NCJ Number
196880
Journal
Governing Volume: 15 Issue: 9 Dated: April 2002 Pages: 20-24
Editor(s)
John Martin
Date Published
April 2002
Length
5 pages
Annotation
This article addresses the questions of what can be done to prevent terrorists breaking into critical State and local networks and wreaking havoc and how best to deal with crisis scenarios, if they occur.
Abstract
Public officials, from the Federal level down to the States and localities, are faced with the possibility of attacks on their computer networks. Such attacks are defined here as "someone creating mass destruction to create fear or foster social or political change." There is little certainty of 100 percent protection from such insidious invasions by hackers into the digital controls such as those monitoring chlorine injections at main water plants, causing the potential for contamination of water supplies; or hacking into criminal justice data, causing release of armed and dangerous felons. It is recommended that State and local governments can protect against cyber threats by putting policies and procedures in place to protect themselves while simultaneously preparing for the worst to happen. Keeping software updated, installing patches on systems to fix flaws, properly configuring firewalls, using intrusion-detection systems, and scanning for viruses in the right places on the network are given as necessary procedures to implement. "What if" games are played as a way to prepare and protect by simulating a complete shut down of computer facilities, but bringing them back up again in real time from a remote site. In order to prevent direct access to a control system from the Internet, it is recommended that a buffer zone be created between the Internet and the PC user within the company or plant system.