High-tech terror
It is the stuff of bad made-for-TV movies: A disgruntled former employee of an Australian manufacturer of telemetry equipment hacks into a shire’s wastewater control system and releases hundreds of thousands of gallons of raw sewage into area streams. The effluent fouls a nearby resort, kills fish and other marine life, and briefly makes life miserable for local residents.
Maroochy Shire, Queensland, Australia, learned the hard way how vulnerable computer systems can be to malicious attacks. And while there is no evidence the attack was political in nature, city and county governments in the United States must be increasingly alert to potential cyber-terrorism.
Local governments have not yet been plagued by cyber-terrorist attacks, but the risk of such an attack is very real. As cyber-terrorists become more sophisticated, local governments must react accordingly. They must understand the threats, take measures to protect themselves and determine how they will respond if an attack occurs.
According to a 2002 survey by the San Francisco-based Computer Security Institute and the FBI, 90 percent of large U.S. corporations and government agencies had detected computer security breaches in the previous 12 months. Not surprisingly, cyber-terrorism is among the top three concerns of city governments, according to a recent survey by the Washington, D.C.-based National League of Cities (NLC).
Cyber-terrorism, in general, involves the misuse of information technology to further a political cause. That misuse can range from destroying information or interrupting online transactions to altering criminal-records data or controlling systems at a nuclear power plant.
The Internet is a likely means of attack, because it can provide easy access to computer systems and data. Hackers can spread computer viruses or access and corrupt information and processes. A cyber-terrorist who, by becoming a government employee or contractor, gains direct access to systems, networks and data, is an even greater threat.
Local governments constitute a growing concern among security experts. Only 43 percent of large cities and 26 percent of all cities have developed strategies to address cyber-terrorism, according to the NLC study.
Protecting against cyber-terrorism starts with an overarching computer security policy. Such a policy specifies the value of computer systems and the processes they control, as well as the level of risk for each system and process. That enables local governments to determine how much time and resources to invest in protecting the systems.
A security policy also should specify the technologies and procedures that will provide the protection. Security likely will include antivirus software, firewalls, intrusion detection and data backup systems. The policy also should include details such as how employees identify themselves and how often they must change passwords.
In addition, develop a communication plan. Depending on the attack, an agency may need to communicate with local law enforcement, federal agencies such as the FBI and response organizations such as the Computer Emergency Response Team (CERT) of Carnegie Mellon University in Pittsburgh.
The number of computer security breaches is on the rise: CERT tracked 82,094 incidents in 2002 and 42,586 in just the first quarter of 2003. It is only a matter of time before an attack is aimed at a city or county government.
The author is chief security advisor and managing principal of the worldwide enterprise security practice for Blue Bell, Pa.-based Unisys.
