INTV Intelligence Collections 350
SIGINT Collection Strategies
Cueing: or "Tip-Off" Involving the use of one or more sensor systems to provide data that directs collection by other systems Best Use: Targeting Mixing: Is the combination of different assets and capabilities covering the same named area of interest. Best Use: Mitigates deception or errors Redundancy: Involves the use of several of the same type of capability to cover the same areas/target. Best Use: When risk to friendlies is greatest Vignette 1: SIGINT sensor cues a GEOINT sensor Vignette 2: SIGINT, GEOINT, HUMINT, MASINT OSINT etc. covering the same NAI Vignette 3: Multiple SIGINT capabilities/sensors covering same target area or target (Satellite, Air, Ground etc
Electro-Optical: MSI/HSI
MSI/HSI Range: Light that is visible (R,G,B), near-visible, and not visible to the naked eye. Hyperspectral imaging measures continuous spectral bands, as opposed to multispectral imaging which measures spaced spectral bands. Identifies fingerprints of objects/materials = signatures (parametric data) Multispectral and Hyperspectral Sensors Multispectral sensors collect Red, Green, Blue as well as wavelengths that fall outside the visible spectrum, including near-infrared radiation (NIR), short-wavelength infrared radiation (SWIR) and others. MSI vs HSI MSI collects ones-to-tens of spectral bands, HIS collects hundreds of spectral bands. Landsat Program: Passive Multispectral sensing (Lowenthal & Clark, 2016, 129).
Vulnerabilities of SIGINT
Reliant on human and computer translation Susceptible to deception/counter-intelligence Target goes silent Target has knowledge of sources, methods, technical capabilities Encryption (codebreakers required, encoders, cryptographers) Steganography (existence of message is known, but the message is hidden- covert)
FISINT Application
Telemetry Analysis applied to ballistic missiles Radio signals from launch vehicle /system to monitoring station Launch pad data, ignition sequence, systems checks Print-outs of line traces/data points plotted to depict launch and flight characteristics.
TECH ELINT
"Collect the detailed signature of radars, then conduct a detailed assessment of the signature to obtain performance information" (Clark, 2014). Signal structure Emission characteristics Modes of operation Emitter functions Weapons systems associations Emitters: Radars, beacons, jammers, and navigational signals
Priority Intelligence Requirement
"PIR" are the Commander's most critical intelligence requirements concerning the operational environment and the adversary. (JP 2-0)
GEOINT- Radar Imagery (SAR)
"Synthetic Aperture Radar (SAR) is an imaging radar that operates at microwave frequencies and can "see" through clouds, smoke and foliage to reveal detailed images of the surface below in all weather conditions" (U.S. Department of Energy Office of Scientific and Technical Information, n.d.)
ELINT at Work
"This is where ELINT goes to work. By intercepting, amplifying, recording and analyzing an enemy radar signal or pulse, we can learn all about it. By studying the type of radiation, its modulation (AM, FM, pulse) its pulse repetition rate, pulse duration, pulse shape, its radio frequency (position on the electronic spectrum), its antenna pattern characteristics, and so on, we can identify the radar, compare it with known information, ascertain its range, location, use, and other essential information required to evaluate its capability as a radar and its susceptibility to countermeasures."
➢Reconnaissance:
A mission undertaken to obtain, by visual observation or other detection methods, information about the activities and resources of an enemy or adversary, or to secure data concerning the meteorological, hydrographic or geographic characteristics of a particular area. (JP 2-0)
➢Request for Information.
A research question submitted to external organizations that assist the analyst in closing information/intelligence gaps. If the question cannot be answered from available information, the collection manager can determine if a collection requirement is needed.
➢Collection Requirement.
A validated information or intelligence requirement that cannot be answered from previously collected information. These are normally also created within INT specific channels (HUMINT, SIGINT, etc)
Exploits
A weakness in the use's phone in taking control of their phone device without the users knowledge or having the user click on a link.
SIGINT Collectors- Space and Airborne
Above Ground Level (AGL) management ISR assets Size, Weight, Power, Cooling concerns Sensor configuration, sensor pods, etc. Survivability and Position, Navigation, Timing. National Technical Means and Orbits
➢Intelligence, Surveillance, and Reconnaissance:
An activity that synchronizes and integrates the planning and operation of sensors, assets, and processing, exploitation, and dissemination systems in direct support of current and future operations. This is an integrated intelligence and operations function. (JP 2-01)
➢Classification
Associate with, or assign to, one of a number of sets (classes) which are distinguished by one or more criteria...
