- Government and private-sector security experts fear that today's attacks against the World Trade Center and the Pentagon are only the beginning of a wave of assaults that could include cyberterrorism.
Officials at the FBI's National Infrastructure Protection Center (NIPC), located at FBI headquarters here, are gathering for an emergency meeting to collect and analyse all available cyberintelligence information, says Navy Rear Adm. James Plehal, the deputy director of the NIPC. Details of the meeting aren't yet available.
Meanwhile, Marv Langston, former deputy CIO at the Defense Department, viewed today's physical terrorist attacks as an act of war and warned that they could be followed by a series of cyberattacks. Asked if the airplane attacks against the Pentagon and World Trade Center could be followed by a cyberattack, Langston answered, "I would be surprised if it was not."
Meanwhile, Atlanta-based Internet Security Systems (ISS), which operates the IT sector's Information Sharing and Analysis Center (ISAC), has placed its operations center on what it calls AlertCon 3 (the highest is AlertCon 4), "in order to focus IT security efforts on the potential for (and defense against) an internet component to these attacks." The ISAC works in cooperation with the FBI and the NIPC in sharing information about cyberthreats.
"Our monitored networks do not show any unusual activity at this time, but our [Security Operations Centers] are at a heightened state of alert as we watch for any indications that e-commerce is also being targeted," an ISS spokesman says. The financial district around Wall Street in lower Manhattan was closed down.
"This is a time to partner all security assets on what is most important to your enterprise," the ISS threat assessment states. "While physical security concerns are paramount, it is essential to keep some eyes on the networks focused on malicious activity. We can expect a significant increase in disaster-recovery activity -- plans being activated, dusted off, etc. No doubt the [disaster-recovery] industry will be sorely stressed at this point, and it would behoove staffs to consider security as a move to alternate sites is contemplated or enacted."
The major question being asked by some experts is how such a large-scale, coordinated attack could have been accomplished without security officials being tipped off through cyber or communications intelligence. Most experts acknowledge, however, that there are only a handful of terrorist organizations in the world capable of conducting such an operation in secret. And they likely used nontechnical means of communications that would have allowed them to escape US intelligence IT surveillance operations.
John Garber, vice president of Cryptec Secure Communications in Chantilly, Virginia, and a former National Security Agency official, says the capabilities of the US intelligence community are "fairly well known" by the terrorist organisations that are suspects in this series of attacks.
"They do an awful lot of communications through messengers and nondigital methods," says Garber. "It's not like them to be walking around talking on telephones. This doesn't strike me as a signals intelligence failure as much as a failure of national [agency] coordination," he says.
"This is a large and extremely well-coordinated attack. In spite of our best efforts to coordinate intelligence collection on terrorists, this is a massive failure of national cooperation," says Garber, who was in downtown Washington when the Pentagon was attacked. "I can't believe there were no indications."