DOMESTIC TERRORISTS
The cyber war has moved beyond the battlefield into an all-encompassing struggle in economics, politics, and culture, along with old-school physical confrontation. Instead of smaller sub-state groups forming strategic alliances to fight the government or private power brokers, affinity groups organized around ideology and ethnic identity are battling one another. Killing an enemy or capturing and maintaining a territory are old-world paradigms of conflict. Messaging is far more important. The emerging hybrid war depends on the allegiance of civilian populations and control over narrative [50]. Social networks empowered those with fringe ideologies to find each other and connect. Consequently, their beliefs have been reinforced because of sustained tribal membership and engagement, and their communities have the tools and access necessary to recruit and indoctrinate new members. The tumultuous 2015 to 2016 political cycles normalized the awareness and terminology of information warfare through incessant discussions of Russian “troll farms” and “meme armies.” Ironically, the revelation of foreign influence drove domestic interest in the subject and led to many wannabe domestic terrorists. Government enforcement of laws in digital spaces is not comprehensive. Furthermore, many spaces cannot be governed because of provisions of the Constitution. In many cases, if the private business controlling the platform does not intervene, the adverse behavior is permitted and wars between factions commence. Tutorials on outdated malware, spy tools, and social influence techniques are more available than ever on online platforms like YouTube and Discord chatrooms. Between the diametrically opposed collectives are dossiers and blacklists, agents and double agents, “good trolls” spying on Trump and anti-Trump supporters and fake antifa and right-wing accounts, disinformation, and counter-intelligence campaigns.
Antifa and other radical groups collect and process public information through decentralized, allegedly leaderless groups. In truth, their tactics are the application of domestic guerrilla warfare to the script kiddie and activist environments. Their entrance to the landscape marks a new phase of bottom-up cyber warfare. Extreme “grassroots” factions by design function as low-level digital influence machines. Their primary motivators are recruitment, revenge, intimidation, disruption, mobilization, and the inspiration of kinetic violence. The capabilities of low-level and under-resourced operations, such as radical groups, should not be underestimated; influence operations are asymmetrical. In some instances, though they lack sophisticated tools, through group-sourcing challenges, attacks, and digital operations, these factions can gather nearly as much information as government intelligence apparatuses. With a high-speed internet connection, anyone with enough free time and basic freeware, such as Maltego and Kali Linux, can surveil social media or invade networks. Their hybrid networks of people and machines automatically aggregate and act on intelligence gathered from nearly every social platform. The information is then either weaponized online or translated into action by volunteer members who “act without orders” [50].
In their coverage of radical collectives, the mainstream media has focused on the violence at rallies and destruction of physical property perpetrated by homegrown extremists. Dedicating screen time to violence in the streets, by protestors and counter-protestors alike, makes logical sense because property was destroyed and, in some cases, lives have been lost. The mainstream media attracts and maintains viewers through fearmongering and sensationalizing protests and rallies. In reality, the overwhelming majority of protestors and counter-protestors are non-violent; however, they and, in most cases, the points of their causes do not merit media attention because relatively minuscule radical factions can easily steal the spotlight. In fact, in some cases, the intent of the “revolutionaries” is to derail an event or detract from a cause by altering public perception and polarizing issues based on partisan politics. Because of the anonymous nature of the group, anyone in the right apparel, say a ski-mask or clothing with an inflammatory symbol, can infiltrate an event, incite chaos, capture media attention, and then discard the attire and walk away from the outing with no repercussions. Factions such as these that wholly lack in accountability structures force themselves to be publicly, and in some cases legally, accountable for the actions of anyone even temporarily claiming membership. As a result, false flag operations and operations sponsored by special interest groups are both effective and prevalent in this space.
Kinetic activities, while necessary to cover and discuss, are only a fraction of the actions of antifa and other radical groups. Antifa and its polar opposites practice “open-source insurgency” – wherein large collections of small superempowered groups collectively combat much larger foes, typically perceived hierarchies. Memes, trolls, bans, doxes, sock puppets, and targeted disruption campaigns are deployed in a cycle of attacks and counterattacks that, much like traditional military intelligence and information operations, set conditions for the next round of physical confrontation. According to military theorist and futurist John Robb, open-source insurgency leads to “superempowerment” – “an increase in the ability of individuals and small collectives to accomplish tasks/work through the combination of rapid improvements in technological tools and access to global networks.” As a result, small groups on the far fringes of the ideological spectrum have been enabled to increase their productivity radically in conflict [50].
Online disruption is the primary goal of radical factions. The “status quo” is the enemy. They want to maintain constant chaos rather than allow political, societal, or ideological equilibriums. They want to conflate up and down, trust and distrust, fact and falsehood, because in the chaos-driven environment, they have power [50]. Typically, they would lack the clout to influence society or reality; in a state of chaos, however, those with the wherewithal and ability, no matter how seemingly insignificant, to tip the balance in one direction or the other usurp the role of pivotal decision-makers. In this manner, the informed silent minority can overtake a silent or vocal majority. The tactics are not neutral – they favor actors skilled at processing and manipulating high volumes of information – but they are promiscuous. What works against an anti-Trump art installation can be used by ISIS, Antifa, or the alt-right, or turned against any of these groups. Similar systems can even be implemented to coordinate volunteers in highly effective disaster relief efforts [50].
On sites like 4chan and 8chan, organizations and distributed, “leaderless” networks alike conduct IMINT and GEOINT – forensic analysis of digital imagery and geospatial data. The results can be used to dox individuals or groups. This methodology has spread amongst ideologically opposed fringe factions as political violence has increased. A Twitter account associated with 4chan’s pol/board even promotes the process in detail in an apparent attempt to attract new volunteers. For instance, though the assailant masked his face, 4chan users teamed up to identify former professor Eric Clanton as the assailant of three people during the April 2017 Berkeley free speech rally by isolating non-facial visual characteristics and then through the frames of the imagery from the event. After Charlottesville, antifa protesters used the same techniques to identify and dox the protestors. Following the events in Charlottesville, a twitter account called @yesyoureracist posted information about people supposedly identified at the “Unite the Right” rally. The account eventually gathered 408,000 followers and led to a Patreon campaign to support its efforts. In response, 8chan has reportedly begun targeting the presumed owner of the account and his family with violent threats [50].
GEOINT and IMINT often lead to misidentifications and accusations against innocent people. The rush to judgment and lack of restraint is the result of the public’s thirst for immediate social justice. Antifa is not alone in their mistakes. Social justice attacks, including doxing and the weaponization of social media, are agnostic of political leanings and have victims of every ideological variant. For example, in 2013, a crowdsourced investigation conducted on Reddit and other internet boards falsely accused innocent people of responsibility for the Boston Marathon bombing – a mistake also made on the front page of the New York Post. In a more impactful demonstration, Bellingcat, an affiliate of the Atlantic Council, used similar GEOINT and IMINT techniques to geolocate ISIS training camps and identify members. Groups on 4chan and Anonymous have similarly intervened in global conflicts, such as Ukraine and Syria, where they have typically taken different sides, with 4chan showing a strong pro-Assad and pro-Russia bias and Anonymous favoring the opposition[50].
In addition to outing one another and members of the public, fringe factions also infiltrate their counterparts using sock puppet accounts and attempt to undermine or control the group internally using minority influence leadership, distraction techniques, and bot followers. When the saboteur cannot usurp the community, they do something embarrassing or provocative to draw negative attention or redirect the group’s agenda to damage control. In some cases, internal politics within the group leverage the engineered chaos and the overall messages and goals of the group realign. A recent surge of fake antifa social media accounts and forgeries of supposed antifa documents exemplify how fluid and muddied these groups can be. The fake accounts adopt actual positions held by antifa’s anarchist wing, like the embrace of political violence and opposition to liberal ideals of free expression, and exaggerate these already divisive qualities to make the group appear even more radical and threatening. Their goal is to dissuade potential new members and to sow suspicion among supporters. Others are almost cartoonish in how transparently fake they are and will never persuade current or prospective members to trust their antics. Instead, these accounts are used to incite internal and external chaos. In response, Antifa-affiliated outlets have doxed and DDoSed the people behind the fake accounts and sites, releasing names and other personal details [50].
Conflict because of the actions of radical sociopolitical cliques remains in its infancy. Though it might not lead to outright civil war in America, similar low-level violent multi-polar insurgency has rent other countries asunder. There is truth to Carl von Clausewitz’s famous adage, “War is the continuation of politics by other means.” Today, however, politics is downstream from culture. As ideological variants war for control of digital spaces, the lines between culture, news, politics, war, and entertainment blur and the fabric of society becomes disheveled by chaos [50].