Counterintelligence Activities of Non-State Actors



    A diverse range of organisations carries out intelligence-related activities to gain a competitive advantage, including non-state actors (NSAs), a prevalent threat in the contemporary conflict environment and intelligence landscape. Counterintelligence (CI) is an imperative ancillary discipline to intelligence and vital to disrupt the threat of hostile intelligence, surveillance and penetration. Comprehensive Counterintelligence employs investigation and analysis to detect, deter and neutralise hostile intelligence. Emphasis on analysis ensures information is used to its maximum potential value to promote knowledge and understanding of threats. Counterintelligence is considered a primarily offensive discipline built on a strong defensive foundation. Offensive CI should seek to engage, control and manipulate hostile intelligence threats.  Defensively, CI should promote operational security and prevent and protect against hostile penetration. 

    NSAs pose an unfamiliar but exciting Counterintelligence challenge.  NSAs are generally smaller and more adaptable than their state-level counterparts, with unconventional organisational structures. As the intelligence capacity of NSAs grows, dedicated CI units develop to build a thorough understanding of adversary intelligence threats. This understanding creates confidence and operational certainty, conferring a competitive advantage.  However, access to resources, technological expertise and overarching motivations differ across the range of organisations with a CI capacity, affecting how CI is used to aid decision making and achieve operational priorities. 

    NSAs are perceived to have an inferior offensive Counterintelligence capacity compared to state-level CI organisations as they are often suffering from a resource deficit and a threat of disproportional power.  Traditionally state-level CI practitioners have superior SIGINT, IMINT, MASINT AND GEOINT capabilities, as well as access to military, economic and diplomatic instruments.  This range and wealth of resources promotes offensive CI tactics and supports strategic CI to direct operations and provide the best understanding of the enemy. 

    However, the offensive CI capabilities of NSAs should not be underestimated.  Access to human and financial resources give NSAs OSINT capacities that often match, if not exceed those of state-level organisations.  OSINT provides cheap and technologically dilute offensive CI.  Although it is not always as accurate, reliable or relevant as more resource-intensive and specialist intelligence sources, it can still make a critical contribution to the analysis.  The OSINT capacities of NSAs will improve with the increased availability and complexity of technology.  Additionally, the HUMINT capacity of NSAs must not be underestimated: large financial bribes and strong ideological and political motivations provide powerful incentives to infiltrate adversary intelligence organisations. 

    Significant gains in IMINT, SIGINT, MASINT and GEOINT offer a further offensive advantage to NSA CI. For example, phone taps, malware and hacking are relatively cheap and basic methods of intercepting communications and the recent increase in popularity of recreational drones offer a surveillance and reconnaissance method no longer reserved for state-level military-grade CI.  Furthermore, NSAs operated outside the legal, bureaucratic and political restrictions that can hinder state-level CI.  NSAs possess an offensive CI capacity that exceeds expectations and demonstrates a capacity to adopt a CI approach that confers a strategic competitive advantage.

    In addition to their growing offensive CI capacity, NSAs use defensive measures to counteract the resource deficit and asymmetric nature of conflict they face.  Investing in security-related measures ensure operations rest on a robust defensive foundation, lowering risk and uncertainty and providing confidence and control in the mandate and missions.  

    Vigilance, compartmentalisation and secrecy are fundamental to NSA defensive CI.  A compartmentalised and small cell-based organisational structure limits knowledge of the identification of members and reduces the need for intra-organisational communication.  This fosters resilience to an aggressive adversary intelligence and CI practices.  Equally, a more compact organisational structure helps NSA CI practitioners benefit from proximity to the local community and gain an in-depth understanding of the local CI environment.  These defensive CI advantages are particularly significant given the resource deficit and disproportionate power of the intelligence threat NSAs typically face. 

    The asymmetric nature of state versus non-state conflict offers a further defensive benefit to NSA CI.  Suspicion and conspiracy, along with common ideological and political motivations, form defining features of group cohesion and make a commitment to defensive measures particularly strong. NSAs distance themselves from their fanatical motivations and employ rational and objective defensive Counterintelligence strategies.  This provides an operational foundation of certainty and control to counteract the resource deficit they face.   

    In comparison, basic defensive CI and operational security measures can prove more problematic for state-level CI organisations.  The scale of organisational structure and increasing pressures to share information with other public, private and foreign agencies saturate communication channels and erode control of access to information.  Compartmentalisation is difficult, increasing vulnerability to infiltration and interception.  The limitations of state-level defensive CI are likely to be exacerbated as the offensive capacity of NSA CI grows with advances in technology and expertise.  It remains imperative that state-level CI organisations mount operations on a robust defensive and security-oriented foundation to counter the growing threat from NSA intelligence and CI. 

    The unfamiliar, diverse and adaptable structure of NSAs makes them a challenging target for penetration.  CI strategies must be flexible and responsive to the dynamic nature of the threat from NSAs.  A focus on analysis allows CI practitioners to recognise trends and anticipate threats, offering a strategic advantage.  This is significant given the often unfamiliar and unprecedented nature of conflict involving NSAs.  New and innovative approaches which appreciate the importance of strategic analysis can disrupt and neutralise the growing offensive threat from NSA intelligence and CI and ensure defensive measures provide sufficient protection.  This will ensure CI can be used effectively to obtain and retain a competitive advantage and make a critical contribution to frustrating the growing threat from NSA intelligence and CI.  

    Rachel Brown
    Rachel Brown
    Focusing on the field of counterintelligence. Rachel Studied Law at Queen’s University Belfast and a MA in Intelligence and Security from Brunel University London. Rachel researched the use intelligence methodology in anti-doping. Email: [email protected] LinkedIn:

    Table of contents


    Get the weekly email from Grey Dynamics that makes reading intel articles and reports actually enjoyable. Join our mailing list to stay in the loop for free!

    Related contents

    Learn to create professional videos and have fun in the process of creating videos.
    Video Review And Collaboration.
    Get Started
    Subscribe to our Free Newsletter!