Terrorism and Homeland Security Test #3
Securing the nation is too ambitious of a task for one organization to claim. Ever since DHS was created, it has had a major overlap with FBI. The FBI is not going to surrender any of its authority to an upstart organization. DHS's goal should be to protect their areas of responsibility, such as the borders, airports, and sea ports. These intelligence operations should also be run independently and in conjunction with the FBI.
2 problems with DHS?
1) PLC's (Programmable logic controller) 2) SCADA 3) Air gaps
3 examples of cyber critical infrastructure?
1) Intelligence 2) Borders 3) Immigration- Deal with legal issues (like overstaying your visa) and illegal 4) Emergency Mitigation- like California fires, evacuation and how do we recover
4 functions of Homeland Security?
1) Our intelligence agencies in 2001 were not geared up to deal with terrorism 2) If people had open minds, it was clear that there was a threat to the U.S., but we didn't fully see it (John Oneil) 3) The CIA had several muscle hijackers on their watchlist and lost them. When they asked the FBI to help them, it was too late. FBI and CIA couldn't share information by law 4) Executive and Legislative governments were not prepared 1) Intelligence reform (the laws that prevent the CIA and FBI not sharing information need to be changed) 2) Homeland Security 3) Emergency response
9/11 Commission 4 Key Findings? What were the 3 recommendations?
Dirty bomb
A ________ is a weapon that contains radioactive materials along with other explosives. It causes mass disruption, rather than mass destruction like a nuclear explosion would. It contaminates areas with radioactive material that scatters throughout the air.
Federal Emergency Management Agency (FEMA).
A major weather event has been predicted for upstate New York (think something big and not good). Which operational component of DHS would be involved in helping get people ready for the event and recovering from it once it passes?
According to Flynn, it is not reasonable to believe that the threat from terrorism can be eliminated. Our current and future enemies will make terrorism their weapon of choice, regardless of what the U.S. does in attempt to combat it. Our enemies have no other option to challenge the U.S. power besides terrorizing the U.S. The U.S. spends more money on conventional military capabilities than the rest of the world combined. The enemies must try to avoid the United States military's power, and to do that, terrorists acts are the only way. Unless war doesn't exist anymore, terrorism will still be relevant. Also, radical jihadists are willing to die for their cause, or be a martyr, and are difficult to deter.
According to Flynn is it reasonable to believe that the threat from terrorism can be eliminated? Explain why or why not.
Opium Heroin Narcoterrorism The headquarters of the Taliban
Afghanistans biggest cash crop is? Which is used for? What is this called? Afghanistan is also where what/who is located?
Yes
Are biological viruses communicable? (contagious)
VERY lethal WWI Mustard gas Creates blisters and swelling outside AND INSIDE of the body
Are chemical weapons lethal? Example of when this was used and what kind of chemical weapon? What did it do?
A man-made EMP could be created from a nuclear explosion. It is possible that terrorists or rogue states could detonate a nuclear weapon in the ATMOSPHERE and generate a paralyzing EMP. If a country or terrorist group were going to attack the U.S. with nuclear weapons, analysts think they would chose to cause more direct and immediate damage by targeting populated areas. Chairman of the EMP Commission states that if the U.S. suspended the aid they gave to Pakistan for one year and put it toward the electrical grid, the American people would be protected from the threat of EMP's.
Briefly explain how a man-made EMP could be created?
An EMP poses a unique danger to the United States' critical infrastructure because of their potential to wreak havoc with a world that now is utterly dependent on electrical technology. If the storm of electrons and other charge particles from an EMP are strong enough, the Earth's magnetic field would be disrupted, satellites and the internet would be disabled, commercial aviation would be grounded, telecommunications would be silenced, and much of the electrical grid would be fried. If an EMP hit Earth, crucial global communications, large electrical transformers, and ATM's would be ruined. The internet would also be disabled on a massive scale and toilets would not be able to be flushed, which rely on electric pumps.
Briefly explain why an electromagnetic pulse (EMP) poses a unique danger to the United States' critical infrastructure:
FBI
Domestic Human Intelligence Gathering is the responsibility of who?
Hard: White House, Thanksgiving Day Parade (security barriers) Soft: Mall
Examples of hard and soft targets?
Trains Pipelines Electrical grid Aircraft/airtravel Ships (that carry oil) Bridges Roads Subways Railroads Law enforcement Fire department EMS
Examples of types of critical infrastructure?
What is the lead agency for investigating terrorism?
FBI
CIA (Central Intelligence Agency)
Foreign Human Intelligence Gathering is the responsibility of who?
The day, the time of day, and location C-GCC would be a high value target on Wednesday at 12:00
Hitting a target depends on what?
Enable the thumb drive, phishing scan
How do you bridge an air gap?
263
How many organizations have been created or reorganized as a response to 9/11?
Aum Shinrikyo is a cult who carried out a terrorist chemical attack on March 20, 1995. The cult carried out the attack in the Tokyo subway system, where five members were sent into the system during the morning rush hour. The give members had small plastic bags of fluids. When mixed, sarin gas would be released on five trains full of people. Sharpened umbrella tips were used to puncture the small bags and release the gas. The fumes of the gas killed 12 people and severely harmed 54. 980 others were adversely affected.
How was the attack was carried out by Aum Shinnikyo?
Poor coordination of efforts and sharing of information between the NYPD and FBI. The FBI FAILED TO SHARE INFORMATION with NYPD detectives There are limits to the number of undercovers that could be deployed. The time it takes to fully infiltrate a cell is limited as well. While CIs can get into an area quicker, you never have a lot of confidence in them. Undercovers require a set of rules, guidelines, and skills that are much different. IMPORTANT: 1) Privacy issues (people don't like being spied on) 2) Tension between different agencies, which results in --> 3) Information not getting shared. Information can't get shared if people --> 4) Failure to document (people hate documenting stuff and paperwork, so they don't.
Identify and briefly describe at least two (2) issues or problems Sheehan raises about gathering DOMESTIC intelligence:
The task of obtaining solid support from foreign intelligence agencies in finding radical cells. There have been scandals surrounding U.S. military torture practices and detention policies, but we acknowledge and maintain standards of human rights and legal process much better than most U.S. allies. However, THE CIA NEEDS TO WORK WITH FOREIGN AGENCIES, WHETHER THEY ARE GOOD OR BAD. If the U.S. decided to not work with these foreign agencies anymore because of our disapproval of their tactics, it will leave the U.S. more exposed to future terrorist attacks. Having embassies inside rogue regimes is simply not enough. It is the responsibility of the NOCs to operate in deep cover. The use of NOCs was minimized in favor of more traditional CIA work. While CIA has expanded its NOC program since 9/11, it will take multiple years to construct the type of intelligence infrastructure the U.S. needs. The U.S. needs more capability to support future operations. IMPORTANT: 1) Working with intelligence agencies who don't like the U.S. (Pakistani intelligence agency) 2) Liason intelligence (hearsay) - depend on other people to give information because of embassy issues. The U.S. need more embassies in more foreign countries like North Korea and Iran to know what is going on in those places
Identify and briefly describe at least two (2) issues or problems the U.S. has to deal with when conducting FOREIGN intelligence operations:
Military and intelligence agencies multiplied as they were given more money. Around 263 organizations have been created or reorganized as a response to 9/11. The increase in employees, units, and organizations result in the blurring of responsibilities. To help resolves this issue, the ODNI was created. Officials who work in the intelligence agencies claim that it is unclear about what the ODNI is in charge of. There have been some improvements, but the volume at the ODNI has overtaken them as the increased flow of intelligence data overwhelms the system's ability to analyze and use it. The analysts working inside the sensitive are relatively inexperienced on certain aspects of the job that are valuable. Analysis requires human judgment, not just by computers that sort through data. The analysts are often straight out of college and have limited knowledge on priority countries and are not fluent in their languages.
Identify and describe at least two distinct concerns or problems raised by the article about the effectiveness of U.S. intelligence gathering efforts:
Chemical: You know you are exposed right away For biological, it could takes weeks to notice Biological weapons are spread by human contact and for chemical, it is not For biological, you have to tediously track down everyone and get to the source of the first ever victim who came in contact with it.
If you are a weapon person working, do you want to deal with a chemical or biological weapon? Why?
People systematically firing weapons quickly and professionally disposing everything they have in an underground vault near Highway 101 just outside San Jose, California. Surveillance cameras at Pacific Gas and Electric's near-by Metcalf substation detected a beam of light about a half an hour later. It is theorized that it came from a flashlight used to guide sniper targeting power transformer cooling systems filled with oil. This caused the system to leak, overheat, and crash. The assault lasted 20 minutes and knocked out 17 giant transformers that fed electricity to the Silicon Valley. The attack was apparently carried out in a disciplined military fashion by three or four men. A second tactic consisted of cyber hacking. The cyberattackers struck power centers in Ukraine. With a few clicks, dozens of substations were shut down and electricity was eventually cut off for about 230,000 residents in the middle of an East European Winter. Power was restored after a few hours. Another hack in 2016 involved by malware sent to utility workers via email. Both of these attacks were blamed on Russia.
Iidentify and describe two tactics that actually have been used to maliciously interrupt and damage electrical grids. Cite the article you are referencing for each example cited and identify where the attack occurred in addition to how the attack was conducted.
Railways and Public transportation
In addition to aviation security what other two transportation resources has the Transportation Security Administration (TSA) been assigned to protect?
The fatality number was small. Aum Shinnikya is a group with tens of thousands of members. It is said that many of these members were not terrorists, but highly educated scientists and engineers. Also, the cult's assets totaled around one billion dollars worldwide. With all this being said, one would think a large organization with various advantages and connections would cause more destruction and just have an overall greater effect in their attack. Yes, they did cause 12 people to die and many were injured one way or another, but with all the power the group has, the attack should have caused a greater defect, meaning a higher rate of deaths and so on. However, it did cause panic and fear, which is almost every terrorist's objective. Also, there was a temporary shutdown of the subway system.
In your opinion would this attack be considered a success or a failure? Explain your opinion
Prevent Forward
Intelligence looks to _________ something/an event. They are looking what way?
The Internet is a globally-connected network of computers that enables people to share information and communicate with each other. An intranet, on the other hand, is a local or restricted network that enables people to store, organize, and share information within an organization
Internet vs. Intranet?
No
Is biological anthrax communicable?
No
It is extraordinarily difficult to get access into a major system?
1) Construct physical defenses that increasingly dominate our post-9/11 landscape, like the cement barricades or Jersey barriers. Hardening a potential target is the only option when a critical facility cannot be moved or replaced. Some examples that fall under this category are the Hoover Dam, the White house and the Statue of Liberty. 2) Investing in redundancy can allow some critical systems to be protected. For example, there is no point for somebody to attack a computer server if there is a remote server that can kick in immediately after the main server goes down. Also, if the power of a high-voltage line can be rerouted through other lines coming from other power generators, there is no need to attack it as the attack will only result in temporary disruption of service to a few people. 3) Being prepared to fix something if it should break or be target is a good way to protect critical infrastructure. For instance, a terrorist attack on the Trans Alaskan Pipeline would most likely not be considered if the process, equipment, and people were in place to repair any section damaged. This could potentially require positioning spare pipe every few miles and maintain sensors like surveillance cameras to detect a breach in the pipe. Also, an emergency response team would be needed on short notice to repair the damages. 4)Make protecting critical infrastructure less dangerous by reengineering its processes so as to make them less potentially hazardous. In some cases, relocate a facility to a more remote area. For instance, chlorine is stored in tanks adjacent to the plants that may be close to residential neighborhoods, potentially placing tens of thousands of people at risk. This severity of this risk can be reduced by placing chlorine with sodium hypochlorite, the active ingredient in household bleach. Many facilities reject to this idea as it involves additional costs.
List and briefly describe the four ways Flynn identifies to protect critical infrastructure:
1) Planning and Direction 2) Collection 3) Processing 4) All-Source Analysis and Production 5) Dissemination
List the 5 steps in the intelligence
Because the harder the potential target is, the more planning, surveillance, and rehearsals are required to attack it, so outside expertise may have to be found. As a result, the operation's risk of detection increases.
One of Flynn's "core realities" about the terrorism threat is that protecting the likely targets of terrorists has value. Why is protecting likely terrorist targets valuable to the U.S.?
The threat from a chemical weapon differs from the threat posed by a biological weapon as chemical weapons are easier to contain than radiological weapons. They can also be cleaned up with relative speed. Also, without the support of a sophisticated state-run program, chemical weapons are difficult to manufacture.
Outside of their lethality, identify and briefly describe two (2) ways the threat from a chemical weapon differs from the threat posed by a biological weapon:
Public or private controlled resources that are critical to public, health, government, economy, and national security
REAL definition of critical infrastructure:
disRUPTion disTRUCTion
Radiological weapons cause _______ instead of ___________.
New York Stock Exchange in lower Manhattan Citigroup Center in midtown Manhattan.
Regarding the "Wake-Up Call" what were the two specific targets of the alleged terrorist plot in New York City?
Hezbollah Suicide attacks are a force multiplier: the technique you use can result in a deadlier attack Tactical advantages: Since you're dying anyway, you can get close to the target, plan a simpler attack (don't have to plan an escape since you're dying), "dead men tell no tales"- don't have to worry about giving up any informaton
Suicide attacks/terrorism: Who invented it? Why are they a tactical advantage for terrorists?
Example: 9/11 as the Pentagon was the symbol of military, the WTC was the symbol of economy, etc. They are hard targets now after 9/11 Terrorists are moving away from symbolic value because they are so hard to get to because of multi-layer security Now, terrorists go for high value and soft targets
Terrorist think of symbolic value when planning an attack. Example? Are the hard or soft targets after 9/11? What do they do now?
ICE =Interior CBP = Exterior
The ________ deals with interior immigration and __________ deals with exterior immigration.
Constant loop Direction Collection (noise, signals) Processing (confirmatory, or certainly) + (Contradictory, or not certain) (People have to give higher authorities reasons why there is a potential threat, but also have to give reasons why there might not be a threat as well. HAVE TO INCLUDE BOTH Dissemination
The intelligence cycle is a _____ _____. Characteristics?
State level Federal level
There is FEMA _____ and _______.
Examples of IEDs?
Truck bombs, belt bombs,
Mutally Assured Destruction (M.A.D.)
US and SU (ussr) established the idea that if one were to bomb the other, the other would bomb them back equally as bad- causing casualties for both sides -In 1953, Eisenhower proclaimed at the UN that the US would share the knowledge and means for other countries to use atomic power. What is this strategy called?
Cipro (antibiotic) to treat BIOLOGICAL
Vaccines are?
They are NOT law enforcement (just regular people) Undercovers are part of law enforcement
What are Civilian/Criminal Informants? Why is it different than undercovers (UC's)? Why would somebody be a CI?
Dirty bomb/RDD -NOT a nuclear weapon Learned that the fallout doesn't go very far (heavier than air) The SHINE IS THE MOST DANGEROUS PART - ( x shine ) - fallout fallout - ( ) -
What are radiological weapon examples? What did NYPD learn about radiation?
United States Pakistan - A.P. Khan India Russia Great Britain/England North Korea- proliferated it China France Israel The US has to be concerned with Pakistan and North Korea as they are willing to share for a fee
What country's have nuclear power?
The NYPD learned that when a dirty bomb goes off, it releases two types of radiation. One type is gamma radiation and the other is sometimes referred to as "fallout". The first type is harmful to people in its immediate proximity. The second type of radiation, as well as the first, contains radioactive material. The "fallout" is harmful only if it is ingested or enters your body. It was learned that alpha and beta particles fall to the ground much faster, since their molecular weight is heavier than air. The danger from the fallout was overestimated in terms of severity. It could actually be deadly. Also, radioactive gamma particles were heavy, so they were less likely to become airborne and would travel no more than a block or two from the crater.
What did the NYPD learn about what happens when a "dirty bomb" is detonated that differed from what is commonly believed about the effects of a "dirty bomb" detonation in an urban area?
Disperse it correctly and make there is a high population density where you disperse it (like a city) Should use it inside (with vents) and not outside
What do you have to do to make chemical weapons effective/destructive?
Gathers intelligence about the human activity on earth derived from the exploitation and analysis of imagery and geospatial information that describes, assesses, and visually depicts physical features and geographically referenced activities on the Earth National Reconnaissance Office (NRO) ex: pictures from the sky (satellites)
What does GEOINT (Geospatial Intelligence) do?
Gather intelligence by means of interpersonal contact ex: Undercovers and civilian informants
What does HUMINT (Human Intelligence) do?
Data collected from publicly available sources to be used in an intelligence context. In the intelligence community, the term "open" refers to overt, publicly available sources (as opposed to covert or clandestine sources). It is not related to open-source software or collective intelligence. ex: News, anything that's public, social media accounts
What does OSINT (Open-Source Intelligence) do?
Gathers intelligence by interception of signals, whether communications between people (communications intelligence—abbreviated to COMINT) or from electronic signals not directly used in communication (electronic intelligence—abbreviated to ELINT). Signals intelligence is a subset of intelligence collection management. As sensitive information is often encrypted, signals intelligence in turn involves the use of cryptanalysis to decipher the message. Don't have to get information from a human source National Security Agency (NSA) ex: email, text traffic, voice communication
What does SIGNIT (Signals Intelligence) do?
Supervisory Control and Data Acquisition
What does the acronym SCADA stand for
Homeland security is an American national security term for "the national effort to ensure a homeland that is safe, secure, and resilient against terrorism and other hazards where American interests, aspirations, and ways of life can thrive to the national effort to prevent terrorist attacks within the United States, reduce the vulnerability of the U.S. to terrorism, and minimize the damage from attacks that do occur"
What does the term "homeland security" mean?
HUMINT because you're getting information from another human SIGNIT has people inferencing (have to make inferences)
What form of intelligence is most useful?
Vague measuring by analysts of an increase in phone calls, e-mail conversations, and ramblings within suspected terrorist cells. If an increase is measured, this can be an indication that that something might be being prepared or is actually happening by terrorists. Chatter doesn't necessarily mean something specific happening, it usually just gives vague intelligence. For example, Sheehan says DHS provided warnings for every conceivable type of attack and target. This included subways, malls, cars, airplanes, bicycles, and more. He says that without any specific intelligence, there isn't really much NYPD could do to act on this
What is "chatter" as it relates to intelligence?
Human Trafficking
What is Homeland Security's specialty?
A ransomware attack uses malicious software where a criminal essentially locks the computer data of a victim and alters information or data into a cipher to prevent access, or encrypts them. To restore access, the criminal demands a ransom and expects a certain amount of money, usually in a specific time frame. If the money is not received, the victim is at a large risk for losing their access their data permanently.
What is a ransomware attack?
Driving a truck and run into large amounts of people (not hard to execute) ex: Bastille Day and NYC Terror Attack
What is an example of low tech terrorism?
To prevent terrorist attacks within the United States. They're responsible for distributing warning and information to state and local government personnel, agencies, authorities, and to the public.
What is the primary mission of the U.S. Department of Homeland Security (DHS)?
Biological weapon (anthrax)
What kind of weapon did Bruce Ivans use in his attacks?
It is possible for weapons to be made from regular consumer products. For instance, Timothy McVeigh used thousands of pounds of fertilizer for the 1995 Oklahoma City bombing. Also, Najibullah Zazi bought large quantities of acetone and hydrogen peroxide for his explosives Police rely on workers to report suspicious customers, and that isn't always guaranteed. While there are standard intelligence methods, there is too much information for it to be possible for law enforcement to keep track of it and monitor it all. As said in the article, it's impossible to monitor every single person who buys a propane tank. Concerns of civil-liberties can make matters worse. Also, while the presence of officers might steer potential attacks away, there is no way every public space can be protected.
What problems do low tech attacks pose in preventing terrorist attacks in the U.S.?
Letters going to congressmen or President have to be checked, it can't go straight to them.
What resulted in the anthrax attacks?
A flatbed pickup truck Rented it from Home Depot Knife or firearm One BB pellet gun and one paintball gun.
What specific type of vehicle did the perpetrator use? How did the perpetrator obtain the vehicle he used? What two types of secondary weapons did the ISIS & AQ publications suggest perpetrators arm themselves with? What was the specific secondary weapon the perpetrator possessed?
The 2001 anthrax attacks His alleged involvement was questioned as he was said to be a skilled microbiologist. The 2001 attacks was the mailing of letters contaminated with anthrax to the offices of U.S. Senators Tom Daschle and Patrick Leahy, as well as multiple news offices. Ivins and his colleagues worked a long duration of hours testing out samples in order to differentiate between real anthrax letters and from the large amounts of hoaxes that were sent out around this time. Ivins assisted the FBI in analyzing the powdery material from an envelope tainted with anthrax that was sent to a United States senator's office in Washington, D.C.
What terror attack against the U.S. is Bruce Ivins associated with? What was his alleged involvement?
The 9/11 Commission was established in on November 27, 2002. Its purpose was to prepare a complete report of the circumstances involving the September 11th attacks in 2001. This included preparedness for and the immediate response to the attacks. The 9/11 Commission also issued recommendations intended to guard against future attacks.
What was the purpose of the 9/11 Commission?
Sarine gas (nerve agent)
What weapon did Aum Shinrikyo use?
Emphasis- Moved away from HUMINT and focused on SIGINT Risk- Intelligence agencies had become risk adverse (afraid of making mistakes) Bigger the risk, bigger the reward/Bigger the reward, bigger the risk ----->Little operation, little reward Lack of Imagination- The more limitations that are enforced, the smaller operational area you have
What were 3 Pre-9/11 views/strategies?
Any big event (Superbowl, etc)
Where are U.S. Secret Service usually working?
Patrols waters off the man time security
Where is the U.S. Coast Guard working?
Central Intelligence Agency (CIA)
Which U.S. agency is primarily responsible for gathering HUMINT?
National Security Agency (NSA).
Which U.S. agency is primarily responsible for gathering SIGINT?
U.S. Coast Guard
Which operational component of DHS is also considered to be a part of the U.S. military?
U.S. Immigration and Customs Enforcement (ICE)
Which operational component of DHS is responsible for the apprehension of persons who are illegally within the U.S.?
Private sector makes up 90% of infrastructure
Which sector (public or private) makes up the majority of critical infrastructure? By what percentage?
DNI (Director of National Intelligence)
Who is the head of the intelligence community?
Police Local law enforcement FBI NYPD CIA Marshalls***
Who will you find in JTTF's?
Improvised explosives are the weapons of choice of terrorists because they aren't that complicated to construct or denote and while they have some weaknesses like every other weapons, they have many strengths. Trucks bombs, backpack bombs, and belt bombs are examples of improvised explosives. Truck bomb are useful as they can be constructed in a remote location and transported to a desired target without much difficulty. Backpack bombs can be smuggled into crowded and enclosed places. Belt bombs were created in response to improved security measures. They can be more effectively smuggled to a target as they are smaller and lighter than backpack bombs.
Why are Improvised explosives (IED's) the weapons of choice of terrorists? (Keep in mind that the airplanes used in the 9/11 attacks were considered improvised explosives as well)
Can get directions on the internet Get "bang for your buck"
Why do people prefer IED'?
Because an experiment was conducted to test whether a cyber warrior could destroy a generator. The "hackers" were able to make it into the control network from the internet and ended up finding the program that sends rotation speeds to the generator. Another keystroke and the generator could have severely damaged itself. If the enormous generators that power the United States were to be badly damaged or destroyed, it is unlikely to be replaced for months.
Why is Project Aurora important to understanding the risk to critical infrastructure?
They send out signals, via internal computer network and sometimes by radio, to devices to regulate the electric load in various locations. Many of these devices have multiple connections. SCADA gives companies central control of large numbers of pumps, generators, oil rigs, and other operations.
Why is SCADA significant to critical infrastructure?
Intranet Nuclear power plants are Intranets
a network designed for the exclusive use of computer users within an organization that cannot be accessed by users outside the organization. Example?
air gap
an air space that separates a water supply outlet from a potentially contaminated source