• Classroom
Course Description

This course presents the student with foundational concepts and processes in the discipline of cyber counterintelligence with a focus on cyber counterintel missions, defensive and offensive counterintel, and counterespionage applied to traditional tradecraft, and their evolution into the cyber domain. The course includes a vastly different approach to counterintel using models used online in misinformation, influence operations, and disinformation.  We cover:
Cyber Infiltration, Information Operations, National Counterintelligence Strategy, Standard Glossary, Mission Based Counterintel, Counter Collection and Anticipation, Denial/Deception, Counter-Denial and Deception, Open Source Intelligence, Methods of collection, tools, Social media sites and enrollment, Methods of Social Media Research, Tools and Techniques, Establish Priority Intel Requirements, Cyber Target Acquisition and Exploitation, Validation of target, Adversary campaigns, Intent, Motivation, Goals, & Requirements, Passive data collection, Campaign tactics, techniques, and procedures, Intent, motivation, goals, and requirements, Vectors of approach, Courses of action, Elicitation and exfiltration. Generative Adversarial Networks – Deep Fakes.
Perception as Deception, Differences in Culture, Hofstede Dimensions, Social Psychology, Cialdini, Big 5 Theory of Personality, Information Warfare and Cyber Psychological Operations, Persona creation, establishment, maintenance, expansion of specific concepts and phrases. Myers-Briggs with the Evil Side and Under Pressure manipulation.
Adversary targeting and dossiers, Clandestine Collection Operation, Surveillance, Counter Surveillance, CI Analysis Reporting, Support Brief, Source Evaluation, Operational analysis report.
Socio-cultural awareness, Forty-Four online dirty tricks, Methods to Disagree, Avoid/Deny/Invoke, Cialdini’s Principles, Rules of Disinformation, Social Engineering, Propaganda, Fallacies and Prejudices, Conversation Manipulation, Deception Planning, Deception Cycle/Chain, Deception Objective, Deception Methods, Target’s Vulnerabilities, Deception Effects, Target’s Decisions and Actions, Deception Principles, 10 Steps to Planning, Deceptive Course of Action, Denial and Deception Tactics and Techniques, Rules for Radicals, COINTELPRO, Iterative Feedback, Addressing Failure, Unwanted Effects.
CI Insider Threat, Investigations, prepare an estimate of the situation, Prepare the plan, Support Plan, Cyber Media selection, Internet OPSEC.

Learning Objectives

With the expanding importance of the comprehensive and timely need for intelligence for nations as well as businesses, the student will explore the essential elements that make up the intelligence cycle with a focus on how these pivotal points are exploited. As part of this class, the exploration of the continued importance of critical thinking, as well as out-of-the-box analysis, will be heavily leveraged to improve the critical-thinking skills of the students. As cyber topics continue to evolve, the increased importance of cyber intelligence is growing and as such the protection of our intelligence cycles will expand as well; emphasizing the growing need to ensure our processes are not compromised in a cyber-dominated landscape. Cyber Counterintelligence is one aspect and possibly one of the most crucial topics at the core of protecting our collection efforts. The potential for active defense or offensive cyber counterintelligence operations will be covered.

The course will rely heavily on individual research and group discussion to explore the world of cyber counterintelligence, and where applicable, make use of the student’s ability to do independent thinking and analysis of in-class problems assigned through weekly discussion threads. This course focuses on open source intelligence and adversaries while creating online personas to assist in data collection and information extraction. This introductory course examines open source intelligence collection as well as the availability and use of OSINT tools. Students will be able to understand the use methods of only anonymity, the fundamentals behind cyber persona development, enrollment in various social media sites and applications, and how these current methods can be employed in their organizations to assist in operational cyber security, their defense against adversaries, and passive data collection. The establishment of cyber personas takes patience and time to create a credible resource. Parallel activities occur through the outline above. Treadstone 71 maintains separation from the client as required maintaining confidentiality of methods and processes.

Framework Connections