FBI Warns Infrastructure Vulnerable to Cyber-Attacks

[InfoSec News <isn () C4I ORG>]

http://www.washingtonpost.com/wp-dyn/articles/A31203-2001Mar20.html

By David A. Vise
Washington Post Staff Writer
Tuesday, March 20, 2001; 3:01 PM

Federal facilities, electric power plants and other portions of the
nation's critical infrastructure are highly vulnerable to potential
cyber-attacks from terrorist groups, rogue nations, disgruntled
employees and hackers, the new head of the FBI's cyber-crime fighting
unit said today.

Ronald L. Dick said that a cyber-attack seriously could damage the
nation's economy without closer cooperation among federal agencies and
better coordination between corporate America and the FBI-led,
multi-agency National Infrastructure Protection Center (NIPC). More
than 5,000 public and private sector sites have been identified as
critical and vulnerable, according to the NIPC's Leslie G. Wiser Jr.,
an FBI veteran.

"Information warfare is obviously something the United States, the
National Security Council, the Department of Defense, the CIA, the FBI
and our private sector partners are very concerned with. We are
picking up signs that terrorist organizations are looking at the use
of technology," he said, adding that while no attacks thus far have
succeeded in disrupting the flow of goods and services, the likelihood
of economic disruption in the future is significant.

Dick, who introduced a new, high-level NIPC team including
representatives from the CIA and the Defense Department, said there
are about 1,400 active investigations into cyber-crime with the number
mounting daily. He also said there are at least 50 new computer
viruses generated weekly that require attention from federal law
enforcement officials or the private sector to prevent damage and
losses.

Notwithstanding the external threat from terrorists, Dick said the
biggest immediate problem facing many companies is a lack of
appropriate safeguards to prevent former employees who maintain
computer access from attacking computer systems vital to commerce.
"The biggest threat is the disgruntled employee who can do tremendous
damage," he said.

The NIPC, has been hampered by behind-the-scenes power struggles among
various federal agencies, including on-going difficulties between the
Department of Defense and the FBI over which agency ought to be in
charge of protecting the nation's critical infrastructure. Both Dick
and Rear Admiral James B. Plehal, a naval reserve commander who was
named deputy director of the NIPC today, said they are determined to
diminish the friction and enhance cooperation.

"My technology background consists of a 17-year-old son," Plehal said.
"All of what we do concerns relationships. . . . We at DOD need to
better demonstrate our commitment."

Dick concurred about the need for improved cooperation among federal
agencies. "Anytime that you create something new there are problems
getting the right people on board," he said. "I want to instill a new
sense of ownership and urgency. The true success in being able to deal
with these issues is building partnerships."

In addition to growing to about 100 people including representatives
from the National Security Agency, the Air Force, the Commerce
Department and the Department of Energy the NIPC has established ties
with 946 individual representatives from corporations and other
entities that have joined its global information-sharing network. Out
of those, 503 have been granted "secure access" to sensitive data
necessary for battling cyber-crime. The private sector also has
established industry groups of its own in technology,
telecommunications, financial services and other sectors that interact
with the FBI and the NIPC.

However, one major remaining hurdle for the the NIPC is that numerous
business executives fear that involvement with the FBI will hurt their
enterprises by bringing public attention to cyber-problems that might
otherwise be addressed privately.

FBI Director Louis J. Freeh said today that Dick, who has been with
the bureau for 24 years, is the right person to lead the NIPC through
the next phase of its growth. Dick, who studied accounting in college
but has investigated everything from violent crimes to drug crimes to
financial fraud, most recently headed the NIPC's computer
investigations unit.

"Ron Dick has a wealth of experience," Freeh said.

Dick is replacing Michael Vatis, the founding head of the NIPC, who
left the FBI recently to pursue opportunities in the private sector.

"He is one of those unique individuals who can see, over the hill,
where we have been and where we need to go," Dick said of Vatis. "Mike
and a number of people here in the past were truly visionary. The
bureau has never done this before. This is uncharted territory."

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".