COUNTERINTELLIGENCE TRENDS

Slides:



Advertisements
Similar presentations
Thai delegation Presentation at 4 th ARF seminar on Cyber-terrorism
Advertisements

NATO’S RESPONSE TO NEW SECURITY CHALLENGES Michael Rühle Head, Energy Security Section NATO Emerging Security Challenges Division ATHENA CONFERENCE Athens,
What is Insider Threat? “Potential damage to the interests of an organization by a person(s) who is regarded, falsely, as loyally working for or on behalf.
Classification The Threat Environment Joyce Corell, NCSC Assistant Director for Supply Chain National Defense Industrial Association Global Supply Chain.
DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? "The premeditated, politically motivated attack against information, computer systems,
CYBERSPACE A Global War-fighting Domain Every minute of every day, Airmen in the United States Air Force are flying and fighting in cyberspace.
Addressing Terrorist Use of the Internet, Cyber Crime and Other Threats: National Expert Workshop Forging a Comprehensive Approach to Cyber Security Richard.
DHS, National Cyber Security Division Overview
Management’s Role in Information Security V.T. Raja, Ph.D., Oregon State University.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
CIAO July Critical Infrastructure Assurance Office Protecting America’s Cyberspace: Version 1.0 of the National Plan Jeffrey Hunker National.
Information Warfare Theory of Information Warfare
How to Determine If You Need a Commerce Export License Relatively small percentage of total U.S. exports require a Validated License Most products are.
Physical and Cyber Attacks1. 2 Inspirational Quote Country in which there are precipitous cliffs with torrents running between, deep natural hollows,
Providing Practical Solutions Winning the Talent Wars for Recruiting and Retaining 21 st Century Cyber Engineers Jeff Kubik, PMP, CISSP Sr PM, Praxis Engineering.
The Office Procedures and Technology
1 Introduction to Security Chapter 11 Information Technology (IT) Security.
Module 02: 1 Introduction to Computer Security and Information Assurance Objectives Recognize that physical security and cyber security are related Recognize.
A Secure Frontline September 25, 2003
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
Defensive Travel Briefing Cheryl L. Wieser Regional Security Officer US Department of Commerce (206) (206) Fax Updated 10/03/11 Security.
Personnel Management SAND No C Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United.
1 Brown Bag Luncheon Series Training 09/25/2008 EXPORT CONTROLS AT YALE.
Intangible Technology Transfer and Catch-All Controls June 18, 2003 Timothy Clinton Export Policy Analyst U.S. Department of Commerce.
DEFENSIVE SECURITY BRIEFING. Employee Responsibilities While Traveling Threat Awareness and Defensive Information Methods.
Energy Security Initiative Federal Bureau of Investigation SSRA Matthew W. Espenshade 10/07/2008 Ft. Worth, Texas UNCLASSIFIEDUNCLASSIFIED UNCLASSIFIED.
IAEA International Atomic Energy Agency IAEA Nuclear Security Programme Enhancing cybersecurity in nuclear infrastructure TWG-NPPIC – IAEA May 09 – A.
Chapter 8 Technology and Auditing Systems: Hardware and Software Defenses.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
Section Eleven: Threat Awareness and Defensive Measures Note: All classified markings contained within this presentation are for training purposes only.
THREAT AWARENESS. 1 What is “Threat”? Adversary with intent and capability to act against friendly interests. Other countries Business competitors Criminals.
End User Cyber Security Awareness Training. Who should complete this training This training is required for all individuals that owns a computer, mobile.
Information Warfare Playgrounds to Battlegrounds.
1 Smart Grid Cyber Security Annabelle Lee Senior Cyber Security Strategist Computer Security Division National Institute of Standards and Technology June.
H UMAN R ESOURCES M ANAGEMENT Beki Webster Director, HR, Intelligence Systems Division Northrop Grumman Information Systems July 31, 2009.
INTELLIGENCE SERVICES. The Stratfor Advantage As the world’s leading private intelligence company, Stratfor is able to analyze and deliver timely, accurate.
Salary Possibilities Newly assigned Special Agents start at a yearly salary of $43,441, or also recognized as a GS-10, plus multiple other pay increases.
How Secure are YOU? Information System Audit and Control Association May 2008 Meeting Presented by Brian Findley Counterintelligence Cyber TE Honeywell.
InfraGard A Government and Private Sector Alliance Information sharing begins with human relationships – people talking with people whom they trust. Information.
Sample only Order at Security Awareness Training A threat awareness briefing. A defensive security briefing. An overview of the.
Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.
What Can Go Wrong During a Pen-test? Effectively Engaging and Managing a Pen-test.
A Global Approach to Protecting the Global Critical Infrastructure Dr. Stephen D. Bryen.
ISSUES OF NATIONAL SECURITY ARE NO LONGER SIMPLE!
 U.S. laws and their implemented regulations that prohibit the unauthorized “export” of certain controlled ITEMS, INFORMATION OR SOFTWARE to foreign.
Hurdles in implementation of cyber security in India.
Governor’s Office of Homeland Security & Emergency Preparedness LOUISIANA BANKERS ASSOCIATION 2010 Louisiana Emergency Preparedness Coalition Meetings.
Information Warfare Playgrounds to Battlegrounds.
What is “national security”?  No longer defined only by threat of arms  It really is the economy  Infrastructure not controlled by the government.
Homeland Security, First Edition © 2012 Pearson Education, Inc. All rights reserved. Intelligence and Counterintelligence and Terrorism CHAPTER 8.
Human Factors in Cyber Security: A Review for Research & Education P. Vigneswara Ilavarasan, PhD 1.
Sources of Network Intrusion Security threats from network intruders can come from both internal and external sources.  External Threats - External threats.
Concerned Industry - How To Reach Them Werner Haider EXPORT CONTROL OF DUAL-USE ITEMS AND ARMS: INDUSTRY OUTREACH (Sofia, May 2006)
Argonne Office of Counterintelligence Intelligence Analysis Division Argonne National Laboratory.
1 Export Control of Dual-Use Items and Arms: Industry Outreach Sofia, May, 2006 POLAND’S EXPERIENCES INDUSTRY OUTREACH and PERSONNEL TRAINING JACEK.
CHAPTER 5 NAVY RESEARCH AND DEVELOPMENT CHAPTER 5 NAVY RESEARCH AND DEVELOPMENT MODULE: NAVAL KNOWLEDGE UNIT 2: NAVAL OPERATIONS AND SUPPORT FUNCTIONS.
Overall Classification of this Briefing is UNCLASSIFIED//FOUO
NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholder to insert your own image. CLOUD.
With the ARNG’s vital role in providing support for homeland defense and the war on terrorism, the nature and types of threats against us have become.
Surveillance and Security Systems Cyber Security Integration.
National Workshop on Cyber Crimes and Cyber Laws
Business Counter-Intelligence
College of Engineering Training Agenda
Cyber Crimes Chunlian QU 9/18/2018.
Cybersecurity Awareness
ROHIT RAJ TEMPEST AND ECHELON A SEMINAR BY ROLL NO VII TH SEM
Objectives Telecommunications and Network Physical and Personnel
How to Mitigate the Consequences What are the Countermeasures?
What IS ?.
Technology Convergence
Presentation transcript:

