From early May 1944 through early June 1944 the words Gold, Sword, Juno, Utah, Omaha, Overlord, Mulberry, and Neptune appeared in The Daily Telegram’s crossword puzzles. On June 6th the allied invasion of Normandy (D-Day), codenamed Operation Neptune, attacked the beaches codenamed Gold, Juno, Sword, Utah and Omaha as part of the overall invasion called operation Overlord. The operation used portable harbors named Mulberry harbors. Needless to say the creators of this crossword puzzle series got a visit from MI5.
It turned out that the creator of the crossword puzzle was a headmaster for a school next to an army base housing soldiers preparing for D-Day. The soldiers were apparently using these words in front of their kids, which is against OPSEC. The headmaster would occasionally have these kids in his office while creating the crossword and ask them for word suggestions. It never occurred to him where these kids might be hearing these words. Oops.
For a couple of articles I’ve written there have been some commenters concerned I might be giving ideas to Russia. My general response has been if they are coming to me for ideas, they’re really in trouble. But also, my ideas have generally been broad ideas that any military planner would be familiar with and not of any use to a professional. It would be like telling a seasoned political campaign director “you should do some polling.” Or maybe “get some volunteers.” It’s not like sharing internal polling with the world.
However, there have been two topics/ideas I have not shared previously and another one today that I won’t be writing about either. And that’s not because I have inside information or the ideas are all that amazing. But rather if I am randomly correct about these particular ideas, such as the schoolmaster was unwittingly using codewords, it might have a negative impact on operations. Had MI5 felt that even though the schoolmaster was not guilty, but that D-day was somehow compromised anyway and postponed it for a month or more, history might have gone significantly different. Maybe the Soviet Union might have taken all of Germany or some other significant deviation.
So it’s not that I don’t want to share, or even that they’re good ideas. They may be horrible. But my writing about them may be randomly on spot and either tip Russia off or scare Ukraine away from it. I highly doubt either country has people reading my writing on this site. Someone might be reading Kos and Mark. We do have some trolls at times. But I’d be flabbergasted if anyone at all connected to Ukrainian or Russian decision making was reading my stuff. But I also don’t want to be one of those school kids. Maybe an idea of mine might be passed on to someone who is being read and they repeat it.
So instead I want to talk about OPSEC. OPSEC is operational security. There are plenty of you who know more about it than I do so I won’t really be trying to teach you anything. Please share your experiences and knowledge and correct my mistakes! But there are folks like my Mom who are giving a big old shrug, unsure about what it means.
Operational Security are the policies and procedures that militaries take to prevent information from leaking out to possible enemies. It doesn’t even have to be war time. Essentially, OPSEC is limiting in every possible way information about you that could be collected and used to inform the enemy, even information many of us would not recognize as being useful. The classic line is “Loose lips sink ships”. During World War 2 (and other wars) simply mentioning to someone you know at dinner in a restaurant that you’d be leaving for London tomorrow could be overheard by someone at the next table. That person could get that message to Germany and it would eventually arrive to a U-boat captain to be on the lookout for a passenger ship leaving New York on such and such date. As ships traveled in convoys, that knowledge would put multiple ships in danger.
The worst case of Operation Security the world has ever seen would be the January 6, 2021 attack on the capital. It must be the most documented crime in all of history. Many people posted they were going, live-streamed what they were doing while there, and proudly told the listeners their name. They also happened to be catching the faces of anyone walking by while there and possibly live-streamed criminal activity other people were committing as well. The organizers used somewhat better OPSEC but still made plenty of blunders, such as putting multiple hotel room bills on the same credit card, nicely linking them for a conspiracy charge. Oops.
It’s not just the amateurs who make mistakes either. In a rather embarrassing episode for both Fitbit and US intelligence services, Fitbit publicly shared heat map tracking that revealed not just the location of previously unknown US bases, but was accurate enough to essentially provide floor plans. That security breach has since been taken care of, but we’ll always know those bases were there.
The war in Ukraine has been fascinating when it comes to OPSEC. It might be the most documented war in history as many occupants of Ukraine simply got out their phones and took pictures and videos to share online as hostilities began. Particularly early on in the war, these pics and videos were everywhere. There is a whole group of folks who participate in OSINT (open source intelligence) who have taken these internet posts to derive information from them. Kos and Mark regularly share either original twitter sources or twitter threads from public analysts sharing what they’ve learned from this OSINT community. There is a website tracking vehicle losses on both sides using this publicly shared information. Here’s just one article talking about the effects of this.
Early on in the conflict these posts were generally approved of and encouraged as a means to increase sympathy for Ukraine throughout the world as well as to encourage their own citizens. But then, quite noticeably in May, Ukrainian leadership started to put a lid on this. Information still gets out, but much reduced and often through government approved sources to manage the impact of this information.
If 100% of people who enlisted in the Ukrainian army posted they were enlisting, then Russia would end up with a complete roster of the Ukrainian military. If soldiers posted pictures of themselves at different town halls, as was common early on, the Russians can use that to track unit movement.
As we get closer to a potential Ukrainian offensive, this information becomes even more important not to share. Going dark(er) in May was essential to do then. It takes months to plan an offensive and even where troop reserves are being stationed can potentially be a tip off to future actions. Just the action of going dark can be a tip off something is coming, so it needs to be handled far enough in advance that it’s no longer useful to the enemy. There can be no surge in Facebook posts saying goodby or tweets saying you’re moving. Personally I haven’t been on Twitter or Facebook for years, but for many people such a withdrawal must be difficult, particularly in a time of war when you want more connection to friends and family, not less.
For those of us addicted to following what is going on, this reduction in information coming out has been frustrating even though we know it to be necessary. I feel odd writing about this topic because in some ways I feel like I’m writing about nothing. But nothing here is the point. If Ukrainian forces can be invisible to Russia, then so much the better.
If anyone asks, you didn’t get this from me.