As part of the now famous “Snowden Leaks,” WikiLeaks revealed a PowerPoint presentation made by the GCHQ, entitled “The Art of Deception: Training for a New Generation of Online Covert Operations.”

From the “About Us” page of GCHQ:

Who we are

Employing over 6,000 people from a range of diverse backgrounds, we strive to keep Britain safe and secure by working with our partners in the Secret Intelligence Service (MI6) and MI5. Our headquarters is based in Cheltenham, with regional hubs in Scarborough, Bude, Harrogate and Manchester.

This presentation was entirely about manipulation of human attitudes and beliefs. It talks about a variety of social engineering, propaganda, and persuasion techniques for affecting behaviors and attitudes to disruption techniques and human intelligence gathering via the Internet.

GCHQ - The Art of Deception slide
GCHQ – The Art of Deception slide
GCHQ - The Art of Deception slide
GCHQ – The Art of Deception slide

Here we see the the purpose of the Joint Threat Research Intelligence Group arm of the GCHQ. It includes gathering online human intelligence, exerting strategic influence (over attitudes), and disruption and CNA (computer network attacks.)

Wired helps define CNA here:

If you think of CNE (computer network exploitation) as the Ocean’s Eleven of cyberattacks, CNA is more like Die Hard.

CNA operations are designed to damage, destroy, or disrupt computers—or operations controlled by computers—such as the Stuxnet attack that targeted centrifuges used by Iran to enrich uranium hexafluoride gas. Another CNA operation attributed to nation states is the air-to-ground hack conducted by Israel in 2007 against Syria’s air defense system. That hack, launched from Israeli planes, was designed to prevent Syria’s automated air-defense system from seeing bomber jets flying in to conduct an air strike against the Al-Kibar complex, believed to be an illicit nuclear reactor Syria was building.

The recent hack of power distribution plants in Ukraine was a CNA, as was the Wiper attack that targeted Iran’s oil industry in 2012. That attack wiped data from machines belonging to the Iranian Oil Ministry and the National Iranian Oil Company. The hack of Sony, attributed to North Korea, would also be considered a CNA operation since the hackers didn’t just siphon data from the company’s network, they also destroyed data and systems on their way out the door.

So JTRIG has little positive influence it seems, they focus on intel and disruption methods. In case you had any doubt about how complex they intend to be, here’s a slide where they make it clear.

GCHQ The Art of Deception
GCHQ The Art of Deception

So now that we know they want to fool us with illusions, challenge our perceptions with smoke and mirrors, and change our way of thinking to match their desired plans, let’s take a look and how they do so.

The Important Techniques

GCHQ The Art of Deception
GCHQ The Art of Deception

The above slide is instructive to today’s situation. Take Charlottesville for example. The event was used to “mask” actual racist policies of banking and lending, law enforcement bias, and educational opportunities by presenting an “alternate” face of racism.

The ideas and ideals of the Third Reich were co-opted, including the “blood and soil” chant and the well-recognized raised hand salute, as were the Southern heritage symbols like the “Confederate flag” and statues of Confederate generals, and the 4chan-centered “Cult of Kek” mythology. They were all melded and “re-packaged” as this new all-encompassing white power threat.

Finally, the “torch rally” caught on many cameras, and surround and invading landmarks on the campus of the University of Virginia and leading the earliest “clashes” thereby whetting the public’s appetite was the “dazzle” effect mentioned above.

Without going into too much detail, the bottom half of the slide would represent the “antifa” aspect of Charlottesville. Organized crowds “mimicked” organic gatherings of peaceful marches we have experienced for ages in this country. A new enemy was then “invented” with the introduction of “black bloc” actors to new audiences, now labelled as “antifa” and “alt left.” All of which serves as a “decoy” to turn attention away from the vast majority of leftist who consistently maintain the non-violence ethic as paramount and whose ideas and ideals are detrimental to the corporations and the establishment.

