Counterintelligence (CI) operations develop, maintain, and disseminate multidiscipline threat by providing early detection and referral of potential espionage cases. CI deals with preventing and apprehending those who want to steal your information or intellectual property. Defense Counterintelligence and Security Agency works with industry and higher education to identify who is targeting us, what technologies they are targeting, and what methods are being used.
Sensitive Information is data that must be protected from unauthorized access to safeguard the privacy or security of an individual or organization.
There are three main types of sensitive information:
- Personal Information: Sensitive personally identifiable information (PII) is data that can be traced back to an individual and that, if disclosed, could result in harm to that person. Such information includesbiometric data, medical information, personally identifiable financial information (PIFI) and unique identifiers such as passport and Social Security numbers. Examples of Sensitive Information also include, but not limited to, bank account numbers, TRACKS account passwords, PAWS pins, health records and credit card numbers.
- Florida Tech takes every precaution to secure Sensitive Data. Please see the policies for Securing and Transmitting this type of Data.
- Business or Proprietary Information: Sensitive business information includes anything that poses a risk to the University if discovered by a competitor or the general public. Such information includes trade secrets, acquisition plans, financial data, customer information, research data and intellectual property.
- Classified Information: Classified Information pertains to a government body and is restricted according to level of sensitivity. Information is generally classified to protect security. Once the risk of harm has passed or decreased, classified information may be declassified and, possibly, made public.
How are they accessing information?
- Cyber Exploitation
- Spear Phishing was the most common malware delivery technique which allows malicious actors to send targeted emails with low risk and potentially high payoff
- Watering Hole attacks (compromised third party sites) may provide a means for malicious actors to gain unauthorized access to your device or network
- Removable media (USB devices) can provide a means to quickly spread malicious software from a trusted person or initiate attempted intrusions
- Attempted acquisition of and requests for information about controlled technologies
- Represent a low-risk/high gain method of operation
- Usually involves emailing, mailing, faxing, or cold calling U.S. cleared contractor employees; web-card submissions; or use of a website's "contact us" page
- collectors ask for everything from price quotes and technical specifications to the outright sale of the technology
Academic Solicitation is the fastest growing method of operation and took over as the primary collection method cleared contractors reported in 2013. The number of foreign academics requesting to work with classified programs continues to rise, and the academic community will likely remain a top target for the foreseeable future. Academic Solicitation is defined as the use of students, professors, scientists or researchers as collectors improperly attempting to obtain sensitive or classified information. These attempts can include requests for, or arrangement of, peer or scientific board reviews of academic papers or presentations; requests to study or consult with faculty members; requests for access to software and dual-use technology; or applications for admission into academic institutions, departments, majors or programs, as faculty members, students, fellow, or employees.
Foreign intelligence entities exploit unsuspecting professors and researchers to gain access to sensitive or classified information and technology.
Who is being targeted?
- Subject matter experts teaching technical courses
- Researchers and scientists conducting classified research on behalf of a U.S. government customer
- Researchers, scientists, and subject matter experts employed at cleared components of academic institutions
- Researchers, scientists, and subject matter experts with unclassified work published in scientific or technical journals or presented at science conferences
What are they after?
- Classified, sensitive, or export-restricted basic and applied research
- Developing defense or dual-use technologies
- Information about students, professors, and researchers working on the technologies
Why is it Effective?
Academic solicitation is an effective way of collecting information due to the collaborative nature of the academic community.
- U.S. Universities and research institutions regularly host foreign students to help cultivate their technical abilities without realizing that this free-flowing exchange of information can place the U.S. technological infrastructure at risk.
- U.S. researchers that receive unsolicited request to review scientific publications readily provide feedback with the hopes of reviewing the resulting findings.
- Foreign intelligence entities use foreign students who are already knowledgable about targeted academic fields to collect.
- Foreign students and professors target U.S. students and researchers who are knowledgeable in the desired field.
- It is often difficult to discern the legitimate contacts from those that represent nefarious attempts to gain access to sensitive or classified information or technology.
What to report?
Report any contact (i.e., emails, telephone calls, personal contact) that is suspicious because of the manner or subject matter of the request. This may include requests from U.S. persons, or from foreign nationals located in the United States or abroad, and may consist of:
- Unsolicited applications or requests for undergraduate, graduate, postgraduate or other research positions
- Unsolicited requests for access to research papers and related publications or access to research labs.
- Unsolicited requests for assistance with or review of thesis papers, draft publications or other research-related documents.
- Unsolicited invitations to attend and/or present at international conferences.
- Efforts of any individual, regardless of nationality, to obtain illegal or unauthorized access to classified information or to compromise a cleared employee
- Contact by cleared employees with known or suspected intelligence officers from any foreign country
- Any contact that suggests the employee concerned may be the target of an attempted exploitation by a foreign intelligence entity
- Attempts to entice employees into compromising situations that could lead to blackmail or extortion
- Attempts by foreign customers to gain access to hardware and information that exceeds the limitations of the export licenses on file
- Attempts to place cleared personnel under obligation through special treatment, favors, gifts, or money
Who do I report to?
Report all suspicious activity to your FSO. Additional hotlines are available if the information is considered prudent or time-pressing and your FSO is unavailable.
DoD Hotline violation reports to include: Threats to homeland security, whistleblower reprisals, human trafficking, counterfeit or substandard parts