We all know the anger and aggravation we feel when our grandparents or parents get scammed online. Online thieves have become so prolific there is generally only a sigh from police. They advise giving our parents training in spotting deceit online. Then you notify appropriate online government agencies. Then follows the inevitable computer cleansing, the new passwords, and a host of other unexpected pitfalls, all thanks to the scam.
The cleared world is much like this. If we are ‘scammed’ by a collector (that is, a spy) we might not know what the purpose of the online theft is. Consider this. If we determine that some unknown connection has been sucking away data and feeding it to another computer somewhere, that is espionage. But what if the device we ‘discover’ is only by inference? We see bad results in our program, but can’t figure out the cause. Even worse, what if the secret collector’s online malware insertion just stayed where it was, doing nothing? How could that even be a cause for worry? Think again.
Don’t Ignore Intrusions
In 2010 inspectors couldn’t account for the damage done to many nuclear centrifuges in Iranian facilities. The Iranians were perplexed. They fired engineers, then sought possible spies. They then concluded their data was simply wrong. Nothing they did corrected the failure of these vital equipment performances. What happened? As far as who’s guilty, we can leave that for another day. What is important here is that the so-called Stuxnet worm which jumbled up those computers was, as Edward Snowden and others alleged, from our country and Israel. The purpose was to render harmless Iranian nuclear development. True or not, we can learn from all this.
Intrusions into our computer programs need to be found. Some are inserted through traditional phishing and other known scams. Training of your employees in awareness is critical. Just like your parents, people who get scammed are usually trusting and trustworthy. That is the Achilles heel the intruder seeks. Once malware is inserted, either through a clever online scam, or through other means, (if your computers are gap protected stand- alone systems), you need to find out. Unwitting or witting insertion of a malware device into your system can happen in the same way spies recruit someone to get something for them. For instance, a young boy whose father worked at a major military airbase was asked to send photos of where his dad worked by a ‘friendly’ correspondent! No one knows how the Iranian computers which controlled the centrifuges were compromised, but they were, and at the worst possible time. Check your systems.
Identifying and Dealing with Intrusions
Let’s collect our thoughts on why computers go wrong. They could be compromised, and you know right away. All your systems fail to work because of ‘denial of service attacks’, or something equally as obvious. Or, you might have an electrical intruder who sits, waiting for the moment to strike. You may find such a device or program inserted into your computer system. Best to have specialists identify them, and then determine the reason they are there. Once they do, they can tell you if the device is a spy, siphoning your system to another collector. Or, they can advise you that the intrusion is a sabotage method awaiting direction to attack. Or they could tell you something else. If you discover such a device, absolutely maintain secrecy about its discovery.
Stay closely connected with your investigative personnel. They can refer your cleared program personnel to necessary training. They can also advise you on what to watch for. They are there to help prevent those ‘That doesn’t seem right’ moments which suggest a possible intrusion. America is getting serious about cyber warfare, online disinformation, and simple deception. Remember, the spy might also be a saboteur. Best to find out early, and act. Remember this above all else. If you suspect an intrusion into your electrical systems, control access to who knows. Do not make it publicly known. Absolutely limit those knowledgeable to your appropriate chain of command, your security experts, and consulting intelligence specialist investigators. Remember: Only Need To Know. You may be on to something big, so don’t let the world know. Otherwise, your silent saboteur might disappear.