Preparing for the Worst in IT

mplex writes "How vulnerable is the internet to terrorist attack? Is it robust enough to handle an outage on a massive scale? Should the commercial infrastructure that powers the internet be kept secret? These are the sorts of questions raised by Mark Gibbs in his latest column in Network World. 'There is an alternate route available for nearly all services through Las Vegas or Northern California serving all facilities-based carriers in Los Angeles -- all interconnected at numerous L.A. and L.A.-area fiber-optic terminals supporting both metro and long-distance cable.' Given that the internet thrives on open networks, it's hard to imagine keeping them a secret. At best, we must be prepared to deal with the worst."

lol zonk

Link in article broken, nice job editors!

Re:lol zonk

[ceeam]

How do you know terrorists did not break it?

Re:Fix the fucking tag

[Marsell]

Why, not only do the editors not read the stories anymore, they don't even read the submissions!

What about a boogeyman attack?

[koreth]

Why is terrorism "the worst" now? I'm much more afraid of a high-magnitude earthquake hitting the west coast of the US, or a major hurricane veering further north than usual on the east coast, than I am of some random bomb going off somewhere.

Just in the last year we've seen how a single earthquake in Taiwan can bring connectivity between Asia and the rest of the world nearly to a halt. Natural disasters like that are a sure thing and it makes much more sense to me to worry about that than about the latest episode of "24" coming true.

Which isn't to say that we should dismiss any possible threat entirely, of course -- but we should also prioritize our efforts. It's not possible to fully prepare for every possible problem.

Ironically, TFA actually claims that we are pretty well prepared.

Re:What about a boogeyman attack?

I bet you think taking off your shoes and turning in your bottled water at the airport gate is making you safer.

Re:What about a boogeyman attack?

[Blakey+Rat]

Much more delicate than the Internet is the power grid it relies on.

High-voltage transmission lines are frequently in the middle of nowhere, with no patrollers or police nearby, yet easily accessible from any SUV by just driving down the service road. A single stick of dynamite is probably sufficient to take down a single tower. The grid (as was shown by the outage on the east coast a couple years ago) is not very redundant, so only a few towers would need to be prepared in this manner. The bombs could be set off from a cellphone with little risk of an attacker being captured, and it would take weeks to repair.

I agree with you that the priorities are off, but even considering only the Internet, priorities are off. The Internet can't function without the power grid, and the power grid is a lot more delicate than most people know.

Re:What about a boogeyman attack?

[ScentCone]

Just in the last year we've seen how a single earthquake in Taiwan can bring connectivity between Asia and the rest of the world nearly to a halt. Natural disasters like that are a sure thing and it makes much more sense to me to worry about that than about the latest episode of "24" coming true.

So, you don't even WANT to know what we might/should/could do if someone/group (unlike an earthquake in California) actually simultaneously destroyed or just plain hosed up some key fiber routes and datacenters in LA, San Fransisco, New York, Vegas, and Northern Virginia at the same time? It's not like it takes nukes to still really screw it up. The sort of truck bombs that did the Murrah federal building would be pretty effective against a lot of infrastructure points. And a day or three of very latent or completely absent routes in and out of those areas and the ones that depend on them would be fantastically painful to businesses large and small... and thus to all of us. You don't have to be a Russia-backed super-hacker '24'-class villain to do that sort of stuff. Mostly, you just have to be willing to do things just like have already happened overseas plenty of times. Trucks, fertalizer, diesel fuel... and being willing to crash your rented truck through or up to the front door of a few not-very-unknown buildings.

Never mind the loss of backbones... just half a dozen Level3 or Savvis datacenters would send serious shockwaves. Savvis has decent enough datacenter security when it comes to the walk-up, gun-toting sort of thing... but they're hardly truck-bomb proof.

Terrorism is "the worst," in this sense, because it can be a distributed attack. Not a quake in one city, or a hurrican that hits two... but far more surgical, with far wider implications, economically, at least for long enough to genuinely smack the country's cash flow around. That's the peril of just-in-time manufacturing, drop-shipping retailers, internet-based payroll processing, and so on. Just the civil unrest from the loss of pr0n, alone... think of it!

Re:What about a boogeyman attack?

[Darlantan]

You have a point, but some of this is taken to absurd lengths. I fly, and I'm not concerned about shoe bombs, because anybody with any damned sense is going to think something is amiss when the guy next to them starts trying to light his shoelaces. As for bottled liquids, well, that was blown way out of proportion. The guy was never a real threat -- were's not talking "Mix red liquid with blue liquid, and BOOM!" like some might have you think. For that guy to pull of what he was trying to do, he'd have had to lock himself in a bathroom with a generous supply of ice for almost an entire trans-atlantic trip just to synthesize the stuff, and then he would've had to find a way to dry the result before it would be any real threat. Perhaps if he'd been able to bring a portable lab on a circumnavigation of the globe by jet, he'd have had a chance. Even if he had pulled off making the stuff, chances are good that the yeild would be low enough that he'd not have been able to do much more than depressurize the jet by blowing out a window, or perhaps a slightly large hole.

Terrorism will happen. You can't stop it, but you can stop running around freaking out at every pair of nail clippers and toy guns for GI Joe dolls (both of which have been known to be confiscated before boarding). That's absurd. The goal of terrorism is to instill terror. They've failed on my part, but it looks like they're doing a pretty good job with the masses.

Re:What about a boogeyman attack?

[linguizic]

Thank you my friend. I find what you say very useful. Allah smiles on you this day my friend!

Re:What about a boogeyman attack?

[suv4x4]

Much more delicate than the Internet is the power grid it relies on.

People in IT like to brag how robust and reliable Internet is in the event if a disaster, but I've seen far more interruption of my internet service (at any point on the route), that interruptions of my electricity.

And that's without any terroristic activity.

Re:What about a boogeyman attack?

[Ontology42]

As a consultant I routinely receive requests for Disaster Recovery work for organizations ranging in size from a few hundred to a few hundred thousand. Depending on the alloted budget we work our way down the hardware.
1. Redundant Network Connections
2. Highly available Services (Applicaiton Clusters)
3. Fail over - Off site if needed (Local, Metro, then off-site)
4. Power backup & Isolation (Generators good for 48 hours at least if not more, plus filtration systems that will withstand a localized EMP)
5. Testing - Smoking hole scenarios. (ie: where did NY, Chicogo, Washington, just go?)

I am not at liberty to divulge my client list but I can say for certain that they are very interested in maintaining service availability even if their primary sites were hit directly by nuclear weapons. Services include all communications not just the internet. Arpanet was founded by the boys in green, they worry about these sorts of things.
It becomes a matter of balanceing function with cost, the old engineering addage does ring true here more than anywhere else:
Cheap, Fast, Reliable; pick any two!

Companies like Hugues, Teleglobe, and various governments of the G8 do what their budgets allow to facilitate redundancy, however since terrorism is a good political tool to motivate sales (along with natural disasters) then people in the consulting industry will be well met to help the organizations that make the internet redundant.
As for the power grid, Telcordia standards dictate that a carrier grade data center (if it's essential services) has to have some method of running even at a reduced capacity for extended periods of time. Thus there is a buffer provided for the local power company to get their systems working, that and most datacentres are close to large power supplies. This is the result of the original POTS standards. It's also the reason VOIP providers don't guarantee 911 service. The regulation and maintence costs on these datacenters is very high, which is how AT&T and Verizon justify charging an arm and a leg for your land line.
Then again, I've seen Tier 1 data-centerers undone by a fire-systems worker (plumber) dropping a wrench on the -48V bus-bar and having instantaneously weld to the A-Frame causing millions in damage and making an entire city core go quiet. Who needs terrorists when we have difficulty hitting 100% availability on our own, normally?

Re:What about a boogeyman attack?

[Andrew+Kismet]

http://www.2kweb.net/images/network_map.swf

If the West Coast gets hit by a quake, we're pretty much screwed.

Re:What about a boogeyman attack?

[myowntrueself]

trying to set off real shoe bombs on an actual airplane?

By 'real shoe bombs' you mean 'shoe bombs that would actually detonate'?

Ie unlike the "shoe bombs" deployed by Richard Reid... Which were actually fake shoe bombs?

The fake shoe bombs in question were plastic explosives which he 'attempted' to detonate using *matches*. There was never a threat to the aircraft or its passengers.

These 'devices' would not have detonated and were fake bombs.

If I knew someone who had sat next to this guy on this flight, no I would not be insisting that people take off their shoes to get on an airplane.

Re:What about a boogeyman attack?

[koreth]

Do you think you'd feel any different at all if you or someone you care about had been sitting next to the guy that was caught actually trying to set off real shoe bombs on an actual airplane? Are you of the "well, we lucked out on that one, caught him, and since they know we know that trick now, they would never try it again, and we can stop looking for it now" camp? How does your brain work on topics like that?

You mean Richard Reid, the guy who tried to set off plastic explosives with a match (hint: you don't ignite plastic explosives with a match; if you set C4 on fire it will just burn, not explode) and who was beaten unconscious by the other passengers before he could even fail to set off his nonfunctional bomb?

No, I don't think I'd feel that different.

In fact, it's a good demonstration of, as you say, how my brain works: I try to think through the subject based on what actually happened. Observable history, one might call it.

The only reason two of the three 9/11 hijackings succeeded was because the passengers, having never heard of a passenger jet being used as a weapon before, assumed they would be flown to Cuba or somesuch, just like all the other passengers on hijacked jets in living memory. That is no longer the case, as evidenced by the fact that the third hijacked plane failed to reach its target. The simple fact that everyone knows there are people out there who want to blow up passenger jets will, without an extra dime spent on security or any extra disrobing at the gate, make it a lot harder to pull off any stunt that requires a terrorist passenger to initiate.

And those plans that don't require a passenger to initiate, e.g. smuggling a bomb into the cargo hold, hitting a plane with a surface-to-air missile after takeoff, etc., won't be affected at all by the senseless security theater everyone is subjected to.

Re:What about a boogeyman attack?

[mikael]

High-voltage transmission lines are frequently in the middle of nowhere, with no patrollers or police nearby, yet easily accessible from any SUV by just driving down the service road. A single stick of dynamite is probably sufficient to take down a single tower.

A single lightning strike or solar storm is also capable of disabling an entire line, not forgetting tornados
or heavy snow which can also bring the cables. And the same lightning strike can also take out telephone lines.

Re:What about a boogeyman attack?

[incabulos]

Why is terrorism "the worst" now?

Beats the hell out of me. I read the headline and assumed that a sysadmin had wandered into the office on a bright, fresh, monday morning and discovered that their datacentre had been mysteriously populated with Vista and SCO unix.

Re:What about a boogeyman attack?

[Fulcrum+of+Evil]

Name one terrorist that the TSA has caught. Name one valid attack that the idiotic liquids ban would avert. Tell me how the hour long lines at Denver Intl. are safer than the way it was before - now any tool with a backpack full of explosives can kill hundreds, since there's an unsecured walkway above the lines.

good link

[normuser]

here is a good link for the lazy http://www.networkworld.com/columnists/2007/041607 backspin.html

Already UNDER ATTACK

[redelm]

What special skills or tactics do you believe "The Terrorists" [whomever they might be] possess? The Internet already copes with a deluge of spam, 'bots and trojans and varous DoS attacks. Not to mention the flash crowds.

It might be hackneyed, but please remember the internet was designed to withstand hundreds of nuclear warheads. Half of any class of nodes can go down and the rest keep running.

Re:Already UNDER ATTACK

[Darlantan]

In the original model, yes.

Nowdays? No. The internet isn't as robust as it used to be, because real redundancy costs a lot of cash. There are single buildings that could be hit that would cripple internet connectivity to entire regions, or at the very best reduce traffic to a near standstill. It's far from nuke-proof these days, nor is it very terror-proof.

Having said that, I think terrorism isn't the big threat here. Earthquakes, hurricanes, and flooding are more pressing concerns. It is a certainty that one of them will do severe damage to a US city at some point in the future, and those sort of events do much more than take down a single building. Fiber cuts, power interruption, etc.

Constantly Surprised at the Quality of Slashdot

[Blakey+Rat]

I've been reading this site for years, and yet I'm constantly impressed by the quality exhibited.

For instance, in a story about how resistant the Internet is to attack, the editors apparently decided to demonstrate what a possible attack might look like.

Take a look!

Bravo!

I addressed this here last month

[davidwr]

In this reply to a thread on security breaches, I said businesses need to have a plan for disasters of various sizes.

This goes for infrastructures as well. Those who manage them must be prepared for everything from a cable cut to a planet-smashing asteroid.

"Prepared" doesn't always mean being able to fix the problem. It may just mean declaring in advance that the problem won't be fixed and moving on with life. Or in the case of a disaster guaranteed to be fatal, accepting that this is the end.

If the citizens of New Orleans had been properly prepared for Katrina, they would have known that "If a flood destroys our home and our neighborhood and it looks like it will be years before city services are restored, then we will just move away."

As for the Internet:

I don't expect the Internet as we know it to survive an all-out, late-1970s-scare-scenario WWIII. But I do expect it to mostly survive if a handful of key locations and a few dozen cities without key infrastructure components are destroyed by nukes on the same day. The same goes for the phone company and the electric grid.

I would also expect governments to mandate civilian usage limits to make the remaining tubes available for government and emergency-management use.

commercial infrastructure

[GovCheese]

I guess if an invading army decided to hit all your NAPS you're SOL (all your NAP are belong to us) but a greater threat might be a chip embargo during a war or a period of instability. Open up your box lately? The Asian Tigers have our peckers in their pockets. I fully expect this to occur downstream and it's a greater threat to "national security" than most want to admit.

Egoism

[cyphercell]

Terrorists would not attack the Internet, they would attack the power grid. This article is IT egoism and paranoia, the physical robustness of our national communications systems should not be questioned unless we expect a prolonged bombing campaign, which incidentally is what the Internet was designed to survive. My personal order of operations would be:

1. Bomb the power grid
2. Bomb the freeways
3. Bomb the phone system
4. Bomb Cellular towers
5. Bomb the tv system
6. Bomb the Radio stations
7. Bomb the locations that make satellite TV and satellite internet possible

Wrecking the US's communications systems would require a significant industrial expense and commitment, this doesn't come from terrorists.

Re:Egoism

[davidwr]

1. Bomb the power grid
      2. Bomb the freeways
      3. Bomb the phone system
      4. Bomb Cellular towers
      5. Bomb the tv system
      6. Bomb the Radio stations
      7. Bomb the locations that make satellite TV and satellite internet possible If I were a minor terrorist I'd probably truck-bomb a local public building, take down a highway overpass, or poison the water supply.

If I had the resources of a major terrorist organization, my goal would be to inflict the maximum terror with the minimum chance of getting caught beforehand.

I might run a few private planes full of explosives into rural school cafeterias during lunch or into movie theaters on the opening weekend for a big blockbuster. Not only are many rural areas soft targets but like attacking children they have a higher terror-factor.

If I wanted to cause medium-term damage I'd probably blow up a lock or dam on the lower Mississippi. If I could blow up all the Interstate bridges leading into a major city or blow up all the high-tension lines into a major city, I might try that. The same goes for highly-traveled roads or high-tension lines leaving a major power plant: If I could get all the major backups then it's worth a try.

If I had access to 1 or 2 nukes I'd want to do some long-term damage to shipping. I'd look for railroad depots, freight airport hubs, and key waterways. I'd also look at poisoning the water supply for a large city.

If I were a government one of my first targets would be communications satellites, weather satellites, and of course, military satellites.

Unless I'm a government, I probably don't have the resources to do long-term physical damage. I would instead focus on scaring Americans into giving up their civil liberties and forcing America to spend more of its budget on internal defense, leaving less money available for outside wars.

I trust government agents long ago thought of all of these possibilities and more and that they are planning accordingly.

Re:Egoism

[cyphercell]

I would instead focus on scaring Americans into giving up their civil liberties and forcing America to spend more of its budget on internal defense, leaving less money available for outside wars.

Sixteen days after 9/11 my daughter was born, it scared the shit out of me. I wondered if I would be drafted for war, I wondered if she would, one day go to war, I wondered if one day she would have to prepare for terrorist attacks in school, I wondered if she would be snuffed out two weeks into life by some nasty man made virus, I wondered if the virus had already been released and we just didn't know it yet, I thought a lot about my daughter's future and how I would raise her to deal with it. I was thoroughly terrified of the future.

Looking back on all of that I realize that Americans did more to terrify ourselves than the enemy ever could have. We've lost thousands of soldiers and spent billions of dollars in this war on terror and we are only more terrified, it doesn't make us safer, it doesn't keep the power on, we're not flying safer, our water, internet, phones, roads, schools, our children are not safer, and hell we don't even feel safer. It's all at risk now, because we've spent all of our money and time trying to lock things down, keep things safe and protect ourselves from the boogeymen.

Today, my daughter is five, she can read, tie her shoes, and does well with math. She doesn't know what a terrorist is and they don't talk about that in school. Her little brother is also doing great, neither has gone hungry or lonely or cold a day in their lives and we still haven't finished our Y2K rations. They know only one thing about politics and it's that George W. Bush is a dumb ass. They also know what consumerism is and the ways that the TV can affect them.

I'm sick of hearing about terrorists and terrorism. I'm not scared of a terrorist attack and in fact, I'd rather be scared than watch another one of our civil liberties gobbled up by the administration or watch another funeral on the news. I'm so fucking sick of hearing about this "post 9/11" bullshit, that I could scream. We weren't safe "pre 9/11" and there isn't a fucking thing we can do to become safe in a post 9/11 world. Get over it. Life is fragile and raising your children in a bubble will not make them safer. In fact, once they inevitably leave that bubble they will not be able to survive the harsh reality that is "fresh air". So thanks George W. for a nation that cannot move without asking themselves WWTTD? (What Would The Terrorists Do?)

Yes and no

[jhines]

Yes in theory. Remember it was designed to survive global thermonuclear war.

No in practice. Because it is cheaper not to. Those multiple routes and connections are more expensive than a simple, single one which works just fine on a clear sunny day.

The reality is somewhere in between.

Re:Dear Zonk

[jamie]

There is already a tag which our software recognizes as indicating a typo in an article. It's 'typo'. This is in the FAQ. If you want to get the attention of the editor on duty, use the 'typo' tag.

Taiwan Earthquake DID break the Internet

[cpaglee]

The premise of Internet interuption is probably much more likely to occur as a result of natural disasters. A serious earthquake near Taiwan on Dec. 27th 2006 DID shut down most of the Internet for China, Hong Kong, Taiwan, Korea and Japan. See http://news.bbc.co.uk/2/hi/asia-pacific/6211451.st m I was IN China at the time and it was ... horrible. The major telcos in Beijing, China Netcom, was not so great at recovering from it. China Telecom in Shanghai did a much better job. Japan, Korea and Taiwan recovered much quicker because their ISPs were willing to spend money on alternate Internet paths via satellite. China Netcom was just too cheap and screwed over their customers. The Internet never actually went completely down, but you were not able to surf the Internet. Email was problematic, but IM and VoIP still worked. Most of the problem was that port 80 requests far exceeded the available bandwidth, so everything just ground to a hault. MSN and Skype still worked like a charm. I had friends IM me web page content so that I could 'surf' pages I desperately needed to read. I also used proxies in Australia to gain access to the USA Internet and this worked quite well. I think the idea of a terrorist organization trying to bring down Internet infrastructure is completely ludicrous. Terrorists want to take lives, and bringing down the Internet is not going to take (that many) lives. This is just another sad example of the sorry state of paranoya we live in under the Bush administration post 911. Just as there will NEVER be another successful hijacking of an airplane in the USA again, not because of the stupid security we have to go through at airports, but because normal every day airplane passengers will kill the terrorists rather than let terrorists take over an airplane again, ever. We do NOT need to worry about things that will never happen, and terrorists trying to shut down the Internet by blowing up infrastructure? It is just NOT going to happen. A bomb would be better used where there is a high concentration of people. Maybe the Internet will be compromised through a virus or malware or bots - these are things we should worry about, but NEVER by physical force. We really need to STOP giving attention to these fear mongers who promote these stupid ideas.

Re:Taiwan Earthquake DID break the Internet

[ross.w]

Not only that but groups like Al Quaida RELY on the internet for putting out those videos of people being beheaded, etc. They are quite net savvy themselves and know how to use it for their own purposes. Terrorists from the American Revolutionaries through the French Resistance, the Zionists and the PLO never blew up stuff they used themselves.

Terrosism IS no big deal

[annenk38]

The perception of terrorism created by mass media is big deal, however, since that's what keeps the viewers glued to tv sets. How often do you get to watch people jump out of the buildings over 400 meters tall? The cost of lives lost is immeasurable to the immediate families, but on the national level, it was a relatively small bump (six times as many people have died in car accidents the same year). Far more damage to the country resulted not directly from terrorist attacks, but from the policies our own government has put into place: insane air travel restrictions, the PATRIOT act, the second gulf war, etc. Mass appeal madness is the one thing we do very well.

The terrorists CAN destry de world

[Guillersk]

Just bomb second lifes datacenter

Depends

[PzyCrow]

Terrorist may or may not attack the Internet directly. But how vulnerable is the Internet to Government attacks? Can the Internet (i.e. the end-to-end principle) survive all laws passes as a result of Governments using terrorists as an excuse to control it?

a sane view from the clouds

[tadauphoenix]

This is immensely overblown. I happen to directly oversee multiple nationwide optical networks of varying layers (1-4) with roughly a half terabit of real data capacity at my fingertips. Situations that could be considered OMG CATASTROPHIC occur semi-frequently, sometimes a few in a day, sometimes a couple weeks without. What most people don't understand is that there are long haul optics hanging right over their head carrying ~96 or more fibers, DWDM OC-192 (10G/s, so that's almost 2Tb capacity right there) that you could shoot down with your remington. And this happens. Or a power failure at a pop. Every time I pass a digging crew on the road, first thought "call before you dig m-f's!".

But terrorism against colo's, pop's, nap's, etc...? As part of network design, you have to take into account catastrophic failure(s). That means if a hurricane could tear through an area with a big colo/pop/nap presence (say atlanta), one's network better be prepared to handle the shift in traffic in case the worst does happen - like a second simultaneous failure elsewhere. It'll hurt, but as they say on the battlefield, acceptable casualties.

Bringing The Internet down by means of physical terrorist attacks is very unlikely (speaking modestly). Example: the verizon colo in the WTC buildings. That was a mess, but it was handleable. Peering and routing changes, move on. Taking down a physical point of presence would require some intense research and much more importantly DESIRE. This is the basic concept of hacking, given time and motivation, there's nothing that can't be toppled. So, take off your sweatin'-it pants, and chill. Do we really need any more paranoia at this point?

Greatest challenge for internet security...

[BlueParrot]

...must be to stop having 90% of desktop users on a series of operating systems for which the vendor has repeatedly failed miserably at adressing numerous vulnerabilities, causing widespread sabbotage, phishing and data theft costing god knows how much money every year. I mean seriously, can anyone actually come up with anything a terrorist organisation could pull off which is going to have a worse impact on the nets general stability security and performance than Microsoft windows? This is not even taking into consideration the cost of the hardware required to run a system which has between twice to four times the system requirements of the main competition, their repeated efforts to keep other companies of the market, or continued and deliberate breakage of APIs, standards and backwards compatability. I would seriously argue that at least as far as the internet is concerned, Microsoft is a MUCH greater problem than any terrorist organisation will ever be.