INTERAGENCY GROUP/COUNTERMEASURES

Declassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP87S01034R000400060003-6 esciThRtriDENTIAL ? STAT STAT STAT ROUTING AND RECORD SHEET SUBJECT: (Optional) Interagency Group/Countermeasures FROM: EXTENSION NO. Ci ISSC/OS DATE 2 6 MAY tf13 TO: (Officer designation, room number, and building) DATE OFFICER'S INITIALS COMMENTS (Number each comment to show from whom to whom. Draw a line across column after each comment.) RECEIVED FORWARDED L C/PPC , 4E70 Hqs. 2. 3. . 4. 5. 6. 7. 8. 9. 10. 11. 12. 1 3. 14. 15. FORM 61n USE PREVIOUS V EDITIONS 1-79 tartFIDENTIAL Declassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP8.71301034R000400060003-6 Declassified in Part - Sanitized Copy Approved'Tor Rkele.aTevt2.01-13/12/02 :ICIA-RDP871301034R000400060003-6 IP MEMORANDUM FOR: Chief, Policy 26 MAY 1983 and Plans Group STAT ATTENTION: STAT FROM: Informatibn 'Systems Security Group STAT SUBJECT: Interagency Group/Countermeasures REFERENCE: Memo for Members and Invitees from IG/CM, dated 10 May 83, ,sanie Subject, D/ICS-83-0676 1. The Navy candidate issue concerning "National Policy on ADP Security" presents an excellent opportunity for the Intelligence Community and the USG in :general to standardize computer security, policy and countermeasures throughout the STAT Government. STAT STAT STAT 2. As you are aware, the ,Computer Security Subcommittee under SECOM is now revising the DCID titled "Security of Foreign Intelligence in Automated Systems and Networks." This document will address both Sensitive Compartmented Information and collateral intelligence information. It could well prove to be adaptable, at least in part, to all areas of USG inter- est. It should, at a minimum, be a good bar?E7 an overall USG policy in the computer security field. Jr..:1)1\tclefErIAL Declassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP87601034R000400060003-6 STAT - - _.- ;"-M-.? tp. ,,,.. -544,-:-Ti.4 4, 4,1. '''.';':-'1,?;;;,. ,,, ' ? :susiEcr,-.104044aollIr "-t.r, -.."-???,,r".? ' 7.-? . it,, )4 ..? ? , ,, -ti.. I 'a ?, -?.-/-'-"* 'le ' - ? C : iiirrm'easuresi- 4_ '...544,- 4. ;4--4?4 tn , .2.-i intergepcy-,- roup, ?ILI _., , . ., -...,- - ,. c ..4-? . -it '' --c4ris. r - '. -- ,,-,-. - -?:4--,,,,t,,-k,..-e.),,,.1..,:!,-,.C.- ,,, ..1 ...1EXTIF14.51014;; ;NW- ' :N. 4.31. 2: 7i..- ,.....4.,r47, ' STAT?? .". ' N- t , ePP.o/OS'.:',, t 7 - t-' ' ?i , r . ,..k.' ct.,.` IL ST AT464(14t91.0 ,13 :Maril983' ..:,?.;:, :?,-.._ ; - ? - . ?.:??., - ? :r 1. r k ' '' TOr--10ffincrsancifin;cliun..rualltoumutt":1' t.--- ' Y.,`,4":.? '??? '77. '?-?-? te....v:k4 ti- '?-n ?---7 : .4-..;-*". -. OFFICER' T!' /":ANITIA1-57 r ? 71.-11.-,C,-, :".7-?1, . . ft, i 6" ? ' ,'', i 1 !.-.-" ". f ... -''' VIP . L 1 ',' , '. e. m. ..- ??., ? ;COMMENTS (Plumber each common!, to- moo tro ono', across. column after ouch- comment. JoZ-T,'"rn-;, ?Dfav!. cilt.1,ii?:?,.. s ---- %.?-'.. t? ) -"._ ,..L. tt-rew. , -;.?, i ' 71 ... - -... . "I-- - ? 1- ? - ,buildini ???-:? ? -""..?-?;"' t`'.''c"}-rou'?": ',?t? ?? - .- ?????147-7y.,"%rr, .. f :2?r-..1????? -,r;" '-:, tigaiyEkr: ? - ?? FORW.erED . '11?JiiSS"'4&'tt'''77t '.--.? , ' C f ? ,-,,,,?;4,c-4 ...,.. .4 .-, ? -i- ' - .. , ! . __ _. _ , c:, ::-..21 ' ? %, "' -..!::: i. ? ', CM niaterfa , Of 4 ? -.: -, , , , ? ., ilf z4 t lima 1. Study.. t, erest-oci,1.--" : - Issues- ? ? ' ;!..-'... --? .; ' 4' ' . art-?.??,"I thought: ons that item, '4 ''''' ra- driare - J sixero .. n , ., , of the- - ?. ',- 4.: . .' ? '7 7 '1 : ,,i- : : ? 1 STAT : ? -4_4 ... .., ??.? ???? `..:.' , - _ ": eseepoti:theirlatistl,?-X Li c-t;'-' ;-4-1" ' ad- shat".a4.,C`opir? ^P'.'1 rcen . a . re Y ,, - l'' -:-.+: :'?1:4 -i. , '- .:-... .-Th ' " 't:, r; .-, 4r-'''' STAT ''. ' ,?.?4 ""??'". ., - t . , ,-? Pat ' - ,''',1 '...,,. , . , "4 ...?-?,,..4,..--4-:?"w?:;?%?;,,',4,4 E it- ' -L.- - Y.-. C..-; ...;:v ? .,, , - 1.at ..?,. 4 -,.; ;?, ',...' -:,aria . = .4,-,..t? r .., , r.,?Orga- .. durii; 1:e.le's-"PepA,Illy4";,,,:lft, ".?- h - llatyta"Candfidate* -in'. :4 -?...424-4,4,,-:',..-..,/ - , -,-4441;44:45A-- 4,4 - , ? i ---, ? , ,-- ? ? Pr,,ir, 14 -'?-'. .... ' ???' -& - .;...' ):' .' T''' ? -:.-O.nseli'dC:rat',,i,ofi. :9Wt' '.` '''lltlefibliTar,i ifr'llteny gtiitV.ha-ci citi&s ,COn: -1,.cantht hat-you: o ' tar " ..-...:: t 171 k? ret.til 7)1; 2a head .';'.Of..;-,tnec-r,e'st.4.H ". world -;:thatO rea-c;_z 5 ?,-. ? ,..? .4 , . -4,,.. --3 , ? . -,.. _ ?-?-? ? 5tr s' '''''''s ' ? 444... ?,-, " " 4 'i''' \ 'C.: i'..'' : L i4 ? 4=?;?, ? 'F-ArA'. 4%-?4--- -'-' .. .,? r." A :-4.4'4 r"' ., ., - - _ ,, .4- .. ., tl,,A.,:: c..4 STAT -? .!, ,.? - . 4.44 ' cz ec& , ;.C.; e-t; ,!;`,1.4 C. . .. '.[.., "0,c1: - i Li ', -- ' - -A7 ' 4in --; -''-'4';:: Q'T.5.-agi-1, e.2 `.1?SchCe l'ir siappoetr. S 4 ,. t,... Cti?.VOte-F;foefor ? igaTh tons_i cldra t.i on ,.9f :t, flourthoughts'sl--7:l ;w"cui ,,1-ri - , appre'cia t ed.:::,. ' .6,... ? ?.