To what extent is the practice of counterintelligence in the cyber sphere simply a new issue

for old approaches to address?

Introduction

In this modern age, one can very well realize that computers and information technology have
become the path changers as far as the provision of information sharing is concerned and in this
regard, the term ‘internet revolution’ is very much relevant. The concept of cyber
counterintelligence (CCI) has become a trending issue in this age of cyber space and this is
integrally related to the provision of information technology as well to the latest world concept
of cyber security1. The digital platform is not safe anymore for invasion and infiltration of
privacy is far more prevalent here with people and their evil ideas and shrewd interests. The
scope of cyber counterintelligence is ample for people tend to live on internet nowadays. How
far the notion of cyber counterintelligence is a relevant issue in this world of advanced
technology or whether the issue is just a way of addressing the already existing notions – needs
to be focused on in this piece of research work2.

Body

Defining cyber counterintelligence (CI) dates back to the time when information technology was
introduced in this civilization to the genres of ‘intelligence, defense, and national security’ and
the concept has grown so far having embraced the uniqueness of cyber tradecraft. The easy
availability of computer systems coupled with its remote exploitation has paved way for the
cyber crimes to take place pretty often and the criminal connect has allowed a low-cost

1
"The UK Cyber Security Strategy: Protecting And Promoting The UK In A Digital World".
2011.

2
Benjamin R, Davies. 2006. ""Ending The Cyber Jihad: Combating Terrorist Exploitation Of
The Internet With The Rule Of Law And Improved Tools For Cyber Governance."". Commlaw
Conspectus 119 (15 (2006).

1
mechanism named cyber counter intelligence to have an easy access to information that works
towards minimizing the need of asset recruitment3.

It can be mentioned that ever since its advent, cyber CI first started to identify common interest
areas among the Counter Intelligence programs of the variety of government agencies’. The
identification eventually led the provision of CI in defining the capabilities and integral
vulnerabilities of the computer systems along with their respective computer networks. in
theoretical sense, cyber counterintelligence activities can be termed as “those that identify,
penetrate, or neutralize foreign operations, which use cyber as the primary tradecraft
methodology as well as FIS collection using traditional methods to gauge U.S. cyber capabilities
and intentions.4” CCI predominantly deals with necessary information collection in order to
secure the integrity and safety of organizations from the terror attacks, sabotages, espionage etc
certain terror events.

The security environment for government systems basically thrives on the notion of cyber
counterintelligence in this modern time, and the situation has evolved from counter intelligence
in physical sense. As per theoretical norms, the role of CI in the information security framework
can be termed as nothing having much significance; but the fact that the government should be
capable of securing its own computer networks for the purpose of its national safety and security.
It is mentionable in this connection that it is the government that has the controlling power of
purchasing the hardware and software, sets policy, mandates training, manages patches and
security upgrades, and reviews implementation5. In practical terms, the immense vulnerability to
cyber exploitation has only grown over recent years and the development nowhere seems to stop.

3
Brantly, Aaron F. 2014. "Cyber Actions By State Actors: Motivation And Utility".
International Journal Of Intelligence And Counterintelligence 27 (3): 465-484.
doi:10.1080/08850607.2014.900291.

4
Brianna, Heidenreich, and David H Gray. 2014. ""Cyber-Security: The Threat Of The
Internet."". Global Security Studies 5 (no. 1).

5
Gabriel, Weimann. 2012. ""Lone Wolves In Cyberspace."". Journal Of Terrorism Research 3

2
IT networks store more information, transfer it with jet fast agility, and do so for larger numbers
of users and interfaces among the complex weave of networks. As per Metcalfe’s law, “the value
of a telecommunications network is proportional to the square of the number of users within the
system” and thus it is apparent that the value is having a downfall with so many users getting
hold of the digital platform in wrong sense. This is more evident for terror attacks have these
days found a new medium to spread violence and abusive environment and that is being done in
terms of attempting to penetrate a network and corrupting it with its core utilities6. The more the
number of users, the less active is the security system with its poor guarding facilities. At the
same time, more connectivity means more potentially vulnerable points of entry that actually
points towards the ineffective security system as far as the cyberspace is concerned. The network
is accessed frequently and thus the amount of information gets leaked more often than not, with
simple technical assistance and poor cyber security provisions.

If the evidences regarding the cyber counter intelligence are analyzed in detail, it can be found
that too much use of cyber counter intelligence can act as reactive agent in the genre of
information technology and the overt use is largely comprised of ‘incident management,
investigations, and damage assessments’7. A more mature cyber CI effort can be more active,
that happens to translate a critical understanding of secret information collection into information
that are rendered effective in making an organization’s respective information security efforts a
success. The fact that being equipped with cyber counter intelligence principles can work
wonders in the growth of the respective organization is true also for deep insight into adversary
tactics, activities, techniques, along with processes concerned with computer network
exploitation can make a cyber counterintelligence expert as well as analyst a valuable advisor to

(no. 2).

6
Gragido, Will, and John Pirc. 2011. Cybercrime And Espionage. Rockland, Mass.: Syngress.

7
Hess, James. 2013. "Counterintelligence Theory And Practice. By Hank Prunckun. Lanham,
MD: Rowman & Littlefield Publishers, Inc, 2012". Journal Of Strategic Security 6 (3): 127-128.
doi:10.5038/1944-0472.6.3.13.

3
every significant part of the organizational internal framework ‘influencing the current defensive
posture, near-term acquisition, and long-term enterprise architectural planning’8. Risk
assessment performed in the planning stage of new mission-critical IT systems and networks is
greatly contributed as far as the notion of cyber counter intelligence is concerned with due
importance.

Foreign cyber activity is a common trend in the private industry and therefore, it is evident that
sensitive as well as personal information privacy is at its lowest possible level in this ground.
The Internet is said to have lowered the risk of FIS espionage, because it provides “an easy,
inexpensive, and anonymous way to spot, assess, and target U.S. firms and individuals”, and this
is inclusive of those who can be considered willing to ignore the government imposed
restrictions on sensitive U.S. technologies9. With little fear of prosecution, foreign agents or
companies can obtain sensitive information by direct request. Indeed, these can be mentioned
that “elicitation is frequently the most common method used by foreign agents to acquire U.S.
information and technological data; while attempts to conduct espionage in the United States,
especially through cyberspace, will continue due to the demand for sensitive U.S. information,
the relatively low risk of detection, and the abundant supply of vulnerabilities to exploit”10.

Cyber attacks in these days are said to have gone beyond espionage and this is true even more on
the ground of the manipulative power of the attackers. It is to be recorded that apart from
obtaining information, cyber attacks can contribute largely to the exploitation of a computer

8
Javaid, M. 2014. "Cyber-Bullied Clients Invent Online Persona With No Disabilities". Learning
Disability Practice 17 (3): 6-6. doi:10.7748/ldp2014.03.17.3.6.s4.

9
Khan, Rehan. 2013. "Cyber Crimes Against Property (Cyber Squatting & Software Piracy)".
SSRN Electronic Journal. doi:10.2139/ssrn.2392687.

10
Lefebvre, Stephane. 2012. "Challenges To The Theory And Practice Of Intelligence".
International Journal Of Intelligence And Counterintelligence 25 (1): 210-215.
doi:10.1080/08850607.2012.623007.

4
network by means of manipulating the information, misusing the available data or by sabotaging
the system altogether for serving some terror driven –isms with political, religious or personal
motive. Instances of introducing malicious codes for the purpose of destroying files on hard
drives that subsequently went on to temporarily shut down the company’s communications sys-
tem can be cited for the greed of more and more profit generation can lead to infect the whole
information network of the respective company or organization11. Backup systems often come
handy in these cases for these allow the company to continue its trading operations, without any
disruption in its information network and ground of information technology. Manipulation or
sabotage of a general IT system can lead to severe economic consequences for a company. As far
as the various control systems are concerned, such as for industrial control systems (ICSs)—a
generic term that includes Distributed Control Systems (DCS), Process Control Systems (PCS),
and Supervisory Control and Data Acquisition (SCADA) systems—the consequences can also
affect people’s lives and they tend to have immense effecting property12.

Today’s increasingly pervasive cyber environment allows all the necessary pivotal piece of
information to flow effortlessly between organizations, systems and people; and this in turn takes
into account certain problem areas regarding interfering in p[privacy, violating privacy norms
concerning cyber identity and cyber image. The integration of physical processes, computation
and information exchange has given rise to cyber-physical systems, supporting and facilitating
human processes and needs in such areas as transportation, healthcare, disaster response and
entertainment13. Interconnecting these systems through common networks to the cyber

11
Lehto, Martti. 2013. "The Cyberspace Threats And Cyber Security Objectives In The Cyber
Security Strategies". International Journal Of Cyber Warfare And Terrorism 3 (3): 1-18.
doi:10.4018/ijcwt.2013070101.

12
Magnus, Hjortdal. 2011. ""China's Use Of Cyber Warfare: Espionage Meets Strategic
Deterrence."". Journal Of Strategic Security 4 (no. 2).

