A presentation from the U.S. Army Intelligence and Security Command (INSCOM) describing concepts related to big data including all-source, cloud-enabled analytics, semantic integration and entity resolution of data across multiple fields of intelligence.
Reducing corruption and increasing accountability are important components of the U.S. reconstruction strategy in Afghanistan. Since 2002, the United States has appropriated over $96 billion for reconstruction assistance in Afghanistan and, as part of that assistance, has designated numerous programs or activities to directly or indirectly help strengthen the ability of Afghan government institutions to combat corruption. In 2010, in line with a commitment to provide more assistance directly to the Afghan government, the United States and other donors committed, in part, to providing technical assistance to develop the Afghan government’s capacity to reduce corruption. The ability of the Afghan government to deliver services to its citizens without the illicit diversion of resources is crucial to the country’s development and the government’s standing as a legitimate, sovereign authority. Further, as Afghanistan subsequently enters a transformation phase during which it will need to rely on progressively smaller amounts of funding from international donors, it must work to ensure that the revenue it generates is not susceptible to graft and corruption.
The reference provides warning and other appropriate measures to guard against the outbreak of nuclear war, either as a result of planned intercontinental ballistic missile (ICBM) or submarine-launched ballistic missile (SLBM) launches, or unauthorized or unexplained accidents or incidents involving a US space launch or event or implying a possible threat of a nuclear attack. Because the highest national importance is attached to agreements with the Russian Federation, the United States intends to prevent any event that would violate the agreements and implement actions minimizing the effect of any incident that might occur.
FBI Criminal Justice Information Services (CJIS) National Data Exchange (N-DEx) Policy Manual Version 3.0
An updated policy manual for the FBI National Data Exchange (N-DEx) released August 28, 2013. The manual was updated to include substantial additions to the regulations governing use of information within the system and the maintenance of records for later auditing of law enforcement agencies’ access to the system.
Trends in the operational environment continue to indicate that cyberspace and the electromagnetic spectrum (EMS) will remain important entities within the operational environment for the foreseeable future. The Army understands the importance of cyberspace and the electromagnetic spectrum to human societies in general, and to military operations specifically. Army leaders and Soldiers must possess an in-depth understanding of this contest, and how to gain, maintain, and leverage advantages in this contest. To this end, the Army Concept Framework recognizes an increasingly important aspect to military operations: the cyber/electromagnetic contest (C/EM contest).
U.S. Treasury Office of Foreign Assets Control Specially Designated Nationals and Blocked Persons List 2013
This publication of Treasury’s Office of Foreign Assets Control (“OFAC”) is designed as a reference tool providing actual notice of actions by OFAC with respect to Specially Designated Nationals and other persons (which term includes both individuals and entities) whose property is blocked, to assist the public in complying with the various sanctions programs administered by OFAC. The latest changes to the SDN List may appear here prior to their publication in the Federal Register, and it is intended that users rely on changes indicated in this document.
An August 2013 presentation from the Texas Department of Public Safety Intelligence & Counterterrorism Division focusing on suspicious activity reporting in relation to critical infrastructure, particularly dams. The presentation is noteworthy for its reference to the use of TrapWire, a private surveillance product designed to correlate suspicious activity across a variety of domains to detect per-operational indicators of terrorist activity.
The Syrian Electronic Army (SEA), a pro-regime hacker group that emerged during Syrian anti-government protests in 2011, has been compromising high-profile media outlets in an effort to spread pro-regime propaganda. The SEA’s primary capabilities include spearphishing, Web defacements, and hijacking social media accounts to spread propaganda. Over the past several months, the SEA has been highly effective in compromising multiple high-profile media outlets.
The United States Government assesses with high confidence that the Syrian government carried out a chemical weapons attack in the Damascus suburbs on August 21, 2013, resulting in a large number of casualties, including the deaths of 1,429 people, among them 426 children. We further assess that the regime used a nerve agent in the attack.
Two presentations from the Gamma Group describe the company’s FinFisher and 3G-GSM tactical interception and target location surveillance products. The presentations were anonymously posted online and are reportedly from 2011 discussions between Gamma and the German State Criminal Police Offices (Landeskriminalamts).
