Over the next two weeks, Public Intelligence will be publishing several dozen reports from the Department of Homeland Security’s Protective Security Division concerning vulnerabilities and the detection of terrorist activity at critical infrastructure locations. This information was inadvertently disseminated by a non-profit organization that is concerned with domestic preparedness. Due to flaws in their website’s construction, a members area for sharing documentation was openly accessible to anyone and had been largely indexed in Google’s search results. The documents range in date from 2003-2004 and provide early background on critical infrastructure security activities, including known vulnerabilities that often have not been fixed and tenuous listings of so-called “suspicious activity” indicators. The documents also provide background on a number of “critical infrastructure” categories about which there has previously been a lack of publicly-available information. Some of these categories include railroad yards, wastewater treatment facilities, undersea cable landings and milk processing plants. For easier browsing, reports will be added to the list below as they are published.
One of the key roles of the government is to maintain the stability of the nation’s financial system and to address and contain systematic risk that may arise in the financial markets. The financial repositories play an important role in market stability. Several agencies of the government (U.S. Treasury, U.S. Mint, Federal Reserve Board, U.S. Secret Service, FBI) are involved in the supply, distribution, storage, and security of U.S. currency, coins, and other market transactions and clearing transactions.
Railroad yards can be located in any type of environment having a flat area sufficiently extensive and elongated to permit emplacement of intermodal loading tracks, sorting “humps,” classification “bowls,” or any combination thereof. Thus, yard properties may be sited in open plains or adjacent to hills or other high ground (Figure 3). In the latter case, there may be vulnerabilities to adversaries using longer range, stand-off weapons. Trains are put together in the classification yard, which is comprised of multiple parallel tracks branching out from a central track and connected by switches. Each of the parallel tracks is designated to receive cars with particular destinations along the route. A special locomotive, or switch engine, transports each car or group of cars to its assigned track. Depending on the sensitivity of the shipment and the type of classification yard, cars may be either “shoved to rest” or “humped.” If shoved to rest, the car remains attached to the engine until it couples with the adjacent car. If humped, the car is uncoupled at the top of a very gentle incline and allowed to travel freely downhill.
Spent fuel, after it is removed from the reactor core, is safely stored in specially designed pools at individual reactor sites around the country. The spent fuel is first placed into a spent fuel pool (Figure 1), which is like a deep swimming pool with racks to hold the fuel assemblies. It allows the fuel to begin cooling. The spent fuel is moved into the water pools from the reactor along the bottom of water canals, so that the spent fuel is always shielded to protect workers. Fuel assemblies are covered by a minimum of 25 feet of water within the pool, which provides adequate shielding from the radiation for anyone near the pool. Spent fuel pools are very robust structures that are constructed to withstand earthquakes and other natural phenomena and accidents. They are typically rectangular structures 20 to 40 feet wide, 30 to 60 feet long, and at least 40 feet deep. The outside walls are typically constructed of more than 3 feet of reinforced concrete. Spent fuel pools at pressurized water reactors (PWRs) are commonly located within an auxiliary building near the containment. Many of the PWR pools are located in the building’s interior. At boiling water reactors (BWRs), spent fuel pools are typically located at an elevated position within the reactor building, outside the primary containment area.
A nuclear power plant is an arrangement of components used to generate electric power. Nuclear power plants used in the United States (U.S.) are either boiling water reactors (BWRs) or pressurized water reactors (PWRs). Boiling water reactors (Figure 1) use a direct cycle in which water boils in the reactor core to produce steam, which drives a steam turbine. This turbine spins a generator to produce electric power. Pressurized water reactors (Figure 2) use an indirect cycle in which water is heated under high pressure in the reactor core and passes through a secondary heat exchanger to convert water in another loop to steam, which in turn drives the turbine. In the PWR design, radioactive water/steam never contacts the turbine. Except for the reactor itself, there is very little difference between a nuclear power plant and a coal- or oil-fired power plant.
An independent, unclassified analytic Red Cell session, sponsored jointly by the U.S. Departments of Energy and Homeland Security, found a Radiological Dispersal Device (RDD) attack on the U.S. homeland to be highly appealing from a terrorist standpoint. The Red Cell group, which simulated two different terrorist cells, believed an RDD attack would be relatively easy to prepare and mount and could have wide-ranging physical, psychological, political, and economic impacts. The group believed radioactive materials would be easy to procure, especially from abroad, and found a variety of potential targets across the country. Participants expected that public distrust of official guidance would heighten fear and panic.
A key component of the IAIP/Competitive Analysis and Evaluation Office’s mission is convening a diverse range of governmental and nongovernmental experts who adopt a terrorist mindset to challenge traditional or existing assumptions about how terrorists might attack some aspect of our critical infrastructure. The ideas generated by these “red cells” contribute insights on potential terrorist threats to the homeland for state and local governments, law enforcement, and industry.
It is Department of Homeland Security policy to use the broad authority granted in the Homeland Security Act of 2002, to further the Department’s missions, particularly with respect to disseminating the Department’s homeland security message. This directive sets Departmental policy for interaction between the Department and non-government, entertainment-oriented motion picture, television, advertising, video and multimedia productions/enterprises.
The first of the shows, “Inside DHS,” comes from Pilgrim Films & Television’s Craig Piligian (“The Ultimate Fighter,” “My Fair Wedding”). Stillerman describes the series, airing in the fall, as “the real story of the day-to-day battle to keep us safe, prepared and resilient.” It will follow DHS investigators from multiple points of view, tracking counterterrorism, border security and immigration enforcement. U.S. Secretary of Homeland Security Janet Napolitano will be featured in at least some of the episodes. The White House had to greenlight DHS’ involvement in the show, which Piligian said will give “a first-time comprehensive look into the tactical workings” of this unit.
The mission of the Department of Homeland Security (DHS) includes acting as a focal point regarding natural and manmade crises and emergency planning. In support of the Department’s mission, the primary mission of the Federal Emergency Management Agency (FEMA) is to reduce the loss of life and property and protect the Nation from all hazards, including natural disasters, acts of terrorism, and other man-made disasters, by leading and supporting the Nation in a risk-based, comprehensive emergency management system of preparedness, protection, response, recovery, and mitigation. Consistent with these missions, the Nuclear/Radiological Incident Annex to the National Response Framework (June 2008) sets forth DHS as the coordinating agency for all deliberate attacks involving nuclear/radiological materials, including radiological dispersal devices (RDDs) and improvised nuclear devices (INDs).
(U//FOUO) THIS JOINT INTELLIGENCE BULLETIN PROVIDES LAW ENFORCEMENT AND PUBLIC AND PRIVATE SECTOR SAFETY OFFICIALS WITH AN EVALUATION OF POTENTIAL TERRORIST THREATS DURING THE 2010 U.S. HOLIDAY SEASON, EXTENDING FROM THE PRE-CHRISTMAS PERIOD THROUGH NEW YEAR’S DAY. THIS INFORMATION IS PROVIDED TO SUPPORT THE ACTIVITIES OF DHS AND FBI AND TO HELP FEDERAL, STATE, AND LOCAL GOVERNMENT COUNTERTERRORISM AND LAW ENFORCEMENT OFFICIALS DETER, PREVENT, PREEMPT, OR RESPOND TO TERRORIST ATTACKS AGAINST THE UNITED STATES.
Walmart will join the Department of Homeland Security in a program called “If You See Something, Say Something” which encourages the American public to take an active role in ensuring the safety and security of the nation, DHS said Monday. “Homeland security starts with hometown security, and each of us plays a critical role in keeping our country and communities safe,” Secretary Janet Napolitano said as she thanked Walmart and the more than 320 stores who joined the national campaign Monday. Participating stores, eventually including 588 from 27 states, will play a short video message at select checkout locations to remind shoppers to contact local law enforcement to report suspicious activity, said a DHS statement.
(U//FOUO) This product is intended to provide perspective and understanding of the nature and scope of potentially emergent threats in response to the posting of the second edition of Inspire magazine. It is also intended to assist federal, state, local, and tribal government agencies and authorities, the private sector, and other entities to develop priorities for protective and support measures relating to an existing or emerging threat to the homeland security.
(U//FOUO) Terrorists have shown considerable interest in an improvised chemical device called the mubtakar, which is designed to release lethal quantities of hydrogen cyanide, cyanogen chloride, and chlorine gases. One or more devices could be used in attacks in enclosed spaces, such as restaurants, theaters, or train cars. The mubtakar is small and could be transported in a bag or box, or assembled at the attack site. DHS and FBI encourage recipients of this document to report information about suspicious devices and the acquisition or possession of mubtakar precursor chemicals or components (see figures for details) to the nearest state and local fusion center and to the local FBI Joint Terrorism Task Force.
(U//FOUO) Terrorists continue to express broad interest in toxins and poisons that could be used to contaminate food or water supplies, or spread through skin contact. Widely circulated terrorist manuals contain instructions for mixing toxins and poisons with skin penetrating enhancers such as oils, lotions, and other ointments. Other possible methods of delivery include adding toxins or poisons to beverages, fruits, vegetables, or other foods. Most toxins and poisons mentioned in terrorist manuals are more suitable for assassinations and small-scale attacks than for mass casualty attacks, but terrorists might calculate that a coordinated series of simultaneous small attacks could produce comparable casualties and widespread public fear, as well as erode consumer confidence.