COUNTERINTELLIGENCE TRENDS EXPORT EXPO 2014 December 9, 2014

FBI Counterintelligence Strategic Partnership Program Public Voice for Counterintelligence Issues Point of Contact for U.S. Businesses and Academia Awareness Training

Protect the United States…… FBI Priorities Protect the United States…… ….From terrorist attack ….Against foreign intelligence operations/espionage ….Against cyber-based attacks and high tech crimes Former FBI Director Mueller June 21, 2002 Congressional Testimony

Issue Threat List Terrorism Espionage (National Defense Information) Proliferation (Weapons of Mass Destruction) Economic Espionage National Information Infrastructure U.S. Government Perception Management Foreign Intelligence Activities Economic Espionage – Greatest Threat to US national security since the Cold War.

Top Espionage Techniques Unsolicited Correspondence & Requests for Information Exploitation of Foreign Visits Trade Shows, Exhibits, Symposiums, Conventions & Seminars Electronic Interception Targeting of US Personnel Traveling Abroad Elicitation Cyber Intrusion Operations Social Networking Sites Insider Threat

Foreign Threat Efforts not directed against the “Crown Jewels” Dated military technologies Dual-use technologies Infrastructure-supportive technologies Proprietary Information

Foreign Threat 108 Countries Targeted U.S. Technologies Friend and Foe Rich and Poor Low and High Technologies Government and Private Collection against the U.S. has roughly doubled since the end of the Cold War. Focus of Foreign Intelligence has shifted from military secrets to critical technology and U.S. proprietary economic information. Political and military allies are just as active in technology/economic collection as our traditional adversaries.

Foreign Threat Commercial (Private Companies) Government Affiliated Individual Foreign Government Unknown Affiliation

Foreign Collectors Private Sector Companies Only way to compete with U.S. Gain access to U.S. dominated market Individuals Bolster their stature in a foreign firm Revenge (Terminated)

Foreign Collectors Governments Advanced Countries Leapfrog scientific hurdle w/o time and expense Move closer in parity with United States Give Defense-Industrial base competitive edge Less Advanced Countries Technologies that increase nations power and influence Export controlled – utilize reverse engineering and mass produce

Targeted Technologies FY13 (Military Critical List) Information Systems Information Security Lasers, Optics and Sensors Ground Systems Aeronautic Systems Marine Systems Space Systems Nuclear Systems Chemical Biological Biomedical Armaments & Energetic Materials Directed Energy Systems SOURCE: Defense Security Service (DSS) Targeting US Technologies “A Trend Analysis of Reporting from Defense Industry” 2014 report.

Emerging Technologies Inertial Navigation Systems Positioning, Navigation, & Time Signature Control Materials (Raw & Processed) Synthetic Biology Nanotechnology Cognitive Neuroscience Quantum Systems SOURCE: Defense Security Service (DSS) Targeting US Technologies “A Trend Analysis of Reporting from Defense Industry” 2014 report. Foreign entities’ interest in inertial navigation system (INS) technology has risen over the past several years, as reflected in industry reporting culminating in fiscal year 2013 (FY13). Reported targeting of INS technology rose nearly 60 percent from FY12. The Defense Security Service (DSS) produced this special focus area to alert cleared industry to the increasing foreign threat to INS technology and facilitate the implementation of mitigation strategies to counter that threat.

Best Practices Insider Threats Educate and regularly train employees on security or other protocols Routinely monitor computer networks for suspicious activity Ensure appropriate screening process to select new employees Cyber Educate employees not to open email w/ links or attachments from unfamiliar sources Do not store IP vital to your company on devices that connect to the Internet Establish protocols for quarantining suspicious e-mails INSIDERS’ TECHNIQUES TOOK ADVANTAGE OF INTERNAL ACCESS TO STEAL PROPRIETARY INFORMATION USED COMPUTERS TO DOWNLOAD INFORMATION USED THUMB DRIVES PRINTED DOCUMENTS MOST INTENDED TO USE THE INFORMATION WITH ANOTHER EMPLOYER ONE MAY HAVE DONE SO OUT OF LACK OF RECOGNITION BY CO-WORKERS

Joint Ventures/Joint Research Best Practices Joint Ventures/Joint Research Share the minimum amount of information appropriate to the scope of the joint venture Refuse to accept unnecessary foreign representatives Provide foreign representatives with stand- alone computers 1. Review all documents being faxed or mailed, and translate them when necessary. 2. Provide foreign representatives with stand-alone computers. 3. Share the minimum amount of information appropriate to the scope of the joint venture. 4. Educate employees extensively on the scope of the project and how to deal with and report elicitation. Initial education must be followed by periodic sustained training. 5. Refuse to accept unnecessary foreign representatives into the facility.

Best Practices International Exhibits, Conventions, and Seminars Take mock-up displays instead of real equipment Carefully consider whether equipment or software can be adequately protected Foreign Visitors: Risks & Mitigations Brief all employees about threat issues surrounding foreign visitors Ensure the number of escorts per visitor is adequate Check background and references Exhibits, Conventions, and Seminars – Countermeasures 1. Consider what information is being exposed, where, when and to whom. 2. Take mock-up displays instead of real equipment. 3. Provide detailed travel briefings concerning the threat, precautions to take, and how to react to elicitation. 4. Restrict information provided to what is only necessary for travel and hotel accommodations. 5. Carefully consider whether equipment or software can be adequately protected. Inappropriate Conduct During Visits Countermeasures 1. Brief all employees about threat issues surrounding foreign visitors. 2. Ensure appropriate personnel, both escorts and those meeting with visitors, are briefed on the scope of the visit. 3. Ensure the number of escorts per visitor is adequate to properly control movement and conduct of visitors. 4. Have a Technology Control Plan. 5. Provide employees periodic security awareness briefings with regard to long-term foreign visitors. 6. Check backgrounds and references.

Foreign Travel Considerations Best Practices Foreign Travel Considerations Sanitize your laptop, cell phone and PDA If feasible, use a “clean” laptop, phone and new email account while traveling Do not use non-company computers to log into your company’s network Prior to travel ensure no sensitive contact, research, or personal data in on them. Back-up all information you take overseas. Always consider any information conveyed through a non-company computer to be compromised, even if encrypted.

SA Carmine Nigro Carmine.Nigro@ic.fbi.gov 617-223-6038 SA Dara L. Nussbum Dara.Nussbum@ic.fbi.gov 617-223-6258 SA Bradley E. Davis Bradley.Davis@ic.fbi.gov 617-223-6528 1. Mention the availability of the quarterly FBI Boston CI SP Program 2. Availability of the CIVA for Corporate America as a tool for companies to use.