NIPC Daily Report 18 April 2002 The NIPC Watch and Warning Unit compiles this report to inform recipients of issues impacting the integrity and capability of the nation's critical infrastructures.
Power blackouts could stop flow of water in valley. A dispute between power and water utility companies in southern Nevada could lead to power blackouts this summer. Public water agencies are opposed to a $922 million power rate increase that they say would drive up the cost of providing water service to 800,000 people in the Las Vegas Valley. Nevada Power is concerned that there isn't enough power supply to meet demand, and warns that rolling blackouts are a possibility. A water district deputy general manager said "reliable power is critical to reliable water delivery." Nevada Power claims water customers, including water service to fire hydrants, will never be in danger, and that the Southern Nevada Water Authority is considered a 'critical customer' that will not feel the effects of any power interruptions. (lasvegassun.com, 15 Apr) Cities struggling to fix sewer systems. Every day it rains or snows, 772 of the nation's older cities and towns face a health and environmental threat from outdated systems known as CSOs, for combined sewer overflows, single-pipe sewers that move both sewage and storm water to treatment plants. Their brick-lined sewers were built in the late 1800s and early 1900s, before the age of indoor plumbing, to prevent streets from flooding during downpours. In later years as toilets, sinks and bathtubs were added to homes, the waste was funnelled into the same storm sewers. The federal government in the 1970s required cities to lay separate storm and sewer lines. By then, hundreds of cities were left with sewers that work fine in dry conditions, but overflow into rivers and streams during wet weather with bacteria-laced discharges that kill fish, fuel algae blooms that taint waterways green, and leave a sickening smell. Now communities are struggling with a federal mandate to fix their systems - improvements that come with a high price tag but scant federal funds to help pay for them. The US Environmental Protection Agency estimates that it will take about $45 billion in new construction to address the problem over the coming years. (Associated Press, 17 Apr) Some airports will not get explosive detection machines by year's end. The undersecretary for transportation security told Congress on 17 April that airports without explosive detection machines at year's end will have checked luggage inspected by handheld equipment. While equipment will vary, ''all airport facilities will have comparable security.'' Some airports will use a combination of minivan-sized explosive detection machines and trace-detection devices. Other airports will have the handheld equipment that detects traces of explosive material. The explosive detection and the trace machines are the only equipment that will enable the nation's 429 commercial airports to meet a 31 December deadline for having all bags checked by machine for explosives. (Associated Press, 17 Apr) TVA reaches seams agreement with MISO. The Tennessee Valley Authority says it has reached agreements with neighboring electricity systems to allow "seamless" wholesale power trading across a vast section of the Southeast and Midwest. TVA said the so-called "seams" agreements were struck with the Midwest Independent Transmission System Operator and two large utilities in the South, the Southern Co. and Energy Corp. The FERC has strongly encouraged TVA to participate in RTO-development discussions in the region involving investor-owned utilities, municipally owned utilities, and rural electric cooperatives. TVA said it is continuing efforts to develop a "Public Power Regional transmission Grid" with such potential partners as East Kentucky Power Cooperative, Associated Electric Cooperative Inc. and Big Rivers Electric Corp. (Energy Info Source, 17 Apr) Entergy considering new nuclear plant. Entergy Corp. has notified the federal Nuclear Regulatory Commission that it is considering building a nuclear power plant in Port Gibson, Miss. Entergy Nuclear, a subsidiary of the New Orleans-based utility, on 16 April, became the third company to notify the federal Nuclear Regulatory Commission of plans to seek an ``early site permit'' for a new nuclear plant. The company said nuclear energy is an alternative to natural gas, which fuels most of the country's newest power plants. `Having the nuclear option available is in the best interest of our power consumers, Entergy and the nation's energy independence,'' the company said. Entergy began considering building a nuclear plant a year ago after a severe shortage of natural gas sent the price of natural gas-generated electricity soaring. The application will take about a year to prepare and cost the nuclear subsidiary about $9 million, including a $5.4 million application fee from the NRC. The federal Department of Energy has offered to pay for as much as 50 percent of the application cost, he said. Entergy Nuclear will cover the rest. (Associated Press, 17 Apr) MyLife virus back in the wild. Antivirus fighters have warned users to beware of a virus variant on its eighth outing in the wild. The mass mailing virus, MyLifeH is the eighth incarnation of the 'MyLife' virus to be detected. Fortunately for users, MyLifeH does not carry a destructive payload, unlike its original predecessor which caused mass destruction by deleting hard drives D: to I:. The virus is a mass mailer that simply forwards itself on to every address found in the Windows Address Book. The virus uses poor social engineering to appear as though the email has been scanned for viruses, but the poor grammar should put users on their guard. Antivirus firms already have antidotes for all variants of MyLife. (vnunet.com, 12 Apr) SQL Server 7.0 and 2000 vulnerable to extended stored procedures exploits. Several of the Microsoft-provided extended stored procedures are being reported as having flaws. They fail to perform input validation correctly, and are susceptible to buffer overruns. Exploiting the flaw could enable an attacker to either cause a SQL Server service to fail, or cause code to run in the security context in which SQL Server is running. (Microsoft, 17 Apr) Senate to use high-tech security to tighten nations borders. The Senate began debate 15 April on legislation that would tighten security at the nation's borders using high-tech tools to track visitors and turn away those who might be a threat to US security. The Enhanced Border Security and Visa Entry Reform Act is on a fast track, and lawmakers hope to get it passed this spring. It would provide $3.5 billion over three years to tighten the security net at the nation's borders, including $1 billion for fiscal 2003. (Federal Computer Week, 17 Apr) Technology research to improve pipeline safety and security. The Department of Transportation has a new research initiative aimed improving the safety and security of the nation's gas and hazardous liquid pipelines. The initiative seeks to focus on damage prevention and leak detection technologies. Over the coming months, the US Department of Transportation's Research and Special Programs Administration (RSPA/OPS) will be soliciting project papers for the remaining research areas of enhanced operations, controls, and monitoring and improved material performance. (DOT Press Release, 17 Apr) IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk
