Heads Up: C-SPAN Extra to Carry Today's Senate Hearing on the Y2K Information Center & Cyberterrorism

greenspun.com : LUSENET : TimeBomb 2000 (Y2000) : One Thread

I don't receive C-Span extra, but I think we can watch and listen to the hearing via a real player. 'Not sure, though. You can give it a try at:

Senate Hearing on the Y2K Information Center & Cyberterrorism

'Just passin' it on. . . :)

-- FM (vidprof@aol.com), July 29, 1999


Hearing starts at 9:30 a.m. by the way. . .


-- FM (vidprof@aol.com), July 29, 1999.

What's up with the hearing... Are they late starting? Or aren't they going to put it on the 'net?

It's now 9:44, and nothing seems to be happening...


-- housemouse (jgj@nevermind.net), July 29, 1999.

I'm watching/listening using the G2 RealPlayer as I write this.

Go to:

Senate Special Year 2000 Technology Problem Committee Y2k Information Center & Cyberterrorism Vulnerability

Senator Bennett just adjourned the hearing to go vote on a bill. What gives?

-- Bingo1 (howe9@pop.shentel.net), July 29, 1999.

Yes, I am wondering why they are not starting, it says on their listing the hearings are from 9.30 am to 12.30 pm.. but nothing is going on yet..

-- Cassandra (american_storm@usa.net), July 29, 1999.

I missed the first hour. (What did I miss?)

They're back now, however. It's a bit after 10:30 a.m.


-- FM (vidprof@aol.com), July 29, 1999.

Here are my raw notes on the hearing (after the vote break)proceedings.

Koskinen says Y2k shows us how reliant we are on computers. We'll be more so in the years to come.

Refers to Presidential Directive #63 and activities underway as a result.

They want to maximize lessons learned from Y2k to protect infrastructure in the future.

Says computerized processes developed by the ICC could be used by the National Infrastructure Protection Center.

Says President's Council was created for Y2k.

Koskinen says he won't be available for the role of a permanent Chief Information Officer for the executive branch if the position is created/continued. Mentions that Sally Katzen (sp) is currently serving in that role.

Bennett expressed concern that unless a permanent Chief Information Officer was a top level person in the executive branch, phone calls might not be returned, etc. Koskinen said that's not so.

Bennett concludes, "Y2k experience has made me aware in a way that I had never been before of just how vulnerable our society and our economy are to the possibility of some kind of computer breakdown."

Bennett talked about how the Defense Department is facing cyber attacks every day, and about his concern that if crackers continually encounter firewalls in the Defense Department systems, they may try something else, like trying to destroy the traffic system in New York City.

Bennett referred to the D.C. plane crash (the plane that hit the bridge a few years ago) and simultaneous derailment of the Metro..employees didn't get home until 2 a.m.

Implies this type of cyber attack could have as much impact as if enemies were to drop an actual bomb.

Says Y2k process is winding down...there is still a great deal of vigilance needed.

Turns if over to Dodd.

Dodd mentions New York Times article and begins discussion with Koskinen about privacy issues associated with a potential monitoring system.

(More to come if time permits)


-- FM (vidprof@aol.com), July 29, 1999.

Oops. I spoke too soon. Or not soon enough.

"Says computerized processes developed by the ICC could be used by the National Infrastructure Protection Center."

See my reply in "U.S. Plans Y2K Bunker, Clinton Aide To Tell Senate (justme, justme@justme.net, 1999-07-29)"

They're getting pretty easy to figure out, aren't they.

Watch six and keep your...

-- eyes_open (best@wishes.net), July 29, 1999.

(Continuation of raw notes)

Koskinen says Global Information Monitoring will commence on September 9, 1999, but system won't be fully functional on September 9, 1999.

They will use September 9, 1999 as a test, private sector, states, countries around the world have agreed to cooperate.

Center up and running on December 30, 1999. Twenty four hours a day. Ramp down after February 29, 1999 (after the leap year date)

Core staff will work through June to compile lessons learned.

Will work with FEMA to expand information collection problems with the states. States will provide status information.

Duplicate system will go to Mount Weather.

Real value of ICC experience will be to determine how to get information flow in and best ways to send it back, best ways to monitor cyber intrusion.

Koskinen talks about other Federal centers being set up throughout government. Department of Energy will garner info about oil (and utilities?) State Department will get info about embassies.

Info flow will begin at noon on Friday (December 31, 1999?)

