The Nexus of Extremism and Trafficking: Scourge of the World or So Much Hype? (PDF)
Source: Joint Special Operations University (DoD)
In a globalized and increasingly interconnected world, the transfer of information, expertise, and relationships are becoming more complex and more commonplace. The interconnectedness of criminal organizations that span not only countries but across regions of the globe is troubling. However, more troubling is the possibility of the linking of transnational criminal organizations with insurgent and terrorist organizations as addressed in this work by Brigadier General (retired) Russ Howard and Ms. Colleen Traughber. The radical ideologies propagating politically motivated violence now have the opportunity to leverage and participate in traditionally criminal enterprises. This melding of form and function provides criminals with new networks and violent extremists with new funding sources and potential smuggling opportunities.
General Howard and Ms. Traughber delve into the nexus between violent extremist elements and transnational criminal elements by first clarifying whether a real problem exists, and if so, what is the appropriate role for Special Operations Forces (SOF) in confronting it. The authors bring rigor to the subject matter by dissecting the issue of intention and opportunities of criminal organization and violent extremists. The question is confounded by the authors who note the wide variance in the motivations and opportunities of both different criminal organizations and extremist organizations. What the authors do make clear is that the trafficking of humans, weapons, drugs, and contraband (HWDC) is a natural way for the criminals and extremists to cooperate.
FinCEN Issues Guidance to Financial Institutions on Marijuana Businesses
Source: Financial Crimes Enforcement Network
The Financial Crimes Enforcement Network (FinCEN), in coordination with the U.S. Department of Justice (DOJ), today issued guidance that clarifies customer due diligence expectations and reporting requirements for financial institutions seeking to provide services to marijuana businesses. The guidance provides that financial institutions can provide services to marijuana-related businesses in a manner consistent with their obligations to know their customers and to report possible criminal activity.
Providing clarity in this context should enhance the availability of financial services for marijuana businesses. This would promote greater financial transparency in the marijuana industry and mitigate the dangers associated with conducting an all-cash business. The guidance also helps financial institutions file reports that contain information important to law enforcement. Law enforcement will now have greater insight into marijuana business activity generally, and will be able to focus on activity that presents high-priority concerns.
Survey of State Criminal History Information Systems, 2012 (PDF)
Source: Bureau of Justice Statistics
This is the twelfth survey of criminal history information systems conducted by SEARCH, The National Consortium for Justice Information and Statistics, since 1989. Some of the tables include data from previous surveys. Caution should be used in drawing comparisons between the results of earlier surveys and the data reported here. Over the course of the survey years, the U.S. Department of Justice, Bureau of Justice Statistics (BJS), has continued to administer assistance programs dedicated to improving criminal history records. As a result, some states focused new or additional resources on the condition of their records and, in many cases, know more about their records today than in the past. Similarly, expansion, advancement, and adoption of technology have also made a beneficial impact. Some state repositories, however, have suffered fiscal cutbacks and consequently have had to shift priorities away from certain criminal history information management tasks. For these and other reasons, trend comparisons may not as accurately reflect the status of each state’s criminal history records as the current data considered alone.
Security Tip (ST14-001) — Sochi 2014 Olympic Games
Source: U.S. Computer Emergency Readiness Team
Whether traveling to Sochi, Russia for the XXII Olympic Winter Games, or viewing the games from locations abroad, there are several cyber-related risks to consider. As with many international level media events, hacktivists may attempt to take advantage of the large audience to spread their own message. Additionally, cyber criminals may use the games as a lure in spam, phishing or drive-by-download campaigns to gain personally identifiable information or harvest credentials for financial gain. Lastly, those physically attending the games should be cognizant that their communications will likely be monitored.
Worldwide Threat Assessment of the US Intelligence Community (PDF)
Source: Office of the Director of National Intelligence
Several critical governmental, commercial, and societal changes are converging that will threaten a safe and secure online environment. In the past several years, many aspects of life have migrated to the Internet and digital networks. These include essential government functions, industry and commerce, health care, social communication, and personal information. The foreign threats discussed below pose growing risks to these functions as the public continues to increase its use of and trust in digital infrastructures and technologies.
Russia and China continue to hold views substantially divergent from the United States on the meaning and intent of international cyber security. These divergences center mostly on the nature of state sovereignty in the global information environment and states’ rights to control the dissemination of content online, which have long forestalled major agreements. Despite these challenges, the United Nations Group of Governmental Experts concluded in a June 2013 report that international law and the UN Charter apply to cyberspace. This conclusion represents a substantive step forward in developing a legal framework and norms for cyber security.
United Nations Convention on the Rights of the Child — Concluding observations on the report submitted by the Holy See
Concluding observations on the report submitted by the Holy See (PDF)
Source: United Nations
The Committee is concerned that in dealing with cases of child pornography committed by members of the clergy, the Holy See has failed to ensure children’s right to express their views and have them given due weight, and that the Holy See has given preceden ce to the preservation of the reputation of the church over children’s rights to have their best interests taken as a primary consideration. The Committee is concerned that in doing so, the Holy See has undermined the prevention of offences under the Optional Protocol and the capacity of child victims to report them and therefore contributed to the impunity of the perpetrators and created further trauma for child victims of offences.
Human Smuggling and Trafficking into Europe: A Comparative Perspective (PDF)
Source: Migration Policy Institute
Human smuggling and trafficking are rapidly growing transnational criminal activities in Europe, where the demand to enter for work or to escape dire political or economic situations in migrant-sending countries exceeds the legal migration opportunities. The problem has become a high priority for EU Member States, and is especially challenging given Europe’s relatively porous borders. This report examines the factors and facilitators at play and assesses policy solutions.
The Federal Government’s Track Record on Cybersecurity and Critical Infrastructure (PDF)
Source: U.S. Senate Homeland Security and Governmental Affairs Committee (Minority Staff)
From press release (Senator Tom Coburn, R-OK):
The report details serious vulnerabilities in the government’s efforts to protect its own civilian computers and networks, and the critical, sensitive information they contain.
The report compiles problems identified in over 40 audits, investigations and reviews by agency Inspectors General, the Government Accountability Office and others. In many cases, simple fixes like using stronger passwords, and applying patches and updates in a timely manner, would fix critical vulnerabilities.
Sexually Abusive Behavior Prevention and Intervention Program
Source: National Institute of Corrections
This document intends to “provide a written policy that implements zero tolerance toward all forms of sexual activity, including sexual abuse and sexual harassment, and to provide guidelines to address the following prohibited and/or illegal sexually abusive behavior involving: Inmate perpetrator against staff victim; Inmate perpetrator against inmate victim; [and] Staff perpetrator against inmate victim. This policy also covers incidents involving contractors and volunteers. These guidelines are provided to: Help detect incidents, perpetrators, and inmate victims of sexually abusive behavior; Help prevent sexually abusive behavior; Educate staff to intervene properly and in a timely manner; Document, report, and investigate reported incidents; [and] Discipline and/or prosecute perpetrators” (p. 1). Procedures explain: prevention planning; responsive planning; training and education; screening for risk of sexual victimization and abusiveness; reporting; official response following an inmate report; investigations; discipline; medical and mental care; data collection and review; and audits. Also attached is the “PREA Intake Objective Screening Instrument”.
Intimate partner violence among women with mental health-related activity limitations: a Canadian population based study
There is strong evidence that women with serious or chronic mental illness experience higher rates of violence than women in the general population. Our objective was to examine the risk of intimate partner violence (IPV), a form of violence that is often recurrent and linked to negative physical and psychological consequences, among a representative sample of non-institutionalized women with activity limitations (ALs) due to a mental health condition.
Data from the 2009 General Social Survey were used, a national, population-based, cross-sectional survey. The sample included 6851 women reporting contact with a current or former partner in the previous five years, of whom 322 (4.7%) reported a mental health-related AL always/often or sometimes.
The prevalence of any type of IPV was highest among women with mental health-related ALs always/often (54.4%), followed by women reporting ALs sometimes (49.9%), and those reporting no ALs (18.3%, p < 0.0001). The same pattern was observed for emotional (51.1%, 45.5%, 16.3%, p < 0.0001) and financial IPV (18.1%, 9.5%, 4.0%, p < 0.0001). For physical/sexual violence, rates were similar among women reporting mental health-related ALs always/often and sometimes, but were lower among those reporting no ALs (20.2%, 20.9%, 5.9%, p < 0.0001). In a logistic regression analysis the odds of having experienced any IPV remained greater for women reporting ALs always/often (OR = 3.65; 95% CI: 2.10, 6.32) and sometimes (OR = 3.20; 95% CI: 2.15, 4.75) than those reporting no ALs. Several social capital variables, including perceptions of having experienced discrimination, a weak sense of belonging in their local community, and low trust toward family members and strangers were also significantly associated with having experienced IPV.
Findings suggest that women with mental health-related ALs may be at increased risk of IPV. Health and social service providers may need, therefore, to better target prevention and intervention initiatives to this population.
New GAO Reports
Source: Government Accountability Office
1. Child Welfare: Federal Agencies Can Better Support State Efforts to Prevent and Respond to Sexual Abuse by School Personnel. GAO-14-42, January 27.
Highlights – http://www.gao.gov/assets/670/660376.pdf
2. Homeowners Insurance: Multiple Challenges Make Expanding Private Coverage Difficult. GAO-14-179, January 30.
Highlights – http://www.gao.gov/assets/670/660530.pdf
3. Imminent Danger Pay: Actions Needed Regarding Pay Designations in the U.S. Central Command Area of Responsibility. GAO-14-230R, January 30.
Increased Cyber Security Can Save Global Economy Trillions
Source: World Economic Forum
Failing to improve cyber security could cost the world economy and lead to more frequent cyberattacks, according to a new report released today by the World Economic Forum in collaboration with McKinsey & Company.
The Risk and Responsibility in a Hyperconnected World report addresses options that institutions can take to improve cyber resilience and mitigate the economic and strategic impact of such attacks. With the recent proliferation of cyberattacks, corporate executives need to devote increasing attention to protecting information assets and on-line operations.
The report notes that major technology trends, including massive analytics, cloud computing and big data, could create between US$ 9.6 trillion and $US 21.6 trillion in value for the global economy. However, if attacker sophistication outpaces defender capabilities – resulting in more destructive attacks – a wave of new regulations and corporate policies could slow innovation, with an aggregate impact of approximately US$ 3 trillion by 2020.
New GAO Reports
Source: Government Accountability Office
1. Critical Infrastructure Protection: More Comprehensive Planning Would Enhance the Cybersecurity of Public Safety Entities’ Emerging Technology. GAO-14-125, January 28.
Highlights - http://www.gao.gov/assets/670/660403.pdf
2. Servicemembers Civil Relief Act: Information on Mortgage Protections and Related Education Efforts. GAO-14-221, January 28.
Highlights - http://www.gao.gov/assets/670/660397.pdf
Identity Theft: Trends and Issues (PDF)
Source: Congressional Research Service (via Federation of American Scientists)
In the current fiscal environment, policymakers are increasingly concerned with securing the economic health of the United States—including combating those crimes that threaten to undermine the nation’s financial stability. Identity theft is one such crime. In 2012, about 12.6 million Americans were reportedly victims of identity fraud, and the average identity fraud victim incurred a mean of $365 in costs as a result of the fraud. Identity theft is often committed to facilitate other crimes such as credit card fraud, document fraud, or employment fraud, which in turn can affect not only the nation’s economy but its security. Consequently, in securing the nation and its economic health, policymakers are also tasked with reducing identity theft and its impact.
Violence at work can manifest itself in many ways. The variety of negative behaviour covered under the general umbrella term of workplace violence is so large and diverse that it makes it difficult to adopt a unified and integrated approach dealing with all the forms of workplace violence. Foundation Findings provide pertinent background information and policy pointers for all actors and interested parties engaged in the current European debate on the future of social policy. The contents are based on Eurofound research and reflect its autonomous and tripartite structure.
Survey of Sexual Violence in Adult Correctional Facilities, 2009–11 – Statistical Tables
Source: Bureau of Justice Statistics
Presents jurisdiction- and facility-level counts of allegations and substantiated incidents of nonconsensual sexual acts, abusive sexual contacts, staff sexual misconduct, and staff sexual harassment reported by correctional authorities in adult prisons, jails, and other correctional facilities in 2009, 2010, and 2011. Facilities include the Federal Bureau of Prisons, state prison systems, facilities operated by the U.S. military and Immigration and Customs Enforcement, sampled jail jurisdictions, privately operated jails and prisons, and jails in Indian country. These tables accompany Sexual Victimization Reported by Adult Correctional Authorities, 2009–11, which provides national estimates and rates of sexual victimization as well as an in-depth examination of substantiated incidents, covering the number and characteristics of victims and perpetrators, location, time of day, nature of the injuries, impact on the victims, and sanctions imposed on the perpetrators. Data are from the Bureau of Justice Statistics’ Survey of Sexual Violence (SSV), which has annually collected official records on allegations and substantiated incidents of inmate-on-inmate and staff-on-inmate sexual victimization since 2004.
The chronic gap between the incomes of the richest and poorest citizens is seen as the risk that is most likely to cause serious damage globally in the coming decade, according to over 700 global experts that contributed to the World Economic Forum’s Global Risks 2014 report, released today.
Taking a 10-year outlook, the report assesses 31 risks that are global in nature and have the potential to cause significant negative impact across entire countries and industries if they take place. The risks are grouped under five classifications – economic, environmental, geopolitical, societal and technological – and measured in terms of their likelihood and potential impact.
Most likely global risks: After income disparity, experts see extreme weather events as the global risk next most likely to cause systemic shock on a global scale. This is followed by unemployment and underemployment, climate change and cyberattacks.
Most potentially impactful global risks: Fiscal crises feature as the global risk that experts believe has the potential to have the biggest impact on systems and countries over the course of the next 10 years. This economic risk is followed by two environmental risks – climate change and water crises – then unemployment and underemployment, and then critical information infrastructure breakdown, a technological risk.
Source: Centre for the Protection of National Infrastructure (UK)
Spear Phishing is a type of cyber-attack used by a range of adversaries to steal information or cause disruption to an organisation’s business. This CPNI guidance introduces how these attacks work, their success rate, whether you are likely to be targeted and the steps an organisation can take to manage the business risks.
Who is this aimed at?
The document is aimed at IT Security managers and employees looking to understand more around the threat from Spear Phishing and ways they can protect their organisation.
- How does Spear Phishing work?
- Online Reconnaissance
- Construction of Spear Phishing emails
- Spear Phishing via web browsers
- The business impact of Spear Phishing
- How to defend against Spear Phishing