A fortuitous combination of reading materials this week has prompted a rather worrying thought: and the shocking things is I don't think anyone "important" has really considered it.
Digital Britain
The first item on my reading list was the Digital Britain report: or more precisely some of the 1001 accompanying reports. Even more precisely one entitled "Cyberwarfare: the next digital frontier"; believe me when I tell you the name is by far the most exciting part. Still the points it raises are important. It highlights how easily our access to the internet can be curtailed - either in localised (DDOS/DOS attacks) or nationwide (does this have a term yet?).
One of the better sections talked about "high impact websites" (their techno-babble for well used, "core" sites) such as Google or Hotmail. It highlighted how disruption to Google Mail earlier this year had a surprising knock on effect in the business world. I forget the figures off hand but they were projected in the hundreds of thousands; not an astonishing amount as things go - but the down time was very short and localised to a single site (one probably used by smaller businesses over large ones). Scale it up and the numbers go up. Fast.
The simple point, though, was this: we don't need to lose all of the web to lose out. Or to put it another way only a portion of people have to lose the web for it to have wide ranging impact. Not having access to certain key sites could severely impinge businesses. And so we move away from the threat of Denial of Service attacks into the realm of mass disruption.
The reports conclusion is simple: key web providers already take plenty of precautions to avoid DDOS attacks, our concern needs to be access limitation.
A Step Sideways
Bring on my second piece reading material this week, New Scientist, and an intriguing article about making a more secure web (in this context secure as in "more stable"). The main focus of the article discussed a soon to be launched router control software, called OpenFlow, which might help us solve major routing problems in the future (indeed I might blog about it at some point - it is a clever idea). More interesting to me, for the moment, was a map detailing some previous worldwide "environmental" occurrences that knee capped web access either locally or nationally. Like the 2001 incident where a trawler cut a US-China cable disrupting communications, or in 2008 when a series of cable failures cut Egpyt off from the world, or indeed in 2007 when thieves stole 2 of the 3 ocean lines linking Vietnam to the rest of the Internet. It's this last one that gives pause for thought. Someone actually managed to steal over 40Km of important cable.
And so this is where the 2 articles come together. Like any country the UK has several hard links to the rest of the world - communications cables that keep things ticking over (indeed if you poke around hard enough you can even find the web control panels for some of them). And this is my point. There are maps with these cables. No one is really guarding them. Is it just me that sees a major vulnerability?
A Bloke, A Shovel
I'm a big fan of thinking like the enemy. So after mulling it over this would be my plan to severely attack the UK communications network. Im not suggesting a bloke with a shovel could cost the economy billions. But similarly it's leaps and bounds easier than seizing control of London's traffics lights or hacking into the Bank of England. Now I appreciate these cables have been there a long time and have yet to be interfered with. Arguably before the internet there was little point because the amount of reliance on them was minimal in comparison. But today our dependance on the internet for international communication is huge. It is a reliance that can only get stronger; cyberwarfare is certainly a growing threat, it can only be a matter of time before something is attempted.
The romantic notion of a genius computer hacker bending a country to his whim is mostly just that; a romantic notion. But anyone can cut a cable (within reason). And it doesn't matter that it might only take a few hours to begin to restore communications to a reasonable level - as the Digital Britain report points out, the damage is done. Add to that the fact a well orchestrated attack could cause weeks of disruption and you have the makings of something of a disaster.
The risk is much smaller too - accessing the cable sites is not restricted and you runs little risk of prior identification. Material requirements are unlikely to incite attention in quite the same way C4 might. All in all an "attack team" could simply consist pf ordinary blokes with synchronised watches and the right tools.
As I said: thinking like the enemy this would be my strategy.
Huh?
Am I assuming too much intelligence on the part of our enemy? Or am I missing the point? I fear not.
No I don't think tomorrow a someone would successfully cut off the UK from the rest of the web - or that doing so would be easy. But I definitely think it can be done and that we should at least prepare for it. Our greatest cyber threat might not lie with an army of geeks but with the proverbial man and his spade.