Options for Next Generation Blue Force Biometrics

Sarah Soliman is a Technical Analyst at the nonprofit, nonpartisan RAND Corporation.  Sarah’s research interests lie at the intersection of national security, emerging technology, and identity.  She can be found on Twitter @BiometricsNerd.  Divergent Options’ content does not contain information of an official nature nor does the content represent the official position of any government, any organization, or any group.

National Security Situation:  Next Generation Biometrics for U.S. Forces.

Date Originally Written:  March 18, 2017.

Date Originally Published:  June 26, 2017.

Author and / or Article Point of View:  Sarah Soliman is a biometrics engineer who spent two years in Iraq and Afghanistan as contracted field support to Department of Defense biometrics initiatives.

Background:  When a U.S. Army specialist challenged Secretary of Defense Donald Rumsfeld in 2004, it became tech-innovation legend within the military.  The specialist asked what the secretary was doing to up-armor military vehicles against Improvised Explosive Device (IED) attacks[1].  This town hall question led to technical innovations that became the class of military vehicles known as Mine-Resistant Ambush Protected, the MRAP.

History repeated itself in a way last year when U.S. Marine Corps General Robert B. Neller was asked in a Marine Corps town hall what he was doing to “up-armor” military personnel—not against attacks from other forces, but against suicide within their ranks[2].  The technical innovation path to strengthening troop resiliency is less clear, but just as in need of an MRAP-like focus on solutions.  Here are three approaches to consider in applying “blue force” biometrics, the collection of physiological or behavioral data from U.S. military troops, that could help develop diagnostic applications to benefit individual servicemembers.


US Army Specialist Thomas Wilson addresses the Secretary of Defense on base in Kuwait in 2004. Credit: Gustavo Ferrari / AP http://www.nbcnews.com/id/6679801/ns/world_news-mideast_n_africa/t/rumsfeld-inquisitor-not-one-bite-his-tongue

Significance:  The September 11th terrorists struck at a weakness—the United States’ ability to identify enemy combatants.  So the U.S. military took what was once blue force biometrics—a measurement of human signatures like facial images, fingerprints and deoxyribonucleic acid (DNA) (which are all a part of an enrolling military member’s record)—and flipped their use to track combatants rather than their own personnel.  This shift led to record use of biometrics in Operation Iraqi Freedom and Operation Enduring Freedom to assist in green (partner), grey (unknown), and red (enemy) force identification.

After 9/11, the U.S. military rallied for advances in biometrics, developing mobile tactical handheld devices, creating databases of IED networks, and cutting the time it takes to analyze DNA from days to hours[3].  The U.S. military became highly equipped for a type of identification that validates a person is who they say they are, yet in some ways these red force biometric advances have plateaued alongside dwindling funding for overseas operations and troop presence.  As a biometric toolset is developed to up-armor military personnel for health concerns, it may be worth considering expanding the narrow definition of biometrics that the Department of Defense currently uses[4].

The options presented below represent research that is shifting from red force biometrics back to the need for more blue force diagnostics as it relates to traumatic brain injury, sleep and social media.

Option #1:  Traumatic Brain Injury (TBI).

The bumps and grooves of the brain can contain identification information much like the loops and whorls in a fingerprint.  Science is only on the cusp of understanding the benefits of brain mapping, particularly as it relates to injury for military members[5].

Gain:  Research into Wearables.

Getting military members to a field hospital equipped with a magnetic resonance imaging (MRI) scanner soon after an explosion is often unrealistic.  One trend has been to catalog the series of blast waves experienced—instead of measuring one individual biometric response—through a wearable “blast gauge” device.  The blast gauge program made news recently as the markers failed to give vibrant enough data and the program was cancelled[6].  Though not field expedient, another traumatic brain injury (TBI) sensor type to watch is brain activity trackers, which CNN’s Jake Tapper experienced when he donned a MYnd Analytics electroencephalogram brain scanning cap, drawing attention to blue force biometrics topics alongside Veterans Day[7].



Blast Gauge. Credit: DARPA http://www.npr.org/sections/health-shots/2016/12/20/506146595/pentagon-shelves-blast-gauges-meant-to-detect-battlefield-brain-injuries?utm_medium=RSS&utm_campaign=storiesfromnpr

Risk:  Overpromising, Underdelivering or “Having a Theranos Moment.”

Since these wearable devices aren’t currently viable solutions, another approach being considered is uncovering biometrics in blood.  TBI may cause certain proteins to spike in the blood[8]. Instead of relying on a subjective self-assessment by a soldier, a quick pin-prick blood draw could be taken.  Military members can be hesitant to admit to injury, since receiving treatment is often equated with stigma and may require having to depart from a unit.  This approach would get around that while helping the Department of Defense (DoD) gain a stronger definition of whether treatment is required.


Credit: Intelligent Optical Systems Inc http://www.intopsys.com/downloads/BioMedical/TBI-Brochure.pdf

Option #2:  Sleep.

Thirty-one percent of members of the U.S. military get five hours or less of sleep a night, according to RAND research[9].  This level of sleep deprivation affects cognitive, interpersonal, and motor skills whether that means leading a convoy, a patrol or back home leading a family.  This health concern bleeds across personal and professional lines.

Gain:  Follow the Pilots.

The military already requires flight crews to rest between missions, a policy in place to allow flight crews the opportunity to be mission ready through sleep, and the same concept could be instituted across the military.  Keeping positive sleep biometrics—the measurement of human signatures based on metrics like amount of total sleep time or how often a person wakes up during a sleep cycle, oxygen levels during sleep and the repeat consistent length of sleep—can lower rates of daytime impairment.

The prevalence of insufficient sleep duration and poor sleep quality across the force. Credit: RAND, Clock by Dmitry Fisher/iStock; Pillow by Yobro10/iStockhttp://www.rand.org/pubs/research_briefs/RB9823.html

Risk:  More memoirs by personnel bragging how little sleep they need to function[10].

What if a minimal level of rest became a requirement for the larger military community?  What sleep-tracking wearables could military members opt to wear to better grasp their own readiness?  What if sleep data were factored into a military command’s performance evaluation?

Option #3:  Social Media.

The traces of identity left behind through the language, images, and even emoji[11] used in social media have been studied, and they can provide clues to mental health.

Gain:  It’s easier to pull text than to pull blood.

Biometric markers include interactivity like engagement (how often posts are made), what time a message is sent (which can act as an “insomnia index”), and emotion detection through text analysis of the language used[12].  Social media ostracism can also be measured by “embeddedness” or how close-knit one’s online connections are[13].



Credit: https://twitter.com/DeptofDefense/status/823515639302262784?ref_src=twsrc%5Etfw

Risk:  Misunderstanding in social media research.

The DoD’s tweet about this research was misconstrued as a subtweet or mockery[14].  True to its text, the tweet was about research under development at the Department of Defense and in particular the DoD Suicide Prevention Office.  Though conclusions at the scale of the DoD have yet to be reached, important research is being built-in this area including studies like one done by Microsoft Research, which demonstrated 70 percent accuracy in estimating onset of a major depressive disorder[15].  Computer programs have identified Instagram photos as a predictive marker of depression[16] and Twitter data as a quantifiable signal of suicide attempts[17].

Other Comments:  Whether by mapping the brain, breaking barriers to getting good sleep, or improving linguistic understanding of social media calls for help, how will the military look to blue force biometrics to strengthen the health of its core?  What type of intervention should be aligned once data indicators are defined?  Many tombs of untapped data remain in the digital world, but data protection and privacy measures must be in place before they are mined.

Recommendations:  None.


[1]  Gilmore, G. J. (2004, December 08). Rumsfeld Handles Tough Questions at Town Hall Meeting. Retrieved June 03, 2017, from http://archive.defense.gov/news/newsarticle.aspx?id=24643

[2]  Schogol, J. (2016, May 29). Hidden-battle-scars-robert-neller-mission-to-save-marines-suicide. Retrieved June 03, 2017, from http://www.marinecorpstimes.com/story/military/2016/05/29/hidden-battle-scars-robert-neller-mission-to-save-marines-suicide/84807982/

[3]  Tucker, P. (2015, May 20). Special Operators Are Using Rapid DNA Readers. Retrieved June 03, 2017, from http://www.defenseone.com/technology/2015/05/special-operators-are-using-rapid-dna-readers/113383/

[4]  The DoD’s Joint Publication 2-0 defines biometrics as “The process of recognizing an individual based on measurable anatomical, physiological, and behavioral characteristics.”

[5]  DoD Worldwide Numbers for TBI. (2017, May 22). Retrieved June 03, 2017, from http://dvbic.dcoe.mil/dod-worldwide-numbers-tbi

[6]  Hamilton, J. (2016, December 20). Pentagon Shelves Blast Gauges Meant To Detect Battlefield Brain Injuries. Retrieved June 03, 2017, from http://www.npr.org/sections/health-shots/2016/12/20/506146595/pentagon-shelves-blast-gauges-meant-to-detect-battlefield-brain-injuries?utm_medium=RSS&utm_campaign=storiesfromnpr

[7]  CNN – The Lead with Jake Tapper. (2016, November 11). Retrieved June 03, 2017, from https://vimeo.com/191229323

[8]  West Virginia University. (2014, May 29). WVU research team developing test strips to diagnose traumatic brain injury, heavy metals. Retrieved June 03, 2017, from http://wvutoday-archive.wvu.edu/n/2014/05/29/wvu-research-team-developing-test-strips-to-diagnose-traumatic-brain-injury-heavy-metals.html

[9]  Troxel, W. M., Shih, R. A., Pedersen, E. R., Geyer, L., Fisher, M. P., Griffin, B. A., . . . Steinberg, P. S. (2015, April 06). Sleep Problems and Their Impact on U.S. Servicemembers. Retrieved June 03, 2017, from http://www.rand.org/pubs/research_briefs/RB9823.html

[10]  Mullany, A. (2017, May 02). Here’s Arianna Huffington’s Recipe For A Great Night Of Sleep. Retrieved June 03, 2017, from https://www.fastcompany.com/3060801/heres-arianna-huffingtons-recipe-for-a-great-night-of-sleep

[11]  Ruiz, R. (2016, June 26). What you post on social media might help prevent suicide. Retrieved June 03, 2017, from http://mashable.com/2016/06/26/suicide-prevention-social-media.amp

[12]  Choudhury, M. D., Gamon, M., Counts, S., & Horvitz, E. (2013, July 01). Predicting Depression via Social Media. Retrieved June 03, 2017, from https://www.microsoft.com/en-us/research/publication/predicting-depression-via-social-media/

[13]  Ibid.

[14]  Brogan, J. (2017, January 23). Did the Department of Defense Just Subtweet Donald Trump? Retrieved June 03, 2017, from http://www.slate.com/blogs/future_tense/2017/01/23/did_the_department_of_defense_subtweet_donald_trump_about_mental_health.html

[15]  Choudhury, M. D., Gamon, M., Counts, S., & Horvitz, E. (2013, July 01). Predicting Depression via Social Media. Retrieved June 03, 2017, from https://www.microsoft.com/en-us/research/publication/predicting-depression-via-social-media/

[16]  Reece, A. G., & Danforth, C. M. (2016, August 13). Instagram photos reveal predictive markers of depression. Retrieved June 03, 2017, from https://arxiv.org/abs/1608.03282

[17]  Coppersmith, G., Ngo, K., Leary, R., & Wood, A. (2016, June 16). Exploratory Analysis of Social Media Prior to a Suicide Attempt. Retrieved June 03, 2017, from https://www.semanticscholar.org/paper/Exploratory-Analysis-of-Social-Media-Prior-to-a-Su-Coppersmith-Ngo/3bb21a197b29e2b25fe8befbe6ac5cec66d25413

Biometrics Emerging Technology Option Papers Psychological Factors Sarah Soliman United States

Authorization for the Use of Military Force Options

Silence Dogood has a background in defense issues and experience working in Congress.  Divergent Options’ content does not contain information of an official nature nor does the content represent the official position of any government, any organization, or any group. 

National Security Situation:  Current operations in the Global War On Terror are carried out under the authority granted by 2001 Authorization for the Use of Military Force (AUMF).  Given changes in the global security environment, there is currently debate over updating the AUMF.

Date Originally Written:  May 26, 2017.

Date Originally Published:  June 22, 2017.

Author and / or Article Point of View:  Author is writing from the perspective of a senior policy advisor to member of Congress sitting on either the House or Senate Armed Services Committees.

Background:  Shortly following the September 11th terrorist attacks, Congress passed Public Law 107-40, the 2001 Authorization for the Use of Military Force[1].  The 2001 AUMF states, “the President is authorized to use all necessary and appropriate force against those nations, organizations, or persons he determines planned, authorized, committed, or aided the terrorist attacks that occurred on September 11, 2001, or harbored such organizations or persons, in order to prevent any future acts of international terrorism against the United States…”  The 2001 AUMF is currently used as the legal authority for counterterrorism operations in multiple countries, against multiple organizations, including the Islamic State.

Significance:  Clearly defining ends, ways, means, and costs are central to the military planning process.  This analysis should extend and be central to the policy planning process as well.  Relying on the 2001 AUMF for the campaign against the Islamic State raises questions about whether statutory authority does, or should, to extend to this campaign.  Revisiting force authorization statutes will help mitigate the risk of perpetual war, simplify legal authorities, and strengthen congressional oversight[2].  Terrorism is a tactic, and thus cannot be defeated.  Those who engage in terrorism can be targeted and the environmental factors leading to terrorism can be addressed.  Less than 25% of the current members of Congress held office when the 2001 AUMF passed[3].  Revisiting the 2001 AUMF allows current policy makers the opportunity to reexamine the scope and extent of current counterterrorism operations.

Option #1:  Amend the 2001 AUMF to restrict Presidential authorities to use force.

Risk:  Efforts to restrict potential overreach of Presidential authorities may also restrict the flexibility of military responses to the emerging threats and capabilities of future terrorist organizations.  Restriction would relegate presidential authorities to those granted by Article II of the Constitution and international self-defense laws, such as Article 51 of the UN Charter.  This may initially restrict operational flexibility, as mentioned before.  However, this could also lead to an expansion of Article II powers as counterterrorism operations continue under the premise of Article II authorities.

Gain:  Option #1 provides Congress with a check on the President’s authority to use military force in an extended and expanded Global War on Terror.  This option also incentivizes non-kinetic counterterrorism efforts.  These efforts include targeting terrorism financing, economic development, information operations, and judicial counterterrorism strategies.  Restricted authorities could limit the geographical areas of operations.  They could also restrict targeting authorities to a list of named enemy organizations[4].

Option #2:  Amend 2001 AUMF to update or expand Presidential authorities to use force.

Risk:  Updating the 2001 AUMF to expand Presidential authorities to use force may lead to excessive use of military force.  It could also lead to further legitimizing endless war.

Gain:  An updated and expanded AUMF could clearly define uses of technologies not widely available in 2001, such as armed unmanned aerial vehicles and cyberwarfare. Option #2 could also enable the targeting of terrorist groups unaffiliated with Al Qaeda that pose a threat to the United States.

Other Comments:  None.

Recommendation:  None.


[1]  The Authorization for Use of Military Force (AUMF), Pub. L. No. 107-40, 115 Stat. 224 (2001)

[2]  Wittes, B. (2014, November 11). A Response to Steve Vladeck on the AUMF Principles. Retrieved from https://lawfareblog.com/response-steve-vladeck-aumf-principles

[3]  Brandon, H. (2017, May 05). An ISIS AUMF: Where We Are Now, Where to Go Next, and Why It’s So Important to Get It Right. Retrieved from https://www.justsecurity.org/40549/isis-aumf-now-next-important/

[4]  Popplin, C. (2015, June 09). National Security Network Proposes Plan to Repeal AUMF. Retrieved from https://lawfareblog.com/national-security-network-proposes-plan-repeal-aumf

Authorization for the Use of Military Force (AUMF) Option Papers Silence Dogood United States Violent Extremism

Options to Counter Piracy in the Horn of Africa

Captain Robert N. Hein (U.S. Navy, Retired) was a career Surface Warfare Officer in the U.S. Navy.  He previously commanded the USS Gettysburg (CG-64) and the USS Nitze (DDG-94).  He can be found on Twitter @the_sailor_dogClaude Berube teaches at the United States Naval Academy, was a 2004 Brookings Institution LEGIS Congressional Fellow and a 2010 Maritime Security Studies Fellow at The Heritage Foundation.  He can be found on Twitter @cgberube.  Divergent Options’ content does not contain information of an official nature nor does the content represent the official position of any government, any organization, or any group.  

National Security Situation:  After lying dormant for a few years, following a large international response, piracy off the Horn of Africa is again threatening the free flow of global commerce.

Date Originally Written:  May 29, 2017.

Date Originally Published:  June 19, 2017.

Author and / or Article Point of View:  Claude Berube has operated off the Horn of Africa, and has written extensively on piracy and private maritime security companies.  Bob Hein has hunted pirates off Somalia.  Bob’s final assignment was the Deputy Director of Strategy on the U.S. Navy Staff.

Background:  Somali piracy threatens major trade routes.  Over 30,000 ships transit the Gulf of Aden annually.  At its peak in 2007, the cost of Somali pirate attacks to the shipping industry was $7B.  The cost decreased to $1.3B in 2015, and climbed to $1.7B in 2016[1].  In May 2017, the Commander of U.S. Africa Command, U.S. Marine Corps General Thomas Walderhauser, indicated as many as six piracy attacks occurred in the last month[2].  Given the expanse of unpatrolled waters in the region and opportunities for criminal and pirate networks to exploit maritime security gaps, there will inevitably be more attacks.

Significance:  Since the Romans and Carthaginians raised their Navies against each other in the Punic Wars, the purpose of Navies has been to protect the coast, and protect maritime commerce.  Prior to that, Thucydides mentions piracy in History of the Peloponnesian War.  The actions of pirates in Africa led to the establishment and deployment of the U.S. Navy in the early 19th century.  A resurgence in Somali piracy represents a renewed threat to global trade, and the stability of Somalia.

Option #1:  The U.S. cedes the constabulary role for counter-piracy activities to the People’s Republic of China (PRC) People’s Liberation Army (Navy) (PLA(N)).  In April 2017 the PRC deployed its 26th anti-piracy flotilla to the Horn of Africa.  In that time, the PRC escorted 5,900 ships in the region[3], and established a base in nearby Djibouti to maintain a mission to not only protects the PRC’s “One Belt” initiative, but give PRC Naval Commanders experience operating far from home.

Risk:  Taking over this mission allows the PRC to gain experience in operating far from home, a key attribute for an historic land power seeking increased influence abroad.  Prior to its first anti-piracy flotilla in 2008, the PLA(N) had been largely absent in international waters for five centuries.  The PRC may also give a false sense of security to those areas where it does not have a direct interest.  By ceding additional maritime security missions to the PLA(N), the U.S. and its partners empower PLA(N) overseas capabilities and the possibility that regional powers will become more reliant on the PRC.  For example, in 2015 the PRC was able to evacuate its citizens from the growing crisis in Yemen due, in part, to their enhanced capabilities from long-range operations in the region and newer platforms[4].

Gain:  The PRC does provide a short-term solution with a modern navy.  It has the motivation to prove itself as a guarantor of maritime security, not just a consumer.  The PRC has the capability and the desire to contain and curtail piracy in the Horn of Africa if not to simply secure shipping then for longer-range operational and strategic goals.

Option #2:  The U.S. builds capacity in the Somali maritime forces, and trains nascent Somali governments with the tools required to ensure domestic maritime security.  Local Somali governments have had some recent success in counter-piracy activity, rescuing eight Indian mariners captured by Somali pirates[5].  Introducing counter-piracy training, maritime domain awareness and intelligence sharing would go far in allowing regions of Somalia to work together to stop what should be a Somali law enforcement issue.

Risk:  The threat of corruption is a major concern; also the responsibility for building maritime law enforcement capacity would be a political minefield for any host nation.

Gain:  Using the dictum of “Teach a man to fish,” places Somalia in a position to police its waterways will provide a permanent solution to the piracy problem.  It will also ensure illegal fishing or overfishing by other states does not further deplete local fishing grounds[6].  Piracy in Somalia was born of frustrated fisherman who had no recourse against foreign fishing boats poaching their grounds.  Giving Somalia the ability to not only deter piracy, but also police their waters against illegal fishing should provide a complete long-term solution.

Option #3:  The U.S. continues to enable Private Maritime Security Companies, (PMSCs), to provide on-board armed guards at the shipping companies’ discretion.  To date, no ship with an armed team aboard has been successfully taken by Somali pirates.

Risk:  PMSCs are subject to market fluctuations.  As piracy rose in 2006-2008, PMSCs proliferated providing a wide spectrum of cost, capabilities, and legitimacy.  Ceding full maritime security control to unregulated PMSCs or to PMSCs from non-partnered nations could have other consequences as well, such as future military operations employing a trained, unaligned and unregulated force.  Additionally, many of the smaller shipping companies, favored by pirates, cannot afford PMSCs thus potentially identifying the smaller shipping companies as soft targets.

Gain:  Working with shipping companies and PMSCs would ensure the U.S. and its partners contribute to regulation of legitimate and capable PMSCs and would deny the PLA(N) an opportunity to enhance its capabilities through gaining experience in counter-piracy operations.

Option #4:  Coalition operations in the region continue.  In addition to independent operations, Somali piracy resulted in the creation of several key partnerships including Combined Task Force 151, the European Union’s Operation ATALANTA, and the North Atlantic Treaty Organization’s (NATO) Operation OCEAN SHIELD.

Risk:  Coalition investment of time, money, staff, and platforms for any operation takes away from other missions.  If other missions such as North Korea, Iran, and threats in the Mediterranean Sea have a higher immediate priority, then coalition ships might not be available if the pirate threat level is assessed as low.  In November 2016, for example, NATO concluded Operation OCEAN SHIELD as it shifted resources to the Baltic and Black Seas[7].

Gain:  Coalition operations enhance interoperability between traditional and new partners.  The larger the coalition, the fewer resources each nation has to contribute.  In most maritime operations, few countries can go it alone.

Other Comments:  While the options are limitless, the options presented here are those the authors assess as being the most feasible and acceptable.

Recommendation:  None


[1]  CNBC Int’l, Luke Graham, “Somali Pirates are Back,” 03 May 2017

[2] The Trumpet, Anthony Chibarirwe, “Somali Pirates are Back,” 19 May 2017

[3]  The Diplomat, Ankit Panda, “As Somali Pirates Return, Chinese Navy Boasts of Anti-Piracy Operations,” 16 April 2017

[4]  The Diplomat, Kevin Wang, “Yemen Evacuation a Strategic Step Forward for China,” 10 April 2015

[5]  The New York Times, Hussein Mohamed, “8 Indians rescued from Somali Pirates, Officials say,” 12 April 2017

[6]  Asia Today, Hong Soon-Do, “Chinese Illegal Fishing Threatens World Waters,” May 2017

[7]  Reuters, Robin Emmott, “NATO Ends Counter-Piracy Mission as Focus Shifts to Mediterranean,” 23 November 2016

Bob Hein China (People's Republic of China) Claude Berube Horn of Africa Option Papers Piracy

U.S. Options to Address a Growing People’s Republic of China Army (Navy)

Thomas is a junior sailor in the United States Navy.  He can be found on Twitter @CTNope.  The views expressed in this article are the author’s alone and do not represent the official position of the United States Navy, the Department of Defense, or the United States Government.  Divergent Options’ content does not contain information of an official nature nor does the content represent the official position of any government, any organization, or any group. 

National Security Situation:  Worrying trends in military shipbuilding by the People’s Republic of China (PRC).

Date Originally Written:  April, 29, 2017.

Date Originally Published:  June, 15, 2017.

Author and / or Article Point of View:  The author believes that the current balance of naval forces, both qualitatively and quantitatively, between the U.S. and the PRC, must be examined or the U.S. will face severe policy consequences.  The article is written from the point of view of U.S. Navy (USN) leadership as they assess the growth of the People’s Liberation Army’s (Navy) (PLAN).  This article focuses on options that U.S. policymakers have in response to the trends in the PRC’s military shipbuilding, not the trends themselves.

Background:  Since the mid-2000’s the PRC’s economic situation has vastly improved, most evident as its GDP has grown from 1.2 billion to 11 billion over fifteen years, a growth of over 900 percent[1].  This growth has enabled the PRC to embark on a remarkable shipbuilding program, achieving vast strides in training, technology, capabilities, and actual hull count of modern vessels[3][2].  This growth is creating security challenges in the Pacific as well as igniting tensions between the U.S. and the PRC, as the disparity between the USN and the PLAN shrinks at an alarming rate[4].  These developments have been closely watched by both the U.S. and her Partners, challenging U.S. policymakers to address this new, rising maritime presence while maintaining security in the region.

Significance:  In the U.S. there is a growing bipartisan voice concerned about an assertive PRC[5], as halfway across the globe Asian nations wearily observe the PRC’s growth.  A more powerful PLAN allows greater flexibility for PRC officials to exert influence.  These impressive shipbuilding trends will embolden the PRC, as now they can brush aside actors that held credible deterrence when competing against an unmodernized PLAN.  If current trends in the capacity of PRC shipbuilding and technological advancement continue, the PLAN will be able to challenge the efforts of the USN and U.S. Partners to continue to keep sea lanes of communication open in the space around the disputed ‘nine-dash-line’ as well as other parts of the Pacific.  It is plausible that in the long-term the PLAN will emerge as a near-peer to the USN in the Pacific; as U.S. has to provide for its own security, the security of others, and the security of the Global Commons, while the PRC only has to provide security for itself and its interests.

Option #1:  Platform centric approach.  Review the current force structure of the USN to decide how large the force needs to be to satisfy U.S. policy goals and modify the fleet accordingly.

Risk:  Focusing too heavily on platforms could leave the USN without the tools needed to be on the technological forefront during the next conflict.  Also, a focus on building legacy systems could take resources away from initiatives that require them.

Gain:  An increased number of platforms would allow U.S. policymakers more flexibility in how they decide to most effectively use the USN.  Additionally, more hulls would not only contribute to the deterrence generated by the USN, but also improve the readiness of the USN as more ships can remain in port and undergo maintenance, while other ships conduct missions.  Option #1 maximizes readiness for the next conflict.

Option #2:  Modernization approach.  Focus on improving today’s platforms while additionally investing in the future with disruptive technologies, but do not undertake an extensive build up of hulls.  In this option the fleet would still expand in accordance with current programs, to include the Littoral Combat Ship (LCS), Arleigh Burke Class Destroyers, and Virginia Class Submarines, but these production runs would be cut short to save funds.

Risk:  In the mid-term the USN might not have the hulls necessary to address global security concerns.  However, having fewer hulls does not mean that the USN can’t fight and win, instead, it will require that the USN’s leaders adapt.

Gain:  Investing in the future could yield powerful technologies that change the calculus on how the U.S. employs military forces.  Technologies like the railgun or unmanned systems change the way the USN fights by improving critical traits such as firepower and survivability.  Future technologies could create even greater offsets than previously discovered technologies, with the advent of artificial intelligence on the horizon, future applications appear limitless.  Option #2 increases the chance that the U.S. will continue to operate at the cutting edge of technology.

Option #3:  Balanced approach.  Modify the USN’s size, but not as broadly as the first option, instead providing additional funding towards Research and Development (R&D).

Risk:  This option could prove to be too little, too late.  The USN would benefit from the handful of additional hulls, but PRC shipbuilding pace might negate the benefit of the extra vessels.  The PRC could possibly out-build the USN by adding two new hulls for every one the USN commissions.  Likewise, the USN might need significantly more resources for R&D efforts.

Gain:  The USN would receive additional Arleigh Burke Class Destroyers, LCS Frigates, and Virginia Class Submarines.  In addition, this option would free up more funds to put into R&D to keep the USN ahead of the PLAN in terms of technology.  Overall, this would keep the USN on a balanced footing to be “ready to fight tonight” in the short to mid-term, yet still on a decent footing in the long-term, from R&D efforts.  Option #3 could turn out to be the best of both worlds, combining the increased readiness through hulls as well as continued technological innovation.

Other Comments:  The PLAN still has many issues, ranging from naval subsystems, to C4I, to training and manning[3], but they are correcting their deficiencies at an impressive rate. As such, there is a cost for the U.S. in terms of both omission and commission.

Recommendation:  None.


[1]  The World Bank Statistics. Retrieved from: http://data.worldbank.org/indicator/NY.GDP.MKTP.CD?

[2]  Gabriel Collins and LCDR Michael Grubb, USN. “A Comprehensive Survey of China’s Dynamic Shipbuilding Industry, Commercial Development and Strategic Implications”.     Published August 2008. Retrieved from: https://www.usnwc.edu/Research—Gaming/China-Maritime-Studies-Institute/Publications/documents/CMS1_Collins-Grubb.aspx

[3]  Ronald O’Rourke . “China Naval Modernization: Implications for U.S. Navy Capabilities—Background and Issues for Congress”. Retrieved from: https://fas.org/sgp/crs/row/RL33153.pdf

[4]  Shannon Tiezzi with Andrew Erickson. “Chinese Naval Shipbuilding: Measuring the Waves”.  Retrieved from: http://thediplomat.com/2017/04/chinese-naval-shipbuilding-measuring-the-waves/

[5]  Various. “Hotspots Along China’s Maritime Periphery”.
Retrieved from: https://www.uscc.gov/Hearings/hotspots-along-china%E2%80%99s-maritime-periphery

Capacity / Capability Enhancement China (People's Republic of China) Maritime Option Papers Thomas United States

Hamas Policy Options Amidst Regional & Internal Change

Miguel Galsim is a final year student completing a double Bachelor of International Relations/Middle Eastern and Central Asian Studies at the Australian National University, with an academic interest in non-state violence.  Divergent Options’ content does not contain information of an official nature nor does the content represent the official position of any government, any organization, or any group.

National Security Situation:  The Hamas Organisation’s purportedly softened political principles and its reshuffling of senior leadership figures has left the group fraught between a path towards further moderation and a road of continued, even elevated, violence.

Date Originally Written:  May 19, 2017

Date Originally Published:  June 12, 2017.

Author and / or Article Point of View:  This options paper is written from the perspective of a senior policymaker within Hamas providing options to the political leadership of the movement.

Background:  On May 1, 2017, Hamas released a document of “General Principles and Policies[1]” that displayed an apparent toning-down of Hamas’ long criticised dogmatism, evident in its original 1988 charter.  The document is bereft of references to the Muslim Brotherhood, instead refers to Hamas’ enemies as Zionists and not Jews, and while not recognising Israel, outlines its recognition of a de-facto Palestinian state along the 1967 borders.  It is widely believed that the document is a device to bring Hamas out of the diplomatic cold.

At the same time, Hamas elected former Prime Minister of Gaza Ismail Haniyeh to head its political bureau on May 6, replacing the highly pragmatic and externally focused Khaled Mashal who was barred by internal regulations from running for another term.  It is also worth noting that prior to the release of the General Principles and Policies and the election of Haniyeh, in February Yahya Sinwar, a military figurehead and former Hamas counterintelligence chief, was elected to become Gaza’s Prime Minister.  Sinwar has 22 years of imprisonment experience under Israel.  Both Haniyeh and Sinwar are insiders in Hamas[2] – having extensive grassroots experience, particularly in Gaza – and have strong links with the military wing, the latter more staunchly.

Compounding Hamas’ internal shifts, regional unrest has deprived Hamas of its traditional backers in Syria and Iran[3], and the return of an anti-Islamist leadership in Egypt has imperilled Hamas supply chains into Gaza and hardened an already difficult border for civilians living under Hamas government.

Significance:  Such a complex situation, buffeted by the potentially countervailing forces of ideological moderation and an insider-oriented shift, creates an uncertain future for Hamas as Gaza’s Islamic-nationalist militant group.  With Hamas insiders now in charge, Gaza becomes a more prominent reference point for strategic thinking.  Accordingly, facing an increasingly dissatisfied populace weary from siege, attempting to preserve its popular support, and also looking to fill the cavities left by a hostile Egypt and a distracted Syria and Iran, Hamas’ next strategic choices will be crucial for its success in pursuing its goals, and at the very least, surviving as a movement.

Option #1:  Hamas allows military imperatives to drive its broader strategic thinking, resulting in a potential escalation of violent operations.

This option would be a conceivable outcome of the election of Sinwar and Haniyeh who, while following in their predecessor’s pragmatic footsteps, nonetheless have better military ties due to their experiences in Gaza.

Risk:  This option would be inflexible and incognizant of the external factors fuelling grievances within their controlled territory.  Increased attacks on Israel would invite disastrous Israeli offensives on Gaza and substantial damage to the group’s own assets, as Hamas has learned to expect.  This would result not only in an immediate danger to Gaza’s populace, but a tightened economic blockade.  A militaristic mindset would also render Hamas even more isolated from global diplomatic support and hostile to Egyptian interests – a subsequent thinning of material and financial resources into Gaza would be the likely result.  These factors would consequently worsen the humanitarian situation in Gaza, withering Hamas’ popular support base.  Simultaneously, increased Hamas violence would give Fatah extended pretexts to dismantle Hamas cells in the West Bank.

Gain:  Emphasising its military needs would help Hamas retain the leadership of violent resistance against Israel and sustain its main differentiator from its rivals in Fatah who renounced armed resistance in 1993.  For certain sectors of the population, militancy would be a pull factor towards the group.  Enhanced coercive capabilities would also assist Hamas’ crackdown on hostile Salafi elements in Gaza and, if not applied haphazardly, act as deterrence against hostile manoeuvres from Fatah and Israel.  Additionally, a focus on military capacity could potentially reinvigorate Hamas’ relationship with Iran as the military wing’s traditional patron[4], as well as a provider of armaments.

Option #2:  Hamas pursues a course of broader political moderation and resorts only to limited, targeted applications of violence.

Given the publication of Hamas’ new political document, the path of moderation is also a viable option.  Haniyeh may be open to pragmatic change, despite his commitment to resistance[5], given the hard lessons he would have learnt first-hand from conflagrations in Gaza.  This should not be taken as disarmament, however – such a move would be disastrous for Hamas’ popularity, territorial control, and deterrence abilities.  Furthermore, it cannot be considered an option as heightened discontent within the military wing would simply endanger the integrity of the entire Organisation.

Risk:  Political compromise may widen rifts between the moderates and conservatives within Hamas, with champion hardliner Mahmoud al-Zahar already stating to the public that the new platform was an “extension” and not a “replacement” of the original, maximalist charter[6].  A more restrained Hamas could also result in external criticisms of Hamas’ failure to carry the banner of resistance, and may inspire a shift in some grassroots support towards more radical elements in Gaza.  Traditional partners in Syria and Iran may also become more estranged.

Gain:  The clear benefit of moderation is its potential to open regional and global diplomatic channels.  Doing so keeps Hamas open to a wider array of policy options and could lead to the future easing of terrorist classifications in some countries, thereby alleviating constraints on its financial flows.  Additionally, an eased political position may boost public appreciation for Hamas’ efforts by alleviating the blockade of Gaza from Israel and Egypt, and giving Israel fewer reasons to launch high-intensity offensives on Gaza.  Concurrently, opting for more surgical military operations – particularly given Sinwar’s sophisticated understanding of Israel, his ability to act with moderation, and the potential that he will work sanguinely with the politburo[7] – would retain Hamas’ coercive edge while not instigating another round of heavy fighting.

Other Comments:  None.

Recommendations:  None.


[1]  The Islamic Resistance Movement “Hamas”. (2017, May 1). A Document of General Principles and Policies. http://hamas.ps/en/post/678/a-document-of-general-principles-and-policies

[2]  See Ghassan Khatib’s comments in Mitnick, J & Abualouf, R. (2017, May 6). Hamas selects popular Gaza politician Ismail Haniyeh as its new leader. Los Angeles Times, http://www.latimes.com/world/middleeast/la-fg-hamas-leader-haniyeh-20170506-story.html

[3]  Uthman, T. (2013, March 4). Hamas and the Arab Spring: Arguments on gains and losses (Arabic). Namaa Center for Research and Studies, http://nama-center.com/ActivitieDatials.aspx?id=223

[4]  Mounir, S. (2017, April 23). The predicament of regional options for Hamas after the victory of Yahya Sinwar (Arabic). Al-Ahram Center for Political and Strategic Studies, http://acpss.ahram.org.eg/News/16285.aspx

[5]  Author unknown. (2017, April 30). Haniyeh: Two important merits are coming (Arabic). Shasha News, https://www.shasha.ps/news/263298.html

[6]  Author unknown. (2017, May 17). The new document splitting Hamas from the inside (Arabic). Al-Arab, http://bit.ly/2rvj7El

[7]  Caspit, B. (2017, February 15). Why some in Israel are wary of Hamas’ new Gaza boss. Al-Monitor, http://www.al-monitor.com/pulse/originals/2017/02/israel-gaza-new-hamas-leader-yahya-sinwar-security.html

Hamas Israel Miguel Galsim Option Papers Palestine

Options for Paying Ransoms to Advanced Persistent Threat Actors

Scot A. Terban is a security professional with over 13 years experience specializing in areas such as Ethical Hacking/Pen Testing, Social Engineering Information, Security Auditing, ISO27001, Threat Intelligence Analysis, Steganography Application and Detection.  He tweets at @krypt3ia and his website is https://krypt3ia.wordpress.com.  Divergent Options’ content does not contain information of an official nature nor does the content represent the official position of any government, any organization, or any group.  

National Security Situation:  Paying ransom for exploits being extorted by Advanced Persistent Threat Actors: Weighing the Options.

Date Originally Written:  June 1, 2017.

Date Originally Published:  June 8, 2017.

Author and / or Article Point of View:  Recent events have given rise to the notion of crowd funding monies to pay for exploits being held by a hacking group called ShadowBrokers in their new “Dump of the month club” they have ostensibly started.  This article examines, from a red team point of view,  the idea of meeting actors’ extortion demands to get access to new nation state-level exploits and, in doing so, being able to reverse engineer them and immunize the community.

Background:  On May 30, 2017 the ShadowBrokers posted to their new blog site that they were starting a monthly dump service wherein clients could pay a fee for access to exploits and other materials that the ShadowBrokers had stolen from the U.S. Intelligence Community (USIC).  On May 31, 2017 a collective of hackers created a Patreon site to crowd fund monies in an effort to pay the ShadowBrokers for their wares and gather the exploits to reverse engineer them in the hopes of disarming them for the greater community.  This idea was roundly debated on the internet and as of this writing  has since been pulled by the collective after collecting about $3,000.00 of funds.  In the end it was the legal counsel of one of the hackers who had the Patreon eite shut down due to potential illegalities with buying such exploits from actors like ShadowBrokers.  There were many who supported the idea with a smaller but vocal dissenting group warning that it was bad idea.

Significance:  The significance of these events has import on many levels of national security issues that now deal with information security and information warfare.  The fact that ShadowBrokers exist and have been dumping nation-state hacking tools is only one order of magnitude here.  Since the ShadowBrokers dumped their last package of files a direct international event ensued in the WannaCrypt0r malware being augmented with code from ETERNALBLUE and DOUBLEPULSAR U.S. National Security Agency exploits and infecting large numbers of hosts all over the globe with ransomware.  An additional aspect of this was that the code for those exploits may have been copied from the open source sites of reverse engineers working on the exploits to secure networks via penetration testing tools.  This was the crux of the argument that the hackers were making, simply put, they would pay for the access to deny others from having it while trying to make the exploits safe.  Would this model work for both public and private entities?  Would this actually stop the ShadowBrokers from posting the data publicly even if paid privately?

Option #1:  Private actors buy the exploits through crowd funding and reverse the exploits to make them safe (i.e. report them to vendors for patching).

Risk:  Private actors like the hacker collective who attempted this could be at risk to the following scenarios:

1) Legal issues over buying classified information could lead to arrest and incarceration.

2) Buying the exploits could further encourage ShadowBrokers’ attempts to extort the United States Intelligence Community and government in an active measures campaign.

3) Set a precedent with other actors by showing that the criminal activity will in fact produce monetary gain and thus more extortion campaigns can occur.

4) The actor could be paid and still dump the data to the internet and thus the scheme moot.

Gain:  Private actors like the hacker collective who attempted this could have net gains from the following scenarios:

1) The actor is paid, and the data is given leaving the hacker collective to reverse engineer the exploits and immunize the community.

2) The hacker collective could garner attention to the issues and themselves, this perhaps could get more traction on such issues and secure more environments.

Option #2:  Private actors do not pay for the exploits and do not reward such activities like ransomware and extortion on a global scale.

Risk:  By not paying the extortionists the data is dumped on the internet and the exploits are used in malware and other hacking attacks globally by those capable of understanding the exploits and using or modifying them.  This has already happened and even with the exploits being in the wild and known of by vendors the attacks still happened to great effect.  Another side effect is that all operations that had been using these exploits have been burned, but, this is already a known quantity to the USIC as they likely already know what exploits have been stolen and or remediated in country.

