ML18333A276
| ML18333A276 | |
| Person / Time | |
|---|---|
| Issue date: | 10/31/2018 |
| From: | Lance English, Mason J, Reed E, William Schuster Research and Test Reactors Oversight Projects Branch, Office of Nuclear Security and Incident Response, US Dept of Homeland Security |
| To: | |
| Montgomery C | |
| Shared Package | |
| ML18333A271 | List: |
| References | |
| Download: ML18333A276 (54) | |
Text
Security Panel October 31, 2018 Bill Schuster and Beth Reed, NRC/NRR Janine Mason, DHS/OIP Lance English, NRC/NSIR
Agenda
- Bill Schuster - Part 37 Implementation
- Mailing Sensitive Documents
- Reporting Events to the NRC
- Janine Mason - Critical Infrastructure and NPR Subcouncil
- Lance English - Foreign National Program
Physical Protection of Cat I and II Quantities of Materials William Schuster, Reactor Engineer Research and Test Reactors Oversight Branch 2018 TRTR Conference October 31, 2018
Part 37 - Background
- Preceded by Orders (RAMQC)
- Final Rule: 78 FR 17007
- Pub. Mar 19, 2018; Eff. May 20, 2013
- Compliance by Mar 14, 2014 2018 TRTR Conference 4
2018 TRTR Conference 5
Table 1 - Category 1 and Category 2 Threshold (From Appendix A to Part 37 - Category 1 and Category 2 Radioactive Materials)
2018 TRTR Conference 6
Radioactive Material Category 1 (TBq)
Category 1 (Ci)
Category 2 (TBq)
Category 2 (Ci)
Americium-241 60 1,620 0.6 16.2 Americium-241/Be 60 1,620 0.6 16.2 Californium-252 20 540 0.2 5.40 Cobalt-60 30 810 0.3 8.10 Curium-244 50 1,350 0.5 13.5 Cesium-137 100 2,700 1
27.0 Gadolinium-153 1,000 27,000 10 270 Iridium-192 80 2,160 0.8 21.6 Plutonium-238 60 1,620 0.6 16.2 Plutonium-239/Be 60 1,620 0.6 16.2 Promethium-147 40,000 1,080,000 400 10,800 Radium-226 40 1,080 0.4 10.8 Selenium-75 200 5,400 2
54.0 Strontium-90 1,000 27,000 10 270 Thulium-170 20,000 540,000 200 5,400 Ytterbium-169 300 8,100 3
81.0
Part 37 - Inspection Implementation
- Oversight responsibility
- NRC
- Not located in an Agreement State
- Part 37 material is under the Part 50 license
- Agreement States 2018 TRTR Conference 7
Part 37 - Inspection Timeframe
- Conducted with next security inspection
- Frequency
- Typically 3 or more years
- Based on material quantity and form 2018 TRTR Conference 8
Part 37 - Inspection Items
- Access Authorization
- Investigations
- Access Authorization Program Review
- Security Program
- LLEA Coordination
- Security Zones
- Monitoring and Detection
- Maintenance and Testing
- Mobile Devices
- Security Program Review
- Transportation 2018 TRTR Conference 9
Part 37 - Summary
- Taking possession of sources or protecting under Part 73 PSP can present challenges
- Key to compliance is documentation 2018 TRTR Conference 10
Regulatory Discussion Beth Reed, Security Specialist Research and Test Reactors Oversight Branch 2018 TRTR Conference October 31, 2018 2018 TRTR Conference 11
New NRC Process for E-Mailing Official Use Only Documents
- Yellow Announcement: YA-17-0068 (ML#17200D030)
- Types of documents
- Security Plan RAIs
- Security Inspection Report
- License Operator Medical Information
- Temporary fix is to use a third party site (Army)
- AMRDECT SAFE at https://safe.amrdec.army.mil/safe/
Sending Non-Public Documents to the NRC
- Sensitive Information
- Security-Related Information
- Request for NRC Approved Reviewing Official
- Responses to Security Plan RAIs
- Medical Information
- License Operator Request
- Safeguards Information
- Physical Security Plan
- Responses to Security Plan RAIs
Marking Documents under 10 CFR 2.390 10 CFR 2.390(b)(1)(i)(A), Mark at the top and bottom of each page with language similar to: confidential information submitted under 10 CFR 2.390, withhold from public disclosure under 10 CFR 2.390,or proprietary, to indicate that it contains information the submitter seeks to have withheld.
For withholding SRI, use: Security-Related Information - Withhold Under 10 CFR 2.390.
Update: Mark the header and footer of the transmittal letter with Security-Related Information - Withhold Under 10 CFR 2.390.
Include separation statement 17
Mailing Documents under 10 CFR 2.390
- Single Envelope
- Address: U.S. Nuclear Regulatory Commission, Washington, DC 20555-0001 ATTN: Document Control Desk
- Do not address directly to the PM or Security Specialist
Marking Documents SGI or SGI-M The transmittal letter forwarding the physical security plan (PSP) to the U.S. NRC, and each page of the PSP, must be marked Safeguards Information - Modified Handling (or Safeguards Information if applicable) on the header and footer.
The transmittal letter should also include a separation from enclosure statement if the letter itself does not contain SGI or SGI-M.
The first page of the PSP needs to include:
- A statement warning of unauthorized disclosure subject to civil and criminal penalties.
- The name, title, and organization of the individual who made the SGI or SGI-M designation, and the date it was made.
19
Transmittal Letter and First Page of the PSP 20
Mailing SGI Documents
- Must be packaged in two sealed envelopes
- Outer envelope: U.S. Nuclear Regulatory Commission, Washington, DC 20555-0001 ATTN:
Document Control Desk
- Inner envelope: Name and address of the intended recipient and marked on both sides, top and bottom, with the words "Safeguards Information-Modified Handling
- Good idea to use a mail service that will track the package
Who to call and How
- Call the Headquarters Operation Officer (HOO) at 301-816-5100
- The HOO will notify the appropriate RTR staff (PM, security specialist)
- Be prepared to answer specific questions about event, the facility and the reactor status
Information for the HOO
- Name of facility and caller, and call back number
- Time and date of event
- Reactor Information
- Type
- Power level and max pulse (if applicable)
- Status
- Event Classification
- EAL
- Safeguards events/Security plan requirements
- Information purposes - voluntary
- Technical Specification requirements
- Finalizing the hypothetical all digital NPR Report
- To determine if a cyberattack presents a mechanism of release of radioactive material that has not already been evaluated by the NRC
- Compare consequences of a cyberattack to that of the previously assessed physical security consequences (2006)
- Document is under management review
- Conclusion of report will be used to justify decision for rulemaking
Interagency Resources NRC Inspection Program DHS NPR Subcouncil DHS Training Tools DOE funded Alarm
Response
Training DHS Exercise Program DOE/FBI TTX FBI Outreach Visits DOE Voluntary Security Enhancements NRC Rulemaking NPR Facility
National Protection and Programs Directorate Department of Homeland Security The Office of Infrastructure Protection Nuclear Sector-Specific Agency Non-Power Reactor Subcouncil Overview
Sector Partnership Environment 27
Non-Power Reactor Subcouncil Mission: To provide effective coordination of security strategies and activities, policies and communications across Government and between the Government and NPR community.
To coordinate with emergency management and public health and safety communities regarding consequence-management issues associated with any malevolent act involving the NPR subsector.
Goals: To coordinate efforts to sustain or enhance the necessary protection of the subsector assets through the following activities:
Identify NPR security and preparedness issues that would benefit public-private coordination, and the communication and coordination of those issues.
Identify potential enhancements to NPR security and preparedness plans, programs, policies, procedures and strategies.
Recognize successful programs and practices through the sharing of experiences, ideas, effective practices and innovative approaches related to NPR protection.
Leverage complementary resources within government and between government and industry.
28
Non-Power Reactor Subcouncil NPR Subcouncil (NGCC/NSCC) Leadership Oregon State University (NSCC-NPR Co-Chair)
Rhode Island Nuclear Science Center (NSCC-NPR Co-Chair)
Nuclear SSA (NGCC-NPR Co-Chair)
Interagency Partners and Roles:
Department of Homeland Security (DHS)
Partnership
Infrastructure Protection
Nuclear Regulatory Commission (NRC)
Regulation
Cyber
Department of Energy/National Nuclear Security Administration (DOE/NNSA)
Voluntary Security Enhancement Program
Alarm Response Force Training/Table Top Exercises
Federal Bureau of Investigation (FBI)
Outreach Visits 29
Partnership Mechanisms HSIN-CI The Homeland Security Information Network - Critical Infrastructure (HSIN-CI) is a secure portal that provides a peer to peer collaboration space for members to engage in real-time.
Each subsector has its own subportal within the Commercial Facilities portal.
Resources available on HSIN-CI include analysis, alerts, bulletins, training, and Suspicious Activity Reporting.
To register, email:
hsinci@hq.dhs.gov 30
For more information visit:
https://www.dhs.gov/nuclear-reactors-materials-and-waste-sector Email: NuclearSSA@hq.dhs.gov
NRCS Counterintelligence Briefing TRTR Conference - Newport, Rhode Island October 31, 2018 Lance English, Counterintelligence Program Manager - NRC Desiree Davis, Intelligence Analyst - NRC Joseph H. Altman, Special Agent - FBI
Introduction Counterintelligence programs aim to identify intelligence threats from state and non-state actors.
As a defensive counterintelligence program participant, you can help the NRC focus efforts on preventing foreign actors from penetrating your institution and protect your research from foreign actors.
33
Agenda Definition of Counterintelligence (CI)
Education or Espionage (video clip)
FBI Presentation CI Awareness Importance of Foreign Visitor Screening Federal Government Response What You Can Do to Help Reporting 34 Spies look like this...
not this
Education Or Espionage?
35
FBI Boston Division:
Counterintelligence Awareness Briefing Visitors: Risks & Mitigations October 2018 Briefing Conducted by:
FBI Boston Division SA Joseph H. Altman
OUR MISSION To protect the United States by identifying, understanding, and combating foreign government activities that pose a threat to national security FBI Counterintelligence Strategy OUR STRATEGY
- 1. Determine what information, technology, or other assets our adversaries want to obtain
- 2. Prioritize which of those are most important to protect
- 3. Determine who has those priority items
- 4. Leverage the broadest set of tools and allies to protect those priority items Not Just Hostile Intelligence Services Emphasis On Preventing Harm
Trends in Espionage
Collection against the U.S. has roughly doubled since the end of the Cold War.
Focus of Foreign Intelligence has shifted from military secrets to critical technology and U.S.
proprietary economic information.
Political and military allies are just as active in technology/economic collection as our traditional adversaries.
Foreign Threat Friend and Foe Rich and Poor Low and High Technologies Government and Private 100+ Countries Targeted U.S.
Technologies
What Do They Want?
Proprietary formulas and processes Research and Development Information Prototypes or blueprints Security and Physical Plant Information Employee Lists/Phone Directories Access control information Software (including source codes)
Corporate / Marketing strategies Customer Data Negotiation strategies
Common Tactics / Techniques Corporate Insider (access/knowledge)
Unsolicited Correspondences & Request for Information Cyber Elicitation Exploitation of Joint Venture/Research Relationships Acquisition of Technology Trade Shows, Exhibits, Symposia, Conventions and Seminars Internet Social Networking Risks Foreign Visits /Foreign Delegations Foreign Acquisition of Technology and Companies Exploiting Overseas Travel
Exploitation of Foreign Visit Techniques:
Peppering: Visitors asking the same question in different styles or one visitor asking the same question to multiple U.S. contractor employees (Primary Goal: These techniques are specifically designed to produce potentially embarrassing incidents and appeal to your good side)
Wandering Visitor: The visitor uses the distraction provided by a large delegation to slip away, out of the control of the escort Divide and Conquer: Visitors take the U.S. team members into different areas to discuss issues in order to deprive the U.S. person of his safety net of assistance in answering questions Switch Visitors: A collector added to the group without leaving enough time for a background check on the new visitor Bait and Switch: The visitors say they are coming to discuss business that is acceptable for discussion, but after they arrive their agenda switches to different questions and discussion topics Distraught Visitor: When the visitors questions are not answered he/she acts insulted or creates an uncomfortable scene in an attempt to psychologically coerce information from the target
Exploitation of Foreign Visit Techniques:
Arriving at a facility unannounced Taking notes and photographs Last minute or unannounced additions to a visiting delegation Foreign Liaison Officer (FLO) or embassy official attempts to conceal official identity during commercial visits.
Visitors claim business-related interest but lack experience researching and developing technology Visitors ask to meet personnel from their own countries and attempt to establish continuing contact with them.
Exploitation of Foreign Visit Security Countermeasures Do not allow suspicious unannounced foreign visitors access to the facility. Simply tell them no one is available, and that they should schedule an appointment for another date.
Do not allow last minute additions or substitutions to a foreign delegation to have access to the facility. Ask them to remain in the lobby while the others are permitted access. This could potentially keep an intelligence officer out of the facility and encourage proper visitation procedures.
Verify personal identification against the original visit request when foreign visitors arrive to ensure they are who they say they are.
Ensure there is a sufficient number of escorts to control a visiting delegation if it should be split into multiple groups.
Exploitation of Foreign Visit Security Countermeasures Ensure escorts are briefed as to what is critical within the facility and that they know what requires protection from the foreign visitors Ensure facility employees are briefed as to the scope of the foreign visit and to not discuss anything beyond what is approved If a visitor becomes offended when confronted during a security incident, recognize the confrontation as a collection technique and ask the visitor to leave the facility if he or she cannot abide by the rules Do not permit any cameras or note taking if something in the facility is "sight sensitive"
Exploitation of Foreign Visit Security Countermeasures If the delegation attempts to make additional contacts with escorts and speakers, make sure they keep discussions to the agreed-upon topics and information Conduct a walkthrough of the facility to ensure the visitors will not have audible or visible unauthorized access. Escorts should maintain visual contact with all visitors at all times If these or any other suspicious incidents occur, please ensure that they are reported immediately to your security office
Exploitation of Foreign Visit Security Countermeasures Brief visitors on their obligations and responsibilities including limitations on access or use of computers, copiers, or fax machines, and access limitations to buildings or rooms Do not allow visitors to use networked computers; provide stand-alone computers if needed Conduct regular computer audits to detect any efforts by visitors or employees to exceed their approved computer access
Among the foreign threats to the United States.
China and Russia remain the most capable and persistent intelligence threats and aggressive practitioners of espionage and economic espionage.
James Clapper, Director Office of the Director of National Intelligence Senate Select Committee on Intelligence Foreign Intelligence Threat
Not Just Spy vs. Spy Anymore NOW Intelligence officers People recruited by intelligence officers Hackers Businesspeople Academics Researchers Diplomats Anyone else who can get their hands on something of value THEN Intelligence officers People recruited by intelligence officers
Importance of Foreign Visitor Screening The best first step for a FIS or terrorist is physical access to you and your facility.
- Inserting a thumb drive into a computer or replacing a computer cable
- Using the visit to arrange a social meeting off-site Your best defense is to know with whom you are dealing and whether the US Government can inform you about potential risks.
50
Federal Government Response Two White House initiatives will organize U.S. government resources for better vetting of those entering the U.S. It will also put resources at your disposal to understand the identity of individuals seeking access to you and your facility:
- National Security Policy Memorandum 7 Integration, Sharing, and Use of National Security Threat Actor Information to Protect Americans; establishes support for the national vetting enterprise
- National Security Policy Memorandum 9 Establishes the National Vetting Center under DHS to coordinate the management and governance of the national vetting enterprise.
The Foreign Access Management Enterprise (FAME) is run by the DHS Chief Security Officer to help DHS and USG agencies better understand the threat posed by foreign visitors.
FAME is a short-term resource as the larger robust capability is built 51
What You Can Do to Help Implement comprehensive foreign visitor screening.
- Knowing about potential risks will help safeguard you, your personnel and your facility.
Contact the NRC Counterintelligence Program Manager regarding requests for access by foreign visitors.
In return, you will receive notification if derogatory information was found.
Consider the results conjunction with other applicable requirements to determine whether an individual may be granted unescorted access Inform your local FBI contact regarding foreign visitor access requests.
52
Reporting Remember, YOU are the first line of defense against espionage!
If you feel you are being solicited for information:
- Never feel obligated to answer questions that make you feel uncomfortable
- Be observant and take note of the person questioning you
- Maintain professional composure
- REPORT, REPORT, REPORT (ReportIt@nrc.gov)
Lance English NSIR/DSO/ILTAB 301-492-3006 Lance.English@nrc.gov Desiree Davis NSIR/DSO/ILTAB 301-492-3979 Desiree.Davis@nrc.gov Points of
Contact:
53
FBI Boston - WMD Program Special Agent Joseph H. Altman Weapons of Mass Destruction FBI Boston 978-994-6047 jhaltman@fbi.gov