Every radio transmission, every Wi-Fi handshake, and every powered-on smartphone is a signal — and signals can be detected, located, intercepted, and exploited. Electronic warfare (EW) is the domain of conflict fought over the electromagnetic spectrum, and it is no longer confined to nation-state militaries. Cheap software-defined radios, consumer drones broadcasting unencrypted telemetry, and ubiquitous cellular surveillance mean that the prepared citizen must understand signal security not as an abstract military concept but as a practical layer of personal and community defense. This page covers the EW threat environment, the principles of signal and operations security, and the tools and techniques that allow a small team or individual to both protect their own emissions and detect hostile ones.
The Electromagnetic Threat Environment
The modern signal environment is hostile by default. Smartphones continuously transmit location data, voice recordings, and network identifiers to servers controlled by third parties. Vehicles with embedded 4G modems broadcast driving data. Consumer drones like DJI models transmit operator GPS coordinates in plaintext via the LightBridge protocol — a vulnerability that has been exploited in active combat zones to target drone operators with artillery. Even encrypted messaging apps provide limited protection when the endpoint device itself is compromised: if the operating system is logging screen activity or the microphone is functionally active, the encryption of the transport layer is irrelevant.
Pattern-of-life analysis compounds these vulnerabilities. Intelligence professionals do not need to break encryption to extract useful data; changes in communication behavior — suddenly switching from SMS to Signal, beginning to use a VPN, or going radio-silent — are themselves detectable indicators that flag heightened operational security awareness. Fusion intelligence combining signals intelligence (SIGINT), human intelligence (HUMINT), and open-source data means eliminating a single channel does not provide comprehensive protection. The guiding assumption should be that all platforms are already compromised, and sensitive information should simply not be shared on any digital platform unless the specific operational need justifies the risk.
This threat environment extends well beyond government surveillance. Low-cost RF jammers are increasingly used in criminal contexts — to prevent victims from calling emergency services, defeat GPS tracking on stolen vehicles, or disrupt security systems during burglaries. The proliferation of inexpensive EW tools means that understanding these threats is no longer optional for security-conscious citizens. For deeper treatment of the digital privacy baseline that underpins signal security, see Digital OPSEC, Privacy, and Encryption and Digital Security, Privacy, and Alternative Infrastructure.
Radio Direction Finding: The Core EW Threat to Communicators
The single most important EW concept for any radio operator is radio direction finding (RDF). Every transmission reveals the transmitter’s presence, and with relatively simple equipment — a radio receiver, a directional antenna, and some geometry — an adversary can determine bearing, distance, and ultimately location.
A single bearing gives general direction. Two bearings from different positions create a “cut” giving approximate range. Three or more produce a “fix” — typically accurate to roughly 1,500 meters circular error of probability (CEP) at 20-25 kilometers, which is well within artillery engagement parameters. Airborne DF platforms are more accurate than ground-based ones. Traffic analysis layered on top of DF allows adversaries to identify net control stations, estimate unit size, and map organizational structure without ever decrypting a single word.
Encryption does not defeat direction finding. Encrypted radios prevent interception of message content but provide zero protection against DF, because DF targets the signal itself — the RF energy radiating from the antenna — not the data it carries. This is a critical distinction that many people miss.
The primary countermeasure against DF is transmission brevity. In high-threat environments, individual transmissions should be kept to 2-3 seconds. In lower-threat scenarios, 8 seconds is the upper limit. The “Break” technique — segmenting long messages into short chunks with pauses — maintains information flow while limiting the time window available to DF operators. Proper call sign discipline, elimination of unnecessary words, pre-formatted reports, and the habit of composing the entire message before keying the mic all reduce time on air. These procedures are covered in detail in Radio Procedures, Net Operations, and Message Formats.
Additional emission security measures from ground reconnaissance doctrine include masking antenna locations behind terrain, employing directional antennas to limit the directions in which energy radiates, and transmitting at the lowest power setting that achieves reliable communication. When encountering interference, jamming, or deception, operators should remain calm, avoid disclosing that jamming has been detected, switch to higher power if necessary, reorient antennas, report the activity using the MIJIREP format, and transition to alternate frequencies per the pre-established PACE plan.
Counter-Drone Electronic Warfare
The drone threat has driven EW into the daily tactical reality of ground forces. Counter-drone methods fall into two broad categories: signal-based interdiction and kinetic targeting.
Signal-based methods range from brute-force spectrum jamming to sophisticated link hijacking. Brute-force jamming floods the relevant frequency bands with enough power to overwhelm the drone’s receiver, severing the control link. Many commercial drones are programmed to return to their launch point when the link is lost, which limits the effectiveness of jamming alone — the drone doesn’t crash, it just goes home. More advanced systems, like those developed by Drone Shield, can co-opt the drone’s communication protocol and force a controlled landing. Directed microwave energy using phased-array antennas represents the hard-kill end of the electronic spectrum, physically destroying internal electronics rather than merely disrupting communications.
FPV drones present a harder electronic target because they use frequency-hopping spread-spectrum radios that cover wide bandwidths, making targeted jamming difficult without also degrading friendly communications. Blanket-spectrum jamming requires substantial power and creates severe second-order effects on friendly electronic systems — radios, GPS, and networking equipment all suffer.
The most tactically decisive counter-drone method identified in the Ukraine conflict is targeting the operator directly. The operator is stationary, predictable, and represents a far higher-value target than the expendable drone. DJI’s LightBridge protocol inadvertently aids this targeting by broadcasting operator location in plaintext — a critical OPSEC failure baked into the commercial hardware. Understanding these vulnerabilities matters for anyone considering COTS drone employment: the communications link is a significant attack surface regardless of the drone’s physical performance. Tethered drones, which can be controlled entirely over a physical wire with no RF emissions, are notably resistant to signal-based countermeasures.
For more on the drone threat and counter-drone considerations, see Enemy Electronic Warfare Threats and Communication Vulnerability Assessment.
Software-Defined Radio for Spectrum Awareness
Cheap software-defined radios (SDRs) have made basic spectrum monitoring accessible to civilians for the first time. Devices like the Tiny SA Ultra, HackRF with PortaPack, and the Signal SDR Pro allow passive reception across wide frequency ranges, turning the electromagnetic spectrum from an invisible abstraction into something you can see and analyze.
Jammer detection is one of the easiest SDR applications. Jammers produce a distinctive signature: a broad, elevated noise floor spread across a wide frequency band, clearly visible on a spectrum waterfall display. By monitoring known frequency ranges — GPS (1575.42 MHz), Wi-Fi (2.4 GHz and 5 GHz), and common drone control frequencies — an operator can quickly identify whether jamming is occurring, estimate its bandwidth, and determine its relative direction and proximity by signal strength. This is purely passive activity requiring no transmission, meaning it carries zero DF risk.
Drone detection via SDR is similarly straightforward. DJI drones transmit on predictable frequencies, and their LightBridge telemetry can be decoded using freely available software to extract both the drone’s GPS position and the operator’s GPS position in real time. This capability, once the exclusive domain of military EW units, is now achievable with a $300 SDR setup and open-source decoding tools. Non-DJI drones using analog video or standard digital protocols are also detectable, though extracting operator location data depends on the specific protocol in use.
Spectrum baselining is the foundational practice that makes anomaly detection possible. By recording the normal RF environment at a given location over time — noting which signals are always present, their frequencies, their typical strength — an operator builds a reference against which new or unexpected signals stand out. A new persistent signal in the 900 MHz band appearing overnight at a rural property, for example, warrants investigation. Without a baseline, you cannot distinguish the abnormal from the routine.
SDR operation is entirely passive when used in receive-only mode, and receive-only monitoring is legal in the United States under current FCC regulations. Transmitting with an SDR requires appropriate licensing. For broader context on radio equipment and capabilities, see Radio Equipment Selection and Deployment.
Practical OPSEC for Teams and Individuals
Signal security does not exist in isolation — it is one component of a comprehensive operations security (OPSEC) posture. The five-step OPSEC process used by military planners translates directly to civilian application:
- Identify critical information. What do you need to protect? Location, travel patterns, communication networks, supply caches, team membership, and operational plans are common categories.
- Analyze threats. Who would want this information, and what collection capabilities do they have? This ranges from nosy neighbors with scanners to sophisticated state-level SIGINT.
- Analyze vulnerabilities. How could your critical information be observed, intercepted, or inferred? Every electronic device, every predictable routine, and every social media post is a potential vulnerability.
- Assess risk. Combine threat and vulnerability to determine which exposures are most dangerous and most likely.
- Apply countermeasures. Implement changes — behavioral, procedural, and technical — proportional to the assessed risk.
For small teams, practical OPSEC measures include establishing communication windows rather than transmitting on demand, using brevity codes and authentication tables that change on a set schedule, physically separating planning discussions from any electronic devices, and rehearsing communication plans so that radio procedures become reflexive under stress. The discipline of composing messages before transmitting — writing it down, editing for brevity, then keying the mic — is one of the highest-value habits a communicator can develop.
Personal security (PERSEC) overlaps heavily with OPSEC. Social media accounts, vehicle registration data, property records, and even fitness tracker data create exploitable signatures. The principle is simple: information that doesn’t exist publicly cannot be collected. Aggressive minimization of your digital footprint — not merely privatizing social media accounts but questioning whether each account needs to exist at all — is the most effective single countermeasure against open-source intelligence collection.
Key Principles Summary
- All transmissions are detectable. Encryption protects content, not the fact of transmission. Brevity and emission control protect against direction finding.
- The spectrum is observable. Cheap SDR tools allow passive monitoring that detects jammers, drones, and anomalous signals without any transmission risk.
- Devices are liabilities until proven otherwise. Smartphones, vehicles with telematics, and commercial drones all emit signals that can be exploited. Default to off, physically disconnected, or left behind.
- Behavior is a signal. Changes in communication patterns are themselves intelligence indicators. Consistency and pre-planning reduce detectable behavioral shifts.
- Layer your defenses. No single measure — encryption, brevity, SDR monitoring, or digital hygiene — provides complete protection. The combination of procedural discipline, technical countermeasures, and informed awareness creates a security posture that is genuinely difficult to penetrate.
Electronic warfare is no longer a specialized military discipline conducted by dedicated units with million-dollar equipment. It is the operating environment. Understanding it — even at a basic level — transforms a communicator from an unwitting beacon into a deliberate, disciplined operator who controls what the electromagnetic spectrum reveals about them.