January 4, 2012 in Featured
In the last week before Christmas, the Department of Homeland Security’s Privacy Office quietly issued an updated Privacy Impact Assessment for the Future Attribute Screening Technology (FAST) program. The controversial FAST program is designed to study the use of automated systems for scanning behavioral indicators to detect malicious intent in individuals who might pose a potential threat to security. A subject of FAST screening at an airport, sports arena or other public venue enters a mobile screening trailer that contains a number of devices that monitor behavioral cues believed to be associated with malicious intent. The subject is then asked typical screening questions in an attempt to elicit a heightened response and identify malicious actors. The new Privacy Impact Assessment indicates that in addition to verbal interactions, the FAST program will study the impact of passive screening measures on a subject including “audio, visual, or tactile stimuli.” In this modified version of the program, a subject will enter the FAST screening trailer and be confronted with images or videos and may never speak with security screening personnel.
January 2, 2012 in Department of Homeland Security, Federal Bureau of Investigation
This Joint Intelligence Bulletin provides law enforcement, public, and private sector safety officials with an evaluation of potential terrorist threats during the 2011 US holiday season, extending from Thanksgiving through New Year’s Day. This information is provided to support the activities of DHS and FBI and to assist federal, state, local, tribal and territorial government counterterrorism and first responder officials in deterring, preventing, preempting, or responding to terrorist attacks within the United States.
December 20, 2011 in News
Members of the House Homeland Security Committee introduced a cybersecurity bill on Thursday that would establish a quasi-governmental entity to oversee information-sharing with the private sector. Like the other cybersecurity bills offered by the House GOP, the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness (PrECISE Act) encourages private firms to share information on cyber threats but stops short of mandating new security standards for sectors deemed critical to national security. “The risk of cyberattack by enemies of the United States is real, is ongoing and is growing,” said Chairman Pete King (R-N.Y.). “The PrECISE Act, in line with the framework set forth by the Speaker’s Cybersecurity Task Force led by Rep. [Mac] Thornberry [R-Texas], protects our critical infrastructure without a heavy-handed and burdensome regulatory approach that could cost American jobs.”
December 12, 2011 in News
Secretary of Homeland Security Janet Napolitano today unveiled new Spanish-language Public Service Announcements (PSAs) for the Department of Homeland Security’s (DHS) “If You See Something, Say Something” public awareness campaign during a roundtable meeting with Hispanic law enforcement groups at the White House. The PSAs are aimed at reaching out to the Spanish-speaking public to encourage them to report suspicious activity to local law enforcement.
December 12, 2011 in Department of Homeland Security
An example of a monthly report released through the Department of Homeland Security’s TRIPwire program that documents bomb threats and other incidents related to the domestic use of improvised explosive devices. The report is compiled from open source information gathered around the country. The reports are not released publicly.
December 10, 2011 in White House
Law enforcement and government officials for decades have understood the critical importance of building relationships, based on trust, with the communities they serve. Partnerships are vital to address a range of challenges and must have as their foundation a genuine commitment on the part of law enforcement and government to address community needs and concerns, including protecting rights and public safety. In our efforts to counter violent extremism, we will rely on existing partnerships that communities have forged with Federal, State, and local government agencies. This reliance, however, must not change the nature or purpose of existing relationships. In many instances, our partnerships and related activities were not created for national security purposes but nonetheless have an indirect impact on countering violent extremism (CVE).
December 5, 2011 in Department of Homeland Security
The loosely organized hacking collective known as “Anonymous” has announced through several mediums that they plan on conducting cyber attacks, peaceful protests, and other unspecified activity targeting a variety of organizations. The purpose of this product is to judge the likelihood of occurrence for these events, as well as the potential impact.
November 30, 2011 in News
Information sharing (or lack thereof) between intelligence agencies has been a sensitive topic in the U.S. After 9/11, there was a push to create fusion centers so that local, state, and federal agencies could share intelligence, allowing the FBI, for example, to see if the local police have anything in their files on a particular individual. Now the Department of Homeland Security wants to create its own internal fusion center so that its many agencies can aggregate the data they have and make it searchable from a central location. The DHS is calling it a “Federated Information Sharing System” and asked its privacy advisory committee to weigh in on the repercussions at a public meeting in D.C. last month.
November 21, 2011 in News
The Department of Homeland Security (DHS) today announced a new partnership between the DHS “If You See Something, Say Something” public awareness campaign and Major League Soccer (MLS)—highlighting the Department’s partnership with the sports industry to ensure the safety and security of the employees, players and fans.“Each of us has a role to play in helping keep America safe, and time and again, we have seen the value of public vigilance in thwarting terrorism and crime,” said Secretary Napolitano. “Promoting the simple, but effective “If You See Something, Say Something” message during the MLS Cup and throughout the MLS season is a significant step in ensuring the safety of the players, spectators and employees.”
November 11, 2011 in Department of Homeland Security, Federal Bureau of Investigation
FBI-DHS Joint Bulletin from May 2008 providing assessment for general awareness of the potential threat posed by terrorists using radio-controlled model aircraft as an improvised explosive device delivery platform.
November 2, 2011 in Department of Homeland Security
Recent plots and attacks in the Homeland and overseas demonstrate a continuing terrorist focus on acquiring commercially available materials and components that can be used in constructing improvised explosive devices (IEDs). Heightened public and state and local official awareness, as well as tightened legal controls, have made it more difficult to purchase certain products that contain explosive precursors in bulk quantities or concentrated forms. Operatives are now more likely to use surreptitious, though legal, methods—such as multiple purchases in smaller quantities—to acquire sufficient amounts to create explosives.
October 29, 2011 in Department of Homeland Security
This report is part of a series created by the Department of Homeland Security’s Protective Security Division concerning common vulnerabilities and the detection of terrorist activity at critical infrastructure locations.
October 25, 2011 in Department of Homeland Security, United States
Created in 2003 in the wake of the September 11, 2001 terrorist attacks against the United States by al-Qaeda, the Urban Area Security Initiative (UASI) is the only federal homeland security grant program that requires regional governance, strategic planning and investing involving all disciplines – law enforcement, fire service, public health and medical, public works, critical infrastructure owners and operators, and emergency management – in order to acquire the necessary plans, equipment, training and exercises to prevent, protect against, respond to and recover from threats and acts of terrorism and other major hazards. From FY 2003 to FY 2011, approximately $6.5 billion has been appropriated for this program.
October 24, 2011 in Department of Homeland Security
Backpressure, the reverse flow of contaminated water into a potable water distribution system, has the potential to affect the public health of a community by using residential, commercial, or industrial connections in water distribution systems as a pathway for contamination. A water contamination incident using an effective contaminant and delivery method would cause immediate public health effects, require costly cleanup, and cause lasting economic and psychological impact. The amount of toxicity depends on many factors, including the type of contaminant, dilution and solubility of the contaminant, and the proximity of the consumer to the point of entry.
October 17, 2011 in Department of Homeland Security
The loosely organized hacking collective known as Anonymous has recently expressed an interest in targeting industrial control systems (ICS). This product characterizes Anonymous’ capabilities and intent in this area, based on expert input from DHS’s Control Systems Security Program/Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) in coordination with the other NCCIC components.
October 14, 2011 in Department of Homeland Security
The hacker collective known as ‘Anonymous’ has successfully attacked a wide range of public and private sector entities since 2003 with relatively crude tools. Historically, they rely on tools such as the Low Orbit Ion Cannon (LOIC) or Botnets to deny access to websites, or hijack or deface web pages and post quasi-political statements, or perform other malicious activity. Since many of these older tools made it relatively easy for law enforcement and other government forces to identify the source of an attack and then arrest the perpetrator, Anonymous members may have recognized a need to have more advanced tools that offered a lesser degree of exposure. They recently claimed to have developed and possibly employed several new cyber attack tools for use in their self-proclaimed ‘internet civil disobedience’ campaigns. The NCCIC, coordinating with several of its partners, believes there are at least four new tools being shared among and employed by Anonymous members: #RefRef, Apache Killer, Anonware, and Universal Rapid Gamma Emitter (URGE).
October 12, 2011 in Government Accountability Office
As part of a systematic evaluation framework, agency policies should ensure organizational competence, evaluations of a system’s effectiveness and privacy protections, executive review, and appropriate transparency throughout the system’s life cycle. While DHS and three of its component agencies—U.S. Customs and Border Protection, U.S. Immigration and Customs Enforcement, and the U.S. Citizenship and Immigration Services—have established policies that address most of these key policy elements, the policies are not comprehensive. For example, DHS policies do not fully ensure executive review and transparency, and the component agencies’ policies do not sufficiently require evaluating system effectiveness. DHS’s Chief Information Officer reported that the agency is planning to improve its executive review process by conducting more intensive reviews of IT investments, including the data-mining systems reviewed in this report. Until such reforms are in place, DHS and its component agencies may not be able to ensure that critical data mining systems used in support of counterterrorism are both effective and that they protect personal privacy.