TechTarget.com/whatis

https://www.techtarget.com/whatis/definition/COMINT-communications-intelligence

communications intelligence (COMINT)

By Rahul Awati

What is communications intelligence (COMINT)?

Communications intelligence (COMINT) is information gathered from the communications between individuals or groups of individuals, including telephone conversations, text messages, email conversations, radio calls, and online interactions. Specifically, COMINT refers to analyzing the signals containing speech or text that are generated from these interactions.

What is the purpose of COMINT?

Efforts to collect COMINT by intercepting voice, text, or signaling channels are aimed at seeking information about voice, text and signal transmissions. That can lead to determining a number of intelligence considerations about those communications, such as signaling bandwidth and protocol, modulation type and rate, and radio frequencies in-use.

COMINT might refer to both wired and wireless communications intelligence. It is often collected covertly, meaning without the knowledge of the parties involved in the interaction.

Here, intelligence refers to information that enables an organization, government, or individual to make decisions that provide them with a strategic advantage, usually over an adversary or enemy countries. The term is often abbreviated as intel.

COMINT activities

The process of gathering and analyzing COMINT usually involves all of the following activities:

Collect and analyze voice or text data

The COMINT team tries to intercept communications among individuals or groups. They then analyze the data to convert it into actionable intelligence.

Create a COMINT report

The team creates a COMINT report that details the content that was intercepted and decoded, whether it is alphanumeric text or speech. The report might also include other information about the target network, such as its user groups, their locations, network topologies and usage, and encryption methods used.

Enable decision-making

COMINT reports enable decision-makers to enhance their situational awareness about the target network. This awareness can help them to obtain a strategic advantage over their adversaries by taking better, intelligence-driven, and timely decisions.

The above COMINT activities are intended to help the COMINT-gathering entity to determine many details about inter-individual or inter-group communications, such as the following:

• Who the communicating parties are.
• Where those parties are located.
• The transmitter's organizational function.
• Time and duration of communication.
• Frequencies and other important technical details in the transmission.
• Encryption used and whether the information can be decrypted.

What is the difference between SIGINT and COMINT?

Signals intelligence (SIGINT) refers to intelligence gathered by intercepting and then analyzing the signals emitted by foreign communications systems, information systems, weapons systems and radar. This information is used -- typically by a country's government and/or its armed forces -- to carry out numerous important national objectives, such as the following:

• Protect troops.
• Detect and mitigate terrorist activities, including cyberterrorism.
• Combat international crime.
• Combat narcotics flows and human trafficking.
• Support diplomatic negotiations.

SIGINT enables countries to better understand the intentions, capabilities and actions of foreign countries, particularly adversary countries. The agencies that collect SIGINT, such as the U.S. National Security Agency (NSA), maintain a fairly large workforce of language professionals, mathematicians, statisticians, intelligence analysts and engineers, as well as leverage state-of-the-art tools and technologies to collect SIGINT from various sources, interpret its technical characteristics, and derive actionable insights that might be useful to its users (e.g., government policymakers).

The term COMINT is often used as a synonym of SIGINT but it is actually a subfield of that broader area, which also includes electronics intelligence (ELINT). The main difference between SIGINT and COMINT is that SIGINT refers to the signals emitted by electronic systems, whereas COMINT refers only to the signals containing speech or text, i.e., the signals arising from communications between people.

COMINT, like SIGINT and ELINT, is a term defined by the U.S. Department of Defense (DoD). It is a field of data that's studied by intelligence communities the world over.

What is the difference between ELINT and COMINT?

ELINT refers to intelligence gathered from electronic signals. These signals might come from radio pulses, electromagnetic pulses, radars, missiles, guidance systems, or aircraft. Unlike COMINT, ELINT is intelligence derived from noncommunication electronic signals, i.e., signals that do not contain speech or text.

There are mainly three types of ELINT:

• Technical ELINT or TechELINT describes the signal structure, emission characteristics, modes of operation, and functions of signals emitters like radar, beacons, jammers and navigational signals. It is mainly used for electronic warfare.
• Operational ELINT (OpELINT) focuses on locating specific ELINT targets to determine their operational patterns in order to enable their exploitation, usually by military operational planners and tactical military commanders.
• TELINT or Telemetry ELINT is the intelligence derived by intercepting, processing, and analyzing foreign telemetry, such as from foreign missiles or space vehicles.

There are no such categorizations for COMINT.

COMINT use cases

Usually, a military will use COMINT systems to locate and jam hostile communications networks. COMINT is also used in search and rescue missions. That said, countries might also monitor friendly military COMINT as part of their communications security (COMSEC) strategy. Also, COMINT is mainly concerned with foreign entities, according to many intelligence communities in the U.S.

However, in 2013, Edward Snowden, a former technical assistant for the CIA, revealed that similar tactics are also used on a country's own citizens, particularly in the U.S. It was disclosed, for example, that the NSA had been gathering the communications and related metadata of private citizens since at least 2001. His revelations created an uproar and highlighted the dangers of mass surveillance and privacy risks.

Enterprise communications security is a growing risk. Find out how this is playing out as seen in TechTarget's Enterprise Strategy Group's survey on security threats related to email and other communication tools.