I live in the mountains of California in an area hit by a recent wildfire. Thankfully, my house was spared from the fire, and my family is ok. In an emergency, things change dramatically. We were evacuated, and all sorts of things got stopped and blocked. Everything turns into a kind of controlled (hopefully) chaos.
However, one sure thing is that when you live in a place where forest fires have been happening for a long time. A well-established and effective emergency protocol addresses the problem. This experience brings me to the thoughts of what a severe cybersecurity emergency would look like and what would need to happen to address it adequately.
In the forest fire world, many resources are activated at a moment’s notice when the fire starts. Law enforcement knows what to do and has an established system for contacting people and ensuring they get to safety. Firefighters set up camps, and a reporting and communication system coordinates with resources to fight the fires. Most importantly, they know how to gather and read the necessary data to determine the resources needed to solve the problem.
In the world of networked technology, much of that emergency response capability is not in place yet. We do have ways to gather data and act on it. Still, the network emergency response is not well established enough to be considered a standard method that all can agree on. We don’t have anything resembling a standardized response. That leads to everything being more or less a reactionary response.
What if a coordinated attack on networks adversely affects massive network nodes? There are a few suppositions that can be posited here. It is possible, if not likely, that the government will have to take action, perhaps even shut down the networks as a precautionary measure. Much like air travel was wholly suspended after the 9/11 attacks in the US.
It would have a profound effect globally. Stopping air travel was severe enough. Preventing all forms of communication and transmission of financial information, in particular, coupled with the inability for anyone to communicate with anyone else, will likely escalate into a very uncontrollable mess.
Few people carry any means of payment other than electronic methods today. Even those with readily available cash will likely run into a scenario where stores can’t process their payments. Many retail organizations rely on networked systems to complete transactions, so cash doesn’t help.
I don’t need to go into painful detail about all the potential scenarios, but I am sure you get the picture. It seems logical to conclude that with networked systems being as critical as they are today, there should be some sort of coordinated response. The general public should know this to avoid sheer panic in an emergency.
So what can we do about this?