A bulletin released in late June by the Department of Homeland Security’s (DHS) National Cybersecurity and Communications Integration Center (NCCIC) warning of the recent activities by LulzSec and Anonymous has surfaced online. The unclassified bulletin titled “Hacktivist Groups Target U.S. and Foreign Networks” was recently posted to an unknown online network security website Aisle.net before being subsequently removed. The site it was posted to has also disappeared and now visitors to the domain are greeted with a blank screen. While the full document is not recoverable at this point in time, a cached version of the document’s summary contains a number of surprising admissions regarding the effectiveness of basic techniques utilized by LulzSec/Anonymous.
The DBT Report is a stand-alone threat analysis to be used with the Physical Security Criteria for Federal Facilities: An ISC Standard. The document establishes a profile of the type, composition, and capabilities of adversaries, and it is also designed to correlate with the countermeasures in the compendium of standards and to be easily updated as needed. The DBT is an estimate of the threats that face Federal facilities across a range of undesirable events and based on the best intelligence information, Intelligence Community (IC) reports and assessments, and crime statistics available to the working group at the time of publication. Users of the DBT must consider that undiscovered plots may exist, adversaries are always searching for new methods and tactics to overcome security measures, and the lone-wolf adversary remains largely unpredictable.
The ICE Pattern Analysis and Information Collection (ICEPIC) system was established in 2008 to enable ICE law enforcement agents and analysts to look for non-obvious relationship patterns among individuals and organizations that are indicative of violations of the customs and immigration laws that are enforced by DHS agencies, as well as possible terrorist threats and plots. From these relationships, ICE agents develop specific leads and intelligence for active and new investigations. Identified relationships are also recorded for reuse in subsequent investigative analyses. The information processed by ICEPIC comes from existing ICE investigative and apprehension records systems, as well as immigration and alien admission records systems. ICEPIC includes capabilities that assist investigators in recording results of analyses performed in support of investigations and in capturing additional relevant information obtained from outside sources. The information collected by, on behalf of, in support of, or in cooperation with DHS and its components may contain personally identifiable information collected by other Federal, State, local, tribal, foreign government agencies, or international organizations.
Terrorists can acquire precursor materials legally through a variety of commercial transactions, secondhand from individuals with access to such substances, or through theft. Many precursors can be purchased legitimately and without special authorization from chemical supply stores. They also are available at retail stores that sell beauty supply products, hardware and home improvement materials, groceries, and swimming pool supplies, and are used widely in hospitals, universities, construction sites, industrial facilities, farms, and mining operations.
The National Socialist Movement (NSM) USPER is the most active neo-Nazi group operating in the United States. It has grown from a small organization with a limited following confined to the mid-western United States to the preeminent National Socialist group in the nation. Despite having recently suffered a defection of several regional leaders, NSM remains an influential force within white supremacist circles and the only major racist group that eschews all attempts to distance its methods and objectives from those of the Third Reich. NSM has a reputation for conducting numerous public rallies that have triggered a violent response, including a riot in Toledo, Ohio, in October 2005.
The 2008 Homeland Security Threat Assessment (HSTA) is a strategic assessment looking out five years. The HSTA represents the analytical judgments of the Department of Homeland Security (DHS) Intelligence Enterprise (IE) regarding the critical threats to the U.S. Homeland that the Department will need to address in the period 2008-2013.
This Homeland Security Assessment examines threats to U.S. border security emanating from the Mexican state of Sonora, which borders Arizona and a small section of New Mexico. It discusses drug and alien smuggling, border violence, and Mexican federal, state, and local government capabilities to confront organized crime. This is the fifth of six planned assessments on current threats to homeland security arising in Mexican states along the U.S. border. It is intended primarily for working-level analysts and operators engaging in homeland security-related activities and concerned with pertinent developments in Sonora and nearby U.S. territory.
A presentation from U.S. Immigration and Customs Enforcement’s Enforcement Systems Branch on the status of information sharing presented at the 2011 AFCEA Homeland Security Conference on February 23, 2011.
According to Debkafile, an Israeli electronic news website, a group claiming to be al-Qa‘ida has declared 11 November 2007 as the first day of a campaign of “electronic jihad” on the Internet. According to Debkafile, unspecified “al-Qa‘ida electronic experts” allegedly would begin attacking “Western, Jewish, Israeli, Muslim apostate and Shiite Web sites on that date with many more jihadist hackers joining in the attacks later [sic].” DHS and the FBI have no specific or credible information corroborating these cyber attack claims, or intelligence indicating this group is tied to al-Qa‘ida.
This assessment is intended to support the activities of DHS and to assist federal, state, and local government counterterrorism and law enforcement officials, and the private sector in deterring, preventing, preempting, or responding to terrorist attacks against soft targets such as hotels in the United States. It is intended to support the national “See Something, Say Something” campaign.
(U//FOUO) DHS Identifying Clandestine Biological, Chemical, Explosives, and Methamphetamine Laboratories
The purpose of this assessment is to assist members of the law enforcement and public safety communities in differentiating among four types of clandestine laboratories: biological, chemical, explosives, and methamphetamine. It provides descriptions, distinguishing features, and hazards of each type of laboratory and includes four reference guides for distribution to public safety personnel. This assessment expands on a related product—Distinguishing a Biological Agent Production Laboratory from a Methamphetamine Laboratory, Lawrence Livermore National Laboratory, 22 January 2008—by including indicators and warning signs associated with clandestine chemical and explosives laboratories.
To consider terrorist threat indicators in relationship to chemical storage facilities, it is useful to understand the basic structure of the industry and what general types of facilities might be attractive targets for terrorist attack. Chemical storage facilities are attractive terrorist targets because they can contain toxic and hazardous materials, can create extensive casualties and property damage, and can be a source of materials for use in other attacks. Figure 1 shows some of the potential terrorist targeting objectives.
The United States (U.S.) has two types of pipelines that transport petroleum: those that carry crude oil and those that carry refined petroleum products, such as gasoline, diesel fuel, jet fuel, and home heating oil. Pipelines transport more than two-thirds of all crude oil and refined products in the U.S. Other transportation modes are water, which includes ocean tankers and barges and accounts for 28% of petroleum transportation; tanker trucks, which account for 3% of petroleum transportation; and railroads, which account for 2% of petroleum transportation. The U.S. has more than 200,000 miles of petroleum pipelines.
Highway tunnels are enclosed passageways for road vehicles to travel through or under an obstruction, such as a city, mountain, river, or harbor. Tunnels may have one or more “tubes,” and some are also equipped with rail lines for trains. Highway tunnels are generally classified with regard to their method of construction: bored, cut and cover, or submerged. Tunnels through hard rock formations are usually bored (i.e., drilled) and finished to facilitate vehicular traffic. Very large boring machines are often used to cut the tunnel tubes through the hard rock formation.
A refinery comprises upstream components, process units, downstream components, and product storage. There are four basic processes used in refineries to produce products. Distillation is used to separate hydrocarbons of similar boiling range into intermediate and final products. Chemical processes are used to change the structure of the hydrocarbons to give them different properties breaking them into smaller pieces or combining them into larger ones. Treating processes are used to remove impurities such as sulfur, and blending systems are used to combine intermediate products and additives into final products for sale.
This Joint Intelligence Bulletin provides law enforcement and public and private sector officials with information for consideration in the wake of the death of Usama bin Ladin. This information is provided to support the activities of DHS and FBI and to help federal, state, and local government counterterrorism and law enforcement officials deter, prevent, preempt, or respond to terrorist attacks directed against the United States.
While hazardous and nonhazardous chemicals are stored and used in many industries, the focus of this report is specific to facilities that manufacture chemicals. A chemical manufacturing facility comprises upstream components, process units, downstream components, and product storage. The chemical manufacturing process can be further divided into the following five stages, each of which may contain one or more processing activities: (1) receipt of chemical ingredients, (2) temporarily staging or storing chemical ingredients awaiting use in production, (3) processing chemical ingredients into product, (4) temporarily staging or storing chemical products awaiting shipment, and (5) shipping chemical products.
Steam power plants burn fossil fuel in the furnace of a steam boiler. Steam from the boiler expands through a steam turbine, which is connected to a drive shaft of an electric generator. The exhaust vapor expelled from the turbine condenses, and the liquid is pumped back to the boiler to repeat the cycle. Steam power plants are designed to use coal, natural gas, or oil. Before combustion gases can be exhausted to the atmosphere, they typically must be cleaned to reduce particulates, NOx, and SO2 to levels required by federal and state regulations.
A subway system, as defined here, includes not only the portion of a rail rapid transit system that is underground, but also the other portions of the rail rapid transit system, even if they are not beneath the ground surface. Data for U.S. subways are typically collected under the heading of “heavy rail,” which is an electric railway with the capacity to transport a heavy volume of passenger traffic and characterized by exclusive rights-of-way, multi-car trains, high speed, rapid acceleration, sophisticated signaling, and high-platform loading. Heavy rail is also known as “subway,” “elevated (railway),” or “metropolitan railway (metro).” Subway systems are typically only one division of a transit agency. Bus, light rail, and commuter rail often operate as feeders to subway stations.
Shopping malls are potential targets for terrorist attacks because of the ability to inflict casualties, cause economic damage, and instill fear. Furthermore, they are “soft targets” in that they are serve the general public, and the presence of a significant number of American citizens is assured at certain times of the day. Due to the nature of their functions, these facilities usually lack perimeter or access controls. Due to their accessibility, soft targets are more vulnerable, and virtually impossible to defend against terrorist attacks. Damage or destruction of a large mall could inflict mass casualties, primarily on site; shut down or degrade its operation, thus having a significant impact on the economic well-being of a large area; have widespread psychological impact; and cause the release of hazardous materials.
Underwater cables carry telecommunications traffic (voice and data) under bodies of water (e.g., lakes and seas). These cables carry about 95% of all intercontinental telecommunications traffic. International banking and finance transactions are highly dependent on underwater (also known as submarine) communications cables. Some military communications traffic is carried via underwater cables. Most underwater communications cables in service are fiber-optic cables. New systems are almost always equipped with fiber-optic cables (rather than older technology coaxial cables). Underwater cable systems have expanded in recent years due to increased demand, changes in technology, and reduction in costs. This paper focuses on the gateway point to underwater cable systems, the cable landing station, including the fiber run from the station to shore where the fiber enters the water. Additional detail on the underwater portion of fiber cabling can be found in Characteristics and Common Vulnerabilities, Infrastructure Category: Underwater Cables (Draft, December 15, 2003).
The Intelligence Community (IC) assesses the death of al-Qa‘ida leader Usama Bin Ladin could result in retaliatory attacks in the Homeland and against US and Western interests overseas. Attacks might originate with al-Qa‘ida Core elements in the tribal areas of Pakistan, with one of their affiliates overseas, and/or with individuals in the homeland sympathetic to the cause but lacking a formal group association. We have no indications of advanced al-Qa‘ida Core plotting efforts in the Homeland, but the case of now-detained al-Qa‘ida operative Najibullah Zazi—who, along with two associates, planned to attack the New York City subway in 2009 using homemade explosives—demonstrates that unidentified operatives could advance plotting in the homeland.
Successful contamination of fluid milk can have serious public health consequences, since the product moves through the distribution and consumption stages very quickly. The shelf life of fluid milk is short compared to the shelf life of other food products; fluid milk is bought and used by consumers in short time periods. This leads to the potential for a rapid spread of any contaminated product. Fluid milk is consumed by all segments of the population from infants to the elderly. Health impacts from contamination could reach a wide range of people, including those with limited ability to recover from an induced illness. Some milk products such as cheese and ice cream have longer shelf lives and more limited consumption patterns than does fluid milk. Health impacts from the contamination of these products would be confined to a smaller group. Moreover, the longer times between production and consumption allow for response actions (e.g., product recall) to be implemented more effectively.
LNG is typically created in a three-step process. First, gaseous-form natural gas, extracted from the ground in neighboring oil reservoirs, is “frozen” into a liquid state through a complex cryogenic process (called liquefaction). The LNG boiling point is -260°F. In a liquid state, the volume of the gas is greatly reduced; it would take 600 ships carrying natural gas to equal the cargo contained on just one LNG tanker. Thus, it is practical and economical to import natural gas from overseas. The density of LNG is 26.5 pounds per cubic foot, or less than half that of water. LNG is odorless, colorless, non-corrosive, and nontoxic.
Wastewater is water that has been used. It includes substances such as human waste, food scraps, oils, soaps, and chemicals. Wastewater is derived from residential, commercial, and industrial activities. In homes, wastewater is produced from sinks, showers, bathtubs, toilets, washing machines, and dishwashers. Commercial and industrial activities also produce wastewater that must be treated prior to release to the environment. In addition to home and business production, wastewater can also be generated by storm runoff (referred to as inflow) and interception of ground water (infiltration). Because of potentially harmful substances that wash off roads, parking lots, and rooftops, this water must also be treated.