GCHQ The Art of Deception
GCHQ The Art of Deception

This slide sums up Charlottesville and its numerous children…. Boston, Phoenix, Atlanta, et al. They got America’s attention with more “riot porn,” this time poorly staged, but the audiences are larger, therefore have a “palate” lacking in experience and in no need of nuance. We live in a live-streamed world now, and the establishment knows it. They have their own armies of “indy journalists” on the streets, perfectly placed to capture all the best photos and video.

Now for the past week-and-a-half the news media has shaped our perceptions of the weekend’s events and aided us is making “sense” of the situation. Of course they have largely served to reinforce the “us vs. them” mentality as a whole, again distracting from real issues and creating strife where there should be none.

But they know how to do that. And they know we are now thirsty for more. Everybody wants the scoop. Everybody wants to witness the chaos first (or actually second) hand.

GCHQ The Art of Deception
GCHQ The Art of Deception

So they have us right where they want us, right? Except, you may say, you are not so easily fooled. You know how to follow-the-money. You get that the media is concealing the truth. You are quite vigilant in watching for the hidden scraps of information that others miss.

That’s great…. now be aware…. they know that too.

GCHQ - Gambits For Deception
GCHQ – Gambits For Deception

The fourth component of “Sensemaking” is our topic today. It is called “The Haversack Ruse.”

History of the Haversack Ruse

Palestine. 1917.

The British armies were stagnating. Although they had orders to arrive in Jerusalem by Christmas, progess was slow. Two separate assaults against the Turkish line had proved fruitless. The Turkish army held the line from Gaza to Beersheba, and showed no signs of vacating.

The story goes that British officer Richard Meinertzhagen developed a plan. To enact his scheme, he sent an officer out on horseback to scout near enemy lines. When the scout was sighted, the enemy began to engage and shots were fired. The officer feigned being shot, dropped his canteen, his rifle, and a blood-stained haversack before riding off.

World War I era haversack
World War I era haversack

The sack contained a picture of the officer’s wife, his newborn that he had not yet seen, a 20-pound note, and documents detailing the British attack on Gaza. The Turkish generals moved their line to protect Gaza.

The British attacked the flank at Beersheba and opened the road to Jerusalem.

Probably not true… but well-remembered.


Dudley Clarke. 1941.

Having come of age in between the wars, Clarke got no exposure to combat in World War I, but loved engaging in war games during the interwar period. Having General Sir Archibald Wavell, who had served in the Palestine Unit that “originated” the ruse in question, as his commander gave Clarke much leeway to use disinformation techniques in his war games. He was well known for fooling an “enemy” commander with a trick one time, only top play on that commander’s expectations to fool him a second time.

In 1941, Clarke got to put his skills to the test. Clarke intended to mislead the Italians concerning British intentions in Abyssinia. The British were attempting to root Mussolini’s forces out of the Horn of Africa, where they were well-entrenched. The plan was to get Italy to expect an attack on Abyssinia while the British actual target was Eritrea to the north. The disinfo was disseminated, and Italian command believed in its veracity. However, Mussolini’s commanders decided they couldn’t hold off the British in Abyssinia, so pulled out entirely and reinforced their holdings in Eritrea, where the attack was actually planned. While the bait was taken, the desired results never panned out.

Lt. Col. Francis (Freddie) de Guingand

During the mechanized fighting in the deserts of North Africa, knowledge of the terrain was of utmost importance. Areas of soft, shifting sands were not conducive to the movement of heavy equipment and could cripple an advance.

Many highly-detailed British maps of the deserts of North Africa had been lost and/or captured by the Germans, giving Rommel and his leaders valuable information. In order to counteract this effect, Lt. Col. de Guingand attempted a ruse of his own.

He worked up a stunning false map, complete with tea stains, sent it in a sack carried by an officer driving a scout car. That car “happened” to drive through a German mine field, and the map was “captured.”

The map was captured and false information was thus fed to Rommel, who no doubt  wasted much fuel getting stuck in thick sands not marked on the “map.” The plan was somewhat successful, but was so complex in its machinations that to this day no one is sure whether the dead officer was dead before “driving” into the mine field, or was a volunteer looking to escape or sordid past.


