To prevent foreign entities from achieving their goals, a Counterintelligence Program (CIP) proactively searches for and uses information from multiple sources. An effective CIP draws information from security programs and other internal systems, as well as from the U.S. Intelligence Community (USIC). Once this information is assembled, an effective CIP develops a coherent picture and crafts a strategy to prevent the foreign entity from successfully achieving its goals and minimizes the damage already done. An effective CIP conducts active analysis of available information, requires annual CI education for all employees, and provides a system for immediate referral of behavior with CI implications.
The United States currently faces a dynamic, flexible, and very pragmatic adversary. Due to the unconventional nature of the terrorist threat and the asymmetrical tactics demonstrated both at home and abroad by our enemies, we can no longer expect the protection formerly provided by the oceans bordering our coasts to serve as an effective deterrent to attack. The attacks of September 11, 2001, and other events demonstrated that an act of terrorism can cause worldwide infrastructure asset disruption. In the past decade, hurricanes or other violent storms have also revealed that our infrastructure assets are at risk from destruction, degradation, or disruption by natural events. Given scarce resources, this Strategy’s objectives must be balanced against other priorities outlined in the National Defense Strategy.
The higher education community in the United States consists of more than 11,000 higher education institutions that collectively serve more than 17 million students, employ more than 3.4 million faculty and staff, and have combined budgets approaching $360 billion. Higher education institutions range in size from small institutions with fewer than 100 students to large universities with tens of thousands of students and faculty occupying campuses the size of a small town or city. Institution grounds are generally open-access, with varying levels of security within the campus.
Facility security measures, such as interior control points or exterior barriers, may require first responders to adjust normal protocols and procedures to operate rapidly during emergencies. The timeline below is an overview of attacks and plots against US-based facilities with varying levels of security. The diversity of tactics and targets used underscores the need for interagency exercises and training that incorporates multiple scenarios to account for building security measures likely to be encountered.
Since at least January 2012, criminals are using telephony-based denial-of-service (TDoS) combined with extortion scams to phone an employee’s office and demand the employee repay an alleged loan. If the victim does not comply, the criminals initiate TDoS attacks against the employer’s phone numbers. TDoS uses automated calling programs—similar to those used by telemarketers—to prevent victims from making or receiving calls.
This CONOPS describes an overarching concept of operations for the 2012-2018 timeframe that provides a framework for “Unified Exploitation (UE)” operations and the basis to develop supporting capabilities. It establishes linkages to other Army concepts and describes how UE enables decisive action in support of unified land operations. This CONOPS describes the operational context and how commanders integrate supporting UE capabilities through Mission Command to produce an operational advantage. This CONOPS addresses the central military problem: the Army lacks a systematic approach to effectively integrate multiple organizations, disciplines, functions, and processes that support exploitation through their application of tactical, technical, and scientific capabilities. The absence of an organized exploitation framework to develop facts, actionable information or intelligence from collected enemy information, materials, or people, results in a knowledge void. This lack of knowledge may compromise our ability to execute commander directed, follow-on actions and represents tactical and perhaps even strategic opportunities lost.
(U//FOUO) Committee on National Security Systems Recommendations for Implementing FICAM on U.S. Secret Networks
Threats to Federal information systems are rising as demands for sharing of information and intelligence between Federal Departments and Agencies increase. It is essential that the Federal Government devise an approach that addresses both challenges without compromising the ability to achieve either objective. Developing a common governance framework and set of Identity, Credential, and Access Management (ICAM) capabilities that enhance the security of our systems by ensuring that only authorized persons and systems from different Federal components have access to necessary information is a high priority. The Federal Identity, Credential and Access Management (FICAM) Roadmap and Implementation Guidance was developed to address the need for secure information sharing capabilities across the breadth of the Federal Government.
(U//FOUO) Committee on National Security Systems Gap Analysis Between the FICAM and U.S. Secret Networks
Over the past ten years, the Federal Government has made concerted advances in the development and implementation of Identity, Credential, and Access Management (ICAM). This progress includes capabilities designed to promote interoperability, assured information sharing, and efficiencies of scale across all agencies within the Federal Government. Recently, several high-visibility events have focused attention on classified networks with a renewed emphasis on information protection within the information sharing paradigm. Organizations must strive to ensure responsible sharing and safeguarding of classified information by employing advanced capabilities that enable a common level of assurance in information handling and sharing while ensuring the interoperability required to satisfy mission requirements.
(U//FOUO) DHS Bulletin: Self-identified Anarchist Extremists Target Urban Gentrification Sites with Arson
This Note analyzes the recent use of arson by anarchist extremists targeting urban development sites they describe as negatively impacting lower income residents through “gentrification.” This information is provided to enable federal, state, local, tribal, and territorial law enforcement; first responders; and private sector security officials to identify, preempt, prevent, or respond to intentional acts targeting urban development sites by anarchist extremist campaigns.
