For guidance on handling classified information or conducting a classified meeting, please contact the Security Office and we will assist you in the process. For additional reference you can refer to:
- DoD 5200.1-R, Information Security Program
- Executive Order (E.O.)12958 implement several new changes to procedures for handling and safekeeping classified information. (There is also a section on Unclassified Sensitive Information.)
- SECNAVINST 5510.36 - INFORMATION SECURITY PROGRAM
Type of Crime and Appropriate Procedure
Computer intrusion (i.e. hacking)
Report immediately to Supervisor. Leave computer screen on and isolate computer system. Contact Security and the Helpdesk/Information Assurance Team immediately.
Report immediately to Supervisor, Security and the Helpdesk/Information Assurance Team.
Copyright (software, movie, sound recording piracy
Report immediately to Supervisor; Supervisor will contact Security and the Helpdesk/Information Assurance Team. Security will notify the Department of Review and Evaluation.
Theft of trade secrets, government owned research
Report immediately to Supervisor. Contact SEC. Security will contact the Department of Review and Evaluation.
Report immediately to Supervisor. Report to Security and the Helpdesk/Information Assurance Team. SEC will notify the Department of Review and Evaluation.
Child Pornography or Exploitation
Report immediately to Supervisor. Leave computer screen on and isolate computer system. Contact Security and the Helpdesk/Information Assurance Team. Security will contact NCIS.
Save any email. Do not delete. Leave on if possible. Notify Supervisor and Security immediately. Security will notify the Helpdesk/Information Assurance Team.
Internet bomb threats or threat to US government and agency
Report immediately to Supervisor and SEC immediately. Security will notify the Helpdesk/Information Assurance Team. DO NOT DELETE screen or close the email or internet site. Isolate area and computer if possible. Security will notify NCIS.
Trafficking in explosive or incendiary devices or firearms over the Internet)
Report immediately to Supervisor and Security immediately. Security will notify the Helpdesk/Information Assurance Team. DO NOT DELETE screen or close the email or internet site. Isolate area if possible.
Internet Fraud in connection with computers - knowingly and with intent to defraud, accesses a protected computer without authorization or exceeding authorized access, obtaining financial record, financial institutions, information from any agency, information from any protected computer or classified source Report immediately to Supervisor and Security. This is a Federal offense. DO NOT DELETE and save any evidence or printouts - notify Security and the Helpdesk/Information Assurance Team immediately. Security will notify NCIS and the FBI will be notified. DRE will be alerted of fraud.
Threats to person or government agency through email or internet intrusion)
Report immediately to Supervisor, Security and the Helpdesk/Information Assurance Team. DO NOT DELETE or close email. Print screen if possible. Isolate area. Note the time and date of incident and any suspicious activity. Security will contact NCIS and FBI immediately. Email and internet abuse. E-bombs, chain letters, destroying or modifying data. Attack on confidentiality)
Report to Supervisor and SEC immediately. DO NOT DELETE or close email. Security will notify the Helpdesk/Information Assurance Team and NCIS. Note any suspicious activity or individuals. Security will also notify the Department of Review and Evaluation. Destruction of government owned PC files, diskettes, hardware or software)
Report immediately to Supervisor and Security. Note date and time of incident and any suspicious individuals. Isolate the area if possible. Security will report it to the Helpdesk/Information Assurance Team and NCIS. The Department of Review and Evaluation and Logistics will be informed if destruction of hardware.
Threats and Areas of Compromise
- The Threat
- Foreign Intelligence
- Economic competitors
- Information Brokers
- Interest Groups
- Insiders Intelligence
- Identity and Credit card theft
Areas of compromise
- Pay and Finance
- Personnel files
- Sensitive research information
- Medical data
- Privacy issues
- Don't put risk information in your email that you don't want published or privacy act information
- Any electronic media is allowed into and out of sensitive areas
- Once it is on the Internet it is gone
- Audit logs of sensitive information before you take it off the Internet
- Establish security patches and solutions
- Have a response and a disaster recovery plan
Computer Network auditing
- Turn on
- How long retained (12 months)
- Know your policy for reporting
- Turn off (fast save) on Microsoft Word
- Disk drive locks can not move data from computer
Security on the Internet
Spying in cyberspace is quick and easy. If someone on the Internet finds that, because of the type of information you offer, you could be a good "source," he or she will have no problem finding out more about you. It is very possible that an interested party can get your social security number; address; spouse's name; children?s names; employer name; location, phone and fax number; and even telephone numbers and immediate neighbors - all from accessible online sources.
You may also be targeted because of what you access on the Internet or Web. When you passively use the net to view or collect information, you are giving out information; you are giving out information about you by tracking your use of the Internet, including web sites.
Countries and companies still collect information by any means they can. The Internet gives them a new and effective-means of collecting both economic and defense information.
Each time you log on, you create an audit trail and that trail may be a matter of public record. If you only read, retrieve, or comment on files pertaining to specific subjects, such as aerospace, high technology developments, or defense matters, you may attract interest.
- SECNAVINST 5239.3
- DOD DIRECTIVE 5200.28
Computer Crimes- Attacks on
- Integrity or
- Availability of information or systems
- Theft of information, services, or damage
Theft of Services
- Phreaking: penetration of telephone switching system to steal long-distance calling services
- Using supercomputers to crack passwords
- "Weaving" to prevent detection
- Hacker locates a victim system
- Finds a weak password or other hole in operating system security, then breaks in
- Uses hacker tools to exploit operating system
- Gains "superuser" status
- Modifies accounting system to hide tracks
- Accesses email, files
- Uses compromised system as platform to attack other systems
- Advertises compromised site and vulnerabilities
- Former or current employee with access to system, inside firewalls
- Exceeds authorized access to increase status to "superuser"
- "owns" the system
- Theft of Information
- Government information
- law enforcement
- Business information
- Trade secrets
- Financial information
- Credit card or other account numbers
- Dollar value
- Personal information
- Privacy Act Information