Preparing for the Worst in IT

mplex writes "How vulnerable is the internet to terrorist attack? Is it robust enough to handle an outage on a massive scale? Should the commercial infrastructure that powers the internet be kept secret? These are the sorts of questions raised by Mark Gibbs in his latest column in Network World. 'There is an alternate route available for nearly all services through Las Vegas or Northern California serving all facilities-based carriers in Los Angeles -- all interconnected at numerous L.A. and L.A.-area fiber-optic terminals supporting both metro and long-distance cable.' Given that the internet thrives on open networks, it's hard to imagine keeping them a secret. At best, we must be prepared to deal with the worst."

What about a boogeyman attack?

[koreth]

Why is terrorism "the worst" now? I'm much more afraid of a high-magnitude earthquake hitting the west coast of the US, or a major hurricane veering further north than usual on the east coast, than I am of some random bomb going off somewhere.

Just in the last year we've seen how a single earthquake in Taiwan can bring connectivity between Asia and the rest of the world nearly to a halt. Natural disasters like that are a sure thing and it makes much more sense to me to worry about that than about the latest episode of "24" coming true.

Which isn't to say that we should dismiss any possible threat entirely, of course -- but we should also prioritize our efforts. It's not possible to fully prepare for every possible problem.

Ironically, TFA actually claims that we are pretty well prepared.

Re:What about a boogeyman attack?

I bet you think taking off your shoes and turning in your bottled water at the airport gate is making you safer.

Re:What about a boogeyman attack?

[Blakey+Rat]

Much more delicate than the Internet is the power grid it relies on.

High-voltage transmission lines are frequently in the middle of nowhere, with no patrollers or police nearby, yet easily accessible from any SUV by just driving down the service road. A single stick of dynamite is probably sufficient to take down a single tower. The grid (as was shown by the outage on the east coast a couple years ago) is not very redundant, so only a few towers would need to be prepared in this manner. The bombs could be set off from a cellphone with little risk of an attacker being captured, and it would take weeks to repair.

I agree with you that the priorities are off, but even considering only the Internet, priorities are off. The Internet can't function without the power grid, and the power grid is a lot more delicate than most people know.

Re:What about a boogeyman attack?

[ScentCone]

Just in the last year we've seen how a single earthquake in Taiwan can bring connectivity between Asia and the rest of the world nearly to a halt. Natural disasters like that are a sure thing and it makes much more sense to me to worry about that than about the latest episode of "24" coming true.

So, you don't even WANT to know what we might/should/could do if someone/group (unlike an earthquake in California) actually simultaneously destroyed or just plain hosed up some key fiber routes and datacenters in LA, San Fransisco, New York, Vegas, and Northern Virginia at the same time? It's not like it takes nukes to still really screw it up. The sort of truck bombs that did the Murrah federal building would be pretty effective against a lot of infrastructure points. And a day or three of very latent or completely absent routes in and out of those areas and the ones that depend on them would be fantastically painful to businesses large and small... and thus to all of us. You don't have to be a Russia-backed super-hacker '24'-class villain to do that sort of stuff. Mostly, you just have to be willing to do things just like have already happened overseas plenty of times. Trucks, fertalizer, diesel fuel... and being willing to crash your rented truck through or up to the front door of a few not-very-unknown buildings.

Never mind the loss of backbones... just half a dozen Level3 or Savvis datacenters would send serious shockwaves. Savvis has decent enough datacenter security when it comes to the walk-up, gun-toting sort of thing... but they're hardly truck-bomb proof.

Terrorism is "the worst," in this sense, because it can be a distributed attack. Not a quake in one city, or a hurrican that hits two... but far more surgical, with far wider implications, economically, at least for long enough to genuinely smack the country's cash flow around. That's the peril of just-in-time manufacturing, drop-shipping retailers, internet-based payroll processing, and so on. Just the civil unrest from the loss of pr0n, alone... think of it!

Re:What about a boogeyman attack?

[Darlantan]

You have a point, but some of this is taken to absurd lengths. I fly, and I'm not concerned about shoe bombs, because anybody with any damned sense is going to think something is amiss when the guy next to them starts trying to light his shoelaces. As for bottled liquids, well, that was blown way out of proportion. The guy was never a real threat -- were's not talking "Mix red liquid with blue liquid, and BOOM!" like some might have you think. For that guy to pull of what he was trying to do, he'd have had to lock himself in a bathroom with a generous supply of ice for almost an entire trans-atlantic trip just to synthesize the stuff, and then he would've had to find a way to dry the result before it would be any real threat. Perhaps if he'd been able to bring a portable lab on a circumnavigation of the globe by jet, he'd have had a chance. Even if he had pulled off making the stuff, chances are good that the yeild would be low enough that he'd not have been able to do much more than depressurize the jet by blowing out a window, or perhaps a slightly large hole.

Terrorism will happen. You can't stop it, but you can stop running around freaking out at every pair of nail clippers and toy guns for GI Joe dolls (both of which have been known to be confiscated before boarding). That's absurd. The goal of terrorism is to instill terror. They've failed on my part, but it looks like they're doing a pretty good job with the masses.

Re:What about a boogeyman attack?

[Ernesto+Alvarez]

What you just described is not terrorism, it's sabotage.
Cutting the west coast from the rest of the Internet would not cause terror, just annoyance. I'd say as a terrorist target the Internet ranks pretty low.

Re:What about a boogeyman attack?

[Fulcrum+of+Evil]

Name one terrorist that the TSA has caught. Name one valid attack that the idiotic liquids ban would avert. Tell me how the hour long lines at Denver Intl. are safer than the way it was before - now any tool with a backpack full of explosives can kill hundreds, since there's an unsecured walkway above the lines.

Constantly Surprised at the Quality of Slashdot

[Blakey+Rat]

I've been reading this site for years, and yet I'm constantly impressed by the quality exhibited.

For instance, in a story about how resistant the Internet is to attack, the editors apparently decided to demonstrate what a possible attack might look like.

Take a look!

Bravo!

Terrosism IS no big deal

[annenk38]

The perception of terrorism created by mass media is big deal, however, since that's what keeps the viewers glued to tv sets. How often do you get to watch people jump out of the buildings over 400 meters tall? The cost of lives lost is immeasurable to the immediate families, but on the national level, it was a relatively small bump (six times as many people have died in car accidents the same year). Far more damage to the country resulted not directly from terrorist attacks, but from the policies our own government has put into place: insane air travel restrictions, the PATRIOT act, the second gulf war, etc. Mass appeal madness is the one thing we do very well.

Re: afraid of earthquakes?

[Orig_Club_Soda]

I've lived in northern California since 1976. In 1989 we suffered the only significant damaging earthquake and it wasn't a big deal in the scheme of things. The 1906 earthquake didnt damage San Francisco much, rather it was fire and lack of building code.

In CA an earthquake is no more eventful than daily tide risings.

Terrorism, on the hand, has targeted Americans more than 20 times since the 1970s. 9/11 hurt the US economically more than the 1989 earthquake or the 1994 earthquake in Los Angeles combined.

Re:Taiwan Earthquake DID break the Internet

[ross.w]

Not only that but groups like Al Quaida RELY on the internet for putting out those videos of people being beheaded, etc. They are quite net savvy themselves and know how to use it for their own purposes. Terrorists from the American Revolutionaries through the French Resistance, the Zionists and the PLO never blew up stuff they used themselves.

Depends

[PzyCrow]

Terrorist may or may not attack the Internet directly. But how vulnerable is the Internet to Government attacks? Can the Internet (i.e. the end-to-end principle) survive all laws passes as a result of Governments using terrorists as an excuse to control it?

Re:Egoism

All military planes already have a defense against this. The only reason it is not on commercial jet liners is because it costs about $1 million per plane. If what you describe were to actually occur, the airlines would adopt these measure immediately. It is well worth $1 million to protect a $160 million 747.

Also note that such an attack could only occur near an airport. Even Iraq which spent a decade getting bombed by the US can not shoot down a plane 5-8 miles up.