Deep Politics Forum
Life In The Time Of False-Flag Operations: This One Cyber-Terror. - Printable Version

+- Deep Politics Forum (https://deeppoliticsforum.com/fora)
+-- Forum: Deep Politics Forum (https://deeppoliticsforum.com/fora/forum-1.html)
+--- Forum: Black Operations (https://deeppoliticsforum.com/fora/forum-9.html)
+--- Thread: Life In The Time Of False-Flag Operations: This One Cyber-Terror. (/thread-1839.html)



Life In The Time Of False-Flag Operations: This One Cyber-Terror. - Peter Lemkin - 21-07-2009

9/11 and Cyberterrorism
Did the real "cyber 9/11" happen on 9/11?

by James Corbett
.
Global Research, July 17, 2009
The Corbett Report

Government sources immediately began blaming North Korea for the recent cyberterror attacks on South Korea and the U.S., despite having no evidence to back up those claims.[1] Now, an examination of the evidence by independent computer experts show that the attack seems to have been coordinated from the UK.[2] The hysterical media coverage in the attack's wake, however, echoing the government line that it was likely the work of North Korea, has served to cement in the minds of many that this was an act of cyberwarfare.

The idea that this surprisingly unsophisticated attack[3] could have come from a well-organized, hostile state or terrorist group comes as a blessing in disguise to those groups, agencies and advisors who have been calling for greater and greater federal snooping powers in the name of stopping a "cyber 9/11" from happening.

The "cyber 9/11" meme stretches back almost to 9/11 itself. Back in 2003, Mike McConnell, the ex-director of the National Security Agency (NSA), was fearmongering over the possibility of a cyber attack "equivalent to the attack on the World Trade Center" if a new institution were not created to oversee cyber security.[4] Since then, report[5] after report[6] has continued to use the horror of 9/11 as a way of raising public hysteria over "cyber terrorism," a subject more often associated with juvenile hackers and lone misfits than radical terrorist organizations.

The real reason behind the invocation of 9/11 in the context of "cyber terror" was revealed last year by Harvard law professor Lawrence Lessig. He told a technology conference that former counterterrorism czar Richard Clarke admits there is a cyber equivalent of the constitution-destroying Patriot Act ready to be rubber stamped into law; all it requires is a "cyber 9/11" to make such legislation politically viable.[7] In effect, the cyber security establishment-the advisors, agents and experts in the newly-minted multi-billion dollar cyber security industry[8]-are waiting for a spectacular cyber terrorist attack to go ahead with plans for 'identity management' schemes like fingerprinting for internet access which would put an end to the free Internet as we have known it.[9]

What the cyber security establishment does not want you to know is that the most incredible cyber terrorist story of all time began 15 years ago. And it centers on 9/11. The establishment is interested in suppressing this story because it demonstrates that the very investigative bodies that are clamoring for more power on the pretext of the "cyber terror" hysteria are the exact same bodies that failed to investigate the documentable links between government-designated terrorists and a software company with direct access to some of the most sensitive computer systems in the United States. FBI agents whose investigation into this story were suppressed have even said that these investigations could have prevented 9/11.

It is a story of international terror and terrorist financiers. It stretches from New England to Saudi Arabia and involves businessmen, politicians and terror networks. And it begins in the most unlikely of places: the offices of an enterprise architecture software firm in Quincy, Massachusetts.

Enterprise Architecture: The God's-Eye View of Systems and Infrastructure

"Enterprise architecture software" refers to a computer program that allows someone to look at all of the data produced throughout an organization's structure in real time. This effectively gives the program user a god's-eye view of an enterprise, allowing for the mapping, visualization and analysis of all transactions, interactions, systems, processes and personnel in the entirety of a business or agency. This type of software could, for example, be used for robust business modeling, allowing for extremely detailed and accurate projections of how changes in an organization's structure or processes would effect a business' bottom line. What would happen if two departments were merged, for example, or if a business were to outsource one of its processes.

As this software began to mature in the 1990s, however, it went from a merely useful tool to something truly incredible. Sophisticated enterprise architecture software could, for example, examine all of the transactions taking place across a financial institution in real time and examine that data for possible money laundering operations or rogue traders. Such software could even have potentially detected and identified the insider trading leading up to 9/11.[10] Combined with rudimentary a.i. capabilities, such a program would not only be able to alert the appropriate personnel about such transactions, but even stop them as they are happening. If the software were sophisticated enough, it may even be able to identify the possibility of such transactions before they happen.

The utility of such software for organizations of all stripes should be obvious enough. It is unsurprising, then, that numerous government agencies and powerful corporations were hungry for this software in the 1990s. A surprising number of them, including DARPA, the FBI, the Secret Service, the White House, the Navy, the Air Force, the FAA, NATO, IBM, Booz Allen Hamilton and Price Waterhouse Coopers (amongst many others) turned to a small New England-based software firm called Ptech.[11]

Ptech: Not Your Average Software Firm

Ptech was founded in Quincy, Mass. in 1994 and by 1996 had secured a contract with DARPA to help transfer commercial software methodologies to the defense sector.[12] In 1997, it gained security clearance to bid on sensitive military contracts and bid on work for a range of other government agencies.[13] Within four years Ptech had built up a stable of clients that would make any third-party software vendor green with envy. From the inner sanctum of the White House to the headquarters of the FBI, from the basement of the FAA to the boardroom of IBM, some of the best-secured organizations in the world running on some of the most protected servers housing the most sensitive data welcomed Ptech into their midst. Ptech was given the keys to the cyber kingdom to build detailed pictures of these organizations, their weaknesses and vulnerabilities, and to show how these problems could be exploited by those of ill intent. For all of its incredible success, however, many of the firm's top investors and employees were men with backgrounds that should have been raising red flags at all levels of the government.

The firm was founded on $20 million of startup money, $5 million of which was provided by Yassin al-Qadi[14], a wealthy and well-connected Saudi businessman who liked to brag about his acquaintance with Dick Cheney.[15] He also had connections to various Muslim charities suspected of funding international terrorism.[16] In the wake of 9/11 he was officially declared a Specially Designated Global Terrorist by the U.S. government and his assets were frozen.[17] At the time, Ptech's owners and senior management denied that al-Qadi had any involvement with the company other than his initial investment, but the FBI now maintains they were lying and that in fact al-Qadi continued investing millions of dollars in the company through various fronts and investment vehicles. [18] Company insiders told FBI officials that they were flown to Saudi Arabia to meet Ptech's investors in 1999 and that al-Qadi was introduced as one of the owners.[19] It has also been reported that Hussein Ibrahim, Ptech's chief scientist, was al-Qadi's representative at Ptech[20] and al-Qadi's lawyers have admitted that al-Qadi's representative may have continued to sit on Ptech's board even after 9/11.[21]

Ibrahim himself was a former president of BMI, a New Jersey-based real estate investment firm that was also one of the initial investors in Ptech and provided financing for Ptech's founding loan. Ptech leased office space and computer equipment from BMI[22] and BMI shared office space in New Jersey with Kadi International, owned and operated by none other than Ptech's sweetheart investor and Specially Designated Global Terrorist, Yassin al-Qadi.[23] In 2003, counterterrorism czar Richard Clarke said: "BMI held itself out publicly as a financial services provider for Muslims in the United States, its investor list suggests the possibility this facade was just a cover to conceal terrorist support." [24]

Suheil Laheir was Ptech's chief architect. When he wasn't writing the software that would provide Ptech with detailed operational blueprints of the most sensitive agencies in the U.S. government, he was writing articles in praise of Islamic holy war. He was also fond of quoting Abdullah Azzam, Osama Bin Laden's mentor and the head of Maktab al-Khidamat, which was the precursor to Al-Qaeda.[25]

That such an unlikely cast of characters were given access to some of the most sensitive agencies in the U.S. federal government is startling enough. That they were operating software that allowed them to map, analyze and access every process and operation within these agencies for the purpose of finding systemic weak points is equally startling. Most disturbing of all, though, is the connection between Ptech and the very agencies that so remarkably failed in their duty to protect the American public on September 11, 2001.

Ptech on 9/11: The Basement of the FAA

For two years prior to 9/11, Ptech was working to identify potential problems or weaknesses in the FAA's response plans to events like a terrorist hijacking of a plane over U.S. airspace. According to their own business plan for their contract with the FAA, Ptech was given access to every process and system in the FAA dealing with their crisis response protocols. This included examining key systems and infrastructure to analyze the FAA's "network management, network security, configuration management, fault management, performance management, application administration, network management and user desk help operations." [26] In short, Ptech had free reign to examine every FAA system and process for dealing with the exact type of event that was to occur on 9/11. Even more incredible, researcher Indira Singh points out that Ptech was specifically analyzing the potential interoperability problems between the FAA, NORAD and the Pentagon in the event of an emergency over U.S. airspace.[27]

Ptech also presumably had operational information about the systems that the FAA, NORAD and others employed during crisis response exercises like Vigilant Guardian[28], the NORAD exercise that was taking place on 9/11 and included simulations of hijacked jets being flown into New York[29] and hijacked jets being flown into government buildings.[30] This is significant because there is every indication that just such drills were confusing NORAD's response to the real hijackings that were taking place that day. As researcher Michael Ruppert points out, a rogue agent with access to a Ptech backdoor into the FAA's systems could have been deliberately inserting fake blips onto the FAA's radars on 9/11[31]. That scenario would explain the source of the phantom Flight 11 that the FAA reported to NORAD at 9:24 a.m. (well after Flight 11 had already hit the World Trade Center)[32], a report whose source the 9/11 Commission claims they were unable to find.[33]

In short, Ptech's software was running on the critical systems responding to the attacks of 9/11 on 9/11 itself. The software was designed for the express purpose of giving its users a complete overview of all the data flowing through an organization in real time. The father of enterprise architecture himself, John Zachman, explained that with Ptech-type software installed on a sensitive server "You would know where the access points are, you'd know how to get in, you would know where the weaknesses are, you'd know how to destroy it."[34]

Stifled Investigations

In the late 1990s, Robert Wright-an FBI special agent in the Chicago field office-was running an investigation into terrorist financing called Vulgar Betrayal.[35] From the very start, the investigation was hampered by higher-ups; the investigation was not even allocated adequate computers to carry out its work.[36] Through Wright's foresight and perseverance, however, the investigation managed to score some victories, including seizing $1.4 million in U.S. funds that traced back to Yassin al-Qadi.[37] Wright was pleased when a senior agent was assigned to help investigate "the founder and the financier of Ptech", but the agent did no work and merely pushed papers during his entire time on the case.[38]

Shortly after the 1998 African embassy bombings, Vulgar Betrayal began to uncover a money trail linking al-Qadi to the attack.[39] According to Wright, when he proposed a criminal investigation into the links, his supervisor flew into a rage, saying "'You will not open criminal investigations. I forbid any of you. You will not open criminal investigations against any of these intelligence subjects." Wright was taken off the Vulgar Betrayal investigation one year later and the investigation itself was shut down the following year.

In the aftermath of 9/11, Indira Singh-a risk management conultant for JP Morgan-was looking for enterprise architecture software to implement the next generation of risk management at the financial juggernaut. Impressed by their client list, Singh invited Ptech to demonstrate their software. It wasn't long before she began discovering the connections between Ptech and international terrorist financing. She worked exhaustively to document and uncover these links in an effort to persuade the FBI in Boston to open their own investigation into Ptech, but she was told by one agent that she was in a better position to investigate this than someone inside the FBI.[40] Despite the persistent efforts of Singh and the testimony of company insiders, the FBI did not inform any of the agencies contracting with Ptech that there were concerns about the company or its software.

In late 2002, Operation Green Quest-a Customs Department-led multi-agency investigation into terrorist financing-raided Ptech's offices due to its ties to al-Qadi and others.[41] The very same day of the raid White House Press Secretary Ari Fleischer declared the company and its software safe.[42] Mainstream news articles defending Ptech after the story broke, however, blithely admit that the company was informed of the raid weeks in advance, hoping perhaps that readers will not notice that his completely defeats the purpose of such a raid or calls into question its results.[43] Eventually, Michael Chertoff led an effort to give the FBI total control over Greenquest, leading to Customs officials accusing him of sabotaging the investigation.[44] No indictments were laid in the immediate aftermath of the Ptech raid against al-Qadi or anyone else related to the company. Chertoff went on to become the head of Homeland Security.

The 9/11 Commission Report, obviously, does not mention Ptech. Given the incredible information about this company and its links to Specially Designated Global Terrorist Yassin al-Qadi, this is perhaps surprising. This startling omission becomes more ominous however, when it is understood that the 9/11 Commission co-chair, Thomas Kean, made $24 million dollars off a land deal with al-Qadi linked organization BMI.[45]

For over a decade, investigations into Ptech, its employees and its investors have been stifled, suppressed or derailed by people in key positions. But all of that finally changed this week.

A Break in the Case

On Wednesday, the Boston Field Office of the FBI unsealed a 2007 indictment of Oussama Ziade, Ptech's former CEO, and Buford George Peterson, the former CFO and COO.[46] The indictment charges that the pair knowingly lied to investigators about the extent of al-Qadi's investments and ties with Ptech. Another unsealed indictment, this one from 2005, alleges Ziade attempted to engage in transactions involving al-Qadi's property, a federal offence as al-Qadi was a Specially Designated Global Terrorist at the time. If the pair are convicted on the charges, they face 30 years in prison and a $1 million fine.

Whether this represents a significant breakthrough in the case and the beginning of the official unraveling of the Ptech story will likely depend on whether political pressure is brought to bear by an informed public who are concerned with this story. Given that the public has been whipped into cyber-hysteria over the North Korean figments of the government's imagination, it will require the media to stop parroting the government's talking points and begin informing the public about the very real, documentable links between terrorist financiers and the technological capability to override key emergency response systems on 9/11.

Two questions remain to be answered: Did the real "cyber 9/11" happen on 9/11? And will the public care enough to demand the answer to that question? If the answer to either question is 'yes,' concerned readers are advised to download the mp3 file of Episode 045 of The Corbett Report podcast, "Ptech and the 9/11 software," and begin distributing it to others to bring awareness to this incredible story.[47]

Notes

[1] http://antifascist-calling.blogspot.com/2009/07/behind-cyberattacks-on-america-and.html
[2] http://blog.bkis.com/?p=718
[3] http://www.wired.com/threatlevel/2009/07/mydoom/
[4] http://www.smh.com.au/cgi-bin/common/popupPrintArticle.pl?path=/articles/2003/04/21/1050777200225.html
[5] http://www.nationalterroralert.com/updates/2008/04/10/michael-chertoff-cyber-terror-threats-on-par-with-911/
[6] http://voices.washingtonpost.com/securityfix/2009/04/digital_pearl_harbor_cyber_911.html
[7] http://www.infowars.net/articles/august2008/050808i911.htm
[8] http://www.nytimes.com/2009/05/31/us/31cyber.html?_r=1
[9] http://www.csmonitor.com/2005/0602/p01s04-ussc.htm
[10] http://www.business.uiuc.edu/poteshma/research/poteshman2006.pdf
[11] http://en.wikipedia.org/wiki/Ptech
[12] http://www.govexec.com/archdoc/rrg96/0996rrg5.htm
[13] http://www.islamicsupremecouncil.org/CMS/Topics/insideUS/1218159502002.htm
[14] http://www.boston.com/news/daily/03/ptech.htm
[15] http://www.saudia-online.com/newsoct01/news30.shtml
[16] http://www.historycommons.org/context.jsp?item=a91qlimoney#a91qlimoney
[17] http://ustreas.gov/press/releases/po689.htm
[18] http://boston.fbi.gov/dojpressrel/pressrel09/bs071509.htm
[19] http://www.historycommons.org/context.jsp?item=a99alqadiptech#a99alqadiptech
[20] http://www.historycommons.org/context.jsp?item=a94ptechbmi#a94ptechbmi
[21] http://www.historycommons.org/context.jsp?item=a99alqadiptech#a99alqadiptech
[22] http://www.boston.com/news/daily/03/ptech.htm
[23] http://www.investigativeproject.org/documents/case_docs/81.pdf
[24] http://www.investigativeproject.org/documents/testimony/77.pdf
[25] http://www.frontpagemag.com/readArticle.aspx?ARTID=8245
[26] http://www.fromthewilderness.com/free/ww3/012705_ptech_pt2.shtml
[27] ibid.
[28] http://www.911readingroom.org/whole_document.php?article_id=278
[29] http://hcgroups.wordpress.com/2009/06/14/two-days-before-911-military-exercise-simulated-suicide-hijack-targeting-new-york/
[30] http://www.boston.com/news/packages/sept11/anniversary/wire_stories/0903_plane_exercise.htm
[31] http://www.fromthewilderness.com/free/ww3/012705_ptech_pt2.shtml
[32] http://www.911blogger.com/node/19181
[33] http://www.msnbc.msn.com/id/5233007
[34] http://www.nationalcorruptionindex.org/pages/profile.php?profile_id=6
[35] http://www.laweekly.com/2004-08-26/news/a-vulgar-betrayal
[36] http://www.foxnews.com/story/0,2933,54070,00.html
[37] http://www.apfn.org/apfn/Wtc_whistleblower3.htm
[38] http://www.historycommons.org/context.jsp?item=a0498nowork#a0498nowork
[39] http://web.archive.org/web/20021220054102/http://www.abcnews.go.com/sections/primetime/DailyNews/FBI_whistleblowers021219.html
[40] http://www.911blogger.com/2005/07/indira-singh-ptech-researcher.html
[41] http://archives.cnn.com/2002/US/Northeast/12/06/ptech.raid/
[42] http://www.forbes.com/2002/12/06/cx_ah_1206raid.html
[43] http://www.boston.com/news/daily/03/ptech.htm
[44] http://www.newsweek.com/id/58250/output/print
[45] http://www.insider-magazine.com/911Kean.pdf
[46] http://boston.fbi.gov/dojpressrel/pressrel09/bs071509.htm
[47] http://www.corbettreport.com/index.php?ii=88&i=Documentation


Life In The Time Of False-Flag Operations: This One Cyber-Terror. - Ed Jewett - 21-07-2009

Originally compiled and posted by me:


[Image: e_pub.gif] Cheney, The OODA Loop, and 9/11
Mar 21 2006, 09:08 PM

[Image: e_pub.gif] OODA, Rumsfeld, TIA, NSA
Mar 25 2006, 01:45 AM

[Image: e_pub.gif] The OODA Loop & CyberSecurity on 9/11
Mar 25 2006, 07:08 PM


Life In The Time Of False-Flag Operations: This One Cyber-Terror. - Peter Lemkin - 21-07-2009

Ed Jewett Wrote:Originally compiled and posted by me:


[Image: e_pub.gif] Cheney, The OODA Loop, and 9/11
Mar 21 2006, 09:08 PM

[Image: e_pub.gif] OODA, Rumsfeld, TIA, NSA
Mar 25 2006, 01:45 AM

[Image: e_pub.gif] The OODA Loop & CyberSecurity on 9/11
Mar 25 2006, 07:08 PM

"enmesh [the] adversary in a world of uncertainty, doubt, mistrust, confusion, disorder, fear, panic, chaos . . . and/or fold [him] back inside himself so that he cannot cope with events/efforts as they unfold." - Yeah, that sounds like most of what they dish-out to us from false-flag ops to so-called news and political patter.


Life In The Time Of False-Flag Operations: This One Cyber-Terror. - Carsten Wiethoff - 15-08-2009

There is an interesting book by Dan Verton, called "Black Ice: The Invisible Threat of Cyber-Terrorism" ISBN-13: 978-0072227871

Much of it is readable on
http://books.google.de/books?id=zEatA49UJPMC&dq=dan+verton+blac+ice&printsec=frontcover&source=bn&hl=de&ei=0CuGSuOKM9OQsAax-tHtBw&sa=X&oi=book_result&ct=result&resnum=4

To get an idea, here is testimony of the author before the
Subcommittee on Terrorism, Technology and Homeland Security
United States Senate Committee on The Judiciary
.

from http://attrition.org/errata/sec-co/danverton-02-testimony.html

As one reader pointed out, it takes a lot of balls to sit in front of congress hawking your book (mentioning it three times as if Congressman didn't hear it the first two). Another pointed out it was "ethically questionable" to which another replies, "that sums up Verton quite well".

