Author Archive for Public Intelligence

Archistrategos.

National Security Agency

(U//FOUO) NSA Hardening Network Infrastructure: Security Recommendations for System Accreditors

Many networks run by public and private organizations have experienced intrusions in recent years, and this cyber exploitation has resulted in an unprecedented transfer of wealth due to lost intellectual property. The threats to our networks and systems exist across numerous components that include end-user-devices, servers, and infrastructure devices. To address threats to routers and other network infrastructure devices, the National Security Agency’s Information Assurance Directorate (IAD) is publishing this IAA to guide U.S. Government systems accreditors’ strategic plan for network hardening.

Read more →

National Security Agency

(U//FOUO) NSA Mitigations Guidance for Distributed Denial of Service Attacks

Adversary actors in cyberspace continue to demonstrate the interest in and ability to execute Distributed Denial of Service (DDoS) attacks against the United States. The need to offer Internet services in support of mission requirements inherently exposes these services to malicious traffic and the potential for DDoS attack. Proactive preparation to ensure network resilience in the event of a DDoS event is essential. Reactive measures are feasible, but are often too slow to respond to the dynamic nature of today’s threat.

Read more →

Department of Homeland Security, Federal Bureau of Investigation

(U//FOUO) DHS-FBI Bulletin: Diversion as a Terrorist Tactic

Terrorists and violent extremists have used—or considered using—diversionary tactics in terrorist attacks overseas. Diversionary tactics are often used to draw security forces and first responders away from the intended primary target of the attack and may be used as part of a complex or multi-pronged attack. Diverting first responders to a location other than the primary target of an attack delays the response and the provision of medical care to victims, and depletes first responder resources.

Read more →

Department of Homeland Security, Federal Bureau of Investigation

(U//FOUO) DHS-FBI Bulletin: Use of Unsuspecting Civilians in IED Attacks

Terrorists and violent extremists could use unsuspecting civilians to transport improvised explosive devices (IEDs) artfully concealed in seemingly harmless items for use in attacks in the Homeland. Overseas attacks demonstrate that violent extremists have successfully used unsuspecting individuals to carry items containing IEDs to specific targets where the devices are then detonated remotely. This tactic enables terrorists and violent extremists to place IEDs in secure areas, among large gatherings of people, or at high profile events and detonate them from a standoff distance.

Read more →

Corporate, United States

Senate Permanent Subcommittee on Investigations Apple Offshore Profit Shifting Exhibits

On May 21, 2013, the Permanent Subcommittee on Investigations (PSI) of the U.S. Senate Homeland Security and Government Affairs Committee will hold a hearing that is a continuation of a series of reviews conducted by the Subcommittee on how individual and corporate taxpayers are shifting billions of dollars offshore to avoid U.S. taxes. The hearing will examine how Apple Inc., a U.S. multinational corporation, has used a variety of offshore structures, arrangements, and transactions to shift billions of dollars in profits away from the United States and into Ireland, where Apple has negotiated a special corporate tax rate of less than two percent. One of Apple’s more unusual tactics has been to establish and direct substantial funds to offshore entities in Ireland, while claiming they are not tax residents of any jurisdiction. For example, Apple Inc. established an offshore subsidiary, Apple Operations International, which from 2009 to 2012 reported net income of $30 billion, but declined to declare any tax residence, filed no corporate income tax return, and paid no corporate income taxes to any national government for five years. A second Irish affiliate, Apple Sales International, received $74 billion in sales income over four years, but due in part to its alleged status as a non-tax resident, paid taxes on only a tiny fraction of that income.

Read more →

Department of Justice

U.S. Department of Justice Statistics Report: Firearm Violence 1993-2011

In 2011, a total of 478,400 fatal and nonfatal violent crimes were committed with a firearm. Homicides made up about 2% of all firearm-related crimes. There were 11,101 firearm homicides in 2011, down by 39% from a high of 18,253 in 1993. The majority of the decline in firearm-related homicides occurred between 1993 and 1998. Since 1999, the number of firearm homicides increased from 10,828 to 12,791 in 2006 before declining to 11,101 in 2011. Nonfatal firearm-related violent victimizations against persons age 12 or older declined 70%, from 1.5 million in 1993 to 456,500 in 2004. The number then fluctuated between about 400,000 to 600,000 through 2011. While the number of firearm crimes declined over time, the percentage of all violence that involved a firearm did not change substantively, fluctuating between 6% and 9% over the same period. In 1993, 9% of all violence was committed with a firearm, compared to 8% in 2011.

