title.jpg
introduction watch the dialogue view the transcript resources panelists about this page search the dialogue

 

Transcript of Cyberterrorism: Response at the Regional and Local Level Print-Friendly Version: Text


[ Opening - Panelist's Introduction ]

00.00.21.0 Timothy Shimeall Hello, my name's Tim Shimeall, I'm with the CERT Coordination Center at Carnegie Mellon University, Pittsburgh, Pennsylvania.
00.00.27.9 Michael Vatis I'm Michael Vatis, I'm the director of the National Infrastructure Protection Center.
00.00.33.5 Mike Arlington My name is Mike Arlington, I'm the director of Legal Compliance for a major telephone company.
00.00.37.7 Scott Larson Hi, my name is Scott Larson, I'm a supervisory special agent with the FBI here in the Washington field office, specializing in computer intrusions and infrastructure protection.
00.00.46.9 Wayne Madsen Hi, I'm Wayne Madsen, senior fellow, the Electronic Privacy Information Center, Washington, D.C.
00.00.53.9 Mayor Bill Campbell Bill Campbell, Mayor of Atlanta, Georgia.
00.00.57.0 Jerry Hauer Jerry Hauer, director of the Center for Counterterrorism for Science Applications International.
00.01.03.9 John Vranesevich Hi, I'm John Vranesevich, founder and general partner, Anti-Online, Pittsburgh, Pennsylvania.
00.01.08.4 Michael Reilly I'm Mike Reilly, Battalion Chief of the Fairfax County Fire and Rescue Department. I'm chief of investigations for the Fire Marshall's Office for HazMat, Hazardous Materials and Arson Investigations.
00.01.17.2 Leslee Stein Spencer Hi, I'm Leslee Stein Spencer, I'm chief of emergency medical services and highway safety for Illinois Department of Public Health.
00.01.24.2 Michael Robinson Hello, I'm Mike Robinson, director of the Michigan department of state police and president of the International Association of Chiefs of Police.
00.01.31.4 Sheriff Patrick Sullivan, Jr. I'm Pat Sullivan, Sheriff of Arapahoe County, Colorado.



[ I. Accident or Attack? ]

[ Responses: Airport and City View ]

00.02.42.0 Moderator Bill, you are the mayor of Metropolis, and Jerry, you are the director of the Office of Emergency Management. Now, the two of you have just been to an exciting conference on floods, volcanoes, earthquake, pestilence - you know, the normal emergency management stuff. And you're coming back to something much more exciting. What's going on is that in the next couple of days, the great city of Metropolis will be hosting the Super Bowl. Now the two of you are on board flight 2002 on Blue Skies, you're flying into Metropolis International Airport on a cloudy morning in January, when, wouldn't you know it, the airport traffic control system goes down. All right, now let me tell you a little bit about airport traffic control. Normally the main computer at airport traffic control tells controllers a little bit of information about radar and tells them what's going on with planes in the air, tells them about route, travel plan, altitude, but now that these computers are down, these controllers have to look at the radar themselves, and extrapolate this crucial information themselves. Now because of the Super Bowl there are lots more planes in the air overhead Metropolis, lots more planes coming into the city. Now Jerry I assume the city has plans in place when there are problems at the airport, and I certainly assume that it has contingency plans when the Super Bowl is happening, but when I what to ask you is: does the city have plans in place when there's the possibility of a slowdown at the airport, or possibly the airport closing down, or maybe even suffering a major accident right before the Super Bowl? What I'd like you to do is have a conversation with the mayor and tell him what those plans might be, cause I think he could use a little reassurance right about now, don't you?
00.04.31.2 Jerry Hauer Well the, probably the last thing I'd want to be doing is sitting on a plane, flying in with the mayor is talking about the city's crash plans, particularly when we're on one of those planes. But -
00.04.41.5 Moderator But talk to him now.
00.04.42.4 Jerry Hauer But in point of fact, we do have plans in place in the event that something happens at the airport. We do have plans in place in the event that there is a slowdown through the air traffic control system to augment the airport police with city police. We have plans in place in the event of an incident to manage the incident, to deal with any type of crash.
00.05.07.0 Mayor Bill Campbell Jerry, what I need to know now because we're about to land is exactly how we're going to alert all the systems so that they are up and running and we're prepared. We've got millions of people coming into the city. We've got a hundred million that'll be watching our preparation for the Super Bowl, three thousand journalists, so we've got to make certain that things are done the proper way. What do we do now, what are steps one, two, and three?
00.05.31.3 Jerry Hauer Well first of all, the Emergency Operations Center, because we're getting ready for Super Bowl weekend, is operational. All of the city, state, and federal agencies are in place to deal with any contingency that might come up, as they are for any major event. So we've got everyone in place, for pretty much any type of contingency.
00.05.53.1 Mayor Bill Campbell How do we pull the strings, how do we start it right now?
00.05.54.6 Jerry Hauer Well, if in fact there are any problems at the airport, the representative from the airport will be talking with the police department about augmenting any type of police needs in case there's crowds there. Certainly for Super Bowl weekend we're going to be expecting increased traffic at the airport.
00.06.15.0 Mayor Bill Campbell We're the busiest airport in the world, we know that this is a bad time, perhaps the worst time in the world for this to happen. What do we do right now, who do we call first?
00.06.25.5 Jerry Hauer Well, the first thing we need to do is try and find out what the magnitude of the delays are going to be, whether or not planes are going to get out -
00.06.32.7 Mayor Bill Campbell Are we going to get in?
00.06.33.9 Jerry Hauer Well, there's a good chance we're not, because if the air traffic control system is down and it's cloudy and the ILS system might be down, there's a good chance we might not be able to land, and that could be a problem. We need to be finding out whether we're gonna get into Atlanta or whether we'll be flying into an alternate airport, and that could be a big problem for us.



