The NIPC Watch and Warning Unit compiles this report to inform recipients of issues impacting the integrity and capability of the nations critical infrastructures.
Rules to rein in airport closings approval required in security breach . Procedures outlined in Transportation Security Administration (TSA) memos dated 23 May call for airport security managers to obtain permission from their supervisors before evacuating concourses. Futher, airport security managers are required to talk with airlines and local law enforcement before stopping flights from taking off. ''We wanted to ensure that they consider the full range of options before evacuating,'' TSA spokeswoman Mari Eder says. ''TSA just wants senior management involved in making these decisions.'' The policy of getting approval before evacuating terminals and recalling aircraft looks to be temporary since the TSA intends to replace ''interim federal security representatives'' with federal security directors by the end of the year. The directors, already in place at 42 airports, will function like airport police chiefs and have the power to order evacuations. ( USA Today, 3 Jul) El Al security. El Al Airlines, which carries about 3 million passengers a year, is considered the most secure airline in the world because it must be, according to airline analysts and those who work for the Israel-based carrier. Although El Al has been successful in stopping hijackings and bombings, it is shooting attacks, like the one at Los Angeles International Airport on 4 July, El Al has found most difficult to prevent. El Al passengers are likely to be observed from the moment they leave their vehicle and will be interviewed by trained security personnel prior to checking in to their flight. During the interview, ticket holders are also psychologically evaluated, with close attention paid to respondents' tone of voice, mood and body language. The information is sent by computer to international law enforcement agencies, such as Interpol or Scotland Yard, for instant evaluation. Boarding is prohibited if there are any doubts about a passenger. Security also extends beyond the ticket gate. El Al planes are heavily guarded at all times, even during cleaning and maintenance. All El Al pilots are veterans of the Israeli air force and are trained in hand-to-hand combat and handling weapons, although they do not carry guns in the cockpit. Cockpit doors are bulletproof and are controlled by a keypad from inside. At least two armed, undercover air marshals are on board every El Al flight. El Al goes to great lengths to guarantee its passengers' safety because it has no other choice, said Isaac Yeffet, the carrier's former head of security. "Remember, we are dealing with a sophisticated enemy," he said. (CNN, 4 Jul; Associated Press, 5 Jul) WWU Comment: Although US carriers operate in an environment different from El Al, some security practices could be adopted by US carriers and airport operators. These include increased security and monitoring of aircraft during maintenance and cleaning, and more thorough passenger screening using both technology and human factor evaluation. Interestingly, El Al favors armed air marshals over armed pilots. Finally, recognition of the adversary's sophistication requires an appropriately comprehensive analysis of threats and mitigation. Much remains to be done on US security, analysts say. With aviation the focus of the early response to the terrorist attacks, the government now needs to focus on other weak spots in the system. At the top of many lists of the nation's vulnerabilities is the cargo carried by planes, trains, trucks and ships. In many ways, protecting the waterfront - and the 95 percent of imports and exports that travel by container ship - is an even more daunting challenge than securing the skies. Additionally, a coordinated bioterrorism plan is needed among federal, state and local health authorities, including a nationwide communications and early warning network. Other administration critics and analysts say even less attention has been paid to other types of high-risk facilities such as refineries, petrochemical plants, pipelines and even liquid natural gas terminals. Terrorists may be more likely to seek these "softer targets," or avenues with the fewest obstacles, because they are more interested in the fear and psychological harm they inflict than the number of casualties they cause. (Baltimore Sun, 1 Jul) Con Edison endorses single electricity market for Northeast. Consolidated Edison Co. of New York has joined with other transmission owners in New York and New England to recommend that the Federal Energy Regulatory Commission (FERC) take action to enhance the development of competitive wholesale electricity markets in the Northeast. The filing calls for the development of a single, wholesale power market in the Northeast through one or more entities known as Regional Transmission Organizations (RTOs). If implemented, this action would create a single day-ahead electricity market, stretching from Maine to northern Virginia, and a single, or closely coordinated real-time electricity market in the same area. Both the day-ahead and real-time markets would depend on common or compatible software. (Utility Automation, 3 Jul) Yaha worm: do you have it? The Yaha worm is creeping near the top of some virus incidence charts, but is it really hitting Australians? Reports from organizations such as Message Labs and Central Command have found that the Yaha worm is near the top of their virus lists. UK-based managed security provider Message Labs lists Yaha (W32/Yaha.E-mm) in its top five viruses on its Web site. First captured mid-June, Message Labs statistics show it stopped the worm 60,000 times, in more than 97 countries, according to its Web site. It ranks the Netherlands, Great Britain and the US as the top three countries for the Yaha worm. Yaha-E is described as a worm which spreads via e-mail, that can be variable and contain a spoofed from field which means the source of the e-mail displayed by the user's e-mail client isn't necessarily the e-mail's genuine origin, according to Sophos Australian Web site. (Cnet News, 3 Jul) WWU Comment: Currently, US commercial anti-virus vendors are rating this worm as LOW. IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk
