About the Threat Library

No matter what, we make and will continue to make mistakes in the battle against such strong oppressive mechanisms. Mistakes that will always “cost” more compared to the cops' mistakes which are “absorbed”. We must weigh the situations again and ensure that the mistakes which happened once simply can not happen again. We must study and appreciate the accumulated experience of so many years and, taking into account the tendency to prepare for the battles which already took place and not for those that will come, let's be prepared and may luck be on our side…

anarchist comrades from Greece, in a text detailing the surveillance that led to their arrests, 2013

What is Threat Modeling?

Threat modeling is a conceptual exercise designed to help you identify threats, how you might be vulnerable to those threats, and what mitigations might sufficiently protect you without interfering with your ability to achieve your goals. This exercise is best done in the context of a specific project, collaboratively with the comrades you'll be working with, in outdoor and device-free conversations.

What is the Threat Library?

A prerequisite for threat modeling is an understanding of adversary behavior. The Threat Library is a knowledge base of techniques used by the enemies of anarchists and other rebels — a breakdown and classification of actions that can be used against us. These techniques are organized into a set of tactics to provide context for the technique.

Tactics represent the “why” of a technique, the reason for performing an action. A state adversary has three distinct but potentially overlapping tactics:

Techniques represent “how” an adversary achieves a tactical objective by performing an action. For example, an adversary may install covert surveillance devices that can later be used for incrimination.

These techniques are linked to specific repressive operations that are known to have used them, which also provides insight into the context of different countries. Each technique is paired with potential mitigations that you can take, which can help to render the technique ineffective.

Ultimately, the Threat Library is a tool to help you think through what mitigations to take on a given project, and a way to navigate resources that cover these topics in more depth. In other words, it helps you achieve the appropriate operational security for your threat model.

Centralized information about repressive techniques can have a paralyzing effect; by collecting every possible approach available to our adversaries, it can make the police seem all powerful. The intent of the Threat Library is not to minimize or exaggerate the repressive capabilities of the State, but rather to understand its options and, more importantly, how those options are used in different contexts.

It should be emphasized that the vast majority of anarchist attacks are not successfully prosecuted. Operational security can impede the progress of investigations, even when they have a lot of resources or in contexts with a relatively small anarchist space. For example, frustrated investigators in Bremen (Germany) and Grenoble (France)[1] have spoken to the media about their failure to repress any of the arson attacks that have taken place in both locations over the years, which they attribute to the mitigations taken by the arsonists.

Limitations of the Threat Library

The Threat Library is, by design, a very technical approach to anti-repression — threat modeling is done at the level of actions, and thus does not attempt to contribute to the social question; how to escape the enclosure that repression seeks, how to intervene in social tensions, and so on. While we need to develop the means to minimize the likelihood of imprisonment, struggles for freedom are not primarily a technical affair but a social one.

Such a technical approach should not lead us to overlook the psychological and emotional aspects of our struggles and our lives. As much as possible, we advise our readers to take time before, during and after an action to discuss with all comrades involved and make sure that everyone's emotional needs are taken into account.

Although the Threat Library attempts to cover as comprehensively as possible the dangers anarchists may face in their struggles, it is meant to grow with contributions over time and will never be complete. This is especially true as our enemies may evolve with new and unforeseen techniques. Thus, to avoid a false sense of security from using the Threat Library, we encourage our readers to use other sources of knowledge, to remain critical, and to always consider their personal context when making important decisions.