U.S. Northern Command-NORAD Battle Staff Standard Operating Procedures

The North American Aerospace Defense Command (NORAD) and U.S. Northern Command (USNORTHCOM) Publication Series is the authoritative reference defining the Commands’ missions and structure, force employment objectives, mission area planning considerations and operational processes from the strategic to the tactical level. The NORAD and USNORTHCOM Publication Series also defines the Commands’ doctrine, as well as their operational tactics, techniques, and procedures (TTP). The NORAD and USNORTHCOM Publication Series is authoritative because it defines the actions and methods implementing joint doctrine and describes how assigned and attached military forces will be employed in the Commands’ joint and combined operations.

(U//FOUO) NSA Technology Directorate Manual: Cable Installation at NSA Facilities

This document provides detailed instructions for the implementation and installation of premise wire infrastructure in support of unclassified and classified networks within NSAW, Build-out Facilities, domestic facilities where NSA controls the plenum, domestic facilities where NSA does not control the plenum and all OCONUS field sites. This document provides instructions for implementations and installations of premise wiring in communications facilities, office spaces and machine rooms by ITD Internal Service Providers (ISP), External Service providers (ESP), field personnel stationed at the respective facilities or authorized NSA agents.

National Counterintelligence Executive Specifications for Constructing Sensitive Compartmented Information Facilities

This Intelligence Community (IC) Technical Specification sets forth the physical and technical security specifications and best practices for meeting standards of Intelligence Community Standard (ICS) 705-1 (Physical and Technical Standards for Sensitive Compartmented Information Facilities). When the technical specifications herein are applied to new construction and renovations of Sensitive Compartmented Information Facilities (SCIFs), they shall satisfy the standards outlined in ICS 705-1 to enable uniform and reciprocal use across all IC elements and to assure information sharing to the greatest extent possible. This document is the implementing specification for Intelligence Community Directive (ICD) 705, Physical and Technical Security Standards for Sensitive Compartmented Information Facilities (ICS-705-1) and Standards for Accreditation and Reciprocal Use of Sensitive Compartmented Information Facilities (ICS-705-2) and supersedes Director of Central Intelligence Directive (DCID) 6/9.

U.S. Army Doctrine Publication: Defense Support of Civil Authorities

Providing support for domestic civilian law enforcement applies to the restricted use of military assets to support civilian law enforcement personnel within the United States and its territories. These operations are significantly different from operations outside the United States. Army forces support domestic civilian law enforcement agencies under constitutional and statutory restrictions, as prescribed by corresponding directives and regulations.

White House National Strategy for Information Sharing and Safeguarding December 2012

Our national security depends on our ability to share the right information, with the right people, at the right time. This information sharing mandate requires sustained and responsible collaboration between Federal, state, local, tribal, territorial, private sector, and foreign partners. Over the last few years, we have successfully streamlined policies and processes, overcome cultural barriers, and better integrated information systems to enable information sharing. Today’s dynamic operating environment, however, challenges us to continue improving information sharing and safeguarding processes and capabilities. While innovation has enhanced our ability to share, increased sharing has created the potential for vulnerabilities requiring strengthened safeguarding practices. The 2012 National Strategy for Information Sharing and Safeguarding provides guidance for effective development, integration, and implementation of policies, processes, standards, and technologies to promote secure and responsible information sharing.

U.K. Crown Prosecution Service Guidelines for Prosecuting Social Media Communications

These guidelines set out the approach that prosecutors should take when making decisions in relation to cases where it is alleged that criminal offences have been committed by the sending of a communication via social media. The guidelines are designed to give clear advice to prosecutors who have been asked either for a charging decision or for early advice to the police, as well as in reviewing those cases which have been charged by the police. Adherence to these guidelines will ensure that there is a consistency of approach across the CPS.

(U//FOUO) DHS-FBI Radiological Terrorism Incident After-Action Reporting Guide

This Reference Aid was jointly produced by DHS and the FBI to assist in the acquisition of detailed information in the aftermath of a successful or attempted radiological terrorism incident that would be of interest to the national law enforcement and emergency response communities. It is intended to help state, local, tribal, and territorial agencies and private sector entities deter, prevent, preempt, or respond to terrorist attacks against the United States.

(U//FOUO) DHS-FBI Bulletin: Indicators of Suspicious Chemical, Biological, and Radiological Activity

Law enforcement and first responders may encounter chemical, biological, or radiological (CBR) related material or equipment at private residences, businesses, or other sites not normally associated with such activities. There are legitimate reasons for possessing such material or equipment, but in some cases their presence can indicate intent or capability to build CBR weapons, particularly when other suspicious circumstances exist.

(U//FOUO) U.S. Army Operation Enduring Freedom Battle Command in Counterinsurgency

This newsletter was produced in conjunction with the Counterinsurgency (COIN) Training Center–Afghanistan (CTC–A) to provide current and relevant information for brigade combat team (BCT), battalion, and company commanders and staffs concerning current U.S. and coalition best practices in support of Operation Enduring Freedom. As a “living document,” it will be updated continuously in order to capture, analyze, and disseminate critical information in support of operations across all lines of effort. It will disseminate key observations, insights, and lessons (OIL) from theater to give commanders a better understanding of the operational environment into which they are preparing to deploy. The information is from your peers—commanders, staff officers, and small unit leaders —who served or who are currently serving in Afghanistan.

Restricted U.S. Army Access Control Handbook

This handbook provides installation commanders with the basic information necessary for effective access control to their installations. It does not discuss the technical issues involved with standards and designs. Information regarding standards and designs is evolving and will be resolved by the Headquarters (HQ) Department of the Army (DA) PS Review Board (DAPSRB) and the PS integrated concept teams. This handbook provides commanders with the legal and jurisdictional issues associated with the inspection procedures at an ACP. Additionally, this handbook equips operators (which includes military police [MP], DA police, and sentinels of augmenting units) of an ACP with the various vehicle inspection criteria and measures necessary to conduct an effective ACP.

(U//FOUO) DHS-FBI Suspicious Activity Reporting Bulletin: Theft/Loss/Diversion

Terrorists may attempt to steal or divert precursor materials, uniforms, identification, blueprints, documents, access cards, facility vehicles, or other items–possibly with the help of knowledgeable insiders–for use in pre-operational planning or attacks. Emilio Suarez Trashorras, a Spanish national convicted for his role in the 2004 Madrid train bombings, stole the explosives used in the attack and the vehicles used to transport the explosives from a mining company where he worked.

Senate Permanent Subcommittee on Investigations HSBC Money Laundering Case History

To examine the current money laundering and terrorist financing threats associated with correspondent banking, the Subcommittee selected HSBC as a case study. HSBC is one of the largest financial institutions in the world, with over $2.5 trillion in assets, 89 million customers, 300,000 employees, and 2011 profits of nearly $22 billion. HSBC, whose initials originally stood for Hong Kong Shanghai Banking Corporation, now has operations in over 80 countries, with hundreds of affiliates spanning the globe. Its parent corporation, HSBC Holdings plc, called “HSBC Group,” is headquartered in London, and its Chief Executive Officer is located in Hong Kong.

Scottsdale Inventions Electric Shock Handcuffs for Detainees Patent

There is provided a device and system for restraining detainees through devices attached to the detainees and configured to administer electrical shocks when certain predetermined conditions occur. Restraining devices may be activated by internal control systems or by external controllers that transmit activation signals to the restraining device. External controllers may be actuated by an external controlling entity such as a detention guard or other person or system, or may be controlled by an enabling signal sent by wired or wireless connections to the controller. There is also provided a system for detainee restraint where multiple detainees may be restrained collectively or individually in a controlled environment such as a detention facility, a jail, or a detainee transport vehicle.

(U//FOUO) National Counterterrorism Center Special Report: IED Targeting of First Response Personnel

Although most terrorist IED attacks outside war zones target civilians or symbols of authority and usually involve a single device, some are designed specifically to target emergency response personnel. The most common tactics involve using secondary or tertiary devices in tiered or sequential attacks intended to kill or maim response personnel after they arrive on the scene of an initial IED incident.

National Intelligence Council Global Trends 2030: Alternative Worlds

This report is intended to stimulate thinking about the rapid and vast geopolitical changes characterizing the world today and possible global trajectories during the next 15-20 years. As with the NIC’s previous Global Trends reports, we do not seek to predict the future—which would be an impossible feat—but instead provide a framework for thinking about possible futures and their implications.

Washington Fusion Center Newsletters Detail Local Examples of Suspicious Activity Reporting

What kind of “suspicious” behaviors might put you in the sights of your local fusion center? A collection of Fusion Liaison Officer (FLO) reports from the Washington State Fusion Center (WSFC) obtained by police accountability activist Andrew Charles Hendricks via a Washington Public Records Act request provide insight into the mechanics of suspicious activity reporting at the local level. More than a dozen reports, which are minimally redacted, detail monthly reporting by the WSFC to its “statewide network of agency-selected law enforcement, fire-fighting and critical infrastructure agency representatives” that ensure “vital disciplines are incorporated into the fusion process by serving as the conduit through which homeland security and crime related information flows to the WSFC for assessment and analysis through the state homeland security Regional Intelligence Groups.” According to the State of Washington, the “end state” of the FLO program “is to have FLOs throughout the state in all aspects of law enforcement, fire service and critical infrastructure” to facilitate the flow of information both to and from the state fusion center.

(U//FOUO) DHS-FBI Suspicious Activity Reporting Bulletin: Acquisition of Expertise

Terrorists may attempt to gain skills and knowledge necessary to plan and execute by obtaining specialized training, soliciting or stealing technical and proprietary information, or reaching out to academics and experts. In 2007, German police arrested three terrorist suspects for allegedly planning and preparing car bomb attacks against US citizens and interests in Germany. The suspects traveled to Pakistan where they received weapons and explosives training from a Pakistan-based Uzbek jihadist group called the Islamic Jihad Union.

Senator Coburn DHS Urban Areas Security Initiative Waste Report

This report examines the UASI grant program, including a detailed review of 15 cities that have received funding through the program. It is intended to assess whether spending on DHS antiterrorism grants like UASI have made us safer, and whether the taxpayer dollars that have been spent on these programs have yielded an adequate return on investment in terms of improved security.

(U//FOUO) FBI Cyber Alert: Unauthorized Access to a New Jersey Company’s Industrial Control System

In February and March 2012, unauthorized IP addresses accessed the Industrial Control System (ICS) network of a New Jersey air conditioning company, US Business 1. The intruders were able to access a backdoor into the ICS system that allowed access to the main control mechanism for the company’s internal heating, ventilation, and air conditioning (HVAC) units. US Business 1 was using the Tridium Niagara ICS system, which has been widely reported in the media to contain multiple vulnerabilities that could allow an attacker to remotely control the system.

(U//FOUO) DHS-FBI Suspicious Activity Reporting Bulletin: Observation/Surveillance

Terrorists often conduct physical surveillance to identify suitable targets, determine vulnerabilities, plan attack methods, or assess the target’s security posture. In March 2010, David Coleman Headley pled guilty for his role in the November 2008 terrorist attacks in Mumbai, India by conducting video and photographic surveillance of potential targets, as well as later surveilling Danish newspaper offices–the target of another attack plot.

Verizon Patent: DVR That Watches Users to Target Advertising

The advent of set-top box devices and other media content access devices (“access devices”) has provided users with access to a large number and variety of media content choices. For example, a user may choose to experience a variety of broadcast television programs, pay-per-view services, video-on-demand programming, Internet services, and audio programming via a set-top box device. Such access devices have also provided service providers (e.g., television service providers) with an ability to present advertising to users. For example, designated advertisement channels may be used to deliver various advertisements to an access device for presentation to one or more users. In some examples, advertising may be targeted to a specific user or group of users of an access device.

(U//FOUO) DHS-FBI Suspicious Activity Reporting Bulletin: Photography

Terrorists and criminals may use photos or videos of potential targets to gain insight into security operations and details of facility operations, including traffic flow through and around facilities, opening times, and access requirements. In late 2000 and early 2001, convicted al-Oa’ida operative Dhiren Barot took extensive video footage and numerous photographs of sites in downtown New York City and Washington, DC in preparation for planned attacks. Photographs and video useful in planning an attack may include facility security devices (surveillance cameras, security locks, metal detectors, jersey walls and planters); security personnel; facility entrances and exits; and other features such as lighting, access routes, gates, roads, walkways, and bridges.

(U//FOUO) DHS-FBI Suspicious Activity Reporting Bulletin: Materials Acquisition/Storage

Terrorists overseas and in domestic attack plots have used various methods to acquire and store materials necessary to construct explosives. Najibullah Zazi, who pled guilty in 2010 to plotting to attack the New York subway system, made multiple, large-quantity purchases of chemical components needed to assemble the homemade explosive Triacetone Triperoxide (TATP)—6 bottles on one day and 12 bottles on a separate day—at beauty supply stores throughout the summer of 2009. Law enforcement and first responders should be aware that the possession, storage, or attempt to acquire unusual quantities of laboratory equipment, personal protective equipment, chemicals, and flammable accelerants—although legal to purchase and own—could provide indicators of preoperational attack planning.