Read more →

Iraq, U.S. Army

(U//FOUO) U.S. Army Operation Iraqi Freedom Information Operations Tactical Commander’s Handbook

This handbook provides the tactical operator, commander, and battle staff with information on planning, executing, assessing, and sustaining information operations (IO). The handbook is based on observations collected in Iraq during July and August 2004 by an IO collection and analysis team (CAAT). The application of this tool is both for training and real-world events the Soldier may encounter in the Iraqi area of operations.

Read more →

Department of Defense

Joint and Coalition Operational Analysis (JCOA) Reducing and Mitigating Civilian Casualties: Enduring Lessons

The United States has long been committed to upholding the Law of Armed Conflict (LOAC) and minimizing collateral damage, which includes civilian casualties (CIVCAS) and unintended damage to civilian objects (facilities, equipment, or other property that is not a military objective). In support of these goals, the U.S. military developed capabilities for precision engagements and accurately identifying targets, such as the development of refined targeting processes and predictive tools to better estimate and minimize collateral damage. These capabilities permitted the conduct of combat operations with lower relative numbers of civilian casualties compared to past operations. However, despite these efforts, and while maintaining compliance with the laws of war, the U.S. military found over the past decade that these measures were not always sufficient for meeting the goal of minimizing civilian casualties when possible. Resulting civilian casualties ran counter to U.S. desires and public statements that the United States did “everything possible” to avoid civilian casualties, and therefore caused negative second-order effects that impacted U.S. national, strategic, and operational interests.

Read more →

Department of Homeland Security, Federal Bureau of Investigation

DHS and FBI Bulletins on OpUSA Tools and Tactics

Multiple groups, and individual hacker handles have claimed their intent to attack U.S. websites as part of OpUSA. As seen in many hacktivist operations (Ops), willing participants have posted free tools to assist other like minded individuals in their attack efforts. Often, more coordinated attacks will name a specific tool, target, day and time for the attack. That has not been the case for OpUSA thus far. Individual hacker groups seem to be conducting attacks independently, each claiming responsibility for individual defacements and data breaches that have supposedly recently taken place. Below you will find some of the tools being posted in conversations about OpUSA and links to US-CERT sites which provide background on the vulnerabilities exploited by these tools as well as mitigation advice for computer network defense actions.

Read more →

Afghanistan, United Nations

UNODC Afghanistan Opium Survey 2012

Afghanistan cultivates, produces and process narcotics that are a threat to the region and worldwide. However, the international community also needs to understand that Afghanistan itself is a victim of this phenomenon. The existence of hundreds of thousands of problem drug users, as well as decades of civil war, terrorism and instability are all related to the existence of narcotics in the country. According to the findings of this survey, the total area under cultivation was estimated at 154,000 hectares, an 18 per cent increase from the previous year. Comparisons of the gross and net values with Afghan’s licit GDP for 2012 also serve to highlight the opium economy’s impact on the country. In 2012, net opium exports were worth some 10 per cent of licit GDP, while the farmgate value of the opium needed to produce those exports alone was equivalent to 4 per cent of licit GDP. On the basis of shared responsibility and the special session of the United Nation’s General assembly in 1998, the international community needs to take a balanced approach by addressing both the supply and the demand side equally. In addition, more attention needs to be paid to reduce demand and the smuggling of precursors as well as provide further support to the Government of Afghanistan.

Read more →

U.S. Air Force

(U//FOUO) U.S. Air Force Notice on Use of Social Networking Sites for Computer Network Exploitation

Nation-state adversaries regularly use accounts on popular social networking sites to facilitate social engineering against DoD members. Information disclosed or discovered on social networking sites creates a significant operations security (OPSEC) concern and in the context of a wide spread collection effort could be by adversaries to form a classified picture.

Read more →

Connecticut, Department of Homeland Security, Intelligence Fusion Centers

DHS-Connecticut Intelligence Center (CTIC) Active Shooter Individual Response Guidelines

An “Active Shooter” is an individual actively engaging in killing or attempting to kill people in a confined and populated area; in most cases, active shooters use firearm(s) and there is no pattern or method to their selection of victims. Active Shooter situations are unpredictable and evolve quickly. Typically, the immediate deployment of Law Enforcement is required to stop the shooting and mitigate harm to victims. Because Active Shooter incidents are often over within 5-15 minutes, before Law Enforcement arrives on the scene, individuals must be prepared both mentally and physically to deal with an active shooter situation.

Read more →

National Counterterrorism Center

(U//FOUO) National Counterterrorism Center Report: Common Misconceptions About Homeland Plotting

A facilitated brainstorming session was convened to identify and examine the most common misconceptions about conventional Homeland plotting. These misconceptions stemmed from inquiries received from Federal, state, local, tribal, and private-sector consumers and from articles published by outside experts and in the media. Analysts identified the following six misconceptions as the most common and compared them with current analytic lines.

