Federal Bureau of Investigation

FBI Chinese Military Hacking Indictments Private Industry Notifications

Today the Western District of Pennsylvania unsealed an indictment naming five members of the People’s Liberation Army of the People’s Republic of China on 31 counts, including conspiring to commit computer fraud (18 U.S.C. §§ 371, 1030), accessing a computer without authorization for the purpose of commercial advantage and private financial gain (18 U.S.C. § 1030(a)(2)(C), (c)(2)(B)), damaging computers through the transmission of code and commands (18 U.S.C. § 1030(a)(5)), aggravated identity theft (18 U.S.C. § 1028A), economic espionage (18 U.S.C. § 1831(a)(1)), and theft of trade secrets (18 U.S.C. § 1832(a)(1)). Each of the defendants provided his individual expertise to a conspiracy to penetrate the computer networks of six US companies while those companies were engaged in negotiations or joint ventures with or were pursuing legal action against state-owned enterprises in China. The following technical details are indicators released in the indictment related to these actors’ activity.

Read more →

National Counterterrorism Center

National Counterterrorism Center Enhanced Safeguards Decision Matrix

The DNI, D/NCTC and the Attorney General approved revised Attorney General Guidelines for NCTC’s handling of US Person (USP) information in March 2012. These revised NCTC Attorney General Guidelines (“NCTC’s AGGs”) govern NCTC’s access, retention, use, and dissemination of datasets identified as including non-terrorism information and information pertaining exclusively to domestic terrorism, and provide NCTC with the authority to retain USP information for up to five years (unless a shorter period is required by law, executive order, regulation, international agreement, etc.). During this temporary retention and assessment period, additional safeguards and protections are applied to this data, to include baseline (and potentially enhanced) safeguards, as well as additional compliance, auditing, reporting and oversight mechanisms.

Read more →

U.S. Army

(U//FOUO) U.S. Army Tactical Combat Casualty Care Handbook August 2013

Tactical Combat Casualty Care (TCCC) is the pre-hospital care rendered to a casualty in a tactical, combat environment. The principles of TCCC are fundamentally different from those of traditional civilian trauma care, which is practiced by most medical providers and medics. These differences are based on both the unique patterns and types of wounds that are suffered in combat and the tactical environment medical personnel face in combat. Unique combat wounds and tactical environments make it difficult to determine which intervention to perform at what time. Besides addressing a casualty’s medical condition, responding medical personnel must also address the tactical situation faced while providing casualty care in combat. A medically correct intervention performed at the wrong time may lead to further casualties. Stated another way, “good medicine may be bad tactics,” which can get the rescuer and casualty killed. To successfully navigate these issues, medical providers must have skills and training focused on combat trauma care, as opposed to civilian trauma care.

Read more →

Department of Defense

Joint and Coalition Operational Analysis (JCOA) Drone Strikes Civilian Casualty Considerations

The US government has described drone airstrikes in operations outside declared theaters of armed conflict as surgical and causing minimal civilian casualties. Analysis of air operations in Afghanistan, combined with a review of open-source reports for drone strikes in Pakistan, suggest that these fell short of intended goals. Specifically, drone strikes in Afghanistan were seen to have close to the same number of civilian casualties per incident as manned aircraft, and were an order of magnitude more likely to result in civilian casualties per engagement. Specific causal factors were identified that contributed to the relative propensity of drones to cause civilian casualties. Tailored training that addresses these causal factors could aid in reducing civilian casualties in engagements involving drones. While processes and operating forces in Afghanistan can differ from those in operations outside declared theaters of armed conflict, the factors above suggest that a dedicated analysis of civilian casualties in such operations would be worthwhile.

Read more →

Colorado, Intelligence Fusion Centers

(U//FOUO) Colorado Information Analysis Center Bulletin: Vulnerabilities in Knox-Box Key Entry Systems

The Knox-Box® rapid entry system is an access control system utilized by public safety agencies. This system allows facilities to securely store entry keys or cards on site for first responders. First responders utilize a master key that unlocks all Knox boxes within their jurisdiction. Currently there are over 3.5 million Knox-Box rapid entry systems in use nationwide and over 11,500 fire departments in North America that use the Knox-Box rapid entry system. In one Colorado fire district there are over 4,000 Knox-Box systems in use within the local, state, and federal government which includes; energy, water, postal, emergency services, defense, transportation, and communication sectors. Unauthorized access to the system would allow individuals to bypass physical security measures at the site. The unauthorized individuals would also be able to duplicate keys, or remove entry keys or cards which would delay first responders.

