1998 Security Refresher Briefing Cover

Presented by the
University Research Security Office
Laboratory Management
University of California
1111 Franklin Street, Oakland, California 94607-5206

 

ABOUT YOUR SECURITY BRIEFING

Your security clearance involves many responsibilities. This includes the requirement to be aware of basic guidelines about classification of information and about security.

This refresher briefing gives you the basics you must know about these subjects and is being provided to you as a reference. By reading the information in the briefing, understanding it, and returning an electronic acknowledgment (see end of this briefing for instructions), you will meet both Department of Energy (DOE) and Department of Defense (DOD) requirements that you receive periodic security refresher briefings.

 

Willie C. Archie signature
Willie Archie
University Research Security Officer
Laboratory Management Office		 Robert Van Ness
Assistant Vice President
Laboratory Management Office

 

WHAT IS THE ANNUAL SECURITY REFRESHER BRIEFING?

 

CONTENTS

 

INTRODUCTION

 

PROHIBITED ITEMS

The following articles are not permitted on Laboratory property without proper authorization:

In addition to the above, within CLASSIFIED AREAS, electronic transmitting or recording equipment, and all personally-owned electronic items, not previously approved by the LLNL and LANL Safeguards & Security Departments, are prohibited.

POTENTIAL TECHNICAL SURVEILLANCE EQUIPMENT

We can be damaged by new technology that is being introduced into our work areas. We learned how to deal with telephones and computers in a secure manner and must do the same with quickly evolving new communications equipment.

For example, video teleconferencing systems contain both a microphone and a camera Think about it –a camera and a microphone sitting in your office! Video teleconferencing systems are designed to help businesses save time merely by offering the advantages of a face-to-face meeting without the travel. DOE has adopted this business practices. Video teleconferencing systems have already been introduced into both secure and unclassified areas in an effort to save time and money. The problem is that these systems were not designed with security in mind, and specific security procedures must be followed. Other time saving and work-enhancing electronic devices can intentionally or unintentionally be used as technical surveillance equipment if the devices are not properly used or controlled. Examples include:

In this year’s briefing we will explore in depth the potential security problems with cellular and cordless phones.

SECURITY RISKS POSED BY CELLULAR AND CORDLESS PHONES
(Summarized from LANL’s 1999 Security Refresher Briefing)

Cellular and cordless phones pose a serious security risk to safeguarding information.. Very simple and low level technology is available at most electronic stores to intercept and capture conversations.

Cordless phones operate like mini-radio stations. They send radio signals from the base unit to the handset and from the handset back to the base. Signals from cordless phones can be picked up by a number of other devices including radio scanners, baby monitors, radios, and other cordless phones. The signal carrying a conversation can usually be transmitted and overheard up to one-fourth mile away, and is sometimes possible for conversations to travel up to two miles.

Cellular phones send radio signals to low-power transmitters located within "cells" of 5 to 12 miles in radius. As your automobile travels from cell to cell, the signal carrying your voice is transferred to the nearest transmitter. Cellular phone calls usually are not picked up by electronic devices such as radios and baby monitors. But they can be received by radio scanners.

One final note regarding the security vulnerabilities of cellular and cordless phones. It is reported that newer models of these phones can be turned on remotely and can be used to intercept and monitor all conversations occurring within a room.

Never allow cellular or cordless phones in any room where classified and sensitive unclassified is being discussed. There is no privacy using cellular and/or cordless phones.

Many computerized telephone systems have vulnerabilities known and unknown to the users. For further information, contact your Safeguards and Security point of contact for a copy of DOE Advisory Notice No. 21, ‘Computerized Telephone Systems (U).’

Summary of DOE Policy on Cellular and Cordless Phones
(Summarized from Headquarters Memorandum dated Oct. 29, 1998)

Based on the potential for exploitation of hidden vulnerabilities associated with cellular telephone technology, the DOE (AL) policy on the issuance and use of cellular telephones is as follows:

  1. Privately-owned cellular telephones are prohibited. Permanently installed vehicle telephones may enter a security area, but they may not be turned on. Privately-owned cellular telephones found during random searches of personal property will be confiscated. Appropriate disciplinary action will be taken by the site’s management and/or DOE, for violations of this policy.
  2. Government-owned cellular telephones are prohibited within a DOE limited access area; specifically, Limited Area, Exclusion Area, Protected Area, or Material Access Area, without prior authorization. Authority to allow the introduction of a government-owned cellular telephone into a limited access area rests with the AL Director, Safeguards and Security Division, and will be issued on a case-by-case basis.

RULES OF OPERATION FOR DOE AUTHORIZED CELLULAR TELPHONES

  1. While inside facilities (office spaces, warehouses, etc. ) the cellular telephone must be turned off, with the batteries removed. The "stand by" mode is not allowed.
  2. Cellular telephones are not allowed in secure conference rooms.
  3. The user must comply with any request to leave the cellular telephone at the perimeter of any security areas.
  4. If the cellular telephone is loaned to another individual for temporary use, it is the primary user’s responsibility to inform that individual of the security rules governing the operations of the unit.
  5. Cellular telephones will not be operated within fifty fee of any equipment processing classified information.
  6. Cellular telephones may not be taken into an explosive area without the consent of the responsible facility manger or authorized representative.
  7. All government-owned cellular telephones must be properly numbered and accounted for.
  8. Other Government agencies or contractors wishing to introduce a cellular telephone into a security area must process a request through the DOE approved site specific procedures.
  9. Cellular telephones are not to be used if more economical means are available, such as hard wired (traditional) telephones, pay telephones or two-way radios. If the user receives a call on his/her cellular telephone and more economical means are available, the user should ask the caller for his/her telephone number and hang up. The user can then call back using the appropriate (more economical) communications device. NOTE: It is suggested that cellular telephone users carry pagers and instruct potential callers to call their pagers rather than their cellular telephones. This will allow cellular telephone users the opportunity to return calls by the most economical means available.
  10. Cellular telephones are Government property and are to be used to conduct official Government business only.
  11. Failure to adhere to the above cellular telephone rules of operation may result in the issuance of an infraction and loss of cellular telephone privileges.

Signature verification for compliance with the above rules and use limited to official Government business only, is required.

REFERENCES:

  1. Fredrickson/Area Manager memorandum, "Telephone Security Group Position Paper – Cellular Telephones, " dated August 15, 1997, which forwarded the McCallum/Multiple "Addressee memorandum, "Cellular Telephones," dated July 13, 1997, with attachment prepared by the Telephone Security Group, TSG Position Paper –Domestic Cellular Telephones, " dated June 9, 1997.
  2. DOE Order 470.1, "Safeguards and Security Program," approved September 28, 1995 [1.a.];
  3. DOE Order 5632.1C, Protection and Control of Safeguards and Security Interests," dated July 15, 1994 [5.a.]; and,
  4. DOE Manual 5632.1C-1, "Manual for Protection and Control of Safeguards and Security Interests," dated July 15, 1994 [V.1.g.(3)].

Departmental policy exists to protect safeguards and security interests from unauthorized access, unauthorized disclosure, loss, destruction, modification, compromise or misuse (references 2 & 3). The introduction of electronic equipment into DOE security areas can create a situation for which the acceptable level of risk is too great. A review of current DOE policy identified clear guidance regarding the introduction of private-owned cellular telephones into DOE security areas (reference 4). DOE policy regarding government-owned cellular telephones is not clearly defined.

FOREIGN VISITS: WHAT IS INAPPROPRIATE?

Introduction

The Defense Security Service continues to receive reports from companies with U.S. Government facility clearances concerning inappropriate conduct by foreign personnel during the course of visits to the facilities. Inappropriate conduct during visits is a frequently reported modus operandi (MO) associated with foreign collection activity. While visits may be more costly and slightly more risky to the foreign entity, visitors usually gain access to the targeted facility. For this reason, this MO, while not the most frequently used, is assessed to be the most damaging form of collection activity because it can result in the loss of some technology as a result of the visit. Once in a facility, good collectors can manipulate the visit to address some or all of their collection requirements. Visiting foreign scientists or engineers can take acquired technology back to their own country and apply it directly to their needs without having to wait for it to arrive through a bureaucratic intelligence collection process.

The Techniques

While the vast majority of foreign visits take place without incident, many do result in some inappropriate or suspicious activity taking place. Reported cases involving inappropriate conduct during a foreign visit include "wandering" visitors who become offended when confronted; hidden agendas that involve questions beyond the scope of what was approved for discussion or the fraudulent use of data exchange agreements; arriving at a facility unannounced; taking notes and photographs; holding "commercial" discussions when the U.S. Government refuses to officially sponsor the visit; and last minute or unannounced additions to a visiting delegation. Many of these techniques are specifically designed to produce potentially embarrassing incidents for the host in order to obtain collection objectives as a result of the host attempting to be conciliatory.

Case Studies

Many reports of inappropriate conduct during a foreign visit involve taking advantage of the escort and making the escort a vulnerability instead of a security countermeasure. This happens most frequently when there is an insufficient number of escorts to control the size of the visiting delegation. In other instances, the escort has not been properly briefed on "what to protect" and "how to respond to questions." During a visit to an aeronautics facility, a foreign delegation of 10 people was provided with one escort. The visiting delegation recognized the vulnerability and used an opportunity during a rest room break to split the delegation, thereby causing half the delegation to be unescorted in an area with export-controlled technology.

A frequently used technique by several foreign military attachés within the U.S. is to arrive at a contractor facility unannounced in a three-piece suit with a business card. The civilian business attire makes the military attaché appear less threatening to the facility personnel. However, the technique itself is to arrive "unannounced" and rely on the courtesy of the company's management to permit the attaché access to the facility. On several occasions, and at separate facilities within the Washington, D.C., area, military attachés solicited unclassified papers and brochures and engaged in conversations to determine other venues for exploitation. What the company personnel may not have realized is that most foreign military attachés are either intelligence officers or acting in the capacity of intelligence officers.

Another popular technique is to add or switch a person at the last minute as part of a visiting foreign delegation. This technique also relies on the courtesy of the company's management to permit the person being added or switched into the facility. Sometimes the person being added or switched is a commercial or military attaché from an embassy or consulate. The reason for adding or switching a visitor is the visitor believes the available time is reduced in which the company can perform a check on the background of the visitor, thereby increasing the likelihood of slipping an intelligence officer into the facility.

Security Countermeasures

Some recommended security countermeasures to mitigate vulnerabilities associated with these collection techniques are relatively simple, inexpensive, and effective--if implemented.

Original Source: http://www.dss.mil/cithreats/forgnvst.htm , Public Release #981210-01

IDENTITY THEFT: WHAT TO DO IF IT HAPPENS TO YOU
A Joint Publication of CALPIRG and the Privacy Rights Clearinghouse

This guide provides victims of identity theft with the major resources to contact. Unfortunately, at this time victims themselves are burdened with resolving the problem. You must act quickly and assertively to minimize the damage.

In dealing with the authorities and financial institutions, keep a log of all conversations, including dates, names, and phone numbers. Note time spent and any expenses incurred, in case you are able to request restitution in a later judgement or conviction against the thief. Confirm conversations in writing. Send correspondence by certified mail, return receipt requested. Keep copies of all letters and documents.

1. Credit bureaus. Immediately call the fraud units of the three credit reporting companies – Experian (formerly TRW), Equifax and Trans Union. Report the theft of your credit cards or numbers and request a credit report (free to identity theft victims). Ask that your file be flagged with a fraud alert. Add a victim’s statement to your report. ("My ID has been used to apply for credit fraudulently. Contact me at (your phone number) to verify all applications.") Ask how long the fraud alert is posted on your file, and how you can extend it if necessary.

Be aware that these measures may not entirely stop new fraudulent accounts from being opened by the imposter. Request a free copy of your credit report every few months so you can monitor any new fraudulent activity.

Ask the credit bureaus for names and phone numbers of credit grantors with whom fraudulent accounts have been opened. Ask the credit bureaus to remove inquiries that have been generated due to the fraudulent access. You may also ask the credit bureaus to notify those who have received your credit report in the last six months in order to alert them to the disputed and erroneous information (two years for employers). When you provide your police report to the credit bureaus, they must remove the fraudulent accounts from your credit report (Calif, Civil Code 1785.16(k). (See #3 below)

2. Creditors. Contact all creditors immediately with whom your name has been used fraudulently, by phone and in writing, You may be asked to fill out fraud affidavits. (No law requires these to be notarized at your own expense.) Get replacement cards with new account numbers for your own accounts that have been used fraudulently. Ask that old accounts be processed as "account closed at consumer’s request." (This is better than "card lost or stolen," because when this statement is reported to credit bureaus, it can be interpreted as blaming you for the loss.) Carefully monitor your mail and credit card bills for evidence of new fraudulent activity. Report it immediately to credit grantors.

3. Law enforcement. Report the crime to your local police or sheriff’s department. You might also need to report it to police departments where the crime occurred. Give them as much documented evidence as possible. Make sure the police report lists the fraud accounts. Get a copy of the report. Keep the phone number of your investigator handy and give it to creditors and others who require verification of your case. Credit card companies and banks may require you to show the report in order to verify the crime. It is a violation of federal law (18 USC 1028) and the laws of many states (such as Calif. Penal Code 530.5) to assume someone’s identity for fraudulent purposes. But some police departments have been known to refuse to write reports on such crimes. Be persistent!

4. Stolen checks. If you have had checks stolen or bank accounts set up fraudulently, report it to the appropriate check verification companies. Put stop payments on any outstanding checks that you are unsure of. Cancel your checking and savings accounts and obtain new account numbers. Give the bank a secret password for your account (not mother’s maiden name). If your own checks are rejected at stores where you shop, contact the check verification company that the merchant uses.

5. ATM cards. If your ATM or debit card has been stolen or compromised, report it immediately. Get a new card, account number and password. Do not use your old password. When creating a password, don’t use common numbers like the last four digits of your SSN or your birthdate. Monitor your account statement. You may be liable if fraud is not reported quickly.

6. Fraudulent change of address. Notify the local Postal Inspector if you suspect an identity thief has filed a change of your address with the post office or has used the mail to commit fraud. (Call the U.S. Post Office to obtain the phone number, (800) 275-8777). Find out where fraudulent credit cards were sent. Notify the local Postmaster for the address to forward all mail in your name to your own address. You may also need to talk with the mail carrier. (Web: www.usps.gov/websites/depart/inspect)

7. Secret Service jurisdiction. The Secret Service has jurisdiction over financial fraud, but it usually does not investigate individual cases unless the dollar amount is high or you are one of many victims of a fraud ring. To interest the Secret Service in your case, you may want to ask the fraud department of the credit card companies and/or banks, as well as the police investigator, to notify the particular Secret Service agent they work with. (Web: www.treas.gov/usss).

8. Social Security Number (SSN) misuse. Call the Social Security Administration to report fraudulent use of your SSN. As a last resort, you might want to try to change your number. The SSA will only change it, however, if you fit their fraud victim criteria. Also order a copy of your Personal earnings and Benefits Statement and check it for accuracy. The thief might be using your SSN for employment purposes. (Web: www.ssa.gov)

9. Passports. Whether you have a passport or not, write the passport office to alert them to anyone ordering a passport fraudulently. (Web: travel.state.gov/passport_services.html)

10. Phone service. If your long distance calling card has been stolen or your discover fraudulent charges on your bill, cancel the account and open a new one. Provide a password which must be used any time the account is changed.

11. Drivers license number misuse. You may need to change your driver’s license number if someone is using yours as identification on bad checks. Call the state office of the Department of Motor Vehicles (DMV) to see if another license was issued in your name. Put a fraud alert on your license. Go to your local DMV to request a new number. Also, fill out the DMV’s compliant form to begin the fraud investigation process. Send supporting documents with the completed form to the nearest DMV investigation office. (Web: www.dmv.ca.gov)

12. Victim statements. If the imposter is apprehended by law enforcement and stands trial, write a victim impact letter to the judge handling the case. Contact the victim-witness assistance program in your area for further information on how to make your voice heard in the legal proceedings.

13. False civil and criminal judgements. Sometimes victims of identity theft are wrongfully accused of crimes committed by the imposter. If a civil judgement has been entered in your name for actions taken or debts incurred by your imposter, contact the court where the judgement was entered and report that you are a victim of identity theft. If you are wrongfully prosecuted for criminal charges, contact the state Department of Justice and the FBI. Ask how to clear your name.

14. Legal help. You may want to consult an attorney to determine legal action to take against creditors and/or credit bureaus if they are not cooperative in removing fraudulent entries from your credit report or if negligence is a factor. Call the local Bar Association or Legal Aid office to find an attorney who specializes in consumer law, the Fair Credit Reporting Act and the Fair Credit Billing Act.

15. Dealing with emotional stress. Psychological counseling may help you deal with the stress and anxiety commonly experienced by victims. Know that you are not alone. Contact CALPIRG or the Privacy Rights Clearinghouse for information on how to network with other victims.

16. Making Change. Write to your state and federal legislators. Demand stronger privacy protection and fraud assistance by creditors and credit bureaus. Contact CALPIRG for information on any pending state or federal legislation.

17. Don’t give in. Do not pay any bill or portion of a bill which is a result of identity theft. Do not cover any checks which were written and/or cashed fraudulently. Do not file for bankruptcy. Your credit rating should not be permanently affected, and no legal action should be taken against you. If any merchant, financial institution or collection agency suggests otherwise, simply restate your willingness to cooperate, but don’t allow yourself to be coerced into paying fraudulent bills. Report such attempts to government regulators immediately.

RESOURCES

Credit Reporting Bureaus

Equifax: P.O. Box 105069, Atlanta, GA 30348. Report fraud: Call (800) 290-8749 and write to address above. Order credit report: (800) 685-1111 Web: www.equifax.com

Experian (formerly TRW): P.O. Box 9532, Allen, TX 75013. Report fraud: Call (888) EXPERIAN (888-397-3742) and write to above address. Fax (800) 301-7196. Order credit report: (888) EXPERIAN. Web: www.experian.com

Trans Union: P.O. Box 6790, Fullerton, CA 92834. Report fraud: (800) 680-7289 and write to address above. Order credit report: (800) 888-4213 Web: www.transunion.com

To opt out of pre-approved offers of credit for all three bureaus, call (888) 5OPTOUT. This establishes a two-year opt-out. For permanent opt-out status, put your request in writing.

Remember, you are entitled to a free credit report if you are a victim of identity theft, if you have been denied credit, if you receive welfare benefits, or if you are unemployed.

Social Security Administration
Report fraud: (800) 269-0271. Order Earnings & Benefits Statement: (800) 772-1213.
Web: www.ssa.gov.

To remove your name from mail and phone lists

Direct Marketing Association (Web: www.the-dma.org)

To report fraudulent use of your checks

CheckRite: (800)766-2748 Checksystems: (800) 428-9623
CrossCheck: (800) 843-0760 Equifax: (800) 437-5120
SCAN: (800) 262-7771 TeleCheck: (800) 710-9898
International Check Services: (800) 526-5380

Other useful resources

Federal Trade Commission. You may obtain assistance from and file your complaint with the FTC. Consumer Response Center, (877)IDTHEFT. Web: www.consumer.gov/idtheft and www.ftc.gov.

CALPIRG, 926 J. St., Suite 523, Sacramento, CA 95814. Phone: (916)448-4516 or (310)398-3404.
E-mail: calpirg@pirg.org. Web: www.pirg.org/calpirg.

Privacy Rights Clearinghouse, 1717 Kettner Ave., Suite 105, San Diego, CA 92101.
Phone (619) 298-3396. E-mail: prc@privacyrights.org. Web: www.privacyrights.org.

SECURITY GLOSSARY

Access Authorization or Security Clearance

An administrative determination by the DOE that an individual who is either a DOE employee, applicant for employment, consultant, assignee, other Federal department or agency employee (and other persons who may be designated by the Secretary of Energy), or a DOE contractor or subcontractor employee and an access permittee is eligible for access to classified matter.

"Q" access authorizations or clearances are based upon full field investigations conducted by the Federal Bureau of Investigation, Office of Personnel Management, or another Government agency which conducts personnel security investigations. They permit an individual to have access, on a "need to know'' basis, to Top Secret, Secret, and Confidential Restricted Data, Formerly Restricted Data, National Security Information, or special nuclear material in Category I or II quantities as required in the performance of duties.

"L" access authorizations or clearances are based upon National Agency Checks and Inquiries (NACI) for Federal employees, or National Agency Checks (NAC) for non-Federal employees, conducted by the Office of Personnel Management. They permit an individual to have access, on a "need to know'' basis, to Confidential Restricted Data, Secret and Confidential Formerly Restricted Data, or Secret and Confidential National Security Information, required in the performance of duties, provided such information is not designated "CRYPTO'' (classified cryptographic information), other classified communications security ("COMSEC'') information, or intelligence information.

Source: Title 10, Code of Federal Regulations, Part 1016, "Safeguarding of Restricted Data"

Authorized Derivative Classifier (ADC)

An individual authorized to determine that documents and/or material are (a) unclassified, or (b) classified as RD, FRD, or NSI, in accordance with existing guidance or source documents.

Source: Draft DOE Glossary

Classification

The act or process by which information is determined to be classified information, as follows: 1) Original Classification is the initial determination that information requires protection as NSI. This includes the specification of a classification level and the classification duration; and 2) Derivative Classification for RD or FRD in accordance with approved classification guidance or source documents, and NSI in accordance with approved classification guidance, source documents, or instructions from an original classifier that a document contains NSI.

Source: Title 10, Code of Federal Regulations, 1045.3. "Nuclear Classification and Declassification" and DOE Draft Glossary

Classification Category

One of three kinds of classified information; i.e., Restricted Data, Formerly Restricted Data, or National Security Information.

Source: Title 10, Code of Federal Regulations, 1045.3. "Nuclear Classification and Declassification"; Executive Order 12958, "Classified National Security Information," 4-17-95 and DOE O 471.2A, Information Security Program, 3-27-97

Classification Level

One of three designators: (1) Top Secret is applied to information (RD, FRD, or NSI), the unauthorized disclosure of which reasonably could be expected to cause exceptionally grave damage to the national security that the appropriate official is able to identify or describe. (2) Secret is applied to information (RD, FRD, or NSI), the unauthorized disclosure of which reasonably could be expected to cause serious damage to the national security that the appropriate official is able to identify or describe. (3) Confidential. (i) For NSI, Confidential is applied to information, the unauthorized disclosure of which reasonably could be expected to cause damage to the national security that the appropriate official is able to identify or describe. (ii) For RD and FRD, Confidential is applied to information, the unauthorized disclosure of which could reasonably be expected to cause undue risk to the common defense and security that the appropriate official is able to identify or describe.

Source: Title 10, Code of Federal Regulations, 1045.3. "Nuclear Classification and Declassification"; Executive Order 12958, "Classified National Security Information," 4-17-95 and DOE O 471.2A, Information Security Program, 3-27-97

Classified Information

  1. Information classified as RD or FRD under the Atomic Energy Act; or
  2. Information determined to require protection against unauthorized disclosure under Executive Order (E.O.) 12958 or prior Executive Orders (also identified as National Security Information or NSI).

Source: Title 10, Code of Federal Regulations, 1045.3. "Nuclear Classification and Declassification"; Executive Order 12958, "Classified National Security Information," 4-17-95 and DOE O 471.2A, Information Security Program, 3-27-97

Classified Matter

Classified information, documents, parts, components, or other material. Any document or material which contains classified information or an item which is classified by virtue of its design or appearance.

Source: Title 10, Code of Federal Regulations, Part 1016, "Safeguarding of Restricted Data"

Clearing

Removal of data from an information system or media, performed so that the data may not be reconstructed using normal system capabilities (i.e., through the keyboard). NOTE: Clearing of classified information from media does not permit the reuse of the media at a lower classification level or in an unclassified mode.

Source: DOE Manual 471.2-2, Classified Information Systems Security Manual, 8-3-99.

Collection

  1. The exploitation of sources by collection agencies and the delivery of the information obtained to the appropriate processing unit for use in the production of intelligence.
  2. Obtaining information or intelligence information in any manner, including direct observation, liaison with official agencies, or solicitation from official, unofficial, or public sources.
  3. The act of employing instruments and/or equipment to obtain qualitative or quantitative data from the test or operations of foreign systems.

Source: DOE Order 5670.3, Counterintelligence Program, 9-4-92

Confidential

A classification level that is applied to information, the unauthorized disclosure of which reasonably could be expected to cause damage to national security that the appropriate official is able to identify or describe.

Source: Title 10, Code of Federal Regulations, 1045.3. "Nuclear Classification and Declassification"; Executive Order 12958, "Classified National Security Information," 4-17-95 and DOE O 471.2A, Information Security Program, 3-27-97

Counterintelligence

Information gathered and activities conducted to protect against espionage, other intelligence activities, sabotage, or assassinations conducted for or on behalf of foreign powers, organizations or persons, or international terrorist activities, but not including personnel, physical, communications, or documents and other matter.

Source: DOE Order 5670.3, Counterintelligence Program, 9-4-92

Economic Espionage

Whoever knowingly

  1. steals, or without authorization appropriates, takes, carries away, or conceals, or by fraud, artifice, or deception obtains a trade secret
  2. without authorization copies, sketches, photographs, transmits, delivers, mails, communicates, or conveys a trade secret;
  3. receives, buys, or possesses a trade secret, knowing the same to have been stolen or appropriated, obtained, or converted without authorization

Source: Title 18, USC, Section 1832. Theft of Trade Secrets, 1-05-99

Espionage

Overt, covert, or clandestine activity designed to obtain information relating to the national defense with intent or reason to believe that it will be used to the injury of the United States or to the advantage of a foreign nation.

