The country’s critical infrastructure guardians have not detected any “major” cyber-threats to the nation’s infrastructure in their year of operation.
The management of intrusions is left to the infrastructure owners, says Centre for Critical Infrastructure Protection director Mike Spring, though in the case of a major threat they would be free to ask CCIP to step in and help them. To date that has not happened, he says.
Another of CCIP’s roles has been exchanging ideas with the infrastructure owners, such as telcos and power companies, about possible threats.
The centre was created before the September 11 attacks last year. While it has been building staff and capability over the past year, it has maintained its 24x7 “watch and warn” capability since August 6, 2001. It gains its information on potential threats through “our normal intelligence mechanisms” as a unit of the Government Communications Security Bureau, Spring says, and from analogous bodies in other countries, including Australia, the US, the UK and Canada.
During the past year border protection agencies have been more tightly defining their communications with one another, other government agencies and private companies such as airlines and shipping lines, says Customs IT manager Peter Rosewarne.
“From an IT perspective we have changed and are changing our emphasis towards obtaining more advance information of movements of people, craft and cargo in and out of the country,” Rosewarne says. Customs has always done this to some extent, but now the format of the advance information received is being “tied down to international standards”.
Interfaces between governments on such movements previously operated at a higher level, but are now directly between border agencies to a greater extent.
Changes to government regulations are in train to “give clarity to the form of this information”, ensuring ready comprehensibility, tying down interoperability of electronic systems and requiring more of the information to be communicated in electronic form and be instantly usable, he says. “Previously some of it might came in as faxes.”
Customs is, as Computerworld has previously reported, investigating the utility of biometrics for checking passenger identity.
On an internal IT front, “we have tightened up our firewalls”, Rosewarne says. “But we don’t like to talk about that in detail. The more you talk about it, the more you draw attention to yourselves, even on a personal level.” Information services and IT managers have to be aware of the danger to themselves and to their staff, he says.
One element of increased caution is that Rosewarne and his staff no longer reply to survey questionnaires from IT industry-monitoring organisations, wanting to know details of the systems Customs uses.
“We refer them to Gartner, whom we trust [to present information in an appropriate form that does not increase risk],” he says. “Once we let that information out, we don’t know where it will end up.”