United States

(U//FOUO) DHS Bulletin: Chemical Splash and Spray Attacks Potential Tactic for Violent Extremists in Homeland

We assess that terrorists likely view tactics involving throwing or spraying acids and a variety of chemical liquids, hereafter referred to as a chemical spray and splash attack (CSSA), as a viable tactic to cause injury and disrupt critical infrastructure, judging from open source reporting describing terrorist social media posts and terrorist and violent extremist use of this tactic overseas. An analysis of a small number of incidents described in media reporting revealed that CSSAs are commonly used by criminal actors to further criminal activities and by violent extremist groups overseas to create fear, intimidate, punish, and disfigure individuals and groups that resist their control or ideology in their area of operations; the tactic, however, has rarely been operationalized by actors in the Homeland. We note, however, that homegrown violent extremists (HVEs) and lone offenders likely would find this tactic appealing and could easily adapt it to the Homeland, as it requires no specific technical expertise and the materials most often associated with criminal attack are usually unregulated and widely available.

Vulnerabilities Equities Policy and Process for the United States Government

This document describes the Vulnerabilities Equities Policy and Process for departments and agencies of the United States Government (USG) to balance equities and make determinations regarding disclosure or restriction when the USG obtains knowledge of newly discovered and not publicly known vulnerabilities in information systems and technologies. The primary focus of this policy is to prioritize the public’s interest in cybersecurity and to protect core Internet infrastructure, information systems, critical infrastructure systems, and the U.S. economy through the disclosure of vulnerabilities discovered by the USG, absent a demonstrable, overriding interest in the use of the vulnerability for lawful intelligence, law enforcement, or national security purposes.

(U//FOUO) DHS-FBI-NCTC Bulletin: Rail-Safety for First Responders

There is continued terrorist interest in attacking the rail system either as the primary target or as an attack mechanism. The US railroad system includes 800 railroads, 144,000 miles of track, and 212,000 railroad crossings. First responders should work closely with railroad police departments and other security partners to better protect rail assets—including freight rail (railcars loaded with commodities or hazardous materials), passenger rail (Amtrak, regional, or commuter rail), heavy rail (metro, and subway), and light rail (street cars, tramways, or trolleys)—from terrorist attacks and criminal activities. This product was developed to provide general rail safety tips and resources to help increase first responder awareness of the rail environment.

Joint Staff Strategic Multilayer Assessment: Influence in an Age of Rising Connectedness

In the pluralized, multipolar world, in which military and economic sources of power are widely distributed and technologies are making nation states increasingly more porous, the US and its partners face significant challenges on how best to adapt and thrive in a period of revolutionary changes. These factors may change the way US analysts, planners, and operators evaluate approaches in order to affect and direct the outcomes of military operations. To date, such courses of actions to a large extend have focused on compelling adversaries through the threat or application of force to achieve victory (i.e., “control”). In this changing geopolitical/technical landscape, it is increasingly clear that the DOD needs complement “control” with an explicit focus upon “influence” factors and forces that produce desired behavioral outcomes across complex and intermeshed human and technical systems.

(U//LES) ICE Bulletin: Da Jiang Innovations (DJI) Likely Providing U.S. Critical Infrastructure and Law Enforcement Data to Chinese Government

SIP Los Angeles assesses with moderate confidence that Chinese-based company DJI Science and Technology is providing U.S. critical infrastructure and law enforcement data to the Chinese government. SIP Los Angeles further assesses with high confidence the company is selectively targeting government and privately owned entities within these sectors to expand its ability to collect and exploit sensitive U.S. data.

(U//FOUO) California Cybersecurity Integration Center Advisory: Security Concerns with Kaspersky Labs Products

On 11 July, the United States Government removed Moscow-based Kaspersky Lab from two lists of approved vendors used by government agencies to purchase technology equipment, amid concerns the cyber security firm’s products could be used by the Kremlin to gain entry into U.S. networks. Last month the Senate Armed Services Committee passed a defense spending policy bill that would ban Kaspersky products from use in the military. The move came a day after the FBI interviewed several of the company’s U.S. employees at their private homes as part of a counterintelligence investigation into its operations.

DHS-FBI-NCTC Bulletin: Complex Operating Environment Food and Agriculture

Food and agriculture infrastructure is a $1 trillion industry, almost entirely under private ownership and comprises an estimated 2.1 million farms, 935,000 restaurants, and more than 200,000 registered food manufacturing, processing, and storage facilities. Intentional contamination of the food supply could have significant public health and economic consequences depending on the commodity, the agent used, and where in the supply chain the contaminant was added. This product provides first responders and private-sector stakeholders an awareness of the complex operating environment that may result from intentional contamination of the food supply and identifies key collaborative partners and indicators to minimize the risk of an intentional attack on the food supply.

