A spokesperson for the FBI’s National Infrastructure Protection Center (NIPC) said that Tuesday’s horrendous surprise assault on America confirms what some security experts have continuously maintained: "that the threat of cyberterrorism is far outweighed by the threat posed to the U.S. homeland by traditional, more violent forms of terrorism." In a report published only a year ago, the National Commission on Terrorism expressed that the tactics and goals of the world’s terrorist organizations remain low-tech. "A growing percentage of terrorist attacks are designed to kill as many people as possible," the report stated. "Guns and conventional explosives have so far remained the weapons of choice for most terrorists." These latest attacks support their conclusion that terrorist groups have yet to demonstrate they value the relatively bloodless outcome of a cyberattack on the nation’s critical infrastructures. Rather than shift to cyberattacks, terrorists are opting more for "scale" and "smarter targeting." As this appears to be the case, where current emergency management plans do not exist, the emergency first response community must lead their municipalities in developing a quality plan for managing large-scale emergencies. The Critical Infrastructure Protection Information Center (USFACIPIC) advises that planning include proactive measures to protect the community’s critical infrastructures. The USFACIPIC also recommends that the plan(s) be rehearsed or exercised when completed. Terrorism preparedness materials are available (free of charge) from the United States Fire Administration’s Publication Center (800-561-3356 or 301-447-1189).
Terrorist Threat Advisory
As a result of the 11 September attacks, the FBI issued a terrorist threat advisory effective through 11 October 2001, at which time the advisory will expire unless extended. The FBI has no information of any specific threats directed against additional targets or critical infrastructures in the United States. However, all infrastructure owners and operators should be at a heightened state of alert and should implement appropriate physical and cyber security measures. The FBI has activated its Strategic Information and Operations Center (SIOC) at FBI headquarters in Washington, D.C. Additional information regarding these events will be disseminated as appropriate through the National Threat Warning System. Should anyone receive or develop any information pertaining to this matter they should contact their local FBI office immediately. Additionally, a 24-hour hotline has been established to receive information relevant to the WTC and Pentagon incidents. Those with information regarding these or other terrorist acts should report them immediately to the hotline at 1-866-483-5137.
Matrix.Net, which analyzes Net traffic at thousands of critical Internet nodes, said that damage to the Internet’s infrastructure following the collapse of the WTC towers rapidly caused a drop in Internet connectivity and the inaccessibility of many major websites. But the company said data shows the nation’s main Internet Infrastructure, nodes and backbones, quickly returned to near normal. The outages that occurred were generally because servers could not handle the increased traffic. Regardless of the limited effects on this infrastructure, a computer security analyst said "increasing cybersecurity is a must with actions like this." John Pescatore, a National Security Agency analyst with Gartner Inc. said: "Pulling the plug from the Internet would be prudent, especially if agencies do not have cyberattack response measures in place."
USFACIPC Weekly Lexicon: Intranet (adapted from the Critical Infrastructure Glossary of Terms by the Critical Infrastructure Assurance Office)
A private network for communications and sharing of information that, like the Internet, is based on the use of common communications protocols, but is accessible only to authorized users within an organization. It is always protected from external access by a firewall.
The National Infrastructure Protection Center (NIPC) has been designated as the central point of notification for information system disruptions and intrusions. Members of the emergency response community are requested to report any incidents involving their systems. There are three ways to report these attacks:
1) NIPC - Voice: 202-323-3205, Fax: 202-323-2079, Web: http://www.dhs.gov/files/programs/editorial_0827.shtm