What is the most effective type of counterintelligence (CI) for the United States Intelligence Community (USIC) to use against espionage threats against the United States? As I mentioned in the first part of this series, there are basically two base types of counterintelligence operations, defensive and offensive. Defensive CI operations in the United States largely consists of reactive and preventative measures and begins by looking for weaknesses and vulnerabilities in an American organization that could easily be exploited, and finding ways to build defenses against for those disadvantages. With offensive counterintelligence—also known as counterespionage operations go beyond being reactive by pre-emptively compromising a hostile intelligence organization’s personnel and resources. The operations are focused on actively collecting intelligence on these organizations by recruiting agents within their service that have information, acting upon that information, and disrupting or undermining their operations.
In the first part of this series I took a look at the type of counterintelligence method that is the most acceptable in relation to American political philosophy and culture, and that will give personnel concerned with counterintelligence the ability to accept a possible change in attitude and function without conflicting with core personal beliefs or values. For the second part of this article series, I will look at the method thathas proven to function the most effectively against foreign intelligence collection operations. Lastly I will explore which type of operation is the most cost effective to implement within the United States government and infrastructure.
Which method has proven to function the most effectively against foreign intelligence collection operations? The most object way toward an answer is to explore historical cases involving both defensive and offense CI operations.
The choice to use defensive counterintelligence methods has proven at times to be useful and successful, but largely has been insufficient. The cases of Aldrich Ames, Robert Hanssen, Jeffrey Carney, Larry Wu-Tai Chin, William Kampiles, the Walker spying clan and Earl Pitts can all be considered defensive counterintelligence failures. Institutional security and risk-management practices within their respective organizations were not adequate enough to reveal their espionage activities, even though many of them were careless at times. It is notable that nearly all of these spies were brought down by information collected from defectors and double-agent operations, both associated with offensive counterintelligence operations that actively collected intelligence on Russia (Gertz 2006, 138). For example, Larry Wu-Tai Chin was revealed after an official of China’s Ministry of State Security began working secretly for the CIA before defecting to the United States.
There are however, distinct historical successes with defensive CI methods. In 1996 Harold James Nicholson came to the attention of American counterintelligence agents when he failed a routine polygraph examination during the mole hunt following the Arrest of Aldrich Ames (CIA-FBI Press Release 1996). Ronald Pelton compromised Operation Ivy Bells, an NSA and US Navy program to secretly wiretap undersea cables to monitor Soviet military communications and track Soviet submarines. The removal of the recording cassettes indicated to the Navy that the project had been compromised. When he was interrogated in 1985 along with a 100 others, he confessed to spying for Russia (Richelson 1995, 393-4). In addition to the two aforementioned cases, an incident at the American Embassy in Moscow displays how American technological superiority may allow defensive counterintelligence to successfully deter and detect foreign spying efforts. Corporal Arnold Bracy claimed that the embassy had been much more significantly compromised then Sergeant Clayton Lonetree originally claimed. However, “aseries of secret sensors that were hidden inside the embassy – a crucial fact unknown to the Marine guards—provided date stamps of room access and could track the guards movements. Additional systems protected other sensitive areas. ‘There was a whole panoply of things around the embassy, none of which showed any evidence of penetration'” (Peterzell 1989).
As was stated before, offensive CI operations go beyond being reactive. They are focused on actively collecting intelligence on hostile intelligence services by recruiting agents in the foreign service that have information, acting upon that information, and disrupting their operations. Historical examples have proven to view most offensive CI operations favorably for a number of reasons. First of all, unlike defensive CI, many counterespionage operations involving intelligence collection are not part of the public record, and failed operations are not always known. Second, the very method of operation and function involved with offensive CI is preemptive, taking measures against Russian intelligence collection activities. This means that even if an offensive CI operation fails, American national security is not necessarily compromised, unlike breaches in defensive security, which are often made public by leaks to the media.
Examples of failed offensive CI operations exist, albeit a bit ambiguously, and can be embarrassing along with counterproductive to foreign relations. In the case of Cheri Leberknight, who has been reported as a CIA counterintelligence agent, and caught by Russian FSB agents trying to get information from a Russian citizen and in possession of “spy paraphernalia,” such as maps of meeting places, equipment designed to detect communication between surveillance agents, and equipment used for writing invisible messages (Hoffman and Pincus 1999). The event cooled relations between Russia and the United States as espionage cases always do, but Leberknight being caught did not compromise the security at the American embassy in Moscow. There is also the case of the US Army Counter Intelligence Officer Arrested in Moscow in September of 2006. The details of the arrest are suspect, with the article hinting that the man was arrested for another purpose, perhaps for conducting offensive counterintelligence operations (AIA 2006). In addition, as with all intelligence collection against Russia, offensive CI operations may be outlets for Russian misinformation. Defectors may be double agents for Russia, purposely sending CI agents on needless investigations in pursuit of the wrong suspect. However, this can happen with ad hoc investigations following security breaches at intelligence organizations as well.
So which method has proven to function the most effectively against foreign intelligence collection operations?Offensive counterintelligence operations are directly linked to the actual discovery and apprehension of the most damaging spies and moles in recent history. Defensive counterintelligence investigations often failed to reveal any leads or capture spies, while information actively sought from human assets in foreign intelligence organizations lead to the successful capture of the who’s who of spies: Aldrich Ames, the Walker family, Earl Pitts, Chi Mak, Jeffrey Carney, William Kampiles, Larry Wu-Tai Chin, and Robert Hanssen.
No other country in the world uses technology to spy to the extent that the United States does. Most if not all still rely heavily on people as their main form of intelligence collection and the best way to counter that form on intelligence collection is with counterespionage, which is a synonym for proactive counterintelligence operations.