ESPIONAGE

Contents

1 Agent handling 11.1 Human intelligence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11.2 Case ocer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11.3 Agents, spotting, and recruitment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11.4 Training . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21.5 Communications Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21.6 See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21.7 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21.8 External links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

2 Asset (intelligence) 32.1 See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

3 Black bag operation 43.1 Use by the FBI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43.2 Use by the CIA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43.3 Use by other governments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43.4 See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43.5 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43.6 External links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

4 Black operation 64.1 Etymology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64.2 Reported examples of black operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64.3 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64.4 External links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

5 Clandestine cell system 85.1 History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

5.1.1 Provisional Irish Republican Army . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85.1.2 World War II French Resistance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85.1.3 National Front for the Liberation of South Vietnam . . . . . . . . . . . . . . . . . . . . . 9

5.2 Parallel organizations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95.3 External support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

i

ii CONTENTS

5.4 Models of insurgency and associated cell characteristics . . . . . . . . . . . . . . . . . . . . . . . 95.5 Classic models for cell system operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

5.5.1 Operations under ocial cover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105.5.2 Clandestine presence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115.5.3 Fault-tolerant cellular structures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

5.6 Non-traditional models, exemplied by al-Qaeda . . . . . . . . . . . . . . . . . . . . . . . . . . . 125.6.1 Infrastructure cells . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135.6.2 Operational cells . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145.6.3 Indirect support networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145.6.4 A possible countermeasure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

5.7 See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155.8 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155.9 External links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

6 Clandestine HUMINT 166.1 Legal aspects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166.2 Major HUMINT organizations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176.3 Penetrations of foreign targets by people loyal to their own country . . . . . . . . . . . . . . . . . . 17

6.3.1 Clandestine Reporting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176.3.2 Dangled Mole . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

6.4 Human sources who changed allegiance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186.4.1 Recruitment through Money . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186.4.2 Recruitment through Ideology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186.4.3 Recruitment through Compromise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196.4.4 Recruitment through Ego . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

6.5 Recruit Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196.5.1 Mole . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196.5.2 Double Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206.5.3 Multiply Turned Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

6.6 Support Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246.6.1 Couriers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246.6.2 Safehouses and Other Meeting Places . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246.6.3 Finance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

6.7 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266.8 External links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

7 Clandestine HUMINT and covert action 287.1 Historical background . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

7.1.1 United Kingdom prewar operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287.1.2 United States background . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

7.2 Surging additional capability for the Second World War . . . . . . . . . . . . . . . . . . . . . . . 297.2.1 United Kingdom World War II Operations . . . . . . . . . . . . . . . . . . . . . . . . . . 30

CONTENTS iii

7.2.2 United States World War II operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307.2.3 USSR World War II Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307.2.4 German World War II Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

7.3 Separate functions during peacetime? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 317.3.1 UK postwar change . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 317.3.2 US postwar change . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

7.4 Controversies remain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 347.5 Current operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

7.5.1 US doctrine and operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357.5.2 Afghanistan and US doctrinal conict . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357.5.3 Joint UK-US operations in Operation Desert Storm . . . . . . . . . . . . . . . . . . . . . 357.5.4 Russian operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367.5.5 Israeli operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367.5.6 French operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

7.6 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

8 Clandestine HUMINT operational techniques 388.1 Sta and Skills in a Clandestine HUMINT Operations Station . . . . . . . . . . . . . . . . . . . . 38

8.1.1 Station under diplomatic cover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388.1.2 Stations under ocial but nondiplomatic cover . . . . . . . . . . . . . . . . . . . . . . . . 398.1.3 Stations under non-ocial cover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 398.1.4 Support services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

8.2 Basic agent recruiting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 428.3 Basic agent operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

8.3.1 Training . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 438.3.2 Continued testing during operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 438.3.3 Operating the agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 438.3.4 Agent communications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 448.3.5 Termination . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

8.4 Special clandestine services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468.4.1 Agents of inuence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468.4.2 Strategic deception . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

8.5 Direct action services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478.6 See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 488.7 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

9 Concealment device 499.1 Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

9.1.1 Ammunition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 499.1.2 Books . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 499.1.3 Candles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 499.1.4 Cans and jars . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

iv CONTENTS

9.1.5 Coins . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 499.1.6 Diversion safe . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 509.1.7 Electrical outlet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 509.1.8 Painting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 509.1.9 Computers and consumer electronics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

9.2 See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 509.3 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

10 Cryptography 5110.1 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5110.2 History of cryptography and cryptanalysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

10.2.1 Classic cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5210.2.2 Computer era . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54

10.3 Modern cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5510.3.1 Symmetric-key cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5510.3.2 Public-key cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5610.3.3 Cryptanalysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5710.3.4 Cryptographic primitives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5810.3.5 Cryptosystems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58

10.4 Legal issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5910.4.1 Prohibitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5910.4.2 Export controls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5910.4.3 NSA involvement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5910.4.4 Digital rights management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6010.4.5 Forced disclosure of encryption keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60

10.5 See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6010.6 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6110.7 Further reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6210.8 External links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

11 Cut-out (espionage) 6411.1 Outside espionage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6411.2 See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6411.3 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64

12 Dead drop 6512.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6512.2 Modern techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6512.3 See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6512.4 Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6612.5 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6612.6 Further reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

CONTENTS v

13 Denial and deception 6713.1 See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6813.2 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68

14 Direct action (military) 6914.1 Risk factors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6914.2 Operational techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70

14.2.1 Inltration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7014.2.2 Attack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7014.2.3 Exltration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70

14.3 Examples of direct action missions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7014.3.1 Norwegian and SOE attacks on German heavy water production . . . . . . . . . . . . . . . 7014.3.2 Prisoner of war rescue raids in the Philippines . . . . . . . . . . . . . . . . . . . . . . . . 7114.3.3 Israeli raid on Soviet radar used by Egypt . . . . . . . . . . . . . . . . . . . . . . . . . . . 7114.3.4 Attempted prisoner of war rescue in North Vietnam . . . . . . . . . . . . . . . . . . . . . 7114.3.5 US prisoner in Panama rescued by Delta Force . . . . . . . . . . . . . . . . . . . . . . . . 7114.3.6 Killing of Osama bin Laden . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7214.3.7 Physical destruction of propaganda facilities . . . . . . . . . . . . . . . . . . . . . . . . . 72

14.4 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73

15 Eavesdropping 7415.1 Etymology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7415.2 Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7415.3 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7415.4 See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7515.5 External links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75

16 Espionage 7616.1 History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76

16.1.1 Ancient history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7616.1.2 Arabia during Muhammads era . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7616.1.3 Modern history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

16.2 Targets of espionage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7716.3 Methods and terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

