Tag Archive for Department of Homeland Security

DHS Aging and Failing Infrastructure Report: Dams

DHS-CollapsingDams

Dam safety incidents can occur at any point during a dam’s lifetime, but the most common period of dam failure is the first 5 years of operation. The United States Society of Dams conducted a study in 2009 of 1,158 national and international dam failures and safety incidents and found that 31 percent of safety incidents occur during construction or within the first 5 years of operation. The most common causes of failure are overtopping, piping, and foundation defects. Overtopping caused by flooding and high-water events accounts for 34 percent of dam failures in the United States. Erosion caused by overtopping can compromise embankments and lead to failure. The risk of overtopping increases if the spillway design is inadequate, debris causes spillway blockage, or the dam crest settles.

DHS Aging and Failing Infrastructure Report: Navigation Locks

DHS-FailingLocks

Most locks are designed to last for 50 years, but 54 percent of IMTS locks are more than 50 years old, and 36 percent are more than 70 years old. Many of these locks are in need of repair and replacement, and some lack basic maintenance. Concrete is crumbling at some locks, and some have not been painted in 25–30 years, increasing the risk of corrosion. Locks lacking maintenance or in need of repair and replacement are more likely to have unscheduled closures. Unscheduled closures are more costly than scheduled closures, because vessel operators and companies are unable to plan to offset the delays from these incidents. The annual number of unscheduled lock closures has steadily increased since 1992. Fewer than 7,000 unscheduled closures occurred every year before 2000, and more than 7,000 occurred every year after 2000, peaking in 2008 with 13,250.

DHS NCCIC Report on the Art of Social Engineering

NCCIC-SocialEngineering

Social engineering, an age old threat, continues to play a significant role in successful attacks against people, enterprises, and agencies. The advent of the Internet, its diverse and increased use, and the reliance on it by almost every element of society, amplifies social engineering opportunities. Cybercriminals enjoy an expansive attack surface, novel attack vectors, and an increasing number of vulnerable points of entry. Threat actors, both cyber and physical, continue to leverage social engineering due in part to its high rate of success. Security experts believe complex social engineering threats will continue across all vectors and attack levels will continue to intensify.

DHS Aging and Failing Infrastructure Report: Highway Bridges

DHS-CollapsingBridges

The Department of Homeland Security Office of Cyber and Infrastructure Analysis (DHS/OCIA) produces Critical Infrastructure Security and Resilience Notes in response to changes in the infrastructure community’s risk environment from terrorist activities, natural hazards, and other events. This product summarizes the findings related to highway bridges that were identified in the National Risk Estimate on Aging and Failing Critical Infrastructure Systems released by DHS/OCIA in December 2014.

(U//LES) DHS Militia Extremist Movement Reference Guide

DHS-MilitiaExtremists_Page_1

The violent militia extremist movement in the United States is comprised of a collection of distinct, but organized, paramilitary groups that have engaged in violent criminal activities and terrorism-related plots to advance their anti-government beliefs. Individual violent militia extremists have been convicted of a range of firearms and explosives violations and criminal conspiracy charges. The violent militia extremist movement is a subset of the larger militia movement; many groups and individuals involved in the overall militia movement do not commit criminal or violent acts.

DHS Reference Aid on Illicit Uses of Drones and Model Aircraft

OCIA-ModelAircraft

Model Aircraft are custom built or commercially produced unmanned aircraft systems (UAS) that meet the statutory definition of Model Aircraft and operate in accordance with the statutory requirements for Model Aircraft. These are sometimes referred to as radio controlled airplanes or aircraft and usually require one individual for operational control. Some Model Aircraft are capable of sustained flight for approximately 2 hours or less depending on the type of Model Aircraft (Rotary or Fixed Wing) and power source (e.g. nitromethane, lithium ion, and lithium polymer batteries). Model Aircraft must be flown within visual line of sight of the operator; however, there is an increasing use of first person view technology that allows operation to occur beyond line of sight and at altitudes in excess of several hundred feet.

DHS Report on Cyber-Physical Infrastructure Risks to Smart Cities

DHS-OCIA-SmartCities

As technology pervades into our everyday lives, once simple devices have become smarter and more interconnected to the world around us. This technology is transforming our cities into what are now referred to as “Smart-Cities”. Smart Cities have been defined as urban centers that integrate cyber-physical technologies and infrastructure to create environmental and economic efficiency while improving the overall quality of life. The goal of these new cities is to create a higher quality of life, a more mobile life and an overall increased efficient use of available resources. Some examples of Smart-City technologies are interconnected power grids reducing power waste, smarter transportation resulting in increased traffic management, and smarter infrastructures that reduce hazards and increase efficiency.

(U//FOUO) DHS-FBI Bulletin: Criminal Hackers Target Police to Protest Perceived Injustices

DHS-FBI-HackersTargetPolice

Disruptive cyber attacks by criminal hackers—primarily distributed-denial-of-service (DDoS) attacks—targeting local law enforcement websites have increased since August 2014. We judge that this is almost certainly a result of the heightened coverage surrounding the alleged use of excessive force by law enforcement and an increased focus on incidents of perceived police brutality. The primary impact from the majority of these attacks has been the temporary disruption of the targeted public-facing websites.

(U//FOUO) DHS-FBI-NCTC Bulletin: Terrorist Impersonation of First Responders Overseas

DHS-FBI-NCTC-ImpersonatingResponders

(U//FOUO) Two disrupted plots in Europe earlier this year highlight terrorists possible interest in impersonating first responders through the acquisition of authentic or fraudulent uniforms, equipment, vehicles, and other items which may be associated with government, military, law enforcement, fire,…

DHS Guide: Improving Survivability in Improvised Explosive Device and Active Shooter Incidents

DHS-SurvivingActiveShooterIEDs

Recent improvised explosive device (IED) and active shooter incidents reveal that some traditional practices of first responders need to be realigned and enhanced to improve survivability of victims and the safety of first responders caring for them. This Federal, multi-disciplinary first responder guidance translates evidence-based response strategies from the U.S. military’s vast experience in responding to and managing casualties from IED and/or active shooter incidents and from its significant investment in combat casualty care research into the civilian first responder environment. Additionally, civilian best practices and lessons learned from similar incidents, both in the United States and abroad, are incorporated into this guidance. Recommendations developed in this paper fall into three general categories: hemorrhage control, protective equipment (which includes, but is not limited to, ballistic vests, helmets, and eyewear), and response and incident management.

The Increasing Sophistication and Legitimacy of the Islamic State

isis-belgium-header

The Islamic State of Iraq and the Levant (ISIL) has become the preeminent terror group among U.S.-based extremists according to an assessment authored by the Department of Homeland Security and more than a dozen state and local fusion centers. Individuals determined to fight “overseas in a Muslim-majority country” or conduct attacks domestically will be “more likely to derive inspiration from ISIL than [al-Qaeda] or any of its affiliates” as long as ISIL can maintain its “current level of perceived legitimacy and relevancy.” This assessment of ISIL’s increasing popularity among domestic extremists is the focus of a ten page Field Analysis Report obtained by Public Intelligence titled Assessing ISIL’s Influence and Perceived Legitimacy in the Homeland: A State and Local Perspective. Drawing on suspicious activity reports from around the country as well as intelligence reporting from DHS and the Bureau of Prisons, the report finds that ISIL’s military successes in Iraq and Syria along with the group’s self-proclaimed re-establishment of the caliphate have captured the attention of violent extremists likely to buy in to its “violent extremist counterculture.”

(U//FOUO) DHS Assessment: Future ISIL Operations in the West Could Resemble Disrupted Belgian Plot

DHS-FutureOperationsISIL

I&A assesses that the plot disrupted by Belgian authorities in January 2015 is the first instance in which a large group of terrorists possibly operating under ISIL direction has been discovered and may indicate the group has developed the capability to launch more complex operations in the West. We differentiate the complex, centrally planned plotting in Belgium from other, more-simplistic attacks by ISIL-inspired or directed individuals, which could occur with littleto no warning.

(U//FOUO/LES) DHS Report: Assessing ISIL’s lnfluence and Perceived Legitimacy in the Homeland

DHS-AssessingLegitimacyISIL

This Field Analysis Report (FAR) is designed to support awareness and inform enforcement and collection operations of federal, state, and local partners involved in homeland security and counterterrorism efforts. Some of the activities described in the FAR may be constitutionally protected activities and should be supported by additional facts to justify increased suspicion. The totality of relevant circumstances should be evaluated when considering any law enforcement response or action. Our assessment of the level of the Islamic State of Iraq and the Levant’s (ISIL) name recognition since its declaration of a caliphate in June 2014 is based on a review of suspicious activity reporting (SAR) across the United States between 1 January and 30 December 2014, criminal complaints of US persons charged with supporting or seeking to support ISIL, Bureau of Prisons (BOP) intelligence reporting, and DHS I&A open source reporting to assess the influence of ISIL’s messaging campaign within the United States and ISIL’s perceived legitimacy among homegrown violent extremists (HVEs).

DHS Privacy and Civil Liberties Assessment Report on Executive Order 13636

DHS-ExecutiveOrder13636

Section 5 of Executive Order 13636 (Executive Order) requires the DHS Chief Privacy Officer and Officer for Civil Rights and Civil Liberties to assess the privacy and civil liberties impacts of the activities the Department of Homeland Security (DHS, or Department) undertakes pursuant to the Executive Order and to provide those assessments, together with recommendations for mitigating identified privacy risks, in an annual public report. In addition, the DHS Privacy Office and the Office for Civil Rights and Civil Liberties (CRCL) are charged with coordinating and compiling the Privacy and Civil Liberties assessments conducted by Privacy and Civil Liberties officials from other Executive Branch departments and agencies with reporting responsibilities under the Executive Order.

(U//FOUO) DHS Infrastructure Protection Note: Most Significant Tactics Against the Electricity Subsector

DHS-ElectricGridAttacks

This IP Note is a joint publication of OCIA and the DHS Office of Intelligence and Analysis (I&A) Homeland Counterterrorism Division. It is intended to identify high- consequence tactics, techniques, and procedures (TTPs) used during attacks and incidents that occurred at electrical substations, facilities, and associated electrical infrastructure from 2002 to 2013. The incidents identified in this report have no known nexus to terrorism.

Bureau of Justice Assistance Guide: Cyber Integration for Fusion Centers

BJA-CyberFusionCenters

This document identifies recommended actions and guidance for state and major urban area fusion centers (fusion centers) to integrate information technology, cybersecurity, and cybercrime1 prevention (cyber) intelligence and analytic capabilities. Development of these capabilities will inform local, state, and national detection, mitigation, response, recovery, investigation, and criminal prosecution activities that support and maintain the United States’ cybersecurity.

(U//FOUO) DHS-DOT-EPA Crude Oil Transport by Rail Preparedness Initiatives Guide

DHS-DOT-EPA-CrudeTransportPreparedness

Domestic rail shipments of crude oil grew from 9,500 train car loads in 2008 to 435,560 loads in 2013—an increase of nearly 4,500 percent. The growth in shipment volume has increased the threat of spills, explosions, and other effects associated with a train derailment or crash. Recent incidents in Lac Mégantic, Quebec, Lynchburg, Virginia, Mount Carbon, West Virginia, and Galena, Illinois demonstrate the consequences of crude by rail incidents on surrounding communities and natural environments.

On Twentieth Anniversary of Oklahoma City Bombing, Feds Warn of Domestic Extremist Threat

This

A joint intelligence bulletin released by the Department of Homeland Security and FBI to coincide with the twentieth anniversary of the Oklahoma City Bombing warns that “domestic extremism will remain a persistent threat through the end of 2015 and beyond” with “high confidence that lone offenders and those who pursue leaderless resistance continue to pose the greatest threat of violence.” The bulletin, which is based on “recent patterns of extremist activity” often “taken by those who plan and act alone or in small cells,” states that domestic extremism “remains a persistent threat, and the United States has experienced violent ideologically-motivated criminal acts, both prior to and after the Oklahoma City attack” including “assaults, arsons, shootings, and use, or attempted use, of improvised incendiary and explosive devices, resulting in death, injury, and property damage.” Moreover, the bulletin states that “many of the same motivations used by domestic extremists to justify their criminal acts in the mid-1990s—anti-government and anti-law enforcement sentiment; racial, ethnic, and religious hatred; and advocacy of violent conspiracy theories—continue to influence domestic extremists and their targeting choices in 2015.”

(U//FOUO) DHS-FBI Bulletin: Twenty Years After Oklahoma City Bombing, Domestic Extremism Remains a Persistent Threat

DHS-FBI-DomesticExtremistThreat

This Joint Intelligence Bulletin (JIB) prepared by the FBI and DHS is intended to provide law enforcement with a summary of significant domestic extremist incidents occurring during the previous 15 months. This product highlights the breadth and frequency of current domestic extremist threats against Homeland targets, and places them in the context of the 20th anniversary of the1995 bombing of the Alfred P. Murrah Federal Building in Oklahoma City, Oklahoma. This information is provided to support the activities of the FBI and DHS and to assist other federal, state, local, tribal, and territorial counterterrorism and law enforcement officials and private sector security officials in identifying existing or emerging threats to homeland security.

DHS Acquisition of License Plate Reader Data from a Commercial Service Privacy Impact Assessment

DHS-CommercialLPR

U.S. Immigration and Customs Enforcement (ICE) uses information obtained from license plate readers (LPR) as one investigatory tool in support of its criminal investigations and civil immigration enforcement actions. Because LPR information can be combined with other data to identify individuals and therefore meets the definition of personally identifiable information (PII), ICE is conducting this Privacy Impact Assessment (PIA) to describe how it intends to procure the services of a commercial vendor of LPR information in order to expand the availability of this information to its law enforcement personnel. ICE is neither seeking to build nor contribute to a national public or private LPR database.

Information Sharing Environment (ISE) Functional Standard for Suspicious Activity Reporting Version 1.5.5

ISE-SAR-FunctionalStandard-1.5.5

This issuance updates the Functional Standard for ISE-SARs and is one of a series of Common Terrorism Information Sharing Standards (CTISS) issued by the Program Manager for the Information Sharing Environment (PM-ISE). While limited to describing the ISE-SAR process and associated information exchanges, information from this process may support other ISE processes, to include alerts, warnings, and notifications; situational awareness reporting; and terrorist watchlisting.

National Strategy for the National Network of Fusion Centers 2014-2017

NationalFusionCenterStrategy-2014-2017

The vision of the 2014–2017 National Strategy is to connect the geographic and public safety diversity of over 38,000 states, counties, cities, and towns together in a way that creates a national information sharing asset that is coordinated with and contributes to federal information sharing efforts. Federal efforts to connect the knowledge and capabilities of the Intelligence Community (IC) often involve state and local law enforcement joining federal efforts. The NNFC is the reversal and broadening of this framework, inviting federal partners to join state and local public safety information sharing efforts. In carrying out this strategy, IC professionals have an opportunity and avenue to bring their knowledge and capabilities to state and major urban area fusion centers, designated by governors and staffed by state and local professionals. As a unique national asset, this state and local network must work seamlessly with field-based intelligence and information sharing entities, providing geographic and interdisciplinary knowledge and perspective without interrupting or replicating federal efforts. The 2014–2017 National Strategy integrates with other criminal intelligence sharing efforts supported by the Criminal Intelligence Coordinating Council.

Feds Issue Bulletin Warning ISIL’s “Savvy” Use of Media is Resonating with Western Youth

The fo

The “innovative use of social media and messaging” by the Islamic State of Iraq and the Levant (ISIL) “has played a key role in motivating young Western males and females to travel to the Syrian conflict to join and support the self-declared Islamic State” according to a join intelligence bulletin released by the Department of Homeland Security and FBI last month. The 5-page bulletin titled “ISIL Social Media Messaging Resonating with Western Youth” was disseminated to law enforcement throughout the country at the end of February to report on the “continuing trend” of Western youth being inspired to travel to Syria and join ISIL forces. According to the bulletin, this trend is aided by the fact that “Western youth are willing to connect over social media with like-minded persons, and have proven adept at obfuscating such social media usage from their parents and guardians.”

(U//FOUO) DHS-FBI Bulletin: ISIL Social Media Messaging Resonating with Western Youth

DHS-FBI-SocialMediaISIL

This Joint Intelligence Bulletin (JIB) is intended to provide information on a continuing trend of Western youth being inspired by Islamic State of Iraq and the Levant (ISIL) messaging via social media to travel to Syria to participate in the conflict. This JIB is provided to support the activities of FBI and DHS to assist federal, state, local, tribal, and territorial government counterterrorism and law enforcement officials and private sector security partners in deterring, preventing, or disrupting terrorist attacks in the United States.