State, local, tribal and territorial (SLTT) computer networks have been increasingly targeted by cyber adversaries. At the same time, the expansion of mobile devices integrated into SLTT networks provides new opportunities for cyber adversaries seeking to collect information or disrupt operations by compromising mobile technology and exploiting vulnerabilities in portable operating systems, application software, and hardware. Compromise of a mobile device can have an impact beyond the device itself; malware can propagate across interconnected networks.
A number of exclusions, deductions, preferential rates, and credits in the federal tax system cause revenues to be much lower than they would be otherwise for any given structure of tax rates. Some of those provisions—in both the individual and corporate income tax systems—are termed “tax expenditures” because they resemble federal spending by providing financial assistance to specific activities, entities, or groups of people. Tax expenditures, like traditional forms of federal spending, contribute to the federal budget deficit; influence how people work, save, and invest; and affect the distribution of income. This report examines how 10 of the largest tax expenditures in the individual income tax system in 2013 are distributed among households with different amounts of income.
Many networks run by public and private organizations have experienced intrusions in recent years, and this cyber exploitation has resulted in an unprecedented transfer of wealth due to lost intellectual property. The threats to our networks and systems exist across numerous components that include end-user-devices, servers, and infrastructure devices. To address threats to routers and other network infrastructure devices, the National Security Agency’s Information Assurance Directorate (IAD) is publishing this IAA to guide U.S. Government systems accreditors’ strategic plan for network hardening.
Adversary actors in cyberspace continue to demonstrate the interest in and ability to execute Distributed Denial of Service (DDoS) attacks against the United States. The need to offer Internet services in support of mission requirements inherently exposes these services to malicious traffic and the potential for DDoS attack. Proactive preparation to ensure network resilience in the event of a DDoS event is essential. Reactive measures are feasible, but are often too slow to respond to the dynamic nature of today’s threat.
Terrorists and violent extremists have used—or considered using—diversionary tactics in terrorist attacks overseas. Diversionary tactics are often used to draw security forces and first responders away from the intended primary target of the attack and may be used as part of a complex or multi-pronged attack. Diverting first responders to a location other than the primary target of an attack delays the response and the provision of medical care to victims, and depletes first responder resources.
Terrorists and violent extremists could use unsuspecting civilians to transport improvised explosive devices (IEDs) artfully concealed in seemingly harmless items for use in attacks in the Homeland. Overseas attacks demonstrate that violent extremists have successfully used unsuspecting individuals to carry items containing IEDs to specific targets where the devices are then detonated remotely. This tactic enables terrorists and violent extremists to place IEDs in secure areas, among large gatherings of people, or at high profile events and detonate them from a standoff distance.
On May 21, 2013, the Permanent Subcommittee on Investigations (PSI) of the U.S. Senate Homeland Security and Government Affairs Committee will hold a hearing that is a continuation of a series of reviews conducted by the Subcommittee on how individual and corporate taxpayers are shifting billions of dollars offshore to avoid U.S. taxes. The hearing will examine how Apple Inc., a U.S. multinational corporation, has used a variety of offshore structures, arrangements, and transactions to shift billions of dollars in profits away from the United States and into Ireland, where Apple has negotiated a special corporate tax rate of less than two percent. One of Apple’s more unusual tactics has been to establish and direct substantial funds to offshore entities in Ireland, while claiming they are not tax residents of any jurisdiction. For example, Apple Inc. established an offshore subsidiary, Apple Operations International, which from 2009 to 2012 reported net income of $30 billion, but declined to declare any tax residence, filed no corporate income tax return, and paid no corporate income taxes to any national government for five years. A second Irish affiliate, Apple Sales International, received $74 billion in sales income over four years, but due in part to its alleged status as a non-tax resident, paid taxes on only a tiny fraction of that income.
The following are satellite photos of the Al-Zaatari Refugee Camp in Jordan with analysis provided by the United Nations Institute for Training and Research (UNITAR) Operational Satellite Applications Programme (UNOSAT). The photos show the growth of the camp from approximately…
In 2011, a total of 478,400 fatal and nonfatal violent crimes were committed with a firearm. Homicides made up about 2% of all firearm-related crimes. There were 11,101 firearm homicides in 2011, down by 39% from a high of 18,253 in 1993. The majority of the decline in firearm-related homicides occurred between 1993 and 1998. Since 1999, the number of firearm homicides increased from 10,828 to 12,791 in 2006 before declining to 11,101 in 2011. Nonfatal firearm-related violent victimizations against persons age 12 or older declined 70%, from 1.5 million in 1993 to 456,500 in 2004. The number then fluctuated between about 400,000 to 600,000 through 2011. While the number of firearm crimes declined over time, the percentage of all violence that involved a firearm did not change substantively, fluctuating between 6% and 9% over the same period. In 1993, 9% of all violence was committed with a firearm, compared to 8% in 2011.
This handbook provides the tactical operator, commander, and battle staff with information on planning, executing, assessing, and sustaining information operations (IO). The handbook is based on observations collected in Iraq during July and August 2004 by an IO collection and analysis team (CAAT). The application of this tool is both for training and real-world events the Soldier may encounter in the Iraqi area of operations.
Joint and Coalition Operational Analysis (JCOA) Reducing and Mitigating Civilian Casualties: Enduring Lessons
The United States has long been committed to upholding the Law of Armed Conflict (LOAC) and minimizing collateral damage, which includes civilian casualties (CIVCAS) and unintended damage to civilian objects (facilities, equipment, or other property that is not a military objective). In support of these goals, the U.S. military developed capabilities for precision engagements and accurately identifying targets, such as the development of refined targeting processes and predictive tools to better estimate and minimize collateral damage. These capabilities permitted the conduct of combat operations with lower relative numbers of civilian casualties compared to past operations. However, despite these efforts, and while maintaining compliance with the laws of war, the U.S. military found over the past decade that these measures were not always sufficient for meeting the goal of minimizing civilian casualties when possible. Resulting civilian casualties ran counter to U.S. desires and public statements that the United States did “everything possible” to avoid civilian casualties, and therefore caused negative second-order effects that impacted U.S. national, strategic, and operational interests.
(U//FOUO) Defense Security Service Cybersecurity Operations Division Counterintelligence Presentation
A Defense Security Service presentation from December 2012 outlining information and statistics on defense industrial base cyber incidents and intrusions.
Multiple groups, and individual hacker handles have claimed their intent to attack U.S. websites as part of OpUSA. As seen in many hacktivist operations (Ops), willing participants have posted free tools to assist other like minded individuals in their attack efforts. Often, more coordinated attacks will name a specific tool, target, day and time for the attack. That has not been the case for OpUSA thus far. Individual hacker groups seem to be conducting attacks independently, each claiming responsibility for individual defacements and data breaches that have supposedly recently taken place. Below you will find some of the tools being posted in conversations about OpUSA and links to US-CERT sites which provide background on the vulnerabilities exploited by these tools as well as mitigation advice for computer network defense actions.
Afghanistan cultivates, produces and process narcotics that are a threat to the region and worldwide. However, the international community also needs to understand that Afghanistan itself is a victim of this phenomenon. The existence of hundreds of thousands of problem drug users, as well as decades of civil war, terrorism and instability are all related to the existence of narcotics in the country. According to the findings of this survey, the total area under cultivation was estimated at 154,000 hectares, an 18 per cent increase from the previous year. Comparisons of the gross and net values with Afghan’s licit GDP for 2012 also serve to highlight the opium economy’s impact on the country. In 2012, net opium exports were worth some 10 per cent of licit GDP, while the farmgate value of the opium needed to produce those exports alone was equivalent to 4 per cent of licit GDP. On the basis of shared responsibility and the special session of the United Nation’s General assembly in 1998, the international community needs to take a balanced approach by addressing both the supply and the demand side equally. In addition, more attention needs to be paid to reduce demand and the smuggling of precursors as well as provide further support to the Government of Afghanistan.
(U//FOUO) New Jersey Fusion Center: Boston Marathon Bombing Used to Disseminate Malware and Conduct Fraud
Websites and emails referencing the Boston Marathon bombing should be viewed with caution, as malicious actors are using the incident to disseminate malware and conduct fraud. While other agencies investigate the frauds, the NJ ROIC provides this information for situational awareness.
Nation-state adversaries regularly use accounts on popular social networking sites to facilitate social engineering against DoD members. Information disclosed or discovered on social networking sites creates a significant operations security (OPSEC) concern and in the context of a wide spread collection effort could be by adversaries to form a classified picture.
