Department of Homeland Security

Department of Homeland Security, Federal Bureau of Investigation

(U//FOUO) DHS-FBI Intelligence Assessment: Baseline Comparison of US and Foreign Anarchist Extremist Movements

February 5, 2017

This joint DHS and FBI Assessment examines the possible reasons why anarchist extremist attacks in certain countries abroad and in the United States differ in the frequency of incidents and degree of lethality employed in order to determine ways US anarchist extremists actions might become more lethal in the future. This Assessment is intended to establish a baseline comparison of the US and foreign anarchist extremist movements and create new lines of research; follow-on assessments will update the findings identified in the paper, to include the breadth of data after the end of the reporting period (as warranted by new information), and identify new areas for DHS and FBI collaboration on the topic. This Assessment is also produced in anticipation of a heightened threat of anarchist extremist violence in 2016 related to the upcoming Democratic and Republican National Conventions—events historically associated with violence from the movement.

(U//FOUO) DHS Intelligence Note: Germany Christmas Market Attack Underscores Threat to Mass Gatherings and Open-Access Venues

January 17, 2017

A 25-ton commercial truck transporting steel beams from Poland to Germany plowed into crowds at a Christmas market in Berlin at about 2000 local time on 19 December, killing at least 12 people and injuring 48 others, several critically, according to media reporting citing public security officials involved in the investigation. The truck was reportedly traveling at approximately 40 miles per hour when it rammed the Christmas market stands. Police estimate the vehicle traveled 80 yards into the Christmas market before coming to a halt.

(U//LES) Homeland Security Investigations Presentation: Criminal Exploitation of Digital Currencies

January 14, 2017

A 2014 presentation from the Department of Homeland Security’s Homeland Security Investigations discussing the criminal use and exploitation of digital currencies such as bitcoin.

DHS-FBI Joint Analysis Report on GRIZZLY STEPPE Russian Malicious Cyber Activity

December 29, 2016

This Joint Analysis Report (JAR) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities. The U.S. Government is referring to this malicious cyber activity by RIS as GRIZZLY STEPPE.

(U//FOUO) DHS Cyber Threats to the Homeland Presentation

December 28, 2016

An October 2016 presentation from the Department of Homeland Security on cyber threats to the nation’s infrastructure.

(U//FOUO) DHS, Fusion Centers Reference Aid: Malicious Terrorism Hoaxes Likely to Endure, Strain State and Local First Responder Resources

November 22, 2016

This Reference Aid is intended to provide information on malicious terrorism hoaxes that will continue to challenge first responder resources throughout the Homeland and territories. This Reference Aid is provided by I&A, DIAC, NCRIC, NVRIC, and NJ-ROIC to support their respective activities, to provide situational awareness, and to assist federal, state, local, tribal, and territorial government counterterrorism and law enforcement officials and first responders with recognizing the indicators and implications of malicious terrorism hoaxes. The use of hoax calls may also be used as a technique to lure authorities to a particular location for the purpose of conducting a potential attack, but is not discussed in this article, as luring is viewed as its own distinct tactic.

(U//FOUO) DHS Assessment: Cyber Threats and Vulnerabilities to US Election Infrastructure

November 5, 2016

DHS has no indication that adversaries or criminals are planning cyber operations against US election infrastructure that would change the outcome of the coming US election. Multiple checks and redundancies in US election infrastructure—including diversity of systems, non-Internet connected voting machines, pre-election testing, and processes for media, campaign, and election officials to check, audit, and validate results—make it likely that cyber manipulation of US election systems intended to change the outcome of a national election would be detected.

DHS US-CERT Understanding Distributed-Denial-of-Service Attacks

October 23, 2016

One of the most significant cyber threats to businesses, local and federal government agencies is the Distributed-Denial-of-Service attack (DDoS). A Distributed Denial of Service attack (DDoS) occurs when an attacker commands a number of computers to send numerous requests to a target computer. The overwhelming flood of requests to the website or computer network can cause it to shut down or fail to handle the requests of legitimate users, much like a rush hour traffic jam on the freeway. This type of attack can completely disrupt an organization’s operations until the network is able to be restored. Understanding the basic concept and methods of a DDoS attack can help operators of both large and small networks mitigate the severity of the attack.

DHS San Francisco Earthquake Study Hayward Fault Magnitude 7.0 Scenario

October 16, 2016

The results of this analysis show a strong earthquake will likely cause significant damage to critical infrastructure in the area affecting 547 dams or water control structures, render approximately 300 roadway segments unusable, and cause damage to 172 water and wastewater treatment systems. The scenario earthquake will likely cause damage to 154 dams in the area. Seven of the dams will likely experience Extensive or Complete damage. The Ward Creek Dam, which is used for flood control, is likely to incur Complete damage. Extensive damage to the James H. Turner Dam poses the greatest risk to downstream population. The earthquake will cause damages to many road segments, bridges, and tunnels in the area. As a result, travel times on these roadways and others will increase significantly. Multiple areas on freeways such as I–680, I–880, and I–580 will have the highest above normal traffic volumes. Several bridges on these freeways will also likely incur Extensive damage. Tunnels in the area will likely have less damage with bores in the Caldecott Tunnel on State Route 24 experiencing only Moderate damage.

DHS Emerging Risk to Infrastructure from Unmanned Aerial Vehicles (UAVs)

October 9, 2016

A poster from the Department of Homeland Security’s Office of Cyber and Infrastructure Analysis regarding the threat posed by unmanned aerial vehicles (UAVs) to critical infrastructure from May 2016.

(U//FOUO) DHS-FBI-NCTC Bulletin: Homegrown Violent Extremists Focusing More on Civilian Targets

October 3, 2016

This Joint Intelligence Bulletin (JIB) is intended to provide new insight into the targeting preferences of some homegrown violent extremists (HVEs) and to examine detection challenges and opportunities. This JIB is provided by FBI, DHS, and NCTC to support their respective activities and to assist federal, state, local, tribal, and territorial government counterterrorism and law enforcement officials and private sector security partners in deterring, preventing, or disrupting terrorist attacks within the United States.

Joint Staff Strategic Assessment: Counter-Da’esh Influence Operations Cognitive Space Narrative Simulation Insights

October 2, 2016

When planning to deal with any adversary or potential adversaries, it is essential to understand who they are, how they function, their strengths and vulnerabilities, and why they oppose us. Events over the course of the last year and a half highlight the importance of those factors as they relate to the Islamic State of Iraq and the Levant (ISIL or Da’esh). One of Da’esh’s obvious strengths is its ability to propagate tailored messages that resonate with its audiences. If the US Government and our allies are to counter Da’esh effectively, we must attack this center of gravity.

(U//FOUO) DHS Field Analysis Report: Growing Trend of Ransomware Attacks Targeting Hospitals

September 5, 2016

The healthcare sector has been a desirable target for hackers due to the sensitive nature of patient information contained in their systems. The stakes are very high in the healthcare industry because any disruption in operations and care can have significant repercussions for patients. As such, this industry offers an ideal victim for ransomware, and these attacks are likely to continue—disrupting employee access to important documents and patient data and hampering the ability to provide critical services—creating a public safety concern.

(U//FOUO) Wisconsin Fusion Centers Bulletin: Threats Against Law Enforcement and Public Sector Personnel

August 29, 2016

Recent reporting at the local, state, and national level indicates both violence and threats of violence against law enforcement. Recently, the activity has expanded beyond law enforcement, affecting non-sworn first responders as well as public partners (such as transportation employees).

(U//FOUO) DHS-FBI Bulletin: Law Enforcement Vigilance and Caution Urged at Public and Political Events

July 30, 2016

This Joint Intelligence Bulletin (JIB) is intended to provide situational awareness concerning the domestic extremist threat to national public and political events. This JIB is provided by the FBI and DHS to support law enforcement in their respective activities and to assist federal, state, local, tribal, and territorial government counterterrorism and law enforcement officials and private sector security partners in deterring, preventing, or disrupting terrorist attacks against the United States.

DHS Critical Infrastructure 2025 Strategic Risk Assessment

July 6, 2016

This strategic risk assessment provides an overview of six distinguishable trends emerging in U.S. critical infrastructure. These trends, when combined or examined singularly, are likely to significantly influence critical infrastructure and its resiliency during the next 10 years.

DHS Healthcare Bulletin on Ransomware Attacks Against Hospitals

June 7, 2016

The Department of Homeland Security National Cybersecurity and Communications Integration Center (NCCIC) has notified the Department of Health and Human Services (HHS) of an increase in ransomware incidents at some healthcare organizations in the U.S. This Bulletin provides Healthcare and Public Health (HPH) Partners with information regarding ransomware, mitigation strategies, as well as additional materials to reference located within the HSIN HPH Cyber Threat Library.

DHS Infrastructure Report: Nuclear Reactors, Materials, and Waste Sector Cyberdependencies

May 9, 2016

The Department of Homeland Security Office of Cyber and Infrastructure Analysis (DHS OCIA) produces cyberdependency papers to address emerging risks to critical infrastructure and provide increased awareness of the threats, vulnerabilities, and consequences of those risks to the Homeland. This note informs infrastructure and cybersecurity analysts about the potential consequences of cyber-related incidents in the Nuclear Reactors, Materials, and Waste Sector and its resilience to such incidents. This note also clarifies how computer systems support infrastructure operations, how cybersecurity incidents compromise these operations, and the likely functional outcome of a compromise.

(U//FOUO) New Jersey Fusion Center: Potential Concerns for Transportation Security

May 8, 2016

The NJ ROIC currently has no specific indication of any credible specific threats to transportation facilities. However, with the rise in “self-radicalized” actor(s), and homegrown violent extremists (HVEs) influenced by ISIL and other terror groups, targeted violent attacks to any of these sectors could occur with little or no notice by an individual(s) who has not yet garnered law enforcement attention. This advisory highlights recent transportation concerns in the wake of the recent attacks in Belgium.

(U//FOUO) DHS-FBI-NCTC Bulletin: Tactics, Techniques, and Procedures Used in March 2016 Brussels Attacks

April 24, 2016

This Joint Intelligence Bulletin (JIB) is intended to provide a review of the tactics, techniques, and procedures demonstrated by the perpetrators of the 22 March 2016 attacks in Brussels, Belgium. The analysis in this JIB is based on statements by European government and law enforcement officials cited in media reporting and is subject to change with the release of official details from post-incident investigations. This JIB is provided by DHS, FBI, and NCTC to support their respective activities and to assist federal, state, local, tribal, and territorial government counterterrorism and law enforcement officials, first responders and private sector partners in deterring, preventing, preempting, or disrupting terrorist attacks against the United States.

(U//FOUO) DHS Intelligence Assessment: Damaging Cyber Attacks Possible but Not Likely Against the US Energy Sector

April 4, 2016

This Assessment establishes a baseline analysis of cyber threats to the US energy sector based on comprehensive FY 2014 incident reporting data compiled by ICS-CERT, as well as reporting by the Intelligence Community (IC), private sector cybersecurity industry, and open source media between early 2011 and January 2016. This Assessment is designed to help close gaps between the private sector’s and the IC’s understanding of current cyber threats facing the US energy sector. Critical infrastructure owners and operators can use this analysis to better understand cyber threats facing the US energy sector and help focus defensive strategies and operations to mitigate these threats. The Assessment does not include an in-depth analysis of foreign cyber doctrines or nation-state red lines for conducting cyber attacks against the United States. The information cutoff date for this Assessment is January 2016.

(U//FOUO) NCCIC/ICS-CERT Report: Ukrainian Critical Infrastructure Cyber Attack

April 4, 2016

This alert update is a follow-up to the original NCCIC/ICS-CERT Alert titled IR-ALERT-H-16-043-01P Ukrainian Power Outage Event that was published February 12, 2016, on the US-CERT secure Portal library.

Boston Fusion Center Bulletin: Terror Attacks on Entertainment Venues

April 3, 2016

Several recent incidents underline the possibility that soft targets, including entertainment venues such as bars and restaurants, are increasingly chosen over hard targets that may hold more significance to the victims and the attacking person or group. Using analysis of recent events and data from the START Global Terrorism Database, the BRIC completed the following study to raise awareness regarding the targeting of entertainment venues by violent extremist groups.

DHS Infrastructure Report: Consequences of Malicious Cyber Activity Against Seaports

March 20, 2016

Unless cyber vulnerabilities are addressed, they will pose a significant risk to port facilities and aboard vessels within the Maritime Subsector. These potential vulnerabilities include limited cybersecurity training and preparedness, errors in software, inadequately protected commercial off-the-shelf technologies and legacy systems, network connectivity and interdependencies, software similarities, foreign dependencies, global positioning system jamming-spoofing, and insider threats.

(U//FOUO) California Fusion Center: Drone Threats to Public Safety Personnel, Assets and Response

March 13, 2016

Encounters in 2015 of unauthorized unmanned aircraft systems (UAS), also known as drones, with public safety aircraft during emergency events underscore the potential threats UAS pose to response efforts—notably search-and-rescue, firefighting and police air assets—as well as the lives, property and natural resources already at risk.

Page 1 of 26

1 2 3 … 26 »