[ISN] Security awareness speakers put face on terrorism
InfoSec News
isn at c4i.org
Mon Nov 28 03:37:34 EST 2005
Forwarded from: William Knowles <wk at c4i.org>
http://www.al.com/redstone/index.ssf?/base/news/1132827506165260.xml&coll=1
By KARI HAWKINS
Staff writer
The Redstone Rocket
November 24, 2005
As a government employee, you've heard it all before * lock your
computer screen, protect your computer password, shred unwanted
government documents, be careful about what is discussed in
unclassified phone calls and e-mails, and practice vigilance in all
matters related to workplace security.
But when you put a personal face on security issues, a whole new
dimension is added.
Two speakers who presented to thousands of government employees in Bob
Jones Auditorium during Redstone Arsenal's Security Awareness Week
added the "personal factor" to the security precautions employees are
routinely reminded of in the workplace.
For Brian Miller, the community programs branch chief at the Defense
Security Service Academy, Security Education and Awareness
Directorate, Defense Security Service, that "personal factor" came
through to his audiences in the faces of two Soldiers * his
sons-in-law * and their families, who were shown on the auditorium's
video screen. It also came through in a picture of the rows and rows
of tombstones marking the gravesites of heroes buried at Arlington
National Cemetery and in a picture of Walter Reed Hospital where
veterans are cared for after being injured in the line of duty.
"Whatever you do all comes back to the Soldiers, Sailors, Airmen and
Marines that we have deployed abroad," Miller said. "They are
defending our way of life and we need to do whatever we can to protect
them. When you do anything to jeopardize security it bothers me."
For Don Sadowy, that "personal factor" was evident in his experiences
as a member of the New York Police Department Bomb Squad, as a World
Trade Center survivor and as a foremost expert on Islamic
Fundamentalist Terrorism. Sadowy currently works as a special deputy
for the U.S. Marshal's Office in the Southern District of New York.
"9-11 was our Pearl Harbor to this generation," Sadowy said. "We must
all be vigilant. Don't keep security concerns to yourself. Look around
and evaluate, and be aware."
Miller spoke to audiences on matters pertaining to Security Awareness
in the Workplace while Sadowy addressed Counterterroism, both related
to the theme "Awareness Today for a Secure Tomorrow * Are You Doing
Your Part?" They spoke to employees of Integrated Materiel Management
Center, Acquisition Center and primary organizational elements;
Research Development and Engineering Center; Space and Missile Defense
Command; Program Executive Office for Aviation, PEO for Missiles and
Space, and Missile Defense Agency.
Both men shared the same message * U.S. adversaries are getting
smarter and more desperate in their attempts to undermine freedom
around the world, and they will use any means * from looking through
the garbage of government employees to reading thousands of
unclassified government e-mails * to gain bits of information that can
help them plan their next destructive act.
Miller, an Army retiree who has worked for the Defense Intelligence
Agency, told his audiences that he wasn't concerned about their
politics or whether they agree with the war in Iraq. What he is
concerned about is their allegiance to their country.
"You come to work because you've got to have food on your table and a
roof over your head," he said. "But you've also got to come to work
because you believe in your country and what you do. It all comes back
to the war fighter."
Basic computer security skills, such as locking computer screens when
not in use, are important because espionage is everywhere.
"Is the reality that everyone who works for the federal government is
a trusted employee?" Miller asked.
"Think of all those who have committed espionage over the last 30
years. They didn't cut a hole in the fence and come in. They were you
and me. They were insiders that had access to government systems."
Viruses that can destroy computer systems are often brought into the
workplace by unaware employees who carry them on a personal disk,
Miller said.
"If you want to bring something from home into the workplace, see your
security manager," he warned. "A personal disk can do damage to a
computer system and it can do it very, very quickly."
Miller also warned employees to not use personal information, such as
birthdates and anniversaries, as passwords. Once a password is chosen,
it should be properly secured as should all sensitive information.
"Dumpster diving is alive and well," Miller said. "You'd be surprised
the amount of information you can get from someone's trash.
Unclassified information can be most damaging in the hands of
adversaries who can put pieces of information together like a child
puts together a puzzle."
