Counterintelligence

Keshav Mazumdar

Antiterrorism Officer & Sr VP ATAB

Anti Terrorism Accreditation Board

CDOCTRINE & CI ARCHITECTURE

AT TACTICAL/OPERATIONAL LEVELS

Question those that Volunteer Information

• As such Source Operations are conducted by the counterintelligence units and casual or incidental sources such as listed below are screened and debriefed/interrogated:
• Walk-ins and write-ins (individuals who volunteer information) unwitting sources (any individual providing useful information to counterintelligence, who in the process of divulging such information may not know they are aiding an investigation) defectors and enemy prisoners of war (EPW) interviewees (individuals contacted in the course of an investigation) official liaison sources.

Doctrine

• Doctrine guides the employment of military forces, and shapes how military professionals “think about the use of the military instrument of national power”. Army doctrine details a basic understanding of the tactics, techniques and procedures to be employed to support combat requirements.
• Air Force doctrine provides commanders and their staffs a basic understanding of how various Air Force organizations can be used to meet or support combat requirements.

Confusion in Doctrine

• The Army have historically lacked comprehensive CI doctrine.
• This lack of doctrine has resulted in confusion, and hampered the ability of Force commanders to use CI to improve force protection efforts.

Threat Driven

• Force protection efforts must be threat driven.
• Vulnerabilities should be identified, the corresponding threats identified and then protective measures are put in place.
• To this end MI and CI play a very important role.
• This should be the basis for the creation of a comprehensive CI doctrine

CI is Systematic Acquisition of Intel

• “CI is the systematic acquisition of information concerning espionage, sabotage, insurgency, and related foreign activities conducted for or on behalf of foreign nations, entities, organizations, or persons and that are directed against or threaten our military interests.

HUMINT Intel Sources

• To this end a variety of HUMINT sources , like walk ins, casual sources, defectors, official sources, liaison contacts , recruited sources are employed by CI elements.
• CI collections and investigations lead to a repository of information on threats.

CI – HUMINT 1st line of Defense

• Thereafter by cueing other intelligence disciplines and using all source analysis a complete picture of the threat is obtained.Thus we reach our main objective—the precise warning of hostile attack and we also identify the probable targets of the attack and the time of attack.
• In a nutshell CI usage of HUMINT is the first line of defence.

Intel is looking Outward, CI is looking Inward

• It is true that a multidisciplinary intelligence approach is effective to thwart enemy collection efforts but CI and force security measures play key roles.
• To neutralize/destroy enemy intent we need CI to the fullest capacity.Other intelligence disciplines can be cued but CI is top priority.
• To identify our vulnerabilities we must resort to counterintelligence.
• Intelligence is looking outward but CI is looking inward.
• Intelligence collection is not concerned with the end result but counterintelligence is concerned with the ‘’intent’’ of collection.
• CI should always be on an aggressive footing.
• We need a comprehensive CI doctrine detailing all of these and more.

Asymmetric Warfare

• We should bear in mind that this era is not exclusively the era of conventional combat.
• Asymmetric warfare is the order of the day.
• Insurgents take years to plan an operation.
• They conduct extensive pre-operation surveillance, they have their own counterintelligence networks and this long period justifies the employment of intelligence and CI .

Type 1,2,3, Threats

• The CI department should tackle the type 1 , 2 and 3 threats.
• CI cells should come into existence and should be staffed with HUMINT, SIGINT and IMINT elements.
• Priority should be on analysis of threat intelligence.
• MI should be particularly in charge of analysis of Type 3 threats.

CI Cells

• Elements from Special task forces, explosive ordnance disposal, medical, operations and communications should also staff the CI cells.
• The CI elements should fortify their collection and investigation capabilities.

Threat Databases

• They should maintain a threat database which will include the structure and capabilities of foreign intelligence services, details of insurgent organizations and timeline of attacks perpetrated by them and also criminal enterprises because it is well established that insurgents and criminals share information and resources.
• This database should be continually updated.

Intelligence Database

• The intelligence information contained in this database should be readily available on request.
• Included in this database should be latest physical security measures, details of explosive ordnance effects—all contributed by specialists.
• All source intelligence should be further fused in with the intelligence contained in the database.

CI Analytical Cell Should Contain Worldwide Inputs

• The CI analytical cell should not only produce daily threat summaries but also act as an I&W system.
• It should receive worldwide inputs of insurgent developments as well as national cases.
• It should interface with civil intelligence agencies through liaison methodology thus updating threat information.

CI Cells and Major Commands

• The unit CI cells should be extrapolated to the creation of similar cells at all major commands which will focus on the respective area of responsibilities.
• These cells would produce threat and vulnerability assessments.

Coordinated Communication

• In addition to these functions these CI cells should be ready to be deployed to support major exercise and contingency deployments.
• These CI cells will facilitate the formulation of the commanders information requirements as the dissemination of intelligence products to the latter will heighten his perception of the situation.
• These cells can communicate two ways with the collectors on the ground from parallel intelligence units thus achieving coordination between different intelligence disciplines.
• Investigative leads and operational opportunities result from all these efforts.

Prioritize Intelligence Collection

• We need to have a force protection intelligence doctrine,strengthen it, define the role of MI in force protection efforts and priortize collection and analysis of intelligence on force protection threats.
• We need a robust HUMINT capability supported by CI—the optimum integration of both is the need of the hour. We have the LU, CI and IFSU but still we lack a viable HUMINT mission.

Must Have Comprehensive CI Doctrine

• Duplication creates confusion and wastage of resources. We must have a comprehensive CI doctrine.
• The CI units should be staffed with more personnel, both in major cities/foreign areas and in collection activities.
• Analysis of force protection intelligence should be properly delegated to CI cells and to this end CI Analytical cells should be dispersed at Army Headquarters and major commands

MI Resources to HUMINT

• Whatever HUMINT we have is afforded by these units directly or indirectly and we must use this to the fullest potential to counter force protection threats.
• To improve the HUMINT capabilities MI should assign additional resources.
• Duplication resulting from the efforts of the MI constituents need to be removed and the respective roles clarified

The Army Head Office (AHO) exercises technicalcontrol, review, coordination and oversight of CI controlled activities.

Will execute a system of review of CI activities , ensure compliance and proper accounting.

Will have direct control over an Investigation, task the CI elements , provide guidance to operational and investigative CI activities and if necessary refer the CI activity to a sub-office.

Head Office Control

• The Head office assumes full and direct control.
• Monitor the management of case files and other records storage and retrieval system.
• Processing of records and transfer to the repository, insuring to maintain the quality assurance of investigative reports.
• Monitor source ops and CE projects to ensure laision activities with other agencies are properly conducted with optimum exchange of information and dissemination of information.
• This information exchange will fall under their purview in a timely manner and approve or disapprove CI case summaries.

Sub Office

• The Sub offices will coordinate technical direction and tasking from the head office, monitor all CI activities withing its area of operation and provide feedback to the head office. Sub Office shall conduct CI investigations tasked to it by the head office as well as investigation initiated by the Sub Office staff. The exception being those investigations directly controlled by the head office. The Sub Office will ensure proper dissemination to end users as well as the head officeand ensure the accuracy and compliance with CI policy of all CI reporting. Sub Office shall brief commanders and intelligence officials. Liasing with external agencies and disseminating information to them that falls under their purview.

CI Support to Force Protection

• The foreign intelligence service conducts intelligence collection about our forces and hostile attack.
• Herein comes the very important concept of force protection.
• They target defence personnel , resources , activities and critical information.
• CI support to force protection involves actions to prevent or mitigate hostile actions against these entities.

 

Increased Security on Billet Area

• It should be noted that the military police functions are not adequate to cover the security of these entities –CI support is a must.
• In a deployable situation the enemy targets the vulnerable rear positions and the support elements.
• Hence security is beefed up where troops are housed , dependendants and other personnel are made aware of the threat—this is where the CI elements are active.

Hostile Intent

• The military police and allied elements take stock of the situation in the army area but are less aware of the ground situation ‘’outside the fence’’. Hence recourse is made to establish contact with civil intelligence agencies and local police for updates on any threat intelligence in the proximity of the base. Moreover the military police have no jurisdiction outside the base. Strengthening the physical defences is one way to prevent the application of hostile intent but what is more important is enemy pre-operational surveillance activities. But the difficulty is that these activities are innocuous.

Scenario

• Lets take an example to illustrate the point. A vehicle approaches the gate of a military camp.
• On being questioned by the guard on duty the driver says he had no intention to turn up there—he had made a wrong turn.

What did the Driver State

• Now this is an acceptabvle excuse and further interrogation may not help.
• The driver is instructed to leave the area.
• It is equally possible he is saying the truth.

Is Driver Conducting Surveillance

• But consider the situation where the the threat index in the area is high and hence from the force protection perspective the driver who can equally well be a insurgent has just conducted successfully a preoperational surveillance.

If Driver is Looking for Information He Will Learn Much From Stop

• From the moment of approaching the perimeter, conversation with the guard and exiting the area he has quietly observed the perimeter security setup, the weapons the guards are using, how many guards are manning the gate, the manner in which the guard accosts a stranger, and what obstacles there can be in case the car is equipped with a bomb and has to force in through the gates.

Much Information Will Be Determined

• If the checkpoint is approached by a series of individuals they will be able to determine the extent of the security process.
• This provides them with the information to defeat your defenses.

Threat or Non Threat

• Hence from the force protection perspective the vehicle and the driver constitute a potential threat.
• Now the problem is the guard has no means to determine if this case is innocuous or not.

Information Details and Options

• There are options. The license details of the driver can be jotted down. The car details and license plate number can be taken.
• Offhand queries can be made. A listing can be made of all ‘’lost motorists’’.
• The information can be shared with the local police.

Additional Surveillance

• If it is found out the same driver has turned up at other installations with the same story, well we have a case of pre-operational surveillance and with the jotted information in hand steps can be taken.
• But still the case is rare as there are several instances of genuine lost motorists.

Everyone is Susceptible to Hostile Attacks and Intel Collection

• Whatever any installation together with its constituent personnel, their dependants, operations and information is susceptible to hostile attack and intelligence collection.
• CI elements must shield the installation from such intent by guarding the rear and vulnerable areas.

Anti Counterinsurgency

• CI should lend support to mobilization security, major records repositories, anti and counterinsurgency operations, rear operations, psychological operations, battlefield deception , operations security and C-SIGINT.