Red Teaming & Disruptive Innovation: Anticipating the Unexpected

Home / Articles / Journal Article / Fall 2017: Volume 4 Issue 3

red teaming COVER

Posted: August 12, 2017 | By: Tate Nurkin

Introduction

In October 2016, Iran’s Tasnim News Agency revealed efforts by the naval wing of the Islamic Revolutionary Guard Corps (ISR) to develop the world’s first unmanned ground effect vehicle (UGEV)
[1]. The report and accompanying photos posted on its website offered a window into Iranian efforts to create a new intelligence, surveillance, and reconnaissance system that could take off and land on any
stretch of calm sea.

Tasnim took the photos down hours after they were posted, inciting speculation that the ISR mission may not be the only, or even primary, mission for the UGEV. IHS Jane’s Defence Weekly assessed that, “while far slower than a conventional missile, a UGEV-derived munition would move far faster than any boat, potentially making it harder to engage with anti-surface weapons” [1]. Jeremy Binnie, IHS Jane’s
Defence Weekly Middle East/North Africa Desk editor, later noted that in a strike role the UGEV “may well be a sitting duck” but only if existing systems were prepared to meet a threat they had not previously seen – if “someone has thought to set up defenses to counter it” [2]. Binnie’s insight is a useful reminder of an often-overlooked component of U.S. efforts to anticipate, dissuade, and defeat threats from a growing range of possible state and non-state actors in an environment of dynamic and rapid technological innovation. Attention is paid to the what of technological innovation, the specific technologies that specific adversaries are prioritizing and the technologies in which the U.S. should invest to better pursue its interests, protect the homeland and drive competitions in salutary directions. However, the pace and scale of the diffusion of these technologies to a growing range of actors also places a premium on understanding the how of technology and capability use – that is, the operational concepts of current and emerging adversaries and the proclivities, mindsets, objectives, and priorities
that shape these concepts.

Staying ahead of the multidimensional challenge of adversary disruptive innovation will require renewed and enhanced emphasis on red teaming and other alternative methods that allow the Department of Defense (DoD) to challenge existing assumptions, explore unconventional thinking about adversaries, anticipate new threats and challenges and, ultimately, identify capabilities and concepts to meet an expanding range of fast-moving and opaque threats.

Approaches to Evaluating Impact of Disruption

Growing assertions that the global defense and security environment has, over the course of the 21st century, become more complex, uncertain, and fast moving have become axiomatic but  also relevant for DoD analysts and decision-makers. Erosion of constraints against crisis and conflict and diffusion
of the power to disrupt to a broader range of state and non-state actors together have significant implications for not just what DoD analysts examine but also how they do it.

Traditional analytical methods and filters may no longer be sufficient, in and of themselves, to determine the origin, nature, pace, and trajectory of existing and emerging threats to the U.S. and its national interests. The incorporation of a number of alternative analysis methods is becoming increasingly critical in efforts to effectively identify, assess, and plan for fast-moving and unanticipated situations. These methods can be divided into two broad categories: competitive and blue sky [3].

Competitive techniques include methods such as multiple advocacy (also known as Team A/Team B) and analysis of competing hypothesis (ACH), both of which leverage defined and structured processes to compare the validity of range of usually already established and understood alternative outcomes, interpretations, and possible decisions against each other.

Multiple advocacy is an approach introduced by Stanford University professor Alexander L. George in 1972 [4]. It asks individual or small groups of analysts to essentially role-play as advocates of particularly strongly held views and make arguments to a broader team of analysts about why this view is correct. The competitive process of multiple advocacy typically either reveals particularly strong arguments or creates new and more robust hypotheses.

ACH is a system first proposed in the 1970s by former CIA analyst Richards J. Heuer, Jr. through a series of internal CIA articles and fully captured in his book The Psychology of Intelligence Analysis [5]. It involves an eight-step process for systematically identifying, assessing, and evaluating various hypotheses about a threat, event, or out come. For example, ACH could be used to assess varying perspectives on the scale and nature of a shifting Islamic State threat to the U.S. homeland.

ACH requires an analyst to explicitly identify all reasonable interpretations and theories and
then assess and score the reliability and validity of evidence for each alternative hypothesis. The method has gained traction in many forecasting and analytical communities and
several software programs are available that facilitate construction of ACH matrices, including one from the Palo Alto Research Center [6].

Blue sky methods differentiate from competitive ones not by the absence of structure, but rather by an emphasis on developing more flexible and permissive structures that feature collaborative forums
and encourage expansion of the alternative hypotheses and outcomes being considered rather than rigorous evaluation of those already known.

Scenario planning stands out as a powerful blue sky technique through which analysts and decision-makers identify and evaluate a range of scenarios or alternative visions of the future with a particular focus on the possible and plausible over the likely. Small groups of analysts and experts discuss a
range of scenario pathways and outcomes (typically in workshop or exercise settings) that seek to engender the expression of provocative, but informed, and exploratory views of the future that may run counter to current accepted organizational perspectives. By identifying a set of representative
possible and plausible futures, assessing how DoD can best operate in and across these environments and identifying signposts that individual scenarios are more or less likely to come to pass, scenario planning can help DoD bound and anticipate novel threats and identify effective measures and capabilities to deter, dissuade or defeat these threats.

Red Teaming to Anticipate Novel Threats

Red teaming is a method that combines the structural focus of competitive approaches with the innovative and collaborative focus of blue sky techniques. It stands as a highly relevant means of
generating the creative and, in some cases, counterintuitive thinking that the current and emerging threat environments demand. The terms “red teams” and “red teaming” are widely-used and connote
different things to different individuals and communities – “for every red team that exists, a slightly different definition for red teaming also exists” [7].

Most frequently, “red teaming” is used to describe the process of injecting intentionally critical, frequently heretical, thinking into established analytical, evaluation, and decision-making processes.
The 2016 Joint Doctrine Note 1-16: Command Red Team gives a broad, but useful, definition: “Command red teams help commanders and staffs think critically and creatively; challenge assumptions; mitigate groupthink; reduce risks by serving as a check against complacency and surprise;
and increase opportunities by helping the staff see situations, problems, and potential solutions from alternative perspectives” [8]. Red teams also regularly have a particular focus on understanding how an adversary thinks, decides, and behaves in order to avoid mirror imaging – the psychological
and analytical trap that assumes all actors are influenced by the same cultural, historical, ethical, moral, educational, strategic, and operational proclivities as the DoD.

Of course, adversary analysis can be difficult without participation by individuals experienced in the decision-making processes of adversaries. However, effectively tasked groups of multidisciplinary experts capable of thinking in creative and provocative ways can provide valuable insight and perspective. Setting up structures to solicit and incorporate this insight and perspective is critical in the current environment in which more actors are in pursuit and command of more and better capabilities and are using these capabilities in more unpredictable, previously unseen ways.

Applications of Red Teaming

Jane’s Strategic Assessment and Futures Studies Center has sought to bind this expansive issue of disruptive innovation by identifying and assessing four linked revolutions: perception, processing and cognition; human and materials performance; manufacturing and logistics; and communication,
navigation, targeting, and strike [9].

Within this framework, three dynamics in particular underscore the amplified demand for red teaming to better understand adversaries and how specific technologies may evolve.

First, the pathway from development of innovative technology to deployment of a disruptive capability necessitates a series of complementary innovations in operational concepts, organizational structures, training, procurement processes, industry alignment, infrastructure and ethical, legal, and regulatory issues [9]. Aligning all components of innovation typically takes time and can involve the trackable milestones that allow the DoD to assess the maturity and pace of disruptive innovation by other states.

However, some U.S. adversaries and competitors have proven increasingly effective in navigating these adjacent innovations and have simultaneously demonstrated a lack of concern about the ethical, legal, and regulatory implications of using these capabilities, especially in light of what Jane’s Strategic Assessment and Futures Studies Center believes is the ongoing and rapid deterioration of rulesbased geopolitical norms that have pervaded for much of the last several decades [10].

For example, China’s government is providing technical and material support of its large
commercial fishing fleet, which includes, among other things, provision of “inter-operable electronics”; position, navigation, and timing technologies; and even military training. The result is the establishment of a novel and difficult to detect maritime militia [11].

