- Shopping Bag ( 0 items )
From the PublisherRequired reading by counterintelligence warrant officers intraining at the U.S. Army Intelligence Center, Spies AmongUs is a primer into the basic principles of intelligenceoperations. Indeed, Ira Winkler notes that spies, terrorists,hackers, and criminals all use the same basic techniques to collectinformation on their targets.
Mr. Winkler is a former undercover security analyst with theNational Security Agency, who now works with governments and majorcorporations to help them uncover potential security breaches. Hestates in the introduction to Spies Among Us that there seems to bea fascination with spectacular acts committed by terrorists,foreign intelligence operatives, and computer hacking geniuses.Against such threats, corporations and individuals are tempted tofeel powerless. Such acts, though potentially devastating, arequite rare and only affect relatively small numbers of people andbusinesses. Conversely, natural disasters, accidents, and criminalacts, though not as spectacular, are much more common and affectmany more people. In Spies Among Us, Mr. Winkler seeks to empowerhis readers with simple countermeasures that can mitigate thecommon threats we all face. He further adds that such prudence alsohelps protect against attacks from the terrorists, spies, andcomputer geniuses.
Spies Among Us is divided into three parts. Part I discusses thefundamental concepts of the intelligence process, espionage, andcrime. Part II explores the details of some notable penetrationtests conducted by Mr. Winkler and his colleagues as well as somereal-world cases of high- level crime and espionage. Finally, PartIII describes the simple countermeasures that can be used to reduceboth individual and corporate vulnerabilities to variousthreats.
In Part I, Mr. Winkler defines risk, threat, vulnerability,counter-measures, value, and their interrelationship. He furtherexplains how to determine the value of assets and how to evaluatevarious threats against those assets. Of particular interest toBECCA members, Mr. Winkler thoroughly describes the corporateespionage threats that U.S. corporations face. He lists the majorcountries that successfully use their state intelligence agenciesto target U.S. corporations. Among those countries are two U.S.allies identified by the CIA as conducting espionage against U.S.companies: France and Israel. Furthermore, Mr. Winkler describeshow each nation targets U.S. corporations both at home and abroad.He states that the U.S. government is quite different than that ofmost other industrialized nations in that it generally does notcollect intelligence on behalf of its corporations. Contrast thiswith the statement of Pierre Marion, the former head of the Frenchforeign intelligence agency who has stated, "There is no such thingas an economic ally." Among other countries, the U.S. government isconsidered "naïve" in its view of international corporateespionage.
In addition to foreign intelligence threats, Part II of Spies AmongUs explains how corporate information leaks can be caused orexploited by insiders (employees), petty crime, suppliers,customers, and competitors. In regards to employees, the authordraws an amazing parallel between the profile of an extremely hard-working employee and that of a spy. They both show interest in whattheir coworkers are doing, they volunteer For extra work, they worklate, and they rarely take vacations. Attackers Targetvulnerabilities of corporations and individuals. Mr. Winklerdefines Vulnerabilities in four categories: operational, physical,personnel, and technical. Under operational vulnerabilities, headdresses security awareness and makes a notable statement, that"there is no common sense without common knowledge," emphasizingthe importance of security awareness training for everyone.
In Part II, not only does the author describe various successfulattacks Against major corporations, he also describes thevulnerabilities which facilitated or allowed these attacks.
In Part III, Mr. Winkler explains simple countermeasures to addressthese vulnerabilities and similar vulnerabilities of individuals.He defines these countermeasures in the same categories that heused for vulnerabilities. However, he makes the interestingobservation that the categories do not necessarily correlate. Forinstance, he states that poor security awareness is an operationalvulnerability. However, an effective countermeasure for poorawareness is a technical countermeasure such as token-basedauthentication which thwarts social engineering attacks designed toobtain passwords from users. In the final chapter, Mr. Winklerprovides practical suggestions for implementing and testingcountermeasures and incident response procedures. He includes soundadvice on how to garner support from management and compliance fromemployees. He states that an effective security awareness programcould result in "thousands of people detecting security problems,not just the two people in a typical security department."
As a military intelligence professional, I found Spies Among Us tobe a fascinating and enlightening read. As only someone who hasgreat understanding can, Mr. Winkler greatly simplifies theintelligence process and provides interesting insights into recentevents. He also writes from the vantage point of an insider. Thesecurity countermeasures he recommends are practical and feasiblefor both organizations and individuals to implement. As someone whosees the need for professional reading but who does not normallyenjoy such activity, I found this book to be refreshingly enjoyableto read. I highly recommend Spies Among Us to anyone working in thesecurity or intelligence field. I also highly recommend it toanyone else who has ever felt vulnerable or who just wants to peerinto the hidden world of espionage and crime that is always amongus.
"Spies Among Us reads like a Robert Ludlum novel, [and] it’sriveting because it’s all true. If you’ve got a socialsecurity number, you need to read this book whether you’re aCEO or a grandmother. Winkler reveals the top threats to ourpersonal and national security, with lots of straight-forwardadvice on how to protect yourself."
–Soledad O'Brien, CNN