Vanguard America: Expanding Activities

9/5/17- New Jersey -  In the past six months, Vanguard America—a white supremacist group—has expanded beyond Internet-based activity to attending violent protests nationwide, distributing propaganda, and intimidating minority populations. The leader of the group claims there are approximately 200 members in 20 states, including New Jersey. 

On August 12, Vanguard America members attended a rally in Charlottesville, Virginia, protesting the planned removal of a Confederate statue. During the rally, James Alex Fields Jr.—who drove his vehicle into a group of counter-protesters, killing one and injuring 19—was photographed with Vanguard America members, wearing their signature uniform of khakis and a white polo, and carrying a shield with an image affiliated with the group. Vanguard America has since stated that Fields is not a member of the organization.

Over the last year, Vanguard America has distributed fliers nationally to recruit new members—primarily targeting educated males 18-24. The group has also posted fliers at universities in at least 10 states—including at Rutgers University, New Brunswick (Middlesex County) and Princeton University, Princeton (Mercer County).

The group actively distributes hate-related propaganda targeting synagogues, Islamic centers, and cultural institutions to intimidate minority populations. On July 1, a Vanguard America banner was posted in front of a Holocaust memorial in Lakewood Township (Ocean County). The banner stated, “(((HEEBS))) will not divide us,” referencing a derogatory name for Jews and the echo—three parentheses with a name inside—used to label individuals as Jewish.
Download PDF here

Booter and Stresser Services Increase the Scale and Frequency of Distributed Denial of Service Attacks

Criminal actors offer distributed denial of service (DDoS)-for-hire services in criminal forums and marketplaces. These DDoS-for-hire services, also known as booters or stressers, are leveraged by malicious cyber actors, pranksters, and/or hacktivists to conduct largescale cyber attacks designed to prevent access to U.S. company and government Web sites. The FBI investigates these services as a crime if they are used against a Web site without the owner’s permission (such as for a legitimate stress test).
DDoS attacks are costly to victims and render targeted Web sites slow or inaccessible. These attacks prevent people from accessing online accounts, disrupt business activities, and induce significant remediation costs on victim companies. They also can cause businesses impacted by DDoS attacks to lose customers.
For example, in October 2016, one of the largest DDoS attacks to date targeted a domain name service (DNS) provider and impacted more than 80 Web sites primarily in the United States and Europe, causing them to become inaccessible to the public. The attack used a booter service and was attributed to infected Internet of Things (IoT) devices like routers, digital video recorders, and Webcams/security cameras to execute the DDoS attack1. Open source reports estimate the DNS provider lost approximately eight percent of its customers following the attack.

Booter and stresser services are a form of DDoS-for-hire--- advertised in forum communications and available on Dark Web marketplaces--- offering malicious actors the ability to anonymously attack any Internet-connected target. These services are obtained through a monetary transaction, usually in the form of online payment services and virtual currency. Criminal actors running booter and stresser services sell access to DDoS botnets, a network of malware-infected computers exploited to make a victim server or network resource unavailable by overloading the device with massive amounts of fake or illegitimate traffic.
These services can be used legitimately to test the resilience of a network; however, criminal actors use this capability to take down Web sites. Established booter and stresser services offer a convenient means for malicious actors to conduct DDoS attacks by allowing such actors to pay for an existing network of infected devices, rather than creating their own. Booter and stresser services may also obscure attribution of DDoS activity.
Regardless of whether someone launches a DDoS attack using their own command-and-control infrastructure (e.g., a botnet) or hires a booter and stresser service to conduct an attack, their transmission of a program, information, code, or command to a protected computer2 may result in criminal charges.

The use of booter and stresser services to conduct a DDoS attack is punishable under the Computer Fraud and Abuse Act (18 U.S.C. § 1030), and may result in any one or a combination of the following consequences:
Seizure of computers and other electronic devices
Arrest and criminal prosecution
Significant prison sentence
Penalty or fine

The FBI requests DDoS victims contact their local FBI field office and/or file a complaint with the Internet Crime Complaint Center (IC3), regardless of dollar loss or timing of incident. Field office contacts can be identified at IC3 complaints should be filed at with the following details (if applicable):
Traffic protocol used by the DDoS (DNS, NTP, SYN flood, etc)
Attempt to preserve netflow and/or packet capture of the attack
Any extortion/threats pertaining to the DDoS attack
Save any such correspondence in its original, unforwarded format
Victim information
Overall losses associated with the DDoS attack
If a ransom associated with the attack was paid, provide transaction details, the subject’s email address, and/or crypto currency wallet address
Victim impact statement (e.g., impacted services/operations)
IP addresses used in the DDoS attack.       

F.B.I. Internet Crime Complaint Center:  


Navy Tests Hypersonic Weapons That Could Hit Anywhere on Earth in an Hour
Prompt Global Strike could give the U.S. military hypersonic weapons technology.
Courtesy   Story by Kyle Mizokami

The U.S. Navy is testing technology that could deliver a conventional warhead anywhere on Earth in as little as an hour. As first reported by US Naval Institute News, the Navy performed a flight test last week featuring Prompt Global Strike, a hypersonic weapon system designed to give the U.S. the ability to quickly strike targets worldwide with almost no notice.

Interest in very long range precision-guided weapons surfaced in 2001, when the George W. Bush Administration expressed interest in "offensive strike" weapons. The idea was to field a ballistic missile or some other kind of high-speed long-range missile with a conventional, high explosive warhead. This way, the U.S. could hit targets virtually anywhere based on time-sensitive information in situations where aircraft carriers, bombers, and other U.S. assets could not respond in time.

The Prompt Global Strike concept got a boost in the post-9/11 era, when it seemed as if such weapons could be useful to strike fleeting targets such as terrorist meetings, or to take out elusive targets such as Saddam Hussein and Osama bin Laden. (In indeed, an attempt was made to bomb Saddam Hussein at Dora Farms, Iraq before the 2003 invasion, but he was not there at the time.) Nowadays, possible PGS uses include destroying a nuclear missile sitting on a launch stand in North Korea or Iran, targeting weapons of mass destruction in the hands of terrorists, or even hitting targets quickly during a conflict with a state such as China or Russia.

PGS originally took many forms, including a conventional version of the submarine-launched Trident D-5 missile. The problem was that a conventional (non-nuclear) Trident launch looks exactly the same as a nuclear Trident launch. In the heat of conflict an adversary might panic when it detects a Trident missile in flight, not knowing whether it carried a conventional or nuclear warhead. If the adversary also had nuclear weapons, it might be tempted to launch a counterstrike on the erroneous belief it was under nuclear attack.

Now the Navy if trying out "boost glide" hypersonic weapon technology. Hypersonic weapons travel at speeds of Mach 5 10 Mach 10. Boost glide hypersonic weapons typically sit atop a ballistic missile and ride the missile to a great height and speed, before detaching from the missile and gliding down to the target at blistering speed. Boost glide weapons have a different flight profile from ballistic missiles, detaching before the missile leaves the atmosphere, so they're relatively easy to differentiate on a radar screen from a regular ballistic missile that could be carrying a nuke.

Not much else is known about the October 30 test. The U.S. Navy's Strategic System Program, which oversaw the test, told USNI News it was "the first conventional prompt strike missile for the United States Navy" that the Navy could someday deploy on its guided missile and attack submarines. Submarines are ideal platforms for PGS, as they can loiter underwater near targets, whittling down the reaction time even farther.

However, Hypersonic weapons are difficult to develop. The faster a weapon flies, the harder it is to steer, making precision targeting difficult. Hypersonic speed also dramatically increases the aerodynamic forces and temperatures (up to 1800 degrees Fahrenheit) the weapon is exposed to. These issues pose immense, but not insurmountable, technical challenges.

The U.S. isn't the only country working on hypersonic weapons. China has tested its DF-ZF hypersonic weapon several times. It and Russia's Yu-71 are both boost glide weapons, though the two countries have their own reasons for developing them. Russia sees the Yu-71 as a way to sneak a nuclear warhead around America's long range ballistic missile defenses, while China could use them to get around shorter range anti-ballistic missile systems such as THAAD and Patriot PAC-3 that protect U.S. bases across the Asia-Pacific.

This summer, the California-based think tank Rand Corp suggested the U.S. and other major powers work to limit the spread of hypersonic weapons worldwide on the grounds they are inherently destabilizing. Like conventional Trident, the extreme speed of hypersonic weapons gives a country's leaders little time to react to them, possibly forcing them to use their nuclear arsenals before losing them to hypersonic attack.