Hostile Surveillance Threats

In today’s hostile surveillance environment, security professionals must understand the threat and advise clients on appropriate countermeasures to protect against these invasive efforts.

Even the average citizen has security concerns and can benefit from understanding surveillance countermeasures that enhance personal protection. However, applying surveillance countermeasures without a sound perspective on the threat-specific surveillance techniques they are intended to defeat can be counterproductive and potentially dangerous. For this reason, the practitioner of surveillance countermeasures must think like a surveillance operator in order to anticipate how an operator would act based on specific circumstances.

Actions taken by an individual or security detail to identify the presence of surveillance, and if necessary, to elude or evade the individual or group conducting the surveillance. Surveillance countermeasures consist of surveillance detection and antisurveillance. In basic terms, surveillance countermeasures are actions taken to detect or evade surveillance.

A sound understanding of how a surveillance effort operates, thinks, and reacts establishes the perspective necessary to execute effective surveillance countermeasures. Unfortunately, many security professionals and individuals who regard themselves as security experts are masters only of tactics, not of the theory behind them.

Surveillance countermeasures are only marginally effective if the operator doesn't understand their underlying theory. Relying on rote, textbook tactics without mastering the "art and science" of the process can lead to amateurish execution and lethal consequences.

The proliferation of sophisticated hostile threats requires security consultants and individuals striving for the highest level of personal protection to develop a deep understanding of surveillance procedures and concepts, and to leverage this understanding by employing threat-specific surveillance countermeasures to effectively detect or evade hostile surveillance efforts.

The first step in understanding the hostile surveillance threat is recognizing that virtually anyone can be targeted by hostile threat actors. The contemporary threat environment is characterized by a wide range of unconstrained elements that reflects the ever-growing and pervasive underworld of dangerous actors. The plethora of acute threats to the personal privacy and security of average citizens consists of common criminals and stalkers, private and corporate investigators, government-sponsored espionage and other covert agencies, and international crime and terrorist organizations. In virtually all cases, the elements that threaten individual, corporate, or national security conduct surveillance operations to further their objectives, or as the primary means to an end.

At the most basic level, criminals “case” potential targets to develop information to maximize their probability of success in committing a crime. Well-resourced criminal organizations, to include terrorist organizations, conduct more extensive surveillance efforts to develop information on individuals they intend to intimidate, exploit, or terminate. In preparation for criminal or terrorist acts, surveillance is employed to determine when and where the target is most vulnerable.

The threat has also expanded at the other end of the spectrum, with international espionage methods becoming much more aggressive toward nonmilitary and nongovernment targets. To a large degree, the intelligence services of foreign countries, both friend and foe, are competing in a global war based on economics. The increased importance of economic and commercial technology advantage increases the number of individuals who are the potential targets of espionage due to their professions and business affiliations. This expanding threat is further compounded by the ever-increasing practice of industrial/economic espionage conducted between competing businesses.

With the expansion of these varied threats is the development of surveillance capabilities that were traditionally associated only with government-sponsored intelligence and security agencies. As such, these covert practices, developed by players under unwritten rules of decency, have now been adopted by malicious actors who recognize no such boundaries. In virtually all cases, these elements conduct surveillance of intended victims as an integral component of attack planning. Terrorist elements are a very relevant reflection of this dynamic due to their well-documented employment of target surveillance in attack planning.

Many terrorist organizations have the resources to conduct comprehensive surveillance operations and recognize the importance of surveillance-derived information in support of complex attack planning. The fact that these elements have training facilities and doctrinal manuals reflects a level of proficiency that poses significant challenges for the security community. Terrorist organizations conduct comprehensive preoperational surveillance to maximize the probability of successful attacks. For example, three of the seven stages of a terrorist operation (intelligence gathering and surveillance, preattack surveillance and planning, and operation rehearsal) involve the collection/development of information on the intended target, and require that the threat element conduct surveillance by placing assets (operators/vehicles) in the proximity of the potential target.  Ironically, these efforts to determine a target's vulnerabilities are also the points at which the threat element is most exposed and vulnerable to detection/compromise. In most cases, surveillance efforts in preparation for these attacks are readily detectable, and post-event investigations of actual attacks regularly identify detectable signs that victims overlooked or disregarded due to a lack of surveillance awareness.

The increasing sophistication of hostile surveillance capabilities underscores the need for proficiency in surveillance countermeasures. In addition, assuming that the threat is a sophisticated and capable one would portend that any efforts to counter the hostile threat be even more sophisticated and professionally applied. Conversely, surveillance countermeasures that are executed in an ad hoc and isolated manner – as opposed to a preplanned as a part of a methodical surveillance countermeasures process – will likely be ineffective and potentially counterproductive.

The effectiveness of surveillance countermeasures depends on a keen understanding of the techniques employed by a capable, determined surveillance effort.

Surveillance is the systematic, discreet observation of an individual (target) to develop information regarding the target’s activities. An effective surveillance effort is orchestrated systematically, employing tactics and techniques that best ensure discreet coverage of the target. These time-tested procedures are based largely on an understanding of how the average person observes their surroundings during routine activities.

A surveillance effort employs a systematic approach that involves common tactics, techniques, and procedures. Whether the surveillance effort is a single person or multiple operators/vehicles, there is basically a set system of methods that the effort applies in reaction to the target individual’s movements. With multiple operators, this systematic approach becomes even more important because each operator relies on a shared understanding of how all operators are expected to respond to a given situation. This ability to understand how each operator can be expected to react makes a surveillance operation a system.

Effective surveillance countermeasures are devised to exploit, manipulate, and isolate surveillance operators/vehicles for surveillance detection or antisurveillance purposes.

Surveillance countermeasures are based directly on the surveillance tactics, techniques, and procedures they are used to detect or defeat, and thus a broad understanding of the opposition’s operating processes is essential to their effective execution. Any potential target of a surveillance effort must understand how the system operates to detect or evade its components.

There are many various surveillance detection and antisurveillance maneuvers, but it is the underlying conceptual basis that makes them effective. The most effective surveillance countermeasures are based on the comprehensive analysis of hostile surveillance threats. With this level of understanding, the range of surveillance detection and antisurveillance techniques to counter a hostile surveillance effort is limited only by the practitioner's knowledge of fundamental concepts and resourcefulness. The specific tactical applications are relatively limitless to the practitioner whose expertise is grounded in the “art” and “science” of the process.

Understanding how the surveillance threat thinks and reacts is the basis of effective surveillance countermeasures. Surveillance countermeasures must be conducted with an appreciation that the surveillance effort they are directed against has a strategy, is proficient, and can respond and adapt to the situation. Understanding how a surveillance effort will perceive and respond to these countermeasures is vital to the effective application of specific surveillance countermeasures. The ability to detect or evade a hostile surveillance threat effectively yet inconspicuously can also have life-or-death implications.

As a general rule, the more sophisticated approach is for the individual concerned about potential surveillance coverage to implement countermeasures in a way that would not be perceived by the observing surveillance effort as surveillance consciousness. Therefore, it is generally to the individual’s long-term advantage that the surveillance team not suspect he or she is conducting surveillance countermeasures. In general, an individual who suspects surveillance has many more options and can exploit more vulnerabilities than a surveillance effort that does not suspect the target is surveillance-conscious and practicing countermeasures. A surveillance effort will tend to exercise less diligence and be more likely to expose itself to greater risk of compromise if it perceives that the target individual is oblivious to the threat of surveillance.

In addition to providing more opportunities to isolate surveillance operators/vehicles for detection or antisurveillance purposes, there are very pragmatic reasons to employ more discreet practices that would not be perceived as surveillance countermeasures by an observing surveillance effort. The potential target of surveillance must also consider how the surveillance effort would respond upon detecting that the target is using active surveillance countermeasures. Observing surveillance countermeasures may lead the surveillance effort to conclude that the individual is employing operational tradecraft to conceal activity of interest. These observations would likely result in a more determined approach on the part of the surveillance effort, such as the use of more operators or more advanced measures such as technical surveillance capabilities.

The most extreme risk of conducting surveillance countermeasures in an amateurish manner, without a sound understanding of how a hostile surveillance effort reacts and adapts, occurs when the surveillance effort perceives that it has been detected by the individual under surveillance or that the target individual is attempting to evade the surveillance effort by employing overt antisurveillance techniques.

Such a perception by the hostile surveillance effort may compel it to respond in a high-risk or violent manner. For example, a surveillance effort that is being conducted to determine where a target would be most susceptible to attack may react by moving directly into the attack phase of the operation if it observes actions that indicate that the target is attempting to detect or elude surveillance, and they may not have another opportunity if these attempts are successful.

As a practical application, a 180-degree turn on foot is among the most effective surveillance detection methods because it is one of the few ways an individual can observe surveillance operators following them. However, the surveillance detection opportunity will likely be lost if executed by an individual who does not understand precisely how a surveillance effort would respond to such a maneuver and therefore cannot observe individuals who react in a manner indicative of a capable surveillance effort. In addition, if the individual executes the 180-degree turn without incorporating a logical reason for having reversed directions, the surveillance effort may perceive this as an overt surveillance detection maneuver and react in a manner that is not in the individual’s best safety or security interests.

When I attended basic and advanced counterintelligence agent training (many years ago), I was taught to employ surveillance detection techniques such as “stopping after a blind corner” or the “three sides of a box” surveillance detection route. I was instructed to implement these tactics and observe individuals who reacted conspicuously. It was not until a few years later, when I commanded an elite covert surveillance team, that I realized how a tactically proficient surveillance capability would respond to such countermeasures. This was when I realized that these tactics, executed in isolation, were amateurish and only confirmed to my team that the individual under surveillance was employing basic countermeasures and therefore did, in fact, have something to hide. This dynamic only intensified the effort against the individual until an arrest. Although my team was operating in the best interests of national security, most elements conducting target surveillance are not, and may therefore react to such indications of surveillance consciousness more quickly and aggressively.

Tactical applications are fundamental, but understanding advanced concepts enables the target of surveillance to enter, manipulate, and disrupt the hostile surveillance threat element’s decision cycle and operational processes. The sophisticated application of surveillance countermeasures enables the target to “flip the script” and become a “master of puppets” in regard to a hostile surveillance effort. The ultimate objective of a practitioner operating at the “master’s” level of surveillance countermeasures execution is to employ advanced surveillance concepts to reorient the surveillance effort’s systematic approach, shifting it from hunter to hunted.

The Professional’s Approach to Countering Sophisticated Hostile Surveillance Threats By Aden Magee

Aden Magee is a widely recognized national security expert. Mr. Magee specializes in full-spectrum threats to U.S. national security as a senior consultant/advisor to the Department of Defense, the Department of Homeland Security, and the Federal Bureau of Investigation. His most recent books include The Cold War Wilderness of Mirrors and Surveillance Countermeasures: The Professional’s Guide to Countering Hostile Surveillance Threats. Aden Magee is a retired U.S. Army officer and a veteran of foreign wars.

The post Hostile Surveillance Threats appeared first on Circuit Magazine.