This post is also available in: heעברית (Hebrew)

When the 2001 anthrax attacks occurred in the US, “critical infrastructure sectors were caught unaware and unprepared.” For several weeks, letters containing anthrax spores were mailed to several news media offices and to Democratic Senators, killing five people and infecting 17 others. The lesson should be learned, claims a new report from the US Bipartisan Commission on Biodefense.

“The cost of testing, remediation, and prevention of further anthrax contamination exceeded $1 billion … The anthrax events of 2001 impacted 11 critical infrastructure sectors. All 16 critical infrastructure sectors remain at biological risk today.”

A critical infrastructure biodefense program should be established at the US Department of Homeland Security as “biological events could destroy, incapacitate, and disrupt critical infrastructure and prevent our society from both functioning properly and protecting itself,” says the report 

Interested in learning more about securing critical infrastructure? Attend INNOTECH 2021 Cyber, HLS, and Innovation Event at Expo Tel Aviv, Nov. 17-18.

According to the report cited by hstoday.com, sectors adversely impacted by the 2001 incidents included commercial facilities, emergency services,  critical manufacturing, energy, the defense industrial base, transportation, government facilities, healthcare, and even the chemical sector as demand for antibiotics Ciprofloxacin and Doxycycline skyrocketed.“

The damage to critical infrastructure sectors comes not just from the risk of reduced manpower as employees fall ill or die in large-scale biological events. “The malfunctioning of some sectors could exacerbate the impact of a biological event. For example, the physical compromise of Dams Sector water retention facilities could result in standing water that attracts mosquitoes and other vectors of disease,” the report states. 

Data compromises could spread disinformation about biological events or even “delay the identification of organisms and hamper the ability of these sectors to track the spread of disease.” COVID-19 showed how the supply chain can buckle under the demands of a pandemic.

And the critical infrastructure sectors are considered targets for biological attacks, “but some are more attractive than others,” the report notes, citing high-profile events such as the Super Bowl, institutions such as Congress, or transportation systems such as subways. “Influenza virus can survive on banknotes, which suggests that other organisms, including some biological agents, could use the Financial Services Sector to spread disease intentionally,” the report adds. “A significant biological event would result in the stock market dropping dramatically in a very short period of time, greatly affecting the Financial Services Sector as well as the national and global economies. A biological attack on agriculture (including food) would create shortages in the Food and Agriculture Sector.”

The commission recommended that Congress mandate federal defense of critical infrastructure against biological threats. 

“DHS bears a great deal of responsibility in this arena and should continue to build on previous activities to manage and reduce biological risk to critical infrastructure. However, all other sector specific federal agencies, as well as the owners and operators of the individual sectors, must also devote resources to help defend critical infrastructure against biological threats.”

Among others, the DHS biological risk management program should be established at the Cybersecurity and Infrastructure Security Agency to coordinate intelligence and subject-matter expertise and “report information to sector specific federal agencies about disease events.”