Read more →

Department of Justice

Department of Justice White Paper on Sharing Cyberthreat Information

Improved information sharing is a critical component of bolstering public and private network owners’ and operators’ capacity to protect their networks against evolving and increasingly sophisticated cyber threats. As companies continue to adopt the newest technologies, these threats will only become more diverse and difficult to combat. Ensuring that information concerning cyber threats that U.S. companies detect on their domestic networks can be quickly shared will assist those companies in identifying new threats and implementing appropriate preventative cybersecurity measures. But sharing must occur without contravening federal law or the protections afforded individual privacy and civil liberties. In the interest of advancing discussions in this important area, DOJ has prepared this paper providing its views on whether the Stored Communications Act (18 U.S.C. § 2701 et seq.) (SCA) restricts network operators from voluntarily sharing aggregated data with the government that would promote the protection of information systems. We hope that this analysis will help companies make informed decisions about what information legally may be shared with the government to promote cybersecurity.

Read more →

Colorado, Intelligence Fusion Centers

(U//FOUO) Colorado Information Analysis Center Bulletin: Marijuana Infused Edibles

The State of Colorado legalized medical marijuana in 2012 and recreational marijuana in 2014. There has been an increased amount of marijuana infused products sold to the public. The products range from fruit chewz, gummiez, cupcakes, truffles, rice krispy treats, butter, and banana bread. It is extremely difficult to differentiate between marijuana infused products and non-infused products if the original packaging is not with the product.

Read more →

U.S. Army

Restricted U.S. Army Civil Affairs Soldier Training Manual

This manual provides the information necessary for Civil Affairs (CA) Soldiers to train for military occupational specialty (MOS) proficiency and includes self-development information that can assist the Soldier in lifelong learning and career development. An overview of the Army training process details the linkage and importance of the various elements that comprise the Army training process.

Read more →

Department of Homeland Security

(U//FOUO) DHS Violent Extremist Profile: Walter Bond

Walter Bond’s path to animal rights extremism was driven by witnessing what he perceived as animal abuse and by frustration stemming from his perception that lawful, nonviolent actions appeared to have little impact on advancing the goals of the animal rights movement.* Prior to becoming violent to advance animal rights, Bond showed a tendency to use violence to advance other beliefs, such as protesting illicit drug sales by committing arson against a drug trafficker’s home and protesting against religion by burning a pentagram symbol inside a church.

Read more →

U.S. Marine Corps

(U//FOUO) U.S. Marine Corps Cordon and Search Lessons Learned Report

Cordon and search missions have been an almost daily activity in conjunction with other tactical operations within Stability and Support Operations (SASO) in both OEF and OIF. As in all tactical operations, units refined individual tactics, techniques and procedures (TTP) to meet the requirements of the situations they encountered. Cordon and search activities were not always conducted as discreet missions but as supporting operations within SASO, and can begin as less invasive “cordon and knock” efforts to gain information, and rapidly evolve into “cordon and raid” or “cordon and destroy” as the tactical situation dictates. While these terms may not be found in doctrinal references, units in their observations use them.

Read more →

U.S. Marine Corps

U.S. Marine Corps Irregular Warfare Capability Based Assessment Report

Center for Irregular Warfare Integration Division (CIWID) was directed to conduct a Capabilities Based Assessment (CBA) on Irregular Warfare (IW) to ensure that the Marine Corps is properly postured to conduct IW operations and activities in the future. This document provides the results of the analysis and the recommended way ahead. The IW CBA message directed CIWID to “provide insights/observations after each phase of the study which may be used in support of future force structure deliberations.”

Read more →

U.S. Air Force

U.S. Air Force Remotely Piloted Aircraft (RPA) Vector Report 2013-2038

Both the current fiscal and future operational environments facing the Air Force influence the landscape for investments in the development and fielding of new technologies. This document refines the Air Force strategic vision for the future of RPA and reemphasizes the inherent potential and emerging capabilities of small unmanned aircraft systems (SUAS). The RPA Vector outlines concepts and capabilities needed over the next 25 years. It can inform the capabilities planning and requirements development process as well as inform the CFLIs as they execute their responsibilities for implementation planning in the plans, programming, budgeting and execution process.

Read more →

Featured

Identity Dominance: The U.S. Military’s Biometric War in Afghanistan

For years the U.S. military has been waging a biometric war in Afghanistan, working to unravel the insurgent networks operating throughout the country by collecting the personal identifiers of large portions of the population. A restricted U.S. Army guide on the use of biometrics in Afghanistan obtained by Public Intelligence provides an inside look at this ongoing battle to identify the Afghan people.

Read more →

Afghanistan, U.S. Army

(U//FOUO) U.S. Army Commander’s Guide to Biometrics in Afghanistan

Biometrics capabilities on the tactical battlefield enable a wide variety of defensive and offensive operations. Biometrics help ensure enemy personnel, criminals, and other undesirable elements are not allowed access to our facilities, hired to provide services, or awarded contracts. Biometrics is used to vet members of the Afghan government and military with whom our forces interact. Unfortunately, biometrics capabilities we put in the hands of Soldiers, Marines, Sailors, and Airmen — and that we ask unit commanders to employ — are relatively recent additions to the list of capabilities our military employs on the battlefield today.

Read more →