American Partisan: SIGINT for Everyone

NC Scout at American Partisan has an informative article up, Signals Intelligence: Capabilities for Anyone, discussing readily available and simple equipment that anyone can use to build their signals intelligence capabilities. Signals intelligence is one of the best, if not the best, ways to know what is going on around you, whether that is in the aftermath of a disaster or during a civil disturbance/conflict.

One of the points I’ve stressed for a long time is the value found in using simple equipment to the maximum of its potential. Whatever it might be optics to weapons to electronics, my own combat experience has fostered an appreciation for Keeping it Simple, Stupid. And that’s the very paradigm I teach my class from–taking what’s common and simple to understand and learning the techniques of using it to its peak potential. The same is true for building signals intelligence capabilities among preppers and/or potential partisans. Not that long ago the RAND Corporation published a white paper on the very topic; what they found was that not only does the capability exist to monitor most real-world threats in any given environment, anyone can do it.

During our market scan, we found examples of SIGINT capabilities outside of government that are available to anyone. The capabilities we found have applications in maritime domain awareness; radio frequency (RF) spectrum mapping; eavesdropping, jamming, and hijacking of satellite communications; and cyber surveillance. Most of these capabilities are commercially available, many are free, and some are illegal. In our view, the existence of both legal and illegal markets and capabilities results in an environment where SIGINT has been democratized, or available to anyone.

(Weinbaum, Berner and McClintock, 2017)

From experience monitoring the Taliban on a decade old Radio Shack Pro-96 in Afghanistan, an undisciplined adversary will usually tell you everything you want to know over the air. Even if he thinks he’s secure with electronic encryption, the presence of the signal itself can be detected as soon as he keys up. After working with several private groups and teaching techniques to not get found in my RTO Course, I can positively say that a lot of people are at a distinct disadvantage in the communications department not through equipment but through a complete misunderstanding of the actual function of their gear. As anyone who’s trained with me knows, tactical communications is a whole other animal from nearly everything folks think they know. The first rule of Signals Counterintelligence is to have a competent plan and not set patterns. But what about collection? Those same mistakes we aim to correct through training are likely to be repeated by the opposing force. Even if they have all the technical enables in the world, a lot can be done with basic equipment…

Click here to read the entire article.

Related:

Sparks 31: Low Level Voice Intercept

Sparks 31: Indicator Frequencies

The above links are now gone. Below are the recovered content of the two articles.

LLVI – Low Level Voice Intercept

That intercept operator from the 513th MI Brigade is using an AOR AR8200. A good choice for a wideband portable if you can afford it. Considering what some of you spend on an M4orgery that won’t see half the action a communications receiver in the hands of a competent operative will see, the AOR is a bargain. However, now that events have gone to a slow boil in the US, and that this is a come-as-you-are party, you just have to run what you brung.

Low-Level Voice Intercept (LLVI) is exactly what what the name implies. It’s performing point and sector searches for voice communications, and something scanner hobbyists have been doing for decades. Even if all you have is a cheap Chinese HT, you can still run LLVI as it receives the VHF-high and UHF land mobile bands just fine. I’ve actually had students in previous classes do that, and they managed just fine.

Here are some examples of less-expensive gear you’d use for LLVI. The receiver on the left is a Whistler WS1040. No surprises there. It covers all the necessary bands, does P25 Phase I, trunking, and has Spectrum Sweeper. To the right is an Alinco dual-band (2m/440) HT that has some extended receive coverage up to ~900 MHz. They both have 1/8″ audio jacks for plugging in headphones. I run them right into my amplified shooting earmuffs that conveniently have a 1/8″ audio jack input. It serves both to keep the noise level down at a field LP, and let you hear what’s going on around you. A notebook for logging and keeping useful reference material handy. Spare batteries, writing instrument, and something to hold it all that I found at a local army/navy store.

Go visit Radioreference.com to get frequency data for your point and sector searches, use online mapping will show you places that are located above your average terrain for listening. Gear up, take a quick hike, do some listening, and enjoy the view.

Indicator Frequencies

Via a suggestion from my friend “GDJ”. Here is a list of common indicator frequencies. They are FCC-allocated for public safety intersystem, interoperability, or mutual-aid use. They are usually quiet until something big (involving multiple jurisdictions) happens. That’s what makes them indicator frequencies.  Most of the time they will be analog FM, which means any old flea market special police scanner can be tasked with monitoring them.
While these are the official FCC allocated frequencies for this purpose, that doesn’t necessarily mean a region will be using them. Do your research.Indicator Frequency List
39.46 – Police Intersystem
39.48 – Fire Intersystem
45.86 – Police Intersystem
45.88 – Fire Intersystem
121.500 – Aeronautical “Guard” (AM)
154.2650 – Fire Intersystem
154.2800 – Fire Intersystem
154.2950 – Fire Intersystem
155.1600 – Search and Rescue Common
155.3400 – EMS Mutual Aid
155.4750 – Law Enforcement Mutual Aid
155.7525 – National Interoperability Calling
453.2125 – National Interoperability Calling
851.0125 – Mutual-Aid Calling

Sparks31: Monitoring Exercise/Contest, Dec. 7, 2018

Sparks31 has announced a monitoring exercise (MONEX) for the anniversary of the Pearl Harbor attack, December 7th, 2018. Participants will be entered into a drawing for a free 2019 class of his. A MONEX is a good way to gain familiarity with using your equipment, listening for signals, and recording activity within your listening range. Sparks31 has at least a couple of classes in Washington state, including one in the Yakima valley, in 2019.

MONEX: Pearl Harbor – 07DEC2018

MONEX: Pearl Harbor

Date/Time

07DEC2018 – 0000-2359 UTC
Equipment Required
SSB/CW/digital HF receiving capability from 1600-28000 KHz.
Procedure
  • User selects frequency range(s) from Table 1, above.
  • User performs band/sector searches on selected frequency ranges for at least 1 hour during time frame specified.
  • User logs following data: DATE, TIME, FREQUENCY, MODE, CALLSIGNS(?), TRAFFIC, MISC NOTES/COMMENTS
  • User posts log as a comment to this post, and via email to sparks31wyo@gmail.com.

All qualifying participants will be entered into a drawing for one (1) free admission to any one 2019 Class. To qualify, at least three complete log entries must be submitted.

Click here for more details at Sparks31.

Brushbeater: Developing, Exploiting Signals Intelligence

NC Scout at the Brushbeater blog has an article up, Developing and Exploiting Open Source Signals Intelligence, in which he discusses the types of information that you should be collecting now for your data books on local communication capabilities as well as foreign.  A third of Americans expect a civil war in the next five years. If a civil war indeed happens, then it’s likely there will be foreign meddling. It’s easier to find out information about capabilities now than during any hostilities.

IMG_1309…Back in the early days of this blog I wrote short blurbs about the importance of things called Data Books– which should be nothing new for veterans of more elite units out there and for Long Range Marksmen. But Data Books are not limited to recording Data On Previous Engagements (DOPE) on our weapon systems– it should also serve as a quick reference on a large number of topics for us as we operate in an area. Things that really come in handy, such as:

  • Flora and Fauna, both good and hazardous
  • Key Terrain Features, including Human, in the Area of Operations (AO)
    • Local gathering sites
    • Local persons of influence
  • Equipment recognition guide and data cards
  • Technology present in my AO

That last bit is critically important- there’s a reason every Intelligence agency has a technology analysis branch. We have to know what a potential adversary’s capabilities are, beginning with his principle enabler- communications. As I cover in the RTO course, advancements in radio technology being fielded in all areas is changing at a rapid rate. Civilian data in the US is publicly published. Even military data is not terribly hard- the specifics take some digging but glossing over but FCC Frequency Allocations gives a great starting point as to what can be found where. It might be a really good idea, and one I cover in class, to write down all of the license free band frequencies; you know, like the frequencies those MURS, FRS/GMRS, and Marine are actually on? That way if I happen to come across a group talking on 151.82mHz, I know know they’re on MURS 1 and can begin communications mapping of their capabilities.

Wait, what? Communications Mapping is not at all a hard concept- I listen for you, write down where you’re transmitting and a compass bearing (if I can get it) while also writing down any other pertinent information. Things like callsigns, male/female voices, times, languages, accents, emotions, the level of training, and if they’re even hostile from the traffic itself are all items that can tell us the level of organization (or lack thereof) of our adversary. And while it sounds simple, it takes discipline and training to execute correctly and to also remember- you’ll be on the receiving end of this as well

Read the entire article by clicking here.

 

Related:

Brushbeater’s Signals Intelligence Resources

Brushbeater’s SIGINT for the Small Unit

Forward Observer Interview with Sparks 31 on Communications Monitoring

Selco: Observe and Prepare for the Confusion, Panic, & Mayhem of SHTF

Numbers & Oddities frequency database and files

Electrospaces blog on SIGINT and telecommunication security

Sparks31: SIGINT and COMINT

Why such an emphasis on SIGINT, and in particular COMINT?

It is a good solution for two problems everyone needs to solve. The problems being a short and long term way to get useful information that you can then turn into tactical and strategic intelligence…There are many ways you can answer these questions. One of the easiest is with COMINT. Tactical COMINT is easy. It doesn’t take much to listen for interesting dispatch calls. Strategic is not hard either. It just takes listening and taking notes over a period of time.