KCNA: Traitor Jang Song Thaek Executed

Report via KCNA:

Pyongyang, December 13 (KCNA) — Upon hearing the report on the enlarged meeting of the Political Bureau of the Central Committee of the Workers’ Party of Korea, the service personnel and people throughout the country broke into angry shouts that a stern judgment of the revolution should be meted out to the anti-party, counter-revolutionary factional elements. Against the backdrop of these shouts rocking the country, a special military tribunal of the DPRK Ministry of State Security was held on December 12 against traitor for all ages Jang Song Thaek.

The accused Jang brought together undesirable forces and formed a faction as the boss of a modern day factional group for a long time and thus committed such hideous crime as attempting to overthrow the state by all sorts of intrigues and despicable methods with a wild ambition to grab the supreme power of our party and state.

The tribunal examined Jang’s crimes.

All the crimes committed by the accused were proved in the course of hearing and were admitted by him.

A decision of the special military tribunal of the Ministry of State Security of the DPRK was read out at the trial.

Every sentence of the decision served as sledge-hammer blow brought down by our angry service personnel and people on the head of Jang, an anti-party, counter-revolutionary factional element and despicable political careerist and trickster.

The accused is a traitor to the nation for all ages who perpetrated anti-party, counter-revolutionary factional acts in a bid to overthrow the leadership of our party and state and the socialist system.

Jang was appointed to responsible posts of the party and state thanks to the deep political trust of President Kim Il Sung and leader Kim Jong Il and received benevolence from them more than any others from long ago.

He held higher posts than before and received deeper trust from supreme leader Kim Jong Un, in particular.

The political trust and benevolence shown by the peerlessly great men of Mt. Paektu were something he hardly deserved.

It is an elementary obligation of a human being to repay trust with sense of obligation and benevolence with loyalty.

However, despicable human scum Jang, who was worse than a dog, perpetrated thrice-cursed acts of treachery in betrayal of such profound trust and warmest paternal love shown by the party and the leader for him.

From long ago, Jang had a dirty political ambition. He dared not raise his head when Kim Il Sung and Kim Jong Il were alive. But, reading their faces, Jang had an axe to grind and involved himself in double-dealing. He began revealing his true colors, thinking that it was just the time for him to realize his wild ambition in the period of historic turn when the generation of the revolution was replaced.

Jang committed such an unpardonable thrice-cursed treason as overtly and covertly standing in the way of settling the issue of succession to the leadership with an axe to grind when a very important issue was under discussion to hold respected Kim Jong Un in high esteem as the only successor to Kim Jong Il in reflection of the unanimous desire and will of the entire party and army and all people.

When his cunning move proved futile and the decision that Kim Jong Un was elected vice-chairman of the Central Military Commission of the Workers’ Party of Korea at the Third Conference of the WPK in reflection of the unanimous will of all party members, service personnel and people was proclaimed, making all participants break into enthusiastic cheers that shook the conference hall, he behaved so arrogantly and insolently as unwillingly standing up from his seat and half-heartedly clapping, touching off towering resentment of our service personnel and people.

Jang confessed that he behaved so at that time as a knee-jerk reaction as he thought that if Kim Jong Un’s base and system for leading the army were consolidated, this would lay a stumbling block in the way of grabbing the power of the party and state.

When Kim Jong Il passed away so suddenly and untimely to our sorrow, he began working in real earnest to realize its long-cherished greed for power.

Abusing the honor of often accompanying Kim Jong Un during his field guidance, Jang tried hard to create illusion about him by projecting himself internally and externally as a special being on a par with the headquarters of the revolution.

In a bid to rally a group of reactionaries to be used by him for toppling the leadership of the party and state, he let the undesirable and alien elements including those who had been dismissed and relieved of their posts after being severely punished for disobeying the instructions of Kim Jong Il and kowtowing to him work in a department of the Central Committee of the WPK and organs under it in a crafty manner.

Jang did serious harm to the youth movement in our country, being part of the group of renegades and traitors in the field of youth work bribed by enemies. Even after they were disclosed and purged by the resolute measure of the party, he patronized those cat’s paws and let them hold important posts of the party and state.

Operation Sayaqa: An Excerpt from Linda Robinson’s One Hundred Victories: Special Ops and the Future of American Warfare

lindarobsinson Operation Sayaqa: An Excerpt from Linda Robinsons One Hundred Victories: Special Ops and the Future of American Warfare

Linda Robinson

Linda Robinson is a senior international policy analyst at RAND. She has been an adjunct senior fellow at the Council on Foreign Relations and Public Policy Scholar at the Wilson Center. Her book about the U.S. Army Special Forces, Masters of Chaos, was a New York Times bestseller; her second book, Tell Me How This Ends, was a New York Times notable book. She received the Gerald R. Ford Prize for Reporting on National Defense in 2005. She has conducted field research on special operations in Afghanistan, Iraq, Latin America, and elsewhere. One Hundred Victories is available on Amazon, Barnes and Noble, and in bookstores.

Operation Sayaqa

Just before winter set in, Jimenez’s company was granted permission to run a commando operation to support the local police and stability operations in lower Kunar. They were going after the insurgent camp in Maya village at last. The conventional forces agreed to supply the needed air support and surveillance assets in early October 2011. Matt and his team were ecstatic. The intelligence reporting was ample and consistent: insurgents used this village on the Pakistani border as a major way station to stage attacks in two districts and beyond.11

The commandos and the special operations team partnered with it, ODA 3313, submitted their “concept of operations,” or CONOP, which described the purpose of the mission, the detailed plans for conducting it, and the types of support that would be required. The team received the green light to launch. The major issue was where the helicopters would land. This was tricky because the Afghan and Pakistani governments did not agree on the exact location of the border, which had never been formally demarcated. To make sure they were landing on the Afghan side of the border, the team studied two sets of images. Then the soldiers hit the shooting range, which was about fifty yards from their dining room and gym at Camp Dyer, on their patch of the Jalalabad base, for some last-minute nighttime target practice, as they always did before missions. They drove to the flight line and boarded the two Chinooks that would ferry them in. As they approached the landing site, insurgents fired rocket-propelled grenades, and the pilots decided to abort rather than risk losing the birds. The commandos and the team returned to Camp Dyer. They would let the area cool off for a bit, and make another try after the insurgents’ attention had turned elsewhere.

