In May 2015, the wife of a US military member was approached in front of her home by two Middle-Eastern males. The men stated that she was the wife of a US interrogator. When she denied their claims, the men laughed. The two men left the area in a dark-colored, four-door sedan with two other Middle-Eastern males in the vehicle. The woman had observed the vehicle in the neighborhood on previous occasions.
(U//FOUO) DHS-FBI-NCTC Bulletin: ISIL Supporters Targeting Uniformed Personnel for Weapons and Equipment
In the first half of 2015 there were at least two instances of Islamic State of Iraq and the Levant (ISIL) inspired individuals in the West expressing interest in targeting law enforcement (LE) to obtain weapons and other specialized gear through theft. As ISIL continues to exhort its individuals in the West to carry out attacks, the potential exists that some terrorists may use this tactic and attempt to steal weapons or issued items, such as credentials, badges, uniforms, radios, ballistic vests, vehicles, and other equipment, which could be used in furtherance of an attack. We note that laws governing the purchase of firearms differ widely among Western nations making this tactic more likely to occur in countries where laws are most restrictive and firearms are harder to obtain through legitimate means.
I&A assesses that the plot disrupted by Belgian authorities in January 2015 is the first instance in which a large group of terrorists possibly operating under ISIL direction has been discovered and may indicate the group has developed the capability to launch more complex operations in the West. We differentiate the complex, centrally planned plotting in Belgium from other, more-simplistic attacks by ISIL-inspired or directed individuals, which could occur with littleto no warning.
This Field Analysis Report (FAR) is designed to support awareness and inform enforcement and collection operations of federal, state, and local partners involved in homeland security and counterterrorism efforts. Some of the activities described in the FAR may be constitutionally protected activities and should be supported by additional facts to justify increased suspicion. The totality of relevant circumstances should be evaluated when considering any law enforcement response or action. Our assessment of the level of the Islamic State of Iraq and the Levant’s (ISIL) name recognition since its declaration of a caliphate in June 2014 is based on a review of suspicious activity reporting (SAR) across the United States between 1 January and 30 December 2014, criminal complaints of US persons charged with supporting or seeking to support ISIL, Bureau of Prisons (BOP) intelligence reporting, and DHS I&A open source reporting to assess the influence of ISIL’s messaging campaign within the United States and ISIL’s perceived legitimacy among homegrown violent extremists (HVEs).
Radicalization is a critical subset of the terrorist threat. The RCMP defines radicalization as the process by which individuals — usually young people — are introduced to an overtly ideological message and belief system that encourages movement from moderate, mainstream beliefs towards extreme views. While radical thinking is by no means problematic in itself, it becomes a threat to national security when Canadian citizens or residents espouse or engage in violence or direct action as a means of promoting political, ideological or religious extremism.
An intelligence assessment released last month by the Department of Homeland Security’s Office of Intelligence and Analysis found that a domestic terrorist attack conducted by individuals affiliated with or inspired by the Islamic State of Iraq and the Levant (ISIL) would most likely “employ tactics involving edged weapons, small arms, or improvised explosive devices (IEDs).” The assessment, which was obtained by Public Intelligence, was released in October following several recent attacks conducted in Europe and Australia by individuals sympathetic to ISIL. Based on a review of these and other planned attacks, analysts at DHS evaluated the tactics and targets, as well as operational security measures employed in order to determine “tactics, targets, and tradecraft that potentially could be used in the Homeland by individuals associated with or inspired” by ISIL.
This Assessment highlights the tactics, targets, and tradecraft that potentially could be used in the Homeland by individuals associated with or inspired by the Islamic State of Iraq and the Levant (ISIL); we do not address the likelihood of an attack against the United States by the group. This Assessment is intended to support the activities of DHS to assist federal, state, and local government counterterrorism and law enforcement officials, first responders, and private sector security partners in effectively deterring, preventing, preempting, or responding to terrorist attacks against the United States.
Propaganda providing guidance and/or encouraging “individual jihad” or small cell operations against the West continues to be a prevalent theme in jihadist messaging. This bulletin was created by the CFIX in order to address recent propaganda from the Islamic State and its supporters which provides guidance on targeting law enforcement officers. The CFIX bases its analysis in this bulletin from open source reporting and internet postings with varying degrees of reliability, especially in regards to the true intention and capabilities of terrorist organizations and their supporters. This information is intended to support local, state and federal government agencies along with other entities in developing / prioritizing protective and support measures relating to an existing or emerging threat to homeland security.
The Transportation Security Administration’s Office of Intelligence (TSA-OI) unclassified annual Freight Rail Threat Assessment addresses the overall threat to the U.S. freight rail industry and presents conclusions regarding likely targets and actors based upon a review of successful attacks against rail systems overseas.
The FBI Cyber Division has issued a notification to private industry and law enforcement to be aware of the potential for retaliatory cyber attacks following recent U.S. military actions in the Middle East. While the FBI has “no information at this time to indicate specific cyber threats to US networks or infrastructure in response to ongoing US military air strikes against the terrorist group known as the Islamic State of Iraq and the Levant (ISIL)” the bulletin states that the FBI believes that “extremist hackers and hacktivist groups, including but not limited to those aligned with the ISIL ideology, will continue to threaten and may attempt offensive cyber actions against the United States in response to perceived or actual US military operations in Iraq or Syria.”
(U//FOUO) Army Threat Integration Center (ARTIC) Special Assessment: ISIL Threats Against the Homeland
This ARTIC Special Assessment provides an overview of potential threats posed by the Islamic State of Iraq and the Levant (ISIL), its supporters, those swayed by radical Islam, and lone offenders with the intent or inclination to act on ISIL’s behalf. Presently, the Intelligence Community has not identified any corroborative or definitive extremist plots focused on the US Army, its Soldiers, Government Civilians, and Family Members. However, terrorist groups and their supporters have the capability of conducting attacks with little to no warning in the Homeland and against US military installations and facilities worldwide. Given the continued rhetoric being issued by ISIL’s media services and supporters through various social media platforms the ARTIC is concerned of the possibility of an attack. Soldiers, Government Civilians and Family Members are reminded to be vigilant of their surroundings and report suspicious activities to their respective military or local law enforcement.
(U//FOUO) FBI Bulletin: Threat of Cyberterrorist and Hacktivist Activity in Response to U.S. Military Actions in the Middle East
The FBI has no information at this time to indicate specific cyber threats to US networks or infrastructure in response to ongoing US military air strikes against the terrorist group known as the Islamic State of Iraq and the Levant (ISIL), also known as the Islamic State of Iraq and al-Shams (ISIS) or the Islamic State (IS). However, the FBI assesses extremist hackers and hacktivist groups, including but not limited to those aligned with the ISIL ideology, will continue to threaten and may attempt offensive cyber actions against the United States in response to perceived or actual US military operations in Iraq or Syria. The FBI bases this assessment on recent, nonspecific, and probably aspirational threats made on social media platforms to carry out cyber as well as physical attacks in response to the US military presence in the Middle East.
First responders, such as law enforcement, emergency medical services (EMS), and firefighters, often arrive at incidents completely focused on the emergency at hand. Whether it is a fire, a chest pain complaint, or a vehicular accident, the first responders prepare for certain events to take place during emergency situations and personal safety is a priority throughout the response. Unfortunately, in the past few years there are have been several occurrences where first responders became the victims of ambushes while performing their duties to protect citizens and save lives.
On April 15, 2013, two pressure cooker bombs placed near the finish line of the Boston Marathon detonated within seconds of each other, killing three and injuring more than two hundred people. Law enforcement officials identified brothers Tamerlan and Dzhokhar Tsarnaev as primary suspects in the bombings. After an extensive search for the then-unidentified suspects, law enforcement officials encountered Tamerlan and Dzhokhar Tsarnaev in Watertown, Massachusetts. Tamerlan Tsarnaev was shot during the encounter and was pronounced dead shortly thereafter. Dzhokhar Tsarnaev, who fled the scene, was apprehended the following day and remains in federal custody.
Impersonation by assuming the identity, behavior, or appearance of first responders can allow terrorists access to restricted or secure locations, including the scene of emergencies when unchallenged. This access can allow terrorists the ability to conduct pre-operational surveillance or carry out a primary attack or a secondary attack against first responders. The method of impersonation may not be limited to the use of uniforms, clothing, badges and identification; civilian vehicles may be accessorized to appear as legitimate emergency vehicles.
Recent incidents in the Homeland demonstrate that consumer fireworks—widely used during the upcoming 4 July 2013 celebrations—can be misused by criminals and violent extremists to construct improvised explosive devices (IEDs). Consumer fireworks are defined as devices that produce audible and visible effects by combustion, containing between 50-130 milligrams of explosive material. They are banned in Delaware, Massachusetts, New Jersey, and New York.
Within DHS, this overarching responsibility for critical infrastructure protection is delegated to the National Protection and Programs Directorate’s (NPPD) Office of Infrastructure Protection (IP), specifically the Sector-Specific Agency Executive Management Office (SSA EMO) CF Branch for commercial facilities. Serving as the Sector-Specific Agency (SSA) for the CF Sector, the CF Branch works with its partners to address and highlight low-cost preparedness and risk management options in the products and tools it makes available to the private sector. For example, the CF SSA has been working to produce a suite of protective measures guides that provide an overview of best practices and protective measures designed to assist owners and operators in planning and managing security at their facilities or events. The Protective Measures Guide for the U.S. Outdoor Venues Industry is one of these guides and reflects the special considerations and challenges posed by the Outdoor Venues Subsector.
Malicious actors may leverage the Internet to gain information against a potential target to support pre-operational planning efforts for kinetic or cyber attacks. Malicious actors can use Internet search engines for information such as maps, company photographs or blueprints, and gain additional details from social media sites and Web blogs. Some actors may use more sophisticated techniques—such as phishing, spear phishing, or actual penetration of an organization’s network or devices—which can be used to gather personal, sensitive, or proprietary data.
(U//FOUO) DHS-FBI Report: Idaho Man Arrested for Providing Material Support to Islamic Movement of Uzbekistan
This Joint Intelligence Bulletin (JIB) provides information on the 16 May 2013 arrest of Idaho-based Uzbekistan national Fazliddin Kurbanov by the FBI Boise Joint Terrorism Task Force (JTTF). On 16 May, Kurbanov was charged under two indictments alleging terrorism, one each in the United States District Court, District of Idaho and United States District Court, District of Utah. FBI and DHS are providing this information to support their respective activities and to assist federal, state, local, tribal, and territorial government counterterrorism and law enforcement officials and the private sector in deterring, preventing, or disrupting terrorist attacks against the United States. All events described in this JIB are taken from the criminal indictment. The charges contained in the indictment are mere allegations. As in any criminal case, the defendant is presumed innocent until proven guilty in a court of law.
Terrorists and violent extremists have used—or considered using—diversionary tactics in terrorist attacks overseas. Diversionary tactics are often used to draw security forces and first responders away from the intended primary target of the attack and may be used as part of a complex or multi-pronged attack. Diverting first responders to a location other than the primary target of an attack delays the response and the provision of medical care to victims, and depletes first responder resources.
The National Counterterrorism Center (NCTC) warned in November of last year that precursor components needed to produce improvised explosive devices (IEDs) are “widely and legally available in sufficient quantities through a variety of sources” in the U.S. and are difficult to regulate due to their legitimate uses.
A facilitated brainstorming session was convened to identify and examine the most common misconceptions about conventional Homeland plotting. These misconceptions stemmed from inquiries received from Federal, state, local, tribal, and private-sector consumers and from articles published by outside experts and in the media. Analysts identified the following six misconceptions as the most common and compared them with current analytic lines.
This Joint Intelligence Bulletin provides law enforcement and private sector safety officials with protective measures in light of the recent explosions that took place at the 2013 Boston Marathon in Boston, Massachusetts. The information is provided to support the activities of DHS and FBI and to assist federal, state, local, tribal, and territorial government counterterrorism and first responder officials and the private sector to deter, prevent, preempt, or respond to terrorist attacks in the United States.