Panetta says cyber attackers accessed controls for critical US infrastructure
In a blunt admission designed to prod action, Defense Secretary Leon Panetta Thursday night told business executives there has been a sudden escalation of cyber terrorism and that attackers have managed to gain access to control systems for critical infrastructure.
In a speech in New York City, Panetta said the recent activities have raised concerns inside the U.S. intelligence community that cyber terrorism might be combined with other attacks to create massive panic and destruction on par with the Sept. 11, 2001 attacks.
“These attacks mark a significant escalation of the cyber threat. And they have renewed concerns about still more destructive scenarios that could unfold,” he said. “For example, we know that foreign cyber actors are probing America’s critical infrastructure networks.
“They are targeting the computer control systems that operate chemical, electricity and water plants, and those that guide transportation throughout the country,” he added. “We know of specific instances where intruders have successfully gained access to these control systems. We also know they are seeking to create advanced tools to attack these systems and cause panic, destruction, and even the loss of life.”
Current and former U.S. officials tell the Washington Guardian that U.S. investigators have growing evidence that Iran was behind a recent wave of cyber attacks, particularly those that temporarily paralyzed energy interests in two Middle East countries that are key U.S. allies.
Panetta stopped short in his speech of formally accusing Iran but left no doubt America has strong suspicions about Tehran. "Iran has also undertaken a concerted effort to use cyberspace to its advantage," he declared.
Panetta’s speech came as the Obama administration is pressing ahead with its own cyber security measures using executive powers after reaching a stalemate with congressional Republicans and their business allies over sweeping legislation to change the nation’s cybersecurity posture.
“This is a pre-9/11 moment,” Panetta told the business executives, referring to the period before the terror attacks 11 years ago when signs of a mounting threat were overlooked. “The attackers are plotting. Our systems will never be impenetrable, just like our physical defenses are not perfect. But more can be done to improve them. We need Congress, and we need all of you, to help in that effort.”
Panetta, who has been sounding alarm for month about the potential for a "Cyber Pearl Habor", gave unusually blunt description of three recent attacks --- one against U.S. financial interests and two against Middle East energy interests – that have raised the alarm. Defense officials said classified information was declassified so Panetta could give specific details about the nature of the attacks.
The defense secretary, who previously served as President Obama’s CIA director, said consecutive attacks on Saudi Arabia’s ARAMCO oil company and Qatar’s Ras Gas known launched by a virus known as Shamoon were “probably the most
destructive attack that the private sector has seen to date. “
“Shamoon included a routine called a 'wiper,' coded to self-execute. This routine replaced crucial system files with an image of a burning U.S. flag. It also put additional “garbage” data that overwrote all the real data on the machine. The more than 30,000 computers it infected were rendered useless, and had to be replaced,” Panetta explained.
The defense secretary offered an assessment of possible future doomsday scenarios feared by U.S. intelligence in which cyber terrorism could be combined with waves of attacks.
“An aggressor nation or extremist group could gain control of critical switches and derail passenger trains, or trains loaded with lethal chemicals. They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country.,” he said.
“The most destructive scenarios involve cyber actors launching several attacks on our critical infrastructure at once, in combination with a physical attack on our country,” he added. “Attackers could also seek to disable or degrade critical military systems and communications networks.”
Replies
By Scott Stewart
The terrorist tradecraft discussed in last week’s Security Weekly does not happen in isolation. The practitioners of terrorist tradecraft conduct their activities in the midst of other people — the authorities attempting to identify them and thwart their plans as well as civilians. Terrorist tradecraft also does not remain static. It is constantly evolving. These changes are prompted not only by countermeasures put in place to prevent terrorist attacks but also by advances in technology — a powerful force that can serve to either nullify old tradecraft practices or to provide new tools to the purveyors of terror.
Terrorism is an enduring reality. While geopolitical changes may cause a shift in the actors who employ terrorism as a tactic, terrorism will continue to be used no matter what the next geopolitical cycle brings. It is, and will continue to be, a tactic used by militant actors who want to confront a militarily superior enemy. Focusing on the tradecraft used in attacks and charting its changes and trends not only permits observers to understand what is happening and why but also provides an opportunity to forecast what is coming next.
Documents
In the early terrorist plots of the late 1800s, many of the foundational tradecraft requirements were aided by the general simplicity of the times. Among the foundational tradecraft requirements discussed last week was procuring identification documents. Public records were very sparse, did not usually contain people’s photographs and tended to be decentralized and not easily searched. (This is still true in some parts of the world today, such as in Afghanistan and Somalia.) There were no universal identification cards such as driver licenses, because automobiles had not yet become common. Passports and visas were not widely required for travel until after World War I, and even then the records of passport and visa issuance as well as traveler entries and exits were localized, hand-written entries into ledgers and were hard to search.
During this time, it was not difficult for Irish Fenian, nihilist or anarchist terrorist actors to travel, rent safe-houses or raise and transfer funds. Communication was certainly more difficult for everyone at that time — authorities as well as terrorists. The mail system was slow, and while telegrams could be sent quickly, they were seen by many people. Law enforcement agencies did not communicate or coordinate very well across jurisdictional lines within one country, much less on an international scale.