[ Responses: First Response (EMS, Police, Fire) ]
00.06.56.7 Moderator Alright, let me jump in here. Pat, you are the chief of police for Metropolis. Mike [Robinson], you head the state police. Leslee, you are the head of Metropolis' EMS, and Mike [Reilly], you head the fire department in Metropolis. What I'd like you to do is talk about how you might respond to the situation. We have the pressures of the Super Bowl with the possibility of at least a slowdown at Metropolis International Airport and possibly a crash at Metropolis International Airport. What's EMS thinking about at this point? How would you respond to the situation right now?
00.07.31.0 Leslee Stein Spencer Well, we already have ambulances stationed at the airport, and if we think there's going to be a crash we might notify the supervisors to have them bring in, maybe bring some ambulances in from another area, calling in mutual aid, because we don't want to remove any of the ambulance standing by the Super Bowl arena. So we'll see if we can bring in some mutual aid on standby.
00.07.49.8 Moderator How about police Pat?
00.07.50.9 Sheriff Patrick Sullivan, Jr. There's going to be a backup of traffic as more people are arriving and not being able to meet incoming planes, so the traffic congestion is going to increase considerably. There may be some crowd problems inside the airport itself, so there's going to have to be an augmentation of the manpower at the airport.
00.08.04.8 Moderator Fire, what's going on?
00.08.06.6 Michael Reilly Well we already have a unified command system set up, so all the agency heads already have contingency plans. We have mutual aid agreements with the surrounding jurisdictions, and we already have pre-deployment of some of our engine companies and our special task force already deployed to that immediate area, and each division chief has an area of responsibility.
00.08.26.4 Moderator Mike [Robinson], it sounds like nobody's really talking about the cause of this shutdown, the cause of the problem, the computer crash. Is anybody thinking about that? Is anybody, at this point, thinking about the possibility that this might not be just a run of the mill computer crash, but might be the start of something bigger, do you think?
00.08.42.6 Michael Robinson Well there's gonna be two issues here. One is, in any situation like this, is the crisis and the consequence. What we're trying to deal with right now is obviously what the consequence of this particular incident is likely to be. The fact that we have the Emergency Operations Center up and running is an advantage in this case because we're not calling people in to develop this immediate relationship for the situation. So we obviously want to deal immediately with the consequences that may erupt as a result of this difficulty that we have. As we feel that we have that particular base covered and we are in shape to respond, if the worst should happen, if a crash occurs, or some other sort of incident, then it allows us time to look at the crisis and the magnitude of that.



[ Was Computer Crash Deliberate? ]
00.09.32.9 Moderator Okay, Tim let me talk to you a little bit. Is there any way-let's talk about this computer crash that's going on-is there any way to determine whether or not it was accidental or it was deliberate at the time that the computer crashes?
00.09.46.1 Timothy Shimeall Well there's a lot of different cases for the computer crashing. We might want to look to see if the computer crashed because of some obvious hardware problems, and, that would be one implication. The power flows to the computer, um, checking the plug, if you will.
00.10.03.8 Moderator Okay.
00.10.04.1 Timothy Shimeall In addition, assuming those things check out, then the technicians would rather rapidly move into checking the systems logs, to see what was going on in the system at the time of the crash, whether or not there was some unforeseen combination of circumstances that the system just could not handle, or if there was something more malicious going on.
00.10.22.2 Moderator Michael [Vatis], tell me, would people be thinking about cyberterrorism at this point, or would they be thinking about this computer at this point, or might they be thinking more about the consequences of this?
00.10.33.2 Michael Vatis We would be thinking about the possibilities that it could be merely a hardware problem or a software problem, but also about the possibility that this could be the result of a malicious attack, someone purposely getting into the system to try to shut it down. And, if that were the case, that's when the federal government would engage, through the FBI and other agencies, to determine who might be behind this and to try to put an end to it.
00.10.57.0 Moderator Alright, you say that you might be thinking about that, but talk to me about the typical airport and city administrators. Would THEY be thinking about cyberterrorism at this point, the possibility of that, do you think?
00.11.06.8 Michael Vatis I think they would. Given the incidents that we've seen over the last several years with attacks on critical infrastructure systems, the computers that run critical services such as transportation networks, banks, electrical power, things like that, and the fact that we've had some precedence even in the air traffic control arena, people would think about that as a possibility. It's important not to jump to conclusions until you have some indication of whether it's an accident or a malicious attack, but I think people would be examining all the possibilities.
00.11.39.6 Michael Robinson What we're doing a great deal of is we're talking with those groups and individuals and critical infrastructure managers of systems so that, whether it is a utility company or whether it is an airport traffic control system, that the managers of those systems now, more than ever before, have it in the back of their mind that this could be something more than a normal failure of hardware or software. So we are doing a lot of that preparation ahead of time so that they're making the right decisions in evaluating what the cause of that situation is, so that they know who to contact when they do discover that this is an act of sabotage or some other intrusion, that wouldn't be a normal software/hardware problem.
00.12.26.6 Leslee Stein-Spencer But I think that law enforcement might be interested in cyberterrorism, but I think if you look at health, emergency respond, we are not thinking cyberterrorism at all.
00.12.35.0 Moderator Not at this point?
00.12.35.5 Leslee Stein-Spencer Not at this point.
00.12.16.8 Timothy Shimeall Well one thing, no matter what the cause is, the initial steps we're going to take are the same.
00.12.40.0 Leslee Stein-Spencer That's exactly right.
00.12.42.5 Timothy Shimeall From the systems point of view, we are going to be viewing the systems logs, we are going to be diagnosing what went on and seeing what indications exist. From the emergency response perspective, you guys are going to be dealing with the consequences, because, no matter what happened, the consequences are going to be, initially, at least somewhat similar.
00.12.56.4 Michael Robinson The engagement of the emergency management mechanism in the city or in the state is going to be the same no matter what the cause of it.
00.12.56.4 Leslee Stein-Spencer That's correct.



[ Response: FBI ]
00.13.03.2 Moderator Scott Larson, let me ask you this Scott: this is, when we're talking air traffic control, it's a federal system right? Does the FBI get involved every time a federal computer goes on the blink? Would you start investigating, launch an investigation, at this point, do you think?
00.13.17.6 Scott Larson Well, kind of what's already been said, there's an assessment period, to try to figure out what happened, and there's a lot of experience already with Y2K, the various viruses that have been around, where people have already gone through these processes and started thinking about them. What we generally do is we make contact, and say, "hey." Just make a simple contact, you know, "what's going on? Do you need anything?" and then we go from that step, as the process goes across all the different entities that are involved in this.
00.13.42.8 Moderator Alright, I'd like us to step back in time-
00.13.44.3 Michael Reilly Could I just make a quick comment?
00.13.45.0 Moderator Absolutely Mike [Reilly], jump right on in there.
00.13.47.0 Michael Reilly As Mike [Vatis] already indicated that he would be thinking of that cyberterrorism because, as you probably are aware, all these computer systems are redundant, and so for a system to actually go down, more than one system would have had to have been affected. We're talking two, three, four times those systems are backed up. So if those backups are down, then we know that more than one system has been affected. And I would think that, at that point, most of our fellows up here would be thinking, "well, for all of those systems to go down at one time, there's a lot more than just Murphy's Law."



[ II. Phreaking for Dummies ]

[ Hacking 101: How it Works ]

00.13.16.3 Moderator Alright, [laughter] we still don't know what the cause, we still don't know what the cause of the computer crash has been. But I'd like us to step back in time a little bit. Back in time to when a couple of kids, and, for now they're going to be played by John, Mike [Reilly], and me, we're thinking about what kinds of things we might be able to get into. How we might be able to get into the airport system, for example, or some other major system and play around in those systems? Now, John, you're the leader of our little group, and, in fact, we've been following you for some time. When we were all in high school you actually showed us how to hack into the high school's official website. Remember that John?
00.14.56.7 John Vranesevich Sure, it was a ball.
00.14.57.6 Michael Reilly You changed my grade.
00.14.59.1 John Vranesevich You needed it.
00.15.00.0 Michael Reilly From an A to a C.
00.15.02.4 Moderator Alright, well let's talk about it. What did you do, what did we do with that official website John? Tell us a little bit about it.
00.15.08.9 John Vranesevich Well, the high school system was pretty easy. The administrator got a new software, he bought online, he installed it, and up popped the website. They got a grant from the National Science Foundation to put that up. But unfortunately, he was also the school's math teacher, and substitutes for gym class every now and then, so he didn't know how to change the default passwords. So we simply went to the manufacturer of that company and see what they used as a default password, logged ourselves in, and had fun with it.
00.15.35.6 Moderator And what, how did we have fun? What did we do? Talk about it.
00.15.38.3 John Vranesevich Well, in that case, what we decided to do was, we had that English teacher that we disliked, so we got a picture of her and distorted it and put it up online.
00.15.46.9 Michael Reilly I think you did more than distort it.
00.15.49.0 John Vranesevich [laughing] Okay. We had some fun, it took some time, but it was worth it.
00.15.52.4 Moderator Alright, yeah, it was really kind of cool what we were able to do. And, in fact, we've been your disciples ever since, John. Now, Mike and I are just a little bit interested though, in doing some other stuff with these systems, and in fact we'd like to know some of the really bad things that hackers can get into. So we want you to tell us, not that we're necessarily going to do it Mike, right?
00.16.11.3 Michael Reilly Well, if you're going to do something like that you could get me into my college grades as well.
00.16.15.6 Moderator [laughing] We just want to know what we might be able to do, what some of the possibilities are. And, in fact Mike, why don't you ask John about some of the things that we might like to do?
00.16.23.6 Michael Reilly Well, I always wanted to see what an air traffic controller could do, so if you could kind of get me into one of their computers so I can watch simultaneously some of those planes that are coming and going.
00.16.33.7 John Vranesevich Right. We're going to have a little bit of a problem though, because, unlike our high school, the machines we're going to need to break into aren't connected to the Internet. So we're not simply going to be able to bring up the air traffic control computer on our local machines via AOL. So what we're going to have to do is try to find an alternate way to get into those systems.
00.16.39.5 Michael Reilly They have a hard line going somewhere, right?
00.16.51.5 John Vranesevich Obviously. Air traffic control by definition is communication, so there's probably all sorts of communications lines. So I think we want, to start, what we're going to have to do is get as much information we can and read as much as we can about how phone systems work and about the type of telecommunication facilities that go into an air traffic control center.
00.17.08.5 Moderator Where are we going to read that information? And, I want you to break this down for me because, unlike Mike, I'm not really that good with computers. So let's talk about hacking for dummies here, okay, let's just break it down.
00.17.18.5 Michael Reilly She's seen my skills. I'm up there with you almost.
00.17.20.6 Moderator So how might we do this, where would we begin? I turn on the computer and then what?
00.17.25.4 John Vranesevich Well, dial up to AOL and we'll bring up Infoseek or AOL search and we will begin researching the phone companies.
00.17.33.2 Moderator How do we do that?
00.17.34.4 John Vranesevich Well, luckily for us, most of these companies put information about all their products, services, etc., online for the average consumer or the corporate consumer to read. And, while that information might simply be general, casual reading for their customers, for us we're going to use those as keys to get into their system.
00.17.48.7 Moderator Alright, and when you say we're going to use it as keys to get into the system, how do we do that? How do I know how to hack into these, these systems? Is there some information, some website someplace that will help me?
00.18.00.0 John Vranesevich Oftentimes one of the keys is to simply educate yourself so you know more about the system than the people who are running it. Oftentimes the people that are running these systems aren't trained as well or as thoroughly as you can train yourself about these systems. So, if you can learn anything you can about that system, we can go look at it with an expert eye when it might be the equivalent of a child running it.
00.18.18.8 Moderator Okay, well you know, I did something at your suggestion. I put in, I pulled up Yahoo and I put in the word "phreaking," what's "phreaking?"
00.18.26.6 John Vranesevich Ah "phreaking" is the word we use for telephone or telecommunications system hacking.



[ Hacker Resources ]
00.18.30.7 Moderator Okay. I typed in "phreaking" and, lo and behold, this, website came up and told me all about how to hack into various systems. Is that, is that normal? Do other kids do that, do you think?
00.18.42.9 John Vranesevich Right. One of the things that even our group likes to do is post information about how we hacked into our high school's website online. That lets other kids read about how we do it, might give us a few cool e-mails, "hey, you guys are really neat" type of things, help raise the statute of our group, we're already well-known within our high school, so let's get well-known a little bit someplace else. So what we might be able to do is simply go in and find some groups of people like us who have done things like that in the past, or something that might be able to clue us in on how to do it.
00.19.12.2 Michael Reilly We wouldn't even have to buy lunch anymore.
00.19.14.1 Moderator Because?
00.19.14.8 Michael Reilly Because we're changing other people's grades as well, so they're kind of all sharing with us.
00.19.18.5 Moderator Oh, they're giving us money for lunch, okay. Michael [Vatis], talk to me about what kind of information I might be able to find on the Net about other systems. Can I find information about air traffic control, telephone systems, what's out there?
00.19.30.5 Michael Vatis There is an incredible wealth of information about systems that hackers might want to target, as well as techniques they might use to break into those systems that they choose to target. In fact, you don't even need to be as good as John, or Mike, or yourself at hacking because there are automated tools available on hacker websites so even a novice, a relative novice, can go in and download the particular tools or exploits that he might want to deploy, and then pick his target and launch.
00.20.01.9 Moderator Talking about targets, can I get into telephone systems Scott? Can I get into e-commerce? Can I get into those sorts of things?
00.20.08.6 Scott Larson You can get into just about any computer system that is connected via modem and telephone, or from the Internet, through a router.
00.20.16.2 Moderator Okay. John, Michael [Vatis] was telling me that it's easy. I'm not really convinced, alright. It sounds like you have to be somewhat of a computer genius to be able to do this stuff. Is that right?
00.20.27.3 John Vranesevich Absolutely not. Some of the things that have made the headlines here in the United States and worldwide is quote-un-quote “potentially serious incidents.” Almost every case has turned out to be a couple teenagers. Some as young as twelve that are doing this.
00.20.43.2 Moderator Give me some examples of what's been going on.
00.20.45.3 John Vranesevich All sorts of things. In relation to this case, we saw a sixteen-year-old break into the phone system and shut off communications to an airport. We've seen teenagers break into various systems run by the Department of Defense, stealing information such as maps to classified networks. We see things like that happen on a daily basis. Government computers are broken into so often that it's no longer newsworthy, it's just another daily event.



