Author Archive for Public Intelligence

Congressional Research Service

Africa: U.S. Foreign Assistance Issues

U.S. aid to Africa initially reached a peak in 1985, when global competition with the Soviet Union was at a high point. After the cold war ended, security assistance levels for Africa began to decline. In 1995, at the outset of the 104th Congress, substantial reductions in aid to Africa had been anticipated, as many questioned the importance of Africa to U.S. national security interests in the post-cold war era. As the debate went forward, however, congressional reports and bills emphasized U.S. humanitarian, economic, and other interests in Africa. Aid levels did fall, but gradually began to increase again in FY1997. U.S. assistance to Africa is reaching new highs due to a significant increase in health care sectors under the Global Health and Child Survival (GHCS) program. U.S. aid to Africa nearly quadrupled from $1.2 billion in FY2006 to $6.7 billion in FY2010. Moreover, the United States is the leading donor of humanitarian assistance to Africa. Between FY1999 and FY2009, the United States provided over $10.1 billion to East and Central African countries and an estimated $2.2 billion to Southern Africa countries.

Read more →

North Atlantic Treaty Organization

NATO Sensors for Urban Operations Technical Report

Increasingly NATO nations are being involved in military operations that are radically different from traditional scenarios, and that involve operations in towns and cities that may be occupied by a combination of non-combatants and hostile forces. This will lead to requirements for new concepts of operations to be developed, and the impact of novel sensors, or novel ways of deploying or using existing sensors to be investigated. Previous studies have looked at the requirements for operations in this new theatre but have not addressed sensor characteristics or limitations specifically.

Read more →

Corporate

HBGary QinetiQ Cyber Attack Response Report

Beginning in March 2010, HBGary, Inc. was contracted to assist in the identification, analysis, and removal of malware from QinetiQ North America (QNA) internal systems. This was in response to what QNA believed to be an organized and sophisticated cyber attack involving the potential theft of ITAR controlled data. HBGary was given background on the attack, which included information on targeted attacks on digital data systems that have occurred in the past.

Read more →

Federal Bureau of Investigation

(U//FOUO) FBI Terrorist Training and Recruitment of CONUS Subjects: Lackawanna, Portland, and Northern Virginia

This assessment addresses the central role of terrorist training in three significant post-9/11 continental United States (CONUS) terrorism investigations: Lackawanna, Portland, and Northern Virginia. This assessment does not address other individuals who may have sought training independently, nor does it address groups of individuals who sought training in regions outside of South or Central Asia.

Read more →

Transportation Security Administration

(U//FOUO) TSA Liquid and Natural Gas Pipeline Threat Assessment 2011

The Transportation Security Administration’s (TSA’s) mission includes enhancing the security preparedness of U.S. hazardous liquid and natural gas pipeline systems. This TSA Office of Intelligence (TSA-OI) threat assessment primarily addresses the potential for attacks against the pipeline industry in the Homeland and assesses the tactics, techniques, and procedures (TTPs) used in attacks against pipelines and related infrastructure overseas for their potential use by terrorists in the Homeland.

Read more →

News

Fusion Center Locations Revealed

Since 9/11, the U.S. Government has engaged in a multibillion-dollar effort to construct a domestic intelligence network for the ostensible purpose of combating terrorism, criminal activity and violent extremism. One of the central components of this system is the network of “fusion centers” that have sprung up around the country over the last several years. These entities integrate local law enforcement with a state’s police force, Department of Justice, or Office of Emergency Management and are designed to facilitate law enforcement intelligence activities throughout the jurisdiction, providing federal authorities access to local information and databases, while simultaneously allowing federal agencies to disseminate classified intelligence materials to local authorities. There are almost always federal representatives present in local fusion centers and Secretary Napolitano has recently testified that DHS is “committed to having an officer in each fusion center.” Most fusion centers also work with representatives of the private sector, particularly those industries related to so-called “critical infrastructure and key resources.”

