Voice

Killer Swarms

It wasn't the Russian winter that stopped Napoleon.

Today marks the bicentennial of the culminating catastrophe that befell the Grande Armée as it retreated from Russia. This past weekend one of the French Emperor's descendants, Charles Napoleon, traveled to Minsk in Belarus to attend ceremonies commemorating the disaster at the nearby Beresina River crossing, where thousands died -- many by drowning -- in a final, panicked rout in freezing weather. Bonaparte had marched deep into Russia with nearly half a million soldiers; he returned with less than 25,000.

Given that Napoleon was the great captain of his time -- perhaps of all time -- and that his armies had conquered and held most of Europe, the tragic events on the Beresina demand explanation. His defeat is something of a puzzle, too, as the Grande Armée won the campaign's pitched battles fought at Smolensk and Borodino. Harsh winter weather, the commonly assumed culprit, cannot explain the result either; the first frost didn't arrive to bedevil the retreat until just a few weeks before the Beresina crossing.

The answer to the puzzle is that Napoleon and his forces were beaten by what a young Russian hussar, Denis Davydov, called his "indestructible swarm" of Cossacks and other raiders who constantly harried the French columns on the march. They also struck relentlessly, repeatedly, and to fatal effect at the Grande Armée's supply lines. As David Chandler, an eminent historian of Napoleon's campaigns, put it: "raids of Cossacks and partisan bands did more harm to the Emperor than all the endeavors of the regular field armies of Holy Russia."

Davydov, who probably inspired Tolstoy's character "Denisov" in War and Peace, had lobbied his superiors hard for the creation of a small force of behind-the-lines raiders. General Pyotr Bagration, not long before his death in battle at Borodino, gave Davydov permission to launch his swarm -- though he detached only a single troop of riders to accompany him. This was all that Davydov needed, though, as he picked up Cossacks, freed Russian soldiers taken prisoner, and recruited willing peasants along the way. Soon the French knew no rest. In Davydov's own words, they "had no choice but to retreat, preceded and surrounded by partisans."

The Beresina bicentennial provides us a moment to contemplate one of history's greatest military debacles from an alternative point of view: as an outcome driven not by the clash of hundreds of thousands of troops massed tightly on some constricted battlefield, but rather as the result of constant pinprick attacks from all directions, mounted by a relative handful of irregulars. Who acted like a swarm of bees.

Davydov's concept of operations portended an entirely different approach to military affairs, one that would grow ever more valuable with the advance of technology. The Russian partisans of 1812 attacked French wagon convoys. Fifty years later, in the Civil War, Confederate raiders disrupted rail lines, imposing near-fatal delays on the advance of Federal forces. In World War I, T.E. Lawrence and his Arab irregulars swarmed the 800-mile-long rail line from Damascus to Medina, contributing mightily to the eventual Turkish collapse. At sea in World War II, U-boat wolf packs swarmed Allied convoys, nearly winning the war for Hitler.

Throughout the Cold War, and on into the post-9/11 era, the swarm -- simultaneous attack from several directions -- has been the favored fighting method of insurgents and terrorists. The Viet Cong swarmed helicopter landing zones and American foot patrols in Vietnam. Hezbollah did the same to the Israel Defense Forces (IDF) in southern Lebanon during the long war to evict the IDF -- and then did so again during the 2006 conflict there. The Free Syrian Army today regularly strikes many places at once, too, giving the Assad regime's military a problem it cannot solve. Iranian naval strategy embraces swarming as well, the idea being to attack the relatively few, large vessels of the 5th Fleet from all directions with hundreds of small, explosive-laden boats. Even in cyberspace one sees swarms in the form of the millions of hits to single sites, coming from all over the world, that often characterize debilitating "distributed denial-of-service" attacks. If al Qaeda were ever to develop a capacity for sustained swarming in the United States, rather than just mounting rare, one-off attacks, the consequences would be truly dire.

Swarms matter, and have done much to shape the world. As my colleague David Ronfeldt and I have noted in our RAND study of swarms, the phenomenon began long ago. The Mongols were particularly adept at this way of war, following a doctrine they actually named "Crow Swarm." Edward Luttwak, in his masterful The Grand Strategy of the Byzantine Empire, observed that the success of the Byzantines in protecting the edges of empire for nearly a thousand years after the fall of Rome had much to do with their employment of defensive swarm tactics. But Davydov, in a brief campaign launched only after he overcame bureaucratic resistance, helped defeat one of history's greatest adventurer-conquerors, giving us perhaps the single most dramatic example of swarming ever seen.

Clearly, the insurgents, terrorists, and other irregulars -- including "black hat" hackers -- who cause most of the world's mischief today are highly attuned to swarm tactics. In addition to being the bicentennial of Bonaparte's disaster on the Beresina, today also marks the fourth anniversary of the small terrorist swarm -- composed of five two-man teams -- that hit Mumbai simultaneously at several different spots and held the city hostage for three days. Nearly 200 were killed, and hundreds more were wounded, as it took days for Indian counter-terrorist forces to mass and move into place to deal with them. Even small swarms are deadly.

Those who must contend with swarms will fail if they rely simply on the heavy hitting of massed forces. Swarms easily slip such punches, and hit back in stinging ways. No, the answer must be to learn to "swarm the swarmers." The Sri Lankan Navy did this against the Tamil Sea Tigers a few years ago, by shifting to a fleet of light, swift vessels that proved even nimbler than those of their enemy. The Sri Lankans quickly proved adept at attacking the Sea Tigers from many directions. And in Gaza, where Hamas leaders think they deterred the Israelis from mounting a ground invasion, the IDF was absolutely ready to move in from several directions simultaneously, reflecting both a refinement of the swarm tactics used the last time they raided Gaza some years ago and the lessons they have learned from Hezbollah.

Denis Davydov's official report on his operations during the war against Napoleon concluded that his "indestructible swarm" was likely to change the face of war. In fits and starts over the past two centuries, it has begun to do just that. But now the period of fitful progress is over; take warning of the coming swarms that threaten to sweep all before them.

Uriel Sinai/Getty Images

National Security

Panetta's Wrong About a Cyber 'Pearl Harbor'

The Internet doesn't work that way.

In recent months, the specter of a looming cyber "Pearl Harbor" has reappeared -- the phrase having first come into use in the 1990s. But it is the wrong metaphor. Given the surefire emotional effect evoked by memories of the "day of infamy," how can this be? How are good cyber security legislation and regulations to be enacted and pursued in the absence of such galvanizing imagery? Clearly, the Obama administration thinks that trotting out the Pearl Harbor metaphor is essential, and so a range of officials, right up to Defense Secretary Leon Panetta, have been using it recently. But there is a fundamental problem: There is no "Battleship Row" in cyberspace.

In December 1941, a great deal of American naval power was concentrated at Pearl Harbor and Japan dealt it a sharp blow, enabling Imperial forces to pursue their expansionist aims for a while. Of the eight U.S. Navy battleships that were there, four were sunk and the other four were seriously damaged. And if the Kido Butai, the Japanese carrier strike force, had caught the three American aircraft carriers deployed to the Pacific in port -- they were out to sea at the time of the attack -- or had blown up the base's massive fuel storage tanks, the damage would have been catastrophic. Pearl Harbor was a true "single point of failure."

Nothing like this exists in cyberspace. Indeed, part of the logic behind the creation of the Internet, going back more than 40 years now, was to ensure continued communications even in the wake of a nuclear war. Redundancy and resilience are the key notions that shaped the structure of cyberspace. Yes, there are very important nodes here and there; but workarounds and fallbacks abound. Cyberspace is more like the oceans that cover two-thirds of the world: it has its choke points, but there are always alternate routes.

