Ah….yet another example of the high quality, well spent funds and cracker jack analysis associated with state fusion centers.
A few weeks ago everyone went into pre-panic mode when reports surfaced that those damn Russkies had launched a cyber attack on an Illinois water station (perhaps because they take offense to Chicago claiming the bears?).
Hackers gained remote access into the control system of the city water utility in Springfield, Illinois, and destroyed a pump last week, according to a report released by a state fusion center and obtained by a security expert.
Well, then, over the next few days, it got interesting.
The DHS notice, released late Tuesday, asserts that information released by the Illinois Statewide Terrorism and Intelligence Center earlier this month about the water pump was based on raw and unconfirmed data, implying that it should never have been made public.
I apologize but allow me to quote a really good bit from that same story. Wired contacted an ‘expert’ who questioned DHS’s notice.
“This smells to high holy heaven, because when you look at the Illinois report, nowhere was the word preliminary ever used,” Weiss said, noting that the fusion center — which is composed of Illinois state police, as well as representatives from the FBI and DHS — distributed the report to other critical infrastructure facilities in that state. “It was just laying out facts. How do the facts all of a sudden all fall apart?”
How? HOW?? Apparently this dude hasn’t been reading this blog or he’d know how. Fusion centers are not renowned for their rigorous analytical methodologies. Most fusion centers (with DHS’s collusion) have done little more than summarize the work of others and shuffle information around (in strange and only occasionally helpful ways) and slap an analysis label on it. When they do try to do analysis it usually reminds you of the quote by Mr. Johnson (if I make take the liberty).
“Sir, a fusion center’s analysis is like a dog’s walking on his hind legs. It is not done well; but you are surprised to find it done at all.”
So, now that it’s been discovered that there was, in fact, NO hack but rather a fully cleared contractor remotely accessing the water station while on holiday in Russia…at the request of the water utility.
Let the finger pointing begin! Anxious to avoid the reputation of being slack jawed morons the Illinois fusion center fights back!
“We did not create the report,” said [Illinois fusion center] spokeswoman Monique Bond. “The report is created by a number of agencies, including the Department of Homeland Security, and we basically are just the facilitator of the report. It doesn’t originate from the [fusion center] but is distributed by the [fusion center].”
So, their defense is basically that they aren’t responsible for the report since all they do is ‘facilitate’ reports. I wonder how much it costs in terms of state and federal funding to have this level of quality of facilitation?
Not willing to allow the fusion center leave this fight with an ounce of dignity, DHS lands a solid kick in the dangly bits.
But DHS is pointing the finger back at the fusion center, saying if the report had been DHS-approved, six different offices would have had to sign off on it.
“Because this was an Illinois [fusion center] product, it did not undergo such a review,” a DHS official said.
And how does the Illinois fusion center respond?
Instead of trying to figure out how this report happened they’ve decided to go another route:
The center’s focus…was on how Weiss received a copy of the report that he should never have received.
“We’re very concerned about the leak of controlled information,” Bond said. “Our internal review is looking at how did this information get passed along, confidential or controlled information, get disseminated and put into the hands of users that are not approved to receive that information. That’s number one.”
Because preventing embarrassing situations is more important than producing shoddy analysis.