Chesbro`s Law Enforcement, Research

Transcription

Chesbro's Law Enforcement,
Research & Intelligence
Compendium (CLERIC)
A Guide to Sources of Information
Michael Chesbro
6/1/2014
Chesbro's Law Enforcement, Research & Intelligence Compendium (CLERIC)
2014
Table of Contents
Agency Addresses & Points of Contact
Anarchists, Activists, and Saboteurs
Country Studies
Cyber-Intelligence / Cyber-Security
Databases (Searchable On-Line)
Documents and Publications (Intelligence & Analysis)
Drugs
Encryption
Explosives
Foreign Languages
Gangs & Extremist Organizations
Intelligence Community
Intelligence Cycle
Legal Aspects of Inquiries, Ethics, and Integrity
Locks & Lock Picking
Maps & Mapping
Online Dictionaries, Glossaries, Terms & Definitions
Professional Organizations and Memberships
Report Crime On-Line
Software (Freeware)
Surveillance
Terrorism Awareness
Training & Education (On-Line Learning Portals)
Michael Chesbro
2
2014
Agency Addresses & Points of Contact
A-Z Index of U.S. Government Departments and Agencies
Bureau of Alcohol, Tobacco, Firearms and Explosives
Bureau of Citizenship and Immigration Services
Bureau of Justice Statistics
Central Intelligence Agency
Customs and Border Protection
Defense Criminal Investigative Service
Defense Intelligence Agency
Drug Enforcement Administration (DEA)
Federal Bureau of Investigation (FBI)
Federal Bureau of Prisons
Federal Emergency Management Agency (FEMA)
Federal Law Enforcement Training Center
Fusion Centers
Homeland Security Contacts
Homeland Security Investigations
Immigration and Customs Enforcement
Internet Service Provider (ISP) List – This site and ISP list is for law enforcement use and
contains a variety of ISPs and similar information services, specifically, contacts at the legal
departments for law enforcement service of subpoena, court orders, and search warrants.
INTERPOL
Michael Chesbro
3
2014
National Institute of Justice
National Nuclear Security Administration
National Security Agency
Naval Criminal Investigative Service
NOAA Regional Climate Centers
Police Locator – Police Locator is a resource for finding police departments, sheriff's offices
and other law enforcement agencies in the United States of America.
Postal Inspection Service
Transportation Security Administration
U.S. Air Force Office of Special Investigations (OSI)
U.S. Army Criminal Investigation Command (CID)
U.S. Attorneys
U.S. Marshals Service
U.S. Park Police
U.S. Secret Service
U.S. State Department Bureau of Diplomatic Security
Michael Chesbro
4
2014
Anarchists, Activists, and Saboteurs
Activist Post
Anarchism In Action: Methods, Tactics, Skills and Ideas
Anarchist’s Cookbook
Animal Liberation Front: Guide to Direct Action
Anonymous
Black Cat Sabotage Manual
BodyHammer - Tactics and Self-Defense For the Modern Protester
BUSTED: The Citizen's Guide to Surviving Police Encounters (Video)
A Civilian's Guide to Direct Action
CrimethInc
Digital Security and Privacy for Human Rights Defenders
Michael Chesbro
5
2014
Digital Security for Activists
Direct Action Survival Guide
Don't Talk To The Police (Video) Regent Law Professor James Duane gives viewers startling
reasons why they should always exercise their 5th Amendment rights when questioned by
government officials.
Earth First
Earth First Wolf Hunt Sabotage Manual
Ecodefense: A Field Guide to Monkeywrenching
Global Sovereign's Handbook
A Guide to Secure Meetings in Pubs
How to Cop Proof Your Cell Phone
How to Deal with Cops: Q&A with Steve Silverman of Flex Your Rights (Video)
If An Agent Knocks
Infiltrators, Informers and Grasses: how, why and what to do if your group is targeted
Jacob Appelbaum (Part 1/2) Digital Anti-Repression Workshop - April 26 2012
Jacob Appelbaum (Part 2/2) Digital Anti-Repression Workshop - April 26 2012
Know Your Rights (National Lawyer’s Guild)
Know Your Rights: What To Do If You're Stopped By Police… (ACLU)
ONO – Survival In The Digital Age
Operation Backfire - A Survival Guide for Environmental and Animal Rights Activists
A Practical Security Handbook for Activists and Campaigns
Privacy and Security Info for Activists
Michael Chesbro
6
2014
Rats! Your guide to protecting yourself against snitches, informers, informants, agents
provocateurs, narcs, finks, and similar vermin. - Claire Wolfe
Recipes for Disaster: An Anarchist Cookbook
Riseup
Ruckus Security Culture For Activists
Security & Counter-Surveillance: Information Against the Police State
Security In A Box | Tools and Tactics for Your Digital Security
Security Culture: A Handbook For Activists
Surveillance Self-Defense (EFF.Org)
Tactical Technology Collective
Tech Tools For Activists
You Have the Right to Stay Out of Jail (Info-Graphic)
Virtual Activist 2.0
10 Rules for Dealing with Police (Video)
Michael Chesbro
7
2014
Seattle May-Day Riots 2012
Michael Chesbro
8
2014
Country Studies
BBC Country Profiles
CIA World Factbook
Country Studies - This website contains the on-line versions of books previously published in
hard copy by the Federal Research Division of the Library of Congress as part of the Country
Studies/Area Handbook Series sponsored by the U.S. Department of the Army between 1986 and
1998. Each study offers a comprehensive description and analysis of the country or region's
historical setting, geography, society, economy, political system, and foreign policy. (Note:
Dated Material)
Designated Countries List (NASA) - The list of “Designated Countries” is a compilation of
countries with which the United States has no diplomatic relations, countries determined by
Department of State to support terrorism, countries under Sanction or Embargo by the United
States and countries of Missile Technology Concern.
DoD Electronic Foreign Clearance Guide (Requires Password, if not on .mil/.gov network)
Economist Intelligence Unit
International Monetary Fund (IMF) Country Information & Statistics
Library of Congress – Country Studies
Nation Master
US Department of State – Country Studies
US Energy Information Administration - Country Briefs
World Health Organization – Country Profiles
Yahoo Countries
Michael Chesbro
9
2014
Cyber-Intelligence / Cyber-Security
Best Practices for Keeping Your Home Network Secure (NSA, June 2013)
Certified Cyber Intelligence Professional – McAfee Institute
Check your password—is it strong?
Cyber-Security (Department of Homeland Security)
Cyber-Security (Nextgov)
Cyber-Security Tips (US-CERT)
Diceware - Diceware is a method for creating passphrases, passwords, and other cryptographic
variables using an ordinary die from a pair of dice as a hardware random number generator.
Electronic Frontier Foundation
Electronic Privacy Information Center (EPIC)
FTC - How to Keep Your Personal Information Secure
These web-based courses are available through the FBI Virtual Academy as part of the HiTET
program:


Basic Networking for Investigators
Exploiting Mobile Communications for Law Enforcement:
Criminal Tactics and Investigative Techniques
Michael Chesbro
10





2014
Investigating Web Sites for Law Enforcement: A Wealth of Information
Obtaining and Analyzing Digital Records
The Cloud for Law Enforcement: It's All About Communication
Social Media: Friend or Foe?
Tracing Email Addresses
How to Delete Yourself From the Internet
Internet Crime Complaint Center (IC3)
National Security Agency (NSA) Fact Sheets
National Strategy to Secure Cyberspace (2003)
OnGuard On-Line (Computer Security)
Random.Org – Password Generator
Seattle Department of Information Technology – Protecting Your Home Computer
U.S. CERT – Home & Business
Michael Chesbro
11
2014
Programs and Applications
7-Zip - 7-Zip is open source software. Most of
the source code is under the GNU LGPL license.
7-Zip supports encryption with AES-256
algorithm. This algorithm uses cipher key with
length of 256 bits. To create that key 7-Zip uses
derivation function based on SHA-256 hash
algorithm. A key derivation function produces a
derived key from text password defined by user.
For increasing the cost of exhaustive search for
passwords 7-Zip uses big number of iterations to
produce cipher key from text password.
AxCrypt - AxCrypt is free and easy to use open source strong file encryption for Windows
2000/2003/XP/Vista/2008/7, integrated with Windows Explorer. Encrypt, compress, decrypt,
wipe, view and edit with a few mouse clicks. Cryptographic primitives are AES-128 and SHA-1.
Bitmessage is a P2P communications protocol, similar to the Bitcoin protocol, used to send
encrypted messages to another person or to many subscribers.
CCleaner - CCleaner is a tool for cleaning your Windows PC. It protects your privacy online
and makes your computer faster and more secure.
ChatCrypt – ChatCrypt is a web-based chat service that uses a JavaScript implementation of
AES-256 to encrypt messages before they are sent to the chat room. To use ChatCrypt everyone
participating in the chat must share a common password (exchanged beforehand by secure
means). From the ChatCrypt web-site enter a chat room name, username, and a shared
password. Anyone knowing the chat room name can enter the room, but without knowing the
correct password will only see usernames and encrypted text. A WHOIS search shows that the
chatcrypt.com domain is registered in Makkoshotyka, Hungary.
CounterMail: The Secure Email Provider - CounterMail is a secure and easy to use online
email service, designed to provide maximum security and privacy without any unnecessary
Michael Chesbro
12
2014
complexity. You can access your email account at any time, from anywhere in the world. Your
account will always be encrypted and anonymous. CounterMail's encryption works
automatically and transparently, it requires no specialized computer skills or knowledge. If you
are comfortable using services like Hotmail or Gmail, you will be comfortable using
CounterMail's secure email! CounterMail is using a strong encryption protocol called OpenPGP,
with 4096 bits encryption keys to protect your data. To the best of publicly available
information, there is no known method which will allow a person or group to break OpenPGP:s
encryption by cryptographic or computational means.
Cryptocat - Cryptocat is a free, open-source, cross-platform, encrypted chat application for
Firefox, Chrome, and Safari browsers. Cryptocat was initially released on May 19, 2011 and has
undergone regular improvements and updates since its initial release. Cryptocat’s lead developer
was Nadim Kobeissi. Kobeissi’s goal was to simplify secure on-line communication, making it
easily available to everyone who wanted it. Cryptocat is very simple to use. Simply download
and install the Cryptocat application for one of the browsers – Firefox, Chrome, or Safari – for
which it was designed (Cryptocat does not work on Internet Explorer). Start the application,
enter a ‘conversation name’ (the name of the chatroom you want to create), enter a ‘nickname’
(the name you will appear as in the chatroom you created) and then click connect. Cryptocat
creates a secure, encrypted connection and creates the chatroom.
DNSCrypt - When you use HTTPS or SSL, your web browsing traffic is encrypted. When you
use a VPN, all of your traffic is encrypted (usually). Sometimes even with HTTPS and VPNs in
play, DNS requests — or the way your computer translates "lifehacker.com" into numbers that
your computer understands, like "199.27.72.192," are completely unencrypted, leaving you open
to spoofing and man-in-the-middle attacks. DNSCrypt can lock that down. "How to Boost Your
Internet Security with DNSCrypt"
Encryption Wizard (EW) is a simple, strong, Java file and folder encryptor for protection of
sensitive information (FOUO, Privacy Act, CUI, etc.). EW encrypts all file types for data-at-rest
and data-in-transit protection. Without installation or elevated privileges, EW runs on Windows,
Mac, Linux, Solaris, and other computers with Sun Java. Behind its simple drag-n-drop interface,
EW offers 128-bit AES encryption, SHA-256 hashing, searchable metadata, archives,
Michael Chesbro
13
2014
compression, secure deleting, and PKI/CAC/PIV support. EW is GOTS - Government invented,
owned, and supported software. Over 62,500 copies of EW protect a wide variety of data. EW
comes in two, fully-compatible and interoperable editions, EW-Public and EW-Govt. Anyone
can download and use EW-Public. Designed for US Federal Government (and contractor)
computers, EW-Govt is accredited by the Army and Air Force for NIPRNet and SIPRNet. EW is
free to users.
Freenet - Freenet is free software which lets you
anonymously share files, browse and publish
"freesites" (web sites accessible only through
Freenet) and chat on forums, without fear of
censorship. Freenet is decentralised to make it less vulnerable to attack, and if used in "darknet"
mode, where users only connect to their friends, is very difficult to detect. Communications by
Freenet nodes are encrypted and are routed through other nodes to make it extremely difficult to
determine who is requesting the information and what its content is. Users contribute to the
network by giving bandwidth and a portion of their hard drive (called the "data store") for storing
files. Files are automatically kept or deleted depending on how popular they are, with the least
popular being discarded to make way for newer or more popular content. Files are encrypted, so
generally the user cannot easily discover what is in his datastore, and hopefully can't be held
accountable for it. Chat forums, websites, and search functionality, are all built on top of this
distributed data store.
GPG4Win - Gpg4win enables users to securely transport emails and files with the help of
encryption and digital signatures. Encryption protects the contents against an unwanted party
reading it. Digital signatures make sure that it was not modified and comes from a specific
sender. Gpg4win supports both relevant cryptography standards, OpenPGP and S/MIME
Michael Chesbro
14
2014
(X.509), and is the official GnuPG distribution for Windows. It is maintained by the developers
of GnuPG. Gpg4win and the software included with Gpg4win are Free Software (Open Source;
among other things free of charge for all commercial and non-commercial purposes). Creation
of Gpg4win was supported by the German Federal Office for Information Security (BSI).
Guerrilla Mail - Guerrilla Mail gives you a disposable email address. There is no need to
register, simply visit Guerrilla Mail and a random address will be given. You can also choose
your own address. Guerrilla Mail deletes all email that was delivered to an inbox after 1 hour.
Logs are deleted after 24 hours.
HTTPS Everywhere - HTTPS Everywhere is a browser extension for Firefox and Chrome that
attempts to encrypt your traffic with major web-sites. HTTPS Everywhere was developed by the
TOR Project and the Electronic Frontier Foundation.
Hushmail - Hushmail is a web-based email service
offering PGP-encrypted e-mail, file storage. ushmail uses
OpenPGP standards and the source is available for
download. Additional security features include hidden IP
addresses in e-mail headers. An e-mail account has a storage limit of 25MB, and no IMAP or
Post Office Protocol (POP3) service. If public encryption keys are available to both recipient and
sender (either both are Hushmail users or have uploaded PGP keys to the Hush keyserver),
Hushmail can convey authenticated, encrypted messages in both directions. For recipients for
whom no public key is available, Hushmail will allow a message to be encrypted by a password
(with a password hint) and stored for pickup by the recipient, or the message can be sent in
cleartext. (Wikipedia)
I2P Anonymous Network - I2P is an anonymizing network, offering a simple layer that
identity-sensitive applications can use to securely communicate. All data is wrapped with several
layers of encryption, and the network is both distributed and dynamic, with no trusted parties.
Many applications are available that interface with I2P, including mail, peer-peer, IRC chat, and
Michael Chesbro
15
2014
others. The I2P project was formed in 2003 to support the efforts of those trying to build a more
free society by offering them an uncensorable, anonymous, and secure communication system.
I2P is a development effort producing a low latency, fully distributed, autonomous, scalable,
anonymous, resilient, and secure network. The goal is to operate successfully in hostile
environments - even when an organization with substantial financial or political resources attacks
it. All aspects of the network are open source and available without cost, as this should both
assure the people using it that the software does what it claims, as well as enable others to
contribute and improve upon it to defeat aggressive attempts to stifle free speech.
Internet Relay Chat (IRC) - IRC provides a way of communicating in real time with people
from all over the world. It consists of various separate networks (or "nets") of IRC servers,
machines that allow users to connect to IRC. IRC is very similar to text messaging, but designed
around communicating with large groups of users instead of one on one.
IRC Clients for Windows.
John the Ripper Password Cracker - John the Ripper is a free password cracking software
tool. Initially developed for the UNIX operating system, it now runs on fifteen different
platforms (eleven of which are architecture-specific versions of UNIX, DOS, Win32, BeOS, and
OpenVMS). It is one of the most popular password testing and breaking programs as it combines
a number of password crackers into one package, auto-detects password hash types, and includes
a customizable cracker. It can be run against various encrypted password formats including
several crypt password hash types most commonly found on various UNIX versions (based on
DES, MD5, or Blowfish), Kerberos AFS, and Windows NT/2000/XP/2003 LM hash. Additional
modules have extended its ability to include MD4-based password hashes and passwords stored
in LDAP, MySQL, and others.
Michael Chesbro
16
2014
JonDonym - JonDonym servers are operated by independent entities committed to protecting
your data. Because these operators are independent from each other, no single organization has
complete information about you. Your anonymity thereby gets fully protected, unlike
alternatives like (Web-) Proxies and VPNs, which are typically controlled by a single party and
can be easily exploited thereby. In many cases, these parties, their background and their intent
are unknown. When you surf the web your requests travel across different relay points before
serving the web page. Like an Internet provider, each of these relay points can monitor your
entire data traffic on its way towards its destination, e.g. a website or an e-mail service. By
analyzing this data, the relay points may completely deanonymize typical VPN services and
(web-) proxies which only have only one single server location. But with JonDonym, you are
protected! Each of JonDonym's premium services consists of several servers in several different
countries as well as their operators. It would require international cooperation between countries
or operator organizations for your information to be revealed.
LastPass Password Manager is a free password management service developed by LastPass. It
is available as a plugin for Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and
Safari. There is also a LastPass Password Manager bookmarklet for other browsers. LastPass
seeks to resolve the password fatigue problem by centralising user password management in the
cloud. Passwords in LastPass Password Manager are protected by a master password and are
encrypted locally and are synchronized to any other browser. LastPass Password Manager also
has a form filler that automates password entering and form filling. It also supports password
generation, site sharing and site logging.
Lightweight Portable Security (LPS) creates a secure end node from trusted media on almost
any Intel-based computer (PC or Mac). LPS boots a thin Linux operating system from a CD or
USB flash stick without mounting a local hard drive. Administrator privileges are not required;
nothing is installed. The LPS family was created to address particular use cases: LPS-Public is a
Michael Chesbro
17
2014
safer, general-purpose solution for using web-based applications. The accredited LPS-Remote
Access is only for accessing your organization's private network.
LPS-Public allows general web browsing and connecting to remote networks. It includes a smart
card-enabled Firefox browser supporting CAC and PIV cards, a PDF and text viewer, Java, and
Encryption Wizard - Public. LPS-Public turns an untrusted system (such as a home computer)
into a trusted network client. No trace of work activity (or malware) can be written to the local
computer. Simply plug in your USB smart card reader to access CAC- and PIV-restricted US
government websites.
LPS differs from traditional operating systems in that it isn't continually patched. LPS is
designed to run from read-only media and without any persistent storage. Any malware that
might infect a computer can only run within that session. A user can improve security by
rebooting between sessions, or when about to undertake a sensitive transaction. For example,
boot LPS immediately before performing any online banking transactions. LPS should also be
rebooted immediately after visiting any risky web sites, or when the user has reason to suspect
malware might have been loaded. In any event, rebooting when idle is an effective strategy to
ensure a clean computing session. LPS is updated on a regular basis (at least quarterly patch and
maintenance releases). Update to the latest versions to have the latest protection.
Mailvelope - Mailvelope is a browser extension that enables the exchange of encrypted emails
following the OpenPGP encryption standard. Mailvelope uses the OpenPGP encryption standard
which makes it compatible with existing email encryption solutions. Installing Mailvelope from
the Chrome Web Store ensures that the installation package is signed and therefore its origin and
integrity can be verified. Mailvelope integrates directly into the webmail user interface, its
elements are unintrusive and easy to use in your normal workflow. It comes preconfigured for
major webmail providers. Mailvelope can be customized to work with any provider.
Malwarebytes - Malwarebytes is an application for computers running under the Microsoft
Windows operating system that finds and removes malware. Made by Malwarebytes
Corporation, it was first released in January 2008. It is available in a free version, which scans
for and removes malware when started manually, and a paid version, which additionally provides
scheduled scans, real-time protection and a flash memory scanner.
Michael Chesbro
18
2014
Microsoft Security Essentials is an antivirus software (AV) product that provides protection
against different types of malware such as computer viruses, spyware, rootkits and Trojan horses.
It runs on Windows XP, Windows Vista and Windows 7, but not on Windows 8, which has a
built-in AV component.
Open Web Application Security Project (OWASP)
OWASP Application Security Videos
Password Safe - Many computer users today have to keep track of dozens of passwords: for
network accounts, online services, and premium web sites. Some write their passwords on a
piece of paper, leaving their accounts vulnerable to thieves or in-house snoops. Others choose the
same password for different applications, which makes life easy for intruders of all kinds. With
Password Safe, a free utility designed by Bruce Schneier, users can keep their passwords
securely encrypted on their computers. A single Safe Combination--just one thing to remember-unlocks them all. Password Safe protects passwords with the Twofish encryption algorithm, a
fast, free alternative to DES. Download Password Safe.
The Pirate Bay (commonly abbreviated TPB)
is a website that provides torrent files and
magnet links to facilitate peer-to-peer file
sharing using the BitTorrent protocol. It was
founded in Sweden in 2003. In 2009, the
website’s founders were put on trial in
Sweden, charged with facilitating illegal
Michael Chesbro
19
2014
downloading of copyrighted material. They were found guilty by the court and sentenced to a
year in prison with a fine of 30 million SEK (€2.7M or US$3.5M as of 2009). In some countries,
ISPs have been ordered to block access to the website. Since then, proxies have been made all
around the world providing access to The Pirate Bay.
The Pirate Bay Browser
ProtonMail - ProtonMail was founded in summer 2013 at CERN by scientists who were drawn
together by a shared vision of a more secure and private Internet. Early ProtonMail hackathons
were held at the famous CERN Restaurant One. ProtonMail is developed both at CERN and MIT
and is headquartered in Geneva, Switzerland. Switzerland Based: ProtonMail is incorporated in
Switzerland and our servers are located in Switzerland. We are outside of US and EU jurisdiction
and all user data is protected by strict Swiss privacy laws. All user data is protected by the Swiss
Federal Data Protection Act (DPA) and the Swiss Federal Data Protection Ordinance (DPO)
which offers some of the strongest privacy protection in the world for both individuals and
entities. Only a court order from the Cantonal Court of Geneva or the Swiss Federal Supreme
Court can compel us to release the extremely limited user information we have.
Privnote is a message encryption service provided by the technology company
Insophia, located in Montevideo, Uruguay. Privnote works by encrypting a
message created on the Privnote web-site, storing that encrypted message on the
Privnote servers, and providing a link to view that message. An example of a link
to a message on the Privnote server looks like this:
https://privnote.com/n/mewehlwavzmvhpeq/#tfhduyzlckqeokqf. A person simply
follows this link to view the message. Once the message has been opened
(someone has clicked on the link) the message is deleted from the Privnote
Michael Chesbro
20
2014
servers. Thus a person gets to read a message sent through Privnote one time
before it is deleted. If there is a need to keep the information sent through
Privnote, the recipient can copy and paste the text of the message to another
document, or make a screenshot of the decrypted Privnote message. Messages
left unread on the Privnote servers are automatically deleted after 30 days.
OneShar – A system much like Privnote is Oneshar (). Oneshar allows a user to
create a message of up to 1000 characters in length, then encrypts the message
and provides the user with a link to access the message. Oneshar also allows the
creator of the message to set a time of 30 minutes, 1 hour, 2 hours, 4 hours, 8
hours, or 1, 2, or 3 days before the message is deleted from the Oneshar servers.
NoteDIP is another service for sending self-destructing messages. NoteDIP
allows one to specify a password in order to access NoteDIP link containing the
message. NoteDIP also allows for the sender to include an e-mail address to
receive notification when a message has been read.
Destructing Message creates a link to a created message and includes a selfdestruct time that begins a countdown when the message is opened. The time
until the message self-destructs after being opened can be set for 15, 30, or 45
seconds, or 1, 2, or 5 minutes. After the timer reaches zero the message is
destroyed.
TMWSD stands for “This Message Will Self Destruct”. Like other selfdestructing message services, TMWSD creates a link to the message you have
created. TMWSD allows for a password requirement to access the message, and
also allows one to create multiple links to the same message (each of which
allows the message to be read just one time).
Burn Note operates from the web and from both iOS and Android mobile apps.
When a Burn Note message is opened by the recipient a sender-set count-down
from 1 to 120 seconds starts, and upon reaching zero the message is deleted.
Burn Note messages allow setting of a password to open the message as well. A
Michael Chesbro
21
2014
unique feature of Burn Note is the spotlight feature that displays only part of the
message at a time (the part under the spotlight) thus resisting copy and paste and
screen shots of the entire message.
The Amnesiac Incognito Live System (TAILS)
Tails is a live system that aims at preserving
your privacy and anonymity. It helps you to use
the Internet anonymously almost anywhere you
go and on any computer but leave no trace
using unless you ask it explicitly.
It is a complete operating-system designed to
be used from a DVD or a USB stick
independently of the computer's original
operating system. It is Free Software and based
on Debian GNU/Linux.
Tails comes with several built-in applications pre-configured with security in mind: web
browser, instant messaging client, email client, office suite, image and sound editor, etc.
TOR (The Onion Router)
Tor is free software and an open network that helps you
defend against a form of network surveillance that
threatens personal freedom and privacy, confidential
business activities and relationships, and state security
known as traffic analysis
Tor was originally designed, implemented, and deployed
as a third-generation onion routing project of the U.S.
Naval Research Laboratory. It was originally developed with the U.S. Navy in mind, for the
primary purpose of protecting government communications. Today, it is used every day for a
Michael Chesbro
22
2014
wide variety of purposes by normal people, the military, journalists, law enforcement officers,
activists, and many others.
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and
security on the Internet. It also enables software developers to create new communication tools
with built-in privacy features. Tor provides the foundation for a range of applications that allow
organizations and individuals to share information over public networks without compromising
their privacy.
TrueCrypt - TrueCrypt is software for establishing and maintaining an on-the-fly-encrypted
volume (data storage device). On-the-fly encryption means that data is automatically encrypted
right before it is saved and decrypted right after it is loaded, without any user intervention. No
data stored on an encrypted volume can be read (decrypted) without using the correct
password/keyfile(s) or correct encryption keys. Entire file system is encrypted (e.g., file names,
folder names, contents of every file, free space, meta data, etc).
USB Safeguard
Runs with any USB pen drive
No installation required
On the fly AES 256 bits encryption
Free version limited to 2GB drives
UseNet - UseNet is a worldwide distributed Internet discussion
system. It was developed from the general purpose UUCP
architecture of the same name. Duke University graduate
students Tom Truscott and Jim Ellis conceived the idea in 1979
and it was established in 1980. Users read and post messages
(called articles or posts, and collectively termed news) to one or
more categories, known as newsgroups. Usenet resembles a
bulletin board system (BBS) in many respects, and is the precursor to Internet forums that are
Michael Chesbro
23
2014
widely used today. Usenet can be superficially regarded as a hybrid between email and web
forums. Discussions are threaded, as with web forums and BBSes, though posts are stored on the
server sequentially. One notable difference between a BBS or web forum and Usenet is the
absence of a central server and dedicated administrator. Usenet is distributed among a large,
constantly changing conglomeration of servers that store and forward messages to one another in
so-called news feeds. Individual users may read messages from and post messages to a local
server operated by a commercial UseNet provider, their Internet service provider, university, or
employer.
Michael Chesbro
24
2014
Wicker App
Confide App
Michael Chesbro
25
2014
Apricorn Aegis Padlock 1 TB USB 3.0 256-bit AES XTS
Hardware Encrypted Portable External Hard Drive
Utilizes Military Grade FIPS PUB 197 Validated
Encryption Algorithm
Super-fast USB 3.0 Connection - Data transfer
speeds up to 10X faster than USB 2.0
Software Free Design - With no admin rights
needed
Sealed from Physical Attacks by Tough Epoxy
Coating
Brute Force Self Destruct Feature
Compact, Rugged Design - Perfect for taking your
data on the road
Wear Resistant Key Pad
See Item on Amazon.Com - Additional security can be obtained by installing TrueCrypt
on the Aegis Padlock drive, and then creating a TrueCrypt encrypted volume on the drive in
which to store your sensitive document and files. Gaining unauthorized access to data stored in
this way would require both bypassing the AES hardware encryption of the Aegis Padlock drive,
and then bypassing the AES encryption used in TrueCrypt.
Blackphone
Michael Chesbro
26
2014
Databases
(Searchable On-Line)
Air Traffic Control System Command Center - Flight Delay Information
American Medical Association: DoctorFinder – Doctor Finder provides basic professional
information on virtually every licensed physician in the United States. This includes more than
814,000 doctors.
AnyWho – White Pages
Background Affiliation Status Information Center (BASIC) – BASIC contains Commodity
Futures Trading Commission (CFTC) registration and NFA membership information and
futures-related regulatory and non-regulatory actions contributed by NFA, the CFTC and the
U.S. futures exchanges.
Better Business Bureau
Bureau of Justice Statistics
DEA - Office of Diversion Control (Query Form)
FCC - License Search
Federal Bureau of Prisons Inmate Locator (includes all inmates from 1982 to present)
FINRA BrokerCheck - BrokerCheck is a free tool to help investors research the professional
backgrounds of current and former FINRA-registered brokerage firms and brokers, as well as
investment adviser firms and representatives.
Homeland Security Digital Library
Immigration & Customs Enforcement (ICE) Detainee Locator System
IRS - Exempt Organizations Select Check – This database is an on-line search tool that allows
users to select an exempt organization and check certain information about its federal tax status
and filings. It consolidates three former search sites into one, providing expanded search
Michael Chesbro
27
2014
capability and a more efficient way to search for organizations that are eligible to receive taxdeductible charitable contributions (Publication 78 data). Users may rely on this list in
determining deductibility of contributions.
National Sex Offender Public Registry
Pipl "The most comprehensive people search on the web."
Selective Service Online Registration Verification
Spokeo - Spokeo is a people search engine that organizes White Pages listings, Public Records
and Social Network Information to help you safely find & learn about people.
Uniform Crime Reporting - The Uniform Crime Reporting (UCR) Program has been the
starting place for law enforcement executives, students of criminal justice, researchers, members
of the media, and the public at large seeking information on crime in the nation. The program
was conceived in 1929 by the International Association of Chiefs of Police to meet the need for
reliable uniform crime statistics for the nation. In 1930, the FBI was tasked with collecting,
publishing, and archiving those statistics. Today, four annual publications, Crime in the United
States, National Incident-Based Reporting System, Law Enforcement Officers Killed and
Assaulted, and Hate Crime Statistics are produced from data received from over 18,000 city,
university/college, county, state, tribal, and federal law enforcement agencies voluntarily
participating in the program. The crime data are submitted either through a state UCR Program
or directly to the FBI’s UCR Program.
VINCheck - NICB's VINCheck is a service provided to the public to assist in determining if a
vehicle has been reported as stolen, but not recovered, or has been reported as a salvage vehicle
by cooperating NICB members. To perform a search, a Vehicle Identification Number (VIN) is
required. A maximum of five VINCheck searches can be conducted within a 24-hour period per
IP address.
VIN View is a free online VIN decoder that allows you to see the information about your vehicle
that it contains. VIN View supports decoding of any vehicle identification number that was
Michael Chesbro
28
2014
issued after 1978, which is when ISO 3779 was established to make a uniform way to track
vehicles.
VINE-Link - VINE-Link is the online version of VINE (Victim Information and Notification
Everyday), the National Victim Notification Network. This service allows crime victims to
obtain timely and reliable information about criminal cases and the custody status of offenders
24 hours a day. Victims and other concerned citizens can also register to be notified by phone,
email or TTY device when an offender's custody status changes. Users can also register through
their participating state or county toll-free number.
Uniform Crime Reporting (FBI)
U.S. Department of Education Database of Accredited Postsecondary Institutions
Michael Chesbro
29
2014
Documents and Publications
(Intelligence & Analysis)
10 Simple Steps to Help Your Agency Become a
Part of the National Criminal Intelligence Sharing Plan
Department of Justice (February 2008)
Analyst Toolbox: A Toolbox for the Intelligence Analyst
Department of Justice (November 2006)
Analyst's Style Manual
Welch, Bill (2008)
Assessing Responses to Problems:
An Introductory Guide for Police Problem-Solvers
Eck, John E. (January 2004)
Become a Problem Solving Crime Analyst In 55 Small Steps
Clarke, Ronald V. & John Eck (2003)
Common Competencies for State, Local, and Tribal Intelligence Analysts
Department of Justice (June 2010)
Crime Analysis for Problem Solvers In 60 Small Steps
Clarke, Ronald V. & John E. Eck (August 2005)
Crime Analysis for Problem Solving Security Professionals in 25 Small Steps
Vellani, Karim H. (2010)
Crime Analyst’s Guide to Mapping
Higgins, Daniel F. (April 2003)
Criminal Intelligence File Guidelines
LEIU March (2002)
Michael Chesbro
30
2014
Criminal Intelligence Manual for Analysts
United Nations (April 2011)
Criminal Intelligence Manual for Front-line Law Enforcement
United Nations (December 2010)
Criminal Intelligence Manual for Managers
United Nations (March 2011)
Criminal Intelligence Resource Guide
Critical Thinking and Intelligence Analysis
Moore, David (March 2006)
Curing Analytic Pathologies - Pathways to Improved Intelligence Analysis
Cooper, Jeffrey R. (December 2005)
Dictionary of Military and Associated Terms
Department of Defense (8 November 2010 (As Amended Through 16 July 2013))
Enhancing the Problem-Solving Capacity of Crime Analysis Units
White, Matthew B. (August 2008)
Excel for Analysts
West Virginia University (2012)
Fifteen Axioms for Intelligence Analysts
Watanabe, Frank (April 1995)
Improving Intelligence Analysis with ACH
Heuer, Richards J. (November 2005)
Improving the Law Enforcement Intelligence Community Relationship
Kelley, Patrick A. (June 2007)
Michael Chesbro
31
2014
Increasing Analytic Capacity of State and Local Law Enforcement Agencies
Integrated Intelligence and Crime Analysis
Ratcliffe, Jerry H. (August 2007)
Integration Of Crime Analysis Into Patrol Work
Taylor, Bruce & Rachel Boba (September 2011)
Intelligence As A Career
AFIO (May 2011)
Intelligence Analysis for Problem Solvers
Eck, John E. & Ronald V. Clarke (September 2013)
Intelligence Guide for First Responders
ITACG
Intelligence Guide for First Responders, 2nd Edition
ITACG (March 2011)
Intelligence-Led Policing: The New Intelligence Architecture
Peterson, Marilyn (September 2005)
Introductory Guide to Crime Analysis and Mapping
Boba, Rachel (November 2001)
Law Enforcement Analyst Certification Standards
Department of Justice (January 2010)
Law Enforcement Analytic Standards, 2nd Edition
IALEIA (April 2012)
Law Enforcement Intelligence
A Guide for State Local and Tribal Law Enforcement Agencies
Carter, David L. (November 2004)
Michael Chesbro
32
2014
Law Enforcement Intelligence
A Guide for State Local and Tribal Law Enforcement Agencies, 2nd Edition
Carter, David L. (January 2009)
Mapping Crime Principle and Practice
Harries, Keith (December 1999)
Minimum Criminal Intelligence Training Standards
for Law Enforcement and Other Criminal Justice Agencies in the United States, Version 2
Department of Justice (October 2007)
National Criminal Intelligence Sharing Plan
Department of Justice (October 2003)
National Summit on Intelligence Gathering, Sharing, Analysis, and Use After 9-11
IACP (September 2008)
Navigating Your Agency's Path to Intelligence-Led Policing
Department of Justice (February 2009)
Out of Bounds: Innovation and Change in Law Enforcement Intelligence Analysis
Osborne, Deborah (Editor) (March 2006)
Police Information and Intelligence Systems
United Nations (November 2006)
Police Intelligence Operations, ATTP 3-39.20
Department of the Army (July 2010)
Practical Guide to Intelligence-Led Policing
New Jersey State Police (September 2006)
Privacy, Civil Rights, and Civil Liberties
Compliance Verification for the Intelligence Enterprise
Michael Chesbro
33
2014
Protecting your Community from Terrorism Volume 4
The Production and Sharing of Intelligence
Loyka, Stephan A., Donald A. Faggiani, and Clifford Karchmer (February 2005)
Protective Intelligence and Threat Assessment Investigations
Department of Justice (July 1998)
Psychology of Intelligence Analysis
Heuer, Richards J. (1999)
Reducing Crime Through Intelligence-Led Policing
Department of Justice (2012)
Security Engineering
Ross Anderson (2012)
Sensemaking A Structure for an Intelligence Revolution
Moore, David T. (March 2011)
Special Forces Handbook for the Fingerprint Identification System TC 31-20-2 (FOUO)
Department of the Army (September 2008) (Requires DoD CAC to access this publication.)
Strategic Early Warning for Criminal Intelligence
Criminal Intelligence Service Canada (2007)
Structured Analysis of Competing Hypotheses
Wheaton, Kristan J. & Diane E. Chido (Nov / Dec 2006)
Thinking and Writing Cognitive Science and Intelligence Analysis
Sinclair, Robert S. (Jan 84 ) (February 2010)
Tradecraft Primer - Structured Analytic Techniques for Improving Intelligence Analysis
US Government (March 2009)
Why Law Enforcement Agencies Need an Analytical Function
Department of Justice (December 2007)
Michael Chesbro
34
2014
Drugs
Abused Pharmaceutical Substances Brochure
DEA Drug Fact Sheets
DEA - Office of Diversion Control (Query Form)
DEA Position on Marijuana (January 2011)
DEA - Report Submission Form for Suspected
Unlawful Sales of Pharmaceutical Drugs on the Internet
Drug Guide @ Drug Free.Org
Drugs of Abuse: A DEA Resource Guide (2011)
Drugs of Abuse: An Identification Guide (2010/2011)
Drugs of Abuse: National Institute on Drug Abuse
Growing Up Drug Free: A Parent’s Guide to Prevention (October 2012)
National Drug Threat Assessment (2011)
Pill Identifier - Identify Drugs by Shape, Color, and More
WebMD Pill Identification Tool
Michael Chesbro
35
2014
Encryption
American Cryptogram Association
Basic Cryptanalysis FM 34-40-2 (13 September 1990)
Cipher Tools
The Code Book How to Make It, Break It, Hack It, Crack It.
Codes vs. Ciphers (Khan Academy)
CryptoBench - CryptoBench provides a source of strong cryptographic transformations to help
in the cryptanalysis process of common cryptographic schemes. With CryptoBench you can:
Generate 14 cryptographic hashes and 2 checksums, Encrypt and Decrypt with 29 different
secret key or symmetric schemes, Encrypt, Decrypt, Sign and Verify with 6 different public key
or asymmetric schemes.
Crypto Corner – This website is dedicated to explaining clearly how a variety of codes and
ciphers work, how to use them to both encrypt and decrypt a message, and how to use methods
to help break a code that you have intercepted.
CrypTool – The CrypTool Portal raises awareness and interest in cryptography for everyone.
All learning programs in the CrypTool project are open source and available for free. The
CrypTool project develops the world most-widespread free e-learning programs in the area of
cryptography and cryptoanalysis.
Decrypto 8.5 - Decrypto is a fast and automated cryptogram solver by Edwin Olson. It can
decode word games often found in newspapers, including puzzles like cryptoquips and
patristocrats. You can also download a stand-alone version.
Michael Chesbro
36
2014
Introduction to Cryptography
Journey Into Cryptography (Khan Academy)
MD5 Decrypter
One-time Pad (OTP) - One-time pad (OTP), also called Vernam-cipher or the perfect cipher, is
a crypto algorithm where plaintext is combined with a random key. It is the only known method
to perform mathematically unbreakable encryption. Used by Special Operations teams and
resistance groups in WW2, popular with intelligence agencies and their spies during the Cold
War and beyond, protecting diplomatic and military communications around the world for many
decades, the one-time pad gained a reputation as a simple yet solid encryption system with an
absolute security which is unmatched by today's modern crypto algorithms. Whatever
technological progress may come in the future, one-time pad encryption is, and will remain, the
only system to provide real long-term message security.
An Overview of Cryptography
Reverse Hash Calculator
ROT-13
Michael Chesbro
37
2014
Rot-13 (short for rotate 13) is a simple letter substitution encryption scheme. It works by
replacing the current English letters in a message with those that are 13 positions ahead in the
alphabet. For example, the letter a is replaced by n, b by o, c by p, etc. Numbers and punctuation
are not encoded.
ROT47 - The ROT47 (Caesar cipher by 47 chars) is a simple character substitution cipher that
replaces a character within the ASCII range [33, 126] with the character 47 character after it
(rotation) in the ASCII table. It is an invertible algorithm i.e. applying the same algorithm to the
input twice will get the origin text.
Secret Code Breaker: On-Line Cryptanalysis Handbook
Solitaire Encryption Algorithm
Tomb: The Crypto Undertaker
Michael Chesbro
38
2014
Explosives
Bomb-Making Materials Awareness Program (BMAP) User Guides
Bomb Threat Checklist / Call Procedures
Bomb Threat Standoff Distance Chart
Car Bomb Recognition Guide
Defense Ammunition Center
Domestic Improvised Explosive Device (IED) Threat Overview
Drano Bombs - When added to water, both the sodium in lye (NaOH) and the aluminum (Al)
bind preferentially to the oxygen that water (H2O) provides. This creates a reactive white crystal
called sodium aluminate (NaAlO2), but more importantly, it creates a large quantity of hydrogen
(H2) gas. Add Drano and a few balls of aluminum foil to an empty plastic (or worse, glass)
bottle, and you have an improvised explosive device just waiting to blow. As the aluminum
dissolves, hydrogen gas fills the bottle, eventually shattering it. The amount of force that is
generated when a device of this nature detonates is powerful enough to sever fingers and limbs,
cause 2nd and 3rd-degree chemical burns, respiratory injury, blindness and hearing loss, and
even death.
Explosion Dynamics Course - This module teaches the
foundational knowledge of explosion dynamics, which is a
necessary precursor to investigating an explosion scene. This
foundational knowledge includes the types of explosions,
proper terminology when classifying explosions and
explosion damage, explosion effects, important factors in the
causes of naturally-occurring explosions, and the
characteristics of explosives.
Explosive Standoff Distances
Michael Chesbro
39
2014
Explosives Course
Homemade Explosive / Bulk Explosive Recognition Guide
Homemade Explosives Recognition Guide
How To Make A Smoke Bomb (Video)
Improvised Munitions Black Book, Vol. 1
Improvised Munitions Handbook (TM 31-210)
Indicators and Warnings for Homemade Explosives
Introduction to Explosives (Dept. of Homeland Security)
Mitigating the Effects of High-Explosive Blasts on Structures and Personnel - Mitigating the
Effects of High-Explosive Blasts on Structures and Personnel (MEBSP) is a distance learning
course that is focused on understanding the destructiveness of explosions, and the effects of
blasts on structures. This course will include modeling of structures under explosions,
physiological effects of blasts, and methodologies for investigating effectiveness of defensive
measures and counter-terrorism planning. (This course must be taken from a .mil or a .gov
network.)
National Park Service Handbook for the Transportation, and Use of Explosives (1999)
Retail Security Awareness: Understanding the Hidden Hazards (IS-912) - The purpose of
this course is to make persons involved in commercial retail operations aware of the actions they
can take to identify and report suspicious purchases or thefts of products that actors could use in
terrorist or other criminal activities. To achieve this goal, the course provides an overview of
prevention steps aimed at identifying and monitoring high-risk inventory products and reporting
suspicious activities to law enforcement agencies. At the end of this course, the participants will
be able to identify steps they can take to help prevent their inventory from being used to
manufacture or deploy homemade explosives.
Michael Chesbro
40
Michael Chesbro
2014
41
2014
Sparkler Bombs
A sparkler is a type of hand-held firework that burns slowly while emitting colored flames,
sparks, and other effects. Sparkler bombs are constructed by binding together a large number of
sparklers with tape, leaving one extended to use as a fuse.
There are numerous instructions on the Internet that show how to build sparkler bombs. For
example, this YouTube Video, or this Step-by-Step Instruction.
Sparkler bombs can be quite powerful, causing both
property damage and personal injury.
* Hole blown through the wall of a school in Kent,
WA using a sparkler bomb. Reference: Seattle PI
* Man may lose part of leg after sparkler bomb
explosion. Reference: King 5 News
Suspicious Mail or Packages
Threat to Buildings from Explosive Devices (NYPD)
Michael Chesbro
42
2014
Foreign Languages
101 Languages
AKO Foreign Language Resources
BBC Language Courses
Defense Language Institute – Foreign Language Center (Headstart)
Deutsche Welle - German Language Course
Duo Lingo
Español for Law Enforcement
Familiarization - Language & Cultural Awareness
Foreign Service Institute Language Courses
Global Language Online Support System (GLOSS) - Defense Language Institute
I Speak... Language Identification Guide - This guide assists literate individuals who are not
proficient in English to identify a preferred language.
Michael Chesbro
43
2014
Internet Polyglot
Joint Language University
Language Proficiency Tests
Living Languages
Madinah Arabic Course
Open Culture
Surface Languages
Tactical Language & Culture Training System
Michael Chesbro
44
2014
Gangs & Extremist Organizations
Definition of Gangs: (1) an association of three or more individuals; (2) whose members
collectively identify themselves by adopting a group identity which they use to create an
atmosphere of fear or intimidation frequently by employing one or more of the following: a
common name, slogan, identifying sign, symbol, tattoo or other physical marking, style or color
of clothing, hairstyle, hand sign or graffiti; (3) the association's purpose, in part, is to engage in
criminal activity and the association uses violence or intimidation to further its criminal
objectives; (4) its members engage in criminal activity, or acts of juvenile delinquency that if
committed by an adult would be crimes; (5) with the intent to enhance or preserve the
association's power, reputation, or economic resources; (6) the association may also possess
some of the following characteristics: (a) the members employ rules for joining and operating
within the association; (b) the members meet on a recurring basis; (c) the association provides
physical protection of its members from other criminals and gangs; (d) the association seeks to
exercise control over a particular location or region, or it may simply defend its perceived
interests against rivals; or (e) the association has an identifiable structure. (7) this definition is
not intended to include traditional organized crime groups such as La Cosa Nostra, groups that
fall within the Department's definition of "international organized crime," drug trafficking
organizations or terrorist organizations. (DOJ: Organized Crime and Gang Section)
ADL - Symbol Guide for Law Enforcement

