[ISN] Corporate America now on front lines of war on terror

From: InfoSec News (isnat_private)
Date: Tue Sep 10 2002 - 00:17:54 PDT

  • Next message: InfoSec News: "[ISN] Philippines cracks hacker ring"

    Forwarded from: William Knowles <wkat_private>
    SEPTEMBER 09, 2002
    A year ago this week, America was attacked by a global enemy that has
    demonstrated its determination to use any means at its disposal to
    wreak havoc and fear, damage the economy and compel the nation to
    withdraw from the international community.
    In that regard, Sept. 11, 2001, will be remembered as a colossal
    failure for international terrorism, say government and private-sector
    security experts.
    Rather than leaving the country in a state of stunned inaction, the
    attacks triggered what many security experts say was long overdue: a
    nationwide effort to bolster homeland security and critical
    infrastructure protection - a concept that has placed private
    companies on the front lines of national defense.
    "It's never been done before," said Steve Cooper, CIO at the White
    House's Office of Homeland Security, referring to the massive
    integration effort now under way to help improve security information
    sharing among government agencies and the hundreds of private
    companies that own and operate 90% of the nation's critical systems.  
    "We must do it, and we can do it," said Cooper, speaking Aug. 19 at a
    government symposium on homeland security.
    Perception Game
    However, proponents of critical-infrastructure protection,
    particularly in the area of cybersecurity, face many of the same
    challenges that terrorism experts encountered prior to Sept. 11: Few
    in the private sector perceive that there's an imminent threat to the
    digital homeland, and fewer still acknowledge terrorists' ability to
    and willingness to adapt their tactics to take advantage of America's
    digital Achilles' heel - its information networks.
    Every so-called critical infrastructure in the U.S., from
    telecommunications to transportation, banking and energy, relies on
    computers and computer networks, National Security Adviser Condoleezza
    Rice said in March last year during her first major policy address on
    the topic.
    "Corrupt those networks, and you disrupt this nation," she said.  
    "Today, the cybereconomy is the economy."
    "The terrorists in the Sept. 11 event had the patience to plan [and]
    the foresight and the understanding of the infrastructure that could
    be used to simultaneously or sequentially disrupt the infrastructure
    electronically," said Paula Scalingi, former director of critical
    infrastructure protection at the U.S. Department of Energy. "That
    could cause a major regional failure in this country. There's no
    question that that's doable."
    Game of Dominoes
    The reality of the threat to the nation's critical infrastructure,
    particularly in the areas of power, telecommunications and emergency
    services, was demonstrated in June when the federal government
    co-sponsored an exercise known as Blue Cascades. Dozens of government
    and private-sector representatives from five U.S. states in the
    Pacific Northwest and three Canadian provinces confronted the very
    real potential for cascading infrastructure failures resulting from
    combined physical and cyberterrorist incidents.
    The results were chilling. Simulated terrorist attacks disrupted the
    region's electric power grid, causing power outages that spread
    quickly to other Western states and lasted for more than a week,
    according to exercise coordinators. The exercise also included
    simultaneous physical and cyberdisruptions of the region's
    telecommunications and natural gas distribution systems, as well as a
    threat to a major municipal water system and the region's ports.
    Once the electric grid is disrupted, the other infrastructures that
    businesses and government agencies rely on for their day-to-day
    operations, including telecommunications, transportation, emergency
    services, hospitals and law enforcement, begin to fall like dominoes,
    according to the final report on the lessons learned from the
    "Communications without intelligence is noise;  Intelligence
    without communications is irrelevant." Gen Alfred. M. Gray, USMC
    C4I.org - Computer Security, & Intelligence - http://www.c4i.org
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue Sep 10 2002 - 02:55:24 PDT