United States

DEA Assessment of U.S. Areas of Influence of Major Mexican Transnational Criminal Organizations


Mexican transnational criminal organizations (TCOs) pose the greatest criminal drug threat to the United States; no other group is currently positioned to challenge them. These Mexican poly-drug organizations traffic heroin, methamphetamine, cocaine, and marijuana throughout the United States, using established transportation routes and distribution networks. They control drug trafficking across the Southwest Border and are moving to expand their share, particularly in the heroin and methamphetamine markets.

DEA Assessment of Mexican Drug Trafficking Organizations’ Areas of Dominant Control


DEA continues to identify eight major cartels currently operating in Mexico: Sinaloa, Cartel de Jalisco Nueva Generacion (New Generation Jalisco Cartel or CJNG), Beltran-Leyva Organization (BLO), Los Zetas, Gulf, Juarez/La Linea, La Familia Michoacana (LFM), and Los Caballeros Templarios (Knights Templar or LCT); however, leadership losses for LFM and LCT over the last year have significantly degraded their operational capabilities and organizational cohesion. The attached graphic illustrates fluctuations in the areas of dominant control for Mexico’s major DTOs, most notably the significant expansion of CJNG.

OSAC Bulletin: Mustard Agent Likely Used in ISIL Attack in Iraq August 2015


Early tests show that the Islamic State of Iraq and the Levant (ISIL) used chemical agents during an attack on Kurdish Peshmerga forces on August 11 in Makhmour, Iraq. U.S. government officials reported that preliminary tests on shell fragments indicated a presence of chemical agents, although additional analyses would be necessary to determine the full composition. Early media reports have pointed to the use of mustard agent. Overall, ISIL’s use of mustard agent appears to be largely undeveloped – although the group is likely seeking to advance its capabilities – and there is no evidence that they have used mustard agent (also known as mustard gas) against civilian interests at this point.

U.S. National Counterintelligence Strategy 2016

NCSC-Counterintelligence Strategy2016

The National Counterintelligence Strategy of the United States of America 2016 (Strategy) was developed in accordance with the Counterintelligence Enhancement Act of 2002 (Pub.L. No. 107-306, 116 Stat. 2383 (as amended) codified at 50 U.S.C. sec. 3383(d)(2)). The Strategy sets forth how the United States (U.S.) Government will identify, detect, exploit, disrupt, and neutralize foreign intelligence entity (FIE) threats. It provides guidance for the counterintelligence (CI) programs and activities of the U.S. Government intended to mitigate such threats.

Joint Staff Strategic Assessment: Neurobiological Insights on Radicalization and Mobilization to Violence


This concise review presents theories, findings, and techniques from the neurobiology and cognitive sciences, as well as insights from the operational community, to provide a current and comprehensive description of why individuals and groups engage in violent political behavior. This report is based primarily on recent findings from the academic community. It has been compiled with the policy, planning, and operational community as the primary audience.

(U//FOUO) New Jersey Fusion Center Special Events List November 2015


The New Jersey Office of Homeland Security and Preparedness (OHSP) compiles a statewide list of special events that provides situational awareness to law enforcement, as well as to assist in local planning requirements. Special events include any events that attracts large numbers of participants. Examples include concerts, marathons, parades, sporting events, holiday gatherings, etc.

U.S. Army Protection of Civilians Techniques Publication


ATP 3-07.6 discusses the importance of civilian protection during unified land operations and presents guidelines for Army units that must consider the protection of civilians during their operations. Protection of civilians refers to efforts to protect civilians from physical violence, secure their rights to access essential services and resources, and contribute to a secure, stable, and just environment for civilians over the long-term. ATP 3-07.6 describes different considerations including civilian casualty mitigation and mass atrocity response operations.

(U//FOUO) FBI Counterintelligence Note: Huawei Chinese Government-Subsidized Telecommunications Company


Huawei is a threat to intellectual property and business communications due to its opaque relationship with the Chinese Government. Huawei has legal obligations to work on behalf of the Chinese state, probably through the Chinese Communist Party (CCP) committee residing within Huawei. This relationship likely influences the company’s decision-making through threats of corruption investigations.