Hate Symbols

International Terrorist Symbols

Hate Crime Indicators
Bigots on Bikes (ADL 2011)
CBS 60 Minutes Report on Sovereign Citizen Movement
Federal and State Definitions of the Terms “Gang,” “Gang Crime,” and “Gang Member”
Gang-Related Activity in the US Armed Forces Increasing (2007)
Gangs 101
Michael Chesbro
45
2014
Gangs, Guns & Drugs Video (22 minutes)
Gangs in the Military: Armed & Dangerous Forces (Part 1)
Gangs in the Military: Armed & Dangerous Forces (Part 2)
Growing Danger of the Sovereign Citizen Movement
National Gang Center
National Gang Threat Assessment (2011)
Outlaw Motorcycle Gangs (OMGs) are organizations whose members use their motorcycle
clubs as conduits for criminal enterprises. OMGs are highly structured criminal organizations
whose members engage in criminal activities such as violent crime, weapons trafficking, and
drug trafficking. There are more than 300 active OMGs within the United States, ranging in size
from single chapters with five or six members to hundreds of chapters with thousands of
members worldwide. The Hells Angels, Mongols, Bandidos, Outlaws, and Sons of Silence pose
a serious national domestic threat and conduct the majority of criminal activity linked to OMGs,
especially activity relating to drug-trafficking and, more specifically, to cross-border drug
smuggling. Because of their transnational scope, these OMGs are able to coordinate drug
smuggling operations in partnership with major international drug-trafficking organizations
(DTOs).
Quick Guide to Gangs
Recognize the Signs - Gang Awareness Guide
Southern Poverty Law Center – Hate Map
Sovereign Citizens: An Introduction for Law Enforcement
Michael Chesbro
46
2014
Intelligence Community
Intelligence.Gov
Office of the Director of National Intelligence
The U.S. Intelligence Community (IC) is a coalition of 17 agencies and organizations within the
executive branch that work both independently and collaboratively to gather the intelligence
necessary to conduct foreign relations and national security activities. Our primary mission is to
collect and convey the essential information the President and members of the policymaking, law
enforcement, and military communities require to execute their appointed duties.
The 17 IC member agencies are:
Michael Chesbro
47

Air Force Intelligence

Federal Bureau of Investigation

Army Intelligence

Marine Corps Intelligence

Central Intelligence Agency

National Geospatial-Intelligence

Coast Guard Intelligence

Defense Intelligence Agency

National Reconnaissance Office

Department of Energy

National Security Agency

Department of Homeland Security

Navy Intelligence

Department of State

Office of the Director of National

Department of the Treasury

Drug Enforcement Administration
Agency
Intelligence
Members of the IC collect and assess information regarding international terrorist and narcotic
activities; other hostile activities by foreign powers, organizations, persons, and their agents; and
foreign intelligence activities directed against the United States (U.S.). As needed, the President
may also direct the IC to carry out special activities in order to protect U.S. security interests
against foreign threats.
An Overview of the United States Intelligence Community for the 111th Congress (2009)
Commission on the Intelligence Capabilities of the United States Regarding Weapons of
Mass Destruction - Report to the President, March 31, 2005
Intelligence: A Guide for First Responders
Office of the National Counter Intelligence Executive
U.S. National Intelligence - An Overview 2013
Worldwide Threat Assessment of the US Intelligence Community (March 12, 2013)
2014
Intelligence Cycle
Intelligence Cycle - The intelligence cycle is the process of developing unrefined data into
polished intelligence for the use of policymakers. The intelligence cycle consists of six steps,
described below. The graphic below shows the circular nature of this process, although
movement between the steps is fluid. Intelligence uncovered at one step may require going back
to an earlier step before moving forward. (FBI Directorate of Intelligence)
The Intelligence Cycle
The Intelligence Cycle is the process of developing raw information into finished intelligence for
policymakers to use in decision-making and action. There are five steps which constitute the
Intelligence Cycle.
Michael Chesbro
49
2014
1. Planning and Direction
This is management of the entire effort, from identifying the need for data to delivering an
intelligence product to a consumer. It is the beginning and the end of the cycle--the beginning
because it involves drawing up specific collection requirements and the end because finished
intelligence, which supports policy decisions, generates new requirements.
The whole process depends on guidance from public officials. Policymakers--the President, his
aides, the National Security Council, and other major departments and agencies of government-initiate requests for intelligence.
2. Collection
...is the gathering of the raw information needed to produce finished intelligence. There are many
sources of information including open sources such as foreign broadcasts, newspapers,
periodicals, and books. Open source reporting is integral to CIA's analytical capabilities. There
are also secret sources of information. CIA's operations officers collect such information from
agents abroad and from defectors who provide information obtainable in no other way.
Finally, technical collection--electronics and satellite photography--plays an indispensable role in
modern intelligence, such as monitoring arms control agreements and providing direct support to
military forces.
3. Processing
...involves converting the vast amount of information collected to a form usable by analysts
through decryption, language translations, and data reduction.
4. All Source Analysis and Production
...is the conversion of basic information into finished intelligence. It includes integrating,
evaluating, and analyzing all available data--which is often fragmentary and even contradictory-and preparing intelligence products. Analysts, who are subject-matter specialists, consider the
information's reliability, validity, and relevance. They integrate data into a coherent whole, put
the evaluated information in context, and produce finished intelligence that includes assessments
of events and judgments about the implications of the information for the United States.
The CIA devotes the bulk of its resources to providing strategic intelligence to policymakers. It
performs this important function by monitoring events, warning decisionmakers about threats to
the United States, and forecasting developments. The subjects involved may concern different
regions, problems, or personalities in various contexts--political, geographic, economic, military,
scientific, or biographic. Current events, capabilities, and future trends are examined.
Michael Chesbro
50
2014
The CIA produces numerous written reports, which may be brief--one page or less--or lengthy
studies. They may involve current intelligence, which is of immediate importance, or long-range
assessments. The Agency presents some finished intelligence in oral briefings. The CIA also
participates in the drafting and production of National Intelligence Estimates, which reflect the
collective judgments of the Intelligence Community.
5. Dissemination
The last step, which logically feeds into the first, is the distribution of the finished intelligence to
the consumers, the same policymakers whose needs initiated the intelligence requirements.
Finished intelligence is hand-carried daily to the President and key national security advisers.
The policymakers, the recipients of finished intelligence, then make decisions based on the
information, and these decisions may lead to the levying of more requirements, thus triggering
the Intelligence Cycle.
Michael Chesbro
51
2014
Legal Aspects of Inquiries, Ethics, and Integrity
28 CFR Part 23 (Criminal Intelligence Systems Operating Policies) Training Program
Civil Rights and Law Enforcement Intelligence
Commander’s Legal Handbook (2013)
Ethics for the Individual Officer
FLETC Legal Division: 4th Amendment Road Map Podcasts
(Listen to the following three podcasts.)
-Definition of a Government Agent Under the 4th Amendment (MP3)
-Reasonable Expectation of Privacy (I) (MP3)
-Reasonable Expectation of Privacy (II) (MP3)
First Amendment Training
Intelligence Oversight Related to CONUS Antiterrorism / Force Protection
ISE Core Awareness Training
Information Sharing Environment (ISE) Privacy Guidelines - FAQ
Introduction to Intelligence Oversight and Sensitive Information: The Department of
Defense Rules for Protecting Americans’ Information and Privacy - by Kevin W. Kapitan April 2013 • The Army Lawyer • DA PAM 27-50-479
LEIU’s Criminal Intelligence File Guidelines
National Criminal Intelligence Sharing Plan
Personally Identifiable Information (PII)
Photography
When in public spaces where you are lawfully present you have the right to photograph anything
that is in plain view. That includes pictures of federal buildings, transportation facilities, and
police. Such photography is a form of public oversight over the government and is important in a
free society. Taking photographs of things that are plainly visible from public spaces is a
Michael Chesbro
52
2014
constitutional right – and that includes federal buildings, transportation facilities, and police and
other government officials carrying out their duties. Unfortunately, there is a widespread,
continuing pattern of law enforcement officers ordering people to stop taking photographs from
public places, and harassing, detaining and arresting those who fail to comply.
Know Your Rights: Photographers (ACLU of Idaho)
Legal Rights of Photographers
Photographer's Guide to Privacy
The Photographer's Rights
Posse Comitatus Act and Related Matters: The Use of the Military to Execute Civilian Law
Privacy Training Video
The Privacy Act of 1974 - This 32 minute training film was produced by the Defense Privacy Office in 1987.
Although the footage is somewhat dated and the picture quality is not up to today’s standards, the content is still
very current. The film explains the purpose of the Privacy Act, i.e., the protection of the individual’s right to
personal privacy, given the Government’s need to maintain records containing personal information. The statute
confers specific rights to individuals about whom such records are maintained, principal among those rights are the
rights of access to an amendment of records. In furtherance of protecting personal privacy, the law established
restrictions and requirements on the collection, use, maintenance, and dissemination of personal information. The
film explains these restrictions and requirements so that they are understood by both the individual about whom the
information pertains and the persons whose duties include the collection, maintenance, use, or dissemination of
personal information.
Michael Chesbro
53
2014
Locks & Lock Picking
Bumping Locks
CIA Lock Picking Field Operative Training Manual
How to Escape from Handcuffs!
Introduction to Lock Picking & Key Bumping
Lock Picking - by Deviant Ollam
Locks: Basic Operation and Manipulation - by Schuyler Towne - YouTube Channel
LSI Guide to Lock Picking
MIT Guide to Lock Picking
Padlock Shim Video – Part 1
Padlock Shim Video – Part 2
Padlock Shim Video – ITS Tactical
Amazon.Com
Michael Chesbro
Amazon.Com
Amazon.Com
54
2014
EZ Decoders
EZ Decoder Video - YouTube
http://serepick.com/
Bogota Picks
Michael Chesbro
55
2014
Maps & Mapping
ArcGIS Explorer On-Line
ArcGIS Map Viewer
Converting Addresses to/from Latitude/Longitude/Altitude in One Step
CSV2KML - With CSV2KML you can convert your CSV file to a Google Earth compatible
KML file.
Earth Point | Excel To KML - Import a spreadsheet of lat/long coordinates to Google Earth.
Pop-up balloons, icons, and paths are easily created from the spreadsheet data. Latitude and
Longitude are all that is needed to create a basic display on Google Earth. Add a Name,
Description, and an Icon for a professional presentation.
Google Earth
Geographic Resources Analysis Support System - GRASS GIS, commonly referred to as
GRASS (Geographic Resources Analysis Support System), is a free and open source Geographic
Information System (GIS) software suite used for geospatial data management and analysis,
image processing, graphics and maps production, spatial modeling, and visualization. GRASS
GIS is currently used in academic and commercial settings around the world, as well as by many
governmental agencies and environmental consulting companies.
MapWindow GIS Open Source Project
Microsoft Virtual Earth (Bing Maps)
NASA World Wind
National Atlas
PerpHound – PerpHound software updates for BCPI Graduates.
Perry-Castañeda Library Map Collection University of Texas at Austin
Quantum GIS
Michael Chesbro
56
2014
Terra Fly Geo Database
United Nations Cartographic Section
Using Google for Mapping Your Data (Western Washington University)
Web GIS
ZeeMaps
Michael Chesbro
57
2014
Online Dictionaries, Glossaries, Terms & Definitions
'The beginning of wisdom is the definition of terms.' - Socrates
DHS Risk Lexicon (2010)
DOD Dictionary of Military and Associated Terms
Marine Corps Supplement to the DoD Dictionary of Military and Associated Terms
Glossary of Key Information Security Terms (Revision 2, May 2013)
Glossary of Security Terms, Definitions, and Acronyms
Terms & Definitions of Interest for Counterintelligence Professionals
Michael Chesbro
58
2014
Professional Organizations and Memberships
AFCEA - Intelligence
Association of Former Intelligence Officers
Association of Old Crows (Electronic Warfare and Information Operations)
Espionage Research Institute International
High Technology Crime Investigation Association
International Association of Crime Analysts
International Association of Law Enforcement Intelligence Analysts
National Military Intelligence Association
Strategic and Competitive Intelligence Professionals
Michael Chesbro
59
2014
Report Crime On-Line
Department of Justice – Report a Crime
DEA Office of Diversion Control - Report Submission Form for Suspected Unlawful Sales of
Pharmaceutical Drugs on the Internet. Federal law prohibits the sale of prescription drugs
without a valid order from a physician. Selling controlled substances online without a valid
prescription may be a violation of Federal law. It is a felony to import drugs into the United
States and ship to a non-DEA registrant.
FBI Tips and Public Leads - Use this website to report suspected terrorism or criminal activity.
Your information will be reviewed promptly by an FBI special agent or a professional staff
member. To provide information on select major cases, call the FBI Major Case Contact Center
at 1-800-CALLFBI (225-5324).
Federal Trade Commission Bureau of Consumer Protection - The Federal Trade
Commission, the nation's consumer protection agency, collects complaints about companies,
business practices, identity theft, and episodes of violence in the media. Your complaints can
help us detect patterns of wrong-doing, and lead to investigations and prosecutions. The FTC
enters all complaints it receives into Consumer Sentinel, a secure online database that is used by
thousands of civil and criminal law enforcement authorities worldwide. The FTC does not
resolve individual consumer complaints.
Immigration and Customs Enforcement (ICE) - U.S. Immigration and Customs Enforcement
(ICE) investigates more than 400 violations of criminal law, ranging from child exploitation to
Michael Chesbro
60
2014
transnational gangs. Use this form to report suspected criminal activity. Anonymous tips may be
reported on this form and may also be reported to ICE via the toll-free HSI Tip Line, (866) 3472423. If you would like to report illegal aliens, please call ICE at 1-866-DHS-2ICE (347-2423).
They will need to know names, locations (either work place or residence) and any other specific
information you can provide.
iSalute - Suspicious Activity Reporting - INSCOM
If you have information that may be of interest to U.S. Army
Counterintelligence, please submit an iSALUTE Suspicious
Activity Report. You may also report by telephone at 1800-CALL-SPY (1-800-225-5779) [CONUS]
Internet Crime Complaint Center (IC3) - The IC3 accepts online Internet crime complaints
from either the actual victim or from a third party to the complainant. The IC3 is co-sponsored
by the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center
(NW3C). Complaints filed via this website are processed and may be referred to federal, state,
local or international law enforcement or regulatory agencies for possible investigation.
Office of the Inspector General (OIG) is an office that is part of Cabinet departments and
independent agencies of the United States federal government as well as some state and local
governments. Each office includes an Inspector General and employees charged with identifying,
auditing, and investigating fraud, waste, abuse, and mismanagement within the parent agency. In
addition to representing Departments within the United States Government, some OIG's exist to
investigate specific offenses (exp. Small Business Loans Office of Inspector General). Contact
the OIG for a specific agency to report misconduct within that agency or organization.
Michael Chesbro
61
2014
SPAM - Report Spam
Forward unwanted or deceptive messages to:

the Federal Trade Commission at [email protected]. Be sure to include the complete spam
email.

your email provider. Some email services have buttons that allow you to mark messages
as junk mail or report them spam.

the sender's email provider, if you can tell who it is. Most web mail providers and ISPs
want to cut off spammers who abuse their system. Make sure to include the entire spam
email and say that you're complaining about spam.
If you try to unsubscribe from an email list and your request is not honored, file a complaint with
the FTC.
US-CERT collects phishing email messages and website locations so that we can help people
avoid becoming victims of phishing scams. You can report phishing to US-CERT by forwarding
the phishing e-mail (with complete headers) to [email protected] Phishing is an
attempt by an individual or group to solicit personal information from unsuspecting users by
employing social engineering techniques. Phishing emails are crafted to appear as if they have
been sent from a legitimate organization or known individual. These emails often attempt to
entice users to click on a link that will take the user to a fraudulent website that appears
legitimate. The user then may be asked to provide personal information, such as account
usernames and passwords, that can further expose them to future compromises. Additionally,
these fraudulent websites may contain malicious code.
Anti-Phishing Working Group (APWG) - The APWG is the global industry, law enforcement,
and government coalition focused on unifying the global response to cyber-crime through
development of data resources, data standards and model response systems and protocols for
private and public sectors. The APWG collects, analyzes, and exchanges lists of verified
credential collection sites, like those used in phishing. Forward suspected phishing email (with
complete headers) to [email protected]
Michael Chesbro
62
2014
Software (Freeware)
Analysis of Competing Hypotheses Software - Analysis of Competing Hypotheses (ACH) is a
simple model for how to think about a complex problem when the available information is
incomplete or ambiguous, as typically happens in intelligence analysis. The software
downloadable here takes an analyst through a process for making a well-reasoned, analytical
judgment. It is particularly useful for issues that require careful weighing of alternative
explanations of what has happened, is happening, or is likely to happen in the future. It helps the
analyst overcome, or at least minimize, some of the cognitive limitations that make prescient
intelligence analysis so difficult. ACH is grounded in basic insights from cognitive psychology,
decision analysis, and the scientific method. It helps analysts protect themselves from avoidable
error, and improves their chances of making a correct judgment.
This software was developed by Palo Alto Research Center (PARC) in collaboration with
Richards J. Heuer, Jr. It was developed for use by the U.S. Intelligence Community with funding
from the Intelligence Community's Advanced Research and Development Activity (ARDA) and
the Office of Naval Research (ONR). In distributing ACH, PARC is making the presently
downloadable version of the program available to the general public at no cost when used for
non-commercial or educational purposes subject to the terms and conditions of its end user
license.
Brain - The Brain for combines the best of note taking, file synchronization and mind mapping
apps to give users the ultimate digital memory. The Brain’s unique approach to information
organization enables users to create and link together thousands of digital Thoughts. A Thought
can represent an idea or topic as well as link to any number of files and web pages. The Brain
software has been downloaded over two million times and over half of the Fortune 100
organizations use The Brain for digital brainstorming, project management, and as a complete
knowledgebase to find and connect all their information.
Computer Online Forensic Evidence Extractor (COFEE) - Microsoft COFEE is being made
available to individuals employed by law enforcement agencies within the United States and
Canada. COFEE means the Computer Online Forensic Evidence Extractor tool that fits on a
USB drive and automates the execution of commands for data extraction and related
Michael Chesbro
63
2014
documentation. Distribution is limited to law enforcement agencies. Access to the COFEE
product requires verification of employment with a law enforcement agency and agreement to
the terms and conditions of the Microsoft/NW3C Sublicense Agreement. The verification
process is automated if you have an email account with RISS.NET or LEO.GOV, or have an
account with NW3C.
Computer Security Evaluation Tool - The Department of Homeland Security (DHS) has
released its latest cyber system assessment tool to the Critical Infrastructure/Key Resources
(CI/KR) community. The Computer Security Evaluation Tool (CSET) is a desktop software tool
that guides users through a step-by-step process to evaluate their cyber systems and network
security practices against recognized industry standards.
According to DHS, the benefits of CSET include:

Contributing to an organization's risk management and decision-making process;

Raising awareness and facilitating discussion on cyber security within the organization;

Highlighting vulnerabilities in the organization's systems and providing
recommendations on ways to address those vulnerabilities;

Identifying areas of strength and best practices being followed in the organization;

Providing a method to systematically compare and monitor improvement in the cyber
systems; and

Providing a common industry-wide tool for assessing cyber systems.
CrimeStat III - CrimeStat III is a spatial statistics program for the analysis of crime incident
locations, developed by Ned Levine & Associates under the direction of Ned Levine, PhD, that
was funded by grants from the National Institute of Justice. The program is Windows-based and
interfaces with most desktop GIS programs. The purpose is to provide supplemental statistical
tools to aid law enforcement agencies and criminal justice researchers in their crime mapping
efforts. CrimeStat is being used by many police departments around the country as well as by
criminal justice and other researchers. The latest version is 3.3. The program inputs incident
locations (e.g., robbery locations) in 'dbf', 'shp', ASCII or ODBC-compliant formats using either
spherical or projected coordinates. It calculates various spatial statistics and writes graphical
objects to ArcGIS®, MapInfo®, Surfer for Windows®, and other GIS packages.
Michael Chesbro
64
2014
CrimeStat IV (version 4.0) is the most recent version of CrimeStat, a spatial statistics program
for the analysis of crime incident locations.
Decision Analyst STATS 2.0 - This easy-to use, Windows-based statistical software for
marketing research performs multiple functions, including:
Random numbers generator
Sample size determination
Mean, standard deviation, standard error, and range
Standard error of a proportion
Significance testing
Correlation
Cross-tabulation
Factor analysis
Multiple regression
Cluster analysis
Digital Forensics Framework - DFF (Digital Forensics Framework) is a free and Open Source
computer forensics software built on top of a dedicated Application Programming Interface
(API). It can be used both by professional and non-expert people in order to quickly and easily
collect, preserve and reveal digital evidences without compromising systems and data.
Earth Point - Excel To KML - Maps Excel worksheets onto Google Earth. Optional columns let
you control balloon text, icon selection, mouse-over effects, and more. Supports Lat/Lon, UTM,
UPS, MGRS, USNG, GEOREF, and State Plane coordinates. (Includes multiple other functions
and features.)
Epi Info 7 - Epi Info is a suite of free data management, analysis, and visualization tools
designed specifically for the public health community. It is used extensively, not just at CDC, but
also domestically at the state and local level, as well as internationally. Epi Info allows you to:
Rapid Electronic Form Creation and Data Entry - Rapidly create electronic data entry forms;
these forms can have intelligence built into them. For example, you can automatically calculate a
patient’s age based on the survey data date of birth; you can also move the cursor past certain
Michael Chesbro
65
2014
fields; you can even hide and unhide fields based on various conditions. It also allows you to
enter data into those forms. Statistical Analysis - You can conduct various types of statistical
analysis, including frequencies, 2x2 (two by two) tables, analysis of variance, conditional and
unconditional logistical regression, Kaplan Meier survival analysis, complex samples, and many
others. Mapping and Visualization - Epi Info also allows you to create several types of maps,
and also has graphing and charting capabilities. Report Design and Generation - And finally, Epi
Info allows you to design and generate reports.
Foremost - Foremost is a linux program to recover files based on their headers, footers, and
internal data structures. This process is commonly referred to as data carving. Foremost can work
on image files, such as those generated by dd, Safeback, Encase, etc., or directly on a drive. The
headers and footers can be specified by a configuration file or you can use command line
switches to specify built-in file types. These built-in types look at the data structures of a given
file format allowing for a more reliable and faster recovery. Originally developed by the United
States Air Force Office of Special Investigations and The Center for Information Systems
Security Studies and Research, Foremost has been opened to the general public.
FTK Imager - FTK Imager (by AccessData) is a free forensics tool whose main purpose is to
preview recoverable data from a disk of any kind. This powerful tool can create forensic images
of local hard drives, floppy disks, Zip disks, CDs, and DVDs, entire folders, or even of
individual files from various places within the media storage device. The fact that it can export
files and folders from the created image means that this application can also recover data on its
own (in some circumstances). Therefore, it can do more than just allow previewing that data for
the sake of preparing intricate recovery procedures which usually involve other sophisticated
tools.
Google Earth - Google Earth is a virtual globe, map and geographical information program that
was originally called EarthViewer 3D, and was created by Keyhole, Inc., a Central Intelligence
Agency (CIA) funded company acquired by Google in 2004. It maps the Earth by the
superimposition of images obtained from satellite imagery, aerial photography and GIS 3D
globe.
Michael Chesbro
66
2014
HxD Hex Editor - HxD is a carefully designed and fast hex editor which, additionally to raw
disk editing and modifying of main memory (RAM), handles files of any size. The easy to use
interface offers features such as searching and replacing, exporting, checksums/digests, insertion
of byte patterns, a file shredder, concatenation or splitting of files, statistics and much more.
Editing works like in a text editor with a focus on a simple and task-oriented operation, as such
functions were streamlined to hide differences that are purely technical. For example, drives and
memory are presented similar to a file and are shown as a whole, in contrast to a sector/regionlimited view that cuts off data which potentially belongs together. Drives and memory can be
edited the same way as a regular file including support for undo. In addition memory-sections
define a foldable region and inaccessible sections are hidden by default.
Maltego - Maltego is a program that can be used to determine the relationships and real world
links between:

People

Groups of people (social networks)

Companies

Organizations

Web sites

Internet infrastructure such as:
o Domains
o DNS names
o Netblocks
o IP addresses

Phrases

Affiliations

Documents and files

These entities are linked using open source intelligence.

Maltego is easy and quick to install - it uses Java, so it runs on Windows, Mac and Linux.

Maltego provides you with a graphical interface that makes seeing these relationships
instant and accurate - making it possible to see hidden connections.
Michael Chesbro
67

2014
Using the graphical user interface (GUI) you can see relationships easily - even if they
are three or four degrees of separation away.

Maltego is unique because it uses a powerful, flexible framework that makes customizing
possible. As such, Maltego can be adapted to your own, unique requirements.
Mendeley - Mendeley is a free reference manager and academic social network that can help
you organize your research, collaborate with others online, and discover the latest research.

Automatically generate bibliographies

Collaborate easily with other researchers online

Easily import papers from other research software

Find relevant papers based on what you’re reading

Access your papers from anywhere online
Near Repeat Calculator - This software originates with the relatively recent discovery of the
near repeat phenomenon in burglary patterns, a discovery that has highlighted the
communicability of crime events that affect the risk level at nearby locations. The near repeat
phenomenon states that if a location is the target of a crime (such as burglary), the homes within
a relatively short distance have an increased chance of being burgled for a limited number of
weeks (Townsley et al, 2003; Bowers and Johnson, 2004; Johnson and Bowers, 2004a, 2004b).
This communicability of risk to nearby locations for a short amount of time raises the possibility
that other crime types may also suffer from a near repeat spatiotemporal pattern of behavior.
The analytical method employed builds on a space-time clustering methods first pioneered by
Knox (1964) to study the epidemiology of childhood leukemia. The Knox test seeks to determine
whether there are more event-pairs observed that occur with a closer proximity in space and time
than would be expected on the basis of a random distribution. To do this, each shooting for a
particular dataset is compared with every other and the spatial and temporal distance between
them recorded. The result is a matrix of space-time distances.
NIJ Funded Software Tools, Apps and Databases - NIJ has funded a number of free or low
cost software tools and databases to assist public safety agencies with investigations.
Michael Chesbro
68
2014
Notepad ++ - Notepad++ is a free source code editor and Notepad replacement that supports
several languages. Running in the MS Windows environment, its use is governed by GPL
License.
Ophcrack - Ophcrack is a free Windows password cracker based on rainbow tables. It is a very
efficient implementation of rainbow tables done by the inventors of the method. It comes with a
Graphical User Interface and runs on multiple platforms.
Pacific Northwest National Laboratory Visual Analytics
IN-SPIRE Visual Document Analysis
STARLIGHT Visual Information System
PlainSight - PlainSight is a versatile computer forensics environment that allows inexperienced
forensic practitioners perform common tasks using powerful open source tools. We have taken
the best open source forensic/security tools, customised them, and combined them with an
intuitive user interface to create an incredibly powerful forensic environment.
With PlainSight you can perform operations such as:

