[ISN] Local sites potential targets for cyberterror

From: InfoSec News (isnat_private)
Date: Tue Sep 03 2002 - 02:07:01 PDT

  • Next message: InfoSec News: "[ISN] Hackers Being Jobbed Out of Work"

    Monday, September 2, 2002
    From nuclear plants to gas pipelines to electric utilities, Western
    Washington contains several "critical infrastructure" facilities that
    terrorists might target -- through their computers.
    Two recent incidents have heightened concern about cyberterror
    attacks, and have raised new questions about the capabilities of
    al-Qaida and other terror groups.
    Late last year, FBI agents in San Francisco discovered that
    sophisticated hackers, working from the Middle East, had intruded into
    sites detailing Bay Area emergency telephone service, electrical
    generation and transmission, and the operations of nuclear power
    And last month, federal officials said they detected a series of small
    electronic attacks against U.S. Internet providers, including some in
    Seattle. The initial government alert cited Italian authorities who
    warned that "wide-scale hacker attacks" were planned against U.S.  
    Local officials, from prosecutors to managers of the Columbia
    Generating Station in Richland and the Bonneville Power
    Administration, say they are not aware of any current terrorist
    But those energy-related facilities, along with Seattle City Light and
    the Olympic Pipe Line Co., say they have recently taken more steps to
    secure their systems.
    "For the potential cyberterrorists, we know we have vulnerabilities,"  
    said U.S. Attorney John McKay, the top federal prosecutor in the
    region. "So we're out there in terms of education and prevention."
    McKay has bolstered the office's cybercrime squad to five prosecutors
    and three support staff members, up from two attorneys and one
    staffer. So far, most of the unit's time has been spent on more
    routine cases involving hackers who get into corporate or government
    computer systems.
    Yet, McKay said, "Counterterrorism is our main priority, so preventing
    cyberterror is our main concern there."
    One way to do this is to educate business and utility managers to
    beware of any possible intrusion -- and ensure that they tell
    government investigators, which market-sensitive companies are
    sometimes reluctant to do, said Assistant U.S. Attorney Floyd Short,
    who oversees the cybercrime unit.
    The stakes in the counterterrorism game grew recently when top-level
    government officials conceded that al-Qaida and other like-minded
    terror groups could be close to having the capability to use the
    Internet as a deadly weapon, possibly in connection with more
    conventional attacks.
    Ronald Dick, head of the FBI's National Infrastructure Protection
    Center, recently laid out a terrifying scenario:
    "The event I fear most is a physical attack in conjunction with a
    successful cyberattack on the responders' 911 system or on the power
    grid," Dick recently told a closed-door gathering of security company
    executives, according to The Washington Post.
    In a subsequent interview with the Post, Dick said a coordinated
    attack could mean that "the first responders couldn't get there ...  
    and water didn't flow, hospitals didn't have power. Is that an
    unreasonable scenario? Not in this world. And that keeps me awake at
    In late January, federal officials reported that a photo of the Space
    Needle and of a hydroelectric dam similar to the Grand Coulee Dam were
    found in the rubble of al-Qaida hideouts in Afghanistan.
    That followed a government alert Jan. 24 about possible threats to
    nuclear power plants nationwide, including the Columbia Generating
    Station near Richland.
    Officials with Energy Northwest, which runs the plant, say the plant
    has not received any direct threats, cyber or otherwise -- and further
    that they have security systems in place to handle any that might
    The Nuclear Regulatory Commission did thorough reviews in advance of
    Jan. 1, 2000, when some predicted that a "millennium bug" or attack by
    a doomsday cult would cause havoc. Analysts "determined there were no
    vulnerabilities found" with the computer systems at the Richland plant
    -- the only operational commercial nuclear power plant in the Pacific
    Northwest, said Kelly Butz, an Energy Northwest spokeswoman.
    "Engineer safety systems in place were in fact protecting us from any
    cyberthreat," Butz said.
    The gasoline pipelines that move millions of gallons of fuel through
    the state are also protected from threats, officials say.
    Dan Cummings, a spokesman for BP Pipelines, North America Inc., which
    now operates the Olympic Pipe Line system, said "security
    enhancements" were made on all of their systems -- including their
    computers, which operate the pipeline -- just before Sept. 11.
    Cummings also said Olympic has a backup system ready to be booted up,
    should the main computer system be hit.
    He declined to discuss the specifics of their computer network -- as
    did each of the officials reached at various critical infrastructure
    facilities throughout the state, including officials with Seattle City
    Cummings noted that a pipeline failure could be caused by other types
    of terrorist strikes, such as an attack on the BPA regional electrical
    power grid.
    His point -- that there are significant vulnerabilities of
    interdependence -- recently was pounded home to managers of critical
    infrastructure facilities and law enforcement and other public-safety
    officials at a closed-door meeting sponsored by the newly formed
    Partnership for Regional Infrastructure Security.
    Officials with the regional public-private partnership were hosts of
    the conference June 12 at Welches, Ore., at which possible local
    terrorist acts against critical infrastructure facilities were
    discussed. Such facilities included energy providers or
    telecommunications networks -- and the devastating domino effect that
    an attack on them could have on the ability of other utilities to
    "What if the telecoms aren't working? Pipelines rely on telecoms to
    send signals to regulate flow," said Barry Penner, a member of the
    British Columbia legislative assembly and president of Pacific
    NorthWest Economic Region. "What if the natural-gas supply was
    disrupted for a few days? The electric utilities could be affected."
    Penner's group, which oversees the infrastructure security
    partnership, is a Canadian-American group composed of legislators and
    government, utility and private sector leaders.
    At the end of the conference, the partnership ran a full-day exercise
    called "Blue Cascades," in which officials were asked to respond to a
    simulated attack on the region's electric power supply. The electrical
    failures in the scenario caused telecommunications and natural-gas
    distribution disruptions, as well as threats to the operation of the
    region's water systems and ports.
    A report issued from the conference faulted infrastructure-facility
    authorities for not fully realizing their interdependence and for not
    having plans in place to deal with such possible attacks.
    The report also faulted officials for not recognizing their reliance
    on computers -- and what could happen if their systems were shut down.
    "There was little recognition of the overwhelming dependency upon IT
    (information technology)-related resources to continue business
    operations and execute recovery plans," the report says, "and the need
    for contingency plans in the event of loss or damage to electronic
    "We're vulnerable to concerted terrorist attacks, the acts of yahoos
    or even the weather," Penner said. "We live in the most interdependent
    region in North America. We've got to be better prepared."
    Paula Scalingi, an infrastructure security consultant based in Vienna,
    Va., who designed the Blue Cascades exercise, said that before Sept.  
    11, utility managers usually planned only for "single-point failures"  
    such as natural disasters, which would affect only one plant or
    But if terrorists hit just one critical utility, "you could have a
    domino effect that could basically shut down a region," said Scalingi,
    who formerly was director of the U.S. Department of Energy's Office of
    Critical Infrastructure Protection.
    "Up until September 11, people really have not been aware of how
    interconnected the infrastructures of the country have become,"  
    Scalingi said.
    Scalingi said the news is mixed regarding the threat of
    "Responsible companies are undertaking cybervulnerability assessments,
    and this is good," Scalingi said. "But the determined hacker still has
    the ability to wreak havoc."
    P-I reporter Sam Skolnik can be reached at 206-467-1039 or
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue Sep 03 2002 - 04:29:03 PDT