Emitter geolocation
Can be used to locate sources of inference, including intentional jammers.
GEOINT (Geospatial Intelligence)
Collection of photographic or other imagery
The Foreign Intelligence Surveillance Act (FISA)
Court governs all electronic surveillance for law enforcement Electronic communications devices, including cell phones, computers, etc.
AIS (automatic identification system)
Developed in the 1990's automatic ship board tracking system to assist with collision avoidance in densely trafficked coastal areas. It currently is mandated on ships of over 300 tons and on all passenger ships.
COMINT Methods: Geolocation
Direction Finding is an effective method of geolocation. Premise: Triangulation. Three most widely used methods: 1. Angle of Arrival (AOA) Oldest passive RF geolocation used to determine the direction of signal arrival EM waves typically travel in a straight line (unless interference- urban areas, heavy wooded areas) 2 or more sensors work together to estimate the direction of arrival of an emitter DISADVANTAGE: No antenna measures direction of arrival/angle of arrival to precise points 2. Time Distance of Arrival (TDOA) Cell towers using the speed of sound by emitting a pulse towards the emitter and measuring its time delay during the round trip. Requires static sensors which develop a hyperbolic plot against the earth's surface. Assuming: Speed of light = speed of RF energy* DISADVANTAGE: Better than angle of arrival, but dependent on many variables* 3. Frequency Difference of Arrival (FDOA) Detects the doppler shift of signals emitted or received from moving targets Requires points that are in relative motion with respect to each other or the emitter DISADVANTAGE: Large amounts of data must be moved to estimate the doppler shift
ELINT
ELINT: Information derived from electronic signals that do not contain speech or text. ELINT is a form of technical, or non-literal collection. "Electronic devices emit or radiate non-visible, non-audible radiations which are detectable and recordable, using electronic devices just as the human ear hears sound" (Kroger, C.A., 1993). TechELINT: Technical ELINT. • "Describes the signal structure, emission characteristics, modes of operation, emitter functions, and weapons systems associations of such emitters as radars, beacons, jammers, and navigational signals." • Purpose: "Obtain signal parameters which can define the capabilities and the role that the emitter plays in the larger system" (Bernard, 2009). • Informs the design of radar detection, countermeasure, or counter-weapons equipment (used for electronic warfare).
OPELINT- The Electronic Order of Battle
Electronic Order of Battle (EOB) and Electronic Survey (ES) "Details all known combinations of emitters and platforms of both enemy and the friendly forces... Purpose: To identify vulnerabilities in the enemy's capabilities, identify opportunities for electronic attack and deception (Anand, 2012)." How to develop the EOB: • Identify SIGINT emitters in an area of interest (Electronic Survey, or ES) • Determine geographic location (geolocation) • Determine range of mobility • Characterize signals • Analytical role: Determine role in the broader order of battle Electronic Survey (ES): Collecting and characterizing pulses to develop the EOB, support planning for electronic warfare (EW)
➢Identification:
Establish the absolute sameness with one of a number of possible individual members of a class of known elements
GEOINT Overview- Imagery and Imagery Intelligence
GEOINT includes exploitation & analysis of environmental data and analysis of physical entities within and on the terrestrial surface to include human terrain. I. Radio Detection and Ranging (RADAR) Synthetic Aperture Radar (SAR). Moving Target Indicator (MTI). II. Electro-Optical (EO) Full Motion Video (FMV). Still images. Infra-Red (IR)- warm objects Moving Target Indicator (MTI). Light Detection and Ranging (LIDAR) technology uses light in the form of a pulsed laser to measure ranges and generate precise, three-dimensional information. Hyperspectral (HSI) and Multi-Spectral Imaging (MSI). What to look for: A wide range of products to assist private and public agencies. Applications for military, other governmental use, non-profit, commercial...
