December 8, 2014
TSG IntelBrief: Targeting al-Qaeda and the Islamic State
One of the most dangerous jobs on the planet has been for years “a senior member of AQ’s external operations group.” Because the group doesn’t hold and control territory (a relative safe haven isn’t the same as controlling an area and its economy), AQ focuses first on survival and second on external operations.
In reality, everything the group does outside of payroll and caring for families is external operations. The reliance on the need to project terror from tenuous positions has long forced AQ into a hub-spoke structure, in which energetic operatives seek to turn guidance from AQ’s leader, Ayman al-Zawahiri, into plots that tend to involve many moving parts over a stretched logistical tail. This has resulted in patterns of life and communication that CT organizations have keyed in on with great success. The relentless targeting of AQ’s external operations has been arguably the most successful component in the U.S. and international CT efforts against AQ, keeping the group off-balance.
The news that Pakistani troops killed Adnan al-Shukrijumah, a senior member of AQ’s external ops, reinforces the bind AQ finds itself in, one in which it can't break its operational habits that have led it to its current weakened-though-still-dangerous state. The group has been able to spin off a few capable franchises (such as its Yemeni affiliate, al-Qaeda in the Arabian Peninsula, AQAP), but it hasn’t been able to reinvent itself. The group is structured much in the same way it was in 2001 because it is always on the run and must rely on an external operations set-up that is vulnerable to consistent disruption. The combination of an aging leadership determined to stick with what once but no longer works and a low-key consistent CT focus against its external operations have dramatically hurt the group even while its violent ideology is on the rise.
Despite their similar ideologies, the Islamic State operates differently—more like the late 1990s Afghan Taliban than AQ—with its focus on consolidating territorial gains and governing harshly. This presents CT agencies with an altogether different target set. The Islamic State likely doesn’t have an external operations group. In 2014, the idea of a distinct external attack division connected to senior leadership probably seems anachronistic to the Islamic State, since it has, in effect, crowdsourced its external operations to its many supporters over social media. CT targeting efforts tracking any person open to the call to “attack wherever and whenever possible” are bound to be less effective than tracking established courier lines of communication against change-resistant AQ leadership.
To that end, targeting Islamic State operatives will be more akin to traditional espionage efforts aimed at disrupting command and control of a rogue nation-state. The Islamic State holds ground but it’s not a hermetically-sealed territory like North Korea, so the flow of goods, people, and services provides an ‘in’ for CT efforts. The group can’t hide its governing facilities: quite the opposite, it needs to highlight them to claim legitimacy. Dismantling its internal capabilities which give rise to any external threat will be the focus of CT efforts adjacent the group. The group is hiding in plain sight, and the CT challenge is not determining secret lines of communication (though that’s part of it) but physically getting to the targets.
The Islamic State is not all-powerful but it does maintain control over large swathes of territory, and the best approach will likely be a hybrid one that merges CT and classic espionage methods that target positions and not individuals. Going after Islamic State officials in Mosul who hold positions of power and have access to information of value will be a better approach than looking for vibrations along a communication rat line, à la those of AQ. Fundamentally different situations call for fundamentally different solutions.
For tailored research and analysis, please contact: firstname.lastname@example.org