Non-state armed groups, transnational networks, and ideologically imbued individuals are even less encumbered by traditional constraints, allowing them more options to optimize the effects of the technologies they possess. Consider the improvised explosive device (IED), which is possibly the most strategically disruptive capability of the first two decades of the 21st century. According to the Department of Homeland Security, “IEDs consist of a variety of components that include an initiator, switch, main charge, power source, and a container” [12] – all roles that can be filled by mundane commercial items [13]. IEDs also use a variety of “commonly available materials, such as fertilizer, gunpowder, and hydrogen peroxide” as the explosive materials, which must be accompanied by fuel and an oxidizer [12]. Estimated costs of IEDs vary, but in 2015 Defense One assessed that particularly advanced Iranian-developed IEDs known as explosively formed penetrators cost $30 or less [14].

This low-tech weapon was deployed by Islamist extremist and insurgent groups in Iraq and Afghanistan in unexpected ways contrary to the conventions of modern warfare, driving tactical, operational, and strategic disruption for the U.S. and coalition war efforts in these theaters. A short list of cost-imposing effects of the IED includes the establishment of the Joint IED Defeat Organization; increased expenditure on new capabilities (the Government Accountability Office estimates $75 billion was spent on Mine-Resistant Ambush Protected trucks, ground-penetrating radar, jamming, a range of surveillance techniques, and body armor and other capabilities) [15]; investment in the development, testing, and deployment of new tactical and operational concepts; and, most critically, more than 3,000 U.S. forces killed and 33,000 wounded in Iraq and Afghanistan from 2005 to 2011 [15,16]. Second, not all actors seeking to develop capabilities in individual revolutions, or across multiple ones, will have the engineering or budgetary capacity, strategic/mission need, or overall interest to pursue the highest-end technologies or applications of these technologies.

For example, increased demand for unmanned aerial systems is a notable feature of the modern defense and security market. The military market for unmanned systems has essentially doubled from around $3 billion in 2009 to $6 billion in 2015 [17]. However, the types of unmanned systems that are diffusing most widely are not the highest-end technologies requiring the most advanced engineering, materials, testing and scale of effects, such as High-Altitude Long Endurance platforms that can fly at or above 50,000 feet or aerostats that are essentially pseudo-satellite capabilities.

Only 5 percent of the 63,000 unmanned systems forecast to be sold to military and security communities between 2016 and 2025 will be the Class III systems, which weigh more than 600 kg and are capable of carrying the most sophisticated payloads at the highest altitudes for long periods of time [17].

Approximately one-quarter (23 percent) of this future demand is expected to be met by systems weighing between 2 kg and 20 kg that are more disposable systems designed for more tactical or close-in surveillance missions (which do sometimes include novel technologies) [17]. Add in the increasing availability of small commercial drones and quadcopters, and the picture of the use of unmanned systems for defense and security purposes becomes even more layered, with considerable activity taking place in lower-cost, shorter-range, less advanced intelligence, surveillance, and reconnaissance payload systems, some of which are commercially available. However, this does not mean that compelling and disruptive innovation in lowend applications is not taking place.

Applications of directed energy weapons offer a useful example. At the highest-end application, directed energy is being considered as a low-cost of shot solution for the growing threat of the saturation of existing missile defenses by low-cost, but increasingly accurate, cruise and ballistic missiles [18]. Directed energy is also being tested as a close-in defense weapon to deal with small boat and unmanned
threats by the U.S. Navy aboard the USS Ponce and by China as a riot control weapon and aboard paramilitary ships [19].

In addition, because low-end versions of this technology are commercially available, some less sophisticated forms of directed energy requiring considerably less investment, research and development, and systems engineering (generating a significantly smaller scale of effects such as laser pointers) have been used by non-state actors and individuals to disrupt commercial airline pilots [20] and harm Coast Guard personnel and equipment [21]. In 2013, 3,960 laser strikes against aircraft were reported, leading the FBI to trial a rewards program in 2014 for information leading to the arrest of individuals carrying out these low-cost, potentially high-impact attacks [20].

Third, high-end and low-end versions of technologies of interest to the four revolutions (and ideas on how to use them) are diffusing through more pathways, ensuring a broader range of actors not
only have interest in, but also access to, advanced military, dual-use, or even commercial technologies that can enable disruptive threats.

Commercial diffusion of advanced technologies is particularly salient to the discussion of red teaming. Companies across several industries (high-tech, automotive, commercial aerospace, energy, and maritime) all share an interest in developing and commercializing at scale many of the same types of capabilities relevant to each of the four revolutions, notably: autonomy and unmanned systems, smart
key technologies, machine learning, cyber and electromagnetic spectrum capabilities,composites and smart materials and energy capture and storage. Many of these technologies are sold commercially, and others are transferred as part of joint ventures, partnerships, and export sales.

As Paul Scharre, director of the 20YY Warfare Initiative at the Center for a New American Security, noted, “many of the underlying technologies behind increased autonomy are driven by commercial sector innovation, and as a result will be available to a wide range of state and non-state actors” [22].

Indeed, there is an established history of Islamist extremist groups and insurgents in Iraq, Syria, and across the Middle East leveraging commercially available technologies (software, encryption technologies, electromagnetic jammers, and drones) to either present novel threats to U.S. interests
and personnel or to counteract advanced U.S. capabilities. For example, in either late 2014 or early 2015, an Islamic State supporter posted a document, “How to Kill UAVs,” to the Justpaste.it website [23].

Another indicative example of the intersection of non-state armed group tactical innovation and enhanced technical capacity occurred in December 2009 when Iraqi Shiite militants used commercially available SkyGrabber software to tap into Predator drone live video feeds. Although the Iraqi fighters were unable to manipulate the feed or control the $4.5 million drone, the $26 software did allow them to view drone surveillance, enabling them to avoid detection and maintain operational security [24].

The bottom line of the collision of these three dynamics is that many actors that seek toharm the U.S. and disrupt worldwide interests are both increasingly less constrained by technical capacity and nearly unconstrainedin devising means of leveraging this capacity. This reality places building pressure on the
U.S. homeland security and defense enterprise as well as U.S. allies and partners to quickly develop new and enhanced methods and mindsets (ways of thinking about emerging threats) to meet an expanding, dynamic threat. As a recent United Kingdom’s Ministry of Defence white paper noted, “we must continue to adapt to stay ahead, finding ways to be more innovative in the ways we think, the ways we develop capabilities, and the ways we operate ourselves” [25].

Implementation

Implementation of red teaming is rarely a simple process and requires a delicate mix of structure, creativity, and intuition across four phases of execution.

First is the conceptualization and design phase during which stakeholders determine exercise objectives, parameters, structure, questions of interest, resources, and timelines.

The design phase also involves the selection of red team participants. Most successful red teams incorporate a mixture of creative thinkers, devil’s advocates, and deep subject matter experts, including, when relevant, individuals who share similar cultural or national backgrounds or operational experiences as the adversaries of interest. However, successful team composition goes well beyond finding the most experienced or well-established experts on a given topic. Indeed, it requires an expansive view of relevant perspectives and the courage to include non-traditional viewpoints or experiences that will help stakeholders achieve their overall objective.

For example, in the aftermath of the 2012 Taliban attack against Camp Bastion in Afghanistan, U.S. Marine Corps Task Force Belleau Wood formed a red team to mitigate against future failures of imagination in defense of the base. The red team did  not engage senior officers with decades
of operational experience. Instead, it was comprised largely of enlisted personnel who were unconstrained by the habits and expectations of experience and were more willing to consider bizarre attack modes that are “video game caliber” [26].

Supporting research is the second phase of effective red team execution. Exercise readahead and game materials offer participants an opportunity to fill gaps in their understanding of key issues and identify patterns in decision-making, tactics, techniques, attack modes, and adaptation efforts. A 2012 article entitled “Force Protection and Suicide Bombers: The Necessity of Two Types of Red Teams” published in the Canadian Military Journal highlights the utility of in-depth research efforts in support of red team exercises [27].

Research into suicide attack modes and target types over time of eight terrorist groups
“readily provide data points concerning the range of casualties (minimums and maximums) of successful operations and other important information including the time of day, type of attack, number of perpetrators, and so on” [27]. Assessment of these patterns provides insight into how specific groups behave and can serve as a useful jumping off point for red team discussions of how these patterns
may evolve under new strategic, operational, or tactical exigencies and realities.

