Irregular forces are armed individuals or groups who are not members of the regular armed forces, police, or other internal security forces (JP 3-24). The distinction of being armed as an individual or group can include a wide range of people who can be categorized correctly or incorrectly as irregular forces. Excluding members of regular armed forces, police, or internal security forces from being considered irregular forces may appear to add some clarity. However, such exclusion is inappropriate when a soldier of a regular armed force, policeman, or internal security force member is concurrently operating in support of insurgent, guerrilla, or criminal activities.
United States
Intelligence Fusion Centers, New Jersey
(U//FOUO) New Jersey Fusion Center Bulletin: Suspicious Activity Regarding the Electrical Grid in New Jersey
In the past year, the NJ Suspicious Activity Reporting System (NJ SARS) has received multiple reports of intrusions at electrical grid facilities in New Jersey. The NJ ROIC currently has no indication of any specific threats associated with these incidents, but provides this information for situational awareness and requests information on any similar, previously unreported incidents in New Jersey.
Federal Bureau of Investigation
FBI Checklist for Reporting Economic Espionage or Theft of Trade Secrets
Federal Bureau of Investigation
(U//FOUO) FBI Counterintelligence Vulnerability Assessment for Corporate America
To prevent foreign entities from achieving their goals, a Counterintelligence Program (CIP) proactively searches for and uses information from multiple sources. An effective CIP draws information from security programs and other internal systems, as well as from the U.S. Intelligence Community (USIC). Once this information is assembled, an effective CIP develops a coherent picture and crafts a strategy to prevent the foreign entity from successfully achieving its goals and minimizes the damage already done. An effective CIP conducts active analysis of available information, requires annual CI education for all employees, and provides a system for immediate referral of behavior with CI implications.
U.S. Navy
U.S. Navy Arctic Roadmap 2014-2030
This Roadmap outlines the Navy’s strategic approach for the Arctic Region and the ways and means to achieve the desired national end state. Resource constraints and competing near-term mission demands require that naval investments be informed, focused, and deliberate. Proactive planning today allows the Navy to prepare its forces for Arctic Region operations. This Roadmap emphasizes low-cost, long-lead activities that position the Navy to meet future demands. In the near to mid-term, the Navy will concentrate on improving operational capabilities, expertise, and capacity, extending reach, and will leverage interagency and international partners to achieve its strategic objectives. The Roadmap recognizes the need to guide investments by prudently balancing regional requirements with national goals.
Department of Defense
(U//FOUO) DoD Strategy for Defense Critical Infrastructure
The United States currently faces a dynamic, flexible, and very pragmatic adversary. Due to the unconventional nature of the terrorist threat and the asymmetrical tactics demonstrated both at home and abroad by our enemies, we can no longer expect the protection formerly provided by the oceans bordering our coasts to serve as an effective deterrent to attack. The attacks of September 11, 2001, and other events demonstrated that an act of terrorism can cause worldwide infrastructure asset disruption. In the past decade, hurricanes or other violent storms have also revealed that our infrastructure assets are at risk from destruction, degradation, or disruption by natural events. Given scarce resources, this Strategy’s objectives must be balanced against other priorities outlined in the National Defense Strategy.
Defense Intelligence Agency
Defense Intelligence Agency Activity Based Intelligence Presentation
Department of Justice
Attorney General Order on Policy Regarding Questioning, Arresting, or Charging Members of the News Media
This rule amends the policy of the Department of Justice regarding the use of subpoenas, certain court orders, and search warrants, to obtain information from, or records of, members of the news media. The rule also amends the Department’s policy regarding questioning, arresting, or charging members of the news media.
Department of Defense
DoD Instruction: The Use of the National Guard for Defense Support of Civil Authorities
This instruction establishes policy, assigns responsibilities, and provides procedures for the use of the National Guard for Defense Support of Civil Authorities (DSCA) in accordance with the authority in section 502(f) of Title 32, United States Code (U.S.C.) (Reference (a)), DoD Directive (DoDD) 5111.1 (Reference (b)), and Deputy Secretary of Defense Memorandum (Reference (c)); the responsibilities and functions in accordance with DoDD 5111.13 (Reference (d)); and the guidance in DoDD 3025.18 (Reference (e)).
California
Oakland Domain Awareness Center Draft Privacy and Data Retention Policy
The Joint City-Port Domain Awareness Center (interchangeably referred to in this document as “Joint City-Port Domain Awareness Center”, “Domain Awareness Center,” or “DAC”) was first proposed to the City Council’s Public Safety Committee on June 18, 2009, in an information report regarding the City of Oakland partnering with the Port of Oakland to apply for Port Security Grant funding under the American Recovery and Reinvestment Act, 2009. Under this grant program, funding was available for Maritime Domain Awareness (MDA) projects relative to “maritime” or “waterside”. The Port and City were encouraged to consider the development of a joint City Port Domain Awareness Center. The joint DAC would create a center that would bring together the technology, systems and processes that would provide for an effective understanding of anything associated with the City of Oakland boundaries as well as the Oakland maritime operations that could impact the security, safety, economy or environment.
Federal Bureau of Investigation
(U//FOUO) FBI Bulletin: Use of Fraudulent University E-Mail Accounts to Purchase Chemicals
Department of Homeland Security
(U//FOUO) DHS Infrastructure Protection Report: Higher Education Institutions
The higher education community in the United States consists of more than 11,000 higher education institutions that collectively serve more than 17 million students, employ more than 3.4 million faculty and staff, and have combined budgets approaching $360 billion. Higher education institutions range in size from small institutions with fewer than 100 students to large universities with tens of thousands of students and faculty occupying campuses the size of a small town or city. Institution grounds are generally open-access, with varying levels of security within the campus.
Joint Chiefs of Staff
(U//FOUO) Joint Center for International Security Force Assistance Guide: Roles and Functions of Senior Advisors
When advising and assisting partner nation security ministries and their institutions, the U.S. Department of Defense (DoD) leverages the knowledge, skills, and abilities (KSA) from a combination of senior uniformed and civilian personnel, to include contractors to carryout development in a broad range of partner nation ministries and institutional requirements.
U.S. Army
U.S. Army Cyber Electromagnetic Activities (CEMA) Manual
FM 3-38, Cyber Electromagnetic Activities, provides overarching doctrinal guidance and direction for conducting cyber electromagnetic activities (CEMA). This manual describes the importance of cyberspace and the electromagnetic spectrum (EMS) to Army forces and provides the tactics and procedures commanders and staffs use in planning, integrating, and synchronizing CEMA. This manual provides the information necessary for Army forces to conduct CEMA that enable them to shape their operational environment and conduct unified land operations. It provides enough guidance for commanders and their staffs to develop innovative approaches to seize, retain, and exploit advantages throughout an operational environment. CEMA enable the Army to achieve desired effects in support of the commander’s objectives and intent.
Department of Homeland Security, Federal Bureau of Investigation, National Counterterrorism Center
(U//FOUO) DHS-FBI-NCTC Bulletin: Building Security Measures May Hinder Emergency Response Efforts
Facility security measures, such as interior control points or exterior barriers, may require first responders to adjust normal protocols and procedures to operate rapidly during emergencies. The timeline below is an overview of attacks and plots against US-based facilities with varying levels of security. The diversity of tactics and targets used underscores the need for interagency exercises and training that incorporates multiple scenarios to account for building security measures likely to be encountered.
United States
Information Sharing Environment Strategic Implementation Plan for the National Strategy for Information Sharing and Safeguarding
In December 2012 the President signed the National Strategy for Information Sharing and Safeguarding (Strategy) which is anchored on the 2010 National Security Strategy and builds upon the 2007 National Strategy for Information Sharing. The Strategy provides guidance for more effective integration and implementation of policies, processes, standards, and technologies to promote secure and responsible national security information sharing. This document provides a higher-level overview of a longer, more detailed implementation plan for the Strategy, and is intended to assist in briefing senior policy makers on plans, progress, and performance related to achieving the vision of the NSISS.
Department of Homeland Security, Federal Bureau of Investigation, National Counterterrorism Center
(U//FOUO) DHS-FBI-NCTC Bulletin: Extortion Schemes Use Telephony-Based Denial-of-Service Attacks
Since at least January 2012, criminals are using telephony-based denial-of-service (TDoS) combined with extortion scams to phone an employee’s office and demand the employee repay an alleged loan. If the victim does not comply, the criminals initiate TDoS attacks against the employer’s phone numbers. TDoS uses automated calling programs—similar to those used by telemarketers—to prevent victims from making or receiving calls.
Intelligence Fusion Centers, Kenya
(U//FOUO) Kansas Intelligence Fusion Center Nairobi Westgate Mall Attack Lessons Learned
On Saturday, September 21, 2013, members of Al Shabaab, a Somali based Islamic terrorist organization affiliated with the international Al Qaeda network, executed a complex terrorist attack on an upscale shopping mall in Nairobi, Kenya. The attackers simultaneously entered the mall from two different entrances, shooting shoppers with assault rifles and throwing hand grenades. The terrorists remained in the mall, engaging government security forces for the next four days, resulting in a major fire and partial collapse of the mall. The Kenyan government has officially reported 72 deaths and more than 200 injured as a result of the attack. A significant number of those killed and injured were foreign citizens, including 6 U.S. citizens who were injured in the attack.
National Geospatial-Intelligence Agency
(U//LIMDIS) National Geospatial-Intelligence Agency Sochi 2014 Winter Olympics Talking Map
National Geospatial-Intelligence Agency
(U//LIMDIS) National Geospatial-Intelligence Agency Sochi 2014 Winter Olympics Maps
Intelligence Fusion Centers, Virginia
(U//LES) Virginia Fusion Center Bulletin: TOR, Bitcoins, Silk Road and the Hidden Internet
The purpose of this bulletin is to provide awareness and a basic understanding of the “Hidden Internet” to investigators in the field, as well as provide some examples of how the Hidden Internet can be exploited by criminal elements. While the term “Hidden Internet” can be used in a broader context and refer to other internet terms such as the “Deep Web” or “Deepnet,” for the purpose of this bulletin the term “Hidden Internet” will refer to the hidden services provided by the TOR project to internet users, specifically relating to the Silk road website and use of Bitcoins.
California
City of Oakland Domain Awareness Center Emails September-December 2013
A collection of hundreds of emails from the City of Oakland relating to the construction of the City/Port of Oakland Joint Domain Awareness Center. The files were obtained through a public records request made by members of Occupy Oakland. The emails range in date from September 2013 to December 2013.
White House
Privacy and Civil Liberties Oversight Board NSA Bulk Telephone Records Collection Report
Section 215 is designed to enable the FBI to acquire records that a business has in its possession, as part of an FBI investigation, when those records are relevant to the investigation. Yet the operation of the NSA’s bulk telephone records program bears almost no resemblance to that description. While the Board believes that this program has been conducted in good faith to vigorously pursue the government’s counterterrorism mission and appreciates the government’s efforts to bring the program under the oversight of the FISA court, the Board concludes that Section 215 does not provide an adequate legal basis to support the program. There are four grounds upon which we find that the telephone records program fails to comply with Section 215. First, the telephone records acquired under the program have no connection to any specific FBI investigation at the time of their collection. Second, because the records are collected in bulk — potentially encompassing all telephone calling records across the nation — they cannot be regarded as “relevant” to any FBI investigation as required by the statute without redefining the word relevant in a manner that is circular, unlimited in scope, and out of step with the case law from analogous legal contexts involving the production of records. Third, the program operates by putting telephone companies under an obligation to furnish new calling records on a daily basis as they are generated (instead of turning over records already in their possession) — an approach lacking foundation in the statute and one that is inconsistent with FISA as a whole. Fourth, the statute permits only the FBI to obtain items for use in its investigations; it does not authorize the NSA to collect anything.
California
Oakland Police Department Urban Shield 2013 Protest Documentation
The following documents were obtained via a public records request made by members of Occupy Oakland. The documents concern the Oakland Police Department response to protests against the 2013 Urban Shield homeland security exercise held in Alameda County. Urban Shield is an annual exercise series that features nearly fifty different training scenarios for law enforcement ranging from terrorist attacks conducted by “homegrown extremists” to hostage situations, fires and even natural disasters. The 2013 Urban Shield exercise involved dozens of federal, state and local law enforcement organizations, representatives of foreign countries such as Switzerland, Brazil, Bahrain, Jordan, as well as more than a dozen corporations including FedEx, Cisco Systems and Verizon Wireless. The documents are heavily redacted and include an operations plan, a presentation on Occupy Oakland, arrest reports and other miscellaneous documentation related to the protests.