Unclassified 1 Critical Infrastructure Protection Chuck Whitley EMS User’s Group June 9, 1999.
-
Upload
joanna-dalton -
Category
Documents
-
view
218 -
download
0
Transcript of Unclassified 1 Critical Infrastructure Protection Chuck Whitley EMS User’s Group June 9, 1999.
1
Unclassified
Critical Infrastructure Protection
Chuck WhitleyEMS User’s Group
June 9, 1999
2
Unclassified
PDD-63 (May 22, 1998):
President Clinton’s Goal “No later than the year 2000, the United States shall have achieved an initial
operating capability and no later than (the year 2003) the United States shall have achieved and shall maintain the ability to protect our nation’s critical infrastructures from intentional acts that would significantly diminish the abilities of:
the Federal Government to perform essential national security missions and to ensure the general public health and safety;
state and local governments to maintain order and to deliver minimum essential public services;
the private sector to ensure the orderly functioning of the economy and the delivery of essential telecommunications, energy, financial and transportation services.”
3
Unclassified
National Infrastructure Protection Center
– Its mission includes providing timely warnings of intentional threats and attacks, producing comprehensive analyses, and coordinating law enforcement investigation of and response to threats and attacks
PDD-63, May 22, 1998:
– The NIPC will provide a national focal point for gathering information on threats to infrastructures
– The NIPC will support National Command Authority during a foreign-sponsored attack on U.S. interests
4
Unclassified
Information Flow
PRIVATESECTOR
ISACs
FED GOV’T
WARNINGSALERTS
ADVISORIES
INTERAGENCYINVESTIGATION
ANALYSIS&
WARNING
WATCHCENTER
COMPUTERINTRUSION
INVESTIGATIONS
USG DECISION MAKERS
5
Unclassified
NIPC Indications & Warnings Objective:
It is the objective of the NIPC to develop a national-level system that provides timely, accurate, actionable warning of infrastructure threats and attacks.
6
Unclassified
NIPC Approach to Achieve Objectives
Immediately develop a tactical warning system– Warn of threats and imminent attacks at the earliest
possible time– Achieve in near term
Ultimately develop a strategic warning system– Seeks to identify as early as possible dynamic features of
a situation that may affect US interests– Requires participation of Intelligence and Law
Enforcement communities, other government agencies, and the private sector
– Development will proceed in parallel to tactical system
7
Unclassified
I&W Schedule
20001999 20022001 2003
Electric Power, Telecom initial Operations
Electric Power, Telecom initial Operations
PDD-63 IOC
PDD-63 FOC
8
Unclassified
I&W Concept
InfrastructureOwners & Operators
NIPC
SectorLead Agencies
Federal, State, & Local
Law Enforcement
OtherGovernment
Agencies
IntelligenceCommunity
Department ofDefense
Warnings
“Indicators”
9
Unclassified
When to Notify NIPC: General Guidelines
ASAP after an infrastructure – Has had significant capability degraded
• Service disruption• Core capability degraded (e.g., management / control functions)
– Has potential to suffer significant damage or degraded capability
• If in doubt, err on the side of caution
– Is subject to suspicious patterns of behavior or responses to control
• Anomalous technical attributes, timing, locations, etc.
10
Unclassified
Warning Outputs from NIPC
NIPC will disseminate three types of messages:
Initially, NIPC will disseminate these messages through
existing communication channels
Advisories will be issued as appropriate when new information on threats or vulnerability becomes available.Alerts will be issued when serious vulnerabilities or threats are uncovered that threaten infrastructure operations.Warnings will be issued when serious, confirmed vulnerabilities in one or more infrastructure sectors appear to be the focus of confirmed threat activity.
11
Unclassified
Reporting Criteria (Strawman)
Critical electric power facilities– Control Centers
• Power Pools• Control Areas (~ 150)• Regional/Secuirty Coordinators (~ 22)• Independent System Operators
– Transmission Systems• HV Substations ( > 230 kV) • HV Lines ( > 230 kV)
12
Unclassified
Reporting Criteria (Strawman)
Critical networks and systems– SCADA and Energy Management Systems– Networks and other systems used for generation
and transmission control– Networks used for essential communications for
system operation, control, and maintenance– NERCNet, including the InterRegional Secuirty
Network (ISN)