In U.S. doctrine, although not necessarily that of other countries, CI is now seen as primarily a counter to FIS
HUMINT. In the 1995 US Army counterintelligence manual, CI had a broader scope against the various intelligence collection disciplines. Some of the overarching CI tasks are described as :#Developing, maintaining, and disseminating multidiscipline threat data and intelligence files on organizations, locations, and individuals of CI interest. This includes insurgent and terrorist infrastructure and individuals who can assist in the CI mission. :#Educating personnel in all fields of security. A component of this is the multidiscipline threat briefing. Briefings can and should be tailored, both in scope and classification level. Briefings could then be used to familiarize supported commands with the nature of the multidiscipline threat posed against the command or activity. More recent US joint intelligence doctrine restricts its primary scope to counter-HUMINT, which usually includes counter-terror. It is not always clear, under this doctrine, who is responsible for all intelligence collection threats against a military or other resource. The full scope of US military counterintelligence doctrine has been moved to a classified publication, Joint Publication (JP) 2-01.2,
Counterintelligence and Human Intelligence Support to Joint Operations. More specific countermeasures against intelligence collection disciplines are listed below
Counter-HUMINT Counter-HUMINT deals with both the detection of hostile HUMINT sources within an organization, or the detection of individuals likely to become hostile HUMINT sources, as a mole or double agent. There is an additional category relevant to the broad spectrum of counterintelligence: why one becomes a terrorist. The acronym
MICE: :
Money :
Ideology :
Compromise (or coercion) :
Ego describes the most common reasons people break trust and disclose classified materials, reveal operations to hostile services, or join terrorist groups. It makes sense, therefore, to monitor trusted personnel for risks in these areas, such as financial stress, extreme political views, potential vulnerabilities for blackmail, and excessive need for approval or intolerance of criticism. With luck, problems in an employee can be caught early, assistance can be provided to correct them, and not only is espionage avoided, but a useful employee retained. Sometimes, the preventive and neutralization tasks overlap, as in the case of
Earl Edwin Pitts. Pitts had been an FBI agent who had sold secret information to the Soviets, and, after the fall of the USSR, to the Russians. He was caught by an FBI false flag sting, in which FBI agents, posing as Russian FSB agents, came to Pitts with an offer to "reactivate" him. His activities seemed motivated by both money and ego over perceived bad treatment when he was an FBI agent. His sentence required him to tell the FBI all he knew of foreign agents. Ironically, he told them of suspicious actions by
Robert Hanssen, which were not taken seriously at the time.
Motivations for information and operations disclosure To go beyond slogans, Project Slammer was an effort of the Intelligence Community Staff, under the Director of Central Intelligence, to come up with characteristics of an individual likely to commit espionage against the United States. It "examines espionage by interviewing and psychologically assessing actual espionage subjects. Additionally, persons knowledgeable of subjects are contacted to better understand the subjects' private lives and how they are perceived by others while conducting espionage." According to a press report about Project Slammer and Congressional oversight of counterespionage, one fairly basic function is observing one's own personnel for behavior that either suggests that they could be targets for foreign HUMINT, or may already have been subverted. News reports indicate that in hindsight, red flags were flying but not noticed. In several major penetrations of US services, such as
Aldrich Ames, the Walker ring or
Robert Hanssen, the individual showed patterns of spending inconsistent with their salary. Some people with changed spending may have a perfectly good reason, such as an inheritance or even winning the lottery, but such patterns should not be ignored. Personnel in sensitive positions, who have difficulty getting along with peers, may become risks for being compromised with an approach based on ego.
William Kampiles, a low-level worker in the CIA Watch Center, sold, for a small sum, the critical operations manual on the
KH-11 reconnaissance satellite. To an interviewer, Kampiles suggested that if someone had noted his "problem"—constant conflicts with supervisors and co-workers—and brought in outside counseling, he might not have stolen the KH-11 manual. While a funding cut caused the loss of impetus in the mid-nineties, there are research data used throughout the security community. They emphasize the
Counter-SIGINT (Signals Intelligence) Military and security organizations will provide secure communications, and may
monitor less secure systems, such as commercial telephones or general Internet connections, to detect inappropriate information being passed through them. Education on the need to use secure communications, and instruction on using them properly so that they do not become vulnerable to
specialized technical interception.
Counter-IMINT (Imagery Intelligence) The basic methods of countering IMINT are to know when the opponent will use imaging against one's own side, and interfering with the taking of images. In some situations, especially in free societies, it must be accepted that public buildings may always be subject to photography or other techniques. Countermeasures include putting visual shielding over sensitive targets or camouflaging them. When countering such threats as imaging satellites, awareness of the orbits can guide security personnel to stop an activity, or perhaps cover the sensitive parts, when the satellite is overhead. This also applies to imaging on aircraft and UAVs, although the more direct expedient of shooting them down, or attacking their launch and support area, is an option in wartime.
Counter-OSINT (Open-Source Intelligence) While the concept well precedes the recognition of a discipline of
OSINT, the idea of
censorship of material directly relevant to national security is a basic OSINT defense. In democratic societies, even in wartime, censorship must be watched carefully lest it violate reasonable freedom of the press, but the balance is set differently in different countries and at different times. The
United Kingdom is generally considered to have a very free press, but there is the
DA-Notice, formerly D-notice system. Many British journalists find that the system is used fairly, but there will always be arguments. In the specific context of counterintelligence, note that
Peter Wright, a former senior member of the
Security Service who left their service without his pension, moved to
Australia before publishing his book
Spycatcher. While much of the book was reasonable commentary, it revealed some specific and sensitive techniques, such as
Operation RAFTER, a means of detecting the existence and setting of radio receivers.
Counter-MASINT (Measurement and Signature Intelligence) MASINT is mentioned here for completeness, but the discipline contains so varied a range of technologies that a type-by-type strategy is beyond the current scope. One example, however, can draw on the
Operation RAFTER technique revealed in Wright's book. With the knowledge that
Radiofrequency MASINT was being used to pick up an internal frequency in radio receivers, it would be possible to design a shielded receiver that would not radiate the signal that RAFTER monitored. ==Theory of offensive counterintelligence==