`,44. -,z;.;-? --: -;? --;,"---, ?Syt?,'".."..te ''''' P? tea sezf eel. . ? ree. , . .. t?,.., . ? ,?,.: 4 t r!.., .... ....._ - --` - i - "yowls ft" IG/CM ,.97.9. - 4 ens 9,4: el' 416 pueli , -,, ? i. - ',7-,:ii?-, ? , .,? ? ? l, . 44-- , ? ?.' ' " -??????;:t. 7'4'; tt-idi :-_- ; : ? j'ic:? ?? It ?cam n .., . .. ? ..,;.,A 4,4 ?,- . ? 1 ry? thus,. pa cka gar'?'? ,I.S.W-related, 4,..-,- K. ? . .,,I.Nt ,.: ' - ', : r:41%.11?kts 1, "- 4 :k k..45:-J? ',.. . V -:: -1*.:j 4.. ; :,-.ti 4,14. ' , ic ? .! : L.-. : - , - t .. -' '- -?- ? -? . , e.,-.. .,-,-- -v.;:tti-fi!,:, .' St -,1 - . tr... ? r. .,,..i..:31.-1,11./'*7. -7,' ,..ec ?L' 41)P .':?-? 1 -J1 .11.11"'r..1f: i . -.7-Lc.rs ' et,. 7 : J.: 'MYR.< 1 i '' -;.1".?).,'. 'Pl. ? '' i- ."..-? .i .7- ";,-..)- ,.;,:iref -it'. r'. . .... ''' -jJz xii? c.f.:4.7,-44 .:, -?.. -41:?".2...._?-?,...,,i.,i.',,,A ? i- ?? .? ?-? it," ,;,,,t,..,?4-,7 47'1'''":-P-'7-"4"....- tr-..+" ,. i ,s. i ?/;?c? ??;-.. ' ' - ,t, s' -`"..icr?T' d:-4"-P4'Cii? '-.1 '---..----c;-.' 444.4,i,:f.?,'.1 '''' .-4? -.%--k V.:. k7.7S,p2., 4:?? ? ' - ' ?- ... ., ... r, . i ,-.4--.4': - ,c 4 rt ? 4 -4-4, ?:. -- ;.,. - -7" ,,k A.-1' --11 th n g ee ' ' " . .4 *fti-s?r'not '..,..; .4,31 4,, f: -.iv ....,-Licap -1"ii-?4-4`1% '. -,1:1,. ? 1-,-..,14-,,,,;191$11,,r17',11, r n: . ";:tf:'???--{1.5..:-.?' e, 4 t. .? I.? .?T''.. s. ; "..?!' '''' , I. -.1 anics-4,...--44 .. c444- ', 4,4 7 `..-: . .;-'? ,r> ? , - if :? t ? STAT -... is. .L4 ?;_44,, t?.? ,.. , , ,,,,...i.,,y4., 4?.4,:ly?,. At, 4'.'.f. r. 2::t A- ';'-.. 4 4: 4,- , 4*. ., _ L., t? : -? ? ,te . ,' ' ? i '', .,, ' ? .1' ?.. :y.. ,4, a .? % . 1 .; %it I. . -?; - . - `; . .. ? ,-;.?4-4...-.,;a: 4'. 4 -2 .4', 14'?"?;44.- "5 -.,-,...4.4? ??? ,44z4,4,,i4 ,4` P? - '1.75...4' "-:::: r 5,4 .,.: A sv ?-: 1 - - Pr:1 ?L ..-1..::',%1,4 ;. : 11";',.., 'V 11:f1,' 111-. t--.. a ? ': 1, ,-, .-: :-", `a, -"N- .44 - -. 1C1 . *.... *tt - -"- 13.-:? ::: .3./iffli ...'? --"-?tr.' :f . ?? ' ? ?. ; 'In - -?-? `-';-tiZ?tecr"; 4 -----.-??? ?-e-C12-t't 4 IS' ?. C ;1 ' ? , % ' '' : .:, eV.' ?17.1.1:13: .',IC . - . 1i.. 1- 7' - c;? -,4"1?4 V :L.; -?-:, .1,- -????? ??1 ' - - ???? 't_erl...? .1 LI t te it . 1 ? - it ' 1 P. ;trap' .;?4' ' $ T ;??;: t -?,t. 12' .. 1 : . .' i _. : ....."?, '; !N.; IT, ' , . ? i :._!.vr?..e A; .... . ? . .. --{.1r124,1711.4:..,-. -, , , ? 14 ?, ? -- .,,,c.,?:: ? ,-,....5t0, -,...-ri? ,... 1-.T41-1?..! .1. ,---,A," (:.:51';??;:itlifp.-..). c ,;:$1-2.43..,-.: z.r...?? .... :,:li3/4?` . pit:-_;_. _ vt ,?- . Siq...1.;,1:3eil-- - ,..?r 47, ?,.. ,--e.: .1-: ...1.' -...:?.i: .....:tre.,!.t. . .../rt--. '''? ., st?----ig r 'a. 7:4"-.-..1- ,1- s .? -.:, - in: - f.---14:e.'..? ;.. 1.=?:,?? ? . - ;y4i.71..'" ? .. . ? r, , Declassified in Part- Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP87B01034R000400060003-6. Teragency Gratip/bOunterineaSult Washington, D.C. 20505 ? MEMORANDUM FOR: Members and Invitees STAT FROM: D/ICS-83-0676 10 May 1983 STAT SUBJECT: Executive Secretary. Interageny Group/Counter Administrative Actions sures (IG/CM) , The-finalluirnites-Of the-fourth IG/CM meeting are enclosed as ? Attachment 11; -Addressees-are re uested to examine the minutes and complete STAT, asjgned.actions'eS required. ? ?2. The fifth meeting.of-the IG/CM will be held on Friday, 3 June 1983, ? at 1400 'hours. The meeting will convene in Rm. 6744, Department of Justice, 10th and Pennsylvania Avenue, N.W., Washington, D.C. Seating space in the DoJ ..secure conference room is limited; therefore, attendance at this particular meeting should be-restricted to the minimum required to address agenda ? " STAT iteMs. . ? a.. The meeting agenda is enclosed as Attachment 2. Addressees have already received materials pertinent to all issues listed in paragraph 2 of the agenda except for the draft industrial security policy memorandum,' . which is enclosed as Attadliment 3. :It is anticipated that the status reports reflected in par,ograph 3 of the agenda will be limited to 273 . STAT' minutes each. 'STAT. ? ? b. Members and invitees are requested to call" by COB 31 Ma with the names of individuals who will be STAT STAT attend ng the meeting. STAT STAT STAT ? 3: NSA has submitted a proposed new issue for IG/CM consideration, which is enclosed as Attachment 4. Addressees are requested to prepare respective . agency.cnninnntcfpositions on the proposal for discussion at the 3 June meeting. ir) Attachment: . a/s C ONFIDENTIAL OS REGISTRY ' LiSatp.. - Declassified in Part -Sanitized Copy Approved for Release 2013/12/02: CIA-RDP87B01034R000400060003-6 --- STAT Declassified in Part - Sanitized Copy Approved for Release 2013/12/02: CIA-RDP87601034R000400060003-6 - IP SUMMARY OF IG/CM MEETING .-.14 APRIL 1983 1. The fourth IG/CM meeting was convened at 1400 hours, 14 April 1983, STAT by the Chairman' (DUSD-Policy), General Richar ilwell, USA (Ret.). A listing of individuals attending is attached. ? 