Intelligence Community Inspector General Report on Boston Marathon Bombings

IC-IG-BostonBombingReport

On April 15, 2013, two pressure cooker bombs placed near the finish line of the Boston Marathon detonated within seconds of each other, killing three and injuring more than two hundred people. Law enforcement officials identified brothers Tamerlan and Dzhokhar Tsarnaev as primary suspects in the bombings. After an extensive search for the then-unidentified suspects, law enforcement officials encountered Tamerlan and Dzhokhar Tsarnaev in Watertown, Massachusetts. Tamerlan Tsarnaev was shot during the encounter and was pronounced dead shortly thereafter. Dzhokhar Tsarnaev, who fled the scene, was apprehended the following day and remains in federal custody.

DHS National Cybersecurity and Communications Integration Center Heartbleed Advisories

NCCIC-Heartbleed

Security researchers from Google Security recently discovered a vulnerability with the Heartbeat extension (RFC6520) to OpenSSL’s Transport Layer Security (TLS) and the Datagram Transport Layer Security (DTLS) protocols. According to open source reports, the vulnerability has existed within certain OpenSSL frameworks since at least 2012. The Heartbeat extension is functionally a “keep-alive” between end-users and the secure server. It works by sending periodic “data pulses” of 64KB in size to the secure server and once the server receives that data; it reciprocates by re-sending the same data at the same size. The out-of-bounds “read” vulnerability exists because the Heartbeat extension in OpenSSL versions 1.0.1 through and 1.0.2-beta (including 1.0.1f and 1.0.2-beta1) do not properly validate the data being sent from the end-user. As a result, a malicious actor could send a specially-crafted heartbeat request to the vulnerable server and obtain sensitive information stored in memory on the server. Furthermore, even though each heartbeat only allows requests to have a data size limited to 64KB segments, it is possible to send repeated requests to retrieve more 64KB segments, which could include encryption keys used for certificates, passwords, usernames, and even sensitive content that were stored at the time. An attacker could harvest enough data from the 64KB segments to piece together larger groupings of information which could help an attacker develop a broader understanding of the information being acquired.

National Institute of Justice Through-the-Wall Sensors Best Practices for Law Enforcement

NIJ-ThroughWallSensors

The National Institute of Justice (NIJ) Sensor, Surveillance, and Biometric Technologies (SSBT) Center of Excellence (CoE) has undertaken a best practices report of through-the-wall sensor (TTWS) devices for operation by law enforcement and first responder agencies in the United States. These devices use a form of radar to detect movement behind barriers. The ability to sense the presence of individuals through common building materials can be useful during rescue operations, law enforcement operations and other tactical scenarios. This report provides advice, tactics and information related to the use of TTWS in operational settings. The information provides law enforcement individuals and organizations with a better understanding of the capabilities and limitations of available TTWS equipment. When put into practice, an agency can make the most of the technology and improve the outcome and safety of operational scenarios in which it is deployed. The best practices report focuses on the use of commercially available TTWS devices suitable for law enforcement or emergency response applications.

(U//FOUO) DHS-FBI-NCTC Bulletin: Fake Help Desk Scams an Ongoing Problem

DHS-FBI-NCTC-FakeHelpDesk

Law enforcement continues to see reporting of malicious cyber actors using fake help desk scams, also known as technical support scams. These scams, if successful, seek to compromise and take control of computer systems. Malicious cyber actors send users an e-mail or they make cold calls, purportedly representing a help desk from a legitimate software or hardware vendor. The malicious cyber actors try to trick users into believing that their computer is malfunctioning—often by having them look at a system log that typically shows scores of harmless or low-level errors—then convincing them to download software or let the “technician” remotely access the personal computer to “repair” it.

FBI Law Enforcement National Data Exchange Contains 223 Million Records

FBI-NDex-Overview_Page_31

The Law Enforcement National Data Exchange (N-DEx) run by the FBI Criminal Justice Information Services (CJIS) Division now contains approximately 223 million records on nearly two billion entities. A FBI CJIS presentation from February 2014 posted on the website of the Integrated Justice Information Systems Institute includes detailed information on state and local data contributors including a tally of the total number of records contributed by state.

DoD Open Business Model for Unmanned Aircraft Systems Ground Control Stations

DoD-UAS-OBM

Over the past twenty years, the Department of Defense (DoD) has acquired a diverse portfolio of Unmanned Aircraft Systems (UAS) across the Military Services to meet its national security needs. Newly emergent threats and evolving national security requirements are prompting the DoD to re-evaluate its entire portfolio of systems, while at the same time, seeking to reduce the total ownership costs including lifecycle sustainment costs of these systems. The anticipated reduction in defense spending in concert with advances in information technology provides ample opportunity for DoD to rethink how it acquires, designs, and builds its systems. As a result, DoD is adopting and exploiting open system design principles and architectures to increase competition, foster reuse across systems, and increase interoperability. This new acquisition model requires access to multi-vendor solutions to enable rapid insertion of new technologies to counter emerging threats, avoid technology obsolescence, and decrease time to field new capabilities. DoD is adopting an Open Business Model (OBM) to support the implementation of an Open Architecture (OA) for UAS Ground Control Stations (GCS) in order to drive greater acquisition efficiencies and reduce the total ownership costs. This new model is built upon several lessons learned from the Navy’s own open architecture efforts in the submarine community when it radically changed its approach to building weapon systems due to an emerging threat from an adversary in conjunction with declining budget.

Marine Corps Intelligence Activity Pakistan Military Culture Study

MCIA-PakistanMilitaryCulture

The Pakistan military is ambivalent toward the United States yet largely dependent on U.S. military aid. The Pakistan military distrusts civilians, and throughout Pakistan’s history, the military has repeatedly sought to control the civilian government. Currently, a worsening security and economic situation is taxing the military’s resources. However, the military is a hierarchical organization that remains internally stable and professional.

(U//FOUO) Marine Corps Intelligence Activity Chinese Military Culture Field Guide

MCIA-ChinaMilitaryCultureGuide

China’s Military Culture Field Guide is designed to provide deploying military personnel an overview of China’s military cultural terrain. In this field guide, China’s military cultural history has been synopsized to capture the more significant aspects of China’s military cultural environment, with emphasis on factors having the greatest potential to impact operations. The field guide presents background information to show China’s military mind-set through its history, values, and internal dynamics. It also contains practical sections on lifestyle, customs, and habits. For those seeking more extensive information, MCIA produces a series of cultural intelligence studies on China’s military that explores the dynamics of China’s military culture at a deeper level.