Homeland Security Watch

News and analysis of critical issues in homeland security

March 6, 2015

Friday Free Forum

Filed under: General Homeland Security — by Philip J. Palin on March 6, 2015

William R. Cumming Forum

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print
  • LinkedIn

20 Comments »

Comment by Maggie Szymczyk

March 6, 2015 @ 6:51 am

Radio Frequency Identification (RFID) as defined by the Department of Homeland Security (2006) is “a leading automatic identification technology. RFID tags communicate information by radio wave through antennae on small computer chips attached to objects so that such objects may be identified, located, and tracked. The fundamental architecture of RFID technology involves a tag, a reader (or scanning device), and a database. A reader scans the tag (or multiple tags simultaneously) and transmits the information on the tag(s) to a database, which stores the information” (pg. 3). The ability to place RFID anywhere and being able to track it is an amazing innovation. This type of technology allows to track things like cars, individuals and other items without much of an effort. It is a great tools that can be utilized in eavesdropping on conversations that might be taking place between two terrorists or a leaders of a group. These devices allow to hear things and being unnoticed. Even though these do not have viewing capabilities like UAVs, they have capabilities to listen unnoticeably and locate things with the GPS tracking ability.
One of the way in which RFID can be used to enhance our national security is putting these devices on items that are important to the government like classified documents, evidence and hazardous materials. According to Wylde (2005) “Public sector users have demonstrated that RFiD can improve the tracking of both critical things and even critical people in the former category are several exemplary public sector examples of RFiD pilots and implementations that have already taken place” (pg. 61). Ability to track important documents that can be used against the United States is really important to ensure the safety of the Americans. These documents can have crucial information that can compromise the safety of not only the citizens but also critical infrastructure and show vulnerabilities that other nations want to exploit. These documents can have evidence against terrorists that tourist organizations might want to get in order to free their people from sanctions. This is important to enhance security of the nations so our intelligence can stay classified, our hazards materials safe and in known places and evidence against terrorists can be safely stores until there is enough to sentence.
Another way in which RFID can be enhance our national security is its capabilities to protect the boarders. As we know, America is a land of immigrants but immigration is still a problem. Every day hundreds of people try to escape to the United States through Mexican boarder. These people can be innocent and try to better their lives or dangerous criminals and terrorists. RFID is also used in allowing people to cross over legally. As the Department of Homeland Security (2008) states “U.S. Customs and Border Protection (CBP) employs Radio Frequency Identification (RFID) Technology that is to be used in cross border travel documents to facilitate the land border primary inspection process…The RFID number of the card is associated with the unique enrollment record created for the individual traveler as part of a program to permit border crossing” (pg. 2). This is a great tool that allows to ensure the safety of the citizens and ensure that those that enter the country are here for legit reasons and inform the officers if something seems wrong or off. This type of technology is a greta tool to welcome those who come to the United States but also keep an eye for any irregularities or suspicious behavior.

References

United States Department of Homeland Security. (2006). The Use of RFID for Human Identification. Department of Homeland Security. Retrieved from http://www.dhs.gov/xlibrary/assets/privacy/privacy_advcom_rpt_rfid_draft.pdf

United States Department of Homeland Security. (January 22, 2008). Privacy Impact Assessment for the Use of Radio frequency Identification (RFID) Technology for Border Crossings. Department of Homeland Security. Retrieved from http://www.cbp.gov/sites/default/files/documents/privacy_jan08.pdf

Wylde, D. C. (October 2005). RFID: The Government Frequency for Government. IBM Center for The Business of Government. Retrieved from http://www.ok-safe.com/files/documents/1/RFID_The_Right_Frequency_for_Government_IBM.pdf

Comment by Matt Doyle

March 6, 2015 @ 8:41 am

Part 1
The Worldwide Threat Assessment (2014) warns about cyber-attacks against our critical infrastructure: “particularly the Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA) systems used in water management, oil and gas pipelines, electrical power distribution, and mass transit, provide an enticing target to malicious actors (ODNI, 2014, p. 2). A cyber-attack against our power grid and SCADA systems could resemble the Aurora experiment and the Stuxnet worm attack. The Aurora experiment is a prime example of how vulnerable the private sector is to destructive attacks carried out through the internet. Aurora was a simulated attack by “researchers investigating supervisory control and data acquisition (SCADA) system vulnerabilities at utility companies. The experiment involved hackers invading the plant’s control system to change the operating cycle of the generator” (Burkhart, 2008, p. 1). The experiment showed that a cyber-attack is capable of causing an electric generator to spin out of control, smoke, and eventually fail completely.

The Stuxnet worm attack against the Natanz nuclear power plant in Iran showed that an Aurora-like cyber threat is a real concern. Once in the system, the worm infected the plant’s Windows systems and programmable-logic controllers which make up the plant’s Industrial Control System. The worm self-replicated and searched for “programmable-logic controllers, which regulate the machinery in factories, power plants, and construction and engineering projects. These controllers, or P.L.C.’s, perform the critical scut work of modern life. They open and shut valves in water pipes, speed and slow the spinning of uranium centrifuges… (Gross, 2011). The attack was destructive in the sense that it targeted the physical hardware of the plant. The DOD’s Defense Science Board (2013) writes that: “New is wide spread knowledge of the destructive ability of cyber-attacks (e.g. Aurora, Stuxnet, etc.) The cyber world has moved from exploitation and disruption to destruction” (p. 5). The goal was not to necessarily corrupt the PLC’s, but to corrupt the PLC’s so they could be controlled to destroy the plant’s centrifuges.

My concern about similar attacks against our power grid is due to the fact that many utilities have not taken the necessary steps to protect against computer worm attacks like Stuxnet. The U.S. House of Representatives report (2013) writes that “91% of IOUs, 83% of municipally- or cooperatively owned-utilities, and 80% of federal entities that own a major piece of the bulk power system reported compliance with the Stuxnet mandatory standards. By contrast, of those that responded to a separate question regarding compliance with voluntary Stuxnet measures, only 21% of IOUs, 44% of municipally- or cooperatively- owned utilities, and 62.5% of federal entities reported compliance” (p. 3). The responses to both of these questions are alarming. If the standards are mandatory there should be 100% compliance, and for the voluntary standards, the utilities should show greater concern to protect their interests and the stability of our nation’s power grid.

The specific attack that I am concerned about involves a destructive cyber-attack against multiple electric generators in a specific region like Northeast. CBS (2010) reports that generators like the one destroyed in the Aurora experiment are no longer made in the United States, and they require a lead time of 3-4 months to be ordered. The impact of such an attack would probably resemble the 2003 NYC blackout in terms of the number of power outages. During the NYC blackout, the power distribution system was overwhelmed and failed. The 2003 blackout provided a scary example of how we are reliant upon technology: “the blackout was a big deal, leading to at least 11 deaths and costing the economy some $10 billion. More important, the disaster underscored just how rickety our interconnected and jury-rigged electrical grid was — and how vulnerable it could be to disruption, both accidental and malevolent” (Walsh, 2013, p. 1). The difference between the NYC blackout and a targeted attack against generators is that the blackout could go on for much longer due to the long lead times for the generators.

Comment by Matt Doyle

March 6, 2015 @ 8:45 am

Part 2
Remedies:

First, utilities should be required to comply with increased regulation, especially when it comes to mandatory standards. PennEnergy (2013) write that “We need to push electric utilities to enlist all of the measures they can now, and push for stronger standards in Congress that will keep our economy and our country safe from cyber warfare” (p.2). This includes the adoption of new standards in a timely manner. The threats facing our grid can evolve and change within a short period of time, standards and measures aimed at reducing these threats must be adopted very quickly.

Second, replace old equipment that may be stressed and lack the necessary sensing and control technology to limit outages (National Academy of Science, 2012). New sensing and control technology should be used to avoid operator error and to prevent potential sabotage. A movement towards a newer “smart grid” will come at a “substantial cost,” but we cannot ignore how aged our grid has become (David, 2014, p. 3). New sensing and control equipment will help operators identify abnormalities which may signal potential attacks.

Third, DHS and the U.S. Department of Energy should perform risk assessments in order to identify vulnerabilities. The National Academy of Sciences (2012) writes that “DHS and/or the U.S. Department of Energy should initiate and fund several model demonstration assessments across cities, counties, and states” (p. 2). These assessments can be used to determine vulnerabilities and to develop strategies for threat reduction. Additionally, DHS and the Dept. of Energy should work more closely with utility companies to strengthen their assessment capabilities and to achieve greater communication and collaboration.

Fourth, utilities and the government should acquire backup generators and transformers in order to ensure some energy output in the event that the primary systems are sabotaged Koch (2012) recommends that “developing smaller portable ones for temporary use to reduce delays in restoring disabled power systems” (Koch, 2012, p. 2). The National Academy of Sciences (2012) offers a similar remedy “A promising solution, the report says, is to develop, manufacture, and stockpile a family of universal recovery transformers that would be smaller and easier to move” (p. 1). While these transformers would not be a long-term solution, they would greatly reduce delays and disruptions and they would be capable of preventing a costly and deadly long-term blackout.

Comment by Matt Doyle

March 6, 2015 @ 8:49 am

Part 3
References:

Burkhart, L.A. (2008). Cyber Attack! – Lessons Learned: Aurora Attack. Fortnightly Magazine. http://www.fortnightly.com/fortnightly/2008/01/cyber-attack-lessons-learned-aurora-attack

CBS 60 Minutes (2010). Cyber War: Sabotaging the System 2:2. Youtube. https://www.youtube.com/watch?v=dU2XPFoyAR8#t=234

David, J. (2014). Double threat: US grid vulnerable on two fronts. CNBC. http://www.cnbc.com/id/101306145
Defense Science Board (2013). Task Force Report: Resilient Military Systems and the Advanced Cyber Threat. Department of Defense: Defense Science Board. s

Gross, M.J. (April, 2011). Declaration of Cyber-War. Vanity Fair. http://www.vanityfair.com/culture/features/2011/04/stuxnet-201104
Office of the Director of National Intellignce (2014

Worldwide Threat Assessment of the U.S. Intelligence Community. Statement for the record: Senate Select Committee on Intelligence. Given by DNI James R.Clapper. January 29, 2014. http://www.dni.gov/files/documents/Intelligence%20Reports/2014%20WWTA%20%20SFR_SSCI_29_Jan.pdf

Koch, W. (2012). Study: U.S. power grid vulnerable to terrorist attack. USA Today. http://www.usatoday.com/story/news/nation/2012/11/14/power-grid-vulnerable-terrorism/1704803/

Comment by William R. Cumming

March 6, 2015 @ 10:04 am

Thanks Chris, Maggie, and Matt!

MOST OF THOSE WHO KNOW ME KNOW THAT MY POLITICS ARE AS A FUZZY HEADED LIBERAL and perhaps beyond that. Buying a pitchfork a month to keep sharp so that the peasants will be armed when we storm the Bastille.

I love the student posts and links and they are huge help to me and others.

Chris’ comment prompts the following:

There is both a Presidential Records Act and a Federal Records Act. Both have some fuzziness when it comes to e-mail and other virtual communications.

So here is my take on the so-called BLACK LETTER LAW in implementing these two statutes.

First ANY COMMUNICATION TO OR FROM THE PRESIDENT OR TO OR FROM THE EXECUTIVE OFFICES OF THE WH MUST BE PERMANENTLY RETAINED AND BECOME THE FUNDAMENTAL BASIS FOR THE COLLECTIONS OF THE PRESIDENTIAL LIBRARIES. THERE ARE NO EXCEPTIONS. THIS IS THE REQUIREMENT OF THE PRESIDENTIAL RECORDS ACT.

As to the FEDERAL RECORDS ACT, any written communication prepared in conjunction with official duties must be retained although a duplicate copy may be retained by either the sender or receiver.

THE ABOVE DOES NOT PERTAIN TO ANY CLASSIFIED OR CLASSIFIABLE RECORDS FOR WHICH DIFFERENT RULES PERTAIN.

Any communication labeled CONFIDENTIAL, SECRET, OR TOP SECRET is subject to permanent retention and maintained upon transfer from the department or agency to NARA [National Archives and Records Administration] and unless declassified and marked for routine destruction available to approved researchers.

THERE IS, HOWEVER, ONE MAJOR EXCEPTION. SO-CALLED COMPARTMENTED INFORMATION [ABOVE TOP-SECRET] IS NEVER MAINTAINED BY NARA ON THE BASIS THAT IT HAS NO ABILITY TO MAINTAIN THESE AND NO AUTHORITY OR FUNDING TO DO SO.

Compartmented information is info developed, implemented, and operated for all of the so-called BLACK PROGRAMS of any Administration. These programs are never revealed even in the official annual budgets of the United States Government.

Note for the record that General David Petraeus [RET.] has pled guilty to a misdemeanor of paasing classified info to a Reserve Officer [cleared but with NO NEED TO KNOW]!

Thus, the entirety of Secretary Clinton’s existing e-mails must be reviewed to determine if any classified or classifiable information was involved or whether the PRESIDENTIAL RECORDS ACT and/or FEDERAL RECORDS ACT has been violated.

What is also clear is that the system she used WAS NOT SECURE so that it must be presumed to have been fully compromised unless proven otherwise.

Hoping all have seen or will see HBO’S DOCUMENTARY CITIZEN FOUR. Apparently Snowden wants to return to the USA but in negotiations so far he has only been conceded that he would not be subject to the DEATH PENALTY.

The Clinton story IMO has legs and will end any Presidential ambitions.

Comment by Mike Upham

March 6, 2015 @ 10:26 am

The use of IDS technology such as the Imaging System for Immersive Surveillance (ISIS) provide law enforcement with an advanced tool to aid in the detection, prevention, and apprehension of offenders for crimes. Systems like ISIS provide law enforcement agencies a modern technology video surveillance system that is able to stitch together several camera angles to create a 360-degree picture in high definition. The benefits to this type of technology are endless, and allow law enforcement to look back in time to gather critical details to a crime and details that would otherwise be lost forever. The ability to keep a wide-angle view, while gathering specific details such as a license plate, package number, or visual identification of a suspect provide immediate benefits to law enforcement teams across the nation.
Systems like ISIS provide a security to all types of targets and need to be implemented to high value facilities, critical infrastructure locations, police departments, high crime areas, and other areas with the threat of attack or vulnerability for exploitation. The benefit to these types of systems is that they are mobile. These systems can be remotely located in discrete locations to provide additional security and real time access to locations where personnel cannot be stationed 24/7. With the use of the high-definition cameras, these systems also provide the ability for behavior analysts to examine live video to scan for possible threats or targets.
A necessity for these systems however, would be that the range is limited, and therefore multiple systems would need to be implemented across a small area for maximum effectiveness. Like the technology seen in the Washington Post video explaining wide area aerial surveillance systems, systems must be communicating live with command centers so that information can be shared amongst various channels to individuals in different response fields. ISIS systems need to be connected to a single command center that can access all ISIS locations and create a single video to create live 3D mapping. With the ability to connect ISIS systems, the user can create the same effect as the wide area aerial surveillance systems without the need for aircraft.
Although critics argue that these types of systems violate constitutional rights, if the systems are not abused or used intrusively for innocent civilians, then there is no argument for a violation of rights. The need for protection has overweighed the citizen complaints of invasion of privacy since 9/11.

Department of Homeland Security (DHS). (2014). Imaging System for Immersive Surveillance: New Video Camera Sees It All. Retrieved from http://www.dhs.gov/imaging-system-immersive-surveillance-new-video-camera-sees-it-all

Timberg, C. (2014, January 1). New surveillance technology can track everyone in an area for several hours at a time. Retrieved from http://www.washingtonpost.com/business/technology/new-surveillance-technology-can-track-everyone-in-an-area-for-several-hours-at-a-time/2014/02/05/82f1556e-876f-11e3-a5bd-844629433ba3_story.html

Comment by Mike Upham

March 6, 2015 @ 10:33 am

The Ring of Steel methodology is an effective approach to preventing, deterring, and solving crimes in high population areas. The ability to watch every square inch of a city is extremely beneficial for law enforcement officials. Not only does this let criminals and terrorists know that they are being watched, but it allows teams to develop software that is able to monitor behavior and alert analysts. The more cameras that are in use around the city, the more beneficial to law enforcement, as long as all of the cameras are synchronized to one singular location where footage is analyzed in real-time.

One major flaw of the Ring of Steel in London is that there are over 100,000 cameras in use throughout the city, however, only a very small percentage of those cameras are linked to a central database for law enforcement. Law enforcement is forced to collect footage from different businesses, stores, buildings, and numerous other locations. Additionally, London has introduced a high number of on body cameras, Body-Worn-Videos (BWVs) to law enforcement, store clerks, and other individuals throughout the community. These cameras, while effective for recording daily encounters and incidents, do not provide law enforcement with proactive video surveillance that can prevent acts of terror.

The NYC Ring of Steel has taken the approach introduced in London, and updated, modified, and improved upon it to provide an advanced technological terrorist and crime prevention tool. The system combines over 1200 cameras into a central system that also involves license plate readers, facial recognition software, and new software that is working to identify suspicious behavior based on walking dynamics, unattended packages, and explosive chemical identification. The use of advanced technology to identify suspicious behavior and notify analysts cuts down on operating costs. If cameras and surveillance systems are able to detect this behavior instantly on their own, and then notify the correct authority, the system can possibly identify and prevent crimes before they happen.

The argument made by civil-liberty activists that this surveillance can be abused will be eliminated with the use of automated systems which have the ability to identify suspicious behavior and notify law enforcement. These systems reduce the need for large teams of analysts to sift through footage 24/7. Additionally, these systems are incorporated in public areas, where people do not have a reasonable expectation of privacy, so civil-liberty activists need to understand that the use of these surveillance systems is not unethical.

(2011). Study Shows Surveillance Cameras Reduce Crime, In Some Cases. Homeland Security News Wire: New York. Retrieved from http://www.homelandsecuritynewswire.com/study-shows-surveillance-cameras-reduce-crime-some-cases

Lieberman, D. (2006). Who’s Watching? Video Camera Surveillance in New York City and the Need for Public Oversight. New York Civil Liberties Union: New York, N.Y.. Retrieved from http://www.nyclu.org/pdfs/surveillance_cams_report_121306.pdf

Long, K. (2010). So Can the Secret Ring of Steel Save the city from Terrorism?. London Evening Standard: London, U.K.. Retrieved from http://www.standard.co.uk/lifestyle/so-can-the-secret-ring-of-steel-save-the-city-from-terrorism-6524967.html

Mollenkamp, C. & Haughney, C. (2006). ‘Ring of Steel’ for New York? To protect lower Manhattan, Police study London’s effort: Cameras, controlling access. The Wall Street Journal: New York, N.Y.

Comment by Gianna Gallo

March 6, 2015 @ 11:36 am

In a previous Friday Forum I analyzed the Department of Homeland Security’s Standoff Technology Integration and Demonstration Program (STIDP) which is a form of an Inspection, Detection, and Surveillance technology (IDS). In this forum I will focus on another form of IDS technology, more specifically, closed circuit television (CCTV) surveillance and whether I believe it is beneficial to our security or if it is being abused.

There is a certain amount of skepticism surrounding the use of closed-circuit cameras in public areas and major cities. Disagreements range from general debating about how intrusive they are to our human rights, to comprehensive campaigns that aim to have cameras removed, or at least regulated more strictly. However, there is no denying the benefits to having CCTV surveillance systems monitoring in London and New York City. The “Ring of Steel” cameras are not only a proactive, preventative tool for crime, but also, can be used as a reactive, detection tool for criminals and terrorists in these cities. Henrietta Williams and George Gingell conducted a study on the “Ring of Steel” and stated their conclusion. “One thing that our research proves is that the Ring of Steel works. It functions as a perfect, unbroken ring, and whenever there is a high security situation and the police man the sentry boxes placed around the city, it becomes even more effective,” (Long, 2010, p.1). New York’s CCTV surveillance system covers some of the city’s most notable landmarks, such as the Empire State Building, the United Nations, and Grand Central Terminal. The cameras in New York City were installed in 1997 and crime decreased steadily throughout the city during the decade of the ’90s, when these cameras were installed (Lieberman, 2006).
Depending on how the security cameras are set up and monitored, the efficiency of a CCTV system absolutely proves However, the efficacy of these cameras can depend on the neighborhood and the context of their placement. In two separate neighborhoods in Chicago, the surveillance systems proved to only be effective in one neighborhood and not the other. “In digging deeper, the report found that residents in West Garfield Park did not believe that police officers regularly monitored the cameras and therefore continued to commit crimes as if they were not there. In addition, Humboldt Park had a much higher concentration of cameras, which led to faster response times and the increased likelihood of disrupting crimes in progress,” (HSNW, 2011, p.1). To maximize the full benefits of these security camera systems, communities should be made aware of the system and fully understand why the cameras are being put in place, and detectives and officers should be trained how to properly use and monitor the cameras.
Those who dispute the use of CCTV will point to the fact that we have gone from using a couple of temporary surveillance cameras in order to monitor public behavior during major events in cities, to a situation where there are now one camera for every 11 people in the United Kingdom. “There is only limited recognition in the law that there are some places into which a surveillance camera is not allowed to intrude. And there are virtually no rules that prohibit police or private entities from archiving, selling or freely transmitting images captured by a video surveillance camera,” (Lieberman, 2006, p. 12). Going ahead with this system with no written direction and no regulating legislation could prove to be a recipe for disaster. So, are these cameras a constant intrusion of our privacy or an asset to our national security?
In 2006, time stamped photos taken by CCTVs played a major role in identifying and capturing the London subway bombers and others who attempted a similar crime a few weeks later (Mollenkamp & Haughney, 2006). However, this incident is also used against the effectiveness of the CCTV surveillance system. How reliable is this system if it did not prevent this terrorist attack? I truly believe that criminals are deterred when they are aware that the cameras are present. Terrorism is a different story. Terrorists are motivated and operate on a much different level from regular criminals and may be more likely to carry out an attack regardless of surveillance cameras. Although CCTV surveillance systems may not prevent all bad things from happening, I do believe they are extremely important to have in certain public places. When used with other crime prevention and counterterrorism strategies and tactics, these cameras can play a key role in the safety of our cities and citizens.

(2011). Study Shows Surveillance Cameras Reduce Crime, In Some Cases. Homeland Security News Wire: New York. Retrieved from http://www.homelandsecuritynewswire.com/study-shows-surveillance-cameras-reduce-crime-some-cases

Lieberman, D. (2006). Who’s Watching? Video Camera Surveillance in New York City and the Need for Public Oversight. New York Civil Liberties Union: New York, N.Y.. Retrieved from http://www.nyclu.org/pdfs/surveillance_cams_report_121306.pdf

Long, K. (2010). So Can the Secret Ring of Steel Save the city from Terrorism?. London Evening Standard: London, U.K.. Retrieved from http://www.standard.co.uk/lifestyle/so-can-the-secret-ring-of-steel-save-the-city-from-terrorism-6524967.html

Mollenkamp, C. & Haughney, C. (2006). ‘Ring of Steel’ for New York? To protect lower Manhattan, Police study London’s effort: Cameras, controlling access. The Wall Street Journal: New York, N.Y.
to be beneficial around the country.

Comment by Ally M

March 6, 2015 @ 6:35 pm

This week I would like to discuss current and future threats to homeland security. The critical infrastructure of the United States is a current target and will always remain a target. It is critical to stress the importance of protecting all of the pieces of critical infrastructure. Threats will find different ways to break through our defenses to strike at the nation’s critical infrastructure because of its importance to this countries way of life. There is a major risk that if one of these structures is attacked it could cripple this nation. The government now knows this and is attempting to enhance the security within the areas where the critical infrastructure is located. The issue is that the enhancements are not occurring fast enough. It is the private sector that is in control of the critical infrastructure of this nation. Their priorities are not on enhancing their security capabilities but on earning money. This does not allow for an easy partnership between them and the federal government. They are fighting against each other instead of working together. A few weeks ago I focused my discussion on the threat to the power grid and its risks to both physical and cyber attacks. This week I am going to focus on another piece of critical infrastructure, the water sector.

A likely target for a physical or cyber attack would be the nation’s water and waste system also known as the water sector. This is a key piece of the nation’s critical infrastructure and would have a substantial impact on the lives of all American citizens. Here in the United States all the water that we use is taken for granted. How would we respond when there is no water to drink, no clean water to bathe in, or no water in our toilets? It seems like such a simple thing until it is gone. American citizens would not know what to do without clean water. In case of an emergency maybe citizens should be trained in basic survival techniques to counter this threat.

The Supervisory Control and Data Acquisition system is vulnerable to a cyber-attack. This system controls most of the Water Sector productivity. If it were to be shut down, unthinkable consequences would occur. These attacks would have economic impacts on businesses and infrastructure. An impact could be lost of productivity which means that hospitals, schools, and businesses would be forced to close due to not having water. This would then lead to a loss in revenue for all local business that would be affected. Firefighters would not be able to fully respond to emergencies without water. Sanitation issues could lead to a forced evacuation of the area before disease spreads. The costs of the damage to the infrastructure would hurt the economy. The repairs might not even be right away due to the availability of the equipment needed (United States Department of Homeland Security, 2010). These systems are not just vulnerable to cyber attacks. Issues could also occur if the Water Sector is damaged by any natural disaster. If the drinking water were to be contaminated serious health threats could occur. The threats can even vary depending upon the type of substance used and the amount of time it takes for the contamination to be detected (United States Department of Homeland Security, 2010). The nation’s water supply could even be infected by a terrorist organization. If terrorists broke into a privately own water and waste plant they could physically poison the water supply. We need to think of all the ways that threats could tamper with the water sector to make sure it does not occur, no matter how outrageous or impossible it may seem. The water sector is a part of the United States critical infrastructure and it needs to be protected from all of the threats that it faces. The private sector needs to enhance their security capabilities to detect any cyber intrusions that could disrupt their systems.

United States Department of Homeland Security. (2010). Water Sector-Specific Plan: An Annex to the National Infrastructure Protection Plan. Retrieved from http://www.dhs.gov/

Comment by Chris Kears

March 6, 2015 @ 6:42 pm

For this week’s post, I want to discuss the benefits of RFID technology and how it should replace the barcode system for checking baggage in airports. As we currently live in the “internet of things,” where one third of the world’s population is utilizing the internet, the internet industry seems to be the fastest method for overcoming roadblocks (Nguyen, 2009). Although Radio frequency identification (RFID) technology has been around for decades, it has been improving over the years to keep up with today’s ever-changing threat environment. According to Nguyen (2009), RFID technology has “evolved into a reliable, cost-effective technology used for personal identification, asset management, security, logistics, inventory control, and many other operations, without needed human intervention. It enables computer systems to identify objects, as well as understand their status” (p. 8). RFID technology can be utilized by the homeland security enterprise, especially the Transportation Security Administration (TSA), to track and trace all baggage that comes into airports nationwide. As the rate of mishandled baggage continues to ascend, RFID can be used as a global solution to fix this problem.

The world’s population is growing at an alarming rate where it is said to be “overpopulated.” This puts a great amount of pressure on airport security because the number of passengers are increasing and the turn-around times between flights are making it difficult to track and trace all baggage that comes in and out of airports (Nguyen, 2009). Nguyen (2009) states that “according to industry statistics, 42 million items of luggage were delayed or lost in 2007, at a cost of $3.8 million to airlines” (p. 8); which gives reason to believe that these airports’ existing barcodes are not suitable to track and trace today’s baggage. Moving forward, RFID will replace the existing barcode system and has already been implemented successfully by some airports. For example, Hong Kong International Airport implemented RFID in 2008. In 2008, it saw nearly 48.6 million people and had a 17% higher productivity rate of sorting capacity, reducing manual labor, and increasing passenger security in its first year of implementation. As one of the world’s busiest airports, Hong Kong has set a great example for future airports and has influenced many other airports on RFID; allowing Lisbon international airport to be the first airport to completely replace the barcode system with RFID.

RFID has numerous benefits and should be acknowledged by all airports. Replacing barcode systems with RFID will allow the world, primarily TSA, with more capabilities to strengthen airport security as well as protect our nation’s critical infrastructure. When comparing the barcode system and RFID, it is clear that RFID provides a higher rate in customer and airport satisfaction. The comparison is listed below:

Barcode system capabilities:

Flexibility: Line of sight reading required

Efficiency: Low – one scan at a time

Accuracy: ~85% read rate

Durability: Easily torn/ripped off

Data support: No write capability

Maintenance: High Maintenance

Cost: Cheaper tag, but expensive rader

RFID capabilities:

Flexibility: No line of sight reading required

Efficiency: High – multiple simultaneous scanning & ability to distinguish tags

Accuracy: Fully automated and accurate: > 99% read rate

Durability: More durable to handling

Data support: Possibility to update data

Maintenance: Low maintenance

Cost: expensive tags, but cheaper reader

(Nguyen, 2009)

In addition, the cost of tags is decreasing as the number manufactured is increasing; allowing for smaller airports with a smaller budget to still implement RFID (Nguyen, 2009). This is helpful because RFID already has a cheaper reader system. Moreover, RFID is a more effective approach to track and trace luggage in airports and can be utilized to enhance the homeland security enterprise in its prevention, protection, and response missions.

References:

Nguyen, S. (2009). RFID for Track & Trace of Baggage in Airports. Retrieved from
http://www.im.ethz.ch/education/FS09/iotsem09_proceedings.pdf

Comment by William R. Cumming

March 7, 2015 @ 8:37 am

Thanks ALL for terrific comments.

BTW did I mention that PAS [Presidentially Appointed Senate Confirmed] appointees are never technically off duty! Thus the usual split between on-duty conduct or off duty conduct or official vis a vis non-official conduct has no application under federal law.

A PAS simply serves at the pleasure of the President and must remain available to serve the President 24/7/365 until they resign or are fired.

Comment by William R. Cumming

March 8, 2015 @ 7:30 am

In a last desperate effort to save the CIA and continue its relevancy Director John Brennan [a principal national security advisor to President Obama since before his election] has announced a major reorganization of the CIA. He claims NO Congressional approval needed but wondering if the President signed off?

THE NEW CIA REORGANIZATION WILL FOCUS THE CIA ON CYBER-SECURITY!

WOW!

Comment by William R. Cumming

March 8, 2015 @ 7:33 am

IMO Hillary Clinton and the Obama Administration intend the review of HC’s e-mail while Secretary of State for “sensitivity” before release. This will not occur or be completed before the 2016 Presidential Election IMO!

NO ONE IS ASKING OR ANSWERING THE QUESTION WERE HC’S E-MAILS HACKED OR UNDER SURVEILLANCE!

Comment by Christopher Tingus

March 8, 2015 @ 4:40 pm

The illustrious Rev Wright and eight year WH resident Barry Obama,

Let’s give Tehran more time….after all, you have supported Tehran and its ambitions at least since ’08 when the Rev Wright clearly stated more than once before those sitting in the pews i.e, Barry and Michelle Obama some 20 years Barry sitting and hearing just how ok it is that Tehran have WMD in hand if the “Zionists” have same…how perverse and such bias and hatred towards the Hebrew and we are to have confidence in our government and especially our Homeland Security when the Israeli PM is so snubbed and the Muslim Brotherhood is so embraced by this Wh executive administration!

Bravo!

___________________________

A new Iranian threat: advanced cruise missile

Iran has revealed a new missile dubbed “Soumar”, which launched last week as part of an extent military maneuver in the Strait of Hormuz. This is a direct threat to all vessels sailing in the Persian Gulf, particularly to the US Navy.

Moreover, the missile which ranges up to 2,500 km, poses a threat to a series of countries remote from Iran.

Comment by Drew Buffalino

March 8, 2015 @ 10:59 pm

Another discussion that I would like to bring up before the weekend is over is on vulnerability to the power grid and what can be done to further secure it. Federal and state government have limitations on improving the security of privately owned companies. USA Today aritcle on the subject states, “the federal government faces difficulty in addressing weaknesses in the nation’s power grid, because more than 90% of the grid is privately owned and regulated by the states” (Koch, 2012). This fact clearly defines the stance that government should and ultimately has to be making on power grid robustness. Government authorities, especially federal, do not have the grounds to make companies increase their security or listen to their suggestions on security. The private business has the authority of operating their systems how they like. However, the free market provides significant incentives for the power company to provide enhanced security methods and to develop robustness in their power grids. A document released by The White House in 2013 discusses the findings of reports taken between the years of 2003 and 2012. They state, “Over this period, weather-relate outages are estimated to have cost the U.S. economy an inflation-adjusted annual average of $18 billion to $33 billion.” (The White House, 2013, p. 3). The economic effects on local business, major corporations, hospitals, the individual household, and energy companies provides for the incentive and motivation to create a more robust grid. Energy corporations alone do their part by investing money in robustness, however, there could be cases where they simply do not have the capital to invest in major improvements, and, like the video in the David (2013) article on CNBC states, the cost on the consumer would rise significantly. So, if there is not a cost effective way to improve the power grid the consumer must make a choice. This choice is whether or not they want to invest the money themselves through motivation through increased prices, either through taxes (DHS grants) or consumer spending (private sector investment) to improve the power grid.

Ultimately, I believe that if no cost effective solution exists it will be difficult to make the a sustainable and more robust power grid come to fruition. One factor is the fact that hindsight is better that foresight. There has not frequent or an event largely destructive enough to motivate individuals to endure the short-time costs that result in long-term robustness. It is sad to say, but I believe that until an destructive event happens the overall addressing of power grid weaknesses on a large scale are unlikely to occur. In the mean time, the DHS and state preparedness offices should be reaching out and using their funds to form think-tanks of innovative and inexpensive ideas to increase security. The Board on Energy and Environmental Systems states, “Disruption in the supply of electric power can result
from problems in any part of the system, including
some transmission lines where the destruction of a small
number of towers could bring down many kilometers of
line.” (2012, p. 2). Interconnection in the power grid leads to some increased problems that could have cost effective solutions. One solution that is discussed by Overbye (2010) is the decentralization of large scale power grids. By having multiple islands of power grids supplying power it reducing the likelihood that one disturbance will cause a chain reaction and affect millions. Decentralization could have helped in the 2003 Northeast Blackout, which was a cascading effect of outages from Ohio to New York City even reaching into Canada. The Huffington Post states, “Obviously, power outages are unpredictable by nature and “we’ll never be able to eliminate [blackouts] entirely,” Jay Apt, a former NASA astronaut and physicist and director of the Carnegie Mellon Electricity Industry Center, told Reuters.” (Huffington Post, 2013). The need for decentralized power grids becomes clear with this element of unpredictability. The more “islands” that exist the easier it become to focus in on a disturbance and shut off power to that specific area without loosing energy distribution elsewhere.

References

Board on Energy and Environmental Systems. (2012). “Terrorism and the Electric Power Delivery System”. Retrieved from http://sites.nationalacademies.org/cs/groups/depssite/documents/webpage/deps_073368.pdf

David, J. (2014, Jan, 5). “Double threat: US grid vulnerable on two fronts”. CNBC. Retrieved from http://www.cnbc.com/id/101306145

Koch W (2012). “Study: U.S. power grid vulnerable to terrorist attack”. USA Today. Retrieved from http://www.usatoday.com/story/news/nation/2012/11/14/power-grid-vulnerable-terrorism/1704803/

Huffington Post. (2013). The 2003 Northeast Blackout, 10 Years Later (Photos). Retrieved from http://www.huffingtonpost.com/2013/08/14/2003-northeast-blackout_n_3751171.html

The White House. (2013). Economic Benefits of Increasing Electric Grid Resilience to Weather Outages. U.S. Government Printing Office. Retrieved from http://www.whitehouse.gov/sites/default/files/docs/grid_resiliency_report_final.pdf

Comment by Drew Buffalino

March 8, 2015 @ 11:01 pm

In addition to previous article

Overbye, T. (2010, Jun, 1). Modeling and simulation of a renewable and resilient electrical power grid. Center for Homeland Defense and Security. Retrieved from https://www.chds.us/m/media/player?id=2488

Comment by William R. Cumming

March 9, 2015 @ 9:59 am

Prior to 1984 the electricity/power industry opposed the use of household generators. Now they are installed in over 1M HOUSES. The domestic manufacture of generators is producing on a 24/7/365 basis and it has become an important US export and worldwide important product.

Any article or link to articles would be welcome!

DID YOU KNOW THAT FEMA DID NOT SUPPLY ANY GENERATORS TO THE DISASTER RESPONSE EFFORT UNTIL 1992!

If you ask for the background story will provide here sooner or later.

Comment by William R. Cumming

March 11, 2015 @ 10:44 am

The so-called “private” server used by Ms. Clinton may in fact be one paid for with federal funding and developed, maintained and operated by the SECRET SERVICE as part of the former President’s office expenses to which all former Presidents are entitled by law.

Comment by William R. Cumming

March 11, 2015 @ 11:07 am

Re: Non-proliferation negotiations with Iran see:

http://fas.org/sgp/crs/misc/RL32528.pdf

Comment by William R. Cumming

March 12, 2015 @ 10:33 am

Turns out that the AP is amending an outstanding litigation effort involving 6 FOIA requests going back 5 years to include the Hillary e-mails both official and unofficial.

Wondering when NARA will be asked about e-mail preservation?

RSS feed for comments on this post. TrackBack URI

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>