By Greg Mills
I can barely remember when the Internet began to burst on the scene. My first recollection was when my brother, an art professor, mentioned in a phone call about connecting his computer to the Internet.
In those days you had to buy a separate modem costing a few hundred dollars which hooked up to your computer with a clunky serial port cable connector. The modem was the size of a cigar box and ran so slowly it was absurd over a phone line. The very early Internet was text with limited domains and not much in the way of browser software.
About the time the Mac came along a graphic browser called Netscape changed everything. I took a class on the Internet at the local community college and was dazzled by the color displays and search engine that allowed fast research on a lot of subjects. At that time, Yahoo was the big gun in search engines. Google wasn’t on-line yet.
The vast potential of the Internet was just dawning on those most educated about the notion of building web sites and managing data on-line. The explosion of the Internet came suddenly and soon companies were spending thousands of dollars to have some cyber expert build a crude graphical web site for them. The frantic grabbing of URLs that would be worth a bundle in a few short years was underway.
The government began to use the Internet for communicating information within and without official channels. Banks were at first reluctant to trust the Internet with their data, for obvious reasons, but as encrypted data streams allowed good security, they went on-line as well. These days most of us connect with our banks on-line more often than we stumble into a brick-and-mortar branch.
Back in those days, hackers were pretty obvious and while some thefts of data and money were publicly known, a lot of compromised systems were not publicly disclosed for security reasons. Why tip off potential hackers that some un-captured electronic thieves had made off with thousands or millions of dollars? That only encourage more hacks. It was from that point on, that a race to hack and protect from hacking across the Internet began. This is a war that never has been fully lost or won by either side.
Recently, the real world danger of malware that could turn off the cooling system in a nuclear reactor and melt the darn thing down has come to the attention of both the governments of the world and industry. The Stuxnet worm, which infects industrial controllers run by infected WIndows PCs, which, unfortunately, are the default, lowest common denominator computers of the hour spread that virus worldwide.
Ironically, the original infection was likely done by use of a thumb drive plugged into a USB port on some Iranian engineer’s computer that might not have even been connected to the Internet. But, we know the Internet spread Stuxnet worldwide in a mater of weeks. Fortunately, the authors were careful to limit the damage to a very specific flavor of a Siemens industrial control device found exclusively in Iran.
The enormous promise of the Internet, making most computers merely a terminal to one interconnected worldwide computer seems to have as many cons as pros. In the last few days a hacker was captured who was able to enter the computers of a Federal Reserve Bank, a Pentagon contractor with national security implications and also obtained a few hundred thousand credit card account numbers. Does that sound like a one-man operation to you? While the connection of the Internet causes concern, the failure of the internet is also worrisome.
The power grid of the United States, nuclear power stations, government and financial institutions and other important elements of the infrastructure interconnected to the Internet are coming under increased attack by both thieves and hostile governments. While the US has a lot of control over the servers that are the gateway to the millions of miles of Internet conduits, shutting the Internet down abruptly in case of a national emergency might cause as much damage as not shutting it down. So many computer systems around the world would crash with unknown consequences, no one knows exactly what would happen.
The missile that was launched 34 miles from the shore of California, likely by China last week, holds tremendous threat. Imagine a missile launched near our shores that carried an electromagnetic pulse bomb, that if detonated over the central US would, in an instant of time, fry every microprocessor in half of North America. The collapse of our way of life would occur within days or weeks.
The Internet is not hardened enough to withstand such an attack and infrastructure control devices not meld down would fail due to the collapse of the Internet. The sudden loss of all utilities and transportation would doom millions to starvation and death. The Internet would be the least of our problems in surviving such an attack. The time required to repair the grid would be irrelevant to most of us.
A number of failsafe solutions are obvious to protect the electrical grid of the US. There should be manual overrides that go into operation by default when the Internet goes down. Controller switching devices need to be well hardened to protect them from a electromagnetic pulse. Back- up controllers should be installed in vulnerable points in the grid that can be manually reset. A early warning system using the Internet could allow the grid to be uncoupled to prevent surges from one part of the grid to take down the rest of the grid when the Defense Department thinks a missile might have been launched. A few minutes’ warning might reduce the damage considerably.
The defense from both Internet and missile attacks upon the US is the duty of the military. I hope they are up to it and expand their use of Macs. Diversification of operating systems and operating system software on industrial controllers is one way to prevent destructive malware from spreading. Physically disconnecting isolated systems from the Internet is also helpful.
Electromagnetic Pulse protection for important civilian systems is critical, beyond the military, which has been working to protect electronic devices for years. Basic electronic device hardening can be done from the design stage relatively cheaply. We need to expect the unexpected — and we know there is a hostile world out there.
There is a Chinese curse that goes, “May you live in interesting times.” And we certainly do.
That’s Greg’s bite for today.
(Greg Mills, is a Faux Artist in Kansas City. Formerly a new product R&D man for the paint sundry market, he holds 11 US patents. He’s working on a solar energy startup, www.CottageIndustrySolar.com using a patent pending process of turning waste dual pane glass into thermal solar panels used to heat water. Greg writes for intellectual web sites and Mac related issues. See Greg’s art web site at www.gregmills.info ; his email is gregmills@mac.com )
