|
In Table 15.1, computer hackers means individuals or groups using remote access to
<br />explore, vandalize, or destroy websites, computer databases and such. For utility
<br />systems, hackers can also interfere with or usurp contro~ of SCADA systems and may
<br />thus affect system operations directly.
<br />
<br /> Table 15.1
<br /> Threat Spectrum for Terrorist Actions
<br />
<br /> Adversary Number of Equipment
<br /> Adversaries Level of Knowledge Weapons Objectives
<br /> Tools
<br /> Extensive knowledge of hand tools, handguns or automabc Extensive damage to cnbcal
<br /> Outs,der h~gh level 1 to small group security systems, power tools, weapons, ~ncend~ary dewces, faclllbes, w~despread
<br /> facfl~bes and modes of
<br /> vehicles expios,ves, contaminants damage or casualties
<br /> attack
<br /> Limited knowledge of hand tools,
<br /> OutsCder medium leve[ 1 to 3 secunty systems, handguns, ~ncendlary devices,
<br /> facilities and modes of power tools, exploslves, contaminants Damage or casualues
<br /> vehicle
<br /> attack
<br /> M~mmal knowledge of
<br /> Outsider low level 1 or 2 secunty systems, hand tools None Vandahsm, damage or
<br /> facdltles and modes of casualties
<br /> attack
<br />
<br /> Extensive knowledge of On s~te tools,
<br />
<br /> Insider h~gh leve~ I secunty systems, chemicals, handguns or automatic
<br /> facd~bes, operabons, equipment, weapons, incendiary devices, Damage or casualbes
<br /> pohc~es and procedures vehicles explosives, contaminants
<br />
<br /> Moderate knowledge of On s~te tools,
<br /> security systems, chemicals, handguns, ~ncendlary devices, Damage or casualbes
<br /> Insider med~ujm level 1 facdltles, operations, equ~pmem, explosives, contaminants
<br /> pohcles and procedures vehicles
<br />
<br /> L~mlted knowledge of On s~te tools,
<br /> secunty systems, chemicals, Vandalism, damage or
<br /> Insider Iow level 1 facq~bes, operabons, equipment, handgun or none casualties
<br /> pohc~es and procedures vehicles
<br />
<br /> Fud knowledge of IT Soph~sbcated Destruction of data and
<br /> Hacker high level 1 to small group ~ntrastructure, security
<br /> systems, SCADA hacker tools N/A systems, bus,ness
<br /> and methods operabons
<br /> systems
<br /> Moderate knowledge of Moderately Demal of servc~e or
<br /> Hacker, medium level 1 or 2 IT ~ntrastructure, security sophlsbcated N/A d~srupt~on of some bus,ness
<br /> systems, SCADA hacker tools
<br /> systems and methods serwces
<br />
<br /> Dm~ted knowledge of IT
<br />
<br /> Hacker Iow tevel I ~ntrastructure, security N/A N/A Minor cyberwandahsm to
<br /> systems, SCADA non-critical bus,ness areas
<br /> system s
<br />
<br />The probable impacts of terrorist events on the Eugene/Springfield Metro Area are
<br />summarized below in Table 15.2. For the Eugene/Springfield Metro Area, the most
<br />probable malevolent events are small scale events (vandalism or minor damage) by
<br />insiders or local outsiders or computer hackers. Large scale terrorist actions by domestic
<br />or international groups are possible, but with a low probability.
<br />
<br />Evaluation of the potential for terrorist actions has many similarities to other hazards such
<br />as dam failures or major earthquakes where the annual probability of such events is low,
<br />but the consequences may be extremely high. Thus, such unlikely, but certainly possible,
<br />events must be included in prudent mitigation planning. The consequences of major
<br />terrorist actions are extremely high and therefore, pragmatic measures to reduce the
<br />probability of such occurrences and/or to reduce the consequences if they do occur are
<br />certainly warranted.
<br />
<br />Public Review Draft: October 14, 2004 15-2
<br />
<br />
<br />
|