Operations security (OPSEC) includes essential security measures. These are used to deny the enemy information about planned, ongoing, and completed operations. Threat forces will use many intelligence sources in an effort to get information. They try to determine the location, capabilities, and intentions of US units. Their sources include ground reconnaissance, aerial reconnaissance, and signal intelligence elements. US forces, including Stinger sections, must therefore use OPSEC techniques and procedures. They try to neutralize the Threat intelligence collection effort. These techniques and procedures include deception, information security, physical security, signal security and electronic counter-countermeasures. This appendix covers OPSEC procedures used by Stinger units.
The Threat knows that he must first destroy or neutralize our air defenses before he can successfully use his airpower. Air defense suppression is an effort to destroy or reduce the effectiveness of AD weapons so that coordinated air-ground operations can be completed. Before the Threat can attempt to suppress our AD weapons, including Stinger, he must first determine where they are located. He has many methods in which to do this.
Human intelligence (HUMINT) is the use of people to gather information. These people can be members of the local population, or enemy ground and air observers. They can also be enemy intelligence agents disguised as friendly troops or civilians. Loose talk, information posted on maps and vehicle windshields, and written materials improperly safeguarded are all collected through HUMINT.
Signal intelligence (SIGINT) is the use of devices to intercept and monitor our communications-electronics (C-E) systems. This includes both radio and radar systems. SIGINT is done in peacetime as well as wartime.
Photographic intelligence (PHOTINT) is the use of photographic equipment aboard airborne platforms to gain information. PHOTINT, to include infrared imagery, is the most widely used detection method. It provides a permanent record of the exact details of an area. It also permits long-term comparisons to find changes in detail. PHOTINT is the most accurate means of pinpointing target locations.
ELECTRONIC WARFARE SUPPORT MEASURES
Electronic warfare support measures (ESM) are one of the three classes of electronic warfare (EW). The other two classes of EW are electronic countermeasures (ECM) and electronic counter-countermeasures (ECCM).
ESM entails the search, interception, identification, and location of C-E emitters. ESM is often confused with SIGINT, which is concerned with monitoring of C-E emitters for intelligence information. ESM, however, is concerned with identifying and locating the emitters, and includes both ground and airborne radio direction finding (RDF).
The enemy can pinpoint radio/radar transmitter locations by using direction finding equipment. The enemy's RDF equipment can locate any radio that transmits. That is, if there is line of sight between the RDF and the radio. This appendix describes only those aspects of electronic warfare which affect Stinger communications and those OPSEC measures which Stinger personnel can use to operate on the electronic warfare battlefield.
After the Threat has located and identified a site, he will try to suppress that site. Remember, AD suppression includes all efforts designed to either reduce AD effectiveness or destroy ADA systems. The Threat will try to do this through physical suppressive attacks and electronic warfare.
The Threat can physically attack an ADA system in three ways --
Electronic countermeasures are all actions taken to reduce an enemy's use of the electromagnetic spectrum. ECM described herein are those applied to radios.
The two ECM means that the Threat will use to do this are deception and jamming. Deception is the introduction of signals into a radio to deceive the operator. Jamming is the introduction of signals into a radio to hide or override actual information.
Once the Threat has a clear picture of friendly communications networks, he will try to enter certain nets disguised as a friendly station. This is known as "imitative communications jamming (ICD)." The Threat will use language experts who speak with the latest slang and accent, and are thoroughly drilled in communications procedures. ICD agents are good and they are believable, If they are accepted into a Stinger net, they will direct you to fire at friendly aircraft, drive into ambushes, and displace to the wrong position.
All the Threat needs to jam a radio is a transmitter tuned to the frequency of the Stinger net, with enough power to override the signal at the receiver. Threat can use many types of jamming signals against Stinger team radios. The more common of these are described below. Don't try to memorize them; just be aware that they and others exist. When reporting jamming, it's more important to describe it accurately than to identify it by name. Following are types of jamming signals that may be used against you.