The third phase of red team implementation is execution and facilitation. Experienced facilitators are crucial in balancing the need for rigorous structure and unconstrained thinking in a way that does not
“unconsciously stifle dissent and subtly discourage alternative thinking” [7]. Intuition is particularly important in this phase in shaping and guiding the conversation and understanding when and why to stray from the structure and questions developed in phase one in order to explore potentially fruitful analytical pathways.

Ultimately, facilitators are responsible for serving as a sherpa (guiding team members through a dynamic and occasionally taut process), a traffic cop (ensuring collaborative discussions and driving team members to reach decisions within exercise timelines either through consensus or team votes), and a devil’s advocate (periodically asking why and why not to force participants to articulate their core assumptions and consider additional alternatives).

The final phase of effective red team implementation is the use and incorporation of exercise outputs. Rapporteur notes on red team themes, insights, decisions, uncertainties, and tensions serve as the
basis for red team outputs, typically after-action reports and hotwash briefings designed to challenge widely-held or long-standing assumptions and help decision-makers expand the range of challenges and solutions they consider.

Red team outputs are rarely deterministic. Most frequently, these outputs are incorporated as one particularly stimulating and independent component of a broader process to diagnose, assess, or respond to a threat, challenge, or competition. Because red teams are designed to offer a
check against and challenge to organizational bias and commonly-held assumptions, red teams must balance a need for independence and the need to have topdown organizational and stakeholder buyin that the results – whatever they may be – are to be considered on their merits.

In addition, while ad hoc red teams can be useful to analysts and decision-makers, red teaming is most effective when it is built into broader processes of both DoD capability development and threat evaluation programs from the start. According to Red Team Journal Editor Mark Mateski, “to validate concepts and capabilities up front and throughout the engineering lifecycle is canonical to systems engineers” [28], but program managers and procurement officers may see regular attempts to find vulnerabilities in their programs as adding expense, time, uncertainty, and, potentially, political or procurement risk.

Conclusion

Red teaming is an increasingly important component of meeting the complex, uncertain, and contested environments and disruptive threats driven by the future of technological innovation and diffusion. If
designed and implemented well, red teaming can help decision-makers uncover possible threats and vulnerabilities that may not be visible through traditional methods and filters – a valuable tool for furthering the defense of U.S. interests and assets, domestic or abroad.

References

1. Binnie, J. (2016, October 27). Iran unveils unmanned ground effect vehicle. IHS Jane’s
Defence Weekly. Retrieved from http://www.janes.com/article/64968/iran-unveils-unmanned-ground-effect-vehicle (accessed July 19, 2017)

2. Binnie, J. (2017, January 27). Telephone interview.

3. Jane’s Strategic Assessments and Futures Studies Center uses this construct in its alternative analysis training curriculum. It is derived from both Jane’s experts’ experience in designing and applying a wide
range of alternative analysis methods and training defense and intelligence communities on these methods as well as extensive research on the topic.

4. George, A. L. (1972). The case for multiple advocacy in making foreign policy. American Political Science Review, 66(3), 751-785. doi:10.2307/1957476

5. Heuer, R. J. (1999) Chapter 8: Analysis of competing hypotheses. In The psychology of intelligence analysis. Center for the Study of Intelligence.

6. Palo Alto Research Center. (n.d.). Analysis of Competing Hypotheses (ACH). Retrieved from http://www2.parc.com/istl/projects/ach/ach.html (accessed July 19, 2017)

7. Mateski, M. (2009, June). Red teaming: A short introduction (1.0). Red Team
Journal. (p.21) Retrieved from http://redteamjournal.com/papers/A%20Short%20Introduction%20to%20Red%20Teaming%20
(1dot0).pdf (accessed July 19, 2017)

8. The Joint Chiefs of Staff. (2016, May 16). Joint Doctrine Note 1-16: Command Red Team (p. V, Rep. No. JDN 1-16). Retrieved from https://fas.org/irp/doddir/dod/jdn1_16.
pdf (accessed July 19, 2017)

9. Nurkin, T. (2016, June). Promise and peril: Dimensions, dynamics and challenges of
disruptive innovation in defense and security. Paper presented at Eurosatory Conference, Paris.

10. IHS Jane’s Strategic Assessment and Futures Studies Centre. (2016, November). Rising tensions: Air and missile defence in Europe. IHS Global Limited. Retrieved from https://ihs.uberflip.com/i/754983-
1680503jdw/0?m4= (accessed July 19, 2017)

11. Clad, J., & Manning, R. (2016, December 15). Catching controversy: China’s maritime
militia. IHS Jane’s Defence Weekly Online.

12. Barclay, J. (2017, January 24). Telephone interview.

13. The National Academies, & The Department of Homeland Security. (n.d.). IED attack: Improvised explosive devices. Retrieved from https://www.dhs.gov/xlibrary/assets/prep_ied_fact_sheet.pdf (accessed July 19, 2017)

14. Weisgerber, M. (2015, September 8). How many US troops were killed by Iranian IEDs
in Iraq? Defense One. Retrieved from http://www.defenseone.com/news/2015/09/howmany-us-troops-were-killed-iranian-iedsiraq/120524/ (accessed July 19, 2017)

15. Zoroya, G. (2013, December 18). How the IED changed the U.S. military. USA Today.
Retrieved from https://www.usatoday.com/story/news/nation/2013/12/18/ied-10-yearsblast-wounds-amputations/3803017/ (accessed July 19, 2017)

16. Watson Institute of International and Public Affairs, Brown University. (n.d.). Costs of war. Retrieved from http://watson.brown.edu/costsofwar/ (accessed July 19, 2017)

17. Maple, D. (2016, November 10). Unmanned systems: The reign of the persistent warriors. IHS Jane’s Intelligence Briefing Series.

18. O’Rourke, R. (2015, June 12). Navy shipboard lasers for surface, air, and missile defense: Background and issues for Congress (CRS Rep. No. R41526). Congressional Research Service. Retrieved from https://fas.org/sgp/crs/weapons/R41526.pdf (accessed July 19, 2017)

19. Fisher, R., & Hardy, J. (2014, November 27). China’s Poly Group unveils WB-1 directed-energy crowd-control weapon. IHS Jane’s Defence Weekly Online.

20. FBI. (2014, February 10). Protecting aircraft from lasers: New program offers rewards for information. Retrieved from https://www.fbi. gov/news/stories/protecting-aircraft-from-lasers (accessed July 19, 2017)

21. The Maritime Executive. (2016, September 27). USCG helicopter grounded following laser incident. The Maritime Executive. Retrieved from http://www.maritime-executive.com/article/uscg-heli-briefly-grounded-following-laser-incident (accessed July 19,
2017)

22. Scharre, P. (2014, October 20). The coming swarm: Robotics on the battlefield. RealClear Defense. Retrieved from http://www.realcleardefense.com/articles/2014/10/20/ the_coming_swarm_robotics_on_the_battlefield_107499.html (accessed July 19,
2017)
23. Barclay, J. (n.d.). How to kill UAVs. IHS
Jane’s 360.
24. Farrell, M. B. (2009, December 17). SkyGrabber: Hack of US drones shows how
quickly insurgents adapt. The Christian Science Monitor. Retrieved from http://www.
csmonitor.com/USA/2009/1217/SkyGrabber-hack-of-US-drones-shows-how-quicklyinsurgents-adapt (accessed July 19, 2017)
25. The Ministry of Defence. (2016, September 16). Advantage through innovation: The Defence Innovation Initiative prospectus. London: Ministry of Defence. Retrieved from https://www.gov.uk/government/uploads/system/uploads/attachment_data/
file/553429/MOD_SB_Innovation_Initiative_Brochure_v21_web.pdf (accessed July
19, 2017)

26. Kovach, G. C. (2014, May 10). Protecting troops at war’s end. The San Diego Union-Tribune. Retrieved from http://www.sandiegouniontribune.com/military/sdut-camp-leatherneck-security-taskforce-belleau-wood-2014may10-story.html(accessed July 19, 2017)

27. Bunker, R. J. (2012). Force protection and suicide bombers: The necessity for two types of Canadian military red teams. Canadian Military Journal, (12)4, 35-43.

28. Mateski, M. (2017, January 25). Telephoninterview