The Asymmetric Warfare Group (AWG) supported the Johns Hopkins University Applied Physics Laboratory (JHU/APL) to break down the wonder of Russian private military organizations (PMCs), the situations under which they would matter to U.S. Armed force move commandants, and whether they comprise a one of a kind danger to U.S. furthermore, accomplice powers.
The essential crowd for this investigation is U.S. Armed force move administrators and their staffs, yet the discoveries and experiences ought to likewise be valuable for anybody in the U.S. public security and protection networks worried about deviated activities of the Russian Federation around the globe. To begin with, this examination presents key discoveries from profound jump exploration and investigation on Russian PMCs introduced in the supplement. It tends to their utilizations, hardware, preparing, faculty, state contribution, legitimate issues, and other related subjects. Second, these discoveries are utilized to advise a scientific model to investigate the operational difficulties and contemplations Russian PMCs could present to U.S. Armed force move officers.
Primary concern Up Front: Russian PMCs are utilized as a power multiplier to accomplish targets for both government and Russia-adjusted private interests while limiting both political and military expenses. While Moscow keeps on considering the to be of Russian PMCs as helpful, their utilization likewise presents a few weaknesses that present both operational and key dangers to Russian Federation targets.
Well disposed Regime Support: Russian administrators see Russian PMCs as an instrument to prop up benevolent systems under danger of breakdown or ouster. Russian PMCs work:
• Alongside and installed with well disposed state militaries.
• With non-state outfitted gatherings in hostile battle tasks.
Hostile Role: While likewise utilized for help undertakings more ordinary of military and security temporary workers, Russian PMCs have had an articulated part in hostile battle tasks.
Moving Control: The order and control (C2) of Russian PMCs isn’t steady in all operational settings.
• Sometimes Russian PMCs fall under the C2 of the Russian Ministry of Defense (MoD) or Russian insight offices.
• At different occasions, PMCs fall under the C2 of accomplice governments or adjusted private interests.
Conflicting Capabilities: The nature of staff and materiel empowering Russian PMCs is conflicting. Russian PMC capacities in faculty, preparing, and hardware have all the earmarks of being more noteworthy when a PMC is firmly lined up with state uphold from the Russian MoD.
Casual by Design: Despite administrative endeavors to authorize PMCs, Russian law proceeds to officially prohibit their creation and bars people from going along with them under enemy of hired soldier laws. Notwithstanding, Russian pioneers utilize this legitimate denial to carefully control some PMCs (e.g., the specific capture of PMCs who may introduce homegrown security or political dangers), not to keep PMCs from working.
Weaknesses: The utilization of Russian PMCs presents new operational and key dangers to Moscow. Confidence in Russian PMC units in high-hazard missions seems fragile. Despite the fact that their utilization gives political insurance from the optics of high Russian MoD setbacks, both Russian PMC losses and their get back make novel political and homegrown security hazards. Their utilization additionally confuses interior system legislative issues in Moscow, making rivalry between the MoD and private values that can endanger tasks (see the reference section: Syria). At long last, the equivocalness of operational control and dynamic over Russian PMCs frees Moscow up to the danger of being considered dependable by the global network for activities taken by Russian PMCs under the order of different interests.
Operational Challenges and Considerations Presented by Russian PMCs
Main concern Up Front: Russian PMCs don’t represent a special strategic danger—other state and non-state entertainers are comparably skilled. In any case:
• PMCs can work over the contention continuum and present the United States with predicaments at all degrees of war.
• Challenges Russian PMCs could present in noncombatant departure tasks (NEOs) and peacekeeping activities (PKOs) merit cautious thought
Most Dangerous Scenario: The most hazardous situation including a Russian PMC is one where a U.S. Armed force detachment could experience a state-upheld, contingent strategic gathering (BTG)- like substance with cutting edge weapons, forefront empowering influence advances, and skill:
• With an elevated level of Russian state uphold, a Russian PMC in Syria had the option to work as a semi BTG; it directed fundamental joined arms activities with infantry, reinforcement, and ordnance.
• With the guide of Russian help and powers, separatists in eastern Ukraine led consolidated arms tasks and was exceptionally capable at empowering incorporation, especially data activities (IO), electronic fighting (EW), and automated elevated frameworks (UAS).
In all probability Scenarios: Russian state-upheld PMC activities pointed toward disturbing U.S. tasks during emergency reaction or restricted possibility activities. PMCs may execute the accompanying:
• Occupy potential departure destinations or other key landscape during a NEO.
• Ally with neighborhood entertainers in PKO to give weapons and preparing to bunches contradicted to U.S. activities.
• Provide different types of help, including knowledge and keeping up impact in a given zone.
Other Potential Scenarios: Less serious situations exist where Russian PMCs could look to contend with and sabotage U.S. impact with neighborhood specialists and regular citizens.
