Monday, February 12, 2007

Can the Internet Be Physically Attacked?

I'm feeling a little better about the ability of the Internet to absorb physical blows.

I went searching for information on the Internet's robustness. My lack of technical knowledge was a hindrance in searching since I needed plain English sources. But I think I found what I was looking for.

I was right that my memory of the situation is that the push for efficiency has led to co-locating previously dispersed computers for moving traffic. But there is still enough redundancy to survive physical attacks:

The good news is that it would be very difficult to cause major disruptions across the country, although destruction of some key parts could seriously degrade Internet quality. “When it comes to the Internet, there is strength in numbers,” said Morton O'Kelly, co-author of the study and professor of geography at Ohio State University.

“There are so many interconnections within the network that it would be difficult to find enough targets, and the right targets, to do serious damage to Internet reliability nationwide.”

I admit I'd feel better if it wasn't a computer simulation of a truncated network that led to the conclusion.

But if physically attacked, damage could be done to the Internet:

Many have speculated that a physical attack on one of the major Internet exchange locations, such as MAE-East (near Washington, D.C.) or the PAIX facility (near San Francisco), would cause serious disruptions. Internet exchange locations are facilities at which a number of ISPs install routers on a common network. This mode of interconnection is often more cost-effective than is arranging a separate physical connection to each network at which an ISP wishes to peer. Concern is simultaneously heightened as well: an attack on an exchange location would break multiple connections between ISPs. But as best as the committee can determine, such an attack would not pose a serious risk to the Internet as a whole. Most ISPs are connected to it at more than one point, both to increase their redundancy in the face of unintended events—such as fiber cuts and power failures—and because they generally seek to exchange traffic with other ISPs as close as possible to the traffic’s origin, thereby avoiding additions to the load on their own networks. Indeed, the largest ISPs are connected to one another at dozens of points throughout the United States. The committee finds no reason to believe that there is a point (or even a small number of points) in the Internet that, if removed, would partition the country’s system into a disconnected group of networks. Another concern is that an attacker could sever a critical fiber-optic link. However, as a matter of practice, large ISPs maintain networks with redundant paths to ensure connectivity in such circumstances. To be sure, the level of redundancy can turn out to be lower than the literal counting of links would suggest.

How much damage could be inflicted with an old fashioned physical attack?

It all depends. Damage can certainly be inflicted as this GAO study shows:

The Internet’s infrastructure is vulnerable to disruptions in service due to terrorist and other malicious attacks, natural disasters, accidents, technological problems, or a combination of the above. Disruptions to Internet service can be caused by cyber and physical incidents—both intentional and unintentional. Private network operators routinely deal with Internet disruptions of both types. Recent cyber and physical incidents have caused localized or regional disruptions, highlighting the importance of recovery planning. However, these incidents have also shown the Internet as a whole to be flexible and resilient. Even in severe circumstances, the Internet has not yet suffered a catastrophic failure.

The experts seem to think the Internet can't be sufficiently attacked physically to knock it down. Yet their confidence seems based on assuming that no attackers could attack enough of the Internet's physical infrastructure to knock it down. Am I missing something (and I certainly could be--I'm a history major with a computer and not a computer major who knows history), or is this logic a bit circular?

I'm not ready to take back my climb down on vulnerability. I think my brief research indicates the Internet is not as vulnerable as I thought. Still, the search for efficiency has created vulnerabilities that have only been counter-acted by the massive growth of the whole which has created redundancies from sheer size, it seems.

But I'm not convinced the Internet is as robust as it needs to be. And if I was an enemy of America, I still think I'd devote more attention to physically attacking the Internet in time of war rather than trying to hack the system down. This is especially true not so much for terrorist groups but for nations like China which could use conventional power. After all, those who defend the Internet spend almost all their time trying to stop hackers--not missiles.

Just when we are getting ready for the first blogged war, will such an attack that takes down the Internet in the opening minutes of a war end that progression of reporting?

UPDATE: Via Strategypage email updates, a cyber-attack on our infrastructure won't be limited to cyber-counterattacks:

If the United States found itself under a major cyberattack aimed at undermining the nation’s critical information infrastructure, the Department of Defense is prepared, based on the authority of the president, to launch a cyber counterattack or an actual bombing of an attack source.

The primary group responsible for analyzing the need for any cyber counterstrike is the National Cyber Response Coordination Group (NCRCG). The three key members of the NCRCG, who hail from the US-CERT computer-readiness team, the Department of Justice and the Defense Department, this week described how they would seek to coordinate a national response in the event of a major cyber-event from a known attacker.

As I noted, we mustn't get so caught up in cyber-warfare that we forget that old-fashioned warfare can blow things to bits without resorting to bytes.