National Infrastructure Protection Center
NIPC Daily Open Source Report for 4 December 2002

Daily Overview

.       The Washington Post reports the nature of identity theft has
changed and today is more likely to come from insiders going after a
massive amount of information rather than a thief stealing an
individual's wallet.  (See item 2)

.       NEPA News reports that Carnegie Mellon University and the
University of Pittsburgh are freely providing software to health
organizations to assist in the early warning of a bioterrorist attack.
(See item 16)

.       The Land & Livestock Post reports that Texas A&M University has
published an internet website to assist meat and poultry processors
quickly find information on food safety.  (See item 7)

NIPC Daily Report Fast Jump [click to jump to section of interest]
Banking & Finance

Gas & Oil

Emergency Law Enforcement

Government Operations
Information Technology
Cyber Threats and Vulnerabilities

Internet Alert Dashboard
NIPC Information

Power Sector

1.      December 3, Platts Global Energy - Outage cuts UK-France flows
by 500MW until Dec 10.  A problem with a transformer is likely to cut
capacity transfer on the UK-France power link by 500MW in both
directions until Dec 10 at the earliest, a spokesman for UK transmission
system operator National Grid said Tuesday.  The problem with the
transformer at Sellindge converter station in Kent, on the UK side of
the link, occurred in the early hours of Monday morning, he said.  The
"best guess" of link operators National Grid and French transmission
system operator RTE was that it will return to its full capacity
transfer level of 2,000MW on or around Dec 10, he said.  The grid
operators were investigating the problem with the transformer, he said.

Current Electricity Sector Threat Alert Levels:  Physical: ELEVATED,
Scale:  Low, Guarded, Elevated, High, Severe   [Source: ISAC for the
Electricity Sector (ES-ISAC) -]

[return to top]

Banking and Finance Sector

2.      December 3, Washington Post - Identity theft more often an
inside job.  The nature of identity theft has changed and the threat
today is more likely than ever to come from insiders - employees with
access to large financial databases who can loot personal accounts -
than from a thief stealing a wallet or pilfering your mail.  Banks,
companies that take credit cards and credit-rating bureaus themselves
don't do enough to protect consumers, critics say.  Law enforcement
experts now estimate that half of all such cases come from thefts of
business databanks as more and more information is stored in computers
that aren't properly safeguarded.  "There is a shift by identity thieves
from going after single individuals to going after a mass amount of
information," said Joanna Crane, identity-fraud program manager at the
Federal Trade Commission. "There's an awful lot of bribery of insiders
going on."  Source: 

[return to top]

Transportation Sector

3.      December 3, U.S. Customs Service - Customs announces CSI
deployment at Le Havre.  U.S. Customs Commissioner Robert C. Bonner
announced Tuesday the deployment of four U.S. Customs officers to the
French port of Le Havre, marking the latest step in the agency's
Container Security Initiative (CSI).  CSI is designed to prevent
terrorists from infiltrating the world's sea cargo environment by
improving security at key seaports worldwide.  To date, nine countries
have agreed to participate with U.S. Customs under CSI.  These
agreements cover 15 ports, all among the top 20 ports that handle
shipments bound for the United States.  Source: 

4.      December 1, Dallas Morning News - International shipping
vehicles vulnerable to terrorist attacks.  With al-Qaeda stepping up its
sporadic attacks on western targets, there is a consensus among
terrorism experts that international shipping is increasingly vulnerable
to extreme tactics.  The risk extends beyond the big, obvious targets to
the thousands of ferryboats that move cars, cargo and commuters from
port to port, often with minimal security, in the United States and
Europe.  Steven Flynn, a former U.S. Coast Guard commander who is now a
senior fellow with the Council on Foreign Relations, contends that one
serious incident involving containers brought into the United States by
ship would prompt the public to demand the entire system be shut down,
crippling global commerce.  The impact of a shipping shutdown would be
disastrous for the U.S. economy, Flynn said.  While U.S.
counter-terrorism officials grapple with this potential hazard, their
European counterparts have imposed high security alerts in recent months
because of intelligence indicating that terrorists plan to target one of
the many car ferries that link Britain to the European mainland.  The
ferries are perceived as vulnerable because they are designed to
transport large trucks filled with retail goods, including electronics,
furniture and agricultural items.  An extensive search of loading points
in Europe was conducted several weeks ago after information about a
specific truck bomb was provided to authorities.  No bomb was found, but
the entire ferry system remains on high alert, said Magnus Ranstorp,
director of the Center for the Study of Terrorism and Political Violence
at the University of St. Andrews in Scotland.  Source:

[return to top]

Gas and Oil Sector

5.      December 3, Dow Jones Newswires - Citgo: west shore pipeline
shut north of Des Plaines, Ill.  West Shore Pipeline Company's 16 inch
refined products pipeline was shut around 11:00 a.m. EST (1600 GMT)
Monday after a leak was discovered about three miles south of Bristol,
Ill, according to Kent Young, spokesman for Citgo Petroleum Co. ,
operator of the West Shore Pipeline.  There's been no immediate impact
on product supply, Young said, as the company typically maintains three
to four days supply in terminals.  There is no estimate on the extent of
the repair work needed, and, therefore, there's no restart estimate.
The West Shore Pipeline originates in the Chicago area and transports
refined products - gasoline, fuel oil and turbine fuel - north to Green
Bay, Wisconsin and west and then north to Madison, Wisconsin.  Source: 

6.      December 3, BBC News - Europe names its 'fleet of shame'.  A
blacklist of 66 ships deemed too dangerous for European waters has been
published by the European Commission.  The ships have been "named and
shamed" amid concerns over safety standards in the wake of the Prestige
tanker disaster.  The commission said the 66 ships on its blacklist had
been detained on several occasions in European ports for failing to
comply with safety rules.  Most are bulk carriers, although 16 are oil
and chemical tankers and one is a passenger vessel.  Twenty-six of the
vessels sail under a Turkish flag.  Twelve are flagged to the Caribbean
nation of St Vincent and Grenadines, and nine to Cambodia. A total of 13
flags are represented.  Source: 

[return to top]

Telecommunications Sector

Nothing to report.

[return to top]

Food Sector

7.      December 1, Land & Livestock Post (Texas) - Database provides
information on food safety.  A scientific article database has been
designed at Texas A&M University to help meat processors and others who
develop their Hazard Analysis Critical Control Point programs (HACCP).
HACCP is a food safety process control system regulated by the U.S.
Department of Agriculture to make sure meat and poultry products are
safe.  The database "can be used by the industry to support its
decisions," said Dr. Kerri Harris, executive director of the
International HACCP Alliance, which is headquartered at Texas A&M.
"Because there is a government requirement for companies to defend their
decisions and be able to support how they created their food safety
programs, this is a tool that gives them the information without having
to make multiple phone calls, contact multiple people, and do multiple
searches," Harris said.  The database can be accessed at  Source: 

[return to top]

Water Sector

8.      December 3, Detroit News (Michigan) - Faster E. coli test in
works.  A consortium of professors at Wayne State University in Michigan
is within a year of developing a rapid-fire monitoring system that would
give instant readings of E. coli bacteria contamination in lakes and
rivers and immediately detect deadly chemicals in drinking water,
scientists say.  The new system would give instant results for drinking
water.  Tests now take 24 hours.  "It's in the prototype stage right
now, but we can start with some preliminary testing," said Greg Auner, a
Wayne State professor who heads the team creating the system.  Wayne
State's work will dovetail with research that will soon start under a
$3.5 million grant awarded last week to the U.S. Army Tank-automotive
and Armaments Command (TACOM) in Warren, MI, under a Congressional
spending bill.  The grant will be used "to develop water monitoring for
detection of chemical and biological warfare agents," said Jay
Dusenbury, a science and technology team leader at TACOM.  The primary
focus of the TACOM grant is to protect the drinking water of American
troops, but the same technology could be used to protect drinking water
at municipal water intakes.  Source: 

