Most security conversations begin at the point of impact: phishing, malware, ransomware, data breaches and compromised systems.
Those threats matter. But they are rarely where the adversary starts.
Before exploitation, there is collection.
Before intrusion, there is reconnaissance.
Before action, there is intelligence.
One area still under-discussed in the private security space is signals intelligence, or SIGINT.
Image 1: Understanding SIGINT in the Modern Threat Landscape.
Traditionally, SIGINT has been treated as a government, military or intelligence-agency discipline. But the modern threat landscape is no longer that cleanly separated.
Criminal groups, hostile actors and organised networks increasingly operate on the same principle. That is where cyber, physical security and intelligence begin to overlap.
The tools and techniques that once required state-level resource and access are increasingly available, affordable and understood beyond that world. Off-the-shelf hardware can monitor wireless environments. Geolocation data is commoditised. The barrier to conducting meaningful signals collection against a target has dropped considerably. That shift matters for any organisation that assumes its exposure begins and ends with its IT perimeter.
Image 2: Signals Intelligence Is No Longer Only a State-Level Concern.
Documented cases show organised criminal networks using phone metadata, geolocation data and signal disruption to identify law enforcement activity, evade surveillance and protect their operations. GPS jammers have been deployed to blind tracking systems during cargo theft. Counter-surveillance techniques once associated with state-level actors are now in active use by criminal organisations. The gap between state capability and criminal application is narrowing. That has direct implications for private sector organisations.
For private organisations, the lesson is clear: threat intelligence cannot stop at the firewall. The more important question is what an adversary already knows before the attack is even considered.
A mature security posture should ask:
What can an adversary observe before they attack?
What signals are we leaking?
What wireless or RF exposure exists around our people, sites, vehicles or operations?
Could location data, device behaviour, communications patterns or technical emissions be used to build intelligence against us?
Consider a straightforward example: a fleet of company vehicles passively broadcasting Bluetooth identifiers and Wi-Fi probe requests creates a pattern-of-life signature readable by anyone with basic monitoring equipment. Add mobile devices connecting to cell towers, and a picture of where your people are, how frequently they move and when routines deviate becomes available.
No breach required. No direct engagement with your systems.
Where are we visible before we are vulnerable?
Image 3: What Adversaries Can See Before They Attack.
At IntSpired®, our work is focused on that earlier phase of the threat lifecycle. We help organisations understand their own signal exposure before an adversary does, and identify where intelligence may already be accumulating against them.
That means looking beyond the obvious breach point: adversary visibility, pre-attack intelligence, wireless and RF exposure, OSINT, technical reconnaissance and the overlap between digital and physical risk.
The organisations that understand this earliest are the hardest to target.
INTSPIRED®
OFFENSIVE BY DESIGN. INTELLIGENT BY NATURE.
Sources / further reading:
This post draws on open-source reporting and public material, including:
National Crime Agency, National Strategic Assessment of Serious and Organised Crime (2024)
National Cyber Security Centre, Annual Review 2024 (2024)
Royal United Services Institute, Operation Destabilise: Russia, Organised Crime and Illicit Finance (2024)
Ofcom, Radio Frequency Jammers: Spectrum Offences under the Wireless Telegraphy Act 2006 (2023)
Privacy International, IMSI Catchers: UK Authorities Play Hide and Seek with Use of Intrusive Surveillance Technology (2023)
Top comments (0)