Contact Information

Security: Information Systems Security


Uniformed Services University of the Health Sciences
4301 Jones Bridge Road
Bethesda, Maryland 20814-4799
Room UP001
Security Director
(301) 295-3033
FAX (301) 295-1901

After hours emergencies

Contact the USU Security Guard Force at (301) 295-3038 or 295-3039

For guidance on handling classified information or conducting a classified meeting, please contact the Security Office and we will assist you in the process. For additional reference you can refer to:

  • DoD 5200.1-R, Information Security Program
  • Executive Order (E.O.)12958 implement several new changes to procedures for handling and safekeeping classified information. (There is also a section on Unclassified Sensitive Information.)
  • SECNAVINST 5510.36 - INFORMATION SECURITY PROGRAM

Type of Crime and Appropriate Procedure

Computer intrusion (i.e. hacking)

Report immediately to Supervisor. Leave computer screen on and isolate computer system. Contact Security and the Helpdesk/Information Assurance Team immediately.

Password trafficking

Report immediately to Supervisor, Security and the Helpdesk/Information Assurance Team.

Copyright (software, movie, sound recording piracy

Report immediately to Supervisor; Supervisor will contact Security and the Helpdesk/Information Assurance Team. Security will notify the Department of Review and Evaluation.

Theft of trade secrets, government owned research

Report immediately to Supervisor. Contact SEC. Security will contact the Department of Review and Evaluation.

Trademark counterfeiting

Report immediately to Supervisor. Report to Security and the Helpdesk/Information Assurance Team. SEC will notify the Department of Review and Evaluation.

Child Pornography or Exploitation

Report immediately to Supervisor. Leave computer screen on and isolate computer system. Contact Security and the Helpdesk/Information Assurance Team. Security will contact NCIS.

Internet harassment

Save any email. Do not delete. Leave on if possible. Notify Supervisor and Security immediately. Security will notify the Helpdesk/Information Assurance Team.

Internet bomb threats or threat to US government and agency

Report immediately to Supervisor and SEC immediately. Security will notify the Helpdesk/Information Assurance Team. DO NOT DELETE screen or close the email or internet site. Isolate area and computer if possible. Security will notify NCIS.

Trafficking in explosive or incendiary devices or firearms over the Internet)

Report immediately to Supervisor and Security immediately. Security will notify the Helpdesk/Information Assurance Team. DO NOT DELETE screen or close the email or internet site. Isolate area if possible.

Internet Fraud in connection with computers - knowingly and with intent to defraud, accesses a protected computer without authorization or exceeding authorized access, obtaining financial record, financial institutions, information from any agency, information from any protected computer or classified source Report immediately to Supervisor and Security. This is a Federal offense. DO NOT DELETE and save any evidence or printouts - notify Security and the Helpdesk/Information Assurance Team immediately. Security will notify NCIS and the FBI will be notified. DRE will be alerted of fraud.

Threats to person or government agency through email or internet intrusion)

Report immediately to Supervisor, Security and the Helpdesk/Information Assurance Team. DO NOT DELETE or close email. Print screen if possible. Isolate area. Note the time and date of incident and any suspicious activity. Security will contact NCIS and FBI immediately. Email and internet abuse. E-bombs, chain letters, destroying or modifying data. Attack on confidentiality)

Report to Supervisor and SEC immediately. DO NOT DELETE or close email. Security will notify the Helpdesk/Information Assurance Team and NCIS. Note any suspicious activity or individuals. Security will also notify the Department of Review and Evaluation. Destruction of government owned PC files, diskettes, hardware or software)

Report immediately to Supervisor and Security. Note date and time of incident and any suspicious individuals. Isolate the area if possible. Security will report it to the Helpdesk/Information Assurance Team and NCIS. The Department of Review and Evaluation and Logistics will be informed if destruction of hardware.

Threats and Areas of Compromise

  • The Threat
  • Foreign Intelligence
  • Economic competitors
  • Information Brokers
  • Interest Groups
  • Hackers
  • Insiders Intelligence
  • Email
  • Identity and Credit card theft

Areas of compromise

  • Pay and Finance
  • Personnel files
  • Sensitive research information
  • Medical data
  • Privacy issues
  • Don't put risk information in your email that you don't want published or privacy act information

Insiders motivations

  • Any electronic media is allowed into and out of sensitive areas
  • Once it is on the Internet it is gone
  • Audit logs of sensitive information before you take it off the Internet
  • Establish security patches and solutions
  • Have a response and a disaster recovery plan

Computer Network auditing

  • Turn on
  • Reviewed
  • How long retained (12 months)
  • Know your policy for reporting
  • Turn off (fast save) on Microsoft Word
  • Disk drive locks can not move data from computer

Security on the Internet

Spying in cyberspace is quick and easy. If someone on the Internet finds that, because of the type of information you offer, you could be a good "source," he or she will have no problem finding out more about you. It is very possible that an interested party can get your social security number; address; spouse's name; children?s names; employer name; location, phone and fax number; and even telephone numbers and immediate neighbors - all from accessible online sources.

You may also be targeted because of what you access on the Internet or Web. When you passively use the net to view or collect information, you are giving out information; you are giving out information about you by tracking your use of the Internet, including web sites.

Countries and companies still collect information by any means they can. The Internet gives them a new and effective-means of collecting both economic and defense information.

Each time you log on, you create an audit trail and that trail may be a matter of public record. If you only read, retrieve, or comment on files pertaining to specific subjects, such as aerospace, high technology developments, or defense matters, you may attract interest.

References

  • SECNAVINST 5239.3
  • DOD DIRECTIVE 5200.28

Computer Crimes- Attacks on

  • Confidentiality
  • Integrity or
  • Availability of information or systems
  • Theft of information, services, or damage

Theft of Services

  • Phreaking: penetration of telephone switching system to steal long-distance calling services
  • Using supercomputers to crack passwords
  • "Weaving" to prevent detection

The Outsider

  • Hacker locates a victim system
  • Finds a weak password or other hole in operating system security, then breaks in
  • Uses hacker tools to exploit operating system
  • Gains "superuser" status
  • Modifies accounting system to hide tracks
  • Accesses email, files
  • Uses compromised system as platform to attack other systems
  • Advertises compromised site and vulnerabilities

The Insider

  • Former or current employee with access to system, inside firewalls
  • Exceeds authorized access to increase status to "superuser"
  • "owns" the system
  • Theft of Information
  • Government information
  • military
  • law enforcement
  • Business information
  • Trade secrets
  • Financial information
  • Credit card or other account numbers
  • Dollar value
  • Personal information
  • Privacy Act Information