Actions

COMINT::Signals intelligence

::concepts

Signals::title    ELINT::sigint    Which::signal    Radio::their    Other::german    COMINT::first

COMINT {{#invoke:redirect hatnote|redirect}}{{#invoke:Hatnote|hatnote}} COMINT (Communications Intelligence) is a sub-category of signals intelligence that engages in dealing with messages or voice information derived from the interception of foreign communications. It should be noted that COMINT is commonly referred to as SIGINT, which can cause confusion when talking about the broader intelligence disciplines. The US Joint Chiefs of Staff defines it as "Technical information and intelligence derived from foreign communications by other than the intended recipients".<ref name=JP1-02 />

COMINT, which is defined to be communications among people, will reveal some or all of the following:

  1. Who is transmitting
  2. Where they are located, and, if the transmitter is moving, the report may give a plot of the signal against location
  3. If known, the organizational function of the transmitter
  4. The time and duration of transmission, and the schedule if it is a periodic transmission
  5. The frequencies and other technical characteristics of their transmission
  6. If the transmission is encrypted or not, and if it can be decrypted. If it is possible to intercept either an originally transmitted cleartext or obtain it through cryptanalysis, the language of the communication and a translation (when needed).
  7. The addresses, if the signal is not a general broadcast and if addresses are retrievable from the message. These stations may also be COMINT (e.g., a confirmation of the message or a response message), ELINT (e.g., a navigation beacon being activated) or both. Rather than, or in addition to, an address or other identifier, there may be information on the location and signal characteristics of the responder.

Voice interception

A basic COMINT technique is to listen for voice communications, usually over radio but possibly "leaking" from telephones or from wiretaps. If the voice communications are encrypted, traffic analysis may still give information.

In the Second World War, for security the United States used Native American volunteer communicators known as code talkers, who used languages such as Navajo, Comanche and Choctaw, which would be understood by few people, even in the U.S. Even within these uncommon languages, the code talkers used specialized codes, so a "butterfly" might be a specific Japanese aircraft. British forces made limited use of Welsh speakers for the same reason.

Modern electronic encryption does away with the need for armies to use obscure languages, it is possible that some irregular groups might use rare dialects that few outside their ethnic group would understand.

Text interception

Morse code interception was once very important, but Morse code telegraphy is now obsolete in the western world, although possibly used by special operations forces. Such forces, however, now have portable cryptographic equipment. Morse code is still used by military forces of former Soviet Union countries.

Specialists scan radio frequencies for character sequences (e.g., electronic mail) and fax.

Signaling channel interception

A given digital communications link can carry thousands or millions of voice communications, especially in developed countries. Without addressing the legality of such actions, the problem of identifying which channel contains which conversation becomes much simpler when the first thing intercepted is the signaling channel that carries information to set up telephone calls. In civilian and many military use, this channel will carry messages in Signaling System 7 protocols.

Retrospective analysis of telephone calls can be made from Call detail record (CDR) used for billing the calls.

Monitoring friendly communications

More a part of communications security than true intelligence collection, SIGINT units still may have the responsibility of monitoring one's own communications or other electronic emissions, to avoid providing intelligence to the enemy. For example, a security monitor may hear an individual transmitting inappropriate information over an unencrypted radio network, or simply one that is not authorized for the type of information being given. If immediately calling attention to the violation would not create an even greater security risk, the monitor will call out one of the BEADWINDOW codes<ref>{{#invoke:citation/CS1|citation |CitationClass=web }}</ref> used by Australia, Canada, New Zealand, the United Kingdom, the United States, and other nations working under their procedures. Standard BEADWINDOW codes (e.g., "BEADWINDOW 2") include:

  1. Position: (e.g., disclosing, in an insecure or inappropriate way, "Friendly or enemy position, movement or intended movement, position, course, speed, altitude or destination or any air, sea or ground element, unit or force."
  2. Capabilities: "Friendly or enemy capabilities or limitations. Force compositions or significant casualties to special equipment, weapons systems, sensors, units or personnel. Percentages of fuel or ammunition remaining."
  3. Operations: "Friendly or enemy operation – intentions progress, or results. Operational or logistic intentions; mission participants flying programmes; mission situation reports; results of friendly or enemy operations; assault objectives."
  4. Electronic warfare (EW): "Friendly or enemy electronic warfare (EW) or emanations control (EMCON) intentions, progress, or results. Intention to employ electronic countermeasures (ECM); results of friendly or enemy ECM; ECM objectives; results of friendly or enemy electronic counter-countermeasures (ECCM); results of electronic support measures/tactical SIGINT (ESM); present or intended EMCON policy; equipment affected by EMCON policy."
  5. Friendly or enemy key personnel: "Movement or identity of friendly or enemy officers, visitors, commanders; movement of key maintenance personnel indicating equipment limitations."
  6. Communications security (COMSEC): "Friendly or enemy COMSEC breaches. Linkage of codes or codewords with plain language; compromise of changing frequencies or linkage with line number/circuit designators; linkage of changing call signs with previous call signs or units; compromise of encrypted/classified call signs; incorrect authentication procedure."
  7. Wrong circuit: "Inappropriate transmission. Information requested, transmitted or about to be transmitted which should not be passed on the subject circuit because it either requires greater security protection or it is not appropriate to the purpose for which the circuit is provided."
  8. Other codes as appropriate for the situation may be defined by the commander.

In WWII, for example, the Japanese Navy, by poor practice, identified a key person's movement over a low-security cryptosystem. This made possible Operation Vengeance, the interception and death of the Combined Fleet commander, Admiral Isoroku Yamamoto.


Signals intelligence sections
Intro  History  Technical definitions  Disciplines shared across the branches  COMINT  [[Signals_intelligence?section={{safesubst:#invoke:anchor|main}}Electronic_signals_intelligence|{{safesubst:#invoke:anchor|main}}Electronic signals intelligence]]  SIGINT versus MASINT  Legality  See also  References  Further reading  External links  

COMINT
PREVIOUS: Disciplines shared across the branchesNEXT: [[Signals_intelligence?section={{safesubst:#invoke:anchor|main}}Electronic_signals_intelligence|{{safesubst:#invoke:anchor|main}}Electronic signals intelligence]]
<<[[Signals_intelligence?section={{safesubst:#invoke:anchor|main}}Electronic_signals_intelligence|>>]]