5 Times in History When HUMINT Was Used

21.08.2019

We’re all familiar with that common scene in movies: a person of authority interrogating a subject—seated down, hands cuffed, and isolated in a quiet, secluded room.

Although this scene is often an exaggerated depiction, it is a good example of how human intelligence, or HUMINT, is gathered.

HUMINT is the information gathered through interpersonal communication with individuals, hence the term human intelligence. Information can be obtained through face-to-face encounters, phone interviews, e-mail correspondence and video calls, for as long as the source of the information is a human being.

Looking beyond the typical scenario of HUMINT gathering, and outside police districts, military camps and other law enforcement offices—when and where else do you think HUMINT was gathered?

Obtaining human intelligence before was done almost nonchalantly, and they probably didn’t it was HUMINT in the first place.

Let’s take a look back at history to see how some famous people used HUMINT to achieve their goals that shaped many military and political strategies of today:

1. When Moses sent 12 spies to Canaan

Moses, as chronicled by the Book of Numbers 13:2, sent his men to the land of Canaan which he intended to give to the Israelites.

This is a classic example of espionage with all its ancient glory—devoid of high technology and complex methods. Espionage is one of the tools used for HUMINT gathering.

Through Moses’ 12 spies who were in a position of confidence against the enemy, they were able to gather information that aided the successful exodus of Israelites from Egypt to Canaan.

3,400 years ago when Moses ordered this, no one at his time labeled it as human intelligence. It only made sense when modern science coined the term HUMINT.

2. When Sun Tzu’s military conquests inspired him to write The Art of War

Hailed as the most influential Chinese military writer of all time, Sun Tzu promoted a new approach to warfare. He emphasized a non-conventional style of war by shifting the focus from an enemy’s strengths to concentrate on the weaknesses instead.

In his book, Sun Tzu stressed the use of alternative methods in battle such as psychological warfare, deception and strategic alliances. He underscored “foreknowledge”, which entails profound understanding of an enemy’s personality, rather than the military capability alone. To do these, intelligence must be gathered and done using the right strategy.

When Sun Tzu wrote The Art of War, it became an acclaimed work that shaped both Eastern and Western military thinking.

3. When Alexander the Great interrogated Persians

Roughly 370 BC, when Greek-Persian relations were rather tense, a teenage Alexander the Great began interrogating Persian visitors to the royal court, then ruled by his father, King Philip II of Macedon.

True to his moniker, Alexander’s wisdom and strength at a young age earned him several triumphs that extended to the East. His profound understanding of climate, roads, culture and personality of his visitors and enemies made him an excellent military strategist.

Much of this information is credited to his collectors, and he would have reached his goal of “conquering the world” if not for his untimely death.

Another method of HUMINT gathering is interrogation of prisoner of wars (POWs) or detainees. Plenty of information can be gathered from POWs, which provides substantial insight about the enemy.

4. When Chanakya composed the Arthashastra

Loosely translated as “The Science of Politics”, Chanakya (also known as Kautilya) created the Arthashastra in 4th century BCE as a comprehensive guide on military, state and political strategies.

As an esteemed teacher, economist and royal advisor in India, he emphasized the practice of state control backed by a strong intelligence framework to gather pertinent information.

He also placed emphasis on the ideal qualities of a HUMINT collector, or the person trusted to gather intelligence. Courage, sharpness, intellect and integrity are a must, as well as a profound understanding of the arts. These requirements put the collector at almost-equal qualifications with the king and his royal counselors.

Chanakya further detailed the HUMINT practice as obtaining information through exploitation and judgment.

Spying is the practice of gathering confidential or top-secret information without the official permission of the owner. Agencies who employ spies aim to obtain information not otherwise given to them. This is a clandestine act, and is illegal in many cases—making it unacceptable and punishable by law.

5. When agentes in rebus of the Byzantine Empire made reports to the royal court

The Romans utilized a sophisticated form of HUMINT, employing agentes in rebus or “conductors of affairs” or “magister’s men”. They are like the ancient counterpart of today’s courier service—only that they exclusively serve the royal court and hold intelligence functions as well.

Selecting agentes in rebus was an intricate process. Men were carefully selected based on their abilities and morals, later trained intensively, then employed on a test run for five years.

Agentes in rebus is the primary arm of communications within the Byzantine Empire. They supervised roads and inns, carried letters, checked soldiers’ billeting and acted as customs officers. Most importantly, they reported relevant information obtained from their travels to the royal court.

Diplomacy is another HUMINT source, a friendly approach compared to espionage and interrogation. This is the practice of negotiating different concerns and issues between two parties, usually from state representatives entrusted by their respective heads of state. Diplomacy has evolved greatly, but even in olden times it was widely utilized.


6 Interesting Facts About SIGINT

26.07.2019

In military practice, law enforcement, and intelligence agencies, signals intelligence (SIGINT) is crucial. It provides information that may not be provided for by other branches of intelligence gathering such as human intelligence (HUMINT) or measurement and signature intelligence (MASINT).

SIGINT is a method of gathering intelligence through signal interception. Encrypted data is translated through cryptoanalysis to decipher the real message.

Does this concept sound too alien? How much do you know about SIGINT?

Here are some interesting facts about SIGINT that are nice to know:

1. SIGINT dates back to the 1900s.

The first practice of SIGINT was believed to occur during the Boer War that started in 1899. The British belligerents placed wireless devices on board their Royal Navy ships.

Upon the Boers’ seizure of the wireless devices, they used these to establish transmissions, too. Since only the British used these at that time, that signals were not encrypted, and hence did not need decryption.

Later on, SIGINT practice continued during the Russian-Japanese War from 1904-1905. The British naval ship, that time positioned in the Suez Canal, intercepted transmissions from the Russian vessels as they were preparing for battle with Japan.

When British forces utilized SIGINT in intercepting German radio signals, the use of cryptography then gained prominence. Because of its effectiveness in concealing the content of radio transmissions, cryptoanalysis is still being widely practiced today.

Since then, SIGINT methods developed intricately to provide vital military and tactical intelligence.

2. Intercepting radio waves is legal.

When the radio was invented in 1895, it revolutionized how people communicated with one another. Generally, no one can own radio waves. Privacy laws don’t cover these, either. Interception is legal in this case, in contrast to wiretapping.

SIGINT is a broad term that consists of two fields: COMINT (communication intelligence) and ELINT (electronic intelligence).

COMINT includes telephone calls, text messages, and online chats. It aims to obtain information such as the identity and location of the communicators, the length and time of the communication, and the encryption used.

ELINT focuses on the more technical aspect of the communication itself, such as electric signals. It aims to assess the radar capability of the target by using special sensors. Since this is commonly used in military practice, data obtained through ELINT is usually classified.

3. The Snowden Effect revealed the extent of SIGINT use by the US.

In 2013, Edward Snowden leaked a series of documents from the National Security Agency (NSA). A former contractor of NSA, he disclosed the extent of the agency’s surveillance methods. The Snowden effect forced the NSA, regarded as a very secretive agency, to explain itself to the public.

The growing public concern over US surveillance activities, hailed as the “Snowden effect”, affected the cloud-buying practices by companies.

In 2015, the NSA once more came into the limelight when Laura Poitras produced the film CitizenFour based on Edward Snowden.

In the same year, the United States Court of Appeals ruled that the NSA’s phone surveillance activities were illegal.

4. SIGINT applies to electronic warfare.

Electronic warfare (EW) utilizes non-hostile methods to enter the electromagnetic spectrum while denying the enemy’s access to the same.

One of EW’s sub-disciplines, Electronic Warfare Support or ES, focuses on the identification of electromagnetic energy sources.

For instance, ES analysts detect an unidentified radar signal and consequently determine the type. They compare it to countries who utilize this specific type of radar, including the aircraft, vessels, and vehicles used with it. Ultimately, they can identify the nature and source of the radar.

The practice of SIGINT overlaps ES in this case, as it supports decision-making for military intelligence.

