Information Warfare and Organizational Decision-Making For a listing of recent titles in the Artech House Information Warfare Series, turn to the back of this book. Information Warfare and Organizational Decision-Making Alexander Kott Editor artechhouse.com Library of Congress Cataloging-in-Publication Data A catalog record for this book is available from the U.S. Library of Congress. British Library Cataloguing in Publication Data A catalogue record for this book is available from the British Library. ISBN-10: 1-59693-079-9 ISBN-13: 978-1-59693-079-7 Cover design by Yekaterina Ratner © 2007 ARTECH HOUSE, INC. 685 Canton Street Norwood, MA 02062 Allrightsreserved.PrintedandboundintheUnitedStatesofAmerica.Nopartofthisbook maybereproducedorutilizedinanyformorbyanymeans,electronicormechanical,includ- ing photocopying, recording, or by any information storage and retrieval system, without permission in writing from the publisher. Alltermsmentionedinthisbookthatareknowntobetrademarksorservicemarkshave beenappropriatelycapitalized.ArtechHousecannotattesttotheaccuracyofthisinforma- tion.Useofaterminthisbookshouldnotberegardedasaffectingthevalidityofanytrade- mark or service mark. 10 9 8 7 6 5 4 3 2 1 Contents Introduction ix CHAPTER 1 Know Thy Enemy: Acquisition, Representation, and Management of Knowledge About Adversary Organizations 1 Introduction to Organization Warfare 2 Organizational Intelligence 6 Leadership Analysis 12 Social Network Modeling and Analysis 14 Representative Analytic Process and Tools 19 Application Considerations 23 Endnotes 25 CHAPTER 2 Learning from the Enemy: Approaches to Identifying and Modeling the Hidden Enemy Organization 29 An Elusive Enemy 29 Domain of Organization Identification 31 Adversary Identification Research 33 Identification Focus: Definition of Command and Control Organization 36 From Structure to Strategy: Characterizing Behavior of a C2 Organization 38 Looking Beyond the Smoke Screen: Definition of Observations 42 Discovering the Dots: Finding Identities of Actors 45 Connecting the Dots: Discovering Patterns of Interactions and Activities 48 Behavior Learning and Simulating Enemy Activities 53 The Overall Process of Identifying Enemy Command and Control 55 Experimental Validation of the Organization Identification Process 57 References 59 CHAPTER 3 Who’s Calling? Deriving Organization Structure from Communication Records 63 The Tasks 64 CCR Structures and Their Graphical Representation 64 The Ali Baba Scenarios 66 Social Network Analysis 67 Previous Work Exploiting Time in Social Networks 71 The Windowing Down the Lines (WDL): The Algorithm 73 The Scenario 74 v vi Contents The Data 74 Formatting the Data 74 Time Windowing 75 Time Overlapping 77 The Algorithm 79 Simple Simulation Tests 81 Evaluation of WDL with the Ali Baba Datasets 82 Without Topics 82 With Topics 84 The RSF Algorithm 86 References 88 CHAPTER 4 Means and Ways: Practical Approaches to Impact Adversary Decision-Making Processes 89 Planning Operations for Organization Impact 90 Targeting Decision-Making 93 Targeting the Entire Organization 94 Effects-Based Targeting 95 Inducing Effects for Defeat 100 Denial or Destruction 101 Disruption 103 Deception 104 Direction and Reflexion 105 Targeting for Effects 107 Vulnerability Assessment 108 Plan Development 108 Strategic Analysis 109 Organization Behavior Analysis 109 Application Considerations 110 Endnotes 111 CHAPTER 5 Breakdown of Control: Common Malfunctions of Organizational Decision-Making 115 Tardy Decision 117 Low and High Threshold 120 Excess of Timidity or Aggressiveness 121 Self-Reinforcing Error 122 Overload 124 Cascading Collapse 125 Misallocation of Authority 127 Lack of Synchronization and Coordination 128 Deadlock 131 Thrashing and Livelock 132 Acknowledgments 133 References 134 Contents vii CHAPTER 6 Propagation of Defeat: Inducing and Mitigating a Self-Reinforcing Degradation 135 A Simple Model for Self-Reinforcing Decision Overload 136 Propagation of Disruptions in Organizations 141 Active Compensation 144 Dynamic Reorganization to Mitigate Malfunctions 146 Modeling Team Decision-Making: Decision Responsibility and Information Structure 147 Measuring Decision-Making Performance 150 Forecasting Decision Requirements 151 A Simulation of the Firefighting Example 151 Mitigating and Inducing Malfunctions 153 Acknowledgments 156 References 156 CHAPTER 7 Gossip Matters: Destabilization of an Organization by Injecting Suspicion 159 Is Gossip Good or Bad? 160 What Is Gossip? 162 Anonymous Information Exchange Networks 163 Hypothetical Organization, Part I: It’s All Bits 164 Hypothetical Organization, Part II: Miscreant Markets 165 TAG Model Overview 167 The Mechanisms of Trust 169 Trust Model 169 Honesty Models 171 Gossip Model 171 Gossip and Disruption 172 Setting the Baselines 172 A Virtual Experiment in Disruption 173 Results of TAG Experiments 174 Interpretation 175 Giving and Taking 177 Acknowledgments 181 Endnotes 181 CHAPTER 8 Crystal Ball: Quantitatively Estimating Impacts of Probes and Interventions on an Enemy Organization 191 Organizational Analysis Approach 192 Organization’s Options for Dealing with Mission Complexity 192 Enemy Organization Dynamics and Counteraction Strategies 193 Actionable Implications 194 Main Methods 195 Developing Strategies Against Enemy Organizations 195 Probe Identification 196 viii Contents Intervention Planning 196 Test-Case Scenario: A Human-Guided Torpedo Attack on a U.S. Military Vessel in a Foreign Port 197 Enemy Organization Model 199 Enemy Mission Complexity Characteristics 200 Estimating Impacts of an Example Probe 203 Estimating Impacts of Example Interventions 205 Analytical and Numerical Methods Underlying VDT and Related Approaches 207 Organization Modeling and Strategy Development with SimVision 208 Implications for Detecting and Defeating Enemy Organizations 211 References 211 CHAPTER 9 Organizational Armor: Design of Attack-Resistant Organizations 213 How Organizations Cope with Disruptions 214 Attack-Resistant Design Solutions 218 Organizational Design Formalism 221 Precursors for Superior Organizational Performance 222 A Computational Approach for Predicting Organizational Performance 225 Normative Design of Robust and Adaptive Organizations 228 Empirical Validation of Normative Design Methodology 230 Reverse-Engineering Organizational Vulnerabilities 233 Robust and Adaptive Designs of Attack-Resistant Organizations 236 Illustrative Example—Redesigning an Organization to Enhance Attack Resistance 242 Example Scenario 242 Enemy Attacks 245 Redesign Principles 246 Attack-Specific Courses of Action 247 Engineering for Congruence with Mission in the Face of Attacks 248 Adaptation 250 Analyze Organizational Design 251 References 252 About the Authors 257 Index 265 Introduction Organizations are among the most valuable and yet most fragile structures of our civilization. We rely on organizations to obtain information, to comprehend and processinformation,toaccumulateandinternalizeinformation,tomakedecisions basedinpartonthatinformation,andtoexecutethosedecisions.Organizationsare ubiquitous because they are indispensable. From the most primitive to the most complexsocieties,organizationsofvarioustypeshaveconstitutedthebackboneof societal decision-making. This book explores recent developments in computational solutions to prob- lemsofexploitingormitigatingvulnerabilitieswithinorganizationaldecision-mak- ing processes. It describes a range of computational techniques that can help to guide attacks on an adversary’s organization or the defense of one’s own. Fromanengineeringperspective,theapplicationsofthetechniquesdescribedin this book cover a broad range of practical problems. They include planning and commandofmilitaryoperationsagainstanenemycommandorganization,military andforeignintelligence,antiterrorismanddomesticsecurity,informationsecurity, organizationaldesign,militarypsychologyandtraining,managementpractice,and organizational computing. In particular, one discipline—information warfare [1]—traditionallypaidspecialattentiontoissuesrelatedtoattackinganddefending military command organizations. Computationalapproachesapplicabletosuchproblemsoriginateinseveralsci- entificdisciplines:computationalorganizationtheory,organizationalandmanage- mentsciences,artificialintelligenceplanning,cognitivemodeling,andgametheory. A key objective of this work is to demonstrate important close relations between ideas coming from such diverse areas. Thereareseveralreasonswhytheauthorsbelieveabookonthistopicispartic- ularlytimelynow.Earlier,inthe1990s,researcherswereattractedtorelatedtopics inthecontextofinformationwarfare,particularlyinthesubfieldofcommandand controlwarfare[2],andintechniquesforsimulatingcommandandcontrolorgani- zationsforsimulation-basedwargaming[3].Morerecently,thebreadthanddepth of related research have extended dramatically. The number of publications and conferencesrelatedtoorganizationalmodelingandanalysishasgrownbyanorder ofmagnitudeinthelastfewyears.Thisphenomenalgrowthwaslargelyduetothe aftermathoftheSeptember11,2001,terroristattack[4]andtheresultingattention to(1)ways tounderstandandinfluenceterroristandinsurgentorganizations, and (2) concerns about the vulnerability of domestic organizations. Additional interest in these issues is spurred by massive (and expensive) transformationalprocessesintheU.S.military.Itisaccompaniedbytherethinking of approaches to organizing the command structures and processes in the age of information dominance and massive pervasive networking [5]. It is also accompa- ix