Testimony of Mr. Dan Verton
Author
February 24, 2004
PRINTABLE VERSION
Feb. 24, 2004
Statement for the Record of Dan Verton Author, Black Ice: The Invisible Threat of Cyber-Terrorism (McGraw-Hill/Osborne, 2003) On "Virtual Threat, Real Terror: Cyberterrorism in the 21st Century " Before the Subcommittee on Terrorism, Technology and Homeland Security United States Senate Committee on The Judiciary Washington, D.C.

Good afternoon Chairman Kyl, Ranking Member Feinstein and Members of the Subcommittee. I want to thank you for the honor of appearing before you today to discuss what I believe is an urgent national security matter and I applaud your leadership in this area. Although I do not consider myself a technical expert, I have a professional background in intelligence and information security, and I¹m the author of a recently published book by McGraw-Hill titled Black Ice: The Invisible Threat of Cyber-Terrorism that goes into detail regarding the subject of today¹s hearing and has been endorsed by some of the nation¹s leading authorities in critical infrastructure protection, terrorism and information security, including the president¹s two former chief cyber security advisors, Richard Clarke and Howard Schmidt. My statement for the record, which I will summarize for you now, is based primarily on my research for Black Ice and some of my more recent work in this area. I would like to address the following three questions:
1. What is the nation¹s current level of vulnerability to cyber-terrorism?
2. What is al-Qaeda¹s capability to conduct cyber-terrorism?
3. What are the potential implications of a combined physical and cyber-terrorist attack against U.S. critical infrastructures?

