HIP POCKET BRIEF
Lessons on Tactics, Techniques, and Procedures (TTPs)
A Hip Pocket Brief is an informal, short, and concise training session. We think these briefs will be helpful to add some extra tactics to your “toolkit”. Below are three of the Grayman Briefing’s recent off the hip sessions posted unredacted at bit.ly/TheGBC and summarized on their free Telegram channel at t.me/graymanbriefing
Clothes Line OPSEC/PERSEC
BLUF: Clothes lines throughout history have offered a source of intel to surveillance operatives and is something that should be kept in mind for those preparing for a grid down, collapse or LAE/SHTF scenario where you may no longer have power for your dryer. Below are examples of what your hanging clothes tell others.
》Only men’s or woman’s clothes – living alone
》Combination of M/F or larger quantity – in a relationship or multiple occupants
》Different sizes or styles – can be used to count how many people
》Children’s clothes – Children on the property, kidnapping target for ransom
》Athletic clothes – Fit person might put up more of a fight
》Oversized clothes – Likely unfit and possibly easier target
》Hunting clothes – Likely to have firearms, ammunition, and possibly food stocks
The clothes line example is just one of many examples of OPSEC/PERSEC vulnerabilities we often don’t consider.
- OPSEC: Operational Security is the process of protecting individual pieces of data that could be grouped together to give the bigger picture (called aggregation). OPSEC is the protection of critical information deemed mission essential or vital to the protection of an entity. It involves identifying critical information, analyzing threats, analyzing vulnerabilities, assessing risk, and applying counter measures. A breach of OPSEC could included the exposure of a deployment date (posting on Facebook “So sad by hubby has to go to Afghanistan this weekend”), what weapons you are carrying (telling other dad’s at your kids soccer game that you carry a Glock 27 on your right ankle), or what deficiencies exist in home security (telling your FexEx driver not to worry about the camera because you alarm system is broken).
- PERSEC: Personal Security is similar to OPSEC but does not involve the protection or concern of exposing mission essential information. It’s relative to yourself and family. A breach of PERSEC involves exposing your child’s school name, your home address, and PII (Personally Identifiable Information.
QR Code Security
QR or Quick Response Codes are being used more frequently to allow customers to access menus, complete contactless checkout, or mark a place in a waiting queue. These codes are also being used by cyber criminals to collect PII, fraudulently steal money, or access your phone.
A QR Code stores alphanumeric information in the data modules of the square shape designs.
A criminal typically alters or replaces existing QR Codes at reputable locations to attempt a physical origin spearphishing attack. For example, a placard on a restaurant table could easily be switched w/ another QR Code that directs you to the hostile actor’s spoofed website. If the website looks legitimate, the victim may make a payment, fill out a survey exposing PII, or unknowingly give remote access to their phone.
》Avoid scanning QR Codes.
》Inspect the physical code to ensure a sticker wasn’t placed over top the old code.
》Review the URL of the website & compare it to the legitimate entity’s real website domain name.
Sheltering and Avoiding Detection
BLUF: If you must take temporary shelter (to sleep, surveil, hide & wait, standby evac, evading capture, etc) take measures to avoid being discovered. While considering a location that offers protection from the elements consider BLISS and SLLS to ensure security.
1. Use camouflage and concealment following the BLISS technique.
》B – Blend in with surround area
》L – Low silhouette, on ground, casting short shadow
》I – Irregular shape, not easily recognizable outline
》S – Small, keep it minimal, small footprint, small physical shape
》S – Secluded location, out of line-of-sight, away from others
Choose an area least likely to be searched (drainages, rough terrain) that blends with the environment, has escape routes and observable approaches.
2. Finally, apply the SLLS survey when assessing potential shelter points.
》STOP at a point of potential concealment and analyze the area
》LOOK for signs of human or animal activity such as smoke, tracks, roads, patrols, vehicles, vagrants, utility stations, etc.)
》LISTEN for vehicles, employees taking smoke breaks in a back alley, nearby construction, farm animals, etc.
》SMELL for campfires, kitchen exhaust, cigarette smoke.