A heavily redacted copy of the Transportation Secuirty Administration’s Behavior Analysis Capability (BAC) Risk Based Allocation Methodology Report from July 2012 that was released under the Freedom of Information Act.
This document presents an overview of terrorism threats and terrorist methodologies to assist OPSEC managers in evaluating the threat and managing terrorist risks to organizations and personnel. As in other areas of security and intelligence concern, proper application of the OPSEC process in evaluating threat and risk1 helps an organization to make informed decisions on conducting its mission-critical activities without becoming unduly vulnerable.
Social engineering, an age old threat, continues to play a significant role in successful attacks against people, enterprises, and agencies. The advent of the Internet, its diverse and increased use, and the reliance on it by almost every element of society, amplifies social engineering opportunities. Cybercriminals enjoy an expansive attack surface, novel attack vectors, and an increasing number of vulnerable points of entry. Threat actors, both cyber and physical, continue to leverage social engineering due in part to its high rate of success. Security experts believe complex social engineering threats will continue across all vectors and attack levels will continue to intensify.
The Department of Homeland Security Office of Cyber and Infrastructure Analysis (DHS/OCIA) produces Critical Infrastructure Security and Resilience Notes in response to changes in the infrastructure community’s risk environment from terrorist activities, natural hazards, and other events. This product summarizes the findings related to highway bridges that were identified in the National Risk Estimate on Aging and Failing Critical Infrastructure Systems released by DHS/OCIA in December 2014.
The violent militia extremist movement in the United States is comprised of a collection of distinct, but organized, paramilitary groups that have engaged in violent criminal activities and terrorism-related plots to advance their anti-government beliefs. Individual violent militia extremists have been convicted of a range of firearms and explosives violations and criminal conspiracy charges. The violent militia extremist movement is a subset of the larger militia movement; many groups and individuals involved in the overall militia movement do not commit criminal or violent acts.
The abuse of illicit drugs, specifically heroin and cocaine, as well as the opioids fentanyl and oxycodone, has contributed to an increase in drug-related deaths in Philadelphia over the last decade. Specifically, drug-related overdose deaths in Philadelphia have risen 43 percent since 2009, with a corresponding 45 percent increase in heroin-positive toxicology test results.
The community-oriented policing (COP) paradigm provides an existing framework for collaborative grassroots engagement that has the potential for success in counterradicalization outreach efforts. COP leverages already established community-based social service programs to address individual, group, and community radicalization factors.
The Future Operating Environment 2035 (FOE 35) forms part of the Development, Concepts and Doctrine Centre’s (DCDC) Strategic Trends Programme. DCDC is the MOD’s independent think tank and, as such, FOE 35 does not represent the official position of Her Majesty’s Government. It supersedes the 2010 Future Character of Conflict (FCOC) and aims to: describe the characteristics of the 2035 operating environment to provide evidence-based insights that can inform future Defence capability development. FOE 35 describes the potential characteristics of the future operating environment, and is designed primarily to inform UK Defence and security policy-makers and our Armed Forces more broadly. However, it is intended to have applicability across UK Government and agencies to help inform their understanding of the future operating environment in which we all (military, other UK Government departments, international organisations and agencies) may find ourselves operating in 2035.
Model Aircraft are custom built or commercially produced unmanned aircraft systems (UAS) that meet the statutory definition of Model Aircraft and operate in accordance with the statutory requirements for Model Aircraft. These are sometimes referred to as radio controlled airplanes or aircraft and usually require one individual for operational control. Some Model Aircraft are capable of sustained flight for approximately 2 hours or less depending on the type of Model Aircraft (Rotary or Fixed Wing) and power source (e.g. nitromethane, lithium ion, and lithium polymer batteries). Model Aircraft must be flown within visual line of sight of the operator; however, there is an increasing use of first person view technology that allows operation to occur beyond line of sight and at altitudes in excess of several hundred feet.
The FBI has obtained information regarding a group of cyber actors who have compromised and stolen sensitive military information from US cleared defense contractors (CDCs) through cyber intrusions. This group utilizes infrastructure emanating from China to conduct their nefarious computer network exploitation (CNE) activities. Information obtained from victims and subsequent analysis indicates that they were targeted based on their US Navy Seaport Enhanced contracts. The actors did not target information pertaining to a specific contract but instead stole all information that they accessed via their malicious cyber activities. Any activity related to this group detected on a network should be considered an indication of a compromise requiring extensive mitigation and contact with law enforcement.
As technology pervades into our everyday lives, once simple devices have become smarter and more interconnected to the world around us. This technology is transforming our cities into what are now referred to as “Smart-Cities”. Smart Cities have been defined as urban centers that integrate cyber-physical technologies and infrastructure to create environmental and economic efficiency while improving the overall quality of life. The goal of these new cities is to create a higher quality of life, a more mobile life and an overall increased efficient use of available resources. Some examples of Smart-City technologies are interconnected power grids reducing power waste, smarter transportation resulting in increased traffic management, and smarter infrastructures that reduce hazards and increase efficiency.
Disruptive cyber attacks by criminal hackers—primarily distributed-denial-of-service (DDoS) attacks—targeting local law enforcement websites have increased since August 2014. We judge that this is almost certainly a result of the heightened coverage surrounding the alleged use of excessive force by law enforcement and an increased focus on incidents of perceived police brutality. The primary impact from the majority of these attacks has been the temporary disruption of the targeted public-facing websites.
The purpose of this white paper is to provide an in-depth examination of ABI-like analytic techniques that were developed, refined and employed to successfully support multiple, high-level, but dissimilar interagency law enforcement investigations over an extended period of time. The premise of this paper is that, as the Intelligence Community developes a strategy, framework and roadmap for enterprise-wide adoption of ABI, lessons learned from the law enforcement community are worthy of examination and possible incorporation into the IC strategy for ABI.
An analysis of recent suicide bombings throughout the Middle East, Europe and Africa by the FBI Terrorism Explosive Device Analytical Center (TEDAC) that was released after the terrorist attacks in Paris, France last month states that “suicide vest and belt improvised explosive devices (IEDs) in the Middle Eastern, African, and European regions likely . . . have minimal correlation” and do not indicate tactical migration.
(U//LES) FBI Suicide Vest and Belt Use in Middle East, Africa, and Europe Show Minimal Signs of Tactic Migration
The FBI Terrorism Explosive Device Analytical Center (TEDAC) assesses the tactics used to construct suicide vest and belt improvised explosive devices (IEDs) in the Middle Eastern, African, and European regions likely have minimal correlation. Use of these tactics allows suicide bombers to discretely move to a desired target location and make real-time decisions to maximize lethality. The suicide belt design allows the wearer to conceal the device and blend in with their surrounding environment, as well as to position themselves in potentially crowded environments while not raising suspicion.
(U//FOUO) DHS-FBI-NCTC Bulletin: Tactics, Techniques, and Procedures Used in November 2015 Paris Attacks
This Joint Intelligence Bulletin (JIB) is intended to provide a review of the tactics, techniques, and procedures demonstrated by the perpetrators of the 13 November 2015 attacks in Paris, France. This JIB does not provide analysis of any follow-on operations or operations occurring in Europe in the wake of the attacks. It relies on a variety of open source and media reporting for the analysis, which could change as official details of the post-incident investigations come to light. This JIB is intended to support the activities of DHS, FBI and NCTC to assist federal, state, and local government counterterrorism and law enforcement officials, first responders, and private-sector security partners in effectively deterring, preventing, preempting, or responding to terrorist attacks against the United States.