Embed Size (px)
Citation preview
DSS 2015 Targeting U.S. Technologies –A Trend Analysis
Host: Rebecca Morgan, Counterintelligence Awareness Instructor - CDSE
Guest: Brett Young, Defense Security Service Counterintelligence Directorate
Producer: Nancy McKeown - CDSE
DSS 2015 Targeting U.S. Technologies
Navigation in the Meeting Room
Enlarge Screen
File Share
Closed Captioning
below
Q & A
Agenda
Background and Purpose Collection Trends Overview Special Focus Area Regional Assessments
• East Asia and the Pacific• Near East• South and Central Asia• Europe and Eurasia
Conclusion and Outlook
Background & Purpose
U.S. sensitive technologies and information are under attack from foreign entities
Industry reporting assists the Defense Security Service (DSS), and our government partners, in detecting, deterring, mitigating, and neutralizing the threat
In fiscal year 2014 (FY14), approximately how many reports of suspicious activity did cleared industry submit to DSS?
a) Less than 25,000 reports b) Between 25,000 & 30,000 reports c) Between 30,000 & 35,000 reports d) Over 35,000 reports
Poll Question 1
Background & Purpose
Each suspicious contact report (SCR) makes a difference
• Over 34,000 reports from industry in fiscal year 2014 (FY14)• Reporting led to identifying 989 subjects and sources
DSS produces the Trends to raise threat awareness, encourage reporting, identify specific technologies at risk, and apply appropriate countermeasures
Which region was the origin of the most suspicious activity reported by industry in FY14?
a) Western Hemisphereb) Europe & Eurasiac) East Asia & the Pacificd) Near Easte) South & Central Asia
Poll Question 2
Updated Methodology
DSS analysts applied a “threat level” to the reports assessed to be of CI concern
DSS ranked the regions by the aggregate threat score rather than the raw number of reports
Collection Trends Overview
In FY14, which method of operation was the most common approach in illicit attempts to acquire information and technology from cleared industry?
a) Suspicious Network Activity, also known as Cyber Network Exploitation
b) Solicitation or Marketing Servicesc) Attempted Acquisition of Technologyd) Academic Solicitatione) Request for Information
Type your answer in the pod to the right
Poll Question 3
Collection Trends Overview
Counterfeit Microelectronics
Counterfeit microelectronic devices represent a threat to DoD systems
• Counterfeits that could significantly degrade, tamper, or disrupt the performance of DoD systems can enter the DoD’s supply chain in various ways
• While it is rare that cleared contractors (CCs) would turn directly to the gray market, DSS identified U.S. companies importing microelectronics from suspected counterfeiters overseas who actively solicit CCs for business
Counterfeit Microelectronics
DSS assesses it is almost certain foreign intelligence entities possess the capability to introduce non-conforming or malicious microelectronics into the supply chains of cleared industry
DSS lacks sufficient specific information to determine whether they intend to exploit supply chain vulnerabilities
In FY14, which technology did entities from East Asia & the Pacific most commonly target?
a) Electronicsb) Aeronautic Systemsc) Softwared) Command, Control, Communication, & Computers (C4)e) Marine Systems
Type your answer in the pod to the right
Poll Question 4
East Asia & the Pacific
Key Points
• Continued to be the most prolific collector region with 38 percent of all reports
• Emphasized targeting of electronics, C4, and aeronautic systems
• SNA reports dropped more than 50 percent in FY14 while academic solicitation increased
• Commercial entities supplanted government entities as the most common collectors
Near East
Key Points
• Continued to leverage a network of intermediaries, procurement agents, and front companies
• Aeronautic systems were the most targeted technology focused on supporting indigenous platforms
• Academic solicitation remained the most prominent MO; increasing use of SNA
• Government-affiliated collectors accounted for 43 percent of reports
What was the most common method of operation for entities from the South & Central Asia region in FY14?
a) Academic Solicitationb) Seeking Employmentc) Request for Informationd) Attempted Acquisition of Technologye) Suspicious Network Activity
Type your answer in the pod to the right
Poll Question 5
South & Central Asia
Key Points
• Military modernization continued to influence the technologies targeted
• Entities’ continued attempts to gain employment, internships, and research positions at cleared facilities or institutions associated with classified research
• An increase in commercial collectors’ use of RFIs and AAT led to this affiliation’s move from third to first
Europe & Eurasia
Key Points
• The top three targeted technologies–C4, aeronautic systems, and electronics to support military modernization
• AAT remained the most reported MO, but solicitation or marketing services quadrupled
• Commercial entities were the most reported collector
Conclusion and Outlook
DSS assesses that foreign entities will almost certainly continue to target cleared industry
Most active collector regions will almost certainly remain the same, although the ranking may change
Suspicious Contact Reporting:
NISPOM 1-302b NISPOM 1-301 811 Referrals
DSS 2015 Targeting U.S. Technologies
Counterintelligence Training Products
Related Training Protecting Your Facilities Technology Thwarting the Enemy: Providing CI &
Threat Awareness to the Defense Industrial Base
Suspicious Emails
Job Aids Foreign Collection Methods: Indicators
and Countermeasures CI Awareness Toolkit
Past Webinars Elements of a Suspicious Contact
Report
Peter DeCesare andRebecca Morgan(410) 689-1294
Email: [email protected]
www.cdse.edu/catalog/counterintelligence.html
DSS 2015 Targeting U.S. Technologies
DSS Counterintelligence Reports
Peter DeCesare andRebecca Morgan(410) 689-1294
Email: [email protected]
DSS 2015 Targeting U.S. Technologies
http://www.dss.mil/ci/ci_reports.html
Question and Answer Session
DSS 2015 Targeting U.S. Technologies
Counterintelligence Training POC:
Peter DeCesare and Rebecca Morgan
(410) 689-1136 (410) 689-1294
Email: [email protected]
DSS 2015 Targeting U.S. Technologies
