IWS - The Information Warfare Site
News Watch Make a  donation to IWS - The Information Warfare Site Use it for navigation in case java scripts are disabled

Google Ads


Congressman Stephen Horn, R-CA Chairman

Oversight  hearing on

"Information Technology -- Essential Yet Vulnerable:
How Prepared Are We for Attacks?

September 26, 2001

Testimony of 

Ronald L. Dick
National Infrastructure Protection Center
Federal Bureau of Investigation

before the 

Subcommittee on Government Efficiency, 
Financial Management 
and Intergovernmental Relations 


Good morning Chairman Horn and other members of the subcommittee. Thank you for this opportunity to discuss our government's important and continuing challenges with respect to information technology.

In the face of the tragic events of two weeks ago, I come before you today to relay a strong sense of optimism. We, the men and women of the National Infrastructure Protection Center, and our thousands of partners throughout the country and the world, including my colleagues on this panel, have heard the call and we have stepped forward. While the terrorists were building their networks, so too were we.

For the past three years, while others were thinking of ways to defeat us, the NIPC was working tirelessly to build the broad partnerships we have today, to mobilize great talent, to break down the old ways of doing business, and to forge ahead with a united sense of government and private sector purpose. There is more work to be done, there always will be, but there should be no doubt about our progress, about our persistence, and about our pledge to the American people. Acting as one -- the federal, state and local governments, the private sector, and our international partners eagerly accept what President Bush referred to as "the challenge of our time." And, accepting this responsibility, we vow to make good on our part of the President's promise that "We will not tire, we will not falter, and we will not fail."

Only one month ago, on August 29th, the head of the NIPC's Training, Outreach, and Strategy Section, Leslie Wiser, spoke before this subcommittee. He provided an overview of the NIPC, its mission, and its response to Internet viruses and worms such as the Leaves and Code Red worms. Today, my focus will be somewhat different, but I wish to emphasize that the cooperation Mr. Wiser spoke of then has not only served us well to meet our present challenges, it has grown even stronger.

While developing our infrastructure protection capabilities, the NIPC has held firm to two basic tenets that grew from years of study by the President's Commission on Critical Infrastructure Protection. First, that the government can only respond effectively to information technology threats by focusing on protecting systems against attack while simultaneously identifying and responding to those who nonetheless would attempt or succeed in launching those attacks. And second, that the government can only help protect this nation's most critical infrastructures by building and promoting a coalition of trust, one . . . amongst all government agencies, two . . . between the government and the private sector, three . . . amongst the different business interests within the private sector itself, and four . . . in concert with the greater international community. Therefore, the NIPC has focused on developing its capacity to warn, to investigate, and to build partnerships, all at the same time. As our techniques continue to mature and our trusted partnerships gel, provided that the resource issues identified in the GAO's April 2001 Report are resolved we will continue to witness ever-better results.

Over the past three years, we cultivated a number of initiatives that have developed into increased capabilities, all of which are being actively used to mitigate the terrorist threat and to prepare our response to the events of September 11th. The NIPC has developed InfraGard into the largest government/private sector joint partnership for infrastructure protection in the world. We have taken it from its humble roots of a few dozen members in just two states to its current membership of over 2,000 partners throughout every state of the union. The NIPC also reaches out to the entire public with its website at nipc.gov, which to date has provided systems administrators and home users alike with significant warnings about cyber threats and vulnerabilities. As recently as last week, we provided information systems security advice through our website, through InfraGard, and through our other partnerships, to better protect the public from the Nimda worm. In fact, based on our prior responsiveness to the Code Red worm and our joint efforts with the private sector in publicizing preventive measures that business and home users could put in place, we believe the impact of the Nimda worm, which took advantage of similar software vulnerabilities as Code Red, was significantly reduced.

Our website also provides the public with the ability to report computer attacks and intrusions online, simply by filling out and submitting an Incident Reporting Form. The NIPC also provides timely information on cyber vulnerabilities, hacker exploit scripts, hacker trends, virus information, and other critical infrastructure best practices through its bi-weekly publication Cybernotes. The NIPC provides policy and decision-makers information about current events, incidents, developments and trends related to critical infrastructure protection through its monthly publication called Highlights and, more significantly, by bringing groups together to meet on important issues and by increasing the number of times in a day that the NIPC picks up the phone and gets the word out. We have established these and other mechanisms to promote meaningful two-way communication with the public, and they are seeing active use.

