July 5, 2001
NOTE: This InfoGram will be distributed weekly to provide members of the emergency services sector with news and information concerning the protection of their critical infrastructures. For further information please contact the U.S. Fire Administration's Critical Infrastructure Protection Information Center at (301) 447-1325 or email at usfacipc@dhs.gov.
A convicted terrorist testified on 3 July that top aides to Islamic militant Osama bin Laden helped prepare him for a bombing attack on the Los Angeles International Airport. The Los Angeles Times reported that he and other guerrillas trained in bin Laden's war camps for strikes at numerous U.S. targets. This individual further testified in detail about how several men and women in Afghanistan camps financed by bin Laden were taught to attack electrical power grids, airports, railroads, large corporations, hotels, and military installations.
"Cybersecurity is slipping," a panel of security experts told U.S. lawmakers at a June hearing of the Joint Economic Committee. The biggest threat is cyber warfare sponsored by foreign governments, said Lawrence K. Gershwin, an officer of the CIA's National Intelligence Council. Mr. Gershwin said many modern nations have enough backing for "the future prospect of causing widespread, long-duration damage to critical U.S. infrastructures." According to a Government Computer News article, the committee's ranking Senate Republican, Senator Robert F. Bennett of Utah, said observers have missed the forest for the trees. "The complex issues of cybersecurity and infrastructure protection are overshadowed by the attention paid to hacking exploits and website defacements." Senator Bennett continued that "for the next five to ten years the U.S. is particularly vulnerable to those nations with the discipline, commitment, and resources to attack our nation's critical infrastructures."
The System Administration, Networking, and Security Institute (SANS) recently disclosed that the threat to critical Internet resources from distributed denial of service attack tools continues to increase. Members of the Institute believe an effective emergency communications network may be of great value if damage is done to both the Internet and to phone systems. Therefore, SANS is looking for ham and packet radio operators who are willing to take a leadership role to help establish and maintain an emergency communication channel. If you are qualified and interested, please send an electronic message telling SANS about your ham radio and computer security activities. Send it to info@sans.org with Emergency Communications Network in the subject line.
As the demand by emergency first responders for information grows, so does the demand for speed and convenience. To perform emergency rescue operations efficiently, more and more people will require access to a department's cyber systems. Experts from the Computer Security Institute (CSI) indicated that when more people are provided access into these systems, then the chances are greater for security breaches. Clearly, departments will need an effective way to let the right people into their systems. The CSI experts recommend authentication, authorization, and accountability (AAA or "triple A") as the means to ensure the right people are the only ones who enter a department's cyber systems.
Denial of service (DOS) attacks on the web pages belonging to fire and emergency service departments will eventually begin - if not already started. To prevent DOS attacks, many agencies have installed two basic defenses: a firewall and an intrusion detection system. These two defensive systems are reactive measures that shut down part or most of an attack. However, just like PC antivirus software, both systems must constantly be updated.
A change made to data, code, or a file so it no longer can be read or accessed without processing or decrypting. The process of encryption is roughly synonymous with encoding.
The U.S. Fire Administration/EMR-ISAC does not endorse the organizations sponsoring linked websites, and does not endorse the views they express or the products/services they offer.
This INFOGRAM may contain copyrighted material that was not specifically authorized by the copyright owner. EMR-ISAC personnel believe this constitutes "fair use" of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond "fair use," you must obtain permission from the copyright owner.
DHS and the FBI encourage recipients of this document to report information concerning suspicious or criminal activity to DHS and/or the FBI. The DHS National Operation Center (NOC) can be reached by telephone at 202-282-9685 or by email at NOC.Fusion@dhs.gov.
The FBI regional phone numbers can be found online at www.fbi.gov/contact/fo/fo.htm
For information affecting the private sector and critical infrastructure, contact the National Infrastructure Coordinating Center (NICC), a sub-element of the NOC. The NICC can be reached by telephone at 202-282-9201 or by email at NICC@dhs.gov.
When available, each report submitted should include the date, time, location, type of activity, number of people and type of equipment used for the activity, the name of the submitting company or organization, and a designated point of contact.
Weekly INFOGRAM's are now available as an RSS Feed. More Information »
Last Reviewed: Historical Document
Happy New Year! Add this resolution to the top of your list: test all home smoke alarms each month - starting today! January 1, 2013 @ 10:04 AM ET
U.S. Fire Administration, 16825 S. Seton Ave., Emmitsburg, MD 21727 | USNG: 18SUJ00529652
(301) 447-1000 Fax: (301) 447-1346 Admissions Fax: (301) 447-1441
