Kaspersky Lab Cybersmart Guide Part Two: Operational Security in the Physical World

18 Mar 2015

Security concerns among IT professionals are growing as their access to information makes them of increased interest to adversaries in the physical, or analog world. 

To help the technical community better protect itself, the Kaspersky Lab Global Research and Analysis Team has developed an analog cyber-smart guide for those already well-versed in the digital one. The guide, “Analog OPSEC 101,” offers practical and easy-to-remember tips that are essential to Operational Security (OPSEC) for the analog world. 

Below are a few highlights from the guide, along with Kaspersky Lab researcher insight. The OPSEC essentials in the physical world include:

1. Threat modeling

OPSEC is about hiding information from your adversaries. The analog world includes two main categories of adversaries: those that have resources, such as intelligence agencies, military organizations and major criminal gangs, and those that don’t. Kaspersky Lab’s guidance is focused on the first group, since research suggests they are the most interested in technical information.

2. Physical ‘phishing’

Adversaries often recruit others to do their spying for them. Since IT professionals have access to valuable data, they are particularly vulnerable to such recruitment. Adversaries may approach security experts through social media or business networking in the form of persuasion, coercion or an appealing offer. Individuals and their organizations need to be alert to any such approaches and to have effective countermeasures in place; minimizing researchers’ vulnerability and exposure.

3. Crossing the perimeter: Borders

An international border can be one of the most vulnerable places for a technology researcher, especially since laws can change between different territories they may be traveling to. To help, some good legal advice can be found here. Additionally, Kaspersky Lab recommends that you stay calm, cooperate and explain the situation clearly if you are stopped by border control officers. Above all, don’t travel with valuable IT content. Instead, encrypt, upload and retrieve data upon arrival at your destination. Vicente Diaz, Principal Security Researcher at Kaspersky Lab says, “Think carefully about what information you bring with you, and how you carry it. For example, it’s better to have separate phones and laptops to use while travelling.”

4. Suspect files: when something just feels wrong 

Respect any sense of unease when travelling to or from meetings. Don’t travel alone or rely on others to arrange transportation. Instead, plan your routes and have trusted local contact details on hand. A pre-arranged meeting can be an excuse to search hotel rooms or to remove unguarded IT equipment. Make sure people know where you are and if you feel you are under surveillance, stay in public areas and behave accordingly. If necessary, travel to the Embassy.

Vicente explains that operational security is important not just in the digital world, but also in the physical world. He says:

“Operational security in the digital world is about protecting the critical information we generate – through emails, messages, reports, etc. In the analog world, OPSEC forces us to remember that each of us is a channel between what we know and what the adversaries want to find out. Our experience suggests that the technical community doesn’t always know how to spot and prevent potential physical risk. The best advice is to be aware and prepared. Have trusted local contacts and know who to get in touch with in your company.”

To learn more about operational security in the physical world, see the full guide on Securelist.com.