If the Pearl Harbor metaphor is misleading -- encouraging the belief that strong defenses concentrated in one or a few major areas can protect most, if not all, threatened spaces -- there may be another harbor metaphor that does much more good. This one comes from World War II as well and has to do with the harbor lights of the Eastern seaboard cities. Very soon after Germany declared war on the United States -- in the immediate aftermath of Pearl Harbor -- U-boats were dispatched to attack shipping on our side of the Atlantic. German submarine skippers were assisted in their task by the failure of President Franklin Delano Roosevelt to order a blackout along the coast. And so the U-boats had what their crews called "the happy time," teeing up targets for night attacks because they were illuminated against the backdrop of blazing city and harbor lights.

For several months in 1942, mayors of coastal cities resisted pressure to enforce blackouts because of the loss of business they feared would ensue, plunging an economy still not fully recovered from the Depression into a new downward spiral. It was only when shipping losses grew dangerously high -- over a million tons were sunk in the first four months of 1942 -- that a blackout was finally put in place and merchant ships began to move in escorted convoys. This didn't put an end to the U-boat menace, but did bring it under control.

Today, the "harbor lights" are on all over cyberspace. A wide range of targets is well illuminated, highly vulnerable to all manner of cyber mischief. Our armed services, increasingly dependent upon their connectivity, can be virtually crippled in the field by disruptive attacks on the infrastructure upon which they depend -- but which are not even government-owned. Leading commercial enterprises hemorrhage intellectual property to cyber snoops every day -- a point Governor Romney made twice in his debates with President Obama. And countless thousands of Americans, having had their personal security hacked, are now serving unwillingly and unknowingly as drones or zombies, pressed into service in the robot networks, or "botnets," of master hackers.

Why do the harbor lights remain on in cyberspace? Because, rather than focusing on security, information technology manufacturers and software developers have been driven for decades by market forces that impel them to seek greater speed and efficiency -- at the most competitive prices. In short, the virtual harbor lights stay on because the perceived economic cost of improved security -- that is, of enforcing a blackout, in metaphorical terms -- is seen as too high. And, just like FDR, American political leaders have shied away from forcing their hand.

Where the metaphor breaks down -- no metaphor can address every aspect of a problem -- is in its invisibility. Mass ship sinkings in the early months of 1942 were tangible events that horrified the nation. Today, the ongoing compromise of sensitive military information systems, the theft of intellectual property, and the recruitment of men, women, and children into zombie armies, all these pass largely beneath our levels of awareness. Cyberwarfare is a lot like Carl Sandburg's fog, coming in on "little cat feet."

To be sure, senior civil and military leaders know the gravity of the situation. A deeply alarming study of our cyber vulnerabilities by the National Academies was just declassified; it makes quite clear the grave nature of the threat. At the same time, word of a new presidential decision directive (PD-20) about responding aggressively to the cyber threat has leaked out. Reporting about the still-classified directive suggests that it follows the line of Secretary Panetta's comments in recent weeks about taking pre-emptive action against cyber threats.

All this implies clear awareness of the problem, but the pro-active recommendation to seek out and "attack the attackers" is problematic, given how well-hidden so many of them remain. Eleven years after the Code Red and Nimda computer viruses were unleashed -- shortly after 9/11 -- the identity of the perpetrators remains unknown. And this is true of many, perhaps most, cyber attacks. Digital warriors and terrorists today hide in the virtual ocean of cyberspace as well as U-boat skippers did during their "happy time" along the Atlantic seaboard 70 years ago. And efforts to track them in advance of their attacks, to hearken yet again to the harbor lights metaphor, will be as fruitless as the U.S. Navy's original strategy in 1942 of sending out hunter-killer squadrons to search the ocean for the U-boats.

Back then, the right answer from the start was to black out coastal cities at night. Then, when ships sailed, they were evasively routed and escorted by anti-submarine vessels. Losses still occurred, but soon fell to acceptable levels. This is the lesson of the "harbor lights" metaphor. In cyberspace, the analogous approach would consist of far greater use of strong encryption and "evasive routing" of data via the Cloud, making it much harder for the virtual U-boat wolf packs that stalk them to find their targets.

Forget Pearl Harbor. Remember the harbor lights.

STF/AFP/Getty Images