TRENDING:

The Public Eye with Eric Chabrow

Blackout: Harbinger of the Future?

Reality or Overreaction in Interpreting the Events of One Day Eric Chabrow (GovInfoSecurity) • January 31, 2012    

Imagine if the shutdown of the popular online encyclopedia Wikipedia.org a few weeks back was involuntary, taken down by politically minded hackers, and not an intentional act of protest over anti-piracy legislation before Congress [see Wikipedia Threatens to Shutter for Day over Bills].

In itself, living without Wikipedia for 24 hours was far from devastating. Still, for millions of Internet users, the blackout of Wikipedia and other sites provided a peek into what it would be like if critical sites and information vanished. If vital sites get knocked offline for any significant time, or if we lose essential information, the results could disrupt our government, economy and society.

See Also: ISO/IEC 27001: The Cybersecurity Swiss Army Knife for Info Guardians

Was the blackout a harbinger of potential online and societal chaos? Am I reading too much into this one event? I asked IT and IT security leaders in business, government and academia whether they agreed with my thesis; some did, others didn't. Here's how they responded:

"Perfect to the point," says Gregor Bailar, former chief information officer at Capital One, a financial services company. "Imagine a cloud-hosted world five years from now. Imagine that 50 percent of the hosting is performed by two main players: Amazon and Google. Google buys Amazon and now one entity runs 50 percent of all hosting. What if they went down? What if their data security was breached? How would a customer recover? How would they know? How would the U.S. economy fair? Should this scenario be allowed to occur at all?"

IT security research analyst Richard Stiennon, author of Surviving Cyber War and the forthcoming Cyber Defense: Countering Targeted Attacks, says the thesis is a valid one: "Nothing like having a service disruption to make people aware of how much that service is part of their life, or of doing business. Imagine if Facebook had been offline."

Greg Garcia, former assistant secretary for cybersecurity and communications at the Department of Homeland Security, characterizes the Internet as "one of society's central nervous systems, and says the Wikipedia episode serves as a reminder that the web with its service and technology infrastructure is a complex organism.

"These blackouts demonstrate not only that the web is vulnerable to both intentional and accidental outages, but that what is paramount in day-to-day usage is that the public must have confidence in the Internet as a place to do business, entertainment, finance, shopping, research and social networking," Garcia says. "That confidence can be shaken by lack of security and privacy, by intellectual property theft and infringement, and even a well-meaning but clumsy government. Malpractice isn't just for doctors."

But the naysayers to the thesis don't see the blackout foreshadowing cataclysmic events on the Internet. "Sorry to be a curmudgeon, but you're trying very hard to wedge a security angle into a non-security story: the blackout," says Jim Harper, director of information policy studies, at the libertarian think tank Cato Institute. The story of the blackout, Harper says, is how the proposed anti-piracy legislation could compromise security.

Larry Clinton, chief executive of the industry-backed Internet Security Alliance, doesn't see the blackout as having a game-changing impact. "It was a media event I think more than a substantive event," he says. "It certainly called attention to the disquiet over the bills, but I don't think it fundamentally changed the way government officials or private sector people feel about their use of digital media. Organizations are certainly more dependent on their digital systems than they realize but I'd be very surprised if the blackout will result in any increased investments in cybersecurity either at the government or private level."

Perhaps that's the point: the blackout could serve as a catalyst to get the government and business to spend more money on cybersecurity or, at the very least, spur a wider, public conversation of what we as a society must do to secure systems that are so critical to our lives.

What do you think? Please share your thoughts by clicking on the link below.



About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network

Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
Properly Vetting AI Before It's Deployed in Healthcare
Properly Vetting AI Before It's Deployed in Healthcare
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.