1 / 15

Threat Awareness Why, What, Who and How?

Section Eleven: Threat Awareness and Defensive Measures Note: All classified markings contained within this presentation are for training purposes only. Threat Awareness Why, What, Who and How?. Why is the United States a target?

eliot
Download Presentation

Threat Awareness Why, What, Who and How?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Section Eleven: Threat Awareness and Defensive MeasuresNote: All classified markings contained within this presentation are for training purposes only.

  2. Threat Awareness Why, What, Who and How? • Why is the United States a target? • The U.S. is a dominant political, economic, and military force in the world which makes it the number one target for foreign espionage • Individuals in both government and industry in almost 100 countries conduct espionage against the United States for one or more of the following reasons: • It competes with the U.S. for global or regional political and economic influence • It is a developing country that believes its economic future is dependent upon the rapid acquisition and development of new technologies by any means • It competes with U.S. companies in the global marketplace for the sale of advanced technologies or military weaponry  • It feels threatened by a hostile neighbor and seeks to develop or obtain the most advanced military technology or ways to influence U.S. policy, toward itself and the neighboring country

  3. Threat Awareness • Why, What, Who and How? (cont.) • What is the Threat? • Any person who lacks the proper security clearance and need-to-know, but still seeks to gain unauthorized access to classified or sensitive information • Foreign Intelligence Service (FIS) networks (including those of “friendly countries”) are worldwide and ever present, and they want our technology or want to sabotage our progress • FIS networks obtain critical information and technology through open sources, friendships, and recruitment of U.S. citizens with access to the information they want • Human intelligence (HUMINT) gathering is the foremost threat, since all espionage recruitment begins with individuals

  4. Threat Awareness • Why, What, Who and How? (cont.) • Other sources of the threats to sensitive and classified information include: • Foreign or multinational corporations • Foreign government-sponsored educational and scientific institutions • Freelance agents (some of whom are unemployed former intelligence officers) • Computer hackers • Terrorist organizations • Revolutionary groups • Extremist ethnic or religious organizations • Drug syndicates • Organized crime

  5. Threat Awareness • Why, What, Who and How? (cont.) Top Targeted People and Industries Top Targeted Technology • Aerospace and defense industries • Cleared or accessed employees • Military personnel • Commercial enterprises (economic) • Visitors • Family, friends or neighbors • Foreign Nationals • Students • Information Systems and Security • Laser, Optics and Sensors • Aeronautics Systems • Electronics • Marine Systems • Positioning, Navigation and Time • Space Systems • Materials and Processes • Ground Systems • Armaments and Energetic Material

  6. Threat Awareness • Counterintelligence • Foreign Intelligence Services assign intelligence officers to work throughout the world • They are sent under the cover of an official position or as a visitor • They in turn operate “agents,” who collect information on behalf of the foreign government • The main objective of intelligence services is to obtain • Sensitive or classified information • Advanced U.S. technology • Economic intelligence • Foreign Intelligence Officers are frequently evaluating individuals for potential recruitment • Different recruitment techniques or approaches are used • The promise of financial gain • Blackmail • Gaining trust through personal relationships • Seeking out disgruntled employees

  7. Threat Awareness • Counterintelligence Collection Techniques • Foreign Intelligence Services (FIS) use every technique possible to gather sensitive or classified information to include: • Unsolicited requests for information (i.e., telephone, fax, email, social media, or in person) • Acquisitions of technology and companies • Solicitation of marketing services • Exploitation of • Relationships • Dissatisfactions or personal problems • Foreign visits • Cultural commonality or mutual interest • Conventions, seminars and exhibits • Terrorism and Blackmail • Suspicious internet activity (Hackers or Viruses) • Foreign employees and/or intelligence officers • Those who volunteer to commit espionage represent the greatest source of sensitive and classified information loss

  8. Threat Awareness • Insider Threats • A trusted insider • Anyone with legitimate access to information, personnel, or facilities that may intentionally or unintentionally pose a threat • Common insider threat indicators include: • Personality/Behavior Change • Arrogance/Entitlement/Greed • Belligerence • Carelessness • Anger/Revenge • Financial Need/Desperation • Gross and frequent security incidents • Adventure/Thrill • Unexplained wealth • Inappropriate use of information and/or systems • Questionable visits by foreigners • Unexplained or unreported foreign travel

  9. Threat Awareness • Social Networking • Social networking websites (e.g., MySpace, Twitter, Facebook, etc.) are a cybercriminal haven for: • Identity theft • Obtaining personal information for illicit purposes • Spreading malware and viruses • Spreading false information • Convincing or scaring people into buying fake security products • Stealing {Company} information • Phishing attempts, Fraud etc.

  10. Threat Awareness • Social Networking (cont.) • Some of the most common gateways to hacker attacks, information theft, viruses and other damaging incidents: • Carelessness with passwords • Willingness to open unexpected email attachments • Ignorance about the risks posed by wireless, mobile devices • Naiveté towards social engineers asking seemingly innocent questions • Laptop loss due to theft or carelessness • Reduced emphasis on physical security of personal work space and materials • Cavalier attitude towards security policy and procedures • What do they all have in common? They all involve people.

  11. DO: Log off the sites when you are finished Cancel unused accounts Avoid clicking on links or downloading files Mark your profile "private" and not open to public view Limit use of personal identifiable information (birth date, address, employer, etc.) Be aware that people can easily assume identities of people you do trust in order to gain your confidence Remember that you are a representative of {Company} • Defensive Measures • Social Networking • DON’T: • Use the same password for multiple sites • Share your passwords with anyone or cache or save passwords • Use untrusted third-party applications or add-ons • Use your work email address • Share {Company} sensitive or classified information • Allow unknown people to be added as friends • Once someone is added as a friend they gain a false trust

  12. Defensive Measures • Operations Security (OPSEC) • The OPSEC process • Identifies, controls and protects sensitive information that can be interpreted or pieced together by an adversary to derive critical sensitive or classified information • Procedures (i.e., security requirements, logistics, procurement or travel plans, and personnel or financial statistics) • Activities (i.e., upcoming tests, marketing strategies, and operating locations) • The five key elements of the OPSEC process: • Critical Information • Vulnerabilities • Threat • Risk Assessment • Countermeasures

  13. Actions you can take to reduce or mitigate the risk of threats: Know and practice good operations security at work, at home, and while on travel Refrain from discussing business in public places Be alert to overly inquisitive people asking about the type of work you do, business information, or about your personal life Protect and secure your {Company} badge Use secure communications Do not send sensitive or classified information via unclassified email or fax Use Secure Telephones when discussing sensitive or classified information Use proper destruction methods for sensitive and classified information Only share sensitive or classified information with individuals with the appropriate security clearance and a need-to-know Never provide anyone with more information than is absolutely necessary to accomplish your objectives Conceal operations • Defensive Measures • Operations Security (OPSEC)

  14. Defensive Measures • Foreign Travel • Traveling abroad carries a potentially higher threat level • Effective countermeasures before and during your travel abroad include but are not limited to: • Plan and prepare well before your travel • Develop a personal travel plan and give it to your office and family • Learn about the culture, customs, and laws of countries you visit • Maintain a low profile; do not attract attention to yourself, your company, or any official U.S. Government affiliation • Be cautious about providing information to anyone you do not know • Refrain from bringing portable electronic devices unless it is mission critical • Only store the information needed for the mission on password protected devices • Use encrypted removable media or hard drives • Maintain personal cognizance of portable electronic devices • Use inconspicuous carrying cases

  15. Report the following to Security Any attempts to obtain sensitive or classified information and any other suspicious circumstances Anyone who appears to be contemplating espionage, compromise, damage to government or {Company} information systems Criminal activity Attempts by anyone to obtain illegal or unauthorized access to sensitive or classified information Contacts with known or suspected intelligence officers from any country Any adverse information that negatively reflects on the integrity or character of any cleared person and suggests an inability to safeguard sensitive or classified information All foreign contacts All foreign travel Be sure to receive your pre-travel briefing before leaving the country Complete your debriefing upon return • Threat Awareness and Defensive Measures • Reporting Requirements

More Related