Signals Intelligence: Capabilities for Anyone
One of the points I’ve stressed for a long time is the value found in using simple equipment to the maximum of its potential. Whatever it might be, optics to weapons to electronics, my own combat experience has fostered an appreciation for Keeping It Simple, Stupid. And that’s the very paradigm I teach my classes from- taking what’s common and simple to understand and learning the techniques of using it to its peak potential. The same is true for building signals intelligence capabilities among preppers and/or potential partisans. Not that long ago the RAND Corporation published a white paper on the very topic; what they found was that not only does the capability exist to monitor most real-world threats in any given environment, anyone can do it.
During our market scan, we found examples of SIGINT capabilities outside of government that are available to anyone. The capabilities we found have applications in maritime domain awareness; radio frequency (RF) spectrum mapping; eavesdropping, jamming, and hijacking of satellite communications; and cyber surveillance. Most of these capabilities are commercially available, many are free, and some are illegal. In our view, the existence of both legal and illegal markets and capabilities results in an environment where SIGINT has been democratized, or available to anyone.(Weinbaum, Berner and McClintock, 2017)
From experience monitoring the Taliban on a decade old Radio Shack Pro-96 in Afghanistan, an undisciplined adversary will usually tell you everything you want to know over the air. Even if he thinks he’s secure with electronic encryption, the presence of the signal itself can be detected as soon as he keys up. After working with several private groups and teaching techniques to not get found in my RTO Course, I can positively say that a lot of people are at a distinct disadvantage in the communications department not through equipment but through a complete misunderstanding of the actual function of their gear. As anyone who’s trained with me knows, tactical communications is a whole other animal from nearly everything folks think they know. The first rule of Signals Counterintelligence is to have a competent plan and not set patterns. But what about collection? Those same mistakes we aim to correct through training are likely to be repeated by the opposing force. Even if they have all of the technical enabler sin the world, a lot can be done with basic equipment.
Using Basic Tools of the Trade
The most basic tools you’ll need are ones you likely already have- some type of scanner and another radio capable of monitoring the license-free bands. It doesn’t have to be expensive. Aside from a notebook and pen to keep a log of what you’re hearing, not a lot else is needed. You can add more sophisticated equipment, such as an SDR receiver and standalone communications receiver such as the AOR AR-mini pictured, but for a basic setup, all you really need is a solid scanner and another radio to monitor license-free traffic.
A scanner’s real purpose is twofold; primarily awareness on the public safety bands but also to potentially alert us to activity in other frequency ranges the scanner might cover. If you live in a place where public safety departments have not yet went to P25 or another form of digital encoding, you can get away with scanning very cheap, usually under $100. If they’re running digital modes and most places are, you’ll need a scanner that can decode the digital transmissions. They’re typically a bit more expensive but good deals can be had. The critical takeaway for using scanners is to monitor the situations unfolding via the public services; it could be anything and often times is boring, but knowing the situation the first responders are dealing with helps us either avoid trouble or exploit it for other purposes.
The second must-have item is a radio that monitors license-free traffic. Since the vast majority of people will be operating on the license-free bands and in particular, FRS/GMRS (462-467mHz), CB (26-27mHz), then MURS (151-154mHz) in that order, having a small handheld that can monitor these frequencies is pretty important. While it doesn’t monitor CB, that $25 Baofeng (what I call the ‘ramen noodles’ of radio) can be programed to monitor all of the other frequencies. Using Chirp (link found in the sidebar of the Brushbeater blog), you can program all of the license free channels into the memory of your radio in minutes. Set it to scan, and you’ve got a cheap monitoring device. I prefer the Yaesu VX-6R as it can listen all of the above, along with being a far more rugged radio and better receiver overall. But wait, won’t a scanner usually also receive these frequencies? Yeah, it will. The reason I strongly advocate the two radio approach is to dedicate one strictly to monitoring the public service frequencies and another to monitoring everyone else- that way you don’t miss anything.
Stepping Up- Advanced Equipment
Another relatively inexpensive tool, albeit one that has a bit of a learning curve, is a Software Defined Radio (SDR) receiver. Frequently found as cheap dongles with antennas and building up in quality to the excellent SDRplay device, software defined radio receivers allow even a cheap laptop to become an signals intelligence gathering tool. While the actual mechanics of the operation is simple, the software can be anything but; it takes quite a bit of practice and familiarization with some of the more advanced distributions, but with patience and time an SDR can become a potent tool. Aside from the basic free software out there from sites like RTL-SDR, other software that makes use of the devices such as Sigmira and Sorcerer (both found in the sidebar of the Brushbeater blog) enable other capabilities, such as potential encryption analysis.
But where SDR really shines, no matter what your skill level or distribution of the software might be, is that the tool tells us where the signals are. Even if we’ve cut off the volume and are simply looking at the display, those yellow lines on the blue background as seen above are signals being emitted somewhere and received by your equipment. If you can see them, that means something is being transmitted, whether you can decode it or not. That makes having even a bottom-tier SDR an important tool to have if you find yourself torn between multiple tasks in a dedicated listening post (LP).
Another advanced tool you should consider investing in down the road is a dedicated communications receiver. These often get confused with scanners, because there’s some crossover in function. While they do scan, scanners separate their capabilities into separate banks, focusing on specific frequency ranges as well as trunking, or monitoring the separate frequencies of a repeater, thus generally being more efficient for public service monitoring than a communications receiver. But where a dedicated receiver shines is in being capable of receiving anything and everything on the particular frequency its tuned to, and all of them generally receive everything from the AM broadcast band down in the 500kHz range all the way up to 1,000mHz or higher, with everything in between. I’ve gotten great use out of the Alinco DJ-X11T and AOR AR-mini pictured. Both are rugged and weatherproof.
Several of the higher end handhelds on the market are also wideband receivers, including the Yaesu VX-6R I mentioned above. I’ve found that it makes an excellent receiver as much as it does a good handheld radio, and its versatility more than justifies its cost for that prepper or potential partisan who’s struggling to squeeze every capability they can out of their equipment. And while I like that versatility (and recommend that radio), newer receivers such as the Alinco DJ-X11T feature a frequency capturing system that allows you to tune into nearby strong signals, the same way the ‘close call’ function works on some scanners. If the receiver can find it, it can tune it quickly, giving me the edge to find any signal in my area of operations.
Basic Signals Intelligence and You
A basic SIGINT equipment package really is that simple. All that needed after this is a notebook and pen. Write down data tables for the frequencies you find the most activity on, and try to figure out the source. Radio Reference is a good source for most of your local and regional data, but keep in mind it’s not always 100% accurate. You have to regularly update your own list and keep an ear out for the various activity on the airwaves. It may take a bit of work, but there’s no special magic to it- what’s common and off the shelf, when used properly, puts a lot of capability in the hands of just about anyone. Like everything else, it takes training to get right. It’s not complicated, it’s not fancy, and it works. The more we train now the better we’ll be in the long run.
Share This Story, Choose Your Platform!
9 Comments
Comments are closed.
5
4.5
4.5
What kind of loop antenna is that?
It’s an Arrow UHF fox hunt loop.
Great article. Have a question for you. I’m looking at a Yaesu FT-2DR. What’s your take on it for SIGINT? I like the Alinco DJ-X11T but it only receives. Would I have to sacrifice the frequency capturing system with the Yaseu or do you know if it can be done somehow on it. Also, I like the GPS system on the FT-2DR. I’m in full prep mode now & would like to spend the $300 on something other than another radio. Keep cranking out the good stuff in ’19. I’m sure going to use every bit of it. Hope to get down to NC for your RTO course this year. Also, making plans to visit the American Redoubt, especially Wyoming (your wyowander link at Brushbeater has me wanting to return there after a very nice vacation back in ’02)!
Thanks for the kind words. In all honesty, they’re two different tools. Communications receivers are what they are- designed to receive. If you’re trying to wring as much capability as possible out of one unit, the VX-6R (if buying new) is the way to go. It is much more rugged than the FT-2. Although it is analog only, there’s plenty of ways to use analog off the beaten path, and the VX-6R (with a MARS/CAP mod) is a pretty versatile piece of gear.
I’d love to have you out for class. I will be in Montana June 14-15 for the RTO Course and the Advanced RTO course the following weekend.
Licensed general class here. I’m double covered for HF/VHF/UHF rigs, along with SDR from a fixed position. I’m now branching out and looking at scanners that can broaden my ability to capture both outside and within the amateur frequencies while on the move – either foot or vehicle. Hoping to find something with a robust “close call” feature, and the ability the swap out antennas. I’d like to use this for dedicated DF (which is something new to me but I’ve been intending to get into for some time) – which implies movement/mobility. (Which is why I don’t want to lug around a laptop with an SDR velcro’d to it…) I have the obligatory Baofengs I purchased when I first tested for tech – and they cover much of the spectrum I’m interested in, but don’t have “close call” and, for me, have a transmit button too easy to activate. If I’m DFing – I don’t want to accidentally emit RF myself. Any recommendations of what to pickup? The receiver discussed here (Alico DJ-X11) doesn’t seem to have a robust “close call” feature, although it seems to have something similar. What would would be ideal? Thanks!
It’s a built in near-field close capture, which is a fancy way of saying it will auto-tune to the nearest, strongest frequency. It’s the same thing as ‘close call’ that uniden has, just a different name.