Water rationing in Yemen; a sign of things to come?

Drivers wait at Al-Suhaini Well, near Al-Saleh Mosque in the Yemeni capital Sanaa, for three to fours hours to have their trucks filled with water. © Adel Yahya/IRIN

IRIN reports on new levels of water rationing in Yemeni cities.

“Water and sanitation companies in Yemen are adopting unprecedented water rationing in major cities”, reports IRIN in a recent article.

Price hikes, rising demand, and decreasing precipitation has brought the situation to a critical head.  Estimates place Yemen’s water deficit at 1.28 billion m³.

The impact on local residents has been huge.  One resident reports,

Our household has received no water for 21 days, so I turned to buying water from trucks… In the past month, I bought water four times, costing me YR10,000 [$50] – nearly one-third of my monthly salary.

Is this a sign of things to come in other parts of the arid world?

US agricultural production to decline severely under climate change

New research from North Carolina State University published in this month’s Proceedings of the National Academy of Sciences, suggests that the United States could experience stark crop yield declines under moderate climate change scenarios.

From Treehugger:

Agriculture and resource economist Michael Roberts and economist Dr. Wolfram Schenkler determined the impact of warming temperatures on corn, soybeans and cotton. They found that each had a critical temperature threshold above which crop yields started plummeting: 29°C for corn, 30°C for soybeans and 32°C for cotton.

Under slower global warming scenarios, Roberts and Schenkler project that yields for these crops could decline 30-46%. Under rapid global warming scenarios things got really bad, with yields dropping 63-82%.

White House urges better response planning for nuclear attacks

The recently released Planning Guidance for Response to a Nuclear Detonation, developed by the White House Homeland Security Council, stresses that it’s “incumbent upon all levels of government” to prepare “through focused nuclear attack response planning.” Mayors, governors, emergency managers and first responders will be the first to deal with the consequences, and according to that same guidance, “local and state community preparedness to respond to a nuclear detonation could result in life-saving on the order of tens of thousands of lives.”

Ready or Not?, a yearly analysis of preparedness for health emergencies that’s released by the nonprofit Trust for America’s Health, found that “surge capacity remains the largest threat to the nation’s ability to respond to a major catastrophe.” Local, and specifically, regional abilities to care for the wounded will be vital just after a nuclear terrorist attack. Unfortunately many communities haven’t gotten the point.

Two assumptions prevail at the local level: 1.) Any nuclear explosion will completely destroy a major city; and 2.) The military is the only organization capable of responding.

A new report suggests that “surge capacity is the largest threat” to America’s ability to respond to a major catastrophe.

From the press release:

Ready or Not?, a yearly analysis of preparedness for health emergencies that’s released by the nonprofit Trust for America’s Health, found that “surge capacity remains the largest threat to the nation’s ability to respond to a major catastrophe.” Local, and specifically, regional abilities to care for the wounded will be vital just after a nuclear terrorist attack. Unfortunately many communities haven’t gotten the point.

The report notes that, “Two assumptions prevail at the local level:

1. Any nuclear explosion will completely destroy a major city; and
2. The military is the only organization capable of responding.

Because it often takes the military time to respond to catastrophic events, the report urges local governments to consider and prepare for what they would do if the military doesn’t arrive in time.

The report suggests that local decision-makers:

1. Come to grips with the threat and understand that the military can’t arrive immediately to help.
2. Realize that isn’t a problem for only large, high-risk cities, but one that requires a regional response.
3. Actually make plans and co-ordinate with your neighbours.

The press release concludes that, “Such preparation isn’t necessarily specific to nuclear terrorism. Regional preparedness and response can be used for a range of catastrophic events, including hurricanes such as Katrina. Moving down the scale, preparing for the “big one” will help communities deal with the small disasters they face every year.”

Press release here, full report here.

Is Huawei behind GhostNet?

Huawei is the state run Chinese telecom infrastructure provider, who’s aggressive pricing and high quality devices have made them the favourite of many national IT backbones (including Britain).  Are they involved with GhostNet and could they be used for further international espionage?

IT security threats and web wars are an integral component of today’s security and humanitarian landscape.  Much has been made about Twitter’s role in the recent Iranian social unrest, for example.  A recent Reuters report suggests that Isreal is turning to cyberwarfare for increasingly sophisticated jamming attacks and offensives.

“Asked to speculate about how Israel might target Iran, Borg said malware — a commonly used abbreviation for “malicious software” — could be inserted to corrupt, commandeer or crash the controls of sensitive sites like uranium enrichment plants.

Such attacks could be immediate, he said. Or they might be latent, with the malware loitering unseen and awaiting an external trigger, or pre-set to strike automatically when the infected facility reaches a more critical level of activity.”

Organised and swarm-based attacks on central state infrastructure has become so common as to barely warrant news mention.  A North Korean bot net is currently attacked dozens of US government websites in Seoul (“North Korea Launches Massive Cyberattack on Seoul“)  From Slashdot:

“A botnet composed of about 50,000 infected computers has been waging a war against US government Web sites and causing headaches for businesses in the US and South Korea. The attack started Saturday, and security experts have credited it with knocking the Federal Trade Commission’s (FTC’s) web site offline for parts of Monday and Tuesday. Several other government Web sites have also been targeted, including the Department of Transportation.”

