Free Essay

Social Engineering Attacks and Counterintelligence

In:

Submitted By MWashington50
Words 1115
Pages 5
Case Study 2: Social Engineering Attacks and Counterintelligence
Marilyn Washington
Dr. Gideon U. Nwatu
CIS 502
November 3, 2013

Abstract

The topic of this paper is “Social Engineering Attacks and Counterintelligence.” Social engineering attacks and counterintelligence have major impacts to our national security. In July 2010, the Afghan War Diary was released in WikiLeaks. In October 2010, WikiLeaks also released the largest military leak in history – the Iraq War Logs revealing the war occupation in Iraq. This type of information is considered as classified data by the Department of Defense.

Social Engineering Attacks and Counterintelligence
Describe what social engineering and counterintelligence are and their potential implications to our national security in regard to the leaked Afghan War Diary and Iraq War Logs.
WikiLeaks is an open website that reveals classified documents to the general public. Voice of America stated that “WikiLeaks releases 400,000 classified US Military files (Pessin, 2010). WikiLeaks is a serious threat to national security. WikiLeaks is a threat for three reasons: reveals the identities of operatives, defaces the name of the USA to foreign countries, and threatens the safety of the USA.
A danger of WikiLeaks is it reveals the identities of operatives both foreign and domestic. WikiLeaks allows the names of many allies and operative missions to be posted on a public website. This type of exposure endangers many oversea operatives’ identities and positions. WikiLeaks has openly admitted to putting the names of many operatives on their site as means to “allow an open view of the government”. The open view is endangering many more lives than it is saving. The public website allows many terror groups, as well as different foreign governments’ access to the private documents of our national government. This lack of security gives any person the ability to see the names of the citizens and operatives risking their lives to defend our country.
WikiLeaks is damaging to our image as a nation. When we can’t keep our own secrets, how are we going to be able to keep the intelligence of any other nation? It gives any terror group or organization access to the plans of the United States. The lack of security not only compromises operations, but destroys the sense of safety that should come from your country.
Examine the importance of forming a sound information security workforce and describe the challenges faced by organizations in doing this as evidenced by the articles about the Afghan War Diary and the Iraq War Logs that were released in WikiLeaks.
After WikiLeaks released 70,000 documents in July relating to the war in Afghanistan, the Pentagon quickly set up a 120-person task force to review the documents for potential damage (Goldman & Martinez, 2010).
Business is a bit like war, except that there are legal restrictions that govern what can be done and what cannot be done. Competitors in the same industry aim to conquer similar territories through different ways and means. Research is valuable asset and some organizations might resort to foul play and fund industrial espionage to catch up with a competitive firm. This is exactly what WikiLeaks is a competitor that is willing to do whatever it takes to become the number one source.
WikiLeaks view is that government regimes have too much power and they don’t want power to be shifted away from them so they keep much information away from the public. So, if they are able to release information that makes the government vulnerable they believe it shifts the power back to the people.
Due to the mishaps that PFC Bradley Manning, Army Intelligence Analyst Soldier caused it has changed the way the military secures its secrets.
Predict how the Afghan War Diary and the Iraq War Logs that were released in WikiLeaks could influence organizations in regard to their security policies and risk management procedures.
The WikiLeaks have taught national security that risk assessment is an integral part of any security workforce. The risk assessment exists to enable an organization to maximize the use of its information within a level of risk that is acceptable.
Implementation of more security measurements such as background investigations, fingerprints, polygraphs, removal of all personal electronics in the workplace and the usage of wireless networks (Eguren, 2008). According to the author the implementation of new security requirements is very expensive to organizations.
Propose two methods to thwart this type of intelligence leak in the future and explain why each would be effective.
There are basically six different types of intelligence collection being unutilized by our intelligence government community. Human Intelligence (HUMINT) typically involves personnel on ground who can gather information from human sources working agencies from here and abroad. This section reports its finds to the National Clandestine Services (NCS).
Signals Intelligence (SIGINT) typically gathers its information with electronic emissions by utilizing the National Security Agency (NSA) to tap in on signals from our adversaries or foe towards collecting accurate data reporting.
Open Source Intelligence (OSINT) is basically little information that’s non-classified/non-secret source like hints, code words, clues taken from news media such example ( Al Jazeera)(Goldman & Martinez, 2010), newspaper, and the internet that can be accurately be broken by our intelligence community and stored in our data base for present and future use. All information gathered are given and stored at the Director of National Intelligence (ODNI) and the National Air and Space Intelligence Center (NASIC) (Berger, 2011).
The author believes that each one of the Intelligence type plays an important one way or another when it comes to intelligence collection and each plays importance role in counterterrorism. Any sort of information collection could enhance our ability to thwart a terrorist attack through severe disciplinary intelligence work.
In conclusion, social engineering attacks and counterintelligence had major impacts to our national security. In July 2010, the Afghan War Diary was released in WikiLeaks. In October 2010, WikiLeaks also released the largest military leak in history – the Iraq War Logs revealing the war occupation in Iraq which cause drastic changes in the security of our information.

References
Berger, D. Types of Intelligence. Retrieved on 2 SEPT 2011 from http://www.intelligence-analyst.com/types-of-intelligence
Eguren, L. E., “Beyond Security Planning: Towards a Model of Security Management”, Journal of Humanitarian Assistance, July 2000, www.jha.ac/articles/a060.pdf, accessed: 15 Aug. 08.
Goldman, Russell & Martinez, Luis, “WikiLeaks: At Least 109,000 Killed During Iraq War”, located at http://abcnews.go.com/Politics/wikileaks-109000-deaths-iraq-war/story?id=11949670#.TyicXlXrOQo.
Pessin, Al, “WikiLeaks Releases 400,000 Classified US Military Files”, located at http://www.voanews.com/content/wikileaks-releases-400000-classified-us-military-files-105568738/128719.html

Similar Documents

Free Essay

Social Engineering Attacks and Counterintelligence

...Table of Contents Ethical and Social Issues In Information System 1 Chapter one 3 Introduction to the Study 3 Context of the Problem 4 Statement of the Problem 5 Research Questions 6 Introduction 6 Research Question 6 Research Question 7 Research Question 7 Significance of the Study 8 Research Design and Methodology 9 Organization of the study 9 Literature Review 10 Introduction 10 References 14 Chapter one Introduction to the Study Ethical and social issues in information system is a combination of the benefits and disadvantages of using computer and computer related devices, social networks versus our ethics, morals and beliefs. The importance and reliability of computer in our day to day running of human life cannot be over emphasized. Social networking platforms may allow organizations to improve communication and productivity by disseminating information among different groups of employees in a more efficient manner, resulting in increased productivity. While it is not meant to be all-inclusive, there are a lot of problems faced by its usage in younger generations, businesses use, and the even medical field. The social media comes with risks as it opens up the possibility for hackers to commit fraud, launch spam and virus attacks, and also increases the risk of...

Words: 3249 - Pages: 13

Premium Essay

Social Engineering

...Social Engineering Attacks and Counter intelligence Brian Nance CIS 502 Theories of Security Management Strayer University Prof. (Dr.) Gideon Nwatu May, 5, 2013 Describe what social engineering and counterintelligence are and their potential implications to our national security in regard to the leaked Afghan War Diary and the Iraq War Logs “Social engineering is a term that describes a non-technical kind of intrusion that relies heavily on human interaction and often involves tricking other people to break normal security procedures”. (Rouse, 2006) Social engineering is a con game in where a person breaks into a computer network in the efforts to gain the confidence of an authorized user and to get them to reveal information that will compromise their network security. Social engineering relies on the weakest link, which are human beings. Most social engineering attacks happen when attackers send urgent emails or correspondence to an unsuspecting authorized user of an urgent problem that requires immediate network access. According to (Rouse, 2006) these types of social engineering tactics appeal to vanity, a since of authority, or greed. Attackers rely on the fact that people are not aware of the value of the information they possess and are careless about protecting it. Security experts believe people are more dependent on information than ever and social engineering will remain the greatest threat to any security system...

Words: 2232 - Pages: 9

Premium Essay

Nt1330 Unit 3 Assignment 2

...allow for multiple services that support individuals who need medical assistance. This includes hospitals, clinics, and research and administrative facilities which supply resources for primary care, research, surgical procedures, and specialized treatments. The Medical Association of Sim operates nationally in order to provide assistance to individuals from all facets of life. With this, it is imperative to consider data encryption, network security, access controls, policies, audits, and risk management for the protection and longevity of the organization. Encryption and network security are two major areas of interest when sending, receiving, and storing personal information on our organization’s devices. Some of these materials include Social Security Numbers, Date-of-Birth (DOB), Government name, address, various pieces of contact information, family history, financial information, and personal health information, and...

Words: 3281 - Pages: 14

Premium Essay

Future Business Use of Social Networks

...Future Business Use of Social Networking Julian Marcelo (13167299) Ardeshir Mehta (13074409) Fahad Damanhouri (13167299)   Table of Contents Future Business Use of Social Networking 3 Executive Report 3 Technology Description 3 Industry Evaluation 6 Major Players in This Industry 6 Major Opportunities and Threats Present in This Industry 6 Status of Technology 7 Business Context…………………………………………………………………........................8 Implementation Issues …………………………………..………………………………………10 References 12 Future Business Use of Social Networking Executive Report Ever since they were introduced, social networking sites (SNSs) for instance Facebook, MySpace, LinkedIn, Cyworld, as well as Bebo have drawn an immense number of users, most of whom have integrated the SNSs into their everyday practices. Among SNS users, above 70% connect with the applications on the SNS platform. The requisite software in enterprise social-networking is comparatively new technology. Therefore, business social networking has a propensity to pursue customer social networking in regard to technology developments. Consequently, for instance, even though mobile social networking is prevalent in businesses, social networking that is location-based is yet to be developed (Coronel, 2011). Technology Description Social networking has developed into an avenue of meeting, as well as, building contacts over the Internet. It has become...

Words: 2748 - Pages: 11

Premium Essay

Cis 502 Week 3 Case Study

...mechanisms and remain undetected in their intrusion efforts or presence on networks over long periods of time. Network defense techniques which leverage knowledge about these adversaries can enable defenders to establish a state of information superiority which decreases the adversary’s likelihood of success with each subsequent intrusion attempt. Threat intelligence can be a force multiplier as organizations look to update their security programs and defenses to deal with increasingly sophisticated advanced persistent threats. Security managers need accurate, timely and detailed information to continuously monitor new and evolving attacks, and methods to exploit this information in furtherance of an improved defensive posture. Make no mistake about it: concurrent computer network defense contains a strong element of intelligence and counterintelligence that analysts and managers alike must understand and leverage. The tokens are the market leader...

Words: 1313 - Pages: 6

Free Essay

Shock Doctrine

...dominating the world through the exploitation of disaster-shocked people and countries. America has become a corporatist state using the element of shock treatment among citizens. The term “disaster capitalism” first pointed out in the book by economist Milton Friedman claims that “whenever government have imposed sweeping free-market programs, the all-at-once shock treatment or shock therapy has been the method of choice” (8). Friedman observed only a crisis actual or perceived produces real change and the new fundamental change was a permanent reform. The reason is simple capitalism has always needed disasters to advance and the prefer method to achieve goals from corporations utilizing a collective trauma engage in radical social and economic engineering. The shock therapy has helped America to become a corporative state where free market makes everything, it is the ultimate goal but hand with hand privatizing is what leads to corporations to a better success without of these disasters capitalism is not possible. Neoliberalism or globalization commonly named free trade is the way for the richer to get rich to expand their boundaries with other countries and get the biggest profit they could obtain. The corporations which main characteristic is huge transfer of public wealth to private hands or small group of people has the control. Every time a disaster happen these people...

Words: 1436 - Pages: 6

Premium Essay

Aceptable Use Policy

...ACCEPTABLE USE POLICY (AUP), v 1.4, 6 January 2012 Reference: AR 25-2 (Information Assurance). A well-protected DoD/Army network enables organizations to easily handle the increasing dependence on the Internet. For a DoD/Army organization to be successful, it needs to integrate information that is secure from all aspects of the organization. The purpose of this policy is to outline the acceptable use of computer equipment within a DoD/Army organization. These rules are in place to protect the employee and the organization. Inappropriate use exposes DoD/Army units to risks including attacks, compromise of network systems and services, and legal issues. This policy applies to all employees, contractors, consultants, temporary employees, and other workers assigned to the DoD/Army organizations. 1. Understanding. I understand that I have the primary responsibility to safeguard the information contained in the Secret Internet Protocol Router Network (SIPRNET) and/or Non-secure Internet Protocol Router Network (NIPRNET) from unauthorized or inadvertent use, modification, disclosure, destruction, and denial of service. 2. Access. Access to this network is for official use and authorized purposes and as set forth in DOD Directives 5500.7-R, Joint Ethics Regulation (JER), AR 25-2 (Information Assurance) and Army network policy and accreditation. 3. Revocability. Access to Army Information Systems resources is a revocable privilege and is subject to content monitoring and security testing...

Words: 3671 - Pages: 15

Premium Essay

Cyber Warfare

...Computers have modernized terrorism in the same way cyber terrorism revolutionized information warfare. There is no distinct definition of Cyber terrorism; however, its threat is as real as waging war but with weapons of automation. Terrorists have begun to exploit the availability of information with the malicious intent to sabotage; conversely, there are those who are not quite sure if information warfare - cyber terrorism is an actual threat. This research paper will briefly explore the history of cyber terrorism, the friend the internet has been to terrorist and how we can make the internet safer through vigilant tactics of prevention and deterrence. It will also expose the truth about cyber terrorism for the skeptic, reasons not to discount the threat, and why it is paramount their mind is changed. Information Warfare-Cyber Terrorism Did you know there were 18 cybercrime victims every second, 1058 every minute, approximately 64,000 per hour, and 1.5 million per day, that affected over 556 million people within the last year (Norton , 2012)? The internet has made it possible for terrorists to gather our public information and use it against us. As the internet matures so does the terrorist, finding ways to cripple and intimidate. The internet and terrorists have become a real hazard to the health of the cyber world. The government has implemented several organizations to help combat cyber terrorism but have not given it a clear concise definition. Skeptics...

Words: 3494 - Pages: 14

Free Essay

Foreign Economic Collection 2011

...COUNTERINTELLIGENCE O F F I C E O F T H E N A T I O N A L C O U N T E R I N T E L L I G E N C E E X E C U T I V E October 2011 Ta b l e o f C o n t e n t s Executive Summary ................................................................................................................................ i Scope Note ........................................................................................................................................... iii US Technologies and Trade Secrets at Risk in Cyberspace.....................................................................1 The Appeal of Collecting in Cyberspace................................................................................. .....1 Security and attribution ....................................................................................................... 1 Faster and cheaper .............................................................................................................. 2 Extra-territoriality ................................................................................................................ 2 Large but Uncertain Costs........................................................................................................... 3 Pervasive Threat from Intelligence Adversaries and Partners ...............................................................4 China: Persistent Collector..............................................................................................

Words: 11021 - Pages: 45

Free Essay

Cybersecurity

...Cybersecurity and U.S.-China Relations 网络安全与美中关系 Kenneth Lieberthal and Peter W. Singer 李侃如,彼得. W. 辛格 Cybersecurity and U.S.-China Relations 网络安全与美中关系 Kenneth Lieberthal and Peter W. Singer 李侃如,彼得. W. 辛格 February 2012 Authors’ Note F or the last year, the John L. Thornton China Center and the 21st Century Defense Initiative at Brookings have convened a working group on cybersecurity and U.S.-China relations, which the two authors organized and co-chaired. The research was motivated by our sense that: 1) the many policy issues involved in cybersecurity, especially in its impact on foreign relations, were already significant and would grow rapidly in importance in the coming years; 2) that such issues, if not well managed, could provide a major source of international friction, especially in U.S.-China relations; and 3) the newness of the field added a particularly complicating factor, making cybersecurity one of the most important but least understood emerging flashpoints in global security. A key aspect of the effort was to convene several dozen knowledgeable Americans from both the private and public sector, including the civilian government, military, corporate, think tank, and university communities. With such dynamic and fast-changing events playing out, the Brookings project not only sought to study the key issues in cybersecurity and how they impact U.S.-China relations, but also to break down some of the organizational and bureaucratic stovepipes that have limited...

Words: 17963 - Pages: 72

Free Essay

The Elements of a Risk Management Plan

...Chapter 7: Statutory Authority Chapter Outline 1. Introduction of topics and concepts to be discussed in the chapter. a. Legal basis of modern emergency management in the United States. b. Budget authority. c. Program eligibility. d. Roles and responsibilities. 2. Case Studies a. The National Earthquake Hazard Reduction Program (NEHRP): Legislation to Address a Particular Hazard b. The Homeland Security Act of 2002: A New Emergency Management c. The Disaster Mitigation Act of 2000: A Shift to Pre-Disaster Mitigation 3. Additional Sources of Information 4. Glossary of Terms 5. Acronyms 6. Discussion Questions a. General b. NEHRP c. Homeland Security Act of 2002 d. DMA 2000 7. Suggested Out of Class Exercises Introduction No emergency management system anywhere in the world can properly function without statutory authority and consistent budget appropriations. Statutory authority defines disasters programs, determines who is eligible for these programs, provides the legal support needed to implement disaster programs and establishes the legal foundation for funding the programs and activities of the disaster agency. Without such authority, a government agency is powerless. Legal Basis of Modern Emergency Management in the United States The first recorded emergency management legislation in the United States occurred in 1803 when a Congressional Act was passed to provide financial...

Words: 25108 - Pages: 101

Premium Essay

Scanning Applications

...2012 was a year that reminded us once again of the seriousness of the security threats facing our nation. During the year, extremists plotted to attack—unsuccessfully, thanks to the work of our Joint Terrorism Task Forces—the U.S. Capitol, the New York Federal Reserve Bank, and other landmarks on U.S. soil. Tragically, on the 11th anniversary of 9/11, a hateful attack in Benghazi took the lives of the U.S. Ambassador to Libya and three other Americans. In the cyber realm, a rising tide of hackers took electronic aim at global cyber infrastructure, causing untold damages. High-dollar white-collar crimes of all kinds also continued to siphon significant sums from the pocketbooks of consumers. And in Newtown, Connecticut, 20 young children and six adults lost their lives in one of the worst mass shootings in American history, ending a year of violence that saw similar tragedies around the country. Working with its colleagues around the globe, the FBI is committed to taking a leadership role in protecting the nation. As you can see from this book—an annual compilation of stories from the FBI’s public website that provides a snapshot of Bureau milestones, activities, and accomplishments—we used the full range of our intelligence, investigative, and operational skills to address major threats during the year. We helped avert terrorist attacks and derail terrorist supporters, put cyber criminals and fraudsters behind bars, and...

Words: 67387 - Pages: 270

Premium Essay

Get Online Help with Ur Assignment Ashford a+Material

...http://homeworktimes.com/downloads/acc-202-complete-course-acc-202-entire-course/ http://homeworktimes.com/downloads/acc-206-entire-course-new/ http://homeworktimes.com/downloads/acc-206-new-week-1-assignment-chapter-one-problems/ http://homeworktimes.com/downloads/acc-206-new-week-2-assignment-chapter-two-three-problems/ http://homeworktimes.com/downloads/acc-206-new-week-2-journal-institute-management-accounting/ http://homeworktimes.com/downloads/acc-206-new-week-3-assignment-chapter-four-five-problems/ http://homeworktimes.com/downloads/acc-206-new-week-3-journal-hershey-company/ http://homeworktimes.com/downloads/acc-206-new-week-4-assignment-chapter-six-seven-problems/ http://homeworktimes.com/downloads/acc-206-new-week-5-assignment-chapter-eight-problems/ http://homeworktimes.com/downloads/acc-206-new-week-5-assignment-final-paper/ http://homeworktimes.com/downloads/acc-212-financial-accounting/ http://homeworktimes.com/downloads/acc-250-complete-course-acc-205-entire-course/ http://homeworktimes.com/downloads/acc-290-complete-course-acc-290-entire-course/ http://homeworktimes.com/downloads/acc-291-complete-course-acc-290-entire-course/ http://homeworktimes.com/downloads/acc-340-entire-course-acc-340-complete-course/ http://homeworktimes.com/downloads/acc-400-complete-course-acc-400-entire-course/ http://homeworktimes.com/downloads/acc-407-entire-course/ http://homeworktimes.com/downloads/acc-455-complete-course/ http://homeworktimes.com/downl...

Words: 3197 - Pages: 13

Premium Essay

Dodi 8500.01

...Department of Defense INSTRUCTION NUMBER 8500.01 March 14, 2014 DoD CIO SUBJECT: Cybersecurity References: See Enclosure 1 1. PURPOSE. This instruction: a. Reissues and renames DoD Directive (DoDD) 8500.01E (Reference (a)) as a DoD Instruction (DoDI) pursuant to the authority in DoDD 5144.02 (Reference (b)) to establish a DoD cybersecurity program to protect and defend DoD information and information technology (IT). b. Incorporates and cancels DoDI 8500.02 (Reference (c)), DoDD C-5200.19 (Reference (d)), DoDI 8552.01 (Reference (e)), Assistant Secretary of Defense for Networks and Information Integration (ASD(NII))/DoD Chief Information Officer (DoD CIO) Memorandums (References (f) through (k)), and Directive-type Memorandum (DTM) 08-060 (Reference (l)). c. Establishes the positions of DoD principal authorizing official (PAO) (formerly known as principal accrediting authority) and the DoD Senior Information Security Officer (SISO) (formerly known as the Senior Information Assurance Officer) and continues the DoD Information Security Risk Management Committee (DoD ISRMC) (formerly known as the Defense Information Systems Network (DISN)/Global Information Grid (GIG) Flag Panel). d. Adopts the term “cybersecurity” as it is defined in National Security Presidential Directive-54/Homeland Security Presidential Directive-23 (Reference (m)) to be used throughout DoD instead of the term “information assurance (IA).” 2. APPLICABILITY a. This instruction applies to: (1) OSD, the...

Words: 19443 - Pages: 78

Free Essay

2009-Report to Congress of the Us-China E and S Review Commission

...2009 REPORT TO CONGRESS of the U.S.-CHINA ECONOMIC AND SECURITY REVIEW COMMISSION ONE HUNDRED ELEVENTH CONGRESS FIRST SESSION NOVEMBER 2009 Printed for the use of the U.S.-China Economic and Security Review Commission Available via the World Wide Web: http://www.uscc.gov dkrause on GSDDPC29 with K1 VerDate Nov 24 2008 08:23 Nov 10, 2009 Jkt 052771 PO 00000 Frm 00003 Fmt 6012 Sfmt 6602 M:\USCC\2009\52771.XXX APPS06 PsN: 52771 M:\USCC\USChina.eps Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting burden for the collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden, to Washington Headquarters Services, Directorate for Information Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington VA 22202-4302. Respondents should be aware that notwithstanding any other provision of law, no person shall be subject to a penalty for failing to comply with a collection of information if it does not display a currently valid OMB control number. 1. REPORT DATE 3. DATES COVERED 2. REPORT TYPE 01 NOV 2009 4. TITLE AND SUBTITLE 00-00-2009 to 00-00-2009 ...

Words: 185166 - Pages: 741