Also see Counterintelligence Analytical Product.

The Office also advises the National Security Division and various client agencies, including the CIA, FBI, and the Defense and State Departments, on questions of law, regulation, and guidelines, as well as on the legality of domestic and overseas intelligence operations.

238-239 Across the profession, there are vast differences in understanding of what counterintelligence means, and how it is done, and even the basic terminology it employs.

First Lieutenant. A commissioned officer rank in the US Army, Air Force, and Marine Corps.

Clarke, author of Cyber War Cyber spying & attacks against U.S. exponentially increasing every year Over 120 nations have some form of computer attack capability1 Distinction between intel collection and damage to systems is a few key strokes2 Cyber incidents reported by federal agencies increased 782% since 20063 Unauthorized scans & probes of DoD networks… over 3 million every day4 3 According to GAO (FCW.com, 18 Jul 2013) 4“Whacking Hackers,” Newsweek, 15 Oct 2007, p. 10 Cyber Threat “In the United States, we define cyber threats in terms of cyber attacks and cyber espionage. A cyber attack is a non-kinetic offensive operation intended to create physical effects or to manipulate, disrupt, or delete data. It might range from a denial-of-service operation that temporarily prevents access to a website, to an attack on a power turbine that causes physical damage and an outage lasting for days. Cyber espionage refers to intrusions into networks to access sensitive diplomatic, military, or economic information.” -- James R. Clapper, DNI, Statement for the Record, Worldwide Threat Assessment of the US Intelligence Community, Senate Committee on Armed Services, 18 April 2013 ___________________________ The cyber threat the United States faces is increasing in severity and is accessible to a wide range of enemies. “Most of what we see today is exploitation -- that's theft, stealing secrets, either commercial or military… we know the tools exist to destroy things, to destroy physical property, to destroy networks, to destroy data, maybe even take human lives.” -- Deputy Defense Secretary William J. Lynn III in a television interview on PBS 14 July 2011 ___________________________ The FBI has noted three primary categories of cyber threat actors: “[1] organized crime groups that are primarily threatening the financial services sector, and they are expanding the scope of their attacks; [2] state sponsors—foreign governments that are interested in pilfering data, including intellectual property and research and development data from major manufacturers, government agencies, and defense contractors; and [3] increasingly there are terrorist groups who want to impact this country the same way

Testimony before the Senate Armed Services Committee hearing on Emerging Threats and Capabilities ______________________ “Repeated cyber intrusions into critical infrastructure demonstrate the need for improved

Only the DNI may declassify space-based national imagery, pursuant to EO 12951. -- ICD 710, Classification Management and Control Markings System, 21 Jun 2013 Other Government Agency (OGA). Within the context of interagency coordination, a non Department of Defense agency of the United States Government. (JP 1-02)

15

DIA’s Office of Counterintelligence is responsible for analyzing foreign intelligence activities and threats to US Defense and Service interests.

Second Lieutenant. A commissioned officer rank in the US Army, Air Force, and Marine Corps.

The manager of the counterintelligence and human intelligence missions at various levels of DoD structure, including joint, command, service, and task force. The 2X structure includes the Counterintelligence Coordinating Authority (CICA) and the Human Intelligence Operat ions Center (HOC). (AR 381-20, Army CI Program, 25 May 2010) Also see J2X.; also, the counterintelligence and human intelligence advisor to the C/J/G/S-2. Denotes the 2X positions at all echelons. The 2X staff conducts technical control and oversight for all counterintelligence and human intelligence entities with[in] their operational purview. It coordinates, de-conflicts, and synchronizes all counterintelligence and human intelligence activities at each level of command . (Army FM 2-22.2, Counterintelligence, Oct 2009) Term also refers to the staff section that the 2X leads. Interesting historical note: During World War II the counterintelligence element of the Office of Strategic Services (OSS) was known as “X-2” (Counter Espionage Branch). The OSS--predecessor to today’s Central Intelligence Agency--was established on 13 June 1942 by order of President

DCHC was disestablished 28 Jan 2013 by Dir DIA (DIA Vision2020) . Defense Counterintelligence Anomalies Team (DCAT). [DoD CI element that] provides analysis and deconfliction of anomalies and identifies and shares CI insider threat trends with the DoD Compon ents. The DCAT develops, promotes, expands, and improves upon insider threat detection efforts by reaching across organization boundaries and cultivating awareness of anomalies. (DoD Manual 5240.26, CI Insider Threat Program, draft 20 Nov 2013) See anomalies. DoD Components report and handle “anomalies” in accordance with DoDD O-5240.02 (Counterintelligence) and DoDI 5240.26 (Countering Espionage, International Terrorism, and the CI Insider Threat).

