Small Unit Tactics contact patriot-dawn Patriot Rising

Countersurveillance

Home Forums Information & Intelligence Countersurveillance

This topic contains 21 replies, has 9 voices, and was last updated by Profile photo of Joe (G.W.N.S.) Joe (G.W.N.S.) 1 month, 1 week ago.

Viewing 22 posts - 1 through 22 (of 22 total)
  • Author
    Posts
  • #37684
    Profile photo of Joe (G.W.N.S.)
    Joe (G.W.N.S.)
    Moderator

    Related to the Threads Kim’s Game and Situational Awareness is Countersurveillance.

    Here is a good overview from Stratfor:

    The Secrets of Countersurveillance

    Almost any criminal act, from a purse-snatching to a terrorist bombing, involves some degree of pre-operational surveillance. In fact, one common denominator of all the different potential threats — whether from lone wolves, militant groups, common criminals or the mentally disturbed — is that those planning an operation all monitor their target in advance. However, while pickpockets or purse-snatchers case their victims for perhaps only a few seconds or minutes, a militant organization might conduct detailed surveillance of a target for several weeks or even months.

    Regardless of the length of time surveillance is performed, however, the criminal or militant conducting it is exposed, and therefore vulnerable to detection. Because of this, countersurveillance (CS) — the process of detecting and mitigating hostile surveillance — is an important, though often overlooked, element of counterterrorism and security operations. CS is especially important because it is one of the few security measures that allows for threats to be dealt with before they can develop into active attacks.

    An effective CS program depends on knowing two “secrets”: first, hostile surveillance is vulnerable to detection because those performing it are not always as sophisticated in their tradecraft as commonly perceived; and second, hostile surveillance can be manipulated and the operatives forced into making errors that will reveal their presence.

    The First Secret

    Various potential assailants use different attack cycles, which vary depending on the nature and objectives of the plotter. For example, the typical six-step terrorist attack cycle does not always apply to a suicide bomber (who is not concerned about escape) or a mentally disturbed stalker (who is not concerned about escape or media exploitation). It is during the early phases of the attack cycle — the target selection and the planning phases — that the plotters conduct their surveillance, though they even can use a surveillance team during the actual attack to signal that the target is approaching the attack zone.

    The purpose of pre-operational surveillance is to determine the target’s vulnerabilities. Surveillance helps to quantify the target, note possible weaknesses and even to begin to identify potential attack methods. When the target is a person, perhaps targeted for assassination or kidnapping, surveillants will look for patterns of behavior such as the time the target leaves for work, the transportation method and the route taken. They also will take note of the type of security, if any, the target uses. For fixed targets such as buildings, the surveillance will be used to determine physical security measures as well as patterns of behavior within the guard force, if guards are employed. For example, the plotters will look for fences, gates, locks and alarms, but also will look for times when fewer guards are present or when the guards are about to come on or off their shifts. All of this information will then be used to select the best time and location for the attack, the type of attack and the resources needed to execute it.

    Since an important objective of pre-operational surveillance is establishing patterns, the operatives will conduct their surveillance several times, often at different times of the day. Additionally, they will follow a mobile target to different environments and in diverse locations. This is when it is important to know the first “secret” of CS: surveillants are vulnerable to detection. In fact, the more surveillance they conduct, the greater the chances are of them being observed. Once that happens, security personnel can be alerted and the entire plan compromised. Additionally, surveillants who themselves are being watched can unwittingly lead intelligence and law enforcement agencies to other members of their organization.

    Surveillance

    A large and professional surveillance team can use a variety of fixed and mobile assets, including electronic listening devices and operatives on foot, in vehicles and even in aircraft. Such a large team can be extremely difficult for anyone to spot. A massive surveillance operation, however, requires an organization with vast assets and a large number of well-trained operatives. This level of surveillance, therefore, is usually only found at the governmental level, as most militant organizations lack the assets and the number of trained personnel required to mount such an operation. Indeed, most criminal and militant surveillance is conducted by one person, or by a small group of operatives. This means they must place themselves in a position to see the target — and thus be seen — with far more frequency than would be required in a huge surveillance operation. And the more they show their faces, the more vulnerable they are to detection. This vulnerability is amplified if the operatives are not highly trained.

