Revealed – The U.S. DoD Forensic Science Lexicon

DEPARTMENT OF DEFENSE
DoD Forensic Science Lexicon
May 27, 2018

Department of Defense Forensic Science Lexicon
Page Count: 99 pages
Date: January 2018
Restriction: None
Originating Organization: Defense Forensics and Biometrics Agency
File Type: pdf
File Size: 956,884 bytes
File Hash (SHA-256): 4C47BA0C862DB9F0E3775053480ED5715945EAEB78510D786286A554C8C2BDC1

Download File

https://info.publicintelligence.net/DoD-ForensicScienceLexicon.pdf

 

1 Introduction

The Department of Defense (DoD) performs forensic science in a collaborative environment which necessitates the clear communication of all activities and their results. A critical enabler of communication is the use of a clear, internally consistent vocabulary.

1.1 Purpose

The goal of the Department of Defense Forensics Lexicon is to provide an operational vocabulary to address Forensics. A shared vocabulary enables a common understanding of Forensics, enhances the fidelity and the utility of operational reporting, facilitates structured data sharing, and strengthens the decision making processes across the DoD.

1.2 Scope

This lexicon encompasses the broad spectrum of scientific disciplines, processes, and equipment associated with performing forensic activities. Additional terms include those related to the programmatic support domains (e.g., doctrine, policy, standards, and accreditation) which enable forensic activity within the DoD.

Excluded from this lexicon are terms and definitions that describe the various types of Improvised Explosive Devices (IEDs) and the specific components of IEDs, as those have been previously defined in other well established lexicons.

1.3 Approach

This Department of Defense Forensics Lexicon was authored by subject matter experts from key organizations and agencies engaged in the full range of forensic activities and the personnel that provide programmatic support to those experts. It was then staffed multiple times across the Defense Forensics Enterprise in order to obtain support and consensus.

Advertisements

DHS Reveals – Unmanned Aircrafts Systems Endanger Cybersecurity

Image result for cybersecurity

The Department of Homeland Security (DHS)/National Protection and Programs Directorate (NPPD)/Office of Cyber and Infrastructure Analysis (OCIA) assesses that unmanned aircraft systems (UASs) provide malicious actors an additional method of gaining undetected proximity to networks and equipment within critical infrastructure sectors. Malicious actors could use this increased proximity to exploit unsecured wireless systems and exfiltrate information. Malicious actors could also exploit vulnerabilities within UASs and UAS supply chains to compromise UASs belonging to critical infrastructure operators and disrupt or interfere with legitimate UAS operations.

 

UAS FACILITATE PHYSICAL ACCESS TO UNSECURED SYSTEMS

UASs provide malicious actors an additional method of gaining proximity to networks and equipment within critical infrastructure sectors. Malicious actors could then use the proximity provided by a UAS to wirelessly exploit unsecured systems and extract information from systems they cannot otherwise access remotely or may not be able to access due to range limitations. This includes networks and devices within secured buildings, as well as networks and devices behind fencing and walls.

UASs can also allow a malicious actor to wirelessly exploit vulnerabilities from a distance (figure 1). The prevalent ownership and operation of UASs by the general public, the distance from which UAS can be operated, and a lack of tracking data can also provide malicious actors a level of anonymity that otherwise may not be available. UASs, in particular UASs, are typically more difficult to detect than a malicious actor attempting to trespass beyond physical barriers.

UAS FOR WIRELESS SYSTEM EXPLOITATION

Malicious actors could utilize UASs in order to wirelessly exploit access points and unsecured networks and devices. This can include using UASs in order to inject malware, execute malicious code, and perform man-in-the-middle attacks. UASs can also deliver hardware for exploiting unsecured wireless systems, allowing malicious actors persistent access to the wireless system until the hardware is detected or runs out of power. While OCIA does not know of a confirmed incident utilizing UASs to exploit wireless systems, researchers have demonstrated this capability.

MALICIOUS ACTORS CAN EXPLOIT COMPROMISED UAS

While UASs can be used as a tool for an attacker, they are also vulnerable to exploitation. Many commercial UAS variations, for example, currently communicate with ground stations and operators using unencrypted feeds. This can allow a malicious actor to intercept and review data sent to and from the UAS.

 

Counterterrorism Weekly – A New Media Presented

Image result for counterterrorism center

NATIONAL COUNTERTERRORISM CENTER
(U//FOUO) NCTC Counterterrorism Weekly Open Source Digest December 2018
December 24, 2018

Counterterrorism Weekly 6-18 December 2018
Page Count: 18 pages
Date: December 12, 2018
Restriction: For Official Use Only
Originating Organization: National Counterterrorism Center
File Type: pdf
File Size: 1,684,886 bytes
File Hash (SHA-256): 5DB3EF6875E67FA136A736986BC4F476BD2DA0DBCDC4DD30A0DB7241449EC7B1

Download File

https://info.publicintelligence.net/NCTC-CounterterrorismWeekly-121218.pdf

(U) Terrorist Profile: Former Jordanian ISIS Official Sa’d Al-Hunayti

(U) Jordanian national Sa’d al-Hunayti was a leading member of the Jihadist Salafi movement in Jordan before he traveled to Syria and joined Nusrah Front then ISIS. Hunayti was ultimately arrested by Hayat Tahrir al-Sham (HTS) for reportedly being a leader in ISIS-run secret cells in Idlib Province, Syria, that planted IEDs and conducted kidnappings and assassinations in northwest Syria.

Related image

 

(U) During the 1980s, Hunayti studied history at Yarmouk University in north Jordan and was suspended twice for “his political positions.” During this period, he was influenced by Sayyid Qutb’s idea of “governance,” according to Dr. Muhammad Abu-Rumman, a Jordanian researcher who specializes in Political Thought and Islamic Movements. (Sayyid Qutb was the Spotlight topic in the 23 May 2018 issue of this publication.)

(U) In 2011, Hunayti was arrested by Jordanian security forces after demonstrations in Al Zarqa that called for governmental and constitutional reforms. The protests were led by the Islamist movement, which dominated the political opposition, and by the popular protest movement, which encompassed numerous pro-reform organizations. Hunayti was released from Jordanian custody in October 2013.

(U) In April 2014, Hunayti traveled to Syria at the behest of senior Salafi Jihadi ideologue Abu-Muhammad al-Maqdisi to mediate between Nusrah Front and ISIS during their clashes in Deir az-Zour. Bassam al-Nu’aymi, an activist in the Jihadist Salafi movement in Jordan, said that after the failure of his reconciliation initiative, Hunayti received an offer from Nusrah Front leader Abu-Muhammad al-Jawlani to become a Sharia judge and head of the courthouse in northern Syria. The judicial branch faced controversy due to suspicious verdicts, leading to tensions with the Nusrah Front leadership that Hunayti viewed as hindering his “implementation of sharia.”

(U) Telegram Suspends Thousands of Violent Jihadist Accounts

Related image

(U) On 6 December, the Telegram messaging app suspended over 3,000 “terrorist” accounts. Telegram’s daily report on the “terrorist” accounts it blocks usually cites an average of 200-300 take-downs per day, but this rose to 507 on 5 December and significantly jumped to 3,276 on 6 December.

■ (U) Telegram’s “ISIS Watch” initiative to block channels with “terrorist content” was launched in 2016 after the company came under pressure over the number of violent jihadists operating on its platform. The ISIS Watch channel provided daily and monthly totals for its account suspensions.

■ (U) The Telegram cull followed a recent effort by ISIS to beef up its presence on the platform. ISIS operated a network of multiple channels and groups on Telegram under the “Nashir news agency” brand.

■ (U) Since 12 November, Nashir started advertising a flurry of new Telegram groups to complement its already swelling number of channels, enhancing the overall number of ISIS outlets on the platform.

■ (U) The measure of having dozens of mirror accounts, so far unique to ISIS, was designed to mitigate the impact of take-downs on the group’s media operation. So when 10 or 50 accounts are suspended, other duplicate accounts are still active.

■ (U) In November 2017, Nashir claimed to be operating 600 duplicate channels and groups. While this might have been an exaggerated figure, the group indeed has dozens of active accounts on Telegram. (BBC)

JCAT: (U//FOUO) The desire for and reliance on terrorists and their supporters to communicate electronically with like-minded individuals provides potential investigative avenues through human operations, outreach, and targeting analysis. While a subject’s communications can be anonymized or encrypted, often their participation in online forums, chat rooms, and initial contact with others may not be, providing a window for discovering trends and methods in terrorist COMSEC. (JCAT)

Mexican Drug Cartels & Their U.S. Affiliates Exposed

Cross-border gangs play a unique role in the illicit transfer of people and goods across the southwest border. According to law enforcement reporting. Mexican cartels utilize US gangs to smuggle drugs and illegal aliens northbound. and smuggle cash. stolen automobiles. and weapons southbound. US gangs often freelance their work and seek profit-making opportunities with multiple cartels.

(U) Note: The drug cartel boundaries represent a generalized picture of territories and disputed areas in Mexico. The primary focus of this map is to demonstrate the gangs and their Mexican criminal affiliations, rather than the specific areas of cartel operations.

 

 

 

Analysis of Chinese Investments in the USA

Image result for yuan

Once hardly noticeable, Chinese investments in U.S. companies are now rising sharply. Cumulative Chinese investments in U.S. companies remain modest compared to those of other major countries. However, a combination of “push and pull” factors are moving China’s annual investment levels closer to levels consistent with China’s current economic stature.

First, the Chinese government has made a conscious decision to diversify its foreign currency assets into hard assets. This has led to the creation of sovereign wealth funds that make portfolio investments in U.S. equities, private firms, and real estate.

Second, the Chinese government has altered its policy guidance toward foreign direct investment (FDI). Whereas it previously encouraged investments almost exclusively toward energy and resource acquisition in developing countries, it now also encourages investments in advanced countries. The government’s goals for these investments include securing energy and mineral resources and acquiring advanced technologies in industries where China wishes to leapfrog existing competitors.

Third, U.S. state governments and, to a lesser extent, the federal government are vigorously trying to attract Chinese greenfield investments in the hope of creating jobs and jump-starting local economies.

Fourth, Chinese investments are being drawn to the United States by the availability of financially weak firms, some of which possess potentially useful technologies for China.

Fifth, some firms that are already competitive with U.S. producers are investing to enhance their U.S. market shares or in response to trade remedies proceedings against unfair trade practices, such as Chinese subsidies.

Economic Benefits

On an aggregate basis, the economic benefits of Chinese investments in the United States have been modest. The precise benefit is difficult to measure due to the convoluted ownership structures of many Chinese investments and the time lags in official U.S. data. Still, based on a combination of official and private data, it is reasonable to conclude that jobs in Chinese-owned companies in the United States increased by 10,000 to 20,000 workers during the past five years.

While hardly significant relative to overall U.S. employment and even to jobs in other countries’ U.S. affiliates, any job creation is welcome given continued slackness in the U.S. labor market.

Chinese FDI in U.S. companies has helped stabilize some financially troubled firms. Portfolio investments by sovereign wealth funds also have helped the economy by solidifying the financial system and providing liquidity to certain property markets.

Chinese investments have occurred in all U.S. regions and in many sectors. According to one private data source, they have been especially prominent since 2007 in the Southwest, Great Lakes, Southeast, and Far West regions, and in the fossil fuels and chemicals, industrial machinery, and information technology industries. According to another private source, as well as government data, the financial sector is also a major recipient of Chinese FDI.

Policy Challenges

These welcome, though still modest, economic benefits are counterbalanced by policy challenges tied to Chinese FDI. First, U.S. affiliates of Chinese companies are not pure market actors and may be driven by state goals, not market forces. China’s outward investments are dominated by state-owned and state-controlled enterprises (SOEs). These entities are potentially disruptive because they frequently respond to policies of the Chinese government, which is the ultimate beneficial owner of U.S affiliates of China’s SOEs. Likewise, the government behaves like an owner, providing overall direction to SOE investments, including encouragement on where to invest, in what industries, and to what ends.

Second, SOEs may have unfair advantages relative to private firms when competing to purchase U.S. assets. SOEs benefit from substantial subsidies in China and their investments in developing countries also receive ample financial support from the national and sub-national governments, state-owned financial institutions and local governments. Government pronouncements out of China suggest that investments in the United States and other advanced countries will also receive ample financial support. This raises the possibility that Chinese largesse could determine market outcomes for purchases of U.S. businesses.

Third, an increased SOE presence may be harmful to the U.S. economy. In China, SOEs are a major force but as a group they are less efficient and profitable than private firms. To the extent that SOEs purchase U.S. companies on the basis of artificial advantages and operate inefficiently, they may not be beneficial to long-term U.S. economic performance.

Fourth, Chinese investments will create tensions related to economic security and national security if they behave in accordance with China’s industrial policy as articulated in the 12th Five Year Plan, government pronouncements, and official investment guidance. China’s current policy guidance directs firms to obtain leapfrog technologies to create national champions in key emerging industries, while investment guidance encourages technology acquisition, energy security, and export facilitation. Based on this juxtaposition, some will conclude that Chinese FDI in the United States is a potential Trojan horse. Indeed, this study describes three investments in new energy products after which production utilizing the desired technology was shifted to China.
Other Findings

U.S. data collection efforts related to FDI are substantial. However, they likely undercount Chinese FDI due to the complicated ownership structures of many Chinese investments. Moreover, although Chinese-owned companies report their data to the U.S. government, many data points are not publically disclosed due to standard U.S. reporting procedures that protect the identities of individual firms. This issue will resolve itself in the coming years if Chinese FDI grows as expected because limits on disclosure will no longer apply.

The United States is relatively open toward FDI, though there are some sectoral restrictions and a national security review undertaken by the Committee on Foreign Investment in the United States (CFIUS). There are a host of laws that subject foreign investors to rules on antitrust, foreign corrupt practices, and trade in arms and sensitive technology products. However, there is no procedure that explicitly considers issues related to economic security, one of the major concerns about Chinese FDI.

Portfolio investments in equities fall under the purview of the Securities and Exchange Commission (SEC). SEC disclosure requirements and practical considerations make it highly unlikely that Chinese SOEs could successfully collude to accumulate significant equity positions in important U.S. firms.

Reverse mergers offer a back door into U.S. capital markets but are not an effective way to acquire important U.S. assets. Indeed, the target of a reverse merger is typically a shell company devoid of meaningful assets. This technique is typically used by private firms that have difficulty accessing capital in China or by provincial SOEs trying to support restructuring efforts in China. There is no indication that any major SOE has used or plans to use this technique to enter the U.S. capital market.

The Chinese legal and regulatory framework for outward FDI requires approvals by three agencies at sub-national and/or national levels. For SOEs, the primary gatekeeper is the State-owned Assets Supervision and Administration Commission (SASAC), though for some investments approval from the State Council is required. The process is widely considered to be cumbersome and is being reformed to facilitate outward FDI.

 

Revealed – The U.S. Army in Multi-Domain Operations

1. Purpose: From Multi-Domain Battle to Multi-Domain Operations. TRADOC Pamphlet 525-3-1, The U.S. Army in Multi-Domain Operations 2028 expands upon the ideas previously explained in Multi-Domain Battle: Evolution of Combined Arms for the 21st Century. It describes how the Army contributes to the Joint Force’s principal task as defined in the unclassified Summary of the National Defense Strategy: deter and defeat Chinese and Russian aggression in both competition and conflict. The U.S. Army in Multi-Domain Operations concept proposes detailed solutions to the specific problems posed by the militaries of post-industrial, information-based states like China and Russia. Although this concept focuses on China and Russia, the ideas also apply to other threats.

2. The problem.

a. Emerging operational environment. Four interrelated trends are shaping competition and conflict: adversaries are contesting all domains, the electromagnetic spectrum (EMS), and the information environment and U.S. dominance is not assured; smaller armies fight on an expanded battlefield that is increasingly lethal and hyperactive; nation-states have more difficulty in imposing their will within a politically, culturally, technologically, and strategically complex environment; and near-peer states more readily compete below armed conflict making deterrence more challenging. Dramatically increasing rates of urbanization and the strategic importance of cities also ensure that operations will take place within dense urban terrain. Adversaries, such as China and Russia, have leveraged these trends to expand the battlefield in time (a blurred distinction between peace and war), in domains (space and cyberspace), and in geography (now extended into the Strategic Support Area, including the homeland) to create tactical, operational, and strategic stand-off. For the purpose of this document, Russia serves as the pacing threat. In fact, Russia and China are different armies with distinct capabilities, but assessed to operate in a sufficiently similar manner to orient on their capabilities collectively.

b. China and Russia in competition. In a state of continuous competition, China and Russia exploit the conditions of the operational environment to achieve their objectives without resorting to armed conflict by fracturing the U.S.’s alliances, partnerships, and resolve. They attempt to create stand-off through the integration of diplomatic and economic actions, unconventional and information warfare (social media, false narratives, cyber attacks), and the actual or threatened employment of conventional forces. By creating instability within countries and alliances, China and Russia create political separation that results in strategic ambiguity reducing the speed of friendly recognition, decision, and reaction. Through these competitive actions, China and Russia believe they can achieve objectives below the threshold of armed conflict.

c. China and Russia in armed conflict. In armed conflict, China and Russia seek to achieve physical stand-off by employing layers of anti-access and area denial systems designed to rapidly inflict unacceptable losses on U.S. and partner military forces and achieve campaign objectives within days, faster than the U.S. can effectively respond. Over the last twenty-five years, China and Russia invested in and developed a systematic approach to “fracture” AirLand Battle by countering the Joint Force’s increasingly predictable use of time-phased and domain-federated operational approaches in armed conflict. The resulting anti-access and area denial systems create strategic and operational stand-off that separates the elements of the Joint Force in time, space, and function. Moreover, both China and Russia are continuing to improve these anti-access and area denial systems and are proliferating the associated technologies and techniques to other states. The Joint Force has not kept pace with these developments. It is still designed for operations in relatively uncontested environments that allow for sequential campaigns based on predictable approaches that assume air and naval supremacy: extensive shaping with air and naval strikes before the final destruction of severely degraded enemy forces through joint combined arms operations.

3. Conducting Multi-Domain Operations.

a. Central idea. Army forces, as an element of the Joint Force, conduct Multi-Domain Operations to prevail in competition; when necessary, Army forces penetrate and dis-integrate enemy anti-access and area denial systems and exploit the resultant freedom of maneuver to achieve strategic objectives (win) and force a return to competition on favorable terms.

b. Tenets of the Multi-Domain Operations. The Army solves the problems presented by Chinese and Russian operations in competition and conflict by applying three interrelated tenets: calibrated force posture, multi-domain formations, and convergence. Calibrated force posture is the combination of position and the ability to maneuver across strategic distances. Multi-domain formations possess the capacity, capability, and endurance necessary to operate across multiple domains in contested spaces against a near-peer adversary. Convergence is rapid and continuous integration of capabilities in all domains, the EMS, and information environment that optimizes effects to overmatch the enemy through cross-domain synergy and multiple forms of attack all enabled by mission command and disciplined initiative. The three tenets of the solution are mutually reinforcing and common to all Multi-Domain Operations, though how they are realized will vary by echelon and depend upon the specific operational situation.

c. Multi-Domain Operations and strategic objectives. The Joint Force must defeat adversaries and achieve strategic objectives in competition, armed conflict, and in a return to competition. In competition, the Joint Force expands the competitive space through active engagement to counter coercion, unconventional warfare, and information warfare directed against partners. These actions simultaneously deter escalation, defeat attempts by adversaries to “win without fighting,” and set conditions for a rapid transition to armed conflict. In armed conflict, the Joint Force defeats aggression by optimizing effects from across multiple domains at decisive spaces to penetrate the enemy’s strategic and operational anti-access and area denial systems, dis-integrate the components of the enemy’s military system, and exploit freedom of maneuver necessary to achieve strategic and operational objectives that create conditions favorable to a political outcome. In the return to competition, the Joint Force consolidates gains and deters further conflict to allow the regeneration of forces and the re-establishment of a regional security order aligned with U.S. strategic objectives.