auctions to ensure the open access to information. Of course the commercial imperative cannot be denied – the United States has financially benefited from promoting the market state, and Google financially benefits wherever there is an open (uncensored) Internet. It has been unclear whether Google would ever seek alliances with nation-states given its extra-territorial virtual nature, but that time appears to have arrived.

Google V China

A clear power realignment is emerging – it is messy and complex, and places some companies, individuals and organizations on a par with nation-states in terms of conducting foreign policy and projecting power. The two opposing factions developing from this realignment look to be those that prefer open standards politically with regard to information, against those who tend toward closed systems. The United States and Google are natural allies in this re-alignment, while China fits more easily with companies such as Comcast, AT&T and other proponents of walled-systems. The diplomatic mystery is Microsoft. While clearly a proponent of and beneficiary of closed systems in business, it has thrived in a open political system. Microsoft seems almost to lean towards China rather than the United States, but at the same time cannot be blind to the dangers of this approach and not realize its natural long-term limitations.   For now Microsoft is expertly balanced.  While Google Versus China is the first major tremor in this re-alignment, more will follow.

Google’s decision to re-examine its China policy and confront the Chinese government should illuminate the nature of the current Chinese system to any business observer: the total use of state power to pursue Chinese aims, including the persistent and ruthless use of all facets of the state intelligence machinery to gain an advantage over their business, political and military rivals. China has reportedly spent heavily on cyber-warfare and espionage capabilities. This investment is being well used. Western governments have long been aware of the nature of the Chinese threat, but it has taken the actions of Google to illuminate this same threat to western businesses with any kind of intellectual property to protect, which is surely all of them.

Samuel Huntington wrote about a post-Cold War “Clash of Civilizations.” What we are now seeing could be more accurately described as a “clash of systems”, which will define the real diplomatic, security, and political challenge of our age. If periodic terrorist plots are still the main security challenge for the United States President in twenty years, the world will be fortunate. It would also likely mean that the United States and its allies prevailed in its greater strategic fight.

Although the power of the United States is fading, its legacy as the sole super-power has left it with certain advantages which should be rapidly exploited by both its explicit traditional allies or its implicit emerging allies from extra-state groups. The United States continues to possess unrivalled military power, befitting its great power status. This shouldn’t be confused with the insurgency wars it has become embroiled in; great power warfare is a different platform. As a result of its recent history, the United States controls the world’s neutral spaces: air, sea and space. From these platforms its extra-state allies, such as Google, could aim their primary weapon – information – at the opposition. Access to a free and open Internet is the key unit of power projection in the coming battle. A fact clearly recognized by Secretary of State Clinton during her recent remarks on Internet Freedom.  Broadcasting free and open Internet service into China or Iran from these neutral spaces controlled by the US military is the correct response from the open-systems alliance. A company with reputedly the world’s best engineers and the country with the most advanced space program should be able to surmount the technical challenges involved. There are numerous precedents when free movement of information [data] have helped crash closed political and information systems: Radio Free Europe feeding news to Soviet dissidents during the Cold-War or more recently, P2P file-sharing networks upending the music industry. As well as broadcasting the free-Internet into hostile space, western Internet companies should help break-down the Great Firewall of China by supporting open-source efforts to hack it, circumvent it, re-wire it and otherwise make it as redundant as the Maginot Line. As the west continues to wring its hands about its opponents, it should look to its most powerful weapon, one which has served it well since the dawn of the enlightenment: information.

In order to realize this objective, the open-systems alliance needs to recognize it is already in a battle. Western governments, led by the US, has been under few illusions about the Chinese government’s military and intelligence apparatus, and the danger it presents for at least ten years. Google is now clearly aware of the persistent danger it faces from Chinese state power, but this message needs to be understood more widely. This is not a benign situation. Furthermore, in a multi-polar world, extra-state power centers such as Google need to embrace their changed ‘great power’ status and organize accordingly. They must develop political and diplomatic alliances, but more crucially understand that if you seek to control, store, analyze, create, or network information you should not be surprised to find yourself in the cross-hairs of the traditional practitioners of this craft: spies and their masters. ]]> http://interrain.net/open-versus-closed-systems/feed/ 0 http://interrain.net/use-the-machine-to-rage-against-the-machine/ http://interrain.net/use-the-machine-to-rage-against-the-machine/#comments Wed, 06 Jan 2010 07:40:36 +0000 Interrain http://interrain.net/?p=156

New Power is in Networks

There are many ‘coming of age’ moments for social media, Twitter is said to have ‘come of age’ during last years attempted Iranian counter-revolution, or Facebook ‘came of age’ during the 2008 US Presidential campaign .  However, the most telling connection of social networks, micro-payments and actual social movement was the Christmas 2009 campaign to install LA rock band, Rage Against the Machine as the Number One hit song in the UK.  For the past number of years the UK Christmas Number One single has been set-up by Simon Cowell’s X-factor TV talent show series – the winner usually goes on to achieve the Number One slot for Christmas.  However, this year in a grassroots rebellion a Facebook group was started to topple this monopoly and install the Rage Against the Machine single, ‘Killing in the Name“, [the song feature the key protest line, "F*ck you I won't do what you tell me"] as Number One.

Back when the song was originally released in 1992 the chances of Rage Against the Machine effecting any direct social change were minimal [although the music was a instant revolutionary soundtrack], but due to the restructuring of global information networks a cause, such as this, can gain power – and through the use of micro-payments [in this case music downloads] can effect real-life change through a virtual medium.  The power to shape opinion has migrated from old media to grassroots virtually networked campaigns.  This is a real power shift.  So while the Iranian Twitter moments were interesting they are yet to be decisive, whereas the power to conduct grassroots real social change lies in democratic wired countries.  These tools have yet to be fully harnessed and there are systemic cut-outs which prevent this virtual nirvana or dystopia [depending on your perspective] from currently coming to fruition.  These cut-outs will diminish with time.

For example the UK’s general election is scheduled to be held within six months, an insurgent political party could harness the Rage Against the Machine effect to break down old power structures by electing a new political party or giving the Liberal Democrats a chance.  However, there is a physical disconnect between a virtual campaign and a political vote in a way that doesn’t exist with a ‘Rage Against the Machine campaign’.  With music downloads you can vote virtually and instantly by paying to download the music.  In political campaigns you have to wait until the day of the election and physically go to a polling station.  Therefore, the virtual chain is disrupted. Additionally, not all areas of democratic countries are equally wired or comfortable with online activity.  These barriers will collapse as citizens are offered more services online – indeed the UK experimented with online voting in 2003 and 2004 in local elections. Technology is neutral as to whether it would be a good or bad turn of events to have traditional power structures broken from below and there is a substantial danger than extremists could hijack these new levers.

Power shifts have clearly knocked established media industries over the past few years [mostly to the benefit of the consumer] but these same changes will displace a variety of established interests over time as networks become more powerful – this may not be beneficial to citizens.  This overall point is not a new one, but understanding how social networks, micro payment structures, rapid access to information and geo-coded data are rapidly meshing together is the key to understanding emerging bottom-up power structures and planning for their arrival.

There is a wealth of information available relating to climate change, what isn’t available is local or individualized synthesis to make sense of this data for an organization.  The terms, ‘increased resource competition’, ‘water scarcity’, ‘extreme weather events’ and ‘coastal flooding’ are all in the popular consciousness– but what would all this mean for governments, companies or individuals?  Given the interconnected nature of environmental systems this is tough analytical work but increasingly looks highly necessary especially when considered projects with longer time horizons.

This map shows projected sea-level rise; the bar at the bottom is in centimeters.

Of all the trends to watch in the climate change space the rise in sea levels appears to be the most important physical effect to monitor.  Given the complexity of the overall environmental system year-to-year temperature fluctuations are best ignored in favor of looking at the oceans.  Sea level rise is the best available measure of the earth’s heat balance because it comes from only two things – the melting of the glaciers and the expansion of water as it warms.  Sea level is therefore the thermometer that indicates true global warming.  This rise in sea levels is not predicted to be uniform, with greater change in the northeastern United States than California (as shown in diagram to the left).  Understanding these local variances can be an organizational priority.

There are clearly some intriguing questions sitting out there in this space.  How will climate change, motivate or create terrorist movements?  Will MEND become the global model for localized resource insurgency focused on water rather than oil?  Will a violent environmentalist group take the place of the largely ineffective Earth Liberation Front (ELF) as climate change becomes a visceral reality?  Whatever the answers to these questions climate change should now form part of security analysts thinking – in contrast to the ineffective cat and mouse activist games at these global gatherings – the oceans rising temperature will have a measurable effect.

[Links to InTerrain data on Earth Liberation Front - Incident List Spreadsheet - Incident Map using Bing]

Destroying or attacking brands isn’t a new idea, however it is acquiring more potency with the ubiquitous use of social media and the ability to seed negative themes about brands now massively distributed — rather than concentrated in the hands of a top down media system. The company Interbrand produces an annual list of the most valuable brands and goes so far as to ascribe a dollar figure to the brand itself.  Examining the methodology for ascribing a dollar figure to the brand also illustrates how the brands are more vulnerable than ever before to being disrupted at critical points in their value chain particularly where the brand connects with the customer or potential customer.  Disconnecting customers from the brand can clearly be achieved by a targeted use of disinformation emanating from the lower reaches of the world’s wired social networks.  Most companies have experienced some version of this, one of the most long-standing examples is the disinformation campaign mounted against Starbucks, which in its various iterations claims the company refused to ‘give free coffee to western troops fighting in [insert name of war]’.  Starbucks have used the web to deny this but still the message continues to be re-worked and re-used.  It has become clear that the only way to fight an online crowd is with another online crowd but those cannot be simply manufactured but building up online supporters is as important as building loyal customers.

Much of this isn’t news but the ability to apply these principles at an individual level within any given society is becoming more pronounced.  Attacking an individual’s reputation by either hijacking their online identity or surrounding their virtual identity with damaging information is currently a relatively easy proposition.  Anyone savvy enough to know how a search engine is powered, how to manipulate social networks and how to sign-up for the myriad of free online networks and services can launch devastating reputation attacks against individuals by hijacking or smearing their personal brand.  Very little technical knowledge is required to be effective.  This is likely to become a significant trend in the near-term as digital natives play out rivalries in virtual spaces leaving employers, credit agencies and any other outside assessor bemused by how to assess the human sitting in front of them.

So what are the potential solutions to this problem?  There certainly appears to be room for services, which monitor protect and defend virtual brands – this has been happening at a company level but has not migrated down to an individual level [spinhunters appeared to be operating in this space – the blog post on reputation nightmares for CEOs is particularly instructive]. But this is all first generation attack and response planning — second generation activity in this space is potentially much more devastating.  The professionalization of hacking combined with the collection of data scraped from a variety of digital sources means that sophisticated disinformation campaigns can be aimed at any of the brands listed by Interbrand and no doubt could put a significant dent in the dollar figure ascribed to them.   A well designed and well-targeted information attack would also hamper the brands ability to respond by disrupting internal systems and surrounding key executives with a kind of micro-information war.

What is the response to this?  Can you build an early warning system?  Are there Information Warfare Minutemen?  The answers are hard to discern but finding them will form a critical part of defending individual and corporate brands.  Programs can certainly be put in place now to understand the information patterns swirling around individuals or organizations – getting and understanding a baseline of the information terrain you are currently operating within should now be a key security metric.

Book Cover of the 1929 version of 'The Crab Cannery Ship'

This against the backdrop of over a decade of economic stagnation and a global economic crash – if the Japanese Communist Party had an opening this was certainly it.  There had been an increasing interest in the ideas surrounding the Japanese Communist Party – exemplified by the unexpected publishing success of 2008, Kanikōsen 蟹工船, (The Crab Cannery Ship).  Written in 1929 by Kobayashi Takiji, the book tells the story of a cannery ship and its workers in northern Japan: their desperation, their wretched prospects, their exploitation at the hands of the ruling class and eventually what they do about it.  Kobayashi later joined the Communist Party and was tortured to death by the police in 1933.  The book had combined total sales of 1.5 million until 2008, when it was re-printed and it sold out across Japan equaling sales of the book for its entire lifetime in one year.  This looked like a pre-cursor to a political re-alignment.  However, this has not translated either to revolutionary action or even a greater number of votes for the Communist Party of Japan.  Therefore, something else must be going on.

Manga Version of 'The Crab Cannery Ship'

This ties into the start of 2009 when there were a number of predictions (mainly by European police and intelligence agencies) that the world was likely to see a ‘summer of rage’ and a concurrent potential revival of left-wing terrorism.  This clearly has not happened and the risk (if it ever existed) is receding as the financial system stabilizes.  The failure of communist parties and other left-leaning movements to exploit the financial crisis politically or on the street could have the opposite effect than that predicted at the start of 2008, that is a re-thinking of revolutionary action and politics away from traditional models.  There is some revolutionary theory developing in this space through the publication of the ‘Coming Insurrection’ jumping out of France and the Tarnac9 case.  This manifesto pulls together the hopelessness of the consumer age, impending environmental destruction and packages it with the flavor of an Internet manifesto.  Similarly, from a tactical standpoint the riots in Greece, should have shown the way to other western street protest movements, but these tactics involving rapidly networked information flow have not been picked up or used effectively elsewhere.  Therefore, while traditional left-wing revolution may have lost its appeal it is too early to say whether an Internet enabled revolutionary doctrine could take hold of activists’ imagination.  So far, the traditional left-wing sources of resistance have been shown to be as bankrupt as the banks, which precipitated the crisis.  It will be interesting to see what, if anything takes their place.