Gain:  By not paying the extortionists the community at large is not feeding the cost to benefit calculation that the attackers must make in their plans of profit.  If we do not deal with extortionists or terrorists you are not giving them positive incentive to carry out such attacks for monetary benefit.

Other Comments:  While it may be laudable to consider such schemes as crowd funding and attempting to open source such exploit reversal and mitigation, it is hubris to consider that this will stop the actor with bad intent to just sell the data and be done with it.  It is also of note that the current situation that this red team article is based on involves a nation-state actor, Russia and its military intelligence service Glavnoye Razvedyvatel’noye Upravleniye (GRU) and its foreign intelligence service the Sluzhba Vneshney Razvedki (SVR) that are understood to not care about the money.  This current situation is not about money, it is about active measures and sowing chaos in the USIC and the world.  However, the precepts still hold true, dealing with terrorists and extortionists is a bad practice that will only incentivize the behavior.  The takeaway here is that one must understand the actors and the playing field to make an informed decision on such activities.

Recommendation:  None.



Cyberspace Extortion Option Papers Scot A. Terban

Options for Defining “Acts of War” in Cyberspace

Michael R. Tregle, Jr. is a U.S. Army judge advocate officer currently assigned as a student in the 65th Graduate Course at The Judge Advocate General’s Legal Center & School.  A former enlisted infantryman, he has served at almost every level of command, from the infantry squad to an Army Service Component Command, and overseas in Afghanistan and the Pacific Theater.  He tweets @shockandlawblog and writes at www.medium.com/@shock_and_law.  Divergent Options’ content does not contain information of an official nature nor does the content represent the official position of any government, any organization, or any group.

National Security Situation:  The international community lacks consensus on a binding definition of “act of war” in cyberspace.

Date Originally Written:  March 24, 2017.

Date Originally Published:  June 5, 2017.

Author and / or Article Point of View:  The author is an active duty officer in the U.S. Army.  This article is written from the point of view of the international community toward common understandings of “acts of war” in cyberspace.

Background:  The rising prominence of cyber operations in modern international relations highlights a lack of widely established and accepted rules and norms governing their use and status.  Where no common definitions of “force” or “attack” in the cyber domain can be brought to bear, the line between peace and war becomes muddled.  It is unclear which coercive cyber acts rise to a level of force sufficient to trigger international legal rules, or how coercive a cyber act must be before it can be considered an “act of war.”  The term “act of war” is antiquated and mostly irrelevant in the current international legal system.  Instead, international law speaks in terms of “armed conflicts” and “attacks,” the definitions of which govern the resort to force in international relations.  The United Nations (UN) Charter flatly prohibits the use or threat of force between states except when force is sanctioned by the UN Security Council or a state is required to act in self-defense against an “armed attack.”  While it is almost universally accepted that these rules apply in cyberspace, how this paradigm works in the cyber domain remains a subject of debate.

Significance:  Shared understanding among states on what constitutes legally prohibited force is vital to recognizing when states are at war, with whom they are at war, and whether or not their actions, in war or otherwise, are legally permissible.  As the world finds itself falling deeper into perpetual “gray” or “hybrid” conflicts, clear lines between acceptable international conduct and legally prohibited force reduce the chance of miscalculation and define the parameters of war and peace.

Option #1:  States can define cyberattacks causing physical damage, injury, or destruction to tangible objects as prohibited uses of force that constitute “acts of war.”  This definition captures effects caused by cyber operations that are analogous to the damage caused by traditional kinetic weapons like bombs and bullets.  There are only two known instances of cyberattacks that rise to this level – the Stuxnet attack on the Natanz nuclear enrichment facility in Iran that physically destroyed centrifuges, and an attack on a German steel mill that destroyed a blast furnace.

Risk:  Limiting cyber “acts of war” to physically destructive attacks fails to fully capture the breadth and variety of detrimental actions that can be achieved in the cyber domain.  Cyber operations that only delete or alter data, however vital that data may be to national interests, would fall short of the threshold.  Similarly, attacks that temporarily interfere with use of or access to vital systems without physically altering them would never rise to the level of illegal force.  Thus, states would not be permitted to respond with force, cyber or otherwise, to such potentially devastating attacks.  Election interference and crashing economic systems exemplify attacks that would not be considered force under the physical damage standard.

Gain:  Reliance on physical damage and analogies to kinetic weapons provides a clear, bright-line threshold that eliminates uncertainty.  It is easily understood by international players and maintains objective standards by which to judge whether an operation constitutes illegal force.

Option #2:  Expand the definition of cyber force to include effects that cause virtual damage to data, infrastructure, and systems.  The International Group of Experts responsible for the Tallinn Manual approached this option with the “functionality test,” whereby attacks that interfere with the functionality of systems can qualify as cyber force, even if they cause no physical damage or destruction.  Examples of such attacks would include the Shamoon attack on Saudi Arabia in 2012 and 2016, cyberattacks that shut down portions of the Ukrainian power grid during the ongoing conflict there, and Iranian attacks on U.S. banks in 2016.

Risk:  This option lacks the objectivity and clear standards by which to assess the cyber force threshold, which may undermine shared understanding.  Expanding the spectrum of cyber activities that may constitute force also potentially destabilizes international relations by increasing circumstances by which force may be authorized.  Such expansion may also undermine international law by vastly expanding its scope, and thus discouraging compliance.  If too many activities are considered force, states that wish to engage in them may be prompted to ignore overly burdensome legal restrictions on too broad a range of activities.

Gain:  Eliminating the physical damage threshold provides more flexibility for states to defend themselves against the potentially severe consequences of cyberattacks.  Broadening the circumstances under which force may be used in response also enhances the deterrent value of cyber capabilities that may be unleashed against an adversary.  Furthermore, lowering the threshold for legally permissible cyber activities discourages coercive international acts.

Other Comments:  None.

Recommendation:  None.



Cyberspace Law & Legal Issues Michael R. Tregle, Jr. Option Papers