(U//FOUO) DHS-FBI Bulletin: Use of the Internet for Attack Planning

DHS-FBI-InternetAttackPlanning

Malicious actors may leverage the Internet to gain information against a potential target to support pre-operational planning efforts for kinetic or cyber attacks. Malicious actors can use Internet search engines for information such as maps, company photographs or blueprints, and gain additional details from social media sites and Web blogs. Some actors may use more sophisticated techniques—such as phishing, spear phishing, or actual penetration of an organization’s network or devices—which can be used to gather personal, sensitive, or proprietary data.

(U//FOUO) DoD Directive: Counterintelligence (CI)

DoD-CI

Defense CI activities shall be undertaken as part of an integrated DoD and national effort to detect, identify, assess, exploit, penetrate, degrade, and counter or neutralize intelligence collection efforts, other intelligence activities, sabotage, espionage, sedition, subversion, assassination, and terrorist activities directed against the Department of Defense, its personnel, information, materiel, facilities, and activities, or against U.S. national security.

(U//FOUO) DHS-FBI Report: Idaho Man Arrested for Providing Material Support to Islamic Movement of Uzbekistan

DHS-FBI-IdahoExtremist

This Joint Intelligence Bulletin (JIB) provides information on the 16 May 2013 arrest of Idaho-based Uzbekistan national Fazliddin Kurbanov by the FBI Boise Joint Terrorism Task Force (JTTF). On 16 May, Kurbanov was charged under two indictments alleging terrorism, one each in the United States District Court, District of Idaho and United States District Court, District of Utah. FBI and DHS are providing this information to support their respective activities and to assist federal, state, local, tribal, and territorial government counterterrorism and law enforcement officials and the private sector in deterring, preventing, or disrupting terrorist attacks against the United States. All events described in this JIB are taken from the criminal indictment. The charges contained in the indictment are mere allegations. As in any criminal case, the defendant is presumed innocent until proven guilty in a court of law.

UN Human Rights Council Report: Impact of State Surveillance on Privacy and Freedom of Expression

UN-StateSurveillancePrivacy

The present report analyses the implications of States’ surveillance of communications for the exercise of the human rights to privacy and to freedom of opinion and expression. While considering the impact of significant technological advances in communications, the report underlines the urgent need to further study new modalities of surveillance and to revise national laws regulating these practices in line with human rights standards.

Ibragim Todashev Post-Autopsy Body Photos

More than a dozen images originally published on the website Кавказская политика Kavkazskaya Politika (Politics of the Caucasus) after being displayed at a press conference held in Moscow by Ibragim Todashev’s father Abdul-Baki Todashev on May 30, 2013. Ibragim Todashev was shot seven times in his Orlando, Florida apartment on May 22, 2013 following eight hours of questioning by an FBI Special Agent from the Boston Field Office and at least one Massachusetts State Police trooper. Law enforcement sources have provided media outlets with several differing versions of the events leading up to Todashev’s death. First, sources described Todashev being shot after he reportedly attacked the FBI agent with a knife. In later accounts, Todashev was described as being unarmed. In the most recent version of events Todashev reportedly overturned a table, knocking the FBI agent to the ground, before lunging at the agent with a pole or broomstick.

(U//FOUO) U.S. Marine Corps Provincial Reconstruction Teams in Afghanistan Lessons Learned Report

A Provincial Reconstruction Team (PRT) is a civil-military organization, task-organized to a geographical province, whose purpose is to extend the reach and legitimacy of the Central Government of Afghanistan by developing a self-sustaining, peaceful, civil-society. It is a tactical organization with strategic impact. The ratio of military to other governmental, United Nations (UN), and non-governmental organizations depends heavily on the degree to which the area is pacified. The success of a PRT is measured by its ability to increase Central Government capacity and good governance as well as to, “Seize the human terrain and defeat the enemy.” One important element of this is to identify and mentor key Afghan personnel in democratic governance and leadership.

DHS Says Aging Infrastructure Poses Significant Risk to U.S.

A recent version of the Department of Homeland Security’s National Risk Profile found that old and deteriorating infrastructure in the U.S. could pose significant risks to the nation and its economy. According to the report, insufficient funding of inspection and maintenance of critical infrastructure throughout the U.S. could create wide-ranging problems as the nation’s infrastructure continues to age. Along with pandemics and nuclear terrorism, a draft version of the DHS National Risk Profile for 2011 lists “aging infrastructure” as having a “potentially significant impact” on the nation’s critical infrastructure. The assessment states that “unusable, ineffectual, and deteriorating critical infrastructure, as well as the potential for exploitation of these vulnerabilities, increase risk . . . due to the inadvertent introduction of flaws, reduced inspection and maintenance workforce, and insufficient investment.” Moreover, this is not a limited threat, as the assessment states that the “entire United States is at risk from aging infrastructure that will eventually “affect all critical infrastructure sectors and ultimately reduce or erode their capacity and lifetimes in unexpected and unpredicted ways.”

(U//FOUO) DHS-FBI Bulletin: Increasing Exploitation of Mobile Device Vulnerabilities

State, local, tribal and territorial (SLTT) computer networks have been increasingly targeted by cyber adversaries. At the same time, the expansion of mobile devices integrated into SLTT networks provides new opportunities for cyber adversaries seeking to collect information or disrupt operations by compromising mobile technology and exploiting vulnerabilities in portable operating systems, application software, and hardware. Compromise of a mobile device can have an impact beyond the device itself; malware can propagate across interconnected networks.

Congressional Budget Office Report: Distribution of Expenditures in Individual Income Tax System

A number of exclusions, deductions, preferential rates, and credits in the federal tax system cause revenues to be much lower than they would be otherwise for any given structure of tax rates. Some of those provisions—in both the individual and corporate income tax systems—are termed “tax expenditures” because they resemble federal spending by providing financial assistance to specific activities, entities, or groups of people. Tax expenditures, like traditional forms of federal spending, contribute to the federal budget deficit; influence how people work, save, and invest; and affect the distribution of income. This report examines how 10 of the largest tax expenditures in the individual income tax system in 2013 are distributed among households with different amounts of income.

(U//FOUO) NSA Hardening Network Infrastructure: Security Recommendations for System Accreditors

Many networks run by public and private organizations have experienced intrusions in recent years, and this cyber exploitation has resulted in an unprecedented transfer of wealth due to lost intellectual property. The threats to our networks and systems exist across numerous components that include end-user-devices, servers, and infrastructure devices. To address threats to routers and other network infrastructure devices, the National Security Agency’s Information Assurance Directorate (IAD) is publishing this IAA to guide U.S. Government systems accreditors’ strategic plan for network hardening.

(U//FOUO) NSA Mitigations Guidance for Distributed Denial of Service Attacks

Adversary actors in cyberspace continue to demonstrate the interest in and ability to execute Distributed Denial of Service (DDoS) attacks against the United States. The need to offer Internet services in support of mission requirements inherently exposes these services to malicious traffic and the potential for DDoS attack. Proactive preparation to ensure network resilience in the event of a DDoS event is essential. Reactive measures are feasible, but are often too slow to respond to the dynamic nature of today’s threat.