290 likes | 507 Views
Counter-intelligence. Int-Recap. Intelligence is secret state or group activity to understand or influence foreign or domestic entities. Four phases of Process of int : Direction -Decide what is to be monitored and analyzed.
E N D
Int-Recap • Intelligence is secret state or group activity to understand or influence foreign or domestic entities. • Four phases of Process of int: • Direction-Decide what is to be monitored and analyzed. • Collection- The obtaining of the raw information using varieties of cpllection disciplines. • Processing- Refining and analyzing the information. • Dissemination-Providing the results to consumer. (Timely and accurate info).
CI "Counter-intelligence (contre-ingérence) means activities concerned with identifying and counteracting threats to the security of own int employees, members, and property and information, that are posed by hostile intelligence services, organizations or individuals, who are or may be engaged in espionage, sabotage, subversion, terrorist activities, organized crime or other criminal activities." This corresponds to defensive counterintelligence in other services
Introduction • CI:-Efforts made by int-orgs to prevent hostile or enemy int orgs from successfully gathering and collecting intelligence against them. • Govts organize CI-agencies separately and distinct from their int collection svcs for specialized purposes. • In most countries, the CI-mission is spread over multiple organizations. • Usually a domestic CI-svcs work as part of a larger law enforcement org: -CIA - the United States. -MI-5 -Great Britain -KGB- Former USSR -Muhabarat – Arab Countries
Contd… • Some countries separate the functions of general defensive counterintelligence (contre-ingérence), a. security intelligence (the intelligence preparation necessary to conduct offensive counterintelligence}, • Law enforcement intelligence, • Offensive counterintelligence.
Contd.. • Mil org have their own CI-forces, capable of conducting protective ops both at home and when deployed abroad. • Depending on the country, there can be various mixtures of civ and mil in foreign operations. US embassies have overt legal attaches who work for the FBI Legal attaches often work on transnational law enforcement, but may well have a liaison responsibility for defensive CI. • “Counter-espionage” and “Offensive CI” are interchangably used. Both counter HUMINT.
CI Operation • It is separate from other int org. e.g CIA in the US and MI-5 in the UK • Defense system of nations, are vulnerable; Int org work to protect the nations by helping concerned agencies by supplying the int. • The challenge: identifying and reporting a wide range of potential threats; requires threat assessment. If done seriously, it is a complex task.
Policy of Nation-States • ‘States’ lead double lives—one sort for display, the other to be pursued. • Ordinary citizens would not know the window of the “double lives” of state. • Decision makers need validated,timely and accurate int to make a plan. • Int services not only collect info, it engages in propaganda missions if it suits their NVIs. • The policy leadership should be alert enough to appreciate the value of such insights. • CI points - hostile actions both originated from one's own country and foreign intelligence services (FIS), a term of art that includes transnational and non-national adversaries.
Contd… U.S. has over sixteen plus agencies. Tactical military int and security org, transnational threats- to include terrorism, cyber warfare and computer security, covert employment of WMD, narcotics trafficking, and international organized crime. It is not complete! MI-6 (SIS):Produce secret int in sp of HMG's security, defence, foreign and economic policies as dir by the JIC and approved by Ministers. MI-5: Protect the State against substantial, covertly organized threats, primarily from terrorism, espionage and subversion and organized crimes.
Int and Law Enforcement Agencies In Democratic societies it is a challenge: what org, laws, and doctrines are relevant to protect against all sorts of terrorism in own country. • US- a very careful line drawn between intelligence and law enforcement. • UK-Security Service (MI5) and the Special Branch of the Metropolitan Police ("Scotland Yard"). • French magistrates have multiple functions that overlap US and UK functions of investigators, prosecutors, and judges. • Spain- Domestic: Interior Ministry, with mil sp, takes lead; International threats, the National Intelligence Center (CNI) has responsibility.
Forms of Counter Intelligence Missions • CI is not a neg and responsive activity; it is both information gathering and protecting friendly intelligence services. It creatively but vigorously attacks the “structure and personnel of hostile int services”. • CI Msn incl: -Def analysis - look for vulnerabilities in one's own organization, and, with due regard for risk versus benefit, closing the discovered holes. -Offensive CE - neutralize discovered FIS personnel (arrest or, expel diplomats-PNG). It exploits FIS pers to gain int for one's own side, or actively manipulate the FIS personnel to damage the hostile FIS organization.
Contd.. • CI Force Protection Source Operations (CFSO) are human source ops, conducted abroad that are intended to fill the existing gap in national level coverage in protecting a field station or force from terrorism and espionage.
Int Cycle Mgmt • Physical Security; Assets • Personnel Security: Staffs and agents • Comn Security (COMSEC); Against theft, means and tapping, (pers, eqpt and ops - antenas • INFO System Security (INFOSEC); protecting the info until it loses value. • Operational Security: Secure until op is executed. • Security Classification: Pers classification; documents class etc
Defensive CI-Ops • Looks for places in own org that could easily be exploited by foreign intelligence services (FIS). • Ops gainst a FIS might be against one's own nation, or another friendly nation. • Actions: • -sp a friendly govt: • military sp. • CI activities • humanitarian • aid to development -i.e. “nation building”
Contd.. • CI and CT analysis provide strategic assessments of foreign int and terrorist groups and prepare tactical options for ongoing operations and investigations. • CE may involve proactive acts against foreign int- services, such as double agents, deception, or recruiting foreign intelligence officers. • Clandestine HUMINT sources can give the greatest insight into the adversary's thinking, they may also be most vulnerable to the adversary's attacks on one's own organization.
Offensive CI-Ops Best defense against foreign attacks on, or infiltration of, int services is active measures against those hostile services. • It is often called counterespionage (CE): -measures taken to detect enemy espionage or physical attacks against friendly int-services. - prevent damage and information loss. -turn the attempt back against its originator. • CE (not reactive); actively tries to subvert hostile int-services, by: -recruiting agents in the foreign service. -discrediting personnel actually loyal to their own service. -taking away resources useful to the hostile service. • All of these actions apply to non-national threats as well as to national organizations.
Contd… Within own country, or in a friendly one with cooperating police, the hostile agents may be: • Arrested, • If diplomats, declared Persona Non Grata (PNG). • From the perspective of one's own intelligence service, exploiting the situation to the advantage of one's side is usually preferable to arrest or actions that might result in the death of the agent.
Contd… • The int priority sometimes comes into conflict with the instincts of one's own law enforcement organizations, especially when the foreign threat combines foreign personnel with citizens of one's country. • In some circumstances, arrest may be a first step, in which the prisoner is given the choice of cooperating, or facing severe consequence up to and including a death sentence for espionage. Cooperation may consist of telling all one knows about the other service, but, preferably, actively assisting in deceptive actions against the hostile service.
CI Protection of Int Services • Def-CI specifically for int - services involves risk. Effective int-ops are often risk-taking. The services need to mitigate risk with appropriate countermeasures. • FIS are especially able to explore open societies, and, in that environment, have been able to subvert insiders in the intelligence community.
Running Offensive CE-Ops Agents / Double/ Triple Agents Double agents and defectors start out being loyal to service B, which immediately creates the potential for emotional conflict. False flag operations also have the potential for conflict, as these operations recruit people who believe they are working for service C, but they have not been told the truth: they are actually working for service A or B, depending on the nature of the operation. Before even considering double agent operations, a service has to consider its own resources. Managing that agent will take skill and sophistication, both at the local/case officer and central levels. Complexity goes up astronomically when the service cannot put physical controls on its doubles A B C
Triple Agent A triple agent can be a double agent that decides his true loyalty is to his original service, or could always have been loyal to his service but is part of an active provocation of your service. If managing a double agent is hard, agents that turned again (i.e., tripled) or another time after that are far more difficult, but in some rare cases, worthwhile Starts with B; Volunteers to be a defector-in-place for A; Discovered by B Offers his communications with A to B, so B may gain operational data about A and send disinformation to A A concern with triple agents, of course, is if they have changed loyalties twice, why not a third or even more times? Consider a variant where the agent remains fundamentally loyal to B A B
Moles A B C Moles start out as loyal to service B, but may or may not be a trained intelligence officer of that service. Indeed, those that are not trained, but volunteer to penetrate a FIS, may either not understand the risk, or are tremendously brave individuals, highly motivated against Country A and willing to risk its retaliation if their limited preparation reveals their true affiliation. Starts in B ; Joins A Transmits to B or distrupts operations until leaves or disrupted int professionals reserve mole to refer to enemy personnel that personally know important things about enemy int operations, technology, or military plans. A person such as a clerk or courier, who photographs many documents but is not really in a position to explore enemy thinking, is more generically an asset. To be clear, all moles are assets, but not all assets are moles.
False-Flag Penetrators A special case is a false-flag recruitment of a penetrator: Starts in C Believes being recruited by A Actually is recruited by B and sends false information to C B C A
Defector An individual may want to leave their service at once, perhaps from high-level disgust, or low-level risk of having been discovered in financial irregularities and is just ahead of arrest. Even so, the defector certainly brings knowledge with him, and may be able to bring documents or other materials of value. Starts in A Leaves and goes to B
Defector in Place It is to directly recruit an intelligence officer (or terrorist member) from within the ranks of the adversary service (terrorist group) and having that officer (terrorist) maintain their normal duties while spying on their parent service (organization); this is also referred to as recruiting an “agent” or defector in place. Starts in A Stays working in A but reporting to B A B
Conclusion • Running the operations Monitoring, Testing and Managing the Double Agent Check regularly, test, get assistance from psychologists, look changes in motivation, use polygraph to test, cross check info. 2. Training and payments • "Train the agent, but only as a double." Improve his own security and cover as a double. Do not, however, improve his intelligence collection skills. • deposit his salary in a third-country bank account of which he is aware, and that he can access on termination. 3. Safety of agents Int and CI are normal practices in to-days worldl it has to be carefully planned and executed.