Deception Planning Military Deception Doctrine Applied to Cyber Counter-Intelligence
Deception is one of the oldest disciplines in the intelligence and military operations canon — formalized in US doctrine as MILDEC (Military Deception, JP 3-13.4), in Russian doctrine as Maskirovka, and operationally extended into the cyber domain across the last two decades. The discipline has two operational sides: offensive use in authorized contexts (creating false impressions to mislead adversary decision-making) and defensive recognition (detecting adversary deception so analysts and decision-makers do not act on it). Both sides matter for cyber counter-intelligence work.
This course covers deception planning applied to cyber counter-intelligence — MILDEC doctrine, Maskirovka tradition, deception planning methodology, cyber-domain operational application, and integration with the SATs Deception Detection technique. Foundational reading for analysts working adversary characterization where deliberate deception is operationally normal.
What You'll Learn
Deception planning doctrine applied to cyber counter-intelligence
- MILDEC Doctrine — US Joint Publication 3-13.4 (Military Deception) as the codified doctrine for deliberate adversary-decision-influence operations. Principles of deception, deception planning methodology, and the operational logic that distinguishes effective deception from generic obfuscation.
- Maskirovka Tradition — Russian deception doctrine spanning concealment, misinformation, demonstrations, simulations, and disinformation. The integrated doctrinal frame Russian operators apply across military, cyber, and influence operations. Understanding Maskirovka enables analysts to read Russian operational activity through the doctrinal lens its operators use.
- Deception Planning Methodology — the structured planning approach for deliberate deception operations: deception objective, target audience analysis, deception story construction, indicator management, and observable-feedback loops. The discipline that distinguishes operational deception from improvised obfuscation.
- Cyber-Domain Operational Application — how MILDEC and Maskirovka translate to cyber operations: deceptive infrastructure, false-flag attribution, deliberate technical-detail seeding, and the integrated deception patterns adversary services apply in the cyber domain.
- Deception Detection Integration — operational integration with the SATs Deception Detection technique and Source Evaluation tradecraft. Recognizing adversary deception is the defensive counterpart to deception planning; the two disciplines reinforce each other.
- Authorization Boundaries — explicit treatment of authorization boundaries for offensive deception planning. Deception is a powerful tradecraft; appropriate authorization, legal review, and operational discipline are necessary conditions for offensive application.
Course Content
One of the Oldest Disciplines, Adapted for Cyber Counter-Intelligence
Deception has been operationally consequential in intelligence and military work for as long as there has been intelligence and military work. The modern doctrinal formalization — MILDEC in US practice, Maskirovka in Russian — codifies what experienced operators learned over centuries: deliberate deception works by shaping target decision-making through controlled information environment management, and effective deception requires structured planning rather than improvised obfuscation. The cyber-domain application extends the doctrine into a new operational environment where deception infrastructure can be created at scale, attribution can be deliberately obscured or manipulated, and adversary-decision-influence operations integrate with broader cyber and cognitive warfare campaigns.
This course covers both doctrinal traditions — MILDEC and Maskirovka — with appropriate attention to their structural differences. MILDEC tends toward discrete planned operations with clear deception objectives. Maskirovka operates as integrated doctrine across military, cyber, and influence activity rather than as discrete campaigns. Both produce operational effect; both require recognition for defensive practice. The cyber-domain application brings forward both traditions into the operational environment cyber analysts actually work in. Pairs naturally with SATs Deception Detection and Source Evaluation for the full deception-discipline coverage.
CI Tradecraft Component of The CounterIntelligence Stack
This Deception Planning course is one of the CI-tradecraft components of The CounterIntelligence Stack ($3,999), alongside Insider Threats & Elicitation Methods ($999), Personas / OPSEC ($499), Adversary Targeting ($299), Dirty Tricks ($99), and Cyber CoIntelPro ($59). The Stack also includes the CCIAI flagship and the behavioral-profiling toolkit. Comprehensive counter-intelligence capability at substantial bundle savings.
Common Questions
Deception Planning — FAQ
Counter-intelligence analysts working adversary characterization where deception is operationally normal, cyber threat intelligence professionals analyzing nation-state operations, IC analysts in CI portfolios, authorized red-team operators planning deception in offensive engagements, security researchers studying adversary deception patterns, and analytic methodology trainees building deception-discipline tradecraft.
MILDEC (US Joint Publication 3-13.4) codifies deliberate deception as a discrete operational discipline with clear planning methodology and deception objectives. Maskirovka is the Russian doctrinal tradition treating deception as integrated practice across military, cyber, and influence operations rather than as discrete campaigns. Both produce operational effect; the structural differences matter for analysts reading adversary operations through the appropriate doctrinal lens.
No — it covers the doctrine and tradecraft of deception planning so analysts can recognize it operationally and apply it under appropriate authorization. The course is explicit about authorization boundaries for offensive deception. Most learners use the material for defensive recognition (identifying adversary deception in operational reporting) rather than for offensive deployment.
SATs Deception Detection covers the structured analytic technique for identifying deception in collected information. This course covers deception planning doctrine — the operational logic adversaries use when constructing deception. The two disciplines reinforce each other: planning doctrine teaches what to look for, detection technique teaches how to find it systematically.
Yes. This course is one of 11 components of The CounterIntelligence Stack ($3,999) — one of the CI-tradecraft components. Contributes to the CCIAI (Certified Cyber CounterIntelligence Analyst) certification track.
Treadstone 71 has worked deception planning and detection across two decades of counter-intelligence practice — both MILDEC tradition application and Russian Maskirovka analysis from the doctrinal-source perspective. Foundational capability includes USAF Russian cryptologic linguistics for direct engagement with Russian-language doctrinal sources, academic-grade familiarity with Russian operational tradition, and integration of deception analysis into broader cyber counter-intelligence work. Veteran-owned, woman-led, NICCS-listed, IAFIE-aligned, operational since 2002.
Read Deception Through the Doctrinal Lens. Plan With Authorization.
Self-paced. Intermediate-level. MILDEC and Maskirovka doctrine applied to cyber counter-intelligence. Scroll up to enroll, or consider The CounterIntelligence Stack to combine this with the full CI curriculum and CCIAI certification.
$199 USD Self-paced · Intermediate · Lifetime access · CPE credits