Saturday, March 17, 2018

Personal Alarms

A personal alarm serves two main purposes. It can frighten away an attacker, and it serves as a call for help - a signal to others that something is wrong. Personal alarms emit a blaring noise, which should be at least 120 dB to be most effective. Louder is better when it comes to personal alarms. This noise will panic or cause momentary confusion in an attacker, giving you enough opportunity to fight back or run away. However, personal alarms are not just for frightening away an attacker; if the user (such as a child) is lost and needs to be found, the personal alarm can be very effective in calling for someone's attention. A personal alarm is also an excellent device to use to alert other people during any kind of emergency.

While quite effective in deterring crime or a possible attack and in helping locate a lost loved one, a personal alarm may not always be effective in certain situations. In a remote area there may be no one to hear the alarm and come to your aid. It is also possible that a violent attacker could grab the alarm away from you and destroy it, or simply not be deterred by the noise. Even if others hear the alarm, there is no guarantee that they will come to your aid. How much attention do you pay to a car alarm going off in the parking lot?

Understanding the limitations of personal alarms (they are just loud noise makers), I believe that they are a valuable addition to one's security plan. Students on campus, shift workers who walk across a dark parking lot, or anyone else who may need to signal for help can benefit from carrying a personal alarm.

Personal alarms only cost a few dollars, which makes them affordable for almost anyone. Also, they are not weapons so they are legal to carry everywhere. But please keep in mind, that like any self-defense tool, a personal alarm is not magic. No matter how loud your alarm is, it does not put up some kind of magical force field that will protect you from all bad people in the world. They will however, catch most people by surprise and disorient them long enough to give you an opportunity to get away. And they will also attract attention to your situation even if you aren't able to scream for help.

Vigilant Personal Alarm

ZekPro Personal Alarm

Mace Portable Door / Multipurpose Alarm

DEA Drug Fact Sheets

You hear about drugs on TV and in the movies, on the radio, in books and magazines, on the Internet, and in daily conversation with friends and peers. Some of the information is accurate, but a lot of it is not.

Here are a few realities to consider:
  • You can’t predict the effect that a drug can have on you - especially if it’s the first time you try it, and even if it’s a small amount or dose. Everyone's brain and body chemistry are different. Everyone's tolerance for drugs is different.
  • Using drugs can lead to abuse, addiction, serious health problems, and even death.
  • Drugs that are legal - prescription and over-the counter (OTC) medications - can be just as dangerous as illegal drugs.
Find out as much as you can about illegal and legal drugs and their effects on your body and brain. The more informed you are, the more confidently you can make the right decision about drugs. Read DEA Drug Fact Sheets for the latest information on drugs of abuse.

Friday, March 16, 2018

Safety and Security for the Business Professional Traveling Abroad

"Corporate espionage is an increasingly serious threat for a business traveler. The perpetrator may be a competitor, opportunist, or foreign intelligence officer. In many countries, domestic corporations collect competitive intelligence with the help and support of their government. To mitigate this risk, your organization’s critical information and technologies should not reside on any hard copy or electronic device you take unless it is absolutely necessary, and if so, then you must safeguard the physical access to the information by using encryption and keeping the material on your person at all times. Hotel safes are not adequate protection." The FBI has published a safety and security awareness brochure that you can download here.

In October 2017, I discussed Foreign Travel here in my blog. I encourage you to read that post, and if traveling for business to further consider the risks that you may face when traveling abroad.

Kevin D. Murray has published an excellent awareness paper for business travelers, "The Top Twenty Information Security Tips for Business Travelers to Closed Society Countries". You can request a free copy of this paper from Mr. Murray's Counterespionage web-site.

Stanford University's IT Department published "Recommendations for Travelers to High Risk Countries" which offers good cyber-security recommendations for travelers.

The Electronic Frontier Foundation (EFF) published "Digital Privacy at the U.S. Border: Protecting the Data On Your Devices".

While adversaries can and do target your electronic devices, remember that they can also target you directly.

Elicitation, as described in the FBI brochure, is a common techniques used to gather information from business travelers. A similar brochure about Elicitation and Recruitment is available from the Defense Security Service.
The Counterintelligence Awareness and Security Brief provided by CDSE is worth reviewing prior to any foreign travel, and the Office of the Director of National Intelligence has prepared an 8-minute YouTube video, "Your Personal Information: Protecting it from Exploitation" intended to help build security awareness. The Foreign Travel Vulnerability brochure from the Defense Security Service should also be included as part of security awareness training when preparing to travel abroad.  

Rules for Living in Interesting Times

There is an ancient Chinese curse which says "may you live in interesting times, may you come to the attention of those in authority". These are certainly interesting times, thus - gathered from many sources - I present my rules for living in interesting times.

Download a PDF of my Rules for Living in Interesting Times from my Google Drive.

The Moscow Rules

During the Cold War, the CIA developed unwritten rules of engagement for their spies called the Moscow Rules. Moscow was the most dangerous and difficult destination for a spy so the spies had to have special training in clandestine operations. Although no one had written them down, they were the precepts we all understood... By the time they got to Moscow, everyone knew these rules. They were dead simple and full of common sense...

Although the Cold War is over, the Moscow Rules still provide a useful guideline for individuals living and working in a non-permissive environment. So, collected from various sources, I present you with the Moscow Rules:
  1. Assume nothing.
  2. Technology will always let you down.
  3. Whatever can go wrong, will go wrong, and at the worst possible moment.
  4. Never go against your gut.
  5. Always listen to your gut; it is your operational antennae.
  6. Everyone is potentially under opposition control.
  7. Don’t look back; you are never completely alone.
  8. Go with the flow; use the terrain.
  9. Take the natural break of traffic.
  10. Maintain a natural pace.
  11. Establish a distinctive and dynamic profile and pattern.
  12. Stay consistent over time.
  13. Vary your pattern and stay within your profile.
  14. Be non-threatening: keep them relaxed; mesmerize!
  15. Lull them into a sense of complacency.
  16. Know the opposition and their terrain intimately.
  17. Build in opportunity but use it sparingly.
  18. Don’t harass the opposition.
  19. Make sure they can't anticipate your destination.
  20. Pick the time and place for action.
  21. Any operation can be aborted; if it feels wrong, then it is wrong.
  22. Keep your options open.
  23. If your gut says to act, overwhelm their senses.
  24. Use misdirection, illusion, and deception.
  25. Hide small operative motions in larger non-threatening motions.
  26. Float like a butterfly; sting like bee.
  27. When free, "In Obscura", immediately change direction and leave the area.
  28. Break your trail and blend into the local scene.
  29. Execute a surveillance detection run designed to draw them out over time.
  30. Once is an accident; twice is a coincidence; three times is an enemy action.
  31. Avoid static lookouts; stay away from chokepoints where they can reacquire you.
  32. Select a meeting site so you can overlook the scene.
  33. Keep any asset separated from you by time and distance until it is time.
  34. If the asset has surveillance, then the operation has gone bad.
  35. Only approach the site when you are sure it is clean.
  36. After the meeting or act is done, "close the loop" at a logical cover destination.
  37. Be aware of surveillance’s time tolerance so they aren’t forced to raise an alert.
  38. If an alert is issued, they must pay a price and so must you.
  39. Let them believe they lost you; act innocent.
  40. There is no limit to a human being’s ability to rationalize the truth.

Thursday, March 15, 2018

Untangling the Web: The NSA Guide to Internet Research

In 2007, Robyn Winder and Charlie Speight wrote "Untangling the Web: An Introduction to Internet Research" for the National Security Agency (NSA).

"Untangling the Web" is the National Security Agency's guide to finding information on the internet. From the basic to the advanced, this 650-page book offers a fascinating look at tricks the "real spies" use to uncover hidden (and not-so-hidden) information on-line.

On April 19, 2013, the NSA approved this guide for public release. Although the book is now somewhat dated, it still offers may useful tips for on-line research. You can download a PDF copy of "Untangling The Web" from 'The Government Attic' or directly from NSA.Gov.

No Facebook or Twitter? You’re a Spy.

Bottom Line: A spy's tradecraft must constantly evolve because of the rapid changes of the digital age - especially the tools and skills required to maintain a legend, or cover identity. Virtual recordkeeping, modern surveillance technology and the vast amounts of a person's background accessible on open-source platforms such as social media are affecting intelligence operatives' ability to operate covertly overseas.

Background: One of the most fundamental needs for a spy is their legend, or a well-prepared but made-up or assumed identity, also known as cover. Legends allow intelligence officers unique access into companies, ministries and groups of interest where they can recruit agents, manipulate unwitting insiders, or observe, report and take direct action themselves.

Broadly speaking, intelligence officers operate under three forms of cover - diplomatic, official and nonofficial. Diplomatic cover - under which an intelligence officer takes on the face of a diplomat - is likely the most common, as it grants diplomatic immunity as an insurance policy if discovered. Official covers are disclosed to the host governments and those operating under them openly cooperate and liaise directly with intelligence services in allied countries, creating a backchannel for sensitive interactions. Nonofficial cover, also known as deep cover, includes assuming a made-up identity such as a business person or student. Those under nonofficial cover operate without the knowledge of the host government. If caught, they could face severe repercussions.

The full article is on The Cipher Brief.  I found this to be an interesting topic, and something that must be considered by anyone working in a covert or clandestine capacity. In addition to being a concern for intelligence operatives overseas, this is something that should also be considered by undercover police officers, and anyone else needing to establish a legend. A social media presence can support or destroy a cover, but we must also keep in mind what a complete lack of any social media presence says to someone looking at us.