GEOINT Strengths and Weaknesses/Vulnerabilities
GEOINT provides information on activities, intentions, actions, terrain Tells the analyst "what is happening, where it has happened, where it is happening, and what will happen next" (Lowenthal & Clark, 112) Global collection despite denied airspace Diverse systems with nearly continuous access Supports targeting - precision and accuracy Advances in Artificial Intelligence and Machine Learning Can confirm or deny activities even in obscured environments (weather, terrain) Weaknesses/Vulnerabilities: Susceptible to denial and deception techniques Target may cease/hide activity during access / exposure to sensors Target has knowledge of sources, methods, technical capabilities Operations Security (OPSEC) of commercial satellite data
SIGINT Key Definitions
Geolocation: Techniques used to identify the location of a radio frequency (RF) emitter. Line of Bearing, or LOB: One intercept of an emitter RF signal that is collected and reported for further analysis. "Azimuth bearing from a direction finding site to a distant target radio signal emitter. (Example: 048 degrees from True North)" Cut: At least two intercepts of an emitter RF signal Fix: Three or more intercepts of an emitter RF signal with a geolocation of the emitters position to a higher degree of certainty "Determining the location of a radio emitter by triangulation and evaluation of LOB (on appropriate maps/charts) received from several radio direction finding sties." Transceiver: A transmitter and receiver housed together in a single unit and having circuits in common, often for portable or mobile use. Receiver: An apparatus that receives incoming modulated radio waves and converts them into sound Transmitter: A set of equipment used to generate and transmit electromagnetic waves carrying messages or signals, especially those of radio or television. Emitter: An object that produces electromagnetic waves/energy away from itself (can be a transmitter of EM signals) Doppler Shift: The difference between the frequency of sound or light waves leaving a source and the waves which they reach an observer, caused by relative motion of the observer and the wave source. Spoofing: To assume or emulate the identity of (another user or device) in order to gain access to a system. Jamming: To interfere with or prevent the clear reception of broadcast signals by electronic means. Literal vs. Non-Literal Collection: Literal collection requires no special exploitation after processing (Open Source, Human, Communications, Cyber Collection). As opposed to non-literal, which typically requires machine translation and exploitation beyond initial processing (Of note, GEOINT is not literal, even though analysts can view GEOINT products easily). Not to be confused with python literals, or collection literals used in programming.
Geospatial Information applications
Government and Non-Government: Applications Navigation / mapping Military, Law Enforcement and civil planning Humanitarian Relief/Disaster Relief Agriculture Sensor Applications: Position & Navigation data collected during passive and active collection LiDAR digital elevation and digital terrain models (DEM/DTM) HIS/MSI EO collection detecting and characterizing materials GI/GPS sensors assist in the detection, classification, characterization, identification of urban / rural structures, demographics, preference
SIGINT Collection- Fixed Station
Ground Station SIGINT Overt, Clandestine, and Covert SIGINT • Embassy and Consulate SIGINT: CIA embassy-based eavesdropping efforts • Late 1960s and early 1970s, intercepting the radio-telephone conversations of Soviet Politburo members • Military special operations • Intelligence Community SIGINT activities
Visual Depiction of Collection Assets
ISR Planning Considerations • Size, Weight, and Power, Cooling • On-Station Time • Endurance • Data Storage/Data Link • Secure Position, Navigation, and Timing (PNT) • Look Angle • Sensor range/resolution ...etc
GEOINT Key Definitions
Imagery. A likeness or presentation of any natural or man-made feature or related object or activity and the positional data acquired at the same time the likeness or representation was acquired, including: ...products produced by space-based national intelligence reconnaissance systems and likenesses or presentations produced by satellites, airborne platforms, unmanned aerial vehicles, or other similar means. Imagery Intelligence. The technical, geographic, and intelligence information derived through the interpretation or analysis of imagery and collateral materials. HUMINT vs. GEOINT: Imagery includes handheld photography, but, within the context of GEOINT, "does not include handheld or clandestine photography taken by or on behalf of human intelligence collection organizations." Geospatial Information. Information that identifies the geographic location and characteristics of natural or constructed features and boundaries on the earth and includes: statistical data; information derived from, among other things, remote sensing, mapping, and surveying technologies; and mapping, charting, geodetic data, and related products. Geospatial Analysis. The science of extracting meaning from geospatial data and using geographic information systems (GIS) to uncover and investigate relationships and patterns in all forms of geospatial data to address intelligence or military issues. Motion GEOINT: Both EO and radar sensors can create or capture motion by collecting two or more frames per second. Most common types: Full Motion Video (FMV) Moving Target Indicator (MTI) Wide Area Motion Imagery (WAMI). Moving Target Indicator (MTI): This EO and radar capability shows only those objects that are in motion and provides information on the speed and direction that objects are moving. Remote Sensing: Any sensing performed from a distance of the target
SIGINT (Signals Intelligence)
Intelligence gathered from communications, electronics, or foreign instrumentation. National Security Agency is the SIGINT Requirements Manager SIGINT Disciplines: Communications Intelligence (COMINT). • Communications Intercepts (various devices/military radios/human communications) Electronic Intelligence (ELINT). • Electronic emissions from modern weapons and tracking systems. • Provides data to gauge frequencies and ranges of threat systems. Foreign Instrumentation Signals Intelligence (FISINT). • Includes Telemetry Intelligence (data relayed by weapons) • Interception of foreign electromagnetic emissions...tests/operations.
