COUNTERINTELLIGENCE
- Anti Terrorism Accreditation Board
- Emergency Response Manual
- Chapter 160
The Purpose of Intelligence
- The purpose of Intelligence is two fold. It acts as an early warning system by attempting to provide accurate and timely information about the adversary’s intention, and the surrounding environment. It also provides a counterintelligence tool to deny the adversary valuable information and also to combat terrorism, subversion and espionage. Thus intelligence is protective , exploitative and positive in that it supplies us with positive intelligence about the adversary and protects our own infrastructure. Intelligence thus renders our actions either offensive or defensive.
CI Must be Flexible to Adapt
- The CI effort focuses on the overall hostile intelligence collection, sabotage, terrorist, and subversive threat.
- The CI effort is also sufficiently flexible to adapt to the geographical environment, attitudes of the indigenous population, mission of the supported command, and changing emphasis by hostile intelligence, sabotage, terrorist, and subversive organizations.
What are We Protecting
- In protecting an installation and its information systems, operations and general security from enemy multidisciplinary intelligence threat we must identify the vulnerable and critical areas to be given more weightage during security review.
- Not all assets and activities warrant the same level of protection. To this end a careful and thorough vulnerability analysis needs to be conducted resorting to red teaming methodology.
The Enemy Uses Intel and CI also
- It should be noted at this juncture that it is always the attempts of the enemy intelligence service to subvert our knowledgeable personnel.
Classification and Access
- In a military production unit , say ordnance factory , the senior engineers and quality control scientists have access to sensitive designs and information related to weaponry systems.
- Similarly classified and top secret documents/information are in the hands of cleared senior personnel. These people are often the target of aggressive enemy counterintelligence agents.
The 5 Basic Categories
- People
- Activities / Operations
- Information
- Facilities
- Equipment / Materials
Basic CI Categories Include
- People
- Activities/Operations
- Intelligence collection/analysis
- Sensitive movement of operations/personnel
- Conduct of sensitive training
- Communications/networking
- RDT&E and sensitive technology
- Production of sensitive technology
- Protection of nuclear/chemical/biological materials
- Protection of weapons, explosives, and equipment
Information
- Information
- Classified
- Sensitive Compartmented Information
- Top Secret
- Secret
- Confidential
- Unclassified
- System designs
- System capabilities/vulnerabilities
- Sensitive methods
Facilities
- Facilities
- Headquarters
- Field offices/administrative buildings
- Training facilities
- Storage facilities
- Production facilities
- R&D laboratories
- Power plants
- Parking facilities
- Aircraft hangars
- Residences
Equipment/Materials
- Transportation equipment/vehicles
- Maintenance equipment
- Operational equipment
- Communications equipment
- Security equipment
- Weapons
- Automated information systems equipment
CI Agent Needs to Know Critical Needs
- Now that the CI agent is knowledgeable about these assets and activities that need protection, he can execute a vulnerability and criticality analysis and recommend suitable protective measures as well as countermeasures to the Commander.
- He can recommend which critical units need protection first and what resources to allocate and how and where to implement general security and countermeasures.
Insurgency and Force Protection
- Why does counterintelligence factor so much in COIN missions? Firstly insurgents place a very high emphasis on the usage of informants, double agents, reconnaissance, surveillance, open source collection of media and imagery.
- Thus it could well be that we have sources who have switched loyalties or who may be working for both the parties with little or no loyalty to the government.
- We must locate these individuals who are a threat to operational security.
Insurgents & Counter Surveillance
- Secondly insurgents resort to counter surveillance. They hide among the local populace , use couriers to transfer money, intelligence and orders to run their ops.
- Finally and very important is the need for counterintelligence for Force protection.
Need a Clear Doctrine
- Another definition is CI both ‘information gathered’ and ‘activities conducted’ in order to ‘protect against espionage, other intelligence activities, sabotage or assassination conducted on behalf of foreign powers, organisations or persons, or international insurgent activities but not including personnel, physical documents or communications security’.
CI Conducts Operation to Determine Enemy Capabilities
- In order to neutralize hostile intent CI conducts various activities such as acquiring information about plans, operations and capabilities of those organizations whose intent is subversion. CI informs policy.
CI is Important to the Intel Cycle
- CI aids military commanders and allied agency heads to take effective decisions.
- We don’t have a clear doctrine on CI. It is the most misunderstood , most sensitive arcane intelligence discipline.
- But it performs the very important function of protecting the intelligence cycle.
CI is an Activity and Work Product
- Counterintelligence is both an activity and its product.
- The product is reliable timely information about enemy/foreign intelligence organizational structure, the personnel profile, the operations of the enemy/foreign intelligence service and how they recruit personnel both from outside and insiders.
CI Intelligence Collection
- To this end ‘’counterintelligence intelligence collection’’ activities are conducted.
- It is an organization also as it consists of personnel with specialized skills to whom are allocated various functions.
- After proper execution an information database is created which provides knowledge to decision makers.
CI in Summary
- Summing up CI is in a way different from all other intelligence disciplines.Intelligence seeks to aquire information through collection methods wherein the result is not the objective but in CI collection activities enemy intent is always in the horizon..and activities..both offensive and defensive are conducted to neutralize this intent or to exploit the enemy itself to our advantage.
CI is Multidisciplinary
- Counterintelligence interacts with other intelligence disciplines such as SIGINT and IMINT to locate hostile entities and also to acquire knowledge about the capabilities and targeting of hostile SIGINT/IMINT. CI is multidisciplinary. It is different from security in that like security it does not only seek to implement defensive measures but also to aggressively target hostile intent. One of these offensive CI operations is Deception. Deception ops are designed at senior echeleon levels such as Command.
Deception Operations
- The CI body/unit executes the deception operation. Just as tactical military intelligence supports combat ops , similarly CI must support deception ops. CI is not policing.
- Once a crime is commited the law enforcement authorities resort to arrest of the perpetrator so as to prosecute him as per law.
- But a CI agent has no arrest authorities. All these doctrinal differences make it more difficult to promulgate a clear CI doctrine.
Clandestine Operations
- The CI functions include collection of all information about the activities and the organization itself of the enemy intelligence service.
- To this end source operations and clandestine methods are resorted to.
Accurate Analysis
- The analytical component of CI holds significant importance because accurate analysis predicates CI operations designed to defeat hostile intent and also conduct exploitation ops to our advantage.
- Infiltration/penetration and deception operations , to name a few are the offensive operations resorted to by the CI body.
Defending Installations and Personnel
- A specialized function is the evaluation of defectors and debriefing of returned defectors.
- There are also defensive operations designed to protect installations/personnel information and formal security programmes.
CI and Information Protection
- Protecting secrets High up on its priority list CI has information protection. CI attempts to ensure that classified information doesn’t fall into the hands of unauthorized users such as foreign agents /foreign intelligence service (physical security part of CI) and also making certain that all those people who do have access to sensitive information, say due to ‘’need to know’’ authority or by virtue of portfolio in the intelligence dept.—these people are protecting that information from being accessed.
- Here we used the term “CI attempts to ensure’’ as no amount of security controls can ever guarantee that the employee will observe the rules.
Lapses Do Happen
- Lapses will and do happen. Lapses which may be involuntary or voluntary with multiple intent scenarios ..ranging from yearning for self sufficiency in terms of wealth etc to disgruntled officials. If an official has the authorization to access sensitive information we must accept the fact that the information can also be compromised.
Profiling
- To prevent this from happening and thus protect the intelligence information (or in a larger context the intelligence cycle itself) the intelligence organization resorts to psychological, behavioural, evaluation, monitoring and profiling those personnel who have a propensity for betrayal.
Inaccurate Profiling
- But the former evaluation techniques are below 100% accuracy thus leading to the recruitment of personnel who have intent to do harm.
- As for the latter profiling method those personnel who are adept in evading detection remain out of scrutiny and more resources are wastefully allocated in profiling the wrong person.
Nothing is 100% Secure
- Hence earlier stated that no amount of security control or vetting can ensure 100% information protection.
- We have to live with this risk and CI primary function is to resort to all available means so as to minimize this risk.
Naxalite Barracks Attack
- Attacks against military and related facilities are a very real threat, as demonstrated by the Naxalite attack against CRPF personnel in Chattisgarh's Dantewada district and many others. On April 6, Naxalites had killed 75 CRPF personnel and a police officer also succumbed in the massacre.
- We must have a doctrine for protecting our facilities and conserving the potential of our forces.
Attacks to Destroy Morale
- Insurgents deliberately attack the forces ..for example in the rear to destroy camps, housing, support units and ammunition dumps with the intent to undermine the fighting potential and morale of the troops and loot and destroy its ordnance and weapons simultaneously.
- This is a grave threat and needs to be addressed.
Counter Intel and Standard Intel
- Counterintelligence, like it protects the intelligence services it also provides the necessary intelligence to combatant commanders for force protection.
- Standard intelligence disciplines all provide relevant intelligence but very less or no HUMINT relevant to counterintelligence.
Security Alone is not Sufficient
- We incorporate standard physical security measures but that is not sufficient for force protection.
- It is never a substitute for protection gained through intelligence.
- Moreover physical security can never override the value of counterintelligence.
- It is only HUMINT collected by intelligence and counterintelligence agencies that function as the indications and warning provider with respect to insurgent and other force protection threats.