Editing Counterintelligence (section)

==Defensive counterintelligence operations==

In U.S. doctrine, although not necessarily that of other countries, CI is now seen as primarily a counter to FIS [[HUMINT]]. In the 1995 US Army counterintelligence manual, CI had a broader scope against the various intelligence collection disciplines. Some of the overarching CI tasks are described as
:#Developing, maintaining, and disseminating multidiscipline threat data and intelligence files on organizations, locations, and individuals of CI interest. This includes insurgent and terrorist infrastructure and individuals who can assist in the CI mission.
:#Educating personnel in all fields of security. A component of this is the multidiscipline threat briefing. Briefings can and should be tailored, both in scope and classification level. Briefings could then be used to familiarize supported commands with the nature of the multidiscipline threat posed against the command or activity.

More recent US joint intelligence doctrine<ref>{{cite web
  | author = Joint Chiefs of Staff
  | author-link = Joint Chiefs of Staff
  | title = Joint Publication 2-0: Intelligence
  | date = 2007-06-22
  | id = US JP 2-0
  | url = https://fas.org/irp/doddir/dod/jp2_0.pdf
  | access-date = 2007-11-05}}</ref> restricts its primary scope to counter-HUMINT, which usually includes counter-terror. It is not always clear, under this doctrine, who is responsible for all intelligence collection threats against a military or other resource. The full scope of US military counterintelligence doctrine has been moved to a classified publication, Joint Publication (JP) 2-01.2, ''Counterintelligence and Human Intelligence Support to Joint Operations''.

More specific countermeasures against intelligence collection disciplines are listed below
{| class="wikitable"
<caption>CI roles against Intelligence Collection Disciplines, 1995 doctrine<ref name="FM34-60"/></caption>
|-
! Discipline
! Offensive CI
! Defensive CI
|-
| HUMINT
| Counterreconnaissance, offensive counterespionage
| Deception in operations security
|-
| SIGINT
| Recommendations for kinetic and electronic attack
| Radio OPSEC, use of secure telephones, SIGSEC, deception
|-
| IMINT
| Recommendations for kinetic and electronic attack
| Deception, OPSEC countermeasures, deception (decoys, camouflage)
If accessible, use SATRAN reports of satellites overhead to hide or stop activities while being viewed
|-
|}

===Counter-HUMINT===
Counter-HUMINT deals with both the detection of hostile HUMINT sources within an organization, or the detection of individuals likely to become hostile HUMINT sources, as a mole or double agent. There is an additional category relevant to the broad spectrum of counterintelligence: why one becomes a terrorist. {{Citation needed|date=May 2020|reason=Any good academic source for this statement?}}

The acronym '''MICE''':
: '''M'''oney
: '''I'''deology
: '''C'''ompromise (or coercion)
: '''E'''go
describes the most common reasons people break trust and disclose classified materials, reveal operations to hostile services, or join terrorist groups. It makes sense, therefore, to monitor trusted personnel for risks in these areas, such as financial stress, extreme political views, potential vulnerabilities for blackmail, and excessive need for approval or intolerance of criticism. With luck, problems in an employee can be caught early, assistance can be provided to correct them, and not only is espionage avoided, but a useful employee retained.

Sometimes, the preventive and neutralization tasks overlap, as in the case of [[Earl Edwin Pitts]]. Pitts had been an FBI agent who had sold secret information to the Soviets, and, after the fall of the USSR, to the Russians. He was caught by an FBI false flag sting, in which FBI agents, posing as Russian FSB agents, came to Pitts with an offer to "reactivate" him. His activities seemed motivated by both money and ego over perceived bad treatment when he was an FBI agent. His sentence required him to tell the FBI all he knew of foreign agents. Ironically, he told them of suspicious actions by [[Robert Hanssen]], which were not taken seriously at the time.

==== Motivations for information and operations disclosure ====

To go beyond slogans, Project Slammer was an effort of the Intelligence Community Staff, under the Director of Central Intelligence, to come up with characteristics of an individual likely to commit espionage against the United States.
It "examines espionage by interviewing and psychologically assessing actual espionage subjects. Additionally, persons knowledgeable of subjects are contacted to better understand the subjects' private lives and how they are perceived by others while conducting espionage."<ref name=Slammer1990>{{Cite web
 | title = Project Slammer Interim Progress Report
 | last = Intelligence Community Staff
 | date = 12 April 1990
 | url =http://antipolygraph.org/documents/slammer-12-04-1990.shtml
 | access-date = 2007-11-04
 }}</ref>

{| class="wikitable"
<caption>How an espionage subject sees himself (at the time of espionage)</caption>
|-
! Attitude
! Manifestations
|-
| Basic belief structure
|– Special, even unique.
– Deserving.

– The individual's situation is not satisfactory.

– No other (easier) option (than to engage in espionage).

– Doing only what others frequently do.

– Not a bad person.

– Performance in a government job (if presently employed) is separate from espionage; espionage does not (really) discount contribution in the workplace.

– Security procedures do not (really) apply to the individual.

– Security programs (e.g., briefings) have no meaning for the individual unless they connect with something with which they can personally identify.
|-
| Feels isolated from the consequences of his actions:
| – The individual sees their situation in a context in which they face continually narrowing options until espionage seems reasonable. The process that evolves into espionage reduces barriers, making it essentially "Okay" to initiate the crime.

– They see espionage as a "Victimless" crime.

– Once they consider espionage, they figure out how it might be done. These are mutually reinforcing, often simultaneous events.

– Subject finds that it is easy to go around security safeguards (or is able to solve that problem). They belittle the security system, feeling that if the information was really important espionage would be hard to do (the information would really be better protected). This "Ease of accomplishment" further reinforces resolve.
|-
| Attempts to cope with espionage activity
|– Anxious on initial hostile intelligence service contact (some also feel thrill and excitement).

– After a relationship with espionage activity and HOIS develops, the process becomes much more bearable, espionage continues  (even flourishes).

– In the course of long-term activity, subjects may reconsider their involvement.

– Some consider breaking their role to become an operative for the government. This occurs when access to classified information is lost or there is a perceived need to prove themselves or both.

– Others find that espionage activity becomes stressful, they no longer want it. Glamour (if present earlier) subsides. They are reluctant to continue. They may even break contact.

– Sometimes they consider telling authorities what they have done. Those wanting to reverse their role aren't confessing, they're negotiating. Those who are "Stressed out" want to confess. Neither wants punishment. Both attempt to minimize or avoid punishment.
|}

According to a press report about Project Slammer and Congressional oversight of counterespionage, one fairly basic function is observing one's own personnel for behavior that either suggests that they could be targets for foreign HUMINT, or may already have been subverted. News reports indicate that in hindsight, red flags were flying but not noticed.<ref name=Stein>{{Cite journal
 | title = The Mole's Manual
 | last = Stein
 | first = Jeff
 | date = July 5, 1994
 | journal = New York Times
 | url =https://www.nytimes.com/1994/07/05/opinion/the-mole-s-manual.html
 | access-date = 2007-11-04
 }}</ref> In several major penetrations of US services, such as [[Aldrich Ames]], the Walker ring or [[Robert Hanssen]], the individual showed patterns of spending inconsistent with their salary. Some people with changed spending may have a perfectly good reason, such as an inheritance or even winning the lottery, but such patterns should not be ignored.

Personnel in sensitive positions, who have difficulty getting along with peers, may become risks for being compromised with an approach based on ego. [[William Kampiles]], a low-level worker in the CIA Watch Center, sold, for a small sum, the critical operations manual on the [[KH-11]] reconnaissance satellite. To an interviewer, Kampiles suggested that if someone had noted his "problem"—constant conflicts with supervisors and co-workers—and brought in outside counseling, he might not have stolen the KH-11 manual.<ref name="Stein"/>

By 1997, the Project Slammer work was being presented at public meetings of the Security Policy Advisory Board.<ref name=SPAB1997>{{Cite web
 | title = Security Policy Advisory Board Meeting: Draft Minutes
 | publisher = Federation of American Scientists 
 | date = 12 December 1997
 | url =https://fas.org/sgp/spb/spab1297.html
 | access-date = 2007-11-04
 }}</ref> While a funding cut caused the loss of impetus in the mid-nineties, there are research data used throughout the security community. They emphasize the {{blockquote|essential and multi-faceted motivational patterns underlying espionage. Future Slammer analyses will focus on newly developing issues in espionage such as the role of money, the new dimensions of loyalty and what seems to be a developing trend toward economic espionage.}}

===Counter-SIGINT (Signals Intelligence)===

Military and security organizations will provide secure communications, and may [[Signals intelligence#Monitoring friendly communications|monitor]] less secure systems, such as commercial telephones or general Internet connections, to detect inappropriate information being passed through them. Education on the need to use secure communications, and instruction on using them properly so that they do not become vulnerable to [[Transmission security|specialized technical interception]].

===Counter-IMINT (Imagery Intelligence)===
The basic methods of countering IMINT are to know when the opponent will use imaging against one's own side, and interfering with the taking of images. In some situations, especially in free societies, it must be accepted that public buildings may always be subject to photography or other techniques.

Countermeasures include putting visual shielding over sensitive targets or camouflaging them. When countering such threats as imaging satellites, awareness of the orbits can guide security personnel to stop an activity, or perhaps cover the sensitive parts, when the satellite is overhead. This also applies to imaging on aircraft and UAVs, although the more direct expedient of shooting them down, or attacking their launch and support area, is an option in wartime.

===Counter-OSINT (Open-Source Intelligence)===
While the concept well precedes the recognition of a discipline of [[OSINT]], the idea of [[Censorship#State secrets and prevention of attention|censorship of material directly relevant to national security]] is a basic OSINT defense. In democratic societies, even in wartime, censorship must be watched carefully lest it violate reasonable freedom of the press, but the balance is set differently in different countries and at different times.

The [[United Kingdom]] is generally considered to have a very free press, but there is the [[DA-Notice|DA-Notice, formerly D-notice]] system. Many British journalists find that the system is used fairly, but there will always be arguments. In the specific context of counterintelligence, note that [[Peter Wright (MI5 officer)|Peter Wright]], a former senior member of the [[MI5|Security Service]] who left their service without his pension, moved to [[Australia]] before publishing his book [[Spycatcher]]. While much of the book was reasonable commentary, it revealed some specific and sensitive techniques, such as [[Operation RAFTER]], a means of detecting the existence and setting of radio receivers.

===Counter-MASINT (Measurement and Signature Intelligence)===
MASINT is mentioned here for completeness, but the discipline contains so varied a range of technologies that a type-by-type strategy is beyond the current scope. One example, however, can draw on the [[Operation RAFTER]] technique revealed in Wright's book. With the knowledge that [[Radiofrequency MASINT]] was being used to pick up an internal frequency in radio receivers, it would be possible to design a shielded receiver that would not radiate the signal that RAFTER monitored.