[ Hackers & the Media ]
00.21.13.0 Moderator Well, speaking of news, Wayne, you're a journalist, you've been covering a lot of these incidents. Can you tell us some other examples of things that you've seen hackers do with the computers? Inspire us with some of these examples.
00.21.23.7 Wayne Madsen Well, we've seen some worldwide events that may have come from these so-called "hackers" or "crackers" depending what a -
00.21.32.5 Moderator What's a "cracker?"
00.21.33.5 Wayne Madsen Well that's a person who maliciously, has malicious intent. A hacker is a guy like Bill Gates, [laughter] although some people, my friends from the Justice Department, they argue that he may also have had some malicious intent, on occasion. But a cracker is somebody who purposefully goes into a computer to do damage or steal information, as opposed to somebody who's just curious, who's interested in saying, “hey,” I want to put this on my hacker resume and say that I broke into such-and-such a system. But worldwide, virus attacks, distributed denial of service attacks, they tend to get a lot of attention by the media and a lot of hype, sometimes it's good, sometimes it's bad.
00.22.20.5 Moderator Well, let's talk about how the media is covering this. Do you think that they're informing the public fully about the kinds of things that we hackers can get into?
00.22.29.0 Wayne Madsen I think it's important that the media informs the public in a responsible manner. That letting the public know how vulnerable information is on Internets and computer systems I think is responsible journalism.
00.22.44.8 Moderator And are we doing that?
00.22.45.6 Wayne Madsen My feeling is we're not doing it. There's a lot of hype out there, there's a lot of overreaction to what's happened. We definitely don't want to scare people away from this great technology, but there's just been a lot of overreaction to incidents that, probably, you could say, happen quite frequently.
00.23.07.2 Sheriff Patrick Sullivan, Jr. What are you describing as overreaction?
00.23.09.4 Wayne Madsen Well, the distributed denial of service attacks that we've experienced, there was one-
00.23.15.2 Mayor Bill Campbell What does that mean?
00.23.15.9 Wayne Madsen That's basically where a lot of computers, websites go down simultaneously, they have problems. We've seen it happen with E-Bay, we've seen it with amazon.com. These incidents tend, because these are high-profile companies, they tend to get an awful lot of press attention. However, if it's an Internet relay chat server at some obscure university in Tasmania, these attacks happen quite frequently also, but they don't get quite the press that these high-profile attacks do.
00.23.48.0 John Vranesevich Yeah, but I think in a way it's important, because I think for the first time we're seeing something the American people need to realize is that, you know, with the denial of services attacks, if, five years ago, ten years ago, you said that a sixteen-year-old who wore a Pokeman shirt in Canada could, you know, cost US companies billions of dollars in losses, they laugh at you. What is this sixteen-year-old possibly going to do that's going to cause companies billions of dollars? Nowadays we're seeing it, and we're seeing it over, and over, and over. All of a sudden this young teenage rebelliousness, there's power behind it. And I think that's what's important. Maybe that's not the message that's being relayed, but I think that's one of the important messages that the American public needs to get. So, yeah sure, America Online gets more attention if it gets broken into, but if we turn it back to the teenager, if a kid through a rock at the neighborhood church, sure, it wouldn't make national news. But if he threw a rock, tried to break a window on the White House, yeah that would.
00.24.44.2 Michael Robinson The question that I have, John, and the question that the American public has, and we in law enforcement have, because we're being tasked with investigating those kinds of activities, is what is the industry doing and what are the managers of those infrastructure systems doing to make their systems more secure from those sorts of intrusions because that causes a great impact on us.



