In this video from the Frontline Club reporter Hamida Ghafour and author Ahmed Rashid discuss if the Taliban are set to regain control in Afghanistan or if they are they being slowly marginalised.

Tags: Analysis, Afghanistan

Recent media coverage of the Ninth U.S. Circuit Court of Appeals' decision to allow border agents to search travellers laptops without cause has inspired a lot of coverage in tech media circles. However, as an aid worker it is important to remember that the US border is not the only place where your laptop can be searched. Aid workers have reported having their laptops searched by authorities in Sudan, and Pakistan. Sri Lankan security forces frequently demand access to aid worker's laptops when they are entering LTTE controlled areas or travelling by to or from Jaffna. In one case they even seized the computer of the Executive Director of an NGO.

So how do you keep prying eyes from accessing your sensitive files while travelling? The EFF has some good advice for protecting your laptop from arbitrary searches. Bruce Schneier has his take as well. Finally you shouldn't overlook Front Line's "Digital Security and Privacy for Human Rights Defenders".

Tags: NGO Security, Technology, Tips, Tools

The Insurgency Research Group has an excellent analysis of the significance of the Taliban attack on Sunday's Afghan National Day parade. The whole post is worth reading but don't do it yet. Read the following paragraph first and then watch the No Comment TV video.

The incident on Sunday demonstrates a classic propaganda of the deed partnership in which the insurgents with growing skill select a media-significant target and with witless incomprehension international reporters beam the most sensationally damning images of the event around the world so as to deliver the worst possible interpretation. There is no need for a Taliban subtext or even a photo caption, the images speak powerfully for themselves sending messages of a stricken regime put to flight in their gilded uniforms by the daring fighters of the Taliban.

OK. Now go ahead and read the whole post.

Tags: Afghanistan, Analysis, News, video

For a brief period, while I was an analyst, I worked for a General who was inclined to say, “tell me what you know, tell me what you think you know, and tell me what you don’t know”. Of course he missed a category of information. It was what we later came to call the ”unknown unknown”. Nicholas Taleb refers to this category of information as silent evidence. It is the vast body of information that we are not aware of, and even worse, are not aware that we are not aware of it.

Does this matter to the NGO security analyst? Of course! If we fail to acknowledge the existence of silent evidence we fool ourselves into believing we know the world better than we really do. We track incidents and develop models to try and predict the future without thought to how incomplete our models are. Worse, if we are naïve enough to believe our models we unknowingly leave ourselves exposed to future unknown risks.

Lesson Learned: I don’t know as much as I think I do. No matter how much information I have the vast bulk of it, the hidden silent evidence, remains below the surface. From this morass of unseen circumstance can spring forth all manner of unanticipated surprises.

Tags: risk, Black Swan

Over the past few weeks I've been reading Nassim Nicholas Taleb's "The Black Swan: The Impact of the Highly Improbable". It has been a very difficult read for me. Not so much because his ideas are complicated... they are, but Taleb explains them very well. No, my difficulty has been that the book challenges, even destroys, ideas that I have long held dear.

I've learned (maybe I should say I'm trying to learn) a lot from Black Swan. Taleb's ideas are changing my view of the nature of knowledge, analysis, and prediction. Over the next few posts I hope to outline some of the lessons that I think NGO security officers can take from this book. It won't be easy and I'm sure that I'll get a lot wrong.

For this post however, I'll take the easy way out. This video clip is of the Taleb himself, explaining the term "Black Swan".

Tags: risk, video, Black Swan

Hmmm. This video looks interesting. It purports to be of an Android mobile phone application called MapMaker for creating maps in disaster zones. Here is what the person who posted the video on YouTube says about the application:

Map Maker is an Android application for creating maps in a disaster zone. It is designed to allow aid workers to quickly and easily create a map of the area they are working in. After a disaster such as a hurricane or earthquake the landscape can change so fundamentally that existing maps are rendered out of date. Knowing things like which roads are passable, where field hospitals are and suitable aircraft landing areas makes it far easier to manage an emergency.

Unfortunately the video has no audio and there are very few details. If this turns out to be more than vapourware I'd like to see some additions to support NGO security. Labels and tags for minefields, no-go areas, checkpoints, safety hazards etc. would be very nice.



If the creator of this program is out there listening I'd love to beta test this!

Tags: GIS, GPS, video, Tools, Technology, Software, Maps, Mobile Phones

Google Trends can be a useful tool for context analysis. If you've ever wondered why your security budget is dwindling despite the rise in security incidents or why the head office seems to have forgotten you it can be a pretty useful tool.

For those who haven't seen it before Google Trends compares the relative Google search frequency of up to five user specified terms. For example if you want to compare relative search interest in various hot beverages you might enter "coffee, tea, cocoa" and press search. Google Trends returns a nice neat chart that shows how many searches were made for each term over time. It also shows a "news reference volume" chart, or in other words the frequency with which the term has shown up in the media.

The chart above was generated when I compared relative interest in Darfur, Iraq, Afghanistan, and the Congo, with Sweden as a control.
The results were pretty interesting. Searches for Iraq seem to correspond with increases in media coverage. No surprises there. The big surprise for me was Sweden. Google user are more interested in Sweden than they are in Darfur, Afghanistan, and the Congo. Talk about forgotten conflicts!

Flag B is interesting. It marks George Bush's call for more NATO troops in Afghanistan and clearly shows an increase in media coverage of Afghanistan. It even overtook coverage of Iraq for a short while. However, the general public took no notice.

The regions chart is enlightening. Americans are predominantly interested in Iraq and seem to have forgotten about Afghanistan. The Canadians, who have troops in Afghanistan but not Iraq seem equally interested in both countries. And finally, the Swedes seem to be totally obsessed with Sweden.

Not without trepidation replaced Sweden with "beer" in my search terms. I shouldn't have. I now know that your average computer using westerner is more interested in beer than they are in Iraq and Afghanistan combined. "Darfur?... never heard of it... do they have good beer?"

If you are feeling particularly masochistic try breakfast or worse boobs. For a brief while in 2004 your average Google user was more interested in what was happening in Iraq than what they were going to have for breakfast. That aberration hasn't repeated itself since. Its also interesting to note that while American's seem equally fascinated by Iraq and breasts, Canadians have a distinct preference for the later.

Tags: Afghanistan, Darfur, Analysis, Data, Tools, Iraq, Congo

The Swiss Peace Foundation has released a new working paper titled "Private Security Companies and Local Populations: An Exploratory Study of Afghanistan and Angola". Issues surrounding Private Security Companies (PSC's) and NGO security are a hot topic these days. This paper may give you insight as to what your beneficiaries may think about PSC's. The attitudes of your beneficiaries have a direct impact on your organization's acceptance.

Tags: Afghanistan, Angola, Private Security Companies, NGO Security

I don't normally cover Iraq. There are more than enough pundits doing so. However, in this case I am going to make an exception for one simple reason: Iraq is a testing ground for a new model of war. The lessons learned in Iraq, by both sides, will be used elsewhere in the world. By the very nature of where NGOs tend to work they will be directly and indirectly impacted by this new, rapidly evolving, mode of conflict.

Suicide attacks seem to be a keystone tactic in this new conflict. Suicide attacks have a disproportionate effect on world political developments because of their targets, their apparent unpredictability and inevitability, and most of all the incredible psychological impact. NGOs can no longer be confident that they will not be the target of such attacks. Even when humanitarian workers are not directly targeted the places they frequent inevitably will be. Restaurants, hotels, night clubs, public gatherings, government buildings, and UN complexes have all been attacked by suicide bombers in recent years. To make matters worse suicide bombings are no longer rare events outside Iraq. They have increased in frequency in Pakistan, Afghanistan, and other countries around the world.

In the two video clips below author Mohammed Hafez discusses the strategy and ideology of suicide bombing. They are well worth watching.






Question: How do INGOs, often viewed as proxies of western governments, protect themselves from suicide bombers?

Tags: video, Terrorism, Analysis, Iraq, International Security

"Talking to the Taliban" is a unique look at the attitudes and motivations of the 'average' rank and file Taliban fighter. This six part video series is based on standardized interviews of 42 Taliban insurgents conducted in five districts of Kandahar province, Afghanistan. Topics of discussion ranged from their motivations for fighting, their world view, relations with Pakistan and their views on suicide bombing. This is a view of the Taliban that is stripped of the myth, mystique and misunderstanding.

Tags: Afghanistan, Taliban, Pakistan, International Security, violence, Terrorism, video

Discussion (here and here) regarding Bruce Schneier’s recent post on security mindset combined with recent interesting posts from friends regarding NGO IT security issues (here, here and here) has me thinking. It seems to me that social engineering, rather than a purely technological attack, is still the easiest route into most NGO’s networks. There is no need for anything too complicated. Most aid workers are somewhat trusting and helpful by nature making them easy targets for even relatively inexperienced social engineers.

Kevin Mitnick’s book, “The Art of Deception - Controlling the Human Element of Security” is a great introduction to social engineering. Kevin Mitnick was one of the world’s greatest hackers. He gained great notoriety for his ability to penetrate telephone and computer networks seemingly at will. What surprised many is that it wasn’t sophisticated technology that allowed him to do it. It was his ability to con or ‘pretext’ people into giving him the information he needed to access their systems. As he explains in the book the human factor was security’s weakest link.

Hint: If you search for “Kevin Mitnick The Art of Deception.pdf” Google you just might be able to find a free copy of Kevin’s book floating around the net.

To further develop your security mindset check out "No-Tech Hacking" by Johnny Long. Its a sample chapter from "Techno Security's Guide to Managing Risks for IT Managers, Auditors and Investigators". Johnny has since turned the chapter into a book in its own right. In the freely available sample chapter he covers tailgating, faking ID cards, lock bumping, shoulder surfing, dumpster diving and other low tech means of gaining forbidden access.

Happy reading and don't blame me if it keeps you up at night.

Tags: links, NGO Security, Technology, Training

In Case of Emergency (ICE) is a program that encourages people to enter emergency contacts in their cell phone address book under the name "ICE". This enables first responders, (paramedics, firefighters, police officers, and of course NGO security officers) to quickly search an unresponsive victims phone for the ICE contact who can identify the victim, provide emergency medical information, and next of kin details.

Of course this is not a panacea. It comes with the usual caveat; you'll need to adapt the system to your local context and your organization's methodologies. For instance it might not be appropriate in Afghanistan where Taliban supporters have been known to search the phones of passers by for foreign names. However, with a little bit of adjustment you should be able to use this idea to help ensure the safety and security of your staff.

If you want additional videos like the one above W. David Stephenson has done a number of videos at least one of which I have used before. You can find out more at his website or at his YouTube channel. Don't be put off by the Homeland Security 2.0 label he uses. His short videos are intended help empower ordinary people during times of emergency or disaster.

Tags: video, Tips, Mobile Phones, Tools, Technology

Bruce Schneier has an interesting article, "Inside the Twisted Mind of the Security Professional", that takes a quick look at the security mindset and whether it is innate or a skill that can be taught. I always enjoy Bruce's writing but in this case it is the links he provides to a 'computer' security course at the University of Washington that have me the most excited. Despite the fact that it is billed as a computer course the course blog is full of entries of interest to anyone honing their security mindset. Student security reviews range from soda machines to airport security. Well worth the read.

Tags: Training, links

This short AlJazeera piece outlines largely unsuccessful disarmament efforts in Afghanistan.



Unfortunately, any disarmament effort is likely to fail as long as average Afghans feel that the government cannot provide effective security for their families and communities.

Tags: Afghanistan, video

According to AlJazeera kidnappings are big business in Mexico with an average of 900 kidnappings per day last year.



Watching the video reminded me of a kidnapping conference I attended a couple of years ago. Among the participants was Rachel Briggs, the author of "The Kidnapping Business". Her publication is well worth reading even without the extensive references to the NGO community.

To paraphrase her report a kidnapping business hotspot country can be identified by the following characteristics:

1. The presence of networked groups that can support the crime. Tribal groups, fringe political groups, religious groups, and pure criminal groups are the major classifications and they are by no means mutually exclusive.

2. Political or economic transition that results in ineffective policing, corrupt judiciary, or weak laws but avoids outright conflict which would likely limit the number potential victims.

3. A local middle class, significant numbers of expatriate businessmen, or I would argue the presence of large numbers of aid worker.

4. Areas where potential victims are poorly protected and do not manage risk well.


Does the country you work in have some or all of these characteristics? Does your organization have a kidnap and ransom policy? Do you know what it is? Do you know what personal security measures to take to reduce your risk? Do you actually use them?

Tags: Mexico, kidnapping, NGO Security

I believe that publicly funded data (data from governments, the UN and other world bodies, and INGOs) should be truly public. By this I mean that anyone can easily, and without cost, access the data in a non-propietary format. No locked pdf files. No password protected databases. No one-query-at-a-time, one-answer-at-a-time forms. Just the data in a simple user accessible format.

The Stockholm International Peace Research Institute (SIPRI) and the International Relations and Security Network (ISN) understand. They have teamed up to provide an integrated database known as FIRST . FIRST contains free, open source, clearly documented information from research institutes around the world. The databases filled with hard facts on armed conflict, peace keeping, arms production and trade, military expenditure, armed forces and conventional weapons holding, nuclear weapons, security, international relations, human rights, and health statistics. Most of the data can be exported in comma-seperated value (.csv) or Excel (.xls) formats. These formats are easily imported by many analytical tools allowing the user to carry out their own processing and analysis.



As an excellent example of what can be done with data from FIRST check out Jeffrey Warren's Vestal Design interactive data visualization of world-wide arms transactions. You can view the full Java-based visualization at ARMSFLOW. I love this kind of thing. Effective data visualization allows you to quickly present complex data to senior level decision makers without overwhelming them.



Now if only there was a way to get NGOs to share security incident data in the same way!

Tags: Data, International Security, online tools, Technology

NGO compounds can be very vulnerable to civil disturbance, especially when they become the focus an angry crowd’s attention. Walls, fences and gates will only slow determined rioters and not for very long at that. Even armed guards are of little use. Guards from a reputable private security company are unlikely to be willing to fire upon a crowd of their fellow countrymen, nor would humanitarian organizations want them to. So the question is, how does one slow the advancing crowd long enough for staff to seek safety?

The Inferno invisible security barrier might be a solution worthy of consideration for at risk humanitarian organizations. The modules look like sleek high tech stereo speakers but they emit a wall of sound so unpleasant that it forces most people to leave the area immediately. Any intruder who doesn’t leave immediately faces the unpleasant prospects of vertigo and nausea and will have difficulty concentrating on the task at hand.



The system works by emitting a combination of sound frequencies from 2 to 5 kHz. Unlike the comparably loud scream of a regular siren the inferno’s unique frequency combinations have a disturbing but non-permanent effects on human physiology. The system won’t even cause hearing loss without repeated exposure.

Yes, a determined intruder could still get in, perhaps covering his ears, but recall that the intent is not to prevent entry. Rather, the intent is to delay the intruders long enough for staff to seek safety and for assistance to arrive. Like walls and fences you'll need to leave an escape route for staff.

Tags: Tools, Technology

Christina Lamb is interesting in her own right but that's not why I think you should watch this video. Its worth watching it just for her short description of what it is like to be in a survivor of suicide attack. I firmly believe in visualization as a tool for preparing people for traumatic events. Gaining insight from people who have been through the experience helps do this but you need to concentrate on the emotions and feeling of the event. She also talks about trusting your instincts when working in dangerous areas.

