Itacg Guide for First Responders

Interagency Threat Assessment and Coordination Group

I N T E L L I G EN EN C E G U I D E F OR F I R S T R E S P O N D ER S

Legal Disclaier Nothing in this handbook shall be construed to impair or otherwise affect the authority granted by law to a department or agency, or the head thereof. Additionally, the handbook is not intended to, and does not, create any right

or benet, substantive or procedural, enforceable at law or in equity, by any party against the United States, its departments, agencies or entities, its

ofcers, employees, or agents, or any other person.

i

Table of ConTenTs

I

II

GENERAL 1

Introducon

5

What is Intelligence? 8

The Intelligence Community

10

The Intelligence Cycle

12

Categories of Finished Intelligence

HOW TO 17

Handling of “Controlled Unclassied Informaon”

21

Security Clearances

25

What Intelligence Can and Cannot Do

ii

III

29

Intelligence Products Typically Available to First Responders

35

Accessing Intelligence Community Products

41

Understanding Threat Informaon

49

Understanding Esmave Language

REFERENCE 55

Intelligence Community Terminology

85

Intelligence Community Acronyms and Abbreviaons

ITaCG:

intelligence guide for first responders

SECTION

I

General

s r e d n o p s e r t s r i f r o f e d i u g e c n e g i l l e t n i

: G C a T I

01 InTroduCTIon

n o i t c u d o r t n i

2

|


InTroduCTIon This Interagency Threat Assessment and Coordinaon Group (ITACG) Intelligence Guide for First Responders is designed to assist state, local, tribal law enforcement, reghng, homeland security, and appropriate private sector personnel in accessing and understanding Federal counterterrorism, homeland security, and weapons of mass destrucon intelligence reporng. Most of the informaon contained in this guide was compiled, derived, and adapted from exisng Intelligence Community and open source references. The ITACG consists of state, local, and tribal rst responders and federal intelligence analysts from the Department of Homeland Security and the Federal Bureau of Invesgaon, working at the Naonal Counterterrorism Center (NCTC) to enhance the sharing of federal counterterrorism, homeland security, and weapons of mass destrucon informaon with state, local, and tribal consumers of intelligence.

3

i n t e l l i g e n c e g u i d e f o r f i r s t r e s p o n d e r s

| i n t r o d u c t i o n

Fig.1 - Current and former members of the ITACG Detail; clockwise from the top: New Jersey State Police, Seale Fire Department, Federal Bureau of Invesgaon, Boston Police Department, Illinois State Po lice, Phoenix Police Department (2007-2008), Six Naons Tuscarora, Las Vegas Police Department, Department of Homeland Security, DC Metropolitan Police (2008-2009)


: G C a T I

05 WhaT Is InTellIGenCe ?

n o i t c u d o r t n i

|


6

WhaT Is

InTellIGenCe?1

“Intelligence is the product resulting from the collection, processing, integration, evaluation, analysis, and interpretation of available information concerning foreign nations, hostile or potentially hostile forces or elements, or areas of actual or potential operations. The term is also applied to the activity which results in the product and to the organizations engaged in such activity.” 22 June 2007 edition of Joint Pub 2-0, Joint Intelligence There

are

sIx

basIC InTellIGenCe sourCes

2

:

Signals Intelligence (SIGINT) is derived from the exploitaon of foreign electronic emissions. SIGINT can be in the form of the actual informaon content of a signal or in the form of its temporal and spectral characteriscs called signal operang parameters. SIGINT includes both the raw data and the analysis product of that data. SIGINT breaks down into four sub disciplines: Electronic Intelligence (ELINT), Communicaons Intelligence (COMINT), Foreign Instrumentaon Signals Intelligence (FISINT), and weapons-related Command and Control Signals (PROFORMA). Imagery Intelligence (IMINT) is a product that is the result of processing and exploing raw imagery (informaon) and creang an analyzed product (intelligence). An image alone is only informaon in the form of pixels, digits, or other forms of graphic representaon and the data behind that portrayal. When studied for content with an understanding of portrayal, imaging processes, and the place, objects and me captured by that process, or through comparison to other images and consideraon in light of other informaon or intelligence, imagery intelligence (IMINT) can be created.

7

Measurement and Signature Intelligence (MASINT) is scienc and technical intelligence informaon obtained by quantave and qualitave analysis of data (metric, angle, spaal, wavelength, me dependence, modulaon, plasma, and hydromagnec) derived from spe cic technical sensors for the purpose of idenfying any disncve features associated with the source, emier, or sender and to facilitate subsequent idencaon and/or measurement of the same. Human-Source Intelligence (HUMINT) is intelligence derived from human beings who may act as both sources and collectors, and where the human is the primary collecon instrument. This includes all forms of intelligence gathered by humans, from direct reconnaissance and obser-

vaon to the use of recruited agents. HUMINT may also encompass interrogaon techniques, including the process of quesoning detainees conducted in compliance with U.S. law and regu laon, internaonal law, execuve orders, and other operaonally specic guidelines. HUMINT can provide a wide range of informaon which includes but is not limited to adversary plans and intenons, deliberaons and decisions, research and development goals and strategies, doctrine, leadership, polical or military relaonships, weapons systems, physical and cultural infrastructure, and medical condions. HUMINT can oen collect informaon that is dicult or somemes impossible to collect by other, more technical, means. Open-Source Intelligence (OSINT) is unclassied informaon of potenal intelligence value that is available to the general public. Geospaal Intelligence (GEOINT) is the intelligence derived from the exploitaon of imagery and geospaal informaon to describe, assess, and visually depict physical features and geo graphically referenced acvies on the Earth.


| i n t r o d u c t i o n

e c n e g i l l e t n i s i t a h w

|


8

The

InTellIGenCe

CommunITy

3

“The United States intelligence effort shall provide the President, the National Security Council, and the Homeland Security Council with the necessary information on which to base decisions concerning the development and conduct of foreign, defense and economic policy, and the protection of United States national interests from foreign security threats. All departments and agencies shall cooperate fully to fulfill this goal.” Executive Order 12333 The Intelligence Community (IC) is a federaon of execuve branch agencies and organizaons that work separately and together to conduct intelligence acvies necessary for the conduct of foreign relaons and the protecon of the naonal security of the United States. These acvies include: • Collecon of informaon needed by the president, the Naonal Security Coun -

• •

• • •

cil, the Secretaries of State and Defense, and other Execuve Branch ocials for the performance of their dues and responsibilies; Producon and disseminaon of intelligence; Collecon of informaon concerning, and the conduct of acvies to protect against, intelligence acvies directed against the U.S., internaonal terrorist and internaonal narcocs acvies, and other hosle acvies directed against the U.S. by foreign powers, organizaons, persons, and their agents. Special acvies; Administrave and support acvies within the U.S. and abroad necessary for the performance of authorized acvies; and Such other intelligence acvies as the President may direct from me to me.

9

The Intelligence Community (IC) refers to those agencies and organizaons involved in intelligence acvies: 4 • Air Force Intelligence • Army Intelligence • Central Intelligence Agency (CIA) • Coast Guard (USCG) • Defense Intelligence Agency (DIA) • Department of Energy (DoE) Oce of Intelligence • Department of Homeland Security (DHS), Oce of Intelligence

and Analysis • Department of State Bureau of Intelligence and Research (INR) • Department of the Treasury (DoT), Treasury Oce of Terrorism

and Financial Intelligence • Oce of the Director of Naonal Intelligence (ODNI) • Drug Enforcement Administraon (DEA), Oce of Naonal

Security Intelligence • Federal Bureau of Invesgaon (FBI), Naonal Security Branch • Marine Corps Intelligence • Naonal Geospaal-Intelligence Agency (NGA) • Naonal Reconnaissance Oce (NRO) • Naonal Security Agency (NSA) • Naval Intelligence


| w h a t i s i n t e l l i g e n c e


|


10

The

InTellIGenCe

CyCle

5

The intelligence cycle is the process of developing raw informaon into nished intelligence for policymakers, military commanders, and other consumers to use in decision-making and acons. Five steps constute the intelligence cycle: 1. Planning and Direcon: Establishing the intelligence requirements of the policymakers – the President, the Naonal Security Council, military commanders, and other ocials in major departments and governmental agencies. 2. Collecon: Gathering of raw data from which nished intelligence is pro duced. There are six basic intelligence sources, or collecon disciplines: a. b. c. d. e. f.

Signals Intelligence (SIGINT) Imagery Intelligence (IMINT) Measurement and Signature Intelligence (MASINT) Human-Source Intelligence (HUMINT) Open-Source Intelligence (OSINT) Geospaal Intelligence (GEOINT)

3. Processing and Exploitaon: Conversion of large amounts of data to a form suitable for the producon of nished intelligence; includes transla ons, decrypon, and interpretaon of informaon stored on lm and mag nec media through the use of highly rened photographic and electronic processes.

11

4. Analysis and Producon: Integraon, evaluaon, and analysis of all avail able data and the preparaon of a variety of intelligence products, including mely, single-source, event-oriented reports and longer term, all-source, nished intelligence studies. 5. Disseminaon: Delivering the products to consumers who request them. Some intelligence informaon is sent directly to consumers, usually by electronic means, because it is self-explanatory. More oen, analysts check informaon to see how it relates to other informaon they have received. They evaluate the informaon and make comments. When informaon has been reviewed and correlated with informaon available from other sources, it is called nished intelligence.




|


12

CaTeGorIes of fInIshed InTellIGenCe 6 There are ve categories of nished intelligence available to the consumer of intelligence: 1. Current intelligence addresses day-to-day events, seeking to apprise consumers of new developments and related background, to assess their signicance, to warn of their near-term consequences, and to signal potenally dangerous situaons in the near future. Current intelligence is presented in daily, weekly, and some monthly publicaons, and frequently in ad hoc wrien memorandums and oral briengs to senior ocials. 2. Esmave intelligence looks forward to assess potenal developments that could aect U.S. naonal security. Like all kinds of intelligence, esmave intelligence starts with the available facts, but then explores the unknown, even the unknowable. Esmave intelligence helps policymakers to think strategically about long-term threats by discussing the implicaons of a range of possible outcomes and alternave scenarios. Naonal Intelligence Esmates, which are esmave reports produced by the Naonal Intelligence Council, are the Director of Naonal Intelligence’s (DNI) most authoritave wrien assessments of naonal security issues.

13

3. Warning intelligence sounds an alarm or gives noce to policymakers. It connotes urgency and implies the potenal need for policy acon in response. Warning includes idenfying or forecasng events that could cause the engagement of U.S. military forces, or those that would have a sudden and deleterious eect on U.S. foreign policy concerns (for example, coups, third-party wars, refugee situaons). Warning analysis involves exploring alternave futures and low probability/high impact scenarios. The Naonal Intelligence Ocer (NIO) for Warning serves as the DNI’s and the IC’s principal adviser on warning. All agencies and intelligence stas have designated warning components, and some have specic warning responsibilies. 4. Research intelligence is presented in monographs and in-depth studies by virtually all agencies. Research underpins both current and esmave intelligence.




|


14

5. Scienc and technical intelligence includes informaon on technical developments and characteriscs, performance, and capabilies of foreign technologies including weapon systems or subsystems. This informaon is derived from analysis of all-source data, including technical measurements. Generally, such technical analysis and reporng responds to specic naonal requirements derived from the weapons acquision process, arms control negoaons, or military operaons. It covers the enre spectrum of sciences, technologies, weapon systems, and integrated operaons. This type of intelligence is provided to consumers via in-depth studies, detailed system handbooks, execuve summaries, focused assessments and briefs, and automated databases.

ITaCG:: ITaCG


SECTION

II

hoW To


: G C a T I

17 handlInG of “ConTrolled unClassIfIed InformaTIon”

n o i t a m r o f n i

18

” y

l n o e s u l a i c i f f o r o f

handlInG

“CONTROLLED

“

uNCLASSIFIED INFORmATION”

|

Controlled Unclassied Informaon (CUI) is a categorical designaon that refers to unclassied informaon that does not meet the standards for Naonal Security Classicaon under Execuve Order 12958, as amended, but is pernent to the naonal interests of the United States or to the important interests of enes outside the Federal Government, and under law or policy requires protecon from unauthorized disclosure, special handling safeguards, or prescribed limits on exchange or disseminaon. CUI includes many caveats, such as “FOR OFFICIAL USE ONLY” (FOUO).

g n i l d n a h s r e d n o p s e r t s r i f r o f e d i u g e c n e g i l l e t n i

7

Informaon labeled FOUO should be safeguarded, and withheld from public release 8 unl approved for release by the originang agency.

FOUO is not a classicaon, but a disseminaon control marking. It is used to idenfy unclassied informaon of a sensive nature, not otherwise categorized by statute or regulaon, the unauthorized disclosure of which could adversely impact a person’s privacy or welfare, the conduct of Federal programs, or other programs or operaons essenal to the naonal interest.

19

Disseminaon of FOUO is restricted to persons with “need-to-know.” Need-to-know is dened as the determinaon made by an authorized holder of informaon that a prospecve recipient requires access to specic informaon in order to perform or assist in the lawful and authorized governmental funcon, i.e., access is required for the performance of ocial dues. Typical FOUO requirements include: 1.

FOUO informaon will not be disseminated in any manner – orally, visually, or electronically – to unauthorized personnel.

2.

The holder of the informaon will comply with access and disseminaon restricons.

3.

Ensure the recipient of FOUO has valid need-to-know, and that precauons are taken to prevent unauthorized individuals from overhearing the conver saon, observing the materials, or otherwise obtaining the informaon.

Many government agencies use the FOUO caveat, but other caveats, such as, LAW ENFORCEMENT SENSITIVE (LES), and OFFICIAL USE ONLY (OUO), are also used. In many instances the requirement for safeguarding this informaon is equivalent; however, these agencies may have addional requirements concerning the safe guarding of sensive informaon.


| h a n d l i n g

“

f o r o f f i c i a l u s e o n l y

”

i n f o r m a t i o n


: G C a T I

21 seCurITy ClearanCes

s e c n a r a e l c y t i r u c e s

22

|


seCurITy

ClearanCes 9

Most informaon needed by state, local, and tribal rst responders can be shared at an unclassied level. In those instances where it is necessary to share classied informaon, it can usually be accomplished at the Secret level. State and local ocials who require access to classied material must apply for a security clearance through FBI or DHS. The process involves compleng a Quesonnaire for Naonal Security Posions, subming ngerprints, and undergoing a background invesgaon. Records checks for Secret and Top Secret security clearance are mandated by Presidenal Execuve Order (EO). The EO requires these procedures in order for a security clearance to be granted and they cannot be waived. 1. Secret Clearances: A Secret security clearance may be granted to those persons who “need-to-know” naonal security informaon, classied at the Condenal or Secret level. A Secret security clearance takes the least amount of me to process.

23

2.

Top Secret Clearances: A Top Secret clearance may be granted to those persons who “need-to-know” naonal security informaon, classied up to the Top Secret level, and who need unescorted access to sensive facilies, when necessary. a. In addion to all the requirements at the Secret level, a background invesgaon, covering a 10-year me period, is required. b. Once favorably adjudicated for a Top Secret security clearance, the candidate will be required to sign a Non-Disclosure Agreement.

For addional informaon, visit hp://www.i.gov/clearance/securityclearance.htm or contact your local FBI Field Oce.


| s e c u r i t y c l e a r a n c e s

PIC OF SCALE


: G C a T I

25 WhaT InTellIGenCe Can and CannoT do

o d t o n n a c d n a n a c e c n e g i l l e t n i t a h w

|


26

WhaT InTellIGenCe

Can (and CannoT)

do

10

Intelligence informaon can be an extremely powerful tool. It is most useful when the consumer has a clear understanding of what intelligence can and cannot do. While laws, policies, capabilies, and standards are constantly changing, these general guidelines can help consumers make the most of this resource.

Can do: Intelligence informaon can

1. WhaT InTellIGenCe provide valuable services, such as:

• Providing decision advantage, by improving the decision-making of consumers and partners while hindering that of our enemies. • Warning of potenal threats. • Insight into key current events. • Situaonal awareness. • Long-term strategic assessments on issues of ongoing interest. • Assistance in preparaon for senior-level meengs that include naonal security-related subjects. • Pre-travel security overviews and support. • Reports on specic topics, either as part of ongoing reporng or upon request for short-term needs. • Compiling U.S. Government knowledge on persons of interest.

27

CannoT

do: Realisc expectaons 2. WhaT InTellIGenCe will help the consumer ll their intelligence needs. Some things that intel ligence cannot do include:

• Predict the future. Intelligence can provide assessments of likely scenarios or developments, but there is no way to predict what will happen with certainty. • Violate U.S. law. The acvies of the IC must be conducted consistent with all applicable laws and execuve orders, to include the Naonal Security Act of 1947, as amended, the Foreign Intelligence Surveillance Act, the Intelligence Reform and Terrorism Prevenon Act (IRTPA), the Privacy Act of 1974, the Detainee Treatment Act, Homeland Security Act of 2002, as amended, Execuve Order 12333, and the Military Commission Act.

All acvies of the IC are subject to extensive and rigorous oversight both within the Execuve Branch and by the Legislave Branch, as required by the Naonal Security Act of 1947, as amended.


| w h a t i n t e l l i g e n c e c a n a n d c a n n o t d o

o d t o n n a c d n a n a c e c n e g i l l e t n i t a h w

|


28


: G C a T I

29 InTellIGenCe P roduCTs TyPICally avaIlable To fIrsT r esPonders

s r e d n o p s e r t s r i f o t e l b a l i a v a y l l a c i p y t s t c u d o r p e c n e g i l l e t n i

|


30

ProduCTs TyPICally avaIlable To fIrsT resPonders 11 InTellIGenCe

The following types of products can be found on a variety of classied and unclassied systems, including FBI’s Law Enforcement Online (LEO), and DHS’s Homeland Secure Informaon Network-Intelligence (HSIN-I) via the Internet, and NCTC Online-SECRET (NOL-S) via secret level systems, such as FBI Network (FBINet), Homeland Secure Data Network (HSDN), Joint Deployable Intelligence Support System (JDISS), and Secure In ternet Protocol Routed Network (SIPRNet). 1. Sitational Awareness and Threat Reporting: These are breaking news events to chief execuves and command centers with state, local, and tribal law enforcement agencies via HSIN-I, LEO, text messaging, or e-mail. These reports are oen produced jointly by DHS and FBI. 2. Inforation Report: These are specially formaed messages transmit ted electronically, which enable the mely disseminaon of unevaluated intelligence within the Intelligence Community and law enforcement. The informaon conveyed in these products may be non-specic or fragmentary and simply constute suspicious acvity, but sll be of intelligence value. These products include:

a. IIR (Intelligence Informaon Report) b. HIR (Homeland Informaon Report)

31


|

3. Intelligence Assessent (IA): Finished intelligence products resulng from the intelligence analysis process. Assessments may address taccal, strategic, or technical intelligence requirements. 4. Threat Assessent (TA) or Special Assessent (SA): Provides in-depth analysis related to a specic event or body of threat reporng. 5. Intelligence Blletin (IB): Finished intelligence products used to dissemi nate informaon of interest, such as signicant developments and trends, to the intelligence and law enforcement communies in an arcle format. An IB does not address threat warning informaon. 6. Joint Intelligence Assessent (IA) or Intelligence Blletin (IB): Assessments or bullens which are wrien jointly by two or more IC agen cies (dual or mulple seals). These products may address the same types of requirements as Intelligence Assessments or Intelligence Bullens. These joint products may be formaed dierently than single seal versions, de pending on the format agreed to by parcipang agencies.

i n t e l l i g e n c e p r o d u c t s t y p i c a l l y a v a i l a b l e t o f i r s t r e s p o n d e r s

s r e d n o p s e r t s r i f o t e l b a l i a v a y l l a c i p y t s t c u d o r p e c n e g i l l e t n i

|


32

7. Other Reports: These include intelligence summaries and briefs produced daily, which cover current counterterrorism, homeland security, and WMDrelated informaon. Examples include:

a. Roll Call Release: The Roll Call Release is a collaborave FOUO-only product developed by DHS, FBI, and the ITACG. The product is wrien specically for state, local, and tribal rst responders, and focuses on terrorist taccs, techniques, procedures; terrorism trends; and indicators of suspicious acv ity. The product is wrien on an ad hoc basis, is focused on one subject, and ts on one page. These products are posted on HSIN-I and LEO. b. Terrorism Summary (TERRSUM): The TERRSUM is a SECRET collateral digest of terrorism-related intelligence of interest to Federal and non-Federal law enforcement, security and military personnel. Produced Monday through Friday, the TERRSUM includes terrorism-related intelligence available to NCTC and other Intelligence Community elements. The product is posted on NOL-S.

notes

_____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________


| n o t e s

s t c u d o r p y t i n u m m o c e c n e g i l l e t n i g n i s s e c c a

|



: G C a T I

35 aCCessInG InTellIGenCe CommunITy ProduCTs


|


36

aCCessInG

InTellIGenCe

CommunITy ProduCTs

12

Classied and unclassied intelligence can be accessed by rst responders through mulple systems and websites. In some cases an account is required, while other mes all that is needed is access to a specic computer network. Many of these sources of informaon only require that an individual perform homeland security or law enforcement acvies on behalf of a state, local, or tribal government; a few require security clearances and access to secure systems.

1. unClassIfIed InTellIGenCe ProduCTs a. Homeland Security Informaon Network – Intelligence (HSIN-I): HSIN-I is an ocial government informaon sharing and electronic communicaons portal. It provides DHS, FBI, NCTC, other federal and non-federal intelligence products at the FOUO level. Accounts are available to federal, state, local, and tribal personnel performing homeland security or law enforcement dues. HSIN-I can be accessed from any computer system with an Internet connecon. Access is by invitaon only. i. Website: hps://hsin-intel.dhs.gov ii. Access: Contact the helpdesk at 1-877-624-3771 or e-mail [email protected] for sponsor contact informaon. Sponsors for state, local, and tribal can be contacted through the State and Local Fusion Centers.

37

b. Law Enforcement Online (LEO) : LEO can be accessed from any computer system with an Internet connecon. It is an ocial government informaon sharing and electronic communicaons portal. LEO provides FBI, joint FBI-DHS, NCTC, and non-federally produced intelligence products at the FOUO level. Accounts are available to federal, state, local, and tribal personnel performing homeland security or law enforcement dues and personnel from foreign law enforcement agencies. i. Website: hp://www.leo.gov ii. Access: Go to hp://www.leo.gov, click on the “LEO Membership Criteria” and then click on the “LEO User Applicaon”, or contact LEO Helpdesk at 1-888-334-4536, or e-mail [email protected]. c. Intelink-U : Intelink-U is the Intelligence Community’s “Sensive but Unclassied” (SBU) informaon sharing network. Content is provided by the Intelligence Community, other government agencies, foreign partners, academia, and open sources. Accounts are available to individuals with federal, state, local, and tribal homeland security and law enforcement responsibilies. i. Website: hps://www.intelink.gov ii. Access: Go to hps://www.intelink.gov, click on “Sign In”, and proceed to “New Account Registraon”. d. Regional Informaon Sharing Systems Network (RISSNET): RISSNET facilitates informaon sharing within the law enforcement community to combat mul-jurisdiconal criminal acvies and conspiracies. It is composed of six mul-state intelligence centers (RISS Intelligence Centers). Membership comprises federal, state, local, and tribal law enforcement agencies. Access is requested through the regional RISS Intelligence Centers.


| a c c e s s i n g i n t e l l i g e n c e c o m m u n i t y p r o d u c t s


|


38

i. Website: hp://www.riss.net ii. Contact informaon available at hp://www.riss.net/Centers.aspx. e. DHS Technical Resources for Incident Prevenon (TRIPwire): TRIPwire is a secure informaon sharing network for law enforcement, bomb squads, and other rst responders. Content consists of current terrorist bombing taccs, techniques, and procedures. i. Website: hps://www.tripwire-dhs.net ii. Access: Apply online at hps://www.tripwire-dhs.net. f. Federal Protecve Service Portal (FPS Portal): The FPS Portal is a compi laon of FOUO products for law enforcement and rst responders. i. Website: hps://fps.esportals.net ii. Access: For membership contact [email protected] or 877-624-3771. g. Open Source Center (OSC): OSC contains open source reporng, analysis, and translaons of foreign policy and naonal security issues. Accounts are available to individuals with federal, state, and local homeland security and counterterrorism responsibilies. i. Website: hp://www.opensource.gov ii. Access: Apply online at hp://www.opensource.gov.

39

2. seCreT InTellIGenCe ProduCTs a. NCTC Online-SECRET (NOL-S): NOL-S can be accessed from any SECRET U.S. Government informaon system (HSDN, FBINet, JDISS, or SIPRNet). i. Website: hps://nol.nctc.sgov.gov ii. Access: Authorized access to HSDN, FBINet, JDISS, or SIPRNet is the only requirement. b. Oce of Intelligence and Analysis (OI&A) Webpage, DHS: The OI&A homepage can be accessed from any SECRET U.S. Government informaon system (HSDN, FBINet, JDISS, or SIPRNet). i. Website: hp://dhs.csp.sgov.gov ii. Access: Authorized access to HSDN, FBINet, JDISS, or SIPRNet is the only requirement. c. FBINet: The FBI intranet can only be accessed from an FBINet computer. i. Website: hp://intranet.inet.i ii. Access: Authorized access to an FBINet system. d. FBI Intelink/SIPRNet: Can be accessed from any SECRET U.S. Government informaon system (HSDN, FBINet, JDISS, or SIPRNET). i. Website: hp://www.i.sgov.gov ii. Access: Authorized access to HSDN, FBINet, JDISS, or SIPRNET is the only requirement.


| a c c e s s i n g i n t e l l i g e n c e c o m m u n i t y p r o d u c t s


: G C a T I

41 undersTandInG ThreaT InformaTIon

n o i t a m r o f n i t a e r h t g n i d n a t s r e d n u

42

undersTandInG InformaTIon

ThreaT

13

|


A raw intelligence report, alert, warning, or nocaon is a message that provides mely disseminaon of unevaluated intelligence within the U.S. intelligence, federal law enforcement, and state, local, tribal and private sector communies. This is informaon that individuals or organizaons need in order to make decisions. The informaon may be nonspecic or fragmentary and simply constute suspicious acvity but sll be of intelligence value.

1. CrITerIa: The Intelligence Community uses the following criteria to understand threat informaon: a. Access: Addresses the ability of the source to obtain the informaon. Some common levels of source access are: i. Direct Access: The intelligence source has direct knowledge of the intelligence fact reported or appears to be in the direct contact with those personally involved or knowledgeable. ii. Indirect Access: Some distance between the source and origin of the informaon. The intelligence source is reporng informaon obtained at one or more steps removed from those with rst-hand knowledge.

43

iii. Excellent Access: High-level access to informaon due to the source’s involvement in the event; source may have learned the informaon from the decision maker or from a source document. iv. Good Access: Suggests credible but no direct access to the informaon. Perhaps the source obtained the informaon from a sub-source with excellent access or from a sub-source with a proven reporng record.

b. Chain of Acquision: Addresses source relaonships and potenal changes in the informaon as it passes from one person to another. The longer the chain of acquision (the more people who obtained and relayed the infor maon) the more likely the informaon changed, aecng the accuracy of the informaon. c.

Credibility: Refers to the extent to which something is believable. This term is commonly used with reference to sources of evidence, to evidence itself, and to hypotheses based on evidence. The term reliability is somemes used as a synonym for credibility, but this causes dicules. Reliability is just one aribute of the credibility of certain forms of evidence. The credibility of sources of evidence is both context and me dependent. A person or a sensor may be more credible regarding certain events and at certain mes but not so credible regarding other events or at other mes.


| u n d e r s t a n d i n g t h r e a t i n f o r m a t i o n


|


44

d. Reliability: A criteria of credibility applied to the primary source provides a likelihood that the most recent reporng can be assessed to be an accurate representaon of the events reported based on the past performance of the source. An analyst’s judgment on the intelligence source for a parcular report. i. Reliable: Established reporng record judged to be accurate. i. “Source has reported reliably in the past” ii. “Source has reported reliably over 1-10+ years” ii. Uncertain: Limited reporng record and/or some uncertainty as to the reli ability of the source or sources: “Reporng reliability cannot be conrmed.” iii. Unknown: Previously unreported source.

45

2. sourCe

CaTeGorIes: The Intelligence Community assesses the source of the informaon to assist in understanding threat informaon. The following terms are commonly used in describing sources:

a. Contact: Unilateral contacts who provide informaon voluntarily and in condence, but for whom a formal relaonship has not been established: “A contact with (direct/indirect/good/excellent ) access who spoke in condence. This is the rst reporng from source, reliability cannot be determined.“ b. Collaborave Source: Newly established sources with whom a formal rela onship has recently been established. The reliability statement is based on a combinaon of the quanty and quality of the source’s reporng: “A collaborave source with (direct/indirect/good/excellent ) access (some/much/ all ) of who’s reporng has been corroborated over the past two years.” c. Established Source: Sources with which a relaonship has been estab lished and, if revealed, would possibly endanger his/her status, reputa on, or security. The reliability statement is based on a combinaon of the quanty and quality of the source’s reporng: “An established source with (direct/indirect/good/excellent ) access (some/much/all ) of who’s reporng has been corroborated over the past two years.”




|


46

d. Walk-in/Call-in/Write-in: A previously unknown individual who makes contact with an ocial U.S. person, installaon, or website and volunteers his/her informaon, with or without requesng some form of assistance in return. Examples: i.

“A write-in to an ocial U.S. Government website. The informaon was conveyed in wring, via email or other form of correspondence.” ii. “A write-in to an ocial government agency. The informaon was conveyed in wring, via email or other form of correspondence.” iii. “A walk-in to an ocial government agency. The informaon was conveyed in a face-to-face manner.” iv. “A call-in to an ocial government agency. The informaon was conveyed telephonically.” e. Sensive Source: A source, which if compromised, might reduce the abil ity to use the source in support of future collecon acvies: “A sensive source with excellent access.”

47

3.

addITIonal sourCe sTaTemenT examPles :

a. “Source obtained the informaon from a reliable sub-source with direct access.” b. “Source obtained the informaon from a sub-source whose reporng record has not been established.” c. “Source was aware that his informaon would reach the U.S. Government and may have intended his remarks to inuence as well as to inform.” d. “The veracity of this source’s informaon is seriously doubted but is being reported here because of the nature of the threat discussed.” e. “The informaon was provided by the source who spoke in condence and without the knowledge of his government’s superiors. The informaon may not be discussed with any foreign government ocials, especially those of the source’s government.” f. “The informaon provided in this report may have been intended to inuence as well as to inform.”




: G C a T I

49 undersTandInG esTImaTIve lanGuaGe

e g a u g n a l e v i t a m i t s e g n i d n a t s r e d n u

|


50

undersTandInG esTImaTIve

lanGuaGe 14 When the Intelligence Community uses words such as “we judge” or “we assess”— terms that are used synonymously—as well as “we esmate,” “likely” or “indicate,” the Intelligence Community is trying to convey an analycal assessment or judgment. These assessments, which are based on incomplete or at mes fragmentary informaon, are not a fact, proof, or knowledge. Some analycal judgments are based directly on collected informaon; others rest on assessments that serve as building blocks. In either type of judgment, the Intelligence Community does not have “evidence” that shows something to be a fact or that denively links two items or issues. Intelligence judgments pertaining to likelihood are intended to reect the Community’s sense of the probability of a development or event.

51

The Intelligence Community does not intend the term “unlikely” to imply that an event will not happen. It uses “probably” and “likely” to indicate that there is a greater than even chance. The Intelligence Community uses words such as “we cannot dismiss,” “we cannot rule out,” and “we cannot discount” to reect an unlikely—or even remote—event whose consequences are such that it warrants menoning. Words such as “may be” and “suggest” are used to reect situaons in which the Intelligence Community is unable to assess the likelihood generally because relevant informaon is nonexistent, sketchy, or fragmented. In addion to using words within a judgment to convey degrees of likelihood, the Intelligence Community also ascribes “high,” “moderate,” or “low” condence levels based on the scope and quality of informaon supporng its judgments.

1. “hIGh ConfIdenCe” generally indicates that the Intelligence Community’s judgments are based on high-quality informaon and/or that the nature of the issue makes it possible to render a solid judgment.

2. “moderaTe ConfIdenCe” generally means that the informaon is interpreted in various ways, that the Intelligence Community has alternave views, or that the informaon is credible and plausible but not corroborated suciently to warrant a higher level of condence.

3. “loW ConfIdenCe” generally means that the informaon is scant, quesonable or very fragmented and it is dicult to make solid analyc inferences, or that the Intelligence Community has signicant concerns or problems with the sources.


| u n d e r s t a n d i n g e s t i m a t i v e l a n g u a g e

s e t o n

|


notes

______________________________________________________ ______________________________________________________ __________________________________________________________________ _________________________________________________________________ ____________________________________________________________ ____________________________________________________________ ____________________________________________________________ ___________________________________________________________ ____________________________________________________________ ____________________________________________________________ ____________________________________________________________ ___________________________________________________________ ____________________________________________________________ ____________________________________________________________ ____________________________________________________________

ITaCG:


SECTION

III

r eferenCe

54


: G C a T I

55 InTellIGenCe CommunITy TermInoloGy

y g o l o n i m r e t y t i n u m m o c e c n e g i l l e t n i

|


56

InTellIGenCe CommunITy

TermInoloGy 15 The following terminology is not exhausve, but contains the terms which are likely to be encountered by rst responders reading intelligence material. While there may be other denions for these terms, the denions used in this guide were selected to be the most relevant to our intended audience.

57

a Aconable: (1) Informaon that is directly useful to customers for immediate exploi taon without having to go through the full intelligence producon process; it may address strategic or taccal needs, close support of US negoang teams, or acon elements dealing with such maers as internaonal terrorism or narcocs. (2) Intelligence and informaon with sucient specicity and detail that explicit responses to prevent a crime or terrorist aack can be implemented. Access: The means, ability, or permission to approach, enter, or use a resource. All-Source Intelligence: Intelligence informaon derived from any or all of the intelligence disciplines, including SIGINT, HUMINT, IMINT, MASINT, OSINT, and GEOINT. Analysis: The process by which people transform informaon into intelligence; sys temac examinaon in order to idenfy signicant facts, make judgments, and draw conclusions.

b Basic Intelligence: Fundamental intelligence concerning the general situaon, resources, capabilies, and vulnerabilies of foreign countries and areas that may be used as reference material in the planning of operaons at any level and in evaluang subsequent informaon relang to the same subject. Behaviors: Observable acons one uses to achieve results.


| i n t e l l i g e n c e c o m m u n i t y t e r m i n o l o g y


|


58

C Case Ocer: A professional employee of an intelligence organizaon who is respon sible for providing direcon for an agent operaon. Clandesne Acvity: An acvity that is usually extensive, goal-oriented, planned, and executed to conceal the existence of the operaon. Only parcipants and the agency sponsoring the acvity are intended to know about the operaon. “Storefront” operaons, “sngs,” and certain concentrated undercover invesgaons can be classied as clandesne acvies. Classicaon: The determinaon that ocial informaon requires, in the interest of naonal security, a specic degree of protecon against unauthorized disclosure, coupled with a designaon signifying that such a determinaon has been made; the designaon is normally termed a security classicaon and includes Condenal, Secret, and Top Secret. Collaon (of informaon): A review of collected and evaluated informaon to deter mine its substanve applicability to a case or problem at issue and placement of useful informaon into a form or system that permits easy and rapid access and retrieval. Collecon (of informaon): The idencaon, locaon, and recording/storing of informaon—typically from an original source and using both human and technological means—for input into the intelligence cycle for the purpose of meeng a dened taccal or strategic intelligence goal. Collecon Plan: The preliminary step toward compleng an assessment of intelligence requirements to determine what type of informaon needs to be collected, alterna ves for how to collect the informaon, and a meline for collecng the informaon.

59

Communicaons Intelligence (COMINT): The capture of informaon, either encrypted or in “plaintext,” exchanged between intelligence targets or transmied by a known or suspected intelligence target for the purposes of tracking communicaons paerns and protocols (trac analysis), establishing links between intercommunicang pares or groups, and/or analysis of the substanve meaning of the communicaon. Conclusion: A denive statement about a suspect, acon, or state of nature based on the analysis of informaon. Condenal: Informaon which if made public could be expected to cause damage to naonal security. Consumer: The user of nished intelligence. Coordinaon: The process of interrelang work funcons, responsibilies, dues, resources, and iniaves directed toward goal aainment. Counterintelligence: Informaon gathered and acvies conducted to idenfy, deceive, exploit, disrupt, or protect against espionage, other intelligence acvies, sabotage, or assassinaons conducted for or on behalf of foreign powers, organizaons, or persons, or their agents, or internaonal terrorist organizaons or acvies. Counterterrorism: Oensive measures taken to prevent, deter, and respond to a terrorist act, or the documented threat of such an act. Covert: Planned and executed to conceal the collecon of informaon and/or the identy of any ocer or agent parcipang in the acvity. Intelligence operaons conducted in secrecy.




|


60

Crical Infrastructure Informaon: Informaon not customarily in the public domain and related to the security of crical infrastructure or protected systems— (1) actual, potenal, or threatened interference with, aack on, compromise of, or incapacitaon of crical infrastructure or protected systems by either physical or computer-based aack or other similar conduct (including the misuse of or unauthorized access to all types of communicaons and data transmission systems) that violates Federal, State, or local law, harms interstate commerce of the United States, or threatens public health or safety; (2) the ability of any crical infrastructure or protected system to resist such interference, compromise, or incapacitaon, including any planned or past assessment, projecon, or esmate of the vulnerability of crical infrastructure or a protected system, including security tesng, risk evaluaon thereto, risk management planning, or risk audit; or (3) any planned or past operaonal problem or soluon regarding crical infrastructure or protected systems, including repair, recovery, re construcon, insurance, or connuity, to the extent it is related to such interference, compromise, or incapacitaon.” Homeland Security Act of 2002, as amended. Cryptanalysis: The process of deciphering encrypted communicaons of an intelligence target. Cryptography: The creaon of a communicaons code/encrypon system for communicaon transmission with the intent of precluding the consumpon and interpretaon of one’s own messages. Cryptology: The study of communicaons encrypon methods that deal with the de velopment of “codes” and the “scrambling” of communicaons in order to prevent the intercepon of the communicaons by an unauthorized or unintended party. Current Intelligence: Intelligence of all types and forms of immediate interest to the users of intelligence; it may be disseminated without complete evaluaon, interpreta on, analysis, or integraon.

61

d Deconicon: The process or system used to determine whether mulple law en forcement agencies are invesgang the same person or crime and which provides nocaon to each agency involved of the shared interest in the case, as well as providing contact informaon. This is an informaon and intelligence sharing process that seeks to minimize conicts between agencies and maximize the eecveness of an invesgaon. Deducve Logic: The reasoning process of taking informaon and arriving at conclusions from within that informaon. Deployment: The short-term assignment of personnel to address specic naonal security-related problems or demands. Disseminaon (of Intelligence): The process of eecvely distribung analyzed intelli gence ulizing certain protocols in the most appropriate format to those in need of the informaon to facilitate their accomplishment of organizaonal goals. Downgrade: The process of eding or otherwise altering intelligence materials, informaon, reports, or other products to conceal and protect intelligence sources, methods, capabilies, analycal procedures, or privileged informaon in order to permit wider distribuon. (see Sanizaon)




|


62

e Essenal Elements of Informaon (EEI) : Items of intelligence informaon essenal for mely decisions and for enhancement of operaons that relate to foreign powers, forces, targets, or the physical environments. (see Priority Intelligence Requirement (PIR)) Esmate: (1) An analysis of a situaon, development, or trend that idenes its major elements, interprets the signicance, and appraises the future possibilies and the prospecve results of the various acons that might be taken. (2) An appraisal of the capabilies, vulnerabilies, and potenal courses of acon of a foreign naon or combinaon of naons in consequence of a specic naonal plan, policy, decision, or contemplated course of acon. (3) An analysis of an actual or contemplated clandesne operaon in relaon to the situaon in which it is or would be conducted in order to idenfy and appraise such factors as available and needed assets, potenal obstacles, accomplishments, and consequences. Esmave Intelligence: A category of intelligence that aempts to project prob able future foreign courses of acon and developments and their implicaons for U.S. interests; it may or may not be coordinated and may be naonal or departmental intelligence. Evaluaon: An appraisal of the worth of an intelligence acvity, informaon, or product in terms of its contribuon to a specic goal. All informaon collected for the intel ligence cycle is reviewed for its quality with an assessment of the validity and reliability of the informaon.

63

Exploitaon: The process of obtaining intelligence informaon from any source and taking advantage of it for intelligence purposes.

f


|

Field Intelligence Group (FIG): The centralized intelligence component in a Federal Bureau of Invesgaon eld oce that is responsible for the management, execuon, and coordinaon of intelligence funcons within the eld oce region. Finished Intelligence: (1) The product resulng from the collecon, processing, integraon, analysis, evaluaon, and interpretaon of available informaon concerning foreign countries or areas. (2) The nal result of the producon step of the intelligence cycle; the intelligence product. Foreign Intelligence Surveillance Act (FISA): The FISA of 1978 prescribes procedures for the physical and electronic surveillance and collecon of “foreign intelligence informaon” between or among “foreign powers” on territory under United States control. FISA is codied in 50 U.S.C. §§1801-1811, 1821-29, 1841-46, and 1861-62. The Act was amended by the USA PATRIOT Act of 2001, primarily to include terrorism by groups that are not specically backed by a foreign government. For Ocial Use Only (FOUO) : A disseminaon control marking used to idenfy unclassied informaon of a sensive nature, not otherwise categorized by statute or regulaon, the unauthorized disclosure of which could adversely impact a person’s privacy or welfare, the conduct of Federal programs, or other programs or operaons essenal to the naonal interest.

i n t e l l i g e n c e c o m m u n i t y t e r m i n o l o g y


|


64

Freedom of Informaon Act (FOIA): The Freedom of Informaon Act, 5 U.S.C. 552, enacted in 1966, statutorily provides that any person has a right, enforceable in court, to access federal agency records, except to the extent that such records (or porons thereof) are protected from disclosure by one of nine exempons or three exclusions. Fusion Center: The place where law enforcement, public safety, and private sector partners can come together with a common purpose and improve the ability to safe guard our homeland and prevent criminal acvity. A collaborave eort of two or more agencies that provide resources, experse, and/or informaon to the center with the goal of maximizing the ability to detect, prevent, apprehend, and respond to criminal and terrorism acvity.

G Geospaal: Describes any data containing coordinates dening a locaon on the earth’s surface. Geospaal Intelligence: Describes the combinaon of spaal soware and analy cal methods with terrestrial and geographic datasets (imagery and geodec, terrain elevaon, hydrographic, topographic, and aeronaucal data). The analysis and visual representaon of security related acvies on the earth. Granularity: Considers the specic details and pieces of informaon, including nuances and situaonal inferences, which constute the elements on which intelligence is developed through analysis.

65

h Highside: Jargon for top secret government computer systems. Homeland Security Advisory System: Designed to guide DHS protecve measures when specic informaon to a parcular sector or geographic region is received. It combines threat informaon with vulnerability assessments and provides communica ons to public safety ocials and the public. The system includes: • Homeland Security Threat Advisories contain aconable informaon about an incident involving, or a threat targeng, crical naonal networks, infrastructures, or key assets. • Homeland Security Informaon Bullens communicate informaon of interest to the naon’s crical infrastructures that do not meet the meliness, specicity, or signicance thresholds of warning messages. • Color-coded Threat Level System is used to communicate with public safety ocials and the public at-large through a threat-based, color-coded system so that protecve measures can be implemented to reduce the likelihood or impact of an aack. There are ve levels: Low, Guarded, Elevated , High, and Severe. Hypothesis (from Criminal Intelligence Analysis): An interim conclusion regarding persons, events, and/or commodies based on the accumulaon and analysis of intelligence informaon that is to be proven or disproved by further invesgaon and analysis.




|


66

I Imagery Intelligence (IMINT): includes representaons of objects reproduced elec tronically or by opcal means on lm, electronic display devices, or other media. Imag ery can be derived from visual photography, radar sensors, infrared sensors, lasers, and electro-opcs. Indicaons and Warning (I&W): Those intelligence acvies intended to detect and report me-sensive intelligence informaon on developments that could involve a threat to U.S. or Allied military, polical, or economic interests, or to U.S. cizens abroad. Indicator: Generally dened and observable acons that, based on an analysis of past known behaviors and characteriscs, collecvely suggest that a person may be com ming, preparing to commit, or has commied an unlawful act. Inducve Logic: The reasoning process of taking diverse pieces of specic informaon and inferring a broader meaning of the informaon through the course of hypothesis development. Inference Development: The creaon of a probabilisc conclusion, esmate, or pre dicon related to an intelligence target based upon the use of inducve or deducve logic in the analysis of raw informaon related to the target. Informant: An individual not aliated with a law enforcement agency who provides informaon about criminal behavior to a law enforcement agency. An informant may be a community member, a businessperson, or a criminal informant who seeks to protect himself/herself from prosecuon and/or provide the informaon in exchange for payment.

67

Informaon: Pieces of raw, unanalyzed data that idenfy persons, evidence, or events or illustrate processes that indicate the incidence of a criminal event or witnesses or evidence of a criminal event. Informaon Sharing Environment: As stated in the Informaon Sharing Environment Implementaon Plan, “informaon sharing environment” and “ISE” mean an approach that facilitates the sharing of terrorism informaon. [IRTPA 1016(a)(2)] The ISE is to provide and facilitate the means for sharing terrorism informaon among all appropri ate Federal, State, local, and tribal enes, and the private sector through the use of policy guidelines and technologies. [Extracted from IRTPA 1016(b)(2)] To the greatest extent praccable, the ISE is to provide the funconal equivalent of or otherwise sup port a decentralized, distributed, and coordinated environment. Informaon Sharing System: An integrated and secure methodology, whether computerized or manual, designed to eciently and eecvely distribute crical infor maon about oenders, crimes, and/or events in order to enhance prevenon and apprehension acvies by law enforcement. Intelligence Analyst: A professional posion in which the incumbent is responsible for taking the varied facts, documentaon of circumstances, evidence, interviews, and any other material related to a crime and organizing them into a logical and related framework for the purposes of developing a criminal case, explaining a criminal phenomenon, describing crime and crime trends and/or preparing materials for court and prosecuon, or arriving at an assessment of a crime problem or crime group. Intelligence Acvity: A generic term used to encompass any or all of the eorts and endeavors undertaken by intelligence organizaons, including collecon, analysis, producon, disseminaon, and covert or clandesne acvies.




|


68

Intelligence Agency: A component organizaon of the Intelligence Community. Intelligence Community: A federaon of Execuve Branch agencies and organizaons that work separately and together to conduct intelligence acvies necessary for the conduct of foreign relaons and the protecon of the naonal security of the U.S.. These organizaons are (in alphabecal order): Air Force Intelligence, Army Intel ligence, Central Intelligence Agency, Coast Guard Intelligence, Defense Intelligence Agency, Department of Energy, Department of Homeland Security, Department of State, Department of the Treasury, Director of Naonal Intelligence, Drug Enforcement Administraon, Federal Bureau of Invesgaon, Marine Corps Intelligence, Naonal Geospaal-Intelligence Agency, Naonal Reconnaissance Oce, Naonal Security Agency, and Navy Intelligence. Intelligence Cycle: The steps by which informaon is converted into intelligence and made available to users. The cycle has been described as including ve steps: planning and direcon; collecon; processing and exploitaon; analysis and producon; and disseminaon. Intelligence Informaon: Unevaluated material that may be used in the producon of intelligence. Intelligence Assessment: Refers to longer, oen detailed intelligence products; en compasses most analycal studies dealing with subjects of policy signicance. Intelligence Bullen: Refers to shorter, oen less detailed intelligence products which focus on a parcular incident.

69

Intelligence Esmate: An analysis of a situaon, development, or trend that idenes its major elements, interprets the signicance, and appraises the future possibilies and the prospecve results of the various acons that might be taken. Intelligence-Led Policing: The dynamic use of intelligence to guide operaonal law enforcement acvies to targets, commodies, or threats for both taccal responses and strategic decision making for resource allocaon and/or strategic responses. Intelligence Mission: The role that the intelligence funcon of an agency fullls in support of the overall mission of the agency; it species in general language what the funcon is intended to accomplish. Intelligence Needs: Intelligence requirements not being addressed in current intel ligence acvies. Intelligence Ocer: A professional employee of an intelligence organizaon. Intelligence Products: Reports or documents that contain assessments, forecasts, as sociaons, links, and other outputs from the analyc process. Intelligence Requirement: Any subject, general or specic, upon which there is a need for the collecon of intelligence informaon or the producon of intelligence.




70

J Joint Regional Informaon Exchange System (JRIES): A subscriber-supported ana lycal and resource system for local, state, and federal law enforcement, with an inter face to the U.S. Department of Defense, that provides secure sensive but unclassied real-me informaon with databases, e-mail, media studies, threat reporng, analyc tools, and mapping and imagery tools.

|

s r e d n o p s e r t s r i f

K

r o f e d i u g e c n e g i l l e t n i

Known or Suspected Terrorist Terrorist: Pursuant to Homeland Security Presidenal Direcve 6 (HSPD-6), a known or suspected terrorist is an individual “known or appropriately suspected to be or have been engaged in conduct constung, in preparaon for, in aid of, or related to terrorism.”

l Law Enforcement Sensive (LES): Unclassied informaon originated by the FBI that may be used in criminal prosecuon and requires protecon against unauthorized disclosure to protect sources and methods, invesgave acvity, evidence, and the integrity of pretrial invesgave reports. Low Side: Jargon for non non-top -top secret computer system; can be used to refer to unclassi ed or secret-level systems.

71

m Measurement and Signature Intelligence (MASINT): Technically derived intelli gence data other than imagery and SIGINT. The data results in intelligence that locates, idenes, or describes disncve characteriscs of targets. It employs a broad group of disciplines including nuclear, opcal, radio frequency, acouscs, seismic, and materials sciences. Methods: These are the methodologies (e.g., electronic surveillance or undercover operaons) of how crical informaon is obtained and recorded.

n Naonal Counterterrorism Center (NCTC): NCTC serves as the primary organizaon in the United States Government for integrang and analyzing all intelligence pertain ing to terrorism possessed or acquired by the United States Government (except purely domesc terrorism); serves as the central and shared knowledge bank on terrorism informaon; provides all-source intelligence support to government-wide counterter rorism acvies; establishes the informaon technology (IT) systems and architectures within the NCTC and between the NCTC and other agencies that enable access to, as well as integraon, disseminaon, and use of, terrorism informaon. Naonal Security: Measures adopted by the government of a naon in order to as sure the safety of its cizens, guard against aack, and prevent disclosure of sensive or classied informaon which might threaten or embarrass said naon.




|


72

Naonal Security Intelligence: The collecon and analysis of informaon concerned with the relaonship and equilibrium of the United States with foreign powers, or ganizaons, and persons with regard to polical and economic factors, as well as the maintenance of the United States’ sovereign principles. Network: A structure of interconnecng components designed to communicate with each other and perform a funcon or funcons as a unit in a specied manner. No Fly: An individual not allowed on commercial ights due to terrorism concerns. No-Fly List: A list created and maintained by the U.S. Government to keep known or suspected terrorists o commercial ights.

o Open Source: Informaon of potenal intelligence value that is available to the gen eral public. Open-Source Intelligence (OSINT): Publicly available informaon appearing in print or electronic form including radio, television, newspapers, journals, the Internet, com mercial databases, and videos, graphics, and drawings. Operaonal Intelligence: Informaon is evaluated and systemacally organized on an acve or potenal target, such as groups of or individual criminals, relevant premises, contact points, and methods of communicaon. This process is developmental in nature wherein there are sucient arculated reasons to suspect criminal acvity. Intelligence acvies explore the basis of those reasons and newly developed informa on in order to develop a case for arrest or indictment.

73

Operaons Security: A systemac, proven process by which a government, organiza on, or individual can idenfy, control, and protect generally unclassied informaon about an operaon/acvity and, thus, deny or migate an adversary’s/competor’s ability to compromise or interrupt said operaon/acvity.

P


|

Personally Idenable Informaon: Any informaon that permits the identy of an individual to be directly or indirectly inferred, including other informaon that is linked or linkable to an individual. “Individual” includes, but is not limited to, U.S. cizens, legal permanent residents, and visitors to the U.S. “Informaon” includes any informaon about an individual maintained by an agency, including, but not limited to, educaon, nancial transacons, medical history, and criminal or employment history and informaon which can be used to disnguish or trace an individual’s identy, such as their name, social security number, date and place of birth, mother’s maiden name, biometric records, etc., including any other personal informaon which is linked or linkable to an individual. [See Execuve Oce of the President, Oce of Management and Budget, July 12, 2006, M-06-19]. Plus 1: (1) One addional of something. (2) An individual’s name plus an addional data element (e.g., date of birth, SSN, passport number). Typically used in reference to informaon, beyond an individual’s name, required to conrm an individual’s identy. Policy: The principles and values that guide the performance of a duty. A policy is not a statement of what must be done in a parcular situaon. Rather, it is a statement of guiding principles that should be followed in acvies which are directed toward the aainment of goals.

i n t e l l i g e n c e c o m m u n i t y t e r m i n o l o g y


|


74

Predicon: The projecon of future acons or changes in trends based on an analysis of informaon depicng historical trends from which a forecast is based. Priority Intelligence Requirement: A priorized informaonal need that is crical to mission success. Privacy (Informaon): The assurance that legal and constuonal restricons on the collecon, maintenance, use, and disclosure of personally idenable informaon will be adhered to by criminal jusce agencies, with use of such informaon to be strictly limited to circumstances where legal process permits use of the personally idenable informaon. Privacy (Personal): The assurance that legal and constuonal restricons on the collecon, maintenance, use, and disclosure of behaviors of an individual, including his/her communicaons, associaons, and transacons, will be adhered to by criminal jusce agencies, with use of such informaon to be strictly limited to circumstances where legal process authorizes surveillance and invesgaon. Privacy Act: The Privacy Act of 1974, 5 U.S.C. § 552a, establishes a code of fair infor maon pracces that governs the collecon, maintenance, use, and disseminaon of personally idenable informaon about individuals that is maintained in systems of records by federal agencies. A system of records is a group of records under the control of an agency from which informaon is retrieved by the name of the individual or by some idener assigned to the individual. The Privacy Act requires that agencies give the public noce of their systems of records by publicaon in the Federal Register. The Privacy Act prohibits the disclosure of informaon from a system of records absent the wrien consent of the subject individual, unless the disclosure is pursuant to one of twelve statutory excepons. The Act also provides individuals with a means by which to seek access to and amendment of their records, and sets forth various agency re cord-keeping requirements.

75

Private Sector Partners: As used in the ISE Implementaon Plan, “private sector partners” includes vendors, owners, and operators of products and infrastructures parcipang in the ISE.

Q Qualitave (Methods): Research methods that collect and analyze informaon which is described in narrave or rhetorical form, with conclusions drawn based on the cu mulave interpreted meaning of that informaon. Quantave (Methods): Research methods that collect and analyze informaon which can be counted or placed on a scale of measurement that can be stascally analyzed.

r Raw Data: Bits of data collected which individually convey lile or no useful informaon and must be collated, aggregated, or interpreted to provide meaningful informaon. Raw Intelligence: A colloquial term meaning collected intelligence informaon that has not yet been converted into nished intelligence. Regional Informaon Sharing Systems (RISS): Composed of six regional intelligence centers that provide secure communicaons, informaon sharing resources, and invesgave support to combat muljurisdiconal crime and terrorist threats to local, state, tribal, and federal member law enforcement agencies in all 50 states, the District of Columbia, U.S. territories, Australia, Canada, and England.




|


76

Requirements (Intelligence): The types of intelligence operaonal law enforcement elements need from the intelligence funcon within an agency or other intelligenceproducing organizaons in order for law enforcement ocers to maximize protecon and prevenve eorts as well as idenfy and arrest persons who are criminally liable. Responsibility: Reects how the authority of a unit or individual is used and determines whether goals have been accomplished and the mission fullled in a manner that is consistent with the dened limits of authority.

Risk: Dened as the potenal for undesirable outcomes for a given situaon or problem. Risk Assessment: An analysis of a target, illegal commodity, or vicm to idenfy the probability of being aacked or criminally compromised and to analyze vulnerabilies.

77

s Sanizaon: The process of eding or otherwise altering intelligence materials, informaon, reports, or other products to conceal and protect intelligence sources, methods, capabilies, analycal procedures, or privileged informaon in order to permit wider disseminaon. Secret: Informaon which if made public could be expected to cause serious damage to naonal security. Selectee (TSA): An individual who must undergo addional security screening before being permied to board a commercial aircra. Sensive But Unclassied (SBU) Informaon: Informaon that has not been classied by a federal law enforcement agency which pertains to signicant law enforcement cases under invesgaon and criminal intelligence reports which require disseminaon criteria to only those persons necessary to further the invesgaon or to prevent a crime or terrorist act. Sensive Compartmented Informaon (SCI): Classied informaon concerning or derived from intelligence sources, methods, or analycal processes that is required to be handled within formal access control systems established by the Director of Naonal Intelligence.

Sensive Compartmented Informaon Facility (SCIF): An accredited area, room, group of rooms, buildings, or installaon where SCI may be stored, used, discussed, and/or processed.




78

Signals Intelligence (SIGINT): Intelligence derived from signal intercepts comprising, individually or in combinaon, all communicaons intelligence (COMINT), electronic intelligence (ELINT), and/or foreign instrumentaon signals intelligence (FISINT) Source: A book, statement, person, etc., supplying informaon. From an intelligence perspecve, these are persons (human intelligence or HUMINT) who collect or possess crical informaon needed for intelligence analysis.

|

s r e d n o p s e r t s r i f

Suspicious Acvity Report (SAR): The reporng of suspicious acvity to an appro priate government agency, dened as behavior that may be indicave of intelligence gathering or preoperaonal planning related to terrorism, criminal espionage, or other illicit intenon.

r o f e d i u g e c n e g i l l e t n i

System of Records: Pursuant to the Privacy Act of 1974, a System of Records is a group of any records under the control of any agency from which informaon is retrieved by the name of the individual or by some idenfying number, symbol, or other idener assigned to the individual. The Privacy Act requires each agency to publish noce of its systems of records in the Federal Register. This noce is generally referred to as a system of records noce (SORN).

T Taccal Intelligence: Evaluated informaon on which immediate enforcement acon can be based; intelligence acvity focused specically on developing an acve case. Target: (1) Any person, organizaon, group, crime or criminal series, or commodity being subject to invesgaon and intelligence analysis. (2) An individual, operaon, or acvity which an adversary has determined possesses informaon that might prove useful in aaining his/her objecve.

79

Target Prole: A prole that is person-specic and contains sucient detail to iniate a target operaon or support an ongoing operaon against an individual or networked group of individuals. Targeng: The idencaon of crimes, crime trends, and crime paerns that have dis cernable characteriscs which make collecon and analysis of intelligence informaon an ecient and eecve method for idenfying, apprehending, and prosecung those who are criminally responsible. Tear-line: Intelligence informaon which has been sanized (removal of sources and methods) in order to distribute this informaon at a lower classicaon. Tear-Line Report: A report containing classied intelligence or informaon that is pre pared in such a manner that data relang to intelligence sources and methods are eas ily removed from the report to protect sources and methods from disclosure. Typically, the informaon below the “tear line” can be released as sensive but unclassied. Terrorism: Premeditated, polically movated violence perpetrated against noncom batant targets by sub-naonal groups or clandesne agents, usually intended to inu ence an audience. Title 22, U.S.C. Secon 265f (d) Terrorist Screening Center (TSC): Established in support of Homeland Security Presidenal Direcve 6 (HSPD-6), dated September 16, 2003, to consolidate the Federal Government’s approach to terrorism screening and provide for the appropriate and lawful use of terrorist informaon in screening processes. The TSC maintains the Feder al Government’s consolidated and integrated terrorist watch list, known as the TSDB.




|


80

Terrorist Screening Database (TSDB): The database which contains the consolidated and integrated terrorist watch list maintained by the Federal Bureau of Invesgaon’s Terrorist Screening Center (TSC). The No Fly and Selectee List are components of the TSDB. Third-Agency Rule: An agreement wherein a source agency releases informaon under the condion that the receiving agency does not release the informaon to any other agency—that is, a third agency. Threat: (1) The capability of an adversary coupled with his intenons to undertake any acon detrimental to the interests of the United States. (2) A source of unacceptable risk. Threat Assessment: An assessment of a criminal or terrorist presence within a jurisdicon integrated with an assessment of potenal targets of that presence and a statement of probability that the criminal or terrorist will commit an unlawful act. The assessment focuses on the criminal’s or terrorist’s opportunity, capability, and willing ness to fulll the threat. Top Secret: Informaon which if made public could be expected to cause exceponally grave damage to naonal security.

81

u Unauthorized Disclosure: A communicaon or physical transfer to an unauthorized recipient. Unclassied: Informaon not subject to a security classicaon, i.e., informaon not CONFIDENTIAL, SECRET or TOP SECRET. Although Unclassied informaon is not subject to security classicaon, there may be limits on disclosure. (See Secon 8. Handling of “Controlled Unclassied Informaon.”)

v Validity : Asks the queson, “Does the informaon actually represent what we believe it represents?” Variable: Any characterisc on which individuals, groups, items, or incidents dier. Vet: (1) To subject a proposal, work product, or concept to an appraisal by command personnel and/or experts to ascertain the product’s accuracy, consistency with phi losophy, and/or feasibility before proceeding. (2) To subject informaon or sources to careful examinaon or scruny to determine suitability.




82

Vulnerability: Suscepbility to aack, exploitaon, or injury; an inherent weakness or aw. One of three key aspects of determining risk: vulnerability, threat, and impact. Vulnerability Assessment: An assessment of possible criminal or terrorist group targets within a jurisdicon integrated with an assessment of the target’s weaknesses, likelihood of being aacked, and ability to withstand an aack.

|


W Warning : To nofy in advance of possible harm or vicmizaon as a result of informa on and intelligence gained concerning the probability of a crime or terrorist aack.

x

y

Z

notes

_____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________


| n o t e s


: G C a T I

85 InTellIGenCe CommunITy aCronyms & abbrevIaTIons

s n o i t a i v e r b b a d n a s m y n o r c a y t i n u m m o c e c n e g i l l e t n i

|


86

InTellIGenCe

aCronyms & abbrevIaTIons 16 CommunITy

The following list is not exhausve, but contains the acronyms and abbreviaons which are likely to be encountered by rst responders reading intelligence material.

87

a AAR: Aer Acon Report ACIC: Army Counterintelligence Center AFIS: Automated Fingerprint Idencaon System AFOSI: Air Force Oce of Special Invesgaons AKA: Also Known As AMCIT: American Cizen AMEMB: American Embassy ANW: Alerts, Nocaons, and Warnings AQ : al-Qa’ida AQIM: al-Qa’ida in the Islamic Maghreb (formerly Salast Group for Preaching and Combat [GSPC]) ATF: Bureau of Alcohol, Tobacco, and Firearms AUC: United Self-Defense Forces of Colombia

b BPA: Border Patrol Agent BW: Biological Warfare

C C: Condenal CBP: U.S. Customs and Border Protecon, DHS CBR: Chemical, Biological and Radiological CBRN: Chemical, Biological, Radiological and Nuclear CBRNE: Chemical, Biological, Radiological, Nuclear and Explosives


| i n t e l l i g e n c e c o m m u n i t y a c r o n y m s a n d a b b r e v i a t i o n s


88

CBT: Computer-Based Training CBW: Chemical and Biological Warfare CDD: Chemical Dispersion Device CI: Counterintelligence CI Poly: Counterintelligence Polygraph CIA: Central Intelligence Agency CIR: Central Intelligence Report CIR: Counterintelligence Report CIS: Bureau of Cizenship and Immigraon Services, DHS CLASS: Consular Lookout and Support System COI: Community of Interest COMINT: Communicaons Intelligence COMSEC: Communicaons Security CONOPS: Concept of Operaons CONUS: Connental U.S. COOP: Connuity of Operaons CT: Counterterrorism CTC: Counterterrorism Center CUI: Controlled Unclassied Informaon

|


d D/CIA: Director Central Intelligence Agency (formerly DCI) DCI: Director of Central Intelligence (now Director of Naonal Intelligence [DNI]) D&D: Denial and Decepon DEA: Drug Enforcement Administraon DHS: Department of Homeland Security

89

DIA: Defense Intelligence Agency DISES: Defense Intelligence Senior Execuve Service DISL: Defense Intelligence Senior Level DNI: Director of Naonal Intelligence (replaces Director of Central Intelligence (DCI)) DOB: Date of Birth DOD: Department of Defense DOE: Department of Energy DOS: Department of State DPOB: Date and Place of Birth DSS: Diplomac Security Service DT: Domesc Terrorism

e EAAQ : East Africa al Qa’ida EEI: Essenal Element of Informaon (now PIR) EIF: Entry into Force ELINT: Electronic Intelligence EO: Execuve Order EPA: Environmental Protecon Agency ETA: Esmated me of arrival ETA: Basque Fatherland and Liberty EWI: Entry without inspecon




|


90

f FAA: Federal Aviaon Administraon FAM: Federal Air Marshal FARC: Revoluonary Armed Forces of Colombia FBI: Federal Bureau of Invesgaon FBIS: Foreign Broadcast Informaon System (now Open Source Center) FCPO: Fusion Center Program Oce FEMA: Federal Emergency Management Agency FGI: Foreign Government Informaon FIG: Field Intelligence Group, FBI FIR: Field Informaon Report FIS: Foreign Intelligence Service FISA: Foreign Intelligence Surveillance Act FNU: First Name Unknown FPO: Federal Protecve Service Ocer FOIA: Freedom of Informaon Act FOUO: For Ocial Use Only FPS: Federal Protecve Service FPU: Force Protecve Unit

G GEOINT : Geospaal Intelligence GIA: Armed Islamic Group GS: General Schedule GWOT: Global War on Terror

