Netcentric View:

By Bernard Cole
iApplianceWeb
(09/27/01, 07:10:52 AM GMT)

The terrorist attacks on New York City and Washington, D.C. on Sept. 11, for all the trauma that has resulted, will have a profound, long term positive impact on our economy and society.

It is clear that the terrorists did not understand one fundamental economic truth: wars always have this impact on free enterprise economies.

The impact will be felt especially in the embedded and net-centric computing markets, which provide many of the data communications building blocks used in constructing the information superhighway upon which our economy is based.

The terrorists have made a fundamental and ultimately self-defeating mistake of monumental proportions, not just in attacking us in such a violent and deadly way, but in their choice of specific targets and in the purpose of the attacks. They have made the same mistake that those who attacked Pearl Harbor 60 years ago did.

The purpose of the surprise attack that began World War II was not just to cripple our ability to fight, but to inflict such terrible damage and death that Americans, viewed then, as now, as softies and moral degenerates, would lose the will to fight.

But the attackers sunk only destroyers and battleships, which while flashy and symbolic of military and Naval power, no longer had any strategic effectiveness. The attack left virtually untouched the new technology that was beginning to spread America's influence around the world: the aircraft carrier and its ability to project power and cultural influence over vast distances.

The attack so enraged our population that within a year our country became the armory of the free world. And to protect ourselves from further attacks and to improve our ability to impose our will, tremendous investments were made in new technology, the results of which have formed the basis of our worldwide economic and cultural dominance.

Similarly, the Sept. 11 attack focused on physical and emotional damage. But it left largely untouched what I consider the informational equivalent of the aircraft carrier: our massive network-connected information and computing infrastructure which via the Internet and World Wide Web can now reach into the remotest of villages anyplace on earth as long as there is one person with a wireless Web-enabled cell phone.

The massive new expenditures that corporations and our government will now have to invest in strengthening our defenses will make this informational equivalent of an aircraft carrier even more impregnable and effective and give us a cultural and technical impact far beyond that which made the terrorists so intent on destroying us.

I suspect that, initially, significant attention will be given to any software or hardware technology that will defend us against any sort of cyber attack via the Internet. Right now, everyone is waiting for the second shoe to drop. But according to what some network and computer security experts have been telling me, they were expecting an attack on our information infrastructure to be the first shoe.

To use the carrier analogy again, just our Achilles' heel during the attack on Pearl Harbor and afterward was that some were built with wooden landing decks, some elements in our information infrastructure are built with less sophisticated cyber-attack defenses. Later on in the war, it was the carriers with flight decks made of wood that were the most seriously damaged.

Many portions of our information infrastructure are still being built with flight decks made of wood, adequate for most purposes but exceedingly vulnerable under concerted, focused attack. How wide open we are to cyber warfare attacks can be gathered from the news reports we have almost every week about viruses and worms in our computers at every level -- palm and laptop, desktop, and server - generated by a diverse and motley group of hackers, but which cost corporations hundreds of millions of dollars a year to fix.

To protect ourselves from even more focused cyber-intrusions we need to do more than develop better virus/worm defenses. We need to do everything necessary to prevent attacks from succeeding, not just on an individual computer-by-computer, server-by-server level, but also on a system- and network-wide level.

But not all attacks can be averted, so we must develop strategies to live through and recover from attacks. To be successful, we must also consider all phases of attack and recovery in such cyber-warfare attacks, including prevention and protection, intelligence gathering, attack, detection, containment, and -- after the attack damage assessment -- reconfiguration, repair, and fault tolerance.

Most importantly, we will have to look beyond the obvious. We will need to consider the kinds of attacks beyond those involving a worm or virus infecting one or several systems.

Cyber defense experts delineate three kinds of attack that we must guard against -- those against availability, security, and integrity, each of which requires different means of recovery. These strategies are different at the level at which they are deployed, that is, in the client devices, in the servers, and in the network infrastructure's routers and switches.

Some of the areas that will require major retrofitting and new research are server-based intrusion detection and containment; Internet Data Center survivability and fault tolerance; encryption/decryption methodologies; and Internet and World Wide Web reconfigurabilty and repair using active networking.

I believe that the latter two areas will have the most profound near-term impact on embedded and net-centric designs. Encryption/ decryption will be important because it provides mechanisms to prevent intrusion at any level: indirectly through an embedded Internet device; through a wireless connection to the web; at the server level and in the data streams into and out of the switches and routers. New embedded hardware and software solutions will have to be deployed at all levels.

Active networking -- the brain child of DARPA during the Cold War -- will ensure the survivability and immediate repair and reconfiguration of the entire Internet and World Wide Web in the case of either localized or more general cyber-terror attacks.

While current networking topologies use some of the concepts developed for active networking, they are being deployed only incrementally and piecemeal in segments that absolutely need it, such as wireless Internet devices and networked multimedia. Such an intelligent active network would modify, store, or redirect data around blockages or outages caused by cyber-attacks, replacing today's partially high-bandwidth but ultimately passive Inter-network.

One of the biggest reasons that such technology has not been deployed as widely as DARPA had hoped is that in the absence of any external pressure, such as the Cold War and nuclear bomb damage, there was no compelling reason to implement such a scheme broadly.

Now there is.

Because of the terrorists' naiveté and lack of knowledge about economics and the peculiar dynamics of the free enterprise system, we now have a chance to plug up the holes in the one target that if damaged could have brought not only the United States, but most technologically advanced nations, to their knees.

The long-term results of the efforts and research into terror-hardening the infrastructure of our information superhighway will provide the same boost to our economy that World War II and the Cold War did. And the technology benefits will be as profound and as long lasting as those that came out of the conflicts of 60 years ago.

By attacking the wrong targets for the wrong reasons, the terrorists have only ensured that Western values and influence -- for good or ill -- will be more pervasive than ever.

Reader Feedback

While I agree with the prescription (to strengthen our networks from attack by deploying active networking), I don't agree with the diagnosis: Al Qaeda would never attack our Internet infrastructure (hw or sw), because it lacks what they want: good, terrifying TV images. They want TV fame like rock stars. Plus, they have a putative link to religious grounds by attacking our national symbols, but there isn't anything arguably amoral about Gigabit switches and routers. I used to think that the devastating attack would be to visit every county fair this fall and spread foot-and-mouth disease around, because this would be econonmically devastating (MUCH more than any achieveable virus attack -- real people would lose real jobs, not just hours of productivity). But now I'm not worried about this, because it just wouldn't play well on TV.

Tom Brennan

2) The fact that our carriers where "on maneuvers" at the time of the attack remained unexplained until the end of the 25 year cap on national security info. From many sources (Toland's The Rising Sun) you will find that the Roosevelt administration had the Japanese military code broken months before the attack of 12/7/1941. The extent of the tragedy that day was much larger than had been expected by the administration. They had hoped that the slim warning given that Sunday morning would be enough time. Unfortunately, real world needs pushed them into valuing the ability to read the Japanese coded messages above the lives of persons at Pearl.

3) All that said, I agree with the majority of this article. Although I believe it is the "quantity" of information that is the asset and not its means of transport (the networks). Therefore, on a personal level it is the individual's identifying information and historical records that are the most valuable and the least focused on in terms of our liberty. The fact that you face-print, finger prints, voice-print, medical records, school records, credit records, and so forth are all held by different entities should be what causes the most concern to all of us.

4) this leads to the crucial interrelated problems.... >>>How do you prove it's really you? >>>Who owns the "physical" copy of legal validity of a citizens information trail?

Paul Millsap
Senior Software Engineer

Bernard Cole is site leader and editor of iApplianceweb and an independent high technology editorial services consultant. He welcomes your feedback. Call him at 602-288-7257 or send an email to bccole@acm.org.