13
Mattern, Troy, John Felker, Randy Borum, and George Bamford. 2014. "Operational Levels
Of Cyber Intelligence". International Journal Of Intelligence And Counterintelligence 27 (4):

5
environment provides improved efficiency and functionality, but simultaneously raises new
concerns. Especially in counter-terrorism efforts, the need for recruiting assets for information or
action is critical to identifying and penetrating terrorist cells. Similarly, the methods of
identifying insiders who are providing information to adversaries are also firmly based in CI
methods established during the Cold War14. Modern technology can certainly augment these
investigations and operations, but the basic approaches can be the same. The changes in how
adversaries are using and exploiting IT systems, however, demand some changes to protective
measures.

It is a given fact that active counterintelligence cannot be reserved for wartime or other periods
of heightened threat or internal terror time or national emergency. The CI Community needs to
re-establish as well as reassert its role in the cause of protecting classified and sensitive
information, not just as a subset of security practices but as an equal partner in the process
concerned15. As many of the information assets that are sensitive, valuable or critical from a
national security perspective are located within the private sector, while the legal mandate to act
against antagonists targeting these assets lies within the public sector, anointer dependency is
created which results in new challenges for the counterintelligence community.
Cyber CI needs to adopt more aggressive approach in its use of deception for deception works
well in this context. According to the notion of aggressive approach, ‘there is an advantage to
deliberately allowing the attacker to gain access to information that is actually incorrect, thus
providing incorrect intelligence and reducing the likelihood of the intensity of an attack

702-719. doi:10.1080/08850607.2014.924811.

14
Michael S, O’Neil, and David H Gray. 2011. ""Islamic Terror Networks Implementation Of
Network Technologies."". Global Security Studies 2 (no. 3).

15
Rudner, Martin. 2013. "Cyber-Threats To Critical National Infrastructure: An Intelligence
Challenge". International Journal Of Intelligence And Counterintelligence 26 (3): 453-481.
doi:10.1080/08850607.2013.780552.

6
increasing’.16 It is apparent that the use of deception in warfare has proved beneficial and
therefore, it is also true as well as palpable that it can be applied to peacetime operations as well,
if an efficiently effective approach is taken up.

The increasing severity of data breaches and violation of privacy caused by high capability
adversary entities, with both the factors concerning sufficient resources and intent, has resulted
in a more positive attitude towards open sharing of cyber threat data, for the cause of raising and
generating awareness and also to learn from collective experience17. A major benefit of this
approach can be said to be that “Recent public disclosures of cyber espionage incidents, such as
the one committed against the New York Times in early 2013, have resulted in an increased
inter-organizational information exchange to promote common Situational Awareness (SA) in
regards to adversary activity, and to help prioritize cyber defense resources”18.

Conclusion

The growing prevalence of malicious activities in cyberspace has turned it into a volatile domain,
and as major information security vulnerabilities and data breaches make international headlines,
addressing the problems of advanced persistent threats, fraud, insider attacks and other cyber-
related security incidents are becoming increasingly important for organizations within the
public as well as the private sector19. The argument that counterintelligence needs to be offensive

16
Shoemaker, Dan, and Wm. Arthur Conklin. 2012. Cybersecurity. Boston, MA: Course
Technology Cengage Learning.

17
Shore, Jacques J. M. 2015. "An Obligation To Act: Holding Government Accountable For
Critical Infrastructure Cyber Security". International Journal Of Intelligence And
Counterintelligence 28 (2): 236-251. doi:10.1080/08850607.2014.962356.

18
Smith, M. 2009. "Obama's Cyber Drive Must Address Home Computers". New Scientist 202
(2711): 19. doi:10.1016/s0262-4079(09)61492-5.

19
Storch, K. J. 2010. "Federal Cyber-Nutrition: "Nutrition.Gov"". Nutrition In Clinical Practice

7
is not new. In the concluding part, it can very well be said that the objective of
counterintelligence needs to be offense oriented for ‘aggressive attacks on the main hostile
foreign intelligence services are said to be the most rewarding’20. Military strategies can explain
this norm clearly but in case of cyber counter intelligence; constant vigilance is needed to check
the infiltration tactics taking place in this age of technological advancement. Moreover, the
traditional approaches need to be implemented with modern twist as far as the counter
intelligence in the cyber sphere is concerned. Promoting situational awareness is another point
that requires to be highlighted in order to curb the violation of privacy with the serious advent of
terror attacks, beginning from virtual platforms nowadays21. In the case of Cyber
Counterintelligence (CCI), deception is a central tool to achieve the goal of protecting the
information security and safety of individuals on the virtual platform. As far as the gaps in the
current strategy are concerned, there is a growing need to maintain traditional counterintelligence
methods as well as approaches in today’s national security environment.

24 (12): 364-368. doi:10.1177/088453360101600612.

20
Surabhi, Medha. 2011. "Cyber Warfare And Cyber Terrorism". SSRN Electronic Journal.
doi:10.2139/ssrn.2122633.

21
Worland, George. 2013. "Counterintelligence: Theory And Practice". Journal Of Policing,
Intelligence And Counter Terrorism 8 (2): 203-205. doi:10.1080/18335330.2013.833491.

8
Bibliography

"The UK Cyber Security Strategy: Protecting And Promoting The UK In A Digital World".
2011.

Benjamin R, Davies. 2006. ""Ending The Cyber Jihad: Combating Terrorist Exploitation Of The
Internet With The Rule Of Law And Improved Tools For Cyber Governance."". Commlaw
Conspectus 119 (15 (2006).

Brantly, Aaron F. 2014. "Cyber Actions By State Actors: Motivation And Utility". International
Journal Of Intelligence And Counterintelligence 27 (3): 465-484.
doi:10.1080/08850607.2014.900291.

Brianna, Heidenreich, and David H Gray. 2014. ""Cyber-Security: The Threat Of The
Internet."". Global Security Studies 5 (no. 1).

Gabriel, Weimann. 2012. ""Lone Wolves In Cyberspace."". Journal Of Terrorism Research 3

(no. 2).

Gragido, Will, and John Pirc. 2011. Cybercrime And Espionage. Rockland, Mass.: Syngress.

Hess, James. 2013. "Counterintelligence Theory And Practice. By Hank Prunckun. Lanham,
MD: Rowman & Littlefield Publishers, Inc, 2012". Journal Of Strategic Security 6 (3): 127-128.
doi:10.5038/1944-0472.6.3.13.

Javaid, M. 2014. "Cyber-Bullied Clients Invent Online Persona With No Disabilities". Learning
Disability Practice 17 (3): 6-6. doi:10.7748/ldp2014.03.17.3.6.s4.

Khan, Rehan. 2013. "Cyber Crimes Against Property (Cyber Squatting & Software Piracy)".
SSRN Electronic Journal. doi:10.2139/ssrn.2392687.

Lefebvre, Stephane. 2012. "Challenges To The Theory And Practice Of Intelligence".

International Journal Of Intelligence And Counterintelligence 25 (1): 210-215.
doi:10.1080/08850607.2012.623007.

Lehto, Martti. 2013. "The Cyberspace Threats And Cyber Security Objectives In The Cyber

9
Security Strategies". International Journal Of Cyber Warfare And Terrorism 3 (3): 1-18.
doi:10.4018/ijcwt.2013070101.

Magnus, Hjortdal. 2011. ""China's Use Of Cyber Warfare: Espionage Meets Strategic
Deterrence."". Journal Of Strategic Security 4 (no. 2).

Mattern, Troy, John Felker, Randy Borum, and George Bamford. 2014. "Operational Levels Of
Cyber Intelligence". International Journal Of Intelligence And Counterintelligence 27 (4): 702-
719. doi:10.1080/08850607.2014.924811.

Michael S, O’Neil, and David H Gray. 2011. ""Islamic Terror Networks Implementation Of
Network Technologies."". Global Security Studies 2 (no. 3).

Rudner, Martin. 2013. "Cyber-Threats To Critical National Infrastructure: An Intelligence

Challenge". International Journal Of Intelligence And Counterintelligence 26 (3): 453-481.
doi:10.1080/08850607.2013.780552.

Shoemaker, Dan, and Wm. Arthur Conklin. 2012. Cybersecurity. Boston, MA: Course
Technology Cengage Learning.

Shore, Jacques J. M. 2015. "An Obligation To Act: Holding Government Accountable For
Critical Infrastructure Cyber Security". International Journal Of Intelligence And
Counterintelligence 28 (2): 236-251. doi:10.1080/08850607.2014.962356.

Smith, M. 2009. "Obama's Cyber Drive Must Address Home Computers". New Scientist 202
(2711): 19. doi:10.1016/s0262-4079(09)61492-5.

Storch, K. J. 2010. "Federal Cyber-Nutrition: "Nutrition.Gov"". Nutrition In Clinical Practice 24

(12): 364-368. doi:10.1177/088453360101600612.

Surabhi, Medha. 2011. "Cyber Warfare And Cyber Terrorism". SSRN Electronic Journal.
doi:10.2139/ssrn.2122633.

Worland, George. 2013. "Counterintelligence: Theory And Practice". Journal Of Policing,

Intelligence And Counter Terrorism 8 (2): 203-205. doi:10.1080/18335330.2013.833491.

10