FBI Cyber Bulletin: Cyber Criminals Targeting FTP Servers to Compromise Protected Health Information

The FBI is aware of criminal actors who are actively targeting File Transfer Protocol (FTP) servers operating in “anonymous” mode and associated with medical and dental facilities to access protected health information (PHI) and personally identifiable information (PII) in order to intimidate, harass, and blackmail business owners.

U.S. Army Worldwide Equipment Guide 2015 Update

Published in three volumes, (Ground; Airspace & Air Defense Systems; and Naval & Littoral Systems) the WEG is the approved document for OPFOR equipment data used in U.S. Army training. Annual updates are posted on the ATN website. Therefore it is available for downloading and local distribution. Distribution restriction is unlimited. This issue replaces all previous issues.

U.S. Army Threat Tactics Report: Boko Haram

The primary goal of Boko Haram is to institute an Islamic state throughout Nigeria based on a fundamentalist interpretation of Islamic law with an inevitable regional expansion. The founder and spiritual leader of Boko Haram, Muhammed Yusuf, and his followers originally believed in a peaceful transition and made what the current Boko Haram leadership considered illegitimate concessions to and compromises with secular and government leaders. The group has since adopted a takfirist ideology—the belief that less than a strict adherence to Salafist Islam makes a Muslim an “apostate” equal to infidels and, therefore, a legitimate target. Boko Haram has targeted and killed a number of prominent Muslim leaders who have been critical of the organization. Boko Haram considers any support of Western or secular ideas, such as schools based on Western influence, heretical and worthy of attack.

(U//FOUO) DHS-FBI-USSS Joint Threat Assessment 2017 Presidential Address to a Joint Session of Congress

This Joint Threat Assessment (JTA) addresses threats to the 2017 Presidential Address to a Joint Session of Congress (the Presidential Address) at the US Capitol Building in Washington, DC, on 28 February 2017. This assessment does not consider nonviolent civil disobedience tactics (for example, protests without a permit) that are outside the scope of federal law enforcement jurisdiction; however, civil disobedience tactics designed to cause a hazard to public safety and/or law enforcement fall within the scope of this assessment.

Multinational Capability Development Campaign Military Strategic Communication Handbook Draft

Cell phones, smart phones, the Internet, and GPS are increasingly available and are changing the nature of conflict, even in remote areas. Information can now reach out in new ways to global audiences because of the revolution in Information Technology (IT), particularly using cell phones and smart phones. The revival of hybrid warfare manifested in recent developments in the international security environment – such as the Arab Spring, the Ukrainian crisis, the rise of Jihadist-Salafist terrorism, and the European migrant crisis – demonstrates the power of communication, broadly based on IT advantages: messages and perceptions become predominant of physical engagements and strongly impact the behaviour of people. Orchestrated activities carry messages and have a crucial effect on 55 public opinions, decision-making processes, and domestic support.

(U//FOUO) DHS-FBI-NCTC Bulletin: Terrorists Call for Attacks on Hospitals, Healthcare Facilities

Recent calls over the past year for attacks on hospitals in the West by media outlets sympathetic to the Islamic State of Iraq and ash-Sham (ISIS) highlight terrorists’ perception of hospitals as viable targets for attack. Targeting hospitals and healthcare facilities is consistent with ISIS’s tactics in Iraq and Syria, its previous calls for attacks on hospitals in the West, and the group’s calls for attacks in the West using “all available means.” While we have not seen any specific, credible threat against hospitals and healthcare facilities in the United States, we remain concerned that calls for such attacks may resonate with some violent extremists and lone offenders in the Homeland because of their likely perceived vulnerabilities and value as targets.

U.S. Army Foreign Military Studies Office: Russia’s Military Strategy Impacting 21st Century Reform and Geopolitics

Today’s military innovators are the modern-day scientists and engineers who assist in the creation of contemporary and new concept weaponry; and the military theorists who study changes in the character of war. Digital specialists understand how to develop and employ the capabilities of electronic warfare equipment, satellite technology, and fiber optic cables. While Kalashnikov’s fame is imbedded in Russia’s culture, it may be harder to find a current digital entrepreneur whose legacy will endure as long as his: there are simply too many of them, and their time in the spotlight appears to be quite short, since even now we are about to pass from the age of cyber to that of quantum. It is difficult to predict whose discoveries will be the most coveted by tomorrow’s military-industrial complex, not to mention the decision-making apparatus of the Kremlin and General Staff. Military theorists are playing an important role as well. They are studying how new weaponry has changed the correlation of forces in the world, the nature of war, and the impact of weaponry on both forecasting and the initial period of war.

(U//FOUO) DHS-FBI Intelligence Assessment: Baseline Comparison of US and Foreign Anarchist Extremist Movements

This joint DHS and FBI Assessment examines the possible reasons why anarchist extremist attacks in certain countries abroad and in the United States differ in the frequency of incidents and degree of lethality employed in order to determine ways US anarchist extremists actions might become more lethal in the future. This Assessment is intended to establish a baseline comparison of the US and foreign anarchist extremist movements and create new lines of research; follow-on assessments will update the findings identified in the paper, to include the breadth of data after the end of the reporting period (as warranted by new information), and identify new areas for DHS and FBI collaboration on the topic. This Assessment is also produced in anticipation of a heightened threat of anarchist extremist violence in 2016 related to the upcoming Democratic and Republican National Conventions—events historically associated with violence from the movement.

Department of State International Security Advisory Board Report on Gray Zone Conflict

The study addresses the challenges facing the United States from the increasing use by rivals and adversaries – state and non-state alike – of what have come to be called “Gray Zone” techniques. The term Gray Zone (“GZ”) denotes the use of techniques to achieve a nation’s goals and frustrate those of its rivals by employing instruments of power – often asymmetric and ambiguous in character – that are not direct use of acknowledged regular military forces.

(U//FOUO) DHS Intelligence Note: Germany Christmas Market Attack Underscores Threat to Mass Gatherings and Open-Access Venues

A 25-ton commercial truck transporting steel beams from Poland to Germany plowed into crowds at a Christmas market in Berlin at about 2000 local time on 19 December, killing at least 12 people and injuring 48 others, several critically, according to media reporting citing public security officials involved in the investigation. The truck was reportedly traveling at approximately 40 miles per hour when it rammed the Christmas market stands. Police estimate the vehicle traveled 80 yards into the Christmas market before coming to a halt.

National Intelligence Council Global Trends Assessment: Paradox of Progress

We are living a paradox: The achievements of the industrial and information ages are shaping a world to come that is both more dangerous and richer with opportunity than ever before. Whether promise or peril prevails will turn on the choices of humankind. The progress of the past decades is historic—connecting people, empowering individuals, groups, and states, and lifting a billion people out of poverty in the process. But this same progress also spawned shocks like the Arab Spring, the 2008 Global Financial Crisis, and the global rise of populist, anti-establishment politics. These shocks reveal how fragile the achievements have been, underscoring deep shifts in the global landscape that portend a dark and difficult near future.

DoD Cybersecurity Discipline Implementation Plan February 2016

Inspections and incidents across the Department of Defense (DoD) reveal a need to reinforce basic cybersecurity requirements identified in policies, directives, and orders. In agreement with the Secretary of Defense, the Deputy Secretary of Defense, and the Joint Chiefs of Staff, the DoD Chief Information Officer (CIO) identified key tasks needed to ensure those requirements are achieved. The DoD Cybersecurity Campaign reinforces the need to ensure Commanders and Supervisors at all levels, including the operational level, are accountable for key tasks, including those identified in this Implementation Plan. The Campaign does not relieve a Commander’s and Supervisor’s responsibility for compliance with other cybersecurity tasks identified in policies, directives, and orders, but limits the risk assumed by one Commander or Supervisor in key areas in order to reduce the risk to all other DoD missions.

(U//FOUO) U.K. Ministry of Defence Guide: Understanding the Arab People

The Arab World is a vast area which is home to people from diverse cultures. The way in which people behave and interact with you will therefore vary greatly across the region. This guide discusses aspects of Arab culture that you might experience in Algeria, Bahrain, Egypt, Iraq, Jordan, Kuwait, Lebanon, Libya, Mauritania, Morocco, Oman, the Palestinian Territories, Qatar, Saudi Arabia, Sudan, Syria, Tunisia, the United Arab Emirates (UAE) and Yemen. Further reading on individual countries is recommended before you deploy.

Office of the Director of National Intelligence Background Report: Assessing Russian Activities and Intentions in Recent US Elections

The nature of cyberspace makes attribution of cyber operations difficult but not impossible. Every kind of cyber operation—malicious or not—leaves a trail. US Intelligence Community analysts use this information, their constantly growing knowledge base of previous events and known malicious actors, and their knowledge of how these malicious actors work and the tools that they use, to attempt to trace these operations back to their source. In every case, they apply the same tradecraft standards described in the Analytic Process above.

U.S. National Electric Grid Security and Resilience Action Plan

The Joint United States-Canada Electric Grid Security and Resilience Strategy (Strategy) is a collaborative effort between the Federal Governments of the United States and Canada and is intended to strengthen the security and resilience of the U.S. and Canadian electric grid from all adversarial, technological, and natural hazards and threats. The Strategy, released concurrently with this National Electric Grid Security and Resilience Action Plan (Action Plan), details bilateral goals to address the vulnerabilities of the respective and shared electric grid infrastructure of the United States and Canada, not only as an energy security concern, but for reasons of national security. The implementation of the Strategy requires continued action of a nationwide network of governments, departments and agencies (agencies), and private sector partners. This Action Plan details the activities, deliverables, and timelines that will be undertaken primarily by U.S. Federal agencies for the United States to make progress toward the Strategy’s goals.

Joint United States-Canada Electric Grid Security and Resilience Strategy

This Joint United States-Canada Electric Grid Security and Resilience Strategy (Strategy) is a collaborative effort between the Federal Governments of the United States and Canada and is intended to strengthen the security and resilience of the U.S. and Canadian electric grid from all adversarial, technological, and natural hazards and threats. The Strategy addresses the vulnerabilities of the two countries’ respective and shared electric grid infrastructure, not only as an energy security concern, but for reasons of national security. This joint Strategy relies on the existing strong bilateral collaboration between the United States and Canada, and reflects a joint commitment to enhance a shared approach to risk management for the electric grid. It also articulates a common vision of the future electric grid that depends on effective and expanded collaboration among those who own, operate, protect, and rely on the electric grid. Because the electric grid is complex, vital to the functioning of modern society, and dependent on other infrastructure for its function, the United States and Canada developed the Strategy under the shared principle that security and resilience require increasingly collaborative efforts and shared approaches to risk management.

DHS-FBI Joint Analysis Report on GRIZZLY STEPPE Russian Malicious Cyber Activity

This Joint Analysis Report (JAR) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities. The U.S. Government is referring to this malicious cyber activity by RIS as GRIZZLY STEPPE.

U.S. House Encryption Working Group Year-End Report 2016

The law enforcement community often refers to their challenge in this context as “going dark.” In essence, “going dark” refers to advancements in technology that leave law enforcement and the national security community unable to obtain certain forms of evidence. In recent years, it has become synonymous with the growing use of strong default encryption available to consumers that makes it increasingly difficult for law enforcement agencies to access both real-time communications and stored information. The FBI has been a leading critic of this trend, arguing that law enforcement may no longer be able “to access the evidence we need to prosecute crime and prevent terrorism, even with lawful authority.” As a result, the law enforcement community has historically advocated for legislation to “ensure that we can continue to obtain electronic information and evidence pursuant to the legal authority that Congress has provided to keep America safe.”