Oracle Portal

  Joint Professional Military Education Prospective Research Topics Database   
Topic Title: Cyber HUMINT Operational Planning
Topic Description: Defining "traditional" HUMINT operations in the cyberspace domain
Date Submitted: 2008-06-30
Extended Topic Description: Currently, the IC is using traditional face-to-face HUMINT collection operations against foreign adversaries' cyberspace capabilities. Considering many state and non-state actors are expanding their presence in the cyberspace domain, the IC must develop a methodology to conduct HUMINT operations in the virtual world. HUMINT collection in cyberspace offers the IC a new way to collect on adversaries' WMD, cyber, intelligence collection, or terrorist operations. However, conducting HUMINT collection operations in the cyberspace domain faces unique challenges. Such collection efforts require the IC to develop tradecraft to properly embed HUMINT collectors in chat-rooms, newsgroups, online-forums, etc. The IC must also develop HUMINT operational tradecraft to aid the collectors in conducting virtual "face-to-face" operations similar to the classic officer/asset relationship, which relies upon clandestine meetings, dead-drops and steganography, the cyber paradigm of collection offers unique challenges.
First and foremost, a more than average understanding of networks and operating systems is required for sophisticated cyber attacks. More than average typically means university or college educated at or beyond the 4-year level. Sophisticated cyberattacks required intricate understanding of operating systems, their vulnerabilities and the capacity to exploit those weaknesses. Challenges to cyber HUMINT collectors include penetration into hacking organizations, anonymity in public and private, topically oriented fora and connectivity to targeted resources.
Further challenges exist in targeting those who "fit the profile" of the professional hacker. Training challenges exist for cyber HUMINT collectors in that ordinary HUMINT training may or may not focus enough on cyber collection techniques. How will collectors gain access to critical nodes? ISPs? Finally, traditional cover mechanisms are not as effective due to the proliferation of the Internet.
Desired Objectives of the Research: What cyber HUMINT plan would be appropriate for answering these challenges? Embedding discipline-oriented university or college faculty, who work for the intelligence community is one method. Spotting and recruiting already extant computer science, engineering or security faculty is another. Determining the level of education necessary to become a "professional hacker" is another challenge. What are the challenges for training a proficient cyber HUMINT collector? Does current training doctrine allow for this, or is a separate doctrine necessary? How can the collectors better maintain their anonymity, and non-attribution characteristics? What are the technical challenges for meeting these requirements? Finally, a strategy for penetrating ISPs and critical nodes (perhaps a methodology first, then a strategy) needs to be developed.
Requesting/Sponsoring Organization: J2
POC Mail: Street Address: 200 MacDill Blvd
Base/City: Bolling AFB/Washington
State: DC
E-mail Address:
Commercial Telephone: 202-231-3266
Phone Number:
    Commercial: 202-231-3266
Fax Number:
Desired Research Completion Date: 2009-07-31
Available Funding: