Welcome to the SecAware blog

I spy with my beady eye ...

1 Feb 2008

A modern Doomsday

Middle-Eastern Internet services have been severely disrupted by the failure of an undersea cable linking Egypt to Italy. There are backup connections, of course, including satellite and other cable connections but their capacity is limited, hence Internet traffic in some countries in the region is experiencing delays and probably failed connections due to timeouts.

Thanks to packet switching technology and multiple routes, the Internet as a whole is highly resilient. Undersea cables can often be repaired within days or weeks. But imagine what would happen if the Internet went down, and stayed down. Not 'stayed down for a few minutes' or hours or even days, but for an extended period perhaps indefinitely.

There are various horrific scenarios that could cause this to happen e.g.:
- Widespread technology failure, disrupting the packet switching backbone;
- Deliberate action by one or more nation states in wartime, severing critical connections and/or injecting massive amounts of spurious traffic at multiple points to disrupt;
- Natural events such as solar flares/X-ray emissions from the sun, storms etc. damaging critical equipment and links;
- Cyberterrorist attacks on the Domain Name Systems or other critical elements of the Internet, perhaps combined with conventional terrorist attacks on key nodes, cables and satellite ground stations;
- Worms or other malware, in other words, software agents swamping or damaging the network;
- "Something else" - the classic contingency planning scenario. We don't know exactly what might happen. It could be something completely novel and unanticipated or a chance combination of more than one type of event, known as 'bad luck'. For true contingency planning purposes, the exact cause and nature of the incident is irrelevant: we need to be ready to cope with whatever actually happens.

With a moment's thought, the horrendous consequences of such an incident start to become clear. The developed nations are highly reliant on the Internet and would suffer economic and social consequences very quickly. Developing nations are also actively using the Internet for eCommerce and communications with the rest of the world. The Internet has penetrated even the least developed third-world countries, and disruption to first world aide programs would have consequences there too.

We're hardly on the same scale as Google, eBay and Amazon but at a local level, our own small business would suffer within days if the Internet went down. We use the Internet for marketing and promotion, sales and delivery, research and communications. There are fallback delivery mechanisms - sending CD-ROMs in the post or direct dial-up access - both of which are limited, wouldn't work very reliably and would increase our costs. We could resort to old-fashioned research methods but would miss the ready, free access to up-to-date information security news from around the globe. Our marketing and sales would suffer the most as conventional print, TV and radio advertising is far more expensive and limited in scope. That, in a nutshell, is our own risk assessment.

Larger e-enabled businesses (such as the entire financial services industry) would su=ffer immediate problems, others might hardly notice at first, at least until their suppliers, partners and/or customers started to fail. Government departments and utilities would suffer quite quckly, causing knock-on effects as the national infrastructures started to unravel. If petrol companies and airlines were disrupted, well we'd have to get used to walking or cycling to work, if indeed work existed. Civil disruption could have serious consequences for personal safety and security.

We're just a few paragraphs into this very brief overview but the 'worst case scenario' is shaping up badly. This is starting to sound like one of those science fiction doomsday stories.

On the upside, TV, radio and print media would be severely disrupted too so we might not get to hear too much about the civil disruption outside our barricaded front doors. Some of us will retreat to our caves.

What kind of contingency plans would or could you make for "the Internet is down"? Some of the more obvious things might be to retain or stockpile ordinary modems (assuming that the telephone networks are running ... but, oh dear, they are using VOIP and, no doubt, sharing a lot of the Internet technologies and links) and generally retain (or rather rebuild) the ability for non-electronic commerce and communications.

More resourceful organizations might build their own private networks to run in parallel with the Internet - such as the financial services, military and other special purpose networks. These are expensive but the greater concern is to ensure they are adequately isolated from the Internet in fact. Supposedly private bank ATM networks have been known to crash due to Internet worms so finding and closing those worm-holes must be a priority. That's definitely something we can do today.

What else would you suggest in the way of contingency measures? Any ideas you'd like to share? Just post a comment ... while your Internet connection is still running, please.

No comments:

Post a Comment