Long-Term Foreign Visitors

Long-term foreign visits to U.S. defense contractors, national laboratories or other companies or research laboratories in the private sector can pose a serious threat to security. Cleared contractors that have foreign national employees or that host long-term foreign visitors must have an approved Technology Control Plan (TCP) or other comparable procedures to mitigate the vulnerabilities associated with the foreign presence.1

Given access to U.S. scientific, technical, or other proprietary information, foreign experts can gain for their home country information that will erode the U.S. lead in militarily critical technologies. Often the difference between the technology used in unclassified research and a classified weapons program is only the "application" of the technology.  

bullet During joint research and development activities, foreign governments routinely request the presence of an on-site liaison officer to monitor progress and provide guidance. Several allied nations have used these positions as cover for intelligence officers who are tasked to collect as much information about a facility as possible. These officers use their access to the facility's computer network or relationship with their U.S. counterparts to gain unapproved access to classified or restricted data that is then sent back to their home country.

Foreign scientists and engineers sometimes offer their services to research facilities, academic institutions, or defense contractors. This can be an effort to place a foreign national inside the facility to collect information on the technology available there. Some prominent foreign scientists who obtained employment with U.S. companies have immediately sent acquired information via fax transmissions back to their former associates in their home country, using their native language so the U.S. company could not monitor what was being sent.

As part of a joint venture, one cleared contractor had a number of foreign representatives working on unclassified projects. "One of them was caught hacking into the unclassified, but proprietary local area network system. This person accessed company proprietary source code information. He was expelled from the facility, but the computer intrusions continued a few days later. The suspected perpetrators were the remaining representatives from the same country. Since the start of the joint venture, the foreign representatives had stated their desire for the source codes."2

In some instances, foreign graduate students in the U.S. have been asked by their government or a national corporation to serve as assistants at no cost to professors doing research in a targeted field. The student then has access to the professor's research and learns the applications of the technology.

Some foreign governments routinely task their graduate students in the United States to acquire information on a variety of economic and technical subjects. In some instances, the students are contacted and recruited before they come to the United States to study. Others are approached after arriving and are recruited or pressured based upon a sense of loyalty or fear of their home country's government or intelligence service. The security officer of a cleared U.S. defense contractor reported the company's desire to employ the son of a prominent foreign scientist from a European country. A name check of the scientist revealed he had previously cooperated with his country's foreign intelligence service.

One allied foreign government has an organized program to send interns abroad as an alternative to compulsory military service. In return for exemption from military service, the intern has the specific task of collecting foreign business and technological information. A student from this country recently offered to work "free" for a U.S. company that has a U.S. Government contract for classified work.

The following indicators should trigger security concern:

  • Foreign applicant has a scientific background in a specialty for which his country is known or suspected to have a collection requirement.

  • The technology the individual wants to conduct research on may have classified applications (dual use technology), be on the militarily critical technology list, or be export-controlled technology.

  • Foreign intern (student working on masters or doctorate) offers to work under a knowledgeable individual for free, usually for a period of 2-3 years. If any foreign national applicant offers services for free, the foreign government or a corporation associated with the government may well be paying the expenses and expect to gain accordingly.

Without sustained security and counterintelligence awareness training programs, assimilation of foreign personnel into the work environment usually results in a relaxation of security awareness among U.S. employees. Security compromise is a frequent result.

Technology Control Plan

Cleared contractors with foreign national employees or long-term foreign visitors are required to have an approved Technology Control Plan (TCP) or comparable procedures. The TCP identifies the specific information that has been authorized for release to the foreign visitors or employees as well as what classified, export-controlled, or proprietary information needs to be protected from the visitors or employees. Note that any discussion of export-controlled information with a foreign national in the United States is an "export" of that information and is subject to all the export control procedures.

Elements commonly included in a Technology Control Plan include the following:

  • All information that needs to be protected must be appropriately marked or otherwise identifiable to all personnel, and the penalties for noncompliance or negligence should be well known. (Under the Economic Espionage Act of 1996, information is not considered a trade secret unless the owner of the information has taken reasonable measures to protect it.)
  • Facility employees should be briefed prior to the arrival of a foreign national on the access limitations, potential foreign collection techniques that could be used, recognizing indicators of economic espionage, and to whom to report any relevant security information.
  • Facility employees who have frequent contact with foreign national personnel should be interviewed periodically to check for indicators of economic espionage.
  • Foreign nationals and long-term foreign visitors should be briefed on their obligations and responsibilities, including limitations on access and any limitations on their use of computers, copiers, or fax machines. They should be asked to sign an agreement that they will comply with security requirements. The agreement should state what the consequences are for not complying with the security requirements. If the foreign national is later caught doing something wrong, the written agreement eliminates the "I didn't know" excuse. 
  • In anticipation of gaining access to an organizations computer network, some foreign employees have been trained in hacking techniques. Good risk management means reducing vulnerabilities to the technologies or information you are trying to protect. It may mean providing long-term visitors with a "stand alone" computer instead of access to your entire network. At a minimum, it must include regular checking of computer audit logs to detect any effort by the foreign employee to exceed his or her approved computer access.
  • Foreign visitors should not be given access to company fax machines unless you have some means to read and review the documents being sent, including those written in a foreign language. Fax machines make it possible for someone who is stealing information to compromise documents without having to take the riskier step of physically removing them from the building.

Related Topic: Short-Term Foreign Visitors.

Reference
1. Source for most information in this topic is "Long-Term Foreign Visitors Threaten Security," Counterintelligence News and Developments, March 1997, National Counterintelligence Center. Also, Annual Report to Congress on Foreign Intelligence Collection and Industrial Espionage, July 1995, National Counterintelligence Center.
2. James Norvell, "Assessing Foreign Collection Trends," Security Awareness Bulletin, No. 1-98 (Richmond, VA: Department of Defense Security Institute, 1998).

 

<-- PrevNext -->
SECURITY BRIEFING TABLE OF CONTENTS