In 1944, the Office of Strategic Services (OSS), the Central Intelligence Agency’s predecessor — headed by legendary William “Wild Bill” Donovan — put together a secret field manual for sabotaging enemy organizations.1 The manual encouraged “simple acts” of destruction that required no special training, tools, or equipment, with minimal “danger of injury, detection, and reprisal,” and that, crucially, could be executed by “ordinary citizens.” The OSS identified two ways of undermining an organization: physical damage to equipment, facilities, transportation, and means of production; and human obstruction of organizational and managerial processes, leading to “faulty decisions and noncooperation.” Both ways targeted the productivity of a company. Lowering employee morale — organizational sabotage — was considered as effective at slowing down an organization’s output as pouring sand into the lubrication systems of its machines.
The 32-page manual wasn’t declassified until 2008 and included precise and detailed instructions for its subjects based on assumptions of how groups and organizations functioned. As anyone who reads through the recommendations today will attest, many of the instructions still ring true. An abundance of opportunities for sabotage existed — and continue to exist — because “a faulty decision may be simply a matter of placing tools in one spot instead of another” or “a noncooperative attitude may involve nothing more than creating an unpleasant situation among one’s fellow workers, engaging in bickerings, or displaying surliness and stupidity.” More specifically, the manual identified the human element as most vulnerable to interference, as people are “frequently responsible for accidents, delays, and general obstruction even under normal conditions.” Sound familiar?
Of course, production systems have changed, thanks in part to advances in manufacturing methods such as mistake-proofing equipment, and they are harder to cripple than they were 75 years ago. Simple acts such as “blowing out” the wiring in a factory, letting dirt and trash accumulate to make a building more flammable, and letting cutting tools become dull to slow down production (all recommendations for simple sabotage) aren’t what today’s managers are concerned about. Instead, they worry about cybersecurity breaches that involve average citizens, such as password phishing, trolling, and any release of confidential company data. Indeed, if Wild Bill Donovan were to commission the OSS sabotage manual today, he’d most likely replace simple acts of physical damage with cyberattacks that the “average citizen” could carry out.
But here is what’s most remarkable: When it comes to acts of human obstruction, the OSS manual wouldn’t have to change much at all. The instructions are as likely to impair a company’s performance today as when the manual was written during World War II. Worse yet, while physical damage is necessarily a deliberate act, human obstruction of organizational processes, then and now, is often inadvertent. The “agents” today may act in good faith and may not be fully aware of all the consequences. In fact, they may just follow so-called good management practices, such as subjecting important decisions to large and diverse groups to build consensus, carefully documenting discussions to capture insights and perspectives for future projects, and so on.
Consider the following recommendations from the sabotage manual’s section on “General Interferences with Organizations and Production”:
- “Insist on doing everything through ‘channels.’ Never permit shortcuts to be taken in order to expedite decisions.”
- “Make ‘speeches.’ Talk as frequently as possible and at great length. Illustrate your ‘points’ by long anecdotes and accounts of personal experiences.”
- “When possible, refer all matters to committees, for ‘further study and consideration.’ Attempt to make the committees as large as possible — never less than five.”
- “Bring up irrelevant issues as frequently as possible.”
- “Haggle over precise wordings of communications, minutes, resolutions.”
- “Refer back to matters decided upon at the last meeting and attempt to reopen the question of the advisability of that decision.”
- “Advocate ‘caution.’ Be ‘reasonable’ and urge your fellow conferees to be ‘reasonable’ and avoid haste, which might result in embarrassments or difficulties later on.”
- “Be worried about the propriety of any decision — raise the question of whether such action as is contemplated lies within the jurisdiction of the group or whether it might conflict with the policy of some higher echelon.”
- “To lower morale and with it, production, be pleasant to inefficient workers; give them undeserved promotions. Discriminate against efficient workers; complain unjustly about their work.”
- “Hold conferences when there is more critical work to be done.”
According to the OSS manual, such practices and timeless patterns of human behavior make companies vulnerable to undermining. Again, these sound very familiar. The lesson here is that some of the biggest threats to organizational performance can and do come from within. In an age when companies are told to be agile, to learn from experiments, and to be entrepreneurial, we are still vulnerable to actions — deliberate or unintentional — that stem from timeless human behavior and organizational processes that haven’t changed much in the last century.
The Lego Group provides an example.2 By 2004, the toy maker’s revenues had plunged, morale was low, customers were frustrated, and the company was near bankruptcy. What went wrong? There was no shortage of external factors that could be blamed: consolidated retail channels, volatile demand because of changing fad toys and video games, increased global competition, falling birth rates, and so on. But blaming external factors actually was part of the problem. The truth was that the company did poorly because of self-inflicted wounds — a form of unintentional self-sabotage. Healing these wounds required more than better business systems and streamlined supply chains; it demanded an understanding of the human processes that bogged down the company. Thus, the new CEO brought in a psychoanalyst who trained managers to distinguish between what is “above the line” (expressed logic) and what is “below the line” (emotions). Meetings would often start with people saying how they felt at the moment, a practice that took the edge off many discussions. These and many other interventions got at the very core of what made organizational processes potentially vulnerable.
Perhaps this is the biggest takeaway from the OSS manual. Safeguards to protect companies from physical or cyber interferences receive the most attention because their impact is visible (think of recent data breaches at Capital One, Equifax, and Facebook) and solutions can be engineered to address them. But human interferences in organizational processes, deliberate or unintended, are often subtle and difficult to detect, and involve actions that fall “below the line.” Indeed, when I share the manual’s recommendations with managers, I’ve found that their reaction usually starts with laughter (“I see this in my company.”), only followed by a sober recognition that organizations haven’t changed much since 1944. We’re all vulnerable, and that’s no laughing matter.