The September 11, 2001 Terrorist Attacks -- Critical Infrastructure Protection Lessons Learned

Incident Analysis Number: IA02-001
27 September 2002

Executive Summary

• In the year following the September 11 terrorist attacks on the World Trade Center and the Pentagon, a number of documents have been compiled that analyze the impact, response and outcomes that stem from the attacks. This report has been compiled to assist Canadian critical infrastructure (CI) owners and operators with their business continuity planning and emergency management (EM) preparations by identifying critical infrastructure protection (CIP) and EM lessons that can be learned from these tragic events. The analysis is based on open source information and feedback provided by CIP and EM partners. A selected list of lessons learned reports regarding the September 11 attacks has been included at the end of the document.
• The September 11 terrorist attacks impacted CI directly through their physical effect, and indirectly by provoking CI users, regulators and owners to take actions which further impacted CI.
• Future terrorist attacks may provoke actions from CI decision-makers that impact society, government and the economy more substantially than the terrorist incident itself.
• Communications: Predetermined emergency phone lines that are given call priority and immediate service attention during a crisis will assist emergency response. Redundant mobile communications facilities will assist EM.
• Transportation: The ability of the transportation sector to sustain normal functions will be jeopardized if sufficient planning and resources are not dedicated to meeting the challenges of an assistance operation.
• Energy: The rapid restoration of power to critical sites will be more efficient if a predetermined list identifies and prioritizes sites which are particularly vulnerable to prolonged outages.
• Banking and Finance: Comprehensive business continuity plans that include electronic and physical backup arrangements will enable most organizations to relocate and re-establish operations following a disaster.
• Government: The ability of government to coordinate its response to CI threats will be improved by the development of a government-wide alert system that incorporates high levels of security and infrastructure redundancy.

Click here to download full text of report (PDF 451KB)

Note to Readers

The Canadian Cyber Incident Response Centre (CCIRC) provides a focal point for Canada's cyber threat and vulnerability warning, analysis and response. CCIRC is responsible for assuring the resilience of national critical infrastructure through monitoring threats and coordinating a federal response to cyber security incidents of national interest. CCIRC operates in conjunction with the Government Operations Centre (GOC) within Public Safety Canada and is a key component of the government's all-hazards approach to emergency management and national security.

For general information, please contact Public Safety Canada's Public Affairs division at:

Telephone: 613-944-4875 or 1-800-830-3118
Fax: 613-998-9589
E-mail: communications@ps-sp.gc.ca