Preparing for the Worst in IT 172
mplex writes "How vulnerable is the internet to terrorist attack? Is it robust enough to handle an outage on a massive scale? Should the commercial infrastructure that powers the internet be kept secret? These are the sorts of questions raised by Mark Gibbs in his latest column in Network World. 'There is an alternate route available for nearly all services through Las Vegas or Northern California serving all facilities-based carriers in Los Angeles -- all interconnected at numerous L.A. and L.A.-area fiber-optic terminals supporting both metro and long-distance cable.' Given that the internet thrives on open networks, it's hard to imagine keeping them a secret. At best, we must be prepared to deal with the worst."
good link (Score:3, Informative)
Re:Already UNDER ATTACK (Score:4, Informative)
Nowdays? No. The internet isn't as robust as it used to be, because real redundancy costs a lot of cash. There are single buildings that could be hit that would cripple internet connectivity to entire regions, or at the very best reduce traffic to a near standstill. It's far from nuke-proof these days, nor is it very terror-proof.
Having said that, I think terrorism isn't the big threat here. Earthquakes, hurricanes, and flooding are more pressing concerns. It is a certainty that one of them will do severe damage to a US city at some point in the future, and those sort of events do much more than take down a single building. Fiber cuts, power interruption, etc.
Re:Dear Zonk (Score:5, Informative)
There is already a tag which our software recognizes as indicating a typo in an article. It's 'typo'. This is in the FAQ [slashdot.org]. If you want to get the attention of the editor on duty, use the 'typo' tag.
Taiwan Earthquake DID break the Internet (Score:3, Informative)
Re:What about a boogeyman attack? (Score:5, Informative)
1. Redundant Network Connections
2. Highly available Services (Applicaiton Clusters)
3. Fail over - Off site if needed (Local, Metro, then off-site)
4. Power backup & Isolation (Generators good for 48 hours at least if not more, plus filtration systems that will withstand a localized EMP)
5. Testing - Smoking hole scenarios. (ie: where did NY, Chicogo, Washington, just go?)
I am not at liberty to divulge my client list but I can say for certain that they are very interested in maintaining service availability even if their primary sites were hit directly by nuclear weapons. Services include all communications not just the internet. Arpanet was founded by the boys in green, they worry about these sorts of things.
It becomes a matter of balanceing function with cost, the old engineering addage does ring true here more than anywhere else:
Cheap, Fast, Reliable; pick any two!
Companies like Hugues, Teleglobe, and various governments of the G8 do what their budgets allow to facilitate redundancy, however since terrorism is a good political tool to motivate sales (along with natural disasters) then people in the consulting industry will be well met to help the organizations that make the internet redundant.
As for the power grid, Telcordia standards dictate that a carrier grade data center (if it's essential services) has to have some method of running even at a reduced capacity for extended periods of time. Thus there is a buffer provided for the local power company to get their systems working, that and most datacentres are close to large power supplies. This is the result of the original POTS standards. It's also the reason VOIP providers don't guarantee 911 service. The regulation and maintence costs on these datacenters is very high, which is how AT&T and Verizon justify charging an arm and a leg for your land line.
Then again, I've seen Tier 1 data-centerers undone by a fire-systems worker (plumber) dropping a wrench on the -48V bus-bar and having instantaneously weld to the A-Frame causing millions in damage and making an entire city core go quiet. Who needs terrorists when we have difficulty hitting 100% availability on our own, normally?
How do you figure? (Score:2, Informative)
Re:What about a boogeyman attack? (Score:4, Informative)
By 'real shoe bombs' you mean 'shoe bombs that would actually detonate'?
Ie unlike the "shoe bombs" deployed by Richard Reid... Which were actually fake shoe bombs?
The fake shoe bombs in question were plastic explosives which he 'attempted' to detonate using *matches*. There was never a threat to the aircraft or its passengers.
These 'devices' would not have detonated and were fake bombs.
If I knew someone who had sat next to this guy on this flight, no I would not be insisting that people take off their shoes to get on an airplane.
a sane view from the clouds (Score:2, Informative)
But terrorism against colo's, pop's, nap's, etc...? As part of network design, you have to take into account catastrophic failure(s). That means if a hurricane could tear through an area with a big colo/pop/nap presence (say atlanta), one's network better be prepared to handle the shift in traffic in case the worst does happen - like a second simultaneous failure elsewhere. It'll hurt, but as they say on the battlefield, acceptable casualties.
Bringing The Internet down by means of physical terrorist attacks is very unlikely (speaking modestly). Example: the verizon colo in the WTC buildings. That was a mess, but it was handleable. Peering and routing changes, move on. Taking down a physical point of presence would require some intense research and much more importantly DESIRE. This is the basic concept of hacking, given time and motivation, there's nothing that can't be toppled. So, take off your sweatin'-it pants, and chill. Do we really need any more paranoia at this point?
Re:What about a boogeyman attack? (Score:3, Informative)
A single lightning strike or solar storm is also capable of disabling an entire line, not forgetting tornados
or heavy snow which can also bring the cables. And the same lightning strike can also take out telephone lines.
Greatest challenge for internet security... (Score:2, Informative)