[CII] Advocatus Diaboli

Felix 'FX' Lindner fx at recurity-labs.com
Wed Dec 2 15:55:30 UTC 2009 

On Tue, 1 Dec 2009 16:34:06 -0500 "Security Account (WebDawg)"
<webdawg.security at gmail.com> wrote:
> We are also talking about normal life but think about how much normal
> life has changed.
> 
> Banks now send copies of checks electronically to clear faster.  Do
> they have a backup plan  What about the private networks that they
> lease or own for inter business communication?

Yes, rumor has it that the North American banking system slowly arrives
in the electronic age. 

> Are satellite communications down?
> 
> Can I still ping my neighbor?
> 
> What about TV networks?
> 
> I understand the concept of though experiments but when I entertain
> one usually I make it as real as possible.  If certain data centers
> and routing points in American where destroyed or attacked we would
> be screwed.

If you need it more clearly cut, how about a full failure of BGP
routing software. Let's suppose someone finds a flaw in the route
selection algorithms of BGP->RoutingTable. It's relatively unlikely but
would cause the effect I'm looking at.

> Satellite communications can take over but do you remember how slow
> that can get?

On top of it, everyone gets to see your down-link, so you may not be
happy with that option or cause confidentiality problems that you did
not have before, making this option worthless to you.

> If your talking about some type of almost universal software attack
> that would somehow destroy the routing capabilities of most of the
> major internet routers this is something different.

Consider that's the case.

> We should be talking about the types of communications that one needs
> in a crisis too.  If the internet goes down what type of panic could
> spread?  How much would our news slow down?  What happens if critical
> news is misreported?  How badly would this effect the stock market.
> Could it cause riots if someone reports something wrong?

It could, but then again, so does every major crisis. News are rarely
accurate until about 12h-24h after the initial incident. 

> Some stock traders have almost direct access to US stock market
> networks because of speed.  From what I have read they almost
> automate trading via software algorithms.  What could happen if other
> stock entities did not have access but this one did?  What type of
> advantage or danger could this set?

When thinking of that thought experiment, I did assume that stock
market trading would be suspended immediately, just as it was a couple
of times in recent years when a major crisis started. Suspension has
been the tool of choice in any event that could negatively affect stock
prices lately.

> If we are going to talk about things in thought experiments, I think,
> that we need to take a more reality based 'reality.'

Here you go :)

> You mentioned that everything is voice over ip.  But then say that it
> isnt and standard copper networks exist that could handle even the
> daily load of citizen communication.  Before I think that this is
> true I would like to know if it is?  If all voice over ip networks go
> down can I speak to my family member in that other state?  If not
> what kind of plan could possibly exist or does exist to fix this.

That's a question for the telcos. However, at least in European telco
networks, the copper is still there (and more so deployed, due to DSL),
but the telephony switch core (formerly digital systems like EWSDs) all
move to VoIP. But as long as the VoIP systems don't use the Internet
for transport (which, AFAIK, they don't), you should be able to call
your people in the same town.

> With the level of connectivity gone that you are talking about one
> would have to assume that most private networks would be fine.

If they use their own connections, that's correct.

> Its when private networks are routed over public networks that the
> problem starts to exist.
> 
> Medical

So, assumed medical institutions have routed all their stuff over the
Internet and it doesn't work anymore, what impact would that have on
their ability to perform their function (i.e. doctors working)? I don't
see how that lack of Internet would limit them.

> Military

Same applies here, what function of the military organisation will fail
without Internet transport? 

> Most News Organizations

Why is that? Satellite should still work.

> Any place that Uses email

Rather: any place that depends on Email. That should be a lot less.

> I have heard ideas about building private medical networks for safe
> transport of information in them.  In my opinion this would not solve
> the problem.  I would just need to gain access to the medical
> network.  In fact it may be simpler to hack then the modern day
> internet network with all its traffic and protective layers.  If we
> are talking about physical reliability then why not just add these
> links to the existing infrastructure?

I have not mentioned any deliberate attack. Consider a crash a fault,
and an attack a so-called "sponsored fault".

cheers
FX

-- 
Recurity Labs GmbH           | Felix 'FX' Lindner 
http://www.recurity-labs.com | fx at recurity-labs.com 
Wrangelstrasse 4             | Fon: +49 30 69539993-0
10997 Berlin                 | PGP: A740 DE51 9891 19DF 0D05  
Germany                      |      13B3 1759 C388 C92D 6BBB
HRB 105213 B, Amtsgericht Charlottenburg, GF Felix Lindner

More information about the CII mailing list