Crime and Justice International Magazine - Sam Houston State University

Thursday
Jul 29th
  • Login
  • Sign up
    Registration
    Fields marked with an asterisk (*) are required.
    Name: *
    Username: *
    E-mail: *
    Password: *
    Verify Password: *
Text size
  • Increase font size
  • Default font size
  • Decrease font size
Home arrow Policing arrow Counterintelligence Applications to Law Enforcement
Counterintelligence Applications to Law Enforcement PDF Print E-mail
by Brian Kelley   

government logos
“The problem with counterintelligence practitioners is that you are always counted on to bring bad news to the party.” Career counterintelligence professionals have become inured to hearing variants of this kind of false and dismissive commentary which are usually buffeted by pejorative connotations. To most of us who have spent our careers in the shadowy world of counterintelligence, these negative assertions have been long accepted as part of the price of doing business, especially when we are put in the often precarious position of “speaking truth to power.”

Why has there been such a pervasive aura of negativity surrounding our discipline? In my more than forty years of government service, which has included being an active practitioner working every facet of counterintelligence in both domestic and overseas venues, it is patently apparent that one of the underlying causes for treating counterintelligence as the proverbial “skunk at the picnic” lies in the fact that, outside our profession, few intelligence professionals have any real understanding as to what constitutes the parameters of our specialization.

The art of counterintelligence is often referred to as the least-known, the least-understood, and certainly among the least-appreciated of all the intelligence disciplines. Surrounding and contributing to the lack of understanding of what counterintelligence can bring to the table is a well-known fact that the federal agencies which constitute the major players in the CI arena, namely the FBI, CIA, NSA and the Department of Defense, all contribute to the semantic vagaries which underpin the lack of common agreement as to what counterintelligence actually means and how it should be employed in both its defensive and offensive modes. As a result, each organization interprets and executes its counterintelligence missions in a myriad of different ways which can significantly impair or obviate a consensus-driven definition of the term.

The Office of the National Counterintelligence Executive (ONCIX) has taken the lead to provide the Counterintelligence Community with a sufficiently broad definition which is palatable to all the major players. According to the ONCIX, “Counterintelligence is the business of identifying and dealing with foreign intelligence threats to the United States. Its core concern is the intelligence services of foreign states and similar organizations of non-state actors, such as transnational terrorist groups. Counterintelligence has both a defensive mission—protecting the nation’s secrets and assets against foreign intelligence penetration—and an offensive mission—finding out what foreign intelligence organizations are planning to better defeat their aims.”

In practice, each of the principal American counterintelligence organizations designs its strategy and implements its assigned missions in ways which result in little strategic coherence or integration with any national model. In its role as a traditional law enforcement agency, the FBI focuses its CI resources primarily in a defensive posture to support its counterespionage mission in which it seeks to find, neutralize, and hopefully prosecute spies and terrorists. Thus, the FBI drives its investigative process in the direction of prosecution or some type of court action. The most important aspect of counterintelligence for CIA similarly lies in a defensive mode employing an array of counterintelligence techniques in an effort to protect sources and methods as well as to support the guidelines in the critical area of “asset validation.” In this latter capacity, CIA must ensure that the intelligence provided by its human source recruitments is free from fabrication and/or deceptive intelligence emanating from double agents orchestrated by a skilled adversary. The military services use counterintelligence tools in an offensive mode which involves, inter alia, the creation and execution of double agent operations in support of deception planning as required by many war plans. In addition, the military services use counterintelligence in an array of defensive postures which are devised and implemented to support its force protection mission.

For those of us who learned our trade during the arduous days of the Cold War, the enemy was well defined. Each side played the game according to well-established and agreed-upon rules. Our primary objectives were to penetrate the military, intelligence, and diplomatic services of our adversaries, while at the same time ensuring that our nation’s secrets were made invulnerable to enemy targeting. To accomplish our missions, we implemented operational planning, utilizing a virtual smorgasbord of tested tactical initiatives which were used to confuse, redirect, and defeat our enemies. One measuring point used to determine the efficacy of any CI action was to measure the outcome as it related to either a security breakdown or operational failure by the other side. The outcome of the game was frequently gauged at the end of the day by a subjective judgment as to whether the glass was half empty or half full.

Although we were slow to realize it at the time, the watershed year for counterintelligence practitioners commenced in late 1991 following the failure of a coup attempt in the former Soviet Union. This action marked the end of the Cold War as we had known it for decades. Victory was declared and the “peace dividend” was declared in the early 1990s, which freed up significant money and manpower resources to support various social programs. According to Admiral Mike McConnell, the current Director of National Intelligence, “The post Cold War period led to a reduction in intelligence staffing by 22% between 1989 and 2001.”1 We found ourselves ensconced in a changed world in which counterintelligence skills were neither prized nor sought. The FBI, CIA, and the Department of Defense paid what turned out to be an enormous price for winning the battle against communism. Decisions were made at the highest levels of the government to retire or reassign a large percentage of experienced counterintelligence personnel. The skill sets which the practitioners had acquired and used for decades were diminished or relegated to missions of less importance. Politically-driven decisions enacted in the early 1990s regarding the downsizing of the nation’s counterintelligence mission proved very costly as the new millennium dawned and this country faced a growing threat not only from our traditional adversaries, which we had always correctly surmised had never really gone away, but also from a wave of terrorist attacks commencing on 9-11. The chilling reality is that we are now facing an enemy which is ideologically committed to do whatever is necessary to inflict maximum damage and mortal harm to our nation and its citizens.

Since the end of the Cold War, our nation has witnessed the growth of a garden variety of organizations which pose demonstrated threats to our nation, such as narco traffickers, transnational organized crime syndicates, and asymmetrical terrorist organizations. In addition, a recent report made by the National Counterintelligence Executive (NCIX), Dr. Joel Brenner, reminds us that our traditional adversaries still pose a significant threat to this country. Dr. Brenner estimated that some 140 foreign intelligence services currently target the United States in one form or another. To combat these threats, more and more traditional law enforcement agencies are out of necessity being pressed into service to work in concert with various federal organizations to assist in the protection of our nation. To this end, it has become apparent that traditional state and local law enforcement organizations need to be trained in the use of classic counterintelligence methodologies to bolster their efforts to identify and ferret out the covert intelligence and terrorist operatives who pose serious threats to our way of life.

What does this new mission mean for many traditional law enforcement agencies which now have been given additional responsibilities to identify possible terrorists, transnational organized crime syndicates, sleeper cells, and narco traffickers who have the money necessary to buy levels of protection and to elude efforts by police organizations which target them? How can counterintelligence techniques and practices be brought to bear on the expanded threat posed by today’s enemy?

Michelle Van Cleave, who served for almost three years as our nation’s NCIX, framed the issue very succinctly when she wrote,

Each of the major challenges confronting America’s security – defeating global terrorism, countering weapons of mass destruction, ensuring the security of the homeland, transforming defense capabilities, fostering cooperation with other global powers, promoting global economic growth – has an embedded counterintelligence imperative.2

How can our nation’s state and local law enforcement officials, who are often on the forefront in keeping this country safe from this array of threats, use the tools of counterintelligence in their battle against America’s new foes? First, we have to recognize the basic paradigm shift in the way of doing business for those police and law enforcement professionals who are now moving to the front lines in executing their new mission. This means that law enforcement professionals must think about the problems confronting them along the lines of how intelligence professionals traditionally have been trained to think and execute their missions in their operational milieu.

One of the primary objectives for law enforcement professionals would be to implement carefully crafted scenarios involving preemptive initiatives which would cause domestic terrorists to consistently question whether their organizations might be penetrated. One of the basic CI axioms is that the best way to defeat or neutralize one’s enemies is to pierce their organizations from within. In the domestic environment, this objective will be difficult but not impossible to achieve. We have seen excellent very recent examples of law enforcement penetration efforts within putative terrorist organizations which were prepared to strike at Fort Dix and at JFK airport. In both cases, the press has reported that “informants” close to the plotters were able to provide law enforcement authorities with information which resulted in several arrests being made before any appreciable harm was done.

Terrorists dispatched to our country or those who may be recruited in this country to support terrorist objectives will not operate out of traditional cover positions within embassies and other diplomatic establishments. Rather they enter our country in a myriad of ways, embedding themselves as much as possible into the routine fabric of our everyday lives, living actual cover while hiding in plain sight and awaiting the call to action. How then can we identify these people and collect intelligence against their supporting organizations whose purpose in life is to do grievous harm to our citizens and disrupt the tranquility of our lives?

We know from experience that a well-trained terrorist is rarely identified through basic police work alone. Rather, leads to possible terrorists most often come from other terrorists, through exploitation of captured records and documents which are acquired as a serendipitous byproduct of other operational activities, communications intercepts, and mistakes made by the terrorists themselves. As an example of the latter, terrorists or terrorist supporters might call attention to themselves when they are trying to obtain explosive material, or they might expose their mission via poor application of operational tradecraft by taking photographs or making sketches of potential targets, or perhaps by being seen repeatedly in the area of these targets without having what we call in our business adequate “cover for action.”

When a potential terrorist is identified, good counterintelligence techniques can be introduced into the equation in an effort to disrupt a planned attack on a facility or to collect evidence to support an arrest. Intelligence operatives would launch what we call a “dangle operation” in which an undercover officer is placed in the daily routine path of the target, who may be looking for additional allies in support of a future mission. The dangle may be induced in the same work environment, the same place of worship, or the same type of sporting or social event which the target may frequent. If the target perceives the potential recruit as having possibilities to assist the “cause,” he will be motivated to induce the initial contact either directly or via an intermediary. A key objective of an operation of this nature is to create a believable scenario in which the target is propelled to make the initial overture to the dangle. This action will lessen the concerns about the potential terrorist as being a double agent designed and launched by the host country’s security or law enforcement service. Any subsequent variant of a counterintelligence review undertaken by the terrorist sponsor should downplay or otherwise mitigate what otherwise may be seen as legitimate concerns relating to the possible recruit being part of some kind of induced operation.

From a defensive posture, one of the most enduring and perplexing challenges faced by domestic CI and security services is that posed by what we term the “trusted insider.” This is a person who has gained legitimate employment within a targeted organization (police or intelligence service) and who has been entrusted in the performance of their routine duties to gain legitimate access to highly restricted databases. The devastation that a “trusted employee” can wreak on a national program should they betray the trust which had been bestowed on them can be almost unimaginable. In recent years, CIA has suffered immense losses as a result of its in-house traitor Rick Ames, who, as the chief of the Counterintelligence Branch in the Soviet Division in CIA’s Directorate of Operations, provided his KGB handlers with highly compartmented information which cost the lives of at least ten Soviet Intelligence officers who had been recruited by CIA.3 Ames was a spy for almost nine years before he was apprehended. The nation’s Cuban program was completely compromised over a seventeen-year period due to the traitorous actions of Ana Montes, a senior analyst at the Defense Intelligence Agency who gave her Cuban handlers every important document involving the U.S. government’s intelligence gathering activities against Cuba. Finally, the FBI lost virtually every intelligence program it had over a two-decade period during the Cold War due to the actions of its own insidious traitor Special Agent Robert Hanssen. Each of our premier intelligence and security services were penetrated from within despite what was believed to be a strong and continuing positive vetting process, including background investigations and, in some instances, routine polygraph examinations. A determined adversary can penetrate our top organizations, and we have to be constantly reminded of and alert to this threat.

There are several other counterintelligence practices which should be understood, taught, and implemented by any law enforcement organization involved in intelligence gathering and running assets against terrorist and other groups which threaten our country. One of the most important of these initiatives is what we call the “counterintelligence review,” which is a comprehensive analysis of the entire dossier involving any key asset being run as an intelligence gatherer or producer. This process involves a top to bottom examination of the file which starts with answering a series of interrelated questions commencing with the first operational volume. In order to do this important review properly, one must choose a person who has special talents in analysis but also someone who possesses a strong understanding of the operational environment in which the asset has been active. Ideally, the analyst will be expected to have a reasonable understanding of the adversary’s operational doctrine in order to better understand the parameters in which the operative will have been expected to perform his duties. An experienced analyst would be focused to search for patterns of inconsistencies and anomalies which will likely manifest themselves over the long term. Equally as important, the person tasked to do the comprehensive counterintelligence review should be completely disassociated from the case and have no discernible ties with any of those who are running the operation. This ensures that the reviewer’s objectivity is not colored by any relationship with those who may have a personal stake in running the asset.

The starting point for counterintelligence review would be to answer the most important question that needs to be addressed, and that is to firmly establish how the asset came to the attention of the recruiter. Was the asset a volunteer, someone who has offered his/her services for the cause? If so, what was established as the volunteer’s motivation? Was it financial, revenge, ego driven, or ideological? Did the asset come to the attention of the recruiter in a seemingly serendipitous manner? Was the asset recommended by someone whom we would term as an “access agent”; that is, a person who is close to the target group but not an integral part of it. Using the answer to the first question as the starting point, the next inquiry should focus on answering the following: “At the time of recruitment, to what kind of information did the asset claim to have access during the course of his/her day-to-day activities?” Knowing what kinds of intelligence the asset would claim to have access to at the outset of the recruitment, the next phase would feature the introduction of someone we call a “production specialist.” This is a person who would undertake a comprehensive review of the intelligence information derived from the asset over the years to determine: (1) How has the acquired intelligence and related operational information stood up to historical accuracy checks? (2) Did the information provided by the asset lead to an important arrestor, identification of other terrorists or terrorists supporters? (3) Did the information lead to any timely notification of a planned criminal activity which resulted in the prevention of a crime or other type of hostile action.

Besides the operational analyst, another critical element of the counterintelligence review is played by the polygrapher who is inextricably linked with the CI professional. Both, after all, are seen by case officers and related decision makers in the intelligence production chain as being purveyors of bad news. Practitioners from both specializations are asked to address problem issues centering on a wide array of operational activities, putting both on a collision course with case officers and/or investigators who are loathe to believe that any of their assets or informers could be duplicitous when providing intelligence information which might be considered to be fabricated or, worse, deceptive. That said, although the polygraph is far more art than science, it does have a deterrent effect in that spies and terrorists tend to shy away from jobs and assignments which require a routine polygraph as a condition of service. Navy spy John Walker retired rather than take a polygraph for a future assignment. NSA spy Ron Pelton left his job for the same reason. Army Warrant Officer James Hall, a convicted spy, manipulated an assignment away from NSA due to fear of what would occur during the required polygraph session. CIA support employee Sharon Scranage made admissions during her routine polygraph test which indicated espionage. She admitted her guilt and was sentenced to prison. FBI traitor Bob Hanssen, despite having extraordinary access to some of this nation’s most sensitive secrets, never was required to take a polygraph.4 When he discussed a rotational assignment outside the FBI, he turned down the job when he learned that one of the requirements was that he undergo a polygraph examination. Polygraphs can deter would-be spies and terrorists and can also provide indications of deception which, combined with other indicators of possible malfeasance, may guide investigators to look closely at someone whose motives might be open to question.

More than ever, our nation’s security and law enforcement agencies must partner with its federal counterparts in the security and intelligence disciplines to assimilate the types of training and information sharing which heretofore were rarely deemed as necessary parts of the nation’s security equation. Our nation faces determined and unrelenting enemies, who now more than ever are focused on undertaking operational activities within our nation’s borders—enemies who show a willingness to make the ultimate personal sacrifice for their cause and who exhibit little moral compunction with killing and maiming innocent parties. The rules of the game have changed dramatically, and as a nation we must re-think the way we go about the safeguarding of our country and its people. To that end, federal intelligence agencies must reach out and work in concert with state and local law enforcement organizations not only to share relevant intelligence, but also to offer training in all facets of the intelligence discipline. Higher levels of education are now offering training in the fields of national security, and private companies can also be called upon to provide expert instructors and modules of training. The priority given to the education and training of state and local law enforcement officials must be ratcheted up to ensure that the federal/state and local law enforcement professionals can maximize their considerable resources against a threat which will only grow unless we work together to explore every conceivable avenue to thwart the efforts of our enemies who are seeking to inflict maximum damage to out nation and our way of life. We owe the citizens of our country nothing less.

Brian Kelley served as case officer and as a counterespionage investigator for the USAF and the Central Intelligence Agency for more than four decades. During this time, he has been the director of counterintelligence training programs at both the National Counterintelligence Center and the Office of the National Counterintelligence Executive where he also served as its first Public Affairs Officer. He is currently employed by Abraxas Corporation in McLean, Virginia.

Notes

1. Adm. Mike McConnell, “Overhauling Intelligence”, Foreign Affairs Quarterly, July/August 2007.

2. Michelle Van Cleave, National Defense University Monograph, “Counterintelligence and National Strategy”, April 2007, page 14

3. Michael Bromwich, Department of Justice Inspector General’s Office, “A Review of the FBI’s Performance in Uncovering the Espionage Activities of Aldrich Hazen Ames. April 1997, Paragraph 1.

4. David Wise, “SPY”, Random House, New York, 2002, page 177
 
Next >
[ Back ]

Search

Main Menu

HomeContact UsEditorial Advisory BoardCJI TeamArticle SubmissionArchivesCJI Forum

Syndicate

Who's Online

We have 62 guests online