The Information Technology (IT) and Telecommunications Sectors face numerous multifaceted global threats. On a daily basis, more than $3 trillion worth of U.S. economic activity passes through secure federal financial networks enabled in part by Virginia Information Technology and Telecommunications assets. CIKR sectors rely on Information Technology and Telecommunications for products and services, including the reliable operation of networks and systems and the movement and storage of critical data. These sectors proactively manage risk to their own operations and those of their customers through monitoring and mitigation activities that prevent routine incidents from creating significant disruptions. Although the Information Technology and Telecommunications Sectors are designed to maximize inherent resilience, its interdependent and interconnected structure presents challenges and opportunities for coordinating preparedness and protection activities.
Sector List Criteria
The IT Sector designates functions which are critical to the operations and processes that support the Nation’s CIKR. These functions are:
1. Provide IT Products and Services, such as: networking elements; security and policy compliance elements; operating system services software; business operations, database, and business intelligence software and services; managed network/data center elements; semiconductors; storage hardware, software, and services; lifecycle product and service integrity, certification, and other assurance functions and mechanisms; Domain Name System (DNS) software; secure appliances that support DNS; and control systems products, Supervisory Control and Data Acquisition (SCADA), and other automation systems.
2. Provide Incident Management Capabilities, such as: Preventative Guidance, Best Practices, Simulation, and Testing; Indications, Alerting and Warning Capabilities; and Operation Centers and Teams.
3. Provide Internet-based Content, Information, and Communications Services. 4. Provide Domain Name Resolution Services.
5. Provide Identity Management and Associated Trust Support Services. 6. Provide Internet Routing, Access, and Connection Services,.
2009
VIRGINIA TERRORISM
THREAT ASSESSMENT
The Information Technology ISAC (IT-ISAC) is a trusted community of security specialists from companies across the Information Technology industry dedicated to protecting the Information Technology infrastructure by identifying threats and vulnerabilities to the infrastructure, and sharing best practices on how to address themquickly and properly. IT-ISAC has the ability to reach 90% of all desktop operating systems, 85% of all databases, 76% of the global microprocessor market, 85% of all routers, and 65% of software security via membership.456
Sector List Criteria - Communications
Nominations submitted through the National Coordinating Center (NCC) for will be submitted from all facets of the National Communications System (NCS):
1. Industry nominations – The private sector will designate those facilities critical to their networks, to include:
a. Communication-Information Sharing and Analysis Center (ISAC) b. Resident/overall (includes wireline and wireless)
c. Other private sub-sectors such as satellite and broadcast
d. Government technologies akin to Global Positioning System (GPS); OR
2. Nominations by the manager/director of the NCS – The manager/director of the NCS will work with HITRAC to identify any additional assets of interest; OR
3. Nominations by the Committee of Principals (COP)/Committee of Representatives (COR) will designate operations of mission critical, essential, and enhancing communications support and provide a comparison with identified communications support Telecommunication Service Priority (TSP) Circuits ID; OR
4. Emergency Services – Public Safety Answering Points (PSAP), and Emergency Broadcast Services (EBS) of particular note, will be nominated by the Federal Communication Commission (FCC), Protective Security Advisor (PSA), and Emergency Support Function 2 (ESF2) Regional Response Coordination Center (RRCC) representatives in coordination and collaboration with the Emergency Services and other
5. High Capacity Assets:
a. Major switching centers that support end users in excess of 843,500 people, and support a capacity in excess of 2,745,000 phone numbers; OR
b. Major underwater cable landings in a localized area with an aggregate Lit capacity of at least 240 Gigabits per second (Gbps), or those critical to the country’s national security capabilities to include intelligence and defense functions; OR
c. Telecommunications hotels containing assets that directly connect the top six service providers with each other. Other service providers may also be considered within this criterion if they are deemed to provide critical mission support on a regional or national scale.
2009
VIRGINIA TERRORISM
THREAT ASSESSMENT
The National Communication Center is a designated Information Sharing and Analysis Center (ISAC) to facilitate the exchange among government and industry participants regarding vulnerability, threat, intrusion, and anomaly information affecting the telecommunications infrastructure. Members include communications equipment and software vendors, 95% of wire line communications providers, 90% of wireless communications providers, including satellite providers, and 90% of Internet Service Provider backbone networks.457
Potential Trend(s) Impacting Sector
Cyber-crime and cyber-terror represent the overall trends of most impact to this sector. The high degree of interdependency of the Information Technology and Telecommunications sectors, its interconnectedness, and non-traceable and unidentifiable actors makes identifying threats, assessing vulnerabilities, and estimating consequence difficult.
Potential Threat Group(s)
Anonymous, which is characterized as loosely affiliated cells of activists, communicates via Internet message boards and networking websites. Group affiliates also use forums to target individuals by engaging in cyber attacks and have been associated with white powder incidents. The group appears to be using forums, information sites, and video sharing sites to spread their messages. If successful, this tactic may be used by domestic extremist groups to organize protests, disturbances, or attacks. The ability of a group of Internet-based hackers to organize and succeed in launching real world protests may be a developing trend. The successes of Anonymous are unprecedented and may be the beginning of a new type of Internet activism that has real world implications.
Domestic Incidents
As noted in the cyber-crime and cyber-terrorism trend section, a variety of incidents and attempted intrusions have been reported throughout the U.S. in recent years. While reported activity ranged from ‘hacktivism’ to attempted botnet attacks and cyber-security related extortion, most experts agree that not all cyber incidents are reported and analyzed. While the United States Computer Emergency Readiness Team (US-CERT), a partnership between the Department of Homeland Security and the public and private sectors has ceased publishing comprehensive reports on attack statistics, information on specific, widespread threats or trends is available through their website. In Virginia, only one local jurisdiction reported to the VFC that their local government network had been hacked. The VFC was not notified of any private industry incidents, but this is likely due to a lack of reporting rather than a lack of intrusions.
2009
VIRGINIA TERRORISM
THREAT ASSESSMENT
Intelligence Gaps
1. Have suspicious employment inquiries been received at Virginia’s IT or http://www.us-cert.gov/ facilities?
2. Have any possible surveillance activities of any building or assets associated with IT or http://www.us-cert.gov/ assets occurred?
3. Have suspicious inquiries about Virginia IT or http://www.us-cert.gov/ security measures been received?
4. How frequently are unauthorized attempts to access to IT or http://www.us-cert.gov/ facilities in Virginia discovered?
5. Have there been any threats against IT or http://www.us-cert.gov/ staff or officials? 6. Have any concerns regarding potential misconduct by current or recently separated
IT or http://www.us-cert.gov/ employees been received?
Projections
Due to extensive dependence on IT infrastructure by Virginia state agencies, public works, and the private sector, the risk of an attack of this nature remains viable. This threat is highlighted as international and domestic terrorist organizations have expressed the capability and desire to exploit Information Technology for operational and logistical support. While the VFC does not possess information that such groups are planning attacks against Virginia IT infrastructure, extremist and criminal organizations could exploit cyber vulnerabilities targeting electric power, communications and rail systems, causing major service disruptions and a cascading effect to related industries.