(CNN)The Department of Homeland Security’s intelligence branch had identified “specific” threats related to January 6, 2021 prior to the attack on the US Capitol, but the information gathered was not widely shared until two days after the riot, according to a new Watchdog report.
The DHS Office of Inspector General found that three different departments within the Trump-era DHS Office of Intelligence and Analysis had either collected information or identified potential violent threats and had not released that information in reports outside the department prior to Jan. 6 – instead emailing threat intelligence to local partners in Washington, DC before the attack in a way that “didn’t get as widespread” as its usual intelligence products. Those threats, the report said, included storming the Capitol, attacking politicians and law enforcement officials, and “sacrificing their lives while they engaged in violence.”
Because of the failure to share information, DHS was “unable to provide timely, actionable and forward-looking information to its many state, local, and federal partners,” the report said.
The inspector general’s report released Tuesday is the first of three DHS watchdog reports related to the attack on the Capitol. The findings come a day after it was revealed that dozens more US Capitol police officers were injured during the riot than previously known, according to a report by the Government Accountability Office.
The DHS Intelligence Bureau is the only member of the federal intelligence community legally required to share information with state, local, and other non-federal officials. The office is also tasked with collecting and analyzing open source information.
In the run-up to the attack on the US Capitol, intelligence sharing was widespread, and law enforcement officials, along with other agencies, have been pointing the finger at DHS ever since.
CNN previously reported that DHS’ intelligence branch did not issue a specific warning about the possibility of violence on March 6, according to two DHS officials.
The watchdog found that staff in the Open Source Collection Operations department collected threat intelligence but “didn’t produce any actionable intelligence.” This was partly due to “inexperienced” collectors who, according to IG, did not receive proper training.
Reluctance to report to Portland
Collectors at that office described a “hesitation” after criticism of the way the office handled intelligence information during the summer 2020 protests in Portland, Oregon. A previous DHS review found that the Secret Service office there had collected and disseminated information on U.S. journalists, in part because an unprepared and ill-trained workforce had been employed to help gather information.
The events in Portland led to an upheaval in the office’s top management and permanently damaged its reputation. The office has not had a Senate-approved leader as of May 2020, and President Joe Biden’s nominee Kenneth Wainstein is awaiting a Senate vote.
While Tuesday’s report does not review Portland, it notes that the circumstances provide “important context” for the decisions and actions taken prior to Jan. 6.
On several occasions prior to January 6th, collectors wrote to each other about threats they had discovered online.
In one case, on Jan. 2, “after learning that individuals were sharing a map of the US Capitol building online, a collector messaged his colleague that he thought people were trying to hurt politicians,” reads it in the report. Two employees discussed a possible “scalp” of staff to respond to the escalating threats, but did not discuss releasing an intelligence product.
On the same day, two collectors discussed online comments threatening to hang Democrats in Washington, DC, but didn’t believe the comments reached the reporting threshold. The next morning, collectors noted discussions of the hanging of politicians, the storming of Congress, and the sacrifice of lives, but no reports were made.
Despite tips from colleagues in other branches of the intelligence agency and concerns expressed internally, no open-source reports have been issued to “inform its partners about possible threats for January 6,” the IG wrote.
The watchdog found three main reasons for the failure: insufficient training related to open source collection, a lack of understanding of reporting guidelines, and hesitation in reporting following a review of the bureau’s actions related to the Portland protests.
“Overall, open source collectors told us that they did not believe a storming of the US Capitol was possible and therefore dismissed this specific type of threat as an exaggeration,” the report reads.
The inspector general found a case where an intelligence product was released in connection with January 6 but was not distributed until two days later, rendering it “unusable” as an advance warning.
Information sent via email
The watchdog noted that the Secret Service emailed threat information about the Jan. 6 events to state and local partners “at least five times” prior to the Capitol break-in, but sharing information via email spreads information not as far as the release of intelligence products on the report.
Intelligence bureau staff disagree on whether an intelligence product the result on 6 in the future will be more responsive.
The watchdog issued five recommendations, including providing improved annual training and implementing a process to request and timely review open source intelligence products when related to upcoming events.
DHS agreed with all five recommendations and described actions it took to address the issues in the report, including developing tools to collect information effectively and ensure that information is shared efficiently.
“Since the events of January 6, 2021, I&A has taken many actions to improve its ability to effectively identify, collect and share threat intelligence, including publicly available information identified online,” said John Cohen, who has been the office since July wrote to Inspector General Joseph Cuffari in response to a draft of the report.
Add Comment