[ The Hacker "Profile" ]
00.25.08.0 Moderator (over Michael Robinson) Okay, before we get into that I actually want to come to Leslee, and I want you to play for a minute as John's mom, okay?
00.25.16.4 Leslee Stein-Spencer I could be, unfortunately.
00.25.19.0 Moderator Alright, alright, and you're a proud mom.
00.25.20.5 Michael Reilly I bet you're happy about his grades.
00.25.23.0 Leslee Stein-Spencer Happy about his grades.
00.25.24.0 Moderator He's been getting a lot of A's lately. But Leslee let me ask you this: the high school officials never found out who hacked into their website, and no officials have actually contacted you about John's cyber-antics or any of his friends' antics. And so what I'm wondering is: do you know, or have a clue about what John is doing, as a parent? Mom to mom.
00.25.46.3 Leslee Stein-Spencer I would say probably not. Since in my day we didn't have computers, I am not as knowledgeable as my son. Subsequently, he does a lot more and can do much more than I'll ever know. So I don't have a clue except to think he's an excellent student.
00.25.59.5 Moderator Okay.
00.26.00.0 Timothy Shimeall What you may notice [is] that he's at least home, in the evenings, he's working quietly in his room, he's not causing anybody any overt problems, he's not hanging around with the bad crowd.
00.26.08.9 John Vranesevich (at same time as Leslee Stein-Spencer) Oh, but I'm a good kid mom.
00.26.09.0 Leslee Stein-Spencer (at same time as John Vranesevich) I think that's great, I love it. Mom likes that. No drugs, nothing, I think he's great.
00.26.15.0 John Vranesevich I got a job at the local newspaper. I'm designing their websites, I'm designing websites for other people in the community, I'm making good money.
00.26.19.5 Michael Reilly He's got great friends.
00.26.20.3 Leslee Stein-Spencer (at same time as John Vranesevich) I think it's wonderful.
00.26.20.4 John Vranesevich (at same time as Leslee Stein-Spencer I'm able to pay for my own car insurance, I'm able to pay for my own car insurance cause I have this great job using my computer skills. I volunteer at the library and the community center, help senior citizens get online. I'm doing great stuff.
00.26.30.3 Leslee Stein-Spencer He's helped me invest in stuff, so I think he's a great son. I really don't have a clue.
00.26.33.5 Timothy Shimeall One comment about the computer geniuses. We've actually seen cases where people have been breaking into systems that could barely read. Not because they were so young, but because their intelligence was so limited.
00.26.44.2 Leslee Stein-Spencer Okay.
00.26.44.7 Timothy Shimeall So they're not geniuses that are out there. What's happening is-
00.26.47.0 Leslee Stein-Spencer But my son is.
00.26.48.0 Timothy Shimeall Could be.
00.26.48.7 Moderator Of course!
00.26.49.7 Michael Reilly Without question.
00.26.50.6 Timothy Shimeall What's happening is that people are competing not just in what systems they build, but in what tools they create to break into systems. And this is what happened with respect to the dot com break-ins that got alluded to. That we have two groups, several groups of hackers that were competing to see who could build the worst tools. And then those tools actually got ended up being used by a third party, this sixteen-year-old from Canada, to cause damage to the infrastructure. So the entry level for getting into this is getting lower and lower and lower.
00.27.25.2 Moderator Younger and younger.
00.27.25.8 Michael Robinson Are you saying then there's no atypical profile of a hacker that we in law-enforcement should be looking at?
00.27.36.1 Timothy Shimeall Well, my group does not look at hacker profiles, they look at technical concerns of the attack, and I think there's other panelists that are better-
00.27.45.2 Michael Vatis I think we can safely say there is no one profile. In fact, if we keep talking about hackers as teenagers we're going to miss nine-tenths of the spectrum of much more serious threats that we have, whether it's organized crime groups, foreign or domestic terrorist groups, foreign intelligence services that break into systems to steal classified or proprietary data, and ultimately foreign militaries who seek to use these same sorts of techniques, but in more sophisticated ways as an element of their warfare, and their strategy to attack US interests or whatever other country they seek to harm.
00.28.20.7 Moderator Alright, but for the moment we're still in Leslee's household and we're not talking about foreign stuff, we're talking about John. John, have you gotten messages from any adult figures about the responsibility that might come with this new technology?
00.28.35.4 John Vranesevich Absolutely not, it's been great fun. The National Science Foundation, the President has pushed for my school to get online. We have a T1 line, going in-
00.28.43.0 Moderator What's that?
00.28.43.7 John Vranesevich A high speed communications so we can all get on the Internet 50 times faster than I can at home. We have new computers in our classrooms. I have an e-mail account through my high school that I use. My high school even set up dial-up service so I can get Internet access for free from home through my high school. We had a couple classes about how to get on the Internet. Through my English department, one of my English teachers taught us how to research stuff for some research papers that we're working on, so we learned how to surf around and get information for the papers we're working on.
00.29.13.8 Leslee Stein-Spencer And I think it's great, I think he's going to get a scholarship based on all that he's doing, so I think we're doing great.



[ III. 911 Goes Down; Preparing for More ]
00.29.18.8 Moderator Proud mom. Alright, we're still in the air. Just in case you didn't think you that you were still up there, Bill, you're still in the air. And, in fact, we've got cloudy weather, a rainstorm is coming, but there's more. There's a plane, another plane that's in the air, and it actually is attempting to land, but it has a sick passenger on board. Now, it has contacted Metropolis Airport to at least alert them that there's this problem. And Metropolis Airport gets on the phone, dials 911, and it discovers that Metropolis' 911 system is down.

Alright, so this is beginning to seem a little more deliberate, a little more involved. Now, as I mentioned, Bill and Jerry are still on the plane, and in fact your airplane is going to be diverted to Gotham Airport. But in the meantime you want to get on a conference call and talk to the heads of your Metropolis agencies, talking to police, fire, and EMS so that you have a sense of what's going on and what the next moves are going to be. Well, let me tell you a little bit about what's going on, alright? You now know that Metropolis' 911 is down. You know that Metropolis' air traffic control system is down. What you don't know is that local traffic helicopters have been out surveying the area, and they're actually reporting that there have been a number of serious accidents in Metropolis. It's probably people that are driving onto the airport and realizing that there are problems at the airport, they're turning around and getting into accidents. But we've got a lot of serious problems going on, and you're beginning to think that this might be deliberate, Bill. I want you to have a conversation with the heads of your departments about what our next moves are going to be. What are we going to do now? Bill, why don't you get on the phone with them.

