January 28, 2011

"Plan D" - How To Disrupt the U.S.A.'s Internet

Blog Update (January 29, 2011): Video: Dr. Strangelove Explains the Internet Kill Switch

Greetings. In Stanley Kubrick's 1964 dark comedic film masterpiece Dr. Strangelove, misuse of Top Secret attack "Plan R" ultimately triggers a global nuclear catastrophe.

Egypt's government may have had its own doomsday plan of sorts, at least as relates to the Internet, as demonstrated by its ability to almost entirely terminate Internet communications internationally (and according to some reports, domestically as well) in what appears to have been a highly coordinated manner. Various telephone-related communications in Egypt have also apparently been affected.

Various observers have now somewhat glibly asserted that similar broad Internet shutdowns would be "impossible" in the U.S., that only the concentration of associated Internet resources in countries like Egypt permitted the government's actions against their Internet services to be effective.

I have serious doubts that such confidence in the Internet's ability to withstand such actions here in the U.S.A. is necessarily warranted.

Let's leave aside for the moment the federal push for centralized "cyber security" operations controlled by military and intelligence agency entities and operatives. We can even skip for now the calls -- about to be reintroduced in Congress -- for what many would consider to be mandated U.S. Internet "kill switches" under government control, with the possibility that much of the Internet would ultimately be declared to be "critical infrastructure" subject to their purview.

How well might a theoretical "Plan D" -- "D" for "Disrupt the Internet" -- work here in the U.S., today, right now?

For the sake of the argument, let's assume that major Internet firms will obey the federal government's edicts when "Plan D" is invoked under a claim of "national emergency."

Now, you're the national CSSC - Cyber Security Super Czar. Who do you call to shut down the Internet in the United States?

Since the overwhelmingly vast majority of U.S. Internet users have their Internet access through a handful of giant telephone and cable operators, the initial call list is relatively short.

Hello AT&T! Comcast! Verizon! Time Warner! Charter! Qwest! - "Plan D is declared! Shut down all Internet customers not previously designated as National Security Critical (NSC). Thank you for your cooperation!"

There are more calls to make of course, to cover most other "major" Internet ISPs of significant size, but you're finished with the first round within an hour. Minutes later, millions of Internet users find their connectivity is dead.

Next step -- invoke Plan D over Google, AOL, Microsoft, and a handful of other major U.S.-based operations. "National security emergency! Shut down all services not designated NSC!"

Now the major Internet backbone operators - "Plan D! Emergency!"

Major peering points - "Plan D! By order of the President!"

And of course the domestic DNS registries and U.S.-operated DNS root servers - "Plan D! No questions, just do it!"

"Sir, Plan D implementation complete -- three hours and fourteen minutes execution time ... Thank you, sir. Just doing my duty."

- - -

Of course, this has all been merely a thought experiment. We, uh, all know that there is no real "Plan D" -- or similar action plans to disrupt or otherwise declare the equivalent of digital martial law on the Internet. After all, this is the United States, not Egypt. Of course.

In any case, the point of this little fantasy is simple enough. It might be wise to at least consider the extent to which our Internet infrastructure -- even in the U.S. -- may be vulnerable to significantly encompassing shutdown orders that -- even if not 100% effective -- would still serve to drastically curtail individual and corporate communications within a matter of a few hours.

In fact, it might not even require mass shutdowns at the subscriber levels to achieve such ends to a major degree, since the termination of a significant percentage of Internet backbone, peering, and DNS services alone would trigger a broad Internet data "traffic jam" -- that would make L.A. freeway commuting look like a walk in the park by comparison. You might still in theory have your local Internet access, but its usefulness would likely be something similar to carrier pigeon communications.

In Dr. Strangelove, the Plan R recall code "OPE" -- an anagram for "Purity of Essence" or "Peace on Earth" -- almost (but not quite) avoided a global nuclear doomsday.

Unfortunately, the often laudable, but still misguided sensibilities that seem to be leading us into the world of an Internet "Plan D" -- either by design or by continued reliance on our relatively concentrated Internet resources, are not subject to any three-letter recall solutions.

To assume that the Internet here in the United States is invulnerable to a scenario significantly similar in major ways to that now playing out in Egypt may be comforting, but does not seem to reflect the reality of our Internet infrastructure.

Would such an "Internet shutdown" be more difficult to accomplish here than in Egypt? Yes. Would it be impossible to accomplish to a degree that would be considered successful? I doubt it. Quite possibly the process would take more than three hours, but I don't believe it is by any means out of the question.

Would major Internet services challenge government edicts of these sorts, delaying their own shutdowns while court proceedings were engaged? There are many factors to consider, but assumptions that the U.S. Internet infrastructure is so robust that directed Internet "blackout" scenarios are inconceivable strike me as naive at best.

Peace on Earth? Purity of Essence? As usual, the decisions about how to move forward are up to us.


Blog Update (January 29, 2011): Video: Dr. Strangelove Explains the Internet Kill Switch

Posted by Lauren at January 28, 2011 12:17 PM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein