cfISAC.org     Central Florida Industrial Security Awareness Council   
         

 

CI Image.jpg (7658 bytes)

   

Suspicious Contacts: The Key to Technology Protection

In today’s increasingly electronic world of doing business, there has been an explosion of exposure and information exchange in industry. Of course it is not uncommon for industry to solicit and respond to solicitation; however, since your facility has been trusted to safeguard United States classified information you must be sensitive to requests for information that seem suspicious.

The fact that your business holds a security clearance makes the company, product, and personnel a target for those who work to infiltrate not only classified information, but also emerging technologies, and company sensitive and proprietary information.

One of the largest means used by intelligence gathers today is a request for information from your facility.

Probably the most common tactic for requesting information is direct contact with company personnel. Cleared or uncleared employees may receive a letter, fax, phone call or email form a person seeking information on a specific technology. If the request is for information on a classified project, the FSO should know about the request immediately and make a report to the Defense Security Service. Requests may also come for information that may not be classified but involve sensitive or company proprietary information. These kinds of requests should also be reported to DSS so that we may track technology collection trends, and targets.

Email has quickly become an easy way for foreign persons to request technology information. Employees should pay close attention to the origin of the email and the sender. If the request seems suspicious, the employees should print a copy of the email and report the contact to the FSO.

The academic approach is also a popular means to collect information. Personnel may find emails and phone calls from foreign persons who are seeking sponsorship form a US company. Oftentimes, these requests include information on how they are already working on a specific technology and would like to come to the United States to further their education and work with personnel at your company who are working on the same technology.

Front companies are a good way to disguise an exploitive business as a legitimate business. Be suspicious of companies that are overly interested in your technology, but do not seem to have any technological expertise. They may try to broker deals for an exchange of information, and may not have an established business address.

As a Facility Security Officer, you already know the importance of information security. It is your responsibility to educate personnel regarding these technology collection trends. Personnel should know that requests for information need to be taken seriously and quickly reported to the FSO. You should also impress upon employees that information does not have to be classified to be subject to Department of State export controls. The state department considers any oral or visual disclosures of sensitive, classified and controlled information to be an export.

A key to guarding against vulnerabilities is to get better control of internet contacts, reporting Key Management Personnel (KMP) changes to DSS, and educating personnel on the reporting requirements for suspicious contacts. On page three of this newsletter, you will find a chart that quickly and easily explains the indicators for a suspicious contact. By sharing this information with your fellow employees, we are improving company as well as national security.

 

For more information on counterintelligence, visit www.dss.mil for brochures, reports, and briefings on counterintelligence issues.

 

 

FSO Concerns

Suspicious Contacts

Adverse Information

Personnel Reporting

(Employee reports to FSO)

Reportable Information
  • Any efforts, by any individual to obtain access to classified or sensitive unclassified information
  • Any efforts by an individual to compromise a cleared employee
  • Contact by a cleared employee with known or suspected intelligence officers form another country
  • Any contact which may suggest an employee may the target of an attempted exploitation by the intelligence services of another country
  • Arrest for any serious violation of the law
  • Excessive use of alcohol or abuse of prescription drugs
  • Any use of illegal drugs
  • Bizarre or notoriously disgraceful conduct
  • Sudden unexplained affluence
  • Treatment for mental or emotional disorders
  • Garnishment of wages
  • Excessive indebtedness
  • Reoccuring financial difficulties
  • Change in name
  • Termination of employment
  • Change in marital status
  • Change in citizenship
  • Possibility of future access to classified information has been reasonably foreclosed
  • New status as a Representative of a Foreign Interest (RFI)
  • Change in RFI status

Indicators
  • Requests for information – written, phone, electronic
  • Foreign visits
  • Joint Ventures
  • Solicitation and Marketing of Services
  • International Conventions
  • Technology/ Company Acquisition
  • Internet (computer hacking)
  • Police Reports
  • Financial difficulties followed by sudden affluence
  • Ecessive use of intoxicants
  • Criminal activities
  • Frequent unexplained travel for short duration
  • Reports form Human Resource (wage garnishment)
 

Report to

DSS Field Office – Industrial Security Representative Defense Industrial Security Clearance Office (DISCO) Employee should report to FSO
       

 

Other Reportable Information
  • Any act of sabotage or possible sabotage
  • An subversive or suspicious activity
  • Unauthorized person on company property
  • Disclosure of classified information to an unauthorized person
  • Any incident or condition that would cause concern about a cleared employee’s suitability for accessing classified information.
  • Espionage or attempted espionage
  • Any attempts to solicit classified information
  • Unwillingness to work on classified information
  • Refusal to execute SF 312
  • Any condition or incident that would qualify as a security violation or which common sense would dictate as worth reporting
   

 

 

Adverse Information Reporting

Adverse information is any information that adversely reflects on the integrity or character of a cleared employee, that suggests that his or her ability to safeguard classified information may be impaired, or that his or her access to classified information clearly may not be in the interest of national security. (NISPOM Appendix C)

Any adverse information needs to be reported the Defense Security Service as soon as the information becomes available to the Facility Security Officer. There is no all-inclusive list of what is or is not adverse information, but on page three of this newsletter, you will find a chart that explains some of the most common indicators. As the FSO, you should determine what is or is not adverse information. If you are unsure of a particular situation, you should contact your Industrial Security Representative for clarification.

Adverse information reporting is an integral part of monitoring espionage in the defense industry. There are several instances where espionage has been thwarted through a report of adverse information on a cleared employee. An especially effective indicator is unexplained affluence or major financial difficulties in the finances of a cleared employee.

 The intent of adverse information report is not to mar the reputation of employees who hold clearances with the United States government. Reports bases solely on rumors, speculation, or innuendo are not permitted.

Guidance on reporting information can be obtained from your Industrial Security Representative at the Defense Security Service.

 wpe3.jpg (52039 bytes)