Espionage

(1)

(2)

10.2.1 Classic cryptography . . . 52 10.2.2 Computer era . . . 54 10.3 Modern cryptography . . . 55 10.3.1 Symmetric-key cryptography . . . 55 10.3.2 Public-key cryptography . . . 56 10.3.3 Cryptanalysis . . . 57 10.3.4 Cryptographic primitives . . . 58 10.3.5 Cryptosystems . . . 58 10.4 Legal issues . . . 59 10.4.1 Prohibitions . . . 59 10.4.2 Export controls . . . 59 10.4.3 NSA involvement . . . 59

10.4.4 Digital rights management . . . 60

10.4.5 Forced disclosure of encryption keys . . . 60

10.5 See also . . . 60 10.6 References . . . 61 10.7 Further reading . . . 62 10.8 External links . . . 63 11 Cut-out (espionage) 64 11.1 Outside espionage . . . 64 11.2 See also . . . 64 11.3 References . . . 64 12 Dead drop 65 12.1 Overview . . . 65 12.2 Modern techniques . . . 65 12.3 See also . . . 65 12.4 Notes . . . 66 12.5 References . . . 66 12.6 Further reading . . . 66

(6)

CONTENTS v

13 Denial and deception 67

13.1 See also . . . 68

14 Direct action (military) 69 14.1 Risk factors . . . 69

14.2 Operational techniques . . . 70

14.2.1 Inﬁltration. . . 70

14.2.2 Attack. . . 70

14.2.3 Exﬁltration . . . 70

14.3 Examples of direct action missions . . . 70

14.3.1 Norwegian and SOE attacks on German heavy water production . . . 70

14.3.2 Prisoner of war rescue raids in the Philippines . . . 71

14.3.3 Israeli raid on Soviet radar used by Egypt. . . 71

14.3.4 Attempted prisoner of war rescue in North Vietnam . . . 71

14.3.5 US prisoner in Panama rescued by Delta Force . . . 71

14.3.6 Killing of Osama bin Laden . . . 72

14.3.7 Physical destruction of propaganda facilities . . . 72

14.4 References . . . 73 15 Eavesdropping 74 15.1 Etymology . . . 74 15.2 Techniques . . . 74 15.3 References . . . 74 15.4 See also . . . 75 15.5 External links . . . 75 16 Espionage 76 16.1 History. . . 76 16.1.1 Ancient history . . . 76

16.1.2 Arabia during Muhammad’s era . . . 76

16.1.3 Modern history . . . 77

16.2 Targets of espionage . . . 77

16.3 Methods and terminology . . . 77

16.3.1 Technology and techniques . . . 78

16.4 Organization . . . 78

16.5 Industrial espionage . . . 79

16.6 Agents in espionage . . . 79

16.7 Law . . . 80

16.8 Use against non-spies . . . 80

16.9 Espionage laws in the UK . . . 81

(7)

vi CONTENTS

16.10Military conﬂicts. . . 81

16.11List of famous spies . . . 82

16.11.1 World War I. . . 83

16.11.2 World War II . . . 84

16.11.3 Post World War II. . . 84

16.12Spy ﬁction . . . 84

16.12.1 World War II: 1939–1945 . . . 85

16.12.2 Cold War era: 1945–1991 . . . 85

16.13See also . . . 85 16.14References . . . 85 16.15Further reading . . . 87 16.16External links . . . 87 17 False ﬂag 88 17.1 Use in warfare . . . 88 17.1.1 Naval warfare . . . 88 17.1.2 Air warfare . . . 88 17.1.3 Land warfare . . . 89

17.2 As pretexts for war . . . 90

17.2.1 Russo-Swedish War. . . 90

17.2.2 Second Sino-Japanese War . . . 90

17.2.3 World War II . . . 90

17.2.4 Cold War . . . 90

17.3 As a tactic to undermine political opponents . . . 91

17.3.1 Reichstag ﬁre . . . 91 17.3.2 Project TP-Ajax. . . 91 17.3.3 2008 Kurcha incident . . . 92 17.4 Pseudo-operations . . . 92 17.5 Espionage . . . 93 17.6 Civilian usage . . . 94 17.6.1 Businesses. . . 94 17.6.2 Political campaigning . . . 94 17.6.3 Ideological . . . 94 17.7 See also . . . 94 17.7.1 Concepts . . . 94 17.7.2 Examples . . . 95

17.8 Notes and references . . . 95

18 Field agent 97 18.1 See also . . . 97

(8)

CONTENTS vii

19 Industrial espionage 98

19.1 Competitive intelligence and economic or industrial espionage . . . 98

19.2 Forms of economic and industrial espionage . . . 98

19.3 Target industries . . . 98

19.4 Information theft and sabotage . . . 99

19.5 Agents and the process of collection. . . 99

19.6 Use of computers and the Internet. . . 99

19.6.1 Personal computers . . . 99

19.6.2 The Internet . . . 100

19.6.3 Opportunities for sabotage . . . 100

19.6.4 Malware. . . 100

19.6.5 Distributed denial of service (DDoS) attack . . . 100

19.7 History. . . 100

19.7.1 Origins of industrial espionage . . . 100

19.7.2 The 20th Century . . . 101

19.7.3 The legacy of Cold War espionage . . . 101

19.8 Notable cases . . . 101

19.8.1 France and the United States . . . 101

19.8.2 Volkswagen . . . 101

19.8.3 Hilton and Starwood . . . 102

19.8.4 GhostNet . . . 102

19.8.5 Google and Operation Aurora. . . 102

19.8.6 CyberSitter and Green Dam . . . 102

19.8.7 USA v. Lan Lee, et al.. . . 102

19.8.8 Dongxiao Yue and Chordiant Software, Inc. . . 102

19.9 Concerns of national governments . . . 103

19.9.1 Brazil . . . 103 19.9.2 United States . . . 103 19.9.3 United Kingdom . . . 103 19.9.4 Germany . . . 103 19.10See also . . . 103 19.11References . . . 103 19.12Bibliography . . . 104 19.13External links . . . 107 20 Intelligence assessment 108 20.1 Process . . . 108

20.2 Target-centric intelligence cycle . . . 109

20.3 See also . . . 109

20.4 Further reading . . . 109

(9)

viii CONTENTS

21 Intelligence cycle management 112

21.1 Overview . . . 112

21.1.1 Intelligence deﬁned . . . 112

21.1.2 Management of the intelligence cycle . . . 112

21.1.3 Planning and direction overview . . . 113

21.2 Requirements . . . 113 21.2.1 National/strategic . . . 113 21.2.2 Military/operational . . . 114 21.3 Intelligence architecture . . . 114 21.3.1 Budgeting . . . 114 21.3.2 Policy factors . . . 115

