An infiltrator is someone who infiltrates a group or network by posing as someone they are not in order to gain information or destabilize the group or network. They may come from police, intelligence or military forces, from a private company or contractor, or they may act for ideological reasons (e.g. fascists) or under duress (e.g., they are told they will be imprisoned if they don't work as an infiltrator).
Stop Hunting Sheep describes five basic types of infiltrators:
- Hang Around: Less active, attends meetings, events, collects documents, observes and listens.
- Sleeper: Low-key at first, more active later.
- Novice: Low political analysis, “helper”, builds trust and credibility over longer term.
- Super Activist: Out of nowhere, now everywhere. Joins multiple groups or committees, organizer.
- Ultra-Militant: Advocates militant actions and conflict.
Infiltration can be “shallow” or “deep”. A shallow infiltrator may have a fake ID, but is more likely to return to their normal life over the weekend. Shallow infiltration generally occurs earlier in the intelligence gathering lifecycle than deep infiltration, when targets are still being identified. In contrast, a deep undercover lives the role 24 hours a day, for extended periods of time (with periodic breaks). They may have a job, an apartment, a partner, or even a family as part of their undercover role. They will have a fake government-issued ID, employment and rental history, etc.
See the infiltrators topic.
Used in tactics: Incrimination
Mitigations
| Name | Description |
|---|---|
| Attack | You can attack infiltrators when uncovered or years later[1] to discourage the practice — police infiltrators are likely to be less enthusiastic if there is a local precedent of violence against them. |
| Background checks | Background checks can help ensure that someone in your network is not an infiltrator. |
| Need-to-know principle | The need-to-know principle controls the flow of information through networks to make them more opaque and difficult to disrupt. If an infiltrator isn't involved in an action, they shouldn't know who was involved even if it's their own roommate. |
| Network map exercise | A critical examination of the links in your network can make it more resilient to infiltration attempts. |