Acta sobre el bioterrorismo

Ante determinadas situaciones críticas, algunos Gobiernos, tienen tipificados los protocolos que evitan el consumo de agua potable. En Canadá y muchos Estados de USA existen planes de emergencia sobre el consumo de agua en caso de desastre. En USA según el "Public Health Security and Bioterrorism Preparedness and Response Act of 2002" los sistemas de agua que abastezcan a una población de mas de 3300 personas deben estar preparados para ataques bioterroristas..

+ info

China tiene capacidad para derretir la red eléctrica de USA con tecnología de pulso magnético (Forbes)

Last week, the EMP Task Force on National and Homeland Security issued a scary report on China’s ability to conduct an Electromagnetic Pulse attack on the United States. The key takeaway, according to Dr. Peter Pry, executive director of the task force, is that China now has super-EMP weapons, knows how to protect itself against an EMP attack, and has developed protocols to conduct a first-strike attack, even as they deny they would ever do so.

According to the Center for Strategic International Studies, China has the most active ballistic missile development program in the world, so this is doubly troubling. China used stolen U.S. technology to develop at least three types of high-tech weapons to attack the electric grid and key technologies that could cause a surprise “Pearl Harbor” attack that could produce a deadly blackout to the entire country.

Dr. Pry outlines how China has built a network of satellites, high-speed missiles, and super-electromagnetic pulse weapons that could melt down our electric grid, fry critical communications, and even takeout the ability of our aircraft carrier groups to respond.

EMPs are one of those things that many people think is fake, or over-blown, or a conspiracy theorist’s dream. But they are real. EMPs can be either natural, from things like extreme solar geomagnetic disturbances, or man-made like a large thermonuclear detonation or a cyberattack. If they are coordinated with physical attacks then things can get real dicey real fast.

As the U.S. Commission to Assess the Threat to the United States from EMP Attack points out, “the physical and social fabric of the United States is sustained by a system of systems - a complex and dynamic network of interlocking and interdependent infrastructures whose harmonious functioning enables the myriad actions, transactions, and information flow that undergird the orderly conduct of civil society.”

According to the Commission, EMP effects represent arguably the largest-scale common-cause failure events that could affect our electric power grid and undermine our society, leaving it vulnerable on many fronts. About the only safe systems are nuclear reactors, both new and old.

High-voltage control cables and large transformers that control the grid are particularly vulnerable. Transformers weigh 400 tons, take two years to build, and cost $7 million apiece. We are already way behind in having backup transformers ready, so if many go out at once, we have a big problem just powering our country.

The mechanism for a 400-kilometre-high (250 mi) burst EMP: gamma rays hit the atmosphere, ejecting ... [+]

 US ARMY

The phenomenon of a large electromagnetic pulse is not new. The first human-caused EMP occurred in 1962 when the 1.4 megaton Starfish Prime thermonuclear weapon detonated 400 km above the Pacific Ocean.

One hundred times bigger than what we dropped on Hiroshima, Starfish Prime resulted in an EMP which caused electrical damage nearly 900 miles away in Hawaii. It knocked out about 300 streetlights, set off numerous burglar alarms, and damaged a telephone company microwave link that shut down telephone calls from Kauai to the other Hawaiian islands.

And that was from 900 miles away.

On the natural side, in 1989, an unexpected geomagnetic storm triggered an event on the Hydro-Québec power system that resulted in its complete collapse within 92 seconds, leaving six million customers without power. The storm resulted from the Sun ejecting a trillion-cubic-mile plume of superheated plasma, or ionized gas.

Such storms occur every 60 years or so, and in 1989, we weren't anywhere near as electrified and electronically interconnected as we are today, or as we will be in 30 years.

Solar events were considered the most likely EMP to occur. Until now.

According to Dr. Pry, a longtime expert on EMP warfare, China developed the weapons as part of its Total Information Warfare that includes hacking raids on computers, as is expected during the next presidential election.

Even more troubling, Dr. Pry found that China is eager to shoot first with “high-altitude electromagnetic pulse,” or HEMP, weapons launched from satellites, ships, and land.

“China’s military doctrine — including numerous examples presented here of using HEMP attack to win on the battlefield, defeat U.S. aircraft carriers, and achieve against the U.S. homeland a surprise ‘Pearl Harbor’ writ large — is replete with technical and operational planning consistent with a nuclear first-strike,” said Pry in his report.

Needless to say, we are not prepared for this.

China has the most active ballistic missile development program in the world. 

CSIS

Dr. Pry is trying to raise awareness of the possible threat posed by an EMP attack, either from a military foe or from a solar event. China, Russia, North Korea, and Iran are moving to build and deploy systems which can launch a nuclear weapon into the atmosphere to explode and disable electronics below, including flying aircraft.

A report done while Dr. Pry was a key member of a congressional EMP commission found that an EMP attack on the East Coast electric grid could lead to a huge number of deaths.

You might think that EMP is too farfetched to worry about. But you would be wrong. We have been learning in the information age that if it can be done, someone will do it.

The speed with which our information age is changing is paralleled by the speed with which our national digital organism can test and block the ever-changing gaps and vulnerabilities in our electronic shield.

Like a host adapting to new parasites, this is just a normal incident for an evolving society in a rapidly-changing digital environment that selects for a digital organism that viscerally understands the whole system and can use it to its advantage.

Societies with older systems will be at a dangerous disadvantage. The Universe does this all the time.

Sociologically, China seems to be moving into a more aggressive position globally, evidenced by their recent conflict with India and their aggression in the South China Sea with their east Pacific neighbors.

This may have been aggravated by China’s 1-child policy. Although the policy did reign in population growth (fertility rates dropped below two by 1990 and the present population is 1.3 billion), it gave rise to another problem – too few women.

Almost all cultures prefer a male as the first child and in China, the eldest male is expected to take care of his elderly parents. Therefore, the magnitude of female infanticide in China became astonishing in the decades between 1990 and 2010, when well over ten million female infants were killed. Only a relatively few found adopted homes in other countries.

China then changed to a 2-child policy, but the damage to an entire generation will not be so easily erased. The result was a skewed sex ratio in the generation born since 1980. Today, there are about 50 million more males than females. Just think of the states of Texas, New York and Ohio filled with just men.

The consequences of having too many uncoupled males in a society are worse than just making it difficult to find a mate. Soon there will be a substantial deficit of younger workers to provide support to an aging population. By 2030, China will have over 400 million people over the age of 60. Maintaining sufficient economic growth under these conditions will be difficult.

Some research indicates that excess males to this degree tends to make a society more aggressive and nationalistic, both of which have risen dramatically in China.

Not coincidentally, China has rolled out a number of other new military capabilities, designed to protect their new expansionist future. Included in their burgeoning array is a new generation of nuclear submarines, a carrier-killing missile named DF-21D, intended specifically to destroy aircraft carriers, and new rocket launch vehicles, like the Long March 6 rocket capable of carrying 20 warheads, that just went into space last month to deploy 20 satellites in orbit.

While everyone points out that the United States spends more on its military than the next ten countries combined, it turns out that China is far and away number 2, spending a third of what we spend in dollars, but almost the same percentage of its GDP as we do.

So as the United States slips into chaos and ignores the global threats that still face us, China moves steadily forward with its plan to become the greatest nation on Earth.

+ Publicación original

Estudio sobre el impacto de la caída de centrales eléctricas en Norte América

Según el ente regulador eléctrico de EE.UU. bastaría con que cayesen NUEVE subestaciones para dejar a todo el país sin electricidad durante un año como mínimo.

+ informe completo (lo han eliminado)
+ artículo DailyMail

American blackout

El canal de documentales de National Geographic parece que se 'inspiró' en el Blackout para realizar este documental que como veréis se asemeja mucho a la estructura de mi libro, mal que ellos digan que es mera casualidad.

Stuxnet se parece tanto a výpadek...

El 2 de noviembre de 2011, la cadena de noticias de Boston publicó este artículo en su website.

Leedlo y cambiad el nombre de Stuxnet por vypadek. Después de leer el Blackout ¿no os suena familiar?

-------

The Stuxnet computer worm, arguably the first and only cybersuperweapon ever deployed, continues to rattle security experts around the world, one year after its existence was made public.

Apparently meant to damage centrifuges at a uranium enrichment facility in Iran, Stuxnet now illustrates the potential complexities and dangers of cyberwar.

Secretly launched in 2009 and uncovered in 2010, it was designed to destroy its target much as a bomb would. Based on the cyberworm's sophistication, the expert consensus is that some government created it.

"Nothing like this had occurred before," says Joseph Weiss, an expert on the industrial control systems widely used in power plants, refineries and nuclear facilities like the one in Iran. "Stuxnet was the first case where there was a nation-state activity to physically destroy infrastructure [via a cyberattack]."

Reactions to the use of Stuxnet in Iran generally fall into two categories. For those focused on the danger of Iran developing a nuclear weapon, Stuxnet was something to celebrate, because it set back Iran's nuclear program, perhaps by years.

But for people who worry about the security of critical U.S. facilities, Stuxnet represented a nightmare: a dangerous computer worm that in some modified form could be used to attack an electric or telecommunications grid, an oil refinery or a water treatment facility in the United States.

"It's just a matter of time," says Michael Assante, formerly the chief security officer for the North American Electric Reliability Corporation. "Stuxnet taught the world what's possible, and honestly it's a blueprint."

Further complicating the Stuxnet story is the widely held suspicion that the U.S. government, possibly in partnership with Israel, had a hand in the creation of this lethal cyberweapon, notwithstanding the likelihood that in some form it could now pose a threat to the U.S. homeland.

Training To Face A Catastrophe

The prospect of a cyberattack on U.S. infrastructure assets has prompted the Department of Homeland Security to arrange a new training program for the people who are supposed to protect the electric grid, manufacturing plants, refineries, water treatment centers and other critical facilities.

The top concern is the industrial control systems (ICS) that oversee the operation of key equipment at those facilities, from the valves to the breaker switches.

By hacking into the computer networks behind the industrial control systems, an adversary could reprogram an ICS so that it commands the equipment to operate at unsafe speeds or the valves to open when they should remain closed. This is roughly the way Stuxnet was able to damage the centrifuges in Iran.

Participants in the training program, based at the Idaho National Laboratory in Idaho Falls, are taken step by step through a simulated cyber-intrusion, so they can experience firsthand how a Stuxnet-like attack on their facilities might unfold.

During an Idaho National Laboratory exercise that was staged for visiting reporters in late September, instructor Mark Fabro installs his "red" team on the second floor of the training center, with the mission of penetrating the computer network of an unsuspecting industrial company, set up on the floor below.

The trainees on the "blue" team downstairs sit in a mock control room, monitoring their computer screens for any sign of trouble.

At first, everything appears normal. The attackers have managed to take control of the computer network without the defenders even realizing it. But gradually, problems develop in the control room.

"It's running really slow," says one operator. "My network is down."

Sitting at their monitors upstairs, the attacking team is preparing to direct the computer system to issue commands to the industrial equipment.

"Take this one out," says Fabro, pointing to a configuration that identifies the power supply to the control room. "Trip it. It should be dark very soon."

Within 30 seconds, the mock control room downstairs is dark.

"This is not good," says Jeff Hahn, a cybersecurity trainer who this day is playing the role of the CEO of the industrial company under attack. The blue team is under his direction.

"Our screens are black and the lights are out. We're flying blind," Hahn says.

During the exercise, the critical industrial facility under attack is a pumping station, such as might be found in a chemical plant or water treatment center. As the operators sit helpless at their terminals, the pumps suddenly start running, commanded by some unseen hand. Before long, water is gushing into a catch basin.

"There's nothing we can do," one of the operators tells the CEO. "We can only sit here and watch it happen."

If this mock facility were an actual chemical plant, hazardous liquids could be spilling. If it were an electric utility, the turbines could be spinning out of control.

If it were a refinery, the tanks could be bursting or pipelines could be blowing up, all because the cyberattackers have been able to take over the computer network that controls the key operations.

The cyberattack scenario is all the more worrisome, because it is not clear that such attacks can be effectively stopped.

"Some of these [systems] can't be protected," says Weiss, the industrial control systems security expert. "We're going to have to figure out how to recover from events that we simply can't protect these systems from."

A U.S. Role In Stuxnet?

The challenge of managing a Stuxnet-like attack is compounded by the possibility that the U.S. government itself had a role in creating the cyberweapon.

U.S. officials were certainly aware of the ICS vulnerabilities that the Stuxnet worm ultimately exploited. An Idaho National Laboratory experiment in 2007, dubbed "Project Aurora," first demonstrated how cybercommands alone could destroy industrial equipment. Idaho lab researchers, who at the time included Michael Assante, rewrote the ICS computer code for the generator, directing the generator to destroy itself.

"When we started to conduct the test, that really robust machine couldn't take it," Assante recalls. "The coupling broke ... and you saw black smoke belching out of it."

In 2008, Idaho National Laboratory researchers performed a demonstration expanding on the Aurora experiment and their further analysis of ICS vulnerabilities. The PowerPoint briefing was prepared specifically for Siemens, the company whose equipment the Stuxnet attack targeted. One year later, the worm was introduced into Siemens ICS equipment used at a uranium enrichment facility in Natanz, Iran.

Ralph Langner, a German cybersecurity researcher who was among the first to analyze the Stuxnet code, came away convinced that it was a U.S. creation.

"To us, it was pretty clear that the development of this particular malware required resources that we only see in the United States," Langner says.

Marty Edwards, director of the Department of Homeland Security Industrial Control Systems Cyber Emergency Response Team, based at the Idaho lab, denies any Idaho National Laboratory role in the creation of Stuxnet, and says the ICS traits the worm exploited were relatively well-known by the time it was created.

"I think it was only a matter of time before those common weaknesses or vulnerabilities were leveraged in an event such as Stuxnet," Edwards says. He would not comment on any role that other U.S. government agencies might have played in the development of the Stuxnet weapon.

That the United States has an offensive capability in the cyberwar domain is a matter of official record. Activities in that area are highly classified, but officials privately acknowledge that U.S. agencies have developed cyberweapons for offensive use.

It has also been reported that the United States has engaged previously in the sabotage of Iranian nuclear facilities. The use of Stuxnet would fit squarely within such a category.

Joel Brenner, the former inspector general at the National Security Agency, writes in his new book,America the Vulnerable, that the use of Stuxnet "would ... have been consistent with U.S. policy but not with previous U.S. methods, which avoided computer operations likely to damage others besides its intended targets."

Some observers have argued that the risk of a weapon like Stuxnet being turned against U.S. assets was so great that no U.S. government agency could logically have supported its development. But others aren't so sure.

Among them is Assante, who was among the first cybersecurity experts to warn that Stuxnet could provide a blueprint for attacks on U.S. infrastructure.

Now the president of the National Board of Information Security Examiners, Assante argues that concerns about Iran developing a nuclear weapon could have justified Stuxnet's creation.

"That is probably one of the largest national security challenges I can envision," Assante said in a recent meeting with reporters at the Idaho lab. "In that context, you can make a pretty strong argument that the benefit of using a cyberweapon to slow down or delay [a nuclear weapon program] or to achieve a specific objective might absolutely outweigh the risk."

Questions Of Information-Sharing

Given the secrecy around the U.S. offensive cyberwar capability, however, that cost-benefit analysis could only be carried out at the highest levels of the U.S. government. Moreover, it is unclear whether agencies responsible for defending the U.S. infrastructure would even be part of the deliberation.

"[The development of a cyberweapon] would probably be so highly classified that the people at DHS wouldn't even know about it," says one former intelligence official.

Such a strict compartmentalization of policymaking would raise the question of whether there is sufficient communication between the offensive and defensive teams in the cyberwar domain.

If Stuxnet was developed by U.S. cyberweapon specialists, the DHS personnel who spent a year analyzing the computer code were presumably engaged in a major duplication of effort.

But Greg Schaffer, assistant secretary of homeland security for cybersecurity and communications, says DHS officials have no complaint over coordination with U.S. agencies responsible for offensive cyber-activities.

"DHS is focused on network defense," Schaffer says. "We do get assistance from the organizations that work on the offensive mission. Whether they bring their work [to us] is something they have to decide. That is not something that we worry about."

A growing awareness of the cyberthreat to critical U.S. infrastructure assets, however, may well deepen concerns about the "blowback" risk to the U.S. homeland from the development of a potent cyberweapon designed to be used elsewhere.

The appropriate level of information-sharing between the offensive and defensive teams within the U.S. cybercommunity is likely to be the focus of intense interagency discussion.

"My sense is that there are lots of people talking about it," says Herbert Lin, chief scientist at the National Academy of Sciences and a co-editor of a book on policy, law and ethics in cyberwar. "But almost all of the discussion is going on behind closed doors."

Eventually, this could change. Whether and when the United States should use nuclear weapons or chemical weapons or land mines has been vigorously debated in public for years, and it may be only a matter of time until the use of cyberweapons gets similar attention.

[Copyright 2011 National Public Radio. To see more, visit http://www.npr.org/]

Los ciber ataques pueden ser nuestro próximo Pearl Harbour

En una comparecencia de Leon Panetta en el Senado de los EEUU, avisa que un ciberataque contra las redes eléctricas, de distribución de agua o los sistemas financieros, puede ser el próximo 'Pearl Harbour'.

La administración Obama aprobó por ley, que un ciberataque podrá tener una respuesta militar física.

¿Quién traza la línea entre un acto criminal a través de la red o una protesta?

+info

Cyber Command

United States Cyber Command (USCYBERCOM) is an armed forces sub-unified command subordinate to United States Strategic Command. The command is located in Fort Meade, Maryland and led by General Keith B. Alexander. USCYBERCOM centralizes command of cyberspace operations, organizes existing cyber resources and synchronizes defense of U.S. military networks.

+info

Cyber-Abwehrzentrum

En la primera década del siglo XXI los Gobiernos comenzaron a abrir sus oficinas de lucha contra el ciber crimen. Se dieron cuenta de que sus redes de distribución eléctricas y de agua eran vulnerables.

+info (Alemania)

Conficker - El gusano que podría tirar Internet

The Conficker worm infected its first computer in November 2008 and within a month had infiltrated 1.5 million computers in 195 countries. Banks, telecommunications companies, and critical government networks (including the British Parliament and the French and German military) were infected. No one had ever seen anything like it. By January 2009 the worm lay hidden in at least eight million computers and the botnet of linked computers that it had created was big enough that an attack might crash the world.

El Conficker es un gusano informático que infectó el primer ordenador en Noviembre de 2008. Aprovechaba un hueco en la seguridad de Windows para instalarse en los ordenadores con este sistema operativo. En un mes se infiltró en 1,5 millones de ordenadores en 195 países. Bancos, operadores de telecomunicaciones, redes de gobiernos (como el parlamento británico, o las redes militares de Francia y Alemania) fueron infectadas. En Enero de 2009 el gusano se escondía en más de 8 millones de ordenadores. Una red de ordenadores, 'botnet' los suficientemente grande como para poder controlar y bloquear el funcionamiento de Internet a nivel mundial.

El autor Mark Bowden escribió un libro sobre Conficker en el que basándose en su rápida propagación y toma de control de 8 millones de ordenadores en el mundo, plantea la primera guerra digital mundial y cómo un grupo se organiza para bloquear su activación y eliminar el gusano de las redes mundiales.

+info

Stuxnet, el gusano que quiso comerse Iran

En Junio de 2010 se descubre que el gusano Stuxnet, ha conseguido infectar más de 30.000 ordenadores en Irán, en concreto ordenadores de empresas, relacionadas con la industria nuclear. Symantec estima que el 60% de los ordenadores infectados en el mundo por Stuxnet, están ubicados en Irán. 

Según los expertos en virus informáticos, Stuxnet, ha sido desarrollado para evitar un correcto funcionamiento de los procesos industriales controlados por los ordenadores infectados. Es uno de los malware más sofisticados descubiertos. Su desarrollo ha podido llevar meses y un coste parejo elevado. Según los expertos, es un gusano-malware desarrollado por un gobierno, para conseguir objetivos militares.

¿Qué gobierno querría atacar Irán?

Ciberguerra

El mundo se ha sofisticado y en gran medida se debe a los altos niveles de tecnificación que la humanidad ha desarrollado. Uno de los ámbitos en los que más destaca esta tecnificación es en la guerra; de los campos de batalla en los que había lucha cuerpo a cuerpo, hemos pasado a misiles dirigidos desde miles de kilómetros a distancia, soldados que graban en tiempo real sus intervenciones para que, esos que manejan el cotarro a miles de kilómetros, vean en directo, quién cae, cómo y poder dar así las órdenes de cómo continuar.