ANALYSIS: The news of a so-called “Chinese spy balloon” being shot down over the US has reignited interest in how nation-states spy on one another.
It’s not confirmed that the balloon, seen floating over US military areas, was indeed a dedicated vessel for spying. China has claimed it was a “civilian airship” deployed for weather research and blown off-course by the wind. Nonetheless, the very threat of potential spycraft has the US up in arms.
And that makes sense. The significance of intelligence can’t be overstated. Nations make important political, economic and military decisions based on it.
While people may chuckle at the idea of using a balloon to passively float above a country to spy on it, the reality is anything goes when it comes to getting the upper hand on your adversaries. So what are some other ways nations collect intelligence today?
One major intelligence collection strategy is signals intelligence. This involves using a variety of ground- and space-based technologies to target the signals and communications coming from a target’s device/s. The results, called the “product”, often reveal highly sensitive information, which explains why signals intelligence is also the most contested form of espionage.
Countries that turn this capability inward face mounting criticism from those caught in the net, and from citizens concerned with privacy. In 2013, Edward Snowden disclosed the US National Security Agency’s use of signals intelligence for bulk data collection from the public. The US government has since worked to convince citizens the NSA’s efforts are largely focused on external collection. The White House also recently published an executive order on this topic.
Geospatial intelligence concerns human activity on and beneath the ground, including waterways. It’s generally focused on military and civilian construction, human movements (such as movement of refugees and migrants) and natural resource use. Geospatial intelligence exploits information obtained through satellites, drones, high-altitude aircraft and, yes, even balloons!
Spy balloons can collect not just images and signals, but also chemical analyses of the air. They aren’t common, since this approach lacks plausible deniability and (as we have seen) balloons are easily observed and shot down. On the other hand, they do offer a low radar signature, are cheap and can seem innocuous.
Closely related to geospatial intelligence is imagery intelligence, which is also often conducted using satellites, drones and aircraft.
This is intelligence derived from the overhead collection of images of civilian and military activities. Imagery intelligence often focusses on the strategic movements of troops and weapons systems, and specifically targets military bases, nuclear arsenals and other strategic assets.
Measurement and signature intelligence
One highly technical form of intelligence collection – and one that’s rarely mentioned – is measurement and signature intelligence. This is intelligence derived from the electromagnetic signatures of rockets, command and control systems, radar and weapons systems, and other military and civilian equipment.
The data collection is done using high-tech instruments, designed specifically to identify and categorise the electromagnetic emanations. Among other things, this form of intelligence collection allows for the remote identification of weapons deployments and detailed information on space platforms.
Cyber intelligence is generally lumped together with signals intelligence, but is distinct in that it uses direct human interaction (such as through hackers) to penetrate protected systems and gain access to data.
Cyber intelligence refers to the overt and covert collection of information from friendly and adversarial networks. It can be obtained through signals collection, malware, or through hackers gaining direct unauthorised access into systems. Nations may even target their own allies’ networks.
One example of cyber intelligence was the 2015 data breach of the US Office of Personnel Management. This breach was designed to collect all the available information on US government and military personnel who had been screened for a security clearance.
Open source intelligence
The newest of the intelligence collection disciplines is open source intelligence. Emerging in the late 1980s, open source information comes from a variety of primary sources such as newspapers, blogs, official postings and reports, and secondary sources such as leaks on sites including WikiLeaks, The Intercept and social media.
Although this information is readily available, turning it into actionable intelligence requires specific tools such as web scrapers and data miners, as well as trained analysts who can find connections between large datasets.
Human intelligence is the oldest form of intelligence collection and perhaps the most well-known. Spies are generally divided into three categories:
- declared intelligence officers (overt)
- people working under official cover, such as spies working as diplomats, military personnel and embassy/civilian support personnel
- non-official cover spies, often ostensibly working in commercial, academic and trade positions.
Human intelligence officers will recruit citizens of a country to spy, wittingly or unwittingly, and run agents (co-operating citizens of a host nation) to support the strategic objectives of their nation.
Thanks to the internet and dark net, we now have cyber-based human intelligence that allows spies to assess, recruit and operate assets and sources from the safety of their home nation. This is even happening on LinkedIn.
While intelligence collection disguised as a stray weather balloon seems rather sloppy, the latest events remind us of the constant war for information that nations are waging. Analysts following the war in Ukraine are reviewing reams of information to compare Russian, Chinese and Iranian weapon systems with those of Ukraine and its Nato supporters.
As the world continues to face new challenges, including climate change and the rapid development of new technologies, the intelligence focus of nations will likely need to expand to keep up.
Dennis B. Desmond is a Lecturer in Cyberintelligence and Cybercrime Investigations at the University of the Sunshine Coast.