Counterintelligence Chief: Contractors 'Kicking Butt' in Combating Insider Threats

Bill Evanina Bill Evanina Office of the Director of National Intelligence

Though some of the most damaging exposures of classified material have come from companies working for the federal government in recent years, the intelligence community’s 100,000 contractors overall “are kicking butt” in helping agencies head off insider threats, the nation’s top counterintelligence chief said on Monday.

Anticipating threats “is a team sport,” Bill Evanina, the government’s national counterintelligence executive, told a gathering of the Intelligence and National Security Alliance, a nonprofit group made up of contractors and former intelligence officials. “The only way to win is a partnership, a whole-of-government, whole-of-country approach” that includes contractors and the news media as well.

“We have to get back to patriotism,” he said.

Despite incidents involving National Security Agency contractors such as Edward Snowden and Howard Martin, “we need to eliminate with urgency the idea that most insider threats are contractors,” Evanina said. “There’s no evidence” either for that, he said, or for the common notion that “millennials want to be leakers.”

Evanina acknowledged there’s been disturbing news on the counterintelligence front over the past year, much of which has lost the power to shock. He cited the recent hacking of the CIA’s internal digital toolbox and the arrest last week of State Department official Candace Clairborne, charged with allegedly meeting foreign agents without keeping her agency informed.

The arrest last August of  a Chinese agent in New York City, Evanina said, was barely covered by the news media, but “10 or 12 years ago would have been front-page news in every paper across the country.”

Referencing the proverbial “death by 1,000 cuts,” Evanina said, “we’re hitting 800 cuts and getting close to 1,000.” Russian President Vladimir Putin, he guesses, probably wakes up most mornings smiling at his successful manipulation of events in the West.

An underrated success for counterintelligence against economic espionage, he said, was the Commerce Department’s recent imposition of a record $1.1 billion fine on the Chinese company ZTE for violating international sanctions by selling electronics to Iran and North Korea.

Evanina said terrorist threats can come from weapons as basic as “spear phishing” of email accounts in the hope that an ill-advised click on an attachment will send malware coursing through an agency or threaten critical infrastructure. And enemy efforts to grab personally identifiable information—more than half of Americans have been victimized by identity theft, he noted—can harm spouses, children and co-workers.

Following the breach of 22 million personnel files of federal workers at the Office of Personnel Management in 2015, Congress mandated that Evanina’s National Counterintelligence and Security Center sign a memorandum of understanding with OPM to assess the damage. That project is still underway, he said on Monday.

Evanina’s office works with the Treasury and Homeland Security departments to provide intelligence on threats to U.S. energy infrastructure and financial systems, as well as coordinating with smaller agencies, such as the Federal Communications Commission and the Federal Energy Regulatory Commission.

“Imagine if all the ATM machines went down,” Evanina said. And how would the industrial supply chain function if “our collection of satellites were rendered inoperable?” he asked. The government as a whole “has to be sure we’re making the right risk-based decisions.”

Increasingly, agencies and consultants are relying on psychological profiling to spot problem employees before any misconduct occurs.

People who become insider threats “can be narcissists,” or “Machiavellian manipulators” and have “callous personalities,” Evanina said. Signs to watch for include reacting badly to  being passed over for a promotion, going through a divorce or financial distress, or coping with a child with special needs. These and other situations can make an employee or a contractor “angry at the world,” he said. “Sometimes the solution is as simple as an employee assistance program, an interview with a security officer, or peer consultation.”

Eliminating the insider threat entirely would be “almost impossible,” Evanina said. Searching “everyone on their way into work is not conducive to the kind of workplace we want to work in.”

He said the “key to success is robust monitoring of systems and data” and perhaps more training in due diligence for employees of contractors and subcontractors.

Correction: The original version of this article listed Bill Evanina's title as national counterterrorism executive. He is the national counterintelligence executive. The article has been updated to correct the error. 

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
FROM OUR SPONSORS
JOIN THE DISCUSSION
Close [ x ] More from GovExec
 
 

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • The Big Data Campaign Trail

    With everyone so focused on security following recent breaches at federal, state and local government and education institutions, there has been little emphasis on the need for better operations. This report breaks down some of the biggest operational challenges in IT management and provides insight into how agencies and leaders can successfully solve some of the biggest lingering government IT issues.

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download
  • Ongoing Efforts in Veterans Health Care Modernization

    This report discusses the current state of veterans health care

    Download

When you download a report, your information may be shared with the underwriters of that document.