Features

Features

National Counterintelligence and Security Center

Products Services Icon NITTF Resource Library

 

As part of its assistance mission, the NITTF works within the Insider Threat community to identify best practices, policy templates, and guidance to assist in the development of Insider Threat Programs and Insider Threat Training.  Please check here periodically for newly posted information that may be of assistance.

 

As needed, the NITTF publishes advisories and directives, the former serve to inform, instruct, or guide and the latter to establish a policy, assign responsibilities or define objectives to be followed. In addition, NITTF has fostered the development and publication of policy and programmatic tools such as the Insider Threat Program Cost Model, the Insider Threat Security Classification Guide, and the Guide to Accompany the National Insider Threat Policy and Minimum Standards.

 

NITTF Produced Guides & Templates:

NITTF Directives & Advisories:

  • NITTF Advisory 2017-01: Insider Threat Competency Resource Guide (Unclassified) (PDF)
  • NITTF Clarification of Enterprise Audit Management (EAM), User Activity Monitoring (UAM), Continuous Monitoring, and Continuous Evaluation Memorandum*
  • NITTF Insider Threat Awareness Training Directive*
  • NITTF Computer Banner Language Advisory*
  • NITTF Data Mining Reporting Advisory*
  • NITTF Legal Guidance Advisory*
  • NITTF Records Management Advisory*

 

NITTF Collaboration Efforts:

As part of the NITTF’s focus on assisting the executive branch with meeting the minimum standards, the NITTF has partnered with D/As to develop solutions to visualize complex data at no cost, provide a GOTS case management tool to D/As insider threat programs, and have assisted classified network providers with developing written data sharing agreements to meet minimum standard requirements.

 

        * This material is For Official Use Only, and has not been approved for public release.  Please contact the NITTF if you have an official need for this item.

 

NITTF Logo

NCSC does not provide printed copies of our posters. These materials are NOT copyrighted, and you are welcome to download, print, and disseminate our posters freely to promote greater counterintelligence awareness.

Posters

"I Want You..."
This poster highlights the counterintelligence threat from non-state actors, such as drug cartels and other transnational criminal organizations. Non-state actors actively recruit US government employees, law enforcement, contractors, and military personnel with knowledge, access, and skills of value, including operational knowledge, access to sensitive or classified information, and military and law enforcement training. Verifying the true origin and nature of business proposals can reduce the risk of unwittingly assisting a non-state actor.

"Recruitment Classified Ads"
Recruitment attempts by a drug cartel or terrorist organization are never as obvious as in this poster. The poster highlights that non-state actors, just as foreign intelligence services, recruit US government officials, law enforcement, contractors, and military personnel for their knowledge, access, and skills.

Economic Espionage: $240 Million - 1
Years of research. Hundreds of millions of dollars invested. All Lost.

Economic Espionage: $240 Million - 2
Years of research. Hundreds of millions of dollars invested. All Lost.

Economic Espionage: Made in the USA
Stolen and transferred to an unnamed country with a cool wall, great noodles, and countless cyber hackers.

Economic Espionage: USB Port - 1
"The research project of a lifetime just ran out my ... USB Port." Corporate thieves no longer use the front door.

Economic Espionage: USB Port - 2
"The research project of a lifetime just ran out my ... USB Port." Corporate thieves no longer use the front door.

W. Kendall Myers
A CI education and awareness poster highlighting a recent Cuban espionage case.

Treason from Within
A CI awareness poster on the insider threat with a special emphasis on Cuban espionage.

X-Rays Poster
A CI awareness poster showcasing proactive counterintelligence.

Tall Order Poster
A CI awareness poster reminding us that protecting our most valuable data makes all of us safer.

Espionage Poster
The ONCIX's award-winning poster serves as a reminder that there are no winners in the espionage game.

Our Country Poster
The ONCIX's CI and security-awareness poster showcasing America's cities, states, and landmarks.

Tears Poster
This poster emphasizes CI support to force protection.

Lincoln Poster - Need To Know
A CI and security-awareness poster underscoring the "Need To Know."

Protecting Sensitive Information
An ONCIX poster that highlights the importance of protecting sensitive information to help safeguard our people and our country.

One Evil
This poster features the pictures of several convicted spies and a George Washington quote.

Robert P. Hanssen
This poster ... Spy, Traitor, Deceiver..., which captures the essence of Robert P. Hanssen's career, is available as a reminder of the life he chose and its ultimate conclusion.

Don't Tread On Me
This ONCIX poster features quotes from Presidents George W. Bush and Thomas Jefferson, along with renderings of the US and "DON'T TREAD ON ME" flags.

Trade Secrets Are The Key
A great reminder to your employees that protecting your company's trade secrets is critical to the economic survival of both your company and our country.

Without Its Trade Secrets
A poster showing the devastating effects that economic espionage can have on a country.

FINAL Know the Risk Red block

 

Foreign intelligence entities, which may include foreign governments, corporations, and their proxies, are actively targeting information, assets, and technologies that are vital to both U.S. national security and our global competitiveness.  The National Counterintelligence and Security Center is dedicated to raising awareness among government employees and private industry about these foreign intelligence threats, the risks they pose, and the defensive measures necessary for individuals and organizations to safeguard that which has been entrusted to their protection.


The following products will enable personnel to better understand these threats and provide guidance and tips for protecting the sensitive information, assets, technologies, and networks to which employees have access.  It will also serve to help them protect their personal, confidential information that may be used by others to gain their trust.

 

Toolkits

 

  fed partner button  

 

video icon  Videos

 

Social Media Deception
Social Media Deception
Social Engineering
Social Engineering

 

 More Awareness Videos...

 

Print Materials

Posters

         
Download all posters


Brochures

Download brochure         

 

CFIT Image for UNCLAS

Download CFIT brochure


Flyers

   

Download all flyers

 

Infographics

  

Download all infographics

 

Other Government Products

 

Links & Additional Resources

 

Traveling Overseas with Mobile Phones, Laptops, PDAs, and Other Electronic Devices

 

YOU SHOULD KNOW

 

For general travel alerts and information, see the Department of State Site. http://travel.state.gov/content/passports/en/alertswarnings.html. 

 

  • In most countries you have no expectation of privacy in Internet cafes, hotels, offices, or public places. Hotel business centers and phone networks are regularly monitored in many countries. In some countries, hotel rooms are often searched.
  • All information you send electronically – by fax machine, personal digital assistant (PDA), computer, or telephone – can be intercepted. Wireless devices are especially vulnerable.
  • Security services and criminals can track your movements using your mobile phone or PDA and can turn on the microphone in your device even when you think it’s off. To prevent this, remove the battery.
  • Security services and criminals can also insert malicious software into your device through any connection they control. They can also do it wirelessly if your device is enabled for wireless. When you connect to your home server, the “malware” can migrate to your business, agency, or home system, can inventory your system, and can send information back to the security service or potential malicious actor.
  • Malware can also be transferred to your device through thumb drives (USB sticks), computer disks, and other “gifts.”
  • Transmitting sensitive government, personal, or proprietary information from abroad is therefore risky.
  • Corporate and government officials are most at risk, but don’t assume you’re too insignificant to be targeted.
  • Foreign security services and criminals are adept at “phishing” – that is, pretending to be someone you trust in order to obtain personal or sensitive information.
  • If a customs official demands to examine your device, or if your hotel room is searched while the device is in the room and you’re not, you should assume the device’s hard drive has been copied.

 

BEFORE YOU TRAVEL

  • If you can do without the device, don’t take it.
  • Don’t take information you don’t need, including sensitive contact information. Consider the consequences if your information were stolen by a foreign government or competitor.
  • Back up all information you take; leave the backed-up data at home.
  • If feasible, use a different mobile phone or PDA from your usual one and remove the battery when not in use. In any case, have the device examined by your agency or company when you return.
  • Seek official cyber security alerts from: www.onguardonline.gov and www.us-cert.gov/cas/tips

 

Prepare your device:

  • Create a strong password (numbers, upper and lower case letters, special characters – at least 8 characters long). Never store passwords, phone numbers, or sign-on sequences on any device or in its case.
  • Change passwords at regular intervals (and as soon as you return).
  • Download current, up-to-date antivirus protection, spyware protection, OS security patches, and a personal firewall.
  • Encrypt all sensitive information on the device. (But be warned: In some countries, customs officials may not permit you to enter with encrypted information.)
  • Update your web browser with strict security settings.
  • Disable infrared ports and features you don’t need.

 

WHILE YOU'RE AWAY

  • Avoid transporting devices in checked baggage.
  • Use digital signature and encryption capabilities when possible.
  • Don’t leave electronic devices unattended. If you have to stow them, remove the battery and SIM card and keep them with you.
  • Don’t use thumb drives given to you – they may be compromised. Don’t use your own thumb drive in a foreign computer for the same reason. If you’re required to do it anyway, assume you’ve been compromised; have your device cleaned as soon as you can.
  • Shield passwords from view. Don’t use the “remember me” feature on many websites; re type the password every time.
  • Be aware of who’s looking at your screen, especially in public areas.
  • Terminate connections when you’re not using them.
  • Clear your browser after each use: delete history files, caches, cookies, URL, and temporary internet files.
  • Don’t open emails or attachments from unknown sources. Don’t click on links in emails. Empty your “trash” and “recent” folders after every use.
  • Avoid Wi-Fi networks if you can. In some countries they’re controlled by security services; in all cases they’re insecure.
  • If your device or information is stolen, report it immediately to your home organization and the local US embassy or consulate.

 

WHEN YOU RETURN

  • Change your password.
  • Have your company or agency examine the device for the presence of malicious software.

 

The most up-to-date training and awareness films addressing threats such as foreign recruitment of U.S. students, targeting of U.S. industry and corporate executives, Insider Threats, and the advanced technical threats of the 21st Century.

 

gop seals horizontal

 

Game of Pawns -- The Glenn Duffie Shriver Story

 

Based on a true story, Game of Pawns is a call for vigilance to the nearly 260,000 American students studying abroad.

 

Synopsis:

There is an ancient Chinese proverb:  Life is a game of chess, changing with each move.  Glenn Duffie Shriver's first big move was the dream of a lifetime:  a study abroad year in Shanghai, China.  But, his year overseas would, eventually, lead him down a treacherous path.  After answering a work-for-hire ad in a online college newspaper, shriver is befriended by three Chinese intelligence officers.  What first seems like an innocent offer of friendship and a "free" scholarship ends in a life-altering prison term for conspiracy to commit espionage against the United States.

Produced by the Counterintelligence Division of the FBI in association with the FBI's Washington Field Office and the National Counterintelligence and Security Center, Game of Pawns is a cautionary tale for all students to be vigilant during their time abroad.

 

(coming soon a Special Features: Excerpts from the prison cell interview with the real Glenn Duffie Shriver.)

 

 terminal risk seals

Terminal Risk 

 Terminal Risk -- a video jointly produced by NCSC, NSA, FBI and State/DS-- focuses on the Counterintelligence and security threats faced by the private sector at home and abroad. The ten vignettes were the result of NCSC discussions with industry security officers in the defense, pharmaceutical, entertainment, energy and IT sectors. They reflect real-life threats faced by the U.S. private sector from terrorists, foreign intelligence services and foreign competitors. The video also provides advice on steps private sector firms and their employees can take to counter these threats.

 



March 2018
March 12-16
Personnel Security Course, Linthicum, MD
Mon-Thurs 8:00a-4:30p, Fri 8:00a-12:00p
 
April 2018
April 9-13
ICD 705 Physical Security Course, Chantilly, VA
Mon-Thurs 8:00a-4:30p, Fri 8:00a-12:00p
 
April 16-20
Personnel Security Course, Chantilly, VA
Mon-Thurs 8:00a-4:30p, Fri 8:00a-12:00p
 
May 2018
May 7-11
Special Security Officer's Course, Chantilly, VA
Mon-Thurs 8:00a-4:30p, Fri 8:00a-12:00p
 
May 14-18
ICD 705 Physical Security Course, Linthicum, MD
Mon-Thurs 8:00a-4:30p, Fri 8:00a-12:00p
 
May 21-25
Personnel Security Course, Linthicum, MD
Mon-Thurs 8:00a-4:30p, Fri 8:00a-12:00p
 

National Counterintelligence and Security Center