The Hemisphere Project is coordinated from the Los Angeles Clearinghouse and is funded by ONDCP and DEA. Hemisphere provides electronic call detail records (CDRs) in response to federal, state, and local administrative/grand jury subpoenas. The Hemisphere database contains CDRs for any telephone carrier that uses an AT&T switch to process a telephone call. Hemisphere is an unclassified program. Hemisphere provides de-confliction within the Hemisphere database. 4 billion CDRs populate the Hemisphere database on a daily basis.
The following definitions align key cyberspace operations (CO) concepts with doctrinally accepted terms and definitions used in the other joint operational domains. For explanatory purposes, in each case, the current Information Operations (IO) doctrinal definition for some aspect of CO is presented, followed by its conventional analogue, if any, and the current terminology it would replace.
This functional concept details capabilities and effects necessary to perform operational cyberspace functions desired by the warfighter, from the present through 2030. This concept broadly describes how AFSPC intends to conduct cyberspace operations in support of both joint and AF operations of all types, and provides a foundation for developing more detailed concept documents. Moreover, AFSPC will use this concept, along with emerging joint guidance, to organize, train, and equip forces to conduct cyberspace operations. Finally, this concept provides the operational perspective to underpin the many activities necessary to realize the AF institutional vision for a mature set of cyberspace capabilities.
The United States Air Force (USAF) Blueprint for Cyberspace provides commander’s guidance and intent, identifies opportunities and delineates objectives and strategies that will shape USAF actions over the next five years. This document describes the first phase of a two-phase approach. It defines specific actions to align cyber activities and functions, to evolve and integrate the unique capabilities the USAF brings to the joint fight, and to build cyberspace operational capacity.
Android is the world’s most widely used mobile operating system (OS) and continues to be a primary target for malware attacks due to its market share and open source architecture. Industry reporting indicates 44 percent of Android users are still using versions 2.3.3 through 2.3.7-known as Gingerbread-which were released in 2011 and have a number of security vulnerabilities that were fixed in later versions. The growing use of mobile devices by federal, state, and local authorities makes it more important than ever to keep mobile OS patched and up-to-date.
(U//FOUO) Joint Chiefs of Staff Manual: Standard Specified Geographic Location File Request (GEOREQ)
Analysis conducted by the Central Florida Intelligence Exchange (CFIX) has found that 79% of mass shootings since 2011 have been perpetrated by individuals with “demonstrated signs of continuous behavioral health issues and mental illness.” In a July case study titled “Acts of Violence Attributed by Behavioral and Mental Health Issues”, CFIX analyzed 14 mass shooting incidents that occurred between 2011 and 2013 finding that only three of the shooters had no history of mental illness.
(U//FOUO) Central Florida Intelligence Exchange Analysis: Violence Attributed by Behavioral and Mental Health Issues
The purpose of this bulletin is to increase the awareness and improve response to acts of violence perpetrated by individuals acting out in violent behavior towards healthcare providers and emergency responders. This bulletin provides an analytical overview of significant acts of violence, specifically throughout the Central Florida region, statewide (FL), a nationwide perspective from 2009 – 2013, and statistical analysis of notorious mass shooting incidents throughout the U.S. attributed by claims of mental illness.
Since June, advanced persistent threat (APT) actors have been targeting the aviation industry and attempting to extract confidential information by sending “spear-phishing” emails designed to trick recipients into opening malicious attachments or follow links to infected websites. According to an FBI Cyber Division bulletin from July 8, “individuals associated with the air travel industry” have received an increased number of spear-phishing emails often using spoofed senders “in an attempt to make the e-mail appear more legitimate.”
(U//FOUO) FBI Cyber Division Bulletin: Advanced Persistent Threat (APT) Actors Targeting Aviation Industry
Since June 2013, the FBI has observed advanced persistent threat (APT) actors’ increased interest in the aviation industry. APT actors have sent spear-phishing e-mails targeting individuals associated with the air travel industry. Some of the spear-phishing e-mails originated from a spoofed sender in an attempt to make the e-mail appear more legitimate. E-mail recipients should be aware of suspicious and potentially malicious e-mail attachments or links.