In what appears to be the latest phase of a far-reaching federal crackdown on online piracy of music and movies, a number of sites that facilitate illegal file-sharing were shut down this week by Immigration and Customs Enforcement, a division of the Department of Homeland Security. By Friday morning a handful of sites that either hosted unauthorized copies of films and music or allowed users to search for them elsewhere on the Internet, were shut down, their content replaced by a notice that said, in part: “This domain name has been seized by ICE — Homeland Security Investigations, pursuant to a seizure warrant issued by a United States District Court.” In seizing the domain names of the sites, or Web addresses, the government effectively redirected any visitors to its own takedown notice.
Homeland Security Presidential Directive 8/HSPD-8 establishes policies to strengthen the preparedness of the United States to prevent and respond to threatened or actual domestic terrorist attacks, major disasters, and other emergencies by requiring a national domestic preparedness goal; establishing mechanisms for improved delivery of Federal preparedness assistance to State and local governments; and outlining actions to strengthen preparedness capabilities of Federal, State, and local entities. This paper describes a concept for rapid and systematic implementation of the provisions of HSPD-8 to improve preparedness doctrine and practice and reorient preparedness programs and activities that converged within homeland security under a unified national all-hazards preparedness strategy.
(U) As of 29 October, packages on cargo aircraft containing explosive materials were intercepted in the United Kingdom (UK) and Dubai, United Arab Emirates (UAE). The packages were shipped from Yemen, with the United States listed as the final destination. On the evening of 28 October,security officials at East Midlands Airport in Lockington, UK identified a suspicious package containing a modified printer-toner cartridge that was later confirmed to contain explosives.
The Obama administration has adopted new procedures for using the Defense Department’s vast array of cyberwarfare capabilities in case of an attack on vital computer networks inside the United States, delicately navigating historic rules that restrict military action on American soil. The system would mirror that used when the military is called on in natural disasters like hurricanes or wildfires. A presidential order dispatches the military forces, working under the control of the Federal Emergency Management Agency.
The Multi-Jurisdiction Improvised Explosive Device (IED) Security Plan (MJIEDSP) Planning Guide assists multi-jurisdiction areas in developing a detailed IED security plan. The IED security plan outlines specific bombing prevention actions that reduce vulnerability and mitigate risk against the primary terrorist IED attack method within a multi-jurisdiction area.
The DHS/Office for Bombing Prevention TRIPwire team is providing this Information Product to private sector owners and operators and law enforcement to alert them to small unit tactics used by terrorists throughout the world. This report is derived from a variety of open sources and government reports. At this time, there is no credible or specific information that terrorists are planning operations against public buildings in the United States, but it is important for Federal, State, and Local authorities, and private sector owners and operators to be aware of potential terrorist tactics.
In its role as Energy SSA, DOE has worked closely with dozens of government and industry security partners to prepare this 2007 Energy SSP. Much of that work was conducted through the Sector Coordinating Councils (SCC) for electricity and for oil and natural gas, as well as through the Energy Government Coordinating Council (GCC). The electricity SCC represents more than 95 percent of the electric industry and the oil and natural gas SCC represents more than 98 percent of its industry. The GCC, co—chaired by DHS and DOE, represents all levels of government—Federal, State, local, and tribal-that are concerned with the Energy Sector.
In early 2008, President Bush signed National Security Presidential Directive 54/Homeland Security Presidential Directive 23 (NSPD-54/HSPD-23) formalizing the Comprehensive National Cybersecurity Initiative (CNCI). This initiative created a series of classified programs with a total budget of approximately $30 billion. Many of these programs remain secret and the their activities are largely unknown to the public. Forbes reported in April 2008 that “Bush’s cyber initiative will spend as much as $30 billion to create a new monitoring system for all federal networks, a combined project of the DHS, the NSA and the Office of the Director of National Intelligence. The data-sharing plan would offer information gathered by that massive monitoring system to the private sector in exchange for their own knowledge of cyber intrusions and spyware.”
The United States relies on critical infrastructure and key resources (CIKR) for government operations and the health and safety of its economy and its citizens. The President issued National Security Presidential Directive 54 (NSPD-54)/Homeland Security Presidential Directive 23 (HSPD-23), which formalized the Comprehensive National Cybersecurity Initiative (CNCI). NSPD-54/HSPD-23 directs the Secretary of Homeland Security, in consultation with the heads of other Sector-Specific Agencies, to submit a report detailing the policy and resource requirements for improving the protection of privately owned U.S. critical infrastructure networks. The report is required to detail how the u.S. Government can partner with the private sector to leverage investment in intrusion protection capabilities and technology, increase awareness about the extent and severity of cyber threats facing critical infrastructure, enhance real-time cyber situational awareness, and encourage intrusion protection for critical information technology infrastructure.”
Simply stated, the LEIS Service is the “pipe” used to connect state and local law enforcement with DHS law enforcement.