U.S. military botches online fight against Islamic State

MacDill Air Force Base, home to CENTCOM and SOCOM (FOX 13 file)

On any given day at MacDill Air Force Base, web crawlers scour social media for potential recruits to the Islamic State group. Then, in a high-stakes operation to counter the extremists' propaganda, language specialists employ fictitious identities and try to sway the targets from joining IS ranks.

At least that's how the multimillion-dollar initiative is being sold to the Defense Department.

A critical national security program known as "WebOps" is part of a vast psychological operation that the Pentagon says is effectively countering an enemy that has used the internet as a devastating tool of propaganda. But an Associated Press investigation found the management behind WebOps is so beset with incompetence, cronyism and flawed data that multiple people with direct knowledge of the program say it's having little impact.

Several current and former WebOps employees cited multiple examples of civilian Arabic specialists who have little experience in counter-propaganda, cannot speak Arabic fluently and have so little understanding of Islam they are no match for the Islamic State online recruiters.

It's hard to establish rapport with a potential terror recruit when - as one former worker told the AP - translators repeatedly mix up the Arabic words for "salad" and "authority." That's led to open ridicule on social media about references to the "Palestinian salad."

Four current or former workers told the AP that they had personally witnessed WebOps data being manipulated to create the appearance of success and that they had discussed the problem with many other employees who had seen the same. Yet the companies carrying out the program for the military's Central Command in Tampa have dodged attempts to implement independent oversight and assessment of the data.

Central Command spokesman Andy Stephens declined repeated requests for information about WebOps and other counter-propaganda programs, which were launched under the Obama Administration. And he did not respond to detailed questions the AP sent on Jan. 10.

The AP investigation is based on Defense Department and contractor documents, emails, photographs and interviews with more than a dozen people closely involved with WebOps as well as interviews with nearly two dozen contractors. The WebOps workers requested anonymity due to the sensitive nature of the work and because they weren't authorized to speak publicly.

The information operations division that runs WebOps is the command's epicenter for firing back at the Islamic State's online propaganda machine, using the internet to sway public opinion in a swath of the globe that stretches from Central Asia to the Horn of Africa.

Early last year, the government opened the bidding on a new counter-propaganda contract - separate from WebOps- that is worth as much as $500 million. Months after the AP started reporting about the bidding process, the Naval Criminal Investigative Service told the AP that it had launched an investigation. NCIS spokesman Ed Buice said the service is investigating a whistleblower's "allegations of corruption" stemming from how the contract was awarded.

The whistleblower's complaint alleges multiple conflicts of interest that include division officers being treated to lavish dinners paid for by a contractor. The complaint also alleges routine drinking at the office where classified work is conducted. The drinking was confirmed by multiple contractors, who spoke to AP and described a frat house atmosphere where happy hour started at 3 p.m.

One of the most damning accusations leveled by the whistleblower is against Army Col. Victor Garcia, who led the information operations division until July 2016, when he moved to a new assignment at Special Operations Command, also in Tampa. The whistleblower contended that Garcia successfully steered the contract to a team of vendors that included a close friend's firm. The whistleblower requested anonymity for fear of professional retribution.

The AP obtained a screen-grab from a Facebook page that shows Garcia and the friend at a tiki bar in Key Largo two weeks before the winning team was officially announced Sept. 30. The photo was also turned over to NCIS investigators by the whistleblower, who said the photo created a "clear impression and perception of impropriety."

Garcia, a West Point graduate and decorated officer, denied any wrongdoing and described the complaint as "character assassination." Garcia, who moved to his new post two months before the contract was decided, said he scrupulously avoided any discussions about the contract with both his friend and his former deputy. His former deputy served on the five-member panel that reviewed all of the bids.

"Because I was aware of these conflicts of interest, I intentionally kept myself out of that process - with any of these contract processes," Garcia said.

The whistleblower is a senior manager at a company that lost its bid for the work. He told AP that he was investigated for attempting to accept kickbacks on an unrelated government contract. He denied the allegations, which were made four years ago, and no charges have been filed in the case.

The problems with the WebOps operation and the personal bonds underpinning the new contract illustrate challenges awaiting President Donald Trump. He has promised to boost military spending by tens of billions of dollars while also cutting waste at the Defense Department and ensuring that contractors aren't getting sweetheart deals.

Charles Tiefer, a professor at the University of Baltimore's law school and a government contracting expert, reviewed AP's findings and called Central Command's lack of rigorous oversight inexcusable.

"These people should not be wasting the money consigned to defend us against terrorism," said Tiefer, who served on a bipartisan Commission on Wartime Contracting. The commission reported in 2011 that at least $31 billion was lost to waste and fraud in Iraq and Afghanistan.

___

"DO YOU SPEAK ARABIC?"

In a large office room filled with cubicles at Central Command, about 120 people, many of them Arabic language specialists, are assigned to fight IS militants on their own turf: the internet.

The WebOps contract is run by Colsa Corp., based in Huntsville, Alabama. A major challenge for Colsa -- and contractors working on other national security programs -- is finding people who can speak Arabic fluently and can also get security clearances to handle classified material.

The problem, according to six current and former Colsa employees, is that to engage with operatives of the Islamic State, or their potential recruits, you need to be fluent in language, nuance and Islam -- and while Colsa has some Arabic experts, those skills are not widely distributed.

"One of the things about jihadis: they are very good in Arabic," said one specialist who worked on WebOps.

Another former employee said common translation mistakes he personally witnessed, including the "Palestinian salad" example, were the result of the company hiring young people who were faking language abilities.

He mockingly described the conversations between managers and potential hires: "'Do you speak Arabic?'" he mimicked. "'Yes. How do you say 'good morning?' Oh, you can do that? You are an expert. You are hired.'"

A third specialist said she asked a colleague, who was assigned to analyze material written in Arabic, why he was discarding much of it. While watching a soap opera online, the colleague said the material was irrelevant because it was in Farsi or Urdu. But when she checked, it was indeed Arabic. She has since left WebOps to find more meaningful work, she said.

The WebOps Arabic program focuses on Syria, Iraq and Yemen, but for most of the time Colsa has been running it, it has had no Syrian or Yemeni staff, the AP was told in separate interviews with two current employees and one who left recently.

Engaging in theological discussions on social media with people who are well versed in the Quran is not for beginners. Iraq and Syria are riven with sectarian violence between Shiite and Sunni Muslims, who follow different interpretations of Islam. Multiple workers said that WebOps "experts" often trip up on language that is specific to one sect or region.

"People can tell whether you are local, or whether you are Sunni or Shia," said another former worker, so poorly crafted messages are not effective. He said he left WebOps because he was disgusted with the work.

A number of the workers complained to AP that a large group on staff from Morocco, in North Africa, were often ignorant of Middle Eastern history and culture - or even the difference between groups the U.S. considers terrorist organizations. The group was so dominant that colleagues jokingly referred to them as "the Moroccan mafia."

A lot of them "don't know the difference between Hezbollah and Hamas," said the employee who left to find more meaningful work. Hezbollah is an Iran-backed Shiite group based in Lebanon. Hamas, based in the Gaza Strip and the West Bank, is the Palestinian branch of the Sunni Muslim Brotherhood.

Cathy Dickens, a vice president for business management and corporate ethics at Colsa Corp., referred questions to CENTCOM, which declined comment.

___

"YOU SHOULDN'T GRADE YOUR OWN HOMEWORK"

To determine whether WebOps actually dissuades people from becoming radicalized, Colsa's scoring team analyzes the interactions employees have online and tries to measure whether the subjects' comments reflect militant views or a more tolerant outlook.

Three former members of its scoring team told the AP they were encouraged by a manager to indicate progress against radicalism in their scoring reports even if they were not making any.

The employee who said she left to find meaningful work recalled approaching a Colsa manager to clarify how the scoring was done shortly after starting her job. She said he told her that the bottom line was "the bread we put on the table for our children."

The boss told her that the scoring reports should show progress, but not too much, so that the metrics would still indicate a dangerous level of militancy online to justify continued funding for WebOps, she said.

She was shocked. "Until my dying day, I will never forget that moment," she said.

She, like other former employees, spoke only on condition of anonymity for fear of retribution from Colsa that could affect future employment.

The manager she spoke to declined to comment. AP withheld his name because of security concerns.

Employees and managers routinely inflate counts of interactions with potential terrorist recruits, known as "engagements," according to multiple workers. Engagements are delivered in tweets or comments posted on social media to lists of people and can also be automated. That automation is at times used to inflate the actual number of engagements, said two former workers, including the one who talked about colleagues faking their language abilities.

The worker who left in disgust explained that a single tweet could be programmed to be sent out to all the followers of a target individually, multiple times. So the targets and their followers get the same tweets tagged to them over and over again.

"You send it like a blind copy. You program it to send a tweet every five minutes to the whole list individually from now until tomorrow," the former employee said. "Then you see the reports and it says yesterday we sent 5,000 engagements. Often that means one tweet on Twitter." The person said that he saw managers printing out the skewed reports for weekly briefings with CENTCOM officers. But the volume made it look like the WebOps team's work was "wow, amazing," he said.

Garcia said Colsa has a done a good job under his watch, that the data is sufficiently scrutinized and the program is succeeding.

In 2014, a group of more than 40 Defense Department data specialists came to Tampa to evaluate the program. Their unclassified report, obtained by AP, identified what one of the authors called "serious design flaws." For instance, the report found that any two analysts were only 69 percent likely to agree on how to score a particular engagement. The author said a rate of 90 percent or higher is required to draw useful conclusions.

The report found that computers would be as accurate or better than analysts, and could evaluate effectiveness more quickly - and cheaply.

What Central Command really needed, the report said, was outside oversight.