16.3.1 Technology and techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7816.4 Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7816.5 Industrial espionage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7916.6 Agents in espionage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7916.7 Law . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8016.8 Use against non-spies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8016.9 Espionage laws in the UK . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

16.9.1 Government intelligence laws and its distinction from espionage . . . . . . . . . . . . . . . 81

vi CONTENTS

16.10Military conicts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8116.11List of famous spies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82

16.11.1World War I . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8316.11.2World War II . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8416.11.3 Post World War II . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

16.12Spy ction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8416.12.1World War II: 19391945 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8516.12.2 Cold War era: 19451991 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85

16.13See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8516.14References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8516.15Further reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8716.16External links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

17 False ag 8817.1 Use in warfare . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88

17.1.1 Naval warfare . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8817.1.2 Air warfare . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8817.1.3 Land warfare . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89

17.2 As pretexts for war . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9017.2.1 Russo-Swedish War . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9017.2.2 Second Sino-Japanese War . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9017.2.3 World War II . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9017.2.4 Cold War . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90

17.3 As a tactic to undermine political opponents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9117.3.1 Reichstag re . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9117.3.2 Project TP-Ajax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9117.3.3 2008 Kurcha incident . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92

17.4 Pseudo-operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9217.5 Espionage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9317.6 Civilian usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

17.6.1 Businesses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9417.6.2 Political campaigning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9417.6.3 Ideological . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

17.7 See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9417.7.1 Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9417.7.2 Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

17.8 Notes and references . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

18 Field agent 9718.1 See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9718.2 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

CONTENTS vii

19 Industrial espionage 9819.1 Competitive intelligence and economic or industrial espionage . . . . . . . . . . . . . . . . . . . . 9819.2 Forms of economic and industrial espionage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9819.3 Target industries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9819.4 Information theft and sabotage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9919.5 Agents and the process of collection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9919.6 Use of computers and the Internet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

19.6.1 Personal computers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9919.6.2 The Internet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10019.6.3 Opportunities for sabotage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10019.6.4 Malware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10019.6.5 Distributed denial of service (DDoS) attack . . . . . . . . . . . . . . . . . . . . . . . . . 100

19.7 History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10019.7.1 Origins of industrial espionage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10019.7.2 The 20th Century . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10119.7.3 The legacy of Cold War espionage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101

19.8 Notable cases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10119.8.1 France and the United States . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10119.8.2 Volkswagen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10119.8.3 Hilton and Starwood . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10219.8.4 GhostNet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10219.8.5 Google and Operation Aurora . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10219.8.6 CyberSitter and Green Dam . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10219.8.7 USA v. Lan Lee, et al. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10219.8.8 Dongxiao Yue and Chordiant Software, Inc. . . . . . . . . . . . . . . . . . . . . . . . . . 102

19.9 Concerns of national governments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10319.9.1 Brazil . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10319.9.2 United States . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10319.9.3 United Kingdom . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10319.9.4 Germany . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103

19.10See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10319.11References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10319.12Bibliography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10419.13External links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107

20 Intelligence assessment 10820.1 Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10820.2 Target-centric intelligence cycle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10920.3 See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10920.4 Further reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10920.5 External links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110

viii CONTENTS

21 Intelligence cycle management 11221.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112

21.1.1 Intelligence dened . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11221.1.2 Management of the intelligence cycle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11221.1.3 Planning and direction overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113

21.2 Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11321.2.1 National/strategic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11321.2.2 Military/operational . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114

21.3 Intelligence architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11421.3.1 Budgeting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11421.3.2 Policy factors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11521.3.3 Balancing law enforcement and national security . . . . . . . . . . . . . . . . . . . . . . . 11521.3.4 Public versus private . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115

21.4 Collection planning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11621.4.1 CCIRM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116

21.5 Issuance of orders and requests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11721.5.1 Prioritization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117

21.6 Other topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11721.6.1 Political misuse . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11721.6.2 Clandestine intelligence versus covert action . . . . . . . . . . . . . . . . . . . . . . . . . 117

21.7 Failures in the intelligence cycle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11821.8 Other cycles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118

21.8.1 Boyd OODA Loop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11821.9 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119

22 Interrogation 12022.1 Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

22.1.1 Suggestibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12022.1.2 Deception . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12022.1.3 Good cop/bad cop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12122.1.4 Pride-and-ego down . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12122.1.5 Reid technique . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12122.1.6 Mind-altering drugs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12122.1.7 Torture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121

22.2 Around the world . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12222.2.1 United Kingdom . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12222.2.2 United States . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12222.2.3 Inquisition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

22.3 Resistance training . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12322.4 Movement for increased recording of interrogations in the U.S. . . . . . . . . . . . . . . . . . . . 12322.5 See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12322.6 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

CONTENTS ix

22.7 External links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124

23 Non-ocial cover 12523.1 History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12523.2 Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12523.3 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12623.4 See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12623.5 External links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126

24 Numbers station 12724.1 Suspected origins and use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127

24.1.1 Identifying and locating . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12824.2 The Atencin spy case evidence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12824.3 Formats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12924.4 Transmission technology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12924.5 Interfering with numbers stations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130

24.5.1 Documented instances of interference to broadcasts . . . . . . . . . . . . . . . . . . . . . 13024.5.2 Attempted jamming of numbers stations . . . . . . . . . . . . . . . . . . . . . . . . . . . 130

24.6 Classication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13024.7 Recordings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13124.8 References in mass media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13124.9 See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13124.10References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13124.11Further reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13324.12External links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133

25 Ocial cover 13425.1 See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13425.2 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134

26 One-way voice link 13526.1 Historical context . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13526.2 See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135

27 Resident spy 13627.1 Types of resident spies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13627.2 Comparison of illegal and legal resident spies . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13627.3 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136

27.3.1 Cross-reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13727.3.2 Sources used . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137

27.4 Further reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137

28 Special reconnaissance 13828.1 History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138

x CONTENTS

28.2 A spectrum of reconnaissance capabilities: LRS and SR . . . . . . . . . . . . . . . . . . . . . . . 13928.3 Appropriate missions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139

28.3.1 Intelligence related missions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14028.3.2 Oensive missions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142

28.4 Operational techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14528.4.1 Inltration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14528.4.2 Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14528.4.3 Exltration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146

28.5 SR Communications-Electronics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14628.6 Reporting during and after the mission . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14728.7 Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14728.8 See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14828.9 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14828.10External links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149

29 Steganography 15029.1 History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15029.2 Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150

29.2.1 Physical . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15029.2.2 Digital messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15129.2.3 Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15229.2.4 Printed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15329.2.5 Using puzzles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153

29.3 Additional terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15329.4 Countermeasures and detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15329.5 Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154

29.5.1 Use in modern printers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15429.5.2 Example from modern practice . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15429.5.3 Alleged use by intelligence services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15429.5.4 Distributed steganography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15429.5.5 Online challenge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154

29.6 See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15429.7 Citations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15429.8 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15529.9 External links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155

30 Surveillance 15730.1 Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157

30.1.1 Computer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15730.1.2 Telephones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15830.1.3 Cameras . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15930.1.4 Social network analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160

CONTENTS xi

30.1.5 Biometric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16130.1.6 Aerial . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16130.1.7 Data mining and proling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16230.1.8 Corporate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16330.1.9 Human operatives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16330.1.10 Satellite imagery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16430.1.11 Identication and credentials . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16430.1.12 RFID and geolocation devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16430.1.13 Human Microchips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16530.1.14 Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16530.1.15 Postal services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166

30.2 Controversy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16630.2.1 Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16630.2.2 Opposition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166

30.3 Counter-surveillance, inverse surveillance, sousveillance . . . . . . . . . . . . . . . . . . . . . . . 16830.4 Popular culture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168

30.4.1 In literature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16830.4.2 In music . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16830.4.3 Onscreen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168

30.5 See also . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16930.5.1 United States government . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169

30.6 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17030.7 Further reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17330.8 External links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174

30.8.1 General information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17430.8.2 Historical information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17430.8.3 Legal resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174

30.9 Text and image sources, contributors, and licenses . . . . . . . . . . . . . . . . . . . . . . . . . . 17530.9.1 Text . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17530.9.2 Images . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18230.9.3 Content license . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187

Chapter 1

Agent handling

In intelligence organizations, agent handling is the man-agement of agents, principal agents, and agent networks(called assets) by intelligence ocers typically knownas case ocers.

1.1 Human intelligenceA primary purpose of intelligence organizations is to pen-etrate a target with a human agent, or a network of hu-man agents. Such agents can either inltrate the target,or be recruited in place. Case ocers are profession-ally trained employees of intelligence organizations thatmanage human agents and human agent networks. Intel-ligence that derives from such human sources is knownas HUMINT.Sometimes, agent handling is done indirectly, throughprincipal agents that serve as proxies for case ocers.It is not uncommon, for example, for a case ocer tomanage a number of principal agents, who in turn han-dle agent networks, which are preferably organized in acellular fashion. In such a case, the principal agent canserve as a cut-out for the case ocer, buering him orher from direct contact with the agent network.Utilizing a principal agent as a cut-out, and ensuring thatthe human agent network is organized in a cellular fash-ion, can provide some protection for other agents in thenetwork, as well as for the principal agent, and for thecase ocer in the event that an agent in the network iscompromised. Assuming that standard principles of in-telligence tradecraft have been strictly observed by theprincipal agent and the agents in the network, compro-mised agents will not be able to identify the case ocer,nor the other members of the network. Ideally, agentsmay work side by side in the same oce, and conducttheir clandestine collection activities with such discipline,that they will not realize that they are both engaged in es-pionage, much less members of the same network.Since an agent can sometimes identify his or her principalagent, however, or reveal information under interrogationthat can lead to the identication of a principal agent, theprotection provided by cellular network organization canbe time-sensitive.

If principles of intelligence tradecraft have not beenstrictly observed, it is also possible that compromisedagents can reveal information that exposes other mem-bers of the network. In the real world of espionage, hu-man lapses are very much the norm, and violations of theprinciples of tradecraft are common. It is for this reasonthat agents are ideally trained to resist interrogation for adened period of time.If an agent is able to resist interrogation for a dened pe-riod of time, the odds that other members of the networkcan be alerted to the compromise improve.

1.2 Case ocerA case ocer is an intelligence ocer who is atrained specialist in the management of agents and agentnetworks.[1] Case ocers manage human agents, and hu-man intelligence networks. Case ocers spot poten-tial agents, recruit prospective agents, and train agentsin tradecraft. Case ocers emphasize those elements oftradecraft which enable the agent to acquire needed in-formation, as well as to enable the case ocer to com-municate with and supervise the agent. Most of all, caseocers train agents in methods of avoiding detection byhost nation counter-intelligence organizations.

1.3 Agents, spotting, and recruit-ment

By denition, an agent acts on behalf of another,whether another individual, an organization, or a foreigngovernment. Agents can be considered either witting orunwitting, and in some cases, willing or unwilling. Agentstypically work under the direction of a principal agent ora case ocer. When agents work alone, and are not mem-bers of an agent network, they are termed singletons.The identication of potential agents is termed agentspotting (also termed talent spotting). Identifying po-tential agents, and investigating the details of their per-sonal and professional lives, involves the granular veri-cation of their bona des. Such activities can include

1

2 CHAPTER 1. AGENT HANDLING

uncovering personal details that leave potential agentsvulnerable to coercion, blackmail, or other inducements,such as sexual approaches.Approaches to potential agents can be multitudinous andconsiderable time can pass before the potential agent ismaneuvered into a position where a recruitment pitchcan be hazarded.

1.4 TrainingAgent training often includes techniques of trade-craft such as clandestine communications, includingcryptography, the use of one-time pads, the construc-tion of concealment devices, and the employment ofdead drops. Other elements of tradecraft include elici-tation, surveillance and countersurveillance, photographyand the emplacement of audio devices, sensors, or othertransmitters. Case ocers generally train agents one at atime, in isolation, including only those elements of trade-craft needed to penetrate the target at hand. Case ocerswill also teach agents how to develop cover for status,and cover for action, meaning how to establish crediblepretexts for their presence and behavior while engaged incollection activities. A well-trained and competent agentcan conduct his or her clandestine tasks while under closesurveillance, and still evade detection. More advancedagent training can include resistance to interrogation.

1.5 Communications MethodRandom e-mail IDs

1.6 See also Category:Spies by role Motives for spying

1.7 References[1] case ocer, thefreedictionary.com, retrieved 4 March

2009

1.8 External links Human Intelligence: From Sleepers to Walk-ins,Thomas Patrick Carroll, Syllabus, 5 September2006 24 October 2006many good denitionswith historic examples and timely discussion ofproblems; in outline form.

Chapter 2

Asset (intelligence)

In intelligence, assets are persons within organizations orcountries that are being spied upon who provide informa-tion for an outside spy. They are sometimes referred to asagents, and in law enforcement parlance, as condentialinformants, or 'CI' for short.There are dierent categories of assets, including peoplethat:

Willingly work for a foreign government for ideolog-ical reasons such as being against their government,but live in a country that doesn't allow political oppo-sition. They may elect to work with a foreign powerto change their own country because there are fewother ways available.

Work for monetary gain. Intelligence services oftenpay good wages to people in important positions thatare willing to betray secrets.

Have been blackmailed and are forced into theirrole.

Do not even know they are being used. Assets canbe loyal to their country, but may still provide a for-eign agent with information through failures in in-formation safety such as using insecure computersor not following proper OPSEC procedures duringday-to-day chatting.

2.1 See also Vetting

3

Chapter 3

Black bag operation

This article is about the espionage technique. For thecryptanalysis technique, see black-bag cryptanalysis. Forthe ctional character, see Black Bag. For the disposablebag used to contain garbage, see black bag (container).

Black bag operations (or black bag jobs) are covert orclandestine entries into structures to obtain informationfor human intelligence operations.[1] This usually entailsbreaking and entering into denied areas. Some of the tac-tics, techniques and procedures associated with black bagoperations are: lock picking, safe cracking, key impres-sions, ngerprinting, photography, electronic surveillance(including audio and video surveillance), mail manipula-tion (aps and seals), forgery, and a host of other relatedskills. The term black bag refers to the little black bagin which burglars carry their tools.[2] The CIA remainsresponsible for conducting these highly classied opera-tions overseas, while the Federal Bureau of Investigation(FBI) performs the exact same function inside the U.S.and its territories.[2]

3.1 Use by the FBI

In black bag operations, Federal Bureau of Investiga-tion (FBI) agents illegally entered oces of targeted in-dividuals and organizations, and photographed informa-tion found in their records. This practice was used by theFBI from 1942 until 1967. In July 1966, FBI Director J.Edgar Hoover ordered the practice discontinued.[3] Theuse of black bag jobs by the FBI was declared uncon-stitutional by the United States Supreme Court on 19 June1972 in the Plamondon case, United States v. U.S. Dis-trict Court, 407 U.S. 297. The FBI still carries out numer-ous black bag entry-and-search missions, in which thesearch is covert and the target of the investigation is notinformed that the search took place. If the investigationinvolves a criminal matter a judicial warrant is required;in national security cases the operation must be approvedby a secret body called the Foreign Intelligence Surveil-lance Court.[4]

3.2 Use by the CIAThe CIA has used black-bag operations to steal cryptog-raphy and other secrets from foreign government ocesoutside the United States. The practice dates back at leastas far as 1916.[2]

3.3 Use by other governmentsThe British, Israeli, Russian, and other intelligence agen-cies are known to use black-bag operations to steal se-crets. When the technique is used to obtain codes it maybe called Black-bag cryptanalysis.

3.4 See also

Black operation

COINTELPRO

3.5 References

[1] Tallinn government surveillance cameras reveal blackbag operation. Intelnews. 16 December 2008. Retrieved3 December 2012.

[2] The CIA Code Thief Who Came in from the Cold.matthewald.com. Retrieved 3 December 2012.

[3] Federal Bureau of Investigation - Freedom of InformationPrivacy Act

[4] Rood, Justin (15 June 2007). FBI to Boost Black BagSearch Ops. ABC News. Retrieved 3 December 2012.

Peter Wright. Spy Catcher: The Candid Autobiogra-phy of a Senior Intelligence Ocer. Penguin USA,1987. ISBN 0-670-82055-5.

4

3.6. EXTERNAL LINKS 5

3.6 External links Warrantless Surreptitious Entries: FBI Black BagBreak-ins And Microphone Installations

11 Terms Used by Spies at HowStuWorks arti-cle explaining espionage terminology

Chapter 4

Black operation

Black op and Black ops redirect here. For othermeanings, see Black Ops (disambiguation).

A black operation or black op is a covert operation by agovernment, a government agency, or a military organi-zation. This can include activities by private companiesor groups. Key features of a black operation are that it isclandestine, .. overtones, and it is not attributable to theorganization carrying it out.[1] The main dierence be-tween a black operation and one that is merely clandes-tine is that a black operation involves a signicant degreeof deception, to conceal who is behind it or to make itappear that some other entity is responsible ("false ag"operations).[2][3]

A single such activity may be called a black bagoperation";[1] that term is primarily used for covert orclandestine surreptitious entries into structures to obtaininformation for human intelligence operations.[4] Suchoperations are known to have been carried out by theFBI,[5] the Central Intelligence Agency,[6] Mossad, MI6,MSS, Research and Analysis Wing and the intelligenceservices of other nations.[4]

4.1 EtymologyBlack may be used as a generic term for any govern-ment activity that is hidden or secret. For example, someactivities by military and intel agencies are funded by aclassied "black budget, of which the details, and some-times even the total, are hidden from the public and frommost congressional oversight.[7][8]

4.2 Reported examples of black op-erations

In 2007 the Central Intelligence Agency declassi-ed secret records detailing illegal domestic surveil-lance, assassination plots, kidnapping, and inltra-tion and penetration of other black operations un-dertaken by the CIA from the 1950s to the early

1970s. CIA Director General Michael Hayden ex-plained why he released the documents, saying thatthey provided a glimpse of a very dierent timeand a very dierent agency.[9]

In May 2007 ABC News, and later the DailyTelegraph, reported that United States presidentGeorge W. Bush had authorized the CIA to under-take black operations in Iran in order to promoteregime change as well as to sabotage Irans nuclearprogram.[10][11] ABC News was subsequently criti-cized for reporting the secret operation, with 2008presidential candidate Mitt Romney saying he wasshocked to see the ABC News report regardingcovert action in Iran, but ABC said the CIA and theBush Administration knew of their plans to publishthe information and raised no objections.[12]

4.3 References[1] Smith, Jr., W. Thomas (2003). Encyclopedia of the Cen-

tral Intelligence Agency. New York, NY: Facts on File,Inc. p. 31. ISBN 0-8160-4666-2.

[2] Popular Electronics, Volume 6, Issue 26. Zi-Davis Pub-lishing Co., Inc. 1974, p. 267. There are three classi-cations into which the intelligence community ociallydivides clandestine broadcast stations. A black operationis one in which there is a major element of deception.

[3] Djang, Chu, From Loss to Renewal: A Tale of Life Experi-ence at Ninety, Authors Choice Press, Lincoln, Nebraska,p. 54. "(A black operation was) an operation in which thesources of propaganda were disguised or mispresented inone way or another so as not to be attributed to the peoplewho really engineered it.

[4] Tallinn government surveillance cameras reveal blackbag operation. Intelnews. December 16, 2008. Re-trieved 3 December 2012.

[5] Rood, Justin (June 15, 2007). FBI to Boost Black BagSearch Ops. ABC News. Retrieved 3 December 2012.

[6] The CIA Code Thief Who Came in from the Cold.matthewald.com. Retrieved 3 December 2012.

6

4.4. EXTERNAL LINKS 7

[7] Dirty Secrets Of The Black Budget"". Business Week.February 27, 2006. Retrieved June 12, 2012.

[8] Shachtman, Noah (February 1, 2010). Pentagons BlackBudget Tops $56 Billion. Wired. Retrieved June 12,2012.

[9] Tisdall, Simon (June 22, 2007). CIA to release cold war'black les". The Guardian. Retrieved June 7, 2012.

[10] Ross, Brian; Esposito, Richard (May 22, 2007). BushAuthorizes NewCovert ActionAgainst Iran. ABCNews.Retrieved June 7, 2012.

[11] Shipman, Tim (May 27, 2007). Bush sanctions 'blackops against Iran. The Telegraph. Retrieved June 7, 2012.

[12] Montopoli, Brian (May 23, 2007). ABC News ComesUnder Fire For Iran Report. CBS News. Retrieved Jan-uary 26, 2014.

4.4 External links

Chapter 5

Clandestine cell system

Sleeper cell redirects here. For other uses, see Sleepercell (disambiguation).

A clandestine cell structure is a method for organizing agroup of people in such a way that it can more eectivelyresist penetration by an opposing organization. Depend-ing on the groups philosophy, its operational area, thecommunications technologies available, and the nature ofthe mission, it can range from a strict hierarchy to an ex-tremely distributed organization. It is also a method usedby criminal organizations, undercover operatives, and un-conventional warfare (UW) led by special forces. Histor-ically, clandestine organizations have avoided electroniccommunications, because signals intelligence is a strengthof conventional militaries and counterintelligence organi-zations.In the context of tradecraft, covert and clandestine arenot synonymous. As noted in the denition (which hasbeen used by the United States and NATO since WorldWar II) in a covert operation the identity of the sponsor isconcealed, while in a clandestine operation the operationitself is concealed. Put dierently, clandestine meanshidden, while covert means deniable. The adversaryis aware that a covert activity is happening, but does notknow who is doing it, and certainly not their sponsor-ship. Clandestine activities, however, if successful, arecompletely unknown to the adversary, and their function,such as espionage, would be neutralized if there was anyawareness of the activity. Saying a "covert cell structureis tantamount to tautology, because the point of the cellstructure is that its details are completely hidden from theopposition.A sleeper cell refers to a cell, or isolated grouping ofsleeper agents that lies dormant until it receives ordersor decides to act.

5.1 History

5.1.1 Provisional Irish Republican Army

As opposed to the French Resistance, the modernProvisional Irish Republican Army (PIRA) has a history

going back to Irish revolutionary forces in the early 20thcentury, but has little external control. Its doctrine and or-ganization have changed over time, given factors such asthe independence of 26 of Irelands 32 counties, the con-tinued British control of Northern Ireland and the simplepassage of time and changes in contemporary thinkingand technology.[1]

Ocially, the PIRA is hierarchical, but, especially asBritish security forces became more eective, changedto a semiautonomous model for its operational and cer-tain of its support cells (e.g., transportation, intelligence,cover and security).[2] Its leadership sees itself as guid-ing and consensus-building. The lowest-level cells, typ-ically of 2-5 people, tend to be built by people with anexisting personal relationship. British counterinsurgentscould fairly easily understand the command structure, butnot the workings of the operational cells.The IRA has an extensive network of inactive or sleepercells, so new ad hoc organizations may appear for anyspecic operation.

5.1.2 World War II French Resistance

In World War II, Operation Jedburgh teams parachutedinto occupied France to lead unconventional warfareunits.[3][4] They would be composed of two ocers, oneAmerican or British, and the other French, the latterpreferably from the area into which they landed. Thethird member of the team was a radio operator.Especially through the French member, they would con-tact trusted individuals in the area of operation, and askthem to recruit a team of trusted subordinates (i.e., a sub-cell). If the team mission were sabotage, reconnaissance,or espionage, there was no need to meet in large units.If the team was to carry out direct action, often an un-wise mission unless an appreciable number of the localshad military experience, it would be necessary to assem-ble into units for combat. Even then, the hideouts of theleadership were known only to subcell leaders. The le-gitimacy of the Jedburgh team came from its known af-liation with Allied powers, and it was a structure moreappropriate for UW than for truly clandestine operations.

8

5.3. EXTERNAL SUPPORT 9

5.1.3 National Front for the Liberation ofSouth Vietnam

Also known as the Viet Cong, this organization grew fromearlier anticolonial groups ghting the French, as well asanti-Japanese guerillas during World War II.[5] Its com-mand, control, and communication techniques derivedfrom the experiences of these earlier insurgent groups.The group had extensive support from North Vietnam,and, indirectly, from the Soviet Union. It had parallelpolitical and military structures, often overlapping. SeeViet Cong and PAVN strategy and tactics.

A dual, but sometimes overlapping, Party and Military structurewas top-down

The lowest level consisted of three-person cells who op-erated quite closely, and engaging in the sort of self-criticism common, as a bonding method, to Communistorganizations.

5.2 Parallel organizationsThe NLF and PIRA, as well as other movements, havechosen to have parallel political and military organiza-tions. In the case of the NLF, other than some individualswith sanctuary in North Vietnam, the political organiza-tion could not be overt during the Vietnam War. Afterthe war ended, surviving NLF ocials held high oce.In the case of the PIRA, its political wing, Sinn Fin, be-came increasingly overt, and then a full participant in pol-itics. Hamas and Hezbollah also have variants of overtpolitical/social service and covert military wings.The overt political/socialcovert military split avoided theinexibility of a completely secret organization. Once anactive insurgency began, the secrecy could limit freedomof action, distort information about goals and ideals, andrestrict communication within the insurgency.[6] In a splitorganization, the public issues can be addressed overtly,while military actions were kept covert and intelligencefunctions stay clandestine.

5.3 External supportMany cell systems still receive, with due attention to se-curity, support from the outside. This can range fromleaders, trainers and supplies (such as the Jedburgh assis-tance to the French Resistance), or a safe haven for overtactivities (such as the NLF spokesmen in Hanoi).External support need not be overt. Certain Shi'a groupsin Iraq, for example, do receive assistance from Iran, butthis is not a public position of the government of Iran, andmay even be limited to factions of that government. EarlyUS support to the Afghan Northern Alliance against theTaliban used clandestine operators from both the CIA andUnited States Army Special Forces. As the latter conictescalated, the US participation became overt.Note that both unconventional warfare (UW) (guerrillaoperations) and foreign internal defense (FID) (coun-terinsurgency) may be covert and use cellular organiza-tion.In a covert FID mission, only selected host nation (HN)leaders are aware of the foreign support organization. Un-der Operation White Star, US personnel gave covert FIDassistance to the Royal Lao Army starting in 1959, be-came overt in 1961, and ceased operations in 1962.

5.4 Models of insurgency and asso-ciated cell characteristics

While dierent kinds of insurgency dier in where theyplace clandestine or covert cells, when certain types of in-surgency grow in power, the cell system is deemphasized.Cells still may be used for leadership security, but, if overtviolence by organized units becomes signicant, cells areless important. In Maos three-stage doctrine,[7] cells arestill useful in Phase II to give cover to part-time guerillas,but, as the insurgency creates full-time military units inPhase III, the main units are the focus, not the cells. TheEighth Route Army did not run on a cell model.When considering where cells exist with respect to theexisting government, the type of insurgency needs to beconsidered. One US Army reference was Field Manual100-20, which has been superseded by FM3-07.[8] Draw-ing on this work, Nyberg (a United States Marine Corpsocer) extended the ideas to describe four types of cellsystem, although his descriptions also encompass types ofinsurgencies that the cell system supports.[9] At present,there is a new type associated with transnational terroristinsurgencies.

1. Traditional: the slowest to form, this reects a prin-cipally indigenous insurgency, initially with limitedgoals. It is more secure than others, as it tends togrow from people with social, cultural or family ties.The insurgents resent a government that has failed to

10 CHAPTER 5. CLANDESTINE CELL SYSTEM

recognize tribal, racial, religious or linguistic groupswho perceive that the government has denied theirrights and interests and work to establish or restorethem. They seldom seek to overthrow the govern-ment or control the whole society; however, they fre-quently attempt to withdraw from government con-trol through autonomy or semiautonomy. The Mu-jahideen in Afghanistan and the Kurdish revolt inIraq illustrate the traditional pattern of insurgency.al-Qaeda generally operates in this mode, but if theybecome strong enough in a given area, they maychange to the mass-oriented form.

2. Subversive: Usually driven by an organization thatcontains at least some of the governing elite, somebeing sympathizers already in place, and others whopenetrate the government. When they use violence,it has a specic purpose, such as coercing voters,intimidating ocials, and disrupting and discredit-ing the government. Typically, there is a politicalarm (such as Sinn Fin or the National LiberationFront) that directs the military in planning carefullycoordinated violence. Employment of violence isdesigned to show the system to be incompetent andto provoke the government to an excessively violentresponse which further undermines its legitimacy.The Nazi rise to power, in the 1930s, is another ex-ample of subversion. Nazi members of parliamentand street ghters were hardly clandestine, but theoverall plan of the Nazi leadership to gain controlof the nation was hidden. A subversive insurgencyis suited to a more permissive political environmentwhich allows the insurgents to use both legal and il-legal methods to accomplish their goals. Eectivegovernment resistance may convert this to a critical-cell model.

3. Critical-cell: Critical cell is useful when the po-litical climate becomes less permissive than onethat allowed shadow cells. While other cell typestry to form intelligence cells within the govern-ment, this type sets up "shadow government" cellsthat can seize power once the system is destroyedboth by external means and the internal subversion.This model ts the classic coup d'etat,[10] and of-ten tries to minimize violence. Variants includethe Sandinista takeover of an existing governmentweakened by external popular revolution. Insur-gents also seek to inltrate the governments institu-tions, but their object is to destroy the system fromwithin. Clandestine cells form inside the govern-ment. The use of violence remains covert untilthe government is so weakened that the insurgencyssuperior organization seizes power, supported bythe armed force. One variation of this pattern iswhen the insurgent leadership permits the popu-lar revolution to destroy the existing government,then emerges to direct the formation of a new gov-ernment. Another variation is seen in the Cuban

revolution[11] and is referred to as the foco (or Cubanmodel) insurgency. This model involves a single,armed cell which emerges in the midst of degenerat-ing government legitimacy and becomes the nucleusaround which mass popular support rallies. The in-surgents use this support to establish control anderect new institutions.

4. Mass-oriented: where the subversive and covert-cell systems work from within the government, themass-oriented builds a government completely out-side the existing one, with the intention of replac-ing it. Such insurgents patiently construct a base ofpassive and active political supporters, while simul-taneously building a large armed element of guer-rilla and regular forces. They plan a protracted cam-paign of increasing violence to destroy the govern-ment and its institutions from the outside. They havea well-developed ideology and carefully determinetheir objectives. They are highly organized and ef-fectively use propaganda and guerrilla action to mo-bilize forces for a direct political and military chal-lenge to the government. The revolution that pro-duced the Peoples Republic of China, the AmericanRevolution, and the Shining Path insurgency in Peruare examples of the mass-oriented model. Once es-tablished, this type of insurgency is extremely di-cult to defeat because of its great depth of organiza-tion.

5.5 Classic models for cell systemoperations

Dierent kinds of cell organizations have been used fordierent purposes. This section focuses on clandestinecells, as would be used for espionage, sabotage, or theorganization for unconventional warfare. When uncon-ventional warfare starts using overt units, the cell sys-tem tends to be used only for sensitive leadership andintelligence roles.[7] The examples here will use CIAcryptonyms as a naming convention used to identifymembers of the cell system. Cryptonyms begin with atwo-letter country or subject name (e.g., AL), followedwith an arbitrary word. It is considered elegant to have thecodemerge with the other letters to form a pronounceableword.

5.5.1 Operations under ocial coverStation BERRY operates, for country B, in target coun-try BE. It has three case ocers and several support of-cers. Espionage operation run by case ocers underdiplomatic cover, they would have to with the basic re-cruiting methods described in this article. Case ocerBETTY runs the local agents BEN and BEATLE. Caseocer BESSIE runs BENSON and BEAGLE.

5.5. CLASSIC MODELS FOR CELL SYSTEM OPERATIONS 11

Representative diplomatic-cover station and networks

Some recruits, due to the sensitivity of their position ortheir personalities not being appropriate for cell leader-ship, might not enter cells but be run as singletons, per-haps by other than the recruiting case ocer. AssetBARD is a dierent sort of highly sensitive singleton,who is a joint asset of the country B, and the country iden-tied by prex AR. ARNOLD is a case ocer from thecountry AR embassy, who knows only the case ocerBERTRAM and the security ocer BEST. ARNOLDdoes not know the station chief of BERRY or any of itsother personnel. Other than BELL and BEST, the Stationpersonnel only know BERTRAM as someone authorizedto be in the Station, and who is known for his piano play-ing at embassy parties. He is covered as Cultural Attache,in a country that has very few pianos. Only the personnelinvolved with BARD know that ARNOLD is other thananother friendly diplomat.In contrast, BESSIE and BETTY know one another, andprocedures exist for their taking over each others assetsin the event one of the two is disabled.Some recruits, however, would be qualied to recruittheir own subcell, as BEATLE has done. BESSIE knowsthe identity of BEATLE-1 and BEATLE-2, since he hadthem checked by headquarters counterintelligence beforethey were recruited. Note that a cryptonym does not im-ply anything about its designee, such as gender.

5.5.2 Clandestine presence

The diagram of initial team presence shows that twoteams, ALAN and ALICE, have successfully entered anarea of operation, the country coded AL, but are onlyaware of a pool of potential recruits, and have not yet ac-tually recruited anyone. They communicate with one an-other only through headquarters, so compromise of oneteam will not aect the other.Assume that in team ALAN, ALISTAIR is one of the of-cers with local contacts, might recruit two cell leaders,ALPINE and ALTITUDE. The other local ocer in the

Initial team presence by 2 separate clandestine teams with no of-cial cover

team, ALBERT, recruits ALLOVER. When ALPINErecruited two subcell members, they would be referredto as ALPINE-1 and ALPINE-2.ALPINE and ALTITUDE only know how to reach AL-ISTAIR, but they are aware of at least some of other teammembers identity should ALISTAIR be unavailable, andthey would accept a message from ALBERT. Most often,the identity (and location) of the radio operator may notbe shared. ALPINE and ALTITUDE, however, do notknow one another. They do not know any of the mem-bers of team ALICE.The legitimacy of the subcell structure came from the re-cruitment process, originally by the case ocer and thenby the cell leaders. Sometimes, the cell leader would pro-pose subcell member names to the case ocer, so thecase ocer could have a headquarters name check runbefore bringing the individual into the subcell. In princi-ple, however, the subcell members would knowALPINE,and sometimes the other members of the ALPINE cellif they needed to work together; if ALPINE-1 andALPINE-2 had independent assignments, they might notknow each other. ALPINE-1 and ALPINE-2 certainlywould not knowALISTAIR or anyone in the ALTITUDEor ALLOVER cells.As the networks grow, a subcell leader might create hisown cell, so ALPINE-2 might become the leader of theALIMONY cell.

5.5.3 Fault-tolerant cellular structuresModern communications theory has introduced methodsto increase fault tolerance in cell organizations. In thepast, if cell members only knew the cell leader, and theleader was neutralized, the cell was cut o from the restof the organization. Game theory and graph theory havebeen applied to the study of optimal covert network de-sign (see Lindelauf, R.H.A. et al. 2009. The inuenceof secrecy on the communication structure of covert net-

12 CHAPTER 5. CLANDESTINE CELL SYSTEM

Clandestine teams have built initial subcells

works. Social Networks 31: 126-137).If a traditional cell had independent communications withthe foreign support organization, headquarters might beable to arrange its reconnection. Another method is tohave impersonal communications side links betweencells, such as a pair of dead drops, one for Team ALANto leave lost contact messages to be retrieved by TeamALICE, and another dead drop for Team ALICE to leavemessages for Team ALAN.These links, to be used only on losing contact, do notguarantee a contact. When a team nds a message inits emergency drop, it might do no more than send analert message to headquarters. Headquarters might deter-mine, through SIGINT or other sources, that the enemyhad captured the leadership and the entire team, and or-der the other team not to attempt contact. If headquarterscan have reasonable condence that there is a communi-cations failure or partial compromise, it might send a newcontact to the survivors.When the cut-o team has electronic communications,such as the Internet, it has amuch better chance of eludingsurveillance and getting emergency instructions than byusing a dead drop that can be under physical surveillance.

5.6 Non-traditional models, exem-plied by al-Qaeda

Due to cultural dierences, assuming the al-QaedaTraining Manual[12] is authentic, eastern cell structuresmay dier from the Western mode. Al-Qaidas minimalcore group, only accounting for the leadership, can alsobe viewed topologically as a ring or chain network, witheach leader/node heading their own particular hierarchy.Such networks function by having their sub-networksprovide information and other forms of support (themany-to-one model), while the core group sup-plies truth and decisions/directions (the one-to-many

model). Trust and personal relationships are an essen-tial part of the Al-Qaida network (a limiting factor, evenwhile it provides enhanced security). Even while cellmembers are trained as replaceable units, vetting ofmembers occurs during the invited training period underthe observation of the core group.[13]

Cells of this structure are built outwards, from an internalleadership core. Supercially, this might be likened to aWestern cell structure that emanates from a headquarters,but the Western centrality is bureaucratic, while struc-tures in other non-western cultures builds on close per-sonal relationships, often built over years, perhaps involv-ing family or other in-group linkages. Such in-groups arethus extremely hard to inltrate; inltration has a seriouschance only outside the in-group. Still, it may be possiblefor an in-group to be compromised through COMINT or,in rare cases, by compromising a member.The core group is logically a ring, but is superimposedon an inner hub-and-spoke structure of ideological au-thority. Each member of the core forms another hub andspoke system (see infrastructure cells), the spokes leadingto infrastructure cells under the supervision of the coregroup member, and possibly to operational groups whichthe headquarters support. Note that in this organization,there is a point at which the operational cell becomes au-tonomous of the core. Members surviving the operationmay rejoin at various points.

Core group, with contact ring and ideological hierarchy

Osama, in this model, has the main responsibility of com-manding the organization and being the spokesman onpropaganda video and audio messages distributed by thepropaganda cell. The other members of the core eachcommand one or more infrastructure cells.While the tight coupling enhances security, it can limitexibility and the ability to scale the organization. Thisin-group, while sharing tight cultural and ideological val-ues, is not committed to a bureaucratic process.Members of the core group are under what could betermed 'positive control'long relationships and similarmindsets make 'control' not so much of an issue, but thereare distinct roles, and position (structural, nancial, spir-itual) determines authority, thus making the core group a

5.6. NON-TRADITIONAL MODELS, EXEMPLIFIED BY AL-QAEDA 13

hierarchy topologically.[13]

In the rst example of the core, each member knows howto reach two other members, and also knows the mem-ber(s) he considers his ideological superior. Solid linesshow basic communication, dotted red arrows show therst level of ideological respect, and dotted blue arrowsshow a second level of ideological respect.If Osama, the most respected, died, the core would re-constitute itself. While dierent members have an indi-vidual ideological guide, and these are not the same for allmembers, the core would reconstitute itself with Richardas most respected.Assume there are no losses, and Osama can be reacheddirectly only by members of the core group. Members ofouter cells and support systems might know him only asthe Commander, or, as in the actual case of al-Qaeda,Osama bin Ladens face is recognizable worldwide, butonly a few people know where he was or even how tocontact him.

5.6.1 Infrastructure cellsAny clandestine or covert service, especially a non-national one, needs a variety of technical and adminis-trative functions. Some of these services include:[13]

1. Forged documents and counterfeit currency

2. Apartments and hiding places

3. Communication means

4. Transportation means

5. Information

6. Arms and ammunition

7. Transport

Other functions include psychological operations, train-ing, and nance.A national intelligence service[14] has a support organi-zation to deal with services such as nance, logistics, fa-cilities (e.g., safehouses), information technology, com-munications, training, weapons and explosives, medicalservices, etc. Transportation alone is a huge function, in-cluding the need to buy tickets without drawing suspicion,and, where appropriate, using private vehicles. Financeincludes the need to transfer money without coming un-der the suspicion of nancial security organizations.Some of these functions, such as nance, are far harder tooperate in remote areas, such as the FATA of Pakistan,than in cities with large numbers of ocial and unocialnancial institutions, and the communications to supportthem. If the nancial oce is distant from the remoteheadquarters, there is a need for couriers, who must be

trusted to some extent, but they may not know the con-tents of their messages or the actual identity of senderand/or receiver. The couriers, depending on the balanceamong type and size of message, security, and technologyavailable, may memorize messages, carry audio or videorecordings, or hand-carry computer media.

Core group and infrastructure cells; military cells in training

These cells are socially embedded (less so than thecore group, however), structurally embedded, function-ally embedded (they are specialized into a domain), andknowledge base-specic (there does not seem to be agreat deal of cross-training, or lateral mobility in the orga-nization). Such cells are probably subjected to a mixtureof positive and negative control (do this, do these sortsof things, dont do that).[13]

The leaders of military cells are responsible for trainingthem, and, when an operation is scheduled, selecting theoperational commander, giving him the basic objectiveand arranging whatever support is needed, and then re-lease him from tight control to execute the meeting. De-pending on the specic case, the military leaders mighthave direct, possibly one-way, communications with theircells, or they might have to give Kim the messages to betransmitted, by means that Anton and Hassan have noneed to know.Note that Anton does not have a direct connection toKim. Under normal circumstances, he sacrices e-ciency for security, by passing communications requeststhrough Hassan. The security structure also means thatHassan does not know the members of Antons cells, andKim may know only ways to communicate with them butnot their identity.Kim operates two systems of cells, one for secure com-munications and one for propaganda. To send out a pro-paganda message, Osama must pass it to Kim. If Kimwere compromised, the core group might have signicantproblems with any sort of outside communications.Terrorist networks do not match cleanly to other cell sys-tems that regularly report to a headquarters. The apparental-Qaeda methodology of letting operational cells decideon their nal dates and means of attack exhibit an oper-ational pattern, but not a periodicity that could easily be

14 CHAPTER 5. CLANDESTINE CELL SYSTEM

used for an indications checklist appropriate for a warn-ing center. Such lists depend on seeing a local pattern togive a specic warning.[15]

Note that Hassan has two subordinates that have not yetestablished operational cells. These subordinates can beconsidered sleepers, but not necessarily with a sleepercell.

5.6.2 Operational cells

For each mission are created one or more operationalcells. If the al-Qaeda signature of multiple concurrentattacks is used, there may be an operational cell for eachtarget location. It will depend on the operation if theywill need any support cells in the operational area. Forexample, it may be more secure to have a local cell buildbombs, which will be delivered by cells coming from out-side the area.Operational cells are not created, but instead 'seeded'utilizing individuals spotted or that request assistance(both groups are 'vetted' by being trained under the ob-servation of the core group, which dramatically restrictsthe opportunity for passing o walk-ins under false ag).Categorization of operational cells appears to be by capa-bilities, region, and then task/operation. Operational cellsare composed of members whose worldview has beenrmly testednecessary to front-load, because such cellsare dispersed back to their own local control (or nega-tive controlproscribed behaviorwith positive controlonly coming in the form of contact for synchronization orsupport).[13]

If operational cells routinely are released curved dottedlines on link to military cells to select their nal operationalparameters, they use a dierent paradigm than govern-mental clandestine or covert operations. On a number ofcases, US special operations forces had to wait for Presi-dential authorization to make an attack, or even move tostaging areas. Admittedly, a country would have to facethe consequences of an inappropriate attack, so it maytend to be overcautious, where a terror network wouldmerely shrug at the world being upset. Assuming that theal-Qaeda operational technique is not to use positive con-trol, their operations may be more random, but also moreunpredictable for counterterror forces. If their cells trulyneed constant control, there are communications linksthat might be detected by SIGINT, and if their commandcan be disrupted, the eld units could not function. Sincethere is fairly little downside for terrorists to attack outof synchronization with other activities, the lack of pos-itive control becomes a strength of their approach to cellorganization.The operational cells need to have continuous internalcommunication; there is a commander, who may be intouch with infrastructure cells or, less likely from a secu-rity standpoint with the core group.

Core group, with contact ring and ideological hierarchy

Al-Qaedas approach, which even diers from that of ear-lier terrorist organizations, may be very viable for theirgoals:

Cells are redundant and distributed, making themdicult to roll up

Cells are coordinated, not under command &controlthis autonomy and local control makesthem exible, and enhances security

Trust and comcon internally to the cell provide re-dundancy of potential command (a failure of Pales-tinian operations in the past), and well as a sharedknowledgebase (which may mean, over time, thatcross training emerges inside a cell, providing re-dundancy of most critical skills and knowledge).[13]

5.6.3 Indirect support networksIn the above graphic, note the indirect support networkcontrolled by Richards subcell.While Al-Qaida has elements of the organization de-signed to support the structure, but such elements are in-sucient in meeting the needs of such an organization,and for security reasons there would be redundant andsecondary-/tertiary-networks that are unaware of theirconnection to Al-Qaida. These networks, primarily re-lated to fundraising and nancial activities, as well astechnology providers, are in a use relationship with Al-Qaidamanaged through cut-outs or individuals that donot inform them of the nature of activities, and that mayhave a cover pretext sucient to deect questions orinquiry.[13]

5.6.4 A possible countermeasureIn 2002, U.S. News & World Report said that Americanintelligence is beginning to acquire a suciently criti-cal mass of intelligence on al-Qaida indicating, Oncethought nearly impossible to penetrate, al Qaeda is prov-ing no tougher a target than the KGB or theMaa--closed

5.9. EXTERNAL LINKS 15

societies that took the U.S. government years to get in-side. We're getting names, the dierent camps theytrained at, the hierarchy, the inghting, says an intelli-gence ocial. Its very promising.[16] The report alsosaid that the collected data has allowed the recruiting ofinformants.Writing in the U.S. Army journalMilitary Review, DavidW. Pendall suggested that a catch-and-release programfor suspected operatives might create reluctance or dis-trust in such suspects and prevent them from further actsor, perhaps more important, create distrust in the cellleaders of these individuals in the future. The authornoted the press release describing Ramzi Binalshibs co-operation with the United States are sure to prevent reen-try into a terrorist cell as a trustedmember and