00.30.59.7 Mayor Bill Campbell Well first, as soon as we land I'm going to fire Jerry because we shouldn't have been on the same plane together.
00.31.05.4 Jerry Hauer Thanks boss.
00.31.09.2 Mayor Bill Campbell But I'll keep that private thought before we do anything. What I need to know from the air is first, even before I call them, I've got to ask the pilot if we can be diverted and land as quickly as possible because if my emergency management guy and I are both in the air at the same time when there clearly is more than just an accidental computer breakdown, we need to be on the ground as quickly as possible.
00.31.35.2 Moderator We're going to Gotham.
00.31.36.7 Mayor Bill Campbell We're going to Gotham, which allows us a lot better communication flow than being up in the air.
00.31.40.7 Moderator Absolutely.
00.31.41.7 Mayor Bill Campbell The communication system from the airplane is horrible, you can barely hear. I don't know whether or not the communication is going to be intercepted. So what I've got to do is I've really got to rely on the people that are on the ground. The one thing that I need to know first is: have we already activated all of our systems? Tell me the extent of the problem, and tell me what we're doing right away. I'm placing you in control first, chief. I need to know you're the person in charge because my emergency management guy and I are here. You're the person that's in charge of all the systems that are going to get things done. Tell me where we are and what we need to do.
00.32.13.8 Sheriff Patrick Sullivan, Jr. Well we started off augmenting the airport for traffic and crowd control-
00.32.17.5 Mayor Bill Campbell How bad is it?
00.32.18.5 Sheriff Patrick Sullivan, Jr. Well we've lost a lot of the traffic signals, so the master computer controlling a lot of the traffic signals has also gone out.
00.32.25.0 Mayor Bill Campbell So obviously the FAA has already been alerted. Has the FBI been called? Where are we with that?
00.32.29.4 Sheriff Patrick Sullivan, Jr. We're going back to the EOC where we do have FBI representation and we're talking to the FBI through the EOC.
00.32.26.2 Jerry Hauer Now if the airport is shut down at this point in time and flights are not getting in and out, is there any purpose to just completely diverting traffic so that you can avoid these delays, just basically freezing it so that you can get some of the people out, and not allowing any incoming people into the airport.
00.32.57.0 Sheriff Patrick Sullivan, Jr. Access to the airport has been closed off while we try to dump the drives that are already clogged up.
00.33.01.3 Mayor Bill Campbell I'm concerned, our entire 911 system is down, is that correct?
00.33.05.1 Sheriff Patrick Sullivan 911 is down, traffic lights are down.
00.33.07.0 Michael Reilly I might also add that even though 911 is down, the redundant systems, the immediate, we're going to work with the immediate, the non-emergency number, which is a hard-line number, still can get in. So we're educating the people that if they need 911 or have an emergency they can dial the non-emergency number and still get the same response.
00.33.23.1 Mayor Bill Campbell What's the first thing that we've done? Have we cancelled all leave? Do we have all officers, both police, fire, and emergency medical personnel, on standby?
00.33.30.0 Sheriff Patrick Sullivan, Jr. We're already on twelve-hour shifts as we were moving into the Super Bowl, so we're very well staffed, and we're moving people around right now to unravel some of the traffic right now and that's our major focus. Through the EOC detective divisions working with the FBI to try to analyze what all's been happening from a criminal standpoint
00.33.49.5 Mayor Bill Campbell Alright, look. I'm relying on you to make certain that all the systems are working. The second-most important thing is what's happening with the public and the media. Widespread panic is the worst thing that can happen. Our air traffic control system is down, the 911 system is down, we've got millions of visitors that are in, and so they don't have any real sense about how well prepared we are for it. Who's handling the media and what is the sense of panic in the air right now?
00.34.15.3 Sheriff Patrick Sullivan, Jr. Statements are being prepared at the EOC that'll represent you-
00.34.18.6 Mayor Bill Campbell Is there press conferences being planned? What are the media inquiries we have?
00.34.22.5 Sheriff Patrick Sullivan, Jr. Yes. They're in the planning stages right now as we're trying to get a handle on what all our outages are, and what the contingencies will be.
00.34.28.2 Jerry Hauer Do we have, at this point, additional police cars and fire trucks on the street? If 911 is down and people cannot dial in, the easiest access to emergency service is going to be visibility. We need to put fire trucks on the street with their lights on, police cars onto the street doing roving patrols, so if there are incidents people are able to access emergency services.
00.34.51.0 Michael Reilly In addition to that, when the disaster operation plan went into effect, a police car was sent to every fire station in Metropolis so that we have both agencies well represented. The fire department's already done mandatory recall; we're placing all our reserve equipment back into service. We're pretty prepped-up as far as staffing.
00.35.08.3 Leslee Stein-Spencer Plus our ambulances, they have now communicated with the hospitals to let them know that, with their radios, that they are in alert standby. That they should be prepared, they might have increased patients. Plus we've given them loud speakers so they go around the neighborhoods announcing that they are in emergency, you cannot call 911, if there is an incident or they have an emergency come out in the street and wave someone down.
00.35.29.5 Mayor Bill Campbell Well, the truth is that's going to be very difficult for a city as large as Metropolis to use bullhorns. But here's what I want: I want you, Chief [speaking to Sheriff Patrick Sullivan, Jr.], to call the governor, and alert the governor that we may need to call the National Guard out, so ask him to put the National Guard on readiness, because I think, if we move to another stage here, we may need additional emergency personnel.
00.35.52.1 Sheriff Patrick Sullivan, Jr. A call will be made through the EOC to the governor.
00.35.55.2 Michael Robinson Actually, actually mayor, because the EOC is operational, there is involvement of the state emergency management system, so we're in constant contact and as state police director, I've offered resources, police resources to augment your city police department, and are in fact keeping the governor's office advised as to these circumstances as we go along, in case you decide to make that declaration and ask that state declaration of emergency.
00.36.28.4 Mayor Bill Campbell I can barely hear you, I'm on the plane, last point: because Jerry and I are up in the air, Chief, you're the person, the only person, I want that's speaking to the media. I don't want anybody else except you as a direct contact for the media, a direct contact disseminating information. The last thing we need is widespread panic. You've done this before in other emergencies, I want you to steel yourself, I want you to get all the information, I don't want you to lie, but I don't want you to panic the public either. So just get ready, go do a press conference, tell the public that we've got some problems, try to reassure them, and Jerry and I will be down as quickly as we can.



[ IV. New Systems, New Vulnerabilities; Old Timers to the Rescue ]

[ Are New Systems More Vulnerable? ]

