This course presents the student with foundational concepts and processes in the discipline of cyber counterintelligence with a focus on cyber counterintelligence missions, defensive counterintelligence, offensive counterintelligence, and counterespionage as these realms apply to traditional tradecraft, and how they are or will evolve into the cyber domain. Mitigative and retributive counterstriking is covered. An understanding of deception demonstrates the need for counterdeception as a necessary activity in the intelligence process to penetrate an adversary’s methods of concealment and deceit.
The course follows the fundamental principles of deception, namely truth, denial, deceit, and misdirection, attempting to provide a basic framework for understanding the mechanics of deception, developing approaches for detecting and countering deception, and providing for a corresponding set of principles. We review the cognitive vulnerabilities that are exploited by deception by way of biases and manipulation of human perceptions and beliefs. The cognitive aspects of human perception, judgment and reasoning are explored to provide a foundation from which to develop a set of counterdeception principles. The course examines the technical and non-technical methods of deception, evaluating such applications as technical and strategic cyber sensors, signal and information systems human deception channels (PSYOPs, HUMINT) on the Internet.
By starting with traditional counterintelligence and progressing to cyber counterintelligence, the student will develop an appreciation for collection efforts, exploitation of potential threats, insider concerns, and the risks and benefits of counterintelligence. With the expanding importance on comprehensive and timely need for intelligence for nations as well as businesses, the student will explore the essential elements that make up the intelligence cycle with a focus on how these pivotal points are exploited.
Counterintelligence investigations, operations, collection, analysis, production, and dynamic functional CI services will be employed in support of appropriate information operations activities to detect and mitigate foreign intelligence, hacker, and insider threats to information and information systems.
As part of this class the exploration of the continued importance of critical thinking, as well as out-of ¬the-box analysis, will be heavily leveraged to improve the critical-thinking skills of the students. As cyber topics continue to evolve, the increased importance of cyber intelligence is growing and as such the protection of our intelligence cycles will expand as well; emphasizing the growing need to ensure our processes are not compromised in a cyber-dominated landscape. Cyber counterintelligence is one aspect and possibly one of the most crucial topics at the core of protecting our collection efforts. Legal, ethical, and privacy issues will be discussed given the inherent nature of the intelligence cycle. The potential for active defense or offensive cyber counterintelligence operations will be covered. The course will rely heavily on individual research and group discussion to explore the world of cyber counterintelligence, and where applicable, make use of the student’s ability to do independent thinking and analysis of in-class problems assigned through weekly discussion threads.