Department of Homeland Security, Federal Bureau of Investigation, National Counterterrorism Center

(U//FOUO) DHS-FBI-NCTC Bulletin: Attacks on Mosques in Christchurch, New Zealand May Inspire Supporters of Violent Ideologies

This Joint Intelligence Bulletin (JIB) is intended to provide information on Australian national and violent extremist Brenton Tarrant’s 15 March 2019 attacks on two mosques in Christchurch, New Zealand. These attacks underscore the enduring nature of violent threats posed to faith-based communities. FBI, DHS, and NCTC advise federal, state, local, tribal, and territorial government counterterrorism and law enforcement officials and private sector security partners responsible for securing faith-based communities in the Homeland to remain vigilant in light of the enduring threat to faith-based communities posed by domestic extremists (DEs), as well as by homegrown violent extremists (HVEs) who may seek retaliation.

Read more →

Federal Bureau of Investigation

FBI Cyber Bulletin: Spearphishing Campaigns Against Students at Multiple Universities

The FBI has identified successful spearphishing campaigns directed at college and university students, especially during periods when financial aid funds are disbursed in large volumes. In general, the spearphishing emails request students’ login credentials for the University’s internal intranet. The cyber criminals then capture students’ login credentials, and after gaining access, change the students’ direct deposit destination to bank accounts within the threat actor’s control.

Read more →

U.S. Army

U.S. Army Future Warfare Division White Paper: Operationalizing Robotic and Autonomous Systems in Support of Multi-Domain Operations

Robotic and Autonomous Systems (RAS) and artificial intelligence (AI) are fundamental to the future Joint Force realizing the full potential of Multi-Domain Operations (MDO 1.5). These systems, in particular AI, offer the ability to outmaneuver adversaries across domains, the electromagnetic (EM) spectrum, and the information environment. The employment of these systems during competition allows the Joint Force to understand the operational environment (OE) in real time, and thus better employ both manned and unmanned capabilities to defeat threat operations meant to destabilize a region, deter escalation of violence, and turn denied spaces into contested spaces. In the transition from competition to armed conflict, RAS and AI maneuver, fires, and intelligence, surveillance, and reconnaissance (ISR) capabilities provide the Joint Force with the ability to deny the enemy’s efforts to seize positions of advantage.

Read more →

Federal Bureau of Investigation

(U//FOUO) FBI Active Shooter Incidents and Mass Killings In Schools 2000-2017

The number of active shooter incidents in schools (ASIS) has remained steady over the past 18 years, with an average of 2.8 shootings per year. ASIS are most likely to happen at the high school level or higher (37 out of 52). The average deaths from ASIS was 7.4; however, this includes the 2007 Virginia Tech shooting and the 2012 Sandy Hook Elementary School shooting, where 32 and 26 people died, respectively. Most of the deaths from ASIS resulted during incidents that met the threshold for a mass killing (81 percent).

Read more →

China, Czech Republic

Czech Republic National Cyber and Information Security Agency Warning on Huawei and ZTE

The legal and political environment of the People’s Republic of China (“PRC”) in which the companies primarily operate and whose laws are required to comply with, requires private companies to cooperate in meeting the interests of the PRC, including participation in intelligence activities etc. At the same time, these companies usually do not refrain from such cooperation with the state; in this environment, efforts to protect customers’ interests at the expense of the interests of the PRC are significantly reduced. According to available information, there is an organizational and personal link between these companies and the state. Therefore, this raises concerns that the interests of the PRC may be prioritized over the interests of the users of these companies’ technologies.

Read more →

Federal Bureau of Investigation

FBI Behavioral Analysis Unit’s Key Findings in October 2017 Las Vegas Mass Shooting

On October 1, 2017, over 22,000 people gathered for a music festival at a 15-acre, open-air concert venue in Las Vegas, Nevada. On the final night of the festival, Stephen Craig Paddock opened fire into the crowd from the 32nd floor of the Mandalay Bay Resort and Casino. The gunfire started around 10:05 p.m. and continued for approximately eleven minutes, with Paddock firing over 1,000 rounds. Fifty-eight persons were killed and several hundred more were injured. As responding law enforcement officers assembled in the hallway outside of his hotel room, Paddock committed suicide.

Read more →

Department of Homeland Security, Mexico

(U//FOUO) DHS Guide: Cross-Border Gangs and their Mexican Drug Cartel Affiliations

Cross-border gangs play a unique role in the illicit transfer of people and goods across the southwest border. According to law enforcement reporting. Mexican cartels utilize US gangs to smuggle drugs and illegal aliens northbound. and smuggle cash. stolen automobiles. and weapons southbound. US gangs often freelance their work and seek profit-making opportunities with multiple cartels.

Read more →

U.S. Army

The U.S. Army in Multi-Domain Operations 2028

From Multi-Domain Battle to Multi-Domain Operations. TRADOC Pamphlet 525-3-1, The U.S. Army in Multi-Domain Operations 2028 expands upon the ideas previously explained in Multi-Domain Battle: Evolution of Combined Arms for the 21st Century. It describes how the Army contributes to the Joint Force’s principal task as defined in the unclassified Summary of the National Defense Strategy: deter and defeat Chinese and Russian aggression in both competition and conflict. The U.S. Army in Multi-Domain Operations concept proposes detailed solutions to the specific problems posed by the militaries of post-industrial, information-based states like China and Russia. Although this concept focuses on China and Russia, the ideas also apply to other threats.

Read more →

National Counterterrorism Center

(U//FOUO) NCTC Counterterrorism Weekly Open Source Digest December 2018

Counterterrorism Weekly is an UNCLASSIFIED//FOR OFFICIAL USE ONLY compilation of open source publicly available press and relevant commentary on issues related to terrorism and counterterrorism over the past seven days. It is produced every Wednesday, excluding holidays. Counterterrorism Weekly is produced by the National Counterterrorism Center and contains situational awareness items detailing ongoing terrorism-related developments which may be of interest to Federal, State, Local and Tribal Law Enforcement, security, military personnel, and first responders. Information contained in the Counterterrorism Weekly is subject to change as a situation further develops.

Read more →

Florida

Marjory Stoneman Douglas High School Shooting Public Safety Commission Draft Report

On February 14, 2018, fourteen students and three staff members at the Marjory Stoneman Douglas High School in Parkland Florida were fatally shot and seventeen others were wounded, in one of the deadliest school massacres in United States’ history. The gunman Nikolas Cruz, age 19 at the time of the incident, was a former student of Marjory Stoneman Douglas High School. Cruz was a troubled child and young adult who displayed aggressive and violent tendencies as early as 3-years-old. Cruz struggled in academics and attended several schools. There are reports of behavioral issues at all of the schools he attended. He was under the care of mental health professionals from age 11 until he turned age 18 and refused further services. At 2:19 p.m. on February 14, 2018, Cruz exited an Uber ride sharing service at Marjory Stoneman Douglas High School armed with a rifle and several hundred rounds of ammunition concealed in a rifle bag. He entered the school through an unstaffed gate that had been opened for school dismissal and made his way towards building 12 on the North side of campus. He entered the east side of building 12 through an unlocked and unstaffed door. He made his way through all three floors firing into classrooms and hallways and killing or wounding 34 individuals. He exited building 12 and ran across campus, blending in with students evacuating. Cruz was apprehended approximately 1 hour and 16 minutes after the first shots and charged with 17 counts of premeditated murder and 17 counts of attempted murder.

Read more →

Drug Enforcement Administration

(U//LES) DEA Bulletin: Fake Xanax Tablets Containing Cyclopropylfentanyl, Methamphetamine, and FUB-AKB48

The increasing demand for opioids in the United States coupled with the availability of fentanyl presents a significant public health risk and negatively impacts officer safety. In 2018, the Arizona High Intensity Drug Trafficking Area (HIDTA) Counter Narcotics Alliance (CNA) task force seized tablets that appeared to be Xanax but actually contained a combination of cyclopropylfentanyl, methamphetamine, and a synthetic cannabinoid chemical.

Read more →

U.S. Army

Domestic Operational Law Handbook for Judge Advocates 2018

The Domestic Operational Law (DOPLAW) Handbook for judge advocates is a product of the Center for Law and Military Operations (CLAMO). The content is derived from statutes, Executive Orders and Directives, national policy, DoD Directives and Instructions, joint publications, service regulations, field manuals, as well as lessons learned by judge advocates and other practitioners throughout Federal and State government. This edition includes substantial revisions.

Read more →

Office of the Director of National Intelligence

Director of National Intelligence Cyber Threats to Elections Lexicon

This reference aid draws on CTIIC’s experience promoting interagency situational awareness and information sharing during previous significant cyber events—including cyber threats to elections. It provides a guide to cyber threat terms and related terminology issues likely to arise when describing cyber activity. The document includes a range of cyber-specific terms that may be required to accurately convey intelligence on a cyber threat event and terms that have been established by relevant authorities regarding technical infrastructure for conducting elections.

Read more →

Federal Bureau of Investigation

FBI Study: Pre-Attack Behaviors of Active Shooters in the U.S. 2000-2013

In 2017 there were 30 separate active shootings in the United States, the largest number ever recorded by the FBI during a one-year period.1 With so many attacks occurring, it can become easy to believe that nothing can stop an active shooter determined to commit violence. “The offender just snapped” and “There’s no way that anyone could have seen this coming” are common reactions that can fuel a collective sense of a “new normal,” one punctuated by a sense of hopelessness and helplessness. Faced with so many tragedies, society routinely wrestles with a fundamental question: can anything be done to prevent attacks on our loved ones, our children, our schools, our churches, concerts, and communities?

Read more →

U.S. Army

Restricted U.S. Army Space Operations Manual

FM 3-14, Army Space Operations, provides an overview of space operations in the Army and is consistent and compatible with joint doctrine. FM 3-14 links Army space operations doctrine to joint space operations doctrine as expressed in JP 3-14, Space Operations and other joint doctrinal publications. This FM establishes guidance for employing space and space-based systems and capabilities to support United States (U.S.) Army land warfighting dominance. It provides a general overview of overhead support to Army operations, reviews national guidance and direction, and outlines selected unique space-related Army capabilities. The doctrine in this manual documents Army thought for the best use of space capabilities. This manual also contains tactics and procedures outlining how to plan, integrate, and execute Army space operations.

Read more →

Canada

Defence Research and Development Canada Report: Potential Applications of Blockchain Technology in Tactical Networks

Awareness of blockchain has soared in recent years with the emergence of cryptocurrencies, but the technology has existed for much longer. The linking of blocks, containing cryptographic functions of transactions and data, means that tampering with their contents becomes increasingly difficult as the chain grows – this concept was exploited for document timestamping applications more than a decade before cryptocurrencies became reality. In many implementations, blocks are confirmed by, and stored at, many nodes in different locations, providing a high degree of data integrity. There are, however, many challenges for applying blockchain technologies in tactical networks, particularly due to the constraints of the platforms, the limited bandwidth available among them, and the impact of network partitioning. In this report, the development and principles of blockchains are presented, along with an overview of their weaknesses and vulnerabilities.

Read more →

Office of the Director of National Intelligence

National Counterintelligence and Security Center Report: Foreign Economic Espionage in Cyberspace

In the 2011 report to Congress on Foreign Spies Stealing U.S. Economic Secrets in Cyberspace, the Office of the National Counterintelligence Executive provided a baseline assessment of the many dangers facing the U.S. research, development, and manufacturing sectors when operating in cyberspace, the pervasive threats posed by foreign intelligence services and other threat actors, and the industries and technologies most likely at risk of espionage. The 2018 report provides additional insight into the most pervasive nation-state threats, and it includes a detailed breakout of the industrial sectors and technologies judged to be of highest interest to threat actors. It also discusses several potentially disruptive threat trends that warrant close attention.

Read more →

China, Federal Bureau of Investigation

FBI Cyber Bulletin: Identified Qakbot Malware Variant Found on Thumb Drive Manufactured in China

In March 2018, an identified financial services corporation received a thumb drive infected with the bank credential-stealing Qakbot malware variant, targeting information from networked computers and financial institution web sites. The financial services corporation purchased bulk thumb drives from a US online retailer of computer hardware. The thumb drives were originally manufactured in China. According to FBI forensic analysis, the Qakbot malware was on the infected thumb drive before the drive arrived in the United States. Qakbot is extremely persistent and requires removal of all malware from every device. Failure to remove even one node of malware may result in re-infecting previously sanitized systems possibly costing the victim hundreds of thousands of dollars in malware removal and system downtime.

Read more →

Nevada

Las Vegas Metropolitan Police Department October 2017 Mass Shooting Final Report

As Engineer Schuck walked up the hallway of the 100 Wing, he observed Security Officer Campos poke his head out of an alcove. Engineer Schuck then heard rapid gunfire coming from the end of the 100 Wing hallway that lasted approximately 10 seconds. When the gunfire stopped, he heard Security Officer Campos tell him to take cover. Engineer Schuck stepped into an alcove and gunfire again erupted down the hallway coming from Room 32-135. The gunfire lasted a few seconds then stopped. The gunfire started again after a brief pause, but Engineer Schuck believed it was directed outside and not down the hallway. Meanwhile, inside the Las Vegas Village over 50 Las Vegas Metropolitan Police Department (LVMPD) personnel were on overtime assignments for the Route 91 Harvest music festival being held at the Las Vegas Village venue. The initial gunshots were heard on an officer’s body worn camera (BWC). As the suspect (Stephen Paddock) targeted the concertgoers with gunfire, officers quickly determined they were dealing with an active shooter and broadcast the information over the radio.

Read more →

Department of Energy

Department of Energy Assessment of Electricity Disruption Incident Response Capabilities

Electricity is critical to every aspect of modern life. The United States’ national security, economy, and public health and safety rely on the North American electric grid every second of the day. These, and many other functions powered by the grid have likely experienced local outages caused by weather, accidents, or sometimes from tree branches falling on power lines. Larger power outages, however, are infrequent occurrences, due in part to an array of organizations that work tirelessly to ensure the grid remains reliable, resilient, and secure. Nonetheless, it is neither practical nor possible to prevent all disruptive events. Grid owners and operators balance risk, investment, and cost to customers when making investments in their systems.

Read more →