InfoGram

This page may contain links to non-U.S. government websites. What this means to you »

April 12, 2001

NOTE: This InfoGram will be distributed weekly to provide members of the emergency services sector with news and information concerning the protection of their critical information systems. For further information please contact the U.S. Fire Administration's Critical Infrastructure Protection Information Center at (301) 447-1325 or email at usfacipc@dhs.gov

Government Systems Increasingly Falling Prey to Hackers

Hackers are succeeding in gaining control of Federal, State, and Local Government computer systems at increasing frequency. "The growing number of root compromises, denial-of-service attacks, network reconnaissance activities, destructive viruses and malicious code, coupled with the advances in attack sophistication, pose a measurable threat to government systems at all levels," said Sallie McDonald, an assistant commissioner at the U.S. General Services Administration (GSA). All levels of government are going to find themselves in "deep trouble" if their IT security procedures are not immediately improved, warned Rep. Billy Tauzin (R-LA), chairman of the House Energy and Commerce Committee. "We are not surprised or pleased by what we are finding," said Rep. James Greenwood (R-PA). Even more alarming, he added, is the fact that many attacks are not detected. The greatest concern here for first responders is that the electronic technology controlling essential critical infrastructure services such as water, electricity, communications, and transportation may become prime targets for malicious hackers who want to disrupt the life of municipalities. The GSA maintains that the majority of these intrusions can be avoided if elected and appointed public servants ensure the IT systems within their area of responsibility are updated on a monthly basis.

Some Guidance from the Trenches

The System Administration, Networking, and Security (SANS) Institute provides a full regimen of advanced training to Information Technology (IT) security managers. Guidance from SANS comes from the trenches of IT security and reflects the best practices recommended by cyber experts today. The following is just a sampling of their most important recommendations for consideration by fire and emergency leaders:

  1. A strong commitment from senior leadership to provide sufficient resources to get the work done and to support security policies and procedures.
  2. A well-defined security policy with a well-developed awareness training program.
  3. A properly trained and accountable IT security manager.
  4. The right tools to do the job such as host-based and network-based auditing tools; firewall, filtering, and proxying tools; one-time password tools; remote access and authorization tools, etc.
  5. The installation of an intrusion detection system (IDS) as appropriate.
  6. Regular automated system audit checks complemented by random security audit checks.

Outsourcing as a Security Management Solution

Rich Smith, a former federal IT official, believes most government agencies face a similar set of security issues. Local, State, and Federal Government organizations "need to manage security that encompasses a large variety of technologies which are not easy to grasp," he said. Smith asks, "how do we manage all the things we have?" There is a lack of resources in government. Money is relatively scarce and there is an even greater shortage of people with adequate IT expertise. In some cases, "security is perceived as too complex to deal with and it ends up on the back burner or ignored." In other cases, the amount of security related data is too overwhelming. For this reason a number of agencies have begun to outsource security where appropriate. Smith anticipates that more management systems are required to keep IT security meaningful and successful. "Several government agencies don't really know where the vulnerabilities are in their systems, and even when they do it's difficult for them to manage the corrective action needed," he said. Fire and emergency service departments that are not prepared to deal with the size and scope of comprehensive IT systems security can also consider outsourcing as a security management solution.

Will blackouts Occur Here?

While most officials in a 50-state survey by the Associated Press say they expect to have enough power, utilities are sprucing up their systems, pitching conservation to customers, and searching for ways around likely power grid bottlenecks when humming air conditioners produce peak demands this summer. In board rooms, power plants, and state and local government offices, they're holding strategy sessions on how to deal with the unexpected, which is sure to strike somewhere. "The bad news is that the situation in California is not isolated," says Energy Secretary Abraham. "Electricity demand rose 3.6 % last year and is expected to climb 2.3% this year." The safety margins to deal with peak load demand on the hottest days have been shrinking, according to the electricity industry's North American Reliability Council. Although this is threatening to electrical infrastructures nationwide, the worst problems this summer are expected in the West. Outside the West, the greatest concern about potential blackouts is in New York, where transmission logjams could place New York City short of power on long, hot summer days. However, industry officials quickly remind that other major U.S. cities are not immune to blackouts. The nation's network of high-voltage transmission lines is barely keeping pace with the new competitive electricity markets, experts say. "Power at times can't find a highway on which to travel where it is needed." In a competitive market where power is being bought and sold across the country, transmission lines now "are carrying much more capacity than they were designed for," says Robert Shenker, an expert at the Electric Power Research Institute. First responders at those locations where blackouts occur will be contending with inoperable traffic signals, etc., which may affect the safety and expedience of their operations.

USFACIPC Weekly Lexicon: Bridge

(adapted from the Critical Infrastructure Glossary of Terms by the Critical Infrastructure Assurance Office)

A device that connects two networks or network segments; similar to a router but protocol-independent.

Disclaimer of Endorsement

The U.S. Fire Administration/EMR-ISAC does not endorse the organizations sponsoring linked websites, and does not endorse the views they express or the products/services they offer.

Fair Use Notice

This INFOGRAM may contain copyrighted material that was not specifically authorized by the copyright owner. EMR-ISAC personnel believe this constitutes "fair use" of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond "fair use," you must obtain permission from the copyright owner.

Reporting Notice

DHS and the FBI encourage recipients of this document to report information concerning suspicious or criminal activity to DHS and/or the FBI. The DHS National Operation Center (NOC) can be reached by telephone at 202-282-9685 or by email at NOC.Fusion@dhs.gov.

The FBI regional phone numbers can be found online at www.fbi.gov/contact/fo/fo.htm

For information affecting the private sector and critical infrastructure, contact the National Infrastructure Coordinating Center (NICC), a sub-element of the NOC. The NICC can be reached by telephone at 202-282-9201 or by email at NICC@dhs.gov.

When available, each report submitted should include the date, time, location, type of activity, number of people and type of equipment used for the activity, the name of the submitting company or organization, and a designated point of contact.

RSS FeedWeekly INFOGRAM's are now available as an RSS Feed. More Information »