00.37.05.0 Moderator Alright, let me freeze the frame just for a minute and actually have us step back in time just a couple of months ago, when in fact we installed a new air traffic control system that was state of the art-it took advantage of high speed interconnectivity-we thought that this was something that was going to be important to have in our air traffic control systems. We did the same thing with 911. Now, what we were hoping with the air traffic control system is, when we installed it, that it would be much better than the previous system. It was going to be able to handle greater volume than the previous system, it was going to be able to handle it at greater speeds, and so we thought that this was something quite wonderful. But Scott I want to talk to you about the possibility that maybe this new system that we brought in actually increased our vulnerability in some way, because in fact the new system takes advantage of connections to the Internet.
00.37.59.2 Scott Larson Well, the new system also, most likely, is what we call "off the shelf" software which is much more ubiquitous, and the hackers now can hack a system, whether it's at a high school or at an air traffic control system, and it's usually the same operating system or the same type of hardware and software. Where in the earlier days it was quite often a independent, individual system which only would be known to the manufacturers and take a lot of work. So in connecting to the Internet, and using software and hardware that's readily available and known, and advertised with the exploits on the Internet, quickly someone can start trying to map out the network and trying to exploit the system. Basically going along the hallway and rattling the doorknobs seeing what's unlocked.
00.38.47.2 Moderator Okay Tim, I thought that when we brought in this new system that in fact we were increasing our security rather than decreasing our security. Is there a problem there?
00.38.55.1 Timothy Shimeall What you've done is you've changed the system by hooking into the Internet, so a lot of the prior assumptions you had about how the computers need to be protected are wrong because we've got a new wide gateway into our network. The older systems that are around potentially were not locked down because the view was, hey we're not in any public network, there's only a very narrow entrance via a secure dial-in line. Now that's been changed since there's this Internet gateway, and if the new system in fact has a vulnerability, and it only takes one, then the intruders could get into the other systems that are online.
00.39.32.1 Michael Vatis And another consideration is not just what system did you install and to what is it connected, but whom did you use to install it? Because one of the biggest sets of problems that we deal with in this area comes from insiders. So not just what employees have access to the system, but what contractors did you use to design the system and to install it? ‘Cause that's often the place where you'll find the weak link.
00.39.53.8 Moderator Well, Mike Arlington, what we did was we actually changed the 911 system too and again we thought this was going to be more secure, but it looks like it's increased our vulnerability. Do you think we're having the same problems, or does the new system at 911 present the same sort of problems that it appears the air traffic control system does?
00.40.13.1 Mike Arlington It's a little different situation in the sense that we would have to know, first of all, are all the other phones working, is it just 911. If it is just 911 that is down, then that gives us a starting place. Our first, our first mission here is to get 911 up and running. So we would do everything we could to go around the existing setup so that we could get 911 working again. And that can be done relatively easily and quickly. And I assume that we'd been contacted by law enforcement and we would know all of this.
00.40.51.0 Moderator Okay but when we have a new system do you think about new vulnerabilities that we've been talking about? The possibility that we're now opening up different kinds of gateways than we did before?
00.40.59.0 Mayor Bill Campbell Yeah because we paid an enormous amount of money being assured that putting this new 911 system in was going to give us more security, be better at making certain that we were thwarting these kind of attacks, and now you're telling us our system's down already, we've only had it installed for six months. What's going on here?
00.41.17.9 Moderator The mayor's not happy.
00.41.19.3 Timothy Shimeall Well there's a big difference-
00.41.20.5 Mayor Bill Campbell I may be in the air, but as soon as I get down, heads are going to roll, I tell you.
00.41.24.0 Timothy Shimeall Well there's a big difference. The defenders have to find all of the problems. The attackers only have to find one.
00.41.29.9 Moderator Explain that to me, I'm not sure I understand that.
00.41.32.5 Timothy Shimeall I mean all the intruders need to do is find one hole that let's them into the system, and they're in. And they may be able to then proceed to upgrade their privileges, to gain more, more and more control over the system, to change information that's there.
00.41.47.0 Mayor Bill Campbell You know, I don't want to hear all this psychobabble, here's what I want to know: we paid a lot of money for a system that's supposed to be secure, that's the mainstay for people accessing emergency systems. You're telling me now that you're not able to reassure me that, in essence, the system can easily be opened up by any hacker? That's not what we paid for and I'm telling you, this seems to absolutely go against the grain of everything that we were told in the people that sold us the system in the first place.
00.42.15.8 Timothy Shimeall What was secure six months ago is not secure now because, number one-
00.42.19.5 Mayor Bill Campbell Weren't we buying for the future?
00.42.22.0 Timothy Shimeall Well, number one, there've been software upgrades in the last six months. The system got changed. Some of those software upgrades may have had unintended consequences that open up a pathway into the system. Number two, the intruder community is constantly researching ways to poke at these systems, and break into them. They find new methods to get in that didn't exist six months ago. Number three, the systems you're tying into, for example, the fire department systems that the 911 system interacts with, and that the air traffic control system interacts with, may also have gotten upgraded and changed-
00.42.58.7 Mayor Bill Campbell I never liked the fire chief anyway. He bought a system from his old-
00.43.02.3 Michael Reilly We're going to bring that up now?
00.43.03.0 Mayor Bill Campbell He bought a system from his buddy who had a connection with some guy who was getting a deal. I knew it wasn't the right thing to do right then.
00.43.10.5 Moderator Mike did you take into-
00.43.11.0 Michael Reilly You're taking the assumption that this is an outsider. How about it could be an insider? Maybe it's not an outside thing, maybe it's someone inside that's trying to do it, because of the way you treated him in that raise you didn't give him.
00.43.22.2 Moderator Uh oh, uh oh. Well Mike [Reilly] tell me, when you're thinking about upgrading your system are you thinking about these kinds of vulnerabilities when you purchase new equipment from your best friend on the computers?
00.43.32.1 Michael Reilly For emergency services, we absolutely do. Obviously our services are designed to maintain emergency services within our jurisdiction, and we want to make sure that we're there to provide a service to the public. That's what they pay for, that's what they entrust us for. So when we put these systems together we do try and make them as tangible for us and untangible for others that aren't authorized to use the system.
00.43.53.5 Jerry Hauer The biggest problem that you run into with a lot of the emergency service systems in the country is a lot of them are cookie-cutter. A lot of the dispatch systems that are used by fire, EMS, and police departments are sold from one city to the next, and they're customized to a degree for each jurisdiction, but they've got the same gateways of entry. There's a few companies that sell these kinds of systems, and they tend to go from city to city, and the smaller the city, the less customization there is. The bigger the city, the bigger the needs. But, particularly in smaller types of environments where there's not a lot of money available to customize it, they tend to be pretty standardized from one to the next, and if you go into one dispatch center you'll see a system with the same icons, the same screen, similar to another one.
00.44.50.5 Moderator And does standardization somehow affect the vulnerability of the system, do you think, John?
00.44.55.0 John Vranesevich Well, it can. It certainly can lead to widespread problems because if it turns out to be something in one of these systems that was installed that means that there could very well be other cities that are vulnerable to the same problems whether this be a teenager, or terrorist group, or what have you behind this, be rest assured that they would be actively seeking those other systems.
00.45.14.6 Moderator - Tim I want you to-
00.45.15.0 Michael Robinson -because if the life of the systems, commercial off-the-shelf products are something that not just small agencies but large agencies are engaged in purchasing because we cannot, we don't have the resources within government to maintain those systems, nor to upgrade them, nor to do the R&D and development in-house, as we used to do years ago when we had those systems that were proprietary in nature. So there's that huge move toward off-the-shelf products.
00.45.42.0 Jerry Hauer But the fire chief's going to be the one that goes in to tell Bill that he bought something of the shelf that wasn't that customized that has six or seven gateways of entry for all these hackers.
00.45.50.5 Michael Reilly And my brother-in-law assured me.
00.45.53.2 Michael Reilly (at same time as Mayor Bill Campbell) He said it was the best system out there.
00.45.53.2 Mayor Bill Campbell (at same time as Michael Reilly) And that's the way it works.
00.45.56.2 Moderator Tim advise the mayor and his administration what they should be doing and thinking about when they're upgrading their systems.
00.46.02.4 Tim Shimeall Well number one-
00.46.03.5 Moderator And, and by the way, he's still on that plane.
00.46.06.0 Timothy Shimeall Oh yeah. We hope you're down soon, mayor. I'm sure the Gotham's still up, really. Part of the things that you need to be looking at is, number one, what holes have been found recently in these systems? Your systems people need to be aware of the constant evolution of the problems. And this is a difficulty because you're really paying your systems people to do something else. You're paying your systems people to add new users, to install new functionality, to bring new services online, particularly with the Super Bowl here, they're going to need to coordinate in with a large number of other agencies they don't normally coordinate with. And so the systems techs are busy doing that, not watching, "oh, there's been a recent hole found here, with this service." Or "there've been recent attacks related to these kinds of ports, these kinds of connections, between machines."
00.46.57.4 Mayor Bill Campbell But I thought what we were doing in doing the upgrades in our technology was making our city a smart city, that we were using as an example for everywhere else in the country to follow. Now you're telling me that, in essence, we've increased our vulnerability?
00.47.10.9 Timothy Shimeall Well, it's possible to lock down each system individually, and yet not have the collection be secure, because the individual systems, each vendor of which is assuring you, "yes, we're secure," make different assumptions about what security means. How much of your people really looked at the system as a whole, and the ways of attacking the system as a whole? Where are the critical nodes? Specifically with this kind of a scenario. Hey, we've got some problems with the telephone switching systems that are used in multiple ways: to tie air traffic control centers together, to tie 911 together, there may even be cases where telephone land lines, particularly in a large area like Metropolis, may be connecting with traffic light, or traffic light controllers, via telephone infrastructure. Telephones are everywhere.
00.47.57.5 Mayor Bill Campbell Look, I've already talked to the chief, we're not having the problems yet with the traffic lights. What I guess I need to know is, how sophisticated an attack is this that would bring down both the 911 system and the air traffic control system. We've never really had such a similar occurrence anywhere where both systems have gone down at the same time, anywhere else that I'm aware of. So what are we dealing with here?
00.48.18.7 Timothy Shimeall We'll start looking at the common nodes. That is, where do these systems touch? What do they rely on that are in fact the same? Are both these systems built on top of Windows NT? Or on top of UNIX versions?



[ Are There Backup Systems? ]
00.48.31.2 Moderator And that might give us a clue as to where we should go. Alright well let's talk a little bit about how the discussion turns to the possibility of falling back on some old systems. After all, we've got an emergency system, or a situation, going on here. What might happen? How might we be able to handle this emergency situation, Jerry, if our technology is down?
00.48.51.7 Jerry Hauer Well, for any one of the primary systems, both for fire, police, and EMS, all of the dispatch centers should have alternate ways of handling the calls. And that could be going back to card systems, back to some kind of manual process where you actually pull the alarm box out, look at the response, do it by radio, or where you actually move patient calls by card systems or paper.
00.49.24.5 Mayor Bill Campbell Let me ask you something, Jerry: is our inter-agency communication affected, is our radio system affected by this 911 shutdown, which obviously makes the situation more difficult?
00.49.36.0 Jerry Hauer No, the radio systems should not be impacted because we've got microwave backup links that are secure, that don't rely, one of the concerns in developing all of these communication systems is you're always at the mercy of the phone company, for instance. And if they don't get into us they could backdoor it by getting in through the phone company. So when we developed this system we put some microwave backups in that are not reliant on any one provider. We've got multiple backups. So our radio system will remain in place, as well as the fact that, if all else fails, we can go to point to point on the radio system. So we've got multiple redundancies on the radio. The issue is, once people do get in, if they can call in on the non-emergency number, how are we going to manage the dispatch of those calls, or- ?
00.50.32.0 Moderator And that's my question. Are people trained to do that? Are they trained to do these anymore? I mean there used-
00.50.36.0 Mayor Bill Campbell Almost like the old switchboard system.
00.50.37.5 Moderator Right! There used to be the system where people did this all the time. The air traffic controllers would look at the radar and extrapolate that information. They hardly ever have to do that now. So are they trained to do it?
00.50.47.0 Jerry Hauer Well, it really depends on the location. Fortunately, we've been very proactive in our city and we do, on a regular basis in our dispatch centers, have backup drills where we go to alternative means because we do recognize that you could wind up with a backhoe hitting one of the fiber-optic cables, something that's not intentional, but something we have lived through, where we had a backhoe hit a fiber-optic cable and knock out the 911 system for a good part of the city. So we have had experience with it, we have practiced on a regular basis not having primary systems in place and having to rely on backup systems, having to go to cards and paper-
00.51.30.3 Moderator Are you doing those practices at the fire department?
00.51.32.0 Michael Reilly Not only do we-yeah absolutely. And the system that he's talking about, being redundant, is besides the computer-aided dispatch system, and the mobile radio system, we also have direct-line communication, which is hardwired from the communications center to every one of the fire stations, which is not affected by the computers. Plus we have the regular hardline telephone, which is the non-emergency numbers in there. And our dispatchers do it all the time, practice. In fact, we do it when we're not practicing. We take the system down for maintenance, or for repairs, or if we're going to change an algorithm, we have to take the system offline, and when they do that, they have to rely on that redundant system that's already in place.
00.52.07.4 Leslee Stein-Spencer Plus our hospitals and our emergency vehicles, they still, their lines will not be affected, and they routinely test and train to make sure their communications with the hospitals and medical direction will not be affected, so that they're on board.
00.52.19.8 Michael Robinson There's a tremendous amount of understanding now on the part of FEMA and emergency management coordinators at the state and local level, that they need to exercise their systems, and they need to conduct exercises now that deal with these sorts of possibilities. No longer are we just exercising and doing tabletop exercises assuming that there's a tornado or there's a flood. We have to look at those infrastructure difficulties and problems that may occur. So we are in fact in a position, when one of these sorts of incidents happens, to respond to it much the same way we would in any other-
00.53.02.2 Mayor Bill Campbell But the most remarkable thing is, at a time when we are more vulnerable than ever, as a nation, both in our local infrastructures and the state systems, we probably are spending less money for the ultimate preparation and readiness than we ever have before. It was very easy fire drills, or nuclear bomb exercises, because the public could actually, they can see it. They can see the movies. But what you have now is this notion of cyberterrorism which is affecting maybe more than ever before, at a time when the public wants to pay even less for emergency management preparation, which really is fairly extensive because this is an area that's, from the ground up, look you got her son over here that's hacking into the 911 system. She has no idea; she thinks he's a great kid. And that's happening over and over and over again-
00.53.57.4 Moderator She still thinks it.
00.53.58.4 Mayor Bill Campbell and we-yeah, until the police show up at the front door. Bu