Month: October 2014

Sigint: definition, qualities, problems and limitations (quotes from Aid & Wiebes, 2001)

Below are a few quotes on sigint from Introduction: The Importance of Signals Intelligence in the Cold War ($) by Matthew M. Aid & Cees Wiebes, published in 2001 in the journal Intelligence and National Security Vol 16 Issue 1 (pages 1-26). The quotes cover the definition, qualities, problems and limitations of sigint.

First, here’s how Aid & Wiebes explain sigint, comint, elint and fisint (consistent with today’s technical definition of sigint on Wikipedia):

WHAT IS SIGNALS INTELLIGENCE?

An US Army publication defines Sigint as intelligence derived from the intercept, analysis, and parametric exploitation of foreign communications and non-communications radio-electronic emissions. An US Marine Corps manual defines Signals Intelligence (Sigint) as ‘intelligence gained by exploiting an adversary’s use of the electromagnetic spectrum with the aim of gaining undetected firsthand intelligence on the adversary’s intentions, dispositions, capabilities, and limitations’.

Sigint is composed of three separate but interrelated intelligence collection techniques: communications intelligence (Comint), electronics intelligence (Elint), and foreign instrumentation signals intelligence (Fisint). Communications Intelligence (Comint) is intelligence information derived from the intercept and processing of voice, Morse code, radioteletype, facsimile, multichannel (or microwave radio relay), and video signals. Comint does not include the interception of unencrypted written communications (mail), the monitoring of foreign public media or propaganda broadcasts, the interception of communications obtained during counterintelligence investigations, or wartime censorship activities.9

For example, during the 1950s and 1960s NSA intercept operators around the world spent most of their time monitoring and transcribing radio traffic concerning the day-to-day routine activities at foreign military bases around the world, such as communications from airfield control towers or ground stations directing aircraft movements, the radio traffic of ground forces manoeuvring in the field, ship-to-ship and ship-to-shore naval radio traffic, foreign military and civilian weather broadcasts, and air-to-ground civilian airline communications.10 During the Cold War, a typical American Comint target was the routine activity at Soviet airfields in East Germany and elsewhere. NSA voice intercept operators monitored the early morning radio checks from the air base, followed by radio traffic among the control tower, the firing range controller, the taxi strip monitor, the bombing range controller, the weather station, the aerial intercept controller, the ground safety crews, and the radar operators. The intercept operators then tracked the routine training flights of the base’s combat aircraft as they practised aerial intercepts or bombing attacks at ranges near the airfield. This required listening to hours of mundane air-to-air and/or air-to-ground radio chatter, which in turn required further hours to transcribe and process every day.

Electronics Intelligence (Elint) is concerned with the interception and analysis of emissions from foreign electronic devices. The most common Elint targets are the wide variety of radar systems used around the world for early warning, missile detection, ground control intercept, missile targeting, fighter target vectoring, and altitude determination. Through Elint, these radar systems can be identified by their function and type, their range and capabilities assessed, and their locations precisely fixed. This intelligence information is principally of interest to the military because, as a recently declassified US Air Force document put it: ‘By counting radars, specifying their precise location, determining their ranges, and evaluating their operational systems, analysts and engineers could develop countermeasures capable of jamming offensive surface-to-air missile radars and other defensive radars. Other Elint targets include navigation aids and radio beacons which provide geographic position information to ships, aircraft and other vehicles; air-to-air and air-to-ground identification signals, such as Identification, Friend or Foe (IFF) transponders, repeaters and interrogators; emissions from countermeasures equipment and radio jamming devices; radiation from missile guidance systems and artillery fuses; and emissions from meteorological devices, diathermy, radio heating, and research and development laboratories and field testing stations working on electronic devices.

[Foreign instrumentation signals intelligence (Fisint)] is defined as the collection and processing of emissions associated with the testing and operational deployment of aerospace, surface, and subsurface systems, which may have either military or civilian application. Fisint includes but is not limited to monitoring telemetry from ballistic missiles as well as manned and unmanned space vehicles, beaconry, electronic interrogators, tracking/fusing/arming/command systems, and video data links which relay data to a ground station concerning performance of space vehicles or weapons systems. As such, Fisint is the Sigint collection discipline primarily associated with the monitoring of foreign weapons research and development activities, including but not limited to ballistic missile testing.

Finally, in the last decade Sigint has become deeply involved with a new kind of electronic communications medium: digital data communications signals, which refers to the transmission of vast amounts of digital data among and between computer systems and networks. A good example of the traffic passing along this medium is electronic bank transfer data. NSA and its English-speaking Sigint partners refer to data traffic by the covername ‘Proforma’.

Concerning intrinsic qualities of sigint, Aid & Wiebes mention the following:

  1. The first is that Sigint is a passive intelligence collection technique that generally is conducted without the target’s knowledge. Moreover, Sigint collects information against communications targets that are oftentimes thousands of miles away, thus negating the need for the intercept sites to be near the targets being monitored. This means, generally speaking, that Sigint involves relatively little political or physical risk. […]
  2. Second, the objectivity and reliability of Sigint is great, but far from perfect. Former CIA Director Vice Admiral Stansfield Turner wrote in 1991 ‘electronic intercepts may be even more useful [than agents] in discerning intentions. For instance, if a foreign official writes about plans in a message and the United States intercepts it, if he discusses it and we record it with a listening device, those verbatim intercepts are likely to be more reliable than second-hand reports from an agent.’ A retired senior CIA officer opined that Humint can never be free from the biases and perceptions of its sources, that the information is oftentimes deemed tainted because it came from traitors motivated by greed or personal grievances, or that it was obtained by corrupting or seducing vulnerable human beings. But in its raw form, Sigint reproduces exactly what it records in an unvarnished, unbiased and undistorted fashion. […]
  3. Third, unlike other sources, some but certainly not all Sigint intercepts can stand on their own without the need for analysis or correlation with other sources, although practitioners of the Sigint craft and ‘all-source’ intelligence analysts screech in dismay whenever this occurs. This led to the practice during the Cold War of the President of the United States and senior White House officials getting each morning a Top Secret intelligence summary from the CIA and an even more highly classified publication called the Black Book, containing the most important decrypts produced by NSA during the previous 24 hours, along with the Agency’s commentary. […]
  4. Fourth, because of its reliability and the high-level attention that intelligence derived from Sigint received on both sides of the Iron Curtain, it proved to be (with apologies to U-2 and spy satellite aficionados) the premier source of information for national security officials and foreign policymakers during the Cold War. […]
  5. Fifth, Sigint was usually the fastest source of current intelligence information available to consumers. A congressional intelligence committee official said of Sigint that ‘it’s there quickly when needed’.40 Lieutenant General Daniel O. Graham, the former Director of the Defense Intelligence Agency (DIA), was quoted as saying ‘Most collection agencies give us history. The NSA is giving us the present.’ […]
  6. Sixth, Sigint produces more intelligence information on a broader range of subjects than any other intelligence source. In 1964 alone, NSA sent out approximately 150,000 finished intelligence reports and translations to its consumers in Washington, or more than 400 Sigint reports a day. […]
  7. Seventh, Sigint never sleeps. Agents and their handlers must sleep (we are after all only human!), and darkness or adverse weather could shut down imagery collection systems for weeks at a time. But Sigint collects and produces intelligence 24 hours a day, 365 days a year, regardless of the weather or other environmental conditions.
  8. Eighth, Sigint is flexible and more responsive to consumer tasking than most other intelligence sources. A 1998 congressional report stated that ‘much of NSA’s past strength has come from its localised creativity and quick-reaction capability’. You can quickly retarget Sigint, assuming that you possess the appropriate collection platforms and the manpower with the requisite skills to perform the mission. This made Sigint the source of choice during fast moving world crises during the Cold War. […]
  9. Ninth, intelligence insiders argue that Sigint’s potential as an intelligence source is greater than all other intelligence collection disciplines. One successful solution of a major foreign cryptographic system can generate more intelligence information in a day than all other sources combined. […]
  10. And tenth, relative to all other intelligence disciplines, many intelligence ‘insiders’ consider Sigint to be one of the most cost effective means of gathering intelligence. […]

Concerning problems and limitations of sigint, Aid & Wiebes mention the following:

  • Secrecy of Sigint: Historically, because of the need to protect sensitive sources, Sigint intercepts were given extremely limited distribution with the highest levels of government and the military, and even then, only on a need-to-know basis.71 A declassified 1952 US Army memorandum states: ‘It is fully realised that enemy communications are probably the most sensitive of all intelligence sources, and that every precaution must be taken to protect the security of our efforts to exploit them.’72 […]
  • Diminished Utility: The ability of consumers to use Sigint was strictly limited because of pervasive security considerations.83 For example, during the Korean War, American Top Secret intelligence reports derived from Comint carried the following caveat emptor: ‘Certain restrictions prohibit the further dissemination of this information either direct or paraphrased. Pertinent order of battle information included herein, that is not confirmed by other sources will be passed to divisions on a “need to know basis” only and will not be included in any routine intelligence reports or summaries.’84 […]
  • Failure to believe Sigint: Cold War history is replete with many examples of government officials, military commanders, and intelligence analysts who chose not to believe the Sigint they received. In part, this was because the reader did not understand the information they received, or trust the reliability of the Sigint source. More often then not, the Sigint was misused or ignored because it did not fit some preconceived notion already held by the reader. […]
  • Over-Reliance on Sigint. There are numerous examples of intelligence officials and military commanders placing undue reliance on Sigint to the exclusion of other sources of intelligence information. […]
  • Sigint Snobbery. As the importance of Sigint grew during the years after World War II, followed by the introduction of spy satellites in the 1960s, the value of Humint was rapidly marginalised within the American and British intelligence communities.96 This led to a pervasive sense of snobbery and self-infatuation by the denizens of the Sigint community in the West. Intelligence insiders referred to this elitism as the ‘Green Door’ syndrome. This led Humint partisans to complain that greater credence was almost always given to Sigint over Humint.97 […]
  • The Fragmentary Nature of Sigint: Sigint usually will provide hundreds if not thousands of pieces of a complex puzzle, but rarely will it yield the entire puzzle. Much of the information obtained by Sigint is fragmentary and indirect, requiring that analysts patiently sift through hundreds or thousands of intercepts in order to piece together the pieces of a puzzle. Even then, the puzzle more often than not remains largely incomplete, as in the case of the much-touted Venona decrypts. The fragmentary nature of most decrypts make them extremely difficult to understand, much less use.100 […]
  • Sigint Does Not Provide All the Answers. Generally, Sigint cannot measure a nation’s political will or morale, or detail the innermost workings of foreign governments. […]
  • Lack of Timeliness: Although Sigint insiders pride themselves on being fast, sometimes they are not fast enough because of the time and effort required to process, analyse and report to consumers the results of Sigint collection.104 […]
  • Too Much Information: Experience during the Cold War showed that NSA often did drown intelligence analysts in a sea of paper, such as during the 1968 Czech crisis and before the 1973 Middle East War. […]
  • Lack of Sigint: In some instances during the Cold War, good operational and communications security by the Soviet Union and its allies ‘blacked out’ Sigint, although these instances were fewer than previously believed. For example, in 1959 the Algerian National Liberation Front (FLN), which was fighting for the independence of Algeria from France, changed all of its codes, making them impossible for the French Comint service to decrypt.109
  • Deniability: Access to Sigint data can be denied by the use of encryption and other secure forms of communications, such as landline telephone and telegraph circuits, or more recently fibre-optic cables.110 For example, NSA lost much of its access to high-level Soviet communications traffic in the late 1940s and early 1950s when the Russian military shifted much of its high-level communications traffic to landlines.111 Recently introduced complex communications technologies, such as frequency hopping radio systems, have made the job of the Sigint intercept operator far more difficult then in the past.112 In recent years, Pakistani-backed guerrillas operating in the Indian state of Kashmir, calling themselves the Hizbul Mujahideen, have begun using frequency-hopping radios, burst transmission technology, citizen-band radios, satellite telephones, even sophisticated encryption technology, which has made it increasingly difficult for the Indian government’s Sigint services to monitor their communications traffic.113
  • Fragility of the Source: Because it is dependent on extremely fragile and sensitive sources and methods, Sigint is particularly vulnerable to damage caused by treason, defections, news leaks, or poorly considered public statements by government officials.114 […]
  • Communications Deception: Sigint is vulnerable to communications deception, although this is a very difficult and dangerous game to play.120 For example, the KGB decided not to play communications deception games with the Berlin Tunnel in order to protect their source inside MI6, George Blake.
  • Lack of a Co-ordinated Sigint Effort: Competing bureaucracies were the bane of the American and Soviet Sigint efforts during the Cold War, resulting in massive duplication of effort and wasted resources. […]
  • Technical Issues: Sigint’s ability to perform effectively is subject to the vagaries of atmospheric conditions and solar flare activities. For example, in the mid-1950s, the Canadian intercept site at Churchill in Manitoba was forced to shut down its operations for days at a time because atmospheric anomalies, which are common in the northern climes, prevented the station’s operators from hearing any high-frequency signals.129 Terrain is also a significant limiting factor. For example, Sigint intercept operators have historically experienced great difficulty copying radio signals emanating from urban areas, densely wooded terrain or in mountainous regions.130 Finally, radio interference coming from major urban areas or industrial activities in the vicinity of the listening post can wreak havoc with radio intercept operations.131 For example, the Canadian listening post at Inuvik in northern Canada had to be closed in April 1970 because radio interference from nearby oil exploration activity significantly affected the station’s ability to monitor HF radio signals coming from the Soviet Union.13

And a last note I’d like to keep here:

A 1973 memorandum to the Dutch Prime Minister described that nation’s Sigint organisation as ‘[T]he most valuable asset we have to collect an intelligence product that is valuable to all interested parties.’

EOF

Dutch sigint in the 80s: deception to get on board of Soviet ships to plant tracking devices

Historic tidbit on Dutch sigint in the 1980s, from Richard Aldrich’s book GCHQ – The uncensored story Britain’s most secret intelligence agency (2010):

The idea of GCHQ teaming up with the Europeans was not a bad one. European sigint services such as those of the Norwegians, the Germans and the Dutch were highly professional, and had made many important contributions to Western intelligence down the years, not least during the Falklands War. They often displayed brilliant lateral thinking. When Soviet naval ships entered Dutch harbours in the 1980s, their hosts would often complain that the Soviet radar was interfering with local television broadcasts and insist on a snap technical inspection. The crafty Dutch used this opportunity to plant a small tracking device high up on the Soviet ships that was no more than the size of a brick. This tracking device was so successful that it became a standard technique across the Western secret services. Typically, a small group of British SBS personnel worked with SIS and GCHQ on similar tasks in the 1990s. [Footnote 17: Tomlinson, The Big Breach, p.77]

EOF