diff --git a/_collections/_hkers/2021-09-08-al-qaeda-and-isis-2021.md b/_collections/_hkers/2021-09-08-al-qaeda-and-isis-2021.md new file mode 100644 index 00000000..61c0a7c9 --- /dev/null +++ b/_collections/_hkers/2021-09-08-al-qaeda-and-isis-2021.md @@ -0,0 +1,142 @@ +--- +layout: post +title : Al Qaeda And ISIS 2021 +author: Katherine Zimmerman +date : 2021-09-08 12:00:00 +0800 +image : https://i.imgur.com/nbHR8ws.jpg +#image_caption: +description: Al Qaeda & ISIS 20 Years After 9/11 +excerpt_separator: +--- + +_Twenty years after the 9/11 attacks, the global jihadist movement has more fighters in more countries than ever before._ _The way Salafi-jihadi groups, including al Qaeda, have sought to achieve their aims has evolved since 2001, but the core belief that violent jihad must be waged to restore Islam in Muslim societies has not changed._ + +Osama bin Laden and al Qaeda had prioritized the fight against the United States and the West — the “far” enemy — while delaying attacking the regimes in Muslim-majority states — the “near” enemy. By contrast, Abu Bakr al Baghdadi and the Islamic State prioritized the near war over the far war, while still seeking to inspire attacks in the West. + +The United States and its allies, meanwhile, developed sophisticated counterterrorism and intelligence capabilities to disrupt and prevent terror attacks. The threat from the global jihadist movement subsequently shifted in new directions. In 2021, key trends included: + +- Counterterrorism operations have weakened the elements of the Salafi-jihadi movement focused on the far war against the United States. Publicly available information shows only two groups have conducted attacks that have killed Americans since January 2020. The December 2019 attack at Naval Air Station Pensacola, which killed three Americans, was the last successful directed attack in the United States. It was linked to al Qaeda. + +- Salafi-jihadi groups are increasingly prioritizing the near war. They have opted to seize opportunities within Muslim lands, particularly as the United States and other major powers have chosen not to intervene in local insurgencies. Most of their activities focus on local conflicts, targeting opposing forces and building support within indigenous populations. They haven’t entirely given up on the far war, though, given that a plot by al Shabaab to hijack aircraft was broken up as recently as 2019. Nor have al Qaeda or the Islamic State stopped seeking to inspire would-be recruits to conduct attacks at home in the West. + +- The Salafi-jihadi movement is strengthening, especially in Africa. Deteriorating local conditions and shifts in counterterrorism priorities have created growth opportunities for Salafi-jihadi groups, even those that have been significantly degraded. The insinuation of Salafi-jihadi groups into local insurgencies has rendered more conventional counterterrorism interventions less effective. + +The Taliban’s announcement of its government for the “Islamic Emirate of Afghanistan” on September 7, 2021, heralded a new era under the fundamentalist interpretation of Sharia, or Islamic law, that Salafi-jihadi groups support. Salafi-jihadi groups had already celebrated the Taliban’s victory over the U.S.-backed Afghan forces after the U.S. and NATO withdrawal. The global movement has been reinvigorated, taking the Taliban’s success as proof of a winning strategy. + +Moreover, foreign fighters have reportedly traveled to Afghanistan, adding to the thousands already present in the country. The Taliban’s Afghanistan will almost certainly provide Salafi-jihadi groups a sanctuary to strengthen themselves for their own fights globally. + +![image1](https://i.imgur.com/vWGcSrj.png) +_▲ __AQAP:__ al Qaeda in the Arabian Peninsula. +__AQIS:__ al Qaeda in the Indian Subcontinent. +__AQIM:__ al Qaeda in the Islamic Maghreb. +__ISCAP:__ Islamic State Central Africa Province. +__ISEA:__ Islamic State East Asia. +__ISGS:__ Islamic State in the Greater Sahara. +__ISIS:__ Islamic State in Iraq and al Sham. +__ISKP:__ Islamic State Khorasan Province. +__ISSP:__ Islamic State Sinai Province. +__ISWAP:__ Islamic State West Africa Province. +__JNIM:__ Jamaat Nasr al Islam wa al Muslimin._ + + +### Behind the Scorecard + +Salafi-jihadi groups globally have proven to be resilient since the Global War on Terrorism began in 2001. All groups have been able to recover from key leadership losses. They have increasingly embedded in local conflicts, which has required them to respond to shifting dynamics within insurgencies. This adaptation as well as the targeting of externally oriented terror cells by the United States and its partners has degraded the components of groups focused on the global jihad. + +Salafi-jihadi groups have achieved some of their objectives despite pulling back from the far war. They have retained the ability to reconstitute even in theaters where counterterrorism campaigns have weakened them. Groups have held together because the political and socioeconomic conditions that originally drove recruitment remain in place. Moreover, they have capitalized on popular grievances and local instability worsened by the coronavirus pandemic. + +Foreign fighters who have returned to their homelands from Iraq and Syria pose a looming threat. They are better situated to conduct local terror attacks or travel to join other Salafi-jihadi groups. These fighters may also travel to Afghanistan as it again becomes a destination for the development of a Salafi-jihadi cadre. + +#### Africa + +The influence and activities of Salafi-jihadi groups have spread across the African continent, catalyzed in part by local conditions and weak governments and security forces. + +In East Africa, al Shabaab, which controls parts of south-central Somalia, continues to challenge Somali security forces and African Union peacekeeping troops. It has exploited Somali security forces’ preoccupation with election-related activities, a partial drawdown of African Union peacekeeping forces, and the withdrawal of U.S. military forces from Somalia to expand on the ground. Al Shabaab has targeted US military forces and foreign interests in the region and has sought the capability to target commercial aviation. + +The Islamic State branch has a small footprint in Somalia and serves as a crucial link between the Islamic State Central African Province (ISCAP) in Mozambique and the Democratic Republic of the Congo (DRC) and Islamic State leadership in Iraq and Syria. + +The Islamic State operates as ISCAP in Mozambique and in the DRC, though links between the two groups are not clear. In 2021, ISCAP sparked a full-fledged insurgency in northern Mozambique, including seizing control of key towns. Regional states are responding to ISCAP’s threat by deploying troops to Mozambique to counter the group. ISCAP expanded its area of operation in the DRC and has recruited foreign fighters to its insurgency. In August 2021, the Congolese government accepted U.S. counterterrorism assistance, which may limit ISCAP’s ability to grow. Nonetheless, ISCAP’s insinuation into local insurgencies in both Mozambique and the DRC may help it continue to strengthen. + +In North Africa, the Islamic State Sinai Province (ISSP) has withstood Egyptian military pressure but has not strengthened significantly. Al Qaeda in the Islamic Maghreb (AQIM) continues to operate from safe havens in southwestern Libya. AQIM has prioritized the success of Jamaat Nasr al Islam wa al Muslimin (JNIM) by directing resources into the Sahel. AQIM also works closely with the Tunisia-based Uqba ibn Nafa Brigade. Cells linked to the Islamic State have been dismantled in Algeria, Libya, and Morocco. Anecdotal evidence indicates some returnees from Iraq and Syria have sought to join groups in the Sahel. + +In West Africa, Salafi-jihadi groups have expanded and strengthened. JNIM, primarily based in Mali, has spread into neighboring countries to include recruiting cells in Senegal and attack cells in Cote d’Ivoire, as well as threatening Benin, Ghana, and Togo. It has maneuvered within local conflicts in Mali, taking advantage of inter-communal violence to grow its influence within different communities. The group retains strong ties to AQIM and has proven resilient against counterterrorism operations. + +The Islamic State in the Greater Sahara (ISGS), operating primarily in Burkina Faso, Mali and Niger, has prioritized the conduct of large-scale attacks against security forces and community-based armed groups. ISGS and JNIM have come into direct conflict as they have each expanded. Regional counterterrorism forces, backed by a French-led special forces mission, have targeted the leadership of these groups but have not reduced their influence on the ground. + +The Islamic State West Africa Province (ISWAP) has grown as it has weakened a rival Salafi-jihadi group, Boko Haram, from which it splintered originally. The Islamic State claims ISGS attacks under ISWAP’s name, though — like ISCAP Mozambique and DRC — the two organizations are geographically distinct. ISWAP has absorbed some Boko Haram factions and has pursued a more successful strategy than its rival at building support within local communities. + +#### Middle East + +Sustained counterterrorism pressure, particularly in Iraq and Yemen, has limited the growth of the Islamic State and weakened al Qaeda in the Arabian Peninsula (AQAP). Regional instability, however, has enabled Salafi-jihadi groups to survive and creates an environment for them to grow again. + +In Iraq and Syria, the Islamic State in Iraq and al Sham (ISIS) remains active even though ongoing counterterrorism operations have weakened it. In eastern Syria, ISIS has been reconstituting its combat capabilities and transitioning to guerrilla warfare. Northwestern Syria, which is primarily under the control of Hayat Tahrir al Sham, another Islamist movement, serves as a sanctuary for ISIS families and a key transit point to enter Turkey. In Iraq, ISIS has reduced strength but continues to operate attack cells, including in Baghdad and the surrounding area. + +In northwestern Syria, Hayat Tahrir al Sham has portrayed itself as “moderate” but still embraces Salafi-jihadi ideology. It has targeted Hurras al Din, also known as al Qaeda in Syria, seeking to consolidate control and crack down on those actively focused on the global jihad within its territories. Hurras al Din was weakened in 2020 but still draws hardline recruits. + +In Yemen, AQAP has strengthened over the course of 2021 after counterterrorism pressure from the United States and the United Arab Emirates had significantly weakened it. AQAP began a counteroffensive against UAE-backed troops in southern Yemen and continued to clash with al Houthi fighters in central Yemen. Counterterrorism operations never removed AQAP from its historical sanctuaries, which prevented its defeat. The Islamic State branch operating in central Yemen has remained weak. + +#### South Asia + +Salafi-jihadi groups in Afghanistan and the region had been positioning for the expected withdrawal of U.S. and NATO forces from Afghanistan in August 2021. They have been strengthening on the ground despite counterterrorism pressure. Counterterrorism efforts have disrupted Islamic State-linked cells in Indonesia and the Philippines. They have not successfully stopped all attacks, however. + +In Afghanistan and Pakistan, the Taliban has provided al Qaeda and AQIS with support for their operations. Al Qaeda’s presence expanded in Afghanistan throughout the first half of 2021, and AQIS has successfully integrated into the local insurgency, making it difficult to separate it from the Taliban. The Haqqani Network, whose leader is a top official in the Taliban, has continued to facilitate regional cooperation among other Salafi-jihadi groups. The Tehrik-e-Taliban Pakistan, which had been weakened by Pakistani counterterrorism operations, may have begun to reconstitute in the Pakistani tribal areas from its sanctuaries in Afghanistan. + +The Islamic State Khorasan Province (ISKP) was weakened in 2020. But it stood to gain new recruits in 2021 by presenting itself as a harder line alternative to the Taliban. German authorities disrupted a Tajik terror cell with ties to ISKP plotting attacks on U.S. forces in Germany in 2020. + +In Southeast Asia, groups linked to the Islamic State continue to pose terror threats, but authorities have been able to disrupt some plots. Jamaah Ansharut Daulah claimed credit for the Palm Sunday bombing in Makassar, Indonesia, in March 2021. In February that year, Philippine security forces disrupted a cell of women purportedly planning suicide attacks targeting soldiers. + + +### Leadership + +Both al Qaeda and the Islamic State have survived despite the elimination of many senior leaders by the United States and its partners. Ongoing counterterrorism pressure, however, has limited the ability of senior leaders to communicate with their followers. In the case of the Islamic State, this has weakened control over branches and has resulted in the delegation of some of its authority. Al Qaeda’s already decentralized structure limits the impact, but the absence of senior leaders within affiliates, such as AQAP, has resulted in their weakening. + +As of September 2021, key Salafi-jihadi leaders included: + +__Al Qaeda__ + +- _Ayman al Zawahiri_: Al Qaeda’s emir is believed to be severely ill and in hiding in Afghanistan. + +- _Saif al Adel_: A senior al Qaeda operative assessed to be next-in-line in al Qaeda and residing in Iran. + +- _Abdul Rahman al Maghrebi_: An al Qaeda shura council member, al Sahab media director, and head of external communications who is thought to be in Iran. + +- _Abu Ubaydah Yusef al Annabi_: AQIM’s emir, a longtime senior member who succeeded Abdelmalek Droukdel after his death in June 2020. + +- _Khalid Batarfi_: The status of AQAP’s emir is unclear; he was reported as detained in 2020 but appeared in an early 2021 video. + +- _Ahmed Umar (Abu Ubaidah)_: Al Shabaab’s emir since 2014. + +- _Iyad ag Ghaly_: JNIM emir with longstanding ties to AQIM. + +- _Samir Hijazi_: Hurras al Din’s leader. + +- _Osama Mahmood_: AQIS’s emir since 2019. + +__Islamic State__ + +- _Abu Ibrahim al Qurayshi_: Islamic State leader claiming to succeed Abu Bakr al Baghdadi as Caliph. + +- _Adnan Abu Walid al Sahrawi_: ISGS’s emir, who defected from al Murabitoun, which is now part of JNIM. + +- _Abu Musab al Barnawi_: ISWAP’s emir had served as the group’s emir from August 2016 to March 2019 and was reappointed to the position in May 2021. + +- _Musa Baluku_: ISCAP’s leader in the Democratic Republic of the Congo. + +- _Abu Yasir Hassan_: ISCAP’s leader in Mozambique, as identified by the United States. + +- _Shahab al Muhajir_: ISKP’s emir, an Iraqi who defected from the Haqanni network and al Qaeda to succeed the group’s founder, Hafiz Saeed Khan, in April 2020. + +- _Abu Hajar al Hashemi_: ISSP’s emir who may have served previously as an Iraqi army officer. + +- _Abdul Qadir Mumin_: IS-Somalia’s emir who defected from al Shabaab. + + +### Salafi-jihadi Attacks with American Casualties (2020-2021) + +Groups such as al Shabaab, AQAP, and ISIS have pursued external attack capabilities but have not conducted a terror attack in the United States since the December 2019 Pensacola shooting. + +U.S. forces deployed on counterterrorism operations, however, have been targeted. The deadliest attack occurred on August 26, 2021, when as ISKP suicide bomber detonated a device in Kabul, Afghanistan. Al Shabaab has also targeted US forces in Somalia and Kenya. Both al Shabaab and ISIS have killed Americans during U.S.-supported counterterrorism raids: al Shabaab fatally wounded a CIA officer in November 2020 and ISIS killed two special operations Marines in March 2020. + +- __Kabul airport bombing, Afghanistan__: On Aug. 26, 2021, ISKP conducted a suicide attack and opened fire into a crowd at Abbey Gate near Hamid Karzai International Airport in Kabul, Afghanistan. The attack killed 13 US troops and an estimated 170 Afghan civilians. + +- __Manda Bay, Kenya, assault__: On Jan. 5, 2020, al Shabaab militants attacked a U.S. military base in Manda Bay, Kenya, killing three Americans. diff --git a/_collections/_hkers/2022-09-07-russian-view-of-sanctions.md b/_collections/_hkers/2022-09-07-russian-view-of-sanctions.md new file mode 100644 index 00000000..6357d7dd --- /dev/null +++ b/_collections/_hkers/2022-09-07-russian-view-of-sanctions.md @@ -0,0 +1,92 @@ +--- +layout: post +title : Russian View Of Sanctions +author: Saskia Zandstra and Tom Keatinge +date : 2022-09-07 12:00:00 +0800 +image : https://i.imgur.com/pTlx3iw.jpg +#image_caption: +description: "Through the Looking Glass: The Russian View of Western Sanctions" +excerpt_separator: +--- + +_Western rhetoric emphasises the massive economic impact of sanctions on Russia. But how are sanctions seen from within the country?_ + + + +The imposition of Western sanctions following Russia’s invasion of Ukraine has been swift, coordinated and widespread. Russian banks have been decoupled from international payment systems and capital markets; the Russian Central Bank’s international reserves have been frozen; hundreds of Russian companies and individuals have been targeted; and there has been a ban on certain strategic exports and imports. Furthermore, over a thousand companies with operations across Russia have “self-sanctioned”, closing or selling their operations. + +The Western narrative on the impact of sanctions is one of significant economic contraction. The IMF projects a decline in Russia’s real GDP of 6% in 2022 and leading Yale academics have concluded that the “Russian economy is reeling”, while certain politicians have called for Russia’s economy to be pushed “back into the Soviet era”. + +But what is the Russian perspective and narrative in response to these sanctions, how is their impact viewed from Moscow and across Russia’s 11 time zones, and what implications does this have for future Western policymaking as the fighting in Ukraine continues unabated? There are signs that Russian opinion is split between those who support the Kremlin and those who question its assessments. The Kremlin’s rhetoric is stoic and its message is confident, articulating economic resilience and a clear way forward in response to sanctions. In contrast, public non-conformist views, which are difficult to source because of censorship, present a more bearish perspective of the long-term consequences of sanctions, especially as they move beyond targeting Putin’s supporters to impacting the real economy. + + +### Russia Remains Strong, and is Only Defending Itself Against the West + +In response to sanctions, the narrative from the Kremlin focuses on two main messages. The first is that the Russian economy is resilient and well-prepared for Western sanctions. + +The Kremlin has been thorough in relaying a composed message of strength to the Russian public through all forms of state-controlled media, expressing continued confidence in the country and its economy in the face of sanctions, and emphasising the government’s “responsible macroeconomic policy over the past few years”. The policy of redirecting resources to serve domestic markets after international companies pulled out of the country; the lending programme to fund “much-needed initiatives and projects worth around half a trillion roubles”; and the provision of increased liquidity to the economy are but a few examples of the steps the Kremlin and the Russian Central Bank have taken to mitigate the short-term impact of sanctions. Russian companies have also sought to put risk mitigation measures in place by seeking alternate markets to replace exports to the EU, and Russia is portrayed as effortlessly making new connections with other countries sympathetic to its cause. + +Alexei Miller, Chairman of the Board of Gazprom, has spoken of Russia’s ability to replace the exports to European markets it has lost through the strengthening of pro-Russian alliances with countries such as China and Saudi Arabia. Miller has highlighted global inflation and price volatility as evidence of Western mistakes and believes this will only worsen over time. Miller has also commented that the sanctioning of Gazprom has given the Russian oil industry the opportunity to create “new fuel and energy unions” with other countries including India and China. Miller has asserted that Russia ultimately has “energy security” and the ability now to “determine the course of future alliances”. + +> Support from the religious establishment in Russia provides Putin with a halo of spiritual blessing and a deep-rooted religious anchor to justify the conflict in Ukraine + +Second, the Kremlin focuses on the belligerence and provocation of Western countries in imposing sanctions and their desire to halt the Russian economy at all costs, with Putin describing the sanctions against Russia as “akin to an act of war”. The West is portrayed as the aggressor with Russia only defending itself, as underlined by Putin in a televised address in which he stated that Western politicians have consistently created “fundamental threats” to Russia. As a result, he believes he had no choice but to begin the “special military operation” and take “bold and immediate action” in Ukraine. Putin has called Western leaders “short-sighted Russophobes” who are prepared to cause damage to Russia and other countries to “preserve their own global dominance”. + +This message is echoed by State Duma Chairman Vyacheslav Volodin, who believes the “range of means aimed at withholding [Russia’s] development [to have been] exhausted.” The depiction of the West as the aggressor is prevalent, as further exemplified by government officials such as Dmitri Peskov, diplomat and Putin’s press secretary, who, in regard to the US Office of Foreign Assets Control’s measures to prevent payments on Russia’s sovereign bonds, commented that “a default can be orchestrated, but this is a purely artificial situation created by the US Treasury and not due to any economic difficulty in Russia”. In other words, the West is choosing to wage economic war on Russia. + +The narrative of sanctions as a tool of aggression and Western belligerence threatening Russia’s security is being widely amplified by Russian radio and TV networks. The popular channel RT News consistently refers in its broadcasts to NATO doing “everything to provoke Russia”, and women have even posted videos on social media in which they cut up their designer handbags as a sign of resentment against the West. + + +### Patriarch’s Support for God’s Truth + +Patriarch Kirill and the senior echelons of the Russian Orthodox Church have also shown support for Putin’s “special military operation” in Ukraine. This support from the religious establishment in Russia provides Putin with a halo of spiritual blessing and a deep-rooted religious anchor to justify the conflict in Ukraine. In March 2022, Patriarch Kirill claimed to the Federal Assembly of the Russian Federation that Russians and Ukrainians come from “a single Kyiv baptismal font” which is united “by a common historical destiny”. Kirill also spoke of the “external hostile political forces” that have been used “to escalate Russian-Ukrainian hostility”, echoing the narrative of Putin’s preparatory essay from July 2021, “On the Historical Unity of Russians and Ukrainians”. + +The concept of Western provocation has also been reflected by senior members of the Russian Orthodox Church in their rejection of the sanctions placed on the Patriarch for his support of the war. Vladimir Legoyda, acting head of the press service for the Russian Orthodox Church, has stated that the UK sanctions against Patriarch Kirill are “against common sense” and “absurd and futile”, accusing the UK of unsuccessfully attempting “to intimidate the Primate of the Russian Church” and of burning even the “last bridge” in communication between the two countries. Similarly, the Patriarchal Exarch of Africa, Metropolitan Leonid of Klin, has said the Canadian sanctions are an example of the West creating havoc wherever it can. + +> Despite the Kremlin’s assertion that the Russian economy is resilient, the measures taken by the Central Bank to mitigate the effect of sanctions suggest otherwise + +Despite this vocal support for the Kremlin and condemnation of Western sanctions, there is anecdotal evidence that the Russian Orthodox Church is not united in its support of Putin (the church in Ukraine has already broken ranks publicly). Kirill’s position is seen by some in the Church in Russia as contrary to the Christian view that “the life of every human is valuable”. In March 2022, 233 Russian Orthodox clerics signed an “Appeal of the priests of the Russian Orthodox Church” that called for reconciliation, a ceasefire and an end to war, showing that they do not condone Kirill’s blessing of the conflict. In another example, after speaking out for peace, John Burdin, a priest in the Kostroma village of Karabanovo, was reported by his parishioners for not supporting the war and later questioned in jail. + + +### The West is Only Hurting Itself + +A separate narrative being promoted by the Kremlin both domestically and internationally is that the West is causing more economic damage to itself than to Russia, as Europe will not easily be able to source replacements for imports of energy from Russia. Volodin believes that “new packages of sanctions will not do Europe any good” and are “illegal”, and has sought to blame Presidents Joe Biden and Volodymyr Zelensky for actions that will lead to famine. This attribution of blame and depiction of Europe as suffering more than Russia is further amplified by Foreign Minister Sergei Lavrov, who has introduced the idea of the “new poor” in Europe, where “living standards are deteriorating” as a result of the West’s own actions. + +Putin himself states that the “global crisis [of food and energy] is largely caused by these sanctions” and paints the EU as disunited, in contrast to Russia which is depicted as a strong and clear-minded nation – a narrative underlined during Lavrov’s tour of Africa, which cultivated unity in the face of suffering at the hands of Western sanctions. Emphasising the West’s dependence on Russian energy, Putin maintains that sanctions come at the “expense of [Europe’s] own national interest”, a view corroborated by figures such as opposition politician and economist Vladimir Milov, who talks of Putin’s ability to “finance his economy and the ongoing military aggression” as long as there is not a complete embargo on Russia’s oil resources. + + +### Not Collapse but Decay + +Despite the Kremlin’s assertion that the Russian economy is resilient, the measures taken by the Central Bank to mitigate the effect of sanctions suggest otherwise. For example, capital controls, subsidised lending programmes for small businesses, and expected legal action by the Central Bank against the freezing of its offshore international reserves reveal an economy under stress. + +Conformists and non-conformists in Russia agree that a major economic meltdown is unlikely. However, non-conformists seem more fearful of the long-term economic impact of sanctions, as industries with a reliance on Western products suffer and the rate of Western production cannot be replicated domestically. Valery Kizilov from The Insider Journal acknowledges the very significant effect sanctions will have on the financial sector, which will in turn directly affect other sectors such as housing and construction; the motor industry, which is reliant on key Western components; and the scientific sector, where international deals on equipment and collaboration – once prevalent – have now been suspended. All of this points to a more gradual deterioration and a future where economic hardship will increase. + +This more fearful reaction to sanctions is echoed by economists such as Ruben Enikolopov, director of the Russian Economic School, who believes that Russia’s isolation is now “worse than in the Soviet Union”, maintaining that while there will not be a market collapse as in 1991, there will be a scarcity of international products. Sergei Hestanov, a well-known Russian economist, believes that the sanctions are just the “tip of the iceberg”, alluding to suffering to come under the new restrictions. Oil expert Michael Krytikin agrees with Milov that Russia is only relatively secure as long as the West is reliant on its oil and gas products, but that once the West imposes a full oil embargo, the Russian economy will suffer a substantial hit. + +The ability of the economy to sustain itself through its reliance on oil and natural gas revenues is also a very real fear among ordinary citizens. In interviews on the popular Russian YouTube channel 1420, ordinary Russians express their concern that once the West no longer needs to purchase its natural resources, Russia will have little else to offer. This fear of eventual “not collapse, but decay” of the Russian economy, and the resulting impact on the quality of Russian life caused by a rise in economic challenges, is the core non-conformist view. + +> The Kremlin’s ability to control the narrative through state-controlled media, the criminalisation of anti-war protests, and the continued flow of energy revenues have allowed Putin to deflect the impact of sanctions + +Leonid Volkov, top aide to imprisoned Russian opposition figure Alexei Navalny, believes that by starting the war Putin has “shortened his time in power”. Navalny himself additionally claims that the war was started to distract from financial problems within the country that will lead to “destroyed lives and continued impoverishment of Russian people”. Whatever the reason, there is no doubt that while the Kremlin points to resilience against sanctions in Russia today and economic challenges in the West, the future of the Russian economy will be determined by the extent to which these fears materialise. + + +### A More Promising Future Elsewhere? + +While the impact of propaganda, censorship and new legislative measures to criminalise anti-war protests makes it challenging to research the impact of sanctions on ordinary Russians and their resulting perceptions, other factors such as the “brain drain” that hit Russia after the first wave of sanctions point to growing concerns for the future. Current Time TV estimates that 15,000 millionaires will leave Russia this year, and Yulia Florinskaya, researcher at RANEPA, reports the exit of about 150,000 people, many of them educated young professionals working in the hi-tech, medical and business sectors. Despite the economy not crashing, many have not returned, which Florinskaya refers to as “forced migration”, demonstrating the continued fear that sanctions will affect people’s quality of life and opportunities and Russia’s economic future. + + +### Policy Implications + +The imposition of sanctions on Russia was framed by many in the West as a “shock and awe” campaign. It was hoped that the threat of massive economic consequences by Western leaders would change Putin’s calculus. The reality was always going to be different. Sanctions are a long-term tool that seek to build pressure over time. Unsurprisingly, Western-imposed sanctions are not triggering the extent of public opposition in Russia to Putin’s invasion of Ukraine that Western leaders sought, because – for now – the country’s economy remains superficially resilient, foreign currency revenues from the sale of oil and gas continue to fill the Kremlin’s coffers, and censorship silences dissent. But fears of the longer-term economic impact on the country are beginning to emerge. + +Putin’s narrative will continue to highlight Russia’s economic resilience in contrast to the West and seek to frame sanctions as a tool of Western belligerence, thereby reinforcing his claim that Russia’s security is constantly threatened and that the invasion of Ukraine was in self-defence. But as evidence of economic stagnation emerges, this version of the truth could become increasingly difficult to maintain. + +As Putin’s “special military operation” extends beyond six months, the ability of the Kremlin to control the narrative through state-controlled media, the criminalisation of anti-war protests, and the continued flow of energy revenues have allowed Putin to deflect the impact of sanctions. The West should ensure that it monitors and reports on the true effect of sanctions on the Russian economy, that it blunts the Kremlin narrative which seeks to portray sanctions as more harmful to the West than Russia, and that it maintains economic pressure on the country. + +That economic hardship lies ahead in the West as a result of its support of Ukraine is certain, particularly until alternative sources of energy can be found; but Ukraine’s allies must stay the course, given the fundamental threat Russia’s war in Ukraine poses to Western security and democracy, until the economic reality in Russia undermines the Kremlin’s post-truth narrative. + +--- + +__Saskia Zandstra__ was a summer intern with the Centre for Financial Crime and Security Studies at RUSI in 2022. + +__Tom Keatinge__ is the founding Director of the Centre for Financial Crime and Security Studies (CFCS) at RUSI, where his research focuses on matters at the intersection of finance and security. He is also currently a specialist adviser on illicit finance to the UK Parliament’s Foreign Affairs Committee ongoing enquiry. diff --git a/_collections/_hkers/2022-09-07-software-defined-warfare.md b/_collections/_hkers/2022-09-07-software-defined-warfare.md new file mode 100644 index 00000000..97b69e47 --- /dev/null +++ b/_collections/_hkers/2022-09-07-software-defined-warfare.md @@ -0,0 +1,180 @@ +--- +layout: post +title : Software-Defined Warfare +author: Nand Mulchandani and John N.T. Shanahan +date : 2022-09-07 12:00:00 +0800 +image : https://i.imgur.com/jFdeqWA.jpg +#image_caption: +description: +excerpt_separator: +--- + +_In the future, warfighting will only become more complex, even more chaotic, and even faster. The only way to stay competitive in a new warfighting environment is to ensure that it uses the most potent weapon available: technology, and more specifically, software._ + + + +### Introduction + +On August 20, 2011, Marc Andreessen published “Why Software Is Eating the World.” In the decade since this seminal article was written — an eternity in the technology industry — an entire new generation of “digital native” companies has emerged that forced slower-moving incumbents out of business. Technology has been devouring the world, and it also eats its own. + +The U.S. military is considered the best in the world. With a budget larger than the next 10 militaries combined, the Department of Defense (DOD) outspends, out-equips, and out-trains its competitors. It is also an industrial-age, hardware-centric organization that has the “biggest, the mostest, and the bestest” military capital investments: tanks, ships, aircraft, and everything in between. Unfortunately, in today’s world, hardware is “old-school” — low-margin, commodity products that are manufactured, stored, shipped, and consumed. After depreciation and excessive wear and tear, hardware is scrapped for parts or ends up in a boneyard. + +The military’s hardware systems are built to wrap multiple layers of metal and protection around fragile human beings who operate these machines under fire and extreme levels of stress, with the planning and orders coming from groups of people watching screens and integrating information through PowerPoint and Excel. The DOD accomplishes incredible things, but as remarkable as the Department is in many ways, it shares with almost all other federal agencies the common trait of lagging woefully behind the commercial software industry’s state of the art — in everything from automating back-office functions to providing digital warfighting services to its customers. + +Under normal circumstances, an organization like the DOD would be a huge target for “disruption” by entrepreneurs and investors (a euphemism for “putting out of business”). Fortunately, it has a monopoly on the nation’s warfighting functions, which insulates it from the usual forms of market competition. Yet this very monopoly is also the root cause of many of the worst problems when it comes to the DOD’s failure to adopt new technologies, change its legacy workflows and processes, and design and experiment with new operating concepts. Within the U.S. government, the DOD does not experience the kind of brutal, capitalist, Darwinian journey by which incumbent organizations face off against hungry new start-ups and risk getting pushed to the side — where the start-up takes over as the “new DOD” with brand-new underlying tech. Equally problematic, the massive DOD bureaucracy struggles with the kind of periodic “tech refresh” that has been instrumental to commercial industry success. While it is insulated from market competition within the U.S. economy, the DOD is not immune from the kind of revolutionary, secular, and wide-ranging technological changes happening outside the government. Nor is it immune from the threat of competition with other militaries around the world. Either the DOD will change itself, or its competitors will force it to change — after it might be too late. + +For the United States to retain its dominant position in the future — which is not a guaranteed outcome — the DOD needs a new design and architecture that will allow it to be far more flexible, scale on demand, and adapt dynamically to changing conditions. And it must do so at a dramatically lower cost as it delivers its critical services. Central to this will be changing the role of the human in the information and decision loop as well as at the endpoint: increasing speed, accuracy, scale, and techniques to confuse, disorient, and overwhelm the adversary while preventing them from doing the same to U.S. forces. The DOD’s systems will need to support dramatically faster decisionmaking and execution speeds; allow for rapidly updating and modifying systems; lower the cost structure of building and deploying these systems; and upend the marginal cost and speed of delivering new functionality. + +The idea that the DOD must dramatically change the way it builds warfighting systems is hardly novel. There have been hundreds of articles, think-tank papers, and books that have made a compelling case for radical change. One of the best recent examples is The Kill Chain by Chris Brose, who calls upon the DOD to build a “military Internet of Things” that involves “large networks of autonomous systems” and a different mix of weapons systems. Likewise, in crafting the concept of the Third Offset Strategy, former deputy secretary of defense Bob Work has argued for years about the need for major DOD-wide changes, especially the widespread adoption of autonomous systems and AI-enabled capabilities. Other ideas that percolate regularly in defense policy circles revolve around concepts such as networked warfare, mosaic warfare, and next-generation battle networks. Much of this work describes the problem but does not get to the level of proposing concrete technology solutions. In solving extremely hard technology problems, leading commercial technology companies typically start by outlining a set of key architectural standards upon which the entire system will be built. This paper outlines the architecture needed for next-generation warfighting systems. + +The key to this architecture lies in software. Software is disrupting and reconstituting entire industries — especially those that rely on manual processes and fail to leverage the power of low or zero marginal costs. This is not about sprinkling “magic software dust” on a company or business model to make it work. Software needs to be at the core of every business and operating model before any business can hope to gain an enduring competitive advantage. The DOD is no different. + +![image1](https://i.imgur.com/S5ZtKRx.png) +_▲ Source: [Todd Harrison, “Battle Networks and the Future Force: Part 2: Operational Challenges and Acquisition Opportunities,” CSIS, CSIS Briefs, November 3, 2021](https://csis-website-prod.s3.amazonaws.com/s3fs-public/publication/211103_Harrison_Battle_Networks_Part2_0.pdf)_ + + +### Closing the Kill Chain, Getting inside a Competitor’s OODA Loop + +The “kill chain,” a phrase that long predates Brose’s book, refers to a multistep process that involves absorbing information, turning that information into knowledge (actionable intelligence), making a decision, acting on the decision, understanding the consequences of that decision, and refining future actions accordingly. Similarly, John Boyd’s “OODA loop” concept refers to the process by which an individual, commander, or team progresses through the same stages: observe, orient, decide, and act. The final part of the process — acting or closing the kill chain — is generally associated with firing and destroying something, but in today’s world it could also include a non-kinetic effect such as delivering a cyberattack against a target or deploying a piece of misinformation designed to disrupt the adversary’s orientation phase of the OODA loop while protecting one’s own. In general, the side that can consistently demonstrate shorter, tighter, and more resilient OODA loops will gain an advantage. + +Ultimately, the kill chain and OODA loop are essentially workflows buttressed by human cognition. Today, these workflows are implemented as a confusing mess of manual, semi-manual (including telephone calls), and electronic processes. It is both exciting and shocking to visit a combatant command operations center. In peacetime, it is easy to see how these commands and their subordinate units can handle a relatively limited number of aircraft and ships moving around. What is hard to imagine is how extant manual processes will be capable of tracking hundreds, if not thousands, of moving objects in wartime, all tasked with delivering kinetic and non-kinetic effects from undersea through space, cyberspace, and everything else in between. Executing these workflows so every step of the process and the data flows are done in software, even though decisionmaking is still in the hands of human commanders and operators, can yield a decisive advantage over an adversary: every stage of the OODA loop is tighter, faster, and more well-informed. Conversely, not taking a digital-age, software-centric approach in the battlespaces of the future could very well mean tactical, operational, and even strategic defeat. + +Readers can easily misconstrue such “software cheerleading” as implying the demise of hardware. That misses the point. Military hardware and weapons systems are still vitally important. However, they need to be tethered to the end of internet-scale software systems that handle all the complexity of decisionmaking, targeting, and resourcing — everything but the final step of executing a decision to close the kill chain. Software will fundamentally and irretrievably change the value of hardware by making the processes that lead to the desired effects faster, cheaper, more efficient, scalable, and more accurate. + + +### Lessons from Data Center Architecture + +Transferring lessons and experience from other domains can help inform breakthrough solutions to big problems in the DOD and other federal government organizations. Years of building large-scale software systems have revealed best principles and practices on how to design computer software and systems for squeezing out the maximum performance at the lowest cost and, where appropriate, removing the most expensive, least scalable, and slowest parts of the process and cost structure: humans, followed by hardware. These same concepts can — and should — be applied to the DOD. + +In the computer industry, “software defined” is a broad architectural concept that drives a few different core design decisions. These design decisions turn a bunch of disconnected hardware products into an integrated whole that can be operated and managed as a single platform. It also takes control and complexity, which is typically distributed all over the place, and centralizes it where it can be simplified, managed, and scaled. In military terms, this is centralized direction and decentralized execution: the best of both worlds. + +Most of the large-scale computing systems and platforms used in the technology industry are software defined. The largest cloud-computing platforms, such as Amazon Web Services (AWS) and Microsoft Azure, are all “software-defined computing platforms” relying on “software-defined networking” (SDN); their storage is now “software defined,” as are fifth-generation wireless (5G) telecom systems, with provisioning and routing all done via software. These large-scale platforms run on commodity hardware (in some cases, built in house) with large-scale orchestration software that pulls the complexity out of the lower levels of the platform to a central system. + +It is reasonable to ask whether today’s computer systems can handle the scale and size of a battlefield. The answer is a resounding “yes!” Internet-scale companies such as Apple, Meta, Amazon, Alphabet, Microsoft, Netflix, and others routinely connect billions of users and systems every day, exchanging content and video in real time. While these companies do not typically face the risk of actual kinetic effects destroying their data centers, they do deal with cybercriminals and nation-state–sponsored cyberattacks — and even squirrels or rats eating through cable wires. The best of these architectures are built to be resilient in the event of failure. If these companies can operate at this enormous scale, there is no reason whatsoever why the same key concepts cannot be applied to warfighting to weave together thousands of hardware objects into a single software-defined system. + +#### Concept: Architect for Scaling + +Earlier computer systems and software were designed to allow a single application to run on a single computer system. When a computer system ran out of capacity, the solution was always to throw more resources at the problem: a faster processor, more disk space, a faster network card, and so on. This method is called “vertical scaling.” Once a server was running at capacity, you were done, as there are physical limits to the resources you can add to a system. Over time, this evolution led the industry to one of the biggest systems possible: the mainframe. + +One of this paper’s authors had his first job out of college at a hot, upstart company called Sun Microsystems that was revolutionizing network computing. Sun computers — called “pizza boxes” because they looked like one — were competing against the mighty mainframe. Instead of the “unit of scaling” for the mainframe, which was another mainframe, to scale up you simply added a single “pizza box” worth of additional computing and memory every time you needed some marginal resources for an application. This marginal-expense option is far more attractive than being forced to buy another giant, multi-million-dollar mainframe that might only be 10 percent utilized. This method of small, marginal additions is called “horizontal scaling” and was created to overcome the limits of vertical scaling. + +Instead of a single, large computer system running an application, horizontal scaling involves distributing an application’s computing workloads across multiple, smaller computer systems. Unfortunately, moving from a vertically to horizontally scaled architecture does not come free. The software itself needs to be re-architected to support this new underlying system topology. Issues such as database storage (which is hard to distribute across multiple systems), file systems, caches and data consistency, software queues, and load balancers come into play. As companies moved their legacy applications from their on-premises data centers to the cloud, they realized they had to re-factor or even rewrite their applications to take full advantage of what cloud computing could provide. + +Computer systems in older data centers are called “pets” because each computer system would have a unique name, typically part of a broader naming scheme. Popular naming schemes were the planets in the solar system or cats (e.g., “Fluffy”). Just as if a pet got sick and had to be taken to the vet, if one of these computers had a problem, engineers would try their best to fix it. In contrast, today’s computers running at a major cloud vendor have a virtually meaningless string of characters as a name (e.g., “i-0123456789abcdef”) — unfortunately, just like anonymous cattle. Cloud-computing instances are created and destroyed all the time, with little sentimental value. + +Applying this to the United States’ warfighting systems architecture is simple: The DOD needs a massive number of cheap, disposable, and easy-to-manufacture endpoint systems that it can concentrate, distribute, and scale up or down as the need arises. In many cases, these systems will require little or no maintenance. If one breaks, you just replace it with an identical clone, driving down overall complexity in logistics and maintenance. Parts of the DOD are already thinking about this concept (with smaller drones, for example), but the Department needs to start applying this architectural thinking to many more of the aspects of hardware, vehicles, and weapons systems that it builds or buys. + +#### Concept: Eliminate Single Points of Failure + +The current design points for the U.S. military are hardware centric, human centric, and big. Size matters. The mighty aircraft carrier exemplifies this paradigm. It costs billions of dollars to build, carries thousands of sailors, and hosts dozens of different kinds of fighter aircraft. It sits in the middle of a carrier strike group (CSG), with many ships and submarines tasked to protect it. The protection offered by the CSG makes it extremely hard to sink a U.S. aircraft carrier. However, taking out an aircraft carrier destroys the entire CSG architecture, making it nearly useless for the purpose for which it was designed: to project force around the world. + +An aircraft carrier, given its size and footprint, is like a very large mainframe or a large database system. An aircraft carrier is vertically scaled, as the unit of scaling for the system is yet another aircraft carrier. Many of these vertically scaled systems are also single points of failure. Since these systems are very expensive, there are normally not any redundancies from running two systems at the same time. The crash of a mainframe or database system crashes the entire system, as there is no backup. Obviously, architectures that have such single points of failure are extremely brittle and eventually fail. + +Identifying and eliminating these single points of failure are critical to building a resilient architecture, both in commercial industry and in the DOD. The aircraft carrier and the concept of the CSG were created at a time before China developed carrier-killer missiles. At $10 million a missile, shooting a few of these and hitting a U.S. carrier worth upward of $10 billion would generate an eye-watering return on investment (ROI). Or, as some of the fighting in Ukraine seems to presage, you can get an even more impressive ROI by attacking a CSG with hundreds (if not thousands) of small, attritable, armed, autonomous swarming drones, all of which can be horizontally scaled on demand to attack the most vulnerable parts of the enemy’s position. + +#### Concept: Virtualization + +Virtualization technology has revolutionized data centers by transforming a computer server into a virtual machine that can be copied, cloned, snapshotted, and moved around. It has helped create the revolution in cloud computing and “software as a service” by allowing users to rent computers by the minute and operate them remotely at an incredibly competitive cost. + +In its generic form, virtualization is the act of creating an abstraction and translation layer between two distinct systems, such as hardware and software, or taking an older system and allowing it to be manipulated and managed as part of larger digital workflows. Initially, virtualization’s most popular trait was the ability to take older/legacy Windows operating systems (such as Windows 2000) and continue to run them on newer hardware, as well as the ability to consolidate the systems into a central data center. + +In the case of legacy military platforms, sensors, and workflows, virtualizing the system involves wrapping it in a set of callable Application Programming Interfaces (APIs) that allow it to participate in any electronic workflows without the interruption of a manual process. An API is a standardized software layer with a set of well-defined and well-documented software entry points that a programmer can call from their code to receive data and initiate processes. Once kill chains have been converted to end-to-end electronic workflows, the effect of a weapons system at the end of such a workflow can be implemented as an API call. Ideally, these APIs should be two-way: inbound ones that allow for the control and execution of the system and outbound ones that provide status, capacity, usage statistics, and the like that can be fed back into the orchestration system for planning, resupply, and resource management. Even if a system can only enable some APIs — for instance, outbound APIs that deliver status and supply-level information — that is still a substantial improvement, as its calculations can be networked into the broader orchestration systems. + +During previous DOD Joint All-Domain Command and Control (JADC2) demonstrations, the military services demonstrated API-based access to weapons systems. This is a crucial first step. In effect, it means that those systems could be integrated as part of electronic kill chains and brought under the management of the overall software orchestration engine. This functionality, however, needs to be moved into production and to the field instead of just used once in demonstrations or experiments. The importance of changing the DOD’s mindset from relying on individual hardware systems and one-off software programs to using a system centered on the role of APIs cannot be overstated. + +The second dimension of virtualization is to set up the endpoint hardware to run multiple software stacks simultaneously, all completely isolated from each other logically but sharing the underlying hardware platform. There are numerous cases where fixed, one-time hardware costs dominate. The ability to dynamically reprogram or switch to a completely different workload stack — for example, based on the time of day — can drive up the utilization of the hardware. Small examples are cell phones, with a user potentially wanting to use multiple phone numbers (tied to SIM cards) on a single device. A more complex and expensive example is a satellite, for which the initial costs of building and launching the system are often extremely high, while the variable costs of operating it are fairly predictable. Squeezing out maximum utility from such an expensive system can make the difference between a profitable investment and one that is losing money. In addition, thinking about a constellation of satellites as a “computing grid” able to deploy multiple/dynamic workloads can fundamentally transform the traditional paradigm of satellites as having a fixed function. Instead, they can be used in the same way as any flexible cloud-computing system, giving actual “computing in the cloud.” + +#### Concept: Low-Cost Commodity Hardware and Stateless Endpoints + +In the original Top Gun movie, it is hard to miss “MAVERICK” stenciled on Pete Mitchell’s plane — which is very cool until you start wondering what happens if it breaks down. One can just imagine this line from Ed Harris (playing the admiral in the latest film): “Maverick, I’ve got some bad news. Your airplane is going to be down for maintenance. The good news is that you can take Iceman’s jet if he agrees to give it up!” That might be great for Maverick, but he would have to face off against Iceman, who would rather die than give up the chance to fly his own jet. On top of that, Iceman won’t appreciate Maverick messing with his seat settings, air freshener, and radio presets! + +This idea that Maverick can only fly the plane with his name on it gets us back to the concept of “pets vs. cattle” systems — that a single piece of hardware has to be bound to a single pilot, and we cannot dynamically switch the pilot over to another piece of hardware through a “just-in-time” software deployment. Core to the architectural shift from vertical to horizontal scaling is making the actual endpoint systems both stateless and disposable, which introduces the possibility of just-in-time software deployment and configuration. The advantages of this approach include the ability to move to dramatically lower-cost hardware over time (i.e., ride the commoditization curve); scale up and down as needed; rapidly provision new systems; bypass bottlenecks in emergencies (if something breaks, just provision to a new system and fix things later); and introduce new security advantages, since the endpoint systems always have the latest software and do not retain state. Data, which should be clearly compartmentalized away from system and application software, lives in the cloud and synchronizes to the endpoint as needed for local processing. + +Beyond these obvious benefits, the DOD should start thinking about how to integrate newer technologies like artificial intelligence (AI) into existing systems and how to design new systems differently from the ground up. Currently, the DOD thinks of deploying a “global” hardware platform — for example, an unmanned aerial vehicle (UAV) — across multiple areas of responsibility (AORs). In a pre-AI age, this did not present any major problems. As the DOD integrates more AI-based software in these systems, however, the data the algorithms are trained on for each AOR can vary widely. For example, the data from Eastern Europe, which has snowy or muddy fields, and the South China Sea, which has open water and scattered islands, can be very different. AI software performs optimally when it is retrained from new data collected in an operational setting. In the digital age, fielded AI models must be updated regularly. Beyond Project Maven and the DOD Joint AI Center, there are few operational examples in the DOD of AI software fielded via continuous integration/continuous delivery (CI/CD) even though the approach was routinized in commercial industry a long time ago. The idea that fielded AI software is never finished and requires continuous updates is not a niche idea. At some point, almost every piece of software will be AI-enabled and, if embedded into hardware systems, will need to be designed for continuous and even over-the-air remote updates. As the DOD operationalizes this at scale, it will have to become much smarter about deploying just-in-time software on local systems custom-tailored to the mission. + +Similarly, once a crisis or conflict begins, bugs and problems in fielded systems will require fast fixes. This is no different than how commercial products move rapidly from “minimum viable product” to demonstrated high-performance production products. The ability to turn around a patch or “dot release” of software and deploy them to fielded hardware systems will become a key differentiator in future conflicts. Just as Apple runs operating systems such as macOS®, iOS® (for iPhones), and iPadOS®, the DOD should envision a day where it has a TankOS®, FighterOS®, and ShipOS® — each running individual hardware systems. Each armed service should be able to deliver over-the-air patches and new apps to each OS for improving functionality and fixing bugs. There is no question that in the first phase of any war, the United States’ adversaries will be launching a number of “zero-day” cyberattacks against its weapons systems vulnerabilities. The country’s ability to get back into the fight will be dependent on the DOD’s ability to spin patches for these vulnerabilities, clean up its endpoints, and do rapid updates of its systems before booting them up again. If the DOD adopted a stateless, just-in-time software deployment model, the time needed to close this loop will be dramatically shorter than having to clean up malware off of a stateful software/hardware system and ensure that it is malware free. + +#### Concept: Design for Instrumentation + +Since anyone can track the delivery of a hamburger or pizza on their phone in real time, it is unfathomable that the DOD’s combatant commanders cannot gain real-time visibility into the endpoint systems that are under their management. Today, almost every product used is heavily instrumented to measure a variety of data: real-time control of the endpoint system, status of the endpoint, and (on the development side) understanding what features end users are utilizing. There are hundreds of great products to choose from to both instrument and track this usage, and the DOD’s endpoint hardware systems need to be designed and built with instrumentation integrated into them from the outset. (A critique of user interfaces/user experiences in the DOD is outside the scope of this paper. Unfortunately, UI/UX best practices remain a foreign concept to most DOD hardware and software system developers.) + +The most important design element is to include sensors for every part of the system that could be relevant for remote control and orchestration, as well as any other components that are crucial to the operation of the overall system. The sensors should provide the ability to read such information as on/off status, unit values, and the like. The simplest and most telling example is that many of the resources and munitions on all airplanes and tanks are still not tracked automatically — with few exceptions and rarely in real time. + +When a particular component includes one or more sensors, the next question is whether those sensors should be paired with the ability to automate the component. Obviously, any component with a read-only sensor cannot be automated, but it should be possible to automate the others. This includes test and evaluation (T&E) sensors capable of reporting to users when a fielded system is not performing as expected. This is especially important for systems that integrate so-called “black-box” AI capabilities. + +The close friend of instrumentation is real-time connectivity and reporting. If real-time connectivity is not possible, then the next best option is an ability to synchronize prioritized data when the system regains a connection. Currently, the DOD’s version of an iPhone sync is pulling out a hard drive from a helicopter, plane, or drone, then shipping it cross-country to a secure data center where it can be downloaded and processed. The military cannot continue to operate this way. + +#### Concept: Simulation, Testing, Verification + +Planning, exercises, and wargaming have always been an integral part of warfighting preparation. Scenes of military leaders and policymakers standing around tables with large maps that include board pieces representing personnel, tanks, aircraft, and ships — from the United States and its allies and partners, as well as the adversary — are sufficiently familiar. Each side makes a move, the outcomes of which are then assessed by impartial observers before the next round of moves. Military wargames like this take place regularly but not nearly frequently enough to account for the rapid pace of change unfolding in today’s digital environment. All militaries have plans for different kinds of scenarios and contingencies, but few of these plans are tested in advance. Why? + +First, simulation systems vary widely depending on what someone is trying to simulate. The major factors that affect a simulation are its size and scale (typically the number of objects being handled), the fidelity of each object (what level of detail do you simulate), and the resources you are willing to throw at an object. For instance, a first-person shooter game can act as a simulation for a relatively small number of soldiers in very high fidelity. The gun’s operating can be replicated extremely accurately, along with a highly realistic small-scale simulation environment. On the other hand, complexity increases exponentially when attempting to run a simulation across the entire Indo-Pacific theater, with thousands of weapon systems and objects all interacting dynamically. Such a simulation would be incredibly complex, expensive, and probably unfeasible. + +Second is the actual setup of the simulation itself. In almost every case, actual operational systems are not used for simulation — meaning real-world operational data is rarely ported over to the simulation systems. Even when this happens, the data transfer is complex, hindered by data size and protection of classified information. This creates very high barriers to entry that are extremely hard to bridge. One such example is how the military services have been working for the past decade on ways to integrate live, virtual, and constructive (LVC) weapon systems. The Air Force’s Virtual Flag program, for example, was designed from the beginning as a LVC joint and combined exercise. Despite considerable progress over the past few years, Virtual Flag still suffers from the combined challenges of scale, integration of multi-level classified systems, and fidelity. One promising option is to find ways to easily export or pull information from operational systems into simulation systems that have been designed to handle low-fidelity/high object-count or high-fidelity/low object-count simulations — essentially a dial that someone can use to manage the trade-off between these choices. Once built, it would make sense not only to be able to run testing and verification on top of these systems, but also to include concepts such as “Chaos Monkey” (see below). + +Operational and contingency plans (to include branches and sequels) can also be described and explored as part of the system. There are numerous extremely lucrative technologies such as generative adversarial networks and digital twinning that can be built and run on these platforms. This approach would allow the DOD to use AI-enabled technologies and other capabilities to test different adversarial strategies and techniques, as well as explore ways to counter them (some of the most promising work in this area includes game-theoretic competitions). The problem is that these can only be developed if the DOD has the right platforms, designed with the right APIs, upon which to build. So far, this remains much more of a pipe dream than reality. + +#### Concept: Design for Failure and Let the Chaos Monkey Loose + +Netflix built an open-source product called “Chaos Monkey” it used for testing complex and highly available software systems. Like a crazy monkey having a good time, it would randomly kill parts of a software system to see if they would recover and continue running. This has now been expanded to include the “Simian Army” family of tools that expand the testing concept. + +Running Chaos Monkey on your software is the equivalent of the “power-cord test” in a physical data center — essentially, randomly pulling a power cord of a running computer system or router to see if all the high-availability features of the site remain operational. + +The DOD should consider Chaos Monkey in two forms: first as a traditional testing product that the Department can use to test its backbone with warfighting software systems and, second, to test warfighting plans in a simulation environment to see how they actually unfold in situations characterized by random and uncontrollable changes (the inevitable friction that happens in the real world). Both approaches would allow the DOD to begin to design more for resiliency and anti-fragility than for optimizing performance under the kind of perfect conditions that simply never exist. This is, of course, only possible if the DOD can build software simulation systems that accurately represent its fielded systems under the full spectrum of realistic operating conditions. + +#### Concept: Build Autonomy and Automation at the Edge + +When any system is software defined, it is typically the case that the control path and data path are pulled apart. Control becomes centralized, leaving the actual endpoint system to execute its mission with complex control logic, driving up cost and complexity. It is obviously not realistic or optimal for every small control decision to be made centrally. The latency between the endpoint and central control logic would be too high, and if the communication link were severed, the endpoint could not continue to function. This is also a case where the types of endpoints found in a military context (such as an aircraft, vehicle, or ship) are much larger and more complex than a typical computer network. + +The argument against this architecture is that if both the larger and smaller systems require manual management, then simple math shows that the DOD will require many more people to scale because it has more systems. As a matter of fact, the limiting factor in drone flights today are the crews to pilot the craft, not the actual hardware. For instance, each MQ-1 Predator or MQ-9 Reaper remotely piloted aircraft (RPA) system requires a pilot and sensor operator, along with a fairly large behind-the-scenes team of maintenance personnel and intelligence analysts (up to about 100 people total). As a business model, this does not scale well at all, as even with a relatively inexpensive piece of hardware, the human cost of operating the system remains quite high. Adding UAVs to the current architecture — wherein one pilot flies a single RPA — does not yield much of a cost or operating advantage (that is, there are relatively limited economies of scale). If anything, the DOD ends up with negative economies of scale: as the Department flies more systems, the harder and more expensive operating each aircraft gets. Unless they have an infinite supply of money, commercial companies with negative economies of scale quickly go out of business. The way around this is to figure out how to remove the expensive overhead of human involvement through more automation and autonomy, up to and including AI-enabled systems. + +Granting autonomy to these endpoint systems seems to run counter to the entire discussion of centralizing control through orchestration. The right way to think about it is to consider the scope of orchestration any particular system needs to have. An individual drone, for instance, should be responsible for the autonomy functions that are relevant to it, including taking off, landing, flying, and some route planning. If it is programmed to perform a certain function — perhaps identifying and tracking certain objects — then it should also be able to perform those functions without extensive human intervention or a central control system managing even the smallest tasks. But a single drone should not be responsible for orchestrating the functions of hundreds of other drones, nor should it be responsible for coordinating between a swarm of drones and armored vehicles on the ground. Those orchestration functions should be done by levels of software above, with a singular endpoint playing the right role and function within the broader context of all the systems being orchestrated. + +#### Concept: Integrate Development Environments with Production + +Currently, the DOD’s core code-development environments are not tightly integrated with the deployment of this code at the endpoints. The Department has an entire spectrum of development environments that are all trying to address similar issues, but there are no simple pathways from code development — which is done in these specific enclaves — to production environments. It will be even more challenging to deploy code to an actual endpoint (a piece of hardware such as a drone, ship, vehicle, or manned aircraft). While these types of deployments are not trivial, given that they require substantial pre-deployment testing and evaluation, accelerating this development–production–fielding–sustainment cycle will be critical to future success and gaining a competitive battlespace advantage. This underscores an earlier critical point: whereas the DOD could once claim the mantle of being bigger than anyone in the world and, as such, could rationalize refusing to adhere to commercial best practices, today the world’s biggest tech companies deal with eye-watering speeds and scale well beyond anything the DOD regularly sees. + +Containerization, which allows for the right packaging of code that can be “sealed” and deployed to the endpoints in a predictable manner, plays an important enabler role. This will require endpoint system developers to enable newer systems to handle containers and to build these systems to be receptive targets of development, security, and operations processes. + +This becomes even more important when a capability such as AI is integrated into these systems. Unlike traditional software, AI software is never done. The more operationally relevant data that is gathered and the more that an AI-based system performs in the operational environment, the more retraining and updating is needed. This loop of gathering data, retraining, and redeploying code is an important one to master and can only be enabled if these development environments are built the right way, with consideration of the end production environments. + + +### Putting It All Together + +Applying these core principles across the DOD can seem impossible. Large technology transformations at legacy, industrial-era organizations present seemingly insurmountable obstacles. Indeed, most of the successful examples of organizations that adopted the aforementioned software best practices have involved digital-native companies that did not have to deal with legacy systems. And these companies almost never faced the byzantine DOD, in which there are thousands of hardware and software systems built by hundreds of different vendors, few of whom had to adhere to any core architectural standards that would be considered commercial software best practice. + +This report provides a blueprint for the way forward. The DOD should adopt these core concepts as it designs, develops, fields, and sustains all its weapon systems and supporting hardware. Think of a software “core” with an outer hardware “shell” — in essence, running the logic, planning, and optimization in the software plane, with the hardware tethered to the end of a long chain of software. In this idealized architecture, end-to-end software architecture connects all the relevant sensors (inputs) and outputs (weapons systems). It would also make it easier to model all the right workflows (kill chains), along with predictive intelligence systems, logistics, targeting, and fires, all of which would be integrated into a single architecture built on a few large-scale core platforms. + +At the heart of all these large networks of systems — whether autonomous or manually controlled — will be complex, internet-scale, highly available software that pulls everything together. The underlying software systems will help bind all the DOD’s people, weapons, logistics, and intelligence — and, equally important, pull together the Department’s development and production environments to allow for more rapid code development, deployment, and sustainment. + +There are two critical steps required to pull off this kind of transformation. First, the larger problem needs to be broken down into smaller and smaller parts that are independent, allowing the creation of structured interfaces and APIs around them. This is especially important since each armed service runs its own infrastructure and applications, which will probably be the first to be cut, followed by segments underneath them. Second, the DOD should build the core scaffolding around which the other parts of the system can be “glued on” over time. Such a “loosely coupled, highly aligned” architecture could be expanded over time by bringing over and integrating more parts into the system instead of trying to upgrade or rewrite every part of the problem at once. + +![image2](https://i.imgur.com/4i8REz7.png) +_▲ __Aspirational Core System Architecture for Software-Defined Warfare.