Russian PMCs are known, affirmed, and associated with being available and working in various nations across eastern and focal Europe, the Middle East, Africa, and somewhere else. This addendum subtleties accessible data concerning Russian PMC exercises in known or suspected AOs to illuminate the examination contained in the body of this report.
Syria, Ukraine, the CAR, and Sudan are talked about top to bottom, enumerating the utilizations and different credits of Russian PMCs in each AO. Different AOs talked about finally are Yemen, Libya, Nigeria, and Venezuela. Different nations where Russian PMCs are claimed to have worked are likewise referenced and quickly talked about.
Unmistakable Intervention in Syria
The appearance of the Russian Federation’s conventional military inclusion in September 2015 started noteworthy development in the hostile utilization of Russian PMCs in Syria and focused a more splendid light on the activities of Wagner, which served a function in Ukraine up until that point that was more enthusiastically for eyewitnesses to recognize from different entertainers in the contention. Russian PMCs were dynamic in Syria a long time before Russia’s proper intercession—Wagner since fall 2014 or earlier,190 and the Slavonic Corps in 2013. Notwithstanding, the proper utilization of power brought a flood of Russian PMC faculty and started a period interspersed by a few fights where Russian PMCs assumed a huge job—essentially Wagner, on occasion passing by the name “OSM” as indicated by some press reports.
In late 2013, Ukraine was required to consent to an affiliation arrangement with the European Union (EU). Notwithstanding, this would have blocked the nation from participation in the Russia-drove Eurasian Economic Union (EEU), so Moscow forced heightening monetary backlashes and dangers on Kyiv, to the point that Ukrainian President Viktor Yanukovych declared an unexpected inversion. The declaration started the Euromaidan development—a long arrangement of favorable to Western, against Russian fights and conflicts from late 2013 to mid 2014 in Kyiv and across western Ukraine—which, in spite of endeavors by Moscow, eliminated Yanukovych from office. Russia reacted with military activities to attack and addition the Crimean Peninsula and backing dissident powers in eastern Ukraine.
Asserted Use on the Crimean Peninsula
In late February 2014, Russian unique powers work force in plain outfits showed up in Crimea and assumed responsibility for certain administration, air terminal, and different offices. Metaphorically alluded to as “amiable individuals” or “minimal green men,” these formally unattributed powers worked close by other military arrangements to immobilize Ukrainian powers and inevitably assume full responsibility for the landmass. A few open source reports charge that RussianPMCs took an interest in the activities prompting the addition of Crimea (explicitly an early cycle of Wagner that was at the time a casual gathering of Slavonic Corps leftovers with local people and others). By and by, the degree or veracity of a Russian PMC function in the intrusion of Crimea isn’t affirmed, and there gives off an impression of being no immediate proof accessible to check these cases. Russian Cossack units, notwithstanding, assumed a plain function in the occupation as battling powers, monitors at checkpoints, and road implementation to smother fights.
There are a few different nations where Russian PMCs are suspected to be available and working in some limit. Nonetheless, data concerning their utilizations, destinations, and different subtleties is scant. Moreover, separating whether such organizations are working as PSCs in the open market for power, or in the event that they are satisfying any Russian Federation international strategy or security goals, is muddled.
Global intelligence agencies looking into the origins of COVID-19 have found two Chinese scientists studied live bats in Australia as part of a joint research between the Chinese communist government and the Australian government. In an exclusive the Daily Telegraph is reporting the “Five Eyes intelligence agencies of Australia, Canada, NZ, UK, and US are understood to be looking closely at the work of a senior Scientist at the Wuhan Institute of Virology, Peng Zhou, and fellow scientist Shi Zhengli”. Sky News host and the Daily Telegraph’s Sharri Markson wrote the intelligence agencies have been examining “whether COVID-19 originated from a wet market or whether the naturally-occurring virus may have been inadvertently released”. Sky News contributor Scott Emerson said these new revelations will just “raise more concerns about what are the origins of COVID-19”.
Hobbled by secrecy and timidity, the U.S. intelligence community has been conspicuously absent from efforts to combat the COVID-19 pandemic, the most serious national and global security challenge of our time.
The silence of intelligence today represents a departure from the straightforward approach of then-Director of National Intelligence Dan Coats who offered the clearest public warning of the risk of a pandemic at the annual threat hearing of the Senate Intelligence Committee in January 2019:
“We assess that the United States and the world will remain vulnerable to the next flu pandemic or large-scale outbreak of a contagious disease that could lead to massive rates of death and disability, severely affect the world economy, strain international resources, and increase calls on the United States for support,” DNI Coats testified.
But this year, for the first time in recent memory, the annual threat hearing was canceled, reportedly to avoid conflict between intelligence testimony and White House messaging. Though that seems humiliating to everyone involved, no satisfactory alternative explanation has been provided. The 2020 worldwide threat statement remains classified, according to an ODNI denial of a Freedom of Information Act request for a copy. And intelligence agencies have been reduced to recirculating reminders from the Centers for Disease Control to wash your hands and practice social distancing.