In late November, the mission was reapproved. The commandos and their special operations team brushed off their plan, updated it, and rehearsed it. It was officially called Operation Sayaqa. Sayaqa was Dari for “lightning,” which was the motto of the 1st Afghan Commando battalion, or kandak. This was the original Afghan commando battalion and therefore the most experienced one. It was based in Kabul, but the company that was on active rotation lived at a forward base in the barracks beside the team at Camp Dyer.12

Once again, the team and the aviators surveyed the possible landing sites. The pilots pushed for a site close to the village, but the team selected a site that was a bit flatter and with fewer obstacles to navigate in the nighttime insertion. Given the steep terrain, it was still going to be a two-wheeled landing. The Chinooks would touch down on their back wheels, keeping their noses in the air, and open their rear hatches for the commandos and teams to offload, before taking off again.

On the day of the mission, November 25, the weather threatened to scrub the launch, but it lifted by nightfall. At 8:30 p.m. they loaded into the ramshackle base trucks. Eddie Jimenez and his sergeant major, Rotsaert, accompanied the team and the commandos to the airstrip to see them off, as they always did. After the birds lifted off, Jimenez returned to the operations center at Camp Dyer to monitor the mission. He would spend the night in the bare-bones center, watching the video feed and listening to the satellite radio communications. Jimenez’s bedroom was across the hall, in a room that doubled as his office and private conference room. Their boss, Bob Wilson, would also be watching from his base at Bagram, along with those on watch duty at the CJSOTF down the street at Camp Vance.

It was cold, about 30 degrees, and there was very little moonlight, as the moon had not yet risen. The half-hour flight due north of Jalalabad to the staging base at FOB Joyce, just south of Asadabad, passed without incident. The two Chinooks made several trips to ferry all the commandos and the team first to the base and then on to their destination, Helicopter Landing Zone (HLZ) Khoda, deep in the mountains. Hovering like a giant mechanical insect, rotors chopping the thin air, the first Chinook tilted back and delicately touched its tail wheels down. The Americans and Afghans released their harness belts and jumped out of the rear hatch as it yawned open. The team’s chief warrant officer, Mike, was the first to unload with his portion of the team. They fanned out to secure the landing zone for the rest.

Mike was the ground commander for the operation. There were fifteen Americans in all: ten members of his special forces team plus a Special Operations Team–Alpha (SOT-A) signals intelligence specialist, an Air Force combat controller, two navy Explosive Ordinance Disposal experts, plus an army combat cameraman. Two or three Americans were distributed among each of the four thirty-man Afghan commando platoons, as was the team’s usual practice. Those in the second group disembarked, hoisted their packs and weapons, and set off at a quick clip so that the troops would not be all bunched up on the landing zone. They went forward about 150 meters and began conducting searches of the woods and manmade structures to clear the area.

Mike’s plan was for the entire force to stay together and move around the bowl from west to east and then enter Maya. They had landed about a kilometer and a half from the border, southwest of Maya. They were at roughly the same altitude as the village, but the undulating terrain meant that they would need to go down and climb again to reach it. The mountains right behind Maya, on the border, rose straight up about 2,000 meters in sheer cliffs.

Mike sent the first group down into a hollow to clear a cluster of buildings, and then moved off the landing zone to make way for the two final drops. They all started moving around the bowl. As he reached the ridgeline, Mike heard machine-gun fire. The troops clearing the small village below were being shot at. Mike peeked up over the knoll, and the fire suddenly shifted to his location. He called the battalion on the radio and told the assistant operations officer, “Hey, we are sitting here near the Pakistani border taking fire. There’s fire coming from the Pakistani border. You need to make sure the border coordinations were done.” The major agreed to contact the conventional two-star command, Regional Command–East, which was the entity responsible for making sure the Pakistanis were informed of impending operations.

The accuracy of the machine-gun fire led Mike to believe that the shooters were wearing night vision goggles. The team, per procedure, was wearing infrared strobe lights that helped their own aircraft avoid hitting them. He instructed the team members to turn them off.

A few moments later a barrage of 60 mm mortars landed about twenty-five meters from Mike, who immediately called the battalion back to let them know the team was now receiving mortar fire. He requested permission to fire on the targets that were shooting at them.

The Chinooks had already lifted off, but the men on the ground were not alone. Their overhead support consisted of a lumbering but heavily armed AC-130, two AH-64 Apache helicopter gunships, and two F-15E fighters on station higher up, in addition to an MC-12 King Air plane loaded with additional intelligence and surveillance sensors. Mike did not have a direct line of sight to the origin of the fires, but the AC-130 crew told him they saw the fire coming from the mountaintop behind Maya. It was too dark and too far for the men on the ground to see the location with their NODs, but the air crew described the structure on the mountain that was firing in their direction. A fort, which had not existed a month before, was surrounded by men with guns who were visible through the plane’s thermal and infrared sights.

The combat controller suggested to Mike that they request a show of force from the F-15E Strike Eagle. Mike agreed and told him to call the jets. Less than a minute later, the F-15E swooped down with a deafening roar, screaming through the narrow valley between the team and the mountaintop that was firing on them. “I think anybody would know what this means,” Mike said. “It is US forces there and please stop firing.” The “or else” was hardly implicit. Yet, much to his surprise, a few minutes after this bone-rattling display of superpower might, another mortar landed right between Mike’s group and the one behind him. The team’s positions had been bracketed, and the next mortar would almost certainly hit them. Mike had the SATCOM line open to the battalion, which heard the huge explosion through the phone. Mike then requested permission to fire, which Lieutenant Colonel Wilson approved immediately.

Mike had requested the F-15E show of force as an extra step, one not required by standard procedure. But now, knowing that he did not have a minute to spare, he quickly relayed Wilson’s approval to the combat controller, who in turn radioed the AC-130 with the request to target the location that had fired the mortars. Recalling that critical juncture, Mike said later, “If [the fire] had continued we would have definitely taken multiple casualties. It would have been a mass casualty exercise after that.”

The AC-130 came in for the kill, firing its fearsome side-mounted 105 mm cannon at the mountaintop structure that was the source of the attack. About that time the Apaches returned; they had flown back to Asadabad to refuel about twenty-five minutes earlier. The Apaches began scouring the valley and identified more targets, along with the AC-130, which reported a lot of people running around the mountaintop.

The first strike did not end the firing. Mike and his team soon realized that the fire was coming from more than one location, as two more mortar rounds landed about twenty-five meters away from the lead group. These team members and commandos happened to be inside clearing a building, preventing certain injury or death, given the proximity of the fire. Twenty-five meters is considered “danger close” for an exploding mortar. The AC-130 immediately identified the second mortar location and moved in to shoot at the target. Enemy fire then ceased for the time being, and the battlefield fell silent.

By that time, the full force had reached the edge of the bowl. Mike was concerned that his lead element would not be safe crossing the exposed area leading into Maya village. He called the battalion and told the operations officer that even though they faced no imminent threat, he wanted to destroy the target that had previously fired on his men to ensure he would take no casualties. Wilson approved, and the second location was engaged again. It was about 1 a.m.

To reduce the risk to the commandos, Mike had also ordered that they not use white lights in their searches and that they throw away their chem lights—gel-filled plastic tubes that glowed green when cracked, a cheaper tool for identifying friendly forces than the strobes. As usual, the commandos had tied chem lights to their vests.

At 1:44 a.m. the AC-130 crew radioed that they spotted people moving around the target on the mountain top. “Do you want to engage?” they asked. Mike called the battalion; the reply was no, cease all fire unless you are getting directly shot at. “Come up on the Iridium [satellite phone],” Mike was told.

He called the battalion back on the handheld satellite phone. This phone was less iffy than the SATCOM 130 system, which also required them to stop and unfold a spiderweb antenna. But it was also a direct line between the team and the battalion for sensitive communications, since the other command centers monitoring the operation could not hear this conversation. Wilson told Mike that the team had been engaging Pakistani forces. Mike’s principal concern throughout the battle had been making sure he was following procedure to guarantee the safety of his men and that of the civilians in the village. He had not had the time to think much about who was shooting at him. The machine guns had been firing indiscriminately into the village. He had initially assumed they were under fire from the Taliban, because none of their maps showed Pakistani outposts in that area. He had heard from the team at Penich about being regularly mortared, and there were reports that the Taliban in the area had a DShK machine gun. Still, he was not overly surprised by this news. Both the machine-gun fire and the mortar fire were more precise than the Taliban’s normally was.

Given this new information, Wilson told Mike that if anything else happened, Mike would have to paint him a precise picture before he would be able to approve any subsequent fire. There was discussion of an emergency exfiltration to get the troops out, but it was decided that they would stay and clear the area at daybreak. It would be better at this point to continue the mission and do a thorough search to see what turned up.

At about 4:44 a.m., the team started receiving recoilless rifle rounds, fired from a location on the mountains above Maya that was about two and a half kilometers north of the structures that had already been targeted. The Apaches were also fired on by RPGs as they searched an area to the west of the village, in a place where the team and the commandos had caught a high-value target (HVT) some weeks before. In neither case was the fire effective, but Mike reported it to the battalion to keep them informed. Whoever was firing at them, or around them, had not been deterred by the fireworks of the previous hours.

Mike gathered his men and the commandos into a strong point location, a building on the edge of Maya, to wait for daybreak. From this defensible location they would search the entire village. Starting at 7 a.m. he began to send out recon teams to search different locations one area at a time. The MC-12 plane overhead carrying fullmotion video, thermal, and other sensor gear relayed what was going on up on the mountaintop, one kilometer away and two kilometers straight up. Mike could see smoke rising from the two smoldering ruins, but that was all. The air crew reported that the Pakistani soldiers had placed their weapons on the ground and moved away to the back side of the ridgeline so their movements would not be interpreted as threatening.

Officers back at the battalion operations center requested that he call again on the Iridium, at which point he was told the Pakistanis would be flying in on two helicopters, armed UH-60s, to investigate what had happened. They demanded that the two Apaches be pulled back from the border to the Kunar River. Mike was uneasy, thinking that his troops might be shot at, but he ordered everyone inside. The Pakistani choppers came in and landed on the back side of the mountain. They stayed about twenty minutes, loading up their dead and wounded. Twenty-four had been killed, and thirteen were wounded.

Mike was glad they had been allowed to stay, because of what they learned and found that morning in Maya. His team and the commandos conducted a thorough search while he and the commando commander talked to the elders. “They were quite relieved that we were there,” Mike said. The elders wanted someone to see what they had been living through. One of the elders told him, “This happens all the time.” For the last six months, the villagers told him, when they ventured out to get water, tend their goats, or work in their gardens, they would be shot at from the mountains above. One elder said his daughter had died of gunshot wounds the previous month, and they had gone to complain to the governor in Khas Kunar, to no avail. The elder alleged that the Pakistani border guards fired on them to allow the Taliban to come into their villages and stash their weapons there. The Taliban had even raped two girls in the valley. The warrant officer surveyed the village and found a bullet-pocked house with a mortar round in its roof.

Meanwhile, the team and the commandos had unearthed an astonishing array of weapons and munitions from multiple caches around the village. They found AK-47s, PKM machine guns, RPGs and launchers, Pakistani uniforms, and the 7.62 ammunition for the Pakistani G-3 rifles. The quantity of ammunition was mindboggling. There were more than 15,000 rounds in all, including 2,000 DShK rounds; 9,000 PKM rounds; 3,000 Pakistani rifle rounds; and mortars. 13 The operation’s haul had more than confirmed Maya’s status as a major insurgent hub. Mike felt sorry for the elders. They had not wanted the Taliban to make use of their village, but they had no means of resisting and no one had come to help them.

It was afternoon by the time the team finished the site exploitation in Maya and was ready to exfil. When Mike radioed in, he was told they would have to hump out three kilometers further than planned to a more distant pickup spot. “You’re kidding,” Mike said. The men were exhausted from the past twenty-four hours, the high-altitude march in full kit, the attack, and then the detailed search of the village. Now they would have to hike twice as far as they had expected, through a wadi deep in enemy territory that was vulnerable to attack from the high ground, to get a ride out.

It was just a foretaste of the holy hell that their operation was about to unleash.

There were three basic elements to the drama that followed: the investigation, the Pakistani reaction, and the American response. In addition, out of public view, there were significant repercussions within the military chain of command and an ensuing impact on military operations in Afghanistan. Operation Sayaqa’s operation was in many respects a watershed moment for the war and everyone engaged in it.

An official investigation was opened by Central Command, the four-star military headquarters in Tampa, Florida, that oversaw operations throughout the Middle East and South Asia. In the weeks of grilling and endless meetings that followed, Mike was mollified by his own conscience and his own command’s support. As he went over every detail of the operation, the decisions he made, and the actions he took, Mike concluded: “I would not have done one thing different. If that situation were to happen again I would do the exact same thing.”

Central Command’s four-star commander, General James Mattis, came to Afghanistan to celebrate Christmas with the troops just as the investigation concluded. Mattis ordered his staff to find Mike. He knew this young soldier had been at the center of the storm, and he wanted to bring his four-star power to bear directly. He had waited until the investigation was completed, since any overture before that would have been a violation. Mattis was as Spartan a warrior as America had, stern, learned, and intensely caring. He was a bachelor, and the military profession was his life. “I looked for things you did wrong, and I could not find any,” Mattis told Mike in their meeting. The general praised him for his “tactical patience” in ordering a show of force by the F-15E before returning lethal fire, even though his troops were in imminent danger and he was fully authorized to respond immediately.

Mike was immensely grateful that the general had personally validated the choices he had made in the battle; he would never forget that. But he was disappointed at the public reaction, or, more precisely, the news media’s coverage of the event, which shaped the general public’s understanding of what had happened. “For the team, it was disheartening that the American media turned on us so quickly without knowing the facts,” he said. “And even afterward when everything had come out and the investigation has completely cleared us, there has been no [recognition that] hey, these guys did do the right thing.” The massive campaign launched by the Pakistani government to shape public opinion was met by a very weak American reply, which led many to conclude that the Americans had been the aggressors. That interpretation of events was well entrenched by the time the official investigation concluded. When the investigating officer briefed the Pentagon press corps, he faced a barrage of accusatory questions implying that the United States had been in the wrong and had cut out Pakistan in the course of the inquiry, when it was Pakistan that shot first and had declined to participate in the US investigation. Pakistan’s official response to the US official report was to claim that its soldiers had shot in the opposite direction at what they believed were militants, and that those posted on the border routinely engaged in what Pakistan called “speculative fire.”15

Mike wished that more of the intelligence could have been declassified. “It would shed a lot of light on the [Pakistani] thought processes,” he said. Throughout the war, Pakistan had played both sides of the fence, supporting insurgents when its interests dictated, while taking massive amounts of American money. Mike’s team had been caught up in this central contradiction of the United States’ tolerance for what might be called enemy behavior. The United States, for its part, possessed evidence of Pakistan’s direct complicity in the death of US soldiers—not just near-deaths—and constant firing on US troops along the border. But the United States chose to look the other way.

Mike did not like it, but he also knew his place within the chain of command. He had joined the service in 2000, had entered the special forces in 2002, and was a newly minted chief warrant officer as of 2010. He and the warrant officer on their sister team in Maiwand had graduated from the course at the same time. Mike loved his job and hoped he’d have another four or five years on the job, but he acknowledged, “I’m not sure if my wife loves the job.” For this extra-long deployment, she had moved home to their native Wisconsin, where both sets of parents lived and were available to help her with their baby boy and five-year-old daughter.

The basic fact that got twisted from the very beginning was that the Pakistanis had fired first, on US and Afghan forces. The battle is now enshrined in public memory as a US attack on Pakistan, when it was the opposite. Pakistan leaped immediately into the public fray with the charge that it had been attacked. Then it tried to feign total ignorance of who had been shooting from its side. Then came the extraordinary claim that Pakistan’s military thought that it was under attack from guerrillas, which did not stand up to the slightest scrutiny. Mike’s men may not have known for certain who was firing at them that night, and he was within his right to call for a return of fire no matter who they were. But there could have been no doubt in anyone’s mind that Americans were there on the ground. Although they had landed under cover of night, the sound of their aircraft was a dead giveaway as to their identity. The Chinooks that carried them in could be heard from five or six miles away, and only coalition forces had them, or, for that matter, Apache gunships, AC-130s, or F-15Es—certainly neither the Taliban nor the Afghan government had these things. The Pakistanis repeatedly fired on the American troops—continuing to do so after the show of force—leaving little doubt that this was a concerted attack. But the American government chose not to clarify the basic “who shot first” facts owing to concerns over the diplomatic fallout.

