The Plan to Stop Green-on-Blue Violence

The Pentagon’s secret PowerPoint on Afghan insider attacks.

SHAH MARAI/AFP/Getty Images
SHAH MARAI/AFP/Getty Images
SHAH MARAI/AFP/Getty Images

According to the Pentagon's December 2012 Report on Progress Toward Security and Stability in Afghanistan, "green on blue" attacks -- incidents in which members of the Afghan security forces attack NATO coalition soldiers -- "increased sharply" last year. At least 52 coalition soldiers died as a result of at least 37 green-on-blue attacks in 2012. A recently declassified set of slides produced by U.S. Central Command, published below and made public here for the first time, illustrates some of the steps that the U.S. military has taken to defeat "insider threats" -- and why "green on blues" are so difficult to prevent.

According to the Pentagon’s December 2012 Report on Progress Toward Security and Stability in Afghanistan, "green on blue" attacks — incidents in which members of the Afghan security forces attack NATO coalition soldiers — "increased sharply" last year. At least 52 coalition soldiers died as a result of at least 37 green-on-blue attacks in 2012. A recently declassified set of slides produced by U.S. Central Command, published below and made public here for the first time, illustrates some of the steps that the U.S. military has taken to defeat "insider threats" — and why "green on blues" are so difficult to prevent.

The Centcom slides identify four types of threats: "Infiltration," when insurgents join the ANSF with the intent to attack, spy, or create mistrust; "Co-opting," when insurgents use "intimidation, blackmail, or connections" to persuade an existing ANSF member to conduct an attack; "Mimicking," when insurgents use stolen uniforms or forged ID cards to attack ISAF soldiers; and "Destabilizers," ANSF soldiers who (often due to "stress, mental instability, or… drug use") attack ISAF soldiers without having been influenced by insurgents.

Centcom’s ANSF Screening and Monitoring Timeline shows a robust — if belated — effort to quantitatively monitor each soldier in the Afghan army. Screening was hampered because a NATO intelligence-sharing agreement with the Afghan government wasn’t reached until March 2008, and the ANSF biometrics program was not officially established until September 2009. In response to insider attacks, the Afghan Ministry of Defense began extensively ramping up its counterintelligence program in late 2010.

Troublingly, some other basic steps were not undertaken until late in the war effort. The document reports that in May 2011, "10,000 ANSF uniforms [were] removed from bazaars," but it does not elaborate on how and why they were there; or how many uniforms remain available for purchase by non-soldiers who might attempt "Mimicking" attacks.

The final declassified slide details the eight-step screening process Afghan recruits must complete to enter basic training. These steps include: providing a valid tazkera (identification card), two letters from elders, biometric collection (currently the database stores 430,000 records), a criminal records check, fitness check (officers only), and medical and drug screenings. Failing a THC (marijuana) screening does not disqualify a recruit from serving in the ANSF — despite the document’s earlier claim that drug use can factor into "Destabilizer" (non-insurgent) insider attacks.

Centcom claims that this screening process — which is undergoing "ongoing improvements" — gives "the ANSF a better chance to identify ‘insider threats’ before they enter the service." Since the creation of this May 2011 document, these "ongoing improvements" have included a process for receiving anonymous tips, suspending the training of the Afghan Local Police and some joint "mentoring" operations, installing NATO service members dubbed "guardian angels" to observe all gatherings of NATO and Afghan troops, meetings between Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff, and senior Afghan commanders and officials, as well as discussion of this problem between Presidents Obama and Karzai.

Despite these efforts and improvements, green-on-blue attacks continue to escalate, making Centcom’s assessment that "continued shortfalls… will allow some insider attacks to continue to occur" all the more ominous.

Centcom Green-on-Blue Slides

Nate Jones is Freedom of Information Act coordinator at the National Security Archive.

More from Foreign Policy

Newspapers in Tehran feature on their front page news about the China-brokered deal between Iran and Saudi Arabia to restore ties, signed in Beijing the previous day, on March, 11 2023.
Newspapers in Tehran feature on their front page news about the China-brokered deal between Iran and Saudi Arabia to restore ties, signed in Beijing the previous day, on March, 11 2023.

Saudi-Iranian Détente Is a Wake-Up Call for America

The peace plan is a big deal—and it’s no accident that China brokered it.

Austin and Gallant stand at podiums side by side next to each others' national flags.
Austin and Gallant stand at podiums side by side next to each others' national flags.

The U.S.-Israel Relationship No Longer Makes Sense

If Israel and its supporters want the country to continue receiving U.S. largesse, they will need to come up with a new narrative.

Russian President Vladimir Putin lays flowers at the Moscow Kremlin Wall in the Alexander Garden during an event marking Defender of the Fatherland Day in Moscow.
Russian President Vladimir Putin lays flowers at the Moscow Kremlin Wall in the Alexander Garden during an event marking Defender of the Fatherland Day in Moscow.

Putin Is Trapped in the Sunk-Cost Fallacy of War

Moscow is grasping for meaning in a meaningless invasion.

An Iranian man holds a newspaper reporting the China-brokered deal between Iran and Saudi Arabia to restore ties, in Tehran on March 11.
An Iranian man holds a newspaper reporting the China-brokered deal between Iran and Saudi Arabia to restore ties, in Tehran on March 11.

How China’s Saudi-Iran Deal Can Serve U.S. Interests

And why there’s less to Beijing’s diplomatic breakthrough than meets the eye.