During World War I, concerns over spies and saboteurs caused important changes to international travel, including stricter passport and visa requirements. This also had an impact on terrorist actors, such as Irish Republican Army members traveling to and from the United States or England, but early passports, visas and other identification documents were often hand-written and easily forged or altered. During this era, it was also still quite easy to assume the identity of an infant or young child who had died, because birth and death records were not often cross-referenced — especially if they happened in different locations. This practice is referred to as an infant death identity in document-fraud investigations. Nazi and Soviet espionage agents used infant death identity quite frequently, which resulted in changes to the way records were kept, but domestic and international terrorist operatives continued to use infant death identities into the 1960s and 1970s.
Advances in technology in the 20th century allowed countries to make their identification documents more resistant, but not immune, to counterfeiting and alteration. The real difficulty in using counterfeit or altered documents started when the documents were linked to a central computerized database. This meant that counterfeit passports and visas did not show up in the databases and allowed a quick photo comparison to ensure that passports with altered photos could not be as easily used. In 1988, Japanese Red Army bombmaker Yu Kikumura was able to enter the United States using an altered Japanese passport.
In 1992, al Qaeda bombmaker Ahmed Ajaj was arrested trying to come through immigration at New York’s John F. Kennedy International Airport using a Swedish passport in another name altered to bear his photo. His partner, Abdul Basit, ditched the altered passport he used to board the flight in Karachi, Pakistan, and used an authentic Iraqi passport in the name Ramzi Yousef to claim political asylum. In the 9/11 plot, and in all the follow-on al Qaeda plots directed against the United Sates, al Qaeda operatives have used authentic travel documents to enter, or attempt to enter, the United States. Some of the 9/11 operatives did commit document fraud in relation to driver licenses and state identification cards, but as outlined in the 9/11 Commission Report, that fraud almost resulted in the unraveling of the plot.
Changes in technology and enforcement in the United States and Europe have caused changes in identity and travel tradecraft for transnational jihadists, who are now searching for “clean skin” operatives who are unknown to law enforcement and who have the ability to travel internationally using legitimate travel documents.
Explosives
Bombing has been a staple of terrorism since Guy Fawkes and his co-conspirators’ failed attempt to destroy the British Parliament in 1605 in the so-called Gunpowder Plot. The invention of dynamite in 1867 was a very big boon for early terrorists, who no longer had to use black powder, a low explosive, as the main charge in their devices. Dynamite was not only more stable and less sensitive to moisture than black powder but was also more powerful. Dynamite was widely used by Irish Fenians in their attacks, but perhaps the image of the anarchist bombthrower is the most iconic of that period.
In the age of modern terrorism, bombmakers have had the luxury of access to high-powered military explosives such as TNT, C-4 and Semtex. Technologies such as shaped charges, platter charges and explosively formed penetrators have also increased the impact of these powerful explosive compounds. Another development that has greatly altered the art of bombmaking has been the advent of microelectronics. Bombmakers can use sophisticated timers to activate a device days or even weeks after it is placed. They can also use sensors that detect motion, light, the presence of metal objects or changes in altitude in order to detonate the explosive device. Command-detonated devices using radio signals or cell phones have also been widely employed.
Perhaps one of the most influential bombmakers in the modern terrorist era is Abu Ibrahim, a former member of Black September, the Popular Front for the Liberation of Palestine and the 15 May Organization. Ibrahim is often referred to as the “grandfather of all bombmakers” for his innovative improvised explosive device design and his willingness to train other bombmakers in his dark arts. Ibrahim was an early adopter of electronics in his designs.
During the 1970s and 1980s, state sponsorship did a lot to help advance bombmaking tradecraft, as sabotage experts from the Soviet KGB and the East German Stasi passed on training and technology. (The Eastern bloc was also a very important source of funding and identification documents during this period.) In addition, state sponsorship meant that sponsors, such as Libya, could use the diplomatic pouch to transport weapons and explosive components to terrorist operatives in places like London and Paris.
Controls on the purchase of explosives, and even on items like ammonium nitrate fertilizer, which can be readily used to make homemade explosive mixtures, have made it more difficult in recent years to make improvised explosive mixtures. This has caused bombmakers to change to mixtures made from more readily available precursors, such as acetone and peroxide. But these mixtures tend to be not only more dangerous to brew — the Palestinians refer to triacetone triperoxide, or TATP, as “the mother of Satan” — they also have a limited shelf life, are less stable and more difficult to transport and correctly synthesize. In 2009, would-be New York City subway bomber Najibullah Zazi was frustrated in his attempts to manufacture viable TATP.
In the realm of targets and tactics, we’ve talked elsewhere of the arms race in aviation security and how it has caused the threat to aircraft to evolve, with the next likely step being non-metallic explosive devices hidden inside the bodies of suicide attackers. There has also been an evolution in the targeting of Western interests abroad. Embassies have become harder targets and Western hotels have been increasingly more desirable targets, although the Sept. 11, 2012, attack in Benghazi may shift terrorists’ focus back to vulnerable diplomatic missions in volatile locations.
Databases
Perhaps one of the most powerful inhibitors of terrorist tradecraft has been the use of computerized databases, allowing authorities to crunch a lot of data. One of the first well-documented uses of computers to locate terrorist suspects was the massive effort undertaken by the German Federal Criminal Police in the 1970s to combat the Red Army Faction. The German police created a database and then cross-referenced its information on a wide variety of indices. They then created a profile of the Red Army Faction safe-house with features such as young people living together, paying their rent and utility bills in cash and not registering with the local government or registering their motor vehicles. When a computer search identified addresses that matched the profile, they then dispatched detectives to investigate these possible safe-houses in person. This campaign was very successful in helping round up the first generation of Red Army Faction operatives.
Lists of terrorist suspects and their aliases have also proved quite useful in inhibiting terrorist travel, but it has not been without its failures or criticism. The U.S. State Department first adopted a database called TIPOFF in the 1980s designed to prevent terrorists from getting visas. The system was later turned it into the Visas Viper system after the 9/11 attacks. The United States has created the Terrorist Screening Center, which is charged with consolidating all the various U.S. government watch lists as well as administering the controversial terrorist watch list and the no-fly list.
Computers are also being used to monitor terrorist communication, whether by telephone, satellite phone or the Internet. But like the watch lists, these efforts have proved to be quite controversial.
Seizing or freezing bank accounts associated with known terrorists and efforts to crack down on charities that were funding terrorist groups have been somewhat successful in limiting the money moving to terrorist entities. But the presence of significant informal money transfer networks has made it impossible to totally stop the flow. The ability of terrorist groups to use narcotics sales and other criminal activity to fund themselves has also been hard to stop.
Trends
Since the 9/11 attacks, the United States and its allies have spent billions of dollars on security improvements and have made great efforts to increase security and to counter the tradecraft used by terrorist groups. It is now more difficult for terrorist operatives to travel to the United States and Europe — as evidenced by the lack of serious attacks and by the calls of groups such as al Qaeda in the Arabian Peninsula and the al Qaeda core group for grassroots terrorist operatives to conduct simple attacks where they are rather than travel overseas for training or to wage jihad. It has also led them to recruit individuals who have travel documents like Richard Reid, Najibullah Zazi and Faisal Shahzad for attacks rather than send well-trained operatives to conduct them.
This inability to conduct attacks in the West and the frustration it causes, along with the downfall of the transnational al Qaeda core organization, may be causing the remaining jihadist groups to focus more on operations in their local areas — places where they have the skilled operatives and materiel to conduct successful attacks.
This means that Western diplomatic missions, hotels and businesses located in these areas will remain vulnerable to attack. With these militant groups in possession of shoulder-launched surface-to-air missiles like the SA-7, there is also a lingering concern over the possibility of an attack against a Western aircraft in such areas.
by Henry Shivley
President Barack Hussein Obama AKA Barry Soetoro AKA Barry the Rat, the south side Chicago back alley socialist insurgent pimp, just signed another Executive Order. You know, President Obama, who isn’t a Zionist puppet, who will not follow orders from Tel Aviv, who doesn’t really like those Jews all that much anyways.
Say hello to the Executive Order from the President regarding Authorizing the Implem...
So, in other words, the Israeli Zionists have ordered that Iran be cut off from the world and the bank accounts of anyone who violates this dictate seized.
And how is this international outrage to be enforced? Ooohhh, I see, that’s why we have been deploying our troops all around the world, to Australia, to South America, to Africa, and most recently (today) to Jordon on the Syrian border. It looks like an escalation to invasion to me (sanctions are an act of war). This will be an invasion that could lead to World War III.
Does it make sense? Oh yes, it makes sense, dollars and cents. But the Nobel Peace Prize winning Barack the Ordained One Obama wouldn’t purposely lead the United States into World War III, would he? Of course he will, oy, I’m telling you.
This is an act of war, as sanctions, by definition, represent just that. War can only be declared by Congress. This Executive Order violates the Constitution. It is an act of treason. This is our lives we are talking about here.
Are we going to allow this dictator to precipitate the deaths of millions of us as a result of his soviet socialist insurgency? I guess it has been a while. Maybe the sheeple need to be taken out and slaughtered like the herd animals they are, again, so we can remember why World War I was the War to End All Wars, until we forgot. But surely World War II….nope, we forgot again. Those who forget history are doomed to repeat it.
God bless the Republic, death to the international corporate mafia, we shall prevail.
Delivered by The Daily Sheeple
Contributed by From the Trenches World Report of www.FromTheTrenchesWorldReport.com.
From the Trenches World Report is intent on uncovering more documented facts to bring to light that which the common man or woman is not meant to see. We are in a war for nothing less than our right to individual thought. We will be reporting on that war From the Trenches