Government Technology

    Digital Communities
    Industry Members

  • Click sponsor logos for whitepapers, case studies, and best practices.
  • McAfee

Internet Takedown


June 3, 2004 By

As the nation relies more on the Internet to conduct vital business and government functions, it increasingly puts them at risk by banking on a system that grows more vulnerable to disruption.

Though right now the notion of a digital Pearl Harbor -- a malicious attack that cripples the Internet -- is merely a theory, an event such as the northeastern blackout in August 2003 demonstrates the real probabilities. The blackout, which cut off electricity to 50 million people in the Northeastern United States and Canada, resulted from one company's reliance on a computer that failed.

Similar incidents can be expected in the future. Experts warn that chances for disruption are increasing because of the Internet's growth and our reliance upon it for critical tasks, such as power grids, air traffic control and 911 services, to name a few. Add the Internet's openness and the prevalence of defect-laden software, and disruptions become all but inevitable in the face of so many threats.

"The problem with the Internet is we developed it so fast and furiously, and didn't take a step back and build it foundationally with security in mind," said Phyllis Schneck, chairwoman of the national board of directors for the FBI's InfraGard. "We're in the process of correcting that now, but everything done thus far has been a Band Aid."

In the short term, there is no real solution except to reduce the number and severity of interruptions. "I'm of the school that says something is going to happen," said John McCarthy, executive director of the Critical Infrastructure Protection Project at the George Mason School of Law. "You're not going to stop everything."

Threats range from electrical sabotage by terrorists, to accidental cutting of cables by construction crews, to perhaps the most likely culprit, a virus. Nearly 80 percent of e-mails businesses receive are spam, according to Schneck. "Every piece of electronic content I intended to send and you didn't intend to receive is a potential attack."

Walter Tong, senior information security adviser for the Georgia Technology Authority (GTA) sees hackers as the biggest near-term threat. "That's what's on my mind. It can get scary."

What's scary is the potential for a hacker to exploit the Internet's vulnerabilities and cause a major disruption. Those vulnerabilities might not be yours; they could be your neighbor's, but everyone is at risk.

"We're all virtual now, so it doesn't matter," Tong said. "I could have a super-duper security policy and my technologies lined up to it supertight so nobody can get in, but if I have connectivity to somebody who's not [protected], that's my vulnerability."

It's easy for hackers to find holes in software because it's so defective, said Watts Humphrey, a fellow at the Carnegie Mellon University Software Engineering Institute.

"We've got basically terrible practices today being practiced by software developers, even software researchers," he said, adding that even good quality software has plenty of defects and can create havoc like in the Northeast blackout.

In that instance, Ohio-based FirstEnergy Corp. neglected to trim trees that encroached over power lines, which started the chain of events that led to the blackout. A software bug, however, was responsible for the alarm system's failure to alert FirstEnergy to the problem until it was too late.

The chaos that followed included darkness for 50 million people in seven states and parts of Canada. At least 10 major airports and nine nuclear plants were shut down; thousands of people were stranded on subways; hospitals, prisons and emergency service providers had to switch to generators; ATMs stopped working; and the Mets game was canceled.

Some have warned that the Northeast blackout could serve as a blueprint for a hacker wanting to disable an infrastructure.

Internet Nodes Vulnerable

Systems fail because


| More

Comments

Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
Digital Cities & Counties Survey: Best Practices Quick Reference Guide
This Best Practices Quick Reference Guide is a compilation of examples from the 2013 Digital Cities and Counties Surveys showcasing the innovative ways local governments are using technological tools to respond to the needs of their communities. It is our hope that by calling attention to just a few examples from cities and counties of all sizes, we will encourage further collaboration and spark additional creativity in local government service delivery.
Wireless Reporting Takes Pain (& Wait) out of Voting
In Michigan and Minnesota counties, wireless voting via the AT&T network has brought speed, efficiency and accuracy to elections - another illustration of how mobility and machine-to-machine (M2M) technology help governments to bring superior services and communication to constituents.
Why Would a City Proclaim Their Data “Open by Default?”
The City of Palo Alto, California, a 2013 Center for Digital Government Digital City Survey winner, has officially proclaimed “open” to be the default setting for all city data. Are they courageous or crazy?
View All