DHS and FBI Bulletins on OpUSA Tools and Tactics

Multiple groups, and individual hacker handles have claimed their intent to attack U.S. websites as part of OpUSA. As seen in many hacktivist operations (Ops), willing participants have posted free tools to assist other like minded individuals in their attack efforts. Often, more coordinated attacks will name a specific tool, target, day and time for the attack. That has not been the case for OpUSA thus far. Individual hacker groups seem to be conducting attacks independently, each claiming responsibility for individual defacements and data breaches that have supposedly recently taken place. Below you will find some of the tools being posted in conversations about OpUSA and links to US-CERT sites which provide background on the vulnerabilities exploited by these tools as well as mitigation advice for computer network defense actions.

UNODC Afghanistan Opium Survey 2012

Afghanistan cultivates, produces and process narcotics that are a threat to the region and worldwide. However, the international community also needs to understand that Afghanistan itself is a victim of this phenomenon. The existence of hundreds of thousands of problem drug users, as well as decades of civil war, terrorism and instability are all related to the existence of narcotics in the country. According to the findings of this survey, the total area under cultivation was estimated at 154,000 hectares, an 18 per cent increase from the previous year. Comparisons of the gross and net values with Afghan’s licit GDP for 2012 also serve to highlight the opium economy’s impact on the country. In 2012, net opium exports were worth some 10 per cent of licit GDP, while the farmgate value of the opium needed to produce those exports alone was equivalent to 4 per cent of licit GDP. On the basis of shared responsibility and the special session of the United Nation’s General assembly in 1998, the international community needs to take a balanced approach by addressing both the supply and the demand side equally. In addition, more attention needs to be paid to reduce demand and the smuggling of precursors as well as provide further support to the Government of Afghanistan.

(U//FOUO) U.S. Air Force Notice on Use of Social Networking Sites for Computer Network Exploitation

Nation-state adversaries regularly use accounts on popular social networking sites to facilitate social engineering against DoD members. Information disclosed or discovered on social networking sites creates a significant operations security (OPSEC) concern and in the context of a wide spread collection effort could be by adversaries to form a classified picture.

DHS-Connecticut Intelligence Center (CTIC) Active Shooter Individual Response Guidelines

An “Active Shooter” is an individual actively engaging in killing or attempting to kill people in a confined and populated area; in most cases, active shooters use firearm(s) and there is no pattern or method to their selection of victims. Active Shooter situations are unpredictable and evolve quickly. Typically, the immediate deployment of Law Enforcement is required to stop the shooting and mitigate harm to victims. Because Active Shooter incidents are often over within 5-15 minutes, before Law Enforcement arrives on the scene, individuals must be prepared both mentally and physically to deal with an active shooter situation.

(U//FOUO) National Counterterrorism Center Report: Common Misconceptions About Homeland Plotting

A facilitated brainstorming session was convened to identify and examine the most common misconceptions about conventional Homeland plotting. These misconceptions stemmed from inquiries received from Federal, state, local, tribal, and private-sector consumers and from articles published by outside experts and in the media. Analysts identified the following six misconceptions as the most common and compared them with current analytic lines.

DoD Report to Congress on North Korea Military and Security Developments 2012

The Democratic People’s Republic of Korea (DPRK) remains one of the United States’ most critical security challenges in Northeast Asia. North Korea remains a security threat because of its willingness to undertake provocative and destabilizing behavior, including attacks on the Republic of Korea (ROK), its pursuit of nuclear weapons and long-range ballistic missiles, and its willingness to proliferate weapons in contravention of its international agreements and United Nations Security Council Resolutions. North Korean aspiration for reunification – attainable in its mind in part by expelling U.S. forces from the Peninsula – and its commitment to perpetuating the Kim family regime are largely unchanged since the nation’s founding in 1948, but its strategies to achieve these goals have evolved significantly. Under Kim Jong Il, DPRK strategy had been focused on internal security; coercive diplomacy to compel acceptance of its diplomatic, economic and security interests; development of strategic military capabilities to deter external attack; and challenging the ROK and the U.S.-ROK Alliance. We anticipate these strategic goals will be consistent under North Korea’s new leader, Kim Jong Un.

DHS-FBI Bulletins Identifying IP Addresses, Hostnames Associated With Malicious Cyber Activity Against the U.S. Government

Various cyber actors have engaged in malicious activity against Government and Private Sector entities. The apparent objective of this activity has been the theft of intellectual property, trade secrets, and other sensitive business information. To this end, the malicious actors have employed a variety of techniques in order to infiltrate targeted organizations, establish a foothold, move laterally through the targets’ networks, and exfiltrate confidential or proprietary data. The United States Department of Homeland Security (DHS), in collaboration with the Federal Bureau of Investigation and other partners, has created this Joint Indicator Bulletin, containing cyber indicators related to this activity. Organizations are advised to examine current and historical security logs for evidence of malicious activity related to the indicators in this bulletin and deploy additional protections as appropriate.

IMF Fiscal Affairs Department Cyprus Options for Short-Term Expenditure Rationalization

Increasing public spending had contributed to a substantial deterioration of public finances in Cyprus over recent years. To address fiscal imbalances, the government introduced an initial set of fiscal reform’s in late 2012. However, additional measures are needed to ensure the sustainability of public finances. The size of the necessary adjustment will depend, among other things, on the magnitude of spillovers from financial sector restructuring.

Special Inspector General Lessons Learned on the Commander’s Emergency Response Program in Iraq

The CERP was formally established by the Coalition Provisional Authority in July 2003 to provide U.S. military commanders in Iraq with a stabilization tool that benefitted the Iraqi people. The program supported urgent, small-scale projects that local governments could sustain, that generally cost less than $25,000, and that provided employment. DoD defined urgent as “any chronic and acute inadequacy of an essential good or service that, in the judgment of the local commander, calls for immediate action.” Among other things, CERP funds were used to: build schools, health clinics, roads, and sewers; pay condolence payments; support economic development; purchase equipment; and perform civic cleanup. DoD used CERP as a “combat multiplier” whose projects helped improve and maintain security in Iraq through non-lethal means. The program was considered “critical to supporting military commanders in the field in executing counterinsurgency operations” and its pacification effects important to saving lives.

UNODC Afghanistan Opium Risk Assessment 2013

The findings of the 2013 Opium Risk Assessment in the Southern, Eastern, Western and Central regions points to a worrying situation. The assessment suggests that poppy cultivation is not only expected to expand in areas where it already existed in 2012, e.g. in the area north of the Boghra canal in Hilmand province or in Bawka district in Farah province but also in new areas or in areas where poppy cultivation was stopped. In eastern Afghanistan, in Nangarhar province, farmers resumed cultivation even in districts where poppy has not been present for the last four years. In the Northern and Northeastern region, the provinces of Balkh and Takhar which were poppy-free for many years are at risk of resuming poppy cultivation.

(U//FOUO) DHS-FBI Indicators and Protective Measures In Light of Boston Marathon Explosions

This Joint Intelligence Bulletin provides law enforcement and private sector safety officials with protective measures in light of the recent explosions that took place at the 2013 Boston Marathon in Boston, Massachusetts. The information is provided to support the activities of DHS and FBI and to assist federal, state, local, tribal, and territorial government counterterrorism and first responder officials and the private sector to deter, prevent, preempt, or respond to terrorist attacks in the United States.

(U//FOUO) DHS-FBI Information Regarding the Devices Likely Used in Boston Marathon Explosions

This Joint Intelligence Bulletin provides information on the devices used in the 15 April 2013 Boston Marathon explosions. The information is intended to provide aid in identifying devices and to support the activities of DHS and FBI and to assist federal, state, local, tribal, and territorial government counterterrorism and first responder officials and the private sector to deter, prevent, preempt, or respond to terrorist attacks in the United States.

(U//FOUO) DHS-FBI Update: Pressure Cookers as IED Components

This is an update of an RCR published on 1 July 2010. Rudimentary improvised explosive devices (IEDs) using pressure cookers to contain the initiator, switch, and explosive charge frequently have been used in Afghanistan, India, Nepal, and Pakistan. Pressure cookers are common in these countries, and their presence probably would not seem out of place or suspicious to passersby or authorities. Presence in an unusual location—or if noticed in a contanier such as a backpack—should be treated as suspicious.