2. General Stilwell advised the membership that on 11 March 1983 the ? SIG(I) had approved the IG/CM paper on Foreign Civil Overflights of the U.S. and had forwarded it to the NSC for further action. He also advised that the ' ? IP/CM-approved report on Unauthorized Disclosures had been signed by the ? President as' NSDD-84. ,The NSC is involved' in working groups which are ironing out-implementation procedures." The Chairman reported he had provided the : '-Senate Select.COmmittee on 'Intelligence (SSCI) with a status update on issues the IG/CM .is currently,considering and that the SSCI seemed pleased with the extent Of IG/CM-involvement. General Stilwell commented on the French ? Government expulsioU of 47 Soviets for reported involvement in intelligence activities (technology transfer) and observed that the incident will hopefully STAT have a beneficial effect in the-U.S. STAT STAT ? 3. The-Chairman invited attention to the agenda and called for status reports on listed issues: a. ' Foreign Civil Overflights. The Chairman recalled his-opening remarks and suggested that Mr. deGraffenreid, NSC representative, keep ? the membership posted on the paper's status in the NSC. ? Action: Mr: deGraffenreid is to report on the overflight paper ? status at the next IG/CM meeting. b. Unauthorized Disclosures. Mr. deGraffenreid reported on progress of the task to develop implementing procedures for NOD-84. Essentially, there are four segments being examined. Steve Garfinkle of the ISO? is chairing a group examining the prepublication review aspect and other forms. This group has identified a number of policy questions and is seeking the appropriate channel for their resolution. A Media Contacts Group led by Bob Simms is just starting its tasks. The two . remaining groups are led by Doi. The Unauthorized Disclosure ?Investigative Procedures Group is examining the criteria the FBI will use to initiate unauthorized disclosure investigations. It is also working ? with OPM on the polygraph issue. The fourth group is examining the Federal Personnel Security Program. It is, therefore, doubtful that implementing drafts will be ready by the 18 April deadline. Mr. ? CONFIDENTIAL Declassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP87601034R000400060003-6 Declassified in Part- Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP87601034R000400060003-6 III . deGraffenreid noted that a number of new investigations are being called . for under the thrust of NS00-84. Action: The NSC representative will keep the IG/CM apprised of . significant developments concerning the development of implementing ? procedures for NSDD-84. Another status report is requested at the next IG/CM meeting. c. .OPSEC. The OSD representative, Mr. Snider, distributed an OPSEC policy paper which integrates all member comments received to ? date. State is to. take a final look at the paper and provide concurrence . decision by not later than 18 April. All other members concurred with the paper... Action: ' The IG/CM Secretariat is to forward the OPSEC paper to *he SIC(fl subseqUent to noon, 18 April, monitor its status, and report STAT STAT STAT STAT STAT 70s-neceSsary to the IG/CM membership. . 7FoUrttileVel-of Classification. Mr. Snider advised he had . "discussed the "Confidential Modified Handling Authorized" (CMHA) : classification possibility.with 'SOO as promised. I500, while agreeing that such a classifictiOn could be implemented with modification of the ISOO Directive, opposed 'doing so. The principal objections were the probable confusion which would result and the adverse impact it would have on Defense contractors, Mr. Snider distributed a related study done by Mr. Art Van Cook and advised that the !SOO Director has recommended its conclusions as an alternative-to-the-CMHA approach. The study - .suggests each agency protect sensitive information through implementation of its own internal controls and offered a way in which DoD could accomplish this. Mr. Snider indicated OSD would like to put the fourth . classificatton issue on hold until DO evaluates the Van Cook approach more thoroughly. He advised the Van Cook study reportedly takes the legal (FOIA) aspect into consideration. The Army (Col. Press) and Air Force (Mr. Paseur) representatives responded to the Chairman's request :for comments. They indicated they still strongly support having a fourth classification and have great concerns about industry/contractor adherence to the "internal" controls concept, but will examine the Van Cook study. Mr. Snider advised that on 21 April the Senate Judiciary Committee will consider the legislative action the IG/CM recommended to ..exempt technical data from FOIA provisions. Action: Members are to examine the Van Cook study and prepare to Comment on it as an alternative to the fourth classification proposal. DO is to coordinate its position. e. Damage Assessments. The SECOM representative, Mr. Paschal, introduced a paper distributed to members via IG/CM Secretariat memorandum dated 7 April 1983. After summarizing the various options for 2 CONFIDENTIAL Declassified in Part -Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP87601034R000400060003-6 Declassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP871301034R000400060003-6 ? STAT a lessons learned data base, he recommended one of the (*ions be chosen, that it be limited to intelligence compromises only, and that a pilot study be conducted to determine how well it meets the needs. General discussion followed on the cost of a pilot program--estimated at $200,000 over a one-year period, what purposes a data base would/should serve, and what ingredients should Make up the data base. The Justice representative, Ms. Lawton, pointed out two problems: If the data base contained 'names of individuals on dissemination lists, we would have a? Privacy Act problem; if CIA holds the data base files on compromises . which.are,the subject of ongoing criminal investigations, this could raise a.qUestion of CIA involvement in domestic law enforcement. State and Defense.lobjected to the inclusion of names in the, data base. DoD fOrther:lobserved that:their attempt to construct a similar type data base , :.ayielder?piestionable-results. A.review was given of why the issue of ' TdaMage'asseSSment'Wds before the IG/CM, what the task has been to SECOM, ..t.an4 Where we now stand. STAT STAT STAT Chairman asked members to examine Options (1) and .:(2) Of the paper. Members are to identify, in writing for each ' 'Opti-OnVWPat-400-iyidual.agency preferences are for: (1) the purposes of. Hi.a:1-0'ssOnSTlearned_data base, e.g., what it is hoped the data base will accomplish/permit; 2) what input, elements the data base should contain toaccOmplishithe purposes; and (3) any specific input elements the .agency would, hOt SUpport-in a damage assessment lessons learned data base. These items Will be discussed at the IG/CM meeting and .isubsequentlyt,provided,to SECOM for reconstruction.of a second strawman.? f. Industrial Security. Mr. Snider reported the' reSUlts of his ' research into the best vehicle for national level promulgation of the FOCI provision of the DoD Industrial Security Regulation. A National Security Council Policy Memorandum was the vehicle recommended to and ,approved by the membership. 'Action: DoD will prepare a draft policy memorandum on Industrial Security and arrange for its timely distribution so that members can comment/concur at the next meeting. -g. Personnel Security. The DoJ representative, Mr. Cinquegrana, advised that the new NSOD-84 specifies that DoJ will chair the research into implementation procedures for personnel security aspects of that Directive. Since DoJ representatives had previously deliberated with the IG/CM working group on personnel security, DoJ will look into incorporating the conclusions of the IG/CM group into NSDD-84 actions. DoJ is considering different approaches to the project, including the option of two subgroups chaired by OPM and DoD respectively. A final approach, however, will not be decided upon until initial consultations are completed with DoD and OPM. 3 C CINFIDENTIAL Declassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP87601034R000400060003-6 Declassified in Part- Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP871301034R000400060003-6 IP ? - - Action: DoJ will continue to work the personnel security issue as chartered by NSDD-84, and DoD representatives, working with DoJ, will push for incorporation of the IG/CM working group's conclusions into . national policy documents. ?h. COMSEC Monitoring. The NSA representative, advised that a draft of NACSI 4000 had been out for comment since February 1983. The civil sector had no comments but the Military Services, With - Navy leading, had several. He opined that rewording of the draft, in ? coordination.with DoJ, will resolve problems and that a final draft could STAT be out by May. ' Action: NSA is to continue to push for earliest completion of the final draft and advise the IG/CM of significant problems if they STAT. occur. ? STAT STAT STAT Organilational Study. Mr. Jason Horn, Study Director, advised e:final draft of the Organizational Study would be out to members by 10 May ?A minimum of two weeks will be required for field comment, and ? .subsequent-drafts are anticipated. As a result, it was determined that - the SIG(I) Chairman be advised that it is unlikely the study will be completed by 31 May, ACtiOn:The--IG/CM Chairman Will advise the SIG(I) Chairman O.,' thejlip in completion date. Mr. Horn will continue efforts to expedite; completion-of:the:Study and advise of significant problems if. they 2 . STAT :occur:- STAT STAT J. TEMPEST Policy. The NSA representative adviSed that-the Subcommittee on Compromising Emanations (SCOCE) has been working on alternatives for TEMPEST policy. A draft revision of CONUS TEMPEST ' ' Standards is to reflect considerable relaxation of current requirements. Overseas requirements are to remain high. The Chairman,: suggested deferral of discussion on this issue until completion of the. Organizational S jdy since the study will also address TEMPEST.Y., -- , considerations. ? ActiOn:'. IG/CM action on this issue will be held_in 'aheyanCe. untiLcompletion of the Organizational Study. , ,.? ? k. Security Enhancement of U.S. Embassies. The Chairman discussed SIG(I) reaction to this subject when surfaced at its 11 March meeting. The results of that meeting, as well as a DIA position paper distributed to members at the instant IG/CM .meeting, caused the Chairman to suggest the need for redefinition of the problem the IG/CM needs to consider. , The Chairman asked that State chair a working group composed of State, DIA, CIA and NSA members, at a minimum, to accomplish a reexamination of the problem. and to report findings to the membership. 4 CONFIDENTIAL-. Declassified ?- Declassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP87601034R000400060003-6 'Declassified in Part - Sanitized Copy Approved for Release 2013/12/02: CIA-RDP871301034R00040006.0003-6 111, m Action: State is to identify a chairperson and call a meeting of appropriate representatives to reconsider what aspect(s) of the security of U.S. embassy problem the IG/CM needs to address. The principal guide / STAT ? in this review is to be pertinent portions of Chapter VII in the.study,.. ? "Capabilities Against the Hostile Intelligence Threat, 1983-1988." 4. The Chairman opened the floor to discussion of new issues for IG/CM, consideration: ?.4. Both DoD and State suggested that knowledge of the background, : methodology, and purpose of the recent French Government expulsion of ' Soviet diplomats would provide beneficial lessons learned data to Intelligence Community members. H'ActiO18/CMLSeeietariat is to coordinate with CIA an theHY . HpossITFTTTi Of a ing on the subject and report to IG/CM members at the- next meeting. . . ? - - . :Jb..LtThe4avy-representative, Captain Hoskins, passed out a list 'containing five proposed issues (attached). The Chairman asked the : membership to review the proposed issues and prepare their views on , acceptability for IG/CM consideration. 8. The meeting adjourned at 1550 hours. STAT STAT STAT 5 C ONFP?HTIAL Declassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP87601034R000400060003-6 Declassified in Part - Sanitized dopy 'Approved for Release 2013/12/02 :wCIA-RDp87B01034R000400060003-6 DEPARTMENT OF THE NAVY CANDIDATE ISSUES FOR THE . INTERAGENCY GROUP/COUNTERMEASURES _ I; (U) National Policy on Use of the Polygraph. A number of individual initiatives have : been launched in this area; the cumulative effect of these possibly disparate efforts - needs to be examinedand a national policy developed. 2. (U) National Policy on Anticompromise EmeEgency Destruct (ACED). A new family of equipment is being developed by the Navy which will permit the anticompromise _ emergency deatritction of sensitive information and equipment. However, lack of a national policy and a to ' fundincr May limit the effective development of the new 'LACED devi -2-.Ae):NatiOnal;_POliCY 'On 'ADP Security. At present there appears to be considerable differences in the. application of ADP security measures. This is of particular concern since it appearsithat--ADW security vulnerabilities are targeted for exploitation by hostile intelli ence services. ,t *".? t -4. (C) National Micy oh Secure Telephones. The loss of sensitive information iti non- secure telephone conversations is a major security problem which may be solved only by - high-level supportfor greater availability and use of secure communications equipment. 5 (U) Definition of Unclassified National Security Information- Certain national policy now requires that such information be protected; in order to protect this information, it must first be defined and protective thresholds established. . Classified by: Multiple Sources Declassify on OADR )eclassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA:RDP87B01034R000400060003-6 Declassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP87601034R000400060003-6 S. IIP STAT STAT STAT STAT ATTENDEES IG/CM Meeting, 14 April 1983 Room 6W02, Community Headquarters Building NAME Richard G. Stilwell Chairman - L. Britt Snider Edwin Yee ' ? Donald Macdonald:: - Thomas 44cCay. - ORGANIZATION -Kenneth AeGraffenreid: Donald Press ? Frank Aurelio R. D. Hoskins - George W. Paseur - John J. Guenther ' . Donald Paschal Ed Cohen ? Mary C. Lawton Cinquegrana J. Robert McBrien - Mike Cassetta 'Robert Wingfield Douglas Miller IC Staff Attendees C 0 PIFIDENTIAL OSD ? OSD FBI .- CIA ? CIA - ? CIA State .State NSA NSA NSC DIA ' DIA DIA ? Army Army Navy Air Force Marine Corps SECOM- - SECOM Justice Justice - Treasury . .Commerce - Energy ? Energy - ? CCIS/ICS CCIS/ICS CCIS/ICS IG/CM Staff IG/CM Staff IG/CM Staff Declassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP87601034R000400060003-6 Declassified in Part - Sanitized Copy Approved ;for Release 2013/12/02: CIA-RDP871301034R000400060003-6 ? AGENDA Fifth IG/CM Meeting 3 June 1983 I. Chairman's Opening Remarks 2. Discussions: a. eview'of:DoD-prepared industrial security policy memorandum.] Member. concurrence decision:; Review of agency inputs to damage assessment lessons learned ? , ? .,_ ata base istUei.r. -oUrse_of action decision. - , -t. RevtW?avy-proposed IG/CM issues Decision ow 7-iCCePiabili4sSSIOMent_of action as appropriate. "? 1.1.RewieWto -NSA-proposed-IG/CM issue. Decision on, aCCeptabilityAsSignment of action as -appropriate.; 3. Status Reports. a Overflight policy paper.-- NSC representative NSOD-84 NSC-and DoJiepresentatives NACSI-4000 7- NSA representative b. rd:- Embassy security enhancement working groilpHL Statelr' _ trepresentatiVe e. Countermeasure organizational study -- CCIS representative( -? f. French expulsion briefing -- CCIS representative ADMINISTRATIVE NOTE: The IG/CM Chairman has accepted DO'S -offer to host the fifth IG/CM meeting at the new ?DoJ secure conference facility. Attendees will find use of the DoJ entrance at 10th and Pennsylvania AvenUe the most convenient for ' access to Room 6744. (Sixth floor; left off elevator to first corridor. For: additional directions once in the DoJ building, if needed, call Barbara, ? 633-3738.) CONFIDENTIAL Declassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP87601034R000400060003-6 ? OFFICE.OF THE UNCER t I A t-C I. LWL?L_., Declassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP87601034R000400060003-6 111,? WASHINGTON. O.L. ho". POLICY 9 MAY 1923 MEMORANDUM FOR THE EXECUTIVE SECRETARY, INTERAGENCY GROUP/ H COUNTERMEASURES Draft NSC Memorandum Industrial Security SUBJECT: At the 14 April meeting of the IG/CM, it was agreed that-the proposed national policy statement in the area of industrial security -- dealing with theownership of U.S. firms by - fOreign interests -- would be placed in the form of an NSC - -memorandum, rather than as an amendment to E.O. 12356 or IS00-- DireCtive NO: I.. AccOrdingly, the proposed memorandum has been prepare/1,H' incorporating what bad previously been agreed to by the'IG/CM without objection: Request that copies be provided IG/CM members in Advance Of the next meeting,-So that this memorandum May be considered for transmittal to the SIG-I. ? L. Britt Snider Director for counterintelligence . - and Security Policy .0SD Member tit zi\C-\\.?41* 3 Declassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP87601034R000400060003-6 STAT Declassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP87801034R000400060003-6 Declassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP87801034R000400060003-6 4 ? Declassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP87601034R000400060003-6 NATIONAL SECURITY ACiENIF . PORT GEORGE G. MEADE, MARYLAND 20755 Serial: N/0582 26 April 1983 MEMORANDUM FOR THE EXECUTIVE SECRETARY, IG/CM SUBJECT: Proposed New Agenda Item / ? 1. HEnclosedlfor consideration as an IG/CM agenda item is ? an issue paper on cryptographic access requirements and an associated proposed NSDD entitled "Safeguarding Cryptographic H-Information and Material." . - 2. The National. Security Agency believes a formal ._cryptographic access program is the key element in our efforts to counter theAJUMINT threat to U.S. cryptography. Pursuing ? the.linitiative:ibegUn7in NSDD-84, our proposed NSDD would establish a- national access program based on several criteria, . including a requirement for consent to aperiodic, limited polygraph examinations-- . , . 3. I recommend .the enclosure be circulated to .the members for disr-ssion at out next meeting. - HAROLD E: DAVLS, JR. NSA Representative, IG/CM End: a/s A 4- -i.? Declassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP87601034R000400060003-6 Declassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP871301034R000400060063-6 Issue Paper Cryptographic Access Requirements 1. Prior to August 1973, a formal cryptographic access program was a national requirement. In addition to restricting access to Classified cryptographic information to U.S. citizens with appropri- ate clearance and the need-to-know, the program required: (a) formal indoctrination stressing the unique.pture of cryptographic infor,- mation, its criticality, the special security regulations governing its handling and protection, and the penalties prescribed for its willful disclosure; and .