Read more →

Department of Defense, North Korea

DoD Report to Congress on North Korea Military and Security Developments 2012

The Democratic People’s Republic of Korea (DPRK) remains one of the United States’ most critical security challenges in Northeast Asia. North Korea remains a security threat because of its willingness to undertake provocative and destabilizing behavior, including attacks on the Republic of Korea (ROK), its pursuit of nuclear weapons and long-range ballistic missiles, and its willingness to proliferate weapons in contravention of its international agreements and United Nations Security Council Resolutions. North Korean aspiration for reunification – attainable in its mind in part by expelling U.S. forces from the Peninsula – and its commitment to perpetuating the Kim family regime are largely unchanged since the nation’s founding in 1948, but its strategies to achieve these goals have evolved significantly. Under Kim Jong Il, DPRK strategy had been focused on internal security; coercive diplomacy to compel acceptance of its diplomatic, economic and security interests; development of strategic military capabilities to deter external attack; and challenging the ROK and the U.S.-ROK Alliance. We anticipate these strategic goals will be consistent under North Korea’s new leader, Kim Jong Un.

Read more →

Department of Homeland Security, Federal Bureau of Investigation

DHS-FBI Bulletins Identifying IP Addresses, Hostnames Associated With Malicious Cyber Activity Against the U.S. Government

Various cyber actors have engaged in malicious activity against Government and Private Sector entities. The apparent objective of this activity has been the theft of intellectual property, trade secrets, and other sensitive business information. To this end, the malicious actors have employed a variety of techniques in order to infiltrate targeted organizations, establish a foothold, move laterally through the targets’ networks, and exfiltrate confidential or proprietary data. The United States Department of Homeland Security (DHS), in collaboration with the Federal Bureau of Investigation and other partners, has created this Joint Indicator Bulletin, containing cyber indicators related to this activity. Organizations are advised to examine current and historical security logs for evidence of malicious activity related to the indicators in this bulletin and deploy additional protections as appropriate.

Read more →

Cyprus, International Monetary Fund

IMF Fiscal Affairs Department Cyprus Options for Short-Term Expenditure Rationalization

Increasing public spending had contributed to a substantial deterioration of public finances in Cyprus over recent years. To address fiscal imbalances, the government introduced an initial set of fiscal reform’s in late 2012. However, additional measures are needed to ensure the sustainability of public finances. The size of the necessary adjustment will depend, among other things, on the magnitude of spillovers from financial sector restructuring.

Read more →

Department of Defense, Iraq

Special Inspector General Lessons Learned on the Commander’s Emergency Response Program in Iraq

The CERP was formally established by the Coalition Provisional Authority in July 2003 to provide U.S. military commanders in Iraq with a stabilization tool that benefitted the Iraqi people. The program supported urgent, small-scale projects that local governments could sustain, that generally cost less than $25,000, and that provided employment. DoD defined urgent as “any chronic and acute inadequacy of an essential good or service that, in the judgment of the local commander, calls for immediate action.” Among other things, CERP funds were used to: build schools, health clinics, roads, and sewers; pay condolence payments; support economic development; purchase equipment; and perform civic cleanup. DoD used CERP as a “combat multiplier” whose projects helped improve and maintain security in Iraq through non-lethal means. The program was considered “critical to supporting military commanders in the field in executing counterinsurgency operations” and its pacification effects important to saving lives.

Read more →

Afghanistan, United Nations

UNODC Afghanistan Opium Risk Assessment 2013

The findings of the 2013 Opium Risk Assessment in the Southern, Eastern, Western and Central regions points to a worrying situation. The assessment suggests that poppy cultivation is not only expected to expand in areas where it already existed in 2012, e.g. in the area north of the Boghra canal in Hilmand province or in Bawka district in Farah province but also in new areas or in areas where poppy cultivation was stopped. In eastern Afghanistan, in Nangarhar province, farmers resumed cultivation even in districts where poppy has not been present for the last four years. In the Northern and Northeastern region, the provinces of Balkh and Takhar which were poppy-free for many years are at risk of resuming poppy cultivation.

Read more →

Department of Homeland Security, Federal Bureau of Investigation

(U//FOUO) DHS-FBI Indicators and Protective Measures In Light of Boston Marathon Explosions

This Joint Intelligence Bulletin provides law enforcement and private sector safety officials with protective measures in light of the recent explosions that took place at the 2013 Boston Marathon in Boston, Massachusetts. The information is provided to support the activities of DHS and FBI and to assist federal, state, local, tribal, and territorial government counterterrorism and first responder officials and the private sector to deter, prevent, preempt, or respond to terrorist attacks in the United States.

Read more →