A joint intelligence bulletin released by the Department of Homeland Security and FBI to coincide with the twentieth anniversary of the Oklahoma City Bombing warns that “domestic extremism will remain a persistent threat through the end of 2015 and beyond” with “high confidence that lone offenders and those who pursue leaderless resistance continue to pose the greatest threat of violence.” The bulletin, which is based on “recent patterns of extremist activity” often “taken by those who plan and act alone or in small cells,” states that domestic extremism “remains a persistent threat, and the United States has experienced violent ideologically-motivated criminal acts, both prior to and after the Oklahoma City attack” including “assaults, arsons, shootings, and use, or attempted use, of improvised incendiary and explosive devices, resulting in death, injury, and property damage.” Moreover, the bulletin states that “many of the same motivations used by domestic extremists to justify their criminal acts in the mid-1990s—anti-government and anti-law enforcement sentiment; racial, ethnic, and religious hatred; and advocacy of violent conspiracy theories—continue to influence domestic extremists and their targeting choices in 2015.”
The “innovative use of social media and messaging” by the Islamic State of Iraq and the Levant (ISIL) “has played a key role in motivating young Western males and females to travel to the Syrian conflict to join and support the self-declared Islamic State” according to a join intelligence bulletin released by the Department of Homeland Security and FBI last month. The 5-page bulletin titled “ISIL Social Media Messaging Resonating with Western Youth” was disseminated to law enforcement throughout the country at the end of February to report on the “continuing trend” of Western youth being inspired to travel to Syria and join ISIL forces. According to the bulletin, this trend is aided by the fact that “Western youth are willing to connect over social media with like-minded persons, and have proven adept at obfuscating such social media usage from their parents and guardians.”
A bulletin issued in December 2014 by the Virgina Fusion Center (VFC) warned law enforcement and first responders that emergency vehicles could be targeted by violent protesters seeking to retaliate against the perceived surveillance of their activities. The bulletin, which is titled “Malicious Activists May Promote Harm to Emergency Management Vehicles Observed During Violent Protests,” draws its conclusion that “violent or malicious activity” could be directed toward emergency vehicles “operating near protest areas” based primarily upon comments to a post on Reddit and a protest guide posted anonymously on Pastebin.
The FBI has issued a National Situational Information Report (NSIR) to law enforcement around the country warning of “copy cat assassinations” following the murder of two New York Police Department (NYPD) officers in December. The report, which was issued days before Christmas and posted online by a lodge of the Chicago Fraternal Order of Police, states that the “recent murders of New York City Police Officers Wenjian Liu and Rafael Ramos have spawned numerous threats” against law enforcement personnel.
An intelligence assessment released last month by the Department of Homeland Security’s Office of Intelligence and Analysis found that a domestic terrorist attack conducted by individuals affiliated with or inspired by the Islamic State of Iraq and the Levant (ISIL) would most likely “employ tactics involving edged weapons, small arms, or improvised explosive devices (IEDs).” The assessment, which was obtained by Public Intelligence, was released in October following several recent attacks conducted in Europe and Australia by individuals sympathetic to ISIL. Based on a review of these and other planned attacks, analysts at DHS evaluated the tactics and targets, as well as operational security measures employed in order to determine “tactics, targets, and tradecraft that potentially could be used in the Homeland by individuals associated with or inspired” by ISIL.
The FBI Cyber Division has issued a notification to private industry and law enforcement to be aware of the potential for retaliatory cyber attacks following recent U.S. military actions in the Middle East. While the FBI has “no information at this time to indicate specific cyber threats to US networks or infrastructure in response to ongoing US military air strikes against the terrorist group known as the Islamic State of Iraq and the Levant (ISIL)” the bulletin states that the FBI believes that “extremist hackers and hacktivist groups, including but not limited to those aligned with the ISIL ideology, will continue to threaten and may attempt offensive cyber actions against the United States in response to perceived or actual US military operations in Iraq or Syria.”
“First time I ever saw an Afghan Police Station I thought it was something straight out of the dark ages, complete with zero electricity, mud structure, and no sewage drainage. Immediately I knew this mission would be challenging and wondered what the heck I got myself into?” This quote from a U.S. Army Captain is just one example of the unusually blunt assessments contained in the Joint Center for International Security Force Assistance (JCISFA) guide for advising the Afghan National Police (ANP). The 2010 version of the JCISFA ANP Mentor Guide, which was obtained by Public Intelligence along with a guide for troops assisting the Afghan National Army (ANA), contains a number of revealing observations on the often poor condition of Afghan National Security Forces, in particular the ANP.
A bulletin issued by the Department of Homeland Security, the FBI and the National Counterterrorism Center earlier this month warns law enforcement and private security personnel that malicious cyber actors can use “advanced search techniques” to discover sensitive information and other vulnerabilities in websites. The bulletin, titled “Malicious Cyber Actors Use Advanced Search Techniques,” describes a set of techniques collectively referred to as “Google dorking” or “Google hacking” that are used to refine search queries to provide more specific results.
An intelligence assessment released July 22 by the Department of Homeland Security Office of Intelligence and Analysis warns of an increasing trend of “anti-government violence” from what are described as “domestic violent extremists” inspired by the recent standoff at the Bundy Ranch in Bunkerville, Nevada. The report, titled “Domestic Violent Extremists Pose Increased Threat to Government Officials an Law Enforcement,” was originally obtained and published by Public Employees for Environmental Responsibility, a non-profit alliance of local state and federal resource professionals that has been advocating for criminal charges against Cliven Bundy and “militia snipers” involved in the April standoff with the Bureau of Land Management. In recent months, the report suggests that there has been a notable increase in violence from domestic extremists motivated by “anti-government ideologies.”
For years the U.S. military has been waging a biometric war in Afghanistan, working to unravel the insurgent networks operating throughout the country by collecting the personal identifiers of large portions of the population. A restricted U.S. Army guide on the use of biometrics in Afghanistan obtained by Public Intelligence provides an inside look at this ongoing battle to identify the Afghan people.
The Law Enforcement National Data Exchange (N-DEx) run by the FBI Criminal Justice Information Services (CJIS) Division now contains approximately 223 million records on nearly two billion entities. A FBI CJIS presentation from February 2014 posted on the website of the Integrated Justice Information Systems Institute includes detailed information on state and local data contributors including a tally of the total number of records contributed by state.
In the first weeks of 2013, police officers were combing through a bloody scene in the Indian state of Jharkhand where a dozen security personnel had died in a shootout with local rebels. The Naxalite fighters, who promote a Maoist ideology through their ongoing guerrilla conflict with the Indian government, had killed the men, including five Central Reserve Police Force members, in a gun battle days before. When local villagers and police tried to remove the bodies, a bomb went off killing four more people. After the incident, a group of doctors in nearby Ranchi were performing an autopsy on one of the bodies when they encountered something metal lodged inside the body. A bomb squad was called in and an explosive device triggered by shifts in pressure that had been sewn into the police officer’s body was successfully defused.
Public Intelligence has obtained the most recent version of the U.S. Civil-Military Strategic Framework for Afghanistan, the second revision of the document dated August 2013, detailing the U.S. government’s goals and priorities for rebuilding Afghan society. Issued by the U.S. Ambassador to Afghanistan James Cunningham and signed by the commander of U.S. forces Joseph Dunford, the framework covers U.S. priorities related to governance, the rule of law, socioeconomic development as well as the gradual transfer of authority to the Afghan government. When compared with a previous version of the framework from March 2012, also obtained by Public Intelligence, the document solidifies the prospect of long-term U.S. involvement in Afghanistan, removing optimistic statements about turnover dates and self-sustaining funding estimates and replacing them with measured assessments reinforcing the notion that U.S. and international forces will be present in Afghanistan far into the next decade.
A federal law passed in February 2012 to help middle class families by creating jobs and cutting payroll taxes included a section mandating the creation of a nationwide interoperable broadband communications system for law enforcement and first responders. The system, which is being created under the direction of the First Responder Network Authority (FirstNet), seeks to create a nationwide broadband network capable of being used for a variety of law enforcement purposes including remote surveillance, mobile biometric applications like field fingerprint scanning and facial recognition, as well as automated license plate reading. The system is currently in a pilot phase with less than a dozen locations around the country participating in the initial rollout of the FirstNet network. However, comments from FirstNet board members indicate that the future goals of the system include an interoperable network operating in all 56 states and territories of the U.S. that is capable of integration at the state, local and federal level.
Joint Chiefs of Staff Instruction Modifies Language on Collateral Damage Estimates for Drone Strikes
An updated instruction issued by the Chairman of the Joint Chiefs of Staff in October 2012 incorporates significantly modified language in numerous sections of the document that describe the process for estimating collateral damage prior to conducting drone strikes and other military actions. These subtle, but important changes in wording provide insight into the military’s attempts to limit expectations in regards to minimizing collateral damage and predicting the lethal effects of military operations.
A statistical analysis of school shootings released in August by the Los Angeles Joint Regional Intelligence Center (LAJRIC) studied school shootings throughout the U.S. from January 2008 to August 2013. In that five-year span, there were 85 school shootings that took place in 29 states, a majority of the country, with most states experiencing between one and three incidents over the last five years. California ranked highest with 18 incidents, followed by Michigan and Tennessee. The majority of school shootings, about 52%, took place at high schools, with the rest equally distributed between colleges/universities and elementary/middle schools.
A joint bulletin issued in early August by the Department of Homeland Security and FBI warns state and local law enforcement agencies to look out for people in possession of “large amounts” of weapons and ammunition, describing the discovery of “unusual amounts” of weapons as a potential indicator of criminal or terrorist activity.
Analysis conducted by the Central Florida Intelligence Exchange (CFIX) has found that 79% of mass shootings since 2011 have been perpetrated by individuals with “demonstrated signs of continuous behavioral health issues and mental illness.” In a July case study titled “Acts of Violence Attributed by Behavioral and Mental Health Issues”, CFIX analyzed 14 mass shooting incidents that occurred between 2011 and 2013 finding that only three of the shooters had no history of mental illness.
Since June, advanced persistent threat (APT) actors have been targeting the aviation industry and attempting to extract confidential information by sending “spear-phishing” emails designed to trick recipients into opening malicious attachments or follow links to infected websites. According to an FBI Cyber Division bulletin from July 8, “individuals associated with the air travel industry” have received an increased number of spear-phishing emails often using spoofed senders “in an attempt to make the e-mail appear more legitimate.”
In a restricted report issued in May, the DEA detailed the most recent findings from its heroin monitoring program, assessing the period from 2006 -2011. The report finds that heroin in the U.S. generally comes from two different places: South America and Mexico. If you live east of the Mississippi River, chances are that the heroin you’re buying is from South America. Heroin purchased on the West Coast is almost certainly trafficked from Mexico. Some heroin from Southwest Asia does make it to the U.S. However, the amount is minimal compared to other sources and the quality is relatively poor.
A recent version of the Department of Homeland Security’s National Risk Profile found that old and deteriorating infrastructure in the U.S. could pose significant risks to the nation and its economy. According to the report, insufficient funding of inspection and maintenance of critical infrastructure throughout the U.S. could create wide-ranging problems as the nation’s infrastructure continues to age. Along with pandemics and nuclear terrorism, a draft version of the DHS National Risk Profile for 2011 lists “aging infrastructure” as having a “potentially significant impact” on the nation’s critical infrastructure. The assessment states that “unusable, ineffectual, and deteriorating critical infrastructure, as well as the potential for exploitation of these vulnerabilities, increase risk . . . due to the inadvertent introduction of flaws, reduced inspection and maintenance workforce, and insufficient investment.” Moreover, this is not a limited threat, as the assessment states that the “entire United States is at risk from aging infrastructure that will eventually “affect all critical infrastructure sectors and ultimately reduce or erode their capacity and lifetimes in unexpected and unpredicted ways.”