際際滷

際際滷Share a Scribd company logo

Killing with keyboards[opsec]

Download as PPT, PDF
Rhonda Darnell
Rhonda Darnell

The document describes how Alice, a 16-year-old girl being taught English by her government, uses online searches to gather personal information about an American man named Chris Raddick. Alice is able to find details about Chris's job, family, hobbies and home by piecing together information from his online posts and other internet sources. Later, Chris shares classified work details with a man he meets at a conference, not realizing the man is working with Alice's government to get this information.

1 of 28
Downloaded 28 times
Killing with Keyboards Websites, Blogs and Other Sources of Program Information and Identity Theft
Meet Chris Husband, father of two, weekend little league coach He is a talented and dedicated engineer for Bright Company In the year 2010 Chris will kill 238 U.S. Soldiers because of a decision he made tonight
On rare occasions At night Chris will log on to engineering community web sites and blogs, just to stay current with the industry EaglesFan54 Chris works for a defense contractor and has listened to all of the security briefings. He knows to be careful about what he tells anyone. Chris never uses his name and rarely posts anything at all. When he does, he only uses his on-line name.
09/13/2004 EaglesFan54 I know for a fact that WIRENUT207 is dead wrong, but I cant say how I know. You really need to go back and get some updated information, but thats all I can say about it. 05/11/2005 EaglesFan54 Kyle Boldgers new book Beyond Advanced Electronics is by far the best industry book I have read in 10 years. Everyone should check it out. 02/18/2006 EaglesFan54 I dont agree at all that the HLT5807 chip is out of favor. Even the military uses it on their major new programs.
Meet Alice She is 16, and for the last two years her government has been teaching her English Alice has done well, so eight months ago they started to teach her to use a computer and to search the Internet Just like every day, Alice is using Google today. Searching for words and phrases from a list her government gave her. Alices favorite English word is Google Alice knows if she works hard for five years and creates lots of files for her government, they will move her family to a nicer apartment and maybe even send her to more school. Today, Alice found Chris
02/18/2006 EaglesFan54 I dont agree at all that the HLT5807 chip is out of favor. Even the military uses it on their major new programs. USA-15-4138
The day started great for Chris The team he leads hit a major program milestone, and each was given an unexpected performance bonus. For Chris it was one step closer to his retirement fishing cabin. Yet another half day spent in a quarterly security update briefing. Chris promised his team he would talk to senior management about not wasting their time on these anymore. And then the day went bad
It did give the team an excuse to get some good coffee for a change After the briefing his team walked across the parking lot to the new American Tea that was just built. It catered to the large Bright Co. team that worked at their site. While in line Chris complained to one of his team, Do they really think a person with a Secret clearance needs to be reminded about this stuff? And no one goes dumpster-diving any more! These security guys have no clue what theyre talking about. Chris was still angry about the briefing The store offered free Wi-Fi (wireless Internet access), six free small quiet rooms to make phone calls, and a 15% discount to Bright Company employees (just show your employee badge at the time of purchase). It was a great place to unwind
Alices progress was slow and steady Her group leader often repeats that the searchers need to be very patient. It may take weeks to find something important, but each petal helps you identify the flower it came from. Each piece of the puzzle provides a new search opportunity EaglesFan54 09/13/2004 EaglesFan54 I know for a fact that WIRENUT207 is dead wrong, but I cant say I how I know. You really need to go back and get some updated information, but thats all I can say about it. 05/11/2005 EaglesFan54 Kyle Boldgers new book Beyond Advanced Electronics is by far the best industry book I have read in 10 years. Everyone should check it out. 02/18/2006 EaglesFan54 I dont agree at all that the HLT5807 chip is out of favor. Even the military uses it on their major new programs. I cant say how I know Book suggestion: Beyond Advanced Electronics military and major new programs
Eagles Beyond Advanced Electronics Alice followed the information from one website to another What seemed like unimportant information from one site was the start of the Google search leading to other sites. Chris Raddick Philadelphia, PA I cant say how I know Book suggestion: Beyond Advanced Electronics Even items which are now deleted from web sites can still be searchable within the Google cache (history) Customer Reviews Great Industry Read , May 7, 2005 Reviewer: Chris Raddick The #1 Eagles Fan (Philadelphia, PA) - See all my reviews
Chris Raddick Philadelphia Eagles The search results produced even more new sources to follow Chris Raddick Beth Raddick Kyle Raddick Chris Raddick (215) 555-1784 ( cell phone? ) [email_address] ( employer? ) Kyle Raddick, 16 ( son? ) MySpace (blog) website Beth Raddick ( wife? ) (215) 555-3159 ( home phone? ) [email_address] alltheraddicks.com ( website? ) Email: Chris Raddick [email_address] , Phone: (215) 555-1784; Email: Beth Raddick [email_address] , Phone: (215) 555-3159 www.payouthleagefootball.net/division1/parentlisting.html Web Youth League Families Philadelphia Little Eagles Chris whole team from Bright celebrated Bright Night with players from the Eagles . The company sponsored night. www.cableco.com/alltheraddicks.com/brightnight.htm The Raddick Family Bright Night with the Eagles MySpace Profile - Kyle Raddick , 16 years old, Male, Philadelphia , PA www.myspace.com/kyle raddick
Chris Raddick Philadelphia Eagles Each new site produces more information Web Chris whole team from Bright celebrated Bright Night with players from the Eagles . The company sponsored night. www.cableco.com/alltheraddicks.com/brightnight.htm The Raddick Family Bright Night with the Eagles Family and club web sites can be used to find new information or confirm data Chris with Kelli Bright The Bright Stars Bright Company sponsored Bright Night with the Eagles Beth making new friends!
The information was all there, on sites Chris had never visited or posted information to And eventually Alice was done searching Reverse Phone Number Search (215) 555-1784 Results 1 listing matching (215) 555-1784 Christopher Raddick 1359 Lost Way Philadelphia, PA (215) 555-1784 Search Again Modify Search Printer Friendly Results 1 listing matching (215) 555-3159 Elizabeth Raddick 1359 Lost Way Philadelphia, PA (215) 555-3159 Search Again Modify Search Printer Friendly Chris Raddick Beth Kyle www www www www www www www www www Bright Co.
It was a great day for Alice Her leader rewarded Alice for completing her 200 th file. She was allowed to recommend a family member to join her at school. Soon Alice would have the honor of teaching her thirteen year old sister all she had learned about computers and Google. The information about Chris was now available for use as needed USA-15-4138 Christopher (Chris) Allen Raddick , Born 1954 Married, two children (see family attachment) 1359 Lost Way, Philadelphia, PA; Ph. cell 215.555-1784 Employed: Defense Contractor, The Bright Co. Engineer, Sports Teams: Eagles football; Childrens Sports Coach; Drinks Alcohol; Sails; Water-skis; Home Mortgage, $234,177; First Federal Bank; Vehicles: 2004 Chevrolet Camaro, 1999 Volvo Wagon
In early 2008 Alices government became aware that a vulnerability exists in technology which may have been integrated into certain U.S. defense projects. To benefit from the information, they needed to know for sure. Later that same year, Chris attended an out-of-town engineering conference for defense and related industries. Although held at the unclassified level, conference attendance was very restricted. Every attendee required a government sponsor. The hotel conference center had guards outside the meeting rooms, and conference badges had to be worn when attending sessions.
Chris sat in the hotel bar He was tired after four days of conference At the other end of the bar Chris noticed a guy wearing an Eagles hat. He had seen him several times around the hotel in the last several days. In the restaurant, lobby and elevators. Chris walked over. Eagles! In this town? Chris said. I know, Im getting grief from everyone, the man replied. Not from me. Im actually a diehard Chris said. Youre kidding me! The man introduced himself as Tom. Well thats definitely worth a beer, Tom said smiling. Greatly appreciated, Chris said. You at the conference? Tom nodded. First week out of my lab in two years. Chris grinned. DOD project? Chris asked, drinking his beer. Sorry, cant say, Tom replied. You know, that always sounds bad no matter how you say it. Nothing personal. Chris smiled No problem. Really, I totally understand.
Tom insisted on buying dinner They talked sports and generally about work, careful not to say too much. Tom bought a second pitcher of beer, reminding Chris that Toms company was more than happy to pay his expense account since he traveled so rarely. I was actually hoping to hear if anyone else was thinking of using Claridens new Digital Signal Processors, Tom mentioned casually. I hate being the first program to use a new chipset. Dont worry then, Chris said, Army is using them. Tom grinned. You must be working on that new Army program. Cant say, Chris said smiling, but you definitely dont need to worry that your program will be the first military program to use it.
Dinner was now over Tom was very pleased that it has gone so smoothly. He had the confirmation he needed, and would even be able to contact Chris again if need be. He had told Chris that he had to leave the conference the next morning to catch an early flight. No risk of having to explain why he was not registered to attend the conference. Tom never even had to threaten Chris with the picture in his pocket, designed to show Chris how close Toms supporters had come to using Chris family as motivation.
2009 was a very good year! Kyle Raddick, Chris and Beths oldest son had joined the Army. They were very proud of him. Chris took extra pride in knowing what he contributed to the success of the Armys new system. For Chris and his family... For Alices government... Alices government used the information they had developed from Chris about the system vulnerability to trade with another government, who was very interested in using it against the United States.
In the year 2010 Chris will lie in bed and watch the news tonight, and worry about the life of his son. What will you do the next time all of those security warnings seem like they apply only to someone else. Another 238 U.S. Soldiers were killed.
Five Discussion Topics The information and scenarios in the preceding self-assessment presentation were all true. The characters and the vulnerability were the only fiction
I am no one they care about That may be true for now, but you never know when one on-line posting will bring YOU to their attention. Chris was just another name in a file until they needed some inside information about his program. It never occurred to him that an intelligence agency would target him for a piece of information, but they did. Some things to think about Chris had no idea that just confirming that the Clariden DSP chip was in use would be enough to hurt or kill. But that one small piece of information was the last piece in the puzzle that the enemy was putting together. While Chris thought he was careful, it is difficult to know exactly what an adversary is looking for, and if what you have may be of benefit. 1
I dont have ANY adversaries! Feel like all of this war and terrorist or adversary talk is about someone else? Take a quick look at some other groups that use these exact same on-line information gathering techniques. Some things to think about Former girlfriends, boyfriends, divorced spouses. Angry neighbors, people you only knew casually. Disgruntled co-workers, employees, temporary workers. Identity thieves. (Try a Google search on your name.) Pedophiles seeking information to convince your children that they should be trusted Anyone else who might want a little information about you, even just to know you better than you want them to. 2
Im smarter than the enemy Its a common feeling. People interviewed often say they know they are smarter than some guy who is now just sitting in a cave hiding from us. Chris knew he was smarter than any adversary when he used careful expressions like, I cant say how I know. Some things to think about In addition to small radical groups, our adversaries are some of the largest nations in the world, who are willing to spend BILLIONS of dollars to gain an economic advantage. Information theft is a good investment for them, even if they just trade it for something they want. Some of the worlds best intelligence agencies are training young people as experts to go and gather information for them. You are up against the experts! 3
I dont post on the Internet Not posting may help you somewhat, but it is just one example of how you can come to the attention of someone with bad intentions. Another source is unencrypted email messages which are either misrouted, intercepted, or gathered by adversaries on discarded or poorly protected backup tapes. Stealing backup tapes is a common occurrence. Some things to think about Remember that Chris did not know about all of the information sources that had information about him. He only thought about the sites he dealt with. Most of the others you dont have control over, but you do have control to encrypt email and post as little account information as you can on web sites. 4
What about the Coffee Shop? The coffee shop was a reminder that while there are good business reasons to target defense contractors, etc., as customers, those methods are also good ways to gather sensitive information. Most front businesses will not be called Terrorist Coffee so you need to pay attention to the less obvious. Some things to think about Free Internet also provides a way to capture network traffic, including personal email passwords that are often similar to work passwords. Every puzzle piece helps them. Free Quiet Rooms encourage sensitive conversations in rooms that may have listening devices. By showing a badge, bad guys know any time a facility changes its badge, and when new security like smart chips are rolled out. If they have infiltrated a facility, they know to update their fake badges by the next day. 5
Dont feel hopeless Increasing your awareness that you really are a potential target, remembering that being clever in a conversation or email is very likely to fail, limiting what you can on the Internet, and encrypting all email and drive storage you are able to Really can make the difference!
