In the security-cleared world, we see the term “adversary” used in conversations and threat assessments every day. We know we must protect our secret project against all adversaries…but do we even know who our “adversaries” are? What exactly is the meaning of this term, “adversary?” Is this just another compromise to politically correct speech? Can a competitor be an adversary? Or a friend?
“Why not just call them enemies?” I can hear the program manager cry. Stop and catch your breath. There is much to be found in the term adversary, so let’s look back to where the term originated.
Open source intelligence gathering on “The Adversary” in WWII
During the Second World War, no less than the famous Archibald MacLeish, Librarian of Congress, convened a group of scholars to outfit the new Office of the Coordinator of Information (COI). This Orwellian title hid the real purpose of President Roosevelt’s research and appraisal organization: to deduce the plans, capabilities, and intentions of the Axis powers. They did this using both classified espionage reports, but also and especially unclassified information – what we would now call “open source” information exploitation.
To this end, the COI became virtual vacuum cleaners of foreign information. They collated from around the world thousands upon thousands of documents, news reports, private communications, and official reports. They tried with all this data to understand the economic, social, political, and military capabilities of the enemy. They would study things like Japanese films and the speeches of Nazi propaganda chief Joseph Goebbles. They could better understand their adversary by using this open source information.
All nations, companies, non-state groups, information brokers, private intelligence services, criminals, and even terrorists have since learned the value of information that is not properly protected. Remember, we protect classified information with traditional security measures – but information surrounding that classified material is not all classified; enterprising adversaries can put these unclassified puzzle pieces together and figure out classified secrets.
Particularly in the age of smartphones and social media, everyone is a collector now. Some are friendlies, and some give away your information by mistake. Some are newsmen, some spies. Those – and many others – are your adversaries.
Your Adversary is not always your enemy
In WWII, we sought information on nations who were clearly our enemies – but there’s more to the evolution of our “adversary.”
During the Gulf War, Geraldo Rivera, a newsman, was embedded with the 101st Air Assault Division. Filming live, he sketched into the sand how they planned to attack the Iraqi enemy. Panic ensued. The 101st Commander said Giraldo compromised actual American combat plans in his reporting, and booted him out of Iraq. Geraldo was unceremoniously deposited in Kuwait.
Rivera was not an enemy, but an “adversary.” This story is not unique. American Marines landing on Somalian beaches were blasted by bright, night-vision destroying kleig lights. The lights belonged to American television crews. The TV cameramen learned days earlier of the military deployment…from the Pentagon! Surely they weren’t enemies, but in this case, they absolutely were adversaries. They just hadn’t understood the complexity of the problem and the threat their presence posed.
Cleaning crew, freelancers, repairmen – do you know who could be your adversary?
As a cleared project participant, do you know who your adversary could be? Consider all aspects of your project. Could the person you assign to write a “Request For Proposal” be an adversary? Could this person mistakenly compromise some of your secret work by what he puts into this publicly-released document? Or what about people who are given tours of your company? Are they sufficiently vetted so you know who they are, what their interests are, and what they might be seeking? How about your briefers? Do they know what can and cannot be discussed when questioned?
A favorite example is one I got from a news writer. “Go where the stories are,” he said. He’d hang around bars and restaurants – the same places your teammates and employees go. Listen, and wait. Eventually a story will pop up via an unguarded phrase, a casual remark, or a clever aside mentioned to another colleague because “After all, no one is listening.” In this way, the newsman is an adversary.
Many of us can’t imagine our projects might be compromised. We trust our cleaning teams, our home custodians, our computer repairmen. Who knows who they are, really? Do you even see them after a while? Try this. Ask a random sampling of your team at work the names of the cleaning team. Has anyone ever briefed them on what to do if they find FOUO, classified, or other protected information laying around? Do you protect such information when they come by? Are they not potentially ‘adversaries’?
One of the first cases I ever investigated involved a trash collector. He’d been offered the equivalent of $250 a month to bring his spy handler any document thrown out into the trash. He did. This is espionage, but he was an adversary which no one suspected. Of course, the man who puts a USB device not cleared by the office in his government or company computer could compromise everything. He would have done so not because a spy waited to give him cash, but out of ignorance, arrogance, or stupidity. These days, since this tactic is well known, stupidity cannot be ruled out as the source of an adversary.
So consider looking closely at your cleared company’s practices before you call out the counterspy cavalry. The adversary is often closer than you think.