Vulnerability Assessment of the Defence Intelligence Agency (DIA)

Vulnerability Assessment of the Defence Intelligence Agency (DIA)

Introduction

Almost all systems or facilities are faced with some forms of threats. Some threats cannot be realized easily without conducting a thorough assessment. Vulnerability assessment involves the process of identifying and quantifying risks facing a system or a facility (Sage, 2005). Threats to a system can be of different forms, for example, persons, terrorism acts, or natural disasters. With the advancement in technology, threats have become more complicated because the facility and its components can be invaded from the remote place through cyber-attack. By conducting a vulnerability assessment, an organization would be able to identify potential threats and put measures in place before such threats or weaknesses are used by people with ill motives. This paper provides a vulnerability assessment of the Defence Intelligence Agency (DIA) located in Washington, DC. The first section of the paper introduces the concept of vulnerability assessment and provides the purpose of the assignment. The paper shall also describe the site selection providing reasons why it was selected, components of vulnerability in the selected facility, and recommendations on how the identified threats can be mitigated.

Description of the selected facility

The selected facility is the Defence Intelligence Agency (DIA), located in Washington, DC. This facility is the headquarter of the DIA, which has other facilities at different places across the country as well as globally. This facility is found along the Potomac River at Joint base Anacostia-Boiling in Washington, D.C. (Defense Intelligence Agency, 2020). Before this facility moved to its current location in 1984, it was housed at “A” and “B” buildings at Arlington Hall Station. The headquarter was moved to the current location because the previous buildings were old, and there were security issues. This facility was developed to house the military intelligence personally with the mission of preventing strategic surprise, deliver strategic advantage, and to deploy worldwide so that challenges can be met.

The major goal of this department is to assist the nation in understanding the reality of threats it faces so that the President can make wise decisions and actions concerning those threats (DIA, 2014). This facility also houses other offices; for example, it housed the central office of JFCC-ISR and the DIA Memorial Wall. According to information from the agency, about a third of the total DIA workforce operates in this facility. This facility is rounded by low-density uses and packing. The DIA also prohibits walking close to the facility; instead, driving or transit transport is recommended.

Rationale for selection

There are various reasons why this facility was selected for a vulnerability assessment. One reason is because of its critical role in U.S. security. The DIA is a federal agency that deals with all the military and defense intelligence in the U.S. This is a very crucial agency to the U.S. government because about a quarter of all the intelligence that goes to the U.S. President on a daily basis come from this department. This department is considered as the primary source of foreign intelligence information (DIA, 1996). The Secretary of Defence and Chief of Staff rely on this agency with intelligence information for decision making and policymaking.

This facility is also concerned with the collection of intelligence about terrorism worldwide. Such information is crucial, and therefore, the terrorist may be interested in causing harm to this facility and its personnel. This facility can, therefore, be a target for various groups such as terrorists and other enemy-countries of the U.S. based on the critical role it plays. The major threat to this facility can be hacking due to its crucial information or physical destruction from terrorists as revenge. This facility requires extra security measures because of its role. These extra security measures can, however, be developed once threats have been identified. The critical role of this facility, as well as the need for extra security measures, is a clear justification for vulnerability assessment.

Key assets of the facility

This agency has various assets that need protection or extra security measures. One of the key assets for this agency is the employees. The personnel operating in this department are responsible for collecting and handling the information. There are also many people working in the field to collect intelligence for the agency (DIA, 2019). Considering the critical role that employees at this department are playing, they can be targets from enemies such as terrorists hence the need for ensuring their safety.

Data or information is another critical asset for the DIA. DIA deals with the collection of human-source intelligence (DIA, 1996). This facility receives military intelligence every day from across the world and reports to the Secretary of State. The intelligence information is critical to the national security and formulation of policies, and therefore, it must be secured. The building of the DIA is also a crucial asset. This building is the one that houses other critical components such as personnel and data hence very crucial.