1. What is the nation¹s current level of vulnerability to cyber-terrorism? Before any meaningful discussion can be conducted about the nation¹s vulnerability to cyber-terrorism, it is important to understand that there is no longer any separation between the physical, real world, and the cyber-world. Computers and computer networks control real things in the real world. And many of those ³things² are critical infrastructures, such as electricity, drinking water and real-time financial transactions that have implications for both public safety and the national economy. And this understanding must lead us to a new, more flexible definition of the term cyber-terrorism. We can no longer view cyber-terrorism with blinders on, choosing only to consider the acts of somebody sitting behind a computer and hacking or disrupting the operation of other computers or networks as cyber-terrorism. If we learned anything from 9/11 it was that traditional physical forms of terrorism can have massive cyber ramifications that can severely impair the functioning of the nation¹s economy * an economy that is almost wholly dependent on the uninterrupted operation of a fragile, privately owned and operated digital infrastructure. Likewise, it is just as important for us to recognize that there is no longer such a thing as an insignificant vulnerability. When vulnerabilities exist, regardless of how minor we may think they are, they open the door to the unexpected and the unanticipated. This is particularly true in the realm of information technologies, where hidden interdependencies exist throughout the nation¹s critical infrastructures. And it is an unprecedented level of interdependency that accounts for the nation¹s current level of vulnerability to cyber-terrorism, in both its physical and its electronic forms. Today every infrastructure or sector of the economy is potentially the Achilles heel of other infrastructures and economic sectors. For example, there is little question about the critical role of electric power in the operation of all sectors of the economy, the dependence of the electric industry on natural gas, the dependence of reliable telecommunications on electric power, the dependence of financial, government, and emergency services operations on both electric power and telecommunications, and the potential impact from prolonged failures of these infrastructures on drinking water and transportation systems. And the interdependence and potential for the type of cascading failure I am describing here stems from the confluence of the physical world and the cyber world. Perhaps one of the most important areas where an unprecedented level of vulnerability has existed for years and still exists today is in the widespread adoption of wireless technologies. Although there are proven methods and security systems available for protecting wireless networks, they are not always understood and deployed properly, if at all. In my research I have found evidence of unprotected wireless networks in use at the following infrastructure settings: hospitals; airline baggage checking systems at some of the largest U.S. air carriers; railroad track heating switches; uranium mining operations; water and wastewater treatment facilities; security cameras; and oil wells and water flood operations. Supervisory Control and Data Acquisition systems, or SCADA systems, are in many ways the crown jewels of some of the nation¹s most important industrial control settings, such as the electric power grid. But they are not * as their name might imply * built upon secret, proprietary technology. To the contrary, modern design specifications for SCADA systems, which I have documented through both personal interviews with experts and through open-source research on the Internet, presents us with the frightening reality that the SCADA systems being used in our nation¹s critical infrastructures are nothing more than high-end commercial PCs and Servers running Microsoft Corp. operating systems. In other words, the genie is out of the bottle and has been for years in terms of understanding how to disrupt or corrupt the operations of SCADA systems. Today, it¹s simply a matter of gaining access. And as I have also documented in my research, gaining access to SCADA systems for the purpose of causing widespread chaos, confusion and economic damage is increasingly becoming a mere formality for professional hackers, virus and worm writers, and terrorist-sponsored saboteurs. The energy industry has acknowledged the existence of these linkages and the imperative of protecting SCADA systems from unauthorized access. In December 2001, for example, the American Gas Association and the Gas Technology Institute met in Washington, D.C., to discuss the need for improved encryption to protect SCADA communications between key nodes in the natural gas grid. One of the slides used during the two days of presentations highlights the threats posed to SCADA communications from the use of commercial computer equipment, open communication protocols that are widely published and available to anybody, linkages and reliance on the public switched telephone network, and the ability to steal the hardware. In addition, a recent network architecture plan released by a major company in the water and wastewater industry included the following requirements for its SCADA systems: Peer-to-peer networking over TCP/IP (Transmission Control Protocol/ Internet Protocol^Ëin other words, the Internet); software changes that can be downloaded from any node on the network; dial-in capabilities to all software functions; and a link to the existing pump station. Consider the following additional examples, which I document in my book, Black Ice; The Invisible Threat of Cyber-Terrorism: The U.S. railroad system¹s increasing use of wireless technologies may present one of the most immediate dangers to both national security and local safety. Given the system¹s long, winding network of radio, telephone, and computer assets, voice and data communications networks provide vital links between train crews, trackside monitoring and repair staff, and rail control centers. Total control of the massive network is accomplished through a communication system that integrates trackside maintenance telephones, trackside transponders, security cameras and monitors, passenger information displays, public announcements, the public telephone network, radio bases, and control center consoles. However, wireless SCADA systems are increasingly providing the management glue that keeps all of these systems running together. In the colder regions of the country, underground heaters keep the rails from freezing in winter. These operations are also being controlled and monitored by wireless SCADA computers. The use of modern technology in this case means that in the case of a failure, railroads no longer have to dispatch technicians in the dead of winter to remote locations where heating switches are usually located. However, it also means that the security of these switching operations may now have a new series of security challenges to deal with. This is of particular concern given the dangerous nature of some train cargo. The City of Brighton, Michigan, is one example. Brighton is a city of only 6,500. But that population skyrockets to more than 70,000 each day due to a thriving business district and a boom in hotel space. However, beneath the streets of Brighton is a water and wastewater system that is controlled in part by wireless technology. The remote terminals monitor pump run time, pump failures, flood sensors, high water level alarms, and power, as well as site intrusion alarms and manually activated panic buttons. The utility also planned to equip work vehicles with a controller connected to a laptop computer. ³With critical data now available at just the click of a mouse, the laborious, time-consuming, and often hazardous, need for utility workers to make daily rounds to check pump status at each of the lift stations is a thing of the past,² claimed marketing material from one of the contractors responsible for installing the equipment. The mobile controller would then allow utility engineers to monitor the waste water system while they¹re driving around the city. Uranium mining operations in Wyoming extract uranium from the soil through a process by which water is injected into the ground. Because of the contamination, remote terminals are necessary to control and manage the pumps that move the water and extract the uranium. Commercial PC-based remote workstations now support critical monitoring functions, such as pump failure, pump status, temperature, speed, and even the pump¹s on/off condition. But the security implications are enormous. When pumps lose power, water pressure starts building up in the plant. Software has been programmed to automatically reset certain pumps to get the pressure out as fast as possible. And it¹s all being done in the name of cost-effectiveness. In states throughout the Midwest, one can find oil wells arranged in a twelve-mile-diameter circle. They are part of what¹s known in the vernacular of the oil industry as a ³water flood² operation. However, with such a large number of pumps and holding tanks to manage, drilling companies are increasingly turning their attention to wireless SCADA systems to monitor critical functions of the operation, including emergency systems that are designed to ensure environmental safety. For example, wireless SCADA systems are used to monitor pressure and flow rates in both oil and water pipelines. When flow rates drop below normal levels, the system is designed to turn on additional pumps. In addition, if pipeline pressure or tank levels exceed normal operating limits the system will turn various pumps off. They are also used to monitor tank levels and overflow pit levels ^Ëa critical safety indicator that could have environmental consequences if it fails. And as in the case of the 911 emergency systems, oil well managers and technicians also have remote dial-in connection capabilities. For the most part, these dire warnings have gone unheeded by the private- sector companies that own and operate these infrastructure systems. Senior executives view such scenarios as something akin to a Hollywood movie script. However, throughout the entire post-September 11-security review process, a process that continues to this day, administration experts and other senior members of the U.S. intelligence community were quietly coming to the conclusion that they were witnessing the birth of a new era of terrorism. Cyberspace, with its vast invisible linkages and critical role in keeping America¹s vital infrastructures and economy functioning, was fast becoming a primary target and a weapon of terror. Mr. Chairman, my fear is that the next time we have a massive power failure, such as we experienced on Aug. 14, 2003 it will not be a self-inflicted wound, but potentially a terrorist-induced failure that is quickly exploited by suicide bombings, rampaging gunmen or chemical and biological attacks against those stranded in the subway systems. The Genie Is Out of the Bottle Figure 1. This is a photo taken from a publicly available Web site that depicts the most sensitive natural gas pipeline interconnection point in the U.S. What¹s interesting about this Web page is that it is completely interactive, not only allowing the user to zoom into great detail, but also providing latitude and longitude coordinates and detailed terrain/man-made landmarks. Figure 2 Detailed, street-level maps of metropolitan area fiber networks are also available online, and include building and company names through which these high-speed interconnections pass. Other Sensitive Data Available on Government & Corporate Web Sites 1. Detailed maps depicting the termination points along the entire Eastern Seaboard for all long-haul undersea fiber lines. 2. Maps depicting the storage locations of all spent nuclear fuel waste in the U.S. 3. Telecommunications network maps from which the location of current and planned critical facilities and nodes can be derived. 4. One telecom company offered location information for all of the company¹s five data centers, as well as a virtual tour inside a ³typical² center, including a description of all security systems used to protect the facility. 5. Detailed descriptions by IT companies of deployment case studies involving SCADA systems. 6. Load-bearing capacities of elevators in large office buildings as well as location of ventilation and air conditioning systems. 7. Number of people employed at certain office buildings as well as maps and interactive photos of building and facility layout. 2. What is al-Qaeda¹s capability to conduct cyber-terrorism? My goal in answering this question is to convince you and others in government to think differently about the future, and particularly, about the future of international terrorism. The high-tech future of terrorism is inevitable. And like the events leading up to the Sept. 11, 2001 terrorist attacks (events that dated back 8 years), we are beginning now to see the indications and warnings that international terrorism is evolving its tactics to meet the new operational realities it faces around the world and to better achieve its strategic goals. Before we can tackle the question of al-Qaeda¹s capabilities in terms of conducting cyber-terrorism, it is imperative that we as a nation come to terms with the fact that terrorism is in a constant state of evolution. Terrorist tactics and modes of operation change and adapt over time, albeit very slowly and often imperceptibly. It is also imperative that we accept that terrorism has never only been about terror. There have always been and will always be socio-political and economic warfare aspects to international terrorism that speak directly to the potential employment of cyber-terrorist tactics. Al-Qaeda¹s view of cyber-terrorism and its history in using information technologies is a case in point. But here, again, we face a significant perception problem. The picture that most Americans form in their minds when they think of al-Qaeda or of terrorists in general is a picture of a mindless horde of thugs living a hand-to-mouth existence in caves in Afghanistan. But this picture says nothing of the educated elite that forms the inner circle of the group¹s command and control, it says nothing of the technical support available on the open market in the form of out of work intelligence experts from a host of nations, and it says nothing of the threat posed by the continued radicalization of young people all over the world * young people who are studying computer science and mathematics and who may find it more advantageous to strike out directly at the U.S. economy than to strap explosives around their waste and walk into a crowded café. That said, there is already ample evidence to suggest that the current generation of al-Qaeda terrorists understand the usefulness of attacking the U.S. cyber infrastructure. For example, L¹Houssaine Kherchtou, a 36-year-old Moroccan, was one of al-Qaeda¹s early trainees in high-tech methods of surveillance during the early to mid 1990s. He attended electronics training conducted in a guesthouse owned by Osama bin Laden on Fey Street in Peshawar, Pakistan. The electronics Lab was run by Abu al-Alkali and Salem the Iraqi. When he arrived, however, he informed his superiors that he did not have any background in electronics. A short time later, a more senior instructor arrived and informed Kherchtou that a degree in engineering was required to attend electronics training. This is not the picture of a mindless horde of thugs. This is the picture of a thinking enemy that values formal training and education. In November 2002, I interviewed Sheikh Omar Bakri Muhammad, the leader of a London-based organization known as al-Muhajirun. Prior to the September 11, 2001 terrorist attacks, an FBI memo written by agent Kenneth Williams and e-mailed to the FBI¹s Washington headquarters on July 10, 2001, noted a connection between Middle Eastern men enrolled in Phoenix-area flight schools and Bakri¹s organization in London. This should have been no surprise since Bakri, a Syrian-born Muslim cleric, refers to al-Muhajirun as ³the mouth, eyes, and ears² of bin Laden and claims to speak on behalf of bin Laden¹s International Islamic Front for Jihad Against Jews and Crusaders. Furthermore, Bakri was one of several individuals in 1998 to receive a letter faxed from Afghanistan from bin Laden that outlined four objectives for a jihad against the U.S., including the hijacking of airliners. Also included in the fax was a statement urging Muslims to ³force the closure of their companies and banks.