nanog mailing list archives
Re: U.S. Plans Cyber Shield for Utilities, Companies
From: Joe Greco <jgreco () ns sol net>
Date: Thu, 8 Jul 2010 09:06:47 -0500 (CDT)
On Wed, 7 Jul 2010, Michael Painter wrote:Have we all gone mad? I find it hard to understand that a nuclear power plant, air-traffic control network, or electrical grid would be 'linked' to the Internet in the interest of 'efficiency'. Air gap them all and let them apply for "Inefficiency Relief" from the $100 million relief fund.Absolutely! For example, those thousands of flight plans filed every day by airlines across the globe, not to mention private flights, should be done manually the old fashioned way, with a paper form and stopping by your local FAA office where a human keys them into the ATC computer. Oh wait, we closed all of those offices when we moved all of those functions to the Internet. I guess we'll just have to re-open them. And flight tracking data that airlines and freight companies use to track their aircraft, yea, let's cut those off too. If they want to know where their plane is, just have them call the FAA. Surely the government can staff some huge call centers to handle the load of each airline calling about each flight every few minutes. Heck, removing all of these functions from the Internet will create jobs, too, right? And no one would mind paying for all of this out of their airline tickets, it should only increase fares by a third or so.
There's a happy medium in there somewhere; it's not clear that having (to use the examples given) air traffic control computers directly on the Internet has sufficient value to outweigh the risks. However, it seems that being able to securely gateway appropriate information between the two networks should be manageable, certainly a lot more manageable than the NxM complexity involved if you try to do it by securing each and every Internet-connected ATC PC individually. It sucks in some ways, but providing a limited number of pathways in that are under tight, secure control is a desirable goal. If you give the PC that allows control of the power grid access to the Internet so that the operator can "efficiently" update his Facebook while he's simultaneously controlling the power grid, that's hazardous, and no amount of snide remarks about job creation will change that reality. These networks ought to be air gapped to the maximum reasonable extent possible; all pathways in ought to be defended as though they were the gateway to the kingdom. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
Current thread:
- Re: U.S. Plans Cyber Shield for Utilities, Companies, (continued)
- Re: U.S. Plans Cyber Shield for Utilities, Companies Jimi Thompson (Jul 07)
- Re: U.S. Plans Cyber Shield for Utilities, Companies Franck Martin (Jul 07)
- Re: U.S. Plans Cyber Shield for Utilities, Companies joel jaeggli (Jul 07)
- Re: U.S. Plans Cyber Shield for Utilities, Companies Adrian Chadd (Jul 07)
- Re: U.S. Plans Cyber Shield for Utilities, Companies Valdis . Kletnieks (Jul 07)
- RE: U.S. Plans Cyber Shield for Utilities, Companies Tomas L. Byrnes (Jul 11)
- Re: U.S. Plans Cyber Shield for Utilities, Companies sjk (Jul 11)
- Re: U.S. Plans Cyber Shield for Utilities, Companies Michael Painter (Jul 07)
- Re: U.S. Plans Cyber Shield for Utilities, Companies Jason Lewis (Jul 08)
- Re: U.S. Plans Cyber Shield for Utilities, Companies Brandon Ross (Jul 08)
- Re: U.S. Plans Cyber Shield for Utilities, Companies Joe Greco (Jul 08)
- Re: U.S. Plans Cyber Shield for Utilities, Companies Brandon Ross (Jul 08)
- Re: U.S. Plans Cyber Shield for Utilities, Companies J. Oquendo (Jul 08)
- Re: U.S. Plans Cyber Shield for Utilities, Companies bross (Jul 08)
- Re: U.S. Plans Cyber Shield for Utilities, Companies Owen DeLong (Jul 08)
- Re: U.S. Plans Cyber Shield for Utilities, Companies Shrdlu (Jul 08)
- Re: U.S. Plans Cyber Shield for Utilities, Companies Joe Greco (Jul 08)
- Re: U.S. Plans Cyber Shield for Utilities, Companies bmanning (Jul 08)
- RE: U.S. Plans Cyber Shield for Utilities, Companies George Bonser (Jul 08)
- Re: U.S. Plans Cyber Shield for Utilities, Companies Owen DeLong (Jul 08)
- Re: U.S. Plans Cyber Shield for Utilities, Companies Curtis Maurand (Jul 08)