Counterintelligence and Cyber News and Views Counterintelligence and Cyber News and Views September 2012 Volume 1 Issue 6 Inside this issue: Pg. 1 Countering Insider Threat Pg. 2 Foreign Travel Briefing Source Pg. 6 Ransomware‟ Locks Computers Pg. 7 Malware Installed on Travelers‟ Laptops Software Updates on Hotel Internet Pg. 7 OnGuardOnline.gov to help you be safe, secure and responsible online. Pg. 8 DoD Efforts to Stop Unauthorized Disclosure of Classified Information Pg. 9 Lieutenant colonel in soup for Corporate Headquarters befriending ISI agent on Facebook Pg. 9 Russian spies with Canadian links 222 North Sepulveda Boulevard, Suite 1780 were prepping son for espionage El Segundo, California 90245 (310) 536-9876 Pg. 10 Spear Phishers Angling to Steal Your Financial Info www.advantagesci.com Pg. 10 Looks To Good to be True Pg. 11 Major fraud types on the internet Pg. 12 Spies give way to 'sexy' social media CI TRENDS Pg. 13 Preventing Illegal Exports, Protecting National Security in Today‟s Global Market A CONTINUING DISCUSSION: COUNTERING INSIDER THREAT, BEST PRACTICES Pg. 14 EBay's Security Efforts Lead to Massive Fraud Drop and 3K Arrests AND INFORMATION AND EDUCATION RESOURCES Pg. 15 Cyber Related Threats Reported by In our last newsletter we began a discussion on the Insider Threat. Several readers expressed interest in the DHS Daily Open Source Infrastructure Report article and asked for more. Accordingly, we will continue that discussion in this issue of our newsletter. Pg. 17 2012 Arrests or convictions for Export Violations, Economic Espionage As readers may recall, Executive Order 13587 titled “STRUCTURAL REFORMS TO IMPROVE THE SECU- RITY OF CLASSIFIED NETWORKS AND THE RESPONSIBLE SHARING AND SAFEGUARDING OF Pg. 18 Conspiracy to Illegally Export Military Plane Parts to Venezuela CLASSIFIED INFORMATION” was issued October 7, 2011. Pg. 18 Attempting To Illegally Export Missile One of the requirements established by EO 13567 was the creation of an interagency Insider Threat Task Components To Iran Force. The task force was to develop and publish a program and guidance government-wide for Insider Pg. 19 Army Translator gets 9+ Years for Threat programs. Policies, objectives and priorities are to be established for a multi-disciplined approach to Unauthorized Possession of Classified countering nefarious insider threats. Pg. 19 18 Months in Prison for Acting as Not only will the policies developed by the interagency Insider Threat Task Force be implemented across gov- Unregistered Agent for Syrian Government ernment, there is no doubt that the commercial cleared defense sector will also be guided by these same or Pg. 20 Tried to Give Iran U.S.-Materials for very similar policies. Gas Centrifuges to Enrich Uranium Pg. 22 Helping China Develop Helicopter Already we are seeing examples of this unfolding, as mandated within Department of Defense Instructions. Pg. 24 Lady in Red‟s „accomplice‟ is held over secret German files As an example, DoD Instruction 5240.26, May 4, 2012, includes taskings as highlighted below: Pg. 24 Sandia National Lab scientist charged ―DIRECTOR, DEFENSE SECURITY SERVICE (DSS). The Director, DSS, under the authority, direction, and Pg. 25 Chinese National Charged with Illegal control of the USD(I) and in addition to the responsibilities in section 8 of this enclosure, shall: Export of Sensitive Technology to China (continued on page 3) Pg. 25 Chemist at Pharmaceutical Company gets 18 Months for Theft of Trade Secrets Pg. 25 Silicon Valley Engineer Convicted of NOTE: Much of the Information contained within this newsletter originates from websites maintained by Stealing Trade Secrets agencies of the U.S. Federal Government. The original web address from which material has been derived is Pg. 26 4 yrs. For stealing Motorola Trade posted at the beginning of reproduced articles. Readers are always encouraged to visit the web address Secrets before travel to China from where the article has been derived from, in order to view the article in the original form in which it Pg. 27 Consulate Guard Pleads Guilty to was presented. This newsletter also contains commentary from the editor of the newsletter. Such Trying to Pass Classified to China commentary is solely the opinion of the newsletter editor and does not represent the views of the U.S. Pg. 29 NSA Photo Gallery Government, nor the agency originally presenting this information on the internet. Questions, Pg. 30 Advantage SCI Products, Services, comments, and subscription requests may be directed to the editor at [email protected] or to Training Richard Haidle at 310-536-9876 x237 1 Counterintelligence and Cyber News and Views iTravelSafe™ Avoid Cultural Missteps Protect Your Business Secrets Avoid Crime and Scams Travelers Face iTravelSafe™ The Advantage SCI Avoid getting “scammed” when traveling overseas. Read about App frauds and scams related to international travel. Do you have elderly relatives traveling overseas? Gift them a copy of this App so they can be aware of scams targeting the elderly. Sitting in the plane, holding your iPhone, thinking about your trip to Brazil… ―Hmmm. My phone is in ―Airplane Mode‖ with no internet connection. I really wish I had read a bit more detailed information about traveling to Brazil, what I could do safely. But with no internet connection, I guess I can‘t do that, can I?‖ ―Wait a second!! I have the iTravelSafe™ app on my iPhone. All of the data I need is on my phone now. I can read it all even with no internet or cellular connection! Wow, that is really cool! Oh my, look here! I better not go on that hiking Are you a parent with a child trip near Brazil‘s border regions, I might get spending a semester in an kidnapped. Oh no, my planned charitable overseas study course? journey to Rio‘s shanty town is too dangerous. I‘ll Driving overseas? Read about driving in many have to call it off. It‘s a good thing I had iTravelSafe™ with me to tip me off to the Make sure your children read the “Tips for Students” section of the more than 200 countries this App in- danger!‖ of the iTravelSafe™ App. cludes. iTravelSafe™ gives an organization an app for its employees traveling outside the U.S. to use Advantage SCI‟s New Smartphone App: iTravelSafe™ as a ―self-briefing‖ travel tool. Read about hotel safety. Study up on tips about which business Everything you see pictured here is a screenshot from the iTravelSafe™ App. travelers need to be ―savvy.‖ An Android version of this App is available for immediate purchase at the Google Play Store https:// play.google.com/store/search?q=itravelsafe&c=apps, or an iPhone version at the iTunes Store http:// itunes.apple.com/us/app/itravelsafe/id521506480?ls=1&mt=8. Keep up to date with the latest Travel Alerts pushed out to iTravelSafe™ users immediately from the U.S. State Department. Example of the screenshot, appropriate for the country to which it applies, will be sent to your device as soon as the U.S. State Department pushes out the notification of any Travel Alert For volume sales, please contact Richard Haidle at 310-536-9876 x237 or email [email protected]. 2 Counterintelligence and Cyber News and Views (Continued from page 1) that notification is coordinated with the FBI or d. If DCHC determines an anomaly warrants in- applicable MDCO. vestigation, DCHC shall refer the matter to the a. Ensure CI insider threat awareness and appropriate MDCO or the FBI in accordance with counter-measures information is included COMMENT: This formalizes what already is Reference (u). within security training. existing practice under contracts with US Gov- ernment (USG) Customers. Contractors and 3. CI INSIDER THREAT PROGRAM ELEMENTS. b. Provide instruction and assistance to DoD- USG customers should address exceptions to The CI Insider Threat Program shall include: cleared defense contractors regarding CI this in appropriate channels. END COMMENT insider threat awareness and reporting pro- a. CI Analysis of Information Technology Auditing cedures. Enclosure 3 of DoD Instruction 5240.26 estab- and Monitoring. Mitigation tools are a collection of lishes a comprehensive list of procedures IA tools or a single application that provides COMMENT: DSS will certainly be tasked to inherent to future Insider Threat programs. standard on-line behavioral monitoring of prohibit- monitor the implementation of Insider Threat Enclosure 3 follows: ed activities, anomalous behavior, and suspicious Programs within cleared defense contractors. actions. These automated systems shall have a Beyond existing contractual requirements with ENCLOSURE 3: PROCEDURES standard data sharing capability to ease interoper- US Government Customers, it is realistic for ability within DoD and the IC. The tools shall be Cleared Defense Contractors to expect more 1. UNKNOWN SUBJECT LEADS. Information supported by technical and analytical resources. comprehensive and detailed measures and based on a reasonable belief that a clandestine requirements to be levied on them as imple- relationship exists or has existed between an FIE b. CI Insider Threat Awareness and Training. mentation of the interagency Insider Threat and an unidentified current or former DoD- Awareness and training shall consist of integrated Task Force policies are published. END COM- affiliated individual shall be immediately reported CI, security, IA, and AT/FP education programs MENT and handled as follows: addressing threats to personnel within the DoD Component in accordance with Reference (h). HEADS OF THE DoD COMPONENTS. The a. DoD personnel shall immediately report such Education programs shall be mandatory, interac- Heads of the DoD Components shall: information to their organizational CI element, tive, and address current and real threats in the supporting MDCO, the FBI, or other appropriate work and personal environment. a. Conduct authorized CI activities to detect, iden- authority in accordance with Reference (h).
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages30 Page
-
File Size-