1997-10-27 - Infastructure Protection and Paranoia

Header Data

From: stewarts@ix.netcom.com
To: cypherpunks@toad.com
Message Hash: 1bd0adc8fd3ed044fc05a5c830c70acf8e33d07230a678250c4e16c9a731c55f
Message ID: <3.0.3.32.19971026170732.006bf4fc@popd.ix.netcom.com>
Reply To: N/A
UTC Datetime: 1997-10-27 23:20:48 UTC
Raw Date: Tue, 28 Oct 1997 07:20:48 +0800

Raw message

From: stewarts@ix.netcom.com
Date: Tue, 28 Oct 1997 07:20:48 +0800
To: cypherpunks@toad.com
Subject: Infastructure Protection and Paranoia
Message-ID: <3.0.3.32.19971026170732.006bf4fc@popd.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



At 03:41 PM 10/21/1997 +0100, Sandy J. Wong wrote on Cyberia-L
>Buried in Tuesday's Wall Street Journal was a small three-paragraph article
>mentioning that the U.S. may be vulnerable to a cyberspace version of the
>Pearl Harbor attack. A futile suggestion--in my opinion--was made by the
>President's Commission on Critical Infrastructure Protection spend $1
>billion during the next seven years on cyber-security research. that
>suggestion followed a 15-month study of the nation's critical
>infrastructures.

The story, in shorter or longer form, has been in most of the major papers.
The InfoWar crowd has been lobbying and running conferences about this one 
for a couple of years, and it sounds like they're making political progress.
The longer versions of the articles make the connection between
infrastructure risk and the need for encryption to prevent attacks, 
with various FBI spokecritters talking about how we obviously need FBI access 
to all communications to ban InfoTerrorists.

I've got mixed feelings about it; on one hand it seems like a bunch of
Defense Department wonks trying to find a way to keep their jobs now that 
the world isn't threatened by Commies any more, but on another hand,
some of them may have looked at the problem seriously and said
    "<Expletive deleted>!  Disabling the country's critical infrastructure 
    really does look pretty easy!  Fixing it is probably our job."

The new direction for the electric power industry in California
replaces the current monopolies with an Internet-technology-based 
running auction with buyers and sellers trading electricity in
half-hour chunks.  I don't think it's out on the open Internet,
unless one of the hundreds of players gets careless with computer security,
but it's certainly a vulnerability issue.   Denial of service attacks
are much harder to block than privacy cracks - how secure are the protocols?
The regulatory process will probably require revealing most of the information 
anyway; I doubt we'd end up with anonymous buyers and sellers of power :-)
(Actually, anonymity is probably fairly easy; just use corporations
instead of remailers to provide your pseudonyms.  (This message is
brought to you by Californians For A Secure Electrical Infrastructure.))

The recent San Francisco power failure appears to have been sabotage - 
somebody turned off a bunch of switches around 6am taking out 1/4 of the 
city's power for 2-3 hours; the papers don't say if it was just that one substation
(in which case they should have been able to bring it up much faster)
or whether it cascaded to a bunch of the other substations as well.
Is it just another disgruntled employee?  An organized Ecoterrorist Conspiracy?
Or a government provocation to reinforce their report's impact?
In either case I'm sure the government will take political advantage of it.
				Thanks! 		Bill
Bill Stewart, stewarts@ix.netcom.com
Regular Key PGP Fingerprint D454 E202 CBC8 40BF  3C85 B884 0ABE 4639
[I'm currently having hardware problems with my main email; 
send Cc: billstewart@att.com if you need to reach me in a hurry.]






Thread