Developing and Exploiting Open Source Signals Intelligence

This post originally appeared on Brushbeater. Follow the links, they contain a large amount of information on Sino-Russian small unit communications systems. Systems which are also being built in Venezuela for their military and logically also equipping guerrilla forces.

The whole point of intelligence is exploitation- what we collect and refine must be actionable. If not, it does us no good. You can run around with your rifle and kit all day and accomplish exactly zero without a larger coordination and dedicated effort towards recognizing how to exploit weakness in one’s foe. That is, if you don’t get yourself killed. Reality holds that the intelligence cycle begins and ends for most prepper-types with maybe listening to a police scanner every now and then (mostly worthless until something serious is going on), checking social media, gossiping, and then checking your favorite blogs. This all fits in the collection box of the intelligence cycle. Most have put next to zero time focusing on the enablers that are many, many more times important than trigger pulling. There’s a reason I don’t write a lot about line unit tactics (UW is NOT just learning battle drills and how to conduct an L-shaped ambush) even though I could- there’s no need. There’s only so many times you can read about breaking contact or magazine dumps; all of that fun range stuff will become absolute hell because you didn’t take the time to work on the enablers & supporting tasks now. Not having to do that break contact because your dedicated signals collection guy on the patrol intercepted the OPFOR’s commo plan (because they were probably pretty sloppy) is a hell of a lot better than walking into an ambush. You might even get to lay one in for them and take their stuff. But don’t listen to me, I’ve only done this for real a few times.

IMG_1309Back in the early days of Brushbeater I wrote short blurbs about the importance of things called Data Books– which should be nothing new for veterans of more elite units out there and for Long Range Marksmen. But Data Books are not limited to recording Data On Previous Engagements (DOPE) on our weapon systems– it should also serve as a quick reference on a large number of topics for us as we operate in an area. Things that really come in handy, such as:

  • Flora and Fauna, both good and hazardous
  • Key Terrain Features, including Human, in the Area of Operations (AO)
    • Local gathering sites
    • Local persons of influence
  • Equipment recognition guide and data cards
  • Technology present in my AO

That last bit is critically important- there’s a reason every Intelligence agency has a technology analysis branch. We have to know what a potential adversary’s capabilities are, beginning with his principle enabler- communications. As I cover in the RTO course, advancements in radio technology being fielded in all areas is changing at a rapid rate. Civilian data in the US is publicly published. Even military data is not terribly hard- the specifics take some digging but glossing over but FCC Frequency Allocations gives a great starting point as to what can be found where. It might be a really good idea, and one I cover in class, to write down all of the license free band frequencies; you know, like the frequencies those MURS, FRS/GMRS, and Marine are actually on? That way if I happen to come across a group talking on 151.82mHz, I know know they’re on MURS 1 and can begin communications mapping of their capabilities.

Simple triangulation using three Listening Posts (LPs)

Wait, what? Communications Mapping is not at all a hard concept- I listen for you, write down where you’re transmitting and a compass bearing (if I can get it) while also writing down any other pertinent information. Things like callsigns, male/female voices, times, languages, accents, emotions, the level of training, and if they’re even hostile from the traffic itself are all items that can tell us the level of organization (or lack thereof) of our adversary. And while it sounds simple, it takes discipline and training to execute correctly and to also remember- you’ll be on the receiving end of this as well.

Finding information on systems used by other nations is not nearly as easy and requires either a bit of linguistics skills or extreme patience with google translate. But why would we even dedicate time to it? Because, there, sunshine, your gear is not the only ones that might pop up in your area of influence- your militia, “MAG”, NPT, or whatever you want to call it will all have a definite capability limit and if the world has went to pot bad enough for you to form the Wolverines, then there’s probably also going to be peacekeepers invited in by whatever body still holds the governmental reigns of power.

russian VHF

This is a Russian Army VHF radio, R-168-5UN-2E, filling the same role as our SINCGARS units. What’s significant is that its published frequency range is 30-107.975mHz, placing it in our broadcast FM radio range. Knowing this is vital to Partisan groups needing cheap early warning capability if facing users of Russian exported equipment.

I wrote a piece a long while back regarding the value of open source intelligence (OSINT) when it comes to technology of potential adversary nations. The links contained in that piece, written in 2015, either no longer work or have changed significantly to the present. Three years time does that. One of the things we should be doing is regularly staying on top of those changes as best we can. One way to do that is simply searching for foreign Infantry equipment- most nations today have the same operational security problems we do in the US- social media, competing contractors & corporate espionage, and good ol’ fashioned loose lips. Regardless, for those serious, a continuously updated data book needs to be maintained- hopeless tin foil shrieking doesn’t cut it. The info is out there for the dedicated.

Setting domestic politics aside, the attitude of many preppers and preparedness-oriented groups has shifted from a threat of foreign invasion to a domestic insurrection; candidly I conclude they’re both on the table, and not only likely but will work in tandem. If you think that the US is the only country exploiting the role of armed groups to cause discord in a target nation, you’re woefully behind the power curve and have missed a few points entirely. But what comes next? Just like with our adventures in regime change…er…the ‘Arab Spring’, those groups will be supplied by their benefactor along with varying degrees of technological support. The occupying military force will be present in an ‘advisory’ or ‘peacekeeping’ role to either manage the chaos or support the favored regime. Compare the roles of the major powers in the Syrian conflict and you’ll get the idea. That reality presents itself with an exploitative value especially in the realm of communications.

PLA chest rig.jpg

A recent picture of a Chinese Army Plate Carrier. Note the intersquad radio on the back. What is the frequency range? How might we exploit this?

But where to look? Search engines are our friends- particularly those with offshore servers and less of a political agenda. If I want to check out the new and upgraded equipment being fielded by the Chinese People’s Liberation Army (PLA), a great starting point is the dedicated forum (https://www.sinodefenceforum.com/) that has regular posts on a lot of new in-service equipment. Several threads in particular are showcasing all of the new Infantry stuff.

What’s interesting, at least to this former ground pounder, is that the equipment being issued among PLA ground forces is remarkably similar to our own- part of the Chinese modernization plan put in place by Premier-for-life Xi Jinping. What you see above is a new model plate carrier which looks nearly identical to the ones being issued to US forces since 2012. But more significant is the relatively simple radio on the back of the vest. By its length the antenna tells us it’s low-band VHF (30~88mHz) and its size and placement tells us its meant for inter-squad use. Folks that have been to any of my classes know why a radio on the back is a pretty bad idea, if it wasn’t common sense already. Seeing something like this pop up in our AO tells us quite a bit about a group’s benefactor. It’s the pocket lint that matters- the small details you’d otherwise miss.

russian_SOFlayout2.jpg

ISIS captured Russian SOF loadout from Syria. Note the two radios.

The Chinese are not alone- Russia has rapidly modernized several of its ground forces’ enablers, readily seen in this layout from a captured Russian Special Operations Forces loadout in Syria. Looking to overseas sources, this layout of kit becomes pretty impressive- not just the IWT 640 Thermal Sight on the weapon, but the seemingly lightweight communications gear he was carrying. The handheld appears to be in the R-168 family of equipment and a quick reference tells us that it’s 146-174mHz. We know that it’s used to coordinate with other teams on the ground. The larger radio (bottom right) appears to be a R-168-5UN-1E, with a frequency  range of 30-87.975mHz. The set itself is a smaller version of this radio: R-168-5UN-2E.

View of a military radio produced at CAVIM Venezuelan military factory in Maracay, Venezuela on March 8, 2016. (Photo credit: FEDERICO PARRA/AFP/Getty Images)

I’ve got a lot of information and resources embedded in this text, but since the end state of intelligence is exploitation, how does it factor into our planning? The real objective of military equipment production is export sales. BRICS is a very real thing- and economic alliances are followed by military lend-lease ones. As factions galvanize on a conflict they’re provided support at some point from a sponsor nation. Since small arms are actually the simplest part of the equation (might be a shock to some of you) the more sophisticated equipment that provides purpose and direction needs a bit more attention on your part. You may not be able to counter it, but like a good judo form, learn the tell tale signs of its signature in your area by listening (and watching) and you’ll have an early warning that they’re roaming your AO- the biggest enabler I can think of- but it takes discipline and training. Find and Fix is the watchword of the guerrilla.

Remember again that the whole point of intelligence is exploitation- what we collect and refine must be actionable. If not, it does us no good. It begins with mapping the signals in your area and putting a label on it; it doesn’t have to be fancy, but you should know what goes where. Once you’ve found a signal, start trying to find the other data on it and what that exploitative value might be. Fortunately for you, we’ve got a class lined up in the Spring focusing on building these skills in a live environment.

Share This Story, Choose Your Platform!

About the Author: admin

5 Comments

  1. Anonymous January 14, 2019 at 13:07

    4.5

  2. Anonymous January 14, 2019 at 15:02

    5

  3. Mr. Prepper January 14, 2019 at 21:49

    Great article. I’ve spent a couple of hours reading it, researching, downloading the links & using my Russian electronic translating device/dictionary! By the way, what is the name of the antenna on your Yaesu VX-6. I have the FT-70 & would like to replace the rubber duck with something a lot better. Also what is the name of the receiver next to it? Many thanks & keep churning out more great stuff.
    “73”

    • NC Scout January 14, 2019 at 22:23

      Thanks man. It’s an MFJ-1717 long whip for the antenna and an Alinco DJ-X11T on one side and AOR AR-mini on the other.

  4. Reverend Bow May 7, 2019 at 18:14

    NC Scout,

    Great article as always. Good information for getting an idea of who is using what chunk of the frequencies.

Comments are closed.

GUNS N GEAR

Categories

Archives