21.3.3 Balancing law enforcement and national security . . . 115

21.3.4 Public versus private . . . 115

21.4 Collection planning . . . 116

21.4.1 CCIRM . . . 116

21.5 Issuance of orders and requests . . . 117

21.5.1 Prioritization . . . 117

21.6 Other topics . . . 117

21.6.1 Political misuse . . . 117

21.6.2 Clandestine intelligence versus covert action . . . 117

21.7 Failures in the intelligence cycle . . . 118

21.8 Other cycles . . . 118

21.8.1 Boyd OODA Loop . . . 118

22 Interrogation 120 22.1 Techniques . . . 120

22.1.1 Suggestibility . . . 120

22.1.2 Deception . . . 120

22.1.3 Good cop/bad cop . . . 121

22.1.4 Pride-and-ego down. . . 121

22.1.5 Reid technique . . . 121

22.1.6 Mind-altering drugs . . . 121

22.1.7 Torture . . . 121

22.2 Around the world . . . 122

22.2.1 United Kingdom . . . 122

22.2.2 United States . . . 122

22.2.3 Inquisition. . . 123

22.3 Resistance training. . . 123

22.4 Movement for increased recording of interrogations in the U.S. . . 123

22.5 See also . . . 123

(10)

CONTENTS ix 22.7 External links . . . 124 23 Non-oﬃcial cover 125 23.1 History. . . 125 23.2 Examples . . . 125 23.3 References . . . 126 23.4 See also . . . 126 23.5 External links . . . 126 24 Numbers station 127 24.1 Suspected origins and use . . . 127

24.1.1 Identifying and locating . . . 128

24.2 The Atención spy case evidence . . . 128

24.3 Formats . . . 129

24.4 Transmission technology . . . 129

24.5 Interfering with numbers stations . . . 130

24.5.1 Documented instances of interference to broadcasts . . . 130

24.5.2 Attempted jamming of numbers stations . . . 130

24.6 Classiﬁcation . . . 130

24.7 Recordings . . . 131

24.8 References in mass media . . . 131

24.9 See also . . . 131 24.10References . . . 131 24.11Further reading . . . 133 24.12External links . . . 133 25 Oﬃcial cover 134 25.1 See also . . . 134 25.2 References . . . 134

26 One-way voice link 135 26.1 Historical context . . . 135

26.2 See also . . . 135

27 Resident spy 136 27.1 Types of resident spies . . . 136

27.2 Comparison of illegal and legal resident spies . . . 136

27.3 References . . . 136 27.3.1 Cross-reference . . . 137 27.3.2 Sources used . . . 137 27.4 Further reading . . . 137 28 Special reconnaissance 138 28.1 History. . . 138

(11)

x CONTENTS

28.2 A spectrum of reconnaissance capabilities: LRS and SR . . . 139

28.3 Appropriate missions . . . 139

28.3.1 Intelligence related missions . . . 140

28.3.2 Offensive missions . . . 142 28.4 Operational techniques . . . 145 28.4.1 Infiltration. . . 145 28.4.2 Support . . . 145 28.4.3 Exfiltration . . . 146 28.5 SR Communications-Electronics . . . 146

28.6 Reporting during and after the mission . . . 147

28.7 Examples . . . 147 28.8 See also . . . 148 28.9 References . . . 148 28.10External links . . . 149 29 Steganography 150 29.1 History. . . 150 29.2 Techniques . . . 150 29.2.1 Physical . . . 150 29.2.2 Digital messages . . . 151 29.2.3 Network . . . 152 29.2.4 Printed . . . 153 29.2.5 Using puzzles . . . 153 29.3 Additional terminology . . . 153

29.4 Countermeasures and detection . . . 153

29.5 Applications . . . 154

29.5.1 Use in modern printers . . . 154

29.5.2 Example from modern practice . . . 154

29.5.3 Alleged use by intelligence services . . . 154

29.5.4 Distributed steganography . . . 154 29.5.5 Online challenge . . . 154 29.6 See also . . . 154 29.7 Citations . . . 154 29.8 References . . . 155 29.9 External links . . . 155 30 Surveillance 157 30.1 Types . . . 157 30.1.1 Computer . . . 157 30.1.2 Telephones . . . 158 30.1.3 Cameras. . . 159

(12)

CONTENTS xi

30.1.5 Biometric . . . 161

30.1.6 Aerial . . . 161

30.1.7 Data mining and proﬁling . . . 162

30.1.8 Corporate . . . 163

30.1.9 Human operatives . . . 163

30.1.10 Satellite imagery . . . 164

30.1.11 Identiﬁcation and credentials . . . 164

30.1.12 RFID and geolocation devices . . . 164

30.1.13 Human Microchips . . . 165 30.1.14 Devices . . . 165 30.1.15 Postal services. . . 166 30.2 Controversy . . . 166 30.2.1 Support . . . 166 30.2.2 Opposition . . . 166

30.3 Counter-surveillance, inverse surveillance, sousveillance . . . 168

30.4 Popular culture . . . 168

30.4.1 In literature . . . 168

30.4.2 In music . . . 168

30.4.3 Onscreen . . . 168

30.5 See also . . . 169

30.5.1 United States government . . . 169

30.6 References . . . 170 30.7 Further reading . . . 173 30.8 External links . . . 174 30.8.1 General information. . . 174 30.8.2 Historical information. . . 174 30.8.3 Legal resources . . . 174

30.9 Text and image sources, contributors, and licenses . . . 175

30.9.1 Text . . . 175

30.9.2 Images . . . 182

(13)

Chapter 1

Agent handling

Inintelligence organizations, agent handling is the man-agement of agents, principal agents, and agent networks (called “assets”) byintelligence oﬃcerstypically known as case oﬃcers.

1.1 Human intelligence

A primary purpose of intelligence organizations is to pen-etrate a target with a human agent, or a network of hu-man agents. Such agents can either inﬁltrate the target, or be recruited “in place”. Case oﬃcers are profession-ally trained employees of intelligence organizations that manage human agents and human agent networks. Intel-ligence that derives from such human sources is known asHUMINT.

Sometimes, agent handling is done indirectly, through “principal agents” that serve as proxies for case officers. It is not uncommon, for example, for a case officer to manage a number of principal agents, who in turn han-dle agent networks, which are preferably organized in a cellular fashion. In such a case, the principal agent can serve as a“cut-out”for the case officer, buffering him or her from direct contact with the agent network.

Utilizing a principal agent as a cut-out, and ensuring that the human agent network is organized in a cellular fash-ion, can provide some protection for other agents in the network, as well as for the principal agent, and for the case officer in the event that an agent in the network is compromised. Assuming that standard principles of in-telligencetradecraft have been strictly observed by the principal agent and the agents in the network, compro-mised agents will not be able to identify the case officer, nor the other members of the network. Ideally, agents may work side by side in the same office, and conduct theirclandestinecollection activities with such discipline, that they will not realize that they are both engaged in es-pionage, much less members of the same network. Since an agent can sometimes identify his or her principal agent, however, or reveal information underinterrogation that can lead to the identification of a principal agent, the protection provided by cellular network organization can be time-sensitive.

If principles of intelligence tradecraft have not been strictly observed, it is also possible that compromised agents can reveal information that exposes other mem-bers of the network. In the real world of espionage, hu-man lapses are very much the norm, and violations of the principles of tradecraft are common. It is for this reason that agents are ideally trained to resist interrogation for a deﬁned period of time.

If an agent is able to resist interrogation for a deﬁned pe-riod of time, the odds that other members of the network can be alerted to the compromise improve.

1.2 Case oﬃcer

A case officer is an intelligence officer who is a trained specialist in the management of agents and agent networks.[1]_{Case officers manage human agents, and} hu-man intelligence networks. Case officers spot poten-tial agents, recruit prospective agents, and train agents intradecraft. Case officers emphasize those elements of tradecraft which enable the agent to acquire needed in-formation, as well as to enable the case officer to com-municate with and supervise the agent. Most of all, case officers train agents in methods of avoiding detection by host nation counter-intelligence organizations.

1.3 Agents, spotting, and

recruit-ment

By definition, an “agent” acts on behalf of another, whether another individual, an organization, or a foreign government. Agents can be considered either witting or unwitting, and in some cases, willing or unwilling. Agents typically work under the direction of a principal agent or a case officer. When agents work alone, and are not mem-bers of an agent network, they are termed “singletons”. The identification of potential agents is termed “agent spotting” (also termed “talent spotting”). Identifying po-tential agents, and investigating the details of their per-sonal and professional lives, involves the granular veri-fication of theirbona fides. Such activities can include

(14)

2 CHAPTER 1. AGENT HANDLING

uncovering personal details that leave potential agents vulnerable tocoercion,blackmail, or other inducements, such as sexual approaches.

Approaches to potential agents can be multitudinous and considerable time can pass before the potential agent is maneuvered into a position where a recruitment “pitch” can be hazarded.

1.4 Training

Agent training often includes techniques of trade-craft such as clandestine communications, including cryptography, the use of one-time pads, the construc-tion of concealment devices, and the employment of dead drops. Other elements of tradecraft include elici-tation,surveillanceandcountersurveillance, photography and the emplacement of audio devices, sensors, or other transmitters. Case oﬃcers generally train agents one at a time, in isolation, including only those elements of trade-craft needed to penetrate the target at hand. Case oﬃcers will also teach agents how to develop cover for status, and cover for action, meaning how to establish credible pretexts for their presence and behavior while engaged in collection activities. A well-trained and competent agent can conduct his or her clandestine tasks while under close surveillance, and still evade detection. More advanced agent training can include resistance tointerrogation.

1.5 Communications Method

Random e-mail ID’s

1.6 See also

• Category:Spies by role

• Motives for spying

1.7 References

[1] case oﬃcer, thefreedictionary.com, retrieved 4 March 2009

1.8 External links

• Human Intelligence: From Sleepers to Walk-ins, Thomas Patrick Carroll, Syllabus, 5 September 2006 – 24 October 2006—many good deﬁnitions with historic examples and timely discussion of problems; in outline form.

(15)

Chapter 2

Asset (intelligence)

Inintelligence, assets are persons within organizations or countries that are being spied upon who provide informa-tion for an outside spy. They are sometimes referred to as agents, and in law enforcement parlance, as conﬁdential informants, or 'CI' for short.

There are diﬀerent categories of assets, including people that:

• Willingly work for a foreign government for

ideolog-ical reasons such as being against their government, but live in a country that doesn't allow political oppo-sition. They may elect to work with a foreign power to change their own country because there are few other ways available.

• Work for monetary gain. Intelligence services often

pay good wages to people in important positions that are willing to betray secrets.

• Have been blackmailed and are forced into their

role.

• Do not even know they are being used. Assets can

be loyal to their country, but may still provide a for-eign agent with information through failures in in-formation safety such as using insecure computers or not following properOPSECprocedures during day-to-day chatting.

2.1 See also

• Vetting

(16)

Chapter 3

Black bag operation

This article is about the espionage technique. For the cryptanalysis technique, seeblack-bag cryptanalysis. For the ﬁctional character, seeBlack Bag. For the disposable bag used to contain garbage, seeblack bag (container).

Black bag operations (or black bag jobs) arecovertor clandestineentries into structures to obtain information forhuman intelligenceoperations.[1]_{This usually entails} breaking and enteringinto denied areas. Some of the tac-tics, techniques and procedures associated with black bag operations are: lock picking,safe cracking, key impres-sions,fingerprinting,photography, electronicsurveillance (including audio and video surveillance),mail manipula-tion (flaps and seals),forgery, and a host of other related skills. The term “black bag” refers to the little black bag in which burglars carry their tools.[2] _“The_CIA_remains responsible for conducting these highly classified opera-tions overseas, while theFederal Bureau of Investigation (FBI) performs the exact same function inside the U.S. and its territories.”[2]

3.1 Use by the FBI

In black bag operations, Federal Bureau of Investiga-tion(FBI) agents illegally entered oﬃces of targeted in-dividuals and organizations, andphotographed informa-tion found in their records. This practice was used by the FBI from 1942 until 1967. In July 1966, FBI DirectorJ. Edgar Hooverordered the practice discontinued.[3] _The use of “black bag jobs” by the FBI was declared uncon-stitutional by theUnited States Supreme Courton 19 June 1972 in thePlamondoncase,United States v. U.S. Dis-trict Court, 407 U.S. 297. The FBI still carries out numer-ous “black bag” entry-and-search missions, in which the search is covert and the target of the investigation is not informed that the search took place. If the investigation involves a criminal matter a judicial warrant is required; in national security cases the operation must be approved by a secret body called theForeign Intelligence Surveil-lance Court.[4]

3.2 Use by the CIA

The CIA has used black-bag operations to steal cryptog-raphy and other secrets from foreign government oﬃces outside the United States. The practice dates back at least as far as 1916.[2]

3.3 Use by other governments

The British, Israeli, Russian, and other intelligence agen-cies are known to use black-bag operations to steal se-crets. When the technique is used to obtain codes it may be calledBlack-bag cryptanalysis.

3.4 See also

• Black operation

• COINTELPRO

3.5 References

[1] “Tallinn government surveillance cameras reveal black bag operation”. Intelnews. 16 December 2008. Retrieved 3 December 2012.

[2] “The CIA Code Thief Who Came in from the Cold”.

matthewald.com. Retrieved 3 December 2012.

[3] Federal Bureau of Investigation - Freedom of Information Privacy Act

[4] Rood, Justin (15 June 2007). “FBI to Boost ‘Black Bag’ Search Ops”. ABC News. Retrieved 3 December 2012.

• Peter Wright. Spy Catcher: The Candid Autobiogra-phy of a Senior Intelligence Oﬃcer. Penguin USA,

1987.ISBN 0-670-82055-5.

(17)

3.6. EXTERNAL LINKS 5

3.6 External links

• Warrantless Surreptitious Entries: FBI “Black Bag” Break-ins And Microphone Installations

• 11 Terms Used by SpiesatHowStuﬀWorks— arti-cle explaining espionage terminology

(18)

Chapter 4

Black operation

“Black op” and “Black ops” redirect here. For other meanings, seeBlack Ops (disambiguation).

A black operation or black op is acovert operationby a government, a government agency, or a military organi-zation. This can include activities by private companies or groups. Key features of a black operation are that it is clandestine, .. overtones, and it is not attributable to the organization carrying it out.[1] _{The main difference} be-tween a black operation and one that is merely clandes-tine is that a black operation involves a significant degree of deception, to conceal who is behind it or to make it appear that some other entity is responsible ("false flag" operations).[2][3]

A single such activity may be called a “black bag operation";[1] _{that term is primarily used for} _covert _or clandestinesurreptitious entries into structures to obtain information for human intelligence operations.[4] _Such operations are known to have been carried out by the FBI,[5]_the_{Central Intelligence Agency,}[6]_Mossad,_MI6, MSS,Research and Analysis Wingand the intelligence services of other nations.[4]

4.1 Etymology

“Black” may be used as a generic term for any govern-ment activity that is hidden or secret. For example, some activities by military and intel agencies are funded by a classiﬁed "black budget,” of which the details, and some-times even the total, are hidden from the public and from most congressional oversight.[7][8]

4.2 Reported examples of black

op-erations

• In 2007 the Central Intelligence Agency declassi-fied secret records detailing illegal domestic surveil-lance, assassinationplots, kidnapping, and infiltra-tion and penetrainfiltra-tion of other “black” operainfiltra-tions un-dertaken by the CIA from the 1950s to the early

1970s. CIA Director GeneralMichael Hayden ex-plained why he released the documents, saying that they provided a “glimpse of a very diﬀerent time and a very diﬀerent agency”.[9]

• In May 2007 ABC News, and later the Daily Telegraph, reported that United States president George W. Bushhad authorized theCIAto under-take “black operations” inIranin order to promote regime changeas well as to sabotageIran’s nuclear program.[10][11]_{ABC News was subsequently} criti-cized for reporting the secret operation, with2008 presidential candidate Mitt Romneysaying he was “shocked to see the ABC News report regarding covert action in Iran,” but ABC said the CIA and the Bush Administration knew of their plans to publish the information and raised no objections.[12]

4.3 References

[1] Smith, Jr., W. Thomas (2003).Encyclopedia of the Cen-tral Intelligence Agency. New York, NY: Facts on File, Inc. p. 31.ISBN 0-8160-4666-2.

[2] Popular Electronics, Volume 6, Issue 2–6. Ziff-Davis Pub-lishing Co., Inc. 1974, p. 267. “There are three classifi-cations into which the intelligence community officially divides clandestine broadcast stations. A black operation is one in which there is a major element of deception.” [3] Djang, Chu,From Loss to Renewal: A Tale of Life

Experi-ence at Ninety, Authors Choice Press, Lincoln, Nebraska, p. 54. "(A black operation was) an operation in which the sources of propaganda were disguised or mispresented in one way or another so as not to be attributed to the people who really engineered it.”

[4] “Tallinn government surveillance cameras reveal black bag operation”. Intelnews. December 16, 2008. Re-trieved 3 December 2012.

[5] Rood, Justin (June 15, 2007).“FBI to Boost ‘Black Bag’ Search Ops”. ABC News. Retrieved 3 December 2012. [6] “The CIA Code Thief Who Came in from the Cold”.

matthewald.com. Retrieved 3 December 2012.

(19)

[7] “Dirty Secrets Of The “Black Budget"". Business Week. February 27, 2006. Retrieved June 12, 2012.

[8] Shachtman, Noah (February 1, 2010).“Pentagon’s Black Budget Tops $56 Billion”. Wired. Retrieved June 12, 2012.

[9] Tisdall, Simon (June 22, 2007).“CIA to release cold war 'black ﬁles’". The Guardian. Retrieved June 7, 2012. [10] Ross, Brian; Esposito, Richard (May 22, 2007). “Bush

Authorizes New Covert Action Against Iran”. ABC News. Retrieved June 7, 2012.

[11] Shipman, Tim (May 27, 2007). “Bush sanctions 'black ops’ against Iran”. The Telegraph. Retrieved June 7, 2012. [12] Montopoli, Brian (May 23, 2007). “ABC News Comes Under Fire For Iran Report”. CBS News. Retrieved Jan-uary 26, 2014.

(20)

Chapter 5

Clandestine cell system

“Sleeper cell” redirects here. For other uses, seeSleeper cell (disambiguation).

A clandestine cell structure is a method for organizing a group of people in such a way that it can more eﬀectively resist penetration by an opposing organization. Depend-ing on the group’sphilosophy, its operational area, the communications technologies available, and the nature of the mission, it can range from a strict hierarchy to an ex-tremely distributed organization. It is also a method used bycriminal organizations,undercoveroperatives, and un-conventional warfare (UW) led byspecial forces. Histor-ically, clandestine organizations have avoided electronic communications, becausesignals intelligenceis a strength of conventional militaries and counterintelligence organi-zations.

In the context of tradecraft,covert andclandestine are not synonymous. As noted in the deﬁnition (which has been used by the United States and NATO since World War II) in a covert operation the identity of the sponsor is concealed, while in a clandestine operation the operation itself is concealed. Put diﬀerently, clandestine means “hidden”, while covert means “deniable”. The adversary is aware that a covert activity is happening, but does not know who is doing it, and certainly not their sponsor-ship. Clandestine activities, however, if successful, are completely unknown to the adversary, and their function, such as espionage, would be neutralized if there was any awareness of the activity. Saying a "covert cell structure” is tantamount totautology, because the point of the cell structure is that its details are completely hidden from the opposition.

A sleeper cell refers to a cell, or isolated grouping of sleeper agents that lies dormant until it receives orders or decides to act.

5.1 History

5.1.1 Provisional Irish Republican Army

As opposed to the French Resistance, the modern Provisional Irish Republican Army(PIRA) has a history

going back to Irish revolutionary forces in the early 20th century, but has little external control. Its doctrine and or-ganization have changed over time, given factors such as the independence of 26 of Ireland’s 32 counties, the con-tinued British control of Northern Ireland and the simple passage of time and changes in contemporary thinking and technology.[1]

Oﬃcially, the PIRA is hierarchical, but, especially as British security forces became more eﬀective, changed to a semiautonomous model for its operational and cer-tain of its support cells (e.g., transportation, intelligence, cover and security).[2] _{Its leadership sees itself as} guid-ing and consensus-buildguid-ing. The lowest-level cells, typ-ically of 2-5 people, tend to be built by people with an existing personal relationship. British counterinsurgents could fairly easily understand the command structure, but not the workings of the operational cells.

The IRA has an extensive network of inactive or sleeper cells, so new ad hoc organizations may appear for any speciﬁc operation.

5.1.2 World War II French Resistance

In World War II,Operation Jedburghteams parachuted into occupied France to lead unconventional warfare units.[3][4]_{They would be composed of two oﬃcers, one} American or British, and the other French, the latter preferably from the area into which they landed. The third member of the team was a radio operator.

Especially through the French member, they would con-tact trusted individuals in the area of operation, and ask them to recruit a team of trusted subordinates (i.e., a sub-cell). If the team mission were sabotage, reconnaissance, or espionage, there was no need to meet in large units. If the team was to carry out direct action, often an un-wise mission unless an appreciable number of the locals had military experience, it would be necessary to assem-ble into units for combat. Even then, the hideouts of the leadership were known only to subcell leaders. The le-gitimacy of the Jedburgh team came from its known af-ﬁliation with Allied powers, and it was a structure more appropriate for UW than for truly clandestine operations.

(21)

5.3. EXTERNAL SUPPORT 9

5.1.3 National Front for the Liberation of

South Vietnam

Also known as theViet Cong, this organization grew from earlier anticolonial groups ﬁghting the French, as well as anti-Japanese guerillas during World War II.[5] _Its com-mand, control, and communication techniques derived from the experiences of these earlier insurgent groups. The group had extensive support from North Vietnam, and, indirectly, from the Soviet Union. It had parallel political and military structures, often overlapping. See Viet Cong and PAVN strategy and tactics.

A dual, but sometimes overlapping, Party and Military structure was top-down

The lowest level consisted of three-person cells who op-erated quite closely, and engaging in the sort of self-criticismcommon, as a bonding method, to Communist organizations.

5.2 Parallel organizations

The NLF and PIRA, as well as other movements, have chosen to have parallel political and military organiza-tions. In the case of the NLF, other than some individuals with sanctuary in North Vietnam, the political organiza-tion could not be overt during theVietnam War. After the war ended, surviving NLF officials held high office. In the case of the PIRA, its political wing,Sinn Féin, be-came increasingly overt, and then a full participant in pol-itics. Hamasand Hezbollahalso have variants of overt political/social service and covert military wings. The overt political/social–covert military split avoided the inflexibility of a completely secret organization. Once an active insurgency began, the secrecy could limit freedom of action, distort information about goals and ideals, and restrict communication within the insurgency.[6]_{In a split} organization, the public issues can be addressed overtly, while military actions were kept covert and intelligence functions stay clandestine.

5.3 External support

Many cell systems still receive, with due attention to se-curity, support from the outside. This can range from leaders, trainers and supplies (such as the Jedburgh assis-tance to the French Resisassis-tance), or a safe haven for overt activities (such as the NLF spokesmen in Hanoi). External support need not be overt. Certain Shi'a groups in Iraq, for example, do receive assistance from Iran, but this is not a public position of the government of Iran, and may even be limited to factions of that government. Early US support to the Afghan Northern Alliance against the Taliban used clandestine operators from both theCIAand United States Army Special Forces. As the latter conﬂict escalated, the US participation became overt.

Note that bothunconventional warfare(UW) (guerrilla operations) and foreign internal defense (FID) (coun-terinsurgency) may be covert and use cellular organiza-tion.

In a covert FID mission, only selected host nation (HN) leaders are aware of the foreign support organization. Un-derOperation White Star, US personnel gave covert FID assistance to the Royal Lao Army starting in 1959, be-came overt in 1961, and ceased operations in 1962.

5.4 Models of insurgency and

asso-ciated cell characteristics

While different kinds of insurgency differ in where they place clandestine or covert cells, when certain types of in-surgency grow in power, the cell system is deemphasized. Cells still may be used for leadership security, but, if overt violence by organized units becomes significant, cells are less important. In Mao’s three-stage doctrine,[7]_{cells are} still useful in Phase II to give cover to part-time guerillas, but, as the insurgency creates full-time military units in Phase III, the main units are the focus, not the cells. The Eighth Route Armydid not run on a cell model.

When considering where cells exist with respect to the existing government, the type of insurgency needs to be considered. One US Army reference was Field Manual 100-20, which has been superseded by FM3-07.[8] Draw-ing on this work, Nyberg (aUnited States Marine Corps oﬃcer) extended the ideas to describe four types of cell system, although his descriptions also encompass types of insurgencies that the cell system supports.[9] _{At present,} there is a new type associated with transnational terrorist insurgencies.

1. Traditional: the slowest to form, this reﬂects a prin-cipally indigenous insurgency, initially with limited goals. It is more secure than others, as it tends to grow from people with social, cultural or family ties. The insurgents resent a government that has failed to

(22)

10 CHAPTER 5. CLANDESTINE CELL SYSTEM

recognize tribal, racial, religious or linguistic groups “who perceive that the government has denied their rights and interests and work to establish or restore them. They seldom seek to overthrow the govern-ment or control the whole society; however, they fre-quently attempt to withdraw from government con-trol through autonomy or semiautonomy.” The Mu-jahideen in Afghanistan and the Kurdish revolt in Iraq illustrate the traditional pattern of insurgency. al-Qaedagenerally operates in this mode, but if they become strong enough in a given area, they may change to the mass-oriented form.

2. Subversive: Usually driven by an organization that contains at least some of the governing elite, some being sympathizers already in place, and others who penetrate the government. When they use violence, it has a specific purpose, such as coercing voters, intimidating officials, and disrupting and discredit-ing the government. Typically, there is a political arm (such asSinn Féinor theNational Liberation Front) that directs the military in planning carefully coordinated violence. “Employment of violence is designed to show the system to be incompetent and to provoke the government to an excessively violent response which further undermines its legitimacy.” TheNazirise to power, in the 1930s, is another ex-ample of subversion. Nazi members of parliament and street fighters were hardly clandestine, but the overall plan of the Nazi leadership to gain control of the nation was hidden. “A subversive insurgency is suited to a more permissive political environment which allows the insurgents to use both legal and il-legal methods to accomplish their goals. Effective government resistance may convert this to a critical-cell model.

3. Critical-cell: Critical cell is useful when the po-litical climate becomes less permissive than one that allowed shadow cells. While other cell types try to form intelligence cells within the govern-ment, this type sets up "shadow government" cells that can seize power once the system is destroyed both by external means and the internal subversion. This model ﬁts the classiccoup d'etat,[10] _and of-ten tries to minimize violence. Variants include theSandinista takeover of an existing government weakened by external popular revolution. “Insur-gents also seek to inﬁltrate the government’s institu-tions, but their object is to destroy the system from within.” Clandestine cells form inside the govern-ment. “The use of violence remains covert until the government is so weakened that the insurgency’s superior organization seizes power, supported by the armed force. One variation of this pattern is when the insurgent leadership permits the popu-lar revolution to destroy the existing government, then emerges to direct the formation of a new gov-ernment. Another variation is seen in the Cuban

revolution[11]_{and is referred to as the foco (or Cuban} model) insurgency. This model involves a single, armed cell which emerges in the midst of degenerat-ing government legitimacy and becomes the nucleus around which mass popular support rallies. The in-surgents use this support to establish control and erect new institutions.”

4. Mass-oriented: where the subversive and covert-cell systems work from within the government, the mass-oriented builds a government completely out-side the existing one, with the intention of replac-ing it. Such “insurgents patiently construct a base of passive and active political supporters, while simul-taneously building a large armed element of guer-rilla and regular forces. They plan a protracted cam-paign of increasing violence to destroy the govern-ment and its institutions from the outside. They have a well-developed ideology and carefully determine their objectives. They are highly organized and ef-fectively use propaganda and guerrilla action to mo-bilize forces for a direct political and military chal-lenge to the government.” The revolution that pro-duced thePeoples’ Republic of China, theAmerican Revolution, and theShining Pathinsurgency in Peru are examples of the mass-oriented model. Once es-tablished, this type of insurgency is extremely diﬃ-cult to defeat because of its great depth of organiza-tion.

5.5 Classic models for cell system

operations

Diﬀerent kinds of cell organizations have been used for diﬀerent purposes. This section focuses on clandestine cells, as would be used forespionage, sabotage, or the organization forunconventional warfare. When uncon-ventional warfare starts using overt units, the cell sys-tem tends to be used only for sensitive leadership and intelligence roles.[7] _{The examples here will use} _CIA cryptonyms as a naming convention used to identify members of the cell system. Cryptonyms begin with a two-letter country or subject name (e.g., AL), followed with an arbitrary word. It is considered elegant to have the code merge with the other letters to form a pronounceable word.

5.5.1 Operations under oﬃcial cover

Station BERRY operates, for country B, in target coun-try BE. It has three case officers and several support of-ficers. Espionage operation run by case officers under diplomatic cover, they would have to with the basic re-cruiting methods described in this article. Case officer BETTY runs the local agents BEN and BEATLE. Case officer BESSIE runs BENSON and BEAGLE.

(23)

5.5. CLASSIC MODELS FOR CELL SYSTEM OPERATIONS 11

Representative diplomatic-cover station and networks

Some recruits, due to the sensitivity of their position or their personalities not being appropriate for cell leader-ship, might not enter cells but be run as singletons, per-haps by other than the recruiting case officer. Asset BARD is a different sort of highly sensitive singleton, who is a joint asset of the country B, and the country iden-tified by prefix AR. ARNOLD is a case officer from the country AR embassy, who knows only the case officer BERTRAM and the security officer BEST. ARNOLD does not know the station chief of BERRY or any of its other personnel. Other than BELL and BEST, the Station personnel only know BERTRAM as someone authorized to be in the Station, and who is known for his piano play-ing at embassy parties. He is covered as Cultural Attache, in a country that has very few pianos. Only the personnel involved with BARD know that ARNOLD is other than another friendly diplomat.

In contrast, BESSIE and BETTY know one another, and procedures exist for their taking over each other’s assets in the event one of the two is disabled.

Some recruits, however, would be qualiﬁed to recruit their own subcell, as BEATLE has done. BESSIE knows the identity of BEATLE-1 and BEATLE-2, since he had them checked by headquarters counterintelligence before they were recruited. Note that a cryptonym does not im-ply anything about its designee, such as gender.

5.5.2 Clandestine presence

The diagram of “initial team presence” shows that two teams, ALAN and ALICE, have successfully entered an area of operation, the country coded AL, but are only aware of a pool of potential recruits, and have not yet ac-tually recruited anyone. They communicate with one an-other only through headquarters, so compromise of one team will not aﬀect the other.

Assume that in team ALAN, ALISTAIR is one of the of-ﬁcers with local contacts, might recruit two cell leaders, ALPINE and ALTITUDE. The other local oﬃcer in the

Initial team presence by 2 separate clandestine teams with no of-ﬁcial cover

team, ALBERT, recruits ALLOVER. When ALPINE recruited two subcell members, they would be referred to as ALPINE-1 and ALPINE-2.

ALPINE and ALTITUDE only know how to reach AL-ISTAIR, but they are aware of at least some of other team members’ identity should ALISTAIR be unavailable, and they would accept a message from ALBERT. Most often, the identity (and location) of the radio operator may not be shared. ALPINE and ALTITUDE, however, do not know one another. They do not know any of the mem-bers of team ALICE.

The legitimacy of the subcell structure came from the re-cruitment process, originally by the case officer and then by the cell leaders. Sometimes, the cell leader would pro-pose subcell member names to the case officer, so the case officer could have a headquarters name check run before bringing the individual into the subcell. In princi-ple, however, the subcell members would know ALPINE, and sometimes the other members of the ALPINE cell if they needed to work together; if ALPINE-1 and ALPINE-2 had independent assignments, they might not know each other. ALPINE-1 and ALPINE-2 certainly would not know ALISTAIR or anyone in the ALTITUDE or ALLOVER cells.

As the networks grow, a subcell leader might create his own cell, so ALPINE-2 might become the leader of the ALIMONY cell.

5.5.3 Fault-tolerant cellular structures

Modern communications theory has introduced methods to increase fault tolerance in cell organizations. In the past, if cell members only knew the cell leader, and the leader was neutralized, the cell was cut oﬀ from the rest of the organization. Game theory and graph theory have been applied to the study of optimal covert network de-sign (see Lindelauf, R.H.A. et al. 2009. The inﬂuence of secrecy on the communication structure of covert

(24)

net-12 CHAPTER 5. CLANDESTINE CELL SYSTEM

Clandestine teams have built initial subcells

works. Social Networks 31: 126-137).

If a traditional cell had independent communications with the foreign support organization, headquarters might be able to arrange its reconnection. Another method is to have impersonal communications “side links” between cells, such as a pair ofdead drops, one for Team ALAN to leave “lost contact” messages to be retrieved by Team ALICE, and another dead drop for Team ALICE to leave messages for Team ALAN.

These links, to be used only on losing contact, do not guarantee a contact. When a team ﬁnds a message in its emergency drop, it might do no more than send an alert message to headquarters. Headquarters might deter-mine, throughSIGINTor other sources, that the enemy had captured the leadership and the entire team, and or-der the other team not to attempt contact. If headquarters can have reasonable conﬁdence that there is a communi-cations failure or partial compromise, it might send a new contact to the survivors.

When the cut-oﬀ team has electronic communications, such as the Internet, it has a much better chance of eluding surveillance and getting emergency instructions than by using a dead drop that can be under physical surveillance.

5.6 Non-traditional models,

exem-pliﬁed by al-Qaeda

Due to cultural diﬀerences, assuming the al-Qaeda

Training Manual[12] _{is authentic, eastern cell structures} may diﬀer from the Western mode. “Al-Qaida’s minimal core group, only accounting for the leadership, can also be viewed topologically as a ring or chain network, with each leader/node heading their own particular hierarchy. “Such networks function by having their sub-networks provide information and other forms of support (the ‘many-to-one’ model), while the core group sup-plies ‘truth’ and decisions/directions (the ‘one-to-many’

model). Trust and personal relationships are an essen-tial part of the Al-Qaida network (a limiting factor, even while it provides enhanced security). Even while cell members are trained as ‘replaceable’ units, ‘vetting’ of members occurs during the invited training period under the observation of the core group.[13]

Cells of this structure are built outwards, from an internal leadership core. Superficially, this might be likened to a Western cell structure that emanates from a headquarters, but the Western centrality is bureaucratic, while struc-tures in other non-western culstruc-tures builds on close per-sonal relationships, often built over years, perhaps involv-ing family or other in-group linkages. Such in-groups are thus extremely hard to infiltrate; infiltration has a serious chance only outside the in-group. Still, it may be possible for an in-group to be compromised throughCOMINTor, in rare cases, by compromising a member.

The core group is logically a ring, but is superimposed on an inner hub-and-spoke structure of ideological au-thority. Each member of the core forms another hub and spoke system (seeinfrastructure cells), the spokes leading to infrastructure cells under the supervision of the core group member, and possibly to operational groups which the headquarters support. Note that in this organization, there is a point at which the operational cell becomes au-tonomous of the core. Members surviving the operation may rejoin at various points.

Core group, with contact ring and ideological hierarchy Osama, in this model, has the main responsibility of com-manding the organization and being the spokesman on propaganda video and audio messages distributed by the propaganda cell. The other members of the core each command one or more infrastructure cells.

While the tight coupling enhances security, it can limit ﬂexibility and the ability to scale the organization. This in-group, while sharing tight cultural and ideological val-ues, is not committed to a bureaucratic process.