The U.S. Civil-Military Strategic Framework for Afghanistan outlines U.S. priorities through the Transformation Decade (2015-2024). It is meant to be adaptive, giving decision makers in Kabul and Washington, and policy implementers throughout Afghanistan, the flexibility needed to respond to changing conditions while advancing a set of commonly stated strategic goals and priorities.
It is to be expected that nations will continue to require assistance from other states and organizations in order to recover from natural disasters, conflict, or chronic societal problems. Such assistance ends as the host nation (HN) transitions back from a period of crisis to self-sufficiency and other actors transition out of their assumed roles and responsibilities. As the HN transitions back from a period of crisis to self-sufficiency, it will be faced with issues involving sovereignty, legitimacy, dependency, and social reform. Managing transitions at all levels requires close cooperation between the HN, other governments, militaries, and civil society. Although many of the lessons and best practices used in this guide are derived from Operation Iraqi Freedom and Operation New Dawn, the intent is to provide a guide that is flexible enough to be used for transition planning of a military campaign or crisis of any size or scope.
In the year since Sandy Hook, there have been a combined total of 22 actual school attacks and disrupted plots nationwide with some of the attacks resulting in the deaths of students and school personnel. The New Jersey Regional Operations Intelligence Center (ROIC) has examined recent reporting on the Sandy Hook attack and the incidents over the last year and provides the following analysis to law enforcement, school resource officers (SROs), and administrators to assist in school security planning efforts.
One of the most serious threats facing New Jersey and the entire U.S. Homeland continues to be that of the active shooter, regardless of motivation, who by the very nature of their associated tactics, techniques, and procedures, pose a serious challenge to security personnel based on their ability to operate independently, making them extremely difficult to detect and disrupt before conducting an attack.
The New Jersey Regional Operations Intelligence Center (NJ ROIC) provides the following updated analysis of mass shootings in the last year (December 2012 to October 2013) in order to provide law enforcement personnel, security managers and emergency personnel with identified commonalities and trends, as well as indicators of potential violence.
This Note describes a new combination of tactics by cyber criminals that disrupts telephone systems of targeted organizations. This information is provided to assist and inform the Department and federal, state, local, territorial, tribal, and private sector partners in mitigation efforts regarding criminal activity that could affect their operations.
(U//FOUO) DHS National Cybersecurity and Communications Integration Center (NCCIC) Capabilities Guide
The National Cybersecurity and Communications Integration Center (NCCIC) Resource and Capabilities Guide is intended to enhance cross-sector cyber security efforts and collaboration by better informing our cybersecurity and communications partners of the NCCIC’s tools, assets, and collaboration mechanisms offered. This guide also identifies the Center’s resources and capabilities as well as describes the processes for accessing NCCIC information portals and products, incident reporting systems, and relevant point of contact information for our community of partners.
(U//FOUO) Joint Chiefs of Staff Instruction: No-Strike and the Collateral Damage Estimation Methodology
(U//FOUO) Colorado Information Analysis Center: Butane Hash Oil Production Poses Risks to First Responders
This Brief was produced to alert emergency medical responders and healthcare providers to the dangerous levels of toxicity that can be presented by patients who have smoked alcohol. Although this practice is dangerous, it is not illegal. It is being practiced by young adults all over the country and causing serious medical emergencies and deaths as a result. Because this is a returning trend, unfamiliar to health care providers, there is no statistical data available concerning hospitalizations and deaths. The below information was assembled from open source research and can be duplicated and shared for the purposes of awareness and education.
(U//FOUO) Government of the Islamic Republic of Afghanistan Ministries of Defense and Interior Organizational Charts
From January 2008 to August 2013, 85 school shootings took place across the United States involving 97 attackers. Incidents analyzed met the definition of targeted school violence, including gang‐related shootings. “Targeted violence” is any incident of violence where an attacker selects a particular target prior to the violent attack. The number of incidents peaked at 29 in 2009 and have decreased to an average of 14 per year; two incidents have occurred this year to date.
Possession of large amounts of weapons, ammunition, explosives, accelerants, or explosive precursor chemicals could indicate pre-operational terrorist attack planning or criminal activity. For example, in preparation for conducting the July 2011 attacks in Norway, Anders Behring Breivik stockpiled approximately 12,000 pounds of precursors, weapons, and armor and hid them underground in remote, wooded locations.
Warfare in the 21st Century necessitates a complete shift in the way we think and the way we fight. More than ever, the use of nonlethal effects is having a profound impact on conflicts. Much of today’s battlefield is in the minds of the public, shaped by the spoken word, cyberspace, media, and other means of strategic communications, as well as by our physical actions. Consequently, melding information with physical operations may very well be decisive in counterinsurgency and other stability operations. By melding information operations with physical operations, the division commander, who is executing a war against an insurgency and simultaneously attempting to pacify a populace, can gain the respect, compliance, and support of the people who may tip the balance in his favor. The enemy has become adept at all means of communications, in particular information operations, and uses his actions to reinforce his message. As a result, he influences not only the indigenous population but also the world as a whole.