NIPC Daily Report 10 June, 2002 The NIPC Watch and Warning Unit compiles this report to inform recipients of issues impacting the integrity and capability of the nation's critical infrastructures.
Who protects the nation's infrastructure? Regardless of how the next major terrorist attack may come, what worries US security strategists is the economic shock that could result from an attack on a "critical infrastructure," such as a transportation, telecommunication or an energy facility. By striking such targets, which military experts regard as highly vulnerable, an enemy could inflict far more economic damage than the attack on the World Trade Center. Who should pay the huge costs of protecting such facilities? Should the government order the private sector to provide backup capacity to cushion the shock to the rest of the country if disaster strikes? That's an especially knotty dilemma considering corporate America has spent much of the last decade eliminating extraneous cost and capacity at the same time federal and state governments are faced with severe budget squeezes. The current position of the Bush Administration is to leave these issues to the private sector and prod them to boost security through various kinds of market incentives. Should a major terrorist attack hit vital infrastructure, however, the debate over the roles of the private and public sectors would be joined quickly. ( Business Week Online, 7 June) Terror fears spark Asian port checks. The threat of a terrorist bomb loaded from ship container to truck then exploding in the heart of an American city is driving moves by US Customs officials to inspect containers in Asian ports. Washington does not expect to be able to inspect all US-bound containers, but to work with 20 "mega-ports" to better target which containers need inspection. US Customs officials said they have developed an automated system to weed out suspicious packages that deserve a closer look using background of shippers and other tools to identify suspicious cargo. (CNN.com, 6 June) EPA awards first water security grants. US Environmental Protection Agency (EPA) Administrator Christie Whitman announced the first round of water security grants, part of $53 million to help large drinking water utilities across the nation assess their vulnerabilities. EPA also will work with states, tribes and appropriate organizations to further develop and disseminate tools and support security efforts at small and medium drinking water and wastewater systems. EPA worked with Sandia National Labs to develop training materials for water companies so they can conduct thorough assessments of vulnerabilities and determine how best to minimize said vulnerabilities. (Watertech Online, 7 June) Plants told to assess safety. The US Environmental Protection Agency (EPA) plans to order thousands of chemical plants, refineries, sewer and water treatment facilities to assess and reduce their vulnerability to terrorist attack. The plan, under review by several federal agencies, is patterned after measures developed by the chemical industry and would require analyses of plant security and consideration of safer chemical processes. While the chemistry council's plan affects only its members, the federal requirement would involve about 15,000 plants, the EPA official said. The plan would affect about 35 sites in Contra Costa County, which has one of the highest concentrations of chemical and petroleum plants on the West Coast. About half of those plants are near enough to population centers to make them attractive terrorist targets. (Contra Costa Times, 8 June) Air marshals train to tackle terrorism. "It's clear in my mind, when I weigh all of the pros and cons, pilots should not have firearms in the cockpit," Transportation Security Administration Director John Magaw told the Senate Commerce Committee on 21 May. "If something does happen on that plane, they really need to be in control of that aircraft, whether it's getting it on the ground, [or] whether it's maneuvering it so it knocks people off balance that are causing the problem." One shortcoming of the Air Marshall program is their small numbers. Growing from fewer than 50 before 11 September to a reported 2,000 (the Transportation Department maintains that the actual number is classified), they still sit on just a fraction of the nation's 35,000 daily flights. But air marshal officials contend that their numbers are much higher than most people think, and while they aren't on board every flight, the threat of their presence is a deterrent. The Air Line Pilots Association, which supports arming pilots, notes that armed pilots can do one thing that air marshals cannot: defend the aircraft from inside the cockpit. (GovExec.com, 4 June) Homeland security plan on technology. Homeland Security Department would take over "key cyber security activities" performed by the Department of Commerce's Critical Infrastructure Assurance Office (CIAO) and the FBI 's National Infrastructure Protection Center (NIPC). It would coordinate with the General Services Administration's Federal Computer Incident Response Center and assume the functions and assets of the Defense Department's National Communications System to coordinate emergency preparedness for the telecommunications sector. President Bush's plan hints that there will be some information technology shuffling. The plan does call for "development of a single enterprise architecture" designed to eliminate "sub-optimized, duplicative and poorly coordinated" systems. "There would be rational prioritization of projects necessary to fund homeland security missions based on an overall assessment of requirements rather than a tendency to fund all good ideas beneficial to a separate unit's individual needs" the plan states. (CNET News, 7 June) Cyberspace seen as a 'great threat and great danger'. US Space Command expects an increase this year in the number of attempts by hackers to break into Defense Department computer networks, according to Lt. Gen. Ed Anderson, Deputy Commander in Chief. One of the command's responsibilities is to meet all of the department's current and future cyber threats and requirements, and Anderson said the importance of the task couldn't be overemphasized. "As a matter of fact," he said on 5 June at a Chamber of Commerce luncheon, "I will tell you that if there's anything that keeps me awake at night, more than the other things we address, it's cyberspace. That truly is an area of great threat and great danger." From 1998 to 1999, he said, "there was a five-fold increase in the number of events that we detected in terms of hackers trying to get into our unclassified" networks. Since then, "there has been a steady increase in the number of events that have been detected ... and I can assure you that the number for 2002 will be greater than the number for 2001". Last year, Anderson said, "close to 30,000 events were detected, and we expect over 40,000 events this year." (Aerospace Daily , 7 June) Al-Qai'da uses Web as communications network. One day last October, an intelligence-community analyst noticed something strange about a radical Islamic Web site she had been monitoring for several months. A previously open, innocuous part of the site was suddenly blocked. She checked her notes, found the old address for the link and typed it in-to find an otherwise empty page commanding in Arabic, MISSIONARIES ATTACK! Other "hidden" pages on the site included seemingly nonsensical phrases and quotations from the Qur'an-coded instructions for Al-Qai'da operatives and their supporters. U.S. intelligence discovered Al-Qai'da uses the Web as a communications network. Analysts believe Al-Qai'da uses prearranged phrases and symbols to direct its agents. An icon of an AK-47 can appear next to a photo of Osama bin Laden facing one direction one day and facing another direction the next. Colors of icons can change as well. Messages can be hidden on pages inside sites with no links to them, or placed openly in chat rooms. The messages and patterns of symbols are given to analysts at the CIA and National Security Agency to decipher. ( Newsweek, 7 June) Monkeypox could be used as bio-weapon. According to scientists and former UN weapons inspectors, the Russians worked with the monkeypox virus, a close cousin to smallpox, in their bioweapons program and it is possible terrorists could use it in a biological attack against the US. Monkeypox is not as contagious as smallpox, but whether it could be or has been modified to be more virulent is unknown. The CDC, which holds a stockpile of the smallpox vaccine, is currently reconsidering its vaccination strategy and whether to vaccinate everyone or wait until there is an outbreak and try to vaccinate only those exposed. There are concerns that Russia's smallpox may have been leaked to terrorists, and whether something similar happened with monkeypox is uncertain. Iraq is one of the rogue states that may have obtained access to monkeypox. UN weapons inspectors have not been in Iraq since 1998, therefore it is difficult to know for certain whether they ever worked with monkeypox. The good news is that monkeypox does not appear to be transmittable from person to person and the smallpox vaccine protects against it. (United Press International, 9 June) Gunn says he's optimistic Amtrak will avoid shutdown. Amtrak President and CEO David L. Gunn said he is optimistic that the railroad could land a $205 million loan and avert a shutdown in July. But he made it clear that any shutdown would involve the entire system, not just certain routes such as long-distance trains. Gunn told employees that the railroad would run out of cash by July if it could not obtain a loan to tide the railroad over to the beginning of the fiscal year in October. If Amtrak shuts down, the effects would extend far beyond the lack of inter-city rail transportation. Amtrak maintains and dispatches trains along the Northeast Corridor, which is used by thousands of commuters daily to travel between cities reaching from Washington, D.C. to Boston. Any shutdown plan would have to address a transition that would allow commuter operations to continue. Most observers do not expect Amtrak will be forced to shut down. (Washington Post, 9 June) WWU Comment: While the risk of shutdown exists as early as July, skeptics claim that Amtrak will be bailed out by Congress or at least be given financial support to carry them through the end of the FY. If not, privatization is a possibility. Feds seek better Microsoft security. Tired of security holes in Microsoft's products, government technology officials are discussing whether to use their collective purchasing power to force changes in the way the Microsoft does business. Their efforts received a boost when consumer activist Ralph Nader joined the cause. In a letter to the White House, Nader indicated that changes in purchasing policy might be more effective and palatable to the administration than antitrust sanctions. The letter suggests the government should place limits on the number of Microsoft products it buys, dividing federal money among Microsoft, Apple, IBM and other companies. It also suggests that the government could push Microsoft to make changes. Many of the changes, such as more technical disclosure and making its products available on competing operating systems, mirror those suggested during the antitrust case and championed by the nine states still suing Microsoft. (Associated Press, 9 June) IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk
