Re: [ISN] President's advisor predicts cyber-catastrophes unless security improves

From: InfoSec News (isnat_private)
Date: Thu Jul 11 2002 - 04:03:12 PDT

  • Next message: InfoSec News: "[ISN] Militants wire Web with links to jihad"

    Forwarded from: Russell Coker <russellat_private>
    On Wed, 10 Jul 2002 14:20, you wrote:
    > "By 2009, there will be over 2 billion Internet-enabled devices,
    > each with an IP address, in the U.S. alone, and 6 billion
    > altogether," predicted Schmidt, vice chair of the President's
    > Critical Infrastructure Protection Board, in his keynote before the
    > 30th annual international conference of the Information Systems
    > Audit and Control Association (ISACA). The conference was attended
    > by nearly 300 security professionals from 37 countries.
    6 billion, that's a lot more than the IPv4 address space.  So these
    machines will presumably be mostly running in private networks without
    routing to the Internet.  From what we've seen so far it's doubtful
    that IPv6 will really take off before 2009.
    > The devices on the IP packet-based network of the future, predicted
    > Schmidt, will include not just computers, but also traffic lights,
    > elevators, appliances and even pacemakers. But the IP networks of
    > 2009 will be unstable, subject to "constant security outages,"
    > unless both
    This leads people to imagine pace-makers being stopped, elevators
    going into free-fall, lights turning all-green, etc.
    Elevators have a variety of emergency breaking mechanisms to prevent
    them going too fast, the maximum speed is designed to be slow enough
    that you can survive a sudden stop.  Elevators can't move with the
    doors open (the doors have steel bars attached that extend into the
    sides of the lift shaft and prevent movement when open).  Preventing
    traffic lights in both directions turning green at the same time via
    relays shouldn't be too difficult, and it's not THAT much of a problem
    when lights just stop entirely.
    The problems that will occur from such things won't be as great as
    some people seem to expect.
    > "The routing tables of the future will be unmanageable; there will
    > slowdown and failures, and malicious and criminal activity between
    > 2002 and 2009 all mean the Internet quits working," warned Schmidt.
    > He even forecast a future in which "special aircraft will be flying
    > the routing tables" physically to servers after periodic network
    > brownouts.
    Can someone who actually runs core routers debunk this silly idea?  I
    could write about theoretical solutions to theoretical network
    problems, but it would probably be better if someone who has the
    practical experience could describe how they fixed their last major
    router crash.
    > In addition, computer viruses, the "zero-day viruses and affinity
    > worms," will be surreptitiously entering IP devices, causing
    > widespread devastation by wiping out business records.
    > "In a major brokerage house, it will enter through the CEO's house
    > by infecting the CEO's PC, then the corporate network, and
    > scrambling the brokerage house trading records," said Schmidt, who
    > was formerly chief of security at Microsoft before joining the
    > President's Critical infrastructure Protection Board in December.
    So you sack the CEO and the CIO and replace them with competant
    > Electrical power grids, controlled by networks, could collapse in
    > 2005 due to distributed denial-of-service attacks that block traffic
    > to IP-based management devices, Schmidt said. Economically, all
    > these
    Why would an electrical company want to use public IP networks when
    their entire business is about laying cables around the country?  
    Putting a few optic fibers in the same cable run is easy enough,
    apparently some electricity companies are considering also becomming
    commercial data carriers for this reason...
    > The federal government is monitoring a situation that arose during
    > the past year in which it was discovered that vulnerabilities in the
    > Simple Network Management Protocol (SNMP) would allow attackers to
    > take over SNMP-based routers, switches, applications and firewalls.
    > This vulnerability, detailed by Finnish researchers, has been traced
    > back to what's called ASN.1 encoding, which caused dozens of network
    > and applications vendors to issue software patches in a race to fix
    > networks before hackers exploited the vulnerability.
    What we need is mandatory access control systems on all systems that
    matter.  Then when a snmpd is exploited it won't have access to do any
    damage or disclose any significant amount of secret data.
    Russell Coker
    ISN is currently hosted by
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Thu Jul 11 2002 - 07:17:41 PDT