TYPES OF JAMMING SIGNALS
Although any transmitter can serve as a jammer, certain types of jamming signals such as those shown below have been considered more effective.
Jamming is an effective way to disrupt control of the battle.
The enemy normally will employ three types of jamming:
You can use five classes of countersuppression measures to increase your survivability and operate on the EW battlefield.
Deception includes measures which prevent the Threat from spotting a pattern in a unit's actions. Examples of deception techniques are --
Camouflaging Equipment and Personnel. The most important means of avoiding visual detection is through camouflage and concealment of equipment and personnel. FM 5-20 provides a complete reference for all aspects of camouflage. However, the key points to remember are to break up the silhouette or pattern of equipment, and reduce glare.
The pattern of the equipment can be broken up by pattern painting, using natural vegetation, and by using the current series of camouflage nets. These nets will break up both the visual and the IR patterns of the equipment. Keep the camouflage natural looking. In fast moving operations, watch for changing vegetation and change your camouflage accordingly.
Glare can also be reduced by pattern painting and by covering reflective surfaces. Windshields, mirrors, lights, and light-colored surfaces all reflect sunlight to some extent and can be seen by the enemy at far distances.
Displacing Frequently. Movement is the most important means for Stinger teams to defeat AD suppression. Teams should select alternate positions at least 200-300 meters from the primary position and displace to them when necessary. Whenever possible, teams should move at night and during periods of reduced visibility. This will maximize concealment and capitalize on decreased enemy air activity.
Preparing False Positions and Using Decoys. The Threat can be fooled if something can be made to look like a real item of equipment. Stinger equipment is relatively small, therefore, decoys can be simple. Anything resembling a 1/4-ton truck can be used: boxes, framework and netting nailed together so that from a distance the outline of the vehicle is seen. Decoys can be as sophisticated as inflatable 1/4-ton trucks, complete with false RF emitters. When using decoys, leave one or two items partially exposed to attract the attention of the Threat. Dummy positions will work only if the real position is well camouflaged.
Information security measures are taken to prevent disclosure of operational information through written, verbal, or graphic means. The most important information security measures to take are to restrict personnel entry into operational areas and to restrict the release of operational documents and information. These measures will safeguard against unintentional release of data important to the enemy. Other information security techniques to be used are --
Stinger sections and teams take all available active and passive security measures consistent with the enemy threat. Active measures include establishing listening posts, observation posts, and minefield. Passive measures include the use of cover, concealment, and field fortifications. Deployed teams rely primarily on passive measures. This is because they lack enough personnel to independently implement active measures. Stinger teams should assume positions which are offset from the supported unit to the maximum extent possible. The positions should be consistent with the tactical and technical requirements of the Stinger weapon system. The purpose of this dispersion is to avoid being targeted by association when the defended force comes under direct or indirect fire. In addition, each Stinger section and team uses challenge and password, foxholes, sandbags, and defilade positions.
Remember when constructing fortifications, not to violate the principles of camouflage and concealment. Make your fortifications blend into the terrain by disposing of freshly dug earth and covering them with foliage or netting.
Signal security (SIGSEC) protects operational information through the practice of communications security (COMSEC) and electronic security (ELSEC) techniques COMSEC techniques include the use of communications codes, secure radio equipment, and proper RATELO procedures. ELSEC techniques include radio and radar emission control (EMCO) measures. Specific COMSEC and ELSEC techniques you can use are --
ELECTRONIC COUNTER-COUNTERMEASURES (ECCM)
ECCM are methods used to reduce or eliminate the effects of an enemy's countermeasures, or ECM. How effective these methods are depends on the operator as well as his equipment. Good equipment is useless in the hands of untrained personnel. Remember, "surprise and panic are the greatest threats in the area of electronic warfare." Only through constant training and drill can an operator gain confidence and realize the full capabilities of his equipment.
Radio ECCM are countermeasures for imitative communications deception (ICD) and radio jamming. Message authentication is the best way to prevent imitative communications deception. Radio operators are required to authenticate when --
If an operator is not sure that authentication is required, he should challenge! If a station takes more than 20 seconds to authenticate, rechallenge! Why 20 seconds? Because a Threat agent will try to contact some other station and have it respond to that same challenge. Once he gets the answer, he'll call back and blame the delay on some equipment failure.
The first thing for Stinger radio operators to do when they experience radio interference is to determine its source. Is the interference unintentional, or is it radio jamming?
Interference may be caused by atmospheric disturbances, local interference, weak signals, or enemy jamming.
Jamming may take many forms and may, therefore, be undiscernible to the untrained operator. All potential radio operators should be trained in threat jamming techniques and to determine if jamming is actually taking place. No counter-countermeasures should be taken until it has first been determined if jamming is taking place.
The operator should use the following steps to determine if his radio is being jammed.
Detach The Radio Antenna. If the interference continues, it means there is a problem with your radio. If the interference stops, it has to be coming from a source outside the radio -- either jamming or a problem in the antenna.
Check The Frequencies On Either Side Of The Operating Frequency. Because of the crowded frequency spectrum, the Threat will normally work against selected targets (spot jamming) in order to protect his own communications. If the interference falls off on either side of the operating frequency, then one operator is probably being spot-jammed.
Move The Radio To A New Location. If the interference varies greatly, your radio may have been too close to a generator or power line. If the interference doesn't vary, you're probably being jammed.
Once the radio interference has been identified as jamming, take the following steps --
The CEOI is a document designed to control communications. Each edition contains the necessary material and information for 1 month. The following list shows the various items which may be found in a CEOI:
This appendix will not explain the use of all of these items. Further information can be found in FM 24-1.
PHYSICAL SECURITY AND COMPROMISE
The CEOI is classified if its contents require it. Normally, operational and contingency CEOIs are classified CONFIDENTIAL. Administrative or training CEOIs are usually classified to make their handling easier.
Classified CEOIs must be handled with all the precautions associated with any classified document. The CEOI possibly can be compromised. As a precaution, the complete CEOI will not be taken forward of a battalion headquarters. Only a 10-day segment of the CEOI is issued to the user at any one time.
If compromise occurs, it must be reported through the chain of command immediately. A CEOI is considered compromised when any portion of it is lost, captured, or exposed to unauthorized personnel. Another case is when the contents are so misused they endanger the security of the communications system.
A call sign is a letter-number-letter combination assigned to a unit. Every unit in an organization has a different call sign.
The complete call sign is used under the following conditions:
At other times the last letter of the call sign with the suffix can be used. The last letter will be different for all stations in a net.
Call sign suffixes are two-number groups assigned to positions or activities within a unit. In a training CEOI, these are usually fixed. In an operational CEOI, they are randomly assigned on a daily basis. An expander letter can be attached to the basic suffix for further identification of positions or activities if required. The call sign and suffix together identify the sender and receiver of a radio message.
Each radio net is assigned a primary frequency and an alternate frequency. These frequencies change daily unless other instructions are given by the CEOI controlling authority. The daily change time is in the CEOI special instructions.
OPERATIONS CODE, AUTHENTICATION INSTRUCTIONS, AND TRANSMISSION AUTHENTICATION ASSIGNMENTS
These items explain the use of operations codes, the circumstances under which authentication is mandatory, and the use of transmission authentication tables. Columns in the transmission authentication table are also assigned to specific units. The numeral cipher/authentication system is explained as a separate item. Proper use of these items is critical to communications security.
THIS APPENDIX 0NLY GIVES A BRIEF ORIENTATION TO THE CEOI. TO BE PROFICIENT, STINGER PERSONNEL MUST STUDY AND PRACTICE USING THE CEOI AT EVERY OPPORTUNITY.
|Join the GlobalSecurity.org mailing list|