Source: DOE Order 5670.3, Counterintelligence Program, 9-4-92

Export Controlled Information (ECI)

Information containing technical data as defined in and controlled by U.S. export control statutes. Appropriate laws, regulations, and requirements for ECI include the following:

The Nuclear Nonproliferation Act of 1978; The Atomic Energy Act of 1954, as amended, and its implementation by Export and Import of Nuclear Material, Title 10, Code of Federal Regulations, Part 110, and Assistance to Foreign Atomic Energy Activities, Title 10, Code of Federal Regulations, Part 810; The Export Administration Act of 1979 and its implementation by the Export Administration Regulations, Title 15, Code of Federal Regulations, Parts 730-799; The Arms Export Control Act and its implementation by the International Traffic in Arms Regulations, Title 22, Code of Federal Regulations, Parts 120-128

Source: DOE Guide 241.1-1 , Guide to the Management of Scientific and Technical Information, 8-17-98

Foreign Economic Collection and Industrial Espionage

  1. This term is in common use within the U.S. intelligence community as defined in Executive Order 12333. An "umbrella" term used by the National Counterintelligence Center (NACIC) in its annual report to Congress.
  2. "Economic collection" refers to the gathering of information which may be used as intelligence by one nation to analyze, assess, or impact the economy or economic well-being of another nation.
  3. "Foreign industrial espionage" is defined as "industrial espionage conducted by a foreign government or by a foreign company with the direct assistance of a foreign government against a private U.S. company and aimed an obtaining commercial secrets."

Source: DOE Order 5670.3, Counterintelligence Program, 9-4-92 and Section 809, Intelligence Authorization Act for Fiscal Year 1995

Foreign National

Any person who is not a U.S. citizen or a U.S. national, including foreign corporations (i.e., a corporation not incorporated in the U.S.), international organizations, foreign governments, and any agency or subdivision of foreign governments (e.g., diplomatic missions).

Source: DOE Order 5670.3, Counterintelligence Program, 9-4-92 and Section 809, Intelligence Authorization Act for Fiscal Year 1995 and Draft DOE Glossary

Formerly Restricted Data (FRD)

Classified information jointly determined by DOE and the DoD to be related primarily to the military utilization of nuclear weapons and removed (by transclassification) from the Restricted Data category pursuant to section 142(d) of the Atomic Energy Act.

Source: Title 10, Code of Federal Regulations, 1045.3. "Nuclear Classification and Declassification"; Executive Order 12958, "Classified National Security Information," 4-17-95; DOE O 471.2A, Information Security Program, 3-27-97 and Draft DOE Glossary

Fraud

An act of deceiving or misrepresenting; intentional perversion of truth.

Source: DOE N 221.5, Reporting Fraud, Waste, and Abuse, 7-7-99 and Webster’s New Collegiate Dictionary

Incident

Any adverse event that threatens the security of information resources. Adverse events include compromises of integrity, denial of service, compromises of confidentiality, loss of accountability, or damage to any part of the system. Examples of incidents include the insertion of malicious code (e.g., viruses, Trojan horses, or backdoors), unauthorized scans or probes, successful and unsuccessful intrusions, and insider attacks.

Source: DOE N 205.1, Unclassified Computer Security Program, 7-26-99

Infraction

Any knowing, willful, or negligent action contrary to the requirements of DOE Order or implementing directives that does not comprise a "violation," as defined.

Source: Executive Order 12958, "Classified National Security Information," 4-17-95 and DOE O 471.2A, Information Security Program, 3-27-97

Insider

A person who, by reason of official duties, has knowledge of operations and/or safeguards system characteristics, and/or position that would significantly enhance the likelihood of successful bypass or defeat of positive measures should that person attempt such an action.

Source: DOE O 472.1B, Personnel Security Activities, 3-24-99 and Draft DOE Glossary

Intelligence

The product resulting from the collection, collation, evaluation, analysis, integration, and interpretation of all collected information.

Source: DOE Order 5670.3, Counterintelligence Program, 9-4-92

Intelligence Community (also, Agencies within the Intelligence Community )

A generic term defined in E.O. 12333 which refers to the following agencies or organizations: a. The Central Intelligence Agency (CIA); b. The National Security Agency (NSA); c. The Defense Intelligence Agency (DIA); d. The offices within the Department of Defense for the collection of specialized foreign intelligence through reconnaissance programs; e. The Bureau of Intelligence and Research of the Department of State; f. The intelligence elements of the Army, Navy, Air Force, and Marine Corps, the Federal Bureau of Investigation (FBI), the Department of the Treasury, and the Department of Energy; g. The staff elements of the Director of Central Intelligence.

Source: DOE Order 5670.3, Counterintelligence Program, 9-4-92

Manual 471.2-2, Classified Information Systems Security Manual, 8-3-99

Limited Area

A type of Security Area having boundaries defined by physical barriers, used for the protection of classified matter and/or Category III quantities of special nuclear material, where protective personnel or other internal controls can prevent access by unauthorized persons to classified matter or special nuclear material.

Source: DOE 5632.1C, Protection and Control of Safeguards and Security Interests, 7-15-94, and Draft DOE Glossary

Misuse

Waste of computer time or resources activities that negatively impact system or work performance. Examples include activities unrelated to government work such as: generating personal letters, holiday greetings, party invitations, or membership lists; playing games; or reviewing sexually explicit material or images.

Source: DOE N 221.5, Reporting Fraud, Waste, and Abuse, 7-7-99

National Security

The national defense or foreign relations of the United States.

Source: Title 10, Code of Federal Regulations, 1045.3. "Nuclear Classification and Declassification"

National Security Information (NSI)

Information that has been determined pursuant to Executive Order 12958 or prior Executive Orders to require protection against unauthorized disclosure and is marked to indicate its classification status when in document form. NSI is referred to as "defense information'' in the Atomic Energy Act.

Source: Title 10, Code of Federal Regulations, 1045.3. "Nuclear Classification and Declassification"; Executive Order 12958, "Classified National Security Information," 4-17-95 and DOE O 471.2A, Information Security Program, 3-27-97

Need-to-Know

A determination by persons having responsibility for classified information or matter, that a proposed recipient's access to such classified information or matter is necessary in the performance of official, contractual, or access permit duties of employment under cognizance of the DOE.

Source: Title 10, Code of Federal Regulations, Part 1016, "Safeguarding of Restricted Data"

Official Foreign Travel

Approved travel to or from the U.S. within a foreign country, or between foreign countries, by persons whose salaries or travel expenses will ultimately be reimbursed in whole or part by DOE. Official foreign travel includes travel where expenses are reimbursed by non-DOE sources.

Source: DOE Order 1500.3, Chg. 7, Foreign Travel Authorization, 7-6-94 and Draft DOE Glossary

Official Use Only (OUO)

A designation identifying certain unclassified by sensitive information that may be exempt from public release under the Freedom of Information Act.

Source: DOE 471.2A, Information Security Program, 3-27-97 and Draft DOE Glossary

Operations Security (OPSEC)

A program designed to disrupt or defeat the ability of foreign intelligence or other adversaries to exploit sensitive DOE activities or information and to prevent the unauthorized disclosure of such information.

Source: DOE 471.2A, Information Security Program, 3-27-97, and Draft DOE Glossary

Questionnaire for National Sensitive Positions (QNSP)

The questionnaire completed by all DOE federal and contractor employees in order to begin the background investigation necessary for access authorization. The results of this investigation are presented to DOE for use in determining whether access authorization will be granted. The form is also used to schedule reinvestigations.

Source: DOE O 472.1B, Personnel Security Activities, 3-24-99

Restricted Data (RD)

A kind of classified information that consists of all data concerning the following, but not including data declassified or removed from the RD category pursuant to section 142 of the Atomic Energy Act: (1) Design, manufacture, or utilization of atomic weapons; (2) Production of special nuclear material; or (3) Use of special nuclear material in the production of energy.

Source: Title 10, Code of Federal Regulations, 1045.3. "Nuclear Classification and Declassification"; Executive Order 12958, "Classified National Security Information," 4-17-95 and DOE O 471.2A, Information Security Program, 3-27-97 and Draft DOE Glossary

Sanitization

The removal of information from media or equipment such that data recovery using any known technique or analysis is prevented. NOTE: Sanitization must include the removal of data from the media or equipment, as well as the removal of all sensitivity or classified labels, markings, and activity logs.

Source: DOE Manual 471.2-2, Classified Information Systems Security Manual, 8-3-99.

Secret

The classification level applied to classified matter of which the unauthorized disclosure reasonably could be expected to cause serious damage to national security that the appropriate official is able to identify or describe.

Source: Title 10, Code of Federal Regulations, 1045.3. "Nuclear Classification and Declassification"; Executive Order 12958, "Classified National Security Information," 4-17-95 and DOE O 471.2A, Information Security Program, 3-27-97 and Draft DOE Glossary

Secure Storage Repository

Approved storage facility for protection of special nuclear material and/or classified matter (e.g., vault, vault-type room, GSA-approved security container, and other selected secure storage containers).

Source: Draft DOE Glossary

Security

An integrated system of activities, systems, programs, facilities, and policies for the protection of classified information and/or classified matter, sensitive information, nuclear materials, nuclear weapons and nuclear weapon components, and/or the Department’s and the Department’s contractor facilities, property, and equipment.

Source: Draft DOE Glossary

Security Area

A physical space which has been designated as an area containing safeguards and security interests which dictate the need for the imposition of physical protection measures, as a minimum entailing control of access to and from the designated area, in order to protect DOE interests.

Source: DOE 5632.1C, Protection and Control of Safeguards and Security Interests, 7-15-94, and Draft DOE Glossary

Security Container

Approved storage facility for protection of special nuclear material and/or classified matter (e.g., vault, vault-type room, GSA-approved security container, and other selected secure storage containers).

Source: Draft DOE Glossary

Security Incident

An event which, at the time of occurrence, cannot be determined to be an actual violation of law, but is of such significant concern to the DOE Safeguards and Security program as to warrant preliminary inquiry and subsequent reporting.

Source: DOE O 470.1, Safeguards and Security Program, Ch. VII, 9-28-95; DOE O 232.1, Occurrence Reporting, 9-25-95

NOTE: Examples include: drug use and distribution, alcohol abuse, criminal racketeering or other organized criminal activity, the loss or theft of firearms, the discovery or possession of contraband articles in security areas, and unauthorized attempts to access classified data bases.

