1010001010101101010010101010110101001011101010100101110101010101010 1011010101010101101101010101010010101010101010101010110101001010101 0101110101101011001010101010101010101010100101010101010110101010100 the cip report CENTER FOR INFRASTRUCTURE PROTECTION volume 8 number 2

August 2009 In this issue of The CIP Report, we focus on Na t i o n a l Mo n u m e n t s National Monuments and Icons. This is an area defined as one of the 18 critical infrastructure and a n d Ic o n s key resources. However, monuments and icons also symbolize our nation’s pride in our history and traditions.

NMI Sector Overview...... 2 CENTER First, we provide an overview of the National for US Secret Service ...... 3 Monuments and Icons (NMI) Sector. The article INFRASTRUCTURE PROTECTION describes the administration of the sector as well National Mall Plan...... 4 as the criteria used to identify an asset as a monument or icon. Next, we Statue of Liberty...... 6 feature an interview with the Secret Service that details the role they play in National Security Special Events. The School of Recreation, Health, Legal Insights...... 8 and Tourism at George Mason University discusses their research on the Cyber Conflict Perspectives...... 10 National Mall Plan. The National Park Service is creating this plan as a long term vision for the National Mall and George Mason has been Cyber Conference...... 16 working as part of the evaluation team. Finally, an article about the Statue of Liberty provides the background of this significant and beloved monument. Editorial Staff This month’sLegal Insights reviews an ongoing case that relates to how the Editors law defines terrorist acts and the potential for this law to change. Cyber Devon Hardy Conflict Perspectives discusses why the private sector is best equipped for Olivia Pacheco responding to cyber security issues. Lastly, we include information on the Staff Writers Cyber Conflict Legal and Policy Conference taking place September 9-11, Tim Clancy 2009 in Talin, Estonia. Maeve Dion Joseph Maltby We hope you enjoy this issue of The CIP Report as well as find it useful JMU Coordinators and informative. Thank you for your support and feedback. Ken Newbold John Noftsinger Publisher Liz Hale-Salice Mick Kicklighter Contact: [email protected] Director, CIP 703.993.4840 George Mason University, School of Law Click here to subscribe. Visit us online for this and other issues at http://cip.gmu.edu The CIP Report August 2009

The National Monuments and Icons Sector

Since the birth of this young array of assets, systems, networks, Following the refinement of the country, enduring symbols such as and functions located throughout the defining criteria, a list of potential the Liberty Bell, the Statue of United States. candidates for the NMI Sector was Liberty, the Lincoln Memorial, and compiled. The list was compiled Mount Rushmore have visually NMI Sector assets share the following from existing records such as the narrated the history of the United three common characteristics: National Register of Historic Places, States of America. This past 4th of the List of National Historic July and throughout the remaining 1) Are a monument, physical Landmarks, and input from Federal, summer, tourists and residents alike structure, or object; State, local and tribal offices. Once will experience the very essence of the candidate list was compiled, the National Monuments and Icons 2) Are recognized both nationally and each asset was analyzed. First, it was (NMI) Sector. internationally as representing the determined if the asset belonged in Nation’s heritage, traditions, and/or another sector. Many physical This sector is one of the 18 critical values or for their national, cultural, structures that some might consider infrastructure and key resources religious, historic, or political appropriate for inclusion in the sectors. The United States significance; and NMI Sector, such as the Golden Department of the Interior (DOI), Gate Bridge and the Sears Tower, which was established in 1849 to 3) Serve the primary purpose of are actually delegated to sectors manage public lands, is the NMI memorializing or representing such as Transportation Systems and Sector-Specific Agency (SSA).1 significant aspects of the Nation’s Commercial Facilities.2 Second, the However, the DOI closely heritage, traditions, or values and as characteristics of the asset were collaborates with the Department of points of interest for visitors and carefully compared to the defining Homeland Security (DHS) and educational activities. They generally criteria required for inclusion in the other Sector-Specific Agencies do not have a purpose or function that NMI Sector. Finally, if an asset met (SSAs ) with regards to establishing fits under the responsibility of another the above requirements, the process and accomplishing the goals of the sector. of conducting sector risk sector. The first goal set forth by assessments commenced. DOI, DHS, and the SSAs was the NMI Sector assets are essentially development of specific criteria that physical structures and include the The risk assessment allows asset would be used to identify and operational staff and visitors who may operators to evaluate the define an asset as a monument or be affected by an all-hazard incident. psychological impacts to the public icon and subsequently be included They do not include public figures or morale should a national in the sector. Since the inception of technology applications, and there are monument or icon be destroyed by the NMI Sector, the defining negligible cyber risks. The sector has a natural disaster, man-made criteria have been carefully refined. no infrastructure located outside the disaster, or a terrorist attack. As is According to the NMI Sector Lead, United States. There are no critical evident in the 2007 Sector-Specific all of the assets in the sector share foreign dependencies associated with Plan (SSP), asset operators are most the following characteristics: the sector because of the nature of the concerned with “the impact to the assets. The NMI Sector encompasses a diverse (Continued on Page 11) 1 National Monuments and Icons Sector Specific Plan (2007): http://www.dhs.gov/xlibrary/assets/nipp-ssp-national- monuments-icons.pdf. 2 Ibid. 2 The CIP Report August 2009

The Secret Service and National Security Special Events

The following is based on an Unconventional Threats to the even if the event itself, like the interview with Secret Service Homeland and Americans Overseas. Super Bowl, may not be considered Spokesman Malcolm Wiley as well This was codified into statute by the a centerpiece of national security. as news coverage of the Washington Presidential Threat Protection Act Independence Day celebrations. of 2000 and later superseded within Once an event is designated as a the executive branch by Homeland NSSE, the Secret Service forms an The Secret Service is renowned for Security Presidential Directive – 15: executive steering committee for its mission to protect. Its agents are U.S. Strategy and Policy in the War planning. This steering committee highly visible and often surround on Terror. includes representatives from every very high-profile public figures. This agency which will be contributing responsibility and dedication has An event is designated as a NSSE by resources or has a jurisdiction earned the Secret Service and its the Secretary of DHS. The Secret touching the NSSE. Then, agents a certain respect in popular Service has no input into what subcommittees are created for every culture. It is perhaps less known events qualify for the designation. issue which will require some that the Secret Service plays a key In most circumstances, the Secret attention during the planning role in managing security for a Service does not need to inform process, such as explosives, special category of public events DHS about an event; all levels of transportation, critical labeled “National Security Special the Federal government will most infrastructure protection, Events” (NSSEs). These NSSEs likely be aware of an event large emergency services, etc. There are comprise of a particular variety of enough to qualify as a NSSE. dozens of subcommittees, all infrastructure that need to be Events such as the Democratic and featuring the involved experts from protected, albeit in an impermanent Republican Conventions, which are that area, all chaired or co-chaired form, given that these events organized far in advance, allow the by a member of the Secret Service, assemble and dissolve over the Secret Service to begin the planning and all reporting to the steering course of a few days. As Malcolm process months beforehand, often committee. Over time, these Wiley explains, this lesser known well before the official designation disparate elements are hammered responsibility meshes very well with is released. On the other hand, out into one complete plan that the Secret Service’s other missions. Wiley recalls an event with a less accounts for everything related to There is a distinct continuum advantageous time frame, like the security and crisis management for between protecting one individual November 2008 Washington D.C. the NSSE. Wiley states that these and protecting a mass of individuals G-20 summit, which allowed for plans are extraordinarily detail- attending a special event. In fact, less than a month of preparation. oriented and reflect hours upon even before this responsibility was hours of effort. granted to the Secret Service, many Which events qualify for the NSSE of the individuals it was protecting designation? Factors considered There are distinct roles for the many were attendees of these types of include the size of the event, the players involved with securing a events, ensuring that the Secret likelihood of attendance by U.S. special event. If an incident occurs Service assure the event’s safety. officials or foreign dignitaries, and at a NSSE, the Federal Bureau of the national significance of the Investigation manages responses to The Secret Service acquired this event. These events are important crisis situations and the Federal responsibility in 1998 through national events; icons of a sort. An Emergency Management Agency Presidential Decision Directive – attack or catastrophe could takes the lead in consequence 62: Protection Against potentially harm national morale, (Continued on Page 12) 3 The CIP Report August 2009

Protecting Icons and Individuals: The National Mall Plan

by Maggie Daniels, Laurie Harmon, Min Park and Russ Brayley School of Recreation, Health and Tourism, George Mason University

Introduction opportunities for tourists and finding a balance between public residents (NPS, 2009). In addition, access and protection of both The National Mall & Memorial the park includes significant cultural visitors and park resources. The Parks (National Mall) is a unit of resources and downtown visitor NPS is in the process of creating a the National Park Service (NPS) destinations such as Ford’s Theatre 50-year vision plan for the National and home to icons such as the National Historic Site, the African Mall, entitled the National Mall Washington Monument, Lincoln American Civil War Memorial and Plan. The purpose of this research Memorial, Jefferson Memorial, Pennsylvania Avenue from the U.S. summary is to outline the aspects Franklin Delano Roosevelt Capitol to the White House. of the plan that are specific to safety Memorial, Constitution Gardens, Museums on or near the National and security and detail how the Korean War Veterans Memorial, Mall, such as those operated by the NPS has systematically involved Vietnam Veterans Memorial, and Smithsonian Institution as well as the public in the planning process. World War II Memorial. The the National Gallery of Art, Researchers in the School of National Mall also contains some National Archives, and the U.S. Recreation, Health and Tourism at of the oldest protected park lands in Holocaust Memorial Museum, are George Mason University have been the United States that provide separate entities from the National part of the evaluation team for close relaxation and recreation Mall. to three years, specifically involved in the analysis of public comment Taken together, the monuments, as related to select plan stages. The memorials, and natural resources of first two of four stages are complete: the National Mall comprise an 1) Public Scoping Comments; and enduring symbol that provide an 2) Public Comments on National inspiring setting and backdrop for Mall Plan Alternatives. These stages the legislative and executive will be discussed, with an emphasis branches of the U.S. government. on public reaction to safety and Enjoyed by over 25 million national security issues. and international visitors every year, the National Mall is a primary Stage 1: Public Scoping Comments location for public gatherings such as demonstrations, rallies, and When devising a 50-year vision plan festivals. Annually, the park receives for the National Mall, NPS over 3,000 applications for public management felt that it was gatherings resulting in more than essential to receive substantive 14,000 event-days (NPS 2007). feedback from the public regarding what they want to see and Because the National Mall is many experience when they visit this things to many people, addressing center of heritage and national The Washington Monument, as competing goals and priorities can identity. Accordingly, open-ended seen from the World War Two be challenging. A particularly questions were posted on the Memorial. complex management task involves Photo courtesy of Liz Hale-Salice. (Continued on Page 5) 4 The CIP Report August 2009

Mall Plan(Cont. from 4)

National Mall Plan website, and • Sadly, public The World War Two Memorial. directed publicity was used to gatherings and Photo courtesy of Liz Hale-Salice. garner interest in answering the government questions or providing comment buildings are through the National Mall Plan attractive website, by e-mail, surface mail, fax, terrorist targets, or at one of the many associated and issues of public meetings. access, egress, security, and Respondents did not provide emergency answers in any defined pattern. response must Some individuals systematically be addressed. addressed each of the items, while most simply shared their thoughts • I was and feelings about the National disappointed in Mall and changes they would like the way that the to see made. Close to 1,000 pieces new security zone with all the fencing and of unique correspondence were measures around the monuments cement. received, which were thematically have distracted from the overall segmented by comment type, look. I found myself buying photos • The National Park Service should resulting in nearly 3,000 from photographers that were able look into developing more attractive independent comments. Of these, to take pictures before all the protective barriers to surround our approximately 100 comments were barricades went up. national monuments and memorials specific to safety and security. on the Mall. • I was upset by the mish-mash of Public comments that highlighted “security” fences surrounding our • Security barricades must be safety and security issues fell into public buildings. I do sincerely discreet and porous to pedestrians, two categories: facility protection understand the need for safety but, but capable of stopping vehicles. and personal safety. The first this looks tacky and make-do. I was Easier said than done. category, facilities, was visiting the same area in 1986 and infrastructure based and pertained everything was lovely and accessible. While public sentiment suggested to public thoughts on how safety It seems a shame that, in the interest that, by and large, there is enough and security are handled at of security, we have a nation’s or too much facility protection, monuments, memorials, and other capitol that looks like a yard sale. views changed when personal safety buildings. Public feedback towards was addressed. Personal safety observed facility protective measures • We took the boys for a walk entailed the desire for a police/ illustrated a range of emotions, around the White House. I had not patrol presence to enhance feelings primarily negative, including been here with them since 2000, so of individual security. In general, resignation, disappointment, I was surprised that the side gardens those who commented expressed a sadness, and anger. There was were closed. I understand the need desire for more police presence and general agreement that measures for security, but this is the people’s increased visibility, as illustrated in such as jersey barriers and snow house. I’m sad that my children, the sample quotes below: fences are unsightly, ineffective, and and any others, will not get to annoying. The sample quotes experience that beautiful pathway • Currently, there is not enough illustrate the spectrum of thoughts alongside the White House. police/security presence on the and emotions: • We look like a third class city war (Continued on Page 14) 5 The CIP Report August 2009

The Statue of Liberty: Liberty Enlightening the World

Introduction American Union to design a copies of the statue. Proceeds from sculpture to commemorate the the sale of the statues helped raise The Statue of Liberty, officially centennial of the American money to build the full statue. The titled Liberty Enlightening the Declaration of Independence. The United States contributed funds World, was proclaimed a national construction of the monument was through benefit theatrical events, monument in 1924 through a joint effort; the United States built art exhibitions, auctions, and prize Presidential Proclamation 1713. the pedestal and the French were fights. Joseph Pulitzer (noted for This monument, which represents responsible for the Statue and its the Pulitzer Prize) wrote editorials freedom and is recognized assembly. This unified effort in his newspaper, The World, to throughout the world, is represented the friendship support the cause to bring the administered by the National Park established between the United Statue of Liberty to America. Service, a bureau within the States and France during the Pulitzer’s criticism of both the upper Department of Interior (DOI). The American Revolution. and middle classes was successful in Statue depicts a woman motivating the people of America escaping the chains of tyranny, to donate.2 The construction of which lie at her feet. In her the pedestal was complete in right hand, she holds a burning April 1886. Bartholdi then torch that represents liberty and commissioned Alexandre her left hand holds a tablet Gustave Eiffel, designer of the inscribed with the date “July 4, Eiffel Tower, to design the 1776” (in Roman numerals), massive iron pylon and the date the United States secondary skeletal framework. declared its independence from England. Lady Liberty is The Statue was completed in wearing flowing robes and the France in July, 1884. The future seven rays of her spiked crown Lady Liberty then boarded the symbolize the seven seas and French frigate Isere and was continents. The Statue of Liberty on Liberty Island. transported to New York. While en route, the Statue was The Statue of Liberty’s History Both countries were creative in their disassembled into 350 individual fund raising efforts due to lack of pieces and packed in 214 crates. In At the end of the Civil War, government financing. In France, June 1885, the Statue arrived in Édouard René de Laboulaye, a public fees, various forms of New York Harbor and was then re- French jurist, proposed the idea of entertainment, and a lottery were assembled on her new pedestal. On bestowing a gift to the United used to raise funds. In 1879, October 28th 1886, the dedication States: a statue representing liberty. Bartholdi was awarded a design of the Statue of Liberty took place In 1876, sculptor Frederic Auguste patent, U.S. Patent Design No. in front of thousands of spectators.3 Bartholdi, a friend of Laboulaye, 11,023, for the Statue of Liberty.1 was commissioned by the Franco- This patent covered the sale of small (Continued on Page 7)

1 http://www.google.com/patents?vid=D11023. 2 Statue of Liberty History, U.S. Department of the Interior, National Park Service: http://www.nps.gov/archive/stli/prod02. htm#Statue%20of. 3 Ibid. 6 The CIP Report August 2009

Liberty (Cont. from 6)

The National Park Service venture, the Statue commemorates the anniversary of re-opened to the the Statue of Liberty annually on public during October 28th. Liberty’s centennial celebration on July Since the dedication, the Statue of 5, 1986. Liberty has cultivated a rich history. Initially, the United States Recent Lighthouse Board held Development responsibility for the care and operation of the Statue of Liberty; Following the jurisdiction then transferred to the terrorist attacks on War Department in 1901. During September 11th, World War I, the Statue of Liberty 2001 the Statue was permanently altered. Following of Liberty was Lady Liberty and her crown. the infamous “Black Tom” explosion closed for security Ellis Island with thermal imaging in 1916, visitor access to the torch concerns. On August 3, 2004, the and night vision capability. Obtain officially closed. To this day, the beloved Statue, with the exception 4 more effective boats and install torch remains restricted to visitors. of the crown, was reopened to the barge dock; and Eight years later, on October 15, public. The same year, the National • Assign U.S. Park Police detectives 1924, a Presidential Proclamation Park Service permanently to FBI Joint Terrorism declared Fort Wood (and the Statue released a protection plan for the Task Forces in New York and New of Liberty within it) a National Statue of Liberty detailing some of Jersey to enhance information on Monument. In 1933, the care and the safety and security potential threats.5 administration of the National improvements made since 2001. Monument was transferred to the Some of these improvements The plan indicates that while several National Park Service. include: security improvements were made, there are several measures that still Almost fifty years later, in May • Overhaul of fire detection and need to be increased to allow visitors 1982, President Ronald Reagan alarm systems; to safely access the monument. called for an effort to refurbish the • Installation of emergency lighting Statue of Liberty for its centennial and upgrading lighting throughout On July 4, 2009, after eight years of celebration. The National Park the structure; restricted access, the Statue of Service and The Statue of Liberty- • Enhancement of security Liberty’s crown is once-again Ellis Island Foundation, Inc. began screening for all visitors prior to accessible to the public. Rep. fundraising for the multi-million boarding ferries; Anthony Weiner, D-NY, was a dollar restoration project under a • Increase explosive detection K-9 huge proponent of reopening Lady public/private partnership. Shortly capability, to include U.S. Park Liberty’s crown, calling the decision thereafter, in 1984, the United Police sweeping all visitor ferries to close it “a partial victory for the Nations designated the Statue of and delivery trucks; terrorists.”6 Liberty as a World Heritage Site. • Initiate 24-hour marine law Following the successful restoration enforcement patrol for Liberty and (Continued on Page 13) 4 http://www.nps.gov/stli/planyourvisit/get-the-facts.htm. 5 Statue of Liberty Visitor Use and Protection Plan, U.S. Department of the Interior, National Park Service (2004): http://www.doi.gov/news/04_News_Releases/libertyiii.pdf. 6 Dobnik, Verena. “Statue of Liberty Crown to Reopen For First Time Since 9/11.” The Huffington Post(2009): http://www. huffingtonpost.com/2009/05/08/statue-of-liberty-crown-t_n_199791.html. 7 The CIP Report August 2009

Legal Insights

Criminal Justice & National Monuments/Icons Intersect

by Joe Maltby, JD, Research Associate

Our national monuments and icons World Bank Headquarters, a fuel that supported the verdict will be are key targets for potential terrorist depot, and the Masonic temple in sealed until the completion of attacks, attacks that could claim Northern Virginia. After returning Sadequee’s trial. Sadequee’s trial, hundreds, if not thousands, of lives. to Atlanta, Sadequee sent the following his arrest in Bangladesh Given this threat, it is no surprise “casing” videos to Younis Tsouli, a on April 20, 2006, is scheduled to that law enforcement keeps a close resident of the United Kingdom, commence in August 2009. eye on our national monuments who has since been convicted of and icons to prevent such events. terrorism offenses in the United Prosecutors claimed that the casing This heightened awareness has led, Kingdom. A few months later, in videos of monuments and icons in part, to a broadening of the July, Ahmed traveled from Atlanta were reconnaissance for future definition of what it means to to Pakistan. There, Ahmed terrorist activities and an attempt provide material support to attempted to obtain paramilitary for Ahmed to gain prestige with terrorists. The case of Syed Haris training with the hopes of overseas terrorist leaders. They Ahmed revolves around the eventually joining a terror group claimed that Tsouli was a National Monuments and Icons associated with attacks in Kashmir; propaganda channel for Al Qaeda Sector and its relationship to the however, he was unsuccessful in and other terror networks and that legal framework of homeland both endeavors. In August, Ahmed his videos inspired terrorist cells security. returned to Atlanta to prepare for around the world to take action, school while Sadequee traveled to calling them one step removed from Ahmed is a former Georgia Tech Bangladesh to marry his fiancée. carrying out terrorism. They drew student who, in March 2005, Despite their separation, both men attention to the fact that when traveled to Toronto to meet with continued to communicate with Ahmed was eventually arrested, law several other targets of FBI their co-conspirators. In March enforcement seized computer files investigations, most of whom were 2006, Ahmed was approached by which the FBI has yet to decode. allegedly part of a terror cell in FBI agents; he consented to At the same time, prosecutors Canada. While there, Ahmed and voluntary interviews regarding his emphasized that Ahmed did not other co-conspirators discussed past activities. After it was present an imminent threat to the strategic infrastructure targets to discovered that Ahmed was covertly United States; nevertheless, they attack within the United States. communicating with Sadequee to called for his conviction since During this meeting, the co- warn him about the investigation, waiting was an unnecessary risk. conspirators also discussed traveling Ahmed was arrested on March 23, The defense countered that the to Pakistan to attend a paramilitary 2006 in Atlanta. He was videos were essentially useless for training camp. In April, following subsequently charged with any purpose and merely represented the meeting in Canada, Ahmed and conspiracy to provide material an unfortunate bout of immature fellow co-conspirator, Ehansul support to terrorists. In June 2009, bravado from a student with no real Islam Sadequee, traveled to Ahmed was found guilty in open knowledge of terrorism or what a Washington, D.C. and filmed court; however, the sentencing will terror plot entails. Prosecutors then landmarks such as the Capitol, the be delayed and the written findings (Continued on Page 9) 8 The CIP Report August 2009

Legal Insights (Cont. from 8)

pointed to secret compartments under laws that were amended in religious services are specifically in Sadequee’s luggage carrying the the wake of 9/11. Ahmed’s acts exempted from this definition videos and to phone conversations were largely innocuous on their (U.S.C. Title 18, 2339A). The discussing a need to prepare for a own. It is only in combination with actual legal definition of “terrorism” final Islamic war. They also cited other events that they rise to the is fairly broad and covers any violent Ahmed’s attempt to simulate level of a punishable offense. This acts dangerous to human life which paramilitary training in Georgia. runs the risk of law enforcement are both intended to influence The defense called the defendants officers seeing patterns that are not governmental policy or civilian “childish” and argued that this actually there. At the same time, attitudes and are also already illegal evidence did not show that they most evidence in any criminal (U.S.C. 2331). The statute only ever posed any real threat to the indictment is circumstantial. requires that the act “appear” to be United States. They argued that Defendants who have the foresight an attempt to influence policy or posting a video of a Washington to commit crimes in front of a behavior, which significantly lessens monument or icon is essentially an video camera or a DNA sequencing the burden of proof for innocent act, even if that photo is machine are relatively rare. prosecutors. In the case at hand, later posted on a jihadist website. Prosecutors routinely rely on juries Ahmed’s behavior can be construed They also noted that the defendants to be able to put together a story as part of a pattern of material training consisted of paintball from dozens, or even hundreds, of support, despite the fact that no games. pieces of evidence. actual terrorist attack took place or was even imminent. This case represents an attempt by Knowingly providing material prosecutors and law enforcement support or resources to a foreign This case not only illustrates an to identify and shut down terror terrorist organization is a crime evolving legal standard, but it also plots while they are still in the carrying up to 15 years in prison applies to an important sector of planning stages, before they become and/or a fine. If the death of any critical infrastructure. National operational. However, this policy individual results from the support, monuments and icons represent key runs the risk of sweeping in then the accused faces up to a life targets for terrorist attacks. Top Al defendants who had no intention of sentence. The key element here is Qaeda leaders have repeatedly stated acting, whose plots had no chance knowledge of the organization’s their interest in the psychological of causing damage, or who merely terrorist activities or knowledge that effects of terrorist attacks and in acted suspiciously without any real the organization has been officially striking serious propaganda blows criminal intent. It is generally more designated for terrorist activities. to the United States. A national acceptable to charge defendants for The accused cannot be convicted monument does not offer much of actions that have already taken just because they provided support; a target in terms of long-term place, rather than trying to abort the prosecution needs to show that strategic potential. There are no prospective crimes in their they knew they were supporting ammunition stores at the preliminary stages, such as terrorism (U.S.C. Title 18, 2339B). Washington Monument. These conspiracy. This leads to a public Material support is defined broadly. attacks are planned for the shock policy debate about the role of It includes providing property, even value. Monuments also present preemptive law enforcement. Legal just allowing someone the use of ready targets because by their very experts commenting on this case a piece of land for training or as a nature they are open to large have noted that the line where hideout; money; services; supplies; numbers of people. Terrorists can consideration becomes criminal is training; transportation; or expert easily penetrate them, observe them, moving forward. Prosecutors are assistance. Even providing oneself even, as in the Ahmed case, film attempting to indict new varieties of as personnel qualifies as assistance. them without much effort. There is behavior for the first time, often However, providing medicine or (Continued on Page 18) 9 The CIP Report August 2009

Cyber Conflict Perspectives

Statutes vs. Service Level Agreements: Who Has the Best Legal Responses to Cyber Issues?

by Eneken Tikk, M.Jur.

I recently attended a lecture by Dr. In responding to cyber security government-level regulations and Daniel J. Ryan, a professor for the threats, the private sector is more cross-border agreements would take Information Operations and flexible, especially when it comes time. Assurance Department at the to sector or organization specific National Defense University, and risk assessment and mitigation. A If these solutions become successful was particularly impressed with his perfect tool for managing a portion for the private sector, governments comments regarding the legal of (inter) national cyber security is may introduce more efficient consequences that followed the the contract. It is difficult for legislation in the field and thereby emergence of ARPANET in 1969. governments to create a model implement best solutions into He remarked that the law has yet to regulation for user behavior, threat national legal frameworks. On the recover from the development of data transfers between entities, and/ other hand, perhaps the private this network. I believe that this or an early warning mechanism. sector initiatives will be enough to is an important point. No matter Therefore, the private sector can fill in the current gaps and therefore which cyber issues we try to solve build a framework to fit them and government action will be and how many times we attempt to their clients’ interests — by drafting unnecessary. Even so, the private do so, we continue to apply a user agreements that balance the sector will benefit from a cyber number of analogies to the cyber ease of access and use with elements security agenda that takes into security legal framework. of monitoring, reporting, and account their unique concerns enforcing Service Level Agreements and defenses in combination with Cyber incidents still occur with a that provide for more support to governmental ones, where number of security gaps. critical business processes when applicable. v Obviously, the gaps in the cyber legal requirements are not security legal framework require sufficient. structured and meaningful regulatory responses on a national There are a number of potential and potentially international benefits for a private sector level. During the response drafting initiative in this field; in addition, process, it is difficult for the private sector has the governments to determine how to motivation and resources to test the regulation of a global elaborate best practices. Indeed, community that does not adhere to governmental interests related to particular legal traditions or cyber security can only be achieved jurisdictions, but instead, unites with the help of the private sector different groups of different people, as most government and military who for different reasons have information systems are run by chosen to share a worldwide the private sector. Solutions can domain as a dimension of their be provided quickly through the everyday life. private sector, whereas

10 The CIP Report August 2009

NMI (Cont. from 2)

national morale and public represent American history and momentous. It is therefore confidence caused by damage or therefore must be openly accessible. imperative that these assets be destruction of a significant However, this also presents a accessible and be protected. monument or icon”. The security challenge in ensuring the Without these tangible monuments Homeland Security Institute protection of both the asset and and icons, our nation’s past is devoted an entire report to this visitor. As the 2007 SSP states, remembered only as vague subject matter. This report,Pilot “Although the assets are by nature recollections in our textbooks and Study: Psychosocial Impacts of a static and defined, the environment in our memories. v Terrorist Attack on a National Icon, surrounding the asset is dynamic.”4 Final Report, was published last In addition, the assets in this sector year. According to the National “attract large numbers of visitors Monuments and Icons Snapshot, a and present attractive target for more comprehensive study is adversaries. Protective measures desirable. must ensure the security of the site itself and plan for the safety of The risk assessment calculates the visitors in an emergency situation.”5 following considerations: 1) the psychological impact to public Essentially, while visitors explore morale following an all-hazards the wonders of our nation’s history, event; 2) the consequences of loss leaders in the sector are diligently of life and/or casualties, the working to protect both the history economy, the disruption to normal and the observer of history. As the life, the impact to other sectors, and sector evolves, leaders within the the environmental impact; 3) the sector will measure its progress and vulnerabilities to terrorist events, reevaluate the goals, definitions, which includes the assessment of and strategies that were initially security systems and the likelihood developed. Evidence of the sector’s of a successful attack, to determine progression and subsequent the overall risk value; and 4) the modifications will be available at assessment of a threat/attack the end of this year when the scenario.3 updated SSP is released.

Once a risk assessment has been Perhaps this is the smallest sector conducted for the monuments and and as the field of critical icons qualified to be included in the infrastructure protection matures, sector, protective programs are this sector may eventually merge developed and implemented. These with other relevant sectors. programs embody the uniqueness Regardless, the significance of the of the NMI Sector. It differs from history and cultural traditions that the other sectors in that it is these monuments and icons accessible to the public and in fact, represent is irrefutable. The encourages people to visit these psychological impact to the public, symbolic monuments and icons. should one or more of these assets These monuments and icons be destroyed, has the potential to be 3 Ibid. 4 Ibid. 5 Ibid. 11 The CIP Report August 2009

Secret Service (Cont. from 3)

management. As previously a well-executed event than the Wiley stresses the importance of discussed, the Secret Service locality hosting it. Therefore, this creating an institutional memory, oversees the entire planning process, message is quickly disseminated which is why the Secret Service which includes partnering with all from the top on down wherever the places special emphasis on after- participating agencies and Secret Service goes. action reports. Regardless of the organizations. Depending upon event’s level of success, the focus is the location and scale of the NSSE, Given the complex and ever- on learning what went right and dozens of Federal, state, and local changing nature of these events, the what went wrong so that the next law enforcement, response, and plan is often modified as new facts event can go even better. Wiley recovery entities may be involved. are revealed. This can be a points to the problems concerning Wiley recalls working on events headache, but Wiley considers the crowd control during the where some 58 entities were Secret Service and its planning Inauguration this year as an participating in the planning process to be quite flexible. The excellent example of a problem that process. However, the time concerns that they deal with have can hopefully be avoided next time. commitment and allocated evolved over the years to include At the same time, he points to the resources will vary as not every matters such as cybersecurity and amazing behavior of everyone event involves large groups of critical infrastructure protection. involved, both law enforcement and people. For example, during the political citizens, as the reason for an conventions last year, the Secret incredibly smooth event, all things Local law enforcement and Federal Service planned for dealing with considered. Wiley noted that there law enforcement train together in the consequences of hackers finding were two million extra people in the preparation. Different Federal law some way to electronically disrupt D.C. area and no additional arrests; enforcement entities work together the power supply. Not surprisingly, out of that two million, only ten on their division of responsibilities. this was not a major concern in thousand were affected by the crowd Some of this training takes place 1998. In addition, there are special control problems. News coverage of after the plan is drafted, but the concerns when an event involves a the Washington, D.C. execution of responsibilities this national monument or icon; in this Independence Day celebrations complex requires training in situation the Secret Service turns remarked upon other lessons advance, even before the plan is to partners like the National Park learned from the Inauguration, finalized. Wiley admits that it Service for guidance. leading to a smoother event. The sometimes makes a difference when Smithsonian metro stop was re- a NSSE takes place outside the Since these NSSEs involve an opened and police relied less on Beltway, particularly in areas which incredible amount of coordination baggage-checking stations and more do not often host such events. between agencies at every level of on random spot-checking, which Many of the regularly occurring government, it stands to reason that shortened lines. NSSEs take place in Washington, they might offer lessons about how D.C., which means local authorities to encourage coordination within Thus, the role of the Secret Service are well-versed in their homeland security. Wiley points during NSSEs will remain quiet, for responsibilities. When an event out that everyone involved the most part, simply because when takes place in a new area, the Secret genuinely hopes the event will go things go well, no one pays Service must take special care to well so the effort focuses on attention to them. As Wiley ensure everyone is trained in their ensuring that everyone understands himself puts it, security should responsibilities and the general their role. When everything goes never be the story. v concept of operations. Wiley according to plan, the leadership is stresses that this is less a matter of important, because the leaders’ will than of knowledge. After all, attitudes are reflected all the way no one stands to benefit more from down the chain of command.

12 The CIP Report August 2009

Liberty (Cont. from 7)

Many viewed the closing of Lady Liberty as part of The double helix staircase inside the Statue of Liberty. anti-terrorism security. However, according to the National Monuments and Icons Sector Lead, an official within the DOI, the closure of the crown was more of a life safety issue. According to a 2005 GAO report, Homeland Security: Actions Needed to Better Protect National Icons and Federal Office Buildings from Terrorism, the Statue of Liberty did not meet building codes for fire safety; in particular, the Statue did not meet standards for exits or fire suppression capability.7 If a fire were to occur, there would not be proper ventilation and evacuation in a timely manner would be extremely difficult due to the narrow double-helix staircase within the Statue. In order to remedy this problem new guidelines have been put in place for visitors. They include:

• Limiting the number of visitors to the crown to groups of no more than 10 visitors at a time; • All visitors must be able to climb and descend the stairs without assistance; and • All visitors should be aware that the statue is cramped and can often be much hotter than the outside temperature.8

The new restrictions that have been implemented, specifically related to the number of visitors accessing the crown at onetime, assist in controlling these concerns. Whether there is a terrorist-attack or a fire breaks out while people are visiting a monument, visitors need to evacuate in a timely manner while minimizing the risk of injury. This requires proper emergency preparedness.

Conclusion

In two years, Lady Liberty will close again for additional security improvements. When the Statue once again reopens, she will be able to accommodate double the current capacity that is allowed to access the crown.9

As is evident, the National Monuments and Icons Sector faces an enormous challenge. Those individuals charged with the protection of our national monuments and icons must not only cater to physical security concerns, but must also protect the people who visit. These leaders must also ensure that the Statue is publicly accessible. If the Statue of Liberty is unable to welcome visitors, it would be exceedingly difficult for the nostalgic public to fully appreciate the history that Lady Liberty has survived for over a hundred years. v

7 GAO report, Homeland Security: Actions Needed to Better Protect National Icons and Federal Office Buildings from Terrorism (2005): http://www.gao.gov/new.items/d05790.pdf. 8 Salazar Welcomes First Visitors to Tour Re-Opened Crown of Statue of Liberty, U.S. Department of the Interior, National Park Service (2009): http://www.doi.gov/news/09_News_Releases/070409.html. 9 Statue of Liberty Facts: July 4th Reopening and More, National Geographic News (2009): http://news.nationalgeographic.com/ news/2009/07/090702-statue-of-liberty-facts.html. 13 The CIP Report August 2009

Mall Plan (Cont. from 5)

The staute of Abraham Lincoln from inside patrols, dog patrols, horse personnel were able to directly the Lincoln Memorial. patrols, undercover officers, consider the public perspective as Photo courtesy of Liz Hale-Salice. etc. Police cars that patrol they crafted a series of alternatives the National Mall should for the National Mall Plan. Four be high-profile four-wheel- alternative plans were proposed to drives that can easily jump get a consensus on the development the curb and pursue of a preferred alternative: No- overland. Volunteer action alternative, Alternative A, neighborhood watch Alternative B, and Alternative patrols equipped with cell C. Among them, the No-action phones could increase the alternative served as the baseline number of eyes on the against which to measure the action National Mall. And a alternatives because it outlined couple of ultra-light police existing conditions. All alternatives aircraft that could patrol were designed to include main from the air and swoop missions of the National Mall: down on a trouble spot in preserving historic resources; seconds would be a nice providing space for constitutionally touch. based civic activities, national celebrations, and public enjoyment; • I was violently beaten by and exemplifying the best of four young men between sustainable urban ecological the ages of 14 and 20 who practices. These alternatives are National Mall to ensure the stole my brief case and broke the outlined in depth in the NPS protection of the great number of orbital socket of my eye in the Newsletter 3 document. The visitors. It is possible to walk from Southwest quadrant of the District. No-action alternative focuses on one end of the National Mall to Until you are a victim of a violent continuing current management the other and back and not see one crime, it is difficult to imagine what and identifying plans and actions uniformed officer. There should be goes through your head when you already moving forward; Alternative thought given to hiring seasonal/ are lying on the ground gasping for A focuses on the historic landscape part-time officers, provide sufficient air and wondering whether or not with its memorials and planned training and have them augment you’re going to make it. Architects, views and education; Alternative and support the Park Police, etc. landscape architects, engineers and B focuses on a welcoming national

urban planners must make public civic space for public gatherings, • Park police are not visible safety priority one and everything events, and high-use levels; and enough. else follows. Alternative C focuses on urban open space, urban ecology, recreation, • Please keep the National Mall • Forget the ninja outfits and and healthy lifestyles. SAFE. So far, it is a safe place to assault rifles. Visitors want to see visit, but recent muggings prove Park Police in uniform, on foot and Public comment regarding the that it could easily tip in the other on horseback. National Mall Plan alternatives direction. A person should be able went in an unexpected direction to go walking or running on the Stage 2: Comments on National when a Washington Post article National Mall at any hour of the Mall Plan Alternatives suggested that the alternatives day or night, and feel safe. This probably means mostly increased Having completed Stage 1, NPS police presence...bike patrols, foot (Continued on Page 15) 14 The CIP Report August 2009

Mall Plan (Cont. from 14)

under consideration might limit Amendment rights is and must be receive and care for the general First Amendment freedom of paramount in the final plan. There public. Little or no guidance is speech rights. Public reaction needs to be more specific language provided relative to the many was swift and strong, with 93% in each alternative to explain how scenarios that could evolve from of the close to 18,000 comments demonstrations/protests will be taking in the public. A plan should received pertaining specifically to protected, and how such activity be developed that fully incorporates First Amendment issues. Because will be accommodated in terms of the many factors that must be the alternatives did not directly the overall scheme. considered prior to permitting address First Amendment rights, the public access to federal facilities broad concern was that somehow Additional public comments to the during an emergency, such as, these civil liberties would not be alternatives that were specific to impact on security and government taken into consideration with safety and security issues largely operations, medical assistance, food the long-term management plans mimicked the feedback given and comfort, length of stay, under consideration. The NPS during Stage 1, where citizens were supporting logistics, law immediately stressed, in a variety concerned with protective measures enforcement support, etc. of forums, that First Amendment that would not compromise activities are fundamental to the a welcoming environment. • I would recommend that any overall purpose of the National Illustrative comments include: upgrades to the National Mall Mall, as based on the Constitution should include an increase in and reaffirmed in legal decisions • Increase nighttime security, not Federal Law Enforcement Officer over the years. Many of the public by installing powerful lights or new presence through the inclusion of comments regarding the alternatives fences but by increasing the police facilities to allow these individuals directly or indirectly reflected safety presence. Have the horses and to better serve the public. These and security issues, as there was fear officers out at night. I didn’t read recommendations could include that First Amendment restrictions about this in the alternatives, but facilities for blast-resistant fixed would be put in place for security increase funding for the mounted posts, dedicated, marked parking purposes: police and have them out there spaces for LE vehicles, highly-visible every day and night, patrolling base stations, emergency phones, • There should be NO restrictions, and meeting and greeting, they are etc. and NO permissions required, and another aspect that makes D.C. NO limits on gatherings of people unique, kids love them, the horses • Consideration should be given to on the Mall. are impressive. improving the lighting in the Park. In the past two years, criminal • It is essential that we maintain the • Plan for the Identification and incidents have occurred after dark in National Mall as a civic space, and Operation of Safe Havens: In the the early evening when the tourist not allow a plan to be implemented event of severe weather conditions population is still active. Low level which could be interpreted as or a terrorist incident, the general security lighting could be installed leaving the door open to restricting public must be permitted access to and lighted pathways could be protests. Please don’t shut down safe havens in proximity to the Park. established that provide for the safer the National Mall for mass protests! However, to date, there has not movement of pedestrians about the It’s one of the few large, centrally been a satisfactory plan to Park. located and richly symbolic spaces implement emergency ingress to that Americans still have to express federal facilities. Generally, weeks Conclusion themselves as mass movements. before an event, the law enforcement community asks • The protection of First agencies to “volunteer space” to (Continued on Page 18) 15 The CIP Report August 2009

Welcome to Cyber Conflict Legal and Policy Conference 2009!

This Legal and Policy Conference, organised jointly by the Cooperative Cyber Defence Centre of Excellence (CCD COE) and the George Mason University Center for Infrastructure Protection, will bring together an international community of experts in government, private sector, and academia to discuss a multidisciplinary approach to cyber conflict management, as well as to share current initiatives and best practices. The conference will take place in Tallinn, Estonia on September 9 to 11, 2009.

The aim of the conference is to develop tools and recommendations for some of the numerous legal and policy challenges in the field as well as promote closer collaboration among the international stakeholders of both the public and private sectors. The conference will address complications resulting from the different priorities and multiple lexicons of cyber incident management (technology, law enforcement, government policy/leadership, military, business, etc.), and will survey the different imperatives of various nations as well as international organisations regarding cyber security and cyber defence.

We look forward to seeing you in Tallinn,

LtCol Ilmar Tamm LTG(R) Claude M. “Mick” Kicklighter Cooperative Cyber Defence George Mason University Centre of Excellence Center for Infrastructure Protection

16 The CIP Report August 2009

Cyber Conflict Legal and Policy Conference

Tallinn, Estonia

9-11 September 2009

The preliminary agenda is available at http://www.ccdcoe.org/legalconference/5.html. On September 8th, the day before the conference, you are welcome to participate in a one-day training seminar on the legal aspects of cyber defense. The conference registration includes an option to enroll in the seminar.

The conference includes roundtables for all attendees to critique the presentations and conference discussions, resulting in documented identification of solutions, recommendations, and the way forward.

In order to ensure focused and substantial discussions among all participants during the event and especially at the roundtables, we are limiting attendance. We have opened general registration, and we encourage you to register soon, so as to guarantee a spot in the limited space available. Registration may be accomplished at https://www.ccdcoe.org/reg/643172579. For more information, contact Maeve Dion at [email protected].

Highlights from the agenda include:

• Keynote address from H.E. Toomas Hendrik Ilves, the President of the Republic of Estonia • Estonian Cyber Security Strategy after Lessons from 2007, by Ms. Heli Tiirmaa-Klaar, Estonia, Ministry of Defense • Lawyer’s Look at a Cyber Incident, by Prof. Daniel Ryan, U.S. National Defense University, Information Resources Management Center • Cyber Conflict in Bits and Bytes, byDr. Bret Michael, Naval Postgraduate School Industrial Control Systems Perspective, by Joe Weiss, U.S. • International Organizations’ Legal and Policy Approaches to Cyber Incident, by Eneken Tikk, Estonia, CCD COE • ICANN’s Developments in the Field of International Cyber Security, by Yurie Ito, Director of Global Security Programs, ICANN • Public-Private Partnerships and National Input to International Cyber Security, by Maeve Dion, U.S., GMU CIP • Law of Armed Conflict / Military Perspective, byCOL. Jody Evans, U.S. (TBC) • National Defence Law / Government’s Perspective, by Mr. Lauri Almann, Estonia, former Undersecretary of Defense • Information Society Law / User Perspective, by Prof. Lillian Edwards, U.K., Sheffield University School of Law

17 The CIP Report August 2009

Legal Insights (Cont. from 9) Mall Plan (Cont. from 15)

no easy method to distinguish accessed 7 July 2009. “Atlanta Jury Providing adequate yet unobtrusive between the terror recruit Indicts Two on Terror Charges,” facility and personal protection performing surveillance and the NY Sun, http://www.nysun.com/ measures is, as one astute tourist making memories. Icons national/atlanta-jury-indicts-two- respondent noted, “easier said than and monuments are unusually on-terror-charges/36439/, accessed done.” The overarching sentiment vulnerable, which makes them likely 7 July 2009. derived from the comments is one sites for future expansion of the of unrestricted access to these public legal tools for fighting terrorism. “United States of America v. Syed park lands while ensuring personal Many argue that these are high- Haris Ahmed and Ehsanul Islam safety. The National Mall Plan has value soft targets and that most Sadequee,” U.S. Attorney’s Office two more stages of public comment require expansion of the legal and for the Northern District of before its completion. Stage 3 policy tools available to combat Georgia, http://www.investigative presents a Preliminary Preferred terrorism. The debate over how to project.org/documents/case_docs/ Alternative. Comments pertaining use these tools will rage on, but this 140.pdf, accessed 27 July 2009. to this alternative are currently sector, the intersection of criminal being analyzed. Stage 4 will involve law and national icons, represents “Defendant Found Guilty of the release of the National Mall a key battleground in antiterrorism Conspiracy to Support Terrorists,” Plan/Draft Environmental Impact legal policy. v US Department of Justice, http:// Statement which will be available www.usdoj.gov/opa/pr/2009/ for public comment beginning in This article is based, in part, on June/09-nsd-572.html, accessed 7 the fall of 2009. Citizens are ongoing news coverage of the Ahmed July 2009. invited and encouraged to provide case. input regarding the future of this national treasure. v References: References: John Murgatroyd, “Ex-College Student’s Terror Trial Focuses on National Park Service (NPS) Travels, Codes,” CNN, http://www. (2007). A History of the National cnn.com/2009/CRIME/06/03/ Mall and Pennsylvania Avenue georgia.jihad.trial/index.html, National Historic Park. Available accessed 7 July 2009. at: http://www.nps.gov/national- mallplan/Documents/mallpaav “Former US University Student history.pdf. Convicted of Terror Charge,” The Guardian, http://www.guardian. NPS (2009). The National Mall co.uk/world/2009/jun/10/georgia- & Memorial Parks. Available at: tech-student-videotape-terrorism, http://www.nps.gov/NAMA/.

The Center for Infrastructure Protection works in conjunction with James Madison Univerity and seeks to fully integrate the disciplines of law, policy, and technology for enhancing the security of cyber-networks, physical systems, and economic processes supporting the Nation’s critical infrastructure. The Center is funded by a grant from the National Institute of Standards and Technology (NIST).

If you would like to be added to the distribution list for The CIP Report, please click on this link: http://listserv.gmu.edu/cgi-bin/wa?SUBED1=cipp-report-l&A=1

18