Home page logo
/

basics logo Security Basics mailing list archives

Re: military strike possible?
From: "Anders Reed-Mohn" <anders_rm () utepils com>
Date: Thu, 6 Nov 2003 12:15:28 +0100

Well, trying to keep this thread on-topic for the list,
let's try to look at this:

How likely are such disasters anyway?
Can you really bring down the Internet at all?
Is it worth considering such strikes?

This got kinda long, so here's the short version first:
Not very.
No, not really.
And if I am right, (but I'm often not), why would we bother
(preemptively) striking against someone whose identity we can
only guess at best, and whose potential for damage is manageable?

Look at recent problems in critical infrastructure, specifically:
electricity.
Why does things like these fail?
Well, as it turns out, nobodys managed to hack their way into systems
critical enough for something really bad to happen.
However, weather, over-consumption, and lack of maintenance have
been shown to be far greater threats to the stability of this particular
piece
of infrastructure.
While power companies have some systems that are internet connected,
most of these are monitoring systems, and not control systems.
And even if a control system was electronically knocked out, the supply
of electricity can still be kept running manually. It is usually only for
fine tuning that
one needs electronic control systems.
We computer nerds tend to forget that while 24x7 availability for us
is right up there on the top shelf, next to the holy grail, power companies
(and other suppliers
of critical infrastructure) have run 24x7 operations since "the dawn of
time".
They know that reality beats the crap out of fiction, and they fight this
battle everyday.
And they have the experience, and systems, to avoid the ultimate disasters
from a computer
failure.

As for chrashing the Internet, that is not as easy as it might seem.
OK, so someone slowly spreads a worm to hundreds of thousands of computers.
So what? Earlier attacks have shown that poor design makes worms choke
themselves.
Can worm authors avoid that?
I don't think so.  Yes, they will do damage. Big time. But the nice thing
about computers,
is that when they break, they don't physically break. Recovery time is
therefore a lot
shorter than after physical attacks.
Also, it is practically impossible for a worm not to choke itself
eventually. The reason is
that the Internet is comprised of a set of central hubs (ISPs for instance).
The hubs will necessarily give in before all other computers have, and the
"disease"
can be contained.

The good thing is that all network connectivity will not disappear with the
hubs. In fact, to
prevent people, organisations etc. from communicating with each other, one
would have to block
the entire phone network. This is also true for physical attacks on critical
Internet hubs.
All the equipment, except for the ISPs that were bombed or whatever, will
still be there,
and a certain degree of recovery can be achieved in a short period of time.

Think about it .. does your company really need to be able to communicate
with every corner
of the world, at all times?  Some might, to work efficiently, but not to
keep the basics running.

Articles like the one the OP linked to only serve to fuel paranoia, which
again fuels development of an artificial market for new security measures.
Meanwhile, the real issues are just swept under carpet:
1. We aren't completely dependent on computers for critical infrastructure.
Marketing only made us think we are.
2. Computer systems are generally poorly designed. Creating new stuff,
that's just as poor, only in different ways, will not help us in the long
run.

And that completes todays rant&rave ...
Cheers,
Anders :)


---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to 
simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault