United States

U.S. Army TRADOC Report: Syria Threat Tactics

USArmy-SyriaThreats

Syria and its ongoing civil war represent an operational environment (OE) that includes many of the characteristics illustrative of the complexities of modern warfare. Now in its fourth year, the civil war in Syria has lured a variety of threat actors from the Middle East and beyond. What began as a protest for improved opportunities and human rights has devolved into a full-scale civil war. As the Syrian military and security forces fought to subdue the civil unrest across the country, these protest groups responded with increasing violence aided by internal and external forces with a long history of terrorist activity. Ill-suited for the scale of combat that was unfolding across the country, Syrian forces turned to their allies for help, including Hezbollah and Iran. The inclusion of these forces has in many ways transformed the military of President Bashar al Assad from a conventional defensive force to a counterinsurgency force.

U.S. Army TRADOC Report: The Battle for Sinjar, Iraq

USArmy-BattleforSinjar

This Tactical Action Report (TAR) provides information on the capture and subsequent recapture of Sinjar, a town at the foot of the Sinjar Mountains. The Nineveh Offensive, of which Sinjar was a key target, led to the capture of a large part of northern Iraq and included the occupation of Mosul. ISIL pushed Peshmerga forces from the area and threatened Erbil, the government seat of the KRG in 2014. A growing humanitarian crisis developed as ISIL began purging villages in the Sinjar area of the minority group known as Yazidis. Thousands were killed, kidnapped, or forced to flee their homes. Many Yazidis retreated to the Sinjar Mountains where they were besieged by ISIL fighters. These circumstances led to President Barack Obama ordering air strikes to protect Erbil, where US military advisors were headquartered, and to relieve the displaced Yazidi civilians. Over a year later Peshmerga fighters, with the help of other Kurdish factions, pushed ISIL forces out of Sinjar and other surrounding areas and severed a key supply route connecting ISIL-held Raqqa, Syria, with Mosul, Iraq.

(U//FOUO) DHS-FBI-NCTC Bulletin: Tactics, Techniques, and Procedures Used in March 2016 Brussels Attacks

DHS-FBI-NCTC-BrusselsAttacks

This Joint Intelligence Bulletin (JIB) is intended to provide a review of the tactics, techniques, and procedures demonstrated by the perpetrators of the 22 March 2016 attacks in Brussels, Belgium. The analysis in this JIB is based on statements by European government and law enforcement officials cited in media reporting and is subject to change with the release of official details from post-incident investigations. This JIB is provided by DHS, FBI, and NCTC to support their respective activities and to assist federal, state, local, tribal, and territorial government counterterrorism and law enforcement officials, first responders and private sector partners in deterring, preventing, preempting, or disrupting terrorist attacks against the United States.

FBI Cyber Bulletin: Smart Farming May Increase Cyber Targeting Against US Food and Agriculture Sector

FBI-SmartFarmHacking

The FBI and the US Department of Agriculture (USDA) assess the Food and Agriculture (FA) Sector is increasingly vulnerable to cyber attacks as farmers become more reliant on digitized data. While precision agriculture technology (a.k.a. smart farming)a reduces farming costs and increases crop yields, farmers need to be aware of and understand the associated cyber risks to their data and ensure that companies entrusted to manage their data, including digital management tool and application developers and cloud service providers, develop adequate cybersecurity and breach response plans.

(U//FOUO) MS-ISAC Intel Paper: Common Cyber Threats to Universities

MS-ISAC-UniversityCyberThreats

The Multi-­State Information Sharing and Analysis Center (MS-­ISAC) assesses with high confidence that cyber threat actors routinely target universities, for the purposes of financial gain, notoriety, or entertainment, and often to gain access to personally identifiable information (PII) and/or sensitive research. MS-­ISAC believes universities are inherently more vulnerable to cyber targeting than other state, local, tribal, and territorial (SLTT) government entities, due to the non-­restrictive research environment with less compartmentalization and less access restriction, which results in more opportunity for infection, and when infection occurs, easier transmission through a network.

U.S. Army North Commander Testimony: The Role of the Army in the Homeland

ARNORTH-ArmyRoleHomeland

Our history is replete with examples where both Guard and Active forces were employed to respond to our Nation’s disasters. In the recent era, the defining disaster was Hurricane Katrina, a Category 3 hurricane that forced the breach of levies and the subsequent massive flooding of New Orleans. It rapidly overwhelmed the capabilities of Louisiana that saw the C, NGB send upwards of 50,000 Guardsmen from other States and the President send in the 82nd Airborne Division. There have been other similar incidents in our lifetime: Hurricane Andrew (1992) where President Bush sent 2,000 to 5,000 Troops from Ft Bragg, Hurricane Hugo (1989) where over 3,000 Service members were sent in support, and the 1988 Yellowstone Fires where approximately 1,000 active duty Soldiers and Marines provided direct fire line support as part of JTF Yellowstone. These show that there are those potential catastrophic disasters (New Madrid Seismic Zone, Cascadia Subduction Zone, Cyber Attack, or even an Improvised Nuclear Detonation) that can hit the United States where the President will not hesitate to call upon Federal Forces.

(U//FOUO) DHS Intelligence Assessment: Damaging Cyber Attacks Possible but Not Likely Against the US Energy Sector

DHS-CyberAttacksEnergySector

This Assessment establishes a baseline analysis of cyber threats to the US energy sector based on comprehensive FY 2014 incident reporting data compiled by ICS-CERT, as well as reporting by the Intelligence Community (IC), private sector cybersecurity industry, and open source media between early 2011 and January 2016. This Assessment is designed to help close gaps between the private sector’s and the IC’s understanding of current cyber threats facing the US energy sector. Critical infrastructure owners and operators can use this analysis to better understand cyber threats facing the US energy sector and help focus defensive strategies and operations to mitigate these threats. The Assessment does not include an in-depth analysis of foreign cyber doctrines or nation-state red lines for conducting cyber attacks against the United States. The information cutoff date for this Assessment is January 2016.