How elint works
Intercepting, amplifying, recording, and analyzing an enemy radar signal or pulse.
COMINT- Evolution
Invention of the telegraph begins the exploitation of wireless signals. Heinrich Hertz discovers that light wave speed* (EM radiation) = speed of radio waves (this is not the speed of sound!) Speed of sound is 340 m/s and is 5 times faster under water! Years of Wars: multiple revolutions in technology and its use. World War I, II, Korean War, Vietnam, Cold War Rise of the Cryptanalyst and Cyberspace Exploitation Cryptology and analog / mechanical ciphers (ie. Enigma/Purple) • Digital 256 and greater bit encryption and decryption stymies cryptanalysts and COMINT analysis Cyber enabled intelligence collection COMINT evolves across technologies RF Communications (across all spectra) Push to Talk (PTT)- heavily used in military tactical communications High Powered Cordless Cell Phone (HPCP) Multiband radios (AN/PRC-148: MBITR, etc) Satellite communications (SATCOM) ( Thuraya, etc)
COMINT
Is intelligence and technical information derived from collecting and processing intercepted foreign communications. COMINT is a form of literal collection. Passed by radio, wire, or other electromagnetic means. COMINT also may include imagery, when pictures or diagrams are encoded by a computer network/radio frequency method for storage and/or transmission. The imagery can be static or streaming. The
Electro-Optical: LiDAR-
Light Detection and Ranging (LiDAR) sensors Uses light source to measure distance between objects Works on the principle of "time of flight" (using speed of light to determine distance)- required direct line of sight (can't see it can't detect it). 3D mapping of buildings/terrain and surface scanning- beneath vegetation! Sensing beyond foliage and camouflage netting is getting better* LiDAR vs. Radar: Light Waves vs. Radar waves LiDAR cannot work in harsh environments- radar can. Other applications: Self-Driving Cars (LiDAR) distance /proximity mapping Law enforcement speed detection Agricultural research (maximum yield areas)
Radar order of battle (ROB)
Military defense or our country by the army, navy, and air force. Primarily concerned with the location and capability of all enemy radar on a current basis
SIGINT Collection Capabilities of the Future
Miniature directional antennas that support high-power transmit for Electronic Attack (EA) Direction Finding (DF) performance across the full band of interest Improved DF accuracies RF Interference Mitigation Miniature tuners/radios that support digitization Counter-jamming, spoofing and meaconing
GEOINT- Radar: Moving Target Indicator
Moving Target Indicator (MTI). Ground MTI (GMTI). Depicted as dots or tracks on a map- Active radar pulses along a track Collected via airborne and satellite sensors Very useful for indications and warning of movement Detecting metallic surfaces by radar reflections Can be deceived fairly easily
Electromagnetic Spectrum- Applications
Non-ionizing: low-level radiation which is generally perceived as harmless to humans Ionizing: high-level radiation which has the potential for cellular and DNA damage
➢Parametric Data Sets:
Normalized data about a certain target system or collection target, to be used in conjunction with target phenomena to inform how intelligence sensors detect and identify the target.
Jamming
Occurs when the attacker floods or overpowers a signal, transmitter, or receiver, interfering with legitimate transmissions.