DoD Strategy for Homeland Defense and Defense Support of Civil Authorities February 2013

Defending U.S. territory and the people of the United States is the highest priority of the Department of Defense (DoD), and providing appropriate defense support of civil authorities (DSCA) is one of the Department’s primary missions. This Strategy for Homeland Defense and Defense Support of Civil Authorities orients the Department towards an increasingly complex strategic environment. It emphasizes innovative approaches, greater integration, deepening of external partnerships, and increased effectiveness and efficiencies in DoD’s homeland activities. It applies the vital capabilities of the Total Force – in the Active and Reserve Components – to make the nation more secure and resilient. Finally, the Strategy guides future decisions on homeland defense and civil support issues consistent with the Defense Strategic Guidance and the Quadrennial Defense Review (QDR).

(U//FOUO) FBI Bulletin: Potential Use of Exploding Targets as Explosives in IEDs

The FBI assesses with high confidence recreationally used exploding targets (ETs), commonly referred to as tannerite, or reactive targets, can be used as an explosive for illicit purposes by criminals and extremists and explosive precursor chemicals (EPCs) present in ETs can be combined with other materials to manufacture explosives for use in improvised explosive devices (IEDs).

(U//FOUO) FBI Bulletin: Los Zetas Recruitment of Non-Traditional Associates in the United States

Recent FBI intelligence from multiple FBI HUMINT sources indicates a shift in Los Zetas recruiting methods and reliance on non-traditional associates. Past, accurate FBI reporting indicated Los Zetas previously focused its recruitment on members with prior specialized training, such as ex-military and ex-law enforcement officers, and not on US-based gangs or US persons in order to maintain a highly-disciplined and structured hierarchy. This hierarchy, which resembled a military-style command and control structure, facilitated drug trafficking operations and maintained lines of authority. However, current FBI reporting indicates that Los Zetas is recruiting and relying on non-traditional, non-military trained associates—US-based prison and street gangs and non-Mexican nationals—to perform drug trafficking and support operations in Mexico and in the United States.

(U//FOUO) U.S. Marine Corps Light Armored Reconnaissance Battalion Operations in Afghanistan Lessons Learned Report

This report is a continuation of the collection effort on units supporting operations in Afghanistan as directed by the Deputy Commandant for Combat Development and Integration. The collection sought to examine the mission, scope, successes, shortfalls, equipment, manning and emerging issues associated with 4th Light Armored Reconnaissance Battalion (4th LAR) operations. Interviews of 28 commanders and staff were conducted at various camps and bases in Afghanistan from December 2009 – April 2010.

DEA General Principles for Payment of Records Requested via Administrative Subpoenas

This memorandum summarizes the basic payment principles. Title 21 U.S.C. § 876 authorizes the use of administrative subpoenas to obtain information relating to Title 21 investigations. DEA is under no obligation to pay for information provided in response to its issuance of an administrative subpoena unless a separate Federal statute or regulation specifically states that reimbursement is required.

DoD Issues Instructions on Military Support of Civilian Law Enforcement

The Department of Defense has issued an instruction clarifying the rules for the involvement of military forces in civilian law enforcement. The instruction establishes “DoD policy, assigns responsibilities, and provides procedures for DoD support to Federal, State, tribal, and local civilian law enforcement agencies, including responses to civil disturbances within the United States.” The new instruction titled “Defense Support of Civilian Law Enforcement Agencies” was released at the end of February, replacing several older directives on military assistance to civilian law enforcement and civil disturbances. The instruction requires that senior DoD officials develop “procedures and issue appropriate direction as necessary for defense support of civilian law enforcement agencies in coordination with the General Counsel of the Department of Defense, and in consultation with the Attorney General of the United States”, including “tasking the DoD Components to plan for and to commit DoD resources in response to requests from civil authorities for [civil disturbance operations].” Military officials are to coordinate with “civilian law enforcement agencies on policies to further DoD cooperation with civilian law enforcement agencies” and the heads of the combatant commands are instructed to issue procedures for “establishing local contact points in subordinate commands for purposes of coordination with Federal, State, tribal, and local civilian law enforcement officials.”

DoD Instruction 3025.21 Defense Support of Civilian Law Enforcement Agencies

Establishes DoD policy, assigns responsibilities, and provides procedures for DoD support to Federal, State, tribal, and local civilian law enforcement agencies, including responses to civil disturbances within the United States, including the District of Columbia, the Commonwealth of Puerto Rico, the U.S. Virgin Islands, Guam, American Samoa, the Commonwealth of the Northern Mariana Islands, and any territory or possession of the United States or any other political subdivision thereof in accordance with DoDD 3025.18 (Reference (c)).