Paul, C. and Landree, E. (2008) Defining Terrorists’
Information Requirements: The Modified Intelligence Preparation of the
Battlefield (ModIPB) Framework. Journal of Homeland Security and Emergency
Management, 5(1) .
Summary:
The authors of this article developed the modified
Intelligence Preparation of the Battlefield (ModIPB) to resolve an issue with
vulnerability assessments for terrorist attacks: What information do terrorists
need to plan attacks and how accessible are those data? In order to provide
substance for their discussion, the authors focused on vulnerability
assessments for transportation infrastructure, a historically common target for
terrorist attacks. The purpose of developing the ModIPB is to provide a tool
that turns an inherent weakness of playing defense into a strength. If we as
defenders are unaware that terrorists have identified a vulnerability, we
cannot protect it. On the contrary, if we know what terrorists know or what
they can learn, we can better identify our own vulnerabilities and adjust our
defenses appropriately.
Drawing from US Army IPB doctrine and supported by RAND
research on adapting IPB for urban operations and a confiscated “al Qaeda
manual”, the ModIPB framework identifies 4 categories of information needs
relevant to attacking transportation infrastructure.
Category (1) includes information on avenues of approach
and ease of access such as location of the target, surrounding terrain or
buildings, and available paths to the target.
Category (2) consists of target features such as
possible locations from which to launch the attack, possible times or windows
of time to launch the attack, mobility or variability of the target, and
relevant features and structures of the target.
Category (3) on security covers information regarding
security forces and security measures in place as well as other population
groups present at the target.
Category (4) on the analysis of threats to the terrorist
operation incorporates information such as the threat posed by security
forces and security measures, the threat posed by employees of the target,
citizens (e.g. concentrations of or heightened vigilance of), and weather (as
it affects effectiveness of the operation).
Applying this framework to identify terrorist information
needs is concurrently a vulnerability assessment of both the potential target
and the information regarding the target. The ModIPB reveals 3 bounded sets of
information on the target with varying degrees of difficulty to defend. The
most difficult type of information to defend is what terrorists can learn from
off-site reconnaissance, or open source information. The type of information
that is more readily defendable is what terrorists can learn through on-site
information-gathering activities. Finally, the type of information that is
easiest to defend is information available to those who are employees of or
closely affiliated with the infrastructure itself. Understanding the relative
ease of defending certain types of information will allow policymakers and
infrastructure managers to prioritize protection efforts on information that
can be protected and thus make it that much harder for terrorists to gather the
information they need to execute an attack.
The authors cite two limitations to applying the ModIPB: the
framework does not prioritize the intelligence needs of the terrorists for
level of importance, and the framework is not sensitive to the stages of the
planning process. For example, the stages of the planning process can proceed
in two ways: with the preferred mode of attack determining target selection or
the preferred target determining the mode of attack. Despite these limitations,
the authors recommend that the ModIPB framework be included in every
vulnerability assessment of infrastructure targets so that they can prioritize
defense efforts on the right information to reduce vulnerability to terrorist
attacks.
Critique:
The ModIPB framework is a unique and interesting
counter-measure to reducing vulnerability of targets. The information
protection measures that emerge from such analysis suggests surprisingly
manageable defense efforts that can significantly reduce vulnerabilities. By
limiting access to readily defendable information, it will be inherently harder
for terrorists to execute a successful attack.
An interesting dynamic to the development of the ModIPB
model is its’ multi-disciplinary nature, as it draws from both IPB methodology
and the “red-teaming” method of applying an offensive approach to defense. The
purpose of ModIPB is to reveal defense measures that, if in place, will make it
harder for the offense to execute an attack. Despite the limitations identified
by the authors, I find the utility of the ModIPB to speak volumes to the value
this methodological tool adds to vulnerability assessments. To name just a few,
I can see the ModIPB framework as readily applicable to various fields of
information security such as counter-intelligence, corporate espionage, cybersecurity,
national security, military combat, etc. Applying the ModIPB framework to these
other disciplines would be an interesting next step for future applications on
this methodology.
Posts
Tom, does your critique imply that organizations should have better informational OPSEC, specifically on information that would be available in public forums (like the internet)? The logical extension of that would be for organizations that are exposed to limit the amount of information, even if that hurts the organization with the local populace or customers (depending on what its goal is i.e. a company vs. a diplomatic facility). Care to comment on your view?
ReplyDeleteHarry, the ModIPB method is an argument in favor of strengthening OPSEC. However, information that is publicly available (like on the Internet) is the most difficult type of information to defend. As a result, the authors suggest that organizations focus their efforts on the type of information they can more easily protect (like facility blueprints, maintenance schedules, employee personnel records, types of security equipment used, etc.). In essence, the organization must acknowledge that they cannot control all information and instead focus on what they can. In a nation where transparency is expected from the local populace or customers, this could foster mistrust among these key groups. But on the other hand, as the local populace and customers typically don't have an interest in such operational information, controlling its availability should not cause trouble for the organization.
ReplyDeleteI was very interested in the article , it’s quite inspiring I should admit. I like visiting your site since I always come across interesting articles like this one. Keep sharing! Regards. Read more about Advanced Analytics
ReplyDeleteThanks for your feedback, Stella! I am glad to hear you enjoyed this article, it certainly discusses a unique approach to countering terrorist attacks that is applicable to a wider range of fields.
ReplyDeleteI like how you said that the framework for the ModIPB can be applicable to other fields. One of the most difficult things in the national security field is conducting successful defensive measures. I can see how red-teaming strategies would certainly enhance decision making in the other fields you listed, but I feel will continue to be difficult to accomplish in the context of terrorism. The limitations the authors discovered are very practical.
ReplyDeleteModIPB adds an interesting twist to the traditional IPB method. In my article It talked a lot on the weakness of IPB and the need for mixed methods to make IPB more effective. Do you think ModIPB will fix some of the weaknesses of IPB or do you think a mix methodology is better?
DeleteAlyssa, because the objective of ModIPB is to identify information needs it differs from the objective of IPB (how to successfully approach a target). ModIPB certainly benefits from the mix methodology of red-teaming, but I think the inherent weaknesses of IPB still apply in the more complicated urban environment.
Delete