Report Suspicious Activity
To report suspicious activity, email SARS@UTAH.GOV
Suspicious Behaviors and Activities That Should Be Reported Include | |
---|---|
ELICITING INFORMATION | Questioning individuals at a level beyond mere curiosity about particular facets of a facility’s or building’s purpose, operations, security procedures, etc., that would arouse suspicion in a reasonable person. |
TESTING OF SECURITY | Interactions with or challenges to installations, personnel, or systems that reveal physical personnel or cybersecurity capabilities. |
RECRUITING | Building operations teams and contacts, personnel data, banking data, or travel data. |
PHOTOGRAPHY | Taking pictures or video of facilities, buildings, or infrastructure in a manner that would arouse suspicion in a reasonable person. Examples include taking pictures or video of infrequently used access points, personnel performing security functions (patrols, badge/vehicle checking), security-related equipment (perimeter fencing, security cameras), etc. All reporting on photography should be done within the totality of the circumstances. |
OBSERVATION / SURVEILLANCE | Demonstrating unusual interest in facilities, buildings, or infrastructure beyond mere casual or professional (e.g., engineers) interest such that a reasonable person would consider the activity suspicious. Examples include observation through binoculars, taking notes, attempting to measure distances, etc. |
MATERIALS ACQUISITION / STORAGE | Acquisition of unusual quantities of precursor materials, such as cell phones, pagers, fuel, and timers, such that a reasonable person would suspect possible criminal activity. |
AQUISITION OF EXPERTISE | Attempts to obtain or conduct training in security concepts (military weapons or tactics) or other unusual capabilities that would arouse suspicion in a reasonable person. |
WEAPONS DISCOVERY | Discovery of unusual amounts of weapons or explosives that would arouse suspicion in a reasonable person. |
SECTOR SPECIFIC INCIDENT | Actions associated with a characteristic of unique concern to specific sectors (such as the public health sector) with regard to their personnel, facilities, systems, or functions. |
BREACH / ATTEMPTED INTRUSION | Unauthorized personnel attempting to enter or actually entering a restricted area or protected site. Impersonation of authorized personnel (e.g., police/security, janitor). |
MISREPRESENTATION | Presenting false or misusing insignia, documents, and/or identification to misrepresent one’s affiliation to cover possible illicit activity. |
THEFT / LOSS / DIVERSION | Stealing or diverting something associated with a facility/infrastructure (e.g., badges, uniforms, identification, emergency vehicles, technology, or documents [classified or unclassified] that are proprietary to the facility). |
SABOTAGE / TAMPERING / VANDALISM | Damaging, manipulating, or defacing part of a facility/infrastructure or protected site. |
CYBERATTACK | Compromising or attempting to compromise or disrupt an organization’s information technology infrastructure. |
EXPRESSED OR IMPLIED THREAT | Communicating a spoken or written threat to damage or compromise a facility/infrastructure. |
AVIATION ACTIVITY | Operation of an aircraft in a manner that reasonably may be interpreted as suspicious or posing a threat to people or property. May or may not be in violation of Federal Aviation Regulations. |