United States

(U//FOUO) New York Fusion Center Bulletin: Recent Spike in Violence Targeting Law Enforcement

Over the last week there have been three attacks – one in Canada and two in the United States – in which law enforcement officers were targeted, leading to the death of five officers and one civilian. Based upon reporting it appears all the suspects in these incidents were motivated by elements of a far right anti-government ideology with a particular fixation on law enforcement. While it is unknown whether this spike is indicative of a long term increasing trend, it is significant from a near term perspective due to the short time frame and purposeful targeting of law enforcement.

(U//FOUO) DHS-FBI-NCTC Bulletin: Terrorists Continued Interest in Targeting Mass Transit

Terrorists in late December 2013 conducted three attacks targeting people using public transportation systems in Russia, emphasizing terrorists’ persistent interest in attacking locations where large congregations of people are confined to small, often enclosed spaces. Russian officials claim North Caucasus-based violent extremists associated with the Imirat Kavkaz (IK) probably conducted these attacks to embarrass the Russian government in the build-up to the 2014 Olympic Games in Sochi. The IK, a violent extremist group based in Russia, has no known capability in the Homeland and is unlikely to directly target Western interests overseas.

(U//FOUO) Washington D.C. Fusion Center Bulletin: Nationwide Fuel Theft Trend

Incidents involving the theft of fuel (gasoline, diesel, kerosene, ethanol, etc.) from fuel storage tanks have been reported across the United States. Fuel theft has significant health and safety implications, including risk for spills, fires, and explosions. Fuel thieves typically do not adhere to security standards or practices, and may inadvertently expose fuel to a hot engine, lit cigarette, or ignition source. First responders and other maintenance personnel also may be exposed to fuels through skin contact or inhalation routes during recovery and/or cleanup operations, which can result in potential health effects.

U.S. Air Force Instruction: Domestic Imagery Requests for U.S. Missions

Operations involving DI support using ISR/OPSRECCE/RPA involve a balancing of fundamental interests: conducting aircrew training in support of national security objectives and providing incident awareness and assessment support when requested while also protecting individual rights guaranteed by the Constitution and the laws of the U.S. The primary objective of the ACCI is to ensure that ACC units conducting DI missions within U.S. do not infringe on or violate the Constitutional or privacy rights of U.S. persons. Commanders, inspectors general, and judge advocates at all levels must be cognizant of DI policies.

FBI Chinese Military Hacking Indictments Private Industry Notifications

Today the Western District of Pennsylvania unsealed an indictment naming five members of the People’s Liberation Army of the People’s Republic of China on 31 counts, including conspiring to commit computer fraud (18 U.S.C. §§ 371, 1030), accessing a computer without authorization for the purpose of commercial advantage and private financial gain (18 U.S.C. § 1030(a)(2)(C), (c)(2)(B)), damaging computers through the transmission of code and commands (18 U.S.C. § 1030(a)(5)), aggravated identity theft (18 U.S.C. § 1028A), economic espionage (18 U.S.C. § 1831(a)(1)), and theft of trade secrets (18 U.S.C. § 1832(a)(1)). Each of the defendants provided his individual expertise to a conspiracy to penetrate the computer networks of six US companies while those companies were engaged in negotiations or joint ventures with or were pursuing legal action against state-owned enterprises in China. The following technical details are indicators released in the indictment related to these actors’ activity.

National Counterterrorism Center Enhanced Safeguards Decision Matrix

The DNI, D/NCTC and the Attorney General approved revised Attorney General Guidelines for NCTC’s handling of US Person (USP) information in March 2012. These revised NCTC Attorney General Guidelines (“NCTC’s AGGs”) govern NCTC’s access, retention, use, and dissemination of datasets identified as including non-terrorism information and information pertaining exclusively to domestic terrorism, and provide NCTC with the authority to retain USP information for up to five years (unless a shorter period is required by law, executive order, regulation, international agreement, etc.). During this temporary retention and assessment period, additional safeguards and protections are applied to this data, to include baseline (and potentially enhanced) safeguards, as well as additional compliance, auditing, reporting and oversight mechanisms.

(U//FOUO) U.S. Army Tactical Combat Casualty Care Handbook August 2013

Tactical Combat Casualty Care (TCCC) is the pre-hospital care rendered to a casualty in a tactical, combat environment. The principles of TCCC are fundamentally different from those of traditional civilian trauma care, which is practiced by most medical providers and medics. These differences are based on both the unique patterns and types of wounds that are suffered in combat and the tactical environment medical personnel face in combat. Unique combat wounds and tactical environments make it difficult to determine which intervention to perform at what time. Besides addressing a casualty’s medical condition, responding medical personnel must also address the tactical situation faced while providing casualty care in combat. A medically correct intervention performed at the wrong time may lead to further casualties. Stated another way, “good medicine may be bad tactics,” which can get the rescuer and casualty killed. To successfully navigate these issues, medical providers must have skills and training focused on combat trauma care, as opposed to civilian trauma care.

Joint and Coalition Operational Analysis (JCOA) Drone Strikes Civilian Casualty Considerations

The US government has described drone airstrikes in operations outside declared theaters of armed conflict as surgical and causing minimal civilian casualties. Analysis of air operations in Afghanistan, combined with a review of open-source reports for drone strikes in Pakistan, suggest that these fell short of intended goals. Specifically, drone strikes in Afghanistan were seen to have close to the same number of civilian casualties per incident as manned aircraft, and were an order of magnitude more likely to result in civilian casualties per engagement. Specific causal factors were identified that contributed to the relative propensity of drones to cause civilian casualties. Tailored training that addresses these causal factors could aid in reducing civilian casualties in engagements involving drones. While processes and operating forces in Afghanistan can differ from those in operations outside declared theaters of armed conflict, the factors above suggest that a dedicated analysis of civilian casualties in such operations would be worthwhile.

(U//FOUO) Colorado Information Analysis Center Bulletin: Vulnerabilities in Knox-Box Key Entry Systems

The Knox-Box® rapid entry system is an access control system utilized by public safety agencies. This system allows facilities to securely store entry keys or cards on site for first responders. First responders utilize a master key that unlocks all Knox boxes within their jurisdiction. Currently there are over 3.5 million Knox-Box rapid entry systems in use nationwide and over 11,500 fire departments in North America that use the Knox-Box rapid entry system. In one Colorado fire district there are over 4,000 Knox-Box systems in use within the local, state, and federal government which includes; energy, water, postal, emergency services, defense, transportation, and communication sectors. Unauthorized access to the system would allow individuals to bypass physical security measures at the site. The unauthorized individuals would also be able to duplicate keys, or remove entry keys or cards which would delay first responders.

Department of Justice White Paper on Sharing Cyberthreat Information

Improved information sharing is a critical component of bolstering public and private network owners’ and operators’ capacity to protect their networks against evolving and increasingly sophisticated cyber threats. As companies continue to adopt the newest technologies, these threats will only become more diverse and difficult to combat. Ensuring that information concerning cyber threats that U.S. companies detect on their domestic networks can be quickly shared will assist those companies in identifying new threats and implementing appropriate preventative cybersecurity measures. But sharing must occur without contravening federal law or the protections afforded individual privacy and civil liberties. In the interest of advancing discussions in this important area, DOJ has prepared this paper providing its views on whether the Stored Communications Act (18 U.S.C. § 2701 et seq.) (SCA) restricts network operators from voluntarily sharing aggregated data with the government that would promote the protection of information systems. We hope that this analysis will help companies make informed decisions about what information legally may be shared with the government to promote cybersecurity.

(U//FOUO) Colorado Information Analysis Center Bulletin: Marijuana Infused Edibles

The State of Colorado legalized medical marijuana in 2012 and recreational marijuana in 2014. There has been an increased amount of marijuana infused products sold to the public. The products range from fruit chewz, gummiez, cupcakes, truffles, rice krispy treats, butter, and banana bread. It is extremely difficult to differentiate between marijuana infused products and non-infused products if the original packaging is not with the product.

Restricted U.S. Army Civil Affairs Soldier Training Manual

This manual provides the information necessary for Civil Affairs (CA) Soldiers to train for military occupational specialty (MOS) proficiency and includes self-development information that can assist the Soldier in lifelong learning and career development. An overview of the Army training process details the linkage and importance of the various elements that comprise the Army training process.

(U//FOUO) DHS Violent Extremist Profile: Walter Bond

Walter Bond’s path to animal rights extremism was driven by witnessing what he perceived as animal abuse and by frustration stemming from his perception that lawful, nonviolent actions appeared to have little impact on advancing the goals of the animal rights movement.* Prior to becoming violent to advance animal rights, Bond showed a tendency to use violence to advance other beliefs, such as protesting illicit drug sales by committing arson against a drug trafficker’s home and protesting against religion by burning a pentagram symbol inside a church.

(U//FOUO) U.S. Marine Corps Cordon and Search Lessons Learned Report

Cordon and search missions have been an almost daily activity in conjunction with other tactical operations within Stability and Support Operations (SASO) in both OEF and OIF. As in all tactical operations, units refined individual tactics, techniques and procedures (TTP) to meet the requirements of the situations they encountered. Cordon and search activities were not always conducted as discreet missions but as supporting operations within SASO, and can begin as less invasive “cordon and knock” efforts to gain information, and rapidly evolve into “cordon and raid” or “cordon and destroy” as the tactical situation dictates. While these terms may not be found in doctrinal references, units in their observations use them.

U.S. Marine Corps Irregular Warfare Capability Based Assessment Report

Center for Irregular Warfare Integration Division (CIWID) was directed to conduct a Capabilities Based Assessment (CBA) on Irregular Warfare (IW) to ensure that the Marine Corps is properly postured to conduct IW operations and activities in the future. This document provides the results of the analysis and the recommended way ahead. The IW CBA message directed CIWID to “provide insights/observations after each phase of the study which may be used in support of future force structure deliberations.”

U.S. Air Force Remotely Piloted Aircraft (RPA) Vector Report 2013-2038

Both the current fiscal and future operational environments facing the Air Force influence the landscape for investments in the development and fielding of new technologies. This document refines the Air Force strategic vision for the future of RPA and reemphasizes the inherent potential and emerging capabilities of small unmanned aircraft systems (SUAS). The RPA Vector outlines concepts and capabilities needed over the next 25 years. It can inform the capabilities planning and requirements development process as well as inform the CFLIs as they execute their responsibilities for implementation planning in the plans, programming, budgeting and execution process.