GLOBAL INTELLIGENCE

 
 WORLDWIDE ANYTIME ANYWHERE ANYWAY FIRST TO KNOW FIRST TO ACT

Introduction

Diplomatic consulting

Political consulting

Second citizenship and residence permit

International lobby

Case studies in investigating espionage publicized and judicialized

Case studies in investigating espionage publicized and judicialized

Introduction to intelligence

Intelligence

Human intelligence

Signal intelligence

Imagery intelligence

Counterintelligence

Hybrid warfare

Asymmetric warfare

Electronic warfare

False flag operations

Privacy policy

blog

Contact

 



 

 

COUNTERINTELLIGENCE

 

Secret action taken by a country to prevent another country from discovering its military, industrial, or political secrets...

 

All the functions of counterintelligence derive from the nature and resultant activities of the adversary. For an imaginary example, let us suppose that country "X" is conducting espionage against country "Y" The latter's counterintelligence service discovers that country "X" has changed its system for communicating with its agents in country "Y." Until recently it had done so through couriers who left and picked up messages written in secret ink and concealed in dead drops. Now most of the agents are sending and receiving coded radio messages. The result will be the creation or sudden strengthening of a group in the defending counterintelligence service which will intercept messages, conduct electronic direction finding, try to break codes, capture radio operators and play them back, and so forth.

Generally speaking, the function of the internal counterintelligence service is to protect the lawfully constituted government against concealed attack, The government has other defenders to deal with open aggression; the CI service is properly concerned only with hostile clandestine and covert activity. Clandestine activity is that which the enemy tries to conceal totally. It usually takes the form of espionage, counterespionage, subversion, or—much more rarely—sabotage. Covert activity is not fully concealed; in fact, it is likely to take the form of a newspaper article or radio broadcast, or even terrorism, for which the widest possible publicity is sought. What the enemy tries to hide in this type of action is his sponsorship or other involvement. The goal of the CI service is to learn everything it can about these two kinds of inimical action, and therefore about the people carrying out the action, without letting these persons become aware that the service is acquiring such information. Only by making available to the government information about its enemies which is complete enough to include all essentials and which was acquired secretly, so that the enemies remain unwarned, can the counterintelligence service do the task for which it was created and designed.

Counterintelligence is both an activity and its product. The product is reliable information about all those enemies of a country who attack it by stealth. Some of these enemies are professional intelligence officers and the agents who serve them. Others act under cover to promote subversion or insurrection rather than espionage or counterintelligence. Still others may be non-Communists or anti-Communists who employ the same underground tactics to try to take by stealth and force what they cannot gain through winning the open allegiance of a free people.

As an activity, counterintelligence consists of two matching halves, security and counterespionage. Security consists basically of establishing passive or static defenses against all hostile and concealed acts, regardless of who carries them out. Counterespionage requires the identification of a specific adversary, a knowledge of the specific operations that he is conducting, and a countering of those operations through penetrating and manipulating them so that their thrust is turned back against the aggressor.

Certain pre-conditions must exist if a domestic counterintelligence service is to be effective. Once these prerequisites are at hand, the service can develop a capability to carry out its functions. The functions, in turn, determine the structure of the service.

The primary pre-condition is that the service must be established by law as an element of the central government. If its existence is not based on law, its opponents will attack it openly or clandestinely, and eventually they will weaken and even destroy it. If it has a legal basis but is not a governmental entity, its position is little better; it cannot survive indefinitely.

The service must be an element or arm of the executive branch of the government. The executive may, at its own discretion, permit the legislature a degree of insight into the service and its work. But it ought not to permit any measure of legislative control, because if does so, the service will be unable to protect the secrets which it is legally charged with shielding. It will lose control of these secrets, partly because too many will know them for effective security. In addition, to the extent that they have control, legislators may try to use it for factional rather than national purposes. The service will stand in danger of becoming enmeshed in passing political struggles and of suffering internal splits and dissensions which mirror the factionalism of the political world.

The chief of the service must have direct access to the chief executive. The latter may interpose a person or group between himself and the chief of service for the conduct of routine business. But if the service is competent, it will from time to time obtain critical security information which must go directly to the chief executive for reasons of both efficiency and security. The need for direct access may arise infrequently, and a wise chief of service will exercise prudence in seeking it. The right to direct access, however, should be explicit and unquestioned.

The central office, or headquarters, of the service will need regional offices, except in a very small country. These regional offices should, by law or service regulation, be subordinate to the headquarters. If regional offices are autonomous or nearly so, the service can function only through the slow process of coordination and persuasion. The timing of counterintelligence operations is frequently dictated by the initiatives of the adversary or prompted by anticipating these initiatives. The delays which inevitably result from arguments about jurisdiction and pleas for voluntary cooperation would result in so many lost opportunities that the result would be a mounting heap of failures. The degree of centralization is something else again. Democratic nations rightly distrust any domestic service which wields anything even distantly approaching the power of a Gestapo or of the KGB inside the USSR.

We are here primarily concerned with the kind of internal counterintelligence service which does not have police functions and which therefore conducts appropriate coordination with the police. Sometimes, however, the two functions are blended. Many police forces have a special branch employing much the same equipment and techniques as those used by a counterintelligence service, and in some countries the special branch is the sole counterintelligence service. Under such circumstances, however, it is important that the special branch personnel be as adept in counterintelligence as in countering crime, and that they recognize the significant difference between the two. This is a difference in targets and timing rather than methods.

The Cl specialist is waging a secret war against hostile foreign intelligence services and against concealed subversion, whether it is directed by a foreign government, the international Communist movement, a local Communist Party, or any other internal or external foe. The specialist in police work is waging a war against crime. The two specialties merge when hidden hostile activity is also criminal, or when the criminal activity is concealed and directed against the country itself. When this is not the case, when the criminal is not a clandestine agent or the spy is not committing a crime, the differences between counterintelligence and police work are sharper. The duty of the police officer, for example, is to arrest a culprit as soon as possible. The counterintelligence officer, on the contrary, will usually prefer not to show his hand until he has all the information he can get. Or he may conceal his knowledge, even when all relevant facts have been dug out, in order to mislead his adversaries, to manipulate them with or without their knowledge, and thus to make their efforts serve his ends.

Whether the counterintelligence service should have police powers, as distinct from police duties, is moot. Generally it will not need them unless and until the spies and subversives who constitute most of its targets commit an illegal act, at which point the police can be called in to act as the executive arm if the counterintelligence service so chooses. Some executive powers are very useful to a counterintelligence service. Among these are the rights to take evidence under oath, to require citizens to give testimony which is not self-incriminatory, and to subpoena witnesses. Obtaining and using such powers may, however, arouse public resentment, and the price may be too high. A counterintelligence service in a free land needs the respect and support of the citizenry, which will fear and hate any internal service that uses dictatorial tactics or that acquires a reputation for doing so. Therefore, even if the law of the land allocates certain police powers to the internal service, they should be used very sparingly, never merely for convenience, and only when a failure to employ them would probably have grave consequences for the national security.

The director of the service may or may not have arbitrary powers of employment. The law may, for example, prescribe that the service will employ civil service regulations or procedures, including those governing hiring. The director may be barred from employing certain classes of personnel: known security risks, sexual deviates, criminals, etc. All such restrictions would do no significant damage if applied to the hiring of staff personnel. But the director must have the arbitrary power to refuse employment to a seemingly qualified applicant and to discharge an employee without publicly stating the cause. These provisions are essential to the security of the service. The director also needs the right to stipulate certain legally binding conditions not ordinarily imposed. Among these are the obligations of the employee to submit to physical search of his person or of objects which he wishes to carry from the place of employment, to keep secret all information about his duties even after employment ends, to submit to the service for advance clearance the text of any speech or manuscript intended for public release, and to report promptly and in detail any contacts, official or personal, which are potentially or actually damaging to the security of the service. It does not suffice to list such principles merely in internal service regulations which lack legal force. The director must have effective sanctions at his disposal.

If extant law does not include the equivalent of an official secrets act, the director will be well-advised to consider the desirability and feasibility of getting such legislation on the books. It is probable that his charter will charge him with protecting classified information, as well as methods and sources. But he may not be able to do so if any journalist or other private person who comes into possession of classified information can with impunity make it public.

The internal counterintelligence service should not be a military organization or part of one unless the principles of organization and management outlined above can be followed. In most instances, it would be difficult to do so because, in any military agency, the intelligence and counterintelligence components are quite properly subordinate elements serving the purposes of command. The service, on the other hand, should be solely and exclusively concerned with national counterintelligence. Its personnel should be professionals expected to devote their careers to the work.

Other departments and agencies of the government will also be custodians of national secrets. The security of these other components is therefore a matter of national counterintelligence concern, especially if they have representatives abroad. However, the managerial and operational responsibility for this kind of security should not be assigned to the internal CI service. Each government element should be responsible for its own departmental security. One reason is that a department so charged is likely to maintain higher standards and morale among its employees. Moreover, maintaining an effective watch over the security of the installations, personnel, and activities of other departments and agencies would be sure to exceed the capability of even a very large internal service.

It does not follow, however, that the service has no part to play here. On the contrary, it must try to establish high, uniform standards of security for all. It must provide advice and training to others. It should also keep them appropriately informed about hostile clandestine capabilities, personnel, and intentions. It ought to receive detailed reports from any department or agency which suffers security damage, collate this information, and draw conclusions. It should maintain a central registry of all non-overt operatives used by other departments and agencies, to prevent fraud and working at cross-purposes. It should also establish and keep current another kind of central file, containing information about known and suspected spies and subversives in the service of adversaries and about their superiors. In short, it needs to be kept fully informed about what friend and foe are doing and to play a central, coordinating role in the national intelligence community. But it does not play the part of policeman for the community.

The service will rely upon clandestine methods to obtain its information about the adversary for the reason already given: to keep him from knowing what it knows. It will therefore need an operations branch, which consists of specialists in clandestine methods. One element of the operations branch should be concerned with planning future operations. That part of counterintelligence which is essentially security work will be timed, for the most part, in response to adversary initiative. For example, a hostile service tries to recruit a local citizen as an agent; a microphone is discovered in the foreign ministry; or a pro-Communist radio broadcast is suspected of having been instigated by the KGB. Responses to these kinds of challenge cannot be planned in advance. Counterespionage, on the contrary, secures the initiative for the CI service and is therefore the activity with which the plans group is chiefly concerned. It also plans for non-CE opportunities that will inevitably arise from adversary initiative or by chance, from deception operations, for example, or an unexpected walk-in. Finally, the plans group should be available for consultation with any national service planning an espionage (or other non-CI) operation and wishing to avail itself of counterintelligence expertise in planning for the security of the operation at the outset.

Under the command of the chief of operations there should also be a group concerned with technical services. Counterintelligence relies heavily upon the various forms of surveillance. Foot surveillance teams may need radio equipment, purchased or built by the technical services group. The same is true for vehicular surveillance. All audio operations, microphone or transmitter, require equipment and expertise. It may for instance be useful to have a double agent record a conversation with an opposition case officer. Similarly, clandestine photography is often used in counterintelligence work. A technical capability to monitor all kinds of clandestine communications, including radio, and to analyze suspicious documentation, is also essential. Moreover, countering the technical attack of adversary services is a separate, though closely related, specialty.

The CI service, accordingly, will need a group of scientific experts capable of understanding all the technical equipment used in modern CI, to the point of building such equipment if it is not available or cannot be bought securely; of installing and maintaining it; of training others in its use; and of anticipating needs through a research and development program. An able technical services group is just as important in an agrarian country as in a complex, highly developed nation, because the adversary will press the technological attack regardless of the environment. The group is logically subordinate to the chief of operations because technology and operations should go hand-in-hand. An independent technical group responsive only to the chief of the service might too easily lose touch with pragmatic operational needs. Placing the chief of operations in charge of the technical services group will ensure that this does not happen, and that he becomes familiar with the help that science can provide and stays abreast of current developments.

No national CI service can afford to be wholly dependent upon cooperative foreign services for the acquisition of counterintelligence abroad, nor can it wait until the enemy is inside the nation's frontiers before it begins to study him. The solution is the recruitment of certain carefully chosen citizens, from government or outside it, who spend significant amounts of time in Communist countries. These persons are likely to have contact with the C1 services of such countries of temporary residence: diplomats who have social contact, for example, or industrialists in whom a Communist service might reasonably be expected to take an operational interest. Such persons must be carefully screened before recruitment. Normally, they are told to remain passive, neither accepting nor rebuffing hostile offers on their own but reporting approaches immediately and following instructions thereafter. The CI service may also arrange to have one of its members stationed in each of the maim embassies of its country, as security officer or in some other suitable post. Such representation is valuable for the conduct of liaison with other counterintelligence services and also for investigations conducted in areas where the home country is especially vulnerable to clandestine attack. Direct representation abroad will, however, create difficulties for an internal counterintelligence service unless there is careful planning and meticulous prior coordination with other national elements represented in the same country—the foreign service, for example, and certainly the foreign ministry. Care must also be taken not to offend the host service or government.

Persons in the first category (recruits rather than staff members of the service) should be important enough so that the adversary service will take them seriously and assign senior personnel to recruiting and managing them, but they should not usually have access to important national secrets unless that access can be concealed indefinitely from the adversary.

The operations branch should also have an operating group with separate sub-groups allocated upon either a geographical or a functional basis. This branch runs the operations: surveillance and countersurveillance, penetrations, provocations, double-agent operations, technical and counter-technical operations, counterintelligence interrogations and debriefings, handling of walk-ins and defectors, joint operations with liaison, and so on. It is the largest component of the service. If the country and its service are large, it is suggested that a geographic organization will prove preferable, because this kind of structure will permit appropriate grouping of language skills and area knowledge.

If the service is small or has few language and area specialists at its command, a functional arrangement may be better. In this event the operations branch will need a minimum of four groups or subgroups, for counter-espionage, counter-subversion, counter-propaganda, and operational security. Thus, counter-espionage conducts all operations directed against hostile foreign services engaging in positive or counterintelligence activity in the country. Counter-subversion carries out all operations aimed against subversive activity; its principal target will be the local Communist party and international Communism. Counter-propaganda will monitor and control those propaganda activities directed from concealment against the national interests by foreign services or by local or foreign Communist parties. The key words here are "from concealment." If the sponsorship of a propaganda attack is openly acknowledged, the government can deal with it openly. But if sponsorship is concealed, the government must depend upon its CI service to ferret it out and expose it, suppress it, or otherwise manipulate it so that it cannot harm the national interest.

Finally, operational security works closely with the plans group and with other operational elements to ensure that the service's clandestine activity is properly hidden from the outset and stays that way.

The second unit may be called Research, Records, and Reports (111111). The CI service must grow in knowledge and capability; it is the function of the RRR component to see that it does so. As more and more is learned about the adversaries, the information is funneled into RRR, where it is organized, studied, recorded systematically, filed and retrieved, and used to produce the finished counterintelligence which Operations needs in order to work intelligently. RRR is not, however, restricted to close operational support. Operations writes case reports; RRR writes summary reports based on case reporting, but it also writes strategic as well as tactical papers. It moves from the KGB officer (who is the subject of operational reporting) to the Soviet Embassy (tactical reporting) to a finished compilation of what the service knows about the Soviet services (strategic reporting). Moreover, as the result of such studies, RRR becomes the promulgator of counterintelligence doctrine. Scrutinizing the enemy's successes and failures, as well as the triumphs and mistakes of its own service, it is in a position to discern and express underlying principles.

From this generalizing activity, additional functions flow in the areas of training and regulations. Some services make training an autonomous or semi-autonomous function, headed by a director who reports more or less directly to the chief of the service. The disadvantage is that under such an arrangement training tends to grow isolated both from the operational context (that is, the living or recent operations conducted by the service) and the immediacy of doctrine (the constant learning from experience). Incorporating training into RRR creates an organic rather than an architectural structure. The life blood of operations and the living bones of doctrine thus become natural parts of the body of training.

The service needs internal rules, and these are best when they are a codification of doctrine. It is possible to write up internal service regulations abstractly, on a basis of what seems theoretically desirable, but such regulations tend to be legalistic, bureaucratic, and arbitrary. One desirable aim is to issue as few regulations as possible, to keep them simple in both language and intent, and to derive them, like laws, from experience and probabilities in the real world rather than upon theories and remote possibilities. Placing the regulations group in the RRR Branch will help to ensure an unblocked flow and transformation from operational facts to collated facts to underlying and unifying concepts to a body of coherent doctrine. RRR will, of course, check out draft regulations with the office of the Legal Advisor and other interested elements of the service.

The service will of course have a central collection of files or archives. If the service is large or growing, its holdings are also likely to be large or growing. Deciding what raw information should be destroyed and what kept, how it should be indexed and filed, how best to retrieve it, who shall have access to it, and all the related questions are matters peculiarly within the province of the RRR Branch. Accordingly, it should have the files or central library group under its jurisdiction.

The remaining parts of RRR, like certain elements of operations, can be organized geographically or functionally. Whichever kind of organization was chosen for operations, it is desirable to match it in RRR. If the structure is geographic and there is a USSR group in operations, it is helpful if there is also a USSR group in RRR. If the structure is functional, then only two more RRR groups may suffice, a research and collation group and a studies group. The former receives all raw and finished counterintelligence coming from operations, from other elements of the service, from liaison, and from any other sources. From this flow of mixed information it sorts out the various subjects into separate holdings. It forwards to operations and other service elements useful counterintelligence which those elements did not themselves produce. It also produces raw or immediate CI reports of significance for the chief of service, for other national services, other departments and agencies of the government, and for liaison exchange. It endeavors to assure that these reports have a uniform format. Finally, the research group maintains controls on dissemination and sources of its reports. The studies group produces finished counterintelligence.

The third major component is the security branch. As has been said, the security of operations is itself an operational function and is therefore assigned to the operations unit. The remaining elements of security are the responsibility of the security branch. These include the security of methods and sources, physical security, and security of personnel.

The Source Records and Control Group maintains the records of all non-staff personnel formerly or currently employed by the service. An officer of the service who plans the recruitment of a source submits to this group all available information about the potential recruit, and the group checks other service and governmental files as appropriate. It passes the results to the personnel security group if investigation of the prospective agent is indicated. If any other department or agency of the government, in addition to the national counterintelligence service, recruits and directs clandestine or covert assets, the personnel security group receives from the department or agency concerned prior notification of intent to recruit. On this basis it maintains an interdepartmental or government-wide roster of agents and can thus give notice if one department plans recruitment of a person already employed by another, of any derogatory information, and of other contraindications.

The physical security group is responsible for fences, floodlights, guards, passes, safes, and the like, and the personnel security group conducts background investigations of potential staff and agent personnel. It also conducts investigations of any employee suspected of serving a hostile service as a penetration or of otherwise jeopardizing the security of the service.

The functions of the liaison branch were mentioned earlier. It may be useful to divide it into two groups, one concerned with domestic liaison (relationships with other elements of its own government), the other with liaison with foreign services.

The service needs a minimum of four other offices: those of the inspector general, the chief of administration and personnel, the legal advisor, and the public affairs officer.

The inspector general has two main functions, in addition to routine inspection. One is to prevent or detect abuse of the service by the employee: theft, falsified reporting for personal gain, abuse of official status for personal motives, and the like. The second is to prevent or detect abuse of the employee by the service. Any staff employee who believes that he has been treated unjustly and who has unsuccessfully sought redress through normal channels should have the right of access to the inspector general or a member of his office, and no punitive action should result if he avails himself of this right. If this avenue is not open, a frustrated employee can become highly dangerous to the security of the service. The office of the inspector general carries out its own investigations as necessary. The results are made available to no one outside the office except the chief of the service, who may at his discretion communicate them on a need-toknow basis to another service component. For example, if investigation undertaken by the inspector general on the basis of an employee's complaint should reveal insecure or disloyal conduct by the employee, the IG will pass this information to the chief of the security branch, who relays it to the chief of the personnel security group for action.

The office of the chief of administration and personnel handles the payroll, assignment of vehicles, vacation rosters, office equipment, promotions, and all similar matters.

The legal advisor and his staff maintain liaison with the legislative branch of the government if the chief executive wants such liaison to exist. The legal advisor's office reviews all service regulations before promulgation to ensure compatibility with law. It drafts, or cooperates in drafting, legislation not yet enacted but essential to the service. The legal advisor counsels the chief of service on legal matters, including the protection of sources and methods. He is also responsible for ensuring that counterintelligence cases can be turned over to the police without violation of the chain of evidence or other legal considerations and without security hazard to the service itself.

The public affairs officer is charged with maintaining essential public, non-governmental relationships. Private citizens who seek contact with the service because they believe that they have significant information—or for any other reason—are directed to this office. So are journalists, businessmen, and all other persons seeking non-official contact.

It is vital to national security that all significant counterintelligence obtained by governmental components other than the service, such as the armed forces, or by non-govemmental groups or private individuals, be funneled into the service, either through the liaison branch or through the public affairs office. This information is screened and collated by the research, records, and reports branch and entered into files as appropriate. In this way the central holdings become the national counterintelligence repository. Each department or agency, other than the service, which conducts liaison with one or more foreign intelligence or security services should provide the national CI service with enough information about each such liaison relationship so that the service knows at all times who is doing business with whom.

This paper has attempted to lay out the functions and structure of the internal counterintelligence service. The problems that the service faces are, of course, another matter: these will vary with the size of the country and its population, the amount of support accorded the service by its government and citizenry, the qualitative level of the service's personnel and equipment, the intensity and skill of the concealed attack by Communist intelligence services and parties, the effectiveness of liaison and liaison exchange conducted with other governmental departments and agencies and with foreign services, the legal mandate of the service, and many lesser factors. The counterintelligence service of a stable country with few disloyal citizens is plainly in a far more advantageous position than is a service in a land in which revolutionary sentiment is widespread, the government is unpopular, and the opposition is nearly strong enough to resort to force or has already launched guerrilla war. Whatever the problems and their gravity, any counterintelligence service can deal with them more effectively if it manages to combine two seemingly antithetical qualities: patience and aggressiveness.

CI work is laborious and involves frustrations which, if not met patiently, will incline the service to hasty action, such as an abrupt declaration that a Soviet intelligence officer is persona non grata, or the quick arrest of a single spy. The service which has identified a spy or his handler has taken the first big step. If it patiently studies such people, it may in time be able to control them, not merely suppress their activity, which is then resumed by unidentified successors. But patience by itself leads to the acquisition of counterintelligence for its own sake, a grave error. All counterintelligence, in principle, should be used as a basis for counteraction. The questions are, what kind of action and when? Neither question can be answered until the last piece of pertinent information is at hand.

The effectiveness of counterintelligence in the free world is crucially important to all of us. As in the past, intelligence and CI services properly continue to serve national ends. Yet the skilled cooperation of the non-Communist services in all areas of common interest is of growing importance. It is hoped that the facts and ideas discussed in this paper will contribute in some small measure both to internal or national capabilities and to our capacity for international cooperation.

Why does counterintelligence factor so much in COIN missions? Firstly insurgents place a very high emphasis on the usage of informants, double agents, reconnaissance, surveillance, open source collection of media and imagery. Thus it could well be that we have sources who have switched loyalties or who may be working for both the parties with little or no loyalty to the government. We must locate these individuals who are a threat to operational security. Secondly insurgents resort to counter-surveillance. They hide among the local populace, use couriers to transfer money, intelligence and orders to run their ops

.
Another definition is CI both ‘information gathered’ and ‘activities conducted’ in order to ‘protect against espionage, other intelligence activities, sabotage or assassination conducted on behalf of foreign powers, organizations or persons, or international insurgent activities but not including personnel, physical documents or communications security’. In order to neutralize hostile intent CI conducts various activities such as acquiring information about plans , operations and capabilities of those organizations whose intent is subversion.CI informs policy. It aids military commanders and allied agency heads to take effective decisions. We don’t have a clear doctrine on CI.It is the most misunderstood , most sensitive arcane intelligence discipline. But it performs the very important function of protecting the intelligence cycle.


Counterintelligence is both an activity and its product. The product is reliable timely information about enemy/foreign intelligence organizational structure , the personnel profile , the operations of the enemy/foreign intelligence service and how they recruit personnel both from outside and insiders. To this end ‘’counterintelligence intelligence collection’’ activities are conducted. It is an organization too as it consists of personnel with specialized skills to whom are allocated various functions , which after proper execution an information database is created which provides knowledge to decision makers.

Summing up CI is in a way different from all other intelligence disciplines. Intelligence seeks to acquire information through collection methods wherein the result is not the objective but in CI collection activities enemy intent is always in the horizon.. and activities.. both offensive and defensive are conducted to neutralize this intent or to exploit the enemy itself to our advantage.

Counterintelligence interacts with other intelligence disciplines such as SIGINT and IMINT to locate hostile entities and also to acquire knowledge about the capabilities and targeting of hostile SIGINT/IMINT.CI is multidisciplinary. It is different from security in that like security it does not only seek to implement defensive measures but also to aggressively target hostile intent. One of these offensive CI operations is Deception. Deception ops are designed at senior echelon levels such as Command. The CI body/unit executes the deception operation. Just as tactical military intelligence supports combat ops , similarly CI must support deception ops.
CI is not policing. Once a crime is committed the law enforcement authorities resort to arrest of the perpetrator so as to prosecute him as per law. But a CI agent has no arrest authorities. All these doctrinal differences make it more difficult to promulgate a clear CI doctrine.


The CI functions include collection of all information about the activities and the organization itself of the enemy intelligence service. To this end source operations and clandestine methods are resorted to. The analytical component of CI holds significant importance because accurate analysis predicates CI operations designed to defeat hostile intent and also conduct exploitation ops to our advantage .


Infiltration/penetration and deception operations , to name a few are the offensive operations resorted to by the CI body. A specialized function is the evaluation of defectors and debriefing of returned defectors. There are also defensive operations designed to protect installations/personnel/information and formal security programs.
Protecting secrets High up on its priority list CI has information protection.CI attempts to ensure that classified information doesn’t fall into the hands of unauthorized users such as foreign agents /foreign intelligence service (physical security part of CI) and also making certain that all those people who do have access to sensitive information , say due to ‘’need to know’’ authority or by virtue of portfolio in the intelligence deptt.—these people are protecting that information from being accessed.

Here I used the term “CI attempts to ensure’’ as no amount of security controls can ever guarantee that the employee will observe the rules. Lapses will and do happen. Lapses which may be involuntary or voluntary with multiple intent scenarios ..ranging from yearning for self-sufficiency in terms of wealth etc. to disgruntled officials. If an official has the authorization to access sensitive information we must accept the fact that the information can also be compromised.
To prevent this from happening and thus protect the intelligence information (or in a larger context the intelligence cycle itself) the intelligence organization resorts to psychological / behavioral evaluation/monitoring and profiling those personnel who have a propensity for betrayal. But the former evaluation techniques are below 100% accuracy thus leading to the recruitment of personnel who have intent to do harm. As for the latter profiling method those personnel who are adept in evading detection remain out of scrutiny and more resources are wastefully allocated in profiling the wrong person. Hence I had earlier stated that no amount of security control or vetting can ensure 100% information protection. We have to live with this risk and CI primary function is to resort to all available means so as to minimize this risk.


Counterintelligence force protection source operations Attacks against military and related facilities are a very real threat, as demonstrated by the Naxalite attack against CRPF personnel in Chattisgarh's Dantewada district and many others.


On April 6, Naxalites had killed 75 CRPF personnel and a police officer also succumbed in the massacre. We must have a doctrine for protecting our facilities and conserving the potential of our forces. Insurgents deliberately attack the forces -- for example in the rear to destroy camps, housing, support units and ammunition dumps with the intent to undermine the fighting potential and morale of the troops and loot and destroy its ordnance and weapons simultaneously.


This is a grave threat and needs to be addressed. Counterintelligence, like it protects the intelligence services it also provides the necessary intelligence to combatant commanders for force protection. Standard intelligence disciplines all provide relevant intelligence but very less or no HUMINT relevant to counterintelligence.
Yes we incorporate standard physical security measures but that is not sufficient for force protection. It is never a substitute for protection gained through intelligence. Moreover physical security can never override the value of counterintelligence. It is only HUMINT collected by intelligence and counterintelligence agencies that function as the indications and warning provider with respect to insurgent and other force protection threats. As such Source Operations are conducted by the counterintelligence units and casual or incidental sources such as listed below are screened and debriefed/interrogated:
1. walk-ins and write-ins (individuals who volunteer information)
2. unwitting sources (any individual providing useful information to counterintelligence, who in the process of divulging such information may not know they are aiding an investigation)
3. defectors and enemy prisoners of war (EPW)
4. interviewees (individuals contacted in the course of an investigation)
5. official liaison sources.
NEED FOR CI DOCTRINE & CI ARCHITECTURE AT TACTICAL/OPERATIONAL LEVELS
Doctrine guides the employment of military forces, and shapes how military professionals “think about the use of the military instrument of national power”. Army doctrine details a basic understanding of the tactics , techniques and procedures to be employed to support combat requirements. Air Force doctrine provides commanders and their staffs a basic understanding of how various Air Force organizations can be used to meet or support combat requirements.
INDIA historically lacked comprehensive CI doctrine. This lack of doctrine has resulted in confusion, and hampered the ability of Force commanders to use CI to improve force protection efforts.


Force protection efforts must be threat driven. Vulnerabilities should be identified , the corresponding threats identified and then protective measures are put in place. To this end MI and CI play a very important role. This should be the basis for the creation of a comprehensive CI doctrine.


“CI is the systematic acquisition of information concerning espionage, sabotage, insurgency, and related foreign activities conducted for or on behalf of foreign nations, entities, organizations, or persons and that are directed against or threaten our military interests.


To this end a variety of HUMINT sources , like walk ins , casual sources , defectors , official sources , liaison contacts , recruited sources are employed by CI elements. CI collections and investigations lead to a repository of information on threats.


Thereafter by cueing other intelligence disciplines and using all source analysis a complete picture of the threat is obtained. Thus we reach our main objective—the precise warning of hostile attack and we also identify the probable targets of the attack and the time of attack. In a nutshell CI usage of HUMINT is the first line of defense.
We can categorize the threats based on intent. This can be incorporated in the force protection doctrine. Hence we can allocate HUMINT resources in an appropriate manner without any duplication or wastage.


Type 1 can be criminal activity geared towards army bases ,Type 2 can be penetrative reconnaissance and sabotage operations , and Type 3 can be major land , amphibious , air and missile attacks. Thus commanders can tailor defensive actions compatible with the type of attack. Mission of CI can be clearly defined , objectives stated and qualitative/quantitative protocols in collection efforts underscored.


Keeping each type of attack in perspective and with the notion of CI as ‘’looking inwards’’ in mind we can identify the critical areas of installations, and implement security measures. At the same time we can launch aggressive CI operations to frustrate enemy intelligence collection efforts.


It is true that a multidisciplinary intelligence approach is effective to thwart enemy collection efforts but CI and force security measures play key roles.+To neutralize/destroy enemy intent we need CI to the fullest capacity.


Other intelligence disciplines can be cued but CI is top priority. To identify our vulnerabilities we must resort to counterintelligence. Intelligence is looking outward but CI is looking inward. Intelligence collection is not concerned with the end result but counterintelligence is concerned with the ‘’intent’’ of collection.CI should always be on an aggressive footing. We need a comprehensive CI doctrine detailing all of these and more.


We should bear in mind that this era is not exclusively the era of conventional combat. Asymmetric warfare is the order of the day. Insurgents take years to plan an operation. They conduct extensive pre-operation surveillance , they have their own counterintelligence networks and this long period justifies the employment of intelligence and CI .


The CI department should tackle the type 1 , 2 and 3 threats.CI cells should come into existence and should be staffed with HUMINT , SIGINT and IMINT elements. Priority should be on analysis of threat intelligence. MI should be particularly in charge of analysis of Type 3 threats.


Elements from Special task forces , explosive ordnance disposal, medical , operations and communications should also staff the CI cells. The CI elements should fortify their collection and investigation capabilities. They should maintain a threat database which will include the structure and capabilities of foreign intelligence services , details of insurgent organizations and timeline of attacks perpetrated by them and also criminal enterprises because it is well established that insurgents and criminals share information and resources.


This database should be continually updated. The intelligence information contained in this database should be readily available on request. Included in this database should be latest physical security measures , details of explosive ordnance effects—all contributed by specialists. All source intelligence should be further fused in with the intelligence contained in the database.


The CI analytical cell should not only produce daily threat summaries but also act as an I&W system. It should receive worldwide inputs of insurgent developments as well as national cases. It should interface with civil intelligence agencies through liaison methodology thus updating threat information.


The unit CI cells should be extrapolated to the creation of similar cells at all major commands which will focus on the respective area of responsibilities. These cells would produce threat and vulnerability assessments.
In addition to these functions these CI cells should be ready to be deployed to support major exercise and contingency deployments.


These CI cells will facilitate the formulation of the commanders information requirements as the dissemination of intelligence products to the latter will heighten his perception of the situation , also these cells can communicate two way with the collectors on the ground from parallel intelligence units thus achieving coordination between different intelligence disciplines. Investigative leads and operational opportunities result from all these efforts.
We need to have a force protection intelligence doctrine, strengthen it, define the role of MI in force protection efforts and priotize collection and analysis of intelligence on force protection threats. We need a robust HUMINT capability supported by CI—the optimum integration of both is the need of the hour. We have the LU , CI and IFSU but still we lack a viable HUMINT mission. Whatever HUMINT we have is afforded by these units directly or indirectly and we must use this to the fullest potential to counter force protection threats.


To improve the HUMINT capabilities MI should assign additional resources. Duplication resulting from the efforts of the MI constituents need to be removed and the respective roles clarified. Duplication creates confusion and wastage of resources. We must have a comprehensive CI doctrine. The CI units should be staffed with more personnel , both in major cities/foreign areas and in collection activities. Analysis of force protection intelligence should be properly delegated to CI cells and to this end CI Analytical cells should be dispersed at Army Headquarters and major commands.


The Army Head Office (AHO) exercises technical control, review, coordination and oversight of CI controlled activities. a. Will execute a system of review of CI activities , ensure compliance and proper accounting. Will have direct control over an investigation, task the CI elements , provide guidance to operational and investigative CI activities and if necessary refer the CI activity to a sub-office. But the Head office assumes full and direct control. Monitor the management of case files and other records storage and retrieval system , processing of these and transfer to the repository , maintaining the quality assurance of investigative reports, monitor source ops and CE projects, ensure liaison activities with other agencies are properly conducted with optimum exchange of information and dissemination of information falling under their purview in a timely manner and approve or disapprove CI case summaries.


The Sub offices will coordinate technical direction and tasking from the head office , monitor all CI activities writhing its area of operation and provide feedback to the head office , conduct CI investigations tasked to it by the head office , and also those that it assumes worth taking up , excepting those investigations directly controlled by the head office , ensure proper dissemination to end users as well as the head office and ensure the accuracy , compliance with CI policy of all CI reporting. Briefing commanders and intelligence officials. Liaising with external agencies and disseminating information to them that falls under their purview.

The foreign intelligence service conducts intelligence collection about our forces and hostile attack. Herein comes the very important concept of force protection. They target defense personnel , resources , activities and critical information.CI support to force protection involves actions to prevent or mitigate hostile actions against these entities. It should be noted that the military police functions are not adequate to cover the security of these entities –CI support is a must. In a deployable situation the enemy targets the vulnerable rear positions and the support elements Hence security is beefed up where troops are housed , dependendants and other personnel are made aware of the threat—this is where the CI elements are active.The military police and allied elements take stock of the situation in the army area but are less aware of the ground situation ‘’outside the fence’’. Hence recourse is made to establish contact with civil intelligence agencies and local police for updates on any threat intelligence in the proximity of the base. Moreover the military police have no jurisdiction outside the base. Strengthening the physical defences is one way to prevent the application of hostile intent but what is more important is enemy pre-operational surveillance activities. But the difficulty is that these activities are innocuous.


Let’s take an example to illustrate the point. A vehicle approaches the gate of a military camp. On being questioned by the guard on duty the driver says he had no intention to turn up there—he had made a wrong turn. Now this is an acceptable excuse and further interrogation may not help. The driver is instructed to leave the area. Fine. It is equally possible he is saying the truth. But consider the situation where the threat index in the area is high and hence from the force protection perspective the driver who can equally well be an insurgent has just conducted successfully a preoperational surveillance.


From the moment of approaching the perimeter , conversation with the guard and exiting the area he has quietly observed the perimeter security setup , the weapons the guards are using , how many guards are manning the gate , the manner in which the guard accosts a stranger , and what obstacles there can be in case the car is equipped with a bomb and has to force in through the gates. Hence from the force protection perspective the vehicle and the driver constitute a potential threat. Now the problem is the guard has no means to determine if this case is innocuous or not.
There are options. The license details of the driver can be jotted down. The car details and license plate number can be taken. Offhand queries can be made. A listing can be made of all ‘’lost motorists’’. The information can be shared with the local police. If it is found out the same driver has turned up at other installations with the same story , well we have a case of pre-operational surveillance and with the jotted information in hand steps can be taken. But still the case is rare as there are several instances of genuine lost motorists.


Whatever any installation together with its constituent personnel , their dependents , operations and information is susceptible to hostile attack and intelligence collection.CI elements must shield the installation from such intent by guarding the rear and vulnerable areas.CI should lend support to mobilization security , major records repositories , anti and counterinsurgency operations , rear operations , psychological operations , battlefield deception , operations security and CSIGINT.


INSURGENT COUNTERINTELLIGENCE
The leaders of an insurgent movement must constantly anticipate and be prepared to thwart efforts by established authority to acquire information about their organization and activities.
It is known that the success of the Irish revolutionists was in direct relation to the operational achievements of their security chief, Michael Collins, who made it his job to know in advance what the British were going to do. His strategy relied on gaining direct, personal access to metropolitan police records. He was so highly skilled and successful in his strategy that he was able to get the original of a report from the police of the districts. The thoroughness with which Collins worked his intelligence system enabled the I. R. A. to know what its enemy was thinking and often what the enemy proposed to do and on what information they based their action, and the identity of their sources. This is counterintelligence activity.


The importance of a sterling counterintelligence strategy is highlighted in a handbook prepared by an instructor of Castro's Sierra Maestra guerrillas, General Alberto Bayo. In his handbook, counterintelligence activity is thorough lyassessedin the questions and answers he devised for guerrillas. In his opinion a counterintelligence agent was of greater value than 50 machineguns as an agent could work among the security forces while providing feedback on their intelligence and plans.


The insurgent organization's counterintelligence and security program must be able to withstand the threats posed by established governmental authority as well as that represented by other multiple factors. The insurgent organization has many real and potential foes such as competitive dissident groups, the unilateral interests of third-country sponsors, sympathizers, and foes, and even disaffected members of its own organization.
Information is vital and is the armor of the organization. It gains valuable information of those that seek to penetrate or compromise it. It must concern itself not only with an enemy's deliberate efforts but with contingencies of all kinds—some weak or careless act of an insurgent, an unannounced curfew or document check, the compromise of a courier, or a natural disaster. Segmentation Public recognition is most desired by the leaders of an insurgency as they believe this would strengthen their cause and objectives.


They use propaganda to promote themselves in large communities and hold public rallies. They prepare for and expect the backlash that accompanies these rallies as the urban police and security forces are usually out in their numbers and get copies of their flysheets and pamphlets. They do not hide in the shadows as they are eager to be heard and talked about in the market place. They further their “popularity” by claiming the achievements of competitive groups when these earn public approval. They turn failure to advantage if it can serve to arouse the sympathy of the people, and promoting their martyrs to the cause of freedom.


This is the insurgents’ way of building its future and legacy by establishing abroad popular base. But there is a contradiction between the importance of security and this need for popularity as popularity would lead to infiltration of the ranks. Segmentation is practiced by separating overt from clandestine activities and minimizing the possibility of compromise for the secret cadres.


Because of the sensitive organizational knowledge held by an area coordinator, the fewer people who know his identity or even home address, the better his security and that of the groups for which he is responsible. "Street" and secret cells are established in both the city and the countryside but they are unaware of the identity of any member. Identities may be learnt only of those whose overt duties get their names into the papers. The identity of the secret coordinator is similarly unknown to the leader of a street cell; each is required to report separately to a central committee.
As protection against possible compromises among the secret cadres, cells have a limited number of persons in them which would enhance their mobility, reduce possible detection and strengthen the chain of command.
Security with Recruits These recruits most time lack discipline and sometimes can be disruptive to the goals of the organization. Assessment of the suitability of the recruit is necessary and instructors are brought to the training camps to work with them. The urgent task of a training cell coordinator is to satisfy himself about the reliability and resilience of a volunteer.


He tries to learn as much as possible about the man during the few hours he has him under observation. Might he really be working for the government? In any case can one trust him with secrets? With money? Or the lives of others? What is his motivation? The assessment acts as a defense against penetration by any would-be police recruit. Volunteers are thoroughly investigated and background checks are done to ensure their authenticity. The organization selects skilled individuals who use a variety of methods when conducting their investigations.
Small talk, gossip would provide the investigator with good leads and indicators of the character of the recruit. Then the investigator will report to his superiors and intensify his inquiry. His search for information is no less thorough than that of government investigators and more comprehensive. The insurgent organization has more at stake.


Communications Security
Communication is the key element in any secret activity. If intercepted the adversary could successfully cripple the organization. For this reason an insurgent organization must have arrangements whereby the movements of funds, material, instructions, and reports are highly protected. Numerous methods, such as personal contact, mail, newspaper advertisements, and couriers are used to ensure that communication is protected and sent safely. The organization is vigilant in its safeguarding of its communication channels. The use of codes and cover names are also used and these are frequently changed in order to reduce the chance of any penetration.
These precautions serve the insurgents in keeping a step ahead of the police or any hostile force. Insurgents generally avoid the use of mail for sensitive communications. They may send trivial messages by telephone or telegraph to signal the safe arrival of a member or to request a personal contact, but they prefer to keep in touch by courier. A courier can give reliable first-hand information as to the condition of his contact and can relay detailed instructions. The insurgents often use drops for the transmission of funds, instructions, or material. These drops may not be sophisticated, they may be as innocent as using a hole in a tree. As long as it serves to conceal the act of communication, any method which both parties will have normal access will be suitable.


Names and Identities
The insurgent organization, for its part, makes every effort to identify individual police officers, police informants, and hostile groups. It prepares lists of such individuals and informs its couriers and action units to avoid them. The organization prepares havens that are far away from areas that have security establishments. When there is a threat to one of its unit it would be instructed to move to that safe area. A courier is given the physical description of a security official operating on his route so that if he is caught he knows whether he is in the hands of security personnel or less dangerous adversaries.


Controls over Cadres
Strict travel restrictions are usually imposed on the cadres and couriers. They are warned against carrying documents which conflict with agreed cover stories. Prior planning involves getting receipts of food or items bought in a particular area as confirmation that the courier had been there or belongs to that region. Avoiding detection and detention is critical so couriers must at all times look and act the part that they play. Each member must know the movements and whereabouts of any other member of his unit. Any absence that cannot be explained or is considered suspicious is reported to the leader. Because it is known that each member is being watched and possibly reported on, members would tend to be more loyal and the unit is made secure. The insurgent leaders have a constant concern that their members could be recruited by the police. They cannot object to a suspect covering his movements and engaging in evasive practices that they themselves taught him as good security. They must therefore refine their controls and devise tests to continuously assess his reliability.
The all-important thing is reliability and honesty. The insurgent organization thrives on suspicion which then causes discontent among members. This vicious cycle would generate the expected traitor and the leaders would establish new levels of severity which further disgruntle the membership. At the same time, however, these restrictions and controls do make the life of an agent who manages to penetrate the group both difficult and hazardous, and his case officer must have a thorough knowledge of the protective tactics used by the dissident leaders.


The Uninvited
The insurgent takes measures to guard his camp or cell against those who come uninvited to the door. He extends a cautious welcome to any newcomer and examines the man's credentials with care. In the world of counterintelligence no one assumes he knows whom he is dealing with. When camp sentries intercept a newcomer they follow a prearranged reception plan. They usually take him to a site removed from the main camp and thoroughly question him about his background, reason for coming there and any connections that he may have to any member in the camp. Quick background checks are made with members of the command who might know the man. Clothing is given to the newcomer in exchange for what he wore. His clothes are checked for any evidence that can support who he says he is.
The guards who live with him at the processing camp make every effort to get him to talk freely. They talk about the area he came from, question him concerning his likes and dislikes, and comment on true and fictional personalities in his home village.Conversely, the guards avoid divulging anything that may provide valuable information about the organization to the man. They use their war names in conversation. They do not discuss other members of the group, their comings and goings, or their problems. The stranger is sent to another site while investigations continue into his background. As added precaution the camp is moved to a different location as it is considered compromised. Should investigations reveal that the man should not be trusted the camp chief will use his discretion in deciding the treatment of the suspect. A camp chief must always be alert and aware of his surroundings –are there neighboring dissidents who may be under surveillance. He cannot afford to be caught in a counterinsurgency sweep even though he may not be the target. If there are scientists or researchers in the area they may report his presence to the authority. The locals can cause him some amount of inconvenience as they may gossip and the authority gets valuable information. In anticipation of the eventualities alternative camp sites are prepared and ready for immediate disbanding of the group.


The Counterintelligence Organization
Prime responsibility for the success of the counterintelligence effort rests in the hands of the guerrilla chief and the area coordinator. The counterintelligence organization is responsible for the security of its personnel, assets, and activities. It has the resources to observe and report on hostile security organizations and competitive groups. It maintains appropriate records and isolates and interrogates hostile agents. Ordinary members of the organization are aware that there is a counterintelligence core but do not know the details of its make-up.
The counterintelligence personnel are concealed from the rank and file. The counterintelligence program usually includes lectures on security discipline, spot surveillance of personnel, and challenging tests of loyalty. Each cell appoints one of its members to the group who is then made responsible for enforcing the rules and reports violations to the cell chief.

The Tainted
It is of no surprise that the insurgent organization would be suspicious of members who have been recently released from prison. It immediately implements various security measures to protect itself from any likely threat that these members may cause. Many changes are made in the organization that would invalidate any knowledge that the imprisoned member might have. Connections to colleagues are severed, his family may be sent to another location and there are internal investigations to analyze the details of his arrest.
There are established procedures that the newly released member must obey, such as he should not write or try to contact his group but proceed to a designated point at a time set for this purpose. He faces further interrogation from the counterintelligence specialists who try to determine if he has “turned” or should be trusted.
Penetrations
Knowledge of one’s enemy is power and the insurgency gathers this knowledge by placing its informants as servants in the homes of police officers, in police clubs, or with other hostile personalities. The value of such plants is obvious. They can get useful information from dinner conversations or by answering the telephone in the absence of their master or by monitoring his mail. Money is another tool that is used by the insurgent to acquire informants. The insurgent organization does everything in its powers to counter espionage and disruptive efforts of opposing forces. All its efforts are designed to conceal and protect itself from hostile penetration. The strategy of counterintelligence - learning about the plans, personnel, operations, assets, and organization of its adversaries –is what is used to prepare itself to conquer its opponents.


The Pursuit of Detail
Information is always vital to the counterintelligence officer as he seeks to identify insurgents. He exhausts all channels and clues that would generate even the slightest bit of information. The telephone directories, military files, surveillance and investigators' reports, even testimony from priests and professors, prove to be gold mines of information to the counterintelligence officer. Both hard facts and potentially useful bits of gossip, speculation and even criticism, help to form at least a sketch of the kind of person who may be an insurgent. The counterintelligence officer would be able to glean an understanding of what motivates this kind of person and what role and function he has in the organization. The counterintelligence officer focuses his attention on the movements of the couriers of the insurgent organization. Couriers are usually in contact with persons who are at varying levels within the organization. Keen observation of the courier could provide insight into the insurgent’s immediate plans. An even more important target for the counterintelligence officer is the area coordinators, because their knowledge of the organization’s operation is accurate and at a high level. In-depth knowledge of the insurgent organization's physical and personnel assets can give some indication of its scope and operational prospects.


The Larger Picture
From interrogation reports the counterintelligence officer may get the location of safe sites abroad and the identities of foreign sympathizers. The counterintelligence officer is able to “connect the dots” within the insurgent’s organization. Funding channels are discovered and political connections and influence are made more obvious to the counterintelligence officer. With more solid information he can see clear patterns in incidents of bombing, kidnapping, assassination, and intimidation of police and private citizens. What are the results that the insurgent is trying to gain from such mayhem and confusion? Such incidents can provide indications of the imminence of larger, organized action

.
Records
The counterintelligence officer must securely, routinely and methodically record all the data and intelligence that he has uncovered. The information must be clearly constructed and stored so that it is easily understood and readily available when needed. All the details of persons who have come to his attention: their full name, alias if known, date and place of birth, address, occupation, and data pertinent to their dissident role, must be recorded in the file. His notes and cross-references must also be recorded in the file. More expansive personality files, including the subject's military and educational history, strength and weaknesses of character, position in the insurgent organization, and relationships with comrades and associates, are also created. No detail should be omitted or considered irrelevant. These records are the counterintelligence officer's working file, his tool for operations.


Control and Harassment
The established authority exercises its powers to control, restrain, or harass members of the insurgent organization. Without notice, the government can declare martial law and suspend constitutional guarantees. Such action would effectively deny the insurgents any opportunity to vent their views and draw attention to their movement.
Counterintelligence can also put added pressure on the insurgent organization by exploiting the arrest of individual members. Misleading press releases could be made to the public about the cooperation of some of the individuals with the police.
This would immediately raise suspicion about the individuals and upon their release their friends will interrogate them—perhaps to the government's ultimate advantage. By maligning the characters of individual leaders of the insurgency, further suspicion and discontent is generated within the lower levels of the insurgent organization. This can lead to a disruptive force within the organization that can potentially distract it as it tries to maintain its own control and focus. Suspicion can be intensified by counterintelligence if, for example, a police officer warmly greets this member in full view of his fellow dissidents. The target is then left to quell his friends' suspicions, to protest his ignorance of the reason for the greeting. And the target knows, even as he tries to protest his innocence, that a guerrilla can never explain having a friend who is the police.


Penetration
The Open Bid The counterintelligence officer needs useful, accurate information that can only be gained from within the insurgent’s ranks. Daring plans are made to gain entry into the enemy’s ranks. The counterintelligence officer would arrange to get arrested with the insurgents so that he would be accepted as one of them. While in lock-up he would make suggestions about how to escape, tries to protect them and guide them in how they should conduct themselves during interrogation. The other ways to gain inside sources would be to buy information from the hungriest member of the meanest cell. This person may rank very low on the information hierarchy but the counterintelligence officer must begin somewhere. Another way would be to sponsor articles in the press which describe the destructive, harmful activities, and constant threat posed by the insurgent organization and incidentally point out gaps in what is known about it. Readers having knowledge in these particular areas are urged to write the author. This action might not produce immediate results of great value but it is a seed planted that can bear future fruits. For someday an insurgent, leafing through old newspapers may discover the article, if he ever finds himself in a situation which gives him little hope for the future, he may remember this invitation and act.

.
The Volunteer
The counterintelligence effort can be considered successful when it gains willing defectors. In taking these steps a defector commits himself of his own volition as he takes time to develop or organize the information requested.
A defector may not necessarily be a great prize in terms of what he can give – he may have resigned himself to recovering what he can by selling the past. But unexpected rewards can be gained from a public plea for information.
By constantly provoking and riling up discontent within the insurgent’s organization, the counterintelligence officer can be hailed as the initiator of dissidence in the dissident organization. The counterintelligence officer’s tactics cause the young guerrilla to second-guess his decision to join the insurgent. He is gradually discouraged by the constant denigration of its leadership, provocations against its members, publicity for its noxious activities, offers of rewards for information about it, and the ever-increasing controls and suspicion it promotes. In time the young guerrilla will want to leave -and counterintelligence would have won.


The Penetration Agent
The value of a guerrilla who voluntarily offers his cooperation far outweighs that of the bought or seduced defector. Successful penetration of the dissidents' organization is dependent on the quality and trustworthiness of the agents that counterintelligence uses. The motivation of the agent must be understood and correctly aligned.
Selection of a potential agent is determined by such factors as their talents, employment location say a customs official, or a passport office employee. Such agents have to be briefed, prepared, and directed with the greatest care. In a longer-term process, agents are selected to just hang around in the known areas where dissidents gather without making any positive approach to join them. The agents should frequent the coffee shops they patronize and act sympathetic to their beliefs. In the course of time, an agent would be approached and is offered to join their organization. The agent should neither jump at the first offer they make nor delay his assent too long.


Recruiting in Place
Due to the fact that the insurgent organization is very diligent in screening uninvited persons who join their movement, the counterintelligence officer may choose to recruit a person already in place and avoid the hazards of trying to introduce an outsider. The counterintelligence officer must choose wisely and carefully as his success will depend on how accurately he selects and assesses the candidate. Extensive and exhaustive study must be made of a candidate's dossier in order to assess his strengths and weaknesses, his desires and needs. Does the candidate have access to the desired information and, most importantly, can he be persuaded to cooperate. Likely candidates can be found among dissidents who are under arrest.
These candidates are most promising while still suffering from the trauma of arrest and before news of it reaches the public. The counterintelligence officer presents reasonable arguments and inducements to win the man's cooperation. He promises him freedom, immunity from prosecution for past offenses, and the prospect of a bright future.
He can assure him that no one will know of his arrest or cooperation. Usually, the prisoner is disoriented, in shock and distress while under arrest. This makes him a ready target for a sympathetic and understanding approach. He is more susceptible and easier to be persuaded to become an agent and assist the government.


The Decoy
Another method of defeating the insurgent is to create a phony guerrilla group in the mountains or the city. This would weaken the insurgent’s organization as its members would defect in droves. The decoy group would now be engineered and manipulated to be the new popular movement, while all its members in fact are being contained by the counterintelligence officer. The counterintelligence officer has effectively created competition to the real insurgency, which cannot tolerate rival heroes, others' victories, and competitors for public favor. It must divert its effort and penetrate the new threat and bring all forces into its fold. This diversion can only weaken its real struggle against the government.


The Shadow Battle
The counterintelligence officer is constantly doing battle against the insurgents with his provocations, harassments and infiltrations. All aimed to distract and keep the insurgents off-balance and fighting amongst themselves. He initiates action against it to disrupt a particular undertaking, exploit information received from agents, or unnerve his opponents.
These are the tools that are available to the counterintelligence officer. Violence is futile as the insurgent organization survives on it. And so the counterintelligence officer must use mental tactics, secrets and valuable information to control, exploit and hopefully eradicate the insurgent. A carefully worked-out counterintelligence program is mundane and requires a lot of work. It produces no miracles but if given proper authority and power, it can yield great results in providing a harmonious society.



© 2003 Global Intelligence Inc. All rights reserved.