United States

(U//FOUO) DHS-FBI-NCTC Bulletin: Malicious Cyber Actors Use Advanced Search Techniques

DHS-FBI-NCTC-GoogleDorking

Malicious cyber actors are using advanced search techniques, referred to as “Google dorking,” to locate information that organizations may not have intended to be discoverable by the public or to find website vulnerabilities for use in subsequent cyber attacks. “Google dorking” has become the acknowledged term for this malicious activity, but it applies to any search engine with advanced search capabilities. By searching for specific file types and keywords, malicious cyber actors can locate information such as usernames and passwords, e-mail lists, sensitive documents, bank account details, and website vulnerabilities. For example, a simple “operator:keyword” syntax, such as “filetype:xls intext:username,” in the standard search box would retrieve Excel spreadsheets containing usernames. Additionally, freely available online tools can run automated scans using multiple dork queries.

(U//FOUO) FBI Analytic Report: Autonomous Cars Present Game Changing Opportunities and Threats For Law Enforcement

FBI-AutonomousVehicles

The FBI assesses that if autonomous cars are approved by Congress for use by the public nationwide in the next five to seven years, these vehicles will have a high impact on transforming what both law enforcement and its adversaries can operationally do with a car. State regulators in California, Florida, and Nevada already legalized the use of these vehicles within their states.

DHS National Cybersecurity and Communications Integration Center Bulletin: Hotel Business Centers Keyloggers

NCCIC-HotelMalware

The following is an advisory for owners, managers and stakeholders in the hospitality industry, which highlights recent data breaches uncovered by the United States Secret Service (USSS). The attacks were not sophisticated, requiring little technical skill, and did not involve the exploit of vulnerabilities in browsers, operating systems or other software. The malicious actors were able to utilize a low-cost, high impact strategy to access a physical system, stealing sensitive data from hotels and subsequently their guest’s information. The NCCIC and the USSS have provided some recommendations at the end of this document that may help prevent similar attacks on publicly available computers.

U.S. Army Techniques Publication 3-39.33: Civil Disturbances

USArmy-CivilDisturbances-2014

ATP 3-39.33 provides discussion and techniques about civil disturbances and crowd control operations that occur in the continental United States (CONUS) and outside the continental United States (OCONUS). United States (U.S.) forces deploy in support of unified action, overseas contingency operations, and humanitarian assistance worldwide. During these operations, U.S. forces are often faced with unruly and violent crowds who have the intent of disrupting peace and the ability of U.S. forces to maintain peace. Worldwide instability coupled with U.S. military participation in unified-action, peacekeeping, and related operations require that U.S. forces have access to the most current doctrine and techniques that are necessary to quell riots and restore public order.

(U//LES) DHS Assessment: Domestic Violent Extremists Pose Increased Threat to Law Enforcement and Government Officials

DHS-DomesticViolentExtremists

After years of only sporadic violence from violent domestic extremists motivated by anti-government ideologies, I&A has seen a spike within the past year in violence committed by militia extremists and lone offenders who hold violent anti-government beliefs. These groups and individuals recognize government authority but facilitate or engage in acts of violence due to their perception that the United States Government is tyrannical and oppressive, coupled to their belief that the government needs to be violently resisted or overthrown. Historically, spikes in violence have followed high-profile confrontations involving the United States Government, such as Ruby Ridge and Waco. The April 20 14 Bunkerville, Nevada standoff likely represents a similar event that could inspire further violence.

(U//FOUO) New Jersey Fusion Center: Potential Threats to Government Officials in New Jersey

NJROIC-ThreatsGovernmentOfficials

The FBI San Antonio Division recently reported that groups of young individuals in Texas, and possibly other states, were attempting to elicit information regarding residences of firefighters, military personnel, police officers, etc. The subjects knocked on neighborhood doors, telling residents they worked for an organization that helps young people with public speaking by sending them out to contact random people at their homes and ask about their professions. The youths reportedly received points based on the professions they located, with the potential of winning a college scholarship and a large sum of money. Police officer had the highest point value.

House Oversight Committee Report: Psuedo-Classification of Executive Branch Documents

US-PsuedoClassificationSSI

While the SSI designation can protect sensitive information, it is also vulnerable to misuse. Bipartisan concerns about the use of the SSI designation by the Transportation Security Administration (TSA), an agency of the Department of Homeland Security (DHS), have existed since the promulgation of the SSI regulations in 2004. Through its investigation, the Committee obtained witness testimony and documents that show possible misuse of the SSI designation by TSA. Witnesses detailed instances in which TSA barred the release of SSI documents against the advice of TSA’s SSI Office. TSA also released SSI documents against the advice of career staff in the SSI Office. The Committee’s investigation revealed that coordination challenges exist among the TSA Administrator, TSA’s Office of Public Affairs (OPA), and TSA’s SSI Office.

(U//LES) Los Angeles Fusion Center: Identifying Mexican Mafia Members and Associates

LAJRIC-MexicanMafiaMembers

Humming bird and Marilyn Monroe tattoos may have a nexus to the Mexican Mafia, while “G Shields” (Aztec warrior shields) and mariposas (butterflies) may be decreasing in popularity. As certain tattoos sported by Mexican Mafia members and supporters become mainstream, and because California Department of Corrections is known to use certain tattoos as validation points, Mexican Mafia members may introduce new tattoos to make it difficult for law enforcement and correctional officers to identify membership or affiliation with the group. Tattoos are also increasingly disguised within other tattoos, which can make them more difficult to easily identify.