This briefing was developed by Raytheon in conjunction with The Boeing company Future Combat Systems Office of the CIO, for Policy and Standards. In addition We would like to acknowledge the National Security Agencys IOSS www.IOSS.gov For their leadership and training which inspired the idea for this series

Recommended

Memes Quiz
Memes QuizMemes Quiz
Memes Quiz
Quiz Club IIT Kanpur
Dating into the future for Manchester Futurists
Dating into the future for Manchester FuturistsDating into the future for Manchester Futurists
Dating into the future for Manchester Futurists
Ian Forrester
Lorem Ipsum Prelims
Lorem Ipsum PrelimsLorem Ipsum Prelims
Lorem Ipsum Prelims
RV QuizCorp (RVQC)
Unmasking miscreants
Unmasking miscreantsUnmasking miscreants
Unmasking miscreants
Brandon Levene
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSEC
Sean Whalen
Opsec for families
Opsec for familiesOpsec for families
Opsec for families
Lindy Kyzer
Security bulletin
Security bulletinSecurity bulletin
Security bulletin
Rhonda Darnell
Rapids locator
Rapids locatorRapids locator
Rapids locator
Rhonda Darnell
Bedrock Data Automation (Preview): Simplifying Unstructured Data Processing
Bedrock Data Automation (Preview): Simplifying Unstructured Data ProcessingBedrock Data Automation (Preview): Simplifying Unstructured Data Processing
Bedrock Data Automation (Preview): Simplifying Unstructured Data Processing
Zilliz
Caching for Performance Masterclass: Caching Strategies
Caching for Performance Masterclass: Caching StrategiesCaching for Performance Masterclass: Caching Strategies
Caching for Performance Masterclass: Caching Strategies
ScyllaDB
Temporary Compound microscope slide .pptx
Temporary Compound microscope slide .pptxTemporary Compound microscope slide .pptx
Temporary Compound microscope slide .pptx
Samir Sharma
AI Trends and Fun Demos Sothebys Rehoboth Presentation
AI Trends and Fun Demos Sothebys Rehoboth PresentationAI Trends and Fun Demos Sothebys Rehoboth Presentation
AI Trends and Fun Demos Sothebys Rehoboth Presentation
Ethan Holland
UiPath Automation Developer Associate Training Series 2025 - Session 1
UiPath Automation Developer Associate Training Series 2025 - Session 1UiPath Automation Developer Associate Training Series 2025 - Session 1
UiPath Automation Developer Associate Training Series 2025 - Session 1
DianaGray10
Blockchain for Businesses Practical Use Cases & Benefits.pdf
Blockchain for Businesses Practical Use Cases & Benefits.pdfBlockchain for Businesses Practical Use Cases & Benefits.pdf
Blockchain for Businesses Practical Use Cases & Benefits.pdf
Yodaplus Technologies Private Limited
ISOIEC 42001 AI Management System 際際滷s
ISOIEC 42001 AI Management System 際際滷sISOIEC 42001 AI Management System 際際滷s
ISOIEC 42001 AI Management System 際際滷s
GilangRamadhan884333
UiPath Automation Developer Associate Training Series 2025 - Session 1
UiPath Automation Developer Associate Training Series 2025 - Session 1UiPath Automation Developer Associate Training Series 2025 - Session 1
UiPath Automation Developer Associate Training Series 2025 - Session 1
DianaGray10
16 KALALU鏝媜ご垂鏝乞 APARAMAHASAHASRA SIMHAMAHANKALKIADIPARASAKTIBH...
16 KALALU鏝媜ご垂鏝乞 APARAMAHASAHASRA SIMHAMAHANKALKIADIPARASAKTIBH...16 KALALU鏝媜ご垂鏝乞 APARAMAHASAHASRA SIMHAMAHANKALKIADIPARASAKTIBH...
16 KALALU鏝媜ご垂鏝乞 APARAMAHASAHASRA SIMHAMAHANKALKIADIPARASAKTIBH...
IT Industry
10 FinTech Solutions Every Business Should Know!.pdf
10 FinTech Solutions Every Business Should Know!.pdf10 FinTech Solutions Every Business Should Know!.pdf
10 FinTech Solutions Every Business Should Know!.pdf
Yodaplus Technologies Private Limited
Kickstart Your QA: An Introduction to Automated Regression Testing Tools
Kickstart Your QA: An Introduction to Automated Regression Testing ToolsKickstart Your QA: An Introduction to Automated Regression Testing Tools
Kickstart Your QA: An Introduction to Automated Regression Testing Tools
Shubham Joshi
Deno ...................................
Deno ...................................Deno ...................................
Deno ...................................
