A Beginners Guide to Counterintelligence
Bridge of Spies
Recently, I sat had dinner with an author specializing in intelligence matters. Over the course of the evening, we had several discussions on the topic of counterintelligence (CI). The author made a passing comment, "I am having a hard time explaining CI to the layman," or words to that effect. It got me thinking. I have discussed CI in this blog before, but mostly at a slightly higher level, discussing aspects of CI and making some recommendations. But how do you describe CI to a layman, the average person, and how do you get them to understand its importance?
Counterintelligence is defined by Executive Order 12333, amended in 2008, as "information gathered and activities conducted to identify, deceive, exploit, disrupt or protect against espionage, other intelligence activities, sabotage or assassinations conducted for or on behalf of foreign powers, organizations or persons, or their agents or other international terrorist organizations or activities." This is the bureaucratic definition, however, CI is much more complex in practice. CI is closer to an art form than anything else. It relies on experience, intuition, hunches, and some guesswork.
I hate sports analogies, but the best analogy I can use to get to a simple definition is football. You have defensive and offensive teams in football. CI also has defensive and offensive aspects. In football, the goal is to get the ball across the field and to the end zone. The equivalent in intelligence operations is to recruit human sources to gather intelligence. In football, the defensive team tries to stop the ball from reaching the end zone. In intelligence, CI is the effort to stop the opposing team from recruiting said source. That is CI in its simplest form, but CI is far from simple.
First, there are different types of CI. Defensive CI focuses on identifying and neutralizing foreign intelligence operations by catching spies, as well as protecting one's own intelligence operations from being discovered by opposing intelligence services. Offensive CI comes in many forms, but its most basic is recruiting sources within the opposing forces' security service so they can tell you everything your enemy is doing against you. Back to the football analogy, it is like having the opposing team's playbook.
Next, any type of CI is complex because everyone involved is trying to hide what they are doing, lying about what they are doing, and drawing your attention away from what they are doing while trying to screw you over at the same time. As a CI officer, the information you receive is usually sketchy, seldom clear cut and it can be contradictory. Sometimes the information is an outright lie put about by your enemies. If you find an anomaly in an operation there can be several explanations, good and bad. It is up to you to eliminate the false clues and find what is really going on. It's like the Sherlock Holmes quote, "When you have eliminated the impossible, whatever remains, however improbable, must be the truth." This Sherlock Holmes analogy is probably the best at explaining the complexity of gathering CI—it is a mystery where you unearth clues, make deductions, and arrive at your conclusion.
This complicated CI does have benefits. It can protect your operations and devastate an enemy's operations. Without CI an intelligence organization, and its government, can be compromised, giving an adversary an advantage. During the late 1970s and throughout the 1980s, the East Germans and Cubans ran aggressive and successful CI operations against the CIA. No one is sure whether one service passed on the techniques to the other service or if they came upon the techniques independently, but both countries managed to feed sources to CIA officers. A CIA case officer would run across a Cuban or East German government official in a variety of settings, strike up a conversation and develop sustained contact with this person. Over time they would recruit the individual and begin producing intelligence. Sometimes this newly recruited source would identify another individual he knew who appeared disaffected with their government. A case officer would contact that person, and eventually recruit him, and so on. Sometimes a case officer would ask the source about another individual, inadvertently revealing CIA interest in that person. The problem with all this was that the sources were all controlled by the East German or Cuban intelligence services.
Both services had undertaken a program of feeding controlled sources to the CIA. This allowed them to control the information the US government received, prevent the CIA from actually obtaining insight into their respective nations, and control the CIA's intelligence programs against Cuba and East Germany. This was incredibly effective CI. Both services shut down the CIA's programs to collect intelligence on these two countries.
Recent reporting indicates that not much has changed. The New York Times reported in the first half of 2022 on a memo sent throughout the CIA workforce outlining how numerous, as many as 200, sources were believed compromised by hostile intelligence services. It went on to highlight Iran as one of the areas where most, if not all, of the CIA's sources, were believed to be either controlled by the Iranians or known to be CIA sources by the Iranians. If accurate, and I have no reason to believe it isn't, this is devastating news. Our ability to collect and provide intelligence on Iran to US policymakers appears to be nonexistent. The article is worth reading as it outlines poor CI as one of the reasons for this state of affairs.
CI is a crucial tool in the world of espionage. It is complex, seldom really appreciated, and misunderstood. However, without it an intelligence service cannot provide accurate and useful information to their governments. They can't do their jobs.