5. SIGINT has ethical implications.

Any information transmitted electronically constitutes SIGINT. This includes sources from the Internet, telephone lines and radio transmissions, whether intercepted or sent to the wrong destination.

SIGINT does not touch on publicly accessible information, such as text messages or e-mails addressed to you.

However, deliberately gaining access to your opponent’s server, using programs to intercept messages, or hacking e-mail accounts are downright unethical.

How about information that’s mistakenly sent to you? Have you received a text message that wasn’t addressed to you? This is a more subtle, practical context of SIGINT when compared to its use in full-scale military operations.

However, receiving a message not intended for you happens every once in a while. Due diligence must be practiced. If you do receive a message by mistake, the ethical action is to advise the sender of the mistake, inform the appropriate department, and ignore or delete the information before it falls to the wrong hands and deliberately passed on.

6. SIGINT aids in decision-making for policy-makers.

We know that certain agencies like the NSA gather raw SIGINT for the translators and cryptologists to transform it into information that an analyst can scrutinize.

Once the raw SIGINT is processed and analyzed, the information is passed to other intelligence agencies such as the CIA. They collate information gathered from other sources to generate complete intelligence. This is vital for policy-makers that focus on pertinent issues like nation-building and national security.

Based on this process, we can say that producing finished intelligence is a tedious and meticulous task.

Because of the technological advancements of this age, intelligence collectors are overwhelmed with the high volume of signals. This makes it even more arduous for analysts to gather, sort, track, and extract the important data from the irrelevant ones.


Understanding MASINT and Its Practical Uses

18.07.2019

MASINT: Information is first collected, then gathered, and finally analyzed.

This is a key process in intelligence gathering, when raw data is transformed into useful intelligence that supports decision-making.

Intelligence collection is a broad science, but we will focus on one specific discipline that is not as widely discussed as the rest.

Measurement and signature intelligence (MASINT) is a specialized branch of intelligence collection. It is a highly technical field that aims to identify and track the distinct attributes of target sources.

Breaking down MASINT

In layman’s terms, we define MASINT as the information obtained by sensors to describe and record the characteristics of a target.

MASINT uses the scientific process. It gathers both quantitative and qualitative data such as metric, angular, spatial, duration, magnetic, and many more types.

With these, we get to know the target more—and know where they are going.

So how are these data obtained, exactly?

There are specialized electronic sensors with the sole purpose of identifying the characteristics of the source, emitter or sender. The sound of aircraft propellers, fluctuating temperatures, material composition of evidence—these are just some of the numerous features that MASINT can obtain.

MASINT is really just about gathering the by-products of these devices.

Such devices or equipment generate a certain by-product or “signature” that is measured, hence the terms “measurement” and “signature” in MASINT. These signatures can be biological, chemical, thermal, nuclear, radioactive, electromagnetic or mechanical in nature.

Based on this description of MASINT, we can say that it is capable of giving a fingerprint of any weapon system. It can provide unique and useful information that other disciplines may not be able to give.

The complexity of MASINT

However, by no means is MASINT collection as simple as defining it. Unlike human intelligence (HUMINT), where information can be gathered from human sources, MASINT requires complex tools and equipment to obtain information.

Since MASINT is widely used in military operations and warfare, a complete MASINT system involves a variety of electronic and sensory equipment to make intelligence-gathering as accurate as possible.

How MASINT started

The early use of MASINT remains unclear, but the techniques used now hail from an interesting history.

Ancient warship captains were believed to rely on the senses to measure the characteristics of the skies, wind, and water. There was no technology to analyze information, but rather a mental collection of signatures that formed the basis for tactical strategies.

Even engineers from the Middle Ages relied on acoustic phenomena—putting their ears on the ground to gather information from sound.

In World War I, soldiers utilized acoustic and optical intelligence to locate artillery that increased their odds of victory.

In World War II, belligerents used radar to track down foreign aircraft, and employed chemical detectors to identify chemical agents used in warfare.

Compared to HUMINT, SIGINT or GEOINT, MASINT is a more recent discipline. Due to limitations in documentation and evidence-based research, the full potential of MASINT cannot be quantified.

Ongoing MASINT studies also remain classified. However, it is a promising discipline.

The sub-disciplines of MASINT

As if MASINT isn’t complex enough, you’ll learn that MASINT itself is just the tip of the iceberg.

MASINT deals with a lot of signatures with varying characteristics. Here are some of the most common forms of MASINT:

● Radar Intelligence (RADINT)
○ Collates dissimilar elements that do not fall under HUMINT, SIGINT or GEOINT

● Foreign Instrumentation Signals Intelligence (FISINT)
○ Intercepts unknown electromagnetic signals emitted from foreign aerospace systems

● Acoustic Intelligence
○ Deals with the collection and analysis of acoustic signals

● Nuclear Intelligence (NUCINT)
○ Measures information obtained from nuclear weapons, devices, methods and facilities

● Electro-optical Intelligence (ELECTRO-OPTINT)
○ Analyzes information from electromagnetic sources within the light, UV and infrared spectra

● Laser Intelligence (LASINT)
○ Collects information from laser threats and measures power sources, power levels, and frequencies of laser systems

Application of MASINT

MASINT provides intelligence on the weapons of the enemy, their equipment locations, and patterns of life.

For the military commander, MASINT facilitates full understanding of operations. When utilized properly, MASINT is effective in foiling clandestine and deception methods executed by the enemy.

MASINT can identify air missiles and track submarines. It can also detect an unknown radio frequency, but this will need SIGINT in order to decipher any encrypted information. Nevertheless, MASINT makes it possible to collect the information relevant to the transmission, and not necessarily about the message itself.

With the knowledge of a weapon’s location, counter-intelligence measures can be formulated.

Here are some general instances when MASINT can be applied:

● Assessing battlefields
● Detecting strategic and tactical missiles
● Detecting and recognizing aircraft, ships, and submarines
● Detecting nuclear and chemical activities
● Detecting, locating, and identifying explosives

Even though MASINT may seem more strategic than tactical, it actually provides a more insightful approach to the situation when analyzed and disseminated correctly.

Integrating MASINT with other disciplines

There is no all-knowing intelligence discipline, no matter how much we want it. How does an omni-sensor sound—an all-seeing tool that saves valuable resources? Can you imagine how phenomenal it would be for military practice?

But no, there is no one discipline that is one-size-fits-all. We know that intelligence collection has reached its finest when all disciplines are utilized to arrive at the best decision.

To create a true omni-sensor, a multi-disciplinary approach to intelligence collection and analysis is crucial. When you integrate MASINT to HUMINT, SIGINT, GEOINT, and TRASHINT—you will arrive with accurate, insightful intelligence that aids in decision-making.


Strengthening Defenses with Security Intelligence

12.06.2019

There’s so much you can do with the Internet—the good and the bad. Cybercrime is so ruthless that experts predict it will incur $6 trillion worth of damages by 2021. It is the largest threat to every company, and one of the toughest challenges of mankind, created by mankind, for mankind.

The evidence itself is in the numbers. Do you think nothing could be worse than drug trade, terrorism or human trafficking? According to Cisco, cybercrime will be more profitable than the biggest illegal drug trades in the world combined. Give it a few more years, and even the most savage syndicates will turn to cybercrime to strengthen their networks—if they haven’t already. Cybercriminals are always two steps ahead—who knows what they’re cooking now?

As a key person in an organization, you have the corporate responsibility to prioritize safety and security—of the employees, finances, and data down to the last detail. You do this through security intelligence, a smart approach to protect your organization from all threats possible.

What is security intelligence?

Security intelligence is the real-time collection, analysis, evaluation and response of data generated from an organization through users, software and IT infrastructure.

By intelligence, we mean information that holds relevant value to your organization. The ultimate goal of security intelligence is to give significant insight to identify, prevent or reduce threats regardless of the size of the organization.

You don’t just collect information in retrospect; you have to know what is going on right now in all nooks and crannies of your network. Then you gather data from every source within your network, so you can compare and see patterns. With analytics, you can perform behavioral profiling and determine false positives. As soon as you have the right intelligence, you present your findings in a concise approach to the top-level management of your organization.