“Members of the core group are under what could be termed 'positive control'—long relationships and similar mindsets make 'control' not so much of an issue, but there are distinct roles, and position (structural, ﬁnancial, spir-itual) determines authority, thus making the core group a

(25)

5.6. NON-TRADITIONAL MODELS, EXEMPLIFIED BY AL-QAEDA 13

hierarchy topologically.[13]

In the ﬁrst example of the core, each member knows how to reach two other members, and also knows the mem-ber(s) he considers his ideological superior. Solid lines show basic communication, dotted red arrows show the ﬁrst level of ideological respect, and dotted blue arrows show a second level of ideological respect.

If Osama, the most respected, died, the core would re-constitute itself. While diﬀerent members have an indi-vidual ideological guide, and these are not the same for all members, the core would reconstitute itself with Richard as most respected.

Assume there are no losses, and Osama can be reached directly only by members of the core group. Members of outer cells and support systems might know him only as “the Commander”, or, as in the actual case of al-Qaeda, Osama bin Laden’s face is recognizable worldwide, but only a few people know where he was or even how to contact him.

5.6.1 Infrastructure cells

Any clandestine or covert service, especially a non-national one, needs a variety of technical and adminis-trative functions. Some of these services include:[13]

1. Forged documents and counterfeit currency 2. Apartments and hiding places

3. Communication means 4. Transportation means 5. Information

6. Arms and ammunition 7. Transport

Other functions include psychological operations, train-ing, and ﬁnance.

A national intelligence service[14] _{has a support} organi-zation to deal with services such as finance, logistics, fa-cilities (e.g.,safehouses), information technology, com-munications, training, weapons and explosives, medical services, etc. Transportation alone is a huge function, in-cluding the need to buy tickets without drawing suspicion, and, where appropriate, using private vehicles. Finance includes the need to transfer money without coming un-der the suspicion of financial security organizations. Some of these functions, such as finance, are far harder to operate in remote areas, such as theFATAofPakistan, than in cities with large numbers of official and unofficial financial institutions, and the communications to support them. If the financial office is distant from the remote headquarters, there is a need forcouriers, who must be

trusted to some extent, but they may not know the con-tents of their messages or the actual identity of sender and/or receiver. The couriers, depending on the balance among type and size of message, security, and technology available, may memorize messages, carry audio or video recordings, or hand-carry computer media.

Core group and infrastructure cells; military cells in training “These cells are socially embedded (less so than the core group, however), structurally embedded, function-ally embedded (they are specialized into a domain), and knowledge base-speciﬁc (there does not seem to be a great deal of cross-training, or lateral mobility in the orga-nization). Such cells are probably subjected to a mixture of positive and negative control (“do this, do these sorts of things, don’t do that”).”[13]

The leaders of military cells are responsible for training them, and, when an operation is scheduled, selecting the operational commander, giving him the basic objective and arranging whatever support is needed, and then re-lease him from tight control to execute the meeting. De-pending on the speciﬁc case, the military leaders might have direct, possibly one-way, communications with their cells, or they might have to give Kim the messages to be transmitted, by means that Anton and Hassan have no need to know.

Note that Anton does not have a direct connection to Kim. Under normal circumstances, he sacriﬁces eﬃ-ciency for security, by passing communications requests through Hassan. The security structure also means that Hassan does not know the members of Anton’s cells, and Kim may know only ways to communicate with them but not their identity.

Kim operates two systems of cells, one for secure com-munications and one for propaganda. To send out a pro-paganda message, Osama must pass it to Kim. If Kim were compromised, the core group might have signiﬁcant problems with any sort of outside communications. Terrorist networks do not match cleanly to other cell sys-tems that regularly report to a headquarters. The apparent al-Qaeda methodology of letting operational cells decide on their ﬁnal dates and means of attack exhibit an oper-ational pattern, but not a periodicity that could easily be

(26)

14 CHAPTER 5. CLANDESTINE CELL SYSTEM

used for anindications checklistappropriate for a warn-ing center. Such lists depend on seewarn-ing a local pattern to give a speciﬁc warning.[15]

Note that Hassan has two subordinates that have not yet established operational cells. These subordinates can be considered sleepers, but not necessarily with a sleeper cell.

5.6.2 Operational cells

For each mission are created one or more operational cells. If the al-Qaeda signature of multiple concurrent attacks is used, there may be an operational cell for each target location. It will depend on the operation if they will need any support cells in the operational area. For example, it may be more secure to have a local cell build bombs, which will be delivered by cells coming from out-side the area.

“Operational cells are not created, but instead 'seeded' utilizing individuals spotted or that request assistance (both groups are 'vetted' by being trained under the ob-servation of the core group, which dramatically restricts the opportunity for passing off walk-ins under false flag). Categorization of operational cells appears to be by capa-bilities, region, and then task/operation. Operational cells are composed of members whose worldview has been firmly tested—necessary to front-load, because such cells are dispersed back to their own local control (or nega-tive control—proscribed behavior—with posinega-tive control only coming in the form of contact for synchronization or support).”[13]

If operational cells routinely are “released” curved dotted

lines on link to military cells to select their ﬁnal operational

parameters, they use a diﬀerent paradigm than govern-mental clandestine or covert operations. On a number of cases, US special operations forces had to wait for Presi-dential authorization to make an attack, or even move to staging areas. Admittedly, a country would have to face the consequences of an inappropriate attack, so it may tend to be overcautious, where a terror network would merely shrug at the world being upset. Assuming that the al-Qaeda operational technique is not to use positive con-trol, their operations may be more random, but also more unpredictable for counterterror forces. If their cells truly need constant control, there are communications links that might be detected by SIGINT, and if their command can be disrupted, the ﬁeld units could not function. Since there is fairly little downside for terrorists to attack out of synchronization with other activities, the lack of pos-itive control becomes a strength of their approach to cell organization.

The operational cells need to have continuous internal communication; there is a commander, who may be in touch with infrastructure cells or, less likely from a secu-rity standpoint with the core group.

Core group, with contact ring and ideological hierarchy

Al-Qaeda’s approach, which even diﬀers from that of ear-lier terrorist organizations, may be very viable for their goals:

• Cells are redundant and distributed, making them

diﬃcult to ‘roll up’

• Cells are coordinated, not under “command &

control”—this autonomy and local control makes them ﬂexible, and enhances security

• Trust and comcon internally to the cell provide

re-dundancy of potential command (a failure of Pales-tinian operations in the past), and well as a shared knowledgebase (which may mean, over time, that ‘cross training’ emerges inside a cell, providing re-dundancy of most critical skills and knowledge).[13]

5.6.3 Indirect support networks

In the above graphic, note the indirect support network controlled by Richard’s subcell.

“While Al-Qaida has elements of the organization de-signed to support the structure, but such elements are in-sufficient in meeting the needs of such an organization, and for security reasons there would be redundant and secondary-/tertiary-networks that are unaware of their connection to Al-Qaida. These networks, primarily re-lated to fundraising and financial activities, as well as technology providers, are in a ‘use’ relationship with Al-Qaida—managed through cut-outs or individuals that do not inform them of the nature of activities, and that may have a cover pretext sufficient to deflect questions or inquiry.”[13]

5.6.4 A possible countermeasure

In 2002, U.S. News & World Report said that American intelligence is beginning to acquire a suﬃciently criti-cal mass of intelligence on al-Qaida indicating, “Once thought nearly impossible to penetrate, al Qaeda is prov-ing no tougher a target than the KGB or the Maﬁa--closed

(27)

societies that took the U.S. government years to get in-side. “We're getting names, the different camps they trained at, the hierarchy, the infighting,” says an intelli-gence official. “It’s very promising.”[16] _{The report also} said that the collected data has allowed the recruiting of informants.