A material handling system that consists of m ilitary and civilian aircraft cargo restraint rail systems, aircraft pallets, nets, tie down, coupling devices, facilities, handling equipment, procedures, and ot her components designed to efficiently accomplish the air logistics and aerial delivery mission. (JP 4-09)

See Section 811 Referral. This Glossary is designed to be a reference for counterintelligence (CI) professionals within the Department of Defense (DoD); however other CI professionals may find it of use. It provides a comprehensive compilation of unclassified terms that may be encountered when dealing with the dynamic discipline of counterintelligence and related activities. Where some words may several meanings within the counterintelligence or intelligence context, a variety of definitions are included. Definitions within this Glossary cite an original source document. The quotes selected, as well as the views and comments expressed in the shadow boxes are those of the editor and do not necessarily reflect the official policy or position of the Department of Defense, the Office of the National Counterintelligence Executive, the Intelligence Community, the Office of National Intelligence, or the United States Government.

A-Space transitioned to i-Space -- see “i-Space.” A-Space was a virtual work environment that provided “analysts" from across the Intelligence Community a common platform for research, analysis and collaboration.

Airman First Class. An enlisted rank in the US Air Force.

Anti-Aircraft. Artillery or missiles used to destroy enemy aircraft.

After Action Report. A retrospective analysis of a given sequence of goal-oriented actions.

Airbase. A military base for military aircraft.

[One of the four basic types of reasoning applied to intelligence analysis,] it is the process of generating a novel hypothesis to explain given evidence that does not readily suggest a familiar explanation. (DIA, Intelligence Essentials for Everyone, June 1999) Also see deduction; induction; scientific method. For additional information see Knowledge Management in the Intelligence Enterprise by Edward Waltz (2003) and Critical Thinking and Intelligence Analysis by David T. Moore, JMIC Press (2006).

To terminate a mission for any reason other than enemy action. It may occur at any point after the beginning of the mission and prior to its completion. (previously in Joint Publication 1-02, DoD Dictionary of Military and Associated Terms, hereafter referred to as JP 1-02)*

Really to find a lone wolf assailant, you need to monitor his activities closely and understand what’s going on inside his head if he doesn’t communicate to other people. Because of this, the lone wolf really presents a challenge to Western security and intelligence agencies. -- Stratfor.com (4 April 2010) <http://www.stratfor.com/analysis/20110404-dispatch-al-qaedas-inspire-magazine> ___________________________ A Lone Wolf is characterized by the following operational strengths and weaknesses. First, it is difficult to anticipate who a Lone Wolf is because there is no longer any need for physical contact

Congress transferred USSS to the Department of Homeland Security (DHS) in 2002. Criminal investigation activities encompass financial crimes, identity theft, counterfeiting, computer fraud, and computer-based attacks on the nation’s financial, banking, and telecommunications infrastructure. Protection mission is the most prominent of the two, covering the President, Vice President, their families, former Presidents, and major candidates for those offices, along with the White House and the Vice President’s residence (through the Service’s Uniformed Division). Protective duties of the Service also extend to foreign missions in the District of Columbia and to designated individuals, such as the Homeland Security Secretary and visiting foreign dignitaries. Separate from these specific mandated assignments, USSS is responsible for certain security activities such as National Special Security Events (NSSEs), which include the major party quadrennial national conventions as well as international conferences and events held in the United States. -- See CRS Report RL34603, The U.S. Secret Service: An Examination and Analysis of Its Evolving Missions, 31 July 2008 U.S.A. Patriot Act. USA Patriot Act of 2011 (Public Law 107-56); see Patriot Act.

The joint operation plan review cr iterion for assessing whether the contemplated course of action is proportional, worth the cost, consistent with the law of war; and is militarily and politically supportable. See also adequacy; feasibility. (JP 5-0)

(DoDD 5205.02E, DoD OPSEC Program, 20 Jun 2012); also, a process of identifying critical information and subsequently analyzing friendly actions attendant to military operations and other activities to: a) identify those actions that can be observed by adversary intelligence systems; b) determine indicators that adversary intelligence systems might obtain that could be interpreted or pieced together to derive critical information in time to be useful to adversaries; and c) select and execute measures that eliminate or reduce to an acceptable level the vulnerabilities of friendly actions to adversary exploitation. (JP 1-02 and JP 3-13.3, Operations Security, 4 Jan 2012) OPSEC’s most important characteristic is that it is a process and not a collection of specific rules and instructions that can be applied to every operation or activity Although good operational security (Opsec) does not guarantee the success of any intelligence operation, faulty Opsec almost surely guarantees worse than failure. -- Angelo Codevilla, Informing Statecraft: Intelligence for a New Century (1992), p. 33 ___________________________ OPSEC… is a systematic and proved process… [to] deny potential adversaries information about capabilities and intentions by identifying, controlling, and protecting generally unclassified evidence of the planning and execution of sensitive Government activities. -- NSDD 298, National Operations Security Program, 22 Jan 1988, p.1 ___________________________ [T]here is a clear and compelling need for operational security in a military environment and in the conduct of sensitive operations. -- Joint Security Commission, Redefining Security, 28 Feb 1994, p. 66 ___________________________ Director, DIA provides intelligence and counterintelligence threat analysis to support OPSEC