2017 Cybersecurity Conferences Offer Information and Job Possibilities

Published with Permission by:
Lint, James R., “2017 Cybersecurity Conferences Offer Information and Job Possibilities”, In Homeland Security, 21 July 2017, Web, https://inhomelandsecurity.com/cyber-conferences-offer-information-job-possibilities/

By James Lint
Faculty Member, School of Business, American Military University
Senior Editor for
 In Cyber Defense and Contributor, In Homeland Security

There are many places to find professional development conferences to increase your cybersecurity expertise. In the last week of July, Las Vegas will host three cybersecurity events available to the public at various prices; all three events offer multiple educational programs.

Black Hat Conference

Black Hat 2017, a world-class information security event, will hold four days of technical training courses from July 22 to 25. These courses will be followed by two days of briefings and discussions on topics such as cryptography, data forensics, incident response, exploit development, malware, network defense and platform security. Another current topic is smart grid/industrial security.

Smart grid and industrial security is particularly important to the Department of Homeland Security’s Critical Infrastructure Sectors. These sectors affect all aspects of industrial security that protect our nation’s critical infrastructure.

Black Hat is the most expensive of these three events. The cost for registration for the briefings only is $2,395. Prices for the training courses are based on the type and length of the class. You will often find corporate employees receiving training via Black Hat.

BSidesLV Conference

BSides Las Vegas will take place from July 25 to 26. According to its website, “BsidesLV is a non-profit educational organization designed to advance the body of information security knowledge, by providing an annual, two day, open forum for discussion and debate for security engineers and their affiliates. We produce a conference that is a source of education, collaboration, and continued conversation for information technologists and those associated with this field.”

BSidesLV is free, but a donation is accepted. The lines for conference badges and the event are smaller than at Black Hat and DEF CON events.

One of BSidesLV’s tag lines is “Our presenters do not talk at you, they converse with you.” Attendees average around 2,500 per year.

In addition to its tracks and information security topics, the company also has a track called Hire Ground. BSidesLV provides resume reviews and career planning services, with recruiters and hiring managers on hand from companies such as Amazon and ClearedJobs.

DEF CON 25

DEF CON is an annual hacker convention that takes place immediately after Black Hat. The number of attendees ranges between 15,000 and 19,000.

DEF CON has many of the same speakers as the other conferences, but at a lower price for the “new to the business” learners. There is a vast spread in the skill set of attendees from well-known hackers to new script kiddies. DEF CON offers speakers and multiple tracks during all four days, with entertainment in the evenings.

But beware — the show does not take checks or credit cards at registration. Cash is the only form of payment because many of the attendees are hackers. DEF CON does not want to be the target of a state or federal legal probe to identify hackers.

“The presence of federal agents at Def Con, declared or otherwise, is nothing new,” wrote The Verge website in 2012. “But on its 20th anniversary, the world-famous hacker conference experienced an interesting first: a keynote speech from the director of a major U.S. intelligence agency.

“Gen. Keith Alexander, head of the National Security Agency and U.S. Cyber Command, addressed thousands of security professionals, hardware hackers and other brilliant computer miscreants during the annual gathering at the Rio hotel in Las Vegas. His mission was obvious: to diffuse long-held tensions, illustrate the common ground between hackers and the government, and ultimately persuade members of the community to use their skills in service to Big Brother.”

What Are the Differences among These 3 Events?

The dress code at Black Hat is more formal, ranging from a sports coat to polo shirts. BSidesLV is often polo shirts to event T-shirts.

Conversely, you can wear anything you want to DEF CON. You will be very comfortable in a T-shirt and jeans, but you would look out of place in a suit.

All three events offer opportunities for job seekers. Many companies meet and hire people at these events.

If You Can’t Attend, Only Some DEF CON Events Will Be Published Online

While there is pay per view on your TV cable provider for some sports and boxing events, there is no pay per view of cyber conventions. In fact, the media is told to not shoot face shots unless they have permission from all faces. This rule is due to the people who operate on the border of legality, in addition to many undercover federal agents and employees who would appreciate not having their photos taken.

Often a few months after the conference, some of DEF CON’s events will show up on YouTube and on the DEF CON webpage.

The bottom line is you do need to attend to get the full impact of the speakers, vendors and other attendees. The networking opportunities at these events are endless. On top of all the great education and networking, it is Las Vegas and everyone has a great time.

About the Author

James R. Lint recently retired as the (GG-15) civilian director for intelligence and security, G2, U.S. Army Communications Electronics Command. He is an adjunct professor at AMU. James has been involved in cyberespionage events from just after the turn of the century in Korea supporting 1st Signal Brigade to the DHS Office of Intelligence and Analysis as the first government cyber intelligence analyst. He has 38 years of experience in military intelligence with the U.S. Marine Corps, U.S. Army, government contracting and civil service.

Additionally, James started the Lint Center for National Security Studies, a nonprofit charity that recently awarded its 45th scholarship for national security students and professionals. James was also elected as the 2015 national vice president for the Military Intelligence Corps Association. He has also served in the Department of Energy’s S&S Security Office after his active military career in the Marine Corps for seven years and 14 years in the Army. His military assignments include South Korea, Germany and Cuba, in addition to numerous CONUS locations. In 2017, he was appointed to the position of Adjutant for The American Legion, China Post 1. James has authored a book published in 2013 “Leadership and Management Lessons Learned,” a book published in 2016 “8 Eyes on Korea, A Travel Perspective of Seoul, Korea,” and a new book in 2017 Secrets to Getting a Federal Government Job.”

Strategic Decision Making: How Do We Know When We Make the Right Decision?

Published with Permission by:
Lint, James R., “Strategic Decision Making: How Do We Know When We Make the Right Decision?”, In Cyber Defense, 23 April 2018, Web, https://incyberdefense.com/james-lint/strategic-decision-making/

By James Lint
Senior Editor for InCyberDefense and Contributor, In Homeland Security 

We have all had to make quick decisions or been forced to make one we did not want to make. We ask ourselves, “Did I get it correct? Did others think I was correct?”

