Department of Homeland Security

DHS National Information Exchange Model (NIEM) Overview

DHS and DOJ officials have announced a new partnership to provide leadership for enhanced development of the Global Justice XML Data Model as a base for the deployment of the National Information Exchange Model (NIEM). NIEM will provide enhanced capabilities for organizations to share data across federal, state, local and tribal lines. This paper gives an overview of the National Information Exchange Model (NIEM). It outlines the background, concepts, objectives and the development strategy for implementing NIEM.

(U//FOUO) Louisiana Fusion Center Fake Anti-Virus Malware Warning

Over the past few days, there has been an increase in computers infected with Fake spyware and anti-virus malware. These infestations produce a popup stating that your machine is infected with viruses and offer a way to remove them. The object of this software is to trick you into believing you have viruses that need to be removed. A scan will launch after you “click” anywhere on the message and will request payment for removal of the “viruses”.

(U//FOUO) DHS Warning on Pressure Cooker IEDs

(U//FOUO) Rudimentary improvised explosive devices (IEDs) using pressure cookers to contain the initiator, switch, and explosive charge (typically ammonium nitrate or RDX) frequently have been used in Afghanistan, India, Nepal, and Pakistan. Pressure cookers are common in these countries, and their presence probably would not seem out of place or suspicious to passersby or authorities. Because they are less common in the United States, the presence of a pressure cooker in an unusual location such as a building lobby or busy street corner should be treated as suspicious.

DHS Cybersecurity Research Roadmap

Global-scale identity management concerns identifying and authenticating entities such as people, hardware devices, distributed sensors and actuators, and software applications when accessing critical information technology (IT) systems from anywhere. The term global-scale is intended to emphasize the pervasive nature of identities and implies the existence of identities in federated systems that may be beyond the control of any single organization. This does not imply universal access or a single identity for all purposes, which would be inherently dangerous. In this context, global-scale identity management encompasses the establishment of identities, management of credentials, oversight and accountability, scalable revocation, establishment and enforcement of relevant policies, and resolution of potential conflicts. To whatever extent it can be automated, it must be administratively manageable and psychologically acceptable to users. It must, of course, also be embedded in trustworthy systems and be integrally related to authentication mechanisms and authorization systems, such as access controls. It also necessarily involves the trustworthy binding of identities and credentials. It is much broader than just identifying known individuals. It must scale to enormous numbers of users, computer systems, hardware platforms and components, computer programs and processes, and other entities.

(U//FOUO) DHS Attacks on Drinking Water Systems

(U//FOUO) Drinking water systems, especially treatment, distribution, and chemical storage facilities, may be targets for physical destruction, intentional contamination (possibly with chemical, biological or radiological materials), or cyber attack because the infrastructure is highly visible, less hardened, and more accessible than some other critical infrastructure. Terrorists have shown interest in biological agents that could be used for water contamination and, prior to 2003, planned surveillance of U.S. dams, reservoirs, and water supply systems to assess their potential as targets. Even a small-scale or thwarted attack could disrupt or deny service to businesses, households, and emergency responders or inspire public fear.

EPIC Contaminated Marijuana Warning

On June 3, 2010, Buncombe/Henderson North Carolina Joint Criminal Interdiction Task Force agents seized 45.45 kilograms (100 pounds) of marijuana that was intentionally contaminated with chemical irritants in Asheville, North Carolina, during a traffic stop. The drugs were seized from a 1994 Dodge Ram conversion van, with a temporary Colorado registration, that was stopped for a traffic violation on eastbound Interstate 40 at mile marker 43 in Asheville. The driver was allegedly travelling from Denver, Colorado, to Charlotte, North Carolina. The driver provided agents with a Mexican driver’s license and claimed to reside in Kansas City, Kansas. The agents requested, and received, consent to search the van. During the search a drug-detection canine alerted to a carpet-covered plywood bed platform that was built in the back of the van.

Alaska State Homeland Security Strategy 2010

Through this State Homeland Security Strategy (SHSS), the State of Alaska will improve its protection of the people, its economy, and its culture. The State of Alaska will reduce vulnerabilities to terrorist attacks, major disasters, or emergencies. This vital mission requires coordination, cooperation, and a focused effort throughout the state, federal agencies (military and civilian), state agencies, local jurisdictions, tribal, private, and non–profit organizations.

DHS/DOJ Fire Service Integration for Fusion Centers

This document identifies recommended actions and guidance for state and major urban area fusion centers (fusion centers) to effectively integrate the fire service into the fusion process. Within the context of this document, the fire service is defined as including fire and emergency operations, emergency medical service operations, rescue operations, hazardous materials operations, fire prevention/protection, fire investigation, incident management, and responder safety.

(U//FOUO) DHS Homeland Terrorist Threat Reporting Guide

This Terrorist Threats to the U.S. Homeland Reporting Guide (TTRG) was jointly produced by the Federal Bureau of Investigation (FBI) and the Department of Homeland Security (DHS). The purpose of this document is to leverage the vast information collection and reporting resources of our state, local and tribal law enforcement partners, as well as other first responder partners, in recognizing activities or conditions that may be indicative of terrorist activity. State and local organizations are on the front line in the war against terror and therefore have a critical role as primary sources of information. Timely and relevant information from the “front lines” is critical to the identification of terrorists and their supporters, development of insights into their plans and intentions, and subsequent disruption of their operations.

(U//FOUO) DHS Courthouse Attacks Report

(U//FOUO) This assessment describes threats and other suspicious activities directed against courthouses in the United States over the past twelve months. Additionally, it provides indications of surveillance and suggested protective measures for vehicle-borne improvised explosive devices and homicide-suicide bombers to assist in the protection of courthouses and related facilities.

(U//LES) El Paso Intelligece Center: Blue Methamphetamine Report

A new type of crystal methamphetamine with a blue color tint is surfacing sporadically in the United States, primarily in California, Washington, and Texas. This substance, known as “blue meth” or “blue ice,” is allegedly more potent and more expensive than traditional crystal methamphetamine. Methamphetamine is a synthetic stimulant that is classified as a Schedule II controlled substance and is a widely abused drug. Although it is commonly sold in powder form, it is also distributed as crystals – crystal meth or ice. According to the 2005 Federal Sentencing Guidelines Manual, Chapter 2 Part D, Note (C), “Ice,” for the purposes of this guideline, means a mixture or substance containing dmethamphetamine hydrochloride of at least 80% purity.

(U//FOUO) FBI Times Square “Destructuve Device” Bulletin

(U//FOUO) At approximately 1830 hours on 1 May 2010, a sports utility vehicle (SUV) laden with a destructive device was observed parked at 45th Street and Broadway in Times Square, New York City. Eyewitness reports described the vehicle as smoking, and popping noises were heard emanating from it but no detonation occurred. Law enforcement investigation of the SUV revealed the following: three 20lb propane tanks; two five gallon gasoline canisters; one container containing a black powder material; one large, sealed, vault-like container with visible wires connecting to two analog alarm clocks; and one fuse.

(SBU) DHS TRIPwire: Times Square Vehicle Incendiary Device Attack

In the evening of May 1, 2010, a vehicle with a large incendiary device was discovered and rendered safe in Times Square, New York City. The vehicle was parked at 1515 7th Ave. in Times Square, according to local police officials. The vehicle did not detonate as designed, and there were no casualties. The investigation into the attempted bombing is still ongoing. According to open sources, the vehicle was a blue Nissan Pathfinder spotted by a street vendor who noticed smoke emanating from the vehicle about 6:30pm EST. It is believed the vehicle was abandoned just after 6:00pm, and had its hazard lights flashing and its engine still running. A firefighter who arrived on the scene shortly after being notified reported seeing a “flash” and heard a “popping sound” from the trunk of the vehicle. Theatres, hotels and all foot traffic in the area were cleared and streets were cordoned off by police.

(U//FOUO) DHS Times Square Attempted Bombing Snapshot

(U) Times Square:

–(U) At 6:34pm, a 1993 Nissan Pathfinder bearing Connecticut license plates was discovered in front of 45thStreet and Broadway, the Times Square area of New York City, with smoke in the cabin. Eyewitnesses report seeing smoke and hearing popping sounds coming from inside the vehicle, and people were observed running from the scene. A mounted NYPD Patrol Officer responded, evacuated the area, and notified the bomb squad.

(U) On 2 May, at approximately 1330, Al-Jazeera reported that a group claiming to be Tehrik-e Taliban Pakistan had claimed responsibility for the attack in a one-minute long video posted on a video-sharing Website. It has yet to be determined if the tape is authentic, and if so, if the group played any role in the attack.

Regional Organized Crime Information Center Jamaat ul-Fuqra Report

Over the past two decades, a terrorist group known as Jamaat ul-Fuqra, or “Community of the Impoverished,” has been linked to multiple murders, bombings, and various other felonies throughout the United States and Canada. In 1980, a Pakistani cleric named Sheikh Mubarak Ali Gilani began preaching against Western culture at a Muslim mosque in Brooklyn, NY. He promoted Islam as the path to a better life and called for fighters to join his holy war against the Soviet occupation of Afghanistan.