An August 2013 presentation from the Texas Department of Public Safety Intelligence & Counterterrorism Division focusing on suspicious activity reporting in relation to critical infrastructure, particularly dams. The presentation is noteworthy for its reference to the use of TrapWire, a private surveillance product designed to correlate suspicious activity across a variety of domains to detect per-operational indicators of terrorist activity.
The Syrian Electronic Army (SEA), a pro-regime hacker group that emerged during Syrian anti-government protests in 2011, has been compromising high-profile media outlets in an effort to spread pro-regime propaganda. The SEA’s primary capabilities include spearphishing, Web defacements, and hijacking social media accounts to spread propaganda. Over the past several months, the SEA has been highly effective in compromising multiple high-profile media outlets.
The United States Government assesses with high confidence that the Syrian government carried out a chemical weapons attack in the Damascus suburbs on August 21, 2013, resulting in a large number of casualties, including the deaths of 1,429 people, among them 426 children. We further assess that the regime used a nerve agent in the attack.
Two presentations from the Gamma Group describe the company’s FinFisher and 3G-GSM tactical interception and target location surveillance products. The presentations were anonymously posted online and are reportedly from 2011 discussions between Gamma and the German State Criminal Police Offices (Landeskriminalamts).
The Hemisphere Project is coordinated from the Los Angeles Clearinghouse and is funded by ONDCP and DEA. Hemisphere provides electronic call detail records (CDRs) in response to federal, state, and local administrative/grand jury subpoenas. The Hemisphere database contains CDRs for any telephone carrier that uses an AT&T switch to process a telephone call. Hemisphere is an unclassified program. Hemisphere provides de-confliction within the Hemisphere database. 4 billion CDRs populate the Hemisphere database on a daily basis.
The following definitions align key cyberspace operations (CO) concepts with doctrinally accepted terms and definitions used in the other joint operational domains. For explanatory purposes, in each case, the current Information Operations (IO) doctrinal definition for some aspect of CO is presented, followed by its conventional analogue, if any, and the current terminology it would replace.
This functional concept details capabilities and effects necessary to perform operational cyberspace functions desired by the warfighter, from the present through 2030. This concept broadly describes how AFSPC intends to conduct cyberspace operations in support of both joint and AF operations of all types, and provides a foundation for developing more detailed concept documents. Moreover, AFSPC will use this concept, along with emerging joint guidance, to organize, train, and equip forces to conduct cyberspace operations. Finally, this concept provides the operational perspective to underpin the many activities necessary to realize the AF institutional vision for a mature set of cyberspace capabilities.
The United States Air Force (USAF) Blueprint for Cyberspace provides commander’s guidance and intent, identifies opportunities and delineates objectives and strategies that will shape USAF actions over the next five years. This document describes the first phase of a two-phase approach. It defines specific actions to align cyber activities and functions, to evolve and integrate the unique capabilities the USAF brings to the joint fight, and to build cyberspace operational capacity.
Android is the world’s most widely used mobile operating system (OS) and continues to be a primary target for malware attacks due to its market share and open source architecture. Industry reporting indicates 44 percent of Android users are still using versions 2.3.3 through 2.3.7-known as Gingerbread-which were released in 2011 and have a number of security vulnerabilities that were fixed in later versions. The growing use of mobile devices by federal, state, and local authorities makes it more important than ever to keep mobile OS patched and up-to-date.
(U//FOUO) Joint Chiefs of Staff Manual: Standard Specified Geographic Location File Request (GEOREQ)
Analysis conducted by the Central Florida Intelligence Exchange (CFIX) has found that 79% of mass shootings since 2011 have been perpetrated by individuals with “demonstrated signs of continuous behavioral health issues and mental illness.” In a July case study titled “Acts of Violence Attributed by Behavioral and Mental Health Issues”, CFIX analyzed 14 mass shooting incidents that occurred between 2011 and 2013 finding that only three of the shooters had no history of mental illness.
(U//FOUO) Central Florida Intelligence Exchange Analysis: Violence Attributed by Behavioral and Mental Health Issues
The purpose of this bulletin is to increase the awareness and improve response to acts of violence perpetrated by individuals acting out in violent behavior towards healthcare providers and emergency responders. This bulletin provides an analytical overview of significant acts of violence, specifically throughout the Central Florida region, statewide (FL), a nationwide perspective from 2009 – 2013, and statistical analysis of notorious mass shooting incidents throughout the U.S. attributed by claims of mental illness.
Since June, advanced persistent threat (APT) actors have been targeting the aviation industry and attempting to extract confidential information by sending “spear-phishing” emails designed to trick recipients into opening malicious attachments or follow links to infected websites. According to an FBI Cyber Division bulletin from July 8, “individuals associated with the air travel industry” have received an increased number of spear-phishing emails often using spoofed senders “in an attempt to make the e-mail appear more legitimate.”
(U//FOUO) FBI Cyber Division Bulletin: Advanced Persistent Threat (APT) Actors Targeting Aviation Industry
Since June 2013, the FBI has observed advanced persistent threat (APT) actors’ increased interest in the aviation industry. APT actors have sent spear-phishing e-mails targeting individuals associated with the air travel industry. Some of the spear-phishing e-mails originated from a spoofed sender in an attempt to make the e-mail appear more legitimate. E-mail recipients should be aware of suspicious and potentially malicious e-mail attachments or links.
The primary intent of this Center for Army Lessons Learned publication is to provide a reference to assist commanders and planners in understanding how these complex systems are organized, managed, and operated — from a civilian perspective. It will not make the reader an expert. Each chapter was developed by students attending the Command and General Staff College during an elective course titled “Restoring Essential Services in Stability Operations.”
This report on unconventional operational concepts and the homeland was prepared as part of the Defense Science Board 2007 Summer Study on Challenges to Military Operations in Support of National Interests. The summer study recognized that asymmetric tools of war in the hands of potential adversaries may well be employed using non-traditional concepts of operation. Moreover, the battlefield may no longer be limited to regions afar, but may include the U.S. homeland. The United States could well confront the possibility of going to war abroad in the face of significant devastation in the homeland—dividing forces between homeland catastrophe relief operations and combat abroad, or even facing the possibility that deploy and supply of U.S. military forces could be delayed and disrupted.
This publication has been prepared under the direction of the Chairman of the Joint Chiefs of Staff (CJCS). It sets forth joint doctrine to govern the activities and performance of the Armed Forces of the United States in DSCA operations, and it provides the doctrinal basis for interagency coordination during DSCA operations. It provides military guidance for the exercise of authority by combatant commanders and other joint force commanders (JFCs) and prescribes joint doctrine for operations, education, and training. It provides military guidance for use by the Armed Forces in preparing their appropriate plans. It is not the intent of this publication to restrict the authority of the JFC from organizing the force and executing the mission in a manner the JFC deems most appropriate to ensure unity of effort in the accomplishment of the overall objective.
This pamphlet is designed to foster your awareness of the terrorist threat, to provide techniques for you to actively protect yourself and your family, and to help ensure the process of changing our mindset from complacency to constant vigilance. It is intended to serve as a guide, and you should incorporate the measures that apply to you and your family.
(U//FOUO) DoD Instruction: Biometric Enabled Intelligence (BEI) and Forensic Enabled Intelligence (FEI)
This white paper explains the Government’s legal basis for an intelligence collection program under which the Federal Bureau of Investigation (FBI) obtains court orders directing certain telecommunications service providers to produce telephony metadata in bulk. The bulk metadata is stored, queried and analyzed by the National Security Agency (NSA) for counterterrorism purposes. The Foreign Intelligence Surveillance Court (“the FISC” or “the Court”) authorizes this program under the “business records” provision of the Foreign Intelligence Surveillance Act (FISA), 50 U.S.C. § 1861, enacted as section 215 of the USA PATRIOT Act (Section 215). The Court first authorized the program in 2006, and it has since been renewed thirty-four times under orders issued by fourteen different FISC judges. This paper explains why the telephony metadata collection program, subject to the restrictions imposed by the Court, is consistent with the Constitution and the standards set forth by Congress in Section 215. Because aspects of this program remain classified, there are limits to what can be said publicly about the facts underlying its legal authorization. This paper is an effort to provide as much information as possible to the public concerning the legal authority for this program, consistent with the need to protect national security, including intelligence sources and methods. While this paper summarizes the legal basis for the program, it is not intended to be an exhaustive analysis of the program or the legal arguments or authorities in support of it.