91

h HCS: Human Control System HIR: Homeland Informaon Report HITRAC: Homeland Infrastructure Threat and Risk Analysis Center, DHS HSC: Homeland Security Council HSDN: Homeland Secure Data Network HSIN: Homeland Security Informaon Network (DHS web portal) HSIN-I: Homeland Security Informaon Network-Intelligence (DHS web portal) HS-SLIC: Homeland Security State and Local Intelligence Community of Interest HUMINT: Human Intelligence HUM: Harakat ul-Mujahidin

I I&W: Indicaons and Warning IA: Intelligence Assessment IA: Intelligence Analyst IAEA: Internaonal Atomic Energy Agency IBIS: Interagency Border Inspecon System IC: Intelligence Community ICD: Improvised Chemical Device ICD: Intelligence Community Direcve (replaces Director of Central Intelligence Direcves, or DCIDs) ICCD: Improvised Chemical Dispersion Device ICE: U.S. Immigraon and Customs Enforcement, DHS IDENT: Automated Biometric Fingerprint Idencaon System IED: Improvised Explosive Device




92

IG: Inspector General IICT: Interagency Intelligence Commiee on Terrorism, NCTC IIR: Intelligence Informaon Report IJU: Islamic Jihad Union IMINT: Imagery Intelligence IMU: Islamic Movement of Uzbekistan INA: Immigraon and Naonality Act IND: Improvised Nuclear Device INFOSEC: Informaon Security INR: Bureau of Intelligence and Research, DOS INTERPOL: Internaonal Police IRT: Incident Response Team IRTPA: Intelligence Reform and Terrorism Prevenon Act of 2004 ISC: Informaon Sharing Council ISE: Informaon Sharing Environment IT: Internaonal Terrorism ITACG: Interagency Threat Assessment and Coordinaon Group, NCTC

|


J JCS: Joint Chiefs of Sta JEM: Jaish-e-Mohammed JI: Jemaah Islamiya JITF-CT: Joint Intelligence Task Force-Combang Terrorism, DIA JRIES: Joint Regional Informaon Exchange System JSA: Joint Special Assessment JTF: Joint Task Force JTTF: Joint Terrorism Task Force JWICS: Joint Worldwide Intelligence Communicaon System

93

K

l LAN: Local Area Network LEA: Law Enforcement Agency LEO: Law Enforcement Ocer LEO: Law Enforcement Online (FBI UNCLASS web portal) LES: Law Enforcement Sensive LIFG: Libya Islamic Fighng Group LNU: Last Name Unknown LPR: Lawful Permanent Resident LT: Lashkar-e Tayyiba LTTE: Liberaon Tigers of the Tamil Eelam

m MANPADS: Man-Portable Air Defense System MASINT: Measurement and Signature Intelligence MEK: Mujahedin-e Khalq MI: Military Intelligence MOA: Memorandum of Agreement MOU: Memorandum of Understanding




|


94

n NAILS: Naonal Automated Immigraon Lookout System NIE: Naonal Intelligence Esmate NCIC: Naonal Crime Informaon Center NCIS: Naval Criminal Invesgave Service NCIX: Naonal Counterintelligence Execuve NCPC: Naonal Counter Proliferaon Center NCR: Naonal Capital Region NCTC: Naonal Counterterrorism Center NFI: No Further Informaon NGA: Naonal Geospaal-Intelligence Agency (formerly NIMA) NIC: Naonal Intelligence Council NIE: Naonal Intelligence Esmate NIO: Naonal Intelligence Ocer NIP: Naonal Intelligence Program NIPF: Naonal Intelligence Priories Framework NIMA: Naonal Imagery and Mapping Agency (now NGA) NJTTF: Naonal Joint Terrorism Task Force NLETS: Naonal Law Enforcement Telecommunicaon System NOC: Naonal Operaons Center, DHS NOFORN: Not Releasable to Foreign Naonals NOIWON: Naonal Operaons and Intelligence Watch Ocers Network NOL: NCTC Online NOL-J: NCTC Online-JWICS NOL-S: NCTC Online-SIPRNET (also NCTC Online-Secret) NRO: Naonal Reconnaissance Oce NSA: Naonal Security Agency

95

NSC: Naonal Security Council NSEERS: Naonal Security Entry-Exit Registraon System NSIS: Naonal Strategy for Informaon Sharing NSTL: Naonal Security Threat List NSTR: Nothing Signicant to Report NSTS: Naonal Secure Telephone System NTM: Naonal Technical Means NTR: Nothing to Report

o OCONUS: Outside the Connental United States ODNI: Oce of the Director of Naonal Intelligence OI&A: Oce of Intelligence & Analysis, DHS OPSEC: Operaons Security ORCON: Originator Controlled Disseminaon OSC: Open Source Center (formerly FBIS) OSINT: Open Source Intelligence OSIS: Open Source Informaon System

P PIR: Priority Intelligence Requirement (formerly EEI) PM-ISE: Program Manager-Informaon Sharing Environment POB: Place of Birth POC: Point of Contact POE: Port of Entry




|


96

PM: Producon Management PNR: Passenger Name Record PPN: Passport Number PSA: Protecve Security Advisor, DHS

Q QJBR: al-Qa’ida in Iraq (Tanzim Qa’idat al-Jihad  Bilad al-Radayn)

r RDD: Radiaon Dispersal Device RFI: Request for Informaon RFP: Request for Proposal RISS: Regional Informaon Sharing System RISSNET: Regional Informaon Sharing System Network RO: Reporng Ocer RSO: Regional Security Oce or Ocer

s S:

Secret S&T: Science & Technology S&L: State and Local SA: Situaonal Awareness SA: Special Assessment SAP: Special Access Program

97

SAR: Suspicious Acvity Report SBI: Special Background Invesgaon SBU: Sensive But Unclassied SCI: Sensive Compartmented Informaon SCIF: Sensive Compartmented Informaon Facility SEG: Special Events Group SES: Senior Execuve Service SETA: Special Events Threat Assessment SEVIS: Student Exchange Visitor Informaon System SI: Sensive Informaon SI: Special Intelligence SIA: Supervisory Intelligence Analyst SIO: Supervisory Intelligence Ocer SIOC: Strategic Informaon and Operaons Center, FBI SIPRNET: Secret Internet Protocol Routed Network SIS: Senior Intelligence Service SNIS: Senior Naonal Intelligence Service SOP: Standard Operang Procedure SLAM: SIOC Law Enforcement Alert Messaging STE: Secure Telephone SLFC: State and Local Fusion Center SLT: State, Local, and Tribal SLTP: State, Local, Tribal, and Private Sector STU III: Secure Telephone Unit III SSI: Sensive Security Informaon SSO: Special Security Ocer SME: Subject Maer Expert SVTC: Secure Video Teleconference




98

T TA: Threat Analysis TA: Threat Assessment TD: Teletype Disseminaon TDX: Teletype Disseminaon Sensive TDY: Temporary Duty TECS: Treasury Enforcement Communicaons System TIDE: Terrorist Idenes Data Mart Environment TLO: Terrorism Liaison Ocer TS: Top Secret TSA: Transportaon Security Administraon TSANOF: TSA No Fly List TSASEL: TSA Selectee List TSC: Terrorist Screening Center TSDB: Terrorist Screening Database TSO: Transportaon Security Ocer TSOC: Transportaon Security Operaons Center TS/SCI: Top Secret/Sensive Compartmented Informaon TTP: Taccs, Techniques, and Procedures

|


u U: Unclassied UASI: Urban Areas Security Iniave UBL: Usama Bin Ladin U//FOUO: Unclassied//For Ocial Use Only UI: Unidened UNC: Unclassied

99

UNCLASS: Unclassied UNK: Unknown USA: U.S. Aorney USC: U.S. Cizen USCG: U.S. Coast Guard USDI: Undersecretary of Defense for Intelligence USEMB: U.S. Embassy USIC: U.S. Intelligence Community USPER: U.S. Person

v VBIED: Vehicle Borne Improvised Explosive Device VGTOF: Violent Gang & Terrorist Organizaon File VTC: Video Teleconference VWI: Virtual Walk-In VWP: Visa Waiver Program

W WMD: Weapons of Mass Destrucon

x

y

Z



100

end noTes 1

hp://www.intelink.ic.gov/wiki/Intelligence

2

hp://www.intelink.ic.gov/wiki/Intelligence_Sources_and_Methods

3

hp://www.intelligence.gov/1who.shtml

4

hp://www.intelink.ic.gov/wiki/Intelligence_community

5

hp://www.intelligence.gov/2-business.shtml

6

hp://www.intelligence.gov/2-business.shtml

7

hp://www.archives.gov/cui/

8

DHS MD 11042.1

9

hp://www.i.gov/clearance/securityclearance.htm

10

2009 Naonal Intelligence – a consumer’s guide; hp://www.intelink.ic.gov/wiki/ Intelligence_Community_Customer_Handbook

11

Mulple Sources

12

Mulple Sources

13

FBI Intelligence Informaon Report (IIR) Handbook, 10/23/2006

14

What We Mean When We Say: An Explanaon of Esmave Language

15

Mulple Sources

16

Mulple Sources

notes

_____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________


| n o t e s

s e t o n

|


notes

______________________________________________________ ______________________________________________________ __________________________________________________________________ _________________________________________________________________ ____________________________________________________________ ____________________________________________________________ ____________________________________________________________ ___________________________________________________________ ____________________________________________________________ ____________________________________________________________ ____________________________________________________________ ___________________________________________________________ ____________________________________________________________ ____________________________________________________________ ____________________________________________________________

notes

_____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________ _____________________________________________________


| n o t e s

This docent can also be fond in printable forat at https://hsin-intel.dhs.gov or http://www.leo.gov.

Itacg Guide for First Responders

Recommend Documents