He urged employees to shred information, to use burn bags when
available, to properly protect classified information, to secure
materials properly, to report unaccounted for or lost items, and to
use proper communication devices.
"Our adversaries listen to what you talk about. They listen to
unclassified calls," Miller said.
"They get most of their information from employees who work in
unclassified areas. You are their primary targets because you are more
accessible * Some of you working in unclassified environments have
more information than you understand."
Federal employees who have financial problems, who use illicit drugs,
who abuse alcohol, who are facing personal issues (marriage, divorce,
adoption, etc.) or who travel abroad are all vulnerable to being
recruited to participate in espionage. Federal employees working at
Redstone Arsenal are, indeed, recruiting targets for the enemy.
"Bad people can get on the Arsenal and do bad things. Huntsville is a
very, very significant site for foreign intelligence sources," Miller
said.
"What you do every day in support of the security office is absolutely
necessary. Every employee should provide security assistance * When
you see things unusual you have an obligation to report them."
In everything federal employees do, they should be vigilant in their
security awareness, said Sadowy, who, as one of the few Americans who
have graduated from the Israeli Bomb Disposal School in Jerusalem,
stressed that the prevention of terrorism acts, especially suicide
bombings, require the awareness of all citizens.
"I want to give you insight into what we're dealing with and what we
may have to deal with here in the states," Sadowy said, mentioning the
recent suicide bombings of hotels in Jordan.
"I'm not here to make anyone a bomb technician. I want to give you a
view of the big picture of what is coming at us. This has been an
evolving field since 1984-85. We develop countermeasures to deal with
problems that are current, that are today. By next week, the bad guys
are shifting gears, changing directions. Countermeasures don't
underestimate the enemy, but they have to be able to change."
Terrorists often choose explosives to wreak havoc and death rather
than chemical, radiological and biological weapons because of easy
availability and because "they want to kill as many people as they
can, not just one here and one there. They want to kill large groups
of us," Sadowy said.
Explosives also bring the combat time to zero, with a terrorist
showing up in a crowded area and then exploding a deadly bomb with no
warning, making it difficult for friendly forces to deal with the
threat. With no combat time and with terrorists finding ways to
conceal explosives and blend into crowds, terrorists are usually an
unanticipated threat no matter where they strike.
"They are going to wear their hair like us, their clothes like us,"
Sadowy said. "They want to blend in, they want to fit. They want to
keep a low profile."
A recent U.S. trial of an Arabic terrorist emphasized for Sadowy the
difficulty of recognizing the threat. The terrorist had lived in the
U.S. for 20 years, becoming a U.S. citizen and working as a government
employee for 16 years. He had an American wife and three children.
Despite all that, the terrorist told authorities "when called upon by
my Muslim brothers, I will step forward and leave everything else
behind," Sadowy said.
"A man like this may not carry out an attack, but they will do
everything they can to support the one who will carry a bomb, hijack
an airplane and kill us."
Terrorists use whatever means to execute their plan. They may carry an
innocent-looking TV crate or a PC computer box into a public area,
under which bombs are concealed. They may hide explosives under two
inches of bird droppings in a dirty birdcage.
"The profile of a suicide bomber is not clearly defined," Sadowy said.
"But there are some suspicious signs. They may have on irregular dress
for the time of year or there may be protrusions under their clothes.
There are things to look for in their human nature."
Things like always checking or patting their body, irregular or heavy
luggage or baggage, hands hidden in pockets or luggage, irregular
glances, hidden communications with others, a pale face from a recent
shave, not cooperating or reacting to calls from law enforcement,
movement without purpose or walking in a determined manner to a
target, speaking with an Arab accent and just a "gut feeling that
something is unusual" are all telltale signs of a possible terrorist,
he said.
"If you see something and you have a gut feeling, tell somebody,"
Sadowy urged.
"This country is at war and it's a different kind of war that we need
to be prepared to fight. I think we are still a big target, whether in
New York or at a military base that supports our troops. We have to be
vigilant and take security seriously."
© 2005 The Redstone Rocket.
*==============================================================*
"Communications without intelligence is noise; Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*
More information about the ISN
mailing list