Data In Motion: The Key to COMSEC

Communications Security, or COMSEC, is one of those deep topics. Its not a clean, neat answer in nearly any case, with the caveat given most often “it depends”. Whatever the purpose is behind your communications, some degree of COMSEC has to be employed. Those three distinct purposes I defined in The Guerrilla’s Guide to the Baofeng Radio as being:

  1. Sustainment: Sustaining qualities of life; emergency services, etc
  2. Tactical: Supporting / coordinating fire and maneuver
  3. Clandestine: Covert instruction / coordination among an Underground

The method by which each of these roles are filled vary widely. So-called experts get hung up on various pieces of equipment and its capabilities (or the lack thereof) baked in, always forgetting the most important part:


Whatever the medium may be in passing the data from point A to point B, it is imperative to recognize data in motion is the actual target of signals intelligence. What is not transmitted is not intercepted. If that transmission is short enough, no matter what’s actually transmitted, its also not likely to be intercepted. If no discernible pattern is observed on part of the Signals Intelligence (SIGINT) Team, it is likely they’ll miss the transmitted data by simple oversight. Last, if that data in motion is transmitted in such a way that it requires the message in its entirety to decode, it is likely that COMSEC is preserved.

SIGINT teams function at two levels simultaneously – tactical exploitation, meaning real time decision making based on what’s intercepted, and pattern analysis, done at a higher echelon over a long period of time for the purpose of predicting an enemy’s next moves based on historical behavior patterns.The former can be anything from interception of voice traffic to awareness of threats within a battlespace, the latter through analysis of previous actions. But all of this is done in the effort to, and as a result of, exploitation that very same data in motion. Without it, the SIGINT role is fruitless.

That leads us to understanding that the brevity and obfuscation of data in motion is the real key to COMSEC, with forms of encryption serving to strengthen the preservation of that data should it be intercepted. This is not to dismiss the role of encryption; quite the opposite, in fact; but it is an assertion of the reality that COMSEC begins and ends with keeping a communications plan strictly disciplined in any of the three roles of communications, transmitting only when necessary, and keeping those to short bursts under 5 seconds. Failure to do so will absolutely lead to interception by even novice SIGINT Low-Level Voice Intercept (LLVI) teams and absolutely by airborne platforms.

Once the data in motion has been found, SIGINT teams begin specifically searching for the geolocation of:

  • The Point Of Origin (POO)
  • The Recipient

The first is most critical and the easiest to target through triangulation should they transmit long enough or get overly chatty at the tactical level. Their use of electronic encryption is irrelevant, their signal gives them away to anyone with the proximity and means to intercept and get a bearing. The Recipient is more difficult, unless they’re complete idiots, transmitting a response on the same frequency and via the same recognizable pattern or method.

In The Guerrilla’s Guide to the Baofeng Radio I cover exactly how to do that with inexpensive components. A radio, of course, a K1 cable, a tablet, and free software. The techniques described in the book can work for nearly any communications means; any radio, any type. It is not isolated to the Baofeng alone.

From the SIGINT side, recognizing that interception of data in motion is the first task, one of the best tools available today is the TinySA spectrum analyzer. The ability to visualize broad swaths of the radio spectrum at once looking for those spikes that indicate something’s transmitting – coupled with a waterfall to identify what type of signals are being transmitted – any signal, analog or digital, has a unique visualization to it. When paired with a communications receiver and recorder for audio output, capturing that data in motion, followed by triangulation of the POO, expedites the process of targeting an enemy’s communications.

All of this requires training in the real world. While intelligence and communications tasks are fun topics of conversation, even the most knowledgeable out there find themselves coming up short when the real-world application is lacking. Both the Signals Intelligence and Tactical Signals Exploitation Courses should be your first stop for professional instruction.

I’ll see you out there. Stay dangerous, stay free. -NCS

One thought on “Data In Motion: The Key to COMSEC

  1. Tunnel Rabbit

    Off Topic Post

    I am attempting to pass along this information so that others can use it. As I only have a few minutes to get this done, this was the most expeditious route. Please use this as you see fit. The caption is part of two articles published on Survivalblog in the past few months. BTW, I dedicated a section of the lastest article to promoting your book. Great stuff. Thanks!

    Solar Direct Charging for Transcievers

    “This is an important DYI innovation as it eliminates the need and expense of deep cycle batteries or other small or large storage battery, a charge controller, cables and wiring, and it provides the most efficient use of available PV panel power. It is more efficient than solar systems that use a MPPT charger controllers and lithium batteries. And it can be apart of a very lightweight, and packable recharging station, or as a part of another contingency plan, as well as a means to enable neighbors to charge their own radios. To my knowledge, there is no voltage drop down device on the market that is suitable for Boafeng UV5R, Kenwood, or Midland transceivers that require 9 to 10 vdc for their charging bases. Fortunately we can easily manage to cobble together our own charging device by use of these instructions for as low as $10 each, or less.

    With this device, as tested in NW Montana during the rainy/cloudy months of spring when insolation (sun shine) reduces PV panel output to 10% to 20% of it’s maximum rate output. Using a single 100 watt panel, 4 Boafeng UV5R transceivers with 1800aH batteries can be kept operational 24/7, and 4 others charging, or fully charged. The number of radios that could be charged might have been higher, yet for the purposes of the test, the limit was determined by the actual amperage output of the panel as installed in a less than ideal setting, where the maximum amperage of the nominal 12 volt panel did not exceed 4.0 Ah. VOC (Voltage Open Current) was 21.5vdc. I surmise that during long summer days, perhaps up to 8 to 16 transceivers could be charging, with 8 operational on standby (receive) 24/7 with only one 100 watt PV panel. I have not tested the limits, but kept to conservative, or realistic expectations, and the results exceeded expectations. Results will vary at different locations and weather conditions. A Boafeng UV5R 1800mAh battery, when completely discharged, draws no more than 0.180mA when charging, and quickly tapers down. The UV5R is as an efficient receiver power wise as are some scanners, drawing only .075 watts when onstandby, or recieve.

    In another test, a 10 watt panel easily kept one transceiver operational 24/7, and another charging, or fully charged during this spring during variable weather conditions. A 20 watt PV powering this voltage conversion device will also operate Argent Data Systems repeater 24/7 attached to a Boafeng UV5R without a dedicated storage battery. In fair to good weather, a minimum of one 30 watt panel would be needed to operate a cross band repeater comprised of two Boafeng UV5R’s using 3800aH, verses the 1800aH batteries. These examples are useful during ideal weather conditions. Larger panels would be required in less than ideal conditions….”

Comments are closed.