Koskine hopes the center will provide an accurate timely picture of what is happening, so they don't have to follow media reports.

They hope to be able to determine if disruptions are really Y2k events, or something else.

Dodd says, "The potential for panic is just overwhelming." He goes on to question about software.

Koskinen says they are using existing software, trying not to invent anything new. Goal is to do nothing that requires significant testing. They want to be not state of the art, but state of the practice.

Target is the end of October for system to be functional if possible.

Dodd asks, how does the info get back out, and who receives the info?

Koskinen says that in exchange for their cooperation private industries will be given analyzed information (versus raw data).

Dodd mentions concerns about proprietary information going out.

Koskinen says so far there has been no problem. NERC is creating National Information Center, for example. This will consist of management information data, not reporting data.

Data will be summarized for public through joint public information center. Available through Website access, press briefings, etc. Koskinen says hardest thing to collect will be judgements on how long any outage will last.

Dodd wants to know if the ICC will be able to facilitate reconstruction services that will be presumably be needed.

Koskinen says ICC will not be a "reconstitution" body.

Premise is the people who know how to fix power plants, etc., will be those who work in that industry.

ICC won't be a help desk. But referrals to industry contacts will take place. Resources will be brokered. Power companies have a great history of sending crews back and forth, but it's done on an ad hoc basis.

ICC will add value through cyber attack monitoring.

Koskinen goes on to talk about how ICC will serve other countries. (Presumably in the same fashion--by mapping the world to find out where infrastructure came from so those experiencing failures can get in contact with the manufacturers, suppliers, etc.).

Dodd says he's been disappointed that the European Union and others haven't taken a lead on Y2k problem solving. He asks whether the U.S. will need to assume global responsibility?

Koskinen says Europe is paying more attention, and the existing structure needs to be energized. Contingency planning around the world.

Dodd says we need to think beyond Y2k.

(More to come if time permits)


-- FM (vidprof@aol.com), July 29, 1999.

End of Koskinen testimony

Bennett introduces second panel.

John S. Tritak, Director, The Critical Infrastructure Assurance Office

Michael Vatis, Director, The National Infrastructure Protection Center

Richard Schaeffer, Director, Infrastructure and Information Assurance, Department of Defense

Tritak, Director of the Critical Infrastructure Assurance Office (CIAO)

(Few hard hitting statements. Mostly repeating what's already been said)

Discusses background of office and need to coordinate with President's Y2k Council. Discusses the United States' massive use of technology.

Technology is a common thread running through all of our infrastructures.

Y2k is the first Cyberthreat that has the potential to touch all areas of our lives. Reiterates there is much that can be learned by monitoring what happens as a result of Y2k.

Michael Vatis, Director, The National Infrastructure Protection Center

Mentions World Trade Center bombing and the studies that occurred after that. They learned that critical infrastructures are vulnerable not just to terrorism attack, but cyber attacks.

Reliance on info systems creates vulnerability. This predates Y2k and will last beyond it.

NIPC is located at FBI and is charged with determining threats, notifying of same and coordinating Federal response.

Caseload of cyber-attacks has doubled, every year. Over 800 pending cases of computer-intrusion.

Kinds of attacks range from individual hackers, to organized crime groups to the potential of terrorist cyber attacks, to potential of foreign intelligence service, and ultimate worst case scenario foreign military going after a soft underbelly.

Talks about past attacks on emergency 911 systems, on banks to steal money, attacks on telecommunications, and air traffic control, attacks every day at Federal Level, (including DOD and Federal labs).

Since creation of agency last February, good progress has been made in creating a network of government and private entities. Communications links have been established to receive threats and issue warnings.

Melissa virus was an example. They were able to issue a warning.

They will be able to do the same with regard to Y2k

They want to prepare for any additional malicious activity around Y2k event.

In some instances it might be difficult to determine if an outage is a result of Y2k or malicious attack, so they are communicating with I.C.C.

One of their concerns is that during remediation process, companies who have hired outside companies may be subject to malicious code planted by remediators.

They've been in the business for a year and a half and are looking at Y2k as a means of learning about the consequences of system failures, etc.

Richard Schaeffer, Director, Infrastructure and Information Assurance, Department of Defense

Submits written testimony.

They are implementing Critical Infrastructure Protection Plan as ordered by Presidential Directive 63.

Answers some of the questions raised earlier by the committee:

DOD is working closely with ICC. Examples, early warning system involving Australia, facilitating Koskinen's meeting with Canadian authorities.

