Category Archives: Department of Homeland Security

About that Drone Attack on the Pennsylvania Power Grid

Posted on by

The Drive: U.S. officials believe that a DJI Mavic 2, a small quadcopter-type drone, with a thick copper wire attached underneath it via nylon cords was likely at the center of an attempted attack on a power substation in Pennsylvania last year. An internal U.S. government report that was issued last month says that this is the first time such an incident has been officially assessed as a possible drone attack on energy infrastructure in the United States, but that this is likely to become more commonplace as time goes on. This is a reality The War Zone has sounded the alarm about in the past, including when we were first to report on a still unexplained series of drone flights near the Palo Verde nuclear powerplant in Arizona in 2019.

ABC News was first to report on the Joint Intelligence Bulletin (JIB) covering the incident in Pennsylvania last year, which the Department of Homeland Security (DHS), Federal Bureau of Investigation (FBI), and the National Counterterrorism Center (NCTC) published on Oct. 28, 2021. The document, which ABC obtained a copy of, but only released a small portion of, is marked unclassified, but parts also labeled Law Enforcement Sensitive (LES) and For Official Use Only (FOUO). Other outlets have since obtained copies of this document, which reportedly says that this likely attack took place on July 16, 2020, but does not identify where the substation in question was located.


DHS via ABC News

RELATED READING: FBI Strategic Intelligence/Assessment on Domestic Terrorism

A portion of an annotated satellite image from a US Joint Intelligence Bulletin regarding a likely attempted drone attack on a power substation in Pennsylvania in 2020.

“This is the first known instance of a modified UAS [unmanned aerial system] likely being used in the United States to specifically target energy infrastructure,” the JIB states. “We assess that a UAS recovered near an electrical substation was likely intended to disrupt operations by creating a short circuit to cause damage to transformers or distribution lines, based on the design and recovery location.”

ABC and other outlets have reported that the JIB says that this assessment is based in part on other unspecified incidents involving drones dating back to 2017. As already noted, The War Zone previously reported on another worrisome set of incidents around Arizona’s Palo Verde Generating Station, the largest nuclear power plant in the United States in terms of its output of electricity, in 2019. In the process of reporting that story, we uncovered other reported drone flights that prompted security concerns near the Limerick Generating Station nuclear power plant in Pennsylvania earlier that year.

The Night A Mysterious Drone Swarm Descended On Palo Verde Nuclear Power Plant By Tyler Rogoway and Joseph Trevithick Posted in The War Zone
Here’s What’s In New Guidelines For Defending Infrastructure Against Drone Attacks By Brett Tingley Posted in The War Zone
The Y-12 Nuclear Development Site Has Deployed Its First Anti-Drone System By Brett Tingley Posted in The War Zone
Some Chinese-Made Drones Cleared By Pentagon For U.S. Government Use By Brett Tingley Posted in The War Zone
Is The United States Firing Off “Electricity Bombs” in Syria? By Joseph Trevithick Posted in The War Zone

“To date, no operator has been identified and we are producing this assessment now to expand awareness of this event to federal, state, local, tribal, and territorial law enforcement and security partners who may encounter similarly modified UAS,” the JIB adds.

Beyond the copper wire strung up underneath it, the drone reportedly had its camera and internal memory card removed. Efforts were taken to remove any identifying markings, indicating efforts by the operator or operators to conceal the identifies and otherwise make it difficult to trace the drone’s origins.


DHS via ABC News

A low-quality image showing the drone recovered after the likely attempted attack in Pennsylvania. The green lines are the nylon cables. A copper wire was attached to the bottom ends of both lines.

It’s unclear how much of a threat this particular drone posed in its modified configuration. The apparent intended method of attack would appear to be grounded, at least to some degree, in actual science. The U.S. military employed Tomahawk cruise missiles loaded with spools of highly-conductive carbon fiber wire against power infrastructure to create blackouts in Iraq during the first Gulf War in 1991. F-117 Nighthawk stealth combat jets dropped cluster bombs loaded with BLU-114/B submunitions packed with graphite filament over Serbia to the same effect in 1999.

Regardless, the incident only underscores the ever-growing risks that small drones pose to critical infrastructure, as well as other civilian and military targets, in the United States. If this modified drone did pose a real risk, it would also highlight the low barrier to entry to at least attempt to carry out such attacks. New DJI Mavic 2s can be purchased online right now for between $2,000 and $4,000.

The technology is so readily available that non-state actors around the world, from terrorists in the Middle East to drug cartels in Mexico, are already employing commercial quad and hexacopter-type drones armed with improvised explosive payloads on a variety of targets on and off more traditional battlefields. This includes attempted assassinations of high-profile individuals.

The U.S. government is finally coming to terms with these threats and there are certainly some steps being taken, at least at the federal level, to protect civilian and domestic military facilities against small drones. At the same time, it is equally clear that there is still much work to be done.

This particular incident in Pennsylvania last year highlights separate security concerns relating to Chinese-made small drones that are now widely available in the United States and are even in use within the U.S. government. DJI, or Da Jiang Innovations, is by far the largest Chinese drone maker selling products commercially in the United States today and has been at the center of these debates in recent years.

Whether or not the modified Mavic 2 posed a real danger in this instance or if this was truly the first-ever attempted drone attack on energy infrastructure in the United States, it definitely reflects threats are real now and will only become more dangerous as time goes on.

Dads on Duty in Public Schools has Remarkable Results

Posted on by

Primer: In 2020, USAToday published in part the following:

Schools are safe, safer in fact than they’ve been for decades, and not because of the presence of an armed police officer in the hallways. Rather, schools provide structure and supervision that many kids lack during their out-of-school hours.

Although SROs may give parents some sense of comfort that their children are protected while at school, students actually face certain perils because of constant police presence. The well-traveled school-to-prison pipeline has been documented by research in terms of greater reliance on the justice system in response to student infractions, especially for minority youngsters.

***'The School has Just Been Happy': Concerned Fathers Form ...

If children are not punished in some form with violence and criminal activity it adds to the already broken juvenile justice system.

SHREVEPORT, La. — A group of fathers in Shreveport are taking safety into their own hands after repeated violence broke out in one school, where 23 students were arrested over a short three-day period. “Dads on Duty” showed up and the daily brawls suddenly came to an end.

One of the father’s, Michael LaFitte, launched a group called “Dads on Duty.” It ignited a desire in 40 fathers to sign up and take shifts at Southwood High School in Shreveport. Their goal is to simply maintain a peaceful environment, and thus far, it’s been profoundly successful, CBS News reported.

Although none of the fathers have a “pedigree” of expertise, i.e. degrees in school counseling or criminal justice, they do have some relevant experience, namely concerned parents who have a shared, invested interest in a safe learning environment for their kids.

“We’re dads. We decided the best people who can take care of our kids are who? Are us,” LaFitte told the news outlet.


School violence increased last month, when ongoing fights resulted in 23 teen arrests over three days. Sept. 16 was an extremely violent day, which led to 14 arrests after two major fights erupted, requiring the school’s resource officer to call for backup officers to respond, Fox reported.

“We had a fight at 9:30,” Caddo Parish Sheriff Steve Prator said at the time, according to KSLA. “I believe that there were seven kids that were. I call them kids, that sounds innocent. Seven of these thugs were expelled or sent home.”

However, since “Dads on Duty” was launched and deployed, there have been no instances of violence. Moreover, some students said their presence has helped the environment at the school, CBS reported.


“I immediately felt a form of safety,” one of the students said. “We stopped fighting; people started going to class.”

“You ever heard of ‘a look?’” one student asked while describing a “power” the student said all fathers have.

Furthermore, students say the fathers bring a sense of security as they crack “dad jokes” while interacting with teens in the hallways.

“They just make funny jokes like, ‘Oh, hey, your shoe is untied,’ but it’s really not untied,” one student told CBS.

“The school has just been happy — and you can feel it,” another student said.

As teen violence has also increased in other locales, the fathers said they will keep with the program indefinitely and would like to start chapters throughout Louisiana and even the country.

“Because not everybody has a father figure at home – or a male, period, in their life. So just to be here makes a big difference,” the group of dads said.

Microsoft Reveals Continued Hacks of Technology Companies

Posted on by

The Russia-linked hackers behind last year’s compromise of a wide swath of the U.S. government and scores of private companies, including SolarWinds Corp. , have stepped up their attacks in recent months, breaking into technology companies in an effort to steal sensitive information, cybersecurity experts said.

In a campaign that dates back to May of this year, the hackers have targeted more than 140 technology companies including those that manage or resell cloud-computing services, according to new research from Microsoft Corp. The attack, which was successful with as many as 14 of these technology companies, involved unsophisticated techniques like phishing or simply guessing user passwords in hopes of gaining access to systems, Microsoft said.

***SolarWinds Hackers Accessed US Justice Department Email ...

Source: In a recent blog post to the company’s website, Microsoft’s corporate vice president of customer security and trust, Tom Burt, wrote that “state actor Nobelium has been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain.”

Nobelium is “attacking a different part of the supply chain: resellers and other technology service providers that customize, deploy and manage cloud services and other technologies on behalf of their customers,” according to the company.

Burt wrote that 609 Microsoft customers had been informed that they’d been attacked between July and October of this year close to 23,000 times “with a success rate in the low single digits.”

The attacks, according to the executive, were not aimed at a specific flaw in any of the systems, rather, they were “password spray and phishing” attacks, which are aimed at stealing credentials that grant the attackers access to privileged information.

The Russian state-backed hacking group is, according to Burt, “trying to gain long-term, systematic access to a variety of points in the technology supply chain, and establish a mechanism for surveilling – now or in the future – targets of interest to the Russian government.”

***

Over 600 Microsoft customers targeted since July

“Since May, we have notified more than 140 resellers and technology service providers that have been targeted by Nobelium,” said Tom Burt, Corporate Vice President at Microsoft.

“We continue to investigate, but to date we believe as many as 14 of these resellers and service providers have been compromised.”

As Burt added, in all, more than 600 Microsoft customers were attacked thousands of times, although with a very low rate of success between July and October.

“These attacks have been a part of a larger wave of Nobelium activities this summer. In fact, between July 1 and October 19 this year, we informed 609 customers that they had been attacked 22,868 times by Nobelium, with a success rate in the low single digits,” Burt said.

“By comparison, prior to July 1, 2021, we had notified customers about attacks from all nation-state actors 20,500 times over the past three years.”

Nobelium MSP attacks
Nobelium MSP attacks (Microsoft)

This shows that Nobelium is still attempting to launch attacks similar to the one they pulled off after breaching SolarWinds’ systems to gain long-term access to the systems of targets of interest and establish espionage and exfiltration channels.

Microsoft also shared measures MSPs, cloud service providers, and other tech orgs can take to protect their networks and customers from these ongoing Nobelium attacks.

Nobelium’s high profile targets

Nobelium is the hacking division of the Russian Foreign Intelligence Service (SVR), also tracked as APT29, Cozy Bear, and The Dukes.

In April 2021, the U.S. government formally blamed the SVR division for coordinating the SolarWinds “broad-scope cyber espionage campaign” that led to the compromise of multiple U.S. government agencies.

At the end of July, the US Department of Justice was the last US govt entity to disclose that 27 US Attorneys’ offices were breached during the SolarWinds global hacking spree.

In May, the Microsoft Threat Intelligence Center (MSTIC) also reported a phishing campaign targeting government agencies from 24 countries.

Earlier this year, Microsoft detailed three Nobelium malware strains used for maintaining persistence on compromised networks: a command-and-control backdoor dubbed ‘GoldMax,’ an HTTP tracer tool tracked as ‘GoldFinder,’ a persistence tool and malware dropper named ‘Sibot.’

Two months later, they revealed four more malware families Nobelium used in their attacks: a malware downloader known as ‘BoomBox,’ a shellcode downloader and launcher known as ‘VaporRage,’ a malicious HTML attachment dubbed ‘EnvyScout,’ and a loader named ‘NativeZone.’

Meet The White Coat Waste Project and Poor Harvey

Posted on by

The poor Beagles….animal abuse and death…you’re paying for it too.

.White Coat Waste Project is a taxpayer watchdog group representing more than 2 million liberty-lovers and animal-lovers who all agree: taxpayers shouldn’t be forced to pay over $20 billion every year for wasteful and cruel experiments on dogs, cats, monkeys and other animals.

36 Beagles to Be Released From Michigan Animal Testing Lab .... There are even beagle puppy farms….

And it could be that other deadly disgusting nefarious testing is going on with the approval of our own government agencies….check this out —>

In part: According to the most recent reports, approximately 60,000 dogs are used in testing and research in the United States each year, with an additional 6,500 dogs reported as being held in laboratories but not yet used. The Michigan lab alone used thousands of beagles and hounds last year in testing for companies seeking federal approval for potentially poisonous products, like pharmaceuticals and pesticides (fungicides). Harvey and the other dogs who were at the lab during our investigation were bought from two major breeders, Marshall BioResources and Covance Research, which sell specifically to laboratories. Marshall had 22,000 dogs at its facility in New York at the time of a U.S. Department of Agriculture inspection in 2018. Beagles are most commonly used in research because of their docile nature.

The Charles River Laboratories now has 36 beagles in its facility for a pesticide test commissioned by Dow AgroSciences (now known as Corteva), and we need your help to get those beagles out.

The test, which involves force-feeding the dogs with various doses of a fungicide each day for a full year, has been universally deemed as unnecessary, including by Dow scientists. Dow itself has actively advocated for eliminating this test in numerous countries, and we have been grateful for Dow’s work in the past. When we reached out to the company, we were told the test is required in Brazil. The country has taken steps to remove the one-year dog test from its pesticide requirements, but the changes haven’t been formally adopted yet. When Humane Society International swiftly contacted Brazilian regulatory authorities, we received a response that they were readily granting waiver requests from companies to forego this test. Dow asked for a more formal assurance from Brazil to end the dog study already underway, which HSI obtained, but Dow’s regulatory affairs division now says they need additional confirmation that their specific pesticide product will be approved without the dog study results before ending the study.

Our discussions with Dow have hit an impasse and meanwhile, time is running out for the Dow beagles. Unless we act fast, these 36 dogs will likely die for a test that is not needed.

It is too late to help Harvey and the other dogs seen during our investigation. But with your help, we can make a difference for these 36 dogs still at Charles River. Please join us in asking Dow to immediately end the test and release the beagles to us. We will work on getting them placed into loving homes, even as we continue to work toward the day when invasive testing on dogs becomes a thing of the past.

 

Supply Chain Crisis and Where is the Defense Production Act?

Posted on by

What is the Defense Production Act?

The Defense Production Act is the primary source of presidential authorities to expedite and expand the supply of materials and services from the U.S. industrial base needed to promote the national defense. DPA authorities are available to support: emergency preparedness activities conducted pursuant to title VI of the Stafford Act; protection or restoration of critical infrastructure; and efforts to prevent, reduce vulnerability to, minimize damage from, and recover from acts of terrorism within the United States. DPA authorities may be used to:

  • Require acceptance and preferential performance of contracts and orders under DPA Title I. (See Federal Priorities and Allocations System (FPAS).)
  • Provide financial incentives and assistance (under DPA Title III) for U.S. industry to expand productive capacity and supply needed for national defense purposes;
  • Provide antitrust protection (through DPA voluntary agreements in DPA Title VII) for businesses to cooperate in planning and operations for national defense purposes, including homeland security.

But national security? Yes. We remain the midst of the Covid 19 pandemic and those affected could and often are our protectors, not only medically but when it comes to legally or militarily.

While we are fretting over shortages and necessities in our daily lives there are two real areas of major concern, they are medicines and micro-chips (semiconductors) used for advanced technology of many varieties.

China Is Getting Ready to Take On the World's Biggest ...

Basic medicines in use either by prescription or over the counter are manufactured in Asia, mostly China that is. It is a fact we learned in the early days of the pandemic. Imagine now that we are faced with a shortage of antibiotics, insulin, aspirin or Lasix and Dyazide. Could we once again face personal protection equipment shortages?

DOD Announces $74.9 Million in Defense Production Act ...

When it comes to semiconductors, the following is important to know:

In part from a senate committee: To mitigate supply chain risks and ensure that semiconductors used in sensitive military systems do not have malware embedded in them, in 2004 the Department of Defense established the “Trusted Foundry Program.” Under this program the government identifies companies deemed secure and trustworthy enough to produce chips exclusively for the military. Two facilities currently operate under this program, one in Vermont and one in New York.

The program only produces a small percentage of the nearly 2 billion semiconductors DOD acquires each year. Some observers have expressed concern that the trusted foundries are falling behind technologically compared to commercial fabrication facilities in East Asia. This could leave the U.S. military at a technological disadvantage to China and other countries that buy superior chips.

In 2017, the Defense Advanced Research Projects Agency launched the Electronics Resurgence Initiative, which seeks to address market and technological trends and challenges in the microelectronics sector.

Sounds shaky right? It is as we need results and we need them now. So where is that order by the Biden administration for the Defense Production Act which would jump start real action in all the various reasons for the log jam at ports around the United States? There is no one single reason for the cargo ships being stacked up in Long Beach, Los Angeles, Port Houston, Savannah to name a few.

The United States can relieve the cargo pressures immediately by deploying the National Guard, signing waivers on regulations and by stopping all the financial payments that encourage people to simply not go to work.


The BBC reports in part: 

The shortages hitting countries around the world

A “perfect storm” in China is hitting shoppers and businesses at home and overseas.

It is affecting everything from paper, food, textiles and toys to iPhone chips, says Dr Michal Meidan from the Oxford Institute for Energy Studies.

She says these items “may end up being in short supply this Christmas”.

Then there is the Department of Transportation and the Secretary has been absent….his involvement in this?

Maritime administration –>

U.S. maritime ports are critical links in the U.S. domestic and international trade supply-chain.  Ports serve as centers of commerce where freight and commodities are transferred between cargo ships, barges, trucks, trains, and pipelines.

The Port Infrastructure Development Program supports the efficient movement of commerce upon which our economy relies through discretionary grant funding that helps strengthen, modernize, and improve our country’s maritime systems and gateway ports. Grants are awarded on a competitive basis and support the Nation’s long-term economic vitality.

Port Infrastructure Development grants provide planning, operational and capital financing, and project management assistance to improve port capacity and operations.

Authorization History

The Port Infrastructure and Development Program was authorized by Congress as part of the National Defense Authorization Act for Fiscal Year 2010 (Public Law 111-84). The legislation states that “The Secretary of Transportation, through the Maritime Administrator, shall establish a port infrastructure development program for the improvement of port facilities.”

The law specifically authorizes the Administrator to:

  1. Receive funds provided for the project from Federal, non-Federal, and private entities that have a specific agreement or contract with the Administrator to further the purposes of this subsection;
  2. Coordinate with other Federal agencies to expedite the process established under the National Environmental Policy Act of 1969 (42 U.S.C. 4321 et seq.) for the improvement of port facilities to improve the efficiency of the transportation system, to increase port security, or to provide greater access to port facilities;
  3. Seek to coordinate all reviews or requirements with appropriate local, State, and Federal agencies; and
  4. Provide such technical assistance and financial assistance, including grants, to port authorities or commissions or their subdivisions and agents as needed for project planning, design, and construction.

The authorizing legislation also established a Port Infrastructure Development Fund for use by the Administrator in carrying out projects under the program. The fund is available for the Administrator to:

  1. Administer and carry out projects under the program;
  2. Receive Federal, non-Federal, and private funds from entities which have specific agreements or contracts with the Administrator; and
  3. Make refunds for projects that will not be completed.

There are also additional legislative provisions for the crediting and transfer of monies into the fund.