Water pumps and terrorism-related information sharing systems

reports — which were based on raw, unconfirmed data and subsequently leaked to the media — that any credentials were stolen, or that any vendor was involved in any malicious activity that led to a pump failure at the water plant,” the agencies declared.

Some security analysts say Weiss should never have distributed the preliminary report in the first place without first confirming the details of the incident, but what occurred seems to be indicative of a larger breakdown in information sharing channels.

In his defense, Weiss said STIC should not have issued a report that did not clearly indicate that it was a preliminary report and that the whole chain of events reveals a serious underlying problem with the domestic intelligence reporting channels.

What Illinois put out is scarier than hell,” he said, but what surprises him the most is why it took more than a week for ICS-CERT, DHS, and the FBI to investigate the report and declare it as incorrect. In addition, Weiss said local Fusion Centers often seem to circulate reports locally before the information is passed on to federal authorities.

Regardless of the leaked report, the incident does reveal the continued information sharing difficulties the FBI and DHS have struggled to overcome as Weiss pointed out.

In a Government Accountability Office (GAO) report, released on October 2011, auditors wrote, “The government continues to make progress in sharing terrorism-related information among its many security partners, but does not yet have a fully-functioning ISE (information sharing environment) in place.”

Since the 9/11 attacks, government officials have worked tirelessly to develop an information sharing process to avoid another major attack from occurring. A central piece of domestic terrorism intelligence gathering has been Fusion Centers, a central repository for state and local law enforcement officials to receive, analyze, and share critical security related intelligence with federal authorities.

Since the Centers’ creation, DHS has continued to refine its logistics and procedures, but based on past GAO reports, local operators have expressedfrustration with some unable to access federal information systems or key data only being released to federal personnel stationed at the center.

Their criticisms were supported by another GAO report, which noted, “Information technology systems do not fully support information sharing between DHS and state and local fusion centers. Specifically, fusion center personnel make limited use of information sharing systems and instead rely on emails for situational awareness and intelligence sharing.”

The report went on to say, “Personnel from fusion centers identified challenges with limited system content and usability, as well as the existence of too many federal systems and no ability to conduct comprehensive or simultaneous searches across multiple systems or department databases.”

In its latest report titled “Progress Made and Challenges Remaining in Sharing Terrorism-Related Information,” GAO auditors noted that while progress had been made, officials had yet to develop an overall plan to coordinate information sharing procedures or goals to gauge progress.

According to the report, “Accomplishing these steps, as well as ensuring agencies have the necessary resources and leadership commitment, should help strengthen sharing and address issues GAO has identified that make information sharing a high-risk area.”

While officials continue to streamline the information sharing process, it remains a challenge as the Illinois water pump incident reveals. Had STIC’s initial report on hackers attacking a water pump in Illinois been valid, countless numbers of other facilities across the country could have been surreptitiously infected as federal investigators examined the incident.  More alarmingly, one must wonder whether the federal response would have been as rapid had Weiss not raised the alarm and thrown the issue into the national spotlight as he did?

Eugene K. Chow is executive editor of the Homeland Security NewsWire