The NIPC's Watch Center operates around the clock without exception and communicates daily with the Department of Defense and its Joint Task Force for Computer Network Operations. U.S. Army Major General Dave Bryan, Commander of the JTF-CNO, recently remarked that, "The NIPC and JTF-CNO have established an outstanding working relationship. We have become interdependent, with each realizing that neither can totally achieve its mission without the other." I couldn't agree more. The NIPC's ability to fulfill the expectations and needs of its Department of Defense component is achieved by the inter-agency structure of the Center, which includes the NIPC's Deputy Director James Plehal, a Two Star Navy Rear Admiral, and the NIPC's Executive Director, Steven Kaplan, a Senior Special Agent from the Air Force Office of Special Investigations. This example of the Center's staffing demonstrates our desire for broad, high-level, multi-agency ownership of the NIPC and our collective commitment to achieve meaningful and effective coordination across the law enforcement, intelligence, military, and other critical government operations communities.

We are strong partners with the General Services Administration's Federal Computer Incident Response Center, FedCIRC, in order to further secure our government technology systems and services. We team up regularly with the CIA to work on matters of common concern; in fact, the head of our Analysis and Warning Section is a senior CIA officer. Within the Center, the NIPC has full-time representatives from a dozen federal government agencies, led in number by the FBI and the Department of Defense, as well as from three foreign partners: the United Kingdom, Canada, and Australia. The NIPC has established information sharing connectivity with a number of foreign cyber watch centers, including in the UK, Canada, Australia, New Zealand, and Sweden. And, we continue to take advantage of the FBI's global presence through its Legal Attache offices in 44 nations.

Our multi-agency team works with Information Sharing and Analysis Centers throughout the country, including those that represent the Financial Services Sector, the Electric Power Sector, the Telecommunications Sector, the Information Technology industry, and the computer software anti-virus industry. In addition to these private sector partners, we have provided threat briefings to the Water Sector, the Oil and Gas Sector, and the Aviation and Railroad Sectors. Under current threat conditions, the NIPC is providing sector briefings almost every day. We are also connected with the 18,000 police departments and Sheriff's offices which bravely serve our nation daily and in times of crisis. This past March the NIPC and the Emergency Law Enforcement Services Sector Forum completed the nation's Emergency Law Enforcement Sector Plan together with a "Guide for State and Local Law Enforcement Agencies." This significant achievement represents the nation's first completed sector plan and it is being used as a model by the other critical infrastructure sectors. Taken together, the Plan and the Guide provide our emergency law enforcement first responders with procedures that are immediately useful to enhance their security.

Equally significant, the NIPC manages all computer intrusion investigations nationwide for the FBI, both on the criminal and national security side, to include terrorist cyber activities. Our integration with the FBI continues to provide the NIPC with access to law enforcement, intelligence, counter-intelligence, and open source information that -- for privacy and civil rights reasons -- is unavailable in its aggregate to any other federal agency.

The NIPC's Special Technologies and Applications Unit has been providing crucial technical assistance to the PENTTBOM investigation, in aid of what is certain to be a joint and long-term law enforcement, intelligence, and military response. Also in support of the PENTTBOM investigation, the NIPC has established a Cyber-Crisis Action Team to exploit all collected cyber information. During the past two weeks, the NIPC has provided detailed information used to brief the National Command Authority about how the terrorist cells of September 11 used technology to further their murderous activities.

The NIPC developed an Interagency Coordination Cell that meets on a scheduled basis and on an as-needed basis in order to deconflict investigations and provide relevant information to those agencies that have not been able to provide full-time support to the Center. At the moment, the Interagency Coordination Cell has taken a leadership role in our ongoing PENTTBOM efforts and has stood-up on a full-time basis within the Center. Currently it is staffed with 43 individuals representing 15 agencies. Every entity that needs information to conduct its part of this most critical mission gets it. In short, the NIPC is coordinating its incident deterrence, prevention, warning, and response mission with strong multi-agency support.

That in brief is a look at the NIPC. Our responsibilities, as you can see, are broad, and we are rising to that challenge. We are over one dozen federal agencies strong, and getting stronger all the time. We are united to make a difference, to make sure that the benefits of technology flourish while the risks are reduced. We are ready to take on the important work that surely lies ahead and, on behalf of the Center, I would like to thank you for your continuing efforts on these significant matters.






IWS Mailing Lists

Mailing Lists Overview