9.      December 2, San Antonio Express News (Texas) - Simulated terror
attack test preparedness.  In a computer simulation last summer, Texas
state, federal, and Mexican officials tested their response to a
terrorist attack in which tons of cancer-causing chemicals were dumped
into the Rio Grande at Laredo, TX.  The exercise required the officials
to divert the poisoned waters before they reached Falcon Lake 80 miles
south.  David Eaton, an LBJ School of Public Affairs professor, said the
exercise, held in June in Bastrop, TX, showed how communities on both
sides of the U.S.-Mexico border could deal with terror attacks before
they get out of hand.  In the computer simulation, held at a Lower
Colorado River Authority facility, two days were compressed into less
than six hours of decision-making.  Officials identified the chemical
and then enlisted the Army Corps of Engineers to build a temporary dam,
diverting the river's flow onto land on the U.S. side and sparing Falcon
Lake, which supplies water to the Lower Rio Grande Valley.  Eaton's
research team is among about 20 funded by the Army that have been
probing bioterror topics at the University of Texas at Austin, UT-San
Antonio, and other universities and medical schools since 1998.  Major
goals are to enable troops to continue fighting in the face of
biological or chemical agents and to improve domestic responsiveness
partly by ensuring more efficient communications systems.  Source:  

[return to top]

Chemical Sector

10.     December 2, Tribune-Review (Pittsburgh) - Lawmakers to weigh
chemical security options.  There are various approaches to chemical
safety being considered for 2003.  One contender is the Chemical
Security Act, passed by the Senate's Environmental and Public Works
Committee last July.  The bill would give the U.S. Environmental
Protection Agency the mandate to police chemical sites.  There is also
expected to be a White House proposal to federalize security at more
than 13,000 sites nationwide.  And, in Pennsylvania, a law drafted by
state Rep. Mike Veon, a Beaver Falls Democrat, could supersede all other
plans.  Probes by the Pittsburgh Tribune-Review found security so lax at
62 facilities making, storing and shipping hazardous chemicals that a
reporter easily could reach tanks holding some of the world's deadliest
toxins.  The investigations focused on plants near some of America's
largest cities, including Baltimore, Chicago, Houston and Pittsburgh.  A
bill written by state Rep. Veon mandates tougher security for
Pennsylvania's chemical plants.  The Veon plan calls for a Cabinet
anti-terrorism position and National Guard protection of Pennsylvania's
nuclear plants.  He vows to "close the loopholes" in federal laws
allowing catastrophic amounts of chemicals to be made, stored and
shipped near cities.  The bill died in the Legislature's recently ended
session, but Veon, the House Democratic whip, vows to reintroduce the
measure next year.  Source: 

[return to top]

Emergency Law Enforcement Sector

11.     December 3, USA Today - U.S. anti-terror training camps booked
solid.  Potential scenarios of domestic terrorism unfolded last month at
training centers for police, firefighters, emergency medical specialists
and other rescue workers who would be the first to respond to terrorist
attacks in the U.S.  Public-safety experts say that such exercises,
using sophisticated mock-ups of real life, can help equip "first
responders" in ways that classroom instruction and scripted run-throughs
can't.  The rank-and-file seem to agree: Tens of thousands have gone
through hands-on training since the 2001 terrorist attacks.  The
National Domestic Preparedness Consortium, a partnership of federal
agencies and public universities, hopes to train 100,000 police, fire,
rescue and emergency health workers a year.  With an estimated 7.5
million first responders and 4 million health care workers in America,
demand far exceeds openings in courses, which can include drills to
combat biochemical terrorism, weapons of mass destruction,
hostage-takers, explosives and other threats.  Source:

[return to top]

Government Operations Sector

12.     December 3, Associated Press - USPS workers to get potassium
iodide.  The United States Postal Service (USPS) said Monday it was
buying nearly 1.6 million pills from Tampa-based Anbex, Inc. for
distribution to workers who want to have the tablets if a radiological
emergency occurs.  The pills are generally kept on hand in areas where
there is a threat of a nuclear accident, but in recent years concerns
have also increased that an enemy might include a form of iodine in a
nuclear weapon.  The Food and Drug Administration-approved tablets will
be available for all 750,000 postal workers nationwide.  Source: 

[return to top]

Information Technology Sector

Nothing to report.

[return to top]

Cyber Threats and Vulnerabilities

Nothing to report.

Internet Alert Dashboard
Current Alert Levels

Internet Security Systems 
AlertCon: 1 out of 4
Security Focus ThreatCon: 1 out of 4

Last Changed:  26 November 2002 Last Changed: 23 November 2002
Current Virus and Port Attacks
Virus:  #1 Virus in USA:   PE_FUNLOVE.4099
Source:, Trend World Micro Virus
Tracking Center [Infected Computers, North America, Past 24 hours, #1 in
United States]
Top 10 Target Ports     137(netbios-ns); 80(http); 1433(ms-sql-s);
21(ftp); 4662; 25(smtp); 139(netbios-ssn); 445(microsoft-ds);
443(https); 53(domain)
Source:; Internet Storm Center

[return to top]

General Information

13.     December 3, Associated Press - WHO fund to probe disease
outbreaks.  The World Health Organization (WHO) has a new $500,000 rapid
response fund to investigate infectious disease outbreaks, whether
caused by nature or terrorism.  The money will allow the WHO to send
teams to the field without first raising money to support the
investigations.  "Crucial hours lost in the early days of a disease
outbreak can mean the difference between a handful of cases and a major
epidemic," Dr. Gro Harlem Brundtland, WHO's director-general, said in a
statement Monday.  The fund will be called the WHO-NTI Emergency
Outbreak Response Fund.  Officials at NTI and WHO said the fund will
need donations from others, and they hope it will be replenished by
"traditional humanitarian donors" and member nations.  WHO spends
anywhere from a couple of million dollars to $10 million per year
investigating outbreaks.  Each investigation can cost anywhere from
$50,000 to $500,000.  Source: 

14.     December 3, New York Times - Three-month old strike continues at
animal disease center.  The government contractor who employs nearly
half the work force at the Plum Island Animal Disease Center has
rejected a vote by union workers that could have ended a strike that has
lasted over three months, according to letters from the company and
union officials.  On Saturday, union members voted unanimously to accept
a contract that was the same as the one they went on strike to protest.
Workers said they were willing to give up their previous demands based
on the understanding that all the striking workers would be allowed to
return to the job.  They said that on Nov. 14, the contractor, LB&B,
made a proposal that included permanent provisions for 45 replacement
workers.  The contractor said that the union was mistaken in believing
that the proposal did not include replacement workers.  In a letter to
the union dated Nov. 30, Benjamin N. Thompson, a lawyer for LB&B, wrote:
"LB&B consistently maintained throughout the post-strike negotiations
that replacement workers hired to replace the strikers were permanent
replacements.  Source: 

15.     December 2, NEPA News (Pennsylvania) - Universities give away
bioterror-detection software.  Software that could provide an early
warning of a bioterrorist attack is being given to health organizations
for free, Carnegie Mellon University and the University of Pittsburgh
announced Monday.  The Real-time Outbreak Disease Surveillance software
was created several years ago by the BioMedical Security Institute,
which the schools jointly operate, and is available on the Internet.
Health professionals using the surveillance software enter patients'
symptoms, their ZIP codes, and dates of their visits.  The system can
alert medical and emergency officials of any spike in symptoms that
could be related to a biological attack.  A year before the terrorist
attacks, scientists at the universities began a project to track
patterns of influenza, E. coli infections and illness caused by common
biological agents reported in Pittsburgh area hospitals.  The goal is to
have all health systems in Pennsylvania using the software in three
years.  Eventually, the system could be used nationwide.  Source:

[return to top]

NIPC Products & Contact Information

The National Infrastructure Protection Center (NIPC) serves as a
national critical infrastructure threat assessment, warning,
vulnerability, and law enforcement investigation and response entity.
The NIPC provides timely warnings of international threats,
comprehensive analysis and law enforcement investigation and response.
The NIPC provides a range of bulletins and advisories of interest to
information system security and professionals and those involved in
protecting public and private infrastructures.  By visiting the NIPC
web-site (, one can quickly access any of the
following NIPC products:

2002 NIPC Advisories - Advisories address significant threat or incident
information that suggests a change in readiness posture, protective
options and/or response.

2002 NIPC Alerts - Alerts address major threat or incident information
addressing imminent or in-progress attacks targeting specific national
networks or critical infrastructures.

2002 NIPC Information Bulletins - Information Bulletins communicate
issues that pertain to the critical national infrastructure and are for
informational purposes only.

2002 NIPC CyberNotes - CyberNotes is published to support security and
information system professionals with timely information on cyber
vulnerabilities, malicious scripts, information security trends, virus
information, and other critical infrastructure-related best practices.

IWS INFOCON Mailing List
@ IWS - The Information Warfare Site

Reply via email to