US ATTACK: FBI issues cyberthreat advisory

The FBI Counterterrorism division here has issued an advisory to all public- and private-sector members of the InfraGard program to beef up physical and cybersecurity efforts in the aftermath of yesterday's deadly terrorist attacks against the World Trade Center in New York and the Pentagon.

The FBI issued the advisory late yesterday afternoon and will stay in effect until October 11. An advisory is the second-highest alert condition that can be issued by the FBI to members of InfraGard, a joint public/private sector program designed to share threat information about possible cyberattacks and cybercrime.

Phyllis Schneck, co-chairman of the InfraGard National Executive Committee and head of the Atlanta chapter, said, "There's been no publicised evidence that there has been any computer crime" conducted in the aftermath of the attacks, she said. However, "we're telling [InfraGard members] that if a system is not mission critical to take it down," she said. "Increased vigilance would be appropriate for all information systems and services."

"The FBI has no information of any additional specific threats directed against additional targets or critical infrastructures in the United States; however, infrastructure owners and operators should be at a heightened state of alert and should implement appropriate security measures -- both physical and cyber," the advisory states.

The fear is that the physical attacks against crucial infrastructures in the US, such as the banking and finance communities and the military, could be followed by coordinated cyberattacks against the nation's telecommunications grid, another of the eight sectors of the economy owned and operated mostly by private companies but which are critical to national and economic security.

There are also new fears that yesterday's attacks, which various unconfirmed reports have linked to international terrorist Osama bin Laden, could spawn an increase in hacker attacks by US-based hackers against government and corporate sites in the Middle East. This, in turn, could lead to a corresponding increase in attacks against US sites, similar to what happened when China detained US military personnel during the recent spy plane incident, experts said.

"Cyber-based actors are calling for cyberattacks against Arab nation/state networks and terrorist computer networks," said Ben Venzke, a terrorism expert and president of security analyst firm IntelCenter. "Expect Arab hackers to retaliate if attacks materialize."

Dain Gary, vice president of security firm Red Siren Technologies and a member of the InfraGard executive board, said his company has already shut down its Web site and limited the number of employees who have remote access to only essential personnel. In addition, they have called in additional IT security personnel to help handle the increase in requests from corporate clients for additional cybersecurity services, he said.

The FBI advisory is mandated by an executive order signed by President Clinton in 1996 that established the President's Commission on Critical Infrastructure Protection. The goal of Executive Order 13010 was to formulate a comprehensive national strategy for protecting critical infrastructures from both physical threats and cyberthreats.

Companies that receive or develop any information pertaining to possible terrorist activity are being asked to contact their local FBI office or FBI headquarters immediately. Links to local FBI InfraGard field offices can be found on its Web site.