Hackers often justify their cracking activities with the argument that systems should be secure;
they are merely exposing flaws that never should have appeared in the first place and should be
fixed. This argument falls apart, however, in the context of the preceding analysis. Networked
systems will always have vulnerabilities, just as our streets, homes, and other public infrastructures
do. Breaking into a computer system, without authorization to do so, is no more ethical than breaking
into a house to demonstrate its physical vulnerabilities.
Part A: What is computer security?
Computer security is about risk management, not absolute security, and involves application of
both technical and non-technical countermeasures. Non-technical defenses include formulating a
security policy for the organization and educating users about that policy.
Part B: How does computer security involve you?
As intelligence personnel, you will probably use computers to do your job. You will be responsible
for the security of the computers you use, and for the security of the classified and sensitive
information you process.
Your commander will expect you to be not only an intelligence expert, but also a security expert. if
your commander has a security problem, to include a computer security problem, he will expect you
to have the expertise to solve that problem.
The lessons in this subcourse are designed to provide you with the basic understanding of computer
security that you will need as intelligence personnel. Most information in these lessons applies to the
security of any computer, large or small. However, the primary intent is to provide security guidance
on protecting the Army's personal computers (PCs) and the classified and unclassified-sensitive
information they process.
Part C: Computer Security
Computer Security (COMPUSEC) is a sub-discipline (sub-security) of Information Systems Security
(ISS). As well as using computers for familiar information processing functions, such as word
processing, personnel management, and issuing your end-of-month paycheck, the Army uses
computers and computer-based systems for a wide variety of other functions.
First, you use your PCs word processing program to type a message on a DD Form 173. Then the
signal folks at the communications center use a computer-based communications system to transmit
that message. Even the gunner on an M-1 tank deals with computers on a daily basis; the 60's main
gun has a computer-based fire control system. This lesson will introduce you to ISS.
Part D: The U.S. Army Computer Security Program
The Army's Telecommunications and Automated Information Systems (TAIS) have certain inherent
security vulnerabilities and these systems are known to be targeted by foreign intelligence services.
ISS is defined as "a composite of means to protect telecommunications systems and automated