Feral Jundi

Friday, March 4, 2011

Cool Stuff: The Control Risks CEO Blog

     Now this is what I like to see!  The smart company is one that can apply effective strategic communications to their specific market.  This is just one tool that can help you to achieve that kind of communications.

     It is also a way for companies to correct the record or express views on a constantly changing market and world. From business owners/bloggers like Tim Lynch of Free Range International to CEO Eeben Barlow of Executive Outcomes fame, blogs are an excellent tool for both that individual to set the record straight or to attract new business for whatever projects they are working on.

     This simple act also gives potential clients and researchers information that will further help them to make better choices or to create more factual publications/articles. Bravo to Control Risks and CEO Richard Fenning for setting this up and this blog is definitely on my Google RSS Reader. –Matt

Hello and welcome to my blog

December 8, 2010

By Richard Fenning

The aim of this blog is to provide you with an informed perspective, as well as personal observations, on the complex and dynamic challenges faced by ambitious organisations operating on a global stage fraught with risk.

This first blog outlines some of the key global trends that will characterise 2011 and beyond. Urbanisation and mega-cities, the worldwide enforcement of anti-corruption legislation and the dominance of China will all have an impact on global business in the year ahead.

It is easy to feel a sense of weariness when contemplating all these challenges. In part, with good reason; the world can seem perilous and increasingly fragile. And at Control Risks, it can be all too easy to see the world through an excessively risk–shaped prism. Like doctors who think the world is full of sick people, and dentists who must feel that there is nothing else to life than crumbling molars, we encounter some of the most hazardous predicaments on a daily basis. So, in this blog I hope to demonstrate that as well as complexity and hostility, our world is more full of opportunity, and occasional bursts of optimism, than ever before in the planet’s history.

Control Risks CEO Bio

Richard Fenning is the Chief Executive Officer of Control Risks. Before becoming CEO, Richard held a number of other roles with Control Risks including Chief Operating Officer, head of the New York office and Business Development Director. He is a regular speaker on how geo-political risk can impact a company’s operations and on the role of the private sector in fragile and post-conflict states. Richard is also a director of emergency medical relief charity, Merlin.

Link to blog here.

Wednesday, October 27, 2010

Letter Of Marque: The Morgan Doctrine–A Blog Dedicated To Exploring The Cyber Privateer Concept

     This is neat. A couple of days ago, Rick Bennet popped up on the blog to discuss the Letter of Marque and cyber privateering and I thought it was cool that he had a blog dedicated to exploring the concepts. This is good because we need more folks with a different eye to pick this stuff apart. Be sure to also check out Rick’s book and I have provided the link below.

     His recent post on Australia and the potential of them issuing a LoM is interesting, and I made the comment that the individual states there are free to structure their constitutions to allow things like ‘bills of attainder‘ . So a state setting up a Letter of Marque might not be a stretch. The Declaration of Paris comes into play as well, but if bills of attainder could be done, I don’t see how a LoM would be a bridge too far? So with that said, here is the link to his blog. –Matt

The Morgan Doctrine

By Rick Bennett

Author of Destroying Angel

     CYBER PRIVATEERS could be the new, effective, and highly paid army of swashbucklers. The Monroe Doctrine stated any attack in the Americas would be considered an attack on the United States. THE MORGAN DOCTRINE (after my fictional Morgan Rapier) asserts that any foreign cyber attack on US-based computers is an act of war, and retaliation (ie, looting) may take place on the perpetrator of that attack, wherever he/she/it may be located. Good policy or just a good novel?

Background: Welcome black hats, white hats and cyber swashbucklers

     The Revolutionary War was fought, financed, and pretty well WON by bonded privateers, legalized pirates who were given Letters of Marque and Reprisal by the Continental Congress and authorized to attack, capture and monetize British ships. The purpose of this site is to explore the possibility of a modern-day doctrine much like the Monroe Doctrine, by means of which the U.S. government could legally and, more importantly, effectively stop international hackers. Current cybercrime law is not only ineffective, but downright stupid. My Linux servers are attacked hundreds of times a day (mostly from China and former USSR domains), yet if I retaliate against those servers with some creative technology at my disposal (I know some VERY smart guys), then I am in violation of federal law and subject to some onerous penalties. We need more than a new law. We need a new international doctrine. I call it The Morgan Doctrine, named after Morgan Rapier, a fictional character I’ve created (hey, this is my way of establishing ownership of the concept, should it ever see the light of day).

     Why a new international doctrine? Simply, nothing else will work. Introduced on December 2, 1823, the Monroe Doctrine told the world to keep their hands off the Americas. Combine this with current legal thinking on “hot pursuit” of fugitives. In 1917 the US Army went into Mexico after Pancho Villa. More recently, in 1960 Israeli Mossad agents abducted Adolf Eichmann from Argentina. Granted, much of the world regards the Eichmann advanture as a violation of international law. I don’t share that opinion and therefore use it as the third leg of my Monroe-Pancho-Aldof platform for The Morgan Doctrine.

     If someone comes into your home and attacks or attempts to rob you, you may shoot them dead. You may do so as long as they expire on your property. But what about cyber criminals? They attack you in your home from their homes. Retaliate in kind, and you go to jail. The Morgan Doctrine states simply that if you attack my computers (or my banking assets held in US-based computers), then under a certain set of well-defined conditions, a licensed and bonded “cyber privateer” may attack you in your home country and split the proceeds with the U.S. government. For the sake of argument, let’s call it a 50-50 split (heh heh).

     Right now, American law enforcement is completely unequipped to deal with the sheer number international cyber hackers. Sure, I could report each of the thousand daily attacks to the FBI, as could the millions of other attackees in the USA. But the volume of such reports would make any meaningful resolution laughable. Not to mention that the FBI has no jurisdiction outside the USA. Yet to make such “enforcement” profitable to recognized (ie, “bonded” “deputized”) privateers, as Heath Ledger’s Joker said in his last role, “Now you’re talking!” You raid our bank accounts, we raid yours. You make money from off-shore child pornography, we’re going to loot your bank accounts and, with some REALLY creative black hat operations, you will be taken off the grid worldwide to the extent that you’ll not even complete a cell phone conversation for the remainder of your miserable depraved life. Okay, that last part probably won’t fly, but you get my drift.

     The purpose of this site is to explore the mechanics, legalities and practicality of The Morgan Doctrine.

     And I will be the sole arbiter of whether or not your comments get posted. As Mel Brooks wrote, “It’s good to be king.”

Link to blog here.

Thursday, June 24, 2010

Building Snowmobiles: Human-flesh Search Warfare

     Sinnreich adds a psychological component. “A lot of us really know next to nothing about what’s really going on militarily in Afghanistan,” he says, “so when a schism like this opens up, we think, ‘There must be more to this.’ ” A “collective detection mentality” takes over, he says, and thousands of people start piecing together thousands of bits of information to get a bigger picture.

*****

     If anyone is wondering how I come up with this stuff, I will explain.  I will read about one interesting concept, store it away in my brain, and then when I hit some trip wire ideas that fit in with that prior concept, some ‘illumination’ occurs. In this case, I was reading about human-flesh search engines a week or so ago, and then the Rolling Stone atomic bomb of a story comes out, and I started putting two and two together.

   First, let’s discuss what each component is and then we can discuss how they fit together, and then finish up on how to weaponize the concept (if possible).  Because if you look at what happened here, the best general that the US had, second only to Petraeus, was effectively removed from his post, all because of what was said in an article and the flash fire effects of new media.  That is one hell of an attack if you could figure out how to reproduce it.

   The first part of the concept is the human desire to want to know.  And the tools we have available to us these days, give us the ability to ‘know’ what is going on very quickly.  The news cycle and people’s ability to get that news, and how it allows us to pass it on to the next guy is mind boggling fast.  It doesn’t combust like a fire, it explodes like a bomb, and new media/social media is the facilitator for everyone who wants to know.

   For example, when the McChrystal ‘Runaway General’ news came out, I had heard about it via Facebook, Twitter, newsletters, updates via email, and my RSS reader.  I also got the news via my iPhone, which means I did not have to wait until I got home to read all of this stuff. The news exploded, and like most, I passed that news on to my network.  I then got to work on posting a blog entry about the thing, because it was a big story.  And so did thousands of other journalists, bloggers, forum participants, etc.  So analyzing the whole thing kicked in instantly as well.

   On my RSS reader, I saw multiple blog posts coming up from all over about the story.  People analyzing and giving opinions, and everyone was reading everyone else’s stuff and trying to come up with the best conclusions.  Partly because they wanted to know the real deal, and partly because they wanted to choose the right angle on the whole thing so they would not look like an ass to their readers and friends. So not only did bloggers want to ‘know’, they wanted to be the ones that looked like they ‘knew’.  All of these bloggers, to include myself, were furiously going over the material as it came out over the internet.  Our business is to know, and believe me, we were trying to do that.

   That process of wanting to know, or what the professor up top worded as ‘collective detection mentality’ is the first part to understand here. We are human, we are competitive, and knowledge is power.  When everyone is fighting to learn and know what is going on, that process creates the informational tsunami.  That information wave can also do much to force an action and create a desired outcome for whomever originally intended to create such a thing.  If you look at how President Obama and the upper command reacted to this incident, it is startling.  This didn’t happen over the course of weeks or days.  It happened virtually overnight and a top general has been removed from power.