Robert MacLean
Combining Lexical and Semantic Search with Milvus 2.5
Combining Lexical and Semantic Search with Milvus 2.5Combining Lexical and Semantic Search with Milvus 2.5
Combining Lexical and Semantic Search with Milvus 2.5
Zilliz
Mastering ChatGPT & LLMs for Practical Applications: Tips, Tricks, and Use Cases
Mastering ChatGPT & LLMs for Practical Applications: Tips, Tricks, and Use CasesMastering ChatGPT & LLMs for Practical Applications: Tips, Tricks, and Use Cases
Mastering ChatGPT & LLMs for Practical Applications: Tips, Tricks, and Use Cases
Sanjay Willie
GDG Cloud Southlake #40: Brandon Stokes: How to Build a Great Product
GDG Cloud Southlake #40: Brandon Stokes: How to Build a Great ProductGDG Cloud Southlake #40: Brandon Stokes: How to Build a Great Product
GDG Cloud Southlake #40: Brandon Stokes: How to Build a Great Product
James Anderson
NSFW AI Chatbot Development Costs: What You Need to Know
NSFW AI Chatbot Development Costs: What You Need to KnowNSFW AI Chatbot Development Costs: What You Need to Know
NSFW AI Chatbot Development Costs: What You Need to Know
Soulmaite
AMER Introduction to ThousandEyes Webinar
AMER Introduction to ThousandEyes WebinarAMER Introduction to ThousandEyes Webinar
AMER Introduction to ThousandEyes Webinar
ThousandEyes
SECURE BLOCKCHAIN FOR ADMISSION PROCESSING IN EDUCATIONAL INSTITUTIONS.pdf
SECURE BLOCKCHAIN FOR ADMISSION PROCESSING IN EDUCATIONAL INSTITUTIONS.pdfSECURE BLOCKCHAIN FOR ADMISSION PROCESSING IN EDUCATIONAL INSTITUTIONS.pdf
SECURE BLOCKCHAIN FOR ADMISSION PROCESSING IN EDUCATIONAL INSTITUTIONS.pdf
spub1985
DealBook of Ukraine: 2025 edition | AVentures Capital
DealBook of Ukraine: 2025 edition | AVentures CapitalDealBook of Ukraine: 2025 edition | AVentures Capital
DealBook of Ukraine: 2025 edition | AVentures Capital
Yevgen Sysoyev
THE BIG TEN BIOPHARMACEUTICAL MNCs: GLOBAL CAPABILITY CENTERS IN INDIA
THE BIG TEN BIOPHARMACEUTICAL MNCs: GLOBAL CAPABILITY CENTERS IN INDIATHE BIG TEN BIOPHARMACEUTICAL MNCs: GLOBAL CAPABILITY CENTERS IN INDIA
THE BIG TEN BIOPHARMACEUTICAL MNCs: GLOBAL CAPABILITY CENTERS IN INDIA
Srivaanchi Nathan
2024 Trend Updates: What Really Works In SEO & Content Marketing
2024 Trend Updates: What Really Works In SEO & Content Marketing2024 Trend Updates: What Really Works In SEO & Content Marketing
2024 Trend Updates: What Really Works In SEO & Content Marketing
Search Engine Journal
Storytelling For The Web: Integrate Storytelling in your Design Process
Storytelling For The Web: Integrate Storytelling in your Design ProcessStorytelling For The Web: Integrate Storytelling in your Design Process
Storytelling For The Web: Integrate Storytelling in your Design Process
Chiara Aliotta

More Related Content

Recently uploaded (20)

Bedrock Data Automation (Preview): Simplifying Unstructured Data Processing
Bedrock Data Automation (Preview): Simplifying Unstructured Data ProcessingBedrock Data Automation (Preview): Simplifying Unstructured Data Processing
Bedrock Data Automation (Preview): Simplifying Unstructured Data Processing
Zilliz
Caching for Performance Masterclass: Caching Strategies
Caching for Performance Masterclass: Caching StrategiesCaching for Performance Masterclass: Caching Strategies
Caching for Performance Masterclass: Caching Strategies
ScyllaDB
Temporary Compound microscope slide .pptx
Temporary Compound microscope slide .pptxTemporary Compound microscope slide .pptx
Temporary Compound microscope slide .pptx
Samir Sharma
AI Trends and Fun Demos Sothebys Rehoboth Presentation
AI Trends and Fun Demos Sothebys Rehoboth PresentationAI Trends and Fun Demos Sothebys Rehoboth Presentation
AI Trends and Fun Demos Sothebys Rehoboth Presentation
Ethan Holland
UiPath Automation Developer Associate Training Series 2025 - Session 1
UiPath Automation Developer Associate Training Series 2025 - Session 1UiPath Automation Developer Associate Training Series 2025 - Session 1
UiPath Automation Developer Associate Training Series 2025 - Session 1
DianaGray10
Blockchain for Businesses Practical Use Cases & Benefits.pdf
Blockchain for Businesses Practical Use Cases & Benefits.pdfBlockchain for Businesses Practical Use Cases & Benefits.pdf
Blockchain for Businesses Practical Use Cases & Benefits.pdf
Yodaplus Technologies Private Limited
ISOIEC 42001 AI Management System 際際滷s
ISOIEC 42001 AI Management System 際際滷sISOIEC 42001 AI Management System 際際滷s
ISOIEC 42001 AI Management System 際際滷s
GilangRamadhan884333
UiPath Automation Developer Associate Training Series 2025 - Session 1
UiPath Automation Developer Associate Training Series 2025 - Session 1UiPath Automation Developer Associate Training Series 2025 - Session 1
UiPath Automation Developer Associate Training Series 2025 - Session 1
DianaGray10
16 KALALU鏝媜ご垂鏝乞 APARAMAHASAHASRA SIMHAMAHANKALKIADIPARASAKTIBH...
16 KALALU鏝媜ご垂鏝乞 APARAMAHASAHASRA SIMHAMAHANKALKIADIPARASAKTIBH...16 KALALU鏝媜ご垂鏝乞 APARAMAHASAHASRA SIMHAMAHANKALKIADIPARASAKTIBH...
16 KALALU鏝媜ご垂鏝乞 APARAMAHASAHASRA SIMHAMAHANKALKIADIPARASAKTIBH...
IT Industry
10 FinTech Solutions Every Business Should Know!.pdf
10 FinTech Solutions Every Business Should Know!.pdf10 FinTech Solutions Every Business Should Know!.pdf
10 FinTech Solutions Every Business Should Know!.pdf
Yodaplus Technologies Private Limited
Kickstart Your QA: An Introduction to Automated Regression Testing Tools
Kickstart Your QA: An Introduction to Automated Regression Testing ToolsKickstart Your QA: An Introduction to Automated Regression Testing Tools
Kickstart Your QA: An Introduction to Automated Regression Testing Tools
Shubham Joshi
Deno ...................................
Deno ...................................Deno ...................................
Deno ...................................
Robert MacLean
Combining Lexical and Semantic Search with Milvus 2.5
Combining Lexical and Semantic Search with Milvus 2.5Combining Lexical and Semantic Search with Milvus 2.5
Combining Lexical and Semantic Search with Milvus 2.5
Zilliz
Mastering ChatGPT & LLMs for Practical Applications: Tips, Tricks, and Use Cases
Mastering ChatGPT & LLMs for Practical Applications: Tips, Tricks, and Use CasesMastering ChatGPT & LLMs for Practical Applications: Tips, Tricks, and Use Cases
Mastering ChatGPT & LLMs for Practical Applications: Tips, Tricks, and Use Cases
Sanjay Willie
GDG Cloud Southlake #40: Brandon Stokes: How to Build a Great Product
GDG Cloud Southlake #40: Brandon Stokes: How to Build a Great ProductGDG Cloud Southlake #40: Brandon Stokes: How to Build a Great Product
GDG Cloud Southlake #40: Brandon Stokes: How to Build a Great Product
James Anderson
NSFW AI Chatbot Development Costs: What You Need to Know
NSFW AI Chatbot Development Costs: What You Need to KnowNSFW AI Chatbot Development Costs: What You Need to Know
NSFW AI Chatbot Development Costs: What You Need to Know
Soulmaite
AMER Introduction to ThousandEyes Webinar
AMER Introduction to ThousandEyes WebinarAMER Introduction to ThousandEyes Webinar
AMER Introduction to ThousandEyes Webinar
ThousandEyes
SECURE BLOCKCHAIN FOR ADMISSION PROCESSING IN EDUCATIONAL INSTITUTIONS.pdf
SECURE BLOCKCHAIN FOR ADMISSION PROCESSING IN EDUCATIONAL INSTITUTIONS.pdfSECURE BLOCKCHAIN FOR ADMISSION PROCESSING IN EDUCATIONAL INSTITUTIONS.pdf
SECURE BLOCKCHAIN FOR ADMISSION PROCESSING IN EDUCATIONAL INSTITUTIONS.pdf
spub1985
DealBook of Ukraine: 2025 edition | AVentures Capital
DealBook of Ukraine: 2025 edition | AVentures CapitalDealBook of Ukraine: 2025 edition | AVentures Capital
DealBook of Ukraine: 2025 edition | AVentures Capital
Yevgen Sysoyev
THE BIG TEN BIOPHARMACEUTICAL MNCs: GLOBAL CAPABILITY CENTERS IN INDIA
THE BIG TEN BIOPHARMACEUTICAL MNCs: GLOBAL CAPABILITY CENTERS IN INDIATHE BIG TEN BIOPHARMACEUTICAL MNCs: GLOBAL CAPABILITY CENTERS IN INDIA
THE BIG TEN BIOPHARMACEUTICAL MNCs: GLOBAL CAPABILITY CENTERS IN INDIA
Srivaanchi Nathan
Bedrock Data Automation (Preview): Simplifying Unstructured Data Processing
Bedrock Data Automation (Preview): Simplifying Unstructured Data ProcessingBedrock Data Automation (Preview): Simplifying Unstructured Data Processing
Bedrock Data Automation (Preview): Simplifying Unstructured Data Processing
Zilliz
Caching for Performance Masterclass: Caching Strategies
Caching for Performance Masterclass: Caching StrategiesCaching for Performance Masterclass: Caching Strategies
Caching for Performance Masterclass: Caching Strategies
ScyllaDB
Temporary Compound microscope slide .pptx
Temporary Compound microscope slide .pptxTemporary Compound microscope slide .pptx
Temporary Compound microscope slide .pptx
Samir Sharma
AI Trends and Fun Demos Sothebys Rehoboth Presentation
AI Trends and Fun Demos Sothebys Rehoboth PresentationAI Trends and Fun Demos Sothebys Rehoboth Presentation
AI Trends and Fun Demos Sothebys Rehoboth Presentation
Ethan Holland
UiPath Automation Developer Associate Training Series 2025 - Session 1
UiPath Automation Developer Associate Training Series 2025 - Session 1UiPath Automation Developer Associate Training Series 2025 - Session 1
UiPath Automation Developer Associate Training Series 2025 - Session 1
DianaGray10
Blockchain for Businesses Practical Use Cases & Benefits.pdf
Blockchain for Businesses Practical Use Cases & Benefits.pdfBlockchain for Businesses Practical Use Cases & Benefits.pdf
Blockchain for Businesses Practical Use Cases & Benefits.pdf
Yodaplus Technologies Private Limited
ISOIEC 42001 AI Management System 際際滷s
ISOIEC 42001 AI Management System 際際滷sISOIEC 42001 AI Management System 際際滷s
ISOIEC 42001 AI Management System 際際滷s
GilangRamadhan884333
UiPath Automation Developer Associate Training Series 2025 - Session 1
UiPath Automation Developer Associate Training Series 2025 - Session 1UiPath Automation Developer Associate Training Series 2025 - Session 1
UiPath Automation Developer Associate Training Series 2025 - Session 1
DianaGray10
16 KALALU鏝媜ご垂鏝乞 APARAMAHASAHASRA SIMHAMAHANKALKIADIPARASAKTIBH...
16 KALALU鏝媜ご垂鏝乞 APARAMAHASAHASRA SIMHAMAHANKALKIADIPARASAKTIBH...16 KALALU鏝媜ご垂鏝乞 APARAMAHASAHASRA SIMHAMAHANKALKIADIPARASAKTIBH...
16 KALALU鏝媜ご垂鏝乞 APARAMAHASAHASRA SIMHAMAHANKALKIADIPARASAKTIBH...
IT Industry
10 FinTech Solutions Every Business Should Know!.pdf
10 FinTech Solutions Every Business Should Know!.pdf10 FinTech Solutions Every Business Should Know!.pdf
10 FinTech Solutions Every Business Should Know!.pdf
Yodaplus Technologies Private Limited
Kickstart Your QA: An Introduction to Automated Regression Testing Tools
Kickstart Your QA: An Introduction to Automated Regression Testing ToolsKickstart Your QA: An Introduction to Automated Regression Testing Tools
Kickstart Your QA: An Introduction to Automated Regression Testing Tools
Shubham Joshi
Deno ...................................
Deno ...................................Deno ...................................
Deno ...................................
Robert MacLean
Combining Lexical and Semantic Search with Milvus 2.5
Combining Lexical and Semantic Search with Milvus 2.5Combining Lexical and Semantic Search with Milvus 2.5
Combining Lexical and Semantic Search with Milvus 2.5
Zilliz
Mastering ChatGPT & LLMs for Practical Applications: Tips, Tricks, and Use Cases
Mastering ChatGPT & LLMs for Practical Applications: Tips, Tricks, and Use CasesMastering ChatGPT & LLMs for Practical Applications: Tips, Tricks, and Use Cases
Mastering ChatGPT & LLMs for Practical Applications: Tips, Tricks, and Use Cases
Sanjay Willie
GDG Cloud Southlake #40: Brandon Stokes: How to Build a Great Product
GDG Cloud Southlake #40: Brandon Stokes: How to Build a Great ProductGDG Cloud Southlake #40: Brandon Stokes: How to Build a Great Product
GDG Cloud Southlake #40: Brandon Stokes: How to Build a Great Product
James Anderson
NSFW AI Chatbot Development Costs: What You Need to Know
NSFW AI Chatbot Development Costs: What You Need to KnowNSFW AI Chatbot Development Costs: What You Need to Know
NSFW AI Chatbot Development Costs: What You Need to Know
Soulmaite
AMER Introduction to ThousandEyes Webinar
AMER Introduction to ThousandEyes WebinarAMER Introduction to ThousandEyes Webinar
AMER Introduction to ThousandEyes Webinar
ThousandEyes
SECURE BLOCKCHAIN FOR ADMISSION PROCESSING IN EDUCATIONAL INSTITUTIONS.pdf
SECURE BLOCKCHAIN FOR ADMISSION PROCESSING IN EDUCATIONAL INSTITUTIONS.pdfSECURE BLOCKCHAIN FOR ADMISSION PROCESSING IN EDUCATIONAL INSTITUTIONS.pdf
SECURE BLOCKCHAIN FOR ADMISSION PROCESSING IN EDUCATIONAL INSTITUTIONS.pdf
spub1985
DealBook of Ukraine: 2025 edition | AVentures Capital
DealBook of Ukraine: 2025 edition | AVentures CapitalDealBook of Ukraine: 2025 edition | AVentures Capital
DealBook of Ukraine: 2025 edition | AVentures Capital
Yevgen Sysoyev
THE BIG TEN BIOPHARMACEUTICAL MNCs: GLOBAL CAPABILITY CENTERS IN INDIA
THE BIG TEN BIOPHARMACEUTICAL MNCs: GLOBAL CAPABILITY CENTERS IN INDIATHE BIG TEN BIOPHARMACEUTICAL MNCs: GLOBAL CAPABILITY CENTERS IN INDIA
THE BIG TEN BIOPHARMACEUTICAL MNCs: GLOBAL CAPABILITY CENTERS IN INDIA
Srivaanchi Nathan

Featured (20)

2024 Trend Updates: What Really Works In SEO & Content Marketing
2024 Trend Updates: What Really Works In SEO & Content Marketing2024 Trend Updates: What Really Works In SEO & Content Marketing
2024 Trend Updates: What Really Works In SEO & Content Marketing
Search Engine Journal
Storytelling For The Web: Integrate Storytelling in your Design Process
Storytelling For The Web: Integrate Storytelling in your Design ProcessStorytelling For The Web: Integrate Storytelling in your Design Process
Storytelling For The Web: Integrate Storytelling in your Design Process
Chiara Aliotta
Artificial Intelligence, Data and Competition SCHREPEL June 2024 OECD dis...
Artificial Intelligence, Data and Competition SCHREPEL June 2024 OECD dis...Artificial Intelligence, Data and Competition SCHREPEL June 2024 OECD dis...
Artificial Intelligence, Data and Competition SCHREPEL June 2024 OECD dis...
OECD Directorate for Financial and Enterprise Affairs
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
SocialHRCamp
2024 State of Marketing Report by Hubspot
2024 State of Marketing Report by Hubspot2024 State of Marketing Report by Hubspot
2024 State of Marketing Report by Hubspot
Marius Sescu
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
Skeleton Technologies
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
contently
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
Albert Qian
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
Clark Boyd
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
Tessa Mero
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Lily Ray
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
Rajiv Jayarajah, MAppComm, ACC
2024 Trend Updates: What Really Works In SEO & Content Marketing
2024 Trend Updates: What Really Works In SEO & Content Marketing2024 Trend Updates: What Really Works In SEO & Content Marketing
2024 Trend Updates: What Really Works In SEO & Content Marketing
Search Engine Journal
Storytelling For The Web: Integrate Storytelling in your Design Process
Storytelling For The Web: Integrate Storytelling in your Design ProcessStorytelling For The Web: Integrate Storytelling in your Design Process
Storytelling For The Web: Integrate Storytelling in your Design Process
Chiara Aliotta
Artificial Intelligence, Data and Competition SCHREPEL June 2024 OECD dis...
Artificial Intelligence, Data and Competition SCHREPEL June 2024 OECD dis...Artificial Intelligence, Data and Competition SCHREPEL June 2024 OECD dis...
Artificial Intelligence, Data and Competition SCHREPEL June 2024 OECD dis...
OECD Directorate for Financial and Enterprise Affairs
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
SocialHRCamp
2024 State of Marketing Report by Hubspot
2024 State of Marketing Report by Hubspot2024 State of Marketing Report by Hubspot
2024 State of Marketing Report by Hubspot
Marius Sescu
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
Skeleton Technologies
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
contently
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
Albert Qian
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
Clark Boyd
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
Tessa Mero
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Lily Ray
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
Rajiv Jayarajah, MAppComm, ACC

Killing with keyboards[opsec]

  • 1. Killing with Keyboards Websites, Blogs and Other Sources of Program Information and Identity Theft
  • 2. Meet Chris Husband, father of two, weekend little league coach He is a talented and dedicated engineer for Bright Company In the year 2010 Chris will kill 238 U.S. Soldiers because of a decision he made tonight
  • 3. On rare occasions At night Chris will log on to engineering community web sites and blogs, just to stay current with the industry EaglesFan54 Chris works for a defense contractor and has listened to all of the security briefings. He knows to be careful about what he tells anyone. Chris never uses his name and rarely posts anything at all. When he does, he only uses his on-line name.
  • 4. 09/13/2004 EaglesFan54 I know for a fact that WIRENUT207 is dead wrong, but I cant say how I know. You really need to go back and get some updated information, but thats all I can say about it. 05/11/2005 EaglesFan54 Kyle Boldgers new book Beyond Advanced Electronics is by far the best industry book I have read in 10 years. Everyone should check it out. 02/18/2006 EaglesFan54 I dont agree at all that the HLT5807 chip is out of favor. Even the military uses it on their major new programs.
  • 5. Meet Alice She is 16, and for the last two years her government has been teaching her English Alice has done well, so eight months ago they started to teach her to use a computer and to search the Internet Just like every day, Alice is using Google today. Searching for words and phrases from a list her government gave her. Alices favorite English word is Google Alice knows if she works hard for five years and creates lots of files for her government, they will move her family to a nicer apartment and maybe even send her to more school. Today, Alice found Chris
  • 6. 02/18/2006 EaglesFan54 I dont agree at all that the HLT5807 chip is out of favor. Even the military uses it on their major new programs. USA-15-4138
  • 7. The day started great for Chris The team he leads hit a major program milestone, and each was given an unexpected performance bonus. For Chris it was one step closer to his retirement fishing cabin. Yet another half day spent in a quarterly security update briefing. Chris promised his team he would talk to senior management about not wasting their time on these anymore. And then the day went bad
  • 8. It did give the team an excuse to get some good coffee for a change After the briefing his team walked across the parking lot to the new American Tea that was just built. It catered to the large Bright Co. team that worked at their site. While in line Chris complained to one of his team, Do they really think a person with a Secret clearance needs to be reminded about this stuff? And no one goes dumpster-diving any more! These security guys have no clue what theyre talking about. Chris was still angry about the briefing The store offered free Wi-Fi (wireless Internet access), six free small quiet rooms to make phone calls, and a 15% discount to Bright Company employees (just show your employee badge at the time of purchase). It was a great place to unwind
  • 9. Alices progress was slow and steady Her group leader often repeats that the searchers need to be very patient. It may take weeks to find something important, but each petal helps you identify the flower it came from. Each piece of the puzzle provides a new search opportunity EaglesFan54 09/13/2004 EaglesFan54 I know for a fact that WIRENUT207 is dead wrong, but I cant say I how I know. You really need to go back and get some updated information, but thats all I can say about it. 05/11/2005 EaglesFan54 Kyle Boldgers new book Beyond Advanced Electronics is by far the best industry book I have read in 10 years. Everyone should check it out. 02/18/2006 EaglesFan54 I dont agree at all that the HLT5807 chip is out of favor. Even the military uses it on their major new programs. I cant say how I know Book suggestion: Beyond Advanced Electronics military and major new programs
  • 10. Eagles Beyond Advanced Electronics Alice followed the information from one website to another What seemed like unimportant information from one site was the start of the Google search leading to other sites. Chris Raddick Philadelphia, PA I cant say how I know Book suggestion: Beyond Advanced Electronics Even items which are now deleted from web sites can still be searchable within the Google cache (history) Customer Reviews Great Industry Read , May 7, 2005 Reviewer: Chris Raddick The #1 Eagles Fan (Philadelphia, PA) - See all my reviews
  • 11. Chris Raddick Philadelphia Eagles The search results produced even more new sources to follow Chris Raddick Beth Raddick Kyle Raddick Chris Raddick (215) 555-1784 ( cell phone? ) [email_address] ( employer? ) Kyle Raddick, 16 ( son? ) MySpace (blog) website Beth Raddick ( wife? ) (215) 555-3159 ( home phone? ) [email_address] alltheraddicks.com ( website? ) Email: Chris Raddick [email_address] , Phone: (215) 555-1784; Email: Beth Raddick [email_address] , Phone: (215) 555-3159 www.payouthleagefootball.net/division1/parentlisting.html Web Youth League Families Philadelphia Little Eagles Chris whole team from Bright celebrated Bright Night with players from the Eagles . The company sponsored night. www.cableco.com/alltheraddicks.com/brightnight.htm The Raddick Family Bright Night with the Eagles MySpace Profile - Kyle Raddick , 16 years old, Male, Philadelphia , PA www.myspace.com/kyle raddick
  • 12. Chris Raddick Philadelphia Eagles Each new site produces more information Web Chris whole team from Bright celebrated Bright Night with players from the Eagles . The company sponsored night. www.cableco.com/alltheraddicks.com/brightnight.htm The Raddick Family Bright Night with the Eagles Family and club web sites can be used to find new information or confirm data Chris with Kelli Bright The Bright Stars Bright Company sponsored Bright Night with the Eagles Beth making new friends!
  • 13. The information was all there, on sites Chris had never visited or posted information to And eventually Alice was done searching Reverse Phone Number Search (215) 555-1784 Results 1 listing matching (215) 555-1784 Christopher Raddick 1359 Lost Way Philadelphia, PA (215) 555-1784 Search Again Modify Search Printer Friendly Results 1 listing matching (215) 555-3159 Elizabeth Raddick 1359 Lost Way Philadelphia, PA (215) 555-3159 Search Again Modify Search Printer Friendly Chris Raddick Beth Kyle www www www www www www www www www Bright Co.
  • 14. It was a great day for Alice Her leader rewarded Alice for completing her 200 th file. She was allowed to recommend a family member to join her at school. Soon Alice would have the honor of teaching her thirteen year old sister all she had learned about computers and Google. The information about Chris was now available for use as needed USA-15-4138 Christopher (Chris) Allen Raddick , Born 1954 Married, two children (see family attachment) 1359 Lost Way, Philadelphia, PA; Ph. cell 215.555-1784 Employed: Defense Contractor, The Bright Co. Engineer, Sports Teams: Eagles football; Childrens Sports Coach; Drinks Alcohol; Sails; Water-skis; Home Mortgage, $234,177; First Federal Bank; Vehicles: 2004 Chevrolet Camaro, 1999 Volvo Wagon
  • 15. In early 2008 Alices government became aware that a vulnerability exists in technology which may have been integrated into certain U.S. defense projects. To benefit from the information, they needed to know for sure. Later that same year, Chris attended an out-of-town engineering conference for defense and related industries. Although held at the unclassified level, conference attendance was very restricted. Every attendee required a government sponsor. The hotel conference center had guards outside the meeting rooms, and conference badges had to be worn when attending sessions.
  • 16. Chris sat in the hotel bar He was tired after four days of conference At the other end of the bar Chris noticed a guy wearing an Eagles hat. He had seen him several times around the hotel in the last several days. In the restaurant, lobby and elevators. Chris walked over. Eagles! In this town? Chris said. I know, Im getting grief from everyone, the man replied. Not from me. Im actually a diehard Chris said. Youre kidding me! The man introduced himself as Tom. Well thats definitely worth a beer, Tom said smiling. Greatly appreciated, Chris said. You at the conference? Tom nodded. First week out of my lab in two years. Chris grinned. DOD project? Chris asked, drinking his beer. Sorry, cant say, Tom replied. You know, that always sounds bad no matter how you say it. Nothing personal. Chris smiled No problem. Really, I totally understand.
  • 17. Tom insisted on buying dinner They talked sports and generally about work, careful not to say too much. Tom bought a second pitcher of beer, reminding Chris that Toms company was more than happy to pay his expense account since he traveled so rarely. I was actually hoping to hear if anyone else was thinking of using Claridens new Digital Signal Processors, Tom mentioned casually. I hate being the first program to use a new chipset. Dont worry then, Chris said, Army is using them. Tom grinned. You must be working on that new Army program. Cant say, Chris said smiling, but you definitely dont need to worry that your program will be the first military program to use it.
  • 18. Dinner was now over Tom was very pleased that it has gone so smoothly. He had the confirmation he needed, and would even be able to contact Chris again if need be. He had told Chris that he had to leave the conference the next morning to catch an early flight. No risk of having to explain why he was not registered to attend the conference. Tom never even had to threaten Chris with the picture in his pocket, designed to show Chris how close Toms supporters had come to using Chris family as motivation.
  • 19. 2009 was a very good year! Kyle Raddick, Chris and Beths oldest son had joined the Army. They were very proud of him. Chris took extra pride in knowing what he contributed to the success of the Armys new system. For Chris and his family... For Alices government... Alices government used the information they had developed from Chris about the system vulnerability to trade with another government, who was very interested in using it against the United States.
  • 20. In the year 2010 Chris will lie in bed and watch the news tonight, and worry about the life of his son. What will you do the next time all of those security warnings seem like they apply only to someone else. Another 238 U.S. Soldiers were killed.
  • 21. Five Discussion Topics The information and scenarios in the preceding self-assessment presentation were all true. The characters and the vulnerability were the only fiction
  • 22. I am no one they care about That may be true for now, but you never know when one on-line posting will bring YOU to their attention. Chris was just another name in a file until they needed some inside information about his program. It never occurred to him that an intelligence agency would target him for a piece of information, but they did. Some things to think about Chris had no idea that just confirming that the Clariden DSP chip was in use would be enough to hurt or kill. But that one small piece of information was the last piece in the puzzle that the enemy was putting together. While Chris thought he was careful, it is difficult to know exactly what an adversary is looking for, and if what you have may be of benefit. 1
  • 23. I dont have ANY adversaries! Feel like all of this war and terrorist or adversary talk is about someone else? Take a quick look at some other groups that use these exact same on-line information gathering techniques. Some things to think about Former girlfriends, boyfriends, divorced spouses. Angry neighbors, people you only knew casually. Disgruntled co-workers, employees, temporary workers. Identity thieves. (Try a Google search on your name.) Pedophiles seeking information to convince your children that they should be trusted Anyone else who might want a little information about you, even just to know you better than you want them to. 2
  • 24. Im smarter than the enemy Its a common feeling. People interviewed often say they know they are smarter than some guy who is now just sitting in a cave hiding from us. Chris knew he was smarter than any adversary when he used careful expressions like, I cant say how I know. Some things to think about In addition to small radical groups, our adversaries are some of the largest nations in the world, who are willing to spend BILLIONS of dollars to gain an economic advantage. Information theft is a good investment for them, even if they just trade it for something they want. Some of the worlds best intelligence agencies are training young people as experts to go and gather information for them. You are up against the experts! 3
  • 25. I dont post on the Internet Not posting may help you somewhat, but it is just one example of how you can come to the attention of someone with bad intentions. Another source is unencrypted email messages which are either misrouted, intercepted, or gathered by adversaries on discarded or poorly protected backup tapes. Stealing backup tapes is a common occurrence. Some things to think about Remember that Chris did not know about all of the information sources that had information about him. He only thought about the sites he dealt with. Most of the others you dont have control over, but you do have control to encrypt email and post as little account information as you can on web sites. 4
  • 26. What about the Coffee Shop? The coffee shop was a reminder that while there are good business reasons to target defense contractors, etc., as customers, those methods are also good ways to gather sensitive information. Most front businesses will not be called Terrorist Coffee so you need to pay attention to the less obvious. Some things to think about Free Internet also provides a way to capture network traffic, including personal email passwords that are often similar to work passwords. Every puzzle piece helps them. Free Quiet Rooms encourage sensitive conversations in rooms that may have listening devices. By showing a badge, bad guys know any time a facility changes its badge, and when new security like smart chips are rolled out. If they have infiltrated a facility, they know to update their fake badges by the next day. 5
  • 27. Dont feel hopeless Increasing your awareness that you really are a potential target, remembering that being clever in a conversation or email is very likely to fail, limiting what you can on the Internet, and encrypting all email and drive storage you are able to Really can make the difference!
  • 28. This briefing was developed by Raytheon in conjunction with The Boeing company Future Combat Systems Office of the CIO, for Policy and Standards. In addition We would like to acknowledge the National Security Agencys IOSS www.IOSS.gov For their leadership and training which inspired the idea for this series
AboutCopyright
息 2025 際際滷