National Infrastructure Protection Center
NIPC Daily Open Source Report for 2 December 2002

Daily Overview

.       CNN reports the U.S. Transportation Security Administration has
warned airports to review their missile attack measures after Thursday's
attempt to shoot down a passenger plane in Kenya.  (See item 4)

.       The Sacramento Bee reports Lawrence Livermore National
Laboratory is developing a process to measure substances normally
occurring in the air to provide a control for systems that monitor
biological agents.  (See item 14)

.       The Huntsville Times reports Tanner, Alabama has a new water
treatment plant that filters viruses, one of only 100 such facilities
worldwide.  (See item 8)

.       The GAO has published a report which recommends changes to the
manner in which data regarding terrorism funding is collected and
reported.  (See item 9)

NIPC Daily Report Fast Jump [click to jump to section of interest]
Banking & Finance

Gas & Oil

Emergency Law Enforcement

Government Operations
Information Technology
Cyber Threats and Vulnerabilities

Internet Alert Dashboard
NIPC Information

Power Sector

1.      November 29, Platts Energy News - Explosion at Germany's
Brunsbuttel nuke generator.  There was an explosion at the Brunsbuttel
nuclear power plant in northern Germany on Wednesday evening, a
spokesman for the energy ministry of Schleswig-Holstein said Friday.
The 806MW reactor is currently offline following a safety incident last
December.  The explosion happened in a generator in the non-nuclear
party of the plant.  No one was injured.  The extent of the damage is
not yet known, but the spokesman said Brunsbuttel was likely to remain
offline longer than anticipated as a result of the generator fault.  The
explosion happened when the explosive gases condensed and then exploded,
and the BKA (German federal crime office) is investigating.  Brunsbuttel
has been offline since Feb 18, 2002, shut down in order to probe
circumstances surrounding a radioactive leak on Dec 14, 2001.  Source: 

2.      November 26, Fortune Magazine - Power failure: massive debt
burdens the energy industry.  In the past several years of boom and
expansion, power companies borrowed approximately $600 billion; some of
which was used in speculative trading operations, but most went to buy
other power companies or build natural-gas power plants.  About $90
billion of this debt must be repaid or renegotiated by 2006.  Few
companies are able to repay this - the collapse of energy trading has
put them in a cash crunch, and several are close to bankruptcy.  In
addition, the overbuilding has lowered cost of energy and the economic
downturn has meant that the country is not using as much power as
expected.  As a result, power prices are severely depressed.  Possible
buyers, should bankruptcy occur, are buyout firms, financial investors,
and European utilities.  Also, various local utility companies, bought
out in the 1990s, may opt to buy some of the assets.  Source:

Current Electricity Sector Threat Alert Levels:  Physical: ELEVATED,
Scale:  Low, Guarded, Elevated, High, Severe   [Source: ISAC for the
Electricity Sector (ES-ISAC) -]

[return to top]

Banking and Finance Sector

3.      November 27, Associated Press - New York bank pleads guilty to
charges.  Broadway National Bank pleaded guilty to three felony charges
of not reporting suspicious banking activity between 1996 and 1998, and
will pay a $4 million fine.  Authorities said the case marked the first
prosecution of a bank for failing to establish an anti-money laundering
program and failing to file required "suspicious activity reports."
U.S. Customs Special Agent Nelson Chen said $123 million was illegally
moved through the bank - most of it the proceeds of drug trafficking -
after some criminal organizations learned Broadway was not following
proper procedures.  Source:

[return to top]

Transportation Sector

4.      December 1, CNN - Airports asked to review missile attack
measures.  After Thursday's attempted missile attack on a passenger
plane in Kenya, the U.S. Transportation Security Administration (TSA)
asked officials at U.S. airports to review measures to protect against
similar attacks.  TSA spokesman Robert Johnson told CNN Saturday that
the TSA notification went to all federal security directors (TSA
employees who direct security at airports), who were then to notify
security at individual airports.  Unknown attackers launched two
shoulder-fired missiles at an Israeli charter flight as the Boeing 757
was taking off from Mombasa airport.  The missiles missed their target
and authorities later found two launchers and two unused missiles near
the runway.  As CNN has previously reported, U.S. security officials met
with airline executives earlier this month in Washington to discuss the
possibility of shoulder-fired missiles being used against U.S.
commercial airliners.  It was one topic among many discussed at that
meeting.  The FBI and the TSA first warned U.S. airlines and local law
enforcement in May that such an attack could happen. The warning came
after an apparent attempt by al Qaeda to shoot down a U.S. military
plane in Saudi Arabia with such a weapon.  The TSA alert in May said,
"there is no information indicating that al Qaeda is planning to use
MANPADS [shoulder-fired missiles] against commercial aircraft," but it
added, "the threat cannot be discounted."  Source: 

5.      November 27, New York Times - Mexican trucks gain approval to
haul cargo throughout the U.S.  The U.S. government cleared the way
yesterday for Mexican trucks to travel throughout the United States,
beginning in the next few weeks.  Until now, Washington has limited
Mexican trucks to a 20-mile-wide commercial zone along the border.  The
new safety requirements demanded by Congress were adopted in legislation
enacted a year ago.  The law mandated more inspectors to monitor Mexican
trucks and limited the number of hours that Mexican truckers could
drive. Since then, Bush administration officials said.  Mexican trucking
companies have also tightened training for drivers and improved
emissions controls.  Under the new rules, Mexican trucking companies
will be allowed to haul cargo to and from the United States, and Mexican
bus companies will be permitted to schedule regular passenger service to
and from points in Mexico and the United States.  But those companies
will not be allowed to provide service between points in the United
States.  Source: 

[return to top]

Gas and Oil Sector

6.      November 27, BBC News - Morocco floods hit oil plant.  Oil
tankers were swept away by a swollen river and Morocco's largest oil
refinery has been closed following flash floods which have killed at
least 37 people.  The Samir plant in the town of Mohammedia - which
processes up to 90% of the country's crude oil exports - was severely
damaged after flash floods triggered a major blaze.  Two people were
killed in the fire, and three others were missing.  Morocco has seen
unusually heavy rain in the past 10 days after a four-year drought.

[return to top]

Telecommunications Sector

Nothing to report.

[return to top]

Food Sector

7.      November 27, Associated Press - Audit finds North Carolina food
safety system fragmented.  North Carolina's food safety system is
fragmented, understaffed, under-equipped, and has limited enforcement
powers for violations, according to the state auditor in a report on
Wednesday.  The special performance review by North Carolina's state
auditor's office was launched as part of a national effort in the wake
of the September 11 terrorist attacks.  The review suggested the state
General Assembly may want to study the food safety system to identify
improvements, review fee structures, and examine the effectiveness of
safety programs.  The review came after the U.S. General Accounting
Office had asked federal, state, and local audit officials to review
their food safety systems.  The GAO particularly was interested in
security changes made at food processing plants after the terrorist
attacks.  The original GAO objective could not be completed, but State
Auditor Ralph Campbell said their preliminary work for the GAO raised
significant questions about the safety of the state's food supply.
"Traditionally, food safety was thought of as adulteration of our food
by accident or by poor sanitation," he said.  "But since 9-11, we've now
introduced another component - the deliberate adulteration of our food
supply" said David Smith, North Carolina Assistant Agriculture
Commissioner.  Source: 

[return to top]

Water Sector

8.      November 28, Huntsville Times - New water treatment plant in
Tanner, AL to filter viruses.  The new plant has a filtration system
used in only 100 other facilities worldwide.  The new filtration system
replaces coagulation and sand-filtering technology and requires no
chlorine.  Up to 4 million gallons of water a day will be pumped through
6-foot-tall, 8-inch pipes with a system of hollow fiber membranes made
of cellulose acetate.  The filters are flushed with citric acid to clean
them, an alternative to the heavy chemicals used in current systems.
The process is totally automated, except for the daily tests of water
quality.  Tests on the equipment will begin in January with the grand
opening scheduled for May.  Source:

[return to top]

Chemical Sector

Nothing to report.

[return to top]

Emergency Law Enforcement Sector

Nothing to report.

[return to top]

Government Operations Sector

9.      November 27, General Accounting Office - Combating terrorism:
funding data reported to Congress should be improved.  The General
Accounting Office (GAO) has calculated, on the basis of Office of
Management & Budget's (OMB) data, that there was a 276-percent total
increase in funds designated to combat terrorism during fiscal years
2001 and 2002 (as reported in OMB's annual reports to Congress for 2001
and 2002, respectively).  This increase includes a 106-percent increase
from the post-September 11 redefinition of combating terrorism to
include homeland security activities such as aviation and transportation
security, and a 170-percent increase due to funding increases.
Difficulties in coordinating budgets to combat terrorism stem from the
variety of missions involved and the fact that activities related to
combating terrorism are often funded through budget accounts that also
provide funding for other activities.  Various approaches have been used
to address these challenges.  GAO is making recommendations to improve
OMB's annual report, including collecting and reporting obligation data.
It also recommends improvements to performance measures in strategies
and performance plans related to combating terrorism.  Source:  Report: 

[return to top]

Information Technology Sector

10.     November 27, Global Security Newswire - Pentagon distributes
software for modeling effects of attacks.  The Defense Department has
licensed to a few select non-governmental organizations previously
unavailable software that can model the effects of releases of nuclear,
chemical, biological or radiological weapons and materials.  The
Heritage Foundation, Natural Resources Defense Council, Stanford
University and other institutions have recently gained access to the
computer modeling programs.  The goal is to educate political leaders
and the public about the potential consequences of weapons of mass
destruction whether they are used by terrorists or by a state in
conflict with the United States.  Furthermore, defense officials have
said that they benefit from the independent analysis by non-governmental
organizations.  The modeling programs-the Hazard Prediction and
Assessment Capability (HPAC) and the Consequences Assessment Tool Set
(CATS)-are both capable of calculating the outcome of thousands of
possible scenarios involving a variety of weapons and materials.  The
models can determine the human medical effects, toxicity levels,
contaminated areas, population exposure, hazard areas and casualties
should WMD materials be unleashed in an attack or dispersed in a
military strike or by accident.  Source.

[return to top]

Cyber Threats and Vulnerabilities

11.     November 28, Internet Magazine - Jewish group tells of
'electronic Jihad' plan.  Militant Islamic groups are urging their
followers to conduct 'electronic Jihad' on Jewish websites, according to
the Simon Wiesenthal Center.  Rabbi Abraham Cooper, an associate dean at
the Los Angeles-based Jewish organization, told Reuters that one of the
center's researchers had come across two websites in Arabic referring to
a three-day campaign of hacking into Jewish sites.  The Simon Wiesenthal
Center monitors extremist anti-Semitic publications and websites on a
regular basis, but Cooper said the latest find this week was
particularly alarming because one of the websites gave 'how to' tips to
would-be hackers.  Source.

Internet Alert Dashboard
Current Alert Levels

Internet Security Systems 
AlertCon: 1 out of 4
Security Focus ThreatCon: 1 out of 4

Last Changed: 26 November 2002  Last Changed: 23 November 2002
Current Virus and Port Attacks
Virus:  #1 Virus in USA:  PE_FUNLOVE.4099
Source:, Trend World Micro Virus
Tracking Center [Infected Computers, North America, Past 24 hours, #1 in
United States]
Top 10 Target Ports     137(netbios-ns); 1433(ms-sql-s); 80(http);
21(ftp); 4662; 25(smtp); 445(microsoft-ds); 443(https);
139(netbios-ssn); 53(domain)
Source:; Internet Storm Center

[return to top]

General Information

12.     November 30, CNN - Disney ship docks with 195 ill: next week's
cruise canceled to sanitize vessel.  The Disney cruise ship, Magic, just
completed a cruise of the western Caribbean, during which 172 passengers
and 23 crew members came down with what is believed to be the Norwalk
virus.  If the culprit is confirmed to be Norwalk, it would be the
second such outbreak on the cruise ship in as many weeks.  More than 300
people aboard the Magic fell ill last week with Norwalk virus.  It can
be transmitted person-to-person or by consuming contaminated food or
water.  Centers for Disease Control and Prevention (CDC) specialists
made it clear last week how they think the virus is spreading.  "We
strongly feel this is predominantly person-to-person, spread through
hand-to-mouth activity, and all this makes it a little more difficult to
control," said Dave Forney, chief of CDC's vessel sanitation program.
"The primary objective for the week," Jaronski said, "is to break the
cycle by keeping passengers off the ship."  That could be a key factor
as another cruise line, Holland America, prepares to return the
Amsterdam to service for its first cruise since spending the past week
undergoing a similar disinfection and sanitizing process.  More than 500
people fell victim to Norwalk virus on its most recent cruise.  The CDC
reports no illness among the crew staying aboard Amsterdam this past
week.  Source: 

13.     November 29, BBC News - Bin Laden tape 'not genuine'.
Researchers in Switzerland have questioned the authenticity of the
recent audio recording attributed to Osama bin Laden.  A team from the
Lausanne-based Dalle Molle Institute for Perceptual Artificial
Intelligence, Idiap, said it was 95% certain the tape does not feature
the voice of the al-Qaeda leader.  U.S. intelligence officials have said
they believe the recording - broadcast on Arabic television earlier this
month - was almost certainly that of Osama bin Laden.  The review of the
tape was commissioned by France-2 television and the findings were
presented by the Institute's director, Professor Herve Bourlard.

14.     November 29, Sacramento Bee - Project seeks to clear air on bugs
we breathe.  In the age of modern bioterrorism, scientists and engineers
are busily inventing increasingly sensitive tools to detect the presence
of suspicious germs on the spot.  "That begs the question," Gary
Andersen, a Lawrence Livermore National Laboratory microbiologist said,
"What's the background (levels) of these organisms?" he asked.  Gary
Andersen began developing a system three years ago to monitor biological
agents that naturally occur in the environment, but may also be used as
bioterror agents.  It was a low-profile project, until last year's
anthrax mailings and the ensuing worry about bioterrorism.  Now the
federal government is giving Andersen and his team $1 million a year to
measure bacteria and fungi in the air in locations across the country.
The chief questions the researchers hope to answer include: what
substances are normally in the air, do their presence and number vary
seasonally, and what benign bugs out there are so genetically similar to
pathogens that they'll trigger false positive readings?  "We really need
to know what's going to set signals off so we don't start evacuating
people before we have to," Andersen said.  Source: 

15.     November 28, Washington Post - State officials asked to speed
smallpox plan.  The timetable for vaccination of health workers has been
cut in half and could begin soon.  Federal health officials have
directed the states and the District of Columbia to speed up plans to
offer smallpox vaccinations to 500,000 hospital workers nationwide,
urging that the task be completed within 30 days of an announcement that
could come as soon as next week.  The timetable, delivered Friday by the
U.S. Centers for Disease Control and Prevention, has stirred public
health and logistics concerns among state health officials.  Most
planned to immunize hospital workers in phases over a 60-day period to
better track potentially severe side effects.  The vaccine will require
detailed education, screening, tracking and follow-up of a critical
segment of health workers.  Many states had planned to vaccinate 20
percent to 30 percent of hospital workers at a time to give clinicians
more experience with side effects.  States also sought time to train and
vaccinate the vaccinators.  The voluntary program is expected to start
with health workers who would bear the brunt of a smallpox outbreak and
would need to be protected in order to treat victims and prevent the
health care system from collapsing.  Source: 

[return to top]

NIPC Products & Contact Information

The National Infrastructure Protection Center (NIPC) serves as a
national critical infrastructure threat assessment, warning,
vulnerability, and law enforcement investigation and response entity.
The NIPC provides timely warnings of international threats,
comprehensive analysis and law enforcement investigation and response.
The NIPC provides a range of bulletins and advisories of interest to
information system security and professionals and those involved in
protecting public and private infrastructures.  By visiting the NIPC
web-site (, one can quickly access any of the
following NIPC products:

2002 NIPC Advisories - Advisories address significant threat or incident
information that suggests a change in readiness posture, protective
options and/or response.

2002 NIPC Alerts - Alerts address major threat or incident information
addressing imminent or in-progress attacks targeting specific national
networks or critical infrastructures.

2002 NIPC Information Bulletins - Information Bulletins communicate
issues that pertain to the critical national infrastructure and are for
informational purposes only.

2002 NIPC CyberNotes - CyberNotes is published to support security and
information system professionals with timely information on cyber
vulnerabilities, malicious scripts, information security trends, virus
information, and other critical infrastructure-related best practices. 

2002 NIPC Highlights - The NIPC Highlights are published on a monthly
basis to inform policy and/or decision makers of current events,
incidents, developments, and trends related to Critical Infrastructure
Protection (CIP).  Highlights seeks to provide policy and/or decision
makers with value-added insight by synthesizing all source information
to provide the most detailed, accurate, and timely reporting on
potentially actionable CIP matters.

IWS INFOCON Mailing List
@ IWS - The Information Warfare Site

Reply via email to