Components for the vulnerability assessment

There are various components that can be assessed in this department. One component for vulnerability assessment is physical threats. The facility of DIA is crucial, and there must be measures to safeguard the personnel working in the facility and unauthorized access.  The physical security assessment should also include measures in place to protect authorized access to the document (Department of the Army, 1979). Inspections and survey is another component to be assessed because it promotes physical security. How security guards inspect those entering the facility is important because any suspected persons can be identified. Another component to be assessed is the issue of cyber-attacks. Cyberattack is a common threat to this facility because it handles crucial intelligence information using computers. Assessing measures that the agency has put in place to deal with the issues of cyber-attacks will be important.  Furthermore, information sharing is another threat. The channels and manner in which intelligence information is shared are also crucial to assess.

Previous incidences

There are previous cases that can be considered a threat that happened in this agency that called for more stringent measures. Most previous threats involved spying against the agency. Anna Montes, who was a senior DIA analyst, was arrested and sentenced to prison after she was found to be spying against the DIA in 2001. She was found to be working with Cuban intelligence providing them with crucial information, including the identity of DIA agents in Cuba. Robert Montaperto was also charged in 2006 for sharing intelligence information with MSS intelligence (The Washington Times, 2006). This employer was also a senior intelligence analyst at the DIA headquarter.

Current measures

There are various measures to deal with any form of threat that this agency is currently undertaking. This department has officers in Cyber & Computer Science with the responsibility of developing and delivering information technology systems. The computer experts also assist the department in securing the information against any threat, both from internal and external. To ensure that there is little access or authorized access, people are not required to walk close, or towards the facility as only driving or transit, transport is allowed to the facility. The facility is also under 24/7 security watch to ensure that it is safe. To deal with the large volume of data that the organization is receiving and processing, the DIA has developed the Machine-Assisted Analytic Rapid Repository System (MARS). This system aims at improving how the intelligence information is managed, and it will improve the rate in which the information is made available to warfighters and policymakers (DIA, 2019).

Recommendations

Concerning physical security, the DIA can develop various measures to guarantee physical safety. The agency must ensure that only authorized individuals should have access to the documents by developing and changing passwords on a regular basis. This department should also create a clear buffer zone to prevent unauthorized people from accessing the facility. The use of an electronic entry control system should also be used in this facility to promote physical security. The use of EES is crucial because it provides early warning in case of an intruder. The identity of individuals working in sensitive areas such as computer systems or handling of information should not be revealed so that their safety can be guaranteed. The DIA is also handling huge data that should be made available in real-time. This agency must develop a system with the capability to handle large data and make it available to both humans and machines.

Conclusion

In conclusion, it is evident that the department of intelligence facility is facing various threats, both internally and externally. External threats to this facility include Physical threats to the facility, such as illegal access and cyber-attacks. The facility is handling important intelligence information that other countries or terrorist groups might be interested in. Internal threats include issues of spying and illegal access to the documents. These threats can only be identified through a vulnerability assessment. This facility can be a target of attack from the identified threats because of its critical role in collecting and handling intelligence information. From the above-identified threats, the DIA can implement the recommendations provided, for example, creating a clear boundary from other public uses.

Reference

Defense Intelligence Agency. (2020). Locations. Retrieved from https:www.dia.mil/about/organization/locations/

Department of the Army. (1979). Physical Security.

DIA. (1996). Brief History. Washington DC.

DIA. (2014, February 11). Speeches and Testimonies: 2014 Annual Threat Assessment. Retrieved from https://www.dia.mil/News/Speeches-and-Testimonies/Article/567085/2014-annual-threat-assessment/

DIA. (2019). DIA’s Vision of MARS: Decision Advantage for the 21st Century. Defense Intelligence Agency.

Sage, P. T. (2005). Vulnerability Assessment and Analysis: A Methodology for Exposing Hazards. Victoria, Australia: Sage Publication.

The Washington Times. (2006, June 23). Ex-DIA Analyst Admits Passing Secrets to China. The Washington Times.

Appendix

Vulnerability Assessment Tool