Hacker OPSEC

STFU is the best policy.

Required Reading

This is a short list of articles and papers that you absolutely must read if you want to understand OPSEC.

  • Terrorist Group Counterintelligence :: This is the thesis which later became the book Terrorism and Counterintelligence. Read at least one of them (the thesis is free).

  • Allen Dulles’s 73 Rules of Spycraft :: This is the handbook of how to live and operate securely. It is 50 years old and it has aged remarkably well. Read it. Study it. This will be on the test.

  • Clandestine Cellular Networks :: This paper deals primarily with the lessons learned from fighting insurgents, but it is extremely valuable as a handbook on tradecraft. I previously posted just the tradecraft chapter for people who don’t want to slog through all of it. I suggest reading all of it.

  • The Terrorists Challenge: Security, Efficiency, Control :: This paper examines the primary trade offs that need to be made when operating a covert organisation. If you have multiple people working in secret, managing them and their work requires making tradeoffs between security, efficiency and control. This paper will help you to understand those tradeoffs.