Sensitive Country

A country to which particular consideration is given for policy reasons during the DOE internal review and approval process of visits and assignments by foreign nations. Countries may appear on this list for reasons of national security, nuclear nonproliferation, regional instability, or terrorism support. The DOE list does not necessarily reflect the policies or views of any other agency of the U.S. Government. A foreign national is considered to be from a sensitive country if any of the following is true: 1) citizen of a sensitive country; 2) place of employment in a sensitive country; 3) place of birth in a sensitive country unless the person is now a U.S. citizen; or 4) is a stateless person.

Source: Draft DOE Glossary

Sensitive Unclassified Information

Information for which disclosure, loss, misuse, alternation, or destruction could adversely affect national security or government interests. National security interests are those unclassified matters that relate to the national defense or foreign relations of the Federal Government. Governmental interests are those related, but not limited to, the wide range of government or government-derived economic, human financial, industrial, agricultural, technological, and law enforcement information, as well as the privacy or confidentiality of personal or commercial proprietary information provided the Federal Government by its citizens.

Source: Executive Order 12958, "Classified National Security Information," 4-17-95 and DOE O 471.2A, Information Security Program, 3-27-97, and Draft DOE Glossary

Special Nuclear Material (SNM)

Special nuclear material means (1) plutonium, (2) uranium-233, or (3) uranium enriched above 0.711 percent by weight in the isotope uranium-235. Specific authorization means an authorization granted by the Secretary of Energy under section 57b(2) of the Atomic Energy Act to a person to provide specified assistance to a foreign atomic energy activity in response to an application filed under 10 CFR part 810. United States, when used in a geographical sense, includes all territories and possessions of the United States.

Source: Title 10, Code of Federal Regulations, Part 1016, "Safeguarding of Restricted Data"

Surveillance

The collection of information through devices and/or personnel observation to detect and assess unauthorized movements of personnel and nuclear material, tampering with containment, falsification of information related to location and quantities of nuclear material, and tampering with safeguards devices.

Source: Draft DOE Glossary

Top Secret

The classification level applied to information whose unauthorized disclosure could reasonably be expected to cause exceptionally grave damage to national security; the highest classification level that the appropriate official is able to identify or describe.

Source: Title 10, Code of Federal Regulations, 1045.3. "Nuclear Classification and Declassification"; Executive Order 12958, "Classified National Security Information," 4-17-95 and DOE O 471.2A, Information Security Program, 3-27-99 and Draft DOE Glossary

Unauthorized Disclosure

A communication or physical transfer of classified information to an unauthorized recipient.

Source: Executive Order 12958, "Classified National Security Information," 4-17-95

Unclassified Controlled Nuclear Information (UCNI)

Certain unclassified government information whose unauthorized dissemination is prohibited under

Source: Section 148 of the Atomic Energy Act of 1954, as amended, and DOE 471.1, Identification and Protection of Unclassified Controlled Nuclear Information, 9-25-95

Unofficial Foreign Travel (Sensitive Unofficial Travel)

Travel to those countries [on Sensitive Countries List] by individuals who have or have held a within the last 5 years a DOE access authorization.

Source: DOE Order 1500.3, Chg. 7, Foreign Travel Authorization, 7-6-94 and Draft DOE Glossary

User ("General User")

An individual who can receive information from, input information to, or modify information on an information system without an independent human review. In a processing context, this also includes a process acting on behalf of a user. Direct User. A user with physical or electronic access to any component of the information system. Indirect User. A user with access to information from the information system without an independent human review, but who does not have physical or electronic access to the system itself. Privileged User. A user with access to control, monitoring, or administration functions of the information system (e.g., system administrator, system security officer, maintainers, system programmers, etc.). NOTE: It is often convenient to refer to a user who is NOT a privileged user as a general user.

Source: DOE Manual 471.2-2, Classified Information Systems Security Manual, 8-3-99

Vault

A windowless enclosure that is resistant to forced entry and has a DOE-approved system which detects unauthorized entry

Source: Draft DOE Glossary

Vault-Type Room

A DOE-approved room having a combination-locked door(s) and protection provided by a DOE-approved intrusion alarm system activated by any penetration of walls, floor, ceiling, or openings, or by motion within the room.

Source: Draft DOE Glossary

Violation

  1. any knowing, willful, or negligent action that could reasonably be expected to result in an authorized disclosure of classified information;
  2. any knowing, willful, or negligent action to classify or continue the classification of information contrary to the requirements of the orders or its implementing directives; or
  3. any knowing, willful, or negligent action to create or continue a special access program contrary to the requirements of the orders.

Source: Executive Order 12958, "Classified National Security Information," 4-17-95 and DOE O 470.1, Safeguards and Security Program, 9-28-95

Waste

The act of spending or using carelessly or inefficiently.

Source: Webster's Dictionary

Weapon Data

Restricted Data or Formerly Restricted Data concerning the design, manufacture, or utilization of nuclear weapons or nuclear weapon components, including information incorporated in or related to nuclear explosive devices.

Source: Draft DOE Glossary 

REFERENCES

 

ACKNOWLEDGEMENT