strategic intelligence fundamentals -...
TRANSCRIPT
1
1
STRATEGIC INTELLIGENCE FUNDAMENTALS:
THEORY AND APPLICATIONS
Note that this presentation does not represent the views of the US Government or any US Government agency
Christopher A. Noble
2
Disclaimer
All statements of fact, opinion, or analysis expressed
are those of the author and do not reflect the official
positions or views of the US Government. Nothing in
the contents should be construed as asserting or
implying US Government authentication of information
or endorsement of the author’s views. This material
has been reviewed by the US Government to prevent
the disclosure of classified information.
2
3
Outline
• Intelligence fundamentals
• Tradecraft
• Challenges
• Intelligence techniques
• Collection disciplines
• Analysis methods
• Intelligence themes
• Nonproliferation and arms control
• Counterterrorism and counterinsurgency
• Others
4
Key concepts
• Intelligence is6
• Politically motivated
• Secretly derived
• Action enabling
• Time sensitive
• Tradecraft
• Intelligence cycle
• Intelligence disciplines
• Counterintelligence
• Covert action The theoretical/conceptual intelligence cycle highlighting key stages of
the cycle; other intelligence cycle models may compact or expand on any
or all of these stages
Targeting
Analysis
Reporting
Collection
Processing
Requirements
3
5
Types of intelligence
• Business
• Competitor products
• Competitor performance
• Consumer demand
• Market predictions
• Law enforcement
• Evidence collection
• Crime location
• Criminal residence
• Criminal profiling
• Tactical (battlefield)
• Strategic (political) Homicides in Washington DC based on data from the DC Metropolitan
Police Department; from http://en.wikipedia.org, accessed 12/20/12
6
Types of strategic intelligence
• Descriptive
• Basic research
• Current events
• Operational support
• Science, technology,
and weapons (ST&W)
assessment
• Predictive
• Threat warning
• Strategic trendsCover from CIA’s 2002 report on weapons of mass destruction
in Iraq; from http://www.cia.gov, accessed 12/21/12
4
7
Legal foundations
• US Code
• Title 6—Domestic
security
• Title 10—Armed Forces
• Title 18—Crimes and
criminal procedure
• Title 50—War and
national defense
• Others
• Executive order
• Code of Federal Regulations
• Congressional (public) law
Several bound volumes of the US Code; from http://www.flickr.com,
accessed 04/28/13
8
Intelligence tradecraft
• Formalized guidelines for
espionage and intelligence
• Tradecraft is generally
specific to an intelligence
function
• Targeting
• Collection
• Processing
• Analysis
• Tradecraft may also be
specific to an intelligence
organization
Conceptual example of a portion of the intelligence cycle based on a
signals intelligence collection of an encoded communication; from US
Joint Chiefs of Staff (2012) Joint and National Intelligence Support to
Military Operations
5
9
Raw (foreign) intelligence
• Intended for analysts
• Includes raw information
specific to a collection
event that addresses an
intelligence requirement
• May include processed
information (decryption,
translation, geospatial
overlays, etc.)
• May include interpretation
(e.g., language nuances,
imagery analysis)
Commercial imagery of the Right Bank Drinking Water Treatment Plant
in Mosul, Iraq, following rehabilitation efforts; from http://www.sigir.mil,
accessed 12/21/12
10
Finished intelligence
• Intended for policy makers
• Includes evaluated
information specific to a
topic of interest to the
consumer (e.g., military
capabilities, leadership
stability)
• Includes assessment by
analyst who is a subject
matter expert
• Includes all sources of
intelligence collection President’s Daily Brief from 6 August 2001 (declassified on
10 April 2004) with Bin Ladin warning; from http://www.gwu.edu,
accessed 01/04/13
6
11
Intelligence challenges
• Incomplete data
• Insufficient time
• Source characteristics
• Access
• Expertise
• Reliability
• Completeness
• Expert interpretation
• Data access (stovepiping)
• Data quantification
• Assessment confidence
• Unapproved sharing (leaks)
• Analytic tools
Slide from Secretary of State Powell’s UN speech on 5 February 2003
concerning Iraq’s weapons of mass destruction; slide shows 81-mm high-
strength aluminum tube—one of 60,000 ordered from China—that was
interdicted by the United States in Jordan en route to Iraq; the US
Intelligence Community assessed at the time that the tubes were
intended for use in uranium centrifuges; the Iraq Survey Group later
concluded that the tubes were likely intended for conventional rockets;
from http://www.globalsecurity.org, accessed 01/04/13
12
Targeting
Analysis
Reporting
Collection
Processing
Requirements
Intelligence cycle
Where can we find it?
How do we get it?What does it mean?
Who needs to know?
What do we need?
What did we get?
7
13
Intelligence techniques
• Collection disciplines
• Human intelligence
• Open-source intelligence
• Geospatial intelligence
• Signals intelligence
• Measurement and signature intelligence
• Analysis methods
• Analysis of competing hypotheses
• Link analysis
• Red teaming
• Others
14
Human intelligence (HUMINT)
• Information that can be
covertly obtained through
human sources
• Examples
• Observations
• Photographs
• Documents
• Debriefings
• Diplomatic contacts
• Military attachés
People who potentially have access to information that governments
might find valuable; from http://hubpages.com, accessed 02/19/11
8
15
Open-source intelligence (OSINT)
• Information that can be
overtly obtained through
media sources
• Examples
• Television broadcasts
• Radio broadcasts
• Blogs
• Microblogs
• Magazines
• Academic literature
Newspapers and other forms of traditional and new media can provide
information of importance for strategic intelligence; from
http://tabtimes.com, accessed 02/20/11
16
Geospatial intelligence (GEOINT)
• Information that can be
overtly or covertly obtained
through imagery and geo-
referenced data
• Examples
• Electro-optical imagery
• Infrared imagery
• Multispectral imagery
• Radar imagery
• Geocoordinates
• Human terrain
Commercial imagery from GeoEye showing the River Thames in
Dartford, England; inset shows closeup of the Dartford Crossing (bridge);
from http://www.defenseindustrydaily.com, accessed 12/18/12
9
17
Signals intelligence (SIGINT)
• Information that can be
overtly or covertly obtained
from electronic signals
• Examples
• Phone calls
• Text messages
• Emails
• Video
• Telemetry
• Radar
Basics of a radiofrequency signal; from http://etutorials.org, accessed
12/26/12
18
Measurement and signature intelligence (MASINT)
• Information that can be
overtly or covertly obtained
using technical methods
• Examples
• Seismogram
• Microbarogram
• Radar returns
• Sonar returns
• Infrared spectra
• Mass spectra
• Cell culture
Mass spectra—showing chemical composition—of three individual
airborne particles; from Noble (1998)
10
19
Analysis of competing hypotheses (ACH)
• Purpose
• Discover knowledge
• Assess possible
hypotheses/explanations
• Discount meaningless
facts/evidence
• Process
• Identify possible
hypotheses/explanations
• List known facts/
evidence
• Draw conclusions
Matrix for analysis of competing hypotheses (ACH) showing
(hypothetical) hypotheses across the top axis and (conceptual) facts
along the vertical axis; from http://competinghypotheses.org, accessed
03/06/13
20
Link analysis
• Purpose
• Discover knowledge
• Visualize data
• Identify critical items
• Identify clustered items
• Evaluate relationships
• Process
• Identify items
• Identify relationships
• Draw conclusions
Conceptual representation of link analysis when each dot represents an
item and each line represents a relationship between two items; color
represents a similarity between items; physically adjacent items
represent clusters; from http://wordpress.com, accessed 03/06/13
11
21
Red teaming
• Purpose
• Discover knowledge
• Identify weakness or
shortcomings
• Mitigate potential
stressors
• Process
• Form independent team
• Assume oppositional
perspective
• Plan/simulate attacks
View of Parker Brothers board game Risk that simplifies the wargaming,
a military version of red teaming; from http://www.mrrives.com, accessed
03/06/13
22
Other analytic tools
• Brainstorming
• Cluster analysis
• Financial analysis
• Geospatial analysis
• Linguistic analysis
• Quantitative analysis
• Schedule analysis
• Trend/pattern analysis
• Traffic-light chartsConceptual stop-light chart where green indicates completed goal, yellow
indicates partially completed goal, and red indicated uncompleted goal
12
23
Intelligence themes
• Nonproliferation and arms control
• Weapons proliferation
• Treaty verification
• Counterterrorism and counterinsurgency
• Terrorism organization
• Terrorism weapons
• Military intelligence
• Cryptography and computer security
• Counterintelligence
• Law enforcement intelligence
• Disaster relief and humanitarian efforts
24
Nonproliferation and arms control
• Weapons categories
• Conventional
• Advanced conventional
• Nonconventional
• Delivery systems
• Weapons trafficking
• Technology
• Materials
• Treaty verificationTrident submarine-launched ballistic missile (SLBM) test shot; SLBMs
are considered to be advanced convention weapons as well as weapons
delivery systems; from http://www.public.navy.mil, accessed 12/31/12
13
25
Soviet Joe-1 nuclear test (1949)
• The Soviet Union tested its
first nuclear bomb after
stealing designs from the
US Manhattan Project
• The US Intelligence
Community had estimated
the Soviet’s first nuclear
test in 1953 or later
• The US Intelligence
Community prepared for
contingencies and detected
airborne radiological debris
confirming the test
Soviet Joe-1 nuclear test in Kazakhstan—called “First Lightening” by the
Soviets—used a plutonium implosion device based on the US Manhattan
Project’s Fat Man bomb; from http://en.wikipedia.org, accessed 12/19/12
26
Counterterrorism and counterinsurgency
• Understanding terrorism
• Definitions
• Categories
• Analyzing terrorism
• Organization
• Finances
• Weapons
• Current and recent cases
• International
• DomesticSuicide attacks on the World Trade Center in New York; from
http://images.nationalgeographic.com, accessed 04/23/13
14
27
Aum Shinrikyo sarin attack (1995)
• Five coordinated attacks on
Tokyo’s subway system
during morning rush hour
• Sarin nerve agent
• Thirteen dead, 50 disabled,
500 hospitalized, and over
1,000 (possibly over 6,000)
injured
• Precursor attacks
• Asahara and perpetrators
sentenced to death or life
in prison Cover of Time magazine reporting Tokyo subway attack;
from http://www.time.com, accessed 12/26/11
28
Military intelligence
• Strategic analysis
• Political intent
• Economic capabilities
• Military doctrine
• Military capabilities
• Indications and warning
• Order of battle analysis
• Target analysis
• Collateral effects analysis
• Battle damage assessment
• Medical intelligence
Conceptual example of raw information transformed through the
intelligence cycle to become finished intelligence; from US Joint Chiefs of
Staff (2012) Joint and National Intelligence Support to Military Operations
15
29
Battle of Britain (1940)
• German WWII air
campaign staged against
the United Kingdom
• Targets included convoys,
ports, airfields, military
factories, and infrastructure
• Chain Home early warning
radar stations
• Royal Observer Corps
visual detection and
tracking organization
• First major defeat of
Germany in WWIICoverage provided by the Chain Home radar networks during the Battle
of Britain; http://en.wikipedia.org, accessed 07/18/12
30
Cryptography and computer security
• Secret writing terminology
• Plaintext/ciphertext
• Encrypt/decrypt
• Encode/decode
• Steganography
• Physical
• Digital
• Other
• Computer/cyber forensics
The Lorenz SZ42 cypher machine developed by the Germans in the early
1940s and used during World War II; from http://en.wikipedia.org,
accessed 08/12/13
16
31
German Zimmermann telegram (1917)
• Germany sent diplomatic
message to Mexico to
encourage a Mexican war
with the United States
• Germany promised Mexico
territory in Arizona, New
Mexico, and Texas
• England intercepted and
decoded the message
before sharing with the
United States
• Mexico initially ignored and
then rejected the offerCoded telegram sent by German Foreign Secretary Arthur Zimmermann
to Mexico; from http://en.wikipedia.org, accessed 07/18/12
32
Counterintelligence
• Defensively oriented
• Counterintelligence cycle
• Identify threat
• Prioritize protection
• Develop safeguards
• Communicate findings
• Safety measures
• Physical security
• Information security
• Communication securityThe security card for building or facility access is one form of physical
security; from http://www.mtp-use.com, accessed 08/13/13
17
33
Aldrich Ames’ betrayal (1994)
• CIA Officer with over 30
years of experience
• Operations
• Counterintelligence
• Mediocre performer
• Compromising factors
• Alcohol abuse
• Marital problems
• Financial difficulties
• Spied for the Soviet Union-
Russia for about 10 years
• Gave up at least 12 spies
Aldrich Ames at Allenwood Penitentiary in Pennsylvania serving his life
sentence for espionage; http://en.wikipedia.org, accessed 08/13/13
34
Law enforcement intelligence
• Narcotics trafficking
• Cocaine
• Opiates/heroin
• Financial crime
• Money laundering
• Counterfeiting
• Forgery
• Identity crime
• Computer/cyber crime
• Arms trafficking
• Human trafficking
Worldwide cocaine production, trafficking, and consumption in 2008; from
http://www.unodc.org, accessed 08/12/13
18
35
Disaster relief and humanitarian efforts
• Natural disasters
• Hurricanes
• Tornadoes
• Tsunamis
• Earthquakes
• Political oppression
• Civil war
• Forced migration
• Human trafficking
NGA’s lidar-based digital elevation model (DEM) data overlaid on Google
Earth imagery showing the aftermath of the 2010 Haiti earthquake; from
http://www.opentopography.org, accessed 08/13/13
36
Further reading
• Cirincione, J.; et al. (2005). Deadly Arsenals:
Nuclear, Biological, and Chemical Threats. Carnegie
Endowment for International Peace: Washington
• Clark, R. M. (2009). Intelligence Analysis: A Target-
Centric Approach. CQ Press: Washington
• George, R. Z.; et al. (2008). Analyzing Intelligence:
Origins, Obstacles, and Innovations. Georgetown
University Press: Washington
• Lowenthal, M. M. (2006). Intelligence: From Secrets to
Policy. CQ Press: Washington