Restricted U.S. Army Cryptologic Linguist Training Manual


This publication is for soldiers holding military occupation specialty (MOS) 98G and their trainer/first-line supervisor. It contains standardized training objectives in the form of task summaries that support unit missions during wartime. Soldiers holding MOS 98G should be issued or have access to this publication. It should be available in the soldier’s work area, unit learning center, and unit libraries. Trainers and first-line supervisors should actively plan for soldiers to have access to this publication. It is recommended that each 98G soldier be issued an individual copy.

(U//LES) Financial Crimes Enforcement Network: Tor IP Addresses Increasingly Linked to Cybercrime


Our BSA analysis of 6048 IP addresses associated with the Tor darknet found that in the majority of the SAR filings, the underlying suspicious activity, most frequently account takeovers, might have been prevented if the filing institution had been aware that their network was being accessed via Tor IP addresses. Darknets are Internet based networks used to access content in a manner designed to obscure the identity of the user and his or her associated Internet activity.

(U//FOUO) DHS-FBI-NCTC Bulletin: Terrorist Impersonation of First Responders Overseas


(U//FOUO) Two disrupted plots in Europe earlier this year highlight terrorists possible interest in impersonating first responders through the acquisition of authentic or fraudulent uniforms, equipment, vehicles, and other items which may be associated with government, military, law enforcement, fire,…

(U//FOUO) DoD Biometrics Capstone Concept of Operations


A biometric is a measurable physical characteristic or personal behavior trait used to recognize the identity or verify the claimed identity of an individual. Fingerprints are an example of a physical biometric characteristic. Behavioral biometric characteristics like handwriting are learned and acquired over time. Biometrics is the process of recognizing an individual based on measurable anatomical, physiological and behavioral characteristics. Employing biometrics can help positively identify adversaries, allies and neutral persons. This is particularly useful when facing adversaries who rely on anonymity to operate. Biometrics is not forensics even though the two can, and often are, employed in concert. Forensics involves the use of scientific analysis to link people, places, things and events while biometrics involves the use of automated processes to identify people based on their personal traits. Because of the interrelationship between biometrics and forensics, the Department of Defense (DOD) intends to develop a single concept of operation (CONOP) in the future describing how biometrics and forensics can be employed in a complementary manner.

(U//FOUO) National Guard Mission Analysis for Cyber Operations


This report fulfills the requirement contained in the National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2014, Section 933(e) “National Guard Assessment.” The results of the National Guard’s assessment reflect the Chief of the National Guard Bureau’s (CNGB) view for successfully integrating the National Guard into the Department of Defense’s (DoD) Cyber Mission Force (CMF) and across all Cyber missions to create a Whole of Government and Whole of Nation approach to securing U.S. cyberspace.

(U//FOUO) Department of Defense Mission Analysis for Cyber Operations


This report fulfills the requirement contained in the National Defense Authorization Act (NDAA) for Fiscal Year 2014, Section 933 “Mission Analysis for Cyber Operations of the Department of Defense (DoD).” The Department undertook an accelerated but deliberate process to conduct the analysis, the outcomes of which are contained in this report. The analysis addressed each sub-section of the statute and was fully vetted across the Department. The results of this analysis reflect the Department’s current view of its requirements for successful conduct of cyberspace operations, leveraging a Total Force solution. As cyberspace capabilities, force structure, and command and control (C2) constructs evolve, the Department will conduct periodic reviews of its cyberspace requirements and adjust them as necessary.

(U//FOUO) DHS-FBI-NCTC Bulletin: Risks for U.S. Persons Traveling to Fight ISIS


This Joint Intelligence Bulletin highlights the potential risks for US persons traveling to Syria or Iraq to combat the Islamic State of Iraq and the Levant (ISIL) or expressing online a desire to do so. The FBI, DHS, and NCTC remain concerned that US persons traveling to combat ISIL are at risk of being killed, wounded, or captured. Further, ISIL members or supporters could attempt disingenuously to identify and target US persons so as to harm them before or upon their arrival in Syria or Iraq. The State Department has issued travel warnings for both Iraq and Syria and the US Government does not support US persons traveling overseas to combat ISIL.

Special Operations Command Central (SOCCENT) Assessment of ISIL Influence and Resolve


During FY 2014, the SOCCENT Commander requested a short-term effort to understand the psychological, ideological, narrative, emotional, cultural, and inspirational (“intangible”) nature of ISIL. As shown below, the SMA1 team really addressed two related questions: “What makes ISIL attractive?” or how has the idea or ideology of ISIL gained purchase with different demographics; and “What makes ISIL successful?” or which of the organization’s characteristics and which of the tactics it has employed account for its push across Syria and Iraq. The effort produced both high-level results and detailed analyses of the factors contributing to each question. The central finding was this: While military action might degrade or defeat factors that make ISIL successful, it cannot overcome what makes ISIL’s message and idea attractive.

Financial Sector Cyber Intelligence Group: APT Targeting U.S. Financial Institutions


As of July 2015, an APT actor that has previously targeted the U.S. financial sector used an implant to provide command and control (C2), according to credible reporting. Implant communications were observed between administrative infrastructure and known malware C2 nodes used in spear-phishing campaigns in July 2015. The communication from administrative infrastructure was an HTTP POST request.

FBI Mobile Biometric Application Request for Quotations


The Criminal Justice Information Services (CJIS) Division’s Quick Capture Platform (QCP) is a state-of-the-art biometric system that enables investigators to collect and store fingerprint data during domestic and international investigations. The QCP enables instant access to federal fingerprint databases. This comprehensive access to the main United States (U.S.) Government biometric holdings enables QCP users to quickly establish whether a subject has possible terrorist links (in the U.S. or abroad) or is likely to pose a threat to the U.S.

(U//FOUO) Ohio Fusion Center Network: Swatting Incidents at Schools


SWATTING is the act of sending a SWAT team or some type of law enforcement response to a location by convincing law enforcement that an incident has occurred or is about to occur that requires immediate law enforcement response. Characteristics of swatting include, but are not limited to: Callers using internet-based phones such as Skype USBUS and Magic Jack USBUS, or callers using a legal Caller Identification (ID) masking service. Caller ID spoofing/masking services permit cell phones and landline phones to spoof the call’s origins through a service fee based software. Reports of bomb-threats and SWATTING incidents are coming from area elementary, middle, and high schools, along with universities as well. Federal, state, and local partners are working to identify where the calls are originating from.

U.S. Military Multi-Service Defense Support of Civil Authorities Manual September 2015


This publication identifies multi-Service tactics, techniques, and procedures (MTTP) for Defense Support of Civil Authorities (DSCA). At the tactical level, it assists military planners, commanders, and individual Department of Defense (DOD) components employing military resources and integrating with National Guard Civil Support activities while responding to domestic emergencies in accordance with United States (US) law.

(U//FOUO) Marine Corps Intelligence Activity Senegal Cultural Field Guide


Senegal is a diverse West African nation approximately the size of South Dakota and home to more than 36 ethnic groups and languages. Senegal’s national development has been shaped by its location between the edge of the Sahara and the Atlantic. Trans-Saharan trade brought Islam and Arab influences to Senegal through North Africa. Later, Senegal became one of the first African countries to trade with Europe through the Atlantic seaways. Today, Senegal is seen by the Senegalese as a bridge between Black African, Islamic, and European civilizations.

Restricted U.S. Army Foreign Internal Defense Manual


FID is participation by civilian and military agencies of a government in any of the action programs taken by another government or other designated organization to free and protect its society from subversion, lawlessness, insurgency, terrorism, and other threats to its security (Joint Publication [JP] 3-22, Foreign Internal Defense). This publication depicts the integrated theater efforts that include ARSOF and conventional forces roles in joint, multinational, intergovernmental, and nongovernmental organizations working in a collaborative environment. It provides an overview of selected sources of power applied through the instruments of national power brought to bear for supporting FID and the impact and interaction of Army units with the other instruments of national power. In addition, it illustrates how FID is a key component of a host nation’s (HN’s) program of internal defense and development (IDAD), and that the focus of all U.S. FID efforts is to support that IDAD program to build capability and capacity to free and protect the HN from subversion, lawlessness, and insurgency.