Bureau of Justice Assistance Real-Time and Open Source Analysis Resource Guide

Open source platforms can be used by criminals to instigate or conduct illegal activity and by terrorists to recruit and encourage new members, disseminate violent extremist messaging through video or documents, coordinate activities, and claim responsibility for attacks around the world. As such, law enforcement and analytic personnel should understand the uses of social media and be aware of social media tools that can be used to document criminal and terrorist activity. A wide variety of open source analysis tools—both no-cost and paid—is available to public and private sector organizations, including law enforcement and analytic personnel, and the technology continues to evolve. ROSA tools that access only publicly available information and are capable of searching multiple platforms simultaneously are assets for maximizing efficiency during authorized uses by law enforcement and analytic personnel.

(U//FOUO) DHS Assessment: Foreign Terrorist Organization-Inspired Vehicle-Ramming Attacks

assesses the increase in the number of vehicle-ramming attacks since January 2016 indicates Foreign Terrorist Organization (FTO) messaging efforts are probably resonating with violent extremists and will most likely continue in the near term. FTO-inspired violent extremists will probably continue to plan and engage in vehicle-ramming attacks against Western-based mass gathering and public venues since this tactic often requires minimal training, expertise, and preoperational planning. Since January 2016, eight FTO-inspired vehicle-ramming attacks have occurred in Western countries. OCIA identified three common characteristics among these attacks: targeting of public venues or mass gatherings; use of secondary weapons; and lack of observable indicators immediately before the attack.

(U//FOUO) Northwest High Intensity Drug Trafficking Area Threat Assessment and Strategy For Program Year 2018

The opioid epidemic continues to dominate headlines within the state and throughout the region. Powerful synthetic opioids, such as fentanyl and its derivatives, led to the overdose deaths of 70 individuals in Washington State during 2016 – more than twice the number of fentanyl-related deaths in the previous year. Although much of Washington’s focus is on curbing the opioid crisis, methamphetamine remains a critical threat in the Pacific Northwest. The regulation of recreational and medicinal marijuana continues to pose new challenges for law enforcement even as use of the drug in Washington State has been legal for several years.

Asymmetric Warfare Group Lessons Learned from Modern Urban Operations from 1980 to the Present

Urban warfare is not a new phenomenon. The U.S. Army saw urban combat in the Revolutionary War, the War of 1812, the Civil War, and elsewhere. Starting with World War II, overall armed conflict began to occur around centers with a high population density. This new backdrop for conflict has caused a whole new set of challenges, especially in an era of public scrutiny. The “Army’s capacity to engage, fight, and win major urban combat operations will determine the success of future operational and strategic endeavors.”

Understanding Digital Footprints and Protecting Personal Information: A Guide for Law Enforcement

Personal information is increasingly distributed online by the media, the public, law enforcement agencies, and even law enforcement personnel themselves. It is imperative that law enforcement personnel understand the importance and consequences of their online activities and be proactive in monitoring and limiting their digital footprint. What may seem like an innocent upload or shared post can have a significant effect not only on law enforcement personnel but on their departments, families, and friends. Law enforcement should take the steps now to protect themselves and their family members before becoming a victim.

DHS-FBI Guide: Handling Threats to Private Citizens and Locations Named Online by Violent Extremists

The fusion center has no information to indicate specific or credible threats to people whose names have been published online by violent extremists. You are being provided this advisory to assist your agency in responding to queries from members of the public or other concerned parties. This information, which often includes personally identifiable information (PII) obtained maliciously via the Internet, most likely represents aspirational threats. Its primary purpose is likely to heighten anxiety and a sense of vulnerability. It is unlikely that violent extremist-inspired individuals in the United States will target people identified online, but this cannot be ruled out entirely.

(U//FOUO) NCTC Guide: Sunni Violent Extremist Attacks in the US Since 9/11

NCTC assesses that the Sunni violent extremist threat in the US has evolved from one defined by complex, large-scale attacks directed by a foreign terrorist organization (FTO) to mostly self-initiated attacks by homegrown violent extremists using relatively simple methods. Of the 28 Sunni violent extremist attacks in the US since 9/11 only three were directed by an FTO. Most attacks were perpetrated by individuals enabled—through encouragement or operational support—or inspired by ISIS, al-Qa‘ida, and al-Qa‘ida affiliates.

DHS-FBI-NCTC Bulletin: Acid Attacks Potential Opportunistic Threat and Treatment Awareness

The number of criminal and gang-related assaults involving acid or other corrosive substances has risen sharply in some Western countries. As of July 2017, police statistics in England indicate assaults and threats involving corrosives have risen from 183 in 2012 to more than 500 this year, according to open source reporting. Although there has been minimal specific interest by terrorists in acid attacks to date, we judge the increase in criminal incidents coupled with recent English-language terrorist messaging encouraging attacks using acid may spur opportunistic terrorist use of the tactic, underscoring the potential threat and importance of an immediate on-scene emergency response.

(U//FOUO) Northern California Fusion Center: Violent Tactics Showcased at Berkeley Riots Likely to be Used at Future Demonstrations

Tactics used by violent Anti-fascists at events in Berkeley on 1 February, 4 March, and 15 April 2017 highlight their ability to exploit peaceful protests with coordinated violent demonstrations, attack law enforcement personnel, destroy property, and conduct information campaigns to advance their socio-political goals. This Advisory Bulletin is intended to inform law enforcement involved in operational planning and event safety at gatherings that violent anti-fascist elements may target.

(U//LES) FBI Intelligence Assessment: Black Identity Extremists Likely Motivated to Target Law Enforcement Officers

The FBI assesses it is very likely Black Identity Extremist (BIE) perceptions of police brutality against African Americans spurred an increase in premeditated, retaliatory lethal violence against law enforcement and will very likely serve as justification for such violence. The FBI assess it is very likely this increase began following the 9 August 2014 shooting of Michael Brown in Ferguson, Missouri, and the subsequent Grand Jury November 2014 declination to indict the police officers involved. The FBI assesses it is very likely incidents of alleged police abuse against African Americans since then have continued to feed the resurgence in ideologically motivated, violent criminal activity within the BIE movement. The FBI assesses it is very likely some BIEs are influenced by a mix of anti-authoritarian, Moorish sovereign citizen ideology, and BIE ideology. The FBI has high confidence in these assessments, based on a history of violent incidents attributed to individuals who acted on behalf of their ideological beliefs, documented in FBI investigations and other law enforcement and open source reporting. The FBI makes this judgment with the key assumption the recent incidents are ideologically motivated.

(U//FOUO) NCTC Counterterrorism Weekly Open Source Digest September 2017

In August, ISIS released a seven-minute, English-language video encouraging would-be fighters to travel to the Philippines instead of Syria and Iraq. The video was the latest sign the group has shifted its recruiting tactics as it loses ground to Coalition Forces in the Middle East. Asia has become a new focus for ISIS, according to private sector analysts, such as Flashpoint Intelligence.

InterAgency Board Recommendations on Personal Protective Equipment and Decontamination Products for Fentanyl Exposure

Increased illicit use of opioids, including synthetic opioids such as fentanyl and its analogue carfentanil, is a source of increased risk to responders. Most routine encounters between patients or detainees and EMS or law enforcement do not present a significant threat of toxic exposure. While there are anecdotal reports of public safety personnel being exposed to opioids during operations, they are largely unconfirmed. To proactively address the potential risks, this document establishes guidance for personal protective equipment selection and use, decontamination, detection, and medical countermeasures for first responders who may be exposed to opioids in the course of their occupational activities. Throughout the remainder of this document, the term synthetic opioids will be used to include fentanyl, fentanyl analogues, morphine analogues, the U-series opioids, and others.

DHS Infrastructure Assessment: Electric Vehicle Charging Stations

Electric vehicle (EV) usage continues to increase in the United States, along with its supporting infrastructure. As EVs increase in market share, issues like charging speed and battery capacity will drive future development of EV charging technology. As EV demand increases, manufacturers will continue to develop, build, and deploy additional Internet-connected charging stations and new connected technologies to satisfy demand.

(U//FOUO) Asymmetric Warfare Group Russian New Generation Warfare Handbook

As the American Army fought in Iraq and Afghanistan, it became the best tactical level counter insurgency force of the modern era. America’s enemies, however, did not rest. Russia observed the transformation of the American Army and began a transformation of their own. This new military barely resembles its former Soviet self. Wielding a sophisticated blend of Unmanned Aircraft Systems (UAS), electronic warfare (EW) jamming equipment, and long range rocket artillery, it took the Soviet model out of the 1980s and into the 21st Century.

Customs and Border Protection Alert: Fentanyl Analogues Not Resistant to Narcan (Naloxone)

Contrary to recent news reporting, there are no fentanyl analogues resistant to Naloxone. News reports indicated a “new” fentanyl analogue, acrylfentanyl, was “extremely powerful” and implied it resisted Naloxone’s effects. However, acrylfentanyl binds to the same receptors within the human body as fentanyl, meaning correctly administered Naloxone is effective against it.

(U//FOUO) DHS Reference Aid: Overview of Recently Successful or Arrested HVEs’ Radicalization to Violence

This Reference Aid is based on I&A’s review of the radicalization to violence of 39 US homegrown violent extremists (HVEs) who either successfully carried out or were arrested before attempting to carry out attacks in the Homeland between 1 January 2015 and 31 December 2016. It is intended to inform federal, state, local, tribal, and territorial counterterrorism, law enforcement, and countering violent extremism (CVE) officials. For additional information about these HVEs, please see the classified I&A Intelligence Assessment “(U//FOUO) Commonalities in HVEs’ Radicalization to Violence Provide Prevention Opportunities,” published 10 February 2017.