Of course Christina has lots of other interesting insights as well so if, like me, you are a spending a lazy Saturday recouping from a hectic week grab yourself a coffee and watch the whole thing.

Tags: video, Pakistan, Afghanistan, Zimbabwe

"Sources and Methods" has a great post on rank ordering the risks from the 2008 Global Risk Report. I'm not really conversant with all the math but his rank ordered list is pretty interesting. Where do you suppose international terrorism ranks compared to a pandemic? Or how about "failed and failing states" compared to "natural catastrophe: earthquake?"

Tags: Data, Analysis, International Security, risk

Mick Farmer has an interesting post on the inadvertent problems that poorly thought out armoured vehicle modifications can cause. Part I covers issues ranging from side view mirrors that can't be adjusted from the safety of the armoured vehicle to hub problems.

Tags: vehicles, safety

The Pak Institute for Peace Studies' Security Report has some interesting data on suicide attacks in Pakistan in 2007. Actually there is all manner of data covering many aspects of the violence plaguing Pakistan but I've only had time to play with the suicide bombing data. Digging deeper into the numbers reveals some interesting facts.



If we examine the number of suicide bomb attacks per month we see a peak in July 2007. This coincides with an active suicide bombing campaign against predominantly military and police targets. However if we compare it to the adjacent chart showing casualties due to suicide bomb attacks we can see another peak in November and the start of one in December. The July, November and December peaks coincide with attacks on Pakistan Peoples Party rallies and/or attacks on the party chair, Benazir Bhutto.


This chart reveals that most of 2007's suicide attacks occurred in the NWFP. The single but very lethal attack in Karachi also stands out.



Attacks probably intended to target the military accounted for 47% of suicide attacks with attacks against the police accounting for another 20%. Assessing the actual target of suicide attacks is difficult since the perpetrators are no longer around to explain their intent so these numbers are approximate. The 'mixed' category in particular may be the result of bombers attempting to attack police or military targets without regard for nearby civilians.

Nine percent of the attacks were assessed to be primarily intended to target civilians while 13% where assessed as being intended to attack government personnel and/or political entities, including VIPs.



In 2007 suicide bombings in Pakistan were almost evenly split between Vehicle Borne Improvised Explosive Devices (VBIEDs) and Body Borne Improvised Explosive Devices. There were a small number of 'complex attacks' involving either multiple bombers or combinations of suicide bombers and conventional attacks.



It was a comparison of the relative lethality of the variants of suicide attacks that surprised me somewhat. I had expected complex VBIED attacks to produce the highest number of casualties per incident yet we can see that complex BBIED attacks on average produced two and a half times as many casualties. However, on second examination it becomes apparent that suicide bomber on foot are able to get much closer to their targets and are able to merge easily with large crowds. Even a relatively small quantity of explosives will cause many casualties when employed indiscriminately at political rallies and religious festivals. In addition it appears that VBIEDs were employed primarily against harder military and police targets.

I would have liked to compare civilian victims of suicide bombers against total casualties but unfortunately the data fidelity is just not there. However PIPS did have a table showing total civilian casualties as a result of 2007's cumulative attacks and clashes. Once again civilians seem to bear the brunt of the violence as the chart below shows.



So what does all this mean for NGO's and others wanting to increase their personal security? Well there shouldn't be any surprises here. The data supports the tried and true advice:

* Avoid potential targets including military and police personnel and facilities as best you can.
* Don't wear clothing that might be mistaken for a uniform.
* Don't mingle with military or VIP convoys while driving.
* Avoid travelling on routes and at times used by military convoys and/or VIPs.
* Avoid political rallies especially when VIPs are present.
* Avoid large crowds including during religious festivals.

Tags: Analysis, Pakistan, Data

Two Colombian hostages, freed by the FARC after six years in captivity, describe what it was like to be a hostage. For a more in-depth interview from a former kidnap victim check out "Being Buried Alive - Surviving a Kidnapping".