WASHINGTON — It’s a well-known fact that criminal gangs and profit-driven
cyber hackers are after the personal
information of U.S. government employees, but the director of the newly
minted
National
Counterintelligence and Security Center (NCSC) says intelligence agencies
from certain foreign countries are lined up to get at it too.
Your name, Social Security number, date of birth, where you’ve lived,
where you’ve worked and your banking information are known in the intelligence
world as personally identifiable information (PII). When that PII is gathered,
whether in bits and pieces or all at once, government employees become
potential targets of credit and financial fraud and could be left at
the mercy of foreign spies.
Those data points “are information that a hostile intelligence service can
use to target you as a person that can potentially be recruited,” NCSC
Director William Evanina told WTOP in an exclusive interview.
Aldrich Ames, Robert Hanssen, Ana Montes and John Walker lead a long list of
American government employees and contractors seduced by the appeal of a
foreign riches or ideals and were successfully recruited as spies.
White House and State Department email systems are among known U.S. government
agencies and organizations that have been breached recently in high-profile
cyber intrusions. But Evanina, who will retain his leadership of the Office of
the National Counterintelligence Executive, said he has a greater worry.
“My biggest fear is what we don’t know. We’ve identified these intrusions, but
what intrusions have we not identified?”
He said the growing cyber-espionage capabilities of hostile intelligence
agencies are worrisome to U.S. policy makers.
“I think their concerns are not only what are we losing from exfiltration,
but how do we stop it. Also, why would Country X really want to know the PII
from our government employees,” said Evanina.
As for those who suspect they’ve been targeted or breached, Evanina suggests
reporting it to their supervisors.
“Do a credit check for yourself, take the time and effort to really scrutinize
the next 30 to 60 days of your financial transactions,” said Evanina.
The NCSC debuted Monday as the U.S. intelligence community seeks to stay ahead
of the aggressive evolution of complicated espionage, cyber and security
threats.
“The establishment of the National Counterintelligence and Security Center
supports our effort to ensure counterintelligence and security are addressed
as interdependent and mutually supportive disciplines,” says Director of
National Intelligence James Clapper. “These disciplines have shared objectives
and responsibilities associated
with the protection of information, sources and methods.”
The NCSC will work parallel to the Office of the National Counterintelligence
Executive (ONCIX), which was created by the Counterintelligence Enhancement
Act of 2002 to carry out counterintelligence and security responsibilities for
the director of national intelligence.
The NCSC’s purpose is “to provide a leadership construct for [U.S. government]
security personnel, outside of the counterintelligence framework,” Evanina
says.
Evanina adds that the
creation of the center was predicated by the destructive growth and complexity
of cyber threats, economic espionage, insider threats and supply-chain
threats.
The agency said in a statement that the NCSC will integrate and align
counterintelligence and security mission areas, and carry out
counterintelligence and security responsibilities under a single
organizational model, much like the National Counter-terrorism Center (NCTC)
and the National Counter-Proliferation Center (NCPC).
Follow @WTOP on Twitter and WTOP on Facebook.