What you need to know about Russian InfoSec Training for 2010 and Beyond

Last Updated on Monday, 25 January 2010 01:08 Written by Jeffreycarr Monday, 25 January 2010 01:08

Scientific Advisory Board Information Security Training Late 2009 (Specialty 090103)

• Academy of Russia’s FSB Chairman UMO Education of information Security chief ICSI AP Kovalenko
• Academy of FSB of Russia Deputy Chairman of EMA Education of information Security, Deputy Chief ICSI EB Belov
• Academy of FSB of Russia President of UMC specialty 090101, the first Deputy Chief of ICSI VV Mizerov
• Academy of FSB of Russia Deputy Chairman of the IRO on specialty AV 090102 Cheremushkin
• Academy of FSB of Russia President of UMC specialty 090106 VA Raven
• Academy of FSB of Russia Deputy Chairman of the IRO on specialty IA 090106 Shalimov
• Academy of FSB of Russia President of UMC specialty 090107 VV Sizykh
• Academy FSO Russia Head Department VI Kozachok
• Voronezh State Technology University Head of Department, AG Ostapenko
• GNIII PTZI FSTEK Russia Senior Researcher NT Shevtsov
• Moscow State Institute of Electronic Technology Professor AA Horev
• Nizhny State University Prorector LY Rothko
• Omsk State Head of Department VV Mitrokhin
• University of Helpful Penza State University Head of Department SL Zefirov
• Petersburg State University of Helpful Head of Department AA Kornienko
• Tomsk State University systems Management and Radioelectronics Deputy Chairman
• Siberian Regional Branch UMO Education of information security

The full report detailing Russian InfoSec training under current FSB guidelines along with all past reports on Russian institutions engaged in Information Security R&D is available free to IntelFusion FLASH Traffic subscribers or is available as a special focus report to non-subscribers for a fee. Contact me for more info.

Does your OSINT collection plan include foreign research institutes?

Last Updated on Wednesday, 13 January 2010 02:50 Written by Jeffreycarr Wednesday, 13 January 2010 02:50

If your agency or organization relies on open source intelligence, and if that OSINT effort is still focusing solely on public forums, you’re wasting your resources. Cyber intelligence collection and analysis in 2010 must extend broader and deeper than it ever has before. GreyLogic/Project Grey Goose investigators, for example, now incorporate at least six levels of collection and analysis in every investigation. One of those levels is the identification of strategic R&D projects in Russian and Chinese institutions. When you know where a government is investing its research dollars, you can begin to build a more precise future threat matrix.

GreyLogic has begun making its research in this area available to IntelFusion FLASH Traffic (IFT) subscribers. Every week for the past 7 weeks, we have profiled a different Russian institute who’s work has strategic importance for Russian Federation Information Security and Information Warfare operations, including:

• Military Aviation Engineering University at Voronezh
• The Moscow Engineering Physics Institute
• Moscow State Technical University
• Directorates of the FSB Academy (Institute of Cryptography, Telecommunications and Informatics – IKSI)
• Russian State Humanities University (Faculty of Information Security)
• Moscow State Institute of Radio Engineering, Electronics and Automation (MIREA) (Faculty of Information Technology – Faculty of Cybernetics)
• Information Security for RF Networks is Researched and Developed at Moscow State Institute of Electronics and Mathematics – Department of Applied Mathematics

We have additional Russian institutes in the pipeline that will be featured in upcoming issues of IFT. Key Chinese universities will follow. As far as we know, this information is not available from any other UNCLAS resource and is hard to come by even on the “high side”. If a broader and deeper level of OSINT analysis makes sense to you, contact us for further information.

Social Web OPSEC Training for DoD/IC Employees and Contractors just became more critical

Last Updated on Monday, 5 October 2009 07:06 Written by Jeffreycarr Monday, 5 October 2009 07:06

Last week’s news that Russian Security Services can demand user info from foreign-owned Internet Service Providers when matters of RF national security are involved has changed the game for U.S. government employees who use Social Software services (Facebook, MySpace, Twitter, etc.).

As if to underscore the risks and the value of the Social Web to governments, President Medvedev admits to worrying about foreign ownership of Russia’s very profitable Internet companies.

Foreign investment in search engines and social networks is “inevitable,” Mr. Medvedev told leaders of the ruling United Russia party at a meeting Wednesday. “But on the other hand — don’t let my words be seen as too conservative — we need to watch this, because these are questions of security,” he said.

The Communications Ministry is working up “security criteria” to determine where foreign ownership might be restricted, a spokeswoman said Thursday. Russian law already requires government permission for significant foreign investment in publications with daily circulation over one million. Several major Russian sites have larger audiences, she said.

In the meantime, Yuri Milner’s Digital Sky Technologies has just acquired another $100 million dollars of ex-Facebook employees stock bringing DST ownership of Facebook up to 5%.

Today’s issue of IntelFusion FLASH Traffic has an indepth analysis of this emerging threat for U.S. DoD and IC employees on the Social Web. OPSEC training in the safe use of Facebook and other sites is more important than ever, particularly for those individuals whose employment makes them high value targets for adversary intelligence gathering, recruitment, and influence operations. I’m concerned that the agencies who contract out the development of these courses will look for a quick fix or a one-size-fits-all approach, and that is NOT what’s needed here.