² But my interview with Bakri in 2002 was the first example of a high profile, radical Islamic cleric speaking about the usefulness of cyber attacks in support of bins Laden¹s global Jihad. According to Bakri: ^À "In a matter of time, you will see attacks on the stock market." ^À ³I would not be surprised if tomorrow I hear of a big economic collapse because of somebody attacking the main technical systems in big companies." ^À "The third letter from Osama bin Laden^Êwas clearly addressing using the technology in order to destroy the economy of the capitalist states. This is a matter that is very clear." Osama bin Laden has also spoken in these terms. According to Hamid Mir, editor of the Ausaf newspaper, ³Hundreds of young men had pledged to him that they were ready to die and that hundreds of Muslim scientists were with him and who would use their knowledge in chemistry, biology and ranging [sic] from computers to electronics against the infidels.² Bin Laden has also instructed his followers that ³It is important to hit the economy of the United States, which is the base of its military power. If the economy is hit they will become preoccupied.² Since the start of the U.S. War on Terrorism, a significant amount of evidence has been unearthed throughout Afghanistan and various other al-Qaeda hideouts around the world that indicates terrorism may be evolving toward a more high-tech future at a faster rate than previously believed. In January 2002, for example, U.S. forces in Kabul discovered a computer at an al-Qaeda office that contained models of a dam, made with structural architecture and engineering software. The software would have enabled al-Qaeda to study the best way to attack the dam and to simulate the dam¹s catastrophic failure. In addition, al-Qaeda operatives apprehended around the world acknowledged receiving training in how to attack key infrastructures. Among the data terrorists were studying was information on SCADA systems. Despite all of the mounting evidence that suggests al-Qaeda is evolving toward the use of cyber-weapons, the terrorist group that started us down this path and that has posed the greatest threat of all terrorist groups to U.S. national security remains somewhat of a mystery. But the War on Terrorism has helped uncover some of the hidden trends. Al-Qaeda cells now operate with the assistance of large databases containing details of potential targets in the U.S. They use the Internet to collect intelligence on those targets, especially critical economic nodes, and modern software enables them to study structural weaknesses in facilities as well as predict the cascading failure effect of attacking certain systems. But the future may hold something quite different. The three driving factors behind al-Qaeda¹s operations^Ëintent, resources, and opportunity^Ëall point to the future use of cyber-tactics. First, the intent of Osama bin Laden is clear. He wants to cripple the economy of the U.S. as a means to force the withdrawal of U.S. military personnel from Saudi Arabia and curtail economic and military support for Israel. The targeting of corporate America and the digital economy is clear in this regard. Second, the growing number of technologically sophisticated sympathizers, especially among Muslim youth, is providing al-Qaeda with a steady stream of new talent in the use of offensive cyber-weapons. In addition to the younger generations of hackers and virus writers, al-Qaeda and other radical Islamist movements can count on the intelligence services of various rogue nations who now and in the future will find themselves in the crosshairs of the U.S. military. Finally, America continues to present al-Qaeda and other radical Islamist groups with ample economic targets in cyberspace, thus driving these groups toward the increased use of cyber-tactics. Unless current trends are reversed and America¹s digital economy is no longer a target of opportunity, terrorist groups around the world will continue to dedicate time and resources to studying ways to integrate cyber-weapons into their operations. 3. What are the potential implications of a combined physical and cyber-terrorist attack against U.S. critical infrastructures? The blackout of August 14, 2003 notwithstanding, the danger stemming from this unprecedented level of infrastructure interdependency was proven during the first major infrastructure interdependency exercise, which took place in November 2000 in preparation for the 2002 Winter Olympics in Utah. Known by its code name, Black Ice, the simulation was sponsored by the U.S. Department of Energy and the Utah Olympic Public Safety Command. The goal was to prepare federal, state, local, and private-sector officials for the unexpected consequences of a major terrorist attack or a series of attacks throughout the region, where tens of thousands of athletes and spectators from around the world would gather. When it was over, Black Ice demonstrated in frightening detail how the effects of a major terrorist attack or natural disaster could be made significantly worse by a simultaneous cyber-attack against the computers that manage the region¹s critical infrastructures. Without going into the details of the exercise, the conclusions drawn by the exercise participants are startling. Estimates showed the loss of electric power throughout a five-state region and three provinces in Canada for at least one month. Other estimates went as far as several months. The important lesson is that Black Ice showed the growing number of critical interdependencies that exist throughout the various infrastructure systems and how devastating combined cyber-attacks and physical attacks can be. It proved for the first time that the terrorist¹s mode of attack is irrelevant when it comes to cyber-terrorism. Terrorist groups that want to amplify the chaos and confusion of physical attacks or directly target the economy can succeed by launching traditional-style terrorist assaults against the nation¹s cyber-infrastructure. According to the final report on the lessons learned from exercise Black Ice and a follow on exercise code-named Blue Cascades, government and private-sector participants ³demonstrated at best a surface-level understanding of interdependencies and little knowledge of the critical assets of other infrastructures, vulnerabilities and operational dynamics of these regional interconnections, particularly during longer-term disruptions.² Moreover, most companies and government officials failed to recognize their own ³overwhelming dependency upon IT-related resources to continue business operations and execute recovery plans,² according to the report. As is evident from the following paragraph, the detailed findings of the Hart-Rudman task force confirmed the findings of the Black Ice and Blue Cascades exercises. Sixty percent of the Northeast¹s refined oil products are piped from refineries in Texas and Louisiana. A coordinated attack on several key pumping stations^Ëmost of which are in remote areas, are not staffed, and possess no intrusion detection devices^Ëcould cause mass disruption to these flows. Nearly fifty percent of California¹s electrical supply comes from natural gas power plants and thirty percent of California¹s natural gas comes from Canada. Compressor stations to maintain pressure cost up to $40 million each and are located every sixty miles on a pipeline. If these compressor stations were targeted, the pipeline would be shut down for an extended period of time. A coordinated attack on a selected set of key points in the electrical power system could result in multi-state blackouts. While power might be restored in parts of the region within a matter of days or weeks, acute shortages could mandate rolling blackouts for as long as several years. Spare parts for critical components of the power grid are in short supply; in many cases they must be shipped from overseas sources
[end quote]