National Infrastructure Protection Center NIPC Daily Open Source Report for 31 December 2002
Daily Overview . The Washington Post reports that U.S. intelligence officials have identified approximately 15 cargo freighters around the world that they believe are controlled by al Qaeda or could be used by the terrorist network. (See item 4) . The Canadian Press reports experts say it's only a matter of time before there is a concerted, politically motivated attack on the Internet or a piece of computer-dependent infrastructure such as the electrical grid. (See item 12) . The Washington Post reports that as the new airport measures go into effect, all checked bags must be screened for explosives, although the method will vary by airport. (See item 5) . Reuters reports the price of oil is now above $33 a barrel, influenced by a possible war with Iraq and the continuing crisis in Venezuela. (See item 7) . The San Francisco Chronicle reports water officials are considering desalination to prevent serious drought in the future. (See item 8) Editor's Note: Beginning January 6, 2003, the NIPC Daily Open Source Report will be aligned to cover the critical infrastructure sectors as identified in the National Strategy for Homeland Security. Currently covered sectors, which were set forth in Presidential Decision Directive 63, are included in the new format. The new Sector alignment will be as follows: Agriculture, Food, Water, Public Health, Emergency Services, Government, Defense Industrial Base, Information and Telecommunications, Energy (to include Electric Power, and Oil and Gas), Transportation, Banking and Finance, Chemical Industry and Postal and Shipping. Readers wishing to comment on the contents or suggest additional topics and sources should contact Melissa Conaty at 202-324-0354 or Kerry J. Butterfield at 202-324-1131. Requests for adding or dropping distribution to the NIPC Daily Open Source Report should be made through the Watch and Warning Unit at [EMAIL PROTECTED] NIPC Daily Report Fast Jump [click to jump to section of interest] Power Banking & Finance Transportation Gas & Oil Telecommunications Food Water Chemical Emergency Law Enforcement Government Operations Information Technology Cyber Threats and Vulnerabilities Internet Alert Dashboard General NIPC Information Power Sector 1. December 30, Platts Energy News - Fermi-2 scrams from 75% power on control rod problem. A few minutes after midnight Sunday, operators at the Newport, Michigan Southern Nuclear's Fermi-2 manually scrammed the reactor and placed it in hot shutdown after losing the ability to drive control rods, the Nuclear Regulatory Commission said in its events notification report. Just before the scram occurred, the 1,116-MW nuclear reactor was being shut down from 100% power because of a low output voltage condition. Power was lowered using core flow to 75%. The low MPU 3 voltage allowed selection of control rods but would not allow control rods to be inserted. Source: http://www.platts.com/archives/94903.html 2. December 27, Daily News, New York - Sparks fly over planned Brooklyn, NY power plant. The billion-dollar, 1,100-megawatt cogeneration facility proposed on N. 12th St., on the border of Williamsburg and Greenpoint, would clean up a toxic site, improve air quality and give the revitalizing waterfront a sleek new signature building, according to TransGas Energy Systems, which is seeking state approval for the plant which will convert natural gas into electricity. "It will become an anchor and an economic engine, providing jobs, generating millions of dollars in economic activity and spurring additional future investment," said TransGas President Adam Victor. But community activists have a different take on the project -- Adam Perlmutter, an attorney and board member of Greenpoint Waterfront Association Parks, said "Something like this will be the death knell for waterfront revitalization." Borough President Marty Markowitz, City Councilman David Yassky (D-North Brooklyn), Assemblyman Joseph Lentol (D-North Brooklyn) and Rep. Nydia Velazquez (D-Brooklyn) have spoken out against the power plant proposal. Source: http://www.energycentral.com/sections/newsroom/nr_article.cfm?id=3540686 Current Electricity Sector Threat Alert Levels: Physical: ELEVATED, Cyber: ELEVATED Scale: Low, Guarded, Elevated, High, Severe [Source: ISAC for the Electricity Sector (ES-ISAC) - http://esisac.com] [return to top] Banking and Finance Sector 3. December 26, Comptroller of the Currency - Bank Secrecy Act/Anti-Money Laundering: Notice of Designation--Designation of Nauru and Ukraine as Primary Money Laundering Concerns. This document states that it is believed by the Comptroller that the foreign banks listed within the document currently or in the past maintained correspondent accounts with Nauru-licensed financial institutions. The overwhelming majority of Nauru-licensed financial institutions are believed to be shell banks. As a service to U.S. financial institutions, the Comptroller is providing this information to assist them in their compliance with their obligations under section 313 of the USA PATRIOT Act, which, among other things, requires U.S. financial institutions to take reasonable steps to ensure that they do not indirectly provide correspondent services to foreign shell banks. The provision of this list should not be construed as an implication of wrongdoing by the listed institutions. This is not intended to be an exhaustive list, but does represent current information. Source: http://www.occ.treas.gov/ftp/bulletin/2002-47b.doc [return to top] Transportation Sector 4. December 31, Washington Post - 15 freighters believed to be linked to al Qaeda. U.S. intelligence officials have identified approximately 15 cargo freighters around the world that they believe are controlled by al Qaeda or could be used by the terrorist network to ferry operatives, bombs, money or commodities over the high seas, government officials said. American spy agencies track some of the suspicious ships by satellites or surveillance planes and with the help of allied navies or informants in overseas ports. But they have occasionally lost track of the vessels, which are continuously given new fictitious names, repainted or re-registered using invented corporate owners, all while plying the oceans. Concerned about the vulnerabilities of American shipping since Sept. 11, 2001, U.S. officials have started paying more attention than ever to what cargo is loaded onto ships entering U.S. waters, and to who serves on crews, as well as to stowaways and individuals who appear to be surveying U.S. ports. In addition, U.S. intelligence agencies have set up large databases to track cargo, ships and seamen in a search for "anomalies" that could indicate terrorists on approaching ships, said Frances Fragos-Townsend, chief of Coast Guard intelligence. "If all you do is wait for ships to come to you, you're not doing your job," she said. "The idea is to push the borders out." Source: http://www.washingtonpost.com/wp-dyn/articles/A56442-2002Dec30.html 5. December 30, Washington Post - Travelers brace for new airport measures. Holiday travelers who left before Christmas may have a different airport experience if they fly home after New Year's Day. Their checked bags likely will be searched for explosives, although the method "machine, human hands or dogs" will vary by airport. And at more than 40 airports, travelers with only carry-on bags no longer can go straight to the gate. They'll have to make a detour to the ticket counter or a kiosk to get a boarding pass. The changes are bound to create problems, said Michael Boyd, a Denver-based airline consultant. He offered this advice: Don't check anything and get there very early. "It could be total chaos," he said. The new security is overseen by the Transportation Security Administration, (TSA), created after the Sept. 11 attacks to protect travelers from terrorists. In the past year, the agency has hired more than 50,000 people, distinguished by their white shirts and yellow embroidered badges, to screen passengers and baggage at 424 commercial airports. Now the TSA is in the midst of adding another layer of security: screening all checked bags for explosives. It's an enormous undertaking since an estimated 1.5 billion bags get checked at U.S. airports every year. Small airports can easily meet the requirement that all bags be screened because they can use labor-intensive methods such as searching by hand and using a wand that detects explosives residue on the outside of bags. Larger airports need more efficient SUV-sized bomb-detection machines. Source: http://www.washingtonpost.com/wp-dyn/articles/A51596-2002Dec29.html 6. December 30, U.S. Coast Guard - Maritime Security. The Coast Guard is holding seven public meetings to discuss requirements for security assessments, plans, and specific security measures for ports, vessels, and facilities. Discussions will aid the Coast Guard in determining the types of vessels and facilities that pose a risk of being involved in a transportation security incident, and in identifying security measures