Protecting Sensitive Unclassified Information
The term sensitive unclassified information as used here is an informal designation applicable to all those types and forms of information that, by law or regulation, require some form of protection but are outside the formal system for classifying national security information.1 As a general rule, all such information may be exempt from release to the public under the Freedom of Information Act. This module reviews the most common types of sensitive unclassified information.2 Again, this is a designation being used far to frequently just because certain people want the general public kept in the dark...Transparancy is a good thing.
Department of Defense also uses the term Controlled Unclassified Information (CUI) to refer to certain types of sensitive information within DoD that require controls and protective measures. CUI includes For Official Use Only and information with comparable designations that is received from other agencies, DoD Unclassified Controlled Nuclear Information, "Sensitive Information" as defined in the Computer Security Act of 1987, and DoD technical data.3
Some information that is not formally designated as sensitive is nonetheless inappropriate for putting on a public Internet site. This is discussed in Pre-Publication Review of Public Web Site Content.
Most categories of sensitive unclassified information are defined by federal law, while others such as For Official Use Only are defined by organization policy and some government organizations use different names for this category of information. Most legislative authorities are very specific in identifying the protected category of information, while others are general and leave much discretion to the agency or company.
Procedures for safeguarding sensitive unclassified information depend upon the category of information and, in some cases, vary from one agency or company to another.
Personal Conduct and
Standards of Personal Conduct
What is expected of me? Examples of behavior of potential security concern. Guidelines for adjudicating security clearances.
Self-Reporting on Your Personal Activities
Reporting foreign contacts, foreign travel, intent to marry or cohabitate, financial and substance abuse issues, certain outside activities, etc. Pre-publication review. Reporting foreign intelligence activities.
Reporting Improper, Unreliable, or Suspicious Behavior
Reporting responsibilities. Counterintelligence indicators. Security and suitability issues. Preventing violence. No good excuses for not reporting. Examples of how people like you made a difference. Hot line phone numbers.
U.S. Government Ethics Standards
Gifts. Frequent Flyer Benefits. Impartiality. Misuse of Position. Financial Interests. Outside Activities. Post-Employment Limitations.
To Protected Information
Who's Doing What to Whom?
Economic collection and industrial espionage. Illegal technology transfer. Computer crime. National Security Threat List. Militarily Critical Technologies List. Economic Espionage Act of 1996.
How Do I Know When I'm Being Targeted and Assessed?
Recognizing the spotting - assessment - recruitment process used by all intelligence services. Who is most likely to be targeted.
Getting Information Out of Honest People Like Me
Elicitation. Unsolicited requests. False pretenses. Short-term foreign visitors. Long-term foreign visitors. Joint ventures/foreign acquisitions. Open source collection. Theft and dumpster diving.
Risks During Foreign Travel
Country threat updates. Security and safety recommendations. Avoiding/recognizing intelligence interest. Contact with foreign relatives. Vulnerability to theft, bugging, communications intercept. Reporting security incidents. What to do if arrested.
Antiterrorism and Force Protection
Living and traveling outside the U.S. Defensive driving overseas. Package and letter bombs. Kidnapping and hostage survival guidelines. Hijacking survival guidelines. DOD Code of Conduct.
Computer and Other
Threats to computer security, how hackers work, and how we unintentionally make it easy for them. Passwords, "social engineering," case studies, using the Internet securely, e-mail, viruses, security of hard drives, theft of laptop computers.
Intercepting Your Communications
Telephones, fax machines, cell phones, cordless phones, answering machines, voice mail, intercoms and baby monitors, countermeasures.
Bugs and Other Eavesdropping Devices
Eavesdropping threat. Methods of eavesdropping. Detecting and Preventing Eavesdropping.
No Good Excuses for Not Reporting
People Who Made a Difference
|Security and Suitability Issues|
If you are entrusted with safeguarding classified material, you are expected to report potentially significant, factual information that comes to your attention and that raises potential security concerns about a co-worker. You are also strongly encouraged to help co-workers who are having personal problems that may become a security issue if the problems are not addressed.
Presidential Executive Order 12968 on "Access to Classified Information" states: "Employees are encouraged and expected to report any information that raises doubts as to whether another employee's continued eligibility for access to classified information is clearly consistent with the national security." It states further that the head of each agency that grants access to classified information shall establish a program to educate employees with access to classified information about their individual responsibilities under this order.1 This security guide meets that requirement.
The information presented under Counterintelligence Indicators, Security and Suitability Issues, Preventing Violence, and Suicide Crisis Intervention is background information to help you judge whether a co-worker’s behavior raises concerns that merit reporting to an appropriate authority.
1. Director of Central Intelligence Directive 6/4 also imposes an "obligation to report to proper authorities any information which could reflect on the trustworthiness of an individual who has access to SCI."
|Treason 101 |
Insider Threat to Information Systems
Exploring the Mind of the Spy
|How Spies Are Caught|
Your short course in Treason is a series of articles on how spies are caught, the prevalence of espionage, and why people spy.
It starts with a short piece on How Spies Are Caught. That comes first, as it is so important for anyone who may be considering espionage to understand that they WILL be caught. Perhaps not right away, but eventually. The statute of limitations does not apply to the crime of espionage. Anyone who commits this crime will have to be looking over their shoulder for the rest of their life.
The Insider Espionage Threat identifies four conditions that must exist before espionage occurs – opportunity to commit the crime; motive; ability to overcome inhibitions such as moral values, fear of being caught, and loyalty to employer or co-workers; and a trigger that sets the betrayal in motion. The article then analyzes how these pre-conditions for betrayal are increasing as a result of changes in social and economic conditions in the United States, and in our relations with the rest of the world.
Explosive growth in information technology is increasing exponentially the amount of information that can be collected and compromised by a single, well-placed spy. Insider Threat to Information Systems examines some of the unique security issues associated with computer professionals.
Exploring the Mind of the Spy discusses what psychologists have learned by interviewing and testing arrested and convicted American spies. Motivations for espionage are far more complex than commonly believed. Selling secrets is usually the last act of a long-simmering emotional crisis. In many cases, the symptoms of this crisis have been observable, identifiable, and even treatable before the damage was done. Typically, however, the potential significance of the "at-risk" behavior has not been recognized or reported at the time by coworkers or supervisors.
Espionage by the Numbers describes an unclassified database on all Americans arrested for espionage since the start of the Cold War. Based on media reports, trial records and unclassified official documents, the data base records information characteristics of the spies, characteristics of the espionage activity, and prevalence among the spies of several behaviors that are commonly associated with security risk.
Counterintelligence indicators are signs that an individual may already be involved in espionage or other improper use of classified information. The record of past espionage cases shows that co-workers and supervisors often overlooked or failed to report counterintelligence indicators which, had they been reported, would have permitted earlier detection of the spy.
Some of the following indicators are clear evidence of improper behavior. Others may well have an innocent explanation but are sufficiently noteworthy that your security office should be informed. If you become aware that any of the following indicators apply to one of your co-workers, you are expected to report this information directly to your security office or a counterintelligence office, or by calling any one of the Hotline Numbers that various organizations have set up for this purpose.
The security office will evaluate the information in the context of all other information known about the individual. Depending upon the circumstances, action may range from simply making a note in the individual's security file to conducting a discrete investigation.
If your reporting helps stop a case of espionage, you may be eligible for a reward of up to $500,000. The reward is authorized by an amendment to Title 18, U.S.C., Section 3071, which authorizes the Attorney General to make payment for information on espionage activity in any country which leads to the arrest and conviction of any person(s):
Indicators of Potential Motivation
Potential Indicators of Information Collection
Potential Indicators of Information Transmittal
Potential Indicators of Illegal Income
Other Potential Indicators