A small pamphlet released in October 2014 by the Defense Security Service discussing potential threats and countermeasures to protect U.S. Government information systems and cleared industry.
United States cleared industry is a prime target of many foreign intelligence collectors and foreign government economic competitors. Cleared employees working on America’s most sensitive programs are of special interest to other nations. The number of reported collection attempts rises every year, indicating an increased risk for industry. While any geographic region can target sensitive or classified U.S. technology, DSS has consistently found that the majority of suspicious contacts reported by cleared industry originate from East Asia and the Pacific regions. Every region has active collectors. Cleared contractors should remain vigilant regardless of the collector’s assumed country of origin.
This Glossary is designed to be a reference for counterintelligence (CI) professionals within the Department of Defense (DoD); however other CI professionals may find it of use. It provides a comprehensive compilation of unclassified terms that may be encountered when dealing with the dynamic discipline of counterintelligence and related activities. Where some words may several meanings within the counterintelligence or intelligence context, a variety of definitions are included.
To prevent foreign entities from achieving their goals, a Counterintelligence Program (CIP) proactively searches for and uses information from multiple sources. An effective CIP draws information from security programs and other internal systems, as well as from the U.S. Intelligence Community (USIC). Once this information is assembled, an effective CIP develops a coherent picture and crafts a strategy to prevent the foreign entity from successfully achieving its goals and minimizes the damage already done. An effective CIP conducts active analysis of available information, requires annual CI education for all employees, and provides a system for immediate referral of behavior with CI implications.
(U//FOUO) DoD Instruction: Counterintelligence (CI) Activities Supporting Research, Development, and Acquisition
The CI mission in RDA informs the DoD Components and supporting CDCs of foreign collection threats and detects FIE targeting of defense-related technology. The CI support enables RDA program personnel to implement countermeasures and enables CI to develop activities that negate, counter, penetrate, or exploit an FIE.
Defense CI activities shall be undertaken as part of an integrated DoD and national effort to detect, identify, assess, exploit, penetrate, degrade, and counter or neutralize intelligence collection efforts, other intelligence activities, sabotage, espionage, sedition, subversion, assassination, and terrorist activities directed against the Department of Defense, its personnel, information, materiel, facilities, and activities, or against U.S. national security.
(U//FOUO) Defense Security Service Cybersecurity Operations Division Counterintelligence Presentation
A Defense Security Service presentation from December 2012 outlining information and statistics on defense industrial base cyber incidents and intrusions.
(U//FOUO) U.S. Marine Corps Human Intelligence Exploitation Team (HET) Operations in Iraq Lessons Learned Report
HET is viewed as a highly valuable and effective intelligence generating asset which, in conjunction with other intelligence sources, provides a significant amount of actionable intelligence during operations in Iraq. “The HET teams produced more reporting … than any other intel asset we have out there.” “HETs have been the pointy tip of the spear in this counterinsurgency fight. Two-thirds of MNF-W operations are directly driven by HET operations.” Key observations from this collection include the following.