For now the costs are pretty high at $2,000 an hour, but as with all technology driven innovation this is likely to come down. There is also of course the option of building your own UAV’s an idea boosted by the editor of Wired Magazine, Chris Anderson. His DIY Drone’s blog gives a wealth of information on developing your own UAV. However, renting time and perhaps more crucially, analysis from one of the entrants into this new market will no doubt become of feature of future private intelligence analysis.  As timeshare private jet companies struggle in the downturn they may want to diversify into UAV’s — from NetJets to NetUAV’s.

The Spime we developed in conjunction with two of the SU students was an Intelligence tool – ‘citizen as sensor’. Taking as a start point the success that the Ushahidi project had in tracking both Kenyan post election violence and war-time activity in the Gaza strip we speculated on what an autonomous app might look like, which ran on a smart phone applying a similar theme. Using the idea of unique sound signatures our app, in its first iteration, ‘listened’ for sounds to report them back to a central database. Sounds such as gunfire, military vehicle movement or even militia on horseback provide a unique signature, which could then be used to provide a much richer intelligence picture of events on the ground. Over time other sensors could be layered into the app to monitor the environment for chemical or biological agents or to provide rapid analysis of images. As a system we conceived of this as an open environment. As a quid pro quo for participation, the citizen has the option to subscribe to areas of local interest for feedback, planning and awareness.

The technology clearly already exists for this kind of app, identifying unique sound signatures using a smart phone is present in shazam [which identifies the song playing in a particular locale] the collection of unique sound signatures is also beginning to extend in a variety of different areas including mosquito’s. Therefore empowering global citizens to collect a richer level of local intelligence is clearly currently within reach and could be used for their own benefit.

Of course the downside of such a system would be the ability of the bad actors to also use and abuse the data. So far studies on the effectiveness of systems like Ushahidi have shown it remains effective even allowing for misinformation attempts. However, this remains a potentially insurmountable concern. Secondly is the actions of national governments who could shut down cell networks or put pressure on hardware providers to take certain applications down [this last scenario is becoming a constant with Apple’s iphone]. There are some potential solutions for this, P2P cell phone functionality seems like an obvious one, as well as the broad adoption of open platforms such as Android.

While Spime networks seem futuristic they are already here and present current opportunities to collect a richer intelligence picture than was previously possible. It takes little imagination to conceive of a DHS or even NYPD smart phone applications that monitors local conditions based on sound signatures and feeds them back to both government responders and the community of users. Many companies are already offering cell phone tracking services to monitor executives who are traveling overseas – these are the First Gen attempts at this. The future of intelligence collection may be sitting in the Apple App Store.

Given the plethora of software modern jets rely on it seems reasonable to assume that these systems could be compromised by code designed to trigger catastrophic systemic events within the aircraft’s navigation or other critical electronic systems. Just as aircraft have a physical presence they increasingly have a virtual footprint and this changes their vulnerability. A systemic software corruption may account for the mysterious absence of a Mayday call – the communications system may have been offline. Designing airport and aviation security to keep lethal code off civilian aircraft would in the short-term, be beyond any government civil security regime. A malicious code attack of this kind against any civilian airliner would, therefore be catastrophic not only for the airline industry but also for the wider global economy until security caught up with this new threat. The technical ability to conduct an attack of this kind remains highly specialized (for now) but the knowledge to conduct attacks in this mold would be as deadly as WMD and easier to spread through our networked world. Electronic systems on aircraft are designed for safety not security, they therefore do not account for malicious internal actions.

While this may seem the stuff of fiction in January 2008 this broad topic was discussed due to the planned arrival of the Boeing 787, which is designed to be more ‘wired’ –offering greater passenger connectivity. Air Safety regulations have not been designed to accommodate the idea of an attack against on-board electronic systems and the FAA proposed special conditions , which were subsequently commented upon by the Air Line Pilots Association and Airbus. There is some interesting back and forth in the proposed special conditions, which are after all only to apply to the Boeing 787. In one section, Airbus rightly pointed out that making it a safety condition that the internal design of civilian aircraft should ‘prevent all inadvertent or malicious changes to [the electronic system]‘ would be impossible during the life cycle of the aircraft because ’security threats evolve very rapidly’. Boeing responded to these reports in an AP article stating that there were sufficient safeguards to shut out the Internet from internal aircraft systems a conclusion the FAA broadly agreed with – Wired Magazine covered much of the ground. During the press surrounding this the security writer Bruce Schneier commented that, “The odds of this being perfect are zero. It’s possible Boeing can make their connection to the Internet secure. If they do, it will be the first time in the history of mankind anyone’s done that.” Of course securing the airborne aircraft isn’t the only concern when maintenance and diagnostic systems constantly refresh while the aircraft is on the ground. Malicious action could infect any part of this process. While a combination of factors probably led to the tragic loss of flight AF447 the current uncertainty serves to highlight a potential game-changing aviation security scenario that no airline or government is equipped to face.