Read Reverse Deception: Organized Cyber Threat Counter-Exploitation Online
Authors: Sean Bodmer
Tags: #General, #security, #Computers
Make intelligence a profession, not just an occupation
Tradecraft does not end when you go home for the day. To do what needs to be done, you need to live it. You have to eat intelligence, and when you go to sleep, you have to dream about intelligence.
Research and Technology Protection
Protection of up-and-coming new technologies is absolutely critical to any organization’s future success, and it’s critical to any nation’s national security. Program protection is not just keeping papers locked in the office, but rather keeping folks in line by practicing operations security, which will be discussed shortly. Also included are information security, personal security, physical security, and computer security—all of which can give away the farm. Combinations of these vulnerabilities can do you in, too. Suppose an employee goes home for the day and posts on her personal blog about how boring it is working on the Widget Enhancement Program. Within a couple weeks, the employee is approached by foreign intelligence officers, and eventually, she is questioned about the Widget Enhancement Program—20 million dollars of research and development down the drain…
Operational Cycle for Double Agent Operations
Know, understand, and commit to memory the activities of the people in the field. Many lives depend on professional coordination of their activities. You do not want to tip your hand through poor tradecraft.
Operational requirements mandate that certain people be in specific locations at specified times, so ensure you understand completely and know the basic five
W
s (and an
H
that is always left out):
Who
What
When
Where
Why
How
Operations Security
Commonly known as operations security (OPSEC), this art has been around for years. The names may change, but the following five basic steps in the process are still the same, and with the assistance of a counterintelligence professional, the OPSEC program is extremely cost-effective and scalable. (
www.fas.org/irp/nsa/ioss/threat96/part01.htm
.)
1.
Identification of critical information
Each organization must understand what it is trying to protect. Not everything can be protected at the same level—it simply is not cost-effective—so what are those crown jewels? What information is so sensitive that it will sink your company if the adversary gets hold of it? That is something each company must identify on its own.
2.
Analysis of threats
Who is the adversary? Who wants what you have? Is it another corporation or hackers looking to steal your intellectual property for resale? Each adversary has its own motivation and intentions. Here is a short list of potential adversaries:
Insider threats
Extremists
Foreign intelligence services
Terrorist groups, foreign and domestic
Hackers/crackers