In simple terms, the information provided by security intelligence is laid in front of you. You may not know it, but there may already be a breach of security as you speak—and you’ll never spot it without proper correlation and analysis of data.

How is security intelligence applied?

You’ve heard it many times, but what exactly does security intelligence do? What is it good for? How is it so beneficial?

Here a few ways on how you can apply security intelligence to your business:

Monitoring accounts

What are the odds of having a rogue employee? Even with pre-employment screening, an insider can be a threat. Security intelligence tracks the routine events of your users. It can look into activities and access permissions and alert you for any unusual behavior.

Detecting fraud

Your company’s customer service department is the highest risk vector for fraud. How many users comprise the call center? Imagine all of them having access to clients’ accounts, credit card details, and personal information. This is a serious security risk, but not all internal network monitoring systems can look into this specific network in real-time. Security intelligence, in comparison, can dive deep into this area and detect unusual activity suggestive of fraud.

Recovering compromised accounts

You want to prevent unauthorized access to your network at all times. However, the access itself is not preventable as the attacker enters all valid credentials of the original user. Security intelligence only detects the infiltration through changes in the routine events of the user’s login after the successful access. This will instantly alert your team so you can take immediate action.

How is security intelligence flexible?

Do you own a small business? Do you run a social enterprise? Security intelligence is not exclusive for business giants with a lot of resources, big budgets, and employees. Once you’re in business, there’s always competition.

With your competitors in the background, what can put your business at risk? Complacency.

And complacency opens the doors for security threats to break your defenses. Without security intelligence, you won’t even know there’s a breach going on already.

Open source intelligence and competitive intelligence are both beneficial for strategy-building and decision-making, but you still need security intelligence to protect your company from cybercrime. So whether you belong to a small or large-scale company, security intelligence is helpful.

There is no universal platform used for security intelligence; it’s not a one-size-fits-all approach. It’s a complex process and the approach done by one organization may not be effective for your own. The good thing is that security intelligence is flexible, and there is room for configuration. You can modify it according to your company’s risk posture and weaknesses. Utilizing the right approach identifies both internal and external threat data and transforms them into threat intelligence, forming the basis for making security decisions.

How does security intelligence provide insight?

Not all companies have their own analysts to perform security intelligence. In many organizations, third-party providers comprising of security intelligence experts trained in IT security do the service. In both cases, what matters is the accuracy of the results from which you derive insight.

Collecting the right information—sifting the relevant data from the less significant ones—is crucial in security intelligence. Do you know how much data you hold in your organization? You’ll be surprised how much big data you have stored in your networks. How do you deal with the overload? Security intelligence can help you make sense of the big data. A comprehensive insight will let you look at the big picture and guide you to make the right security decisions.

There is a need to add layers of defense to your organization’s network. This reflects on how you secure your assets, including business data, IT infrastructure and intellectual property. In turn, your ability to secure all these will reflect your organization’s reputation.

Security intelligence is more defensive than it is offensive. Fortunately, this approach is within reach to any organization who takes security seriously. This matters because as you innovate, threats become more sophisticated. As you read, enemies may be breaching your organization’s defense layers right now—utilizing complex measures to infiltrate your network in ways you have never imagined. Can you stop them?


7 Questions on Person Background Checks answered

06.06.2019

Reading a random person’s resume is one thing, but doing a background search is another. For a company screening qualified job-hunters, running a person background checks is often the best and only measure to identify the best applicant of the bunch. By “best”, we not only refer to intelligence and experience, but a whole lot more.

1. What is a Background Check?

A background check is the process of investigating and gathering relevant information such as past or present employment, commercial experience, financial history and criminal records of a person or organization. In layman’s terms, background checking an individual involves digging through many documents and interviewing people to verify facts.

The result of a background check reveals information taken from different sources, such as, but not limited to:

● Schools
● Former employers
● Business interests
● Social security
● Credit history
● Criminal history

2. What is the Purpose of a Person Background Check?

The practice of background investigation extends throughout many industries to provide managers with insight and protect every industry’s best interests:

Recruitment

This is the biggest piece of the pie. Background checking is most availed by recruiters or hiring managers during employee screening. This is particularly true for very sensitive positions such as those belonging in the security, academic, medical, airline and banking industries. Even in the public sector, positions in law enforcement, military and finance need trust and confidence from higher authorities.

The main purpose of person background checks in the context of pre-employment screening is to find out an applicant’s weakness in character and health, and to spot security and safety risks. Any offense within the past work experience is a serious matter, especially for government positions. The ultimate goal of background investigation is to ensure that current employees in the company or organization remain safe and secure.

Small and Medium Enterprises (SMEs)

Background checking is also useful for other people, such as SME owners who want to get to know their prospective business partners, and landlords who want to ensure that their tenants have no criminal history.

Firearm License

Depending on the country, certain affiliations or interests also require background checking. In the US, the Brady Bill requires those who intend to buy firearms and explosives to undergo criminal checks first.

Immigration and Citizenship

In light of issues on national security such as terrorism and drug trafficking, many states do a thorough background and derogatory check on all aliens who wish to enter their respective countries as workers, immigrants or refugees. This is to protect public welfare and minimize, if not eliminate, the threat of undesirable aliens.

3. Who Runs a Background Check?

Ideally, a government agency is the most qualified, unbiased provider of background checks. However, because of their own laws and regulations, not all countries may easily provide this kind of service to anyone who wishes to do an investigation.

For their convenience, companies may have their own private background investigators, but it is not uncommon to employ third-party providers to cross-check information about applicants. Most security companies that provide services like executive protection, business intelligence and fraud investigation also offer individual background checks.

4. How Much does a Background Check Cost?

The rates for requesting documents vary across countries and states. Records from offices like trial courts, professional bodies and motor-vehicular agencies range from $5 to $15, while federal criminal records may go up to $65. Meanwhile, sex offender databases are almost always free to use by the public for online criminal checks.

Private security firms who provide background reports will, of course, charge a premium fee for performing the investigation and gathering all the records. The rates also vary depending on the number of applicants and the extent of the background check as desired by the company. Retrieving records from international groups such as INTERPOL will also cost more considering the overhead costs and difficulty of acquiring information from an outside agency.

For an exact quote, security firms usually propose a plan tailored for a company’s needs and convenience.

5. Is It Essential for Companies to Perform Background Checks?

It’s alarming how many jobseekers misrepresent information in their resumes. According to a 2015 TIME magazine article, more than half of recruitment specialists detect lies on applicant resumes.

Because of bad hire, employers end up in a catastrophic situation—losing their profit, reputation and time. This is a real scenario in Poland, where wrong selection of employees forced 77% of companies to re-recruit due to issues on dishonesty, inefficiency, tardiness and even theft.

Rather than losing thousands or millions of dollars in repeating the recruitment process, why not make it a protocol to perform routine background checking on all prospective applicants? If you’re a business owner, it’s a small price to pay when you know you’re hiring an applicant with a clean record.

While it is not required by law, background investigation has a lot of weight in employee selection. Human resource managers now use it as part of a rubric to gauge an applicant’s overall qualification for the job. In the long run, this will be beneficial for both the employer and employee.

6. How Long does a Background Check Take?

A typical background check will need 3-7 days to complete. For federal documents like FBI records in the US, it may take up to 30 days to generate a thorough check which justifies why they cost a lot more than other records.

The number of applicants and the extent of the investigation also affect how long a background investigation will take. An urgent background report will also demand a higher rate.

7. Does a Background Check Violate Privacy?

The disadvantage of background checking is the increased likelihood of employment discrimination, identity theft and workplace bullying which stems from the invasion of privacy.

While it is not illegal to perform background checks, it is best to check your country or state for applicable regulations regarding its practice. In almost all cases, companies ask the applicants for their consent to undergo person background checks as part of the selection process.

Despite the few unpopular notions and the intimidating process of background investigation, the benefits far outweigh the disadvantages.

Are you a business, entrepreneur or hiring manager? Would you consider performing person background checks on your current and future employees? Let us know what you think.