We assess that Russia would consider initiating a cyber attack against the Homeland if it perceived a US or NATO response to a possible Russian invasion of Ukraine threatened its long-term national security. Russia maintains a range of offensive cyber tools that it could employ against US networks—from low-level denials-of-service to destructive attacks targeting critical infrastructure. However, we assess that Russia’s threshold for conducting disruptive or destructive cyber attacks in the Homeland probably remains very high and we have not observed Moscow directly employ these types of cyber attacks against US critical infrastructure—notwithstanding cyber espionage and potential prepositioning operations in the past.
(U//LES) Nevada High Intensity Drug Trafficking Area Bulletin: Dark Web and Cryptocurrency What to Look for During a Search Warrant
In June of 2021, the Nevada High Intensity Drug Trafficking Area (HIDTA) Drug Enforcement Agency (DEA) Enforcement Group 3 arrested four members of a Drug Trafficking Money Laundering Organization (DTMLO) responsible for selling millions of dollars’ worth of cocaine on the dark web and transporting it through the United States Postal Services (USPS).
This report outlines ongoing work by the Department of Defense to address the threat posed by prohibited extremist activities. The Department of Defense has long prohibited Service members from actively engaging in extremist activities. Since 1969, the Department of Defense has provided policy guidance that enumerates the prohibition of specific activities, and has routinely updated its guidance to clarify prohibited activities, clarify the investigative authorities that commanders have at their disposal, and ensure that all military departments implement training on these policies.
ATP 7-100.3 describes Chinese tactics for use in Army training, professional education, and leader development. This document is part of the ATP 7-100 series that addresses a nation-state’s military doctrine with a focus on army ground forces and tactical operations in offense, defense, and related mission sets. Other foundational topics include task organization, capabilities, and limitations related to military mission and support functions. ATP 7-100.3 serves as a foundation for understanding how Chinese ground forces think and act in tactical operations.
(U//FOUO) DHS Bulletin: Iranian Influence Efforts Primarily Use Online Tools to Target US Audiences, Remain Easily Detectable for Now
We assess that Iran likely will continue to rely primarily on proxy news websites and affiliated social media accounts to attempt sustained influence against US audiences, while we expect intermittent, issue-specific influence attempts via other means (e.g., e-mails). We base this assessment on Iran’s actions since at least 2008 to build and maintain vast malign influence networks anchored by proxy websites, as well as Iran’s attempts to find new avenues to re-launch established malign influence networks after suspension. Tehran employs a network of proxy social media accounts and news websites that typically launder Iranian state media stories (stripped of attribution), plagiarize articles from Western wire services, and occasionally pay US persons to write articles to appear more legitimate to US audiences.
This Handbook focuses on the legal matters pertaining to providing assistance to domestic civil authorities, also known as DSCA. Circumstances involving the exercise of homeland defense authority and capabilities, i.e. “countering air and maritime attacks and preventing terrorist attacks on the homeland,” are beyond the scope of this handbook. Nonetheless, it should be kept in mind that actions taken within the homeland defense function may directly impact the DoD’s DSCA mission once an event has occurred. Likewise, for ongoing events or continuing attacks, DSCA actions may affect homeland defense capabilities.
ATP 3-39.10 provides guidance for commanders and staffs on police operations and is aligned with FM 3-39, the keystone military police field manual. This manual addresses police operations across the range of military operations. Police operations support decisive action tasks (offensive, defensive, and stability or defense support of civil authorities [DSCA]). This manual emphasizes policing capabilities necessary to establish order and subsequent law enforcement activities that enable successful establishment, maintenance, or restoration of the rule of law. While this manual focuses on the police operations discipline and its associated tasks and principles, it also emphasizes the foundational role that police operations, in general, play in the military police approach to missions and support to commanders.
(U//FOUO) DHS-FBI-NCTC Bulletin: First Responder Awareness of Privately Made Firearms May Prevent Illicit Activities
Criminals and violent extremists continue to seek ways to acquire firearms through the production of privately made firearms (PMFs). PMFs can be easily made using readily available instructions and commonly available tools, require no background check or firearms registration (serial number) under federal law, and their parts have become more accessible and affordable. This, combined with the increase in law enforcement recoveries of nonserialized and counterfeit firearms in criminal investigations, will most likely create increasing challenges in law enforcement investigations, including weapon accountability access and tracking. PMF awareness and identification can aid PMF recovery, prevention of illicit activities including terrorism, and overall first responder and public safety.
U.S. Air Force Global Futures Report: Alternative Futures of Geopolitical Competition in a Post-COVID-19 World
The COVID-19 pandemic sheds an important light on the criticality of futures-based thinking to move us beyond conventional assumptions and positions. In today’s chaotic cycle of rapid change, growing complexity, and radical uncertainty, the national security establishment must develop the skills and flexibility to adapt to the unexpected. To be sure, the fallout from COVID-19 has revealed overlooked vulnerabilities for our supply chains, our society, our economy, and—most pertinent for this report— our national security strategy, which relies on all three. The primary aim of this report is to disrupt how we conceptualize national security futures. Rather than arrive at “definitive” conclusions or prescribe budgetary, policy, or force structure recommendations, this document instead challenges us to consider how the future can defy accepted probabilities to affect the Department of Defense and the Department of the Air Force.
(U//FOUO) Maryland Fusion Center Bulletin: Islamic State Propaganda Video Encourages Incendiary Attacks in the Homeland
On 26 July 2020, al-Hayat Media Center, a news outlet of the Islamic State of Iraq and ash-Sham (ISIS), released an English-language propaganda video entitled “Incite the Believers,” which encourages ISIS supporters to conduct incendiary attacks in the United States. The narrator acknowledges that ISIS supporters may have difficulty traveling to ISIS-controlled territory overseas and instead encourages them to conduct attacks where they live. The video also encourages ISIS supporters who are unable to obtain firearms or explosives to consider using incendiary attacks as an alternative.
Cybersecurity and Infrastructure Security Agency Report: Protecting Against the Threat of Unmanned Aircraft Systems (UAS)
Department of Homeland Security, Federal Bureau of Investigation, Intelligence Fusion Centers, U.S. Secret Service
This Joint Threat Assessment (JTA) addresses threats to the 59th Presidential Inauguration taking place in Washington, DC, on 20 January 2021. This JTA is co-authored by the Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS)/US Secret Service (USSS), with input from multiple US Intelligence Community and law enforcement partners. It does not include acts of non – violent civil disobedience (i.e., protests without a permit), which are outside the scope of federal law enforcement jurisdiction.
(U//FOUO) Domestic Violent Extremists Emboldened in Aftermath of Capitol Breach, Domestic Terrorism Threat Likely Amid Political Transitions
This Joint Intelligence Bulletin (JIB) is intended to highlight the threat of violence from domestic violent extremists (DVEs) in the wake of the 6 January violent breach by some DVEs of the US Capitol Building in Washington, DC, following lawful protest activity related to the results of the General Election. Anti-government or anti-authority violent extremists (AGAAVE), specifically militia violent extremists (MVEs); racially or ethnically motivated violent extremists (RMVEs); and DVEs citing partisan political grievances will very likely pose the greatest domestic terrorism threats in 2021.
This playbook is intended to support sites interested in administering COVID-19 treatment under EUA including:
• Existing hospital or community-based infusion centers
• Existing clinical space (e.g. urgent care, emergency depts)
• Ad hoc new infusion sites (e.g. “hospitals without walls”)
• Long-term care facilities or home infusions with infusion delivery capability
Asymmetric Warfare Group Study: Russian Private Military Companies in Operations, Competition, and Conflict
Russian PMCs are used as a force multiplier to achieve objectives for both government and Russia-aligned private interests while minimizing both political and military costs. While Moscow continues to see the use of Russian PMCs as beneficial, their use also presents several vulnerabilities that present both operational and strategic risks to Russian Federation objectives.
Cybersecurity and Infrastructure Security Agency Mail-In Voting in 2020 Infrastructure Risk Assessment
All forms of voting – in this case mail-in voting – bring a variety of cyber and infrastructure risks. Risks to mail-in voting can be managed through various policies, procedures, and controls.
The outbound and inbound processing of mail-in ballots introduces additional infrastructure and technology, which increases the potential scalability of cyber attacks. Implementation of mail-in voting infrastructure and processes within a compressed timeline may also introduce new risk. To address this risk, election officials should focus on cyber risk management activities, including access controls and authentication best practices when implementing expanded mail-in voting.
(U//FOUO) DHS Bulletin: Russia Likely to Continue Seeking to Undermine Faith in US Electoral Process
We assess that Russia is likely to continue amplifying criticisms of vote-by-mail and shifting voting processes amidst the COVID-19 pandemic to undermine public trust in the electoral process. Decisions made by state election officials on expanding vote-by-mail and adjusting in-person voting to accommodate challenges posed by COVID-19 have become topics of public debate. This public discussion represents a target for foreign malign influence operations that seeks to undermine faith in the electoral process by spreading disinformation about the accuracy of voter data for expanded vote-by-mail, outbound/inbound mail ballot process, signature verification and cure process, modifying scale of in-person voting, and safety and health concerns at polling places, according to CISA guidance documents provided to state and local election officials.
We assess that some violent opportunists have become more emboldened following a series of attacks against law enforcement during the last 24 hours nationwide. This could lead to an increase in potentially lethal engagements with law enforcement officials as violent opportunists increasingly infiltrate ongoing protest activity. We also have received an increase in reports on shots fired during lawful protests nationwide—an indicator we associate with the potential for increased violence moving forward—and several uncorroborated reports of probably violent opportunists pre-staging improvised weapons at planned protest venues. Law enforcement officers continue to be the primary targets of firearm attacks, though several incidents last night involved violent opportunists shooting into crowds of protestors.
We assess that violent opportunists will continue to exploit ongoing nationwide lawful protests as a pretext to attempt to disrupt law enforcement operations; target law enforcement personnel, assets, and facilities; and damage public and private property. We have identified multiple tactics currently at play, including the use of weapons, counter-mobility, physical barriers, screening and concealment, intercepted communications, and pre-operational activities.
(U//FOUO) DHS Bulletin: Ongoing Violence, Information Narratives Nationwide Poses Continued Threat to Law Enforcement
In the last 24 hours the types of people or groups seeking to carry out violence in response to the death of George Floyd in Minneapolis has shifted in many cities. The initial violent looters and protestors were believed to be organic members of the local communities. However, domestic violent extremists are attempting to structure the protests to target specific symbols of state, local, and federal authority. We anticipate armed individuals will continue to infiltrate the protest movement. We assess with high confidence during the period of darkness from 30 to 31 May the violent protest movements will grow and DVEs and others will seek to take over government facilities and attack law enforcement.
In a domestic complex catastrophe, with effects that would qualitatively and quantitatively exceed those experienced to date, the demand for Defense support of civil authorities would be unprecedented. Meeting this demand would be especially challenging if a cyber attack or other disruption of the electrical power grid creates cascading failures of critical infrastructure, threatening lives and greatly complicating DoD response operations.