Get hard disk and partition information

Extract user and group information

View Internet histories

Examine Windows firewall configuration

Discover recent documents

Recover/Carve over 15 different file types

Discover USB storage information

Examine physical memory dumps

Examine UserAssist information

Extract LanMan password hashes

Preview a system before acquiring it
Michael Chesbro
69
2014
Problem Analysis Module - Problem Analysis Module (PAM) gives you a framework for
analyzing any persistent crime and public safety problem. PAM will ask you to input information
concerning every aspect of the problem and then suggest the kinds of responses you could try.
PAM was developed to assist police problem solving through the asking of specific questions.
The questions come from research into a set of powerful theories within the field of
Environmental Criminology – particularly Routine Activity Theory, Situational Crime
Prevention, and Crime Pattern Theory.
Quantum GIS - Quantum GIS (QGIS) is a user friendly Open Source Geographic Information
System (GIS) licensed under the GNU General Public License. QGIS is an official project of the
Open Source Geospatial Foundation (OSGeo). It runs on Linux, UNIX, Mac OSX, Windows and
Android and supports numerous vector, raster, and database formats and functionalities.
R Project for Statistical Computing - R is a language and environment for statistical
computing and graphics. It is a GNU project which is similar to the S language and environment
which was developed at Bell Laboratories (formerly AT&T, now Lucent Technologies) by John
Chambers and colleagues. R can be considered as a different implementation of S. There are
some important differences, but much code written for S runs unaltered under R.
R provides a wide variety of statistical (linear and nonlinear modeling, classical statistical tests,
time-series analysis, classification, clustering ...) and graphical techniques, and is highly
extensible. The S language is often the vehicle of choice for research in statistical methodology,
and R provides an Open Source route to participation in that activity.
One of R's strengths is the ease with which well-designed publication-quality plots can be
produced, including mathematical symbols and formulae where needed. Great care has been
taken over the defaults for the minor design choices in graphics, but the user retains full control.
R is available as Free Software under the terms of the Free Software Foundation's GNU General
Public License in source code form. It compiles and runs on a wide variety of UNIX platforms
and similar systems (including FreeBSD and Linux), Windows and MacOS.
Michael Chesbro
70
2014
Relavint Desktop - LexisNexis® Relavint Desktop is an easy-to-use visualization and drawing
tool specifically designed for creating link analysis charts—visual relationships between
individuals, addresses, vehicles, corporations, and other items.
RFFlow 5 - RFFlow is a powerful, yet easy to use, tool for drawing flowcharts, organization
charts, and many other kinds of diagrams. You will quickly create professional-looking charts
for documents, presentations, or the Web. RFFlow can also be used to build crime analysis
charts; samples of which can be found at: http://www.rff.com/sample_criminal_analysis.htm
Social Networks Visualizer - Social Networks Visualizer (SocNetV) is a flexible and userfriendly tool for the analysis and visualization of Social Networks. It lets you construct networks
(mathematical graphs) with a few clicks on a virtual canvas or load networks of various formats
(GraphViz, GraphML, Adjacency, Pajek, UCINET, etc) and modify them to suit your needs.
SocNetV also offers a built-in web crawler, allowing you to automatically create networks from
all links found in a given initial URL.
The application can compute basic network properties, such as density, diameter and distances
(shortest path lengths), as well as more advanced structural statistics, such as node and network
centralities (i.e. closeness, betweeness, graph), clustering coefficient, etc.
Various layout algorithms (i.e. Spring-embedder, radial and layered according to node
centralization) are supported for meaningful visualizations of your networks. Furthermore,
random networks (Erdos-Renyi, Watts-Strogatz, ring lattice, etc) can be created with a few
clicks.
Squidmat - The program compares two or more courses of action based on two or more
evaluation criteria. The user arranges the evaluation criteria in descending order of importance
and tells the program how much more important each criterion is than the next lower criterion.
These importance ratings are used to calculate weights for each criterion. SquidMat takes usersupplied values for each course-of-action/criterion combination and converts them to Z scores.
Using the criterion weights, the program calculates weighted sums for each course of action. The
course of action with the highest weighted sum is considered to be the best. SquidMat is
designed as a replacement decision matrix program for the CAS3 program DECMAT.
Michael Chesbro
71
2014
Tulip - Data Visualization Software - Tulip is an information visualization framework
dedicated to the analysis and visualization of relational data. Tulip aims to provide the developer
with a complete library, supporting the design of interactive information visualization
applications for relational data that can be tailored to the problems he or she is addressing.
Vulnerability Assessment Software - FDA’s Vulnerability Assessment Software tool is a
prioritization tool that can be used to assess the vulnerabilities within a system or infrastructure
in the food industry. The software program takes companies through questions about their
facilities and processes to help them identify vulnerable areas. Companies consider what type of
attack is the greatest threat and whether a biological or chemical agent might be used in an
attack. The questions center around the flow chart developed by the user for the specific food
system to be evaluated. By conducting a vulnerability assessment of a food production facility or
process, the user can then focus resources on protecting the most susceptible points in their
system.
Michael Chesbro
72
2014
Surveillance
Surveillance is required for successful terrorist planning. Experience has taught us that terrorist
attacks are generally preceded by pre-operational surveillance in which terrorists gather target
intelligence. Surveillance is defined as the process of keeping facilities, vehicles and persons
under observation in order to obtain detailed information. Any indications of surveillance should
be reported immediately to the security office of your organization and/or the police.
All training programs designed to protect individuals from becoming victims of terrorism
recommend that people be alert to surveillance. This is excellent advice, but, unfortunately, in
most instances it is insufficient, because people have had no training in detecting surveillance,
and terrorist organizations are often relatively sophisticated in their surveillance methods.
Detecting surveillance conducted by trained experts is not as easy as most Hollywood films
would lead us to believe. Fortunately, however, the type of surveillance conducted by terrorist
organizations is not normally as elaborate as that done by intelligence organizations nor does it
involve as many people or as much equipment. Nevertheless, for people to have a reasonable
chance at detecting most forms of surveillance they would have to be somewhat familiar with the
techniques used.
The purpose of surveillance is to determine (1) the suitability of the potential target based upon
the physical and procedural security precautions that the individual has taken and (2) the most
suitable time, location, and method of attack. This surveillance may last for days or weeks
depending upon the length of time it takes the surveillants to obtain the information that they
require. Naturally, the surveillance of a person who has set routines and who takes few
Michael Chesbro
73
2014
precautions will take less time. The people undertaking the surveillance will often not take part
in the attack, nor will the attack take place while surveillance is still in progress.
Before undertaking surveillance most experts gather information about the subject from other
sources. Public records of information made available to the terrorist organization from a
sympathetic individual within an organization, local police, or other government office may
reveal useful facts about an individual such as the names of family members, an address, a
description of vehicles and license numbers, photographs, etc. The surveillants will also make a
reconnaissance of the neighborhood in which the target lives and works. This permits them to
select positions of observation, the types of vehicles to use, the clothing to be worn, and the type
of ruse to use that will give them an ordinary or normal appearance and plausible reasons to be in
the area.
There are basically three forms of surveillance: foot, vehicle, and stationary (generally
categorized as either mobile or static). A brief description of the most common techniques used
for each of these forms and methods for detecting each one follows:
One or more individuals may undertake foot surveillance. One-person foot surveillance is rather
complicated and fairly easy to detect. The surveillance must remain close to the target,
particularly in congested areas, to avoid losing him or her. In less congested areas the surveillant
can maintain a greater distance, but the lack of other pedestrians makes the surveillant that much
more noticeable. The one complicating factor is the use of a disguise to make the surveillant look
different (perhaps a uniform). One possible use of a disguise is a shopping bag or some other
container for a change of clothes, particularly if the shopping bag is from a store not found in the
area or the container somehow seems out of place. Where a disguise is suspected, pay particular
attention to shoes and slacks or skirts. These items are less easily and, therefore, less commonly
changed. In elevators, watch for people who seem to wait for you to push a button and then
select a floor one flight above or below yours.
Two-person foot surveillance is more effective in that the second surveillant provides greater
flexibility. Normally, one surveillant remains close to the target while the other stays at a greater
distance. The second surveillant may follow the first on the same side of the street or travel on
the opposite side. Periodically the two surveillants change position so that if the target spots one
of them, that one will soon be out of sight, leading the target to think that he or she was
mistaken. Obviously, spotting this form of surveillance is more complicated, but individuals who
are alert to the people in their vicinity will eventually detect the same surveillant over a period of
time.
Foot surveillance with three or more people uses the most sophisticated techniques and is the
most difficult to spot. Generally, one surveillant remains behind the target close enough to
respond to any sudden moves. A second surveillant remains behind the first on the same side of
the street with the first surveillant in sight. A third surveillant travels on the opposite side of the
Michael Chesbro
74
2014
street parallel with or just behind the target. In areas where the target has few paths to choose,
one surveillant may walk in front of the target, where he or she is least likely to cause suspicion.
The positions of the surveillants are frequently changed, most commonly at intersections. The
surveillant directly behind the target may move to the opposite side of the street, while another
surveillant moves in close behind the target. With the additional surveillants, any surveillant who
feels that he or she has been observed may drop out of the formation. The use of this
sophisticated technique requires that people be alert not only to those people behind them but
also to those across the street and perhaps in front of them. If the same person is seen more than
once over a certain distance, surveillance may be suspected even if that person is not
continuously seen.
Common methods for detecting surveillance apply to all three forms of foot surveillance. The
most effective are:









stopping abruptly and looking to the rear,
suddenly reversing your course,
stopping abruptly after turning a corner,
watching reflections in shop windows or other reflective surfaces,
entering a building and leaving immediately by another exit,
walking slowly and then rapidly at intervals,
dropping a piece of paper to see if anyone retrieves it,
boarding or exiting a bus or subway just before it starts, and
making sudden turns or walking around the block.
While taking these actions, watch for people who are taken by surprise, react inappropriately,
suddenly change direction, or give a signal to someone else. Surveillants will not normally look
directly at the target, but they may do so if they are surprised or unaware that you are observing
them.
Foot surveillance is often used in conjunction with vehicle surveillance since it is likely that the
target will use a combination of foot and vehicle transportation. Vehicles used for surveillance
are inconspicuous in appearance and of a subdued color. Frequently, the inside dome light is
made inoperative so that it will not illuminate the interior of the car when the door is opened.
Vehicles will have two or more people in them so that if the target parks his or her vehicle and
walks away, the surveillance can be resumed on foot while the driver remains with the vehicle.
While moving, the driver gives full attention to driving while the observer operates the radio,
watches the target, and makes notes on the target's activities. Sometimes it will be necessary for
surveillants to break traffic regulations to avoid losing you. If you see a vehicle run a red light,
make an illegal U-turn, travel over the speed limit, or make dangerous or sudden lane changes in
an apparent effort to keep up with you, you should, of course, be suspicious of that vehicle. The
distance between a surveillance vehicle and the target will vary depending on the speed at which
Michael Chesbro
75
2014
the vehicles are traveling and the amount of traffic. Surveillants will try to keep one or two
vehicles between themselves and the target.
As with foot surveillance, vehicle
surveillance may be undertaken using
only one vehicle or using two or more
vehicles. One-vehicle surveillance suffers
from the same drawbacks as one-person
foot surveillance. The target has to be
kept in view at all times and followed by
the same vehicle. Surveillants can try to
overcome this advantage somewhat by
changing seating arrangements within the
vehicle; putting on and taking off hats,
coats, and sunglasses; changing license
plates; and turning off onto side streets
and then turning back to resume the tail.
This makes it necessary for a person
suspecting surveillance to remember
aspects of a following vehicle that cannot
easily be changed such as the make,
model, and color of the car and any body damage such as rust, dents, etc.
The use of two or more vehicles permits surveillance to switch positions or to drop out of the
surveillance when necessary. One vehicle follows the target vehicle and directs other vehicles by
radio. The other vehicle may follow behind the lead surveillance vehicle, precede the target
vehicle, or travel on parallel roads. At intersections, the vehicle following directly behind the
target vehicle will generally travel straight ahead while alerting all other vehicles of the direction
in which the target vehicle has turned. Another vehicle in the formation will then take a position
behind the target and become the lead vehicle, taking over the responsibility for giving
instructions to other surveillants. The former lead vehicle then makes a U-turn or travels around
the block to take up a new position ready to resume the lead vehicle position again when
necessary.
People who have well established routines permit surveillants to use methods that are much more
difficult to detect. If, for example, you leave the office at the same time each day and travel by
the most direct route to your home or if you live in a remote area with a few or no alternate
routes to your home, surveillants have no need to follow you all the way to your residence. An
alternative method of surveillance in such situations is leading surveillance and progressive
surveillance. In leading surveillance the surveillant travels in front of the target while the
observer watches for turns. When the target turns, this is noted. The next day the surveillant
Michael Chesbro
76
2014
makes a turn where the target did the previous day. Over a period of time the surveillants will
discover the entire route to the residence while still driving in a position that creates much less
suspicion. There are two forms of progressive surveillance. In the first form, surveillants are
placed at intersections along the probable routes of the target. When the target makes a turn, this
is noted and the position of the surveillants is adjusted to check the next intersection. Eventually,
this method leads the surveillants to the residence. In the second form or progressive
surveillance, a vehicle will follow the target for a short distance and then turn off. On successive
days the surveillant picks up the target where he or she left off the previous day. Leading and
progressive surveillance are extremely difficult to detect, but you should not give anyone the
opportunity to use these methods.
The most effective methods for detecting most forms of vehicle surveillance are:





making a U-turn where it is safe to do so,
making a turn to the right or left (in general, left turns create greater complications for
surveillants because of oncoming traffic that may delay a turn),
going through a traffic light just as it is turning red,
stopping just beyond a curve or hill, and
circling a block.
In each case, watch for the reactions of any vehicles that you may suspect. Any vehicles that
make unusual maneuvers should be carefully noted. Do not forget to check for motorcycles or
motorbikes, since in many parts of the world they seem to be favored by surveillants because
they move easily through heavy traffic.
Stationary surveillance is commonly used by terrorist organizations. As mentioned earlier, most
attacks take place near the residence or office because that part of the route is least easily varied.
Most people are more vulnerable in the morning when departing for work, because morning
departure times are more predictable than are evening arrivals.
Surveillants seek a position that permits them to observe the residence or office clearly without
being observed or suspected. Surveillants want to identify observation points that afford the best
view of the target. Foot and vehicular traffic, buildings and terrain around each government
facility vary with each location. Pedestrian traffic, rush hour traffic flow, temporary street
closure, etc. will affect observation points. If the surveillants decide that it is best not to be seen,
they may obtain an apartment or rent office space in the area that provides for an adequate view,
but such apartments or office space may not be available and the renting of an apartment or
office space could provide clues for a subsequent investigation. The use of an apartment or office
space for surveillance, while possibly the most difficult to detect, is generally not the easiest or
safest method. Many surveillance teams use vans with windows in the side or back that permit
observation from the interior of the van. Often the van will have the name of a store or utility
company to provide some pretext for its being in the area. The driver may park the van and walk
Michael Chesbro
77
2014
away, leaving the surveillance team inside. Some teams use automobiles for stationary
surveillance, parking the vehicle far enough from the residence or office to be less noticeable,
using other vehicles for cover, facing the vehicle away from the target, and using the rear view
mirrors to watch.
Where it is not possible to watch the residence or office unobserved, surveillants must come up
with a plausible reason for being in the area. The types of ruses used are limited only by the
surveillant's imagination. Some of the more commonly used covers are automotive repairs due to
engine trouble or a flat tire, door to door sales, utility repair crews, lovers in a park, walking a
dog, construction work, or sitting at a cafe. Women and children are often used to give a greater
appearance of innocence.
Some things to check for are parked vehicles with people in them, cars with more mirrors or
mirrors that are larger than normal, people seen in the area more frequently than seems normal,
people who are dressed inappropriately, and workers who seem to accomplish nothing.
If you become suspicious of a van, note any information printed on the side of the van, including
telephone numbers. Check the telephone book to see if such a business exists. Note the license
numbers of any suspicious vehicles and provide them to your security office so they can be
checked. Make a habit of checking the neighborhood through a window before you go out each
day.
Detecting surveillance requires a constant state of alertness and must become an unconscious
habit. We do not want to encourage paranoia, but a good sense of what is normal and what is
unusual in your surroundings could be more important than any other type of security precaution
you take. Above all, do not hesitate to report any unusual events to the police. Many people who
have been kidnapped realized afterwards that their suspicions had been well founded. If those
suspicions had been reported, their ordeal might have been avoided.
Since surveillance attempts to determine the suitability of a potential target and the most
opportune time for an attack, it is crucial to avoid predictability. Although the recommendation
to vary routes and times of arrivals and departures has become trite, implementing it in one's
daily schedule has proven to be effective in deterring sufficient terrorist planning. Varying times
and routes apply to jogging, shopping and all activities where a pattern can develop.
(Source: http://cryptome.org/spy-spotting.htm)
(Originally published as part of a Travel Warning by the US Embassy, Bogota, Columbia 06/06/03. Graphics added.)
Michael Chesbro
78
2014
Surveillance (US Department of State, p.21)
The purpose of surveillance is to identify a potential target based on the security precautions that
individual takes, and the most suitable time, location, and method of attack. Surveillance may
last for days or weeks.
Naturally, the surveillance of a person who has set routines and who takes few precautions will
take less time.
Detecting surveillance requires a fairly constant state of alertness and, therefore, must become a
habit. A good sense of what is normal and what is unusual in your surroundings could be more
important than any other type of security precaution you may take. Above all, do not hesitate to
report any unusual event.
There are three forms of surveillance: foot, vehicular, and stationary. People who have wellestablished routines permit surveillants to use methods that are much more difficult to detect.
If, for example, you leave the office at the same time each day and travel by the most direct route
to your home or if you live in a remote area with few or no alternate routes to your home,
surveillants have no need to follow you all the way to your residence.
You should:



Vary your routes and times of travel.
Be familiar with your route and have alternate routes.
Check regularly for surveillance.
Stationary surveillance is most commonly used by terrorist organizations. Most attacks take
place near the victim’s residence, because that part of the route is least easily varied. People are
generally most vulnerable in the morning when departing for work because these times are more
predictable than evening arrivals.
Many surveillance teams use vans with windows in the sides or back that permit observation
from the interior of the van. Often the van will have the name of a business or utility company to
provide some pretext for being in the area.
Where it is not possible to watch the residence unobserved, surveillants must come up with a
plausible reason for being in the area. Women and children are often used to give an appearance
of innocence. Try to check the street in front of your home from a window before you go out
each day.
If you suspect that you are being followed, drive to the nearest police station, fire station, or the
U.S. mission. Note the license numbers, color and make of the vehicle, and any information
printed on its sides that may be useful in tracing the vehicle or its occupants.
Michael Chesbro
79
2014
Don't wait to verify surveillance before you report it.
Be alert to people disguised as public utility crews, road workers, vendors, etc., who might
station themselves near your home or office.
Whenever possible, leave your car in a secured parking area. Be especially alert in underground
parking areas.
Always check your vehicle inside and out before entering it. If you notice anything unusual, do
not enter the vehicle.
Household staff and family members should be reminded to look for suspicious activities around
your residence; for example, surveillance, attempts to gain access to your residence by fraudulent
means, and telephone calls or other inquiries requesting personal information.
Tell your household staff and family members to note descriptions and license numbers of
suspicious vehicles.
Advise them to be alert for details. Household staff can be one of the most effective defensive
mechanisms in your home--use them to your advantage.
While there are no guarantees that these precautions, even if diligently adhered to, will protect
you from terrorist violence, they can reduce your vulnerability and, therefore, your chances of
becoming a victim.
Detecting Terrorist Surveillance
Secrets of Countersurveillance (STRATFOR)
Surveillance Awareness: What You Can Do (IS-914)
Surveillance Operations Overview (16 hours)
Surveillance Recognition - OSAC
Law Enforcement Investigations FM 3-19.13 (January 2005)
Chapter 26 - Surveillance Operations
In law enforcement, surveillance refers to the covert observation of individuals, places, or objects
for the purpose of gathering police information or CRIMINT. In both tactical and non-tactical
environments, military police and CID personnel employ surveillance techniques in support of
law enforcement and security operations. Surveillance techniques are often used to identify
criminal activity associated with terrorism, organized crime, drug and contraband trafficking, and
serious crimes against individuals.
Michael Chesbro
80
Amazon.Com
Amazon.Com
Amazon.Com
Amazon.Com
Amazon.Com
Amazon.Com
Michael Chesbro
2014
Amazon.Com
Amazon.Com
Amazon.Com
81
2014
Terrorism Awareness
8 Signs of Terrorism Video | Arizona Counter-Terrorism Information Center
To help you and people like you be vigilant, the ACTIC, in conjunction with the City of Phoenix
Fire Department, created a special video seminar, "8 SIGNS OF TERRORISM," to help
members of the community, as well as local law enforcement and public safety officers, to better
identify suspicious activities that could be related to terrorism.
Anti-Terrorism (A Self-Help Guide) CJCS Guide 5260 (September 2010)
Anti-Terrorism Level-1 Training - Department of Defense anti-terrorism awareness training
program. The purpose of this training is to increase your awareness of terrorism and to improve
your ability to apply personal protective measures. Completion of this training meets the annual
requirement for Level I anti-terrorism training prescribed by DoDI 2000.16.
Anti-Terrorism Level II Refresher Course (US Air Force)
(DoD PKI/CAC Required - Apply under: Selected Force Training)
This is an Antiterrorism Level II Refresher course intended to fulfill the DODI 2000.16
requirement for Antiterrorism Officers to receive refresher training every three years.
Course Length 40 Hours

Course Introduction


Overview

Roles and Responsibilities

Create and Execute AT Programs

Minimum Required AT Program Elements

Antiterrorism Planning

Working Groups, Committees, and

Case Studies - Installation Based and
Assessment
Contingency
Operation Centers



Risk Management Considerations - Risk
Risk Management Considerations - Threat

Lessons Learned
Assessment

High-Risk Billets and Personnel
Risk Management Considerations -

AT Considerations in Contracting
Criticality Assessment

CVAMP
Risk Management Considerations -

Course Exam
Vulnerability Assessment
Michael Chesbro
82
2014
Anti-Terrorism Level-II Refresher Training (US Army) (Requires AKO Log-in)
Anti-Terrorism Officer (ATO) refresher training contains 4 lessons that must be completed in
sequential order.

Prepare a Threat Matrix

Prepare the MSHARPP and CARVER Matrices

Prepare a Vulnerability Assessment

Prepare a Risk Assessment
A certificate of completion will be available when the final lesson is completed.
Anti-Terrorism Officer (ATO) Level II (GS109.CU) - This 13 hour course is designed for AT
program managers of DoD and field activities who otherwise cannot attend a Service-sponsored
course and may serve as an alternate for these types of agencies. It provides students with the
appropriate background, skills, and abilities to qualify as an Antiterrorism Officer (ATO) and
conduct Level 1 AT briefings based on components' approval. The course examines ATO roles
and responsibilities, vulnerability and threat assessments, creating and executing antiterrorism
(AT) programs, preparing AT plans, resource management, and AT training.
Bioterrorism Preparedness Certificate - This free certificate program includes courses that
provide training in bioterrorism preparedness and understanding the public health threat.
Emergency providers that will be responding to bioterrorism events are also one of the focuses of
this program. This certificate is composed of 5 courses: Bioterrorism, Biological Response
Preparedness for Emergency Medical Services, Bioterrorism: The Public Health Threat,
Bioterrorism: The Agents, and Mass Casualty Incident Triage.
Country Reports on Terrorism (US Department of State)
Global Terrorism Database
The Global Terrorism Database (GTD) is an open-source database including information on
terrorist events around the world from 1970 through 2011 (with additional annual updates
planned for the future). Unlike many other event databases, the GTD includes systematic data on
domestic as well as transnational and international terrorist incidents that have occurred during
Michael Chesbro
83
2014
this time period and now includes more than 104,000 cases. For each GTD incident, information
is available on the date and location of the incident, the weapons used and nature of the target,
the number of casualties, and--when identifiable--the group or individual responsible.
Statistical information contained in the Global Terrorism Database is based on reports from a
variety of open media sources. Information is not added to the GTD unless and until we have
determined the sources are credible. Users should not infer any additional actions or results
beyond what is presented in a GTD entry and specifically, users should not infer an individual
associated with a particular incident was tried and convicted of terrorism or any other criminal
offense. If new documentation about an event becomes available, an entry may be modified, as
necessary and appropriate.
iWatch National Video (LAPD)
Military Guide to Terrorism in the Twenty-First Century
Memorial Institute for the Prevention of Terrorism
U.S. Department of State | Bureau of Counterterrorism - The primary mission of the Bureau
of Counterterrorism (CT) is to forge partnerships with non-state actors, multilateral
organizations, and foreign governments to advance the counterterrorism objectives and national
security of the United States.
Michael Chesbro
84
2014
Training & Education
(On-Line Learning Portals)
28 CFR Part 23 Training
Advanced Global Intelligence Learning Environment
Army Management Staff College
ASPCA - Combating Dog Fighting
Bioterrorism Preparedness Certificate
Center for Development of Security Excellence
Center for Disease Control Train
Certified Fire Investigator - Trainer Network
Crime Scene Investigation and Forensic Science Videos
A video teaching series consisting of ten 50-minute presentations from the "History Channel".
1-Blood Splatter
5-Fingering the Killer
9-Tracings in Blood
2-Body Clues
6-Fire and Metal
10- Unusual Clues
3-Bullets and Blood
7-Invisible Clues
4-DNA's Debut
8-The Body Searchers
Cyber Security Training - TEEX / DHS
AWR-175-W Information Security for Everyone
AWR-138-W Network Assurance
AWR-174-W Cyber Ethics
AWR-139-W Digital Forensics Basics
AWR-168-W Cyber Law and White Collar Crime
AWR-176-W Business Information Continuity
AWR-173-W Information Security Basics
AWR-177-W Information Risk Management
AWR-178-W Secure Software and Network
Assurance
Michael Chesbro
85
2014
Defense Cyber Investigations Training Academy
Defense Nuclear Weapons School (DNWS classes must be taken on a .mil / .gov network)
Doctrine Networked Education & Training (DOCNET)
FBI Virtual Academy (Agency account required.)
FedVTE - Cyber Security Training for DoD and Federal IA Professionals
FEMA – Emergency Management Institute Independent Study
FLETC – On-Line Course Catalog
Forensic Science Education
Forensic Training Network
Information Assurance Fundamentals Training
Information Assurance Support Environment
International IP Crime Investigators College
Joint Knowledge On-Line
Law 101 - Legal Guide for the Forensic Expert
This course provides 13 modules and this introduction which is designed to give a comprehensive discussion of
recommended practices for the forensic expert to follow when preparing for and testifying in court.

Sources of Scientific Evidence

Discovery

Report Writing and Supporting

General Testifying Tips
Documentation

Depositions

Importance of Case Preparation

Pretrial

Subpoenas vs. Promises to Appear

Trial

Affidavits

Post-Trial, Pre-Sentencing

Being a Court-Appointed Expert

Ethics for Experts
Marine Net (USMC)
Michael Chesbro
86
2014
Microsoft Digital Literacy Curriculum
The Microsoft Digital Literacy curriculum has three levels:

The Basic curriculum features a course called A First Course Toward Digital Literacy. This course teaches
the value of computers in society and introduces you to using a mouse and the keyboard.

The Standard curriculum features five courses that cover computer basics; using the internet and
productivity programs; security and privacy; and digital lifestyles. These five courses are available in three
versions that use examples and screenshots from different versions of Windows and Microsoft Office.
Please read the details below.

The Advanced curriculum features four courses that cover creating an e-mail account, creating a great
resume, searching for content on the World Wide Web and social networking.
Multijurisdictional Counterdrug Task Force Training (MCTFT)

Police Intelligence Course (16 hours)
National Fire Administration
National Institute of Justice Courses
National White Collar Crime Center (NW3C) (NW3C account required)

Basic Computer Skills for Law Enforcement (Basic Skills) - Web Based

Cyber Investigation 100 - Identifying and Seizing Electronic Evidence - Web Based (ISEE-WB)

Encryption (Encryption) - Web Based
Nationwide SAR Initiative
NATO e-Learning
Online Statistics Education: An Interactive Multimedia Course of Study
Online Statistics: An Interactive Multimedia Course of Study is a resource for learning and teaching introductory
statistics. It contains material presented in textbook format and as video presentations. This resource features
interactive demonstrations and simulations, case studies, and an analysis lab. This work is in the public domain.
Therefore, it can be copied and reproduced without limitation. However, we would appreciate a citation where
possible. Please cite as: Online Statistics Education: A Multimedia Course of Study (http://onlinestatbook.com/).
Project Leader: David M. Lane, Rice University.
Michael Chesbro
87
2014
Police Intelligence Collectors Course
Statistics (UNC Center for Public Health Preparedness)

Advanced Data Analysis: Methods to Control for Confounding (1-hour)

Analyzing Data (I is for Investigation) (30-minutes)

Data Analysis Basics: Variables and Distribution (1-hour)

Data Analysis: Simple Statistical Tests (1-hour)
Texas A&M Engineering Extension Services
United States Institute of Peace
University At Albany (e-Learning Center)
Michael Chesbro
88

Chesbro`s Law Enforcement, Research

Transcription

Similar documents

eq power point - desmarais - ATD SF East Bay

Through a Scanner Darkly Adventures in the land of the spooks

customer intelligence through new eyes through

EQ Power Intro Powerful8 e v1_05052013

Enterprise Mission Management Toolkit (eMTK) Datasheet

BI Brochure_A4 - 24-Mar-16 - Final

EMOTIONAL INTELLIGENCE:

Deliberately Innovative PSTN/IP LAN/WAN

PDF Brochure

Multiple Intelligence Survey for Kids