Sunday, July 10, 2016

Guest Article from Bob Wright - OPSEC

I apologize for the light postings.  I am coming off of a four day extended Reserve fun-in-the-sun weekend and had very little time for much of anything other than that this weekend.  Mr. Bob Wright was so kind as to put this on my Facebook site and I would like share it with you here.



OPSEC is a word that gets used and misused a lot in our movement. Here is a basic outline to help define what it is and how you can implement it

1. Define OPSEC.

a. OPSEC is a process of analyzing friendly actions pursuant to military operations and other activities to-

(1) Identify those friendly actions that can be observed by the threat.

(2) Determine indicators that the threat might obtain that could be interpreted or pieced together to derive critical information in time to be useful.

(3) Select and execute measures that eliminate or reduce to an acceptable level the vulnerabilities of friendly actions to the threat exploitation.

     b. OPSEC maintains essential secrecy, which is the condition achieved by the denial of critical information to the threat. Threat possession of critical information can prevent friendly mission accomplishment. Thus, essential secrecy is a necessary prerequisite for effective operations. Essential secrecy depends on the combination of two conditions:

          (1) Provide traditional security programs that deny the threat classified information.

          (2) Provide OPSEC to deny the threat critical information, which is always sensitive and often unclassified.

2. Define indicators.

     a. Indicators are data derived from open sources or from detectable actions that the threat can piece together or interpret to reach conclusions or official estimates concerning friendly intentions, capabilities, or activities. They are also activities that result from military operations. Indicators contribute to the determination of friendly courses of action. Their identification and interpretation are critical tasks of the threat operations. Indicators can be used in many ways. For example, if the commander wants the threat to think one way but, in reality plans on doing something entirely different, he may give him a false indicator (such as massing a smaller force to disguise a larger objective).


     b. There are three types of indicators:


          (1) Profile indicators show how activities are normally conducted. Profiles are developed by looking at all aspects of friendly operations from the viewpoint of the threat. The friendly profile must include all of those things that, if detected by the threat, could provide information concerning our capabilities, vulnerabilities, and intentions.


               (a) Patterns are stereotyped actions that occur so habitually that they can cue an observer to either the type of military unit or activity, its identity, capabilities, or intent. The Army tends to do things in the same way (SOP). This causes patterns that the threat looks for so he can predict intentions.


               (b) Signatures result from the presence of a unit or activity on the battlefield. Signatures are detected because different units have different types of equipment, are of different sizes, emit different electronic signals, and have different noises associated with them.


          (2) Deviation indicators, which highlight contrasts to normal activity, help the threat gain appreciation about intentions, preparations, time, and place.

          (3) Tip-off indicators draw attention to information that otherwise might pass unnoticed. These are most significant when they warn the threat of impending activity. This warning allows the threat to pay closer attention and to task additional collection assets.

3. Identify threat capabilities.

     a. The threat consists of multiple and overlapping collection efforts targeted against all sources of Army information. The threat devotes significant resources to monitor U.S. military operations and activities on a daily basis. The threat can produce reliable information on the U.S. military and its capabilities, intentions, and vulnerabilities. The threat is also shifting the emphasis in targeting. Foreign targeting of American technology is increasing for economic as well as military reasons. Technology transfer will continue to remain a major concern in the future.

     b. The major threat collection capabilities fall in four areas:

          (1) Human intelligence (HUMINT) includes all information derived through human sources not accessible to other collection assets. HUMINT employs overt, covert, and clandestine operations to achieve worldwide collection objectives.

          (2) Imagery intelligence (IMINT). The threat can obtain IMINT from land, sea, air, and space platforms (radar, photographic, infrared, and electro-optic imagery). At the tactical level, airborne collection possesses the greatest IMINT threat.

          (3) Signals intelligence (SIGINT) results from the collection, evaluation, analysis, integration, and interpretation of information derived from intercepted electromagnetic emissions.

          (4) Measurement and signature intelligence (MASINT) is scientific and technical intelligence obtained by quantitative and qualitative analysis of data derived from technical sensors for the purpose of identifying any distinctive features associated with the source, emitter, or sender and to facilitate subsequent identification or measurement.

     c. Two additional areas of concern:

          (1) Technology transfer, which has led to significant enhancement of military-industrial capabilities at the expense of the United States.

          (2) Non-traditional threats. Past and present allies are potential intelligence threats. They can engage in intelligence collection activities to gain economic or political advantage, which is not in the best interest of the United States.

4. Define OPSEC measures. OPSEC measures are methods and means to gain and maintain essential secrecy about critical information.

     a. Action control eliminates indicators. Select what action to undertake, decide whether or not to execute actions, or impose restraints on actions. (Specify who, when, where, and how.)

     b. Countermeasures attack the threat collection system by using-

          (1) Diversions.
          (2) Camouflage.
          (3) Concealment.
          (4) Jamming.
          (5) Deception.

5. Implement the OPSEC Process. OPSEC has five steps that apply to any plan, operation, program, project, or activity. They provide a framework for the systematic process necessary to identify, analyze, and protect information for essential secrecy. The process is continuous. It considers the changing nature of the threat and friendly vulnerabilities throughout the operation. It uses the following steps, but does not have to follow them in a particular sequence.

     a. Identify critical information. Critical information consists of specific facts about friendly intentions, capabilities, and activities vitally needed by the threat to plan effectively and to guarantee failure or unacceptable consequences for friendly mission accomplishment.

          (1) Determine what needs protection.

          (2) Identify key questions that threat officials are likely to ask about friendly intentions, capabilities, and activities, so they can obtain answers critical to their operational effectiveness. To determine sensitive aspects of our operations, ask "If known by the threat, what information and what actions could compromise friendly operations or identify us?"

          (3) Identify friendly force profile. The G3 and the G2 are responsible for developing friendly force profiles.

          (4) Avoid setting patterns.

     b. Conduct an analysis of threats.

          (1) Identify OPSEC vulnerabilities. It is absolutely necessary that you know the threat. This information will assist in determining vulnerabilities to the threat and it will become even more important when the time comes to implement countermeasures or deception measures.

          (2) Examine each part of the operation to find OPSEC indicators. Compare those indicators with the threat collection capabilities. A vulnerability exists when the threat can collect an indicator, correctly analyze the information, make a decision, and take timely action to degrade friendly operations.

     c. Conduct an analysis of vulnerabilities.

          (1) Identify possible OPSEC measures for each vulnerability.

          (2) Select at least one OPSEC measure for each vulnerability.

          (3) Assess the sufficiency of routine security measures (personnel, physical, cryptographic,   document, special access, and automated information systems). This will provide OPSEC measures for some vulnerabilities.

     d. Perform risk assessment. The purpose of this step is to select OPSEC measures for implementation. This step is designed to determine if a risk to an operation's success exists should the threat detect friendly indicators, patterns, or signatures. Only the commander responsible for the mission can make this decision. He must balance the risk of operational failure against the cost of OPSEC measures.

          (1) Consider the impact of an OPSEC measure on operational efficiency.

          (2) Consider the probable risk to mission success (effectiveness) if the unit does not implement an OPSEC measure.

          (3) Consider the probable risk to mission success if an OPSEC measure does not work.

          (4) Decide which, if any, OPSEC measures to implement and when to do so.

          (5) Check the interaction of OPSEC measures. Ensure that a measure to protect a specific piece of critical information does not unwittingly provide an indicator of another.

          (6) Coordinate OPSEC measures with the other elements of C2W.

     e. Apply appropriate countermeasures to deny threat information of specific friendly intentions, capabilities, and activities.

          (1) Implement measures that require immediate action. This applies to current operations as well as planning and preparation for future ones.

          (2) Document or task OPSEC measures by using an OPSEC annex to the OPLAN/OPORD.

          (3) Brief OPSEC requirements to planners, participants, and support personnel.

Note. OPSEC measures are command-directed actions executed by individuals, who must be aware of their responsibilities.

          (4) Monitor OPSEC measures during execution. Monitoring is a continuous process of evaluating intelligence and counterintelligence. It is necessary to monitor countermeasures for effectiveness because unevaluated countermeasures can lead to a false and dangerous sense of security.

          (5) Make adjustments to improve the effectiveness of existing measures. These adjustments are necessary to obtain the best protection for our military operations.

6. Define OPSEC review, assessment, and survey.

     a. OPSEC review is an evaluation of a document to ensure protection of sensitive or critical information.

     b. OPSEC assessment is an analysis of an operation, activity, exercise, or support function to determine the overall OPSEC posture and to evaluate the degree of compliance of subordinate organizations with the published OPSEC plan or OPSEC program.

     c. OPSEC survey is a method to determine if there is adequate protection of critical information during planning, preparations, execution, and post-execution phases of any operation or activity. It analyzes all associated functions to identify sources of information, what they disclose, and what can be derived from the information.

3 comments:

Anonymous said...

Timely article for REAL PATRIOTS to learn why OPSEC is important and how to use it to better prepare their own intelligence on the battle field of the coming Amerucan Civil war..

LEARN FOLKS, LEARN NOW while you have time. Your lives depend on it. Thanks Sgt Matt.

Sign me, Neal Jensen

Anonymous said...

Someone forgot what I did 40+ years ago COMINT (Communications Intelligence) for the Army Security Agency (a branch of the NSA) where all forms of communications were moniitored. Each and every morse code signal coming out of North Vietnam, Cambodia and China was being monitored (and recorded on a wide-band recorder) for the NSA to decrypt and analyze for any slip-ups in their messages. Every piece of paper I touched was marked TOP SECRET UMBRA and I did issue one CRITIC (in the President's hands immediately) regarding a B-52 shot down during Linebacker 2 where Hanoi was being bombed back in late 1972. I still have numerous scanners with a lot of frequencies stored to monitor (just for grins and giggles) to see what is going on. All it takes is for one stupid GOMER to slip up and let the cat out of the bag to what is going on and for patriots to be able to make a difference. We do live in interesting times.

Kenneth Moore said...

But what is the purpose for war to be make on the police whose duty it is to protect and serve the people of this country?

The purpose of the war on local law enforcement officers is to make the cost per individual law enforcement officer to severe a cost to pay (death, as seen in Dallas and elsewhere, is the severest cost, and the threat thereof is second) and cause mass resignations, or to cause them to stand-down from enforcing laws in the inner cities and urban areas all across the country. Look no further than the violence, death and crime statistics in Chicago to see how brilliantly this tactic is working.

It worked in the exact same manner against our all volunteer military during the Oval Office/State Dept. manufactured crisis in Benghazi, if we will recall. Mass dismissal from service of senior commanders followed by mass resignations from active duty followed thereafter. The tactic was literally proven on the battlefield in Libya. It worked again with two small naval patrol boats in the Persian Gulf.

Then turn around and realize that the unprecedented purchases in the millions upon millions of rounds of ammunition and the assault weapons which fire them has been for the purpose of arming to the teeth a step-in replacement force which is controlled by the same federal authority instigating the lawlessness: FEMA. This process has been ongoing for years and little attention was paid to it, but there it is, point blank in everyone's grille.