     The second concept to look at is the idea of human-flesh search engines.  This is a concept out of China that has equally startling results. If a person is made a target by whomever on a forum, and whatever act this target did was sufficient to bring on interest and vengeance, well then you have all the elements of a human-flesh search.  People want to ‘know’ why this target did what they did, they want to ‘know’ who they are, what they are doing, where they live, and most importantly, they want to make sure the target suffers for any wrong doing.

   It is that power of wanting to ‘know’ that fuels the crowd in sort of virtual lynch mob.  A prime example of this was the whole Jax Desmond affair here on the blog and forums.  When it came out that Jax was lying about who he was, this industry reacted to it much like how the Chinese human-flesh search engines turned out.  My readers were at first picking apart the guy’s lies, which was great, but then you could see on the forums that people wanted vengeance.  Folks were posting his address, real name, etc. and doing all they could to get back at Jax.  In their minds, he deserved everything he got, and each person out there was going to contribute to his demise. My point with this is that a crowd with the desire to ‘know’, coupled with the desire for vengeance against an individual they perceive as bad, can be quite impressive to watch and certainly damaging to the intended target. As a result, the Jax Desmond name is mud in this industry, and when the crowd decided they ‘knew’ enough to act, they quickly dispensed their justice.

      Now let’s put them together, and build a snowmobile.  Could you initiate a human-flesh search attack (HSA), that could create a desired result? I think you can, but only with a multi-faceted approach, and persistence. You must identify your target, identify the element that the crowd would like to ‘know’, and really exploit the virtual mob mentality if that target has done something that would be considered immoral. Your HSA strategy should strive to mimic other incidents that showed all the hallmarks what is mentioned in these two articles, and the examples I have provided. Most importantly, persistence is key, because you cannot say for sure if your HSA will work the first time out.  It would take a constant attack from multiple angles, to be successful. It helps to throw the match in the right places though, and that is the key.  The forest fire analogy fits well with conducting HSA.  If you can keep shooting flares into pockets of unburned fuel, from across the canyon, eventually you will get one of the pockets burning and they will start the fire that you wanted to start.

   The other thing about Human-flesh Search Warfare is defending against such a thing.  Yet again, I look at the forest fire fighting analogy for the defense.  You must create fire breaks to defend crucial aspects of your forest.  Or in terms of what we are talking about here, you must protect yourself or your principle by insuring you have the appropriate defenses in place.  Having journalists from Rolling Stone hanging out with you for a couple of weeks is probably not a good idea–no buffer there.  Making wild and false claims online about your company or your personal actions, would also not be a good idea–not much buffer there either.

     But most of all, you need good intelligence that focuses on you and the enemy.  ‘Know yourself, know your enemy’ as Sun Tzu would say.  Because if you know yourself, you will know what weaknesses, immoralities, etc. that the enemy might possibly use against you in this kind of attack.  Knowing your enemy will help you to figure out their intentions towards you or folks like you, and how they like to conduct HSA. You should also stay up to date with technology and ‘knowing’ yourself. Use the same tools and resources that your enemy uses, if you want to really know what he knows. You can also try to copy your enemy’s strategy and tactics, and add one little technological or operational piece to that package to get an edge.  If your information officer, or whomever is assigned to be your virtual body guard cannot do these basic things, then you should look at firing them. Because this is something any good practitioner of strategic communications or new media should be wary of and try to understand, so they know how to best build that fire break or place the match in the right patch of fuel in the forest.

   Well, let me know what you think.  If I am missing something here, or you have something to add to this stew of ideas, I would be interested to hear what you got.(be sure to read both stories below because they are relevant to this post) –Matt

New media too speedy to outflank

China’s Cyberposse

Edit: 6/25/2010- I wanted to add one more human-flesh search warfare case to this, for further thought.  Wikileaks is an excellent example of the power of human-flesh search, and what it could do to the war effort.  Some Army Intel kid leaked the videos anonymously to Wikileaks, and that was all that was necessary to spark the human-flesh search engine. Media was linking to the videos and site, and overnight, war leaders and politicians had to deal with this.  When that came out, it exploded as well.  But if you look at Wikileaks, what was the element about it, that would attract that Army Intel kid to contribute in the first place.  That is why this is such an intriguing idea to talk about.

——————————————————————-

New media too speedy to outflank

By John Timpane

Jun. 24, 2010

It began as a scattering of acid remarks within earshot of a Rolling Stone reporter. But – thanks in large part to Twitter, the Web, and cable news – barely two days after those remarks were disclosed, a media firestorm ended Gen. Stanley A. McChrystal’s tenure as commander of U.S. and NATO Coalition Forces in Afghanistan.

Fast, overwhelming, decisive: It’s a case study in how tightly connected 21st-century media can whip a story into a full-on tsunami, with startling consequences for individual careers and national policy.

“Rolling Stone broke the story, but it was Twitter that got the story rolling,” says Aram Sinnreich, a media professor at Rutgers University in New Brunswick, N.J. “The peer-produced social media are doing to cable-news networks what cable news did to broadcast. We’ve gone from the one-day news cycle to every hour on the hour to second by second.”

Noah Shachtman, a nonresident fellow at the Brookings Institution and a blogger at Wired magazine, says: “The fact so many of us are networked together enabled the information to spread speed-of-light fast. That turned what might have been a slower-burning flame into an instant conflagration.”

(more…)

Tuesday, October 27, 2009

PMC 2.0: Bullets and Blogs–New Media and the Warfighter

Filed under: PMC 2.0,Publications,Technology — Tags: , , , , — Matt @ 11:37 PM

    Hear me now. All of you CEO’s and upper level management throughout all of the companies need to pay attention.  If you do not have a new media strategy, then you are in the wrong.  Just think of it this way.  Companies invest in vehicles, armor, training, and weapons to protect their contractors, so they in turn can protect their client.  So why are companies not investing in new media protocols in order to protect their clients from information warfare attacks?

   If the enemy attacks your motorcade in a population center, then films the exchange of fire and then purposely shoots a few civilians and then films that, and then claims that they were shot by contractors. Then they post it on the internet immediately afterwards and spreads that poison throughout the new media battle space.  Then all those journalists and contractor haters, along with the John Q public, all take it in and label your company as evil, and without question.  Is your company set up to defend against that? Can you defend against a Nisour Square style propaganda attack?

   How about journalists using new media to promote personal agendas, as opposed to being fair or balanced in their reportage?  Guess what?  That’s a threat to your client as well.  Is your company set up to defend against that? It should be, because if you were fully involved with new media strategy and counter-attacks, then you would have the foresight to do what is necessary.  It is called being prepared–one of the many tenets of Jundism.

   The report below can be summed up in one main theme:

Recognize that the winning strategy is “information engagement,” not “information control;” 

Embrace new media as a significant enabler of “that element of combat power called  information;” 

   So is your company set up for ‘information engagement’?  From the looks of it, most of the companies out there are doing a terrible job of information engagement.  And believe me, I am a security contractor who also happens to be a new media practitioner, and I have yet to see any of the companies take the necessary measures to operate in the new media battle space.  At least the military is talking about it, and bravo to them. –Matt

——————————————————————

Executive summary

Winning in the new media battlespace: Workshop top takeaways

For the U.S. military, new media and the Global Information Environment (GIE) present sustained challenges and opportunities. In recent years, new adversaries — armed with new media capabilities and an information-led warfighting strategy — have proven themselves capable of stopping the most powerful militaries in the world.

The current and future geo-strategic environment requires preparation for a battlespace in which symbolic informational wins may precipitate strategic effects equivalent to, or greater than, lethal operations. It demands a paradigm shift away from an emphasis on information control and towards information engagement. It will require cultural and organizational change within the Department of Defense (DOD) as it adapts to the world of digital natives – its own savvy Soldiers, Sailors, Airmen and Marines and their communicative expectations, proclivities, potential and risk; as well as its current and over-the-horizon opponents. Most of all, it will force the sustained adaptation and transformation of the way the U.S. military thinks and fights.

(more…)

Monday, September 28, 2009

Technology: Google Translation Tool, and Reaching Out to the Rest of the World

     This is an awesome tool.  Feral Jundi is read by mostly english literate folks from all over the world, and now with Google Translator, we can reach everyone else. And believe me, I get emails from security contractors or individuals interested in the business from all over the world, and this makes total sense to better serve this group.

     So this is how Google Translator (parked at the right on FJ) works. You hit the arabic button for example, and bam, FJ is in arabic!  Although I am sure the literal translations probably get a little mixed up, but either way, it is still a translated copy of FJ.

    From what I gather, my friends who might speak english but cannot read it, use their own translation services to read blogs like this. I am sure a few already use Google Translator, and maybe in the comments section we can get some good feedback about other translation tools.

    But what is cool about this Google Translator tool is that there is a mechanism now on this site that you can use to pump out a quick translation of the site.  That makes FJ more useful and accessible than ever before. Although, if you write back to me, please use this free google translation service, and cut and paste in the email what you want to say to me. –Matt

« Newer PostsOlder Posts »

Powered by WordPress