Writing in the U.S. Army journal Military Review, David W. Pendall suggested that a “catch-and-release program for suspected operatives might create reluctance or dis-trust in such suspects and prevent them from further acts or, perhaps more important, create distrust in the cell leaders of these individuals in the future.” The author noted the press release describing Ramzi Binalshib’s co-operation with the United States “are sure to prevent reen-try into a terrorist cell as a trusted member and most likely limits the further trust and assignments of close cell asso-ciates still at large. The captor would determine when to name names and when to remain silent.”[17]_{Indeed, once} intelligence learns the name and characteristics of an at-large adversary, as well as some sensitive information that would plausibly be known to him, a news release could be issued to talk about his cooperation. Such a method could not be used too often, but, used carefully, could disturb the critical trust networks. The greatest uncertainty might be associated with throwing doubt onto a key member of an operational cell that has gone autonomous.

5.7 See also

• Leaderless resistance

• Lone wolf (terrorism)

5.8 References

[1] Leahy, Kevin C. (2005). “The Impact of Technology on the Command, Control, and Organizational Structure of Insurgent Groups”(PDF). Retrieved 2007-12-04. [2] Irish Republican Army. “The Green Book”. Archived

fromthe originalon 2007-06-16. Retrieved 2007-12-04. [3] Hall, Roger (1964). You're Stepping on my Cloak and

Dag-ger. Bantam Books.

[4] Hogan, David W. (1992).“Chapter 3: Special Operations in the European Theater”. U.S. Army Special Operations in World War II. Washington, D.C.:United States Army Center of Military History. CMH Pub 70-42.

[5] Pike, Douglas (1970). Viet Cong: Organization and

Tech-nique of the National Liberation Front of South Vietnam.

MIT Press.

[6] US Department of the Army (December 2006). “FM 3-24: Counterinsurgency”(PDF).

[7] Mao, Zedong(1967). On Protracted War. Foreign Lan-guage Press, Beijing.

[8] US Department of the Army (20 February 2003).“FM 3-07 (formerly FM 100-20): Stability Operations and Sup-port Operations”.

[9] Nyberg, Eric N. (1991).“Insurgency: The Unsolved Mys-tery”. US Marine Corps University Command and Staﬀ College.

[10] Luttwak, Edward(1968). Coup d'etat: A Practical

Hand-book. Harvard University Press.

[11] Guevara, Ernesto “Che” (1961). On Guerilla Warfare. Praeger.

[12] “al-Qaeda training manual”(PDF). US Southern District Court, US New York City Attorney’s Oﬃce, entered as evidence in Africa embassy bombings.

[13] Decision Support Systems, Inc. (2001-12-31). “Hunting the Sleepers: Tracking al-Qaida’s Covert Operatives”

(PDF). Retrieved 2007-11-17.

[14] US Central Intelligence Agency. “Support to Mission: Who We Are”. Retrieved 2007-11-19.

[15] Fellman, Philip Vos; Wright, Roxana. “Modeling Ter-rorist Networks - Complex Systems at the Mid-Range”

(PDF). Retrieved 2007-11-02.

[16] Kaplan, David E. (22 September 2002). “Run and Gun: Al Qaeda arrests and intelligence hauls bring new energy to the war on terrorism”. U.S. News & World Report. [17] Pendall, David W. (January–February 2004).

“Eﬀects-Based Operations and the Exercise of National Power”.

Military Review (United States Army Combined Arms Center). Find the article by going through the Military Review directories

5.9 External links

• An Introduction To Terrorist Organisational Struc-tures

(28)

Chapter 6

Clandestine HUMINT

This article is a subset article

un-der Human Intelligence. For a

complete hierarchical list of arti-cles, see the intelligence cycle man-agementhierarchy. Concepts here also are intimately associated with counterintelligence. This article deals with the what of clandestine HUMINT, and is a prerequisite for the how in theClandestine HUMINT operational techniquesarticle.

ClandestineHUMINT(HUMan INTelligence) is intel-ligence collected from human sources using clandestine espionage methods. These sources consist of people working in a variety of roles within the intelligence com-munity. Examples include the classic spy (known by professionals as an asset or agent), who collects intel-ligence, couriers and related personnel, who handle an intelligence organization’s (ideally) secure communica-tions, and support personnel, such as access agents, who may arrange the contact between the potential spy and thecase officerwho recruits them. The recruiter and su-pervising agent may not necessarily be the same individ-ual. Large espionage networks may be composed of mul-tiple levels of spies, support personnel, and supervisors. Espionage networks are typically organized as acell sys-tem, in which each clandestine operator knows the peo-ple in his own cell, perhaps the external case officer, and an emergency method (which may not necessarily involve another person) to contact higher levels if the case officer or cell leader is captured, but has no knowledge of people in other cells.

Espionage involves a human being obtaining (i.e., us-ing human intelligence (HUMINT) methods) informa-tion that is consideredsecretor conﬁdential without the permission of the holder of the information. Espionage is inherentlyclandestine, and the legitimate holder of the information may change plans or take other countermea-sures once it is known that the information is in unautho-rized hands. See the articles suchClandestine HUMINT operational techniquesandClandestine HUMINT asset recruitingfor discussions of the “tradecraft” used to col-lect this information.

HUMINT is in a constant battle withcounterintelligence, and the relationship can become very blurry, as one side tries to “turn” agents of the other into reporting to the other side. Recruiters can runfalse ﬂagoperations, where a citizen of country A believes they are providing intelli-gence to country B, when they are actually providing it to country C.

Unlike other forms ofintelligence collection disciplines, espionage usually involves accessing the place where the desired information is stored, or accessing the people who know the information and will divulge it through some kind of subterfuge. There are exceptions to phys-ical meetings, such as theOslo Report, or the insistence ofRobert Hanssenin never meeting the people to whom he was selling information.

This article does not cover military units that penetrate deep between enemy lines, but generally in uniform, to conduct special reconnaissance. Such military units can be on the border of the line, in international law, which deﬁnes them as spies, if they conduct informa-tion in civilian clothes. In some circumstances, the uni-formed personnel may act in support to the actual agents, providing communications, transportation, ﬁnancial, and other support. Yet another discipline iscovert operations, where personnel, uniformed or not, may conductraids, sabotage,assassinations,propaganda(i.e.,psychological operations), etc.

6.1 Legal aspects

Black’s Law Dictionary (1990) deﬁnes espionage as:

"...gathering, transmitting, or losing...information related to thenational defense.”

In the UK, “Under the 1911 Act, a person commits the oﬀence of 'spying' if he, for any purpose prejudicial to the safety or interests of the State;

(a) approaches, inspects, passes over or is in the neighbourhood of, or enters any prohibited place,

(b) makes any sketch, plan, model, or note which is calculated to be or might be or is