Late in the war, another “dead officer” ruse was used to confuse Hitler as to Allied plans for the invasion of Southern Europe. Hitler knew the Allied forces intended to invade the southern coast of Europe, but was unsure where that attack would occur. Sicily was considered the obvious choice, so Allied leaders wanted to muddy the waters.

Letters were written discussing the possibility of initial actions occurring either in Greece or along the Balkan coastline. These correspondences were safely stashed in a briefcase of a Major who had previously passed away. The body, along with the briefcase, was slipped into the waters off the Spanish coast. The body washed up as expected and the documents were discovered. So precious was the information regarded that it was hand-delivered to Hitler.

The Allied attack began, as planned, in Sicily.

Thomas Reed – Gus Weiss

Reed, a Special Assistant to President Reagan, used Weiss’ concept of leaking “technical improvements” to the USSR. The Soviet Union was touting the advances of their new Trans-Siberian gas pipeline.

Thomas Reed designed a computer control system software that would be perfect for use in regulating the pumps on the pipeline. That information was “secreted away” before being “lost” by a US agent and “discovered” by the KGB.

Later reports claimed the designs were purchased from a Canadian company, an obvious attempt by the USSR to cover their shame.

In June 1982 a control system failure caused a three kiloton blast in Siberia, crippling the new pipeline.

Brief Analysis of the Haversack Ruse

In their seminal work, Gene A. Coyle and Alexander Wilson break down the most important aspects of a successful ruse. The three most important takeways for our purposes are:

  1. The conclusion hopefully to be drawn by the enemy from a deception operation
    has to be reasonably close to something it already believes or fears is possible to
  2. A deceiver needs to understand well the mentality, culture, and history of the
    enemy to be deceived so as to craft the ploy correctly—and to be able to
    accurately predict the reaction to such planted information
  3. The delivery method of the ploy seems less important than the credibility of the
    message being delivered

In other words, the ruse must play on preconceived notions or fears already held by the target. As a society, we are being ever more isolated from each other, which already leads to distrust among groups. This “us vs. them” thinking leads to a variety of mis-beliefs about outsiders.

The deceiver needs to understand his audience and their background and tendencies to be effective. Modern America is more open to analysis than ever. Not only are we more “connected,” but we are ever more willing to openly share some of our most wild desires and hatreds behind the relative anonymity of a computer keyboard. Entire industries have developed around the collection and analysis of that information, sometimes known as “Big Data.”

The final point is that it really doesn’t matter HOW the false information is disseminated, as long as it meets the first two criteria. Make it believable, and/or play on your target’s fears, and they will jump at the chance to accept your information.

The Virtual Haversack

Today our society is more connected in some ways than ever. Tens of millions of Americans turn to the Internet every day for news or entertainment, or just to catch up with friends or kill time. That is one heck of a large, willing audience. Advertisers wrangle all kinds of ways to get in front of our eyes, and get our clicks.

“Clickbait” has long been used and frequently features words like “EXPOSED,” “REVEALED,” or “BUSTED” to convey a special kind of breaking news. These are meant to be stories that uncover a hidden truth. They rarely, if ever, deliver on those promises.

In the past few years, we have seen a rise in independent and citizen journalism. (Hello!)

What this means is there are many more eyes, ears, and fingers digging for information than ever before. With so many folks, the information doesn’t stay buried long, and secrets became harder to hide.

Options were few. The entire Internet could be shut down, scrubbed, or highly regulated and controlled, but that would likely meet with much resistance.

The other, clearly better, option was to begin using the information conduit as a distraction tool. By overloading the web with all the information that could be scanned or created it gave all the new researchers plenty of hidey-holes to climb into.

As consumers of information we have more options than we can imagine, and few ways to verify the accuracy of much of what comes our way. This has always been true, even from the point-of-view of our basic human senses. But we develop heuristics, or tools that we use to unconsciously make snap decision on most things. Without heuristics, we would be crippled by choice, needing to evaluate all possibilities at every turn. But again, these tools can, and are turned against us.