Ray O’Hara, Executive Vice President of Atlanta-based security company AS Solutions, gave a talk on strategic decision making at the recent International Security Conference & Exposition West in Las Vegas.

What Is a Decision and What Is Right?

O’Hara discussed what it means to be right in decision making. He advised the audience to consider the questions, “What are we trying to accomplish? What are we doing right now? Is this my decision to make?” O’Hara also noted that good decisions must be based on pre-determined, long-term goals and short-term objectives.

Define Your Scope of Risk during Decision Making

There is always risk in making a decision. However, O’Hara said that these questions help you evaluate the risk:

  • Who owns the risk or who has the authority to make decisions?
  • What risk are managers willing to commit resources to find a solution?
  • Why are managers unwilling to commit resources to other risks?

Managers will be willing to accept some risk events but not others.

According to O’Hara, defining the risk is a key decision that managers and advisors must make to gain additional resources and mitigate that risks. Good managers have a global view of their company and the outside elements that can affect risk.

What Is an Informed Decision-Making Process?

O’Hara giving his talk on decision making.

O’Hara said that first, “You must learn and understand the key objectives that create the path for accomplishing your goals. Second, you’ll need to predict the circumstances under which you will most likely follow this path and think about other considerations.” These considerations include:

  • The decisions that will lead to success
  • The decisions you can predict for these circumstances
  • Issues to take to key stakeholders/managers or risk owners
  • Conversations with decision makers to decide which decisions are the best and to gain their bigger picture view
  • The next best solution in case decisions change

When Is It Not Your Decision to Make?

“There are many decisions that are not yours to make,” O’Hara pointed out. The military often teaches initiative and how to jump in and do something.

But is that always correct? Is that the best use of senior managers’ experience?

O’Hara suggested that managers should train their staff standard operating procedures. Employees should learn the best time to bring in management. At times, he said, it can also be beneficial to request information from senior managers before making a decision that is in your lane.

Security professionals, for instance, might take a current news item and think how they would react to a similar incident. A specific example would be mapping out reactions if an active shooter incident, such as the recent Florida high school shooting, happened at their work site.

They would face the questions, “What would you do? Who would you contact? And at what point do you bring others into the decision-making discussion?”

O’Hara recommended revisiting these types of conversations with risk owners and managers. He advised, “Ask them to help you understand at which point you no longer have authority. Add these situational aspects to your decision map and work to understand the circumstances when you would reach these limitations.”

O’Hara said this process ensures you and your risk owners are on the same page. It also creates a partnership up and down the chain of command and is applicable in many organizations and walks of life.

Understand Your Risks in Decision Making

He advised the audience to do gap analysis and look for problems before they occur. His recommendations included thinking about what can be learned from recent events and considering what you could do better because of your tools, situation or organization.

According to O’Hara, always document decisions. That is one of the best reasons to map out your process because you may have to justify your strategic decision when it comes to making even bigger decisions. Documenting how you came to your decision based on the risk involved will help you make a coherent case for that decision when necessary.

About the Author

James R. Lint recently retired as the (GG-15) civilian director for intelligence and security, G2, U.S. Army Communications Electronics Command. James has been involved in cyberespionage events from just after the turn of the century in Korea supporting 1st Signal Brigade to the DHS Office of Intelligence and Analysis as the first government cyber intelligence analyst. He has 38 years of experience in military intelligence with the U.S. Marine Corps, U.S. Army, government contracting and civil service.

Additionally, James started the Lint Center for National Security Studies, a nonprofit charity that recently awarded its 49th scholarship for national security students and professionals. James was also elected as the 2015 national vice president for the Military Intelligence Corps Association. He has also served in the Department of Energy’s S&S Security Office after his active military career in the Marine Corps for seven years and 14 years in the Army. His military assignments include South Korea, Germany and Cuba, in addition to numerous CONUS locations. In 2017, he was appointed to the position of Adjutant for The American Legion, China Post 1. James has authored a book published in 2013, “Leadership and Management Lessons Learned,” a book published in 2016 “8 Eyes on Korea, A Travel Perspective of Seoul, Korea,” and a new book in 2017 Secrets to Getting a Federal Government Job.”

How a Purple Pen Brought Cohesion to the Defense Intelligence Agency

Published with Permission by:
Lint, James R., “How a Purple Pen Brought Cohesion to the Defense Intelligence Agency”, In Military, 21 October 2016, Web, https://inmilitary.com/purple-pen-brought-cohesion-defense-intelligence-agency/

By James R. Lint
Faculty Member, School of Business, American Military University

Lieutenant General Patrick M. Hughes, Retired, served in multiple capacities in numerous Army and joint commands as senior intelligence officer of the U.S. Central Command (USCENTCOM) before he served as director of the Defense Intelligence Agency. DIA is a Combat Support Agency (CSA) of the Department of Defense.

General Hughes Faced Obstacles with Interservice and Interagency Rivalries

After his appointment, Hughes encountered interservice and interagency rivalry. Inside the DIA, Hughes, led and managed members of the Marine Corps, Air Force, Navy and his own branch of service, the Army. There were also a significant number of U.S. Civil Service civilians who were DIA employees.

Part of Hughes’ role was to orchestrate mission priorities and direct the allocation of National Intelligence Program (NIP) resources, specifically the General Defense Intelligence Program throughout the DoD. Competition for resources created a level of friction that often exceeded the normal, healthy levels that successful organizations need for success.

Hughes’ success depended upon his ability to maintain perspective and common mission priorities. He also needed to achieve a healthy balance between an “organizational” focus and an “enterprise” focus.

Hughes’ Purple Pen Was Lesson in Leadership and Organizational Cohesiveness

The general brought to DIA many years of leadership experience in working with U.S. and foreign intelligence organizations. He had learned long ago how to blend organizations and capabilities for cohesive, high-performing results.

One of his unique ways of showing he was the leader of DIA rather than an Army organization was his use of a purple pen. Purple is a color designation that symbolizes joint organizations. The color purple combines the blue colors of the Air Force, Navy and Coast Guard with the scarlet and gold of the Marine Corps and the green of the Army.

This simple, direct and visual message had a significant impact on DIA employees. By using purple ink, Hughes was demonstrating that he was there to lead a joint organization and would not show parochial favoritism to any specific organization. He was always known for being fair in all discussions.

Hughes continued his tradition for using a purple pen after his retirement from the U.S. Army. Hughes used the purple pen while he was the senior intelligence officer for the Department of Homeland Security. The pen indicated his support for the best decisions and actions in support of the 20-plus DHS organizations and the national intelligence community.

Hughes is famous for his purple pen, which is just one of several techniques he used to drive success and innovation. Because Hughes successfully led organizations during times of turbulence and threat, he is considered one of our strongest leaders.

About the Author

James R. Lint recently retired as the (GG-15) civilian director for intelligence and security, G2, U.S. Army Communications Electronics Command. He is an adjunct professor at AMU. Additionally, James started the Lint Center for National Security Studies, a nonprofit charity that recently awarded their 43rd scholarship for national security students and professionals. He has 38 years of experience in military intelligence within the U.S. Marine Corps, U.S. Army, contractor and civil service.

James was also elected as the 2015 national vice president for the Military Intelligence Corps Association. In 2016 he was accepted as a member of the Military Writers Guild. He has served in the DHS Office of Intelligence and Analysis and at the Department of Energy’s S&S Security Office. James had an active military career in the Marine Corps for seven years and also served 14 years in the Army. His military assignments include South Korea, Germany and Cuba in addition to numerous CONUS locations. James has authored a book published in 2013, “Leadership and Management Lessons Learned,” and a new book in 2016 “8 Eyes on Korea, A Travel Perspective of Seoul, Korea.”

When a Hack Occurs, Is It a True Cyber Attack or Cyberespionage?

Published with Permission by:
Lint, James R., “When a Hack Occurs, Is It a True Cyber Attack or Cyberespionage?”, In Cyber Defense, 20 March 2018, Web, https://incyberdefense.com/featured/hack-occurs-true-cyber-attack-cyberespionage/

By James Lint
Senior Editor for InCyberDefense and Contributor, In Homeland Security

The cyber community needs to get its nomenclature settled with regard to the word “cyber attack.” The term “cyber attack” is popular; it creates good headlines and gets good clicks on search engines.

Cyber professionals, however, need to agree on what a cyber attack actually is. That will help cyber defenders to identify priorities and focus on actual problems.

Lists Such as the ‘Biggest Cyber Attacks’ Need to Be More Precise

Some of the more famous “Biggest Cyber Attacks in 2017” lists can be found on Google and other search engines. But these lists often describe events, not actual attacks.

The lists compiled by CNN, Calyptix, TechRepublic and others mostly include the same cyber events. But are these events really attacks? None of the articles mention permanently damaged systems.

Equifax Hack Was a Theft, Not an Attack

CNN Tech states, “Cybercriminals penetrated Equifax (EFX), one of the largest credit bureaus, in July [2017] and stole the personal data of 145 million people. It was considered among the worst breaches of all time because of the amount of sensitive information exposed, including Social Security numbers.”

CNN used a more accurate description: “Cybercriminals penetrated Equifax.” But other media sources put this event on their list of attacks.

Equifax stock is still listed on the New York Stock Exchange and doing business. The company had to upgrade some of its computers, but it did not appear to suffer permanent damage.

Calyptix said that this cyber event could have been prevented by applying an available software patch months before the attack. But the Equifax hack was probably a robbery of opportunity because the unpatched system was vulnerable to hackers. It’s safe to say the Equifax crime happened because hackers wanted to steal information that could be resold.

Office of Personnel Management Database Hack Was Espionage

On June 15, 2015, the Office of Personnel Management (OPM) reported that it had suffered a data breach. Hackers were able to penetrate an OPM database that contained decades of security clearance information and files. The theft of this data affected 21 million current and former government employees and contractors.

Beth Cobert, Acting Director of the Office of Personnel Management, said, “Millions of individuals, through no fault of their own, had their personal information stolen and we’re committed to standing by them, supporting them, and protecting them against further victimization. And as someone whose own information was stolen, I completely understand the concern and frustration people are feeling.”

Writing on the Rand Blog, international policy analyst Larry Hanauer said, “The theft of personal information regarding millions of government employees and their associates from an Office of Personnel Management database — which cybersecurity experts have attributed to China — represents an enormous intelligence threat that is still not fully understood.”

Hanauer said the real threat is that “China’s intelligence services could use the data to identify people with financial difficulties, learn potentially embarrassing personal information (such as drug use or mental health issues), or tap into lists of contacts and organizational affiliations to develop seemingly innocuous communications designed to elicit information.”

The OPM hack was clearly espionage. It is definitely a different type of espionage from the days of dead drops and spies grabbing information captured by miniature cameras.

However, today’s counterintelligence workforce may not need photography skills. Instead. cyber skills will be increasingly in demand to prevent events such as the OPM hack from occurring again.

Titan Rain: A Continuing Cyberespionage Effort to Target US Government Secrets

Since 2003, Chinese hackers have been targeting U.S. computer systems in an attempt to gain U.S. secrets. These hackers are part of a wider espionage ring called “Titan Rain.” In 2005, Time magazine described this Chinese cyberespionage conducted against the U.S. government.

ZDnet reported, “The hackers…are thought to have stolen U.S. military secrets, including aviation specifications and flight-planning software. The U.S. government has coined the term ‘Titan Rain’ to describe the hackers.”

The attackers allegedly grabbed specs from the Redstone Arsenal for the mission-planning system for Army helicopters. Unfortunately, the problem with cyberespionage is you often never know what was stolen until much later.

Cyberespionage Is a Better Term Than Cyber Attack

The proper word we should use to better describe some of these hacks is “cyberespionage.” The Oxford English Dictionary defines cyberespionage as “The use of computer networks to gain illicit access to confidential information, typically that held by a government or other organization.”

To avoid further confusion, cyberespionage is the word that should be taught to future cyber defenders and espionage professionals.

About the Author

James R. Lint recently retired as the (GG-15) civilian director for intelligence and security, G2, U.S. Army Communications Electronics Command. James has been involved in cyberespionage events from just after the turn of the century in Korea supporting 1st Signal Brigade to the DHS Office of Intelligence and Analysis as the first government cyber intelligence analyst. He has 38 years of experience in military intelligence with the U.S. Marine Corps, U.S. Army, government contracting and civil service.

Additionally, James started the Lint Center for National Security Studies, a nonprofit charity that recently awarded its 49th scholarship for national security students and professionals. James was also elected as the 2015 national vice president for the Military Intelligence Corps Association. He has also served in the Department of Energy’s S&S Security Office after his active military career in the Marine Corps for seven years and 14 years in the Army. His military assignments include South Korea, Germany and Cuba, in addition to numerous CONUS locations. In 2017, he was appointed to the position of Adjutant for The American Legion, China Post 1. James has authored a book published in 2013, “Leadership and Management Lessons Learned,” a book published in 2016 “8 Eyes on Korea, A Travel Perspective of Seoul, Korea,” and a new book in 2017 Secrets to Getting a Federal Government Job.”

Iranian Hackers Charged with Hacks of 144 U.S. Universities

Published with Permission by:
Lint, James R., “Iranian Hackers Charged with Hacks of 144 US Universities”, In Cyber Defense, 28 March 2018, Web, https://incyberdefense.com/featured/iranian-hackers-charged-hacks-144-us-universities/

By James Lint
Senior Editor for InCyberDefense and Contributor, In Homeland Security

Many cyber defenders watch for Chinese and Russian hackers. However, we must not forget that smaller countries are also in the cyber attack game.

The U.S. Department of Justice and the Department of the Treasury’s Office of Foreign Assets Control determined that nine Iranians hacked the computer systems of 144 American universities, ZDNet reported.

The Iranian hackers worked in cooperation with the Islamic Revolutionary Guard Corps, the Mabna Institute (an Iranian hacker network) and the Iranian government to steal 31.5 terabytes of valuable data.

“In all, 320 universities around the world were attacked along with several U.S. government entities, including the Department of Labor, [the] United Nations, and the Federal Energy Regulatory Commission,” ZDNet added.

Wide-Ranging Impact of Iranian Hackers

The “massive and brazen cyber assault” was “one of the largest state-sponsored hacking campaigns ever prosecuted by the Department of Justice,” U.S. Attorney Geoffrey Berman of the Southern District of New York told a news conference on March 23.

According to the indictment cited by Sciencemag.org, “3,768 of the hacked professors were at 144 U.S. universities, and the attackers stole data that cost these institutions about $3.4 billion to ‘procure and access.’” Data stolen by the Iranian hackers includes scientific research, dissertations and journals.

The hack was intended to help Iranian universities gain access to foreign scientific resources. The indictment notes that the stolen data will also assist scientific and research organizations in Iran.

The FBI website reported that “the hackers stole more than 30 terabytes of academic data and intellectual property—roughly three times the amount of data in the print collection of the Library of Congress.”

Iranian Hackers Used Password Spray Attacks to Penetrate Other Computer Systems

According to the FBI investigation, a group of malicious cyber actors working for the Iran-based Mabna Institute conducted coordinated and broadly targeted password spray attacks against organizations in the United States and abroad. Victims of Mabna attacks often lack multi-factor authentication (MFA) and preventative network activity alerts. The lack of security measures allowed the Iranian hackers to easily guess passwords such as “Winter2018” and “Password123!”

Unlike a brute force attack, in which a would-be penetrator will obtain a single email account’s password by trying all possible combinations in sequence, spray attacks search for accounts with the easiest passwords. This attack method does not trip safety lockouts because the hacker tries only a few simple passwords before moving on to someone else’s account.

An FBI alert offers a good description of spray attacks: “During a password spray attack, a malicious actor attempts a single password against a population of accounts before moving on to attempt a second password against the accounts, and so on.” In other words, a spray attack searches multiple accounts for simple passwords.

Defendants Cannot Leave Iran without Fear of Capture and Extradition to US

The nine defendants in the U.S. university hack scheme are believed to be in Iran. “These defendants are no longer free to travel outside of Iran without the fear of being arrested and extradited to the United States. The only way they can see the rest of the world is through their computer screen, but not stripped of their greatest asset, anonymity,” Berman said.

Tips on Improving Your Cyber Defense

  • Review password policies to ensure they align with the latest NIST guidelines. Never use easy-to-guess passwords, which is the key to defense against this type of cyber attack.
  • Review IT Helpdesk password management of initial passwords, password resets for user lockouts and shared accounts. IT Helpdesk password procedures may not align with company policy, creating a security gap that hackers can exploit.

Cyber Defenders Need to Constantly Learn about New Cyber Attack Methods

Cyber defenders should stay current about new attack methods and older techniques. By keeping your end users informed, you can prevent simple cyber attacks from happening.

In addition, cyber defenders should use government resources to keep their knowledge up to date. One key tool could be Infragard, which is run by the FBI and has chapters in all 50 states. Your local FBI Liaison can help you access the Infragard portal.

Another good resource is US-CERT.gov. This site does not require a signup, but it does hold various events for cyber defenders. Its current activities and announcements show both system vulnerabilities and announcements on system threats.

Cyber defenders who stay current on various cyber threats are force multipliers for their organizations. They are much less likely to be surprised by people targeting their computer systems.

About the Author

James R. Lint recently retired as the (GG-15) civilian director for intelligence and security, G2, U.S. Army Communications Electronics Command. James has been involved in cyberespionage events from just after the turn of the century in Korea supporting 1st Signal Brigade to the DHS Office of Intelligence and Analysis as the first government cyber intelligence analyst. He has 38 years of experience in military intelligence with the U.S. Marine Corps, U.S. Army, government contracting and civil service.

Additionally, James started the Lint Center for National Security Studies, a nonprofit charity that recently awarded its 49th scholarship for national security students and professionals. James was also elected as the 2015 national vice president for the Military Intelligence Corps Association. He has also served in the Department of Energy’s S&S Security Office after his active military career in the Marine Corps for seven years and 14 years in the Army. His military assignments include South Korea, Germany and Cuba, in addition to numerous CONUS locations. In 2017, he was appointed to the position of Adjutant for The American Legion, China Post 1. James has authored a book published in 2013, “Leadership and Management Lessons Learned,” a book published in 2016 “8 Eyes on Korea, A Travel Perspective of Seoul, Korea,” and a new book in 2017 Secrets to Getting a Federal Government Job.”

Social Media Security: Follow Basic Safety Rules to Protect Your Home from Intruders

Published with Permission by:
Lint, James R., “Social Media Security: Follow Basic Safety Rules to Protect Your Home from Intruders”, In Cyber Defense, 22 February 2018, Web, https://incyberdefense.com/james-lint/social-media-security-basic-safety/

By James Lint
Senior Editor for InCyberDefense and Contributor, In Homeland Security

Although it’s fun to post pictures and messages on social media about trips you take, you are also vulnerable to household theft at the same time. For example, imagine that you take your family on a week-long trip.

Your kids post a message on Facebook that they are happy to be on vacation. Your wife takes an interesting picture at a rest stop and posts it to her Instagram account. Also, you send out a tweet upon arrival that you are at the convention hotel and plan to see your work friends tonight.

Unfortunately, all of this information tells a social media-savvy thief that your house is empty. As a result, you might receive a late-night text from your home security company that your home alarm went off, but you missed the text because you were away.

Social Media Gives Thieves Good Data about Houses to Target

We give social media a lot of information. We tell thieves when we are not home. We tell thieves when we leave, when we hit rest stops, when we go to airports and when we go to parties.

But we need to maintain some privacy to prevent others from misusing social media information. Consider the following questions:

  • Do you know your current privacy settings on each of your social media accounts?
  • Do you know the last time each of your social media sites changed its privacy settings?
  • Do you know if your privacy setting really did port over to your new phone?
  • Are you sure that no unintended visitors are looking at your sites and content?

Compromise between Social Media Security and Entertainment

It takes work to maintain a balance between your privacy and the public nature of social media. Here are some potential solutions:

Solution #1: Wait Until You’re Back Home

Take your pictures, write your content, and place the written content in a Word doc or Google Docs file. Then, post the images and written content AFTER you get home. While some people will say this defeats the purpose of social media, it is a safer way to protect your home and belongings.

Another possible option is to post only if you’re a short distance from home. For example, if you’re only out for the day and it’s a quick 20-minute drive to get home, it might be an acceptable risk to post from your location just before you leave.

Solution #2: Use a Social Media Management Tool such as Hootsuite or Buffer

There are online tools such as Hootsuite and Buffer that allow you to schedule social media posts at times you prefer. Both of these tools have free plans for individuals. Also, both tools are available as mobile apps.

Solution #3: Ask Social Media Companies to Add in a ‘Send Later’ Feature to Personal Accounts

Ideally, social media companies should build in a “send later” feature into their platforms. This feature does not currently exist for personal accounts (although Facebook administrators can pre-schedule posts to appear on pages for an organization).

The ability to send posts at a later time would be a useful social media security feature for personal accounts. In addition, it would be a proactive measure that would provide security even if your privacy settings had not been recently updated.

Consider sending a message to your social media companies’ feedback email or “contact us” pages. This information could be easily found through a Google search.

Stay secure!

About the Author

James R. Lint recently retired as the (GG-15) civilian director for intelligence and security, G2, U.S. Army Communications Electronics Command. James has been involved in cyberespionage events from just after the turn of the century in Korea supporting 1st Signal Brigade to the DHS Office of Intelligence and Analysis as the first government cyber intelligence analyst. He has 38 years of experience in military intelligence with the U.S. Marine Corps, U.S. Army, government contracting and civil service.

Additionally, James started the Lint Center for National Security Studies, a nonprofit charity that recently awarded its 49th scholarship for national security students and professionals. James was also elected as the 2015 national vice president for the Military Intelligence Corps Association. He has also served in the Department of Energy’s S&S Security Office after his active military career in the Marine Corps for seven years and 14 years in the Army. His military assignments include South Korea, Germany and Cuba, in addition to numerous CONUS locations. In 2017, he was appointed to the position of Adjutant for The American Legion, China Post 1. James has authored a book published in 2013, “Leadership and Management Lessons Learned,” a book published in 2016 “8 Eyes on Korea, A Travel Perspective of Seoul, Korea,” and a new book in 2017 Secrets to Getting a Federal Government Job.”

InfraGard: Helping the Nation’s IT Security Professionals

Published with Permission by:
Lint, James R., “InfraGard: Helping the Nation’s IT Security Professionals”, In Homeland Security, 12 Oct. 2016, Web, https://inhomelandsecurity.com/infragard-helps-nations-security/

By James R. Lint
Faculty Member, School of Business, American Military University
Contributor, In Homeland Security

On August 25, InfraGard Las Vegas had an interesting event where they discussed a report about current threats to information technology. InfraGard is an organization that serves the security community.

New or old security managers and intelligence professionals may desire to join InfraGard. InfraGard not only provides networking opportunities, but it also helps members to learn current information and threats outside of the normal information flow in organizations.

InfraGard is a non-profit organization and federal information sharing program dedicated to protecting national cybersecurity by sharing information among businesses, academic institutions and law enforcement agencies, including the FBI. In addition to cybersecurity, InfraGard members also review the big picture of security threats, threat movements and the impact of threat actors in areas outside of members’ organizations.

InfraGard was founded by the FBI in 1996 and has more than 80 chapters in the U.S. This organization is led by local industry leaders with support from the local FBI office.

Careful Screening Process Ensures Members Receive Quality Information

Membership in InfraGard is free, but, participants must go through a screening process in order to join this association. Prospective members must be U.S. citizens and work in the security field. For example, they can work in a security company or in the security office of a corporation.

FBI Special Agents often have security briefs during the meetings, so the FBI does a background check (including a criminal history check) on all members to ensure that the sensitive information they provide remains confidential. All members have a requirement to protect information as “business confidential” and not disclose it beyond the intended scope. In turn, federal agencies exercise care to protect sensitive information they receive from InfraGard members.

InfraGard has subcommittees pertaining to 16 critical infrastructure sectors, as defined by President Obama. Protecting these sectors advances a national policy to strengthen and maintain secure, functioning and resilient critical infrastructures. Since most members’ parent organization aligns with one of the sectors, the sector subcommittees are a method for members to learn from their peers in their sector.

InfraGard Membership Encourages Knowledge Development and Growth

Membership into InfraGard also has a web portal used for sharing information. Contributors to the web portal include the FBI and the Department of Homeland Security (DHS). Information provided by the FBI and DHS is both timely and official, allowing corporate members to gauge threats.

The portal also provides access to many sector publications, allowing security professionals to access information that can be used to protect their own organizations. InfraGard also holds webinars to encourage the professional growth of its members.

InfraGard’s main value comes from the ability to learn and share quality information with other security professionals. InfraGard also allows professionals to give back to the organization by mentoring each other, further encouraging the growth of its members.

About the Author

James R. Lint recently retired as the (GG-15) civilian director for intelligence and security, G2, U.S. Army Communications Electronics Command. He is an adjunct professor at AMU. Additionally, James started the Lint Center for National Security Studies, a nonprofit charity that recently awarded their 43rd scholarship for national security students and professionals. He has 38 years of experience in military intelligence within the U.S. Marine Corps, U.S. Army, contractor and civil service.

James was also elected as the 2015 national vice president for the Military Intelligence Corps Association. In 2016 he was accepted as a member of the Military Writers Guild. He has served in the DHS Office of Intelligence and Analysis and at the Department of Energy’s S&S Security Office. James had an active military career in the Marine Corps for seven years and also served 14 years in the Army. His military assignments include South Korea, Germany and Cuba in addition to numerous CONUS locations. James has authored a book published in 2013, “Leadership and Management Lessons Learned,” and a new book in 2016 “8 Eyes on Korea, A Travel Perspective of Seoul, Korea.”

Government Misuse of Credit Cards Affects National Security

Published with Permission by:
Lint, James R., “Government Misuse of Credit Cards Affects National Security”, In Homeland Security, 07 Sept. 2016, Web, https://inhomelandsecurity.com/government-misuse-of-credit-cards-affects-national-security/

By James R. Lint
Faculty Member, School of Business, American Public University

On August 30, 2016, Military Times published an article about a Department of Defense (DoD) Inspector General (IG) report pertaining to the improper use of government credit cards. This report found that many people used their government credit cards in strip clubs and casinos and requested government reimbursement for their charges. Cardholders often used these credit cards to prevent their spouses from discovering their visits to either a strip club or a casino.

Misuse of Credit Cards Not Reported

The article also described how the report from the IG assessed how military officials took action to cope with this misbehavior. One of the IG report’s suggestions was to conduct a review of past credit card misconduct, a much-needed action. In the corporate world, a manager or leader would behave in a similar manner, working to determine if this misconduct was a first-time event or a long-term problem.

Also, the IG report discusses multiple individual cases of credit card misuse while the owner was traveling. According to Andrew Tilghman, the author of the Military Times article, “The IG also concluded that the credit card misuse revealed “potential national security vulnerabilities.” Credit card misuse is a violation that can warrant revocation of a security clearance, but the misconduct is not routinely reported to the personnel overseeing security clearances for the Joint Personnel Adjudication System (JPAS), according to the IG report.”

Criminal or Unethical Activity Leads to Potential Security Threat

Any time people conduct criminal activity, especially when they are embarrassed about a certain type of activity, the situation has the potential for blackmail. For counterintelligence personnel, this is a strong concern because it means that   flawed employees could be potentially controlled by foreign intelligence entities (FIE).

The IG is correct; this type of activity should be reported to JPAS. This behavior could show other past indicators of possible hostile control or indicators leading to the discovery of an insider threat.

In fact, Department of Defense (DoD) personnel (which includes active and reserve military personnel) are legally obligated to report security concerns. The Counterintelligence Awareness and Reporting DoD Directive 5240.06 Paragraph 4c states, “Failure to report FIE threats as identified in this Directive may result in judicial or administrative action or both pursuant to applicable law or policy.”

Sometimes managers try to use removal of a security clearance to punish military or civil service personnel. This practice is ineffective, because the investigation and hearings involved in a revocation of a security clearance are long and exhaustive. This extensive process is necessary to ensure no misuse occurs in the revocation process, because the removal of a security clearance has a significant impact on a person’s employment and future.

The proper method of handling credit card fraud from one of your employees is to press criminal investigative authorities to charge that employee with a crime. That gives the human resources office at your organization the necessary information to conduct the employment removal process.

Any results from a criminal investigation and conviction should be forwarded to an organization’s security manager or facility security officer. They will ensure it is put into the JPAS system of record for security information, which is used in future security clearance adjudication actions.

Criminal Misconduct Is an Ongoing Security Concern for US Government

In my 36 years of work as a counterintelligence special agent and an intelligence community senior manager, I often saw security clearance and insider threat problems. These security issues were poorly handled by managers and leaders and festered into counterintelligence problems later on.

After most insider threat or espionage incidents that occur involving government employees, it is common for a review to be conducted by Counterintelligence Special Agent and reported to. It is often amazing that people saw indicators of criminal activity, but they failed to report it to their superiors.

We will have additional insider threat events in the future. When criminal activity is not handled correctly, that gives foreign intelligence entities an opportunity to hurt both our organizations and our country.

About the Author

James R. Lint recently retired as the (GG-15) civilian director for intelligence and security, G2, U.S. Army Communications Electronics Command. He is an adjunct professor at AMU. Additionally, James started the Lint Center for National Security Studies, a nonprofit charity that recently awarded the 40th scholarship for national security students and professionals. He has 38 years of experience in military intelligence within the U.S. Marine Corps, U.S. Army, government contractor environment and civil service.

James was also elected as the 2015 national vice president for the Military Intelligence Corps Association. In 2016, he was selected to be an associate member of the Military Writers Guild. He has served in the DHS Office of Intelligence and Analysis and at the Department of Energy’s S&S Security Office. James had an active military career in the Marine Corps for seven years and also served 14 years in the Army. His military assignments include South Korea, Germany and Cuba in addition to numerous CONUS locations. James has authored a book published in 2013, “Leadership and Management Lessons Learned,” and a new book in 2016 “8 Eyes on Korea, A Travel Perspective of Seoul, Korea.”

Espionage against the US Continues, Even After the Cold War

Published with Permission by:
Lint, James R., “Espionage against the US Continues, Even After the Cold War”, In Homeland Security, 21 July 2017, Web, https://inhomelandsecurity.com/espionage-against-the-us-continues-even-after-the-cold-war/

By James Lint
Faculty Member, School of Business, American Military University
Senior Editor for
 In Cyber Defense and Contributor, In Homeland Security

This article is the first in a series on espionage.

There are still people who think of espionage as part of the old Cold War and in the past. The reality is that espionage is all around us.

It’s widely assumed that foreign espionage is focused solely on the U.S. military and State Department to gain insight on military actions and foreign policy. Sadly, that thinking is also incorrect.

Foreign espionage agents not only target the military’s current actions and future movements, but also military research and development (R&D) to learn what emerging technologies are a potential threat to their hostile countries. R&D information is stolen to protect or strengthen the countries that steal it.

Spying Is a Way to Understand Foreign Politics and Increase Wealth

Espionage is also a way for nation-states to understand the current geopolitical situation and to prevent wars. Some countries, however, commit economic espionage to increase their wealth by targeting information that can expose national or industrial intentions and capabilities.

The FBI reports that “as a result of a string of high-profile espionage arrests by the FBI and its partners, the press dubbed 1985 as the ‘Year of the Spy.’” With a string of apprehensions, hostile nations were put on notice that espionage against the United States would not be tolerated; spies who were caught would be sentenced to long prison terms or deported.

The string of arrests in 1985 was a blow to those hostile countries – mainly China and the Soviet Union – because the apprehensions shut down some of their intelligence gathering into U.S. intentions.

At the same time, it is often counterproductive to arrest espionage agents because U.S. intelligence agencies then have the always difficult task of identifying and capturing their replacements. It’s no wonder that U.S. counterintelligence agents often prefer to leave foreign agents in place and provide them with false intelligence or, even better, turn them against their own country.

The “Year of the Spy” was a good reminder to the public and to our enemies that we know espionage agents operate against the United States. The publicity surrounding the spies’ arrests helped educate the next generation of homeland security, military and intelligence professionals and provided memorable case histories for instructors to use as real-world espionage examples.

What Is the Current Espionage Situation in the US?

In a March 2016 speech to the conservative Heritage Foundation, Mike Rogers, former head of the House Intelligence Committee, stated that there are more spies in the United States today from foreign nation-states than at any time in our history — including the Cold War. “And they’re stealing everything. If it’s not bolted down, it’s gone,” Rogers said. “And if it’s bolted down, give them about an hour — they’ll figure out how to get that, too.”

In 2012, Foreign Policy magazine reported that several thousand foreign intelligence officers operate openly in Washington, D.C., from dozens of embassies and international organizations.

What few people realize is that we have little privacy or rights from foreign intelligence agencies. The Russians have targeted U.S. political and military intelligence organizations for many decades. Chinese spies target intellectual property in addition to political and military intelligence. While the Russians send skilled intelligence officers, China often relies on people untrained in espionage, but who have access to targeted information or to those who know how to gain that access.

Recent Successes in Hostile Espionage

The Chinese intelligence service created what is known in spycraft as a “honey trap” for 59-year-old Benjamin Bishop, a married defense contractor with a top-secret security clearance. Bishop was a retired lieutenant colonel working at the U.S. Pacific Command in Hawaii when he met a 27-year-old Chinese national in the U.S. on a student visa. Bishop provided her with numerous classified documents during their three-year affair.

“In court, Bishop’s attorney, Birney Bervar, characterized the couple’s exchange of secret information as an act of love, not espionage,” Foreign Policy reported.

But in 2014, a military court in Honolulu sentenced Bishop to more than seven years in prison “for passing national defense secrets to his Chinese girlfriend and illegally keeping numerous classified documents at his home,” according to the Reuters news agency.

Similarly, former NSA contractor Edward Snowden and U.S. Army soldier Chelsea Manning conducted espionage or participated in the loss and distribution of classified information to non-cleared actors, including foreign intelligence services. Distributing classified information to the public or anyone without proper security clearance is a crime. Some people call this action the “insider threat,” but it mostly falls under theft and espionage.