The confusion that had occurred that night was not on the ground, where Mike’s team was fighting. It occurred among those responsible for transmitting advance notice of operations to the Pakistanis. This coordination was most certainly botched, but it is uncertain whether the sharing of that information would have forestalled or halted the Pakistani actions that night. The team had passed its mission concept of operations up the chain of command as required, and it had been approved. It had been sent to the Regional Command–East, the conventional two-star command in charge of sending the relevant information to the border coordination centers that had been established with the Pakistani government. In this case, the coordination center was located at the main conventional base near Asadabad, FOB Joyce. The normal protocol was for the US coordination officer there to share basic information with the Pakistani military liaison officer who was assigned there. A handful of these centers existed on the Afghan side of the border, established by mutual agreement. The Americans had also pressed for coordination centers on the Pakistan side of the border but had been rebuffed by Pakistan.

The border coordination centers served two purposes. One was to relay general information ahead of operations so that the Pakistanis would not be caught totally unawares. The other purpose was to sort out incidents once they occurred. The US military did not relay the specific coordinates of missions in advance, in order to protect them from deliberate or inadvertent compromise. This practice was justified by a long trail of previous incidents in which intended targets had vanished after intelligence was shared with the Pakistanis. Mike’s team had been party to just such an incident the previous month. They and the commandos had gone on a mission to Lalpur, a district in Nangahar along the Pakistani border, where there was a reported insurgent training camp. The Pakistanis had been informed of the pending operation twenty-four hours earlier. When Mike and his team arrived, the villagers told them that forty insurgents had left the village just hours before. The team found the second-largest cache of their tour there after Maya. Providing advance notice not only jeopardized the mission, Mike noted, but his men’s lives. “People don’t understand that it puts us in a lot of danger,” he said.

After Operation Sayaqa was launched, when the team came under fire, Wilson had called Regional Command–East to verify that there were no Pakistani border posts in the area of the engagement. The command had replied that there were no posts marked on its map and authorized Mike’s request for fire. Wilson only found out as the events unfolded that Regional Command–East had not passed the concept of operations the team had prepared, with the slide of information releasable to the Pakistani military, to the border coordination center, so nothing had been shared with Pakistan. Wilson had sent a back-channel copy of the slide to Joyce, but it had not been briefed to the Pakistanis.

When the team came under fire the second time during Operation Sayaqa, Wilson had tried to determine definitively whether Pakistani forces were involved. The situation became even more snarled at that point, however, because the US officer at the coordination center incorrectly loaded a map overlay into his computer, possibly because he was a reservist unfamiliar with the relatively new “command post of the future” software. That error led him to identify the wrong location to the Pakistani liaison officer, a spot fourteen kilometers north of the scene of the fighting. The Pakistani had confirmed that there were no Pakistani forces at that erroneous location, which heightened the confusion.

Wilson became dismayed, as the investigation unfolded, that the RC-East command did not clarify its own actions with regard to the CONOP and the border coordination. The official investigation’s final report was clear on this point, however.16 Wilson’s battalion had briefed the operation in a video teleconference, and the border coordination center at Joyce had asked RC-East’s border cell for more information but received no response. A tap dance was beginning that would go on for weeks and consume hundreds and hundreds of hours. Wilson’s decisions and the actions of Mike and his men that night were straightforward and entirely justifiable, as the investigation later confirmed. The men were under fire, pinned down, and in imminent danger of being wounded or killed. It did not matter who was shooting at them or why. The rules of engagement were clear. US forces under attack had the right to defend themselves.

What happened next was not just a product of the November 25–26 incident. It was part of a toxic climate of mistrust and bitterness that had reached epic proportions, driven by a series of events. Pakistan had been chafing under the greatly increased pace of US drone strikes that occurred during the Obama administration, often at politically inopportune times. The news media’s publication of diplomatic cables via Wikileaks had revealed just how deeply the United States mistrusted Pakistan. A CIA contractor had shot two Pakistanis in Lahore, and the raid six months earlier by SEAL Team Six deep into Pakistani territory to kill Osama bin Laden—with no advance notice—had deeply humiliated the Pakistani military. The escalating rhetoric over the course of the year was matched by a quadrupling of fire from Pakistan’s side of the border. The Pakistani government was itching for a fight, and Operation Sayaqa provided just the pretext it needed.

Interview: Hacker OPSEC with The Grugq

grugq body Interview: Hacker OPSEC with The Grugq The Grugq is an world renowned information security researcher with 15 years of industry experience. Grugq started his career at a Fortune 100 company, before transitioning to @stake, where he was forced to resign for publishing a Phrack article on anti-forensics. Since then the Grugq has presented on anti-forensics at dozens of international security conferences, as well as talks on numerous other security topics. As an independent information security consultant the Grugq has performed engagements for a wide range of customers, from startups to enterprises and the public sector. He has worked as a professional penetration tester, a developer, and a full time security researcher. The Grugq’s research has always been heavily biased towards counterintelligence aspects of information security. His research has been referenced in books, papers, magazines, and newspapers. Currently an independent researcher, the grugq is actively engaged in exploring the intersection of traditional tradecraft and the hacker skillset, learning the techniques that covert organisations use to operate clandestinely and applying them to the Internet. You can follow him on Twitter at @thegrugq.

John Little: You blog and have given conference presentations on Hacker OPSEC. You started doing this before the recent NSA revelations (and the general hysteria surrounding intelligence collection) but you were already warning hackers that states had superseded them as the internet’s apex predator. In just a couple of years we’ve moved from the seeming invincibility of LulzSec, to high profile busts, and now onto serious concerns being raised about the every aspect of the internet’s architecture, security models, and tools. Rock solid OPSEC is a refuge but maintaining it for long periods of time under significant pressure is very difficult. The deck is obviously stacked against anyone trying to evade state surveillance or prosecution so where do freedom fighters and those with less noble intentions go from here?

The Grugq: You raise a number of interesting points. I’ll ramble on about them in a moment, but before that I’d like to clarify for your readers a bit about where I am coming from. Firstly, I am not a “privacy advocate”, I am an information security researcher. My career in information security has been mostly focused around denial and deception at the technical level.

Recently, however, I became aware that this “fetishizing the technology” approach is simply not effective in the real world. So I turned to studying clandestine skills used in espionage and by illicit groups, such as narcotics cartels and terrorist groups. The tradecraft of these clandestine organizations is what I am trying to extract, inject with hacker growth hormone, and then teach to those who need real security: journalists; executives traveling to adversarial environments; silly kids making stupid life altering mistakes, etc.

The media has actually expressed a lot of interesting in improving their security posture, and I am engaged in helping some journalists develop good OPSEC habits. Or at least, learn what those habits would be, so they have some idea of what to aspire to. There is a strange intransigence with some who reject improved security with the line: “but we’re not criminals! Why do we need this?” Well, the only answer I have is that OPSEC is prophylactic, you might not need it now, but when you do, you can’t activate it retroactively. As I phrased it in my “The Ten Hack Commandments” — be proactively paranoid, it doesn’t work retroactively.

So, that’s how I’ve arrived at hacker tradecraft, and where I’m trying to take it. On to the issues you’ve raised about good OPSEC and living a clandestine life.

The stress of the clandestine lifestyle is something that people tend to gloss over all too easily. This is an observation that comes up frequently in the literature about terrorist groups, espionage agents, and revolutionaries. There are a lot of compound issues which combine to make this sort of “good OPSEC” lifestyle very unhealthy for the human mind:

1. Isolation
2. Compartmentation of the ego
3. Paranoia related stress

Isolation provides the strongest security, and all good security involves a significant investment in maintaining a low profile, “going underground”, “off the grid”, etc. This means that the clandestine operative has reduced visibility over the social and political landscape, and their telemetry will suffer. Degraded telemetry means they will be unable to self-correct and reorient to what is happening around them. If they are part of a cell, a group of operatives in communal isolation, they will tend to self reinforce their ideology. Effectively radicalizing and distancing themselves further from the mainstream norms of society. This additional isolation can create a feedback loop.

If the operative isn’t living a completely isolated clandestine lifestyle in their Unabomber cabin, they will have to isolate parts of their individual selves to compartment the different aspects of their lives. There will be their normal public life, the one face they show to the world, and also a sharded ego with their clandestine life. Maintaining strict compartmentation of the mind is stressful, the sharded individual will be a sum less than the total of the parts.

As if that wasn’t enough, there is the constant fear of discovery, that the clandestine cover will be stripped away by the adversary. This leaves the operative constantly fretting about the small details of each clandestine operational activity. Coupled with the compartmentalization of the self, the operative also has to stress about each non-operational activity, will this seemingly innocent action be the trigger that brings it all crashing down?

Seriously, maintaining a strong security posture for prolonged periods of time is an extremely stressful and difficult act. Operatives working for the intelligence agencies have a significantly easier time of it than those on the other side of the protection of the state: e.g. their agents; hackers; terrorists, and narcos. The “legal” operatives have peers that they can confide in and unwind with thanks to the protections of the nation state. The true clandestine agents must be guarded with their peers, the public and the adversary. Any peer might be an informant, either now or in the future. Opening up and being friendly with their peers is part of what lead to the unraveling of the lulzsec hacker group.

This leaves people who need to operate clandestinely and use the internet with a real problem. How can you be on the Internet and isolated? Well, compartmentation is the only answer, but it is expensive and fragile, even a single error or mistake can destroy the whole thing. This is why I’ve advocated that people who seek to operate clandestinely combine deception, that is, multiple covers, for their compartmented activities. It is possible to embed tripwires into the cover identities and be alerted when they’re blown.

My thinking these days is that an operative must minimize the time that they are engaged in a clandestine operation. Something like the theory of special operations, the period of vulnerability only grows the longer the operation goes on. Clandestine operational activity must be compartmented, it must be planned, it must be short in duration, and it must be rehearsed (or at least, composed of habitual actions). It is possible to do, and I believe that even non-experts can pull it off, but it must be limited in scope and duration. Prolonged exposure to underground living is caustic to the soul.

John Little: There is a significant amount of paranoia circulating in hacker and activist communities right now. How much of it is justified? More importantly, how should people go about conducting a realistic personal risk assessment before they start piling on layer after layer of OPSEC? How can they strike that balance between the tedium and isolation and security that is “good enough”?

The Grugq: There is certainly a great deal of paranoia, some of it justified, some of it unjustified, and some of it misdirected. I think it is important to remember that paranoia is unhealthy, it is paralyzing, it is divisive, and it is harmful to operational effectiveness. The goal to aim for is caution. Allowing the adversary to inflict paranoia on you, or your group, gives them an easy psychological operation “win”. So lets drop the paranoia and figure out what security precautions we must take in order to operate safely and effectively.

As you bring up, the core to effective security is performing a risk assessment, deciding what information is most important to protect, and then developing mitigation strategies to safe guard that information. There are books and manuals that go into this in great depth, so I won’t spend a lot of time on the details.

A risk assessment should focus on the most high impact items first. To determine this, you list your adversaries and group them by intent and capability. So the NSA would have a very high capability, but probably has a low intent of targeting you. Then you make a list of information about your secrets, what you are trying to protect, and group that based on the negative impact it would have if it were in the hands of an opponent. The most damaging information must be protected from the likely and the most capable adversaries.

Generally speaking, if you’re engaged in a clandestine activity that you want to protect, the core information to secure is:

1. Your identity
2. Your clandestine activity
3. Your association with the activity

So lets take the example of the Dread Pirate Roberts, who’s been in the news recently after he got arrested. His adversaries were highly capable, including a wide range of law enforcement officials from across the globe. They were highly motivated, because DPR and his site were very high profile. So you have high capability, and high intent. Not looking good so far.

The information that was most important was his personal real world identity, followed by his location. Protecting that information would require:

1. Robust compartmentation
2. Reducing his exposure to the most capable adversaries (e.g. leave the USA)
3. A strong disinformation campaign
4. Limiting his time in “the dragonworld” (to use J. Bells’ term for the underground)

For most people engaged in a clandestine activity this list is probably what they will want to follow. The exact mitigation enacted for each component in the list is case dependent. As we discussed earlier, and as you’ve said, we need to find a good balance between an aggressive security posture and living a rewarding life.

Remember, the goal is to reduce the quantity and the quality of information available to the adversary.

John Little: So a point which both of us comment on with some regularity is the fact that security is rooted in behavior rather than technology. That’s always been true to some extent but never more than now. Tools are suspect, almost across the board. And a lot of assumptions about security have to be tossed aside. But one thing is certain, hackers adapt to the adversary. Terrorists do this well too. An attacker who can successfully parse all this and adapt is going to be a very significant threat. How can states counter the advanced threats? How can they counter hackers who know how to manage OPSEC and technical security to evade detection?

The Grugq: HUMINT. More of it.

The role of SIGINT in intelligence has basically been this weird bubble, starting around WWII when the love of SIGINT started until recently, when some of the SIGINT capabilities are starting to go dark. SIGINT is much more attractive than HUMINT. Signals don’t lie. They don’t forget. They don’t show up late to meetings, or provided intelligence information that is deliberately deceptive. SIGINT is the heroin of intelligence collection. The whole world got hooked on it when they discovered it, and it has had a very good run… it will probably continue to be useful for decades more, but really… the real utility of SIGINT will start to diminish now. It has to. The amount of encryption being deployed means that many mass collection capabilities will start to go dark. I, of course, am in total favour of this. I think that the privacy and protection of the entire Internet are more important than the ability of the US government to model the “chatter” between everyone using the Internet. The reduced security that the US government has tried (and succeeded) to force on the entire world is makes all of us less safe against any adversary.

SIGINT is really the sort of intelligence collection technique that needs to lose its prominence in the pantheon of intelligence gods. It is very easy for a serious adversary to defeat: basic tradecraft from the days of Allen Dulles will work (leave the phone behind, have the meeting while taking a walk). This tradecraft technique is described by Dulles, in 50 year old KGB manuals, and by Hizbollah operatives last year. The only way to catch people who are capable of any sort of OPSEC / tradecraft is via: a) Mistakes that they make (very easy for amateurs to make mistakes), or b) Via HUMINT. Spies catch spies, as the saying goes. It might be updated to, spies catch clandestine operatives.

Historically, the value of HUMINT has been very hit and miss, but those “hits” are extremely valuable. The major successes of the Cold War were almost all the result of human beings who became spies for the opposition: Ames, Hanssen, Walker, Howard, Tolkachev, etc. There are myriad cases with terrorist groups as well, informants is the best weapon against them. Relying on SIGINT is essentially relying on the adversary (terrorist groups) having poor tradecraft and terrible counterintelligence practices. This is simply not the case, at least not with sophisticated dangerous groups.

Double down on HUMINT and scale back SIGINT. SIGINT can be evaded, but HUMINT, essentially exploiting trust relationships, will always bite you in the ass.

John Little: Hackers are going to have to evolve in the same direction though aren’t they? Technology isn’t their salvation from an OPSEC perspective, in fact it is really the weakest link in their security model, so they will have to fully embrace good old-fashioned tradecraft and deception to avoid detection. Do you see an appreciation of that in the hacking community? It seems like a lot of big name hackers are still making fairly simple OPSEC mistakes.

The Grugq: Exactly, this is really the understanding that needs to sink in: technology alone will not save you. Hacker culture, almost by definition, is technology obsessed. We fetishize technology and gadgets, and this leads us to the deep-seated belief that if we just use the right tool, our problems will be solved. This mindset is fundamentally wrong. At best, I would call it misguided, but really I believe that most of the time it is actually counter productive.

Trust is the weakest link in the security chain, it is what will get you in the most trouble. This goes double for trusting in technology (even, as Bruce Schneier says “trust the math”). Tech is not the path to security. Security comes from the way that you live your life, not the tools. The tools are simply enablers. They’re utilities. OPSEC is a practice.

Expecting the tools to provide security for you is like buying a set of weights and then sitting around waiting for your fitness to improve. The fallacy that technology will provide the solution has to be seen for what it is, a false promise. There is nothing that will protect secrets better than not telling them to people!

Good OPSEC is founded on the same basic principles that have governed clandestine activities since the dawn of time. Hackers might be new, but good hackers require the same set of skills as the second oldest profession. Good OPSEC is timeless, and it stems from the application of the principles of clandestine operation, using caution and common sense.

The “73 rules of spycraft” by Allen Dulles was written before the Internet, before hacker culture (even phreaker culture) existed. I believe it is one of the most valuable guides available to understanding how to implement OPSEC. (As an interesting aside, harking back to one of my previous points, Dulles recommends taking vacations to get away from the stress of “work”.)

There are a lot of very public hackers who exhibit terrible security practices. Many of them are techno fetishists rather than espionage geeks, consequently they fail to understand how limited their knowledge is. Its the Dunning–Kruger effect in full tilt. They don’t do the research on their opposition and don’t know what sort of techniques will be used against them. By the time they figure it out, they are usually just an opportunity for the rest of us to practice Lessons Learned analysis. Of course the great tragedy is that many of the hacker community suffer from hubris that prevents them from actually learning from other’s failures.

A friend of mine paraphrase Brian Snow (formerly of the NSA) “our security comes not from our expertise, but from the sufferance of our opposition”. As soon as the adversary is aware of the existence of secrets worth discovering, and has the resources available to pursue them, hackers rapidly learn how good their OPSEC is.

John Little: I’ve always been amazed at the very public profiles of some hackers, especially where conferences are concerned. Granted, most are legitimate security researchers but there are also many in the community who occupy a grey area that is guaranteed to draw attention from intelligence or law enforcement agencies. Are hackers largely underestimating the skill with which intelligence agencies can penetrate, encircle, and absorb aspects of their community? Are we in for significant changes in the relationship between IC/LE and hackers, how hackers view themselves from a security standpoint, and how hackers engage each other?

The Grugq: Yes, very much so. There is a growing awareness of the altered threat landscape, and the need for an improved security posture. For decades the hacker community has been myopically focused on SIGINT threats, the sorts of technical attacks that have technical solutions. The HUMINT threat has been misunderstood, or ignored completely. That is changing as the hacker community is starting to learn and practice counterintelligence.

It is a difficult transition though, as some core counterintelligence principles run directly counter to the hacker ethos. There are a lot of factors at play, but one of the important ones is that hacker culture is very much a research culture. There is a great deal of knowledge exchange that goes on rather freely within various segments of the community. The problem, of course, is that the trading of information, which is so central to hacker culture, is the antithesis of a strong security posture. Many hackers realize this, so they only share with trusted friends, who then only share with their trusted friends, who then… and then suddenly everyone is on lists and someone is going to jail.

Security conferences are important events for hackers where they disseminate their research and findings, and socialize. This makes these events very target rich environments for intelligence agencies looking to build dossiers on hackers. They can see who is socializing with whom, attempt to recruit people, elicit information on capabilities, install malware on computers, collect intel from computers, and so on. That hackers would expose themselves to these activities seems very counterproductive for robust security. What gives?

The hacker community has a slightly different set of moral and ethical guidelines than mainstream society, which leads to problems with the authorities. Broadly speaking, few hackers view breaking into a system as unethical or morally wrong. Damaging the system, stealing information, or otherwise abusing the system is wrong. Simply accessing it is a challenge. The police, of course, view things differently: an illegal act is an illegal act.

For hackers the secret knowledge that they discover from active research is something to be proud of, and so we’re very excited to brag about our findings, activities or capabilities. This information is treated as something that will be kept within the community, bound by the FrieNDA. Of course, this is all based on trust, which is a very dangerous foundation for any security system. As Dulles’ says, the second greatest vice is vanity, the third is drink. Security conferences are not the places to avoid those vices!

So there is certainly this dynamic of wanting to brag about our discoveries from active research, but at the same time the tension of “what will happen if this leaks?”. These days we know what will happen, over zealous law enforcement and prosecution: weev, Aaron Schwartz, Stephen Watt, Dan Cuthbert, etc. The authorities view hackers as modern day witches, something to be feared and destroyed. It is unfortunate for the hacker community in many ways. Intelligent people who could contribute to mainstream society have their lives destroyed. So the repercussions of what are generally harmless activities can be devastating and life altering. Unfortunately, the protections that hackers turn to tend to be technological, but the problem is humans.

The hacker community is easy prey for law enforcement and the intelligence community. Very few hackers are savvy enough to spot a recruitment pitch, or to understand that what they think is amusing others view as criminal. I think this is starting to change. These days there is a lot less discussion about illegal hacking of systems (whether for monetary gain or not), and more about how to protect against the massive Internet surveillance that has been made public.

In this, I think, the hacker community and the general public are finding a lot of common cause against the LE/IC. There is a lot of good that will come out of this realization that the technology of privacy is actually important and should be ubiquitous, and easy to use. The default should be secure. Of course, as we know, this won’t help that much if someone is going around making basic OPSEC errors. So strong privacy protections for everyone will make the job of the LE/IC a bit harder, but it will also make everyone safer. I think that is a fair trade off.

Similarly, I think a lot of hackers would be quite happy to help the LE/IC community with technology support and ideas. The problem is that the relationship is a difficult one to establish. The IC is a black-hole, sucking in information and returning nothing. I don’t know how there can be meaningful engagement between the two communities, which I believe is a tremendous shame. There is a lot that can be learned from both sides, and I would love for the IC to contribute back. Law enforcement doesn’t interest me that much. Personally, my interest with LE begins and ends with studying their tools techniques and procedures for counterintelligence purposes. Something, that historically at least, few other hackers actually do. That is changing.

Hackers are learning to tighten up their security posture, they are learning about the tools techniques and procedures that get used against them, and they are learning how to protect themselves. Of course, the preponderance of criminal activity is committed in places where lax enforcement of computer crime laws allows blackhats to operate inside “protected territory”. In the long term, this is an extremely dangerous situation for those guys, of course, because without an adversarial environment they won’t learn how to operate securely. When the rules change, they will be caught out, completely unprepared.

The intelligence agencies and law enforcement departments have decades of organizational history and knowledge. The individual members can display wide ranges of skill and competence, but the resources and core knowledge of the organization dwarf what any individual hacker has available. Many of the skills that a hacker needs to learn, his clandestine tradecraft and OPSEC, are the sort of skills that organizations are excellent at developing and disseminating. These are not very good skill-sets for an individual to learn through trial and error, because those errors have significant negative consequences. An organization can afford to lose people as it learns how to deal with the adversary; but individual cannot afford to make a similar sacrifice — after all, who would benefit from your negative example?

The skills that hackers do have, the highly technical capabilities they can bring to the game, are not useful against an adversary who’s primary skill is manipulating other people. Knowing how to configure a firewall, use Tor, encrypt everything, etc. isn’t going to do much good if you also attend a conference without a highly tuned functioning spook-dar and a working knowledge of anti-elicitation techniques. The hackers are hopelessly outclassed at this game. Hell, the majority of them don’t even know that they’re playing!

Times are changing though, and hackers are starting to learn: OPSEC will get you through times of no crypto better than crypto will get you through times of no OPSEC.