1. Counterintelligence 1

2.  At the end of this lesson, the student should be able to:
 Define COUNTERINTELLIGENCE;
 Identify the three types of counterintelligence;
 Describe how intelligence is safeguarded internally against
counterintelligence;
 Understand various issues related to the classification of information;
 Define DECEPTION; and
 Assess the motivations and damage done by various spies in U.S.
history.
Counterintelligence 2

3. Efforts taken
to protect one’s own intelligence operations
from penetration and disruption
by hostile nations or their intelligence services.
It is both analytical and operational.
Counterintelligence 3

4.  Collection: Gaining information about an opponent’s
intelligence collection capabilities that may be aimed
at you
 Defensive: Thwarting efforts by hostile intelligence
services to penetrate your service
 Offensive: Having identified an opponent’s efforts
against your system, trying to manipulate these
attacks either by “turning” the opponent’s agents into
double agents or by feeding them false information
that they will report home
Counterintelligence 4

5. Counterintelligence 5

6.  Try to determine where the
officers go and with whom they
communicate or are in contact
 TRADECRAFT is devoted primarily
to frustrating this sort of activity
 Because this sort of surveillance is
cumbersome and expensive, it is
important to target it against
actual intelligence officers
Counterintelligence 6

7.  Defector: A person who gives up allegiance
to one country in exchange for allegiance to
another. This act is usually in a manner which
violates the laws of the nation from which the
person is seeking to depart (as opposed to
changing citizenship).
Counterintelligence 7

8.  Double Agent: A person who spies on a country
while pretending to spy for it. A spy in the service
of two rival countries or companies.
 Mole: A spy who becomes part of and works
from within the ranks of an enemy
governmental staff or intelligence agency.
 Dangle: An agent who pretends to volunteer to
spy for the hostile intelligence service but in fact
remains loyal to his/her country.
Counterintelligence 8

9.  Identify officers of the hostile intelligence service engaged in
running agents
 Learn their adversaries’ operational methods
 Learn about their adversaries’ tradecraft and thus become better
able counter it
 Examine specialized equipment provided to double agent by
adversary
 Learn about the hostile service’s priorities
 May allow counterintelligence to dangle successfully another
double agent
Counterintelligence 9

10.  Sudden loss of a spy network
 Change in military patterns that corresponds to satellite
tracks
 Penetration of the other service’s apparatus that reveals
the possibility of having been penetrated as well
 Odd botched operation
 Failed espionage meeting or a negotiation in which the
other side seems to be anticipating your bottom line
Counterintelligence 10

11. Counterintelligence 11

12.  Classification of Information INFOSEC
 Personnel Security
OPSEC
 Physical Security
Counterintelligence 12

13.  Harry Truman established the
first government-wide system of
classification in 1951
 Current system is governed by an
executive order promulgated by
President Clinton in 1995
Counterintelligence 13

14.  Current classification in degrees of damage
to national security
 Top secret: exceptionally grave damage
 Secret: serious damage
 Confidential: damage
Counterintelligence 14

15.  Background investigation
 Polygraph
 Determines if an individual can be granted a
security clearance
Counterintelligence 15

16.  Seeks to safeguard not
only the material object
such as the documents
that contain information,
but also the information
itself
Counterintelligence 16

17. Counterintelligence 17

18. “the attempt to mislead
an adversary’s intelligence analysis
concerning the political, military, or economic
situation he faces,
with the result that,
having formed a false picture of the situation,
he is led to act in a way that advances one’s
interests rather than his own.”
Source: Shulsky, 117.
Counterintelligence 18

19.  Considered a form of counterintelligence
because it attempts to thwart the fundamental
purpose of the adversary’s intelligence
operations
 Deception and intelligence failure are related
things; one side’s successful deception implies
the other side’s intelligence failure
 Deception can be attempted in wartime or
peacetime, but it is much more prevalent during
wartime
Counterintelligence 19

20.  Block: If too many true signals get through, the
adversary is unlikely to be deceived
 Manufacture: Planned with adversary’s human
and technical capabilities in mind
 Feedback:
 Were all the real signals blocked?
 Did manufactured signals reach the adversary?
 Were desired conclusions drawn?
Counterintelligence 20

21. Counterintelligence 21

22.  Covert
 Tendency to trust your own people who have
been cleared and vetted
 Unwarranted suspicion can be just as
debilitating as having a spy in the midst of an
organization
 Source of friction between the CIA and FBI
 FBI has primary CI responsibility in the U.S.
Counterintelligence 22

23.  Identification of threats
 Monitoring of
suspicious activity
within local
communities
 Community liaison
 CI component of law
enforcement operations
Counterintelligence 23

24.  More about Denial
and Deception than
Offensive
Counterintelligence
 How do companies
accomplish CI?
 Is CI in business legal?
Counterintelligence 24

25.  Prevent or neutralize the foreign acquisition of weapons of
mass destruction (WMD) technology or equipment
 Prevent the penetration of the U.S. Intelligence
Community
 Prevent the penetration of U.S. Government agencies or
contractors
 Prevent the compromise of U.S. Critical National Assets
 Conduct aggressive CI operations focusing on those
countries that constitute the most significant threat to
U.S. Strategic interest
Counterintelligence 25

26.  US is becoming more aggressive in CI
 2005 CI strategy called for pre-emptive action against
foreign intelligence services viewed as threats to
national security
 Office of the National Counterintelligence Executive
(NCIX) created 2005
 2009 National Intelligence Strategy made
counterintelligence a primary mission objective for
the first time
Counterintelligence 26

27.  2009 National Counterintelligence Strategy
(approved in 2010) has 4 main goals:
1. Detect insider threats
2. Penetrate foreign services
3. Integrate CI with cyber
4. Assure the supply chain of the national
security community “from foreign
exploitation”
Counterintelligence 27

28. Klaus Fuchs Kim Philby, MI6 Oleg Penkovsky, GRU
TUBE ALLOYS/ (Britain) (USSR)
Manhattan Project
(Britain & US)
Source: http://www.bbc.co.uk/
Source: https://www.mi5.gov.uk/output/klaus- Source: http://www.spymuseum.com/
fuchs.html history/worldwars/coldwar/cambridge pages/agent-penkovsky-oleg.html
_spies_01.shtml
Counterintelligence 28

29. John Walker, US Navy Jonathan Pollard, US Navy Ana Montes, DIA
Source: http://www.spymuseum.com/ Source: http://www.fbi.gov/about-us/ Source: http:// www.fbi.gov/news/
pages/agent-walker-john.html investigate/counterintelligence/cases/cases-1 stories/2008/september/montes_091209
Counterintelligence 29

30. Aldrich Ames, CIA Robert Hanssen, FBI
Source: http://www.gwu.edu~
nsarchiv/nsa/publications/ie/index.html Source:
http://www.spymuseum.com/pages/agent-
hanssen-robert.html
Counterintelligence 30

31.  Spy Museum Interviews: http://spymuseum.org/from-
spy/spycast
 June 4, 2010 features Martha Peterson, the first female CIA case
officer in Moscow and discusses her capture by the KGB
 April 1, 2008 is about Col. Sergei Tretyakov, one of the most
senior Russian defectors ever
 Oct. 1, 2007 features John Sullivan, the CIA’s longest-serving
polygrapher
 Aug. 1, 2007 focuses on the Ana Montes case
 Teague, Matthew. 2006. “Double Blind: The Untold Story
of how British Intelligence Infiltrated and Undermined the
IRA” The Atlantic Monthly 297:53-62.
Counterintelligence 31