Date Issued: November 30, 2022 02:00 pm ET
View as PDF:  National Terrorism Advisory System Bulletin – November 30, 2022 02:00 pm (pdf, 2 pages, 237.08 KB)

This DHS NTAS Bulletin is consistent with the ideas expressed in a recent presentation on domestic political extremism and violence by OODA Network Member Brian Jenkins to OODA Network Members:

• Brian Jenkins on Domestic Political Extremism at the November 2022 OODA Network Member Meeting
• An OODA Network Q&A Session on Domestic Political Extremism and Violence with OODA Network Member Brian Jenkins

The Bulletin is also consistent with the latest OODA Loop research on disinformation and misinformation, which are defined in a variety of ways.  The Aspen Institute’s Information Disorder Commission employed the following definitions:

Information disorder, coined by First Draft Co-Founder Claire Wardle, denotes the broad societal challenges associated with misinformation, disinformation, and malformation.

Disinformation is false or misleading information, intentionally created or strategically amplified to mislead for a purpose (e.g., political, financial, or social gain).

Misinformation is false or misleading information that is not necessarily intentional.

OODA Loop research utilizes the framework formulated by OODA CTO Bob Gourley, that of the Cognitive Infrastructure of a nation-state, which is “the mental capacities of a nation-state’s citizens and the decision-making ability of people, organizations, and government. It also includes the information channels used to inform decision-making capabilities and the education and training systems used to prepare citizens and organizations for critical thinking.  Our cognitive infrastructure is threatened in ways few of us ever imagined just a few years ago. Traditional propaganda techniques have been modernized and are now aided by advanced technologies and new information dissemination methods.”

Further OODA resources on the challenges of misinformation, disinformation, information disorder, and cognitive infrastructure can be found at the end of this post.

Summary of Terrorism Threat to the United States

The United States remains in a heightened threat environment. Lone offenders and small groups motivated by a range of ideological beliefs and/or personal grievances continue to pose a persistent and lethal threat to the Homeland.  Domestic actors and foreign terrorist organizations continue to maintain a visible presence online in attempts to motivate supporters to conduct attacks in the Homeland.  Threat actors have recently mobilized to violence, citing factors such as reactions to current events and adherence to violent extremist ideologies.

In the coming months, threat actors could exploit several upcoming events to justify or commit acts of violence, including certifications related to the midterm elections, the holiday season and associated large gatherings, the marking of two years since the breach of the U.S. Capitol on January 6, 2021, and potential sociopolitical developments connected to ideological beliefs or personal hostility.

Targets of potential violence include public gatherings, faith-based institutions, the LGBTQI+ community, schools, racial and religious minorities, government facilities and personnel, U.S. critical infrastructure, the media, and perceived ideological opponents.

Issued:   November 30, 2022 02:00 pm
Expires:   May 24, 2023 02:00 pm

Additional Information

• Several recent attacks, plots, and threats of violence demonstrate the continued dynamic and complex nature of the threat environment in the United States.
• Some domestic violent extremists who have conducted attacks have cited previous attacks and attackers as inspiration. Following the late November shooting at an LGBTQI+ bar in Colorado Springs, Colorado—which remains under investigation—we have observed actors on forums known to post racially or ethnically motivated violent extremist content praising the alleged attacker. Similarly, some domestic violent extremists in the United States praised an October 2022 shooting at a LGBTQI+ bar in Slovakia and encouraged additional violence. The attacker in Slovakia posted a manifesto online espousing white supremacist beliefs and his admiration for prior attackers, including some within the United States.
• Recent incidents have highlighted the enduring threat to faith-based communities, including the Jewish community. In early November 2022, an individual in New Jersey was arrested for sharing a manifesto online that threatened attacks on synagogues. The individual admitted to writing the document, in which he claimed to be motivated by the Islamic State of Iraq and ash-Sham (ISIS) and hatred towards Jewish people.
• While violence surrounding the November midterm elections was isolated, we remain vigilant that heightened political tensions in the country could contribute to individuals mobilizing to violence based on personalized grievances. Over the past few months we observed general calls for violence targeting elected officials, candidates, and ballot drop box locations.
  • In October 2022 in San Francisco, California, an individual allegedly broke into the home of a Member of Congress and attacked their spouse with a hammer. The individual arrested for this crime was allegedly inspired by partisan grievances and conspiracy theories.
  • Several elected officials, candidates, and political organizations received threatening letters with suspicious powders, which, while found not to be dangerous or toxic, were likely intended to target the political process. Voting for the midterm elections has concluded, but certifications for some elections will continue through December 2022, and some social media users have sought to justify the use of violence in response to perceptions that the midterm elections were fraudulent, citing technical difficulties at voting sites and delays in certifications.
• Perceptions of government overreach continue to drive individuals to attempt to commit violence targeting government officials and law enforcement officers.  In August 2022, an individual wearing body armor and armed with a firearm and a nail gun attempted to forcibly enter the Cincinnati, Ohio Field Office of the Federal Bureau of Investigation (FBI). When uniformed officers responded, the individual fled the scene, resulting in a pursuit and eventual shots fired by responding officers. In the days preceding the attack, the individual called on others to acquire weapons and kill federal law enforcement, claiming he felt he was fighting in a “civil war.”
• Some domestic violent extremists have expressed grievances based on perceptions that the government is overstepping its Constitutional authorities or failing to perform its duties. Historically, issues related to immigration and abortion have been cited by prior attackers as inspiration for violence. Potential changes in border security enforcement policy, an increase in noncitizens attempting to enter the U.S., or other immigration-related developments may heighten these calls for violence.

How We Are Responding

DHS works with partners across every level of government, in the private sector, and in local communities to keep Americans safe, including through the following examples of our resources and support:

• DHS and the FBI continue to share timely and actionable information and intelligence with the broadest audience possible. This includes sharing information and intelligence with our partners across every level of government and in the private sector. We conduct recurring threat briefings with private sector and state, local, tribal, territorial, and campus partners, including to inform security planning efforts. DHS remains committed to working with our partners to identify and prevent all forms of terrorism and targeted violence, and to support law enforcement efforts to keep our communities safe.
• In July 2022, DHS reconstituted the Faith-based Security Advisory Council (FBSAC). The FBSAC serves as an advisory body with the purpose of providing guidance and recommendations to the Secretary on the development and implementation of strategies, policies, programs, and information sharing practices that will further the Department’s ability to prevent, protect against, respond to, and recover from acts of targeted violence or terrorism, major disasters, cyberattacks, or other threats or emergencies against places of worship, faith communities, and faith-based organizations.
• DHS’s Office of Intelligence and Analysis (I&A), the FBI, and the National Counterterrorism Center in 2021 jointly updated behavioral indicators of U.S. extremist mobilization to violence. Further, I&A’s National Threat Evaluation and Reporting Program continues to provide tools and resources for federal, state, local, tribal, and territorial partners on preventing terrorism and targeted violence, including online suspicious activity reporting training.
• DHS’s Cybersecurity and Infrastructure Security Agency (CISA) works with government and private sector partners – including owners and operators of critical infrastructure and public gathering places – to enhance security and mitigate risks posed by acts of terrorism and targeted violence through its network of Protective Security Advisors and resources addressing Active Shooters, School Safety, Bombing Prevention, and Soft Targets-Crowded Places.
• DHS’s Center for Prevention Programs and Partnerships (CP3) educates and trains stakeholders on how to identify indicators of radicalization to violence, where to seek help, and the resources that are available to prevent targeted violence and terrorism. In 2022, CP3 awarded about $20 million in grants through its Targeted Violence and Terrorism Prevention (TVTP) Grant Program.
• In 2021 and 2022, DHS designated domestic violent extremism as a “National Priority Area” within its Homeland Security Grant Program (HSGP), enabling our partners to access critical funds that help prevent, prepare for, protect against, and respond to related threats.
• In 2022, DHS’s Nonprofit Security Grant Program (NSGP) provided over $250 million in funding to support target hardening and other physical security enhancements to non-profit organizations at high risk of terrorist attack.
• DHS remains focused on recognizing disinformation that threatens the security of the American people, including disinformation by foreign states such as Russia, China, and Iran, or other adversaries, including as transnational criminal organizations and human smuggling organizations.
• SchoolSafety.gov consolidates school safety-related resources from across the government. Through this website, the K-12 academic community can also connect with school safety officials and develop school safety plans.
• The DHS Center for Faith-Based and Neighborhood Partnerships continues to engage a coalition of faith-based and community organizations, including members of the Faith-based Security Advisory Council, to help build the capacity of faith-based and community organizations seeking to protect their places of worship and community spaces.

Resources to Stay Safe

Stay Informed and Prepared

• Be prepared for emergency situations and remain aware of circumstances that may place you at risk. Make note of your surroundings and the nearest security personnel.
• Keep yourself safe online and maintain digital and media literacy to recognize and build resilience to false or misleading narratives.
• Review Department of Homeland Security (DHS) resources for how to better protect businesses, houses of worship, and schools, and ensure the safety of public gatherings.
• Prepare for potential active shooter incidents, build counter-improvised explosive device capabilities, and enhance awareness of terrorist threats, to include bomb threats.
• Learn more about community-based resources including Community Awareness Briefings to help prevent individuals from radicalizing to violence.
• The Nationwide Suspicious Activity Reporting (SAR) Initiative (NSI) is a collaborative effort by DHS, the FBI, and law enforcement partners to identify and report threats of terrorism and other related criminal activity.
• The Power of Hello Campaign and De-Escalation Series help you observe and evaluate suspicious behaviors, including information to mitigate potential risks, and obtain help when necessary.
• View webinars on Building Partnerships, and Preventing Targeted Violence and Protecting the Safety and Security of Houses of Worship.

Report Potential Threats

• Listen to local authorities and public safety officials.
• If You See Something, Say Something® Report suspicious activity and threats of violence, including online threats, to local law enforcement, FBI Field Offices, or your local Fusion Center. Call 911 in case of emergency.
• If you know someone who is struggling with mental health issues or may pose a danger to themselves or others, seek help.

What Next?

Further OODA Loop Resources

• The CISA CSAC: Cognitive Infrastructure Research and Election Public Messaging:   The Cybersecurity and Infrastructure Security Agency’s (CISA) continues to model an operational structure with an effective public/private partnership component that yields actionable results.   The latest success is the evolution of the CISA Cybersecurity Advisory Committee (CSAC which meets quarterly) and its subcommittees, specifically the time-sensitive work of the Protecting Critical Infrastructure from Misinformation and Disinformation (MDM) Subcommittee. Following is the anatomy of a CSAC subcommittee, including the mission statement formulated in December 2021, followed by the subcommittee’s quarterly updates, reports, and recommendations. The case study concludes with the recently released public service announcement from the FBI and CISA  – which demonstrates the value and impact of the work of the subcommittee since December 2021.
• Ongoing Efforts to Combat Information Disorder and Strengthen our Cognitive Infrastructure:  Last year, OODA Network Member Congressman Will Hurd was a Commissioner for the Aspen Institute’s Information Disorder Report.   Congressman Hurd will take part in a Keynote Conversation at OODAcon (which is the final event of the event to be held on Tuesday, October 18th).  In the run-up to the event next week, the following is an update on some of the research and project outcomes achieved by various global efforts working to understand and combat “information disorder” and build a strong cognitive infrastructure.
• An Executive’s Guide To Cognitive Bias in Decision Making: A Career Intelligence Officer Provides Context on Fighting Bias in Judgement:  Cognitive Bias and the errors in judgment they produce are seen in every aspect of human decision-making, including in the business world. Companies that have a better understanding of these cognitive biases can optimize decision-making at all levels of the organization, leading to better performance in the market. Companies that ignore the impact these biases have on corporate decision-making put themselves at unnecessary risk. This post by OODA Co-Founder Bob Gourley provides personal insights into key biases as well as mitigation strategies you can put in place right now.
• National Cognitive Infrastructure Protection:  What Can We Learn from the Swedish Psychological Defence Authority?  In 2019, in what now reads like a strikingly prescient premonition, OODA CTO Bob Gourley penned a two-part series on the neglect of our national Cognitive Infrastructure, which includes the mental capacities of our citizens and the decision-making ability of people, organizations, and our government. It also includes the information channels used to feed our decision-making capabilities and the education and training systems used to prepare people and organizations for critical thinking. In the series, Bob discussed the efforts by the U.S. government in the 1990s to create a framework for “Critical Infrastructure Protection” when talking about manufacturing, dams, the energy sector, nuclear reactors, etc. But what about the protection of our critical cognitive infrastructure, which is threatened in ways few of us ever imagined just a few years ago? The Swedes offer an exemplary agency model.
• “The Worst-Case Scenario is the Least Probable” and Other Cognitive Biases: Global Drought, Catastrophic Monsoons and Floods and “Zombie Ice”:  Our editorial approach here at OODA Loop is an optimistic approach, based on the influence of ‘solutions-based’ journalism and a belief in the American “mission” writ large, including years of experience with deeply humble, remarkably talented people that make up American agencies, departments, and institutions.  It is also part of our job, however, to position negative metrics and trends as part of our overall sensemaking on behalf of the membership – and try to achieve something resembling a stoic, balanced stance on most information we are handling at any given time. We also use scenario planning to tell the story of the future as we are seeing it – to influence risk strategies and decision-making processes for our member organizations.  So, with that:  Are you sitting down? Because I have some bad news, along with a mental model through which to analyze its implications.
• More research and analysis from OODA Loop on Cognitive Infrastructure.
• CISA:  Shields Up!

Stay Informed

It should go without saying that tracking threats are critical to inform your actions. This includes reading our OODA Daily Pulse, which will give you insights into the nature of the threat and risks to business operations.

Related Reading:

Explore OODA Research and Analysis

Use OODA Loop to improve your decision-making in any competitive endeavor. Explore OODA Loop

Decision Intelligence

The greatest determinant of your success will be the quality of your decisions. We examine frameworks for understanding and reducing risk while enabling opportunities. Topics include Black Swans, Gray Rhinos, Foresight, Strategy, Strategies, Business Intelligence, and Intelligent Enterprises. Leadership in the modern age is also a key topic in this domain. Explore Decision Intelligence

Disruptive/Exponential Technology

We track the rapidly changing world of technology with a focus on what leaders need to know to improve decision-making. The future of tech is being created now and we provide insights that enable optimized action based on the future of tech. We provide deep insights into Artificial Intelligence, Machine Learning, Cloud Computing, Quantum Computing, Security Technology, and Space Technology. Explore Disruptive/Exponential Tech

Security and Resiliency

Security and resiliency topics include geopolitical and cyber risk, cyber conflict, cyber diplomacy, cybersecurity, nation-state conflict, non-nation state conflict, global health, international crime, supply chain, and terrorism. Explore Security and Resiliency

Community

The OODA community includes a broad group of decision-makers, analysts, entrepreneurs, government leaders, and tech creators. Interact with and learn from your peers via online monthly meetings, OODA Salons, the OODAcast, in-person conferences, and an online forum. For the most sensitive discussions interact with executive leaders via a closed Wickr channel. The community also has access to a member-only video library. Explore The OODA Community.