__ Source: Designed by Nand Mulchandani_ + +As emphasized earlier, the most important part of this process will be to define an overall architecture with the right interfaces and abstractions. In addition, the DOD should use well-established and proven industry-standard and open-source best practices to build these types of interfaces (APIs, REST), data-exchange formats (JSON, XML), storage and representation methods (time-series databases, event/pipeline management systems), application packaging (containers), and the runtime architecture (microservices). At the same time, this approach should disconnect the data platform from the application logic, as well as the user interface and presentation services from the backend data and application logic (through APIs and other interfaces). This will allow each layer of the system to evolve independently without having to build a highly interconnected but fragile stack wherein even small changes will ripple through the architecture to every part of the system, making code updates extremely hard and expensive. + +At the heart of the DOD’s software architecture should be various software platforms to be built and operated across the department. These platforms provide a necessary divide between the data/core-logic layers and the applications. Separating the two provides an environment in which building a new application is dramatically simplified since all the heavy lifting of aggregating, cleaning, and integrating data is already done at the platform level. Additionally, the DOD should insist that any vendor implementing a platform and APIs build these as open interfaces that are well documented, version controlled, rent free, and availably freely to any vendor who wants to build upon them. + +When this happens, the application writer need only be concerned about their own application logic, as they can freely rely upon any of these backend platform services for data and some common logic. Since they will not have to re-import, clean, and rebuild the entire data environment from scratch and recode common business logic, they will be able to rapidly build new functionality at a dramatically lower cost. Multiple vendors can also build competing products on the platform, driving down costs and increasing the quality of the applications for the DOD customer. Finally, when the Department owns the interfaces (the APIs, not the actual applications themselves), vendor lock-in will be lessened: no vendor will be able to hold the customer (DOD) hostage since all the data is captive in a system, with no way of exporting or accessing it. This is known as the “Roach Motel” problem, in honor of an aggressive late-night infomercial focused on cockroach removal that boasted, “Roaches check in, but they don’t check out!” The problem in this case is that data does not check out. In addition to enabling external vendors to build new applications, this architecture would also make it dramatically easier for internal DOD coders and data scientists to build smaller applications rapidly or enable new analytics on top of existing data. The same barrier of cleaning, importing, and normalizing data that exists for a smaller vendor is even larger for an individual internal developer. Immediately opening this up to the broader internal developer community will likely spur a dramatic increase in the kind of “micro applications” that are simply not developed today due to high costs and high barriers to entry. + + +### Conclusion + +Warfighting has always been viewed as some esoteric combination of art and science that is incredibly complex to manage. The size, scale, and speed with which events take place and change continuously, even chaotically, can make it seem nearly impossible to master either the art or the science. In the future, warfighting will only become more complex, even more chaotic, and even faster. The art side of the art-science equation remains as important as ever. However, with the proliferation of new technologies and a shift to a data-centric world, the science part of the equation is becoming increasingly consequential. In future crises and conflicts, the side that adapts faster and demonstrates the greatest agility — to include rapidly updating and promulgating fielded software and AI models — is likely to gain a significant competitive advantage. + +The only way for the DOD to stay competitive in this new warfighting environment is to ensure that it uses the most potent weapon available: technology, and more specifically, software. The commercial computer industry used to manage data centers the way the DOD has always conducted warfighting but realized that it did not scale. The industry came up with new tools and technologies to virtualize, automate, monitor, and scale data centers, which in turn have allowed the industry to offer services at a fraction of the cost with almost no downtime. + +One of the greatest challenges the DOD and other U.S. federal agencies face is that they were built from the ground up as industrial-age, hardware-centric organizations. Making the transition to digital-age, software-centric, more risk-tolerant organizations is exceedingly difficult. But it is also the only path to future success. The template exists; implementation is now the hard part. + +While many of these concepts from the software industry may not have perfect analogues to military hardware and warfighting, it is important to understand the core concepts outlined in this paper and the effects they have on architecting large-scale, complex systems. The key is to begin thinking of military objects and hardware as part of a larger system that is woven together using software. This will not only prevent the most expensive and scarce resources from being subject to mind-numbing legacy workflow processes but will also dramatically accelerate information and decision cycles. At the same time, by automating most of the routine, mundane functions that currently absorb far too much of everyone’s time, implementing these software best practices will allow military leaders to spend more time focusing on the critical decisions they need to make. + +Software-defined warfare is the way of the future. Of course, this should never mean that humans are redundant or uninvolved. To the contrary, the approach described in this report opens up incredible new opportunities for human-machine teamwork, in which the roles of humans and machines are optimized based upon what each does best. Business objectives, goals, and the overall architecture of the systems are still all set by humans. The actual operations are handled by software, based on parameters established by humans. Any exceptional conditions or issues are still escalated to humans. The best way to characterize this change is to “take the robot out of the human” by electronically connecting end-to-end processes, leaving the human with the time to concentrate on making the most important and consequential decisions. In a fully AI-enabled future, UI/UX will advance to the point where users will train smart machines so systems can adapt to an individual’s performance, the pace of their cognitive development, and even their past behaviors. Given the state of its hardware and software, there is no possible way the DOD can do this today. + +We wish the best for our country and, in our time at the Department of Defense, have tried our best to institute and implement best practices to orient the United States in this new direction. We hope this work continues and these ideas continue to make their way into the thinking and design of our next-generation warfighting systems. + +--- + +__Nand Mulchandani__ is the inaugural chief technology officer (CTO) of the United States Central Intelligence Agency (CIA). Prior to joining the CIA, he served as the CTO and acting director of the Department of Defense Joint Artificial Intelligence Center. He also cofounded and was CEO of several successful start-ups: Oblix (acquired by Oracle), Determina (acquired by VMWare), OpenDNS (acquired by Cisco), and ScaleXtreme (acquired by Citrix). He has a bachelor’s degree in computer science and math from Cornell, a master of science in management from Stanford, and a master in public administration from Harvard. + +__Lt. General (Ret.) John N.T. “Jack” Shanahan__ retired as a lieutenant general in the United States Air Force. From 2018 to 2020, he served as the inaugural director of the Department of Defense Joint Artificial Intelligence Center (JAIC). Prior to leading the JAIC, he led the creation of the Algorithmic Warfare Cross Functional Team (aka Project MAVEN) as the director for defense intelligence (warfighter support), in the Office of the Under Secretary of Defense for Intelligence. Over his 36 years of service in the Air Force, he accumulated more than 2,800 flight hours and flew F-4D/E/G, F-15E, and RC-135 aircraft. He is a graduate of the University of Michigan, the Naval War College, the National War College, and North Carolina State University. diff --git a/_collections/_hkers/2022-09-08-al-qaeda-and-isis-2022.md b/_collections/_hkers/2022-09-08-al-qaeda-and-isis-2022.md new file mode 100644 index 00000000..33377d62 --- /dev/null +++ b/_collections/_hkers/2022-09-08-al-qaeda-and-isis-2022.md @@ -0,0 +1,119 @@ +--- +layout: post +title : Al Qaeda And ISIS 2022 +author: Katherine Zimmerman +date : 2022-09-08 12:00:00 +0800 +image : https://i.imgur.com/H60615l.jpg +#image_caption: +description: The State of al Qaeda and ISIS Around the World +excerpt_separator: +--- + +_Salafi-jihadi groups are increasingly embedded in local conflicts, even while remaining part of al Qaeda’s and the Islamic State’s global networks._ _These networks include a core senior leadership cadre that provides strategic guidance to regional branches and seeks to inspire and attract new recruits to their movement. The senior leadership directs resource distribution globally, helping to surge support to take advantage of opportunities as they arise in different theaters._ + +Salafi-jihadi groups’ growing focus on local insurgent dynamics has enabled them to build support, expand territorially, and develop new capabilities. Weak governance and unaddressed grievances have made them resilient to counterterrorism operations, including leadership attrition, and enabled their reemergence after setbacks. Globally, Salafi-jihadi groups are set to strengthen as counterterrorism pressure lessens and local conditions worsen. They have prioritized local expansion over targeting the West, their “far enemy,” because of their operational successes in regional theaters. They may be able to generate or reconstitute transnational terror attack capabilities, which US counterterrorism pressure has largely eliminated, from these local bases. Al Shabaab, for example, pursued another 9/11-style attack in 2019. + +The Taliban’s victory in Afghanistan continues to reverberate through the Salafi-jihadi movement. Al Shabaab and others have cited the Taliban’s strategy as a model for their own success through jihad. Moreover, the new terrorist sanctuary in Afghanistan permitted al Qaeda to revitalize its lagging global media presence and possibly better coordinate among its affiliates. The global reduction in counterterrorism resources has also lifted pressure from many Salafi-jihadi groups, which increasingly enjoy their own regional safe havens from where they threaten to destabilize nearby states. + +![image1](https://i.imgur.com/kV5ax9M.png) +![image2](https://i.imgur.com/r6bFhsU.png) +_▲ Note: The established date for each group is given in the figure with the abbreviation “Est.” The groups shown are al Qaeda in the Arabian Peninsula (AQAP), al Qaeda in the Islamic Maghreb (AQIM), al Qaeda in the Indian Subcontinent (AQIS), Islamic State Central Africa Province (ISCAP), Islamic State East Asia (ISEA), Islamic State Sahel Province (ISGS), Islamic State in Iraq and al Sham (ISIS), Islamic State Khorasan Province (ISKP), Islamic State Mozambique (ISM), Islamic State Sinai Province (ISSP), Islamic State West Africa Province (ISWAP), and Jama’at Nusrat al Islam wa al Muslimeen (JNIM). Note that ISGS was renamed “Islamic State Sahel Province” in March 2022. For clarity, ISGS will continue to refer to the Sahel Province while ISSP will refer to Islamic State Sinai Province._ + + +### Behind the Scorecard + +#### Africa + +Salafi-jihadi groups have expanded rapidly in Africa. They have sustained local attack cells and broader insurgencies by capitalizing on local instability and governments’ inability to provide security and services, including drought and famine response. + +__In East Africa__, al Shabaab’s insurgency in Somalia endures. Al Shabaab controls significant parts of south-central Somalia and has escalated attacks in the capital region since early 2022. It capitalized on diminished counterterrorism pressure caused by the withdrawal of US troops in 2021. Pressure on al Shabaab has increased since the reinsertion of US forces in May 2022, but its gains will take time to reverse. Additionally, al Shabaab conducted two military incursions into Ethiopia in summer 2022, indicating an intent to expand regionally. The Somali Islamic State province is relatively small but serves as an intermediary and financial hub for multiple Islamic State branches. It links the Islamic State’s central and east African provinces to Islamic State leadership in Iraq and Syria and transmits funds to Afghanistan via Yemen. + +In May 2022, Islamic State leadership declared the Islamic State Central Africa Province (ISCAP) and the Islamic State in Mozambique (ISM) autonomous, rather than two wings of the same province. Both ISM and ISCAP may benefit from their connection to IS leadership, which may push them to focus on a broader regional approach or increase their emphasis on external operations. + +Since 2020, ISM has been engaged in an insurgency in northern Mozambique. Mozambican, Rwandan, and Southern African Development Community forces dislodged ISM from key towns in 2021, but ISM has relocated, expanded its activities elsewhere in the region — including increasing cross-border attacks into Tanzania — and encouraged fighters to melt into civilian communities until called on. + +In northeastern Democratic Republic of the Congo, ISCAP has pursued a low-level insurgency for several years, prompting the declaration of martial law in two provinces in 2021. Ugandan and Congolese forces engaged in a concerted counterterrorism effort in late 2021 and early 2022, prompted by ISCAP attacks in Uganda, but ISCAP’s frequency of attacks has held steady. Over the past two years, ISCAP has effectively doubled its area of operation, increased its operational tempo, and attracted more foreign fighters. It has also freed upward of 2,000 prisoners in major prison breaks since 2020. + +__In North Africa__, the Islamic State Sinai Province (ISSP) continues to conduct attacks against gas pipelines and the Egyptian armed forces but has declined in strength due to persistent Egyptian counterterrorism pressure and the resolution of underlying local grievances. The leader of al Qaeda in the Islamic Maghreb (AQIM) remains in Algeria, but its focus has been the success of its subordinate affiliates in the Sahel, primarily Jama’at Nusrat al Islam wa al Muslimeen (JNIM). AQIM appears to operate as a link to al Qaeda’s global leadership and a financial and ideological facilitator, although it has not exhibited significant independent operational capacity in recent years. + +__In West Africa__, JNIM has embedded itself in communities in central Mali, providing aspects of governance, including administering justice, brokering interethnic peace deals, and imposing taxes. From this stronghold, it launched a series of attacks in southern Mali in summer 2022 and actively threatens security in Bamako, Mali’s capital. The withdrawal of French forces from Mali and possible further easing of counterterrorism pressure will permit JNIM to further entrench itself in central and northern Mali. JNIM previously expanded into Burkina Faso and has attack cells in Benin, Côte d’Ivoire, Senegal, and Togo. JNIM’s population-centric approach better positions it to gain local support compared to its local Salafi-jihadi rival, the Islamic State in the Greater Sahara (ISGS), known for its brutality. + +In March, the Islamic State declared ISGS an autonomous province, recognizing it as the Islamic State Sahel Province. The group has struggled due to leadership attrition. Malian pressure and intergroup competition have forced ISGS to reevaluate current approaches, including agreeing to a truce with JNIM. But ISGS remains an active operator in Mali’s embattled eastern provinces and a major threat to civilians in western Niger and northern Burkina Faso. + +In northeastern Nigeria, the Islamic State West Africa Province (ISWAP) has absorbed or eclipsed much of Boko Haram, the group from which it originally splintered. Over the past year, ISWAP has increased in operational tempo and audacity, including a large-scale prison break in July 2022 on the outskirts of Abuja, Nigeria’s capital. Its insurgency in the northeast is ongoing, but a rise in operations in central Nigeria indicates it has begun to build networks and capacity outside of its current strongholds. + +In northwestern Nigeria, al Qaeda–linked Ansaru appears to be making a resurgence after several years of dormancy. The group confirmed its loyalty to AQIM. Although it is not yet a major threat, its ascendency indicates growing al Qaeda influence in the region. It appears to be pursuing a population-centric strategy and has adopted the banditry tactics common to other militant groups in northern Nigeria. + +#### Middle East + +Counterterrorism campaigns have weakened Salafi-jihadi groups in Iraq and Yemen, though early indicators point to the groups reconstituting capabilities. Broader regional instability has set favorable conditions for Salafi-jihadi groups, particularly in Syria. + +__In Iraq and Syria__, the Islamic State in Iraq and al Sham (ISIS) has exhibited resilience and persistence in the face of extensive counterterrorism operations. In Iraq, ISIS activities have declined in 2021 and 2022, but this may reflect a reorientation toward Syria to take advantage of growing instability and insecurity. ISIS has conducted several complex attacks, including a major January 2022 prison break in Hasakah, northern Syria, from its strongholds and training camps in the Syrian desert. Massive camps of displaced persons, many related to imprisoned ISIS fighters, may further stress security in Syria. The loss of multiple senior Islamic State leaders, both killed and captured, has weakened the global Islamic State leadership cadre operating from Iraq and Syria. + +Hayat Tahrir al Sham controls significant territory in northwestern Syria and has made a concerted effort to portray itself as moderate and legitimate, distancing itself from its Salafi-jihadi roots. It has consolidated power by targeting Hurras al Din — also known as al Qaeda in Syria — and occasionally the Islamic State in Idlib province, where Hayat Tahrir al Sham is the de facto governing body. It has pledged to provide services and defend those under its jurisdiction, and it exerts market controls and extracts taxes. Hurras al Din still professes strong loyalty to al Qaeda. It has been weakened over the past few years, though it remains active. + +__In Yemen__, al Qaeda in the Arabian Peninsula (AQAP) continued to strengthen slowly under reduced counterterrorism pressure. The group is more fragmented, but it remains focused on regenerating transnational attack capabilities, fighting the Houthis and local opposition and inspiring lone-wolf attacks in the US and Europe. The Islamic State in Yemen remains on a downward trajectory. Its key value to the global Islamic State network is its role as a financial and facilitation link between IS-Somalia and Islamic State Khorasan Province (ISKP) in Afghanistan. + +#### South Asia + +Salafi-jihadi groups in the region have strengthened considerably since the August 2021 withdrawal of US and NATO forces from Afghanistan. Al Qaeda and al Qaeda–linked groups enjoy increased freedoms under the Taliban, while ISKP has strengthened. In Indonesia and the Philippines, counterterrorism efforts have been successful at degrading Islamic State cells. Major attacks have decreased substantially, though some pockets of militancy remain. + +__In Afghanistan and Pakistan__, the Taliban has reestablished a safe haven for al Qaeda and al Qaeda in the Indian Subcontinent (AQIS) since the withdrawal of US and NATO forces in August 2021. Al Qaeda has not yet seen an increase in external operating capacity, but the apparent freedom with which al Qaeda leadership operates in Afghanistan indicates that recruitment, training, and propaganda operations are likely to increase. Some counterterrorism successes, such as the targeting of the late al Qaeda emir Ayman al Zawahiri, may be disruptive in the short term, but counterterrorism pressure has diminished substantially. + +AQIS has maintained a low profile and individual fighters remain part of Taliban combat units. The Haqqani network retains its role as a regional facilitator and link between various regional Salafi-jihadi groups, with close ties to the Taliban and al Qaeda. Notably, the Haqqani network’s leader is a cabinet member in the new Taliban government and has been implicated in harboring Zawahiri. The Tehrik-e-Taliban Pakistan, while engaged in ongoing negotiations with the Pakistani government, has benefited substantially from Taliban leadership in Afghanistan. Splinter groups have rejoined the primary organization, and in March 2022, it announced a spring offensive against Pakistani security forces. + +ISKP reconstituted over the course of 2021, taking advantage of Afghanistan’s instability in the wake of the Taliban takeover. The Taliban’s counterinsurgency operations against ISKP have had mixed results as ISKP focuses on undermining Taliban control, attacking infrastructure and targeting sectarian and ethnic divisions in Afghanistan and reestablishing former strongholds. ISKP’s ranks have swelled due to fighters’ release from prison during the Taliban’s summer 2021 offensive and increased recruitment afterward. The Islamic State has increased its funding for ISKP. + +__In Southeast Asia__, authorities have made a significant impact on the operational capacity of Islamic State–linked groups, although they still pose a threat. In the southern Philippines, some pockets of activity remain, and periodic clashes with government forces and small-scale attacks continued. + + +### Leadership + +A decapitation approach has strained al Qaeda’s and the Islamic State’s leadership cadres, though both have proven resilient to attrition. The Islamic State has routinized its leadership succession, but turnover in the group’s senior leadership has helped weaken its ties to its regional branches, resulting in forced delegation of authority to local leaders. Al Qaeda’s already decentralized structure limits the impact of leadership deaths, but attrition in the ranks of its next generation of leaders may challenge the organization in the future. Newfound sanctuary in Afghanistan and the release of al Qaeda operatives from prison has enabled increased messaging from senior leaders to their global followers and added to the number of veteran operatives on the battlefield. + +Key Salafi-jihadi leaders as of September 2022 include: + +__Al Qaeda__ + +- _Saif al Adel_: A senior al Qaeda operative assessed to be the most likely new emir following the August 2022 death of Zawahiri. Adel spent significant time in Iran and may now be in Afghanistan. + +- _Abdul Rahman al Maghrebi_: An al Qaeda shura council member, al Sahab media director, and head of external communications. He is believed to be in Iran. An alternate potential successor to Zawahiri. + +- _Abu Ubaydah Yusef al Annabi_: AQIM’s emir, a longtime senior member. He succeeded Abdelmalek Droukdel after his death in June 2020. + +- _Khalid Batarfi_: AQAP’s emir since 2020. + +- _Ahmed Umar (Abu Ubaidah)_: Al Shabaab’s emir since 2014. + +- _Iyad ag Ghaly_: JNIM emir with long-standing ties to AQIM. + +- _Samir Hijazi_: Hurras al Din’s leader. + +- _Osama Mahmood_: AQIS’s emir since 2019. + +__Islamic State__ + +- _Abu al Hasan al Hashimi al Qurayshi_: Islamic State leader and successor to Abu Ibrahim al Qurayshi, who was killed in February 2022. Possibly the nom de guerre of either Juma’a Awad Ibrahim al Badri or Bashar Khattab al Sumaidai, both high-ranking Islamic State leaders. + +- _Tamim al Kurdi_: Leader of the Afghanistan-based al Siddiq office, appointed by Islamic State senior leadership in 2020. + +- _Abdul Bara al Sahrawi_: ISGS’s emir, a seasoned logistical officer with experience operating in Libya. He replaced Adnan Abu Walid al Sahrawi after his death in August 2021. + +- _Abu Musab al Barnawi_: Served as ISWAP’s emir between August 2016 and March 2019, before being appointed head of the Islamic State’s al Furqan office, which is based in the Lake Chad region and coordinates regional branches, in May 2021. His current status is unclear. The Nigerian government reported in September 2021 he had been killed, but unsubstantiated reports have since emerged that he remains alive. + +- _Musa Baluku_: ISCAP’s leader in the Democratic Republic of the Congo. + +- _Abu Yasir Hassan_: ISCAP’s leader in Mozambique, as identified by the US. + +- _Shahab al Muhajir_: ISKP’s emir, an Iraqi who defected from the Haqqani network and al Qaeda and succeeded the group’s founder, Hafiz Saeed Khan, in April 2020. + +- _Abu Hajar al Hashemi_: ISSP’s emir. He may have served previously as an Iraqi army officer. + +- _Abdul Qadir Mumin_: IS-Somalia’s emir. He defected from al Shabaab. + +- _Abu Zacharia_: Leader of ISEA. + + +### Salafi-Jihadi attacks with American Casualties (2021–22) + +Salafi-jihadi groups such as al Shabaab, AQAP, and ISIS have pursued external attack capabilities but have not conducted a terror attack in the US since the December 2019 shooting in Pensacola, Florida. The most recent attack against US forces was the ISKP suicide attack in Kabul, Afghanistan, in August 2021. US forces on counterterrorism missions are no longer engaged in combat operations, limiting the opportunities for Salafi-jihadi groups to target them. Salafi-jihadi groups have targeted Westerners in kidnapping-for-ransom plots. In late August 2022, US special operations forces rescued an American kidnapped in Burkina Faso in April 2022.