15 Years After 9/11

Uploaded on 2016-09-06 in NEWS-Cybersecurity News, INTELLIGENCE--International, FREE TO VIEW

Fifteen years ago this September 11, 19 terrorists, using four jetliners as guided missiles, killed 2,977 people and enveloped the USA in fear.

It was the first sustained attack on American soil since the bombing of Pearl Harbor, which was a far-off military base. This massacre hit the center of our government and blasted away part of our most iconic skyline. It left a stench that New Yorkers could smell weeks later as remains continued to be recovered from the ashes.

Suddenly, we were vulnerable. Not just to disease, tornadoes, accidents, or criminals, but to the kinds of enemies that had always threatened others but never us.

Barack Obama remembers that after the second plane hit, he left the Chicago building that housed his State-Senate office. “I stood in the street and looked up at the Sears Tower, fearing it might be a target, too,” he told me in a recent email exchange, adding, “I remember rocking Sasha to sleep that night, wondering what kind of world our daughters were going to grow up in.” He continued, “With nearly 3,000 people killed in the places where we lived our daily lives, there was a feeling that our homeland was truly vulnerable for the first time.”

This is the story of the first 15 years of how we have dealt with that newfound fear—how we have confronted, sometimes heroically and sometimes irrationally, the mechanics, the politics, and the psychic challenges of the September 12 era.

Have we succeeded in toughening up what overnight became known as “homeland security”? Absolutely. But not without a series of extravagant boondoggles along the way.

Are we safer? Yes, we’re safer from the kind of orchestrated attack that shocked us on that September morning. It’s harder for terrorists to get into the country, and harder for them to pull off something spectacular if they do. But we have not plugged some of the most threatening security gaps. Worse, as the Orlando massacre reminded us, the world has become more populated by those who want to exploit those gaps, including those living among us—and who, in the United States, can easily obtain military-grade weapons. They are not deterred by the prospect of their own death, and they are happy to commit acts less ambitious than those of 9/11. That makes their attacks much harder to detect in advance. Our defenses are far stronger, but what we have to defend against has outpaced our progress.

Have we adjusted, politically and emotionally, so that we can make rational decisions as a government and as a people to deal with the ongoing threat? Not yet. In a bitterly divided democracy, where attention spans are short and civic engagement is low and the potential for oversimplification and governing-by-headlines is high, that is hardly a surprise.

But in those first hours after the planes hit their targets, we did answer the call—which required an almost complete turnaround of America’s mind-set and produced just as stunning a turnaround in our security posture.

PART ONE: The Good News

On September 10, 2001, then–Attorney General John Ashcroft rejected an FBI request to increase anti-terrorism personnel for the coming fiscal year beyond a fraction of the bureau’s overall staff. The next morning, Ashcroft headed to Milwaukee to read to schoolchildren while his boss, President George W. Bush, was doing the same at an elementary school in Sarasota, Florida.

Also on September 10, FBI officials declared at a congressional briefing that the most imminent domestic terrorism threat was from animal-rights activists. Fifteen years later, the Justice Department has a national-security division, set up in 2006, that has consolidated and fortified all the department’s counterespionage and counterterrorism litigation and related legal-policy decisions. The overall FBI budget has nearly tripled since 2001, and its mission of investigating and prosecuting federal crimes that have already happened has been expanded to stopping terrorists before they strike. Most of the new resources—for intelligence analysts, technology upgrades, and additional agents—have been directed at prevention. “About half” of all agents are now assigned to national security, FBI Director James Comey told me, up from “maybe a quarter before the attacks.”

Connecting the Dots

On September 10, 2001, the Federal Aviation Administration, which was responsible for air-travel security, had a watch list of 12 people, even though the FBI and the CIA had identified hundreds more in their databases. A proposal to expand the FAA list to include those additional names had been sitting for months in the inbox of an FAA security official. In reporting for a book about the nation’s recovery efforts in the first year after 9/11, After: How America Confronted the September 12 Era (2003), I discovered that two of the hijackers had been on that expanded list. Distribution of their names to the airlines had been delayed because the FBI and the FAA had not resolved which organization’s letterhead should be attached to the memo bearing the new list.

On the day the World Trade Center fell and the Pentagon was left smoldering, the CIA knew that two suspected terrorists whom it was tracking around the world—and who ended up on the 9/11 planes—had come to the U.S. months earlier. But the agency never told the FBI. When this came to light, the September 12–era phrase failure to connect the dots was born.

Today, all US security agencies share the same watch lists and threat databases, which are constantly updated. They share intelligence tips with one another (though sometimes still grudgingly), and federal officials even sit on task forces with their local counterparts. With some lingering exceptions, we do connect the dots.

Safety in the Air

On September 11, the airlines themselves were responsible for airport-security lines. They employed 16,000 poorly trained, low-wage private screeners, who operated under guidelines, approved by the FAA, that allowed the kind of box cutters and knives (up to four inches long) that the hijackers used. The airlines had lobbied the FAA for these and other accommodations to keep costs down and the security lines moving.

Today, there are 46,000 screeners, almost all federal employees, trained by the Transportation Security Administration. Although management failures have produced security gaps in fast-moving lines, followed by—especially this spring and summer—long wait times resulting from efforts to plug those gaps, the screening process is undeniably tighter than it was on the morning of September 11. And cockpit doors have been fortified to block anyone who slips past the screeners, making a repeat of the 9/11 plot to commandeer planes and turn them into missiles hard to imagine.

In the 1970s, hundreds of federal air marshals—undercover cops in the air—were deployed on American planes to thwart hijackings to Cuba. By 2001, the number of marshals had been reduced to 33—negligible coverage for the more than 20,000 flights leaving 440 airports in America every day. Within a month of 9/11, an emergency program had recruited 600 new marshals, and by 2005 approximately 5,000 were on planes. (The actual number is classified.)

Securing the Ports

When Kevin McCabe, the chief inspector of the U.S. Customs contraband team at the giant Elizabeth, New Jersey, freight port, looked across the water at the World Trade Center in Lower Manhattan and saw the second plane hit, he knew his country was under assault.

McCabe stared out his office window at the pier below, loaded with more than 7,000 cargo containers that had arrived from all over the world, and began what was probably America’s first exercise in post-9/11 profiling. He directed his 70 inspectors to move every container that had arrived from the Middle East or North Africa—about 600 of them—to a far-off section of the pier. They then began the days-long process of X‑raying and, if anything seemed untoward, hand-searching all 600.

The X-rays and searches, however, had always been geared to looking for smuggled drugs. The inspectors were great at finding cocaine hidden in limes from Ecuador. But they had little training in looking for bombs—and little equipment for detecting material that could be used for a radiation-laced “dirty bomb.”

Fifteen years later, every American port screens cargo using billions of dollars’ worth of technology, including radiation detectors. Containers that register high on a threat matrix (based on information sent in advance about the content and its shippers) are singled out for additional screening; many containers are screened in foreign ports by U.S. Customs inspectors before they set sail.

The system is far from airtight. But the port inspectors have come a long way from McCabe’s panicked game of musical containers.

Cyber terror

The other hot new threat is cyberterrorism. Because 87 percent of the country’s critical infrastructure is owned by the private sector—power plants, financial institutions, water companies—much of the Department of Homeland Security’s lower-profile work involves sharing information and convening forums and sponsoring drills aimed at helping industries help themselves.

Meantime, the government’s efforts to protect its own digital infrastructure have provided steady fodder for cynics. To take the latest examples, neither a data-hosting service at the Department of the Interior—whose technology setup was declared by federal officials to be a “Center of Excellence”—nor the Office of Personnel Management detected the hacking in 2014 and 2015 of 25 million records kept by the OPM. A $1 billion cybersecurity program designed by DHS, called “Einstein,” was, according to the GAO, so ineffective that it missed the hacking of the OPM records. In fact, most government agencies initially defied a presidential directive and refused to even install the much-derided Einstein.

It’s a bad sign when a program called Einstein turns into a clown show, and it’s tempting to make that a metaphor for the government’s cybersecurity efforts more generally. However, since taking over DHS’s cybersecurity and communications unit three years ago, Phyllis Schneck, a highly regarded cybersecurity engineer who came from the private sector, seems to have put the agency on a better track.

She has worked to professionalize the National Cybersecurity and Communications Integration Center, which, although it has produced yet another mind-numbing acronym (NCCIC), has the potential to be effective, according to one Silicon Valley star programmer who has advised the Obama White House on cyber issues. “With counterterrorism, I have an expectation, and it’s met every day, that I will get a full report on threats across the spectrum, because we put in place structures … to ensure information-sharing across the intelligence community, as well as with state and local law enforcement,” says Lisa Monaco, President Obama’s White House homeland-security and counterterrorism adviser. “With cyber, we’re not there yet, but we’re getting there.”

Hidden on four floors in a nondescript office building in Virginia (it’s not listed in the lobby directory), Schneck’s operation includes a heavily guarded floor with space for 150 cyber detectives, many recruited from the private sector.

Some sit at screens looking for trouble as they monitor the innards of dozens of federal agencies (except the Defense Department, which has its own cybersecurity apparatus). For example, a dramatic upsurge in traffic at the IRS during tax time, in mid-April, would mean nothing, but the same spike on Commerce Department servers could spell trouble.

Others monitor web traffic around the world, looking for similar regional or countrywide anomalies that could indicate attempted sabotage.

Schneck, whose father was a computer scientist at the National Security Agency, describes one approach she is applying as “biological.” The Continuous Diagnostics and Mitigation program, for which $275 million has been budgeted for the coming fiscal year, will reject a virus that makes it onto a government network “in real time, even if we don’t know what it is,” Schneck says.

Using data-analytics tools from the private sector, she is also augmenting Einstein (which has been allocated $460 million in this year’s budget and $471 million for next year) with software that will prevent such intrusions in the first place by implementing what she calls “a cyber no-fly list.” There are now ways of using data, she explains, to target the address of a machine that has been the source of other hacks, and to keep it from accessing the emails or websites of the agencies she is protecting.
.
That this is still a debate in an election season 15 years after the 9/11 attacks is evidence that although we’ve made progress, we’re still a long way from adjusting—politically and psychically—to this new normal, where, unlike during the Cold War, there is no relying on deterrence for protection.

DefenseOne: http://bit.ly/2bdnNdp

 

« Cyber Spy Group Uncovered After Years Of Attacks
Keyless Entry Renders Millions Of Cars Vulnerable »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Cyber Conflict Studies Association (CCSA)

Cyber Conflict Studies Association (CCSA)

Cyber Conflict Studies Association (CCSA) is a non-profit organization dedicated to leading a diversified research agenda in the field of cyber conflict.

Davis Wright Tremaine (DWT)

Davis Wright Tremaine (DWT)

Davis Wright Tremaine is a full-service law firm with offices throughout the US and in Shanghai, China. Practice areas include Technology, Privacy & Security.

Allegro Software

Allegro Software

Allegro provide secure software for the Internet of Things.

Claroty

Claroty

Claroty was conceived to secure and optimize OT networks that run the world’s most critical infrastructures.

BTWorks

BTWorks

BTWorks provides identity management and anti-phishing / smishing solutions for web and mobile apps.

Six Degrees

Six Degrees

Six Degrees is a leading secure, integrated cloud services provider. We protect UK organisations and help them thrive in the cloud by giving them secure platforms to innovate and grow.

Miradore

Miradore

Miradore is a software company specializing in effective, cloud-based device management. Our goal is to help IT Service Providers and IT departments secure and control devices.

Gita Technologies

Gita Technologies

Gita Technologies works to create integrated solutions to the thorniest problems in the field of intelligence and cyber today.

Cyber Police of Ukraine

Cyber Police of Ukraine

Cyber Police of Ukraine is a law enforcement agency within the the Ministry of Internal Affairs of Ukraine dedicated to combating cyber crime.

Onward Security

Onward Security

Onward Security provides security solutions including network & application assessment, product security testing and security consulting services.

Blackbird.AI

Blackbird.AI

Blackbird.AI provides an intelligence and early-warning system to help users detect disinformation and take action against threats.

SessionGuardian

SessionGuardian

SessionGuardian (formerly SecureReview) is the world's first and only technology which ensures second-by-second biometric identity verification of your remote user, from log on to log off.

Fireblocks

Fireblocks

Fireblocks is a digital asset security platform that helps financial institutions protect digital assets from theft or hackers.

National Coordinator for Security and Counterterrorism (NCTV) - Netherlands

National Coordinator for Security and Counterterrorism (NCTV) - Netherlands

The NCTV serves the Netherlands’ national security. We protect national interests, identify threats and strengthen resilience.

Akamai Technologies

Akamai Technologies

Akamai's leading security, compute, and delivery solutions are helping global companies make life better for billions of people, billions of times a day.

TraitWare

TraitWare

The TraitWare mission is to increase user and company security while simplifying access to digital and physical resources through the elimination of the need for usernames and passwords.