GhostNet

Although these attacks are from North Korea, many others originate in China.  A recent study from by the InfoWar Monitor uncovered a “massive Chinese espionage network,” called GhostNet.  The Guardian reports:

“GhostNet appears to target embassies, media groups, NGOs, international organisations, government foreign ministries and the offices of the Dalai Lama.

After 10 months of study, the researchers concluded that GhostNet had invaded 1,295 computers in 103 countries, but it appeared to be most focused on countries in south Asia and south-east Asia, as well as the Dalai Lama’s offices in India, Brussels, London and New York. The network continues to infiltrate dozens of new computers each week.

There was a similar article in the New York Times, “Vast Spy System Loots Computers in 103 Countries“.

The Huawei Connection

No definite proof has been found linking the Chinese state to these actions.  Yet many are worried that the Chinese government may play a role in such attacks.  A recent white paper from the University of Cambridge, entitled “The Snooping Dragon“, claims to have documented concrete evidence of state officials using malware to infiltrate pro-Tibet activist computers.

The link to China’s state communications company, Huawai, appears particularly suspect.  Huawei technology is at the core of BT’s new 10 billion communications upgrade.  A NetworkedWorld article discusses the close connections between Huawei and the Chinese military.  It reports,

Huawei maintains deep ties with the Chinese military, which serves a multi-faceted role as an important customer, as well as Huawei’s political patron and research and development partner.

Both the government and the military tout Huawei as a national champion, and the company is currently China’s largest, fastest-growing, and most impressive telecommunications equipment manufacturer.

In a related report entitled “Spy Chiefs Fear Chinese Security Threat”, The Times Online reports,

INTELLIGENCE chiefs have warned that China may have gained the capability to shut down Britain by crippling its telecoms and utilities.

According to the sources, the ministerial committee on national security was told at the January meeting that Huawei components that form key parts of BT’s new network might already contain malicious elements waiting to be activated by China.

Working through Huawei, China was already equipped to make “covert modifications” or to “compromise equipment in ways that are very hard to detect” and that might later “remotely disrupt or even permanently disable the network”, the meeting was told.

This would be likely to have a “significant impact on critical services” such as power and water supplies, food distribution, the financial system and transport, which were dependent on computers to operate.

INTELLIGENCE chiefs have warned that China may have gained the capability to shut down Britain by crippling its telecoms and utilities.

According to the sources, the ministerial committee on national security was told at the January meeting that Huawei components that form key parts of BT’s new network might already contain malicious elements waiting to be activated by China.

Working through Huawei, China was already equipped to make “covert modifications” or to “compromise equipment in ways that are very hard to detect” and that might later “remotely disrupt or even permanently disable the network”, the meeting was told.

This would be likely to have a “significant impact on critical services” such as power and water supplies, food distribution, the financial system and transport, which were dependent on computers to operate.

Discussion

Many wonder how Huawei might accomplish these security breaches.  WTWU at SpyBlog suggests that it would be silly for Huawei to do so.  They write,

It would be incredibly risky for the Chinese Government to attempt to insert such trojan horse “backdoors” into Huawei manufactured equipment, especially into the hardware, where the evidence cannot be deleted after a Denial of Service attack etc.

The cost of using such a capability, if it even exists, would be to immediately destroy the multi billion pound Huawei company commercially.

Yet in a recent confidential interview, an ex-Huawei employee suggested that the speed of sales and the level of complexity of such systems has little to no quality control checking or safety assurance of the components.

It would therefore be close to impossible to monitor the security of the commercial services sold by Huawei, given the tremendous volume of such sales.

Worse than hardware might be a software backdoor, which is easily modifiable and less risky than hardware breaches.

Although there is no evidence that Huawei is related to the kinds of cyberattacks and web espionage efforts such as GhostNet, there does appear to be a plausible connection.

The impact of such a link, and its relationship to development and humanitarian aid, may be worthy of monitoring and consideration.

Good news: Europe’s largest onshore renewable energy farm to expand

The BBC is carrying a nice piece reporting on some good energy news; the largest onshore windfarm in Europe was just approved for expansion.

Scottish Power Renewables will now be able to install a further 36 turbines, bringing the new capacity to 452 MW. When completed it will be able to power 250,000 homes.

In addition, a £2 million visitor center will be constructed, and the entire wind farm opened up to the public for walking and cycling during the summer.

Somali Pirates Attacking Food Aid Ships

The Humanitarian Relief blog has a great news round up of recent pirate attacks on ships carrying IFP aid to various parts of the world.   

Excerpt:

Over the past two weeks, the pirates have attacked three ships carrying food for the World Food Program and other aid groups.  The most notorious incident was the April 8th pirate attack on the Maersk Alabama, including the US Navy’s dramatic rescue of Captain Richard Phillips five days later.

The ship was carrying food aid destined for Kenya, Somalia, Uganda and Rwanda.

Then, last Tuesday, pirates captured the Sea Horse, a ship heading to India to load food destined for Somalia. 

That same day, pirates also attacked the ship Liberty Sun, which had just offloaded food in Sudan.  (The Liberty Sun was able to escape – to read emails sent by a crew member during the fighting, see here.)

Thanks to Michael for the round-up!

Hackers have already attacked US electric grid

GreenerComputing reflects on CIA reports recently released which admits that hackers from around the world have already attacked the US electric grid.

A year ago at the the critical infrastructure SANS SCADA Summit in New Orleans, the CIA said that hackers had already hacked into the networks of power companies overseas. The site SecurityFocus reported:

The cases involved unknown attackers compromising a utilities company’s network and then demanding ransom from the firm. In at least one case, the attack cause a power outage that affected multiple cities, the CIA analyst said.

The attacks were launched via the Internet. Here’s the full statement that the CIA official gave, according to the SANS Institute:

“We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands. We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge. We have information that cyber attacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet.”

 

NASA, space storms and social collapse

The New Scientist reports on a recent NASA study evaluating the risk of solar plasma flares.

Not your average humanitarian issue but interesting none the less:

It is midnight on 22 September 2012 and the skies above Manhattan are filled with a flickering curtain of colourful light. Few New Yorkers have seen the aurora this far south but their fascination is short-lived. Within a few seconds, electric bulbs dim and flicker, then become unusually bright for a fleeting moment. Then all the lights in the state go out. Within 90 seconds, the entire eastern half of the US is without power.

A year later and millions of Americans are dead and the nation’s infrastructure lies in tatters. The World Bank declares America a developing nation. Europe, Scandinavia, China and Japan are also struggling to recover from the same fateful event – a violent storm, 150 million kilometres away on the surface of the sun.

It sounds ridiculous. Surely the sun couldn’t create so profound a disaster on Earth. Yet an extraordinary report funded by NASA and issued by the US National Academy of Sciences (NAS) in January this year claims it could do just that.

 

Full report, “Severe Space Weather Events–Understanding Societal and Economic Impacts” (for purchase).  

Full article, “Space storm alert: 90 seconds from catastrophe“

US researchers find disaster relief laws unsuitable for modern threats

New York University Professor Mitchell Moss suggests in the Journal of Homeland Security and Emergency Management, that US Federal disaster relief legislation is dangerously out of date and must be reformed to provide for rapid relief after a catastrophe.

The paper argues that the main US Federal Disaster laws, in the form of the Stafford Act, is too cumbersome to be of use for today’s complex crises.  The report’s author argues that the laws:

 

• Not recognizing 21st century threats such as chemical, biological, nuclear or radiological attacks or accidents as legal grounds for a major disaster declaration by the President; 

• Fail to establish a difference between the scale of rural and urban disaster – the Stafford Act offers the same level of aid for a blizzard in a rural community as it does for a major earthquake in a metropolis. 

It goes on to suggest that US lawmakers should,

• Amend the definition of a “major disaster” to recognize 21st century threats such as chemical, biological, radiological, and nuclear attacks and accidents; 

• Create a level of disaster specifically for “catastrophes” to cover incidents such as Hurricane Katrina and September 11 and to provide increased levels of aid beyond that provided at the “major disaster” levels

The press release can be found here and the full paper here.

Political net attacks on the rise

 

Kevin Siers, North Carolina - Editorial cartoons from the Charlotte Observer

The MIT Technology Review has an excellent interview with a series of Internet security experts, which finds that politically motivated net attacks are sharply on the rise.

When armed conflict flared up between Russia and Georgia last summer, the smaller country also found itself subject to a crippling, coordinated Internet attack. An army of PCs controlled by hackers with strong ties to Russian hacking groups flooded Georgian sites with dummy requests, making it near impossible for them to respond to legitimate traffic. The attacks came fast and furious, at times directing 800 megabits of data per second at a targeted website.

Wikipedia defines a denial-of-service attack (DOS) as ” an attempt to make a computer resource unavailable to its intended users”.  The US Computer Emergency Response Team has an overview here, observing that most DOS attacks involve:

unusually slow network performance (opening files or accessing web sites)

unavailability of a particular web site

inability to access any web site

dramatic increase in the amount of spam you receive in your account

While this is merely inconvenient for most public websites, such attacks effect every aspect of the internet and can be used to cripple email, file transfers, intranets, and all means of web-based communication.

Better use of cyber infrastructure, including such net attacks, will be an increasingly common trend in the future.  Imagine if aid agencies themselves become the target of such attacks?  What if the humanitarian expulsion from Darfur also involved sophisticated efforts to cripple aid groups at their core, vis-a-vis target denial of service attacks? 

UPDATE – Paul Currion, as usual, has a fantastic example of this kind of thing from Sudan, posted mere hours before this one!  Well done Paul and thanks for the link!

UPDATE 2 – Humanitarian.info provides more examples on how this is already affected aid agencies (“Denial of service = denial of reality”).  It seems our “hypothetical” question about Darfur has actually already happened.  Do any other HFP Blog readers out there know of similar attacks on aid agencies and NGO’s?