Department of Defense (DoD) contractors must be vigilant to prevent foreign intelligence agents and other adversaries from accessing sensitive defense-related information. To help protect against such compromises of sensitive and classified information, DoD contractors participating in the National Industrial Security Program (NISP) are required by clause 3-107 of the NISP Operating Manual (NISPOM) to provide their cleared employees with refresher security training at least annually. The FBI recently reported in its Boston division’s counterintelligence newsletter an alarming trend of strangers asking to access DoD contractors’ computers at airports. We recommend that cleared DoD contractors participating in the NISP make their employees aware of this suspicious trend. Doing so can help DoD contractors to meet clause 3-107 of the NISPOM’s requirement for refresher security training.
The excerpt from the FBI’s newsletter follows:
We want readers of this newsletter to be aware of what appears to be some sort of collector trend by possible foreign nationals. The method of operation is to approach Defense Contractor employees at the airport as they await their flights and ask to borrow their laptop so they can check their email. The foreign nationals are persistent at making their requests. Below are two reports from two employees of a Defense Contractor. One incident was at the LAX Airport; the other at the Orlando International airport. A Defense Contractor employee traveled through LAX. An interesting thing happened while waiting for his next flight to depart. He was working on his Defense Contractor lap top when he was approached by a Chinese woman and then a Russian male who both wanted to use his Defense Contractor laptop to access their email accounts and were willing to pay to allow them to use his laptop to access the internet. When told “no” they questioned him on why not. A Defense Contractor employee traveled through Orlando International Airport. While sitting in the airport waiting for his flight a young gentleman of Middle Eastern descent and accent approached him while he was working on his computer offline. The young man requested to use the Defense Contractor’s computer to access his e-mail. He was politely told no, and he said it would be only for a minute. Again he was told no, and that the computer was not on line. He moved on.
Both incidents were of a nature that these Defense Contractor employees reported the incidents to their security departments. These incidents both merit reporting to the Defense Security Service and the FBI as Suspicious Contact Reports (SCRs) as required by the NISPOM. Readers are reminded to be vigilant at airports and other public places when using laptop computers. Please be safe and have Bluetooth capability shut down. If using Wi-Fi, please be aware that the security of public Wi-Fi networks is lax, and your online access may be susceptible to hacking by others utilizing the same Wi-Fi connection.