Boston Fusion Center Bulletin: Terror Attacks on Entertainment Venues

BRIC-EntertainmentVenueAttacks

Several recent incidents underline the possibility that soft targets, including entertainment venues such as bars and restaurants, are increasingly chosen over hard targets that may hold more significance to the victims and the attacking person or group. Using analysis of recent events and data from the START Global Terrorism Database, the BRIC completed the following study to raise awareness regarding the targeting of entertainment venues by violent extremist groups.

FBI Cyber Bulletin: Global Extremists Conducting Cyber Activity in Support of ISIL

FBI-CyberAttackISIL

Over the past 18-24 months, an unknown number of online extremists have conducted “hacktivist” cyber operations – primarily Web site defacements, denial-of-service attacks, and release of personally identifiable information (PII) in an effort to spread pro-Islamic State of Iraq and the Levant (ISIL) propaganda and to incite violence against the United States and the West. Recent open source reporting from the Daily Mail India, indicates ISIL is recruiting Indian hackers and offering upwards of $10,000 USD per job to hack government Web sites, steal data, and to build social media databases for recruiting purposes. Indian officials believe as many as 30,000 hackers in India may have been contacted. The FBI cannot confirm the validity of the media reports, and beyond this single article on Indian hackers and ISIL, does not have information indicating any such relationship exists to date. The FBI assesses this activity is most likely independent of ISIL’s leaders located in Syria and Iraq.

DHS Infrastructure Report: Consequences of Malicious Cyber Activity Against Seaports

DHS-SeaportCyberAttacks

Unless cyber vulnerabilities are addressed, they will pose a significant risk to port facilities and aboard vessels within the Maritime Subsector. These potential vulnerabilities include limited cybersecurity training and preparedness, errors in software, inadequately protected commercial off-the-shelf technologies and legacy systems, network connectivity and interdependencies, software similarities, foreign dependencies, global positioning system jamming-spoofing, and insider threats.

House Homeland Security Committee Report: Combating Terrorist and Foreign Fighter Travel

US-ForeignFighters

Today we are witnessing the largest global convergence of jihadists in history, as individuals from more than 100 countries have migrated to the conflict zone in Syria and Iraq since 2011. Some initially flew to the region to join opposition groups seeking to oust Syrian dictator Bashar al-Assad, but most are now joining the Islamic State of Iraq and Syria (ISIS), inspired to become a part of the group’s “caliphate” and to expand its repressive society. Over 25,000 foreign fighters have traveled to the battlefield to enlist with Islamist terrorist groups, including at least 4,500 Westerners. More than 250 individuals from the United States have also joined or attempted to fight with extremists in the conflict zone.

(U//FOUO) California Fusion Center: Drone Threats to Public Safety Personnel, Assets and Response

CA-DronesPublicSafety

Encounters in 2015 of unauthorized unmanned aircraft systems (UAS), also known as drones, with public safety aircraft during emergency events underscore the potential threats UAS pose to response efforts—notably search-and-rescue, firefighting and police air assets—as well as the lives, property and natural resources already at risk.

(U//FOUO) Boston Regional Intelligence Center Suspicious Activity Behavior & Indicators For Public Sector Partners

BRIC-SuspiciousActivity

This document is intended to highlight several suspicious activity behaviors and indicators that may be indicative of preoperational terrorist activity for business owners and private sector security personnel. This product focuses on behaviors and indicators that would be of interest prior to any major event. This proactive public safety strategy is an ongoing attempt to provide our private sector partners with some information on suspicious activity.

NCTC Counterterrorism Digest January 26-February 2, 2016

NCTC-CT-Digest-02-03-16

Counterterrorism Digest is a compilation of UNCLASSIFIED open source publicly available press material, to include relevant commentary on issues related to terrorism and counterterrorism over the past seven days. It is produced every Wednesday, excluding holidays. Counterterrorism Digest is produced by the National Counterterrorism Center and contains situational awareness items detailing on-going terrorism-related developments which may be of interest to security personnel.

NCTC Counterterrorism Digest January 20-26, 2016

NCTC-CT-Digest-01-27-16

Counterterrorism Digest is a compilation of UNCLASSIFIED open source publicly available press material, to include relevant commentary on issues related to terrorism and counterterrorism over the past seven days. It is produced every Wednesday, excluding holidays. Counterterrorism Digest is produced by the National Counterterrorism Center and contains situational awareness items detailing on-going terrorism-related developments which may be of interest to security personnel.

(U//FOUO) DHS Assessment: Cyber Targeting of the US Emergency Services Sector Limited, But Persistent

DHS-CyberTargetingESS

Cyber targeting of the ESS will likely increase as ESS systems and networks become more interconnected and the ESS becomes more dependent on information technology for the conduct of daily operations—creating a wider array of attack vectors for cyber targeting. Independent researchers have already reported on the widespread availability of vulnerabilities and attack vectors for critical hardware and software that is used in this sector extensively. Such vulnerable systems include call-center communications-management software, closed-circuit TV camera systems, interactive voice response systems, and emergency alert systems—particularly wireless emergency alert systems.

FBI Preventing Violent Extremism in Schools Guide

FBI-PreventingExtremismSchools

Despite efforts to counter violent extremism, the threat continues to evolve within our borders. Extremism and acts of targeted violence continue to impact our local communities and online violent propaganda has permeated social media. Countering these prevailing dynamics requires a fresh approach that focuses on education and enhancing public safety—protecting our citizens from becoming radicalized by identifying the catalysts driving extremism.