The rules of security for underground operations are strict and universal. They apply equally to criminals, spies, terrorists and drug dealers. Regardless of the secret activity, the security rules for protecting the operators remain constant.

University of Hard Knocks Cheat Sheet

Recently a couple of great posts illustrating the universal nature of operational security principles have appeared on Reddit. They both present lessons learned from life experience gained in America’s drug war. This war is a fertile ground for underground organizations to gain deep skill sets in the rules clandestine operations. How to operate secretly and securely against a formidable, determined and well resourced adversary.

Drug Dealing, the missing manual

A police officer has provided a list of operational security rules for drug dealers. These rules deal with avoid interacting with security forces, as well as recommendations on how to handle those interactions. There are also rules for avoiding the most serious consequences of interdiction by the security forces. Interaction with the opposition is a fact of life and a constant danger when operating clandestinely.

Here is his guide:

  • If you’re a low level dealer, your chances of getting caught go down a lot. Unless we catch you in the act of selling or with product, it takes way too much money to throw an investigation together to catch you.
  • If you’re getting your product off the [Dark Net Market] and get a [Controlled Delivery], deny everything and get a lawyer. Your charges will be dropped.
  • Do not carry a gun. Your charges triple if you are caught with a firearm while selling any illegal substance and you will be in prison.
  • Hiding your drugs in some crazy place in your car is dumb. If we are pulling you over for drugs, we are finding those drugs, otherwise it’s probably just a normal traffic stop.
  • If the police come knocking, do not answer. Again, if we have a warrant, we are entering, no questions asked. Otherwise, you have no obligation to answer the door and doing so can open a can of worms that you want closed.
  • Have a life outside of dealing. If caught, your chances of going to jail go down a lot. If you deal for a living and have nothing else in your life like college, a job, or kids, you’re more than likely going to spend some time in jail.
  • Don’t advertise on social media. Seriously, you’d be surprised at the number of times this happens. “Anyone need any tree?”, you’re getting arrested in a week, tops.
  • Use a burner phone that isn’t attached to your name. If found as evidence, say you found it on the side of the road and then plead the 5th.
  • Lawyer the fuck up. Having a lawyer is like having lube during anal sex, sure it will still hurt, but it will go a lot easier than not having it.
  • Know your rights. My God people. If you are in handcuffs, shut the fuck up. Don’t cry. Don’t beg. Just sit in the seat, and calm the fuck down. Any word you say past “I plead the 5th and I am requesting a lawyer” will pretty much erase any deniability you have.
  • If you’re ordering from the [Dark Net], do not brag about it.
  • Keep your stash off your property. Seriously. If we have a warrant and come up empty, you’re pushed to the bottom of the investigation list and will not be in jail at the end of that raid.
  • Don’t tell anyone you’re close to that you deal. Your girlfriend is going to get you in prison. Your friends will be interrogated, as will your family. If they don’t know anything, you make a much better case for yourself.
  • Don’t live with your girlfriend. Dealing is a life/career choice and it has requirements to keep yourself out of prison. This is one.
  • Break one law at a time.
  • Don’t corner deal. Somehow this is still a thing in our city. You will only last 3 weeks, tops.
  • If you sell the best stuff in town, you’re name is going to get thrown around a lot.

Source: /r/Drugs (via: Twitter)

Biggie Smalls and Moscow Rules

The next story to review is from the opposite end of the war on drugs. A cocaine dealer who was busted via an informant. In his post on Reddit he relates how he was arrested and the mistakes he made that got to his there. In particular, look out for the opsec violations of both the Moscow Rules and Biggie Smalls’ 10 Crack Commandments.

(Emphasis added) Via: Twitter

OPSEC Fails

The opsec fails are two fold, firstly he violated the Moscow rules. The second of the Moscow rules is: Never go against your gut. This is violated several times. Clearly, he could tell that the operation was unusual and not normal, it has several red flags. Rather than pay attention to these, he let greed cloud his judgement and he brushed them aside. For the security forces, this was a sound application of MICE.

The second opsec fail was to keep contraband at his home. Incriminating evidence is always dangerous, but when stored at the home there are strong links between the contraband and the home resident. This is mentioned above, by the police officer and also by Biggie Smalls:

Comparative Analysis of Drug Dealer Security

There is no time or space to fully explore the various articulations of the same core operational security rules that drug dealers have discovered. I would like to mention another great resource for analysis:

  1. Barry Cooper’s Never Get Raided Again
  2. Barry Cooper’s Never Get Busted Again

The Barry Cooper videos are full of amazing tradecraft applied to drug operations, and it is comparable to the tradecraft employed by spies. Dead drops in particular are very popular in some places, such as Russia. The correlation of drug dealer tradecraft and espionage tradecraft is a phenomena I’ve been following for years, for example here and here.

Operational Security is Blind

The principles of operational security are the same regardless of operational activity. Observing how the same core security principles are discovered and applied over and over again in different clandestine activities is fascinating and rewarding.

The rules of clandestine operation are constant, regardless of the operational activity.

Information Security Researcher :: https://gru.gq :: keybase.io/grugq :: https://www.patreon.com/grugq