Welcome, electronic traveler!

What I plan to do: provide some commentary on interesting news items, as often as possible. Most will be news about technology, major scientific breakthroughs, or political issues from all around the world.

What I don't plan to do: be biased, prejudiced, focus on only one subject.

What I want: if you have something to say, please do! Comment the articles, email me if you have any observations, provide feedback! If you like something, tell all your friends! If you don't like something, tell ME!

Friday, June 25, 2010

On Bills, Presidents, and Kill Switches

The United States Senate Committee on Homeland Security and Governmental Affairs approved a bill yesterday that would give the President emergency powers to shut down any civilian or government network in case of a cyber-attack. If you're asking me, this is a stop-gap measure instead of a fix.

The first question to be asked is "Why are crucial networks even connected to the Internet?". That's a very good question, probably one nobody can answer with 100% certainty. While an Internet-connection does make administering the system easier and more comfortable, it also presents a gigantic security risk, no matter how well you cover any holes you find, there will always be vulnerabilities you missed. There is a reason why the most secure systems are 'air-gapped' from any others. Air-gapping, or air-gap means that there is no connection of any sort between the system in question and any other computer in the world. No UTP, no wireless, no serial, nothing, the only connection to the outside world is through a screen and a keyboard (or similar peripherals). To access this system, physical access is required. And if that is granted, any security measures you have can be thrown out the window, because as the saying goes "If I have physical access to the system, I can do anything", which is true, with the proper knowledge.
Computers and servers controlling power grids and telecommunication systems should be air-gapped the same way, in order to eliminate the possibility of an outside attack.

The second question that must be posed is "How is this doing any good in case of an attack?". Will it prevent further intrusions? Yes. Will it bring the power grid back online? No. Will it hinder recovery operations? Yes. It seems to me that this bill will only do more damage than good.
So why approve it? The United States government has recently been under pressure to do something about cyberattacks, both real and imagined. The general image of the US populace of such an event is a maniacally grinning hacker somewhere in a dark room (possibly in Russia, China, or Eastern Europe) hitting Enter, and suddenly, everything in the US goes dark, phones are no longer functioning, etc. Or even worse, HVAC systems start to cook people alive inside buildings as the struggle against the electronically locked doors.
But what the public doesn't realize is that this image is wrong by a long shot. Yes, cyberattacks function by disrupting production and creating mayhem in the target country. No, people won't likely die as a direct result of a cyberattack. There will most likely be indirect casualties, such as ambulances not being notified, or not being able to move out due to a blackout, but in general, these will be minor compared to the yearly averages. The real power of a cyberattack comes when coupled with a land invasion, as the attackers can exploit the fact that the target nation is without telecommunications or power facilities, making the invasion that much easier. But I think it will be a long time before anyone will be bold enough to attempt an invasion against the United States.

There is also a more sinister application for this bill, one that conspiracy theorists will undoubtedly pounce upon: it gives the president the ability to kill any network, including private ones, so he can silence dissent by simply killing the appropriate networks. While I highly doubt that president Obama would resort to such measures, there will be those who say that this was the original purpose of the bill, and I wish to cut them off, if possible.

Overall, I think this bill is most likely a stop-gap measure to appease public opinion, as any application of the bill would do more to hinder recovery operations than to prevent an attack in the first place, as cyberattacks do not telegraph themselves the way physical attacks do.

I will leave you with this thought, and the hope that your networks are secure, so noone can get in and conduct an attack on you!

No comments:

Post a Comment