Counter Surveillance & Surveillance Detection

Unfortunately what I have found is that many businesses do not go beyond their front door when it comes to protecting their property. This then may compound any procedures which may be in place as you are now going to have to 'React' to immediate threats and not 'Respond' to threats which have already been seen prior to arriving at your location.

In part 1 here; we are going to look at the 'Attack Cycle', the procedure whereby the professional terrorist and major criminal fraternity will carry out an attack on a target, and to some extent how the lower levels of the criminal class, the thieves, muggers and, burglars for example will employ some of these procedures.

Apart from the criminals who will commit crimes on the spur of the moment most attacks will be planned, from here on in, an 'Attack' may mean a terrorist attack using high or low tech weapons, it may be a gang of pickpockets targeting a busy shopping mall or if you are in a high rise building it may be base jumpers wanting to jump off the top of your building. Many  will go through the full 'Attack Cycle' while some may only follow parts of it depending on their intent.

Attack Cycle:
Target Selection
Planning
Deployment
Attack
Escape / Martyrdom
Exploitation.

Although we need to deal with every aspect including intelligence gathering, in regards to this blog on counter surveillance we are concerning ourselves with the 'Planning' phase of the attack cycle.

The 'Minimanual of the Urban Guerrilla' by Carlos Marighella states that for the guerrilla, 'His information service must be better than his enemy's' and that 'Surveillance must continue up to the moment of attack'.
Knowledge of the enemy, who they are and how they move (security personnel identification and movement around a location) , knowledge of terrain (local ground appreciation) approaching location, escape if needed and Police/military responses. This all entails reconnaissance of the selected target and surrounding areas.
The Planning Phase 
The planning phase is broken down into four phases:
Online Surveillance
Initial Surveillance
Close Target Recce
Penetration Testing (If required)

Once again depending on who is targeting your location they may or may not go through all of these phases.

Online Surveillance
Google maps is an excellent tool for not only conducting route reconnaissance for those of us who use it for initial route planning within the close protection field, but for an attack; with ground appreciation it may also go some way in dictating what type of attack is to take place, what vehicles are to be used, where can they parked, roadside or underground, is it disc zone, parking meter or full residential parking. where are the dead ends, one way streets, are there bollards blocking roads and are there any road works etc.
Not only will this give various routes onto the target and routes of escape but will also help in starting out from as far away from the target as possible, the starting point of the initial recce.

Within security we have (Or should have) ever decreasing circles of security, security in-depth as it were. For someone targeting a location they have the opposite, they have ever increasing circles of attack with the smallest circle being where the actual attack will take place.
Google maps and online surveillance will help with this planning. Take your location, where is the furthest point that your location can be observed from? This is the starting point of the attackers next phase, The Initial Surveillance. 

I've taken The London Eye as the example below. You can see here that this location can be seen from across the River Thames, gives lots of routes in and out by vehicle, on foot and by boat. So the furthest point out is from where your first circle of protection must extend to..

Initial Surveillance

While not exactly a circle, the red outline gives you (The Surveillance Detection Operator) your Tactical Area Of Responsibility and the attackers first phase, his Initial Surveillance. From observing from the furthest distance you can get a good lay of the land, watch road, river and pedestrian traffic at different times of the day or night to give the best options for approaching and escape, if escape is an option.

Working inwards towards the target; the attacker is going to look for lay-up points, a lay-up point is a place where he might leave his vehicle for ease of escape or to meet others coming in to do multiple person recce's. It may be secluded or in the open, does he need to change clothes multiple times throughout the day? Does have kit for various aspects of his recce which he needs to travel back and forth for? 

Close Target Recce
We are now getting to the more dangerous phases for any attacker as they now have to spend time in the targets immediate vicinity. Identifying security patrol routes, patrol times and security posture, security and staff entrance and exit to the building, delivery procedures etc. Camera locations, areas covered and type of camera if seen. Security and staff activity around the external of the building, do they wear uniforms, ID Badges, name tags, or have lanyards with ID cards attached. Are security and staff private vehicles parked on site or nearby, who do they belong to?

If a VBIED is going to be used, where can it be parked where it will be less suspicious and still hit the target, car, transit, flatbed?
If it is a terrorist cell how many entrances are there to the building, how do you access the outer entrances, can roads be blocked, can entrances be manned by cell members?
Just remember, George King, a 19 year old spent months scoping out security on the shard so he could climb the outside of the building to the top on the 8th July 2019.

Does your location have shops, cafe, restaurants where you can be observed from? Who's watching, how long have they been there, what are they drinking or eating if anything?

Penetration Testing
Depending on who is targeting you a penetration test can be simple or complicated. Is it just a walk around the premises inside a shopping mall, museum or art gallery. This might the first stage of the CTR, Watching security, cameras, staff accessing back of house, who are the managers, names, genders etc. Listening to conversations for information, starting conversations with staff members or security members.
If they need to get back of house how would they do that? Tailgating is still the easiest method but how about a meeting with a company member for a job interview or as a salesman or representative, 
Here the attacker may also start a scenario which will trigger a security response or to flush out any SDOs. Set off a fire alarm, have someone start a fight or other commotion, leave a suspect package lying around. or have someone loiter in a suspicious location. 
How would you do it?

This is just some basics for you to consider, put yourself in your enemy's shoes when planning your SD operation, from thieves, pickpockets, demonstrators, activists, base jumpers, urban explorers all the way up to the terrorist. You have to be good all of the time!

Stay Dangerous

​Rock