North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: 'Acupuncture map' to defend US against cyber attacks
On Thu, 6 Dec 2001, Hank Nussbacher wrote: > http://www.totaltele.com/view.asp?ArticleID=46507&pub=tt&categoryid=0 > > "The center will create, if you will, an acupuncture map of the country, so > that if there is a fire in a railroad tunnel in Baltimore, we know the > Internet slows down in Chicago," Clarke told a gathering of high-tech > executives at the Business Software Alliance's first Global Tech Summit. > > The simulation is another attempt by the federal government to secure the > nation's sprawling telecommunications networks in the wake of the Sept. 11 > hijacking attacks that killed 3,600 in New York and Washington. I'm not sure what Richard Clarke is up to, or exactly what this would accomplish because it is going to require a hard decision afterwards, which I'm not sure we are really prepared to make. The US Government prepared a similar study of the public telephone system about a decade ago. Reportedly it identified several vulnerabilities in the public telephone system. Since then lots of competitors built out new networks. But things haven't gotten better. Its hard because the vulnerability occurs not because someone did anything wrong. So who do you tell to fix the problem? And in reality, its not a carrier problem, but with the customers. Do you publish the maps so every customer can check their own circuits? The strange thing is most industry insiders already know about the problems. Its a bit like paying for an expensive study to tell you Washington DC traffic will be a mess if there is a problem on the Woodrow Wilson Bridge. Just ask anyone in Washington DC, they'll tell you that for free. Well, maybe not anyone, I'm sure some beltway bandits will charge the government $100 million of a 10 year traffic study. If I invited a group of engineers from the top 50 ISPs together, I'd wager they would identify nearly the same vulnerabilities in each of their networks. But I'm also certain we could only do it under NDA, and no one would ever find out.