(U//FOUO) New Jersey Division of Fire Safety Bulletin: Sovereign Citizens

NJ-SovereignCitizens

The anti-government sovereign citizen movement has been catapulted into the forefront of public attention due to an increase in criminal activity by sovereign citizens nationwide. The movement consists of individuals and small groups throughout the United States, guided and supported by adherents who share the core belief that Federal, state, and local governments are all illegitimate entities.

DHS Infrastructure Sector Resilience Report: Electric Power Delivery

DHS-ElectricPowerResiliency

The Department of Homeland Security Office of Cyber and Infrastructure Analysis (DHS/OCIA) Homeland Infrastructure Threat and Risk Analysis Center (HITRAC) produces Sector Resilience Reports to improve partner understanding of the interdependencies and resilience of certain sectors. Specifically, this report provides a brief overview of the electric power system, and analysis of key electric power system dependencies and interdependencies. Additionally, this product includes an assessment of, and best practices for, improving community, system, and facility resilience. This Sector Resilience Report was produced to complement other sector-specific guidance, analysis, and scholarly papers on infrastructure resilience by applying data obtained from DHS site visits and assessments analyzing the resilience of critical infrastructure assets and systems.

(U//FOUO) DHS-FBI-NCTC Bulletin: Medical Treatment Presents Opportunity for Discovery of Violent Extremist Activities

DHS-FBI-NCTC-MedicalTreatmentExtremists

Efforts to gain expertise with explosive, incendiary, and chemical/biological devices may lead to injuries and emergency treatment, which may provide potential indicators of violent extremist activities to responding emergency medical service (EMS) personnel. Scene size-up and patient assessment provide first responders the opportunity to view both the scene and any patient injuries. EMS personnel and other first responders should consider the totality of information gleaned through direct observation and the statements of patients, witnesses, and bystanders to evaluate whether an injury is a genuine accident or related to violent extremist activity.

National Counterterrorism Center Flyer: College Drone Programs Can Be Targeted by Violent Extremists

NCTC-UAS-Extremists

College programs in unmanned aircraft systems (UAS) are susceptible to potential penetration or attack plotting by violent extremists. Enhanced information and operational security practices can reduce the likelihood of a violent extremist infiltrating UAS programs or planning an attack against students and faculty. There are potential indicators that a student or faculty member may possess ulterior motives for their interest in unmanned aircraft.

FAA Order: Unmanned Aircraft Operations in the National Airspace System (NAS)

FAS-UAS-NAS

Purpose of This Notice. This notice provides information and interim guidance on air traffic policies and prescribes procedures for the planning, coordination, and services involving the operation of unmanned aircraft systems (UAS) in the NAS. These policies and procedures reflect current written directives and regulations and do not reflect any major changes. The intent of this notice is to consolidate all current directives and regulations into one document to assist with understanding UAS operations in the NAS.

(U//FOUO) Marine Corps Intelligence Activity Malaysia Cultural Field Guide

MCIA-MalaysiaCultureGuide

Malays are predominantly Muslim, and as a result, the country is strongly influenced by Islam. Most Malaysian Muslims are moderate in their views. They do not want Malaysia to become an Islamic state, and regard Islam primarily as a religion, not a lifestyle. Some of Malaysia’s smaller religious and ethnic groups are concerned about what they perceive as the increasingly Islamic nature of Malaysian society.

Terms and Definitions of Interest for Counterintelligence Professionals

DoD-CI-Definitions

This Glossary is designed to be a reference for counterintelligence (CI) professionals within the Department of Defense (DoD); however other CI professionals may find it of use. It provides a comprehensive compilation of unclassified terms that may be encountered when dealing with the dynamic discipline of counterintelligence and related activities. Where some words may several meanings within the counterintelligence or intelligence context, a variety of definitions are included.

(U//FOUO) U.S. Strategic Command Cyber Warfare Lexicon

USSTRATCOM-CyberWarfareLexicon

Since the 2006 signing of the National Military Strategy for Cyberspace Operations (NMS-CO), the emerging US cyber warfare community continues to mature and its capabilities increasingly compete for consideration when US forces plan operations. Computer network attack (CNA) and electronic attack (EA) technologies have progressed to the point where their use could be routinely considered in the context of existing and developing OPLANS. In order to effectively integrate and standardize use of these non-traditional weapons, the developers, testers, planners, targeteers, decision-makers, and battlefield operators require a comprehensive but flexible cyber lexicon that accounts for the unique aspects of cyber warfare while minimizing the requirement to learn new terms for each new technology of the future. Without a shared understanding of the accurate meanings of a significant number of frequently used terms, it will be difficult to make progress on the more complex and unresolved technical and operational issues for non-traditional weapons: actionable requirements, technical and operational assurance, effective mission planning techniques, and meaningful measures of effectiveness. In fact, the Secretary of Defense’s Information Operations (IO) Roadmap listed its first benefit to the combatant commanders as “a common lexicon and approach to IO, including support to integrated information campaign planning.” Although the focus of cyberspace operations is not the same as that of IO, they share some technologies and until now, no such lexicon (for IO, or any portion of IO) has been published.

Marine Corps Intelligence Activity Bosnia and Herzegovina Country Handbook

MCIA-BosniaHerzegovinaHandbook_Page_022

This handbook provides basic reference information on Bosnia and Herzegovina, including its geography, history, government, military forces, and communications and transportation networks. This information is intended to familiarize military personnel with local customs and area knowledge to assist them during their assignment to Bosnia and Herzegovina.