"You shouldn't grade your own homework," said the author, a former U.S. military officer and data specialist once stationed at Central Command. The author, one of many people who signed off on the report, spoke on condition of anonymity for fear of professional retribution.

He said the report was given to officers, including Garcia, and to Colsa. The author said the suggestions were not implemented and WebOps managers resisted multiple attempts at oversight. The author said that when he directly appealed to Garcia for outside assessment, an officer under Garcia said the effort would cloud the mission.

"The argument was that WebOps was the only program at Central Command that was directly engaging the enemy and that it couldn't function if its staff was constantly distracted by assessment," he said. The argument worked, he said, and Colsa was not forced or instructed to accept outside oversight.

Garcia disputed that account but would not elaborate on what steps were taken to address the Defense Department data specialists' concerns. The Government Accountability Office issued a report in 2015 on WebOps oversight, but it is classified.

___

"UNTOUCHABLE"

Despite the problems behind the scenes at WebOps, Central Command will play a key role in the new $500 million psychological operations campaign against the Islamic State and other groups. The five-year contract was a hefty commitment to "degrade and ultimately defeat extremist organizations," according to a document detailing the scope of the work. It would run parallel to WebOps.

The request for bids was announced in April. Four separate teams of companies competed for the contract, including one led by defense giant Northrop Grumman.

From the start, competitors complained among themselves that Simon Bergman, an executive with the British advertising firm M&C Saatchi, had an advantage because he was friends with Garcia. Bergman was working with Northrop to prepare the bid.

A former British officer, Bergman was deployed to Iraq while Garcia was there working on psychological operations during the Iraq war. It was well known that the two men were close, and in recent years, contractors often saw Bergman at CENTCOM offices.

In April, defense contractor CACI International held a meeting in Tampa to discuss the bid. Three contractors on the team said a CACI manager warned a roomful of people that Garcia had already told him that he would decide who got the contract. The manager said that Garcia indicated that having Bergman on the team would help.

So in mid-September, when a photo appeared on Facebook showing Garcia and Bergman together in the Florida Keys, it did not look good in the eyes of many contractors. Garcia's girlfriend captured the old friends inside the Tiki Bar at Gilbert's Resort in Key Largo. They were on her Facebook page, shoulder-to-shoulder, smiling and giving the thumbs up.

Within days, the photos had been taken down from her page.

Two weeks later, the government announced Northrop had won the contract. Its team included M&C Saatchi, Bergman's firm.

A panel led by the U.S. General Services Administration chose the winner of the contract. Chris Hamm, a senior GSA acquisition executive, said a five-member team scrutinized the technical merits of the proposals for the contract. That team was led by two GSA officials and included three military officers - one of whom was Marine Corps Lt. Col. Matt Coughlin, who reported directly to Garcia before Garcia left his post. Coughlin is the information operations' liaison with contractors.

In an interview with AP, Hamm said the contract award was handled properly.

"The process is designed to avoid bias," Hamm said.

But several other contractors on losing teams said Coughlin would clearly have been the person on the panel with the most sway, because of both his technical expertise and the fact that he represented CENTCOM. And given Coughlin's ties with Garcia, they found that troubling.

Garcia said that while the bids were being considered, he stayed away from any discussions of it with Coughlin, his deputy. So he didn't even realize the award announcement was imminent when he went with Bergman to the Keys.

"I wasn't involved with the contracting process at all," Garcia said. "So I had no idea what the timing of the contract was."

When asked why the photo with Bergman was taken off Facebook, Garcia declined to comment.

Bergman said that his friendship with Garcia, one of many he has with military officers, is irrelevant. He noted that M&C Saatchi was only a subcontractor.

"I don't see why my relationship with somebody in the military would have any influence over anything," he said.

The whistleblower complaint however, filed in December with Central Command's inspector general, contended the photo of Garcia and Bergman created a "clear impression and perception of impropriety."

The four-page complaint, now under investigation by NCIS, said the atmosphere at the CENTCOM division, with routine drinking at the office and myriad conflicts of interest, led to an "air of untouchable invincibility."

Several contractors who spoke to AP, among the nearly two dozen either bidding for work or involved in CENTCOM information operations, said they suspected undue influence in the decision for the $500 million contract. In his complaint, the whistleblower alleges that Garcia told him directly at one point that "any team must include Simon Bergman."

All the contractors asked for anonymity to discuss sensitive work because they feared repercussions for their companies.

Colsa, the primary WebOps contractor, was not involved in Northrop's bid. However, nothing prevents Northrop from bringing the company in as a subcontractor.

That's the plan, said several contractors who have been briefed by Northrop. Such a move would provide ample funding to keep WebOps running for up to five more years.

___

Associated Press researchers Jennifer Farrar, Rhonda Shafner and Monika Mathur contributed to this report.

___

Follow Butler on Twitter at http://twitter.com/desmondbutler and Lardner at http://twitter.com/rplardner

____

Have a tip on government contracting? Contact the authors securely at https://securedrop