(b) formal records of all individuals granted cryptographic access. August 1973, the requirements for the formal indoctrination and recOrdkeeping Were discontinued, effectively ending the formal cryptographicftcdeas:prograM. This was done Primarily to eliminate the administrative bUrden_for military users of codes and secure voice equipments in:Vietnati..7In the succeeding decade, there has been a steady 'increase in: insecurities involving cryptographic information and materials.: The increased incidence of insecurities is damaging to the national security. Although it is attributable in some measure to the proliferation of cryptographic information and materials, the nature of the insecurities indicates a more serious cause, a lack of. appreciation for protecting cryptography. This, in turn, is linked to .the lack of a formal indoctrination requirement. Furthermore, the 1ack of formal records hampers the conduct of studies and investigations of insecurities and unauthorized disclosures. Additionally, the lack of signed access itatementS weakens prosecution in espionage cases. _ 3. While the foregoing are serious concerns, the greatest concern. which the proposed cryptographic access program is directed toward is ?the HUMINT threat from cognizant agents. The key element of this program ? is the aperiodic, limited polygraph examination. We believe it is the most effective measure for detecting properly cleared individuals who have given or sold classified cryptographic information to unauthorized individuals. -There are sufficient cases on record to give cause for grave concern. An equally important aspect of the aperiodic, limited polygraph examinations is their value in deterring individuals who have access and who might otherwise be inclined to give or sell classified cryptographic information to unauthorized individuals. 4. There is ample justification for reinstituting the proposed cryptographic access program with the added requirement for consent' to aperiodic, limited polygraph examinations. The proposed NSDD (attached) is considered an appropriate means of accomplishing this, particularly in view of the recently issued NSDD-84, "Safeguarding National Security Information," which also'addresses the use of the polygraph to safeguard classified national security information. End: a/s Declassified in Part- Sanitized Copy Approved for Release 2013/12/02: CIA-RDP87601034R000400060603-6 Declassified in Part- Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP87601034R000400060003-6 ' Proposed National Security Decision Directive Safeguarding Cryptographic Information and Material Cryptography is especially sensitive because it is used to protect . highly classified and critical information on almost every conceivable subject related to the operations and plans of the U.S. Government. For this reason, cryptographic information and materials are highly prized targets of hostile intelligence activities and must be, strictly safeguarded. Access to cryptography, therefore, must be restricted to the greatest extent practicable and be consistent with national security needs. Accordingly, I direct that a cryptographic access program, be established within' eachFederal department and agency which holds or ? -uses cryptographic information or materials, consistent with the _ . 0.-Accesstorinformation which reveals the design of a classi- fied cryptographic logic, its theory of operation, or access to classified cryptographiC *eying variables -designated "CRYPTO" may be granted only when:., ? . . . (1) The heed for such access is established as.necessary to perform official duties-by, for, or on behalf of the U.S. Government. (2) The individual recuiring_such access is a U.S. citizen, ? a non-O.S- citizen member of the' U.S. military services or a non-U.S. . :citizen employee of the U.S. Government. - (3) The U.S.-Government has granted the individual a final security clearance. ' (4) 'The individual has completed an indoctrination covering: 1) the sensitivity of cryptographic information and materials; 2) the -rules for safeguarding such information and materials; 3) the 'rules pertaining to foreign contacts, visits, and travel; 4) the rules and procedures for reporting insecurities of COMSEC materials.; and 5) the laws pertaining to espionage. (5) The individual has executed a security agreement. All such agreements shall, at a minimum, provide for: (a) ',Prepublication review to ensure deletion of classified cryptographic and any other classified information from information or materials to be disclosed. (b) The individual's consent to participate in aperiodic, limited polygraph examinations consisting solely of questions related to disloyal activities and espionage when so required. (c) The individual's acknowledgment of the sensitivity of, and obligation to protect, cryptographic information and materials. Enclosure Declassified in Part - Sanitized Copy Approved for Release 20135002761A-.RDP871301034R000400060003-6 ? 'Declassified in Part - Sanitized Copy Approved for Release 2013/12/02 . CIA-RDP87601034R000400060003-6 11, . . (d) The individual's acknowlInment of his/her ? obligations to comply with applicable regulations governing unofficial foreign travel and contact with representatives of foreign governments. All such agreements shall be in a form determined by the Department of Justice to be enforceable in a civil action brought by the United States and consistent with the standards developed by the Director, Information Security Oversight Office ?(IS00), to satisfy these requirements. . - ? r.- .. b. In support of the cryptographic access program, the heads of Federal departments and agencies are:responsible for: Cl)-Restricting access to Classified cryptographio Amformation-and classified cryptographic keying variables designated' ? "CRYPTO"-ionlyto'thoSe persons who have been formally granted crypto4raphicHaCces0,?6r-the .conduct of official business. (2) Formally granting cryptographic access only when ?-rtheTcriteria set forth herein are met and maintaining records of indiVidUals.granted-cryptographic access. , (3) 'Developing programs for the aperiodic, limited? polygraph examination of personnel granted access;.administering the polygraph programs; arid evaluating the results of polygraph examinations._ Departments :and agencies with substantial polygraPhing? kesources:.are endouraged to extendthese resources to other departmenta: and agencies whose-. limited requirements do not justify the acquisition. of. separate polygraphing..,reSources.'. (4) Establishing a quality control review over their respective polygraph programs to ensure the propriety of polygraph ? examinations, consistent with paragraph a.(5), above, and to protect individuals' rights, .(5).Reporting:to the FBI and Other apprOpriate-imiest7 igative agencies:information which indicates possible espionage or:-1., other unlawful activities involving classified cryptographic infor- mation or materials. Promptly advising the Director, NSA, of such incidents; the Director, NSA, will provide technical assistance as .? needed in the investigational such.incidents. (6) Incorporating into contracts, where necessary, and ensuring compliance with the special security requirements associated - with access to cryptographic logic, cryptographic design information, theory of operation, or cryptographic keying variables designated "CRYPTO." (7) Recognizing the cryptographic access authorizations granted to individuals by other departments and agencies. rnD (*lcFriA .1 Kr nmi v Declassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP87601034R000400060003-6 Declassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP871301034R000400060003-6 C. The Secretary of Defense, as Executive Agent for' Communications Security, is directed to promulgate or revise national communications security policies and directives, as ' necessary, to implement the cryptographic access program described herein. These policies and directives will be promulgated through . the national communications security issuance system. . . , 3 rem* i FCC. nmi Declassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-RDP87601034R000400060003-6 rtileraTredin Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-RDp87601034R000400060003-6 ; 11, DEPARTMENT OF THE NAVY CANDIDATE ISSUES FOR THE INTERAGENCY GROUP/COUNTERMEASURES 1. (U) National Policy on Use of the Polygraph. A number of individual initiatives have ' been launched in this area; the cumulative effect of these possibly disparate efforts needs to be-examined and a national policy developed. 2. (U) National Policy on Anticompromise Emergency Destruct (ACED). A new family -a equipment is being developed by the Navy which will permit the anticompromise emergency destruction of sensitive information and equipment. However, lack of a . 'national policy and appropriate funding may limit the effective development of the new ? 3.-(0-14ational Oolicy on ADP Security. At present there appears to be considerable differences in the application of ADP security measures. This is of particular concern since it appears-that-ADP security vulnerabilities are targeted for exploitation by hostile intelligence services. , , (C) National POlicy on Secure Telephones. The loss of sensitive information in non- ' secure telephone conversations is a major security problem which may be solved only by high-level support for greater availability and use of secure communications equipment. ? 5. (U) Definition of Unclassified National Security Information. Certain national policy now requires that such information be protected; in order to protect this information, it must first be defined and protective thresholds established. Classified by: Multiple Sources Declassify or OADR ' )eclassified in Part - Sanitized Copy Approved for Release 2013/12/02 : CIA-R0IP871301034R000400060003-6 -