Digital Conflict

By Kevin Coleman

Blog archive
Kevin Coleman

Private sector needs way to submit cyber threat tips

The intelligence community has done a remarkable job protecting our nation from an untold number of threats; however, I became aware of a recent incident that suggests perhaps it is time for an overhaul.

A cleared individual who works in the computer industry and on the fringe of the defense industry was contacted by a foreign national from outside the United States who was interested in his advice on acquiring a cyber weapon for a rebel group in a third-world country. Specifically, the foreign national was seeking advice on which cyber weapon the group should acquire and where it could get it.

Concerned about this request, which was not a single contact by the way, the cleared individual sought to disclose this to our intelligence community. Subsequently, the cleared individual contacted a business acquaintance in the military for advice. His military business acquaintance gave him the name and phone number of a friend in a three-letter agency within the intelligence community.

The cleared individual contacted that person to disclose his interaction with the foreign national. The person in the three-letter agency listened to what had taken place and then asked a couple of questions. One of the questions was to determine who cleared individual was, his clearance and for whom he worked. Once the cleared individual disclosed that he worked in the private sector, he was told by the individual from the three-letter agency, “I can’t talk to you.” The cleared individual quickly responded, “You have the intelligence now – deal with it.”

Private-sector organizations and individuals with and without security clearances often come upon important pieces of information. If someone who is close to the military can’t figure out how to get this intelligence into the “system,” what are the chances that critical infrastructure providers – in the private sector – can easily and effectively communicate cyber threat intelligence they uncover?

Posted by Kevin Coleman on Jun 16, 2011 at 12:54 PM


Reader Comments

Thu, Jun 23, 2011 Steve Philippines

Kevin Many companies are members of INFRAGARD. It seems to me that the INFRAGARD networking infrastructure encourages and documents reporting of this type of contact. I'm not sure of your experience with the organization, or the experience of your readers, but there may be a mechanism already in place. Perhaps then its a training issue that the cleared worker either wasn't briefed on what to do with the information he has, or didn't remember what he was told. Anyway, take a look at http://www.infragard.net/. Reaction? Thoughts?

Mon, Jun 20, 2011 BobInTexas Central Texas, USA

The FBI's InfraGard program provides excellent bi-directional communications between law enforcement and both public and private sector individuals. Developed after the Oklahoma City bombing, when the number of hard drives that had to be forensically reviewed from the wreckage overran the number of cleared forensic technicians available, InfraGard membership involves a low-level security clearance and members are provided excellent access to emerging security issues as well as communications channels back to the FBI for reporting incidents and events.

Thu, Jun 16, 2011 terry Phoenix

At an accounting CPE seminar last year on forensic accounting, we had the local FBI chief of white collar crime talk to us, and she said if we saw anything hinky to call the LOCAL FBI office. i think the problem of fear and contamination reflex is with the National offices of the security agencies.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above

Defense Systems eNewsletters