With regard to DOD role in "cyber-reconstitution"

Numerous and simultaneous demands for DOD resources will restrict the use of DOD infrastructure protection assets in any non-defense role.

If defense is used for reconstitution, legislation would be required to hold the government free of any liability.

(He then goes on to use veiled language referring to things like cyber assurance assets? Very clear he didn't want to use plain language here)

Collaboration is essential for protecting infrastructure now and in the future. As long as we continue to work openly, we will build necessary government and private sector trust.

Dodd asks about a recent hacking report.

Schaeffer did not want to respond in this public forum.

Vatis remarked that it's difficult to immediately know what type of a hacker is involved with a break in (teenage hacker, organized crime, etc.), but under 50 percent appear to be organized?

Dodd, mentions potential problems introduced during remediation efforts. Asks if there is any hard evidence that that may be occurring?

Vatis does not want to comment in public. Says it's reasonable to conclude there is a significant risk.

Dodd keeps after them. Says he might interpret from their reluctance to answer that there IS a problem. They agreed, there is a problem.

Dodd goes back to New York Times article regarding monitoring. Privacy issue is brought up again.

Tritak says the program is still being considered. Justice Department has to review. Other legal reviews must also take place. Privacy is of paramount concern. Privacy concerns are legitimate. System is still being developed.

Dodd: "How long has it been under consideration?"

Tritak doesn't know.

Tritak says final report may be released by this Fall.

Vatis discusses NYT article, and he points out innaccuracies. One, computer would not monitor private sector systems, but would only monitor illegal intrusions into Federal systems. Two, FBI would not run program. GSA would run program.

If IRS were hacked for example, Commerce would get early warning and then contact FBI.

Dodd wants to go into this in greater depth. Says he'd like a briefing. He's relying on a news story. It's a matter of some concern, and he'd like a formal briefing in the next week or so.

Dodd goes back to ICC issue, asks about long-term responses, risks, etc. What role could ICC play beyond Y2k?

Tritak says again that Y2k will be a teaching tool. There will be a lot of cooperation at various levels of our society, the government, private sector, etc. Says, we need to work hard on problem confronting us, and evaluate how well ICC worked, and how these resources can be used in the future.

Dodd says it would be hard to get the American public to accept that 40 million dollars of their money would be spent on a Web site offering press releases, but if you get into the cyber-reconstruction phase that might have value.

Vatis defends the ICC, saying again what they learn will be important in the future.

Schaeffer says mechanisms must be set up because cyber events occur in an instant in time. Information sharing after the fact doesn't work. ICC would provide foundation for that.

Dodd asks how you distinguish between attacks and Y2k problems?

Michael Vatis says his group is working with DOD on methodology to distinguish the difference.

Schaeffer says they are baselining as they do their Y2K tests, as a means of determining whether a potential outage is a cyber attack or not.

Dodd talks about early warning systems. Is it conceiveable to fabricate a strike on an early warning system? Can it be done? (Opinion: Did Dodd see the movie "War Games?" Sheesh!)

Michael Vatis replies that it's easy to do that. Hacking by juveniles has produced something along those lines.

Dodd goes into the joint discussions between the Americans and the Russians. No one on the panel can speak to the status of the joint early warning facility. Dodd's fealing very uneasy about that. Wants a cooperative environment.

(I lost the feed here. 'Guess that's it. Hope this info is useful, and after hearing THIS, I REALLY hope we work with the Russians!)


Also, new words for the day: "Cyber-reconstruction," and "Cyber-reconstitution." 'Wonder if Reader's Digest will pick up on these.

-- FM (vidprof@aol.com), July 29, 1999.

Excellent reporting as usual FM. Glad you're back with us, and thanx.

-- Ashton & Leska in Cascadia (allaha@earthlink.net), July 29, 1999.

One more thingie:

It's clear to me, after listening to the above speakers (Except for Clarke, who I missed) that the Federal Government in no way wants to be forced to rely on Peter Jennings, et. al., for information regarding actual Y2k failures.

Further, to me, the real "nugget" that emerged from this hearing is the alleged difficulty of determining whether actual failures will be the result of "cyber-attacks" or Y2k.

Accordingly, if my cynical twin were writing this, the observation might be:

"Uh, huh. There's an election in Year 2000. If the you-know-what really does hit the fan, wouldn't it be convenient if certain politicians would be able to say that Y2k was not the cause? That they never could have predicted the problems, because the evil Y2k was not REALLY at the root of them?"

(Hmmm. . . Last I heard, my cynical twin was still reading that book by George Stephanopoulos. Good. Keeps her out of MY hair. . .)


-- FM (vidprof@aol.com), July 29, 1999.

Ashton & Leska,

Thanks, and you are most welcome.

(I'll be checking in now and then when I see something really important. Feel free to clue ME in if YOU see something important and I'm not around!)


-- FM (vidprof@aol.com), July 29, 1999.

An article about today's hearing:

"U.S. Plans Y2K Bunker, Clinton Aide To Tell Senate"

http://infoseek.go.com/Content?arn=a0821rontz-19990729&qt=% 22year+2000% 22+bug*+glitch*+y2k&sv=IS&lk=noframes&col=NX&kt=A&ak=news1486

-- Linkmeister (link@librarian.edu), July 29, 1999.

An article of related interest:


"U.S. backs off private monitoring"

-- Linkmeister (link@librarian.edu), July 29, 1999.

Here's another little goodie from today's hearing:

Experts Warn of New Y2K Threat


.c The Associated Press

WASHINGTON (AP) - Two of the government's top computer security experts said today that some programmers hired to fix Year 2000 problems may be quietly installing malicious software codes to sabotage companies or gain access to sensitive information after the new year.

The alarms were sounded at a hearing on the ``Y2K glitch'' and cyberterrorism before the Senate Committee on the Year 2000 Technology Problem.

``Many of these (rogue programmers) have no security clearance, do not work for the government, and yet they have access to critical systems that if sabotaged could wreak havoc to our financial institutions and our economy,'' said Sen. Christopher Dodd, D-Conn., the committee's vice chairman.

A recent analysis by the Gartner Group predicted electronic thefts worth at least $1 billion, noting that the computer networks of financial institutions, corporations and governments handle transactions worth $11 trillion annually.

Michael Vatis, director of the FBI's National Infrastructure Protection Center, said experts hired by U.S. companies to fix their computers could secretly program ``trap doors'' - ways to let them gain access later - or add malicious codes, such as a logic bomb or time-delayed virus that could disrupt systems.

``While systems have been and will continue to be extensively tested, the probability of finding malicious code is extremely small,'' agreed Richard Schaeffer, director of the Defense Department's Infrastructure and Information Assurance program.

Neither expert suggested the possible scope of the problem.

Schaeffer said problems are complicated by the New Year's rollover, when some computers programmed to recognize only the last two digits of a year may mistake 2000 for a full century earlier.

``It may be difficult to distinguish between a true Y2K event and some other anomaly caused by a perpetrator with malicious intent,'' Schaeffer said.

Both experts said the risks were exacerbated by the amount of software repaired by companies overseas. Vatis called the situation ``a unique opportunity for foreign countries and companies to access, steal from or disrupt sensitive national and proprietary information systems.''

Vatis recommended that companies thoroughly check the backgrounds of companies they hire for software repairs. He also said they should test for the existence of trap doors after the repairs, possibly even hiring teams to try to electronically crack into their own networks.

The latest warnings come on the heels of new disclosures about White House plans to create a government-wide security network to protect the nation's most important computer systems from hackers, thieves, terrorists and hostile countries.

The 148-page proposal from the Clinton administration describes building an elaborate network of electronic obstacles, monitors and analyzers to prevent and watch for potentially suspicious activity on federal computer systems.

Sen. Robert Bennett, R-Utah, said today that the scope of the Y2K problem shows that a successful attack on a computer system - such as the network that controls the traffic lights or subway in New York - ``could have as much impact on the economy as if somebody actually dropped a bomb.''

Civil liberties groups complain that the security tools also would make possible unprecedented electronic monitoring, especially because of the increasingly widespread use of computers by the government in almost every aspect of its citizens' daily lives.

The White House defended the proposal.

``We are very concerned about protecting privacy rights,'' said Clinton's national security adviser, Sandy Berger. ``But there is also a privacy right in not having hostile entities attack systems. We're not only talking about 17-year-old kids in their basement. We're talking about governments that we know are developing systems to get access to our computer systems.''

The first 500 intrusion monitors would be installed on nonmilitary government computers next year, according to a draft copy of the proposal obtained by The Associated Press. The full system would be completed by May 2003.

The plan also suggests ways to convince private companies to monitor their corporate computer networks and share information about threats. But it said explicitly that the government will not force companies to permit federal monitoring of their systems.

-- my (oh@my.ohmy), July 29, 1999.

Bennett's right about the traffic lights. I lived in Austin when a hacker managed to get into the traffic signal system, he programmed it so on Friday the 13th every single traffic light in the city was on the blink and it took hours to get home from work. Nightmare. Hot tempers too.

-- mommacares (harringtondesignX@earthlink.net), July 29, 1999.


Thanks for the great notes! These also stood out within your comments... forme...

Refers to Presidential Directive #63 and activities underway as a result.

...in exchange for their cooperation private industries will be given analyzed information...

They learned that critical infrastructures are vulnerable not just to terrorism attack, but cyber attacks.

Numerous and simultaneous demands for DOD resources will restrict the use of DOD infrastructure protection assets in any non-defense role.

...Y2k will be a teaching tool.



-- Diane J. Squire (sacredspaces@yahoo.com), July 30, 1999.

Some useful links... and weekend reading...

(Presidential Decision Directive 63)


(Presidential Decision Directive 62)


U.S. Foreign Policy Agenda
USIA Electronic Journal, Vol. 3, No. 3, July 1998

http:// www.usia.gov/journals/itps/0798/ijpe/toc.htm

Executive Orders
Disposition Tables
Administration of William J. Clinton (1993-Present)

http:// www.nara.gov/fedreg/eo_clint.html

Presidential Directives

http://www.npr.gov/ library/direct.html

Executive Orders
Disposition Tables
January 21, 1961 -- July 14, 1999
(These tables contain information about, but not the text of, Executive orders beginning with those signed by President Kennedy.) < br>

http://www.nara.gov/ fedreg/eo.html

Presidential Decision Directives [PDD]
Clinton Administration 1993-2000

http://fas.org/ irp/offdocs/pdd/index.html

Note: PDDs different from PRDs...

Presidential Review Directives [PRD]
Clinton Administration 1993-2000

http://fas.org/ irp/offdocs/prd/index.html

Executive Orders

http://fas.org/irp/ offdocs/eo/index.html

Presidential Directives on National Security from Truman to Clinton

http://www.seas.gwu.edu/nsarchive/nsa/ publications/presidentusa/presidential.html

Some Martial Law links...

William J. Olson, P.C. -- Martial Law

http:// www.wjopc.com/constitutional/memopres.html

On Terrorism (3/11/99 Hearing):

http://www.house.gov/reform/ns/hearings/ additional_resources.htm

FAS PDD Fact Sheets -- #63

http:// www.fas.org/irp/offdocs/pdd-63.htm

FAS PDD Fact Sheets -- #62

http:// www.fas.org/irp/offdocs/pdd-62.htm

FAS PDD Fact Sheets -- INDEX

http://fas.org/irp/ offdocs/direct.htm

National Critical Infrastructure
Protection Plan for Y2K

http://www.info.usaid.gov/info_technology/y2k/ sitrep/y2ksitrep98mar11.html

Response to Terrorism - WHITE HOUSE FACT SHEET March 15, 1999 - USIA


Catastrophic Disaster Response Group Meeting & Y2K
April 28, 1999

http://www.fema.gov/ pte/gosspch65.htm

Midnight Crossing: Calling all "Big Brain" Y2k Debunkers: Debunk this!

http://www.greenspun.com/bboard/q-and-a-fetch-msg.tcl?msg_id= 0013HA

OT?: William S. Cohen, Secretary of Defense: Preparing For A Grave New World (USIA)

http://www.greenspun.com/bboard/q-and-a-fetch-msg.tcl?msg_id= 0018ov

-- Diane J. Squire (sacredspaces@yahoo.com), July 30, 1999.

You're welcome, Diane.

Thanks for the extensive background links.

To all: don't forget next Wednesday's hearing on utilities. It's the last hearing before the Congressional Summer recess.

August 4 (WEDNESDAY) -- Utilities' Y2K Preparedness 9:30 AM, Room 192 Dirksen


-- FM (vidprof@aol.com), July 31, 1999.

Oh, and one other item regarding this quote:

...in exchange for their cooperation private industries will be given analyzed information...

To put it in perspective, the quote was engendered by implied concerns about private industry "trade secrets" being shared with competitors.

That's why it was stated no raw data regarding actual failures would be given out, only analyzed info.


-- FM (vidprof@aol.com), July 31, 1999.

Moderation questions? read the FAQ