The Joint Task Force was created by the Chairmen of the House Armed Services Committee, the House Permanent Select Committee on Intelligence, and the House Appropriations Subcommittee on Defense to investigate the allegations of a whistleblower that intelligence produced by U.S. Central Command (CENTCOM) had been manipulated to present an unduly positive outlook on CENTCOM efforts to train the Iraqi Security Forces (ISF) and combat the self-proclaimed Islamic State of Iraq and the Levant (ISIL). Although investigations into the whistleblower’s allegations continue, the Joint Task Force has conducted sufficient investigation to reach certain interim conclusions. Those conclusions are contained in this report. However, the Joint Task Force awaits the completion of the ongoing Department of Defense Inspector General (DODIG) investigation into this matter.
Chinese Talent Programs are a vital part of Chinese industry. Talent programs recruit experts to fill technical jobs that drive innovation and growth in China’s economy. National, provincial, and municipal talent recruitment programs provide opportunities for experts to work in industry and academic organizations supporting key areas deemed critical to China’s development. The talent programs recruit experts globally from businesses, industry, and universities with multiple incentives to work in China. Associating with these talent programs is legal and breaks no laws; however, individuals who agree to the Chinese terms must understand what is and is not legal under US law when sharing information. A simple download of intellectual property (IP) or proprietary information has the potential to become criminal activity.
The FBI has obtained information regarding a malicious cyber group that has compromised the networks of foreign banks. The actors have exploited vulnerabilities in the internal environments of the banks and initiated unauthorized monetary transfers over an international payment messaging system. In some instances, the actors have been present on victim networks for a significant period of time. Contact law enforcement immediately regarding any activity related to the indicators of compromise (IOCs) in the attached appendix that are associated with this group.
Department of Justice Procedures for Direct Actions Against Terrorists Outside U.S. and Areas of Active Hostilities
This Presidential Policy Guidance (PPG) establishes the standard operating procedures for when the United States takes direct action, which refers to lethal and non-lethal uses of force, including capture operations, against terrorist targets outside the United States and areas of active hostilities.
The purpose of this document is to recommend a simple set up for taking frontal face (mugshot) images. Different cameras will obviously produce different results but there are other important factors to take into consideration which can have a big impact on the effectiveness of facial recognition software.
This document is intended as a primer—a brief, informative treatment—concerning the ongoing conflict in Ukraine. It is an unclassified expansion of an earlier classified version that drew from numerous classified and unclassified sources, including key US Department of State diplomatic cables. For this version, the authors drew from open source articles, journals, and books. Because the primer examines a very recent conflict, it does not reflect a comprehensive historiography, nor does it achieve in-depth analysis. Instead, it is intended to acquaint the reader with the essential background to and course of the Russian intervention in Ukraine from the onset of the crisis in late 2013 through the end of 2014.
(U//FOUO) DHS-FBI Bulletin: Law Enforcement Vigilance and Caution Urged at Public and Political Events
This Joint Intelligence Bulletin (JIB) is intended to provide situational awareness concerning the domestic extremist threat to national public and political events. This JIB is provided by the FBI and DHS to support law enforcement in their respective activities and to assist federal, state, local, tribal, and territorial government counterterrorism and law enforcement officials and private sector security partners in deterring, preventing, or disrupting terrorist attacks against the United States.
The ‘Locky’ malware is a ransomware variant, which has extensively utilized spam campaigns to distribute malicious files that download and execute code capable of encrypting numerous critical file types on both local and networked file stores. Encrypted files are renamed with a unique hexadecimal filename and receive the “.locky” extension. Each directory containing encrypted files contains instructions on how to utilize Bitcoin in order to pay a ransom for file recovery, and the system’s computer background is also changed to contain payment instructions. Recovery of encrypted files is impossible without data backup or acquisition of the private key due to the well-implemented, strong encryption. Historically, while payment of the ransom may result in receipt of the valid private key, enabling decryption of the targeted files, the FBI does not recommended the victim pay the ransom.
This guide is a quick reference of Unconventional Warfare (UW) theory, principles, and tactics, techniques and procedures. It is not a complete treatment of the subject. To guide further study, it includes (in annotated form) as many references as possible starting with established law, policy and doctrine, includes scientific studies, and finishes with recommended reading on the subject.
While in the United States, some of the September 11 hijackers were in contact with, and received support or assistance from, individuals who may be connected to the Saudi Government. There is information, primarily from FBI sources, that at least two of those individuals were alleged by some to be Saudi intelligence officers. The Joint Inquiry’s review confirmed that the Intelligence Community also has information, much of which has yet to be independently verified, indicating that individuals associated with Saudi Government in the United States may have other ties to al-Qa’ida and other terrorist groups. The FBI and CIA have informed the Joint Inquiry that, since the September 11 attacks, they are treating the Saudi issue seriously, but both still have only a limited understanding of the Saudi Government’s ties to terrorist elements. In their testimony, neither CIA nor FBI witnesses were able to identify definitively the extent of Saudi support for terrorist activity globally or within the United States and the extent to which such support, if it exists, is knowing or inadvertent in nature.
As of 5 May 2016, the Islamic State of Iraq and the Levant (ISIL) Sympathizer hacking group United Cyber Caliphate (UCC) defaced a Nigerian-hosted Web site, posting an html file containing the heading “USA Online Company Data Dumped by United Cyber Caliphate,” there was no other message or threat associated with the file. The file contained approximately 1,137 entries, many of which appeared to be US-based individuals with corresponding personally identifiable information (PII) fields such as name, company, e-mail, phone, city, state, and zip code. The PII was doxed from the personnel directory of a US business, according to FBI and open source reporting.
Records Related to Former NSA Director Keith Alexander’s Attendance of Bilderberg Meetings in 2008, 2009, 2011
(U//FOUO) FBI New Orleans Alert: Violence Against Law Enforcement and Riots Planned for July 8-10 2016
DHS Report Finds “Immeasurable Vulnerabilities and Attack Vectors” Against U.S. Critical Infrastructure
A Department of Homeland Security assessment released in April states that critical infrastructure throughout the U.S. faces “immeasurable vulnerabilities and attack vectors” due to the increasingly prominent role of information and communication technology (ICT) in critical infrastructure sectors. The strategic risk assessment, authored by the Office of Cyber and Infrastructure Analysis within DHS, was obtained by Public Intelligence and describes the “convergence of cyber and physical domains” as a strategic threat to the nation’s infrastructure.
Office of the Director of National Intelligence Summary of U.S. Counterterrorism Strikes Outside Areas of Active Hostilities
In accordance with the President’s direction and consistent with the President’s commitment to providing as much information as possible to the American people about U.S. counterterrorism activities, the Director of National Intelligence (DNI) is releasing today a summary of information provided to the DNI about both the number of strikes taken by the U.S. Government against terrorist targets outside areas of active hostilities and the assessed number of combatant and non-combatant deaths resulting from those strikes. “Areas of active hostilities” currently include Afghanistan, Iraq, and Syria.
The FBI has identified two Android malware families, SlemBunk and Marcher, actively phishing for specified US financial institutions’ customer credentials. The malware monitors the infected phone for the launch of a targeted mobile banking application to inject a phishing overlay over the legitimate application’s user interface. The malware then displays an indistinguishable fake login interface to steal the victim’s banking credentials. According to cyber threat industry reports, both malware families have targeted foreign financial institutions since 2014, gradually broadening the list to include Western banks, and offered the malware for lease or purchase, respectively, in underground forums. At least as of December 2015, the malware expanded its configuration to include the Android package names of US financial institutions.
The United States US Army Chief of Staff Studies Group has identified the megacity as a future challenge to the security environment. Due to their complexity, megacities present a vulnerable and challenging future operational environment. Currently, however, the US Army is incapable of operating within the megacity. The US Army must think and learn through leveraging partnerships, which enhance institutional understanding. Historical experiences and lessons learned should assist in refining concepts and capabilities needed for the megacity.
A collection obtained from a variety of sources who contributed copies of documents related to the Bilderberg Group from academic institutions. Documents contributed to the collection are sometimes photocopied and in other cases photographed page by page during visits to academic institutions, diplomatic libraries and legal archives including the Presidential Library of Dwight D. Eisenhower, the Harvard Law Library, the National Archive and the archive of former State Department official and member of the Bilderberg Steering Committee Robert Murphy held at the Hoover Institution at Stanford University.
The 64th Bilderberg meeting is set to take place from 9 – 12 June 2016 in Dresden, Germany. A total of around 130 participants from 20 countries have confirmed their attendance. As ever, a diverse group of political leaders and experts from industry, finance, academia and the media have been invited.
The Department of Homeland Security National Cybersecurity and Communications Integration Center (NCCIC) has notified the Department of Health and Human Services (HHS) of an increase in ransomware incidents at some healthcare organizations in the U.S. This Bulletin provides Healthcare and Public Health (HPH) Partners with information regarding ransomware, mitigation strategies, as well as additional materials to reference located within the HSIN HPH Cyber Threat Library.
A financially motivated cyber crime insider trading scheme targets international law firm information used to facilitate business ventures. The scheme involves a hacker compromising the law firm’s computer networks and monitoring them for material, non-public information (MNPI). This information, gained prior to a public announcement, is then used by a criminal with international stock market expertise to strategically place bids and generate a monetary profit.