Tag Archive for Department of Homeland Security

Senate Permanent Subcommittee on Investigations Federal Support for Fusion Centers Report

The Subcommittee investigation found that DHS-assigned detailees to the fusion centers forwarded “intelligence” of uneven quality – oftentimes shoddy, rarely timely, sometimes endangering citizens’ civil liberties and Privacy Act protections, occasionally taken from already-published public sources, and more often than not unrelated to terrorism. Congress directed the Department of Homeland Security (DHS) to lead this initiative. A bipartisan investigation by the Permanent Subcommittee on Investigations has found, however, that DHS’ work with those state and local fusion centers has not produced useful intelligence to support federal counterterrorism efforts.

DHS Privacy Policy for Operational Use of Social Media

This Instruction applies throughout DHS regarding the access to and collection, use, maintenance, retention, disclosure, deletion, and destruction of Personally Identifiable Information (PII) in relation to operational use of social media, with the exception of operational use of social media for: (a) communications and outreach with the public authorized by the Office of Public Affairs; (b) situational awareness by the National Operations Center; (c) situational awareness by Components other than the National Operations Center, upon approval by the Chief Privacy Officer following completion of a Social Media Operational Use Template; and (d) the conduct of authorized intelligence activities carried out by the Office of Intelligence and Analysis, the intelligence and counterintelligence elements of the United States Coast Guard, or any other Component performing authorized foreign intelligence or counterintelligence functions, in accordance with the provisions of Executive Order 12333, as amended.

DHS Robotic Aircraft for Public Safety Request for Information

The Robotic Aircraft for Public Safety (RAPS) project will invite SUAS vendors to a chosen location and evaluate each system using key performance parameters under a wide variety of simulated but realistic and relevant real-world operational scenarios, such as law enforcement operations, search and rescue, and fire and hazardous material spill response. The SUAS vendors will provide technically mature, flight proven vehicles and their fully-integrated sensors for evaluation. Safety concerns will also be assessed such as the aircraft’s capability for safe flight in the event of a loss of communications between the aircraft and the ground controller.

DHS National Operations Center Operations Counterterrorism Desk (NCOD) Database Privacy Impact Assessment

The National Operations Center (NOC), within the Office of Operations Coordination and Planning (OPS), operates the NOC Counterterrorism Operations Desk (NCOD) and serves as the primary DHS point of contact to streamline counterterrorism Requests for Information (RFIs). The NCOD Database is a tracking tool used by NCOD Officers to track all counterterrorism related incoming and outgoing inquiries. OPS has conducted this Privacy Impact Assessment (PIA) because the NCOD Database contains personally identifiable information (PII).

Imaging Systems and Methods for Immersive Surveillance (ISIS) Patent

Security guards at large facilities, such as airports, monitor multiple screens that display images from individual surveillance cameras dispersed throughout the facility. If a guard zooms with a particular camera, he may lose image resolution, along with perspective on the surrounding area. Embodiments of the inventive Imaging System for Immersive Surveillance (ISIS) solve these problems by combining multiple cameras in one device. When properly mounted, example ISIS systems offer up to 360-degree, 240-megapixel views on a single screen. (Other fields of view and resolutions are also possible.) Image-stitching software merges multiple video feeds into one scene. The system also allows operators to tag and follow targets, and can monitor restricted areas and sound an alert when intruders breach them.

(U//FOUO) DHS-FBI Suspicious Activity Reporting Bulletin: Attempted Breaches/Intrusions

Terrorists may attempt to breach secured perimeters or gain unauthorized access to facilities, sensitive locations, or restricted areas for preoperational activity or to conduct an attack. Timothy McVeigh breached a locked storage shed at a Kansas rock quarry with a battery-operated drill and stole explosives that were later used in the 1995 Oklahoma City bombing. Attempts at intrusion could take the form of trespassing, forced entry, or impersonation of authorized personnel and could possibly involve the assistance of knowledgeable ‘insiders.”

(U//FOUO) DHS-FBI Suspicious Activity Reporting Bulletin: Aviation Flyovers

Terrorists may use small aircraft flyovers to conduct preoperational activities such as reconnaissance or rehearsals for planned attacks. When suspicious flyovers occur, law enforcement and first responders should report the key attributes of the flight and the aircraft for timely identification (time of day, location and direction of flight, facility overflown, aircraft size, markings, color scheme, tail number, number of windows, placement of wings or rotor, number of engines, and weather) to the Federal Aviation Administration (FAA) through a local Air Traffic Control facility or office, a local Flight Standards District Office, or directly to the FAA’s Domestic Events Network at 202 493 5107, and the Transportation Security Administration. The FAA is often best able to distinguish between legitimate air traffic and suspicious flight operations that warrant further investigation.

