They approach a person with debt, a difficult divorce, or a grievance against their institution who happens to be a soldier.
That distinction explains why most military counterintelligence programmes miss the majority of recruitment attempts. They screen for ideology.
Dark web recruiters exploit finances.
OT-057 our latest OBSIDIAN-TRACE deep dive documents what that actually looks like from the inside: the question patterns used to map access without triggering security awareness training, the four-phase progression from "initial trust" to "operational tasking," and critically the CTI detection signals that appear on dark web forums weeks before any individual is ever approached.
The finding that concerns us most: Eastern Flank military expansion is producing a larger, less thoroughly vetted personnel pool at exactly the moment adversarial recruitment incentive is at its peak. The signals we're monitoring are consistent with that assessment.
The report covers detection methodology, MITRE ATT&CK mapping, and specific recommendations for counterintelligence officers and security programme designers.
TLP:WHITE — available at aether-intel.com
Top comments (0)