The US intelligence community evidently has nothing useful to say to the nation about the origins of the COVID-19 pandemic, its current spread or anticipated development, its likely impact on other security challenges, its effect on regional conflicts, or its long-term implications for global health.
These are all topics perfectly suited to open source intelligence collection and analysis. But the intelligence community disabled its open source portal last year. And the general public was barred even from that.
It didn’t — and doesn’t — have to be that way.
In 1993, the Federation of American Scientists created an international email network called ProMED — Program for Monitoring Emerging Diseases — which was intended to help discover and provide early warning about new infectious diseases.
Run on a shoestring budget and led by Stephen S. Morse, Barbara Hatch Rosenberg, Jack Woodall and Dorothy Preslar, ProMED was based on the notion that “public intelligence” is not an oxymoron. That is to say, physicians, scientists, researchers, and other members of the public — not just governments — have the need for current threat assessments that can be readily shared, consumed and analyzed. The initiative quickly proved its worth.
In fact, it has continued to prove its worth up to the present day.
“It was notices on ProMED that first alerted the world to the 2003 SARS outbreak, and it was a posting on ProMED on Dec. 30, 2019 — about chatter on the Chinese social network Weibo — that first spread word of a novel coronavirus, soon identified as the cause of COVID-19, outside China.” See “The doomed 30-year battle to stop a pandemic” by Paul Wells, Maclean’s, April 21.
ProMED, which is now managed by the International Society for Infectious Diseases, is unclassified, free, and open to subscription by anyone.
“ProMED illustrates how NGOs can, in some cases, efficiently accomplish what large, bureaucratically burdened institutions cannot even begin,” the FAS Public Interest Report said in 1996.
Today, when national and global security concerns touch almost every household, the need for public intelligence is greater than ever, and it could become one focus of a reconfigured U.S. intelligence apparatus.
Steven Aftergood directs the FAS Project on Government Secrecy. The Project works to reduce the scope of national security secrecy and to promote public access to government information.
Steven Aftergood directs the FAS Project on Government Secrecy. The Project works to reduce the scope of national security secrecy and to promote public access to government information.
He writes Secrecy News, which reports on new developments in secrecy policy and provides direct access to significant official records that are otherwise unavailable or hard to find.
In 1997, Mr. Aftergood was the plaintiff in a Freedom of Information Act lawsuit against the Central Intelligence Agency which led to the declassification and publication of the total intelligence budget for the first time in fifty years ($26.6 billion in FY 1997). In 2006, he won a FOIA lawsuit against the National Reconnaissance Office for release of unclassified budget records.
Mr. Aftergood is an electrical engineer by training (B.Sc., UCLA, 1977). He joined the FAS staff in 1989. From 1992-1998, he served on the Aeronautics and Space Engineering Board of the National Research Council.
His work on challenging government secrecy has been recognized with the Pioneer Award from the Electronic Frontier Foundation, the James Madison Award from the American Library Association, the Public Access to Government Information Award from the American Association of Law Libraries, and the Hugh M. Hefner First Amendment Award from the Playboy Foundation.
Awareness of blockchain has soared in recent years with the emergence of cryptocurrencies, but the technology has existed for much longer. The linking of blocks, containing cryptographic functions of transactions and data, means that tampering with their contents becomes increasingly difficult as the chain grows – this concept was exploited for document timestamping applications more than a decade before cryptocurrencies became reality. In many implementations, blocks are confirmed by, and stored at, many nodes in different locations, providing a high degree of data integrity. There are, however, many challenges for applying blockchain technologies in tactical networks, particularly due to the constraints of the platforms, the limited bandwidth available among them, and the impact of network partitioning. In this report, the development and principles of blockchains are presented, along with an overview of their weaknesses and vulnerabilities. There is a huge level of interest in this technology across many sectors, and this is reflected in the breadth of the referenced material. Weaknesses in design and implementation can make blockchains vulnerable to attack, and their interfaces are particularly at risk. A range of possible applications in tactical networks is explored, from supply chain management, to network management and application data immutability. Finally, a simple blockchain architecture for mobile tactical networks is developed, to illustrate the potential and challenges of this technology. Overall, it is clear that blockchain technology provides a potential avenue for solving some problems in the tactical network context, but it is not yet clear whether it is the best such solution.
The key feature of blockchain technology is data integrity in a trustless environment: transaction or data records included on the blockchain are timestamped, cryptographically protected and stored by many distributed nodes, reducing the risk of total loss. For a sufficiently long blockchain, with a large number of nodes, the records can be considered immutable, in the sense that any tampering will be evident. This integrity can be exploited in different ways to enhance the robustness and resilience of tactical networks, and some of these are discussed in Section 5.1.
Smart contracts, described in Section 3.2, also provide opportunities for robust resource management in tactical networks, particularly in complex operational conditions where many users interact in the electromagnetic (EM) spectrum. Possible applications of blockchain to resource management are discussed in Section 5.2.
Tactical environments pose particular challenges for the introduction of blockchain technology, as devices are constrained in size, weight and power, and there are physical limitations on node connectivity. These challenges are considered in Section 5.3.
An example architecture for applying blockchain technology to support tactical operations is described in Section 5.4, taking into account the opportunities and challenges outlined thus far.
In this section, network nodes are considered to be the devices or platforms connected to the blockchain network; these are not (just) the radio interfaces themselves, but may be auxiliary equipment such as biometric devices, weapons or communication platforms.
5.4 Example tactical blockchain architecture
Based on the preceding, we propose an example architecture for a tactical blockchain system. The scenario we consider consists of a unit of dismounted soldiers, each carrying several devices connected on a personal network: a weapon, a radio, a camera, a radio frequency (RF) sensor and a computer (similar to a smart phone), sharing a battery and a memory drive such as a flash card. The soldier is also considered a network component, as they are a source and sink of data, and their identity is confirmed using a networked biometric sensor such as a fingerprint or iris scanner. The other devices may be authenticated using a radio frequency identification (RFID) chip or imaging as described in Section 5.1.4; authentication will only be required if the networked component has been disconnected from the personal network and attempts to rejoin.
We assume that the weapon tracks the ammunition it uses, and records the amount remaining. The camera may be continually recording, but to limit memory usage, only a few seconds before and after the weapon is fired are retained. C2 and other messages, either digital voice or data to and from the computer, all passed via the radio, are recorded for post-action analysis. SA in the form of RF sensor data is sampled periodically, and transferred via the radio to other soldiers in the unit and recorded locally. These different sources of data all use the computer’s memory for storage; both the memory and battery usage are tracked.
We use blockchains to provide authentication and identification management for the soldiers and devices engaged in the operation, an auditing function to track cyber SA and C2, resource usage tracking, and a policy management function, which is used to support resource loading decisions across the unit. As noted in Section 5.3.6, the longer the blockchain, the stronger it is, so all these functions use the same blockchain within their cluster (Section 5.4.1).
This is a simplified scenario, intended to give insight into the potential application of blockchain technology in tactical networks. Note that, as discussed in Section 6, the fact that this technology might be used to address these problems does not mean it is the best choice. Note also that the exchange of transactions and blocks among the users is assumed to be secure.
The following is a draft report from Customs and Border Protection’s Office of Intelligence that was obtained and published by Foreign Policy.
Date: January 2018
Restriction: For Official Use Only, Law Enforcement Sensitive
Originating Organization: Customs and Border Protection, Office of Intelligence
File Type: pdf
File Size: 45,021 bytes
File Hash (SHA-256):CE410209C50668E2A75D5E002B2728EB4549C565CBCA1ED3FFC3D9DCAD12E177
(U//FOUO/LES) CBP’s Office of Intelligence produced this document by request from CBP’s Commissioner on 19 December. This product examines 29 perpetrators of 25 terrorist incidents in the United States from October 2001 through December 2017 whom CBP/OI assesses were driven by radical Sunni Islamist militancy.1 This assessment covers the demographic profile of the perpetrators, consisting of age, citizenship, gender, immigration status, national origin, international travel and religious background. This assessment is intended to inform United States foreign visitor screening, immigrant vetting and on-going evaluations of United States-based individuals who might have a higher risk of becoming radicalized and conducting a violent attack. This information is cut-off as of 22 January 2018.
(U) Source Summary
(U//FOUO) We place moderate confidence on assessments discussed herein due to our reliance on information derived primarily from analysis of law enforcement databases, independent think tank studies, scholastic publications, and United States press reporting. We lack specific details on the perpetrators path to radicalization that would have contributed a higher confidence in our assessment.
(U) Key Findings
(U//FOUO/LES) The national origins of all but six of the perpetrators traced to the Middle East, South Asia or Africa, possibly reflecting the long-term difficulty for some Muslim immigrants to integrate into United States society.
(U//FOUO/LES) Most perpetrators resided in the United States for a significant period of time, signaling the need for recurrent screening and vetting over a long period of time.
(U//FOUO/LES) The presence of all of the perpetrators in the United States was lawful, highlighting that illegal immigration was not a factor in these cases.
(U//FOUO/LES) Despite the prominent role Muslim converts have played in radical Islamist terrorist incidents occurring in the West, only six of the perpetrators converted to Islam.
(U//FOUO/LES) Males were involved in all of the attacks highlighted in the assessment, despite growing concerns, such as assessments by the Combatting Counterterrorism Center at West Point, regarding the increasingly prominent, and sometimes operational, role women play in radical Islamist militant circles, including their use by the Islamic State of Iraq and ash-Sham (ISIS).(2) There was only one incident, where a female, the wife of the male perpetrator, was also involved in carrying out the attack.
(U//FOUO/LES) Case studies over the past few years conducted by both federal and private entities yielded similar age-ranges after reviewing various comparable subsets of individuals. Our study found the average age of the 29 perpetrators was 28 years, ranging from 17 to 49 years of age at the time they were arrested or killed. The average age of perpetrators who conducted attacks in North America and Europe following ISIS’ declaration of its self-proclaimed caliphate in June 2014 was a similar 27.3 years old, according to independent think tank findings.(3) According to one scholastic publication, the average age of United States individuals arrested due to their associations with ISIS was 26. (3) We assess that 14 out of the 15 individuals born outside the United States spent approximately 10 years in the United States prior to their attacks; the remaining foreign born perpetrator was a Canadian resident visiting the United States.
(U) National Origins
(U//FOUO/LES) The national origins of all but six of the perpetrators traced to the Middle East, South Asia or Africa, likely reflecting the long-term difficulty for some Muslim immigrants to integrate into U.S. society. Just over half of the perpetrators were born outside the United States and over four-fifths (86%) of those immigrated as a minor or resided for a significant period of time (approximately 10 years) in the United States, indicating that the radicalization of these individuals likely occurred after immigrating. The remaining perpetrators born outside the United States resided in the country for two years or less, suggesting that they could have arrived in the United States already radicalized. The presence of all of the foreign-born perpetrators in the United States was lawful, highlighting that illegal immigration was not a factor in these cases and that possibly some militants are heeding calls by ISIS and AQ to take up arms in their Western countries of residence as opposed to traveling abroad to participate in foreign conflicts.
• (U//FOUO/LES) Eight of the 14 U.S.-born perpetrators are first-generation descendants of South Asian, Middle Eastern or African immigrants. Of the six other U.S.-born perpetrators, five are of African-American heritage and one is Caucasian.
• (U//FOUO/LES) Among the 14 foreign-born perpetrators who immigrated to the United States, 4 entered the United States before they reached 10 years of age; another 5 perpetrators were between 13 and 17 years of age when they migrated. Four perpetrators migrated to the United States after the age of 18 and were residents for approximately 7 years. Only one perpetrator over 18 years old had been in the United States for a year or less.
(U//FOUO/LES) Fourteen of the foreign-born perpetrators were lawful permanent residents (LPR)2 of the United States and one was a lawful resident of Canada visiting the United States under a U.S.-Canada Trusted Traveler Program. Of the fourteen foreign-born individuals who were residents of the United States, 7 acquired permanent residency in the United States and 7 were naturalized citizens.
(U) Immigration Channel
(U//FOUO/LES) Of the 14 U.S. LPRs, five immigrated to the country as children of asylees; two were refugees; two acquired diversity immigrant visas, one was the child of a U.S. citizen; one was the spouse of a U.S. citizen; one was the child of an alien family member of a U.S. citizen; one was the child of an alien with an advanced professional degree; and one immigrated on a fiancé visa.
(U) International Travel
(U//FOUO/LES) Nine of the perpetrators traveled outside of the United States, within one to two years of the incident, to countries in the Middle East, South Asia or Europe, suggesting the travel may have played a role in their path to radicalization. Four individuals traveled to the Middle East or South Asia within three to four years of their attacks. Five out of the 14 U.S.-born perpetrators traveled to the Middle East or South Asia within 4 years or less of the incidents.
(U) Religious Conversion
(U//FOUO/LES) We assess that only six of the perpetrators-or about 20 percent converted to Islam, which is in line with a 2017 independent think tank that found 23-percent of United States Muslims are converts (4)- despite the prominent role Muslim converts have played in radical Islamist terrorist incidents occurring in the West, according to a body of academic, media and anecdotal reporting. (5) (6) (7)
(U//FOUO/LES) CBP/OI assesses that the factors contributing to an individual’s decision to perpetrate an act of terrorism reflect a highly personalized set of circumstances. The cohort of perpetrators represents migrants to the United States, U.S.-born citizens, including six converts to Islam with backgrounds that are comparable to other Sunni Islamist extremist cohorts. Demographic factors such as age, national origin, length of residence, immigration status or travel history can inform evaluations, but are not determinative, when assessing an individual’s susceptibility to violent extremism. While the sense of perceived marginalization of some Muslim immigrants may represent an important factor in the radicalization process, we assess with low confidence that the motivations of at least some of the perpetrators centered on their failure to assimilate in United States society.
This document describes the Vulnerabilities Equities Policy and Process for departments and agencies of the United States Government (USG) to balance equities and make determinations regarding disclosure or restriction when the USG obtains knowledge of newly discovered and not publicly known vulnerabilities in information systems and technologies. The primary focus of this policy is to prioritize the public’s interest in cybersecurity and to protect core Internet infrastructure, information systems, critical infrastructure systems, and the U.S. economy through the disclosure of vulnerabilities discovered by the USG, absent a demonstrable, overriding interest in the use of the vulnerability for lawful intelligence, law enforcement, or national security purposes.
The Vulnerabilities Equities Process (VEP) balances whether to disseminate vulnerability information to the vendor/supplier in the expectation that it will be patched, or to temporarily restrict the knowledge of the vulnerability to the USG, and potentially other partners, so that it can be used for national security and law enforcement purposes, such as intelligence collection, military operations, and/or counterintelligence. The U.S. Government’s determination as to whether to disseminate or restrict a vulnerability is only one element of the vulnerability equities evaluation process and is not always a binary determination. Other options that can be considered include disseminating mitigation information to certain entities without disclosing the particular vulnerability, limiting use of the vulnerability by the USG in some way, informing U.S. and allied government entities of the vulnerability at a classified level, and using indirect means to inform the vendor of the vulnerability. All of these determinations must be informed by the understanding of risks of dissemination, the potential benefits of government use of the vulnerabilities, and the risks and benefits of all options in between. This document defines the policy and process for evaluating competing considerations to inform U.S. Government decisions.
4.1. Equities Review Board and VEP Director
The Equities Review Board (ERB) is the primary forum for interagency deliberation and determinations concerning the VEP. The ERB will meet monthly, but may also be convened sooner if an immediate need arises.
The ERB will consist of representatives from the following agencies who are authorized to represent the views of their respective agency head:
- Office of Management and Budget
- Office of the Director of National Intelligence (to include Intelligence Community-Security Coordination Center (IC-SCC))
- Department of the Treasury
- Department of State
- Department of Justice (to include the Federal Bureau of Investigation and the National Cyber Investigative Joint Task Force (NCIJTF))
- Department of Homeland Security (to include the National Cybersecurity Communications and Integration Center (NCCIC) and the United States Secret Service (USSS))
- Department of Energy
- Department of Defense (including the National Security Agency (NSA) (including Information Assurance and Signals Intelligence elements)), United States Cyber Command, and DoD Cyber Crime Center (DC3))
- Department of Commerce
- Central Intelligence Agency
Other USG agencies may participate when demonstrating responsibility for, or identifying equity in, a vulnerability under deliberation. Changes to the name of an agency will not affect its participation in this process.
Each agency participating in the VEP will designate an agency point of contact (POC) to act as the focal point for vulnerability submissions for their respective organization and the primary contact for the VEP Executive Secretariat.
The VEP POC will ensure one or more Subject Matter Experts (SME) from their agency are identified to support equities determinations and discussions as needed.
The VEP Director at the NSC will be responsible for ensuring effective implementation of VEP policies. The VEP Director is the Special Assistant to the President and Cybersecurity Coordinator, or an equivalent successor.
We evaluate that fear based oppressors likely view strategies including tossing or showering acids and an assortment of compound fluids, henceforth alluded to as a synthetic shower and sprinkle assault (CSSA), as a feasible strategy to cause damage and disturb basic framework, in light of open source revealing depicting psychological militant online networking posts and fear monger and brutal radical utilization of this strategy abroad. An examination of few episodes portrayed in media announcing uncovered that CSSAs are regularly utilized by criminal performing artists to facilitate criminal exercises and by fierce radical gatherings abroad to make fear, scare, rebuff, and distort people and gatherings that oppose their control or belief system in their general vicinity of operations; the strategy, in any case, has once in a while been operationalized by on-screen characters in the Country. We note, in any case, that homegrown savage radicals (HVEs) and solitary guilty parties likely would discover this strategy engaging and could without much of a stretch adjust it to the Country, as it requires no particular specialized ability and the materials regularly connected with criminal assault are typically unregulated and generally accessible.
(U//FOUO) We evaluate that revolutionary fanatics, other residential fear based oppressors (DTs), and criminal on-screen characters are the probably US-based brutal radicals to utilize CSSAs in light of our examination of over a significant time span DT utilization of this strategy and on open source revealing of unaffiliated criminal performing artists utilizing acids, harmful mechanical chemicals, and other substance crippling specialists in assaults in the Country. They have utilized CSSA strategies against law requirement, foundations, ideological adversaries, dissenters, and mass get-togethers, particularly those related with political or social causes, in light of an assortment of open source announcing. These performing artists once in a while utilized CSSAs to cause fatalities, however past episodes have exhibited that household CSSAs can cause critical substantial damage and upset law authorization and specialist on call operations.
(U//FOUO) While remote psychological oppressor associations (FTO) and brutal fanatic gatherings have operationalized CSSA abroad and have made late calls for such assaults in the Country, we need particular data demonstrating that HVEs or solitary guilty parties would be open to this strategy or would look to fuse CSSAs into assaults inside the Assembled States; we survey, in any case, that huge numbers of the variables likely driving criminal utilization of CSSAs, for example, the capacity to hurt people, cause framework disturbance, perhaps sidestep catch following an assault, or potentially execute rehash assaults—likely would likewise make this strategy appealing to fear based oppressors, particularly fierce radicals lacking preparing, and the entrance or want to utilize explosives or guns.
(U//FOUO) Solid acids and burning chemicals are much of the time utilized as a part of CSSAs, however we evaluate aggressors are similarly prone to pick other monetarily accessible chemicals, for example, pepper splash, blanch, alkali, solvents, and other bothering, putrid, or poisonous mechanical chemicals, in view of the assortment of materials utilized for CSSAs locally and abroad. Specialists on call treating casualties of CSSAs may confront auxiliary dermal and inward breath dangers relying upon the kind of chemicals utilized.
(U) ISIS Desires CSSA in the Country While Rough Radical Operationalize the Strategy Abroad
(U//FOUO) We evaluate that fear mongers likely view strategies including tossing or showering acids and an assortment of compound fluids, in the future called synthetic splash and sprinkle assaults (CSSAs), as a suitable strategy to cause damage and upset basic foundation, based on open source announcing portraying psychological oppressor online networking posts and fear monger and fierce radical utilization of this strategy abroad. An investigation of few episodes portrayed in media detailing uncovered that CSSAs are regularly utilized by criminal on-screen characters to encourage criminal exercises and by fierce radical gatherings abroad to make fear, threaten, rebuff, and distort people and gatherings that oppose their control or philosophy in their general vicinity of operations; the strategy, in any case, has seldom been operationalized by performing artists ihowever, that HVEs and solitary guilty parties likely would discover this strategy engaging and could without much of a stretch adjust it to the Country, as it requires no particular specialized aptitude and the materials frequently connected with criminal assault are normally unregulated and broadly accessible.
» (U//FOUO) The Islamic State in Iraq and slag Sham (ISIS)- connected “Solitary Mujihad” station on the Europe-based informing application Wire, starting late 2017, asked US-based ISIS-supporters to assault “unbelievers” with sulfuric corrosive on open transportation.
» (U) Rough fanatics partnered with ISIS in Iraq and Syria, since in any event mid 2015, were purportedly spreading or tossing corrosive in the characteristics of ladies from the Iraq-based Yazidi religious minority and Kurdish ladies who declined to be sex slaves or submit to constrained relational unions, as indicated by open source announcing. Moreover, ISIS-partnered vicious fanatics freely tormented and executed adversaries, deceivers, and those they regarded n the Country. We note, in any case, that HVEs and solitary wrongdoers likely would discover this strategy engaging and could without much of a stretch adjust it to the Country, as it requires no particular specialized mastery and the materials frequently connected with criminal assault are typically unregulated and generally accessible.
» (U//FOUO) The Islamic State in Iraq and fiery debris Sham (ISIS)- connected “Solitary Mujihad” station on the Europe-based informing application Wire, starting late 2017, encouraged US-based ISIS-supporters to assault “unbelievers” with sulfuric corrosive on open transportation.
» (U) Savage fanatics associated with ISIS in Iraq and Syria, since at any rate mid 2015, were purportedly spreading or tossing corrosive in the characteristics of ladies from the Iraq-based Yazidi religious minority and Kurdish ladies who declined to be sex slaves or submit to constrained relational unions, as indicated by open source detailing. Moreover, ISIS-associated rough radicals freely tormented and executed foes, double crossers, and those they deemedDEPARTMENT OF Country SECURITY, Insight Combination Focuses
(U//FOUO) DHS Announcement: Substance Sprinkle and Splash Assaults Potential Strategy for Brutal Radicals in Country
December 18, 2017
Synthetic Sprinkle and Splash Assault: Uncommon yet Potential Strategy for Brutal Radicals in Country
Page Tally: 10 pages
Date: September 21, 2017
Confinement: For Official Utilize As it were
Starting Association: Branch of Country Security, Office of Knowledge and Appraisal
Record Compose: pdf
Document Estimate: 313,000 bytes
Document Hash (SHA-256): 1444CB27457B1F56A97A074AD2049034AC63AE457A88FB0F6013C7F480736D09
(U//FOUO) We survey that fear based oppressors likely view strategies including tossing or showering acids and an assortment of synthetic fluids, henceforth alluded to as a concoction splash and sprinkle assault (CSSA), as a suitable strategy to cause damage and disturb basic framework, based on open source detailing portraying psychological militant online networking posts and psychological militant and savage fanatic utilization of this strategy abroad. An examination of few occurrences depicted in media announcing uncovered that CSSAs are ordinarily utilized by criminal performing artists to facilitate criminal exercises and by brutal radical gatherings abroad to make fear, scare, rebuff, and distort people and gatherings that oppose their control or belief system in their general vicinity of operations; the strategy, in any case, has once in a while been operationalized by on-screen characters in the Country. We note, in any case, that homegrown brutal radicals (HVEs) and solitary guilty parties likely would discover this strategy engaging and could undoubtedly adjust it to the Country, as it requires no particular specialized skill and the materials frequently connected with criminal assault are generally unregulated and broadly accessible.
(U//FOUO) We evaluate that rebel radicals, other household fear based oppressors (DTs), and criminal performing artists are the in all likelihood US-based rough fanatics to utilize CSSAs in light of our examination of at various times DT utilization of this strategy and on open source announcing of unaffiliated criminal on-screen characters utilizing acids, poisonous modern chemicals, and other concoction debilitating operators in assaults in the Country. They have utilized CSSA strategies against law authorization, establishments, ideological adversaries, nonconformists, and mass get-togethers, particularly those related with political or social causes, in light of an assortment of open source announcing. These performing artists seldom utilized CSSAs to cause fatalities, however past occurrences have exhibited that local CSSAs can cause huge real damage and upset law authorization and person on call operations.
(U//FOUO) While outside fear based oppressor associations (FTO) and brutal fanatic gatherings have operationalized CSSA abroad and have made late calls for such assaults in the Country, we need particular data showing that HVEs or solitary wrongdoers would be open to this strategy or would try to join CSSAs into assaults inside the Assembled States; we survey, be that as it may, that a significant number of the variables likely driving criminal utilization of CSSAs, for example, the capacity to hurt people, cause foundation interruption, conceivably dodge catch following an assault, and additionally execute rehash assaults—likely would likewise make this strategy appealing to psychological militants, particularly vicious radicals lacking preparing, and the entrance or want to utilize explosives or guns.
(U//FOUO) Solid acids and scathing chemicals are every now and again utilized as a part of CSSAs, however we evaluate assailants are similarly prone to pick other economically accessible chemicals, for example, pepper shower, fade, alkali, solvents, and other chafing, putrid, or lethal modern chemicals, in light of the assortment of materials utilized for CSSAs locally and abroad. People on call treating casualties of CSSAs may confront optional dermal and inward breath perils relying upon the kind of chemicals utilized.
On 11 July, the Assembled States Government expelled Moscow-based Kaspersky Lab from two arrangements of endorsed merchants utilized by government offices to buy innovation hardware, in the midst of concerns the digital security association’s items could be utilized by the Kremlin to pick up section into U.S. systems.
(U) A month ago the Senate Furnished Administrations Advisory group passed a resistance spending strategy charge that would restrict Kaspersky items from use in the military. The move came a day after the FBI met a few of the organization’s U.S. workers at their private homes as a feature of a counterintelligence examination concerning its operations.
(U) On 12 July, GSA settled on a strategic choice to expel Kaspersky Labs from two GSA plans, along these lines successfully expelling the merchant as an approved hotspot for buys by any organization utilizing GSA plans.
• (U) The delisting speaks to the most solid move made against Kaspersky following a very long time of mounting doubt among insight authorities and officials that the organization might be too firmly associated with threatening Russian knowledge offices blamed for digital assaults on the Unified States.
• (U) Administrators raised worries that Moscow may utilize the association’s items to assault American PC arranges, an especially touchy issue given affirmations by U.S. knowledge offices that Russia hacked and spilled messages of Fair Gathering political gatherings to meddle in the 2016 presidential decision battle. Russia denies the claims.
(U//FOUO) Per the U.S. General Administrations Organization, “After survey and watchful thought, the General Administrations Organization settled on the choice to expel Kaspersky Lab-fabricated items from GSA IT Timetable 70 and GSA Schedul-67 – Photographic Hardware and Related Supplies and Administrations. GSA’s needs are to guarantee the respectability and security of U.S. government frameworks and organize and assess items and administrations accessible on our agreements utilizing production network hazard administration forms”.
(U//FOUO) State, Neighborhood, Innate and Regional government organizations that utilization GSA contract plans for requesting IT merchandise and ventures and I or Photographic Gear and Related Supplies and Administrations, or generally have Kaspersky Lab-made items ought to consider the hazard related with these items and hold fast to Elected rules.
Security Worries with Kaspersky Labs Items
On 11 July, the Assembled States Government expelled Moscow-based Kaspersky Lab from two arrangements of affirmed merchants utilized by government offices to buy innovation hardware.
The delisting speaks to the most solid move made against Kaspersky following a very long time of mounting doubt among insight authorities and administrators that the organization might be too firmly associated with unfriendly Russian knowledge offices blamed for digital assaults on the Unified States.
• A Senate Equipped Administrations Advisory group part said in an announcement that “ties between Kaspersky Lab and the Kremlin are extremely disturbing.”
• U.S. insight offices trust that the organization and its leader have had close connections to Russian political and knowledge authorities since no less than 2012, when a noteworthy shakeup of the company’s official positions got new individuals
… with binds to Russia’s three primary knowledge offices.
• Kaspersky supplies faculty to go with Russian insight and police on strikes and captures, and planned cybersecurity programming that gives Russian law authorization the area of conceivable programmers, as per squeeze reports.
• The heads of five U.S. knowledge organizations, including the CIA, said they would not be open to utilizing Kaspersky items on their systems.
Kaspersky antivirus arrangements are coordinated in a scope of switches, chip and programming items from such commonly recognized names as Cisco, Amazon and Microsoft.