This article was adapted from my article, “The Espionage Threat Is Real: Strategies for the Next Insider Task Force.” That article placed second in the Military Writers Guild 2017 Competition.

About the Author

James R. Lint recently retired as the (GG-15) civilian director for intelligence and security, G2, U.S. Army Communications Electronics Command. He is an adjunct professor at AMU. James has been involved in cyberespionage events from just after the turn of the century in Korea supporting 1st Signal Brigade to the DHS Office of Intelligence and Analysis as the first government cyber intelligence analyst. He has 38 years of experience in military intelligence with the U.S. Marine Corps, U.S. Army, government contracting and civil service.

Additionally, James started the Lint Center for National Security Studies, a nonprofit charity that recently awarded its 45th scholarship for national security students and professionals. James was also elected as the 2015 national vice president for the Military Intelligence Corps Association. He has also served in the Department of Energy’s S&S Security Office after his active military career in the Marine Corps for seven years and 14 years in the Army. His military assignments include South Korea, Germany and Cuba, in addition to numerous CONUS locations. In 2017, he was appointed to the position of Adjutant for The American Legion, China Post 1. James has authored a book published in 2013, “Leadership and Management Lessons Learned,” a book published in 2016 “8 Eyes on Korea, A Travel Perspective of Seoul, Korea,” and a new book in 2017 Secrets to Getting a Federal Government Job.”

No Holiday Season Break for CES Tech Show Preparations

Published with Permission by:
Lint, James R., “No Holiday Season Break for CES Tech Show Preparations”, In Cyber Defense, 14 December 2017, Web, https://incyberdefense.com/featured/no-holiday-break-ces-preparations/

By James Lint
Faculty Member, School of Business, American Military University
Senior Editor for
 InCyberDefense and Contributor, In Homeland Security

CES, the gathering convention for people thriving in the consumer technology business, begins in 30 days’ time in Las Vegas.

This annual trade show has been the proving ground for innovators and breakthrough technologies for 50 years. CES introduces next-generation innovations to the marketplace. Hosted by the Consumer Technology Association (CTA), CES collects the world’s business leaders and pioneering thinkers.

This year’s show starts on January 9, 2018, and runs for a full week. Last year, CES attracted 184,000 attendees from all over the world, including global technology industry leaders from 150 countries.

In 2017, CES drew a wide variety of attendees, including:

  • Fortune 500 company executives
  • Manufacturers
  • Retailers
  • Venture capitalists
  • Engineers
  • Government officials
  • Advertising and marketing executives
  • Media sources

Size of CES Requires Ample Preparation

You do not get 184,000 attendees into one convention center without a lot of preparation and planning. Tech firm exhibitors and event planners begin preparations long before the show opens because the logistics involved are extensive.

To assist participants get ready for the show, CES provides a checklist for exhibitors that includes pages of requirements that need to be met starting in October.

The Reach and Breadth of CES

CES is a platform for innovators to build their brands. Almost every major technology company participates in CES in some way — by exhibiting, speaking, sponsoring, attending or holding co-located events and business meetings.

Show Content Spotlights Diversity of Technology

At CES, content and learning opportunities are available regarding diverse elements of technology, including 3D printing, digital imaging/photography, robotics and drones. Attendees can also pick up new information on sensors, augmented and virtual reality, electronic gaming, smart homes, audio, fitness and sports.

There are booths and displays for startup companies, as well as for major manufacturers whose names have become household words. Visitors will see innovations in:

  • Communications infrastructure
  • Health and biotech
  • Vehicle technology
  • Computer hardware/software/services
  • Internet
  • Video
  • Content creation and distribution
  • Cybersecurity
  • Wireless and other devices

Cybersecurity Industry Expected to Provide More Employment Opportunities

As CES has grown, so too has the cyber defense industry. So today’s cyber defenders in government and industry must continue to learn. Some of the products at CES are newly created, first versions.

Cyber defenders are the ones looking for the problems that may occur. They must look at, assess and determine if there are vulnerabilities that will affect other systems. Frequently a program or app is created that has no security problems. But when it is combined with other systems unforeseen vulnerabilities might appear.

Talks and demonstrations at CES allow professionals to see new cyber devices. CES also is the global stage where startups can get funded, new partnerships formed, and new acquisitions mergers and acquisitions take place.

In the future, we will need more and smarter cyber defenders who can keep up with the rapid evolution of technology. A formal college education and a continuing situational awareness of changes and vulnerabilities in technology are standard requirements for most cyber defender positions today.

What is new this year will likely be redundant in the not-too distant future. Events like CES offer an opportunity to glimpse the future of our ever-changing world of technology and its needs.

About the Author

James R. Lint recently retired as the (GG-15) civilian director for intelligence and security, G2, U.S. Army Communications Electronics Command. He is an adjunct professor at AMU. James has been involved in cyberespionage events from just after the turn of the century in Korea supporting 1st Signal Brigade to the DHS Office of Intelligence and Analysis as the first government cyber intelligence analyst. He has 38 years of experience in military intelligence with the U.S. Marine Corps, U.S. Army, government contracting and civil service.

Additionally, James started the Lint Center for National Security Studies, a nonprofit charity that recently awarded its 49th scholarship for national security students and professionals. James was also elected as the 2015 national vice president for the Military Intelligence Corps Association. He has also served in the Department of Energy’s S&S Security Office after his active military career in the Marine Corps for seven years and 14 years in the Army. His military assignments include South Korea, Germany and Cuba, in addition to numerous CONUS locations. In 2017, he was appointed to the position of Adjutant for The American Legion, China Post 1. James has authored a book published in 2013, “Leadership and Management Lessons Learned,” a book published in 2016 “8 Eyes on Korea, A Travel Perspective of Seoul, Korea,” and a new book in 2017 “Secrets to Getting a Federal Government Job.”