Occupy RoundUp: San Diego and Nashville Protestors Arrested; Egyptians March in Solidarity

San Diego Police surrounded Civic Center Plaza Thursday night, arresting occupiers.

While the media’s focus on the Occupy movement has been split between the Bay Area and New York City, OccupySD (San Diego) and OccupyNashville were pushed out of public parks on Thursday and Friday, resulting in 80 arrests. The movement, protesting against an economic and political system that unfairly benefits the top 1% of the population, has spread to cities throughout the country in just a few short weeks.

  • After San Diego protestors set-up (and took down) their camp every day for the past three weeks, the San Diego police moved in last night and arrested 51 occupiers, clearing out tents and personal possessions from San Diego’s Civic Center Plaza and Children’s Park.

    Police say they tried to reach out to the group earlier using professional mediators, but “These are not the kind of negotiations we’re used to, with this leaderless group,” the police chief said during a press conference. Occupiers returned Friday to find barriers erected around Civic Center plaza, and are planning a sleep-in later Friday night to protest their removal.

  • In Nashville, police changed the policy under which OccupyNashille had been occupying Legislative Plaza since Oct 7th. Within hours of that change, around 3am Friday morning, 75 state troopers moved in, cleared the site and made 29 arrests. According to the OccupyNashville Facebook page, the occupation had repeatedly sought law enforcement help with disruptive individuals, but were told they would have to pay for security personnel. The arrested occupiers faced charges of criminal trespassing, but the night court commisoner they were hauled in front of set them free, admonishing the police that they had “no lawful basis to arrest and charge those people.”

    After being released, occupiers have returned to Legislative Plaza, and GA is planned for 7pm Friday evening.

  • Protestors marched in Egypt’s Tahrir Square Friday in support of OccupyOakland after Tuesday’s violence as part of a largely pro-democracy demonstration. Some of the marchers approached the gates of the U.S. Embassy, but were blocked from going further by security.

Photo: sdisok/Flickr

Oakland Police’s Tear Gas Gives Occupy a Victory

OAKLAND, Calif. — The city of Oakland, California enlisted police officers from 18 California police departments Tuesday, hoping to rid itself of the Occupy movement that had set up camp in a downtown plaza.

But the police forces’ violent tactics worked only temporarily, and have, for the moment at least, handed the Occupy movement a moral and political victory so big that not even Occupy protestors seem to recognize it.

The nation, and even much of the world, seemed to recoil in shock from the images coming out of Oakland Tuesday night, where police used tear gas and rubber bullets to disperse unarmed protestors, who built a camp in the city as part of the nationwide protest against an unfair political and economic system.

Critically wounded Marine veteran Scott Olsen became a rallying point for Occupy, following widely seen footage of protestors trying to carry him to safety in the midst of a tear gas assault. There were other pictures and videos: streets littered with rubber bullets, people in wheelchairs trapped in the tear gas, and bloodied faces and bruised bodies of unarmed protestors.

On Wednesday, OccupyOakland’s fortunes reversed.

Oakland Mayor Jean Quan announced that people could reoccupy Frank Ogawa plaza, renamed Oscar Grant plaza by the occupiers in honor of a black Oakland man shot to death by transit police in 2009. When people arrived for the General Assembly, the occupation’s standard open meeting, the grassy area of the plaza was fenced off. But through the course of the evening, and not without violent conflict among the occupiers, the fences came down.

People fought each other over the fences, pulling at each other, some linking arms to protect the fence, and screaming, all while the GA went on in the distance. Despite the fears of those attempting to protect the fence, no police moved in after it went down. The GA proceeded through the evening undisturbed by anything but news choppers overhead and a turn-out too big for the sound system to cover.

But word came in that an attack was imminent on OccupySF across the bay, and a large contingent moved to get on the BART transit to join San Francisco’s Occupiers in Justin Herman Plaza. But when they arrived at the station they found it closed; BART wasn’t letting the occupation on in Oakland, or letting people off at Embarcadero, the station closest to OccupySF.

The roused crowd took to the streets, marching down Broadway towards the police station. They met no resistance. The police stayed a block away on all sides, and melted back in front of the path of the crowd, directing traffic away from the protestor-filled streets of Downtown Oakland. Many protestors were looking for a confrontation with police, but found none — staying peaceful and well behaved, if boisterous and peripatetic. The only property damage I observed were a couple incidents of graffiti-tagging, of which only one was definitely attributable to the OccupyOakland march. There were no broken windows or even overturned trash bins, and police stayed largely out of sight for the evening.

Across the Bay in San Francisco, the Occupation had warnings that police were massing at a nearby substation. They sent out people to check, who tweeted pictures of MUNI buses full of SFPD and Park police. The buses headed out, followed by OccupySF participants using their mobile phones to report back to the rest of the occupation, but they lost the buses near the entrance to the Bay Bridge.

A while later San Franciscans Aaron Muszalski and Ian Baker located the police at Treasure Island, the stopping off point of the Bay Bridge between San Francisco and Oakland.

“What we witnessed there was four MUNI buses, two transport vans, a [Department of Public Works] truck, two or three police cruisers, and four or six motorcycles,” says Muszalski, who found his role to be something between citizen journalist and tactical activist that night.

Baker and Muszalski lingered, tweeting about the police for around a half hour. Muszalski created a Foursquare check-in at “SFPD Caravan” and checked in while they waited.

“We realized they don’t have riot gear on … they were just smoking, talking, hanging out. They looked bored,” he said.

Eventually, the police caravan rolled out, and the occupiers followed them back to the city. As they slowly returned, Muszalski was struck by the strangeness of the situation:

“We’re a cop watching caravan now. We’re twittering to Occupy as we’re following this police caravan, and there’s this overlay of watching what’s going on in front of me, the motorcycles clearing traffic … but we’re also getting news back on the Occupysf stream,” Muszalski said. “We’re reading about people sorting themselves into people willing to be arrested, and not. People forming into a protective barrier, getting prepared for a respectful engagement that is presumably imminent.”

“For me in that moment there’s an awareness at the periphery of this experience, its hyper-contemporality,” Muszalski said. “This wasn’t possible two years ago. This is wholly new.”

The caravan, still being followed by Muszalski, Baker, and others, got off the freeway and turned away from the protest location, eventually stopped in the area where the chase started.

During the slow, tweeted protestor pursuit of police, OccupySF drilled for a police raid, practicing locking arms around their camp and removing vital gear from the site. As the hours wore on, many tired occupiers became paranoid, and every bus or van that went by startled people and sent them into conspiratorial speculations. Some occupiers went around writing the National Lawyer’s guild phone number on the arms of occupiers who didn’t already have a lawyer.

Five members of the San Francisco Board of Supervisors, several running for mayor, arrived and used the people’s mic to address the occupiers. They stayed put for hours, and many occupiers credited them for preventing the police raid.

On Thursday, the SFPD stretched credulity by telling ABC Channel 7 that the whole thing was a training exercise, resulting in a sarcastic local news report regarding the whole event. At the same time, OccupySF posted a picture of a notice given to businesses around the occupation warning of “…increased activity by the SFPD in the immediate vicinity of One Market Plaza starting around this evening’s commute.”

In Oakland the occupation was returning Thursday, growing from one tent in the reclaimed area Wednesday night to eight tents. OccupyOakland is rebuilding against the background of a campaign to recall Mayor Quan, calls for OPD to be disciplined, solidarity marches around the country and the world, and the New York City GA’s consensus to devote 100 sleeping bags and $20,000 for legal and medical expenses to OccupyOakland.

Bay Area media was questioning the cost of the operation for the cash-strapped city. But most of all, the wound inflicted on Scott Olsen, who is at this time breathing on his own, but facing surgery, turned public sentiment against the police action and the city of Oakland.

I stood among the ragtag occupiers Thursday, and saw the homeless giving hugs, a pretty girl who threw repeated temper tantrums, a smiling dreadlocked man stepping in to keep couple dog owners from letting their dogs fight, and any number of other hassles with tents, food, and logistics.

Sheamus Collins, a bartender from Dublin, showed off his rubber bullet wound.

Despite that, he is occupying with Oakland for the next four weeks of his vacation. It’s his sixth occupied site.

“I turned 30 here and they made me a book,” Collins said. “It’s amazing, I don’t know half the people that signed it, and it’s a full book.”

There were young clean cut boys next to the black clad anarchists, with the haze of marijuana smoke everywhere in the air mingling with the disgusting smell of the plaza’s mud. The Occupation has put out a call for straw to deal with the mud.

A tent with stacks of bread was the start of a new kitchen. Occupy Oakland was slowly negotiating the rebuilding of their improvised city, their corner of society devoted to making things better, without anyone being ready to say exactly what that means.

No one seemed aware of how crushing their political victory in the last 24 hours had really been.

Photos: Quinn Norton/Wired

This post is part of a special series from Quinn Norton, who is embedding with Occupy protestors and going beyond the headlines with Anonymous for Wired.com. For an introduction to the series, read Quinn’s description of the project.

Infrastructure at Risk From Feds’ Failure to Share Info, Security Researchers Charge

LONG BEACH, CA — If the government really wants to protect the nation’s electrical grid and critical infrastructure from hackers and other attackers, it’s got to change the way it communicates with the people in charge of securing those systems.

That was the message sent this week from security professionals to the people running the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team, the federal group tasked with helping to secure critical infrastructures in the U.S. by disseminating information about vulnerabilities in them as well as known attacks against them.

The forthright comments occurred at DHS’s Industrial Control Systems Joint Working Group (ICSJWG) conference, an event established to improve communication between the government, security professionals, industrial control system vendors and the companies who run the systems, also known as “asset owners.”

For years, preventing hacks into systems that control industrial equipment remained a niche interest in the security world, which largely focused on threats to IT servers and personal computers. But that’s changed radically in the aftermath of Stuxnet, an intricate worm that was designed to derail Iran’s nuclear ambitions by targeting a Siemens industrial control system connected to that country’s centrifuges and sabotage their operation.

The worm shone a spotlight on security vulnerabilities that exist in control systems in the U.S. and elsewhere that operate commercial manufacturing facilities – such as food and car assembly plants – as well as more critical infrastructure systems, such as railway facilities, chemical plants, utility companies and oil and gas pipelines. The worm has created an urgent need to shore up these systems before they’re hit with similar attacks.

But Dale Peterson, an independent security consultant who runs the security portal DigitalBond, said that ICS-CERT has failed to provide clear and forthright information about vulnerabilities that customers and security professionals need. This has left them confused about how best to defend and protect systems.

The agency has also failed to adequately involve security professionals in discussions about how to mitigate known threats, wasting an opportunity to gain their insight.

“There are other people involved [in these matters] that can help in the mitigation, and they’re kept out of it simply because they aren’t asset owners,” Peterson told the gathering.

Peterson has been a vocal critic of ICS-CERT and Siemens over their failure to provide timely and useful analysis of Stuxnet and the vulnerabilities it exploited in the Siemens system. ICS-CERT has said it provided detailed information to asset owners in private. But, publicly, the agency released only cursory information about what the malware affected and how it could be mitigated.

Peterson has also been critical of how Siemens and ICS-CERT handled vulnerabilities that were uncovered this year in Siemens products by Dillon Beresford, a researcher with NSS Labs. Beresford discovered multiple serious vulnerabilities in Siemens control systems – including a backdoor that would allow someone to get shell command on a Siemens controller, a hard-coded password and weak authentication protection.

Beresford contacted ICS-CERT about the vulnerabilities so that the agency could work with Siemens to verify their authenticity and fix the problems before he publicly disclosed them.

Siemens, however, wasn’t forthright about which of its products were affected by the vulnerabilities and fixed only some of them, leaving customers in the lurch, Peterson said. When such vendors fail to communicate honestly and clearly with customers, he said, it becomes ICS-CERT’s responsibility to step in to make sure that customers and security professionals get the information they need to protect their systems.

“I’d say in that area, ICS-CERT has not done a good job, because their bulletins mirror the vendor, whether the vendor does a good job or a bad job at effective disclosure,” he said.

Kevin Hemsley, a senior security analyst with ICS-CERT, welcomed the criticism and said the group’s coordination with vendors is a work in progress, since many vendors aren’t used to the vulnerability disclosure process and are surprised when his group approaches them to discuss vulnerabilities a researcher has uncovered.

“What do they have against me?” he says vendors sometimes ask, thinking that researchers are picking on them. When his group explains how a researcher dug into the system and was able to exploit it, the response is generally, “Well, why would they do that?”

Vendors who are focused on just making sure their products work for customers often have a naïve view of their systems and can’t imagine why anyone would want to look for vulnerabilities in them or research ways to break them. When they realize that ICS-CERT is approaching them under the auspices of trying to help them fix the vulnerabilities “the conversation changes very quickly,” Hemsley said.

Joel Langill, an independent security consultant whose SCADAhacker firm focuses on ICSes, said that ICS-CERT has also failed to provide security professionals with adequate information about successful breaches after they occur, which would help security pros determine how best to protect other potential victims.

He pointed to the so-called “flyaway” forensic teams that DHS sends out to critical infrastructure owners, for free, to help them respond to breaches and collect and analyze data.

“Any details of the breach, what was successfully exploited and what you did . . . we need to see what’s happening in order to protect the people that didn’t get attacked today, when they [do] get attacked tomorrow,” Langill said.

Eric Cornelius, chief technical analyst for DHS’s Control Systems Security Program, told conference attendees that his group is working to address this.

They’re in the process of preparing a report that will distill information and statistics from all of the flyaway investigations the teams have conducted. The report, which will have anonymized data so that victims aren’t identified, will include case studies and statistics to provide information about how particular attacks have unfolded in the field and what steps were taken to remediate them. DHS has no release date for the report yet.

DHS is also looking at doing a long-term follow-up report that will examine how effective remediation efforts were – such as whether they prevented subsequent attacks.