Launched in November 2019, CART has undertaken a number of projects and activities designed to advance the art and science of Red Teaming in support of both the public and private sectors. In addition to the projects introduced below, CART has also supported private sector threat assessments through Red Teaming, conducted Red Team training simulations for the National Defense University, and piloted the use of Red Teaming as a teaching / training tool for homeland security students.
For more information, please contact Douglas Clifford at [email protected].
Validating Adaptive Behavior Models of Adversaries for Risk Assessment (VABMARA) Framework
Funder: Department of Homeland Security, Science & Technology Directorate through the Center for Accelerating Operational Efficiency at Arizona State University.
- Year 1 - How do the presence and knowledge of Computed Tomography (CT) screening capabilities influence adversary decision-making in an aviation environment?
- Year 2 - Do organizational structure and operations influence the selection of hard vs. soft targets by adversarial organizations?
- Year 3 - Which security infrastructures serve to visually deter a potential adversary from moving through a passenger screening environment?
- Year 1 – Distributed Red Teaming exercise involving 178 novice and expert red teamers focused on the development of attack plans and subsequent modifications due to experimental injects about CT screening capabilities. Results triangulated across multiple methods, including historical case studies, utility decision models, and game theoretic counterterrorism models.
- Year 2 – Distributed Red Teaming exercise involving 200 novice red teamers assigned organizational profiles, assessing variation in target preferences, and ultimate selection of specific hard vs. soft targets.
- Year 3 – Two phases, including a nationally-representative conjoint experiment of 2,000 participants testing perceived deterrence cues based on simulated security infrastructure at passenger screening environments in aviation, intercity passenger rail, and cruise POEs. Second phase incorporates results from Phase 1 in a distributed Red Teaming exercise focused on attack planning through passenger screening.
Innovation: First attempt to assess whether Red Teaming results could be empirically similar to those from historical case studies and thus validate advanced decision models. Also developed DESSRT, or Distributed Empirical Structure Scalable Red Teaming, which allows implementation of tactical Red Teaming at scale.
Outputs/Outcomes: Results from Year 1 find that Red Teaming can validate models of adaptive adversary behavior, especially for questions or environments where historical data is limited. Results also show that novices and experts also exhibit Red Teaming similarities, allowing for the expansion of Red Team role players within the security environment for generalizable results. Finally, the availability of CT scanning equipment and information led to some changes in adversary tactics, specifically in security evasion and weapon package selection. Additional results from other years are underway.
Employing Red Teaming for Countering International Proliferation (CIP Kit)
Funder: Export Control and Border Security program, Department of State
Questions: Can Red Teaming be used by foreign partners to self-identify key vulnerabilities in export control and licensing operations related to origination and transshipment of proliferation-sensitive technologies?
Approach: Developed a self-administered Red Teaming “kit”, allowing partner nations to develop design, execute, and analyze their own red-teaming operations with Customs and licensing personnel. Kit translated into three languages (Ukrainian, Georgian, and Azeri), and pilot tested with stakeholders.
Innovation: First “Red Teaming in a box” kit for foreign partners within a counterproliferation context.
Outputs/Outcomes: Kit developed, and delivery via international engagements with key foreign partners is currently underway.
Red Teaming the Post-COVID-19 Biological Weapons (BW) Threat Landscape (2021)
Funder: Department of Defense, Defense Threat Reduction Agency
Questions: How might COVID-19 impact the strategic decision making of states that currently do not possess a robust BW program? Which decision elements might precipitate changes in strategic BW decisions by state leaders?
Approach: An asynchronous, immersive Red Team simulation focused on 30 selected countries not known to currently be pursuing offensive BW. Each country was evaluated by 8 experts and 2 naïve participants who role-played the country leaders, split equally between gov/non-gov and between country and technical expertise. Both initial assessments, as well as counterfactual prompts, were used to assess the strategic direction and characteristics of possible BW programs.
Innovation: Asynchronous Strategic Dynamics Red Teaming - a distributed, low-resource tool to simulate multiple red perspectives and provide preliminary threat assessment and early warning of strategic change in WMD postures.
Outputs/Outcomes: An overall threat ranking of potential future pursuers of BW that enumerated pre- to post-COVID changes and yielded insights into the decision making underlying these choices.
Experimental Red Teaming to Support Integration of Information in Joint Operations (2021)
Funder: Strategic Multilayer Assessment program of the Department of Defense
Questions: The project explored a dozen different hypotheses regarding the nature of disinformation and the optimal response to disinformation.
Approach: Six scenario-based Red Team experiments using 223 U.S.-based proxy participants from similar cultural backgrounds to actual adversary target populations (Taiwan for the Asian context and several Southeast European countries for the European region). These experiments collected data on several measures of messaging effectiveness to investigate a dozen insights regarding the competitive information environment with respect to Great Power Competitors.
Innovation: Exposing the hypotheses generated by experts to realistic simulations involving disinterested participants at scale.
Outputs/Outcomes: Several counterintuitive results were obtained regarding the best way to respond to disinformation. The project demonstrated how the use of an integrated human simulation approach (experiments plus table-top exercises) can both validate insights provided by experts and reveal new dynamics in complex systems.
“The Storm After the Flood” (2021)
End User: Mad Scientist Initiative of the U.S. Army Futures Command
Questions: How might weaponized information evolve when used against the U.S.?
Approach: A live, virtual wargame across three rounds, consisting of six government and academic experts playing various high-level U.S. government roles as the Blue Team, as well as over 250 attendees acting as a “Pink Team”, deciding on the adversary’s next moves by selecting from a range of prepared audiovisual “injects”. The scenario began with U.S. military forces stepping in to assist after a major flood in Southeast Asia and led to an adversary initiating a complex, multi-modal and multi-system information operation against the United States over three rounds of play.
Outputs/Outcomes: The wargame was well received, with over 93% of attendees viewing the exercise as useful and several important insights arising regarding how to defend against weaponized information.
Red Teaming Great Power Competition in the CENTCOM AOR (2020)
End User: Strategic Multilayer Assessment program of the Department of Defense
Question: How might Great Power Competition and regional dynamics change following the targeted killing of Qassem Soleimani?
Approach: Multi-round simulation, with the PRC, Iran, and Russia as Red teams, the United States as the Blue team, and Saudi Arabia, Israel and the EU as Green (or allied) teams. Four simulation sessions were conducted (three expert sessions and one student session), collecting a variety of strategic information, including: strategic objectives, assumptions, and risk proclivities; shorter-term “operational” objectives, overt and covert actions; and a post exercise strategic assessment.
Innovation: Developed Strategic Dynamics Red Teaming (SDRT), a wargaming technique that varies Red team players across multiple simulations, while keeping Blue and Green teams constant.
Outputs/Outcomes: Beyond merely narrative output, the multiple simulations involved allow for sophisticated analysis, and demonstrated that SDRT is capable of rapid, low-cost explorations of complex strategic dynamics in an AOR.