OpELINT:
Operational ELINT. • Concentrates on locating specific ELINT targets and determining the operational patterns of the systems. • Purpose: "To provide threat assessments, often referred to as "tactical ELINT." OpELINT intelligence products support military operational planners and tactical military commanders on the battlefield." • Informs development of the electronic order of battle (EOB), or threat library.
eavesdropping
Passive form of signals exploitation
COMINT- The Collection Process
Planning and Targeting Evaluate the threat/adversary/criminal entities • Identify emitters, perform analysis to identify target frequencies Identify collection capabilities to collect against targets Develop information collection plan Military: Develop Targeting and Attack Guidance Law Enforcement: Evidence for FISA packet Collection Tasking Collection: Detect at Named Area of Interest Processing: Signal analysis, Classification (Parametrics) Exploitation: Single source translation, phenomenology Dissemination: Publish to controlled databases/All Sou
FISINT- The Collection Process
Planning and Targeting Evaluate the threat/adversary/criminal entities • Identify possible ballistics/space systems Identify collection capabilities to collect against targets Develop information collection plan Military: Develop Targeting and Attack Guidance Collection Tasking Collection: Detect, intercept, and collect data from target system Processing: Signal analysis, Classification (Parametrics) Exploitation: Single source translation, phenomenology Dissemination: Publish to controlled databases/All Source
ELINT- The Collection Process
Planning and Targeting (Planning and Direction in the Intelligence Cycle) Evaluate the threat/adversary/criminal entities • Identify emitters of interest, establish the electronic order of battle Develop the information collection plan Military: Develop Targeting Guidance Collection Tasking: Identify and task collection capabilities Collection: Detect, intercept signals Processing: Signal analysis, Classification (Parametrics) Exploitation: Sorting, phenomenology Dissemination: Publish to controlled, sensitive databases for all source integration
Other Geolocating Methods for SIGINT
Received Signal Strength Indicators (RSSI): Machine learning and algorithms to measure the amount of power at a frequency of interest. Multiple measurements at different locations provides an estimate of geolocation. Cell-ID: Can locate any device with a GSM/WCDMA/CDMA modem. Not as accurate as other DF technologies. Involves searching databases for unique parameters such as mobile country and network codes (MCC, MNC) and other cell IDs to determine approximate location. Very challenging against indoor internet of things (IoT) devices. Other Direction Finding Applications: Navigation for ships, small boats, and aircraft Emergency aid to detect beacons from crashes/lost people Wildlife tracking: studying movement of radio-tagged animals
Signal internals
Reveal the message content being transmitted and may require decryption or language translation.
RF Spectrum Mapping
Routinely performed to analyze cellphone coverage.
GEOINT- Electro-Optical Imagery
Strengths: Can provide high resolution images that require minimal post processing for operations Physics impacts are minimal (few artifacts, noise, etc) Weaknesses: Relies on sun's energy to collect, so typically operates day or night in good weather Provides no additional detail- minimal phenomenology to discern deception Neutral: Shadows: inclination/angle of collect can negatively or positively impact the shot Key factors to consider: Time to Collect Resolution
Strengths and Weaknesses of SIGINT
Strengths: SIGINT provides insights into plans, intentions, policies, considerations Collection goes to the source Collection possible beyond barriers and walls Relative precision and accuracy is possible Standoff and persistence is more feasible Vulnerabilities: Reliant on human and computer translation Susceptible to deception/counter-intelligence Target goes silent Target has knowledge of sources, methods, technical capabilities Encryption (codebreakers required, encoders, cryptographers) Steganography (existence of message is known, but the message is hidden- covert)
GEOINT- Radar Imagery
Strengths: "...features of interest can be detected, identified and accurately located in relation to the surrounding terrain" (USAirpower.net). Operate day or night and no reliance on the sun's energy Microwave band radars can function in most weather conditions Useful range can be extensive depending on sensor type and location of sensor. Weaknesses: Physics impacts are considerable (artifacts, shadow, noise, etc) Exploitation requires extensive processing (heavier sensors) Key factors to consider for radar imagery: Footprint Resolution Time to Collect
➢Collection Capabilities
Systems, consisting of sensors and platforms, deployed in a geographic region of the world or static, collecting active or passive signals
The Collections Process - TC-PED
Tasking Collection Processing Exploitation Dissemination Feedback ➢Collections is the formal process for coordinating, directing, collecting and distributing intelligence ➢The cycle runs concurrently with other critical processes like planning and operations. ➢ Planning: Future collection is planned to support future operations, and current collection is conducted to answer gaps in knowledge so that planners can continue planning. ➢ Operations: Needs of current operating law enforcement and military personnel result in collection requirements. ➢The collection cycle doesn't need to be followed to the letter ➢You do have to be careful not to omit critical step
Foreign Instrumentation Intelligence (FISINT)
Technical and intelligence information derived from the collection and analysis of foreign instrumentation signals. Typically applied to missile and special equipment operations (space vehicles and ballistics) Signal parameter measurements: "Radars frequency, pulse, pulse duration, pulse repetition interval, main beam scan pattern, and bandwidth" (Clark, 2014, p. 360) Main beam scan pattern: Identifies the purpose and modes of radar operation. Telemetry: Instrumentation readings transmitted from a satellite or from a missile or aircraft undergoing testing Telemetry Externals: Changes in a telemetry signal caused by the flight profile of the vehicle Telemetry Internals: The values of the measurements made by flight instrumentation
TT&C
Telemetry, tracking and command
SIGINT Collectors- Ground
Terrestrial collection systems- typically military across all services Size, weight, power and cooling are always a factor Sensors are typically platform independent, but integrated into systems to meet operational needs Mounted. Typically COMINT and EW systems which require security and strategic positioning Dismounted. Typically COMINT and EW systems able to be deployed in remote areas.
➢Collection
The acquisition of information to answer priority intelligence and information requirement
➢Detection:
The action or process of identifying the presence of something concealed.
➢Target Acquisition:
The detection and identification of the location of a target in sufficient detail to permit the effective employment of lethal and non-lethal means.
➢Recognition:
The determination of the nature of a detected person, object or phenomenon, and possibly its class or type.
Maritime domain awareness
The effective understanding of any vessels or objects, in the maritime domain that could impact security, safety, economy, or the environment.
➢Named Area of Interest:
The geographical area or window in time and space where information that will satisfy a specific information requirement can be collected. ▪ Applies to air, land, sea, space, cyberspace ▪ The NAI characteristics are determined by 2 things: The information that needs to be collected and the capability of the sensor/collector
➢Collection Manager
The individual who orchestrates and manages the analysts' needs throughout the collection cycle. Collection Managers must KNOW the capabilities of the intelligence assets. This starts with the intelligence disciplines.
➢Surveillance
The ongoing systematic collection, analysis, and interpretation of data (CDC)...or in military terms...The systematic observation of aerospace, surface, or subsurface areas, places, persons, or things, by visual, aural, electronic, photographic, or other means. (JP 3-0)
COMINT Methods: Communications Intercept
The other side of COMINT. Intercepting communications via radio frequency or computer systems/networks to provide tactical, operational or strategic signals intelligence (sensitive collection methods). Reliant on language translation in most cases (what is the target language?) Requires mitigation of noise interference, jamming, spoofing, and meaconing. Jamming: To interfere with or prevent the clear reception of broadcast signals by electronic means. "deliberate radiation of electromagnetic signals to overpower the intended signal frequencies" Friendly or enemy jammers can disrupt target comms. Spoofing: Recreating signal structures similar to the target signal structure to create confusion and disrupt intercept methods. Meaconing: Rebroadcasting a GPS message so that position, navigation, and timing data is broadcast from another location, causing confusion to GPS (ie.repeaters) Requires decryption/cryptanalysis to counter encryption Virtually impossible with analog or mechanical methods.
➢National Intelligence Priorities Framework
The primary mechanism to establish, disestablish, manage, and communicate national intelligence priorities (DNI, ICD 204) ▪ Intelligence topics approved by the President, who heads the NSC • Presidential Priorities List and the National Security Council are primary input mechanisms ▪ The NIPF is the U.S. Intelligence Community's sole mechanism for establishing the United States' national intelligence [collection/production] priorities. ▪ The NIPF drives how money is spent. • National Intelligence Program (NIP). DNI responsibility. • Military Intelligence Program (MIP). SecDef responsibility
ELINT Notation(ELNOT)
The process of intercept and analysis of electronic intelligence. it is also the detection and analysis of radiations from foreign electronic devices for the purpose of extracting information of value to intelligence.
➢Intelligence
The product resulting from the collection, processing, integration, evaluation, analysis, and interpretation of available information concerning foreign nations, hostile or potentially hostile forces or elements, or areas of actual or potential operations. (JP 2-0)
➢Target Phenomenology:
The study of phenomena regarding a specific target system and target characteristics. ▪ The goal of analysis and initial collection is to characterize the phenomena and process the "information" by sifting relevant from irrelevant data, or "noise". ▪ Collection is repeated until an improved data set is developed for the target.
