Threat Assessment

No public posts in this group. You must register or login and become a subscriber in order to post messages, and view any private posts.

a skill ( something you can learn how to do using Skillpedia ) by lxpk Sat, 2006-12-23 00:52

My Profile » I can do it: Add to my skills I want to learn how: Add to my skills wishlist Create Open Mission Create Learning Mission

Assessing the possible threats to your security is essential to formulating an appropriate security strategy.

Threat Listing

There are many different types of threats that can come into consideration. You first need to consider what you are doing and what likely threats will be.

Maintain a threats list with which to track individuals and groups that are against you. This is not a "people to kill" list. This is not a list of enemies to harrass like Scientology's Suppressive Persons Fair Game policy, it is a nonviolent defensive preparation only. Remember, the the first rule.

The list should include profiles with details like known/unknown, motive, resources, methods of attack and so on.

Known Enemy Threats

The most obvious threats are those people who have made their opposition known to you. They're against your group, people in it or what you stand for and they range from being out to get you to laughing at your misfortune at the hands of others. Either way, you have to know who to look for to watch you back.

Unknown Threats

It is as difficult as it is necessary to anticipate likely sources of unknown threats.

Keep a list of any threats that are possible given who you are, what you are doing and what forces might want to hinder you.

Criminal Threats

Purely criminal threats are usually motivated by greed. They most often take the form of thieves stealing valuable tech or kidnapping people for ransom. The best defense against most criminal threats is physical site security.

Individual Threats

Individual threats may arise out of personal vendettas against members of your group. A bitter ex-spouse of your spokesperson may attack them or discredit your group out of malice.

Make sure everyone in the group discloses any enemies they may have.
Track any individuals who have an axe to grind withyou.
Consider the danger posed by violent "lone gunman" types.
Try not to piss anybody off. This may be difficult if you are trying to be "edgy" to court controversy and publicity. But don't say we never told you so.

Insider Threats

Most attacks are perpetrated with inside help by disgruntled, unscrupulous or manipulated employees.

Maintain a trust list of people you have particular reasons to trust.
Ensure that nobody in a group becomes mistreated or feels alienated.
Maintain counter-social engineering training to prevent well-meaning members from becoming dumb-doing dupes paving the stones to the well-meaning hell from which social engineers are spawned, the rustling of their black leathery wings muffled only by their hypnotic succubi phone voice.

Corporate Threats

If you are doing something that competes or threatens with business interests, you may be targeted by corporate threats. Corporations are especially likely to initiate legal attacks.

For example, Ralph Nader was targeted by private investigators hired by automakers following his exposure of their criminal lack of concern for driver safety in a book he wrote called Unsafe At Any Speed. He caught them in the act and won an apology and a multi-mllion settlement that funded his creation of numerous consumer advocacy organizations.

Legal Threats

Lawsuits and criminal allegations can be devastating.

Make sure you have good legal counsel to ensure that you are lawyered out of any kind of exposure to threats.

Media Threats

If you are doing something newsworthy, you will probably attract the attention of journalists, many of whom will attack and slander you for ideologically or financially motivated reasons. Media threats can range from unfavorably distorted reporting to undercover investigative reporters social engineering themselves into your organization or information out of your people.

Government Threats

If you are doing something that interferes in politics or politicians' big corporate allies, you may become the target of government opression. People taking high-risk actions like civil disobedience for the sake of important principles must prepare to face consequences ranging from harassment to arrest to death. Master and implement nonviolence training because it has important security implications.

In some cases, hostile interests will arrest or harass susceptible individuals to threaten them with punishments or entice them with bribes in exchange for betraying their friends. You may want to ensure that everyone who commits pledges that they are prepared to go to jail for however long it takes and never to betray the trust of the group, even if offered a plea bargain.

The History of Opression

CIA Training manuals for coercive repression

Security Through Obscurity

Anything an enemy can learn about your security policies will help them attack you. Knowing what you guard against helps them avoid wasting time on ineffective tactics and gives them an opportunity to study your system for weaknesses to exploit.

In many organizations, for a security policy to be effective, it must be well known to members, which involves some kind of disclosure.

This requires a balancing act between obscurity and information.

In secret groups, no public information about security policies should be made known at all. Everything should be conveyed personallyby inherently secure means.

User login

Online users

Post To The Group