Home   Archived News   Press Releases 2002

NCS, Canadian Representatives Tackle SNMP Issue

Washington D.C., October 29, 2002 - For over 14 years, the National Communications System (NCS) has forged an emergency telecommunications relationship with its neighboring border country, Canada. This relationship has helped both countries react to many natural disasters from the January 1998 ice storms that ravaged areas of Canada and New England to the December 1998 four-day storm that caused excessive flooding to many areas of the Pacific Northwest.

Recently, the NCS and Canada expanded their efforts in the cyber world, gathering information regarding a recent vulnerability discovered in the transmission of information across the Internet.

This past February, the National Infrastructure Protection Center (NIPC) released an alert notifying the public that the Oulu University in Finland had reported multiple vulnerabilities in the Simple Network Management Protocol (SNMP). SNMP is the most popular protocol in use to manage many core network devices such as routers, switchers, hubs, bridges, and wireless network access points. SNMP is a standard that transports information between these networked devices, but encoding errors were found throughout the SNMP code, leaving it vulnerable to the insertion of malicious code.

Due to their years of planning and operational cooperation, and the fact the SNMP wasn’t a problem that could be solved by the United States alone, discussion was started to see what level of collaboration could be attained to promote an effective partnership to combat the threat. Bernie Farrell, Manager of the National Coordinating Center for Telecommunications (NCC), spoke with Jan Skora, Director General (Radio and Broadcasting Regulations), Industry Canada and discussed options to sharing information on the vulnerability.

For SNMP operations, options included using e-mail (encrypted), since the nature of the threat and response activities were extremely sensitive in the early response stage; meetings; and detailing someone from Canada to the NCC to both be the conduit between Canada and the United States. and assist the NCC team as needed.

Mr. John Kluver, Emergency Telecommunications Officer, Industry Canada, volunteered to be that individual who would physically reside in the NCC for a number of weeks and work with the NCS on the SNMP vulnerability. This was an unprecedented step – a member of the Canadian Government residing in the NCC for an extended period of time. Over the years, there have been many meetings between the two countries, many teleconferences, emails, and phone calls, but never before had someone from another country physically worked in the NCC. The closest the two nations had gotten previously was in the planning and operational interfaces created to monitor the Y2K rollover. Canada and the United States teamed together to plan and populate a common database that tracked the progress of the rollover.

Industry Canada is part of the Canadian Government responsible for supporting and developing business and the economy in Canada and can be compared to the U.S. Department of Commerce. It has a Minister, Mr. Allan Rock, a Deputy Minister and several components including Policy, Telecommunications, Consumer Advocacy and Industry Sector Development. At the onset of the e-commerce age, the Department of Communications within the Canadian Government merged with Industry Canada. This makes Industry Canada an even more appropriate part of the Canadian Government to work directly with the NCS on emergency preparedness communications issues.

Farrell and Skora feel that the close-knit working relationship between the NCS and Industry Canada could be considered the forerunner of today’s information sharing relationship essential to protecting the world’s critical infrastructures. “It is a model for international and cross-border relations in the communications sector,” said Kluver. He added that this already established relationship enables each country to act or react to any kind of disaster, national or natural, physical or cyber. Kluver said recent events have proven that this kind of partnership is just what the emergency preparedness community needs to share information in order to prevent or mitigate the effects of some kind of large-scale emergency event.

As for SNMP, both the NCC and Industry Canada agreed that assigning a Canadian telecommunications specialist to the NCC for this project was an excellent idea. However, it wasn’t as easy to put into place as was originally thought.

First, there was the security issue. In order for Kluver to receive an NCS/Defense Information Systems Agency (DISA) security badge, a formal request had to be made through the Canadian Embassy, go through the Defense Intelligence Agency, then return through the DISA security process. The process can be a very lengthy, but once the sequence of events was uncovered, it took about a week to grant Kluver the required security clearance.

Kluver also discovered that acceptance of his presence in the NCC was not immediate. Even after all of the communicating each organization had done over the years, trust was an element that was not there…at least at first. Kluver felt that the individuals working in the NCC were hesitant about speaking freely while he was stationed in the NCC.

Farrell felt this might happen and waited to see how the relationship would evolve. Even though classified information was being discussed between NCC staff and their industry partners on SMNP, it took time to include Kluver as a trusted NCC team member. Kluver indicated that these initial stumbling blocks were overcome within a matter of days, but their presence was a surprise and served as lessons learned for any detail situation between countries where sensitive information is being discussed.

As the relationship grew, Kluver soon became a conduit of information for the Canadian telecommunications infrastructure. Kluver worked under Farrell’s direction from February 20 to March 16, 2002, had daily teleconferences with Industry Canada, and was able to help Canada best interface with the telecommunications industry in Canada. He also attended meetings with the NCC industry representatives during his tenure in the NCC and was exposed to some private sector information sharing that was sanitized and then sent back to help Canadian industry with telecommunications issues. It was a valuable experience that took with him when he departed the NCC to return to Canada. Kluver said, “All together, it was a great experience”.

Since his physical departure from the NCC, the working relationship between Industry Canada and the NCC has become even closer and stronger. Maren Hansen, Director, Canadian Office of Cyber Infrastructure Protection Emergency Preparedness (OCIPEP), replaced John as the conduit to Canada, thus providing a link to the interagency and cross sector aspects of the Canadian Government, a process has developed that if similar coordination is required OCIPEP will provide the representative.

Skora believes these kinds of relationships can only help each country understand the others’ needs. “The sharing of timely information can alert Government and industry entities of possible threats and vulnerabilities,” said Skora, who is very happy with how things are progressing with the NCS and Industry Canada relationship. “Industry Canada has been able to better view and understand a lot of the efforts that are underway in the U.S. concerning threats to the Nation’s critical infrastructures,” he said.

One initiative that Skora is tackling is trying to implement Industry Canada to establish telecommunications Information Sharing and Analysis Center (ISAC) similar to the ones being set up in the United States. Presidential Decision Directive (PDD) 63, “Critical Infrastructure Protection,” emphasized the importance of the sharing of information between Government and industry and encouraged both to set up ISACs in each of the critical infrastructures. The NCS’ NCC was established as the ISAC for telecommunications.

Skora explained that the telecommunications sector in Canada is “pretty well organized” with government in its protection of physical critical infrastructures and its emergency preparedness functions, but added that the cyber side is not as well organized. In addition, Skora said the Government-to-Government and industry-to-industry communication and sharing of information works well, but Government to industry still needs work. He said the relationship that Industry Canada has with the NCS is helping Canada to establish their own telecommunications ISAC and is giving them much needed insight and knowledge into the sharing of information between Government and industry. “These kinds of benefits are invaluable in the fight against threats and vulnerabilities in the physical and cyber world, and in the effort to combat terrorism,” he said.

Privacy Policy