GEOINT Applications/Custom
U.S. Government (Interagency and Government Organizations): Planning (MDMP, IPB, JIPOE), Operations, including Targeting Humanitarian Assistance/Disaster Relief (HA/DR). Logistics/Sustainment. Detection of WMD chemicals/materials (HSI/MSI). • MASINT provides expanded capabilities to detect WMD chemicals/materials NASA space and physical exploration/detection. Etc. Industry and other Non-Governmental Organizations (NGOs): HA/DR, Migration data. Natural Resource Exploration Weather impacts- drought, extreme weather Refugee and Internally Displaced Persons (IDP) camp assessments. Status of key lines of communication and infrastructure. Human terrain mapping and archeology- cultural and societal geospatial data sets
Satellite AIS
Was originally designed to help track compliant vessels in crowded waters but now allows the ability to to fuse all AIS data with optical and radar imagery as well as other data sources.
SIGINT Exploitation, Production and Dissemination
What to Look For: SIGINT finished production reports NSA Cryptologic Support Group and NSA Production Team products Military Tactical Reports (TACREPS) Sensitive reporting and reporting at higher classifications Secret Compartmented Information (SCI) Law Enforcement Sensitive and FISA Court Records Pressures on SIGINT PED: According to Lowenthal and Clark, p. 101 Volume Variety Velocity Resource implications: Budget, Translators, Sensors, Platforms, Integrated Technologies
Democrazation
When something is accessible to anyone who wants it
OSINT (Open Source Intelligence)
__________ is the application of intelligence tradecraft to open sources of information, specifically involving the collection, processing (to include foreign language translation), and exploitation/analysis of multiple, independent open sources of information
➢Analysts
consist of any analyst within the national security enterprise. ▪ Identify information gaps during research & support to operations and planning. • Joint Intelligence Preparation of the Operational Environment • Intelligence Preparation of the Battlefield • Organizational SWOT analysis (Strengths, Weaknesses, Opportunities, Threats). ▪ Assist in targeting efforts • Require precise, accurate data for lethal or non-lethal targeting
➢Information Collection
synchronizing and integration the planning and employment of sensors and assets, in support of operations (Field Manual 3-55).
➢Collection Management
the process of converting intelligence requirements (IRs) into collection requirements (CRs) through coordinating, monitoring, and re-tasking sensors and assets. CM primary functions include: ▪ Collection Requirements Management (CRM). ▪ Collection Operations Management (COM).
Steganography
• Steganographic code embedded in large files. • Printing tricks: Microdot! • Invisible ink between written lines (innocuous letter with secret information
➢Customers
▪ Collection Customers: consist of senior decision-makers, policymakers and anyone else within the national security enterprise (also, partner nations, allies, etc.) who has a validated requirement for collection, or collection requirement (CR). ▪ Collection Management Customers: consist of any customer who submits Requests for Information (RFIs) because they lack the intrinsic or organizational ability to answer the question
Target Phenomenology of Intelligence
▪ Find- Locate and identify targets ▪ Fix- Track the target and prepare targeting solutions ▪ Finish- Provide precision and accurate targeting data to engage the target ▪ Exploit- Intelligence analysis of targeted system, post engagement ▪ Analyze- Intelligence production and assessment with reattack recommendation (typically multi-source intelligence- SIGINT, GEOINT, etc
Intelligence Cycle
✓Planning and Direction/Requirements: What is known, what must be known to continue planning, to support decision-making, to identify gaps ✓Collection: Tasking, Collecting, Initial Processing & Exploiting, Disseminating ✓Process and Exploitation: Convert the collected data into information that can be readily disseminated and used by all-source intelligence analysts to produce multidiscipline intelligence products. ✓Analysis and Production: What does the information mean, what else do we need to know, and what might occur ✓Dissemination: Provide to commanders, decision makers, users, other organizations. Dissemination can also be instantaneous (artificial intelligence)
Collection Strategies
➢ Cueing: or "Tip-Off" Involves the use of one or more sensor systems to provide data that directs collection by other systems ➢ Best Use: Targeting ➢ Mixing: Is the combination of different assets and capabilities covering the same named area of interest. ➢ Best Use: Mitigates deception or errors ➢ Redundancy: Involves the use of several of the same type of capability to cover the same areas/target. ➢ Best Use: When risk to friendlies is greatest
Collection Operations Management
➢Identify Assets ➢Developing Tasking Order or Request ➢Exploit and Disseminate ➢Update Plan/Re-task