and standards to deter such incidents. Discussions will also focus on aligning domestic maritime security requirements with the International Ship and Port Facility Security (ISPS) Code and recent amendments to the International Convention for the Safety of Life at Sea (SOLAS), to comply with section 102 (Port security) of the recently enacted Maritime Transportation Security Act of 2002 (MTSA). The Coast Guard encourages interested individuals and organizations to attend the meetings and submit comments for discussion during the meetings. The Coast Guard also seeks comments from anyone unable to attend the meetings. NOTE: The full text of the notice incorporates a backgrounder and several appendices to include Appendix C Cost Analysis Report for Vessel, Facility, and Port Security, December 20, 2002 by USCG Headquarters, Standards Evaluation & Analysis Divisions. Source: http://a257.g.akamaitech.net/7/257/2422/14mar20010800/edocket.access.gpo .gov/2002/02-32845.htm [return to top] Gas and Oil Sector 7. December 30, Reuters - U.S. oil above $33 as possible war looms. Oil prices charged higher again Monday as traders bet on a U.S. attack against Iraq early next year and as supplies from OPEC nation Venezuela stayed choked off by a strike now in its fifth week. U.S. light crude futures set a new two-year high in early trade of $33.65 a barrel, up 93 cents from Friday. Prices edged briefly off session highs on word from an OPEC delegate that the oil producer cartel could increase supply in mid-January unless the current market spike subsides by then. Oil has risen more than $5 in December and prices are now more than $10 higher than at the start of 2002. Concerns are growing that costly energy bills could stifle global economic recovery. London Brent crude rose 86 cents to hit $31.02 a barrel, a 15-month high. In Venezuela, opposition leaders extended a nationwide strike into Monday, marking the 29th day of action aimed at forcing the resignation of President Hugo Chavez and early elections. Data from Venezuela's state oil firm PDVSA and independent shippers showed government efforts to break the strike helped boost oil exports to about 520,000 barrels per day (bpd) in the week to Dec. 29 compared with 260,000 bpd in the previous week. Source: http://biz.yahoo.com/rm/021230/markets_oil_2.html [return to top] Telecommunications Sector Nothing to report. [return to top] Food Sector Nothing to report. [return to top] Water Sector 8. December 30, San Francisco Chronicle (California) - Desalination mulled in San Francisco Bay area. Water officials in Marin County, CA, like many coastal areas of the United States, are considering desalination to prevent serious drought in the future. The Marin municipal water district is studying desalination for the waters of San Pablo Bay, which could provide 5 million to 10 million gallons of drinking water a day, enough to serve as many as 30,000 homes a year. Even in the absence of drought, experts say there soon will not be enough water in California available for the number of people moving into the state. Studies have shown that it could cost as much as $100 million to build a plant in Marin and put in pipelines. Source: http://sfgate.com/cgi-bin/article.cgi?f=/c/a/2002/12/30/DESAL.TMP [return to top] Chemical Sector Nothing to report. [return to top] Emergency Law Enforcement Sector December 30, Associated Press - In preparation for the New Year's Eve celebration, the New York City Police Department sealed manholes, removed Times Square mailboxes and described plans to deploy transit officers to subway stations, undercover cops throughout the crowd and snipers to nearby rooftops. The photographs of several foreign-born men sought by the FBI for questioning about possible connections to people involved in terrorism were distributed to officers citywide on Sunday, Police Commissioner Ray Kelly said. New York City is one place where investigators have focused their search for the men, believed to have entered the United States from Canada, but Kelly said there was no other reason to believe the men are in the area. For the celebration, Kelly said "a couple thousand" officers would be on duty, similar to last year, with an added focus on the transit system in midtown and citywide. Bomb squads will sweep Times Square, and participants will be searched as they enter the area. Large bags and alcohol are prohibited. Source: http://www.nytimes.com/2002/12/30/nyregion/30WIRE-SQUAR.html [return to top] Government Operations Sector 9. December 26, New York Daily News - Unmanned drones will guard U.S. coastlines. The Coast Guard is getting up to 70 remote-controlled aircraft that it can launch from its cutters, extending its eyes for miles. The first of the $3 million Eagle Eye drones, which take off like a helicopter but tilt their rotors to fly like a plane, could be on patrol by 2006. "They'd be used for maritime homeland defense, fisheries enforcement, counter-narcotics patrols and possibly for search and rescue," said Coast Guard Cmdr. John Fitzgerald. "Right now, out at sea, you're limited to the range of a helicopter." The Eagle Eye drones can fly up to 220 knots and have a range of 750 nautical miles - 80 percent faster and farther than the Coast Guard's short-range helicopter, the HH-65 Dolphin. Source: http://www.fortwayne.com/mld/newssentinel/4822973.htm 10. December 30, General Accounting Office - Military Readiness: Civil Reserve Air Fleet (CRAF) can respond as planned, but incentives may need revamping. The incentives currently in place to encourage participation in the CRAF program, especially the incentive to participate in DoD's peacetime business, might be losing effectiveness and could become disincentives in the future. Some participants are not able to bid on peacetime cargo business because their fleets do not include B-747s, the predominant aircraft DoD uses for peacetime cargo missions. GAO found that B-747s carried 94 percent of 946 missions flown by commercial aircraft in the first 10 months of fiscal 2002. Furthermore, over 40 percent of recent missions did not use all available space or weight limits aboard B-747s. These missions might have been carried out less expensively with smaller wide-body aircraft. Using smaller aircraft would provide more peacetime business to a greater share of the program participants, thus enhancing current incentives. However, the Air Force does not have sufficient management information to identify options for selecting the best available aircraft type for the mission. Source: http://www.gao.gov/highlights/d03278high.pdf Report: http://www.gao.gov/cgi-bin/getrpt?GAO-03-278 [return to top] Information Technology Sector 11. December 30, Gulf News - Mideast firms urged to focus on e-security. E-security is the prime concern of the Internet driven business environment and Middle Eastern companies should adopt pre-emptive safety measures to save their assets, an United Arab Emirates (UAE) official said yesterday. "The awareness of e-business security issues is admittedly low in the Middle East's corporate world compared with the advanced markets and this is dangerous," said Dr. Omar bin Sulaiman, Chief Executive Officer of the company Dubai Internet City. He was a keynote speaker at the 'E-Security Solutions Exhibition', organized by the students of the Al Ain Women's College (AAWC) located in the city of Al Ain, UAE. Dr. Sulaiman said that most businesses in the Middle East merely react to security threats, rather than assessing risks to manage their security strategically. He said that companies have to make a strategic commitment to ensure effective security. Most of the companies in the Middle East shy away from making this commitment as can be seen in the widespread lack of a security budget. "For companies doing business online, security spending must be an integral part of overall e-business spending." Source. http://www.gulfnews.com/Articles/news.asp?ArticleID=72358 [return to top] Cyber Threats and Vulnerabilities 12. December 30, Canadian Press - Experts say Internet vulnerable to cyber attack. The war on terror and the prospect of hostilities with Iraq have the sentinels of cyberspace bracing for trouble. Experts say it's only a matter of time before someone mounts a concerted, politically motivated attack on the Internet or a piece of computer-dependent infrastructure such as the electrical grid. Despite growing security awareness, especially in the wake of the September 11, 2001, terrorist attacks, many critical systems remain open to intrusion and disruption, authorities in both the private and public sectors agree. "The problem at this point is that the vulnerabilities are so numerous one has a hard time trying to decide where to start," said Andrew McAllister, director of cyber protection at the federal Office of Critical Infrastructure and Emergency Preparedness in Canada. There's no published evidence such a strike has taken place yet, and some experts believe cyber attacks remain more of a nuisance threat for now. The Canadian Security Intelligence Service, responsible for assessing the cyber threat, won't reveal which potentially hostile groups or countries have the capability. Source. http://www.ctv.ca/servlet/ArticleNews/story/CTVNews/1041016567543_364257 67///?hub=SciTech Internet Alert Dashboard Current Alert Levels Internet Security Systems AlertCon: 1 out of 4 https://gtoc.iss.net/ Security Focus ThreatCon: 1 out of 4 http://analyzer.securityfocus.com Last Changed: 26 December 2002 Last Changed: 21 December 2002 Current Virus and Port Attacks Virus: #1 Virus in USA: PE_FUNLOVE.4099 Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports 137(netbios-ns); 80 (http); 1433(ms-sql-s); 445(microsoft-ds); 21(ftp); 443(https); 53(domain); 4662; 139(netbios-ssn); 1524(ingreslock) Source: http://isc.incidents.org/top10.html; Internet Storm Center [return to top] General Information 13. December 30, New York Times - Paris airport worker held after weapons seizure. The French police detained five men on Saturday, including a baggage handler at Charles de Gaulle Airport in whose car weapons, explosives and detonators were discovered, French television reported sunday night. The airport employee was identified only as a French citizen of Algerian origin, 27, and a resident of Bondy, a heavily Muslim neighborhood in the northeast of Paris. According to the report, a search of the man's home led to the arrest of his father and two brothers as well as a family friend. Investigators found an automatic weapon, a machine gun, five packages of plastic explosives and two detonators, according to the report, citing officials involved in the investigation. Agence France-Presse, also citing investigators, said it was unclear whether the baggage handler, who did not have a criminal record, was linked to terrorists or to the underworld. The officials were quoted as saying that the man had no known links to radical Islamic groups. Source: http://www.nytimes.com/2002/12/30/international/europe/30FRAN.html 14. December 28, Denver Post (Colorado) - Wyoming finds third case of CWD. A third case of chronic wasting disease (CWD) has been confirmed in Carbon County, WY a sign the wildlife disease may be spreading. The latest case involved a mule deer shot by a hunter this fall between Laramie and Arlington Wyoming. Statewide 2,100 of the 2,300 samples submitted by hunters have been tested, with about 100 infected deer identified, said Hank Edwards, a Wyoming Game and Fish wildlife disease specialist who tracks chronic wasting disease. The Game and Fish Department will step up its surveillance, Edwards said. Source: http://www.denverpost.com/Stories/0,1413,36%257E53%257E1077435,00.html?s earch=filter [return to top] NIPC Products & Contact Information The National Infrastructure Protection Center (NIPC) serves as a national critical infrastructure threat assessment, warning, vulnerability, and law enforcement investigation and response entity. The NIPC provides timely warnings of international threats, comprehensive analysis and law enforcement investigation and response. The NIPC provides a range of bulletins and advisories of interest to information system security and professionals and those involved in protecting public and private infrastructures. By visiting the NIPC web-site (http://www.nipc.gov), one can quickly access any of the following NIPC products: 2002 NIPC Advisories - Advisories address significant threat or incident information that suggests a change in readiness posture, protective options and/or response. 2002 NIPC Alerts - Alerts address major threat or incident information addressing imminent or in-progress attacks targeting specific national networks or critical infrastructures. 2002 NIPC Information Bulletins - Information Bulletins communicate issues that pertain to the critical national infrastructure and are for informational purposes only. 2002 NIPC CyberNotes - CyberNotes is published to support security and information system professionals with timely information on cyber vulnerabilities, malicious scripts, information security trends, virus information, and other critical infrastructure-related best practices. 2002 NIPC Highlights - The NIPC Highlights are published on a monthly basis to inform policy and/or decision makers of current events, incidents, developments, and trends related to Critical Infrastructure Protection (CIP). Highlights seeks to provide policy and/or decision makers with value-added insight by synthesizing all source information to provide the most detailed, accurate, and timely reporting on potentially actionable CIP matters. IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk