RED TEAM: How to Succeed by Thinking Like the Enemy

By Micah Zenko

Basic Books. 298 pp. $26.99

The terrorists come to shore at the South Street Seaport and scatter throughout Manhattan on foot and in cabs. They detonate bombs and shoot civilians in Grand Central Terminal; they take hostages at Macy’s in Herald Square. Too late, authorities realize that the hostage-taking is a diversion allowing co-conspirators to massacre people in luxury hotels dozens of blocks away. The New York Police Department, outwitted and overmatched, quickly runs out of personnel to deploy.

The events are fictional, but the failure was real enough, as Micah Zenko recounts in his grimly well-timed book, “Red Team.” It was a result of a simulation the NYPD carried out in 2008, a week after 10 members of the Lashkar-e-Taiba terrorist group struck Mumbai in a horrific assault that hit luxury hotels, a train station, a Jewish community center, a cafe and other spots, using bombs and AK-47s to kill about 170 people. “It was considered such a potentially catastrophic scenario that additional exercises modeled on Mumbai were conducted in the following two years,” Zenko writes.

It’s not entirely fair to read a book four years in the making in light of events that happen to occur at the time of its publication. But it’s certainly tempting. The coordinated Islamic State attacks in Paris on Nov. 13, which killed 129 people, have not just unleashed a transnational manhunt and the start of a “pitiless” war, in the words of French President François Hollande. They’ve also produced second-guessing about strategy and intelligence, as well as worries that soft targets around the world — including in Washington — could suffer similar tragedies.

So, how to anticipate the unthinkable? Well, you could hire people to think of it. Zenko, a senior fellow at the Council on Foreign Relations, lays out the uneven history and potential of “red teams” — small, expert groups of outsiders enlisted to find vulnerabilities, shake up preconceived notions and imagine the unimaginable, all in an effort to improve security and thinking throughout the military, intelligence and corporate worlds.

The tale begins centuries ago, when the Vatican established the “devil’s advocate” to argue against proposed canonizations; ranges to the Cold War, when the Rand Corp. and the Pentagon assigned red teams to anticipate Soviet strategies and negotiating tactics; and expands in the post 9/11-era, when the CIA created its Red Cell team to “tell me things others don’t,” in the words of then-CIA Director George Tenet.

Zenko interviews more than 200 experienced red-teamers, including white-hat hackers, senior corporate executives, former CIA directors and retired four-star generals, to assess the prospects for this small industry. Turns out, they’re an odd bunch. “Red teamers are weird,” Zenko writes. “They tend to be loners, mavericks, and arrogant, which is exactly why they think and act differently — the most vital skill of a red teamer.” They need a deep cultural understanding of the institutions they’re assisting, yet should remain independent of them. They must be talented writers and briefers, be skeptical of authority, have held multiple jobs in their fields, and be intimately familiar with “large systemic failures, which helps them envision future failures.”

Indeed, Zenko’s most compelling stories are of failures, cases when red teams were not used or when their efforts were ignored, misused or precooked. He cites the after-action report on Operation Eagle Claw — President Jimmy Carter’s aborted rescue attempt for the American hostages in Iran — which found that Pentagon planners had “reviewed and critiqued their own product for feasibility and soundness as they went along.” (This underscores a key rationale for red-teaming: “You cannot grade your own homework,” Zenko reiterates.) After the 9/11 attacks, the Nuclear Regulatory Commission “was found to be conducting fraudulent testing of simulated terrorist attacks” against commercial nuclear plants, Zenko writes, including by giving a year’s advance notice so sites could beef up security. And in 2010, the Department of Health and Human Services hired McKinsey & Co. to “pressure-test” the Affordable Care Act’s federal marketplace, only to disregard warnings of likely glitches in the site. (Ask Kathleen Sebelius what happened next.)

Zenko also highlights a 2002 war game that formed part of the Millennium Challenge, a congressionally mandated exercise aimed at exploring the military’s operational readiness for near-term conflicts. Widely considered to resemble the operational plan to disarm and depose Saddam Hussein in Iraq, Zenko writes, the effort was also meant to showcase the high-tech military transformation that Defense Secretary Donald Rumsfeld championed. However, the red-team leader, retired Marine Lt. Gen. Paul Van Riper, a skeptic of those efforts, quickly overwhelmed the simulated U.S. fleet with a barrage of missiles and speedboat suicide attacks. “The whole thing was over in five, maybe ten minutes,” he said.

Except it wasn’t. Restrictions were placed on the red team’s subsequent actions — such as forcing it to position its air defenses in the open so the blue team could easily destroy them — that compromised the exercise. Van Riper sent a blistering e-mail to several military colleagues that was promptly leaked. (“Fixed war games? General says Millennium Challenge ’02 was ‘scripted,’ ” read the Army Times headline.) The problem, Zenko writes, is that both the red team and the military leadership had preconceived objectives going in, undercutting the exercise.

The author highlights successes as well, notably the red-teaming of the Osama bin Laden raid in 2011 — both of the underlying intelligence and the logistics of the SEAL mission itself. Various analysts placed the probability of the al-Qaeda leader hiding out in the compound in Abbotabad, Pakistan, at 75 percent, 60 percent and even 40 percent, leaving the president to conclude that he basically had a coin-toss decision. “We were at 0 percent for a decade,” counterterrorism official Andrew Liepman explains, “so going from 0 to 50 percent meant a lot to everyone.” And the red-teaming of the raid prepared the SEALs for multiple eventualities, including, as transpired, the malfunction of one of their helicopters.

Zenko outlines best practices for red teams, even though, he admits, that very notion is anathema to red teamers, who mistrust rules or guidelines. “When you hear ‘best practices,’ run for your lives,” says retired Army Col. Gregory Fontenot, director of the “Red Team University” at Fort Leavenworth, Kan., where officers receive training in how to think critically, avoid groupthink and improve cultural empathy. Perhaps most essential to red-team effectiveness is that the boss of the organization undergoing the red-team effort must buy in to the idea, otherwise the team will be marginalized and underfunded, its findings ignored.

Though sympathetic to his subject, Zenko is careful not to oversell. There can be a faux sex appeal to red teams. He notes that the CIA’s Red Cell team has cultivated “an air of mystery,” in part because of the eye-catching titles of its internal memos — “The View from Usama’s Cave,” for example — which it deliberately contrasts with the more staid reports of the intelligence community. Zenko says that in 2012, the team’s members even met with Foreign Policy magazine staffers for headline tips. “They wanted to know how our stuff went viral,” recalls Blake Hounshell, then the magazine’s managing editor. “The techniques that we considered to be ‘click bait’ were what they were most interested in.” Not the most encouraging use of tax dollars.

So, could red-teaming somehow have prevented the Paris attacks? Zenko explains that the NYPD’s Mumbai-style simulation yielded specific improvements in preparedness, so there is hope. But anticipating all potential acts of terrorism is an impossible task, no matter how imaginative a team might be, especially when multiple institutions — spanning local and national authorities, military and intelligence agencies, and even cultural and sports organizations — must get involved. Still, Zenko offers a compelling argument for forcing ourselves to think differently, which is ultimately the main purpose of a red team. Even if we won’t know exactly what to expect, we might be better equipped to respond when the unexpected strikes.

Read more from Book Party, including: