Federal Bureau of Investigation

The Department of Homeland Security (DHS), Federal Bureau of Investigation (FBI), and National Counterterrorism Center (NCTC) assess that domestic violent extremists (DVEs)a fueled by various evolving ideological and sociopolitical grievances pose a sustained threat of violence to the American public, democratic institutions, and government and law enforcement officials. Flashpoint events in the coming months may exacerbate these perceived grievances, further increasing the potential for DVE violence. DVEs adhering to different violent extremist ideologies have coalesced around anger at issues including perceived election fraud, as well as immigration and government responses to the COVID-19 pandemic, drawing on their varied perceptions of those issues. These factors, along with fluid conspiracy theories, have amplified longstanding DVE grievances, including perceptions of government and law enforcement overreach or oppression and shifts in US demographics and cultural values.

(U//FOUO) DHS-FBI-NCTC Bulletin: Dissemination of Tactics, Techniques, and Procedures Used by Buffalo Attacker Likely To Enhance Capabilities of Future Lone Offenders

September 4, 2022

This Joint Intelligence Bulletin (JIB) provides an overview of significant tactics, techniques, and procedures (TTPs) discussed or used by the alleged perpetrator of the 14 May 2022 mass casualty shooting in Buffalo, New York and details how related documents spread after the attack may contribute to the current threat landscape. The alleged attacker drew inspiration from previous foreign and domestic racially or ethnically motivated violent extremists (RMVEs) and their online materials, underscoring the transnational nature of this threat. DHS, FBI, and NCTC advise federal, state, local, tribal, and territorial government counterterrorism and law enforcement officials and private sector security partners to remain vigilant of this enduring threat.

DHS-FBI-NCTC U.S. Violent Extremist Mobilization Indicators 2021 Edition

September 4, 2022

This resource is provided to inform law enforcement, terrorism prevention practitioners, other first responders, community leaders, as well as the general public about both threats of violence and contextual behaviors that suggest an individual is mobilizing to violence. While some violent extremists may make direct, indirect, or vague threats of violence, others may plot violent action while avoiding such overt threats to maintain operational security—underscoring the need to consider both threats of violence and contextual behaviors.

(U//FOUO) DHS-FBI-NCTC Bulletin: First Responder Awareness of Privately Made Firearms May Prevent Illicit Activities

August 17, 2021

Criminals and violent extremists continue to seek ways to acquire firearms through the production of privately made firearms (PMFs). PMFs can be easily made using readily available instructions and commonly available tools, require no background check or firearms registration (serial number) under federal law, and their parts have become more accessible and affordable. This, combined with the increase in law enforcement recoveries of nonserialized and counterfeit firearms in criminal investigations, will most likely create increasing challenges in law enforcement investigations, including weapon accountability access and tracking. PMF awareness and identification can aid PMF recovery, prevention of illicit activities including terrorism, and overall first responder and public safety.

(U//FOUO) DHS-FBI-USSS Joint Threat Assessment: 59th Presidential Inauguration

January 16, 2021

This Joint Threat Assessment (JTA) addresses threats to the 59th Presidential Inauguration taking place in Washington, DC, on 20 January 2021. This JTA is co-authored by the Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS)/US Secret Service (USSS), with input from multiple US Intelligence Community and law enforcement partners. It does not include acts of non – violent civil disobedience (i.e., protests without a permit), which are outside the scope of federal law enforcement jurisdiction.

(U//FOUO) Domestic Violent Extremists Emboldened in Aftermath of Capitol Breach, Domestic Terrorism Threat Likely Amid Political Transitions

January 14, 2021

This Joint Intelligence Bulletin (JIB) is intended to highlight the threat of violence from domestic violent extremists (DVEs) in the wake of the 6 January violent breach by some DVEs of the US Capitol Building in Washington, DC, following lawful protest activity related to the results of the General Election. Anti-government or anti-authority violent extremists (AGAAVE), specifically militia violent extremists (MVEs); racially or ethnically motivated violent extremists (RMVEs); and DVEs citing partisan political grievances will very likely pose the greatest domestic terrorism threats in 2021.

FBI Private Sector Report: Indicators of Fraudulent 3M Personal Protective Equipment

May 15, 2020

The FBI’s Minneapolis Division, in coordination with the Office of Private Sector (OPS), Criminal Investigative Division (CID), and 3M, prepared this LIR to make the Healthcare and Public Health Sectors aware of indicators related to fraudulent sales solicitation of 3M Personal Protective Equipment (PPE), or indicators of counterfeit 3M PPE, including N95 respirators.

FBI Cyber Bulletin: Website Defacement Activity Indicators of Compromise and Techniques Used to Disseminate Pro-Iranian Messages

January 21, 2020

Following last week’s US airstrikes against Iranian military leadership, the FBI observed increased reporting of website defacement activity disseminating Pro-Iranian messages. The FBI believes several of the website defacements were the result of cyber actors exploiting known vulnerabilities in content management systems (CMSs) to upload defacement files.

(U//FOUO) DHS-FBI-NCTC Bulletin: Escalating Tensions Between the United States and Iran Pose Potential Threats to the Homeland

January 20, 2020

This Joint Intelligence Bulletin (JIB) is intended to assist federal, state, local, tribal, and territorial counterterrorism, cyber, and law enforcement officials, and private sector partners, to effectively deter, prevent, preempt, or respond to incidents, lethal operations, or terrorist attacks in the United States that could be conducted by or on behalf of the Government of Iran (GOI) if the GOI were to perceive actions of the United States Government (USG) as acts of war or existential threats to the Iranian regime.

FBI Report: Ambushes and Unprovoked Attacks on Law Enforcement Officers

August 15, 2019

Over a number of years, data collected by the FBI’s Law Enforcement Officers Killed and Assaulted {LEOKA} Program began to demonstrate an alarming trend in the number of officers who were killed in ambushes and unprovoked attacks. While the overall number of officers who were feloniously killed was declining, the percentage of officers feloniously killed during surprise attacks was increasing. The LEOKA Program launched a thorough examination of ambushes and unprovoked attacks in an effort to gain insight into the phenomenon and to provide information to enhance training programs for law enforcement officers. The research focused on the mindset and perceptions of officers involved and offenders who carried out those acts. In particular, why the incidents may have occurred and how those involved reacted to the situation.

FBI Cyber Bulletin: Targeting of Audio and Visual Communication Devices on Business Networks to Identify Vulnerabilities for Exploitation

August 6, 2019

The FBI identified incidents over the past few months in which cyber actors scanned for and sought to exploit audio and visual communication devices on networks to identify vulnerabilities which could later be used to gain access and unlawfully acquire information about the organization. In addition to targeting corporate information, vulnerable devices may be targeted for compromise for use in botnets or other criminal activities. The types of devices targeted include: Voice over Internet Protocol (VoIP) phones, video conferencing equipment, conference phones, VoIP routers, and cloud-based communication systems. While cyber actors have targeted VoIP and other communication devices in the past, the FBI continues to see these devices scanned by cyber actors for vulnerabilities.

(U//LES) FBI Bulletin: Anti-Government, Fringe Political Conspiracy Theories Likely Motivate Domestic Extremists to Commit Criminal, Violent Activity

August 4, 2019

The FBI assesses anti-government, identity based, and fringe political conspiracy theories very likely motivate some domestic extremists, wholly or in part, to commit criminal and sometimes violent activity. The FBI further assesses in some cases these conspiracy theories very likely encourage the targeting of specific people, places, and organizations, thereby increasing the likelihood of violence against these targets. These assessments are made with high confidence, based on information from other law enforcement agencies, open source information, court documents, human sources with varying degrees of access and corroboration, and FBI investigations.

FBI Private Sector Report: US Adversaries Exploit Social Media Information to Target US Individuals and Government Clearance Holders

June 17, 2019

The FBI’s Washington Field Office, in coordination with the FBI’s Office of Private Sector (OPS), is informing private sector partners regarding foreign intelligence services’ (FIS) exploitation of social media platforms and data to target corporate and US government (USG) clearance holders. FIS and US adversary intelligence officers are using popular US-based social media platforms to identify, recruit, and conduct operations against USG clearance holders, to include private sector employees or contractors supporting the USG. FIS officers will use popular US-based platforms and their respective countries’ social media platforms for personal and intelligence gathering/operations purposes.

FBI Behavioral Analysis Unit Guide: The School Shooter – A Quick Reference

June 3, 2019

A reference guide released by the FBI National Center for the Analysis of Violent Crime (NCAVC) Behavioral Analysis Unit in March 2018 listing potential warning signs and concerning behaviors that may be exhibited by perpetrators of school shootings.

(U//FOUO) DHS-FBI-NCTC Bulletin: ISIS Leader Abu Bakr al-Baghdadi Appears in Video for the First Time in Nearly Five Years

June 3, 2019

This Joint Intelligence Bulletin (JIB) is intended to provide information on the recent video appearance by the Islamic State of Iraq and ash-Sham (ISIS) leader Abu Bakr al-Baghdadi. The video addresses the group’s territorial defeat in Syria, discusses the acceptance of pledges of allegiance from ISIS supporters, and praises recent attacks in Sri Lanka and Saudi Arabia. This JIB is provided by the FBI, DHS, and NCTC to support their respective activities and to assist federal, state, local, tribal, and territorial government counterterrorism and law enforcement officials and private sector security partners in deterring, preventing, or disrupting terrorist attacks against the United States. All video details described in this JIB are taken from the translated transcript of Baghdadi’s speech.

(U//FOUO) FBI Counterintelligence Note: Update on Huawei Chinese Government-Subsidized Telecommunications Company March 2018

May 6, 2019

With the expanded use of Huawei Technologies Inc. equipment and services in US telecommunications service provider networks, the Chinese Government’s potential access to US business communications is dramatically increasing. China’s intelligence services and Chinese cyber actors could exploit Chinese Government-supported telecommunication equipment on US networks operating as an advanced persistent threat. China makes no secret that its cyber warfare strategy is predicated on controlling global communications network infrastructure.

(U//FOUO) DHS-FBI-NCTC Bulletin: Attacks on Mosques in Christchurch, New Zealand May Inspire Supporters of Violent Ideologies

March 29, 2019

This Joint Intelligence Bulletin (JIB) is intended to provide information on Australian national and violent extremist Brenton Tarrant’s 15 March 2019 attacks on two mosques in Christchurch, New Zealand. These attacks underscore the enduring nature of violent threats posed to faith-based communities. FBI, DHS, and NCTC advise federal, state, local, tribal, and territorial government counterterrorism and law enforcement officials and private sector security partners responsible for securing faith-based communities in the Homeland to remain vigilant in light of the enduring threat to faith-based communities posed by domestic extremists (DEs), as well as by homegrown violent extremists (HVEs) who may seek retaliation.

FBI Cyber Bulletin: Spearphishing Campaigns Against Students at Multiple Universities

March 19, 2019

The FBI has identified successful spearphishing campaigns directed at college and university students, especially during periods when financial aid funds are disbursed in large volumes. In general, the spearphishing emails request students’ login credentials for the University’s internal intranet. The cyber criminals then capture students’ login credentials, and after gaining access, change the students’ direct deposit destination to bank accounts within the threat actor’s control.

(U//FOUO) FBI Active Shooter Incidents and Mass Killings In Schools 2000-2017

February 17, 2019

The number of active shooter incidents in schools (ASIS) has remained steady over the past 18 years, with an average of 2.8 shootings per year. ASIS are most likely to happen at the high school level or higher (37 out of 52). The average deaths from ASIS was 7.4; however, this includes the 2007 Virginia Tech shooting and the 2012 Sandy Hook Elementary School shooting, where 32 and 26 people died, respectively. Most of the deaths from ASIS resulted during incidents that met the threshold for a mass killing (81 percent).

FBI Behavioral Analysis Unit’s Key Findings in October 2017 Las Vegas Mass Shooting

January 30, 2019

On October 1, 2017, over 22,000 people gathered for a music festival at a 15-acre, open-air concert venue in Las Vegas, Nevada. On the final night of the festival, Stephen Craig Paddock opened fire into the crowd from the 32nd floor of the Mandalay Bay Resort and Casino. The gunfire started around 10:05 p.m. and continued for approximately eleven minutes, with Paddock firing over 1,000 rounds. Fifty-eight persons were killed and several hundred more were injured. As responding law enforcement officers assembled in the hallway outside of his hotel room, Paddock committed suicide.

FBI Study: Pre-Attack Behaviors of Active Shooters in the U.S. 2000-2013

September 17, 2018

In 2017 there were 30 separate active shootings in the United States, the largest number ever recorded by the FBI during a one-year period.1 With so many attacks occurring, it can become easy to believe that nothing can stop an active shooter determined to commit violence. “The offender just snapped” and “There’s no way that anyone could have seen this coming” are common reactions that can fuel a collective sense of a “new normal,” one punctuated by a sense of hopelessness and helplessness. Faced with so many tragedies, society routinely wrestles with a fundamental question: can anything be done to prevent attacks on our loved ones, our children, our schools, our churches, concerts, and communities?

FBI Cyber Bulletin: Identified Qakbot Malware Variant Found on Thumb Drive Manufactured in China

August 5, 2018

In March 2018, an identified financial services corporation received a thumb drive infected with the bank credential-stealing Qakbot malware variant, targeting information from networked computers and financial institution web sites. The financial services corporation purchased bulk thumb drives from a US online retailer of computer hardware. The thumb drives were originally manufactured in China. According to FBI forensic analysis, the Qakbot malware was on the infected thumb drive before the drive arrived in the United States. Qakbot is extremely persistent and requires removal of all malware from every device. Failure to remove even one node of malware may result in re-infecting previously sanitized systems possibly costing the victim hundreds of thousands of dollars in malware removal and system downtime.

FBI Report: Active Shooter Incidents in the United States in 2016 and 2017

July 29, 2018

As with past FBI active shooter-related publications, this report does not encompass all gun-related situations. Rather, it focuses on a specific type of shooting situation. The FBI defines an active shooter as one or more individuals actively engaged in killing or attempting to kill people in a populated area. Implicit in this definition is the shooter’s use of one or more firearms. The active aspect of the definition inherently implies that both law enforcement personnel and citizens have the potential to affect the outcome of the event based upon their responses to the situation.

FBI Report: E-mail Account Compromise Techniques Used to Steal Millions in Real Estate Settlement Funds

July 4, 2018

The Office of Private Sector, in coordination with the Criminal Investigative Division, is providing this LIR to inform private sector partners about the increasing use of e-mail account compromise (EAC) techniques in the US real estate settlement industry. Consumer borrowers, settlement/title companies, real estate agents, real estate attorneys, builders, and others are being targeted by criminal actors netting millions in illicit proceeds. These proceeds are often directed initially to US banks then re-directed via money service businesses and international accounts to Mexico, Nigeria, South Africa, China, Ghana, Turkey, and India. The increased use of EAC techniques, as well as, the evolving expansion into previously unidentified countries indicates this fraud scheme is not slowing and puts additional strain on industry participants to be vigilant with their e-mail communications and identity verification processes.

Page 1 of 12

1 2 3 … 12 »

Department of Homeland Security, Federal Bureau of Investigation, National Counterterrorism Center

Department of Homeland Security, Federal Bureau of Investigation, National Counterterrorism Center

Department of Homeland Security, Federal Bureau of Investigation, National Counterterrorism Center

Department of Homeland Security, Federal Bureau of Investigation, National Counterterrorism Center

Department of Homeland Security, Federal Bureau of Investigation, Intelligence Fusion Centers, U.S. Secret Service

Department of Homeland Security, Federal Bureau of Investigation, National Counterterrorism Center