Read more →

Corporate, Defense Advanced Research Projects Agency

HBGary DARPA Cyber Genome Technical Management Proposal

While it is a challenging undertaking, we plan to research and develop a fully automated malware analysis framework that will produce results comparable with the best reverse engineering experts, and complete the analysis in a fast, scalable system without human interaction. In the completed mature system, the only human involvement will be the consumption of reports and visualizations of malware profiles. Our approach is a major shift from common binary and malware analysis today, requiring manual labor by highly skilled and well-paid engineers. Results are slow, unpredictable, expensive and don’t scale. Engineers are required to be proficient with low-level assembly code and operating system internals. Results depend upon their ability to interpret and model complex program logic and ever-changing computer states. The most common tools are disassemblers for static analysis and interactive debuggers for dynamic analysis. The best engineers have an ad-hoc collection of non-standard homegrown or Internet-collected plug-ins. Complex malware protection mechanisms, such as packing, obfuscation, encryption and anti-debugging techniques, present further challenges that slow down and thwart traditional reverse engineering technique.

Read more →

Corporate, Defense Advanced Research Projects Agency

HBGary General Dynamics DARPA Cyber Genome Program Proposal

Current technologies and methods for producing and examining relationships between software products, particularly malware, are lacking at best. The use of hashing or “fuzzy” hashing and matching techniques are conducted at the program level, ignoring any reflection of the actual development process of malware. This approach is only effective at finding closely related variants or matching artifacts found within malware that are only tangent to the development process, such as hard coded IP address, domains, or login information. This matching process is often unaware of internal software structure except in the most rudimentary sense, dealing with entire sections of code at a time, attempting to align matches while dealing with arbitrary block boundaries. The method is akin to an illiterate attempting comparing two books on the same topic. Such a person would have a chance of correlating different editions of the same book, but not much else. The first fundamental flaw in today’s approach is that it ignores our greatest advantage in understanding relationships in malware lineage, we can deduce program structure into blocks (functions, objects, and loops) that reflect the development process and gives software its lineage through code reuse.

Read more →

Intelligence Fusion Centers, New York

(U//LES) New York State Intelligence Center “Vigilance Project”: Domestic Terrorism Analysis

The Vigilance Project is a comprehensive, analytic report that examines major terrorism cases that have taken place against the Homeland since September 11, 2001. The report serves as a historical compilation of acts or attempted acts of terrorism against the United States, or its interests, and as a tool to identify trends and commonalities among the cases and the subjects involved. It is recognized that the threat environment is dynamic and potential threats are not limited to the findings contained in this report. As the title suggests, it is the duty of every citizen to remain vigilant in the face of terrorism. The findings of this report allow readers to gain an understanding of terrorism participants, their tactics and procedures, and become aware of similarities among the cases, in order to draw useful conclusions. The ultimate goal of the Vigilance Project is to provide useful information to law enforcement partners to support their role in preventing the next attack.

Read more →

Department of State

U.S. State Department OSAC Maoist/Naxalite Threat to the U.S. Private Sector

OSAC constituents operating in India face a multitude of threats, many of which are difficult to evaluate from a security standpoint. Often times, the international media will mimic the hyperbolic Indian news industry and sensationalize a security concern, resulting in significant private sector hand-wringing. One such example of this is the Communist Party of India-Maoist insurgency in India, popularly known as the Naxalite movement. For instance, Naxalites ambushed and killed 75 members of India’s Central Reserve Police Force on patrol in Chhattisgarh state on April 6, 2010. The disaster triggered alarmist headlines around the world. A headline in the British Independent on April 8 screamed “Who are the Naxalites and will they topple the Indian Government?” The attack also brought renewed attention to the Naxalites from publications such as The Economist and The New York Times, which typically publish maps showing the current “extent” of the Naxal problem alongside their analyses. Even the Prime Minister of India Manmohan Singh is on record as saying that the Naxalites are the greatest threat India faces.

Read more →

Department of State

U.S. State Department OSAC Cell Phone Video Surveillance Warning

On December 15, 2009, the City of London Police released film footage of hostile reconnaissance conducted in July 2008 by an Algerian national (Subject 1). Subject 1 was stopped by two alert police officers who saw him using his cell phone camera to record video inside Liverpool Street Station in London. When the police officers examined the footage they found 90 minutes of video recording of various sites in and around London and several UK cities to include Tube and mainline rail stations, shopping areas, bars, and restaurants. His detention and the follow-up investigation led to the arrest of Subject 1’s brother (Subject 2) and a third Algerian male (Subject 3). British authorities also looked at 30 other individuals and recovered extremist material supporting al-Qa’ida in the Islamic Maghreb in one residence. Police believe the two brothers may have been fundraising and conducting surveillance for a future terrorist operation.

Read more →

Department of State, Jordan

U.S. State Department OSAC Jordan Political Protests Bulletin

With the recent events in Tunisia and Egypt, OSAC constituents are concerned about opposition groups in other Middle Eastern countries attempting to stage similar uprisings. Many countries in the region, including Jordan, suffer from similar economic and demographic problems, which put them at increased risk of civil unrest. The recent series of Friday protests and subsequent conciliatory measures by King Abdullah has only increased these concerns. Nevertheless, Jordan is a unique country with significant differences, and its potential for civil unrest needs to be judged based on its own internal dynamics, even if that includes accounting for recent regional changes.

Read more →

New York

New York Office of Homeland Security Post 9-11 Terrorist Training Infrastructure Report

Until shortly after 9/11, when the U.S. military launched an invasion intended to destroy Al Qaeda’s infrastructure and sanctuary, the vast majority of the terror network’s training camps were located in Afghanistan. According to the 9/11 Commission, between 1996 and 2001, a total of 10,000 to 20,000 individuals trained for jihad at camps such as Al-Farooq, Khalden, and Derunta. Other sources, such as former Senator Bob Graham, cite an estimate from the CIA’s Counterterrorism Center that, in fact, between 70,000 and 120,000 passed through Al Qaeda’s Afghan camps. A significant number of those attendees were Western citizens. For example, open sources report that in January 2002, British military intelligence discovered the names of 1,200 British citizens who trained with Al Qaeda in Afghanistan. U.S citizens, such as Jose Padilla, John Walker Lindh, and the Lackawanna Six, also traveled to Afghanistan for training.

Read more →

Headline

Egyptian Revolution Photos February 2011

counterfire – http://www.flickr.com/photos/counterfire/ rouelshimi – http://www.flickr.com/photos/rouelshimi/ erik-n – http://www.flickr.com/photos/erik-n/ darkroom productions – http://www.flickr.com/photos/darkroomproductions/ Omar Robert Hamilton – http://www.flickr.com/photos/56458828@N02/ Nasser Nouri – http://www.flickr.com/photos/nassernouri/ Floris Van Cauwelaert – http://www.flickr.com/photos/flomobile Photo by Iman Mossad – http://www.flickr.com/photos/imosaad/

Read more →

Department of State, Portugal

(U//FOUO) U.S. State Department Social Media Landscape: Portugal

Social media usage in Portugal is growing and it is recognized by organizations as a useful communications tool, particularly amongst consumer brands. Although, the government has invested heavily in schools IT infrastructure, it is yet to embrace social media as part of its overall communications strategy and there remains great potential for the government or political parties to fully utilize social media. Similarly, there are cases of media outlets engaged in social media activity, although these are the exception, rather than the rule. The 16-24 year old age group is leading the digital movement in Portugal; it is this group which has benefited most from the unprecedented level of government investment However, it is important to recognize their predecessors, the 25-34 year old age group are also heavy users of the Internet.

Read more →

Department of State, Finland

(U//FOUO) U.S. State Department Social Media Landscape: Finland

Finland has a high level of Internet penetration and usage in comparison to other European nations. However, whilst the technology and capability exists to facilitate for a vibrant social media landscape, the conservative Finnish national character in conjunction with online security fears can be seen to be restricting this potential growth. In line with most European nations it is the younger age groups, namely 15-24 year olds who are most active online in Finland, whilst people who live by themselves are also active online participants. Most people access the Internet at home, however educational establishments are also common locations and many schools, colleges and universities are well equipped with IT facilities and Internet access. Men typically use the Internet as an information resource, whilst women and younger people use it as a communication tool.

Read more →

Intelligence Fusion Centers, Washington D.C.

(U//FOUO) Washington D.C. Fusion Center: The Perils of Social Networking

In a the New York State court, a NYPD officer was questioned by the defense attorney regarding statements he had posted on his Facebook webpage that portrayed him as a rogue cop. At the conclusion of his testimony, what should have been a slam-dunk “ex-con with a gun” case, resulted in an acquittal for the defendant because of the reasonable doubt created by the officer’s own postings on Facebook and MySpace. In other words, his own website statements were used to impeach him. Convictions rest on the credibility of the officer(s). The defense strategy was to show the jury that what the officer writes about himself on social network websites is how he “really” conducts police work. The suspect in this case claimed that the officer used excessive force on him and broke three ribs. The suspect went on to allege that when the police officer realized that he would have to explain the broken ribs, he “planted” a stolen 9mm Beretta on the suspect and charged him with the offense.

Read more →