An “Active Shooter” is an individual actively engaging in killing or attempting to kill people in a confined and populated area; in most cases, active shooters use firearm(s) and there is no pattern or method to their selection of victims. Active Shooter situations are unpredictable and evolve quickly. Typically, the immediate deployment of Law Enforcement is required to stop the shooting and mitigate harm to victims. Because Active Shooter incidents are often over within 5-15 minutes, before Law Enforcement arrives on the scene, individuals must be prepared both mentally and physically to deal with an active shooter situation.
Approximately fifty million students attend nearly 100,000 public elementary and secondary schools throughout the Nation. Elementary and secondary schools are relatively open-access, limited egress congregation points for children, and have been successfully targeted by terrorists in the past.
The National Counterterrorism Center (NCTC) warned in November of last year that precursor components needed to produce improvised explosive devices (IEDs) are “widely and legally available in sufficient quantities through a variety of sources” in the U.S. and are difficult to regulate due to their legitimate uses.
A facilitated brainstorming session was convened to identify and examine the most common misconceptions about conventional Homeland plotting. These misconceptions stemmed from inquiries received from Federal, state, local, tribal, and private-sector consumers and from articles published by outside experts and in the media. Analysts identified the following six misconceptions as the most common and compared them with current analytic lines.
The Democratic People’s Republic of Korea (DPRK) remains one of the United States’ most critical security challenges in Northeast Asia. North Korea remains a security threat because of its willingness to undertake provocative and destabilizing behavior, including attacks on the Republic of Korea (ROK), its pursuit of nuclear weapons and long-range ballistic missiles, and its willingness to proliferate weapons in contravention of its international agreements and United Nations Security Council Resolutions. North Korean aspiration for reunification – attainable in its mind in part by expelling U.S. forces from the Peninsula – and its commitment to perpetuating the Kim family regime are largely unchanged since the nation’s founding in 1948, but its strategies to achieve these goals have evolved significantly. Under Kim Jong Il, DPRK strategy had been focused on internal security; coercive diplomacy to compel acceptance of its diplomatic, economic and security interests; development of strategic military capabilities to deter external attack; and challenging the ROK and the U.S.-ROK Alliance. We anticipate these strategic goals will be consistent under North Korea’s new leader, Kim Jong Un.
The following photos were released May 2, 2013 by the 138th Public Affairs Detachment. The photos depict Joint Task Force Guantanamo’s Behavioral Health Unit and Joint Medical Group facilities where detainees are force-fed due to an ongoing hunger strike among…
DHS-FBI Bulletins Identifying IP Addresses, Hostnames Associated With Malicious Cyber Activity Against the U.S. Government
Various cyber actors have engaged in malicious activity against Government and Private Sector entities. The apparent objective of this activity has been the theft of intellectual property, trade secrets, and other sensitive business information. To this end, the malicious actors have employed a variety of techniques in order to infiltrate targeted organizations, establish a foothold, move laterally through the targets’ networks, and exfiltrate confidential or proprietary data. The United States Department of Homeland Security (DHS), in collaboration with the Federal Bureau of Investigation and other partners, has created this Joint Indicator Bulletin, containing cyber indicators related to this activity. Organizations are advised to examine current and historical security logs for evidence of malicious activity related to the indicators in this bulletin and deploy additional protections as appropriate.
Increasing public spending had contributed to a substantial deterioration of public finances in Cyprus over recent years. To address fiscal imbalances, the government introduced an initial set of fiscal reform’s in late 2012. However, additional measures are needed to ensure the sustainability of public finances. The size of the necessary adjustment will depend, among other things, on the magnitude of spillovers from financial sector restructuring.
The CERP was formally established by the Coalition Provisional Authority in July 2003 to provide U.S. military commanders in Iraq with a stabilization tool that benefitted the Iraqi people. The program supported urgent, small-scale projects that local governments could sustain, that generally cost less than $25,000, and that provided employment. DoD defined urgent as “any chronic and acute inadequacy of an essential good or service that, in the judgment of the local commander, calls for immediate action.” Among other things, CERP funds were used to: build schools, health clinics, roads, and sewers; pay condolence payments; support economic development; purchase equipment; and perform civic cleanup. DoD used CERP as a “combat multiplier” whose projects helped improve and maintain security in Iraq through non-lethal means. The program was considered “critical to supporting military commanders in the field in executing counterinsurgency operations” and its pacification effects important to saving lives.