    The al Qaeda manual “Military Studies in the Jihad against the Tyrants” and its online training magazines not only instruct operatives planning an attack to conduct surveillance, they also point out the type of information that should be gathered. These documents, however, do not teach jihadist operatives how to go about gathering the required information. In the United States, the Ruckus Society’s Scouting Manual provides detailed instructions for conducting surveillance, or “scouting,” as the society calls it, on “direct action” targets. Following written instructions, however, does not automatically translate into having skilled surveillance operatives on the street. This is because, while some basic skills and concepts can be learned by reading, applying that information to a real-world situation, particularly in a hostile environment, can be exceedingly difficult. This is especially true when the application requires subtle and complex skills that are difficult to master.

    The behaviors necessary to master surveillance tradecraft are not intuitive, and in fact frequently run counter to human nature. Because of this, intelligence and security professionals who work surveillance operations receive in-depth training that includes many hours of heavily critiqued practical exercises, often followed by field training with experienced surveillance operatives.

    Most militant groups do not provide this level of training, and as a result, poor tradecraft has long proven to be an Achilles’ heel for militants, who typically use a small number of poorly trained operatives to conduct their surveillance operations.

    What does “bad” surveillance look like? The U.S. government uses the acronym TEDD to illustrate the principles one can use to identify surveillance. So, a person who sees someone repeatedly over Time, in different Environments and over Distance, or one who displays poor Demeanor can assume he or she is under surveillance. Surveillants who exhibit poor demeanor, meaning they act unnaturally, can look blatantly suspicious, though they also can be lurkers — those who have no reason for being where they are or for doing what they are doing. Sometimes they exhibit almost imperceptible behaviors that the target senses more than observes. Other giveaways include moving when the target moves, communicating when the target moves, avoiding eye contact with the target, making sudden turns or stops, or even using hand signals to communicate with other members of a surveillance team.

    The mistakes made while conducting surveillance can be quite easy to catch — as long as someone is looking for them. If no one is looking, however, hostile surveillance is remarkably easy. This is why militant groups have been able to get away with conducting surveillance for so long using bumbling operatives who practice poor tradecraft.

    The Second Secret

    At the most basic level, CS can be performed by a person who is aware of his or her surroundings and who is watching for people who violate the principles of TEDD. At a more advanced level, the single person can use surveillance detection routes (SDRs) to draw out surveillance. This leads to the second “secret”: due to the nature of surveillance, those conducting it can be manipulated and forced to tip their hand.

    It is far more difficult to surveil a mobile target than a stationary one, and an SDR is a tool that takes advantage of this difficulty and uses a carefully designed route to flush out surveillance. The SDR is intended to look innocuous from the outside, but is cleverly calculated to evoke certain behaviors from the surveillant.

    When members of a highly trained surveillance team recognize that the person they are following is executing an SDR — and therefore is trying to manipulate them — they will frequently take countermeasures suitable to the situation and their mission. This can include dropping off the target and picking up surveillance another day, bypassing the channel, stair-step or other trap the target is using and picking him or her up at another location along their projected route. It can even include “bumper locking” the target or switching to a very overt mode of surveillance to let the target know that his SDR was detected — and not appreciated. Untrained surveillants who have never encountered an SDR, however, frequently can be sucked blindly into such traps.

    Though intelligence officers performing an SDR need to look normal from the outside — in effect appear as if they are not running an SDR — people who are acting protectively on their own behalf have no need to be concerned about being perceived as being “provocative” in their surveillance detection efforts. They can use very aggressive elements of the SDR to rapidly determine whether the surveillance they suspect does in fact exist — and if it does, move rapidly to a pre-selected safe-haven.

    At a more advanced level is the dedicated CS team, which can be deployed to determine whether a person or facility is under surveillance. This team can use mobile assets, fixed assets or a combination of both. The CS team is essentially tasked to watch for watchers. To do this, team members identify places — “perches” in surveillance jargon — that an operative would need to occupy in order to surveil a potential target. They then watch those perches for signs of hostile surveillance.

    CS teams can manipulate surveillance by “heating up” particular perches with static guards or roving patrols, thus forcing the surveillants away from those areas and toward another perch or perches where the CS team can then focus its detection efforts. They also can use overt, uniformed police or guards to stop, question and identify any suspicious person they observe. This can be a particularly effective tactic, as it can cause militants to conclude that the facility they are monitoring is too difficult to attack. Even if the security forces never realized the person was actually conducting surveillance, such an encounter normally will lead the surveillant to assume that he or she has been identified and that the people who stopped him knew exactly what he was doing.

    Confrontational techniques can stop a hostile operation dead in its tracks and cause the operatives to focus their hostile efforts elsewhere. These techniques include overt field interviews, overt photography of suspected hostiles, and the highly under-utilized Terry stop, in which a law enforcement officer in the United States can legally stop, interview and frisk a person for weapons if the officer has a reasonable suspicion that criminal activity is afoot, even if the officer’s suspicions do not rise to the level of making an arrest.

    Also, by denying surveillants perches that are close to the target’s point of origin or destination (home or work, for example) a CS team can effectively push hostile surveillance farther and farther away. This injects a great deal ambiguity into the situation and complicates the hostile information-collection effort. For instance, if surveillants do not know what car the target drives, they can easily obtain that information by sitting outside of the person’s home and watching what comes out of the garage or driveway. By contrast, surveillants forced to use a perch a mile down the road might have dozens of cars to choose from. CS teams also can conduct more sophisticated SDRs than the lone individual.

    In addition, the CS team will keep detailed logs of the people and vehicles it encounters and will database this information along with photos of possible hostiles. This database allows the team to determine whether it has encountered the same person or vehicle repeatedly on different shifts or at different sites. This analytical component of the CS team is essential to the success of the team’s efforts, especially when there are multiple shifts working the CS operation or multiple sites are being covered. People also have perishable memories, and databasing ensures that critical information is retained and readily retrievable. CS teams also can conduct more sophisticated SDRs than the lone individual.

    Although professional CS teams normally operate in a low-key fashion in order to collect information without changing the behaviors of suspected hostiles, there are exceptions to this rule. When the team believes an attack is imminent or when the risk of allowing a hostile operation to continue undisturbed is unacceptable, for example, team members are likely to break cover and confront hostile surveillants. In cases like these, CS teams have the advantage of surprise. Indeed, materializing out of nowhere to confront the suspected surveillant can be more effective than the arrival of overt security assets.

    Well-trained CS teams have an entire arsenal of tricks at their disposal to manipulate and expose hostile surveillance. In this way, they can proactively identify threats early on in the attack cycle — and possibly prevent attacks.

    If there is sufficient interest we can get into some of the techniques involved.

    #37689
    Profile photo of SeanT
    SeanT
    Moderator

    That was very interesting. I’d love more info.

    #37691
    Profile photo of zeerf
    zeerf
    Participant

    Great info Joe, thanks for posting! Also would be interested in hearing more.
    :yes:

    #37693
    Profile photo of Joe (G.W.N.S.)
    Joe (G.W.N.S.)
    Moderator

    Who would conduct surveillance on me?

    Hopefully no one right now, but I guarantee some of us have been targets of surveillance!

    Oh no, Joe’s drank the kool-aid and put his tin foil hat on too tight now, all of you are thinking. ;-)

    How can I say this with complete sincerity?

    Many of us have spent time in Iraq and Afghanistan, well then I guarantee you’ve been under surveillance, sure probably not targeted as a individual, but your unit was.

    Ever gone into a Embassy then your picture was taken both by the Embassy and the country it was located in. Just a few examples.

    Travel to Mexico? Cartels have been keeping a eye on Gringos for quite some time now.

    Just a few examples.

    Why should I be concerned about Countersurveillance?

    Ever have a girlfriend (boyfriend) after they separated from a nut job who didn’t want to except it?

    I have and actually had some of his friends try to follow me to locate her (she had a protection order against him), obviously I made them fairly easily.

    Slowly spread distance between us and then on a blind curve pulled “bootleg turn,” stopped, opened trunk, stood behind vehicle, and made a big show of taking their picture as they drove by (to include license plates).

    Besides the camera in the trunk, the 12Ga Pump was also in there (never displayed, but reassuring).

    Got myself a protection order, or as I liked to think of it as a paper trail in my support if needed should they get even stupider, but they refrained from it after that.

    So it’s not just about spy crap.

    Political changes could lead to you being targeted.

    Everyone has probably heard of the taking of license plate information at gun shows.

    Also consider that some future “Events” could have you in a position to conduct surveillance, in which case at least a cursory understanding of Countersurveillance is needed, lest you be discovered.

    #37694
    Profile photo of Wild Bill
    wildbill
    Participant

    Thank you good information also might want to think about the fact that almost every business you visit has cameras monitoring your every move and every credit/debit card purchase tells a story about you.

    Wouldn’t countersurveillance in a rural environment in some ways be easier since there are fewer people so strangers and or peoples actions might stand out more without the clutter of large urban/suburban population?

    Western North Carolina ― LRMC-1 Sept. 2017, CQBC May 2017, DCH March 2017, RS & CTT October. 2016, CTT 1511, LN 1

    “We don't rise to the level of our expectations, we fall to the level of our training.” ― Archilochos

    “I do believe that, where there is only a choice between cowardice and violence, I would advise violence..." - Gandhi

    #37695
    Profile photo of Barry Subelsky
    Sam Brady
    Participant

    Hi quality inexpensive digital camera’s are available everywhere and they are pretty easy to install. Surveillance devices are everywhere in our society. Even in small rural towns. Homeowners have camera focused on their property as well. Criminals are routinely identified on privately owned cameras.
    For example, a bank robber and his or her vehicle maybe identified by reviewing private video footage from homeowners and businesses along his escape route.
    Everyone should keep it in the back of their minds that surveillance is available almost everywhere-including drones….

    #37697
    Profile photo of Andrew
    Andrew
    Participant

    The book “Left of Bang” can give more insight into this. CS is much easier in a rural setting than an urban area.

    #37702
    Profile photo of Joe (G.W.N.S.)
    Joe (G.W.N.S.)
    Moderator

    Yes, countersureillance in a rural setting is easier, in fact using a rural segment in a SDR is recommended where possible.

    Everyone should keep it in the back of their minds that surveillance is available almost everywhere-including drones…

    Definitely, and these can be used for countersurveillance data collection also.

    Another consideration is the use of wireless cameras has increased due to ease of install and these can be monitored by anyone with wireless camera hunter.

    #37704
    Profile photo of Barry Subelsky
    Sam Brady
    Participant

    The key to a counter surveillance route is to NOT make it look like a counter surveillance route. While it is easy to dry clean yourself with a trip to the countryside, it can look to obvious. Go to a country store or market as part of the C/S plan. That looks natural. Professionals develop a C/S route that is part of their everyday routine. That way, they can always follow the route, make slight deviations without being to obvious.

    A detailed C/S plan will have some compatriots on the route looking for obvious surveillance at certain choke points.

    I have done this in non-permissive environments overseas and it becomes quite a game

    #37705
    Profile photo of Joe (G.W.N.S.)
    Joe (G.W.N.S.)
    Moderator

    The key to a counter surveillance route is to NOT make it look like a counter surveillance route. While it is easy to dry clean yourself with a trip to the countryside, it can look to obvious. Go to a country store or market as part of the C/S plan. That looks natural. Professionals develop a C/S route that is part of their everyday routine. That way, they can always follow the route, make slight deviations without being to obvious.

    A detailed C/S plan will have some compatriots on the route looking for obvious surveillance at certain choke points.

    I have done this in non-permissive environments overseas and it becomes quite a game

    Excellent points Sam!

    :good:

    We’ll get into more detail on route planning shortly.

    #37714
    Profile photo of Mountain Mom
    gramma
    Participant

    Hmmmm…

    living alone; rural and without close neighbors this topic has crossed my mind a few times. If for no other reason, than situational awareness that there is “someone” in the vicinity. Could be friend; could be foe but I need a way to gather that information at a distance. Wireless game cameras are one way, yes. I’m also wondering about a driveway alarm – as I am not able to see the end of my driveway through the trees. (A dog or two would also be good.)

    There are high dollar, very large cameras installed around the buildings. The computer monitoring however, no longer exists. I’m leaving them for the deterrent factor – even though it’s a ruse. Gives the opportunistic, low-IQ types pause. And that would be my main concern here. Idjit troublemakers.

    I have some local guys hunting my place, and randomly camping overnight as well. They’ve promised to give me the full tour, to get acquainted with the terrain and the woods… and to scout out where the problem spots are. I already know of one – several ridges over – and these aren’t what you would call motivated and capable adversaries unless you go to their location. But there may be a few things I can do if that situation changes.

    Just thinking out loud; suggestions welcome. Great topics, Joe.

    #37717
    Profile photo of Dennis W
    Dennis W
    Participant

    Get Dakota Alerts for the driveway, and you can place them anywhere you want. I have several all around the property. You could also put one in or around buildings for an alarm. Get the ones that use MURS frequencies. They also have and external antenna and have pretty good range.
    Dennis

    MTV Alumni - N. Central Florida
    Sept 27 – Oct 03 2014 TC3-CTT-CP + NODF
    RC1, RC2, Rifleman 2015
    Sept 2016 Run & Gun/ CQB
    Oct 2016 FOF

    #37902
    Profile photo of Joe (G.W.N.S.)
    Joe (G.W.N.S.)
    Moderator

    Obviously your not going to become an expert in this by reading this Thread, but it can provide some guidance.

    Many groups have learned this OJT style, but it is a steep learning curve when real.

    Professionals develop a C/S route that is part of their everyday routine.

    By mapping out your day to day travels you can develop a baseline to develop a SDR plan.

    Where are the possible choke points?

    Can these be combined with a short cut through a neighborhood with multiple exit points making surveillance team tighten up their distance or risk losing you?

    How can you modify your behavior now to help in the future if you feel this could be a real concern?

    What is your goal for counter surveillance?

    Are you just demonstrating a hard target to deter criminals?

    Do you want to identify surveillance to gather information on them?

    A detailed C/S plan will have some compatriots on the route looking for obvious surveillance at certain choke points.

    In a Patriot Dawn/Rising scenario do you wish to target them? This could be for everything from attempting to turn them to removing them.

    In a hostile regime situation they may pick you up if they suspect you are aware of their surveillance.

    How about using the surveillance to disseminate false information?

    If you have identified source of surveillance you can get creative.

    Maybe a fake dead drop at or near a adversary Intelligence asset residence, a call to said asset to leave a thinly veiled coded message (a regime will be monitoring your cell). Nothing like getting adversary Intelligence to eat their own.

    Maybe a casual bump into said asset at the mall?

    Just some basic thoughts and ideas.

    #38509
    Profile photo of RTOhio
    RTOhio
    Participant

    Very interesting to say the least. Great article.

    Also, can someone help me find an inside the US source for this book: “Covert Rural Surveillance: The Definitive Tradecraft Manual for Rural Surveillance Operators”?

    "Never start a fight that you can't win with everything you have right now"

    "Mistakes in combat are unpardonable sins, punishable by death"

    One Zero Joe Walker (RT California)

    #38511
    Profile photo of Joe (G.W.N.S.)
    Joe (G.W.N.S.)
    Moderator

    RTOhio to the best of my knowledge there is no US source.

    CROPS Covert Surveillance Training & Operations is Ben Wall’s site.

    Periodic searches may find an occasional used copy, otherwise you have to order from the UK.

    #38513
    Profile photo of RTOhio
    RTOhio
    Participant

    Thanks Joe! The business I am in makes this a “required” reading from what I am to understand.

    "Never start a fight that you can't win with everything you have right now"

    "Mistakes in combat are unpardonable sins, punishable by death"

    One Zero Joe Walker (RT California)

    #57417
    Profile photo of Joe (G.W.N.S.)
    Joe (G.W.N.S.)
    Moderator

    Another look at good information.

    #57454
    Profile photo of Mountain Mom
    gramma
    Participant

    Returning to this topic myself. Y’all have seen that Forward Observer is doing something new with the blog, right? Following that, too.

    Don’t know what I don’t know.

    #57459
    Profile photo of Joe (G.W.N.S.)
    Joe (G.W.N.S.)
    Moderator

    Y’all have seen that Forward Observer is doing something new with the blog, right?

    I don’t go there unless someone asks for my opinion on a particular article/subject.

    The educational material is adequate, but “Samuel Culpeper” lost most of his analytic credibility here on the Forum back in January 28, 2016.

    It was concerning the Lavoy Finicum shooting and he lost all objectivity.

    Latter he sorta gave some pseudo excuse, vice taking responsibility.

    So “buyer beware” caution is recommended for any analysis from him.

    #57474
    Profile photo of Mountain Mom
    gramma
    Participant

    Thanks for the warning.

    #57476
    Profile photo of Joe (G.W.N.S.)
    Joe (G.W.N.S.)
    Moderator

    Thanks

    :good:

    #65318
    Profile photo of Joe (G.W.N.S.)
    Joe (G.W.N.S.)
    Moderator

    Time for another look! B-)

Viewing 22 posts - 1 through 22 (of 22 total)

You must be logged in to reply to this topic.