Advertisers again rely on heuristics to sell to us. “Expensive = Good” is a well known example. Consumers generally believe that higher priced items are of superior quality, without checking the validity of said assumptions.

What About the Haversack Ruse?

OK, so enough about the psychology of attitude change. Let’s talk about now.

Steele Dossier and FusionGPS

Remember when the “Steele Dossier” came out concerning Donald Trump and his supposed adventures in a Moscow hotel room? You know, the one many folks loved because it played to their wishes and most prurient interests. Untold days have been spent by the mass media analyzing it, digging into the folks mentioned, finding more “juicy” clues, and generally opining when nothing else was available.

This was it. They were bringing down Trump.

So what happened? Where’d it go?

All that has really come from this whole investigation is the interference of FusionGPS in a wide variety of places and events. Every time someone draws a connection between a Trump ally and a Russian contact, two more are drawn to his detractors. In the end, nothing is coming of it.

Time wasted, nothing gained = The aim of a haversack.


I won’t go into the whole thing here, there is no point. But I mention it in order to note that the investigations began as a rational analysis of some VERY strange looking emails that had been released by WikiLeaks. Words that seemed to be code were questioned and tracked, and some questions were raised. Somewhere along the way, floodgates opened and surprises popped up everywhere. Suddenly everyone had a lead, or a piece of evidence. Many rabbit holes were explored, with some even literally going underground.

The entire thing turned into a feeding frenzy and it all collapsed in on itself. Anything that may have been in there, be it weapons shipments or worse, is lost, at least for now.

With so many channels, it is quite likely that someone dumped false information. Whether to distract from an actual damaging secret or someone just inventing details “for the lulz,” with so much distraction, it’s clear there were a few haversacks scattered among the “findings.”

The Antifa Manual

The most recent event that is an obvious haversack is the reported “dropping” of an official “Antifa Manual.” It seems as though this was another 4chan effort, apparently originating on the /pol/ board. Reports varied as to who dropped this secret document and where. Some say it was found at Evergreen College (maybe Evergreen State, a liberal arts college in Washington State), while others claimed it was dropped in Charlottesville. Of course the Charlottesville claim is flashier.

Taking a “page” right from the history of the ruse. The scanned treasure even has a pen scribble on it as well as drink staining.

Antifa Manual
Antifa Manual

There are actual guides available, and the “information” in this manual is clearly not meant to be useful. References to “New World Order” microchipping and “controlling the media” have no place in such a guide. One would not be using this as a recruiting method, so convincing the reader of a need for action is not necessary. Controlling the media is also well outside the scope of a manual designed for “street-level” action, and is beyond the capabilities of most at this time.

Not everyone was fooled, even on 4chan.

But the story has still made the rounds, and distracted some would-be detectives for a time.

How to Avoid Falling for a Haversack

I’m not sure we can avoid it at all times. But we certainly can forewarn ourselves. Take stock of your beliefs as far as those you think ill of. Be mindful that news of bad behavior or nefarious doings by some of the folks on your personal “naughty list” may attract your attention more often than positive stories concerning the same subject.

Every time you hear about a “leak,” or find a hidden story tucked away at the bottom of a page that seems too good to have been missed, take three deep breaths, and then assume it is false.

Now, you are in a position to start digging. Look for verification. If you find some, try to verify that supporting evidence. If you can only find a handful of obscure sources, read all of them. More often than not, you will discover that every story traces back to one source. If that source has no proof, then you have avoided being swept away.

Once you have that “proof,” if you find it, make a second effort to find evidence to disprove the initial claim. Then do your due diligence to validate and verify that evidence, and make your decision.

If all the evidence is on CNN, Fox, and the like then you need to spend your efforts on the contradictory evidence, as the media will find all the supporting details for you.

Having put in this effort, you will be much more aware of the situation at hand, and ahead of the media much of the time. Of course, as your knowledge increases, you become susceptible to more subtle ruses.

Remember, JTRIG is claiming to train “Cyber magicians” when really they create only illusion. The better trained you are to spot the wires, the less dazzling the magic becomes.




Please enter your comment!
Please enter your name here