United States

Department of Justice Inspector General Audit of FBI Next Generation Cyber Initiative

DoJ-OIG-AuditNGI

Following the Office of the Inspector General’s (OIG) April 2011 report on the FBI’s ability to address the national cyber intrusion threat, in October 2012 the FBI launched its Next Generation Cyber (Next Gen Cyber) Initiative to enhance its ability to address cybersecurity threats to the United States. In fiscal year 2014, the FBI initially budgeted $314 million for its Next Gen Cyber Initiative, including a total of 1,333 full-time positions (including 756 agents). In addition, the Department of Justice (Department) requested an $86.6 million increase in funding for fiscal year 2014 to support the Initiative. The objective of this audit was to evaluate the FBI’s implementation of its Next Gen Cyber Initiative.

U.S. Army Mastering the Human Domain: Identity Operations for Strategic Landpower

USArmy-IdentityOperations

Today, Strategic Landpower faces a complex and interconnected global operational environment characterized by a multitude of actors with unknown identities. This presents a wider range of possible threats than encountered before. Our operational environment has fewer well-defined friends and foes with most actors presented along a continuum of: unknown to partially known to known, throughout the range of military operations. Many found in the middle are susceptible to persuasion. Each of these actors has an agenda, often at odds with our objectives, those of other actors, and the goals of the existing political order. Besides a broad range of readily available conventional weapons, state and non-state actors can select from an array of affordable technologies, adapting them to create unexpected and lethal weapons. Social media enables even small groups to mobilize people and resources in ways that can quickly constrain or disrupt operations. This complex operating environment continuously evolves as conditions change and test our ability to innovate and adapt. The complexity reconfirms the imperative to understand, plan, and employ Identity processes and capabilities within land operations.

(U//LES) FBI Intelligence Bulletin: Militia Extremists Expand Target Sets To Include Muslims

FBI-MilitiaTargetingMuslims

Militia extremists are expanding their target sets to include Muslims and Islamic religious institutions in the United States. This has resulted in increased violent rhetoric and plotting and has the potential to lead, over the long term, to additional harassment of or violence against Muslims by domestic extremists. The FBI makes these assessments with high confidence on the basis of a large body of source reporting generated mainly since 2013. This information augments prior FBI analysis that established militia extremists target government personnel and law enforcement officers, perceived threats from abroad, and individuals or institutions that seek to constrain Second Amendment rights.

Restricted U.S. Navy Intelligence Support to Naval Operations Manual NWP 2-01

USNavy-IntelSupportNavalOps

NWP 2-01 is a comprehensive reference detailing the intelligence support available to the naval commander in the successful planning and execution of operations. NWP 2-01 is by nature a refresher and ready resource for the Information Dominance Corps (IDC) intelligence professionals, information warfare officers, and cryptologic technicians; however, the target audience is the operational commander. The publication’s length and content are specifically tailored to ensure a practical and valuable reference for the operational decision maker. NWP 2-01 is the foundation for a series of proposed follow-on Navy tactics, techniques, and procedures (NTTP) publications.

Restricted U.S. Navy Special Warfare Manual NWP 3-05

USNavy-SpecialWarfare_Page_001

This navy warfare publication describes the nature, forces, organization, and employment of naval special warfare (NSW). Naval special warfare is a relatively small, maritime special operations force (SOF) consisting of approximately 9,250 personnel: 2,700 sea-air-land commandos (SEALS), 700 special warfare combatant-craft crewmen (SWCCs), 750 Reservists, 4,000 combat support (CS) and combat service support (CSS) personnel, and more than 1,100 civilians. NSW constitutes 11 percent of special operations forces and less than 2 percent of United States Navy (USN) forces. NSW costs 3/10ths of one cent (0.3 percent) of every United States (U.S.) defense dollar.

(U//FOUO) FBI Alert: Middle-Eastern Males Approaching Family Members of US Military Personnel

FBI-MiddleEasternMales

In May 2015, the wife of a US military member was approached in front of her home by two Middle-Eastern males. The men stated that she was the wife of a US interrogator. When she denied their claims, the men laughed. The two men left the area in a dark-colored, four-door sedan with two other Middle-Eastern males in the vehicle. The woman had observed the vehicle in the neighborhood on previous occasions.

FBI Cyber Division Bulletin: Hacking Team Exploit Used in Spearphishing Campaign Targeting U.S. Government

FBI-GovernmentSpearphishing

A bulletin issued by the FBI Cyber Division discusses a spearphishing campaign targeting U.S. government agencies in June and July of 2015. The campaign utilized a Adobe Flash exploit CVE-2015-5119 that was discovered in the 400GB data archive from hacked Italian surveillance technology company Hacking Team that was released publicly earlier this month. The exploit was being sold as a product of Hacking Team and was listed in their product knowledge base. The bulletin notes that the Flash exploit was being used in phishing emails in June 2015 despite the fact that the Hacking Team data was only made public on July 5, 2015.

FBI Cyber Division Bulletin: Distributed Denial of Service Attack Bitcoin Extortion Campaigns Expanding

FBI-BitcoinExtortionCampaigns

Recent FBI investigations and open source reporting reveal that extortion campaigns conducted via e-mails threatening Distributed Denial of Service (DDoS) attacks continue to expand targets from unregulated activities, such as illegal gaming activity, to now include legitimate business operations. The increase in scope has resulted in additional attacks with Bitcoin ransom amounts trending upwards as well.

National Governors Association Brief: Enhancing Role of Fusion Centers in Cybersecurity

NGA-FusionCentersCyber

In recent years, the growing number and sophistication of threats to the nation’s cyber infrastructure have motivated governors to consider adding or expanding cybersecurity capabilities within state fusion centers. Through fusion centers, states receive classified and unclassified information and intelligence from multiple sources across the nation and combine or “fuse” that information into “products” (for example, law enforcement notices and warnings) that help improve state and national readiness to respond to an attack or threat. Since their inception, fusion centers have become more sophisticated, uniform, and nationally networked. As they have matured and evolved, so have their missions. Originally designed to focus on terrorism, they now address a wider array of threats and hazards, including “accidents; technological events; natural disasters; warfare; and chemical, biological (including pandemic influenza), radiological, nuclear, or explosive events.”

(U//FOUO) DHS-FBI-NCTC Bulletin: ISIL Supporters Targeting Uniformed Personnel for Weapons and Equipment

DHS-FBI-NCTC-UniformsEquipmentISIL

In the first half of 2015 there were at least two instances of Islamic State of Iraq and the Levant (ISIL) inspired individuals in the West expressing interest in targeting law enforcement (LE) to obtain weapons and other specialized gear through theft. As ISIL continues to exhort its individuals in the West to carry out attacks, the potential exists that some terrorists may use this tactic and attempt to steal weapons or issued items, such as credentials, badges, uniforms, radios, ballistic vests, vehicles, and other equipment, which could be used in furtherance of an attack. We note that laws governing the purchase of firearms differ widely among Western nations making this tactic more likely to occur in countries where laws are most restrictive and firearms are harder to obtain through legitimate means.

American Psychological Association Review of Ethical Guidelines, Interrogations and Torture

APA-TortureReport

In November 2014, the Board of Directors of the American Psychological Association engaged our Firm to conduct an independent review of allegations that had been made regarding APA’s issuance of ethical guidelines in 2002 and 2005, and related actions. These ethical guidelines determined whether and under what circumstances psychologists who were APA members could ethically participate in national security interrogations. The gist of the allegations was that APA made these ethics policy decisions as a substantial result of influence from and close relationships with the U.S. Department of Defense (DoD), the Central Intelligence Agency (CIA), and other government entities, which purportedly wanted permissive ethical guidelines so that their psychologists could continue to participate in harsh and abusive interrogation techniques being used by these agencies after the September 11 attacks on the United States. Critics pointed to alleged procedural irregularities and suspicious outcomes regarding APA’s ethics policy decisions and said they resulted from this improper coordination, collaboration, or collusion. Some said APA’s decisions were intentionally made to assist the government in engaging in these “enhanced interrogation techniques.” Some said they were intentionally made to help the government commit torture.

DoJ Community Oriented Policing Services Facebook, Twitter, YouTube Violent Extremism Awareness Briefs

twitter-awarenessbrief

Online radicalization to violence is the process by which an individual is introduced to an ideological message and belief system that encourages movement from mainstream beliefs toward extreme views, primarily through the use of online media, including social networks such as Facebook, Twitter, and YouTube. A result of radical interpretations of mainstream religious or political doctrines, these extreme views tend to justify, promote, incite, or support violence to achieve any number of social, religious, or political changes.

FBI Cyber Division Bulletin on Tools Reportedly Used by OPM Hackers

FBI-HackToolsOPM

The FBI has obtained information regarding cyber actors who have compromised and stolen sensitive business information and Personally Identifiable Information (PII). Information obtained from victims indicates that PII was a priority target. The FBI notes that stolen PII has been used in other instances to target or otherwise facilitate various malicious activities such as financial fraud though the FBI is not aware of such activity by these groups. Any activity related to these groups detected on a network should be considered an indication of a compromise requiring extensive mitigation and contact with law enforcement.

DHS Guide: Improving Survivability in Improvised Explosive Device and Active Shooter Incidents

DHS-SurvivingActiveShooterIEDs

Recent improvised explosive device (IED) and active shooter incidents reveal that some traditional practices of first responders need to be realigned and enhanced to improve survivability of victims and the safety of first responders caring for them. This Federal, multi-disciplinary first responder guidance translates evidence-based response strategies from the U.S. military’s vast experience in responding to and managing casualties from IED and/or active shooter incidents and from its significant investment in combat casualty care research into the civilian first responder environment. Additionally, civilian best practices and lessons learned from similar incidents, both in the United States and abroad, are incorporated into this guidance. Recommendations developed in this paper fall into three general categories: hemorrhage control, protective equipment (which includes, but is not limited to, ballistic vests, helmets, and eyewear), and response and incident management.

Department of Defense Law of War Manual June 2015

DoD-Law-of-War

The law of war is part of who we are. George Washington, as Commander in Chief of the Continental Army, agreed with his British adversary that the Revolutionary War would be “carried on agreeable to the rules which humanity formed” and “to prevent or punish every breach of the rules of war within the sphere of our respective commands.” During the Civil War, President Lincoln approved a set of “Instructions for the Government of the Armies of the United States in the Field,” which inspired other countries to adopt similar codes for their armed forces, and which served as a template for international codifications of the law of war.

(U//FOUO) DHS Assessment: Future ISIL Operations in the West Could Resemble Disrupted Belgian Plot

DHS-FutureOperationsISIL

I&A assesses that the plot disrupted by Belgian authorities in January 2015 is the first instance in which a large group of terrorists possibly operating under ISIL direction has been discovered and may indicate the group has developed the capability to launch more complex operations in the West. We differentiate the complex, centrally planned plotting in Belgium from other, more-simplistic attacks by ISIL-inspired or directed individuals, which could occur with littleto no warning.

(U//FOUO/LES) DHS Report: Assessing ISIL’s lnfluence and Perceived Legitimacy in the Homeland

DHS-AssessingLegitimacyISIL

This Field Analysis Report (FAR) is designed to support awareness and inform enforcement and collection operations of federal, state, and local partners involved in homeland security and counterterrorism efforts. Some of the activities described in the FAR may be constitutionally protected activities and should be supported by additional facts to justify increased suspicion. The totality of relevant circumstances should be evaluated when considering any law enforcement response or action. Our assessment of the level of the Islamic State of Iraq and the Levant’s (ISIL) name recognition since its declaration of a caliphate in June 2014 is based on a review of suspicious activity reporting (SAR) across the United States between 1 January and 30 December 2014, criminal complaints of US persons charged with supporting or seeking to support ISIL, Bureau of Prisons (BOP) intelligence reporting, and DHS I&A open source reporting to assess the influence of ISIL’s messaging campaign within the United States and ISIL’s perceived legitimacy among homegrown violent extremists (HVEs).