DHS Infrastructure Protection Note: Performance Venues – Indicators of Violence and Protective Measures

Performance venues include theaters, concert halls, auditoriums, and amphitheaters, ranging in size and function from small neighborhood movie theaters or community playhouses to high-capacity venues in major metropolitan areas. Performance venues are relatively open-access, limited egress facilities and have been successfully targeted in the past.

DHS-University of Maryland Study: Profiles of Perpetrators of Terrorism – United States (PPT-US)

The objective of this project is to create and manage a comprehensive dataset of groups and movements that have used terrorist tactics within the United States – at some point between 1970 and 2007 – to achieve political, religious, social or economic goals. These data will be integrated into the Terrorist and Extremist Violence in the United States (TEVUS) database in the near future as part of the larger Integrating U.S. Security Databases (IUSSD) project.

(U//FOUO) DHS-FBI Bulletin: Potential Use of Cold Packs in Improvised Explosives

Cold packs, packaged and sold commercially, contain chemicals—usually 30 to 85 grams of ammonium nitrate or urea—that, when extracted in sufficient quantity, can be used as precursors for improvised explosives. The chemicals are packaged in prill form, and can be used directly or ground into powder when being used in homemade explosive production. Five hundred packs would yield 30 to 90 pounds of precursor material for use in an improvised explosive device (IED).

DHS, FBI Warn Law Enforcement of Terrorists Asking Questions

The Department of Homeland Security and Federal Bureau of Investigation are warning business owners and emergency personnel around the country to be on the look out for terrorists and criminals asking too many questions. In a bulletin from earlier this year, DHS and FBI warned that terrorists and criminals often exhibit the highly suspicious behavior of asking “pertinent, intrusive or probing questions” about security and operations at sensitive facilities. According to the document, terrorists or criminals “may attempt to identify critical infrastructure vulnerabilities by eliciting information pertaining to operational and security procedures from security personnel, facility employees or their associates” and that this type of questioning by individuals “with no apparent need for the information” can provide an “early warning of a potential attack.”

(U//FOUO) DHS-FBI Suspicious Activity Reporting Bulletin: Terrorists Eliciting Information

Terrorist or criminals may attempt to identify critical infrastructure vulnerabilities by eliciting information pertaining to operational and security procedures from security personnel, facility employees, and their associates. Persistent, intrusive or probing questions about security, operations or other sensitive aspects of a facility by individuals with no apparent need for the information could provide early warning of a potential attack.

(U//FOUO) DHS-FBI Bulletin: Terrorist Interest in Attacking Theaters and Mass Gatherings

An early April 2012 suicide bombing of a theater in Somalia and a violent extremist communication advocating attacks on US theaters highlight terrorists’ continued interest in attacking such venues. Although we have no specific or credible information indicating that terrorists plan to attack theaters in the United States, terrorists may seek to emulate overseas attacks on theaters here in the United States because they have the potential to inflict mass casualties and cause local economic damage.

Homeland Security Warns of Terrorist Wildfire Attacks

The Federal Bureau of Investigation, Department of Homeland Security and fusion centers around the country are warning that terrorists are interested in using fire as a weapon, particularly in the form of large-scale wildfires near densely populated areas. A newly released DHS report states that for more than a decade “international terrorist groups and associated individuals have expressed interest in using fire as a tactic against the Homeland to cause economic loss, fear, resource depletion, and humanitarian hardship.” The report notes that the tactical use of fire as a weapon is “inexpensive and requires limited technical expertise” and “materials needed to use fire as a weapon are common and easily obtainable, making preoperational activities difficult to detect and plot disruption and apprehension challenging for law enforcement.”

(U//FOUO) DHS Terrorist Interest in Using Fire as a Weapon

International terrorist groups and violent extremists have long shown interest in using fire as a weapon due to the low cost and limited technical expertise required, the potential for causing large-scale damage, and the low risk of apprehension. Recent encouragement of use of this tactic by terrorist groups and violent extremists in propaganda materials and extremist Web forums is directed at Western audiences and supports Homeland attacks.

The Continually Expanding Definition of Terrorism

Though the United States has been engaged in a Global War on Terror for more than a decade, the U.S. Government surprisingly does not have a standardized definition of terrorism that is agreed upon by all agencies. The State Department, Federal Bureau of Investigation and a number of other government agencies all utilize differing definitions of what constitutes an act of terrorism. This lack of agreement has allowed individual agencies to present vastly different and, in some cases, far more inclusive definitions of terrorist acts enabling the use of expanded law enforcement and investigative procedures that might not be applicable in other agencies. In fact, some agencies have presented a definition of terrorism so expansive as to include a number of activities that are not traditionally associated with terrorism or terrorist organizations.

DHS Report: Criminals and Hacktivists May Use 2012 Summer Olympics as Platform for Cyberattacks

Scams, malware campaigns and attacks will continue to grow in scale and complexity as the 27 July opening ceremony in London draws near. Event organizers, sponsors and British authorities continue to increase their physical and cybersecurity awareness as the event approaches. Information systems supporting the Games, transport infrastructure, law enforcement communications, financial operations and similar will become prime targets for criminals. A collective of approximately eighty-seven UK banks exercised their ability to withstand cyber attacks last November. Olympic organizers anticipated cyber threats and began testing their cybersecurity posture during ‘technical rehearsals’ by running scenarios from their Technology Operations Center (TOC) situated on Canary Wharf. The TOC will be manned with over one hundred personnel continuously monitoring critical applications, such as the Commentator Information System, organizers’ intranet, and a telecom infrastructure encompassing 900 servers, 1,000 network and security devices, and 9,500 computers. In addition, British law enforcement organizations have been collaborating with the U.S. Secret Service and other industry experts to understand attack vectors, detection methods and mitigation strategies to combat the threat. However, the cyber implications are more expansive than localized attacks against systems and encompass globally distributed Olympic-themed malware, spam campaigns and scams.

(U//FOUO) DHS Wireless Medical Devices/Healthcare Cyberattacks Report

The expanded use of wireless technology on the enterprise network of medical facilities and the wireless utilization of MDs opens up both new opportunities and new vulnerabilities to patients and medical facilities. Since wireless MDs are now connected to Medical information technology (IT) networks, IT networks are now remotely accessible through the MD. This may be a desirable development, but the communications security of MDs to protect against theft of medical information and malicious intrusion is now becoming a major concern. In addition, many HPH organizations are leveraging mobile technologies to enhance operations. The storage capacity, fast computing speeds, ease of use, and portability render mobile devices an optimal solution.

(U//FOUO) DHS-FBI Intelligence Bulletin on Homegrown Extremist Retaliation for Afghan Massacre

This Joint Intelligence Bulletin is intended to increase awareness and provide understanding of the nature of potentially emergent threats in response to the alleged killing of civilians by a US soldier in Afghanistan and the burning of Korans and other religious documents on a military base. This Information is provided to support the activities of FBI and DHS and to assist federal, state, local, tribal, and territorial counterterrorism and law enforcement officials and the private sector to prevent or respond to terrorist attacks against the United States.

(U//FOUO) DHS Chemical Facilities Threat Assessment

The DHS Homeland Infrastructure Threat and Risk Analysis Center produced this threat assessment to support implementation of 6 Code of Federal Regulations Part 27, “Chemical Facility Anti-Terrorism Standards (CFATS).” This assessment describes the potential terrorist threat to the chemical and petroleum facilities regulated under CFATS and determined to be high risk by the Secretary of Homeland Security. It does not address facilities that may hold threshold quantities of the chemicals listed in CFATS that fall outside its scope, such as public water facilities or facilities regulated under the Maritime Transportation Security Act of 2002. Nor does it address the transportation of chemicals, which is regulated under other authorities. Potential terrorist tactics against such facilities—based on DHS’ knowledge of terrorist intentions and capabilities—are included to aid industry security personnel in implementing security measures at their facilities.

(U//FOUO) DHS Terrorist Use of Improvised Incendiary Devices and Attack Methods

Improvised incendiary devices (IIDs) typically are less expensive to make than improvised explosive devices but still are capable of creating mass casualties and causing widespread fear and panic. Improvised incendiary devices (IIDs) can be constructed easily from everyday materials available at hardware and grocery stores. IIDs can be used against many types of infrastructure targets; violent extremists have used them successfully in attacks in the United States and overseas.

DHS Media Monitoring Desktop Reference Manual

A manual for the Department of Homeland Security’s Media Monitoring Capability that was reportedly obtained by EPIC via a FOIA request. The manual has been slightly redacted by DHS to remove names and contact information and the URL